Rarely a week goes by without a media report of cyber-attacks on businesses and organisations in the UK, and these attacks often result in significant financial losses, negatively impacting reputations and business continuity.
With cybercrime accounting for over half of recorded crime, UK policing launched a network of cyber resilience centres (CRCs), in partnership with the private sector and academia, across the UK. Each centre is led by a police superintendent or staff equivalent and works closely with regional policing resources to help organisations reduce their vulnerabilities and help avoid becoming a victim of cybercrime.
The aim of the CRCs is to improve cyber resilience, with a particular focus on supporting micro-businesses, small businesses, SMEs and third sector organisations. Implementing cyber security measures is important, but becoming cyber resilient means more than deploying technical measures; being resilient means ensuring that your organisation can withstand and recover from a cyber incident.
This means putting in place policies, processes, and raising awareness of employees of the potential methods of attack. A focus on cyber resilience means minimising the impact of cyber-attacks, ensuring that systems can recover quickly and continue operating effectively, ensuring you are limiting the impact on your business continuity.
To support this aim, the centres offer free membership which provides National Cyber Security Centre guidance (as the leading UK authority on cyber security) and regular newsletters focusing on threats and simple steps to reduce your vulnerability to a cyber-attack. The centres are also able to deliver affordable cyber security services through our Cyber PATH programme.
In the UK, the insurance sector is in a position to play a critical role in promoting cyber resilience, whether by offering the policies that cover these losses, implementing minimum standard criteria for cyber policies, and also by encouraging awareness and understanding of the threats which exist, which in turn helps mitigate the risk, reduce the frequency and severity of claims.
Ultimately this will benefit both insurers and the insured businesses. This is where the CRCs can really help the insurance sector. The centres are able to support the sector’s clients to improve their cyber resilience, making them less vulnerable to a successful attack, and in turn reduce the number of claims made against their cyber policies.
A strong cyber resilience stance within the insurance sector will inevitably encourage businesses to create a strong cyber security environment, and this will help to reduce the overall risk exposure across the sector. By working with the CRC network, we can jointly promote the need to consider more comprehensive cyber insurance policies, help businesses assess their risk and also support them with improving their security and incident response strategies, leading to more robust risk management practices.
With the insurance sector working in partnership with the CRC network, we can jointly educate businesses about the importance of cyber resilience, why insurance coverage is important, but also provide businesses with the knowledge to proactively strengthen their cyber security posture.
But this isn’t a one off, our aim should be to drive a culture of continuous improvement and adapting to ever-evolving cyber threats, helping to ensure the long-term sustainability of businesses in the UK.
Rarely in business is something given for nothing, but the CRC network is here to be used by the insurance sector as a free resource to which they can direct their clients, providing necessary support along the journey to becoming a more resilient and sustainable business.
Businesses in Wales can sign up for free membership here. For businesses in England, you can find a regional centre in your area.