Cyber and resilience aren’t just about preventing and withstanding loss, but allowing people to work effectively
A major UK insurer was on an agile journey—transforming how they worked. But their security team was struggling to keep up with the changes. They believed the heart of the problem was with their supplier, rather than their own structure. And employees saw security as a bottleneck, stopping them from using new applications and launching new services. This was because the security team was ill-equipped to deal with day-to-day tasks, let alone to cope with a huge change to a more agile way of working.
They originally came to us to help procure a new supplier. They were ready to pull the trigger, but it wouldn’t have solved their issues. So we helped diagnose the real problem and build back confidence in security. Our team quickly worked to embed ourselves and show empathy and commitment to their firm.
The real problem was their structure
The insurer didn’t completely understand the problem, as they were too busy fighting fires and dozens of issues. They believed that a new supplier would fix all their issues. We quickly got our heads around the situation and started changing their structure, letting them take a step back and look at the big picture. Taking a methodical approach, we found the root causes. The cyber team didn’t know their place and purpose within the business and how they contributed to success.
So we helped them figure out why they existed. Where did they want to be? What were their objectives? And how could they help, not hinder, people on this agile journey? We took their strategic objectives, wrote a new strategy for them, and showed them a new operating model for their team.
Security became a part of the process
Before Baringa were engaged, the insurer’s cyber and resilience team were the last to know about anything. Whether it was using new software to do their jobs or releasing new services—people would delay or even avoid speaking with the team. This meant they often had to redo work—causing even more frustration.
Now, we’ve helped them put security into the heart of the process. A central security team, but also security champions who can be involved in projects from the very start. The insurer can now continue their agile journey. They can release services quickly, security is aware of the threat landscape, and the whole business is much more security-conscious. As a result, individuals and the board have much more confidence in their cyber security and can seek new ways to engage with their market.
"I have been very impressed with Baringa’s resolve and focus. Not only have you managed to keep the project and associated deliverables moving forward but you have done so whilst also managing the expectations of the leadership team members in a way that has maintained the sensitivity and time pressure surrounding the subject matter. Whilst I appreciate this may not sound like much of an achievement, I can assure you that it is. I have seen many others fail to formulate a long-lasting trusting relationship with the leadership team and their direct reports when working on complex deliveries such as the one you’ve been working on."
Related Case Studies
Future proofing ESG materiality assessments for a global insurer
How do you prepare now, to stay ahead of changing disclosure requirements?
Read more
Supporting reluctant customers to become a digital-first insurer
How did a leading healthcare cover provider overcome initial resistance from customers to encourage them to embrace new digital channels?
Read more
Leading the operational transformation that made a £4 billion insurance deal possible
How did an insurer cut through the complications of one of the biggest carve-outs in recent history to emerge stronger and better equipped for the future?
Read more
Creating the insurance platform of the future for one of the UK’s largest insurers
How do help our client to deliver seamless digital experiences for their customers?
Read more