Other parts of this series:
Hacking has become quite common and an effortless procedure today. Every other month we hear about a new type of cyber attack, with hackers finding novel ways to outmaneuver companies’ defense strategies. Despite this, when we talk about cybersecurity, we immediately relate it to the banking sector, without realizing that insurers are equally, if not more, susceptible to such attacks.
Insurance firms possess large amounts of personally identifiable information (PII) and protected health information (PHI) in a digital format. They often fail to secure this data, inviting cyber criminals—who are aided by the decreasing cost of technology—to easily carry out malicious attacks. Moreover, the rising value of PII and PHI in the black market works as an incentive for the attackers.
Accenture recently conducted a wide-ranging survey to gauge the preparedness of insurance firms in protecting their assets and customers from fraud, malware, cyber attacks and a host of other security breaches. And, the results are alarming!
- 4 out of 5 insurers expressed confidence in their abilities to protect their organizations from cyber attacks. Yet, an average firm faced 113 targeted cyber attacks per year!
- 72% insurers said they have completely embedded cybersecurity into their cultures, and yet, 1 in 3 targeted attacks result in a security breach. That’s nearly 3 effective attacks per month!
- Many companies invest ineffectively in cybersecurity:
- 33–51% would spend extra budget on the same things they’re doing now.
- 30% would invest in mitigating financial loss.
- 16% would invest in cybersecurity training.
It’s more severe than we think
The Accenture survey results should ring warning bells for the overconfident insurers out there! Cyber attacks are no longer a matter of “if”, but “when”. It’s time for life insurers to beef up their defenses and invest more appropriately in building an effective cybersecurity foundation.
In my next blog, I will share few simple, yet effective, tips for life insurers to stay ahead of potential attackers. Until then, please read our point of view Insuring Your Future: Cybersecurity and the Insurance Industry for more insights on the cybersecurity conundrum in insurance.