Our growing dependence on technology has made us increasingly more vulnerable to cyberattacks. Hackers infiltrate everything – governments and universities, insurance corporations, affecting millions of people. As technology evolves, cybercriminals are finding new ways to exploit organisations and individuals. In a recent roundtable discussion, hosted by thee tech consultancy Future Processing, Chief Technology Officer at tech firm Sea Green, Phil Ford, and Vice President of Industry Relations at data intelligence company Solera, Bill Brower, discussed the importance of having effective cybersecurity across the insurance industry.
Under attack
To start, it is important to understand the various ways in which cyberhackers will initiate an attack. One of the most common forms of cyberattacks is malware, a malicious software specially designed to trick users into installing faulty programs to their devices, which acts as a window into a company’s systems. The industry has also seen a rise in phishing, which involves using fraudulent websites, emails, or text messages to get unsuspecting users to reveal passwords, banking credentials, and other sensitive information.This is also linked to DNS spoofing, where cyber hackers will send online traffic to a “spoofed” or falsified website that replicates a user’s intended destination, resulting in them inputting sensitive data which the hacker can steal.
In the insurance industry, most small brokers will have antivirus on their devices as standard, while larger businesses will (or should) have fully fledged teams dedicated to cyber attack prevention. But although these are important prerequisites for effective cybersecurity prevention, Ford explained that cyber hackers target members of the team who perhaps lack the specialist knowledge of a CIO or CISO, which is why the entire team should be trained to understand and identify cyber threats, so they are aware of the risks and how to prevent them.
Proactive approach
When we look ahead to the future of cybersecurity in insurance, it’s important to keep in mind that everything can change in an instant. Ever-evolving technologies will regularly supplant legacy systems, meaning insurance companies must know about the latest innovations and how they affect their business.
According to PwC’s Cyber Security Outlook 2023, Cloud-related threats top the list of cybersecurity concerns that UK senior executives believe will have a significant impact on their organisations this year. A third expect Cloud management interfaces to increase significantly, while 20% expect attacks on Industrial IoT (IIoT) and operational technology (OT). However, traditional cyberthreats will remain, with more than a quarter anticipating email compromise, ‘hack and leak’ attacks, and ransomware attacks to significantly increase.
All too often, companies work reactively, only choosing to implement cybersecurity measures after a serious breach. It is vital, however, they take proactive precautions to deliver long-term protection.
Managing and protecting data
During the roundtable discussion, Brower explained that proper management and protection of data helps build trust among partners and consumers in a highly competitive market. In the past, paper processes greatly increased the risk of customer’s having their data stolen. Now, technology can be used to remove,but not completely eliminate, human touchpoints.
Moving away from paper towards touchless claims certainly gives cyberhackers more opportunity to steal data, but AI and machine learning can be implemented to assess and validate claims swiftly, resulting in less fraudulent claims. What’s more, because cyberthreats are constantly evolving, implementing technology like AI and machine learning, which is able to keep pace with the rate of change, means insurance companies can remain ahead of the curve.
Looking ahead
The past year has been filled with high-profile cyber-attacks, with the likes of British Airways, Boots and Aer Lingus making headlines after hackers were able to infiltrate their systems to expose employee and customer personal data. Major incidents like these prove that even the largest and seemingly robust organisations can fall victim to a well-executed cyber attack.
With technology in a constant state of flux, it is crucial for insurance companies to take a proactive approach to cybersecurity. This means introducing added layers of security, hiring individuals or teams dedicated to cybersecurity, educating employees, and implementing technology to safeguard data and processes. Doing these things will not only help reduce the threat, but stem the spread in the event of an attack.
