Article

Chris Camacho
Chris Camacho 6 March 2018

Why the insurance industry is uniquely vulnerable to cyber threats

The insurance industry plays a unique role in modern society, providing individuals and organisations with a sense of financial security when faced with unforeseen circumstances. Unfortunately, the insurance industry is also unique in how and why it is susceptible to fraud, phishing, ransomware, credential theft, and other cyber threats. Indeed, many of these threats have become especially familiar to insurers in recent years

The insurance industry plays a unique role in modern society, providing individuals and organisations with a sense of financial security when faced with unforeseen circumstances. Unfortunately, the insurance industry is also unique in how and why it is susceptible to fraud, phishing, ransomware, credential theft, and other cyber threats. Indeed, many of these threats have become especially familiar to insurers in recent years—largely due to the following circumstances:

Rapid Digitisation

Modernisation and innovation have driven the insurance industry to migrate to digital channels in order to broaden the scope of its service offerings. Although these initiatives enable insurers to remain relevant amid a fast-paced competitive landscape, they also increase a company’s exposure to various threats. Similar to how the healthcare sector’s rushed implementation of electronic medical record systems ultimately fuelled an uptick in healthcare data breaches, the insurance industry’s rapid and continual adoption of cloud-based storage and services expanded its attack surface beyond traditional on-premises risks. While these types of systems do not automatically make security incidents and breaches inevitable for insurers, they can give rise to various risks and challenges that ultimately necessitate a more comprehensive and proactive approach to security.

Cybercriminals’ Shifting Targeting Strategies

Another key characteristic contributing to the insurance industry’s susceptibility to certain cyber threats inadvertently stems from a prominent trend across the financial services sector. Specifically, the ongoing adoption of stronger security measures has made financial services companies—though historically seen as prime targets for cybercrime—more and more difficult for adversaries to penetrate. But rather than halt their activity altogether, many of these stringent security measures have instead prompted cybercriminals to shift their attention toward what they perceive to be “softer” targets, such as insurance companies.

A Comparatively Lax Regulatory Landscape

Many of the financial services sector’s aforementioned security measures continue to be implemented rapidly and effectively because of a strict regulatory landscape. Financial services companies have long operated under stringent requirements pertaining to secure data storage and encryption, as well as incident and breach disclosure. In the event that a financial services company fails to meet such requirements, the penalties can be severe.

Insurers, however, have historically faced far fewer regulatory requirements when it comes to information security. As a result, the industry has generally been less cognizant of how to address various cyber threats and subsequent business risks. While organisations across all sectors should strive for comprehensive security and risk strategies beyond what is required by regulations, looking to the effective security measures present in financial services and other sectors can be a valuable and insightful starting point.

The above characteristics have undoubtedly helped shape a complex threat landscape for the insurance industry. The good news is, however, that these characteristics are also driving many insurers to rethink their approach to security, risk, and more specifically, intelligence. In response, more companies are coming to regard intelligence as not just a tool to be siloed within their IT department but rather a core operational requirement. Insurance companies that integrate Business Risk Intelligence (BRI) into their security and risk strategies programmes glean actionable insights from the Deep & Dark Web communities where adversaries congregate and develop new schemes. By applying these insights to enhance their defences and inform their security and risk strategies, insurance companies can and do gain a decision advantage over these threats and adversaries.

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of...

Salman Sharif
Salman Sharif 7 July 2017
Read more
Collection Of The Best Email Testing Tools Online

Collection Of The Best Email Testing Tools Online

Don’t be afraid of email testing. There are many free or freemium tools online that can help you with testing your SPAM score, deliverability and even the rendering of your email. We feature 30 email testing tools in...

Roland Pokornyik
Roland Pokornyik 31 October 2016
Read more
4 Important Digital Marketing Channels You Should Know About

4 Important Digital Marketing Channels You Should Know About

It goes without saying that a company can't do without digital marketing in today's world.

Digital Doughnut Contributor
Digital Doughnut Contributor 5 November 2014
Read more