CISOaaS
Flexibility
loyalty
Following a consulting partnership at the end of 2021, the client, an insurance company specialising in non-life policies with a comprehensive offering for individuals and SMEs, strengthened its ties with Gruppo SCAI by appointing a specialist in this field as CISO-as-a-Service in March 2022.
The specific need was to obtain advice to define a security roadmap useful for interacting with IVASS, the Insurance Supervisory Authority, and receive support in formulating security policies.
Supporting the customer with application verification activities of the new digital services of the multichannel platform, a detailed penetration testing report was produced, accompanied by a re-entry plan. In addition, information security, business continuity and disaster recovery policies were drawn up through a risk analysis for the insurance company’s critical functions.
Following a consulting partnership at the end of 2021, the client, an insurance company specialising in non-life policies with a comprehensive offering for individuals and SMEs, strengthened its ties with Gruppo SCAI by appointing a specialist in this field as CISO-as-a-Service in March 2022.
The specific need was to obtain advice to define a security roadmap useful for interacting with IVASS, the Insurance Supervisory Authority, and receive support in formulating security policies.
Supporting the customer with application verification activities of the new digital services of the multichannel platform, a detailed penetration testing report was produced, accompanied by a re-entry plan. In addition, information security, business continuity and disaster recovery policies were drawn up through a risk analysis for the insurance company’s critical functions.
In response to the customer’s priorities, Gruppo SCAI provided support for the implementation of the ICT, Compliance and Legal functions in relation to the IVASS questionnaires. The cyber risk assessment was a new dimension added to the client’s initial request, complementing the pre-existing operational risks within the company.
Thanks to the flexibility andattentive listening of the SCAI Group specialists in guiding the customer along a path of continuous growth, a three-year security roadmap was developed.
In particular, skills, the team’s responsiveness and professionalism were highly appreciated and helped to consolidate the relationship with the client, with new projects in the pipeline for 2023.
“The Company’s Top Management expressed its appreciation to SCAI Partners, a company of the SCAI Group, for its professionalism, speed of response, and undisputed expertise, which led the Company to make the simple decision to renew the partnership also for 2023. An important win-win that will ‘guide’ the Company to create an ambitious roadmap with important goals for the next three years. All this under the supervision and governance of the CISO.” – IT Manager & Digital Transformation of the client company(Insurance company specialising in non-life policies with a comprehensive offer for individuals and Small and Medium-Sized Enterprises (SMEs), with an annual turnover of approximately 20 Mln Euro).
The client initiated a Security Governance process that led to the identification of targeted initiatives to improve the company’s security posture. The presence of a consultant with a high degree of experience enabled the client to interact more effectively with important stakeholders such as suppliers, supervisory bodies and, not least, the Board of Directors, which receives biannual updates from the Chief Information Security Officer on the company’s cyber risk management.
In turn, the customer partnership offers Gruppo SCAI the opportunity to receive timely circulars and regulatory updates as soon as they are published and communicated by the regulatory bodies, including IVASS and EIOPA, and to stay up to date on the latest regulations and guidelines in the insurance industry.