Header image

Research Shows Lack of Cyber Insurance Adoption in Local Councils

Only two local councils confirmed they had a cyber insurance policy in place.


There is a persistent lack of understanding and investment in cyber insurance, particularly in the public sector.

According to research from Apricorn, only two out of 41 local councils claimed to have a cyber insurance policy in place. According to a series of Freedom of Information requests made to local councils and government departments across the UK, only Flintshire County Council  - which adopted its policy in October 2022 - and London Councils, whose policy covers the period 2021 to 2024, were covered.

As a number of councils are reporting repeated cyber-attacks, Ards and North Down Borough Council, and Greater Manchester Combined Authority, mentioned plans to invest in such policies within the next year.

“Local councils and government departments are responsible for large amounts of sensitive data and should lead by example by adopting stronger cyber insurance policies and more robust data protection measures”, said Jon Fielding, Managing Director EMEA at Apricorn.

"Cyber insurance is not just a safeguard for financial recovery; it encourages organisations to shore up their defences, ensuring better compliance with regulatory standards and promoting best practices in data security.”


Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Upcoming Events

No events found.