Intersys-hosted high-level roundtable explored cyber resilience following wave of UK cyber attacks

London, 21 May, 2025:

Experts from the banking, insurance, and law enforcement sectors have called for urgent, organisation-wide cyber security training to bolster resilience across the UK’s financial system. The call follows a wave of recent high-profile cyber attacks — including those affecting major UK retailers which included the theft of customer data — which have once again highlighted the urgency of enhancing cyber defences across all sectors, and breaking down the culture of blaming victims. 

Hosted in person at Intersys’ Leadenhall Market office in the City of London, the exclusive roundtable event — Navigating Cyber Security and Operational Resilience in the Finance and Insurance Sector - welcomed 12 senior representatives from organisations including Metro Bank, Chubb, Aon, and Clear Group, alongside Inspector Charlie Morrison, Head of the Cyber Griffin Programme at the City of London Police. 

According to the UK Government’s Cyber Security Breaches Survey 2025, phishing attacks remain the most prevalent and disruptive form of cyber breach or attack, experienced by 85% of UK businesses and 86% of charities. Despite the scale of the threat, only 30% of UK businesses currently offer cyber security training to staff.

Moreover, among the 3% of businesses that fell victim to cyber-facilitated fraud in the past 12 months, 54% of incidents stemmed from phishing, followed by online bank account hacks (28%) and organisational account takeovers (15%).

Inspector Charlie Morrison, Head of the Cyber Griffin programme at the City of London Police, said:

“Throughout the Square Mile, organisations are often well-prepared to manage the technical impacts of a cyber incident, but less equipped to support the individuals affected. The person who clicks on a malicious link or opens a malicious attachment can often go through a psychological journey similar to a victim of conventional crime, experiencing anxiety, insecurity, and a fear of returning to work. The City of London community has an opportunity here to integrate victim care into our response, and in so doing, limit the significant harm that cyber criminality can have.”

Mark Kirby, Professional Services Director at Intersys, said:

“Demand for this roundtable significantly exceeded capacity, underlining just how concerned and engaged the financial services sector is when it comes to the cyber threat landscape. The latest breaches show that you can have the best technical defences, but one click on a phishing link can still compromise your entire operation. That’s why we need to move beyond just tools and firewalls. User education is the most powerful frontline defence. And at the same time, this isn’t about blaming the victim, it’s about making sure they’re supported and informed. The attacker only has to succeed once, which is why ongoing, organisation-wide cyber training is essential. And we need to go further too — including implementing dark web monitoring and reporting tools, so organisations have a full view of where and how they may be exposed.”

Jake Ives, Head of Security at Intersys, said:

“A major theme from this event was culture; cyber resilience has to become part of a company’s DNA. The key takeaway was clear: organisations must foster environments where people feel confident and supported to report suspicious activity. Too often, fear of blame or embarrassment leads to silence, which gives attackers the advantage. We need to normalise early reporting — to treat clicking a phishing link not as failure, but as an opportunity to respond quickly and learn. Building a security-aware culture also means limiting unnecessary privileges, like removing local admin rights, and adopting technologies like Zero Trust Application Whitelisting. But all of that only works if people are engaged, educated, and empowered to act.”

LONDON, 18 March 2025 – Leading figures from across the insurance and cyber security sector have issued a unified call to action for insurers to strengthen their cyber resilience in response to the rapidly evolving threat landscape. 

Intersys, a leading provider of cyber security and IT solutions for the insurance sector brought together senior cyber security, underwriting, and risk management professionals to address pressing challenges facing the sector. The panel included:

• David Clamp, Founder, The Camelot Network
• Lisa Rowe, Senior Underwriter — Financial Lines, Cyber, Specialty MGA UK
• Aarti Ajay, IT Audit Manager, We Are Just
• Douglas Robare, Venture Partner — Neo Ventures
• Robin Muir, Head of Contingent Risks, Devonshire Underwriting
• Mark Kirby, Professional Services Director, Intersys
• Jake Ives, Head of Security, Intersys
• Tim King, Business Development Lead, Intersys

At a high-level roundtable hosted by cyber security specialists Intersys, industry leaders warned that insurers must move beyond reactive approaches and implement more robust, proactive risk management strategies to counter growing cyber threats:

• Ransomware Attacks – 60% of businesses affected by ransomware shut down within three years.
• Outdated Systems – GCHQ warns that many in the insurance sector still use outdated Windows systems, increasing vulnerability.
• MFA Limitations – Multi-Factor Authentication (MFA) is not foolproof, as cyber criminals are stealing access tokens to bypass it.
• Quishing (QR Code Phishing) – A rapidly growing attack vector, increasing from 0.8% of phishing attempts in 2022 to 12.4% in 2024.
• Evolving Cyber criminal Tactics – Attackers continuously adapt, requiring insurers to stay ahead with proactive measures.
• Lack of Industry Collaboration – A fragmented approach to cyber risk leaves insurers vulnerable, calling for greater cross-sector cooperation.

