Insurers occupy a paradoxical position in the cybersecurity landscape. While they assess cyber risk for policyholders, they also are high-value targets due to the sensitive data they maintain.
This study – conducted by the Insurance Information Institute (Triple-I) and Fenix24 – examines cybersecurity practices among insurers. It employed structured interviews administered across various organizational sizes and market segments. Questions were designed to align with best practices, regulatory requirements, and security controls commonly required in cyber underwriting.
