Insurers’ cybersecurity improves despite more attacks
Insurance companies repelled 78% of cyberattacks last year, up from 70% the previous year, according to Accenture’s recent survey of 33 carriers, “Insuring the Future: 2018 State of Cyber Resilience in Insurance.”
The improvement comes despite an increasing number of attacks overall. Most common are attacks that originate internally at insurance companies, at a clip of about seven in 10. Accenture notes that insurers are seeing more attacks come along with fraudulent access.
“Criminals just have to acquire the identity of a claims processer, or pretend to be an agent. Using stolen credentials, phishing attacks, social engineering or other cyber techniques can make that happen,” write survey authors Chris Thompson, senior managing director; and Nadine Moore, managing director. “Consequently, the growth of fraud has accelerated, can be committed faster and is lower risk for the criminals.”
Insurance companies are also fighting a unique two-front war against digital criminals. Not only are they tasked with defending their own networks, but they also are increasingly charged with defending the networks of their customers through evolving cyberinsurance products. Investment in technology will be key to managing this increased workload, Accenture says, especially as the Internet of Things expands.
“The Internet itself may be weaponized with the proliferation of unsecured devices, and our offices and homes may be peppered with devices that can be used as hiding places and attack vectors for criminals,” the survey authors write.
Many insurers are looking to incorporate some sort of automation into their cybersecurity practices, with four in 10 indicating interest in robotic process automation or AI. This helps security teams respond in near-real-time, and gets rid of some manual processes to clean up access management, Accenture notes.