7 March 2017Insurance

Insurers’ cyber risk vulnerabilities laid bare

Cyber risk is increasingly becoming a worry for insurance companies as the industry accelerates the digitization of the business, according to a Boston Consulting Group (BCG) report.

In addition to growing digitisation, the consultancy noted that more sophisticated hacker techniques and the growing volume of highly confidential customer information that’s available through online systems is adding to the industry’s vulnerabilities.

In conjunction with increasingly strict regulations on data privacy, the insurance sector needs to rethink its cyber risk management model, according to BCG.

Cyber risk was barely on insurance companies’ radar screens a decade ago. But as insurers evolved to meet customers’ emerging demands in terms of digital offers and online services, and as they modernized their operations, it was inevitable that they would expose themselves to some new areas of risk, BCG said.

The cyber risk threat for insurers is increasing as attacks are on the rise.

The number of reported records breached globally jumped by 73 percent to 1.9 billion in 2016 compared to 2013. At the same time, the number of reported cyber-attacks increased 58 percent to 1,900 over the period.

News on cyber-attacks are reaching greater audiences, potentially tarnishing the company’s reputation. Cyber-attacks mentions in key agency reports and brought to the attention of regulators have increased by 150 percent in 2016 compared to 2013. Cases referenced in broker research and brought to the attention of investors increased by 129 percent over the period. Articles in leading publications impacting reputation of companies has grown 113 percent over the period.

Insurers’ vulnerabilities are boosted by digitisation of operations, but also through collaborations with other companies or the use of third parties, as well as new software and IT solutions such as cloud computing.

Major operational losses, stemming from intrusions and breaches, are becoming more common. Although recovery costs are usually measurable, the impact on a company’s reputation is much harder to assess. These real-world developments have shown insurers that they need to invest heavily in not only technology but also end-to-end risk management techniques to adequately protect their business against cyber threats.

Insurers need to treat cyber risk in much the same way that they treat traditional insurance risks, namely by defining the level of exposure they are comfortable with and prioritizing investments accordingly, BCG said.

Today’s top stories

AIG appoints new chief information officer as Fasano resigns

Aon Risk Solutions appoints new UK CEO as Tunnicliffe steps down

Lloyd’s syndicates flock to India

Insurers brace for potential surprises in UK's Spring Budget

Did you enjoy reading this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.

Already registered?

Login to your account

To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.

Two Weeks Free Trial

For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk


More on this story

Insurance
24 April 2017   The cyber insurance market will become more resilient if it is considered as a standalone line of business rather than a peril, according to JLT Re.
Insurance
10 April 2017   US property/casualty insurer Travelers has announced that it will offer pre-breach cybersecurity services from Symantec to its cyber policyholders.
Insurance
27 March 2017   Specialist commercial insurer CNA Hardy, re/insurance broker THB, and cybersecurity specialist Waterfall Security Solutions have entered into a partnership to provide a new cyber security protection package for industrial businesses globally.