top of page

What are cyber resilience centres and how can they help the insurance sector?

Rarely a week goes by without a media report of cyber-attacks on businesses and organisations in the UK, and these attacks often result in significant financial losses, negatively impacting reputations and business continuity.

With cybercrime accounting for over half of recorded crime, UK policing launched a network of cyber resilience centres (CRCs), in partnership with the private sector and academia, across the UK. Each centre is led by a police superintendent or staff equivalent and works closely with regional policing resources to help organisations reduce their vulnerabilities and help avoid becoming a victim of cybercrime.

The aim of the CRCs is to improve cyber resilience, with a particular focus on supporting micro-businesses, small businesses, SMEs and third sector organisations. Implementing cyber security measures is important, but becoming cyber resilient means more than deploying  technical measures; being resilient means ensuring that your organisation can withstand and recover from a cyber incident.

This means putting in place policies, processes, and raising awareness of employees of the potential methods of attack. A focus on cyber resilience means minimising the impact of cyber-attacks, ensuring that systems can recover quickly and continue operating effectively, ensuring you are limiting the impact on your business continuity.

To support this aim, the centres offer free membership which provides National Cyber Security Centre guidance (as the leading UK authority on cyber security) and regular newsletters focusing on threats and simple steps to reduce your vulnerability to a cyber-attack. The centres are also able to deliver affordable cyber security services through our Cyber PATH programme.

In the UK, the insurance sector is in a position to play a critical role in promoting cyber resilience, whether by offering the policies that cover these losses, implementing minimum standard criteria for cyber policies, and also by encouraging awareness and understanding of the threats which exist, which in turn helps mitigate the risk, reduce the frequency and severity of claims.

Ultimately this will benefit both insurers and the insured businesses. This is where the CRCs can really help the insurance sector. The centres are able to support the sector’s clients to improve their cyber resilience, making them less vulnerable to a successful attack, and in turn reduce the number of claims made against their cyber policies.

A strong cyber resilience stance within the insurance sector will inevitably encourage businesses to create a strong cyber security environment, and this will help to reduce the overall risk exposure across the sector. By working with the CRC network, we can jointly promote the need to consider more comprehensive cyber insurance policies, help businesses assess their risk and also support them with improving their security and incident response strategies, leading to more robust risk management practices.

With the insurance sector working in partnership with the CRC network, we can jointly educate businesses about the importance of cyber resilience, why insurance coverage is important, but also provide businesses with the knowledge to proactively strengthen their cyber security posture.

But this isn’t a one off, our aim should be to drive a culture of continuous improvement and adapting to ever-evolving cyber threats, helping to ensure the long-term sustainability of businesses in the UK.

Rarely in business is something given for nothing, but the CRC network is here to be used by the insurance sector as a free resource to which they can direct their clients, providing necessary support along the journey to becoming a more resilient and sustainable business.

Businesses in Wales can sign up for free membership here. For businesses in England, you can find a regional centre in your area.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page