Cyberattacks Against Insurance Companies – What Can be Done?
This post is also available in: 
עברית (Hebrew)
The recent cyberattack on the systems of the Israeli insurance company Shirbit by a group of hackers named BlackShadow raises concerns about the cyber resilience of financial institutions. The hackers tweeted photos of ID cards, drivers’ licenses and forms containing private information including names and addresses.
Accenture’s State of Cyber Resilience for Insurance report published last July reinforces the concern that, in 2018, insurers’ cybersecurity efforts were often “buying time” against threats that now are rising.
The good news is that successful breaches against insurers are down 42 percent from 52 breaches on average in 2018 to 30 breaches now. Previously, only 9 percent of insurers could detect a security breach within 24 hours. That number now is 32 percent. While the 2018 study found only 33 percent of insurers could remediate a breach in 30 days or less. Today that number is 72 percent.
Interested in learning more about financial organizations’ cybersecurity? Attend INNOTECH 2020 international conference broadcast on innovation, cyber and HLS on December 8-9.
However, with attacks on the rise and coming from new directions, insurers face a handful of challenges that stretch their ability to respond:
- Indirect attacks are increasing.
- Recovery time is lengthening.
- Insurers are investing but fear they can’t maintain the pace.
The survey also found that elite cyber resilience insurers performed better. 88 percent of elite insurers detected breaches in less than a day, versus only 26 percent for non-leaders.
The report recommends that insurance companies take immediate steps toward improvement, including:
- Prioritizing speed – speed measured by how quickly they can detect, respond and return to normal after a breach, is a priority for leading insurers.
- More training about security tools
- More collaboration within and outside the organization
- Shoring up defenses against indirect attacks by establishing policies, governance and enforcement such that third parties connected to their networks follow the same high-security standards they do.
