As one of the largest insurance companies in Europe, the UNIQA Group has already digitalised its business processes to a large extent. This high level of digitalisation requires comprehensive measures to minimise cyber risks and ensure cybersecurity. Effective cybersecurity makes it possible to organise digital business processes and drive innovation, but at the same time harbours the risk of cyberattacks that can potentially cause considerable financial and reputational damage.

The UNIQA Group’s cybersecurity strategy is agile in responding to evolving threats. Every year, the security requirements are aligned with the threat map to test their effectiveness against attack methods. Statutory provisions, including the Digital Operational Resilience Act, are considered in order to meet regulatory requirements. Internal standards and processes are improved to ensure resilience to cyberattacks while at the same time guaranteeing the integrity and confidentiality of customer data.

Action plans and projects to identify critical assets and strengthen security measures were expedited further in 2023. The business continuity method (BCM) for identifying critical assets was refined and implemented across the Group. Critical assets such as IT applications and other important features have been thoroughly investigated for potential weaknesses, vulnerabilities, and non-conformities. This allows for targeted security measures to ensure the integrity and confidentiality of these assets.


Target achievement in 2023

2024 targets

Risk assessment

Group-wide implementation of the business continuity method (BCM) for identifying critical assets and carrying out risk assessments

Management of security issues: targeted minimisation of the security risks identified by risk assessments in order to eliminate the weaknesses and vulnerabilities identified based on the risk