Informa Insurance News 24
PRA SETS DEADLINE FOR ‘SILENT CYBER’ ACTION PLAN
The UK’s Prudential Regulation Authority (PRA) has told insurers they must develop an action plan to reduce their exposure
non-affirmative cyber risk by the end of June. In a “Dear CEO” letter the regulator said the action plan needs to present
clear milestones and dates by which action will be taken. Supervisors may ask to review this plan and subsequent progress
towards it, the letter added. The PRA will also be co-ordinating with Lloyd’s to agree any follow-up actions necessary for
managing agents. The letter follows a supervisory statement issued in July 2017 on managing cyber underwriting risk and a
subsequent follow-up survey conducted in 2018.