Only one-third of London Market insurers believe their firms can withstand major cyber-attack – Xchanging survey

Cyber attack

Almost half of insurers in the London Market are underprepared for a TalkTalk-style cyber attack, while only one-third believe their firm can withstand such an attack, a study by Xchanging has found.

According to the survey, 36% of respondents said they “definitely” had sufficient measures in place to withstand a major cyber attack, 30% felt they were partially protected, 16% said they were insufficiently protected, while 18% were unsure.

Xchanging executive director Adrian Guttridge said: “The insurance industry is grappling with the extensive threat of cyber-attacks from an underwriting and risk management perspective and, in the absence of enough meaningful data, modelling the risks involved remains a grave challenge.

“As custodians of vast amounts of data, insurers are also aware that they, too, are vulnerable to cyber breaches – and the reputational damage that this can cause.”

“The recent cyber attack on TalkTalk is the latest in a lengthy list of high-profile hacks of personal data held by government and commercial organisations.

“Insurance companies must take very seriously the extent of the risks they face and ensure their cyber security measures are constantly reviewed and updated.

“They should also be mindful that, in some areas, a collaborative, industry approach in which knowledge and skills are shared among peers, may be the most effective way to strengthen cyber defences.”

The survey, which collected the views of 70 delegates on the risks and challenges facing the Lloyd’s and London Markets, included their perception of London’s future position as a global insurance centre.

When asked to rank in order of importance the factors making London less competitive than other global insurance hubs, cost came out as number one (30%), while lack of modernisation (27%) and increasing regulation (27%) took joint second place.

Competing expertise in overseas hubs (16%) was seen as having the least impact.

Cyber insight online