The importance of plugging insurance cyber response gaps

With the Bank of England recently warning of cyber response gaps in the insurance sector, we explore the risks that need to be considered

The rising volume and sophistication of cyber attacks over recent years have hit hard across all industries, including insurance, with the Bank of England recently warning of “gaps” in the cyber response of insurance institutions.

The warning also stated that insurers were firstly not aware of the likeness of an attack, and secondly not prepared to respond effectively, prompting a review into the security posture of insurance firms.

Particularly during times of heightened economic uncertainty, businesses must be well equipped to respond to malicious threats from by cyber criminals. The effects of such attacks have been evidenced continuously over recent years, causing mass disruption, reputational damage, and the potential for significant financial losses.

With increasing regulatory pressure, businesses must work to ensure their cyber posture is resilient in order to protect themselves, and their customers, from future threats.

>See also: Q&A: the impact of big data on the insurance industry

Common threats

There are multiple different avenues that cyber criminals take to gain access to information and exploit sensitive data. They are often highly sophisticated and difficult to detect without proper cyber detection tools and protocols in place.

The insurance industry, like many industries, commonly faces threats including ransomware attacks, email phishing, data exfiltration and distributed denial-of-service (DDos) attacks. Such threats entail operations such as denying access to programs until a ransom is paid, stealing passwords, exploiting vulnerabilities in systems and much more – and severe.

Cyber criminals are always looking for new points of entry to breach endpoints and applications, requiring organisations to constantly monitor their networks and restrict access to valuable data stores. With multiple routes in, the job of protecting is not straightforward, especially for those whose expertise lay outside of the cyber remit, evidenced by the fact cyber insurers are receiving increased losses due to cyber related breaches.

The Bank of England’s initial review of the insurance industry found that there was a large variation around the perceived likelihood of various cyber attack scenarios within the industry, highlighting preparedness as a key area for improvement.

Why the insurance industry?

The insurance industry is a lucrative target as organisations hold large amounts of private and sensitive information about their policy holders who, rightfully so, have the expectation of their data being kept safe and secure. This makes it no surprise that the industry is a key target for cyber criminals due to the massive disruption it can cause and the potential high financial reward on offer.

Research shows that 82 per cent of the largest insurance carriers were the focus of ransom attacks in 2022. It is expected that the insurance industry will only become a more favourable target, and these types of disruptions will become increasingly severe.

The insurance industry is one that has embraced innovation and new forms of technology in its practices over recent years in order to offer their customers a seamless experience. In doing so, alongside the onset of remote working catalysed by the pandemic, they have increased their threat surface.

Almost all of us have some kind of insurance, whether it be on a personal level such as home insurance and pet insurance or on a larger scaler, such as cyber insurance or employers’ liability insurance. These are just the tip of the iceberg, so when cyber criminals look to exploit data, the insurance industry is a primary target due its huge customer base.

Insurers that provide cyber insurance coverage, in particular, are at increased threat. If networks are compromised, cyber attackers and ransomware operators will have access to sensitive data such as policy details and security standards from the cyber insurer’s customers.

Information such as ransomware payment policies can be hugely lucrative for cyber criminals when picking their next target. Organisations need to prepare for when, not if, an attack occurs as well as preparing both preventative and reactive responses to avoid becoming the victim of a major attack.

>See also: Top UK cyber insurance providers

The future of the industry

With experts predicting that the insurance industry will come under increased pressures from cyber criminals over the coming years, organisations must put in place cyber technologies and policies to secure data for both the customer and the business.

When new technology is incorporated into processes, organisations must have a corresponding and effective policy in place, as well as user training to educate against the risks. Effective reporting systems will help increase awareness and reduce the risk of human error when it comes to endpoints and applications.

The insurance industry can be of high value to cyber criminals and insurers must take a proactive approach to understanding the threat they face in order to protect against ransomware attacks, data leaks and further cyber crimes.

Achi Lewis is area vice-president EMEA at Absolute Software.


Information Age Roundtable: protecting the digitally vulnerable in insuranceAn Information Age and Callminer roundtable discussed how the insurance sector can protect digitally vulnerable customers.

UK Insurtech CDO discusses his role and the promise of the sectorTo find out about the growing UK Insurtech sector, Information Age spoke with data leader Stewart Duncan.