Intersys Logo

Managed IT Support

A Reasonable, Fixed Monthly Fee for All Your IT Needs
Managed IT Support Provider

Consulting Services

The High Level IT Consulting Services You Need to Transform Your Business
Get IT Consulting Services

Cyber Security

A Comprehensive Range of Cyber Security Services for Robust, Industry-Leading Protection
Get Cyber Security Services

IT Solutions

Whatever your IT needs, we'll create a tailormade solution for you
Get IT Solutions

Citadel Reinsurance

IT Support for Financial Services

Citadel Reinsurance is a niche reinsurance company based in Bermuda.


Citadel Reinsurance approached us to conduct a Cyber Security Audit across their global operations, including the UK, US and Bermuda, and to draft a Cyber Security Risk Management Framework.

In addition, the Bermuda Monetary Authority (BMA) was in the consultation phase for the introduction of a new Cyber Risk Management Code of Conduct they planned to implement in 2021. Although the final text was not yet confirmed, we needed to be mindful of the likely content.

Our Solution

We met with key personnel to ensure we thoroughly understood their current structure, systems and policies. Then we scored these against the National Institute of Standards and Technology (NIST) Cyber Security Framework to highlight areas of concern and generate recommendations.

The company is geographically diverse, so some of our recommendations applied broadly, while others only related to individual entities.

Finally, we suggested a phased introduction, with high-priority measures to improve security implemented promptly, while long-term plans should wait until the final text of the BMA Code of Conduct is confirmed.

Annual reviewing

A Cyber Risk Policy Document to be reviewed at least annually.

Third-party Security

Supplier Contracts with third-party providers must have appropriate cyber-risk controls in place at all levels of the IT supply chain. 

Risk management

A Cyber Risk Management Programme to identify, evaluate and manage internal and external cyber risks and threats

Regular auditing

A Cyber Risk Audit to be conducted regularly


The role of Chief Information Security Officer (CISO) should be created

Business Continuity and Disaster recovery plans

Implement a Business Continuity Management Programme and Disaster Recovery Plan.

With multiple offices across the globe, cloud-based systems and close relationship with external providers, we realised creating our Cyber Risk Management Framework would require considerable expertise. Intersys did a great job of gathering all the necessary data about our company’s global systems and processes, and then benchmarking it against the expected standards.
I could certainly recommend their service and approach.

Mike Palmer,
Citadel Risk
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram