Remaining Viable: How, Insurers' Cybersecurity Is A Major Problem

Sean Tilley 19 January 2024

Remaining Viable: How, Insurers' Cybersecurity Is A Major Problem

Insurance companies offer cybersecurity risk protection to other firms – including banks and wealth managers – but their own vulnerabilities are important, and need to be tackled.

Cybersecurity threats have spawned an insurance market to handle these risks. One report pegs the size of the cybersecurity insurance market at $1.6.4 billion (Global Market Insights, August 2023). And yet it is worth considering that insurance is not just important for the risk mitigation approach of clients such as wealth managers. Insurers can be targeted by hackers themselves. 

To consider how and why the insurance sector is on the receiving end of attacks, we carry this article from Sean Tilley, senior director of sales, Europe, Middle East and Africa, at 11:11 Systems, an IT service management business. The editors are pleased to share these insights; the usual editorial disclaimers apply. To respond, email

The insurance industry is a prime target for cybercrime. Cybercriminals, who know that it is a treasure trove of sensitive data, are searching for ways to access it. This is evident in the growing number of insurance companies that have been hit with ransomware, phishing, and other types of cybercrime in the past year. This is supported by the IBM Cost of a Data Breach Report 2023, which states that the financial industry was the second hardest-hit sector overall in terms of cost per breach.

According to research findings from Cybereason, the financial services industry is besieged by ransomware, data theft, and phishing attempts, ranking among the top three sectors most likely to be attacked. Notably, cybercrime has maintained its position as the most prominent global risk in this industry since 2020.
In a crowded market, a strong cybersecurity posture can be a significant competitive advantage for any business. With insurance companies collecting large amounts of customer data and customers growing increasingly aware of the importance of cybersecurity and conscious of whom they want to give their data to, cybersecurity must be a top priority for these companies and their providers if they are to meet their various stakeholders’ requirements.

Protecting sensitive data
Insurance companies collect, manage and store massive amounts of Personal Identifiable Information (PII) which is sensitive and confidential data ranging from personal information to financial records and medical data. Keeping this information secure is paramount for not only maintaining customer trust but also for meeting regulatory requirements which stipulate how to handle customer data – placing additional pressure on insurance companies to keep it safe.

As such, insurance companies must adapt their cybersecurity strategies to stay one step ahead of the evolving threat landscape where cybercriminals, who are becoming more sophisticated, are employing new tactics and technologies to breach security systems and access data.

Eroding trust and soaring costs
Trust is the foundation of any business, and the insurance industry is no exception. Customers entrust insurance providers with their personal data and in return expect these companies to have measures in place to protect this data. A data breach or cyber incident not only erodes trust, damaging the company’s reputation, but can also have severe financial ramifications for the organisation.

While it can be costly to investigate, mitigate and recover from a cyber incident, in some instances, insurance companies may be held liable for the losses incurred by their policyholders due to cybercrimes. Further cyber attacks can disrupt an insurance company’s operations, affecting its ability to serve its customers, process claims and conduct business efficiently, potentially leading to further financial losses and customer dissatisfaction.

Third-party risks
While insurance companies need to maintain stringent security standards within their organisations, it is equally important that they are aware of possible external risk factors too.

Insurance providers often collaborate with a network of third-party partners such as suppliers and outsourced partners, among others. These connections create additional vulnerabilities to the security posture of a company, while at the same time, the insurance companies retain regulatory responsibility for their third-party contracts. As such, insurance companies will be held accountable for weaknesses in their third-party partner contracts and need assurances that the same level of cybersecurity practices are in place across their third-party network. This must include ensuring that any potential risks are appropriately identified, managed, and mitigated to avoid a wider breach across the company which could affect customers.

Cyber resilience
Building a culture of cyber resilience is key to establishing operational resilience which is a business’s ability to continue its critical functions and deliver services in the face of various disruptions. This is particularly important for insurance companies; to achieve this they will need to move beyond focusing on digital defences and foster a culture that anticipates and mitigates threats as they evolve. A robust cybersecurity infrastructure is the cornerstone of this resilience, serving as the foundation for all other measures.

At the same time, these organisations need to run regular system updates which are part of the foundation to ensure that its defences are equipped to handle the latest threats. Employee training also plays a crucial role in improving an insurance company’s cyber resilience and thereby operational resilience as a workforce that can identify and respond to potential threats is a powerful deterrent against ransomware attacks.

Get ready for the recovery
However, as prepared as a company’s defences are, it needs to be equally prepared for recovery after an attack because, in today’s environment, it is not a case of if but when an attack will occur. Beyond prevention, cyber resilience encompasses readiness for recovery. Having a comprehensive cyber incident recovery plan in place is critical for every insurance company. This plan serves as a roadmap for navigating the aftermath of an attack, detailing the steps that it must take to recover compromised data, restore operations and mitigate damage, including periodic cyber recovery simulations to improve its overall cyber resiliency posture.

Regular immutable or tamper-proof data backups are a key part of this recovery process, particularly for insurance companies that manage vast amounts of customer data. Ensuring that a recent and clean copy of vital data is always available can significantly improve the chances of a successful cyber recovery. Similarly, having clear protocols and procedures for responding to an attack and continuously monitoring and improving these measures as the threat landscape evolves can help an insurance company not only manage the situation efficiently but also minimise downtime.

Cybersecurity brings long-term viability
Cybersecurity is not just a short-term concern but a fundamental component of an insurance company’s long-term viability. Those who invest in robust cybersecurity measures are better positioned to survive and thrive in a digital age, improving their cyber and operational resilience and their ability to recover quickly. Those who neglect to address cybersecurity adequately are likely to experience devastating consequences, affecting their finances, reputation, customer trust and legal standing.

Insurance companies can enhance their operational security and demonstrate a strong commitment to customer and societal wellbeing by acknowledging the significance of cybersecurity and implementing robust protective measures. After all, cybersecurity is a crucial investment for the long-term sustainability and success of the insurance sector.

About the author
Sean Tilley, who has worked at NormCyber and Sungard, is senior director, sales, EMEA, at 11:11 Systems. 11:11 Systems is a managed infrastructure solutions provider which operates in Europe, North America and Asia-Pacific. It is headquartered in the US.

Register for WealthBriefing today

Gain access to regular and exclusive research on the global wealth management sector along with the opportunity to attend industry events such as exclusive invites to Breakfast Briefings and Summits in the major wealth management centres and industry leading awards programmes