Case Study

Cyber insurance risk assessment for a global satellite communications and launch provider

When:
2022
Where:
North America
Services involved:
Threat Intelligence
Crisis Planning and Continuity
Cyber

Overview

Our consulting team was engaged by US insurance brokers to carry out a highly detailed cyber risk assessment at the organisational level for a global satellite provider.

Both the client and the broking team wanted to ensure that they had a very comprehensive view of the exposure of the organisation to cyber risks before entering the insurance market, and wanted to understand where there might be possibilities for improvement prior to engaging underwriters. This was also extremely critical because the clients infrastructure and architecture was highly complex as a result of their operations in space, and also had exposures to government contracts.

The team began by issuing a request for information list to review as many documents as possible which described the infrastructure, architecture, revenue drivers, and cyber security controls within the organisation to create a strategic context. Our consultants use this to build a notional model of the organisation which would help us to understand how it could be exposed to cyber security risks, particularly around satellite operation and control. We also carried out a highly detailed assessment of what controls were in place and how this specifically related to the organisations critical assets.

The end result was a report which enabled the client to understand their cyber exposure and to bridge the gap between the insurance team and the risk management team on a very important topic. Advances were also made in developing a potential maximum loss for cyber in the context of the organisations revenue drivers. The report was also subsequently disclosed to key insurance markets when building a cyber insurance programme, providing under writers with the transparency that they would need to underwrite and assess such a complex client.

Project leads
Adam Carrier
Head of Consulting
View profile
Nick Robinson
Consultant, Crisis & Security Strategy
View profile

Outcomes for client

  • A due diligence process which enabled the insurance team to themselves get a better view of the cyber security controls in place at the organisation.
  • Visualisations of architecture and infrastructure, and how this connects to revenue, which can be used to stimulate better conversations both within the client and with insurance markets.
  • A highly detailed assessment of the controls in place to mitigate cyber risks at the organisation in comparison to the benchmarks currently being set by insurance markets, which covered around 700 control types across 20 different control themes.
  • A report which was shared with brokers, under writers, and the information security team to be used as a single source of truth to help identify the organization's requirements for cyber insurance cover.

Recent case studies

View more projects we have completed for clients.

2023
Intelligence provision for a global hospitality firm
Europe
Active Threat Monitoring
Threat Intelligence
Threat Assessment
2023
Tailored intelligence collection for a large multinational
Global
Threat Intelligence
Threat Assessment
Active Threat Monitoring
View all

Contact us

We’re always keen to talk through problems – even if you don’t end up working with us.

Let us know your problem or situation and one of our consultants will get back to you and arrange a call.

Step one
You let us know what you or your team requires help with.
Step two
One of our consultants will arrange a meeting to find out more.
Step three
We outline how we can help you in a proposal.
Step four
If accepted, we begin providing you or your team with our solution.