62% of UK Firms Lack Full Cyber Security Insurance - Despite a Rise in Overall Coverage
Fico research reveals that telecommunications firms lag behind other industries regarding cyber security insurance, with 17% reporting they have no coverage.
This was revealed in a survey based on numerous interviews with senior staff in the security and IT functions of companies with more than 500 employees in the UK and ten other countries. It found that only 38% of UK firms surveyed have cyber security insurance that covers all risks. While most respondents said that their cyber insurance is not based on an accurate assessment of their firm’s individual risk.
The study, which Ovum conducted for FICO, also found that the number of UK firms with cyber security insurance has risen in the past year – just 10% of UK executives surveyed say their firm has no cyber security insurance, compared to 24% in all 11 countries surveyed.
Telecommunications firms lag behind other industries regarding cyber security insurance, with 17% reporting they have no coverage, compared to just 5% of financial service firms.
Steve Hadaway, FICO general manager for Europe, the Middle East and Africa, said: “Cyber security insurance has become a must-have for UK firms in a short period of time.”
“But with that growth will come increased pressure on insurers to increase the transparency and fairness around how premiums are set. Businesses will demand that their investments in cyber security protection — and the strength of their cyber security posture — drive their premiums down.”
Taking into the growing impact of global cyber-related incidents, arguably it makes complete sense that the industry has also expanded. Lloyd’s of London warned in a report last year that economic losses from a single “cloud service disruption scenario” could reach as much as $121 billion.
With this mind, the pressure is mounting on chief technology officer’s to step up to the plate and protect British businesses from damaging cyber attacks, these are the words of Advanced’s CTO, Jon Wrennall, who in a recent whitepaper commented that “Undoubtedly the role of CTO is on the ascent. Every position on the board can, and should, be a driving force for the business. However, given the impact that digital disruption is having on every single industry, the connected CTO is, I believe, best placed in our digital world to truly drive the associated benefits”.
“However, it therefore also falls to the CTO to both manage and overcome the connected threats as well. Indeed, CTOs are fundamentally not doing their job if they don’t achieve this.”
Maxine Holt, research director at Ovum, said: “Although UK organisations perform well in terms of the uptake of cyber insurance, the fact that fewer than 40% have comprehensive insurance demonstrates there is still some way to go for these firms to have a broad view of their security posture and how to present it for insurance.”
“It could also show that these companies have a current security posture that insurers are not prepared to cover comprehensively. We should not detract from the positive news here; 90% of UK organisations have elevated the importance of cyber security to a level that requires insuring, even if only partially.”
- DevOps Engineer with IdAM
- Upto £80,000 plus benefits
We are ooking for an DevOps engineer, idealy with IdAM (identity access Management) experience, this is a senior role for someone that can be the lead hands on person on a project. Your role will be to work on the deployment project implementing the solution into the exsiting application so will be used to connect an applications into mulipe 3rd party appliactions. We Would look at someone who has done DevOps with Security and can cross train into IdaM, but preference would be given to someone with the IdAM experience this is a great opportunity to join a consultancy that work on some truely amazing and differnet solutions
- Senior SOC Analyst. Level 3 Palo Alto Wildfire, Rapid 7, Fortify, Splunk.
REF CH7840 Senior SOC analyst (Palo Alto Wildfire, Rapid 7, Fortify AND Splunk) Flexible location £55,000 + Senior SOC analyst needed (Level 3) that can achieve SC clearance for a permanent role. We are looking for Level 3 SOC Analysts with two or more of the following; Palo Alto Networks Wildfire (#malware) Rapid7 Nexpose Micro Focus Fortify (#automated #applicationsecurity) AND ideally Splunk. The role will include, but not be limited to; managing and handling incidents end to end, supporting and mentoring level 1 / level 2 staff, supporting the SOC manager in the delivery of the SOC roadmap, engaging with the client stakeholders (other technical teams) as and where needed, use case development, advanced search and reporting etc. Flexible location, commutable in the future to London or Birmingham This role will sit within a public sector client so the individual must be able to achieve SC clearance. To arrange a call with Chris Holt use this calendy link https://calendly.com/chris-holt/arranged-call-with-chris-holt-remote-soc-role Chris.Holt@dclsearch.com 07884666351
- Identity & Access Management (IdAM) Consultant
- Upto €100,000 plus bonus and benefits
An Identity & Access Management Consultant is needed to lead and drive technical and or business transformation projects in a client-facing position for a prestigious consultancy in Germany. The Identity & Access Management Consultant will be responsible for technical design and implementation of Identity & Access Management/IAM products within a wide variety of clients. The Identity & Access Management Consultant will have a blend of technical hands-on and client-facing consultancy with the ability to develop new business. Broad technical knowledge across Identity and access management is benefical. The Identity & Access Management Consultant will need to have technical hands-on experience with one or more of the following core areas; Privileged Access Management (PAM, CyberArk, Beyondtrust, Thycotic) Identity Governance Administration (IGA, Sailpoint, Omada, RSA) Customer Identity & Access Management (CIAM, Forgerock PSD2) The Identity & Access Management Consultant must have the willingness to travel to customer sites across Germany.
- PCI DSS Security Specialist, Level 1 Service Provider,
CH7827 Payment Card Industry DSS Security Specialist, Level 1 Service Provider End User. £75,000 Flexible location, ocassional travel to London- Covid permitting Payment Card Industry DSS Security specialist needed to join a Security team to work with a highly respected CISO within a Level 1 Payment Service Provider. The PCI- DSS Security Consultant will have end to end responsibility for PCI - DSS and its continuing certification. 2021 / 2022 plan is to transition PCI to the cloud. Experience must include a focus into the Payment Card Industry. A mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling to achieve compliance is essential. PCI objectives / 12 key requirements, OWASP top 10, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. PCI Cloud compliance, specifically someone with experience taking PCI-DSS from on premise into the cloud is HIGHLY desired. However, someone with Solid PCI experience with a strong technical background which include Cyber / Secure by design etc would be considered. Experience managing internal stakeholders and external third parties essential. Flexible working, but with the ability to get into London. This is an exclusive role to DCL Search & Selection. Arrange a call with Chris Holt on https://calendly.com/chris-holt/arrange-a-call-chris-dcl-pci-compliance