Workshops Insurance Quantum-Safe Third-Party Data Exchange
Insurance Full Day Workshop

Quantum-Safe Third-Party Data Exchange for Insurers

Insurers exchange sensitive data with dozens of counterparties: brokers, reinsurers, MGAs, loss adjusters, data aggregators, and payment processors. Every one of these connections relies on cryptography that a quantum computer will break. Migrating your own systems is necessary but not sufficient. You must also assess, sequence, and negotiate PQC migration across your entire third-party ecosystem.

Full day (6 hours + Q&A)
In person or online
Max 30 delegates
Commission This Workshop View Agenda

Proud to recommend our expert members

Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside
Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside

Workshop Description

The London Market alone processes billions of pounds in premium and claims data through interconnected systems: Lloyd's PPL for placement, ACORD XML/JSON for structured messaging, electronic bordereaux for delegated authority reporting, and DCOM for settlement. Each of these channels uses TLS for transport security and RSA or ECDSA for digital signatures. Reinsurance adds treaty placement platforms, loss triangle exchanges, and actuarial data feeds. MGA relationships add underwriting authority APIs and claims reporting interfaces.

A quantum-capable adversary intercepting any of these channels today can store the encrypted traffic and decrypt it later. The data sensitivity varies by channel, but much of it has value well beyond the immediate transaction: policyholder personal data, commercial underwriting assessments, claims reserves, and reinsurance treaty terms. This workshop maps every cryptographic dependency in a typical insurer's third-party ecosystem, risk-scores each connection based on data sensitivity and partner PQC readiness, and builds a migration strategy that sequences upgrades without breaking commercial relationships.

What participants cover

  • Insurance data exchange architecture: Lloyd's PPL, ACORD messaging, electronic bordereaux, reinsurance treaty platforms, MGA data feeds, and their cryptographic dependencies
  • Quantum threat exposure by channel: TLS key exchange, API authentication (OAuth 2.0, mTLS, JWT), message signing, and data-at-rest encryption across all third-party integrations
  • ETSI TS 103 744 and ISO/IEC 18033-2: quantum-safe standards for TLS hybrid key exchange and public key encryption applicable to insurance data flows
  • Third-party cryptographic dependency mapping: building a risk-scored matrix of partner connections, cipher suites, and PQC readiness levels
  • Hybrid deployment: ML-KEM + X25519 for backward-compatible TLS, ML-DSA + ECDSA for dual-signature message integrity during migration
  • Supplier engagement: PQC readiness questionnaires, contractual milestone clauses, and regulatory leverage (Solvency II, PRA SS2/21, Lloyd's Y5381)

Preliminary Agenda

Full day workshop structure with scheduled breaks. Content is configurable to your third-party ecosystem, market position (insurer, broker, reinsurer, MGA), and regulatory jurisdiction.

#SessionTopics
1 Insurance Data Exchange ArchitectureHow data flows between insurers, brokers, reinsurers, and third parties
  • London Market: Lloyd's PPL (Placing Platform Limited), ACORD messaging, electronic bordereau, DCOM settlement
  • Reinsurance data flows: treaty placement, claims bordereaux, loss triangles, actuarial data exchanges
  • MGA/delegated authority: binder data feeds, underwriting authority APIs, claims reporting
  • Cryptographic dependencies in each channel: TLS versions, certificate authorities, message signing, data-at-rest encryption
2 Quantum Threats to Inter-Party CommunicationWhere Shor's algorithm and harvest-now-decrypt-later expose insurance data flows
  • TLS 1.2 key exchange: RSA and ECDHE vulnerability to Shor's algorithm and harvest-now-decrypt-later interception
  • ACORD XML/JSON message signing: RSA-2048 and ECDSA digital signatures on bordereaux and placement messages
  • API authentication: OAuth 2.0 token exchange, mTLS certificates, and JWT signing between insurer and broker systems
  • Data aggregator feeds: Verisk, CRESTA, NatCat data services using TLS-encrypted channels
Break, after 55 min
3 ETSI and ISO Standards for Quantum-Safe Data ExchangeStandards bodies and their relevance to insurance
  • ETSI TS 103 744: quantum-safe hybrid key exchange for TLS, applicable to API-to-API insurance data flows
  • ISO/IEC 18033-2 (update): post-quantum public key encryption, relevant to encrypted data feeds between parties
  • NIST FIPS 203/204: ML-KEM for key establishment and ML-DSA for digital signatures in inter-party communication
  • ACORD standards roadmap: current cryptographic requirements and planned post-quantum migration path
4 Interactive Demonstration: Third-Party Cryptographic Dependency MappingFacilitator-led mapping of cryptographic touchpoints across a typical insurer's third-party integrations
  • Building a third-party cryptographic dependency matrix: which partners use which TLS versions, cipher suites, and certificate types
  • Risk scoring third-party connections: combining data sensitivity, retention period, and partner PQC readiness
  • Contractual leverage analysis: where you can require PQC migration and where you must accommodate legacy partners
Break, after 60 min
5 Migration Strategy for Multi-Party EnvironmentsSequencing PQC migration without breaking commercial relationships
  • Hybrid key exchange deployment: ML-KEM + X25519 for TLS connections that must maintain backward compatibility
  • Message signing transition: running ML-DSA alongside existing ECDSA signatures during migration period
  • Supplier engagement framework: PQC readiness questionnaires, contractual milestone clauses, escalation protocols
  • Regulatory leverage: using Solvency II ORSA, PRA SS2/21, and Lloyd's Y5381 to justify migration demands to partners
6 Case Studies: Multi-Party PQC MigrationLessons from financial services and adjacent sectors
  • SWIFT post-quantum migration planning: parallels for insurance settlement and messaging systems
  • Cloudflare-Google hybrid TLS deployment: applicability to insurance API gateway migrations
  • Common failure patterns: certificate pinning by third-party vendors, HSM firmware constraints on new algorithms
7 Q&A and Migration Roadmap Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and insurance systems.

QD

Quantum Security Defence

Workshop design and delivery

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

IN

Insurance Sector Partners

Domain expertise and operational validation

Insurance workshops are co-delivered with sector specialists who bring direct operational experience in London Market operations, third-party risk management, and vendor security assessment within Lloyd's syndicates, brokers, and reinsurers.

Commission This Workshop

Sessions are configured around your third-party ecosystem, market position, and regulatory jurisdiction. Get in touch to discuss requirements and schedule a date.

Contact Us
Insurance Workshops All Consulting Services All Workshops