Pro Global and CSA launch Cyber Audit Practice to reduce insurance exposure

Pro Global has launched Cyber Audit Practice in partnership with cyber security firm Cyber Security Associates (CSA) to mitigate the risk for the insurance sector, as news that British Airways faces a huge £183.39 million fine for breaching data protection law was revealed this week.

The new practice aims to address demand for more comprehensive audit services for cyber security .

Richard Robertson, global head of infosec at Pro Global, will lead the practice using CSA’s security intelligence and operations to offer around the clock seven days a week automated technical monitoring. It will also provide extended office working hours to ensure customers can access cyber analysts.

Robertson said: “Cyber risks are frequent, severe and systemic - a trio of significant and evolving challenges for the insurance industry to respond to."

He said the new practice is “directly addressing demand for more comprehensive audit services”, adding, “[we] firmly believe that through implementation of a ‘no stone unturned’ approach combining current best practices with mitigating controls, insurers can reduce exposure to both major incidents and minor cyber crime”.

The partnership with CSA will support a greater understanding of how to underwrite evolving cyber risks and develop strategies for protecting policyholders from a cyber breach, enabling the practice to go beyond the general audit snapshot of a business’ cyber security, Robertson said.

CSA director David Woodfine said businesses that are proactive in tackling and reducing cyber risk stand the best chance of mitigating the chance of an effective breach, and subsequent damage.

“But cyber security risks are constantly evolving, making it easy for a business to fall behind,” he added. “Without an awareness of the technology necessary to protect against cyber attack and protect a businesses’ digital footprint, there is increased risk to the business.

“On top of this, the implementation of GDPR means it is even more important to ensure data is correctly stored, handled and protected. Effective management of a business’ cyber exposure can reduce reputational harm risk and minimise potential for financial sanctions.

“The biggest vulnerability for a business is poor education, training and preparation.”