8 July 2019Analysis

Pro Global launches cyber audit practice

Pro Global Holdings, an independent consultancy and service provider, has launched a cyber audit practice to support the insurance industry’s response to cyber risk.

The business is headed by Richard Robertson, global head of infosec at Pro Global, and launched in partnership with cyber and information security services firm Cyber Security Associates (CSA).

The practice will offer vulnerability assessment, cyber claims handling, user awareness training and risk and compliance assessment. It will also help clients with emerging threat discovery and development of preventative measures, help define and implement processes in accordance with legal and regulatory requirements, calculate business interruption losses and provide physical security assessment and managed security services.

The new business offers re/insurance SMEs and cyber security experts to work collaboratively with insurers to enhance their cyber security. It also uses CSA’s security intelligence and operations to provide constant automated technical monitoring and extended office working hours for access to cyber analysts.

Robertson warned that the insurance industry faces a trio of significant and evolving challenges, with cyber risks being frequent, severe and systemic. “We are directly addressing demand for more comprehensive audit services, and firmly believe that through implementation of a no stone unturned approach, combining current best practices with mitigating controls, insurers can reduce exposure to both major incidents and minor cyber crime,” he said.

David Woodfine, director at CSA, said: “Through significant experience with the changing nature of cyber threat I’ve seen that those businesses that are proactive in tackling and reducing cyber risk stand the best chance of mitigating the chance of an effective breach, and of the damage should a breach occur.”

But he warned cyber security risks are constantly evolving, making it easy for a business to fall behind - with the implementation of General Data Protection Regulation (GDPR) making it even more important to ensure data is correctly stored, handled and protected. “Without an awareness of the technology necessary to protect against cyber attack and protect a businesses’ digital footprint, there is increased risk to the business,” said Woodfine.

“The biggest vulnerability for a business is poor education, training and preparation,” he added.