Insurers need to be mindful as cyber criminals change tactics: report
Insurers underwriting cyber risk will need to be very mindful as mass homeworking during the global COVID-19 pandemic lockdown has exposed new access points for cyber criminals to gain entry to corporate systems, suggests a new Aon and CyberCube report.
The widespread homeworking has created new vulnerabilities for criminals to exploit, and exposed the public to a higher level of well-established cyber scams such as form-jacking and spoofing.
According to the report, criminals have also exploited the public’s need for information on COVID-19 to create a range of social media and text message attacks, particularly in those countries worst affected by the virus.
Analysts at Aon and CyberCube suggest that organisations that rapidly deployed new technology, applications, services, or systems at the onset of the pandemic should now be focused on taking a look back and ensuring that they have implemented best practices in security configuration and architecture.
Darren Thomson, CyberCube’s head of cyber security strategy, said: “Homeworking is one of the biggest changes people have had to handle during the pandemic but it’s here to stay – and that’s changed the footprint of organizations’ IT systems. More laptops, more mobile access, more devices that were never designed for corporate work – and employees juggling work life and home life on the same machine.
“Insurers underwriting cyber risk will need to be very mindful of these changes and how they affect an organisation’s risk profile. These are new norms that need to be incorporated into their underwriting appetite in addition to well-established threats like ransomware, which shows no signs of diminishing. Indeed, homeworking may slow the ability of policyholders and insurers to respond quickly to ransomware infections.”
Jon Laux, head of cyber analytics, Reinsurance Solutions at Aon, said: “The lesson this report draws is that cyber-security at home is a different animal to cyber-security in the workplace. Organisations are going to have to think more laterally. They’ll need to be more user-centric with a particular focus on employee’s own devices and the cloud-based applications they use.
“The traditional approach to cyber security must be replaced by something that recognises users will operate in a decentralized and remote fashion. For large organisations, that’s going to create a lot of change management to handle.”
Already registered?
Login to your account
If you don't have a login or your access has expired, you will need to purchase a subscription to gain access to this article, including all our online content.
For more information on individual annual subscriptions for full paid access and corporate subscription options please contact us.
To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.
For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk
Editor's picks
Editor's picks
More articles
Copyright © intelligentinsurer.com 2024 | Headless Content Management with Blaze