Urgent need for industry-wide action

Tim King, Business Development Lead, Intersys, said: “Threat actors only need to succeed once, whereas businesses must remain vigilant at all times. The risk-reward balance has shifted, making cyber crime an attractive option for criminals, with the likelihood of getting locked up for armed robbery higher than being arrested for cyber crime. The industry must prioritise proactive security measures to mitigate this risk as rather worryingly, GCHQ says significant numbers in the insurance sector use out-of-date Windows.”

Jake Ives, Head of Security, Intersys, said: “MFA is a strong starting point, but it isn’t foolproof. Cyber criminals are becoming increasingly sophisticated, stealing access tokens and bypassing security protocols. The insurance sector needs to continuously adapt to these threats.”

Douglas Robare, Venture Partner — Neo Ventures, said: “At the event I was introduced to the term Quishing - QR code phishing — which is rapidly rising from 0.8% of phishing attempts in 2022 to 12.4% in 2024. It’s a reminder that while we’re used to spotting phishing emails and texts, fake QR codes are now a real threat. The event was an excellent opportunity to discuss key cyber security challenges, particularly around data management, legacy systems, and the growing risks as AI tools become more prevalent in the insurance industry.”

Aarti Ajay, IT Audit Manager, We Are Just said: “There are so many challenges to overcome, and the discussion nailed some interesting topics and areas of focus for security professionals.”

David Clamp, Founder, The Camelot Network, said: “There were lots of insights on the theory and practical application of how to protect against the evolving cyber threat landscape, right in the heart of the London Market.”

Lisa Rowe, Senior Underwriter — Financial Lines, Cyber, Specialty MGA UK, said: “The Cyber Roundtable hosted by Intersys was a great opportunity to connect and share insights. Intersys’ deep expertise in cyber security made the collaboration enriching, and I truly valued the chance to meet with my fellow professionals.”

Robin Muir, Head of Contingent Risks, Devonshire Underwriting, said: “Cyber security must be embedded in the DNA of every insurance business — from MGAs to insurers and brokers. As the industry becomes increasingly interconnected through data feeds and APIs, the risk landscape is evolving at an unprecedented pace. Proactive, robust cyber measures are critical to protecting sensitive data and maintaining operational resilience. The insurance sector must stay ahead of emerging threats by fostering continuous dialogue and collaboration with cyber security experts, ensuring that best practices evolve alongside the risks we face.”  

Mark Kirby, Professional Services Director, Intersys said: “Our goal is to bring together IT security experts, risk managers, underwriters, and auditors to foster knowledge-sharing and innovative problem-solving in the face of emerging cyber threats.”

London, 8 October, 2024 – Intersys, the leading UK-based provider of cyber risk management solutions, dedicated to helping organisations of all sizes assess, manage, and mitigate cyber risk, today announced its further expansion in the UK insurance market.

Intersys has opened a new cyber security and IT office in Leadenhall Market, the heart of the insurance district. Intersys’ new London office will serve as a hub for delivering cutting-edge cyber managed services tailored to the unique needs of the UK insurance sector. The company’s experienced team of cyber security experts will work closely with clients to develop and implement customised solutions that address the evolving cyber threat landscape.

•  The UK Government’s 2024 Cyber Security Breaches Survey highlights that half of UK businesses experienced a cyber attack or breach in the past year, with phishing being the most common attack type, affecting 84% of businesses.
• In contrast, Intersys clients are ten times less likely to suffer a cyber attack than the national average. This significant advantage highlights the effectiveness of Intersys’ approach in providing marginal gains and substantial protective measures in an increasingly risky digital landscape.

Intersys: Decades of experience in insurance

Intersys boasts nearly three decades of experience in the insurance industry and as a leading London IT company. The company’s leadership team includes experienced insurance and technology experts who work with leading insurance businesses to provide IT infrastructure, security, outsourced solutions and cloud infrastructure design and support for critical firms within the market. This includes support for placing platforms, underwriting, claims management and exposure management systems. They also provide outsourced IT for fintech firms that are critical suppliers to large insurers.

“Insurers understand risk better than most, yet they themselves are prime targets for cyber attacks,” said Matthew Geyman, Managing Director at Intersys. “The alarming statistic that 50% of UK businesses have suffered breaches underscores the urgent need for proactive risk management in the cyber domain. Intersys’ proven track record in significantly reducing cyber breaches for our clients demonstrates the effectiveness of our approach. We’re not just another tech company; we’re a trusted partner with a deep understanding of the insurance industry’s unique challenges.”

“Our understanding of the insurance world, combined with our long-standing ISO 27001 certification and our laser focus on security, positions us uniquely to support insurers,” said Catherine Geyman, Director of Enterprise Risk Management at Intersys. 

“As the industry faces an expanding array of cyber threats, it’s crucial for insurers to adopt a holistic approach to risk management. By integrating cyber risk into broader enterprise risk strategies, we help our clients not only protect their operations but also build the resilience needed to navigate emerging challenges. With technology rapidly transforming the industry, it’s essential to have partners who understand where you’re starting from and where you’re headed. We look forward to expanding our support for the insurance sector with the opening of our new London hub.”