Page last updated on February 20, 2026
Kinsale Capital Group, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-02-20 16:12:51 EST.
Filings
10-K filed on 2026-02-20
Kinsale Capital Group, Inc. filed a 10-K at 2026-02-20 16:12:51 EST
Accession Number: 0001669162-26-000015
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity Risk management and strategy The Company's risk management process includes the identification, assessment and management of material risks from various sources, including risks related to cybersecurity and information technology. The Company uses information from multiple sources, including internal incident history, industry publications and analysis centers, public reporting, government and industry information sharing organizations and recognized information security frameworks to inform its risk management program. Management employs a combination of preventative and detective cybersecurity measures designed to protect the confidentiality, integrity and availability of the Company's information systems and data, including, but not limited to - Maintaining a vulnerability management program, - implementing and operating controls over logical access provisioning, - maintaining an enterprise-wide security awareness program and - administering periodic cybersecurity trainings. The Company engages third-party vendors with specialized expertise to support various aspects of its cybersecurity program, including continuous threat detection and response coverage, endpoint detection, anti-malware, penetration testing and suspicious activity alerting, among others. While the Company leverages third party service providers, management retains responsibility for the security and resiliency of the Company's information assets. The Company maintains an incident response plan designed to enable timely detection, escalation, containment and remediation of cybersecurity incidents that includes escalation criteria and preliminary materiality assessment considerations to guide business continuity and disclosure objectives. We describe cybersecurity-related risks that could materially impact our business strategy, results of operations or financial condition under the heading "Risk Factors." Potential material impacts of a cybersecurity incident may include, among other things, loss of access to systems and data, financial costs, operational disruption, regulatory scrutiny, litigation and reputational harm. Governance Our Chief Executive Officer ("CEO") is responsible for assessing and managing overall material risks to the Company. With respect to cybersecurity risks, our CEO oversees and leverages the collective expertise of the Company's information security function which reports to our CEO through the Company's Chief Information Officer. The information security function is staffed with individuals with relevant information security professional experience, including in the financial services sector, as well as educational experience and industry-recognized credentials. The Company's Board of Directors ("the Board") is responsible for receiving periodic updates on cybersecurity and information security risks and reviewing and discussing with management the quality and effectiveness of the Company's efforts to mitigate such risks. Management informs the Board about the Company's cybersecurity risk posture, including prevention, detection, mitigation and remediation activities no less frequently than semi-annually and provides updates as appropriate in connection with material developments, while management continues to monitor such matters on an ongoing basis.
Company Information
| Name | Kinsale Capital Group, Inc. |
| CIK | 0001669162 |
| SIC Description | Fire, Marine & Casualty Insurance |
| Ticker | KNSL - NYSE |
| Website | |
| Category | Large accelerated filer |
| Fiscal Year End | December 31 |