Skip to content Skip to footer

Loading Results

Insurance cybersecurity services

Cyber-related incidents represent a growing threat

The reputation and economic stability of financial institutions are at risk from cyber attacks. The ubiquity of cyber risk raises many questions about all areas of an insurer’s business and organization.

At PwC, we understand the importance of mitigating cyber risks and crafting a comprehensive risk management program to promote cyber resiliency.

Playback of this video is not currently available

Becoming threat smart: Building a cyber resilient financial institution

Managing cyber risk

On the business side

(CEO, CFO, CRO, legal, internal audit, and board members):

  • Is cybersecurity an integral part of your business model
    and strategy?  Who leads your cyber incident program and is it cross functional?
  • How aware are you of what strategic threats and adversaries are targeting you and why?
  • Are you able to demonstrate compliance to existing legal and regulatory requirements directly related to cyber?
  • Is there an understanding of the cost of recovery vs. the benefit of cybersecurity investments?
  • How are you assessing your cyber risks associated with your business partners, vendors and third parties?
  • How often are you conducting a full audit of your cyber readiness capabilities from detection to response?
  • Are you contemplating entering the cyber insurance market with products?
  • What are you doing to assess cyber risks of your clients related to insurance risk?

View more

On the technical side


  • To what extent does the executive team leadership team understand and invest in cybersecurity and appreciate return on their investment?
  • Are you leveraging threat analytics and research to understand attacks and incidents in order to identify systemic issues and root causes? Are these systems integrated into your overall SIEM and compliance systems so your teams know what and how to respond to threats?
  • What is your cybersecurity framework based on (e.g. NIST CSF, others)?
  • How is cyber resilience managed for new systems, projects and products – what types of testing and validation do you conduct?
  • How often are you conducting a full audit of your cyber readiness capabilities, from detection to response?


View more

Our approach to cyber resiliency

PwC helps insurers effectively achieve their strategic cyber objectives by designing capabilities and processes that fit each business’s individual profile and needs.

1. Risk management

  • Establish a cyber risk appetite
  • Promote awareness and education with C-level executives and staff
  • Provide on-going management and monitoring of cyber risks

2. Technology and operations

  • Create cyber risk analytical and threat modelling capabilities
  • Deploy processes and technology solutions to prevent and detect cyber events

3. Incident response

  • Help organizations respond to incidents

Contact us

Joseph Nocera

Cyber & Privacy Innovation Institute Leader, PwC US

Christopher Morris

Principal, Global Secure Terrain Leader, PwC US

Shawn Connors

Principal, Cybersecurity and Privacy, PwC US

Follow us