Citadel Reinsurance

IT Support for Financial Services

Citadel Reinsurance is a niche reinsurance company based in Bermuda.

Challenges

Citadel Reinsurance approached us to conduct a Cyber Security Audit across their global operations, including the UK, US and Bermuda, and to draft a Cyber Security Risk Management Framework.

In addition, the Bermuda Monetary Authority (BMA) was in the consultation phase for the introduction of a new Cyber Risk Management Code of Conduct they planned to implement in 2021. Although the final text was not yet confirmed, we needed to be mindful of the likely content.

Our Solution

We met with key personnel to ensure we thoroughly understood their current structure, systems and policies. Then we scored these against the National Institute of Standards and Technology (NIST) Cyber Security Framework to highlight areas of concern and generate recommendations.

The company is geographically diverse, so some of our recommendations applied broadly, while others only related to individual entities.

Finally, we suggested a phased introduction, with high-priority measures to improve security implemented promptly, while long-term plans should wait until the final text of the BMA Code of Conduct is confirmed.

Annual reviewing

A Cyber Risk Policy Document to be reviewed at least annually.

Third-party Security

Supplier Contracts with third-party providers must have appropriate cyber-risk controls in place at all levels of the IT supply chain.

Risk management

A Cyber Risk Management Programme to identify, evaluate and manage internal and external cyber risks and threats

Regular auditing

A Cyber Risk Audit to be conducted regularly

CISO

The role of Chief Information Security Officer (CISO) should be created

Business Continuity and Disaster recovery plans

Implement a Business Continuity Management Programme and Disaster Recovery Plan.

We offer complete, FCA-compliant IT services to financial clients.

With multiple offices across the globe, cloud-based systems and close relationship with external providers, we realised creating our Cyber Risk Management Framework would require considerable expertise. Intersys did a great job of gathering all the necessary data about our company’s global systems and processes, and then benchmarking it against the expected standards.
I could certainly recommend their service and approach.

Mike Palmer,

Citadel Risk

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Managed IT Support

More information

Consulting Services

Executive IT Expertise

Compliance

Development

Risk

Cyber Security

Managed Security Services

Education Security

Further Services

IT Solutions

Installation

Microsoft Support

Troubleshooting

Telephony

Website Setup