Fig Group
GRC and compliance platform for managed service providers with embedded cyber insurance intelligence.
Overview
Fig Group is a governance, risk, and compliance platform designed for managed service providers, managed security service providers, and corporate risk teams. The platform consolidates oversight, monitoring, and assurance workflows in a single environment, with a distinctive embedded insurance module that connects continuous compliance data directly to cyber insurance underwriting and premium pricing.
The platform supports 65+ compliance frameworks, 300+ integrations with common security and cloud tools, and can be deployed in 48 hours without setup fees. A core differentiator is the embedded insurance capability, which translates compliance and vulnerability improvements into real-time premium reductions and faster claims processing, positioning Fig at the intersection of cybersecurity compliance and insurtech.
Beyond the core platform, Fig Group operates as an IASME-licensed Cyber Essentials certification body, offering certifications starting at GBP 299.99—the lowest published rate from any IASME-accredited body in the UK. Each Cyber Essentials certificate includes GBP 25,000 of bundled cyber liability insurance, reinforcing the insurance integration strategy.
Products & Services
Resilience Platform
The core GRC platform organizes compliance and risk management across five lifecycle phases: Discover (asset and data discovery, configuration management), Protect (vulnerability scanning, third-party risk, business continuity), Respond (incident management with regulatory notification), Prove (compliance automation, policy management, audit workflows), and Insure (embedded insurance underwriting).
Key Features
- 65+ compliance framework mappings (Cyber Essentials, ISO 27001, NIS2, DORA, GDPR)
- Automated evidence collection and audit-ready workflows
- 300+ integrations with no per-integration fees
- AI-assisted risk scoring and agentic remediation
- Multi-tenant architecture with enterprise RBAC and SSO
- 48-hour deployment with no onboarding fees
Target Users: MSPs seeking recurring compliance-as-a-service revenue; enterprises managing multi-domain compliance
Embedded Insurance
Fig's insurance intelligence module converts live compliance and vulnerability data into direct insurance underwriting inputs. Premiums calculate dynamically from continuous compliance posture; risk improvements automatically reduce premiums without renewal surprises. The module supports cyber, professional indemnity, directors and officers, and crime coverage through a single compliance data feed.
Key Features
- Risk-based pricing tied to compliance and vulnerability metrics
- Pre-documented incident evidence for accelerated claims (days instead of weeks)
- Multi-coverage support from one data source
- Four-step implementation (ownership definition, system connection, framework mapping, pre-audit review)
- Insurance partnerships subsidize the platform
Target Users: Organizations seeking to improve insurance terms through measurable compliance improvements
Cyber Essentials Certification
Direct-to-organization certification services as an IASME-licensed body:
Key Features
- Cyber Essentials: Self-assessment from GBP 299.99 + VAT with 6-hour turnaround guarantee
- Cyber Essentials Plus: Technical audit from GBP 1,499 + VAT
- Defence Cyber Certification Level 0: Documentation review from GBP 999.99
- Defence Cyber Certification Level 1: Consultant-led assessment from GBP 9,999
At a Glance
- Founded
- 2025
- Headquarters
- London, England
- Employees
- 1-10
- Funding
- Bootstrapped
Category & Focus
- Category
- Governance, Risk & Compliance
- Subcategories
- Compliance Automation Risk Monitoring Insurance Intelligence Cyber Certification
- Insurance Verticals
- Cyber Professional Indemnity Directors & Officers Crime
- Target Customers
- Managed Service Providers, Managed Security Service Providers, Corporate Risk Teams, Compliance Officers
Customers
- Liberty Towers Ltd
Last updated: 2026-06-16