The Internet of Things has provided opportunities for insurers to introduce new products, streamline processes, and improve customer service. However, if not appropriately managed, technology also provides a multitude of opportunities for cybercriminals.
In a recent survey conducted by Accenture, “Gaining Ground on the Cyber Attacker: 2018 State of Cyber Resilience,” insurance organizations survey reported being able to prevent 87% of all cyber attacks in 2017 — a 70% jump over the previous year.
Today, the insurance industry needs to be aware of the shifting changes in current and developing cyber liability risks that can put organizations at risk. They include:
A Rise in Ransomware Attacks
Last year, Symantec recorded an average of 1,242 ransomware detections each day, with no slowdown as we move toward 2019. Unfortunately, a quick online search can provide interested individuals with a wide variety of information on becoming a hacker, including e-books, tutorials, and even how-to kits. Not only has this increased ransomware attacks, but it has made hackers privy to new tactics designed to cause even more destruction to systems besides the encrypting of files.
Increased Use of Cloud Storage
The cloud isn’t new; however, as insurance companies continue to gather vast amounts of big data, many will be looking to the cloud to increase their data storage capacity and modernize their legacy technologies. But the cloud isn’t bulletproof when it comes to cybercrimes. For example, while data stored in the cloud isn’t shared, the facilities where it is housed typically are. This can increase the risk of a malicious file being uploaded to the same server on which the insurance company stores its data. Where the server is located is another consideration, as privacy laws in other countries will differ.
Wider Gaps in Internal Controls
According to Accenture, seven in 10 cyberattacks that occur in the insurance industry have originated from the inside (think phishing, social engineering, stolen financial information associated with premium payments, acquiring the identity of a claims processor, etc.). Today, as many insurers begin to modernize and streamline processes, they must close the gap on growing compliance issues to align with data security standards to better protect their network and customer information.
Reducing the Risk of Cybercrime
According to Accenture, organizations looking to improve business models while lessening their exposure to a cybercrime should begin with the protection and hardening of core assets by:
- Identifying data that is the most critical to their operations, is subject to the strictest regulatory penalties, and contains trade secrets such as key market differentiators.
- Making it difficult for hackers to tap into their system with a layered approach that includes encryption, tokenization, micro-segmentation, privilege and digital rights management, selective redaction, and data scrambling.
- Making high-value assets that reside on legacy applications a priority with strategies that include restricting access and improving monitoring efforts.
- Developing a crisis management plan that includes business continuity and disaster recovery — one that addresses a worst-case scenario.
Cybercrimes are no longer an “if” — but a “when.” This is why organizations must be proactive and invest fully in the cybersecurity of their company by becoming aware of the risks and then taking the appropriate security measures. Today, many insurers are looking to incorporate some sort of automation into their cybersecurity practices to remove some manual processes and improve access management.
Today’s technology has allowed insurers to engage policyholders through the channels they use the most. As more companies begin to adopt digital payment platforms, it will become increasingly critical to process payments securely. One Inc. cleanses your network of sensitive payment data by capturing and tokenizing payment card information, so private financial information never touches your network, thereby eliminating the risk.
For information about how One Inc. can help you securely process policyholder payments through the channels your customers use every day, contact us today.