Case Study

Cyber insurance risk assessment for a major UK University

When:
2022
Where:
United Kingdom
Services involved:
Cyber
Crisis Planning and Continuity

Our consulting team was engaged to carry out an in-depth cyber risk assessment for a major UK University. With the sector experiencing a recent dramatic rise in ransomware attacks, the University had grown increasingly concerned with the risk exposure it now faced.

The team worked with the University over a 12-month period to provide a comprehensive overview of its cyber risk exposure, how its various departments and institutions are governed, and how its critical systems and services are secured and maintained. This process began with a scoping workshop with senior stakeholders to gain a sense of the University's complex and fragmented IT ecosystem and identify where pressure points and areas of oversight may exist.

Using the information collected, we then set about conducting a series of detailed engagements with IT stakeholders across the University, with the aim of identifying what security controls were in place across a number of academic and non-academic institutions. This resulted in a highly detailed report which enabled the University to understand its cyber exposure and pinpoint specific challenges that could be addressed through investment and risk management.

Project leads
Nick Robinson
Consultant, Crisis & Security Strategy
View profile
Adam Carrier
Head of Consulting
View profile

Outcomes

  • A due diligence process which enabled the University and its senior leadership team to get a clearer view and understanding of cyber security controls across the entire estate.
  • A detailed assessment which identified which key controls should be implemented to mitigate cyber risks at the University, in comparison to the benchmarks currently set by the insurance markets. As well as highlighting key areas of exposure, the assessment also identified areas of best practice and those departments/institutions considered 'best in class'.
  • A report for senior leadership and IT teams at the University, providing an up-to-date snapshot of cyber security controls across the estate, and a detailed list of recommendations to assist the institutions move towards future insurance placement.

Relevant case studies

View more projects we have completed for clients.

2024
Cyber risk assessment and insurance demystification for a major airline
Philippines
Cyber
2023
In-depth cyber insurance risk assessment for a major US holding company
US
Cyber
View all

Contact us

We’re always keen to talk through problems – even if you don’t end up working with us.

Let us know your problem or situation and one of our consultants will get back to you and arrange a call.

Step one
You let us know what you or your team requires help with.
Step two
One of our consultants will arrange a meeting to find out more.
Step three
We outline how we can help you in a proposal.
Step four
If accepted, we begin providing you or your team with our solution.