Supply chain attacks and ransomware remain a real issue for the insurance sector
The Cost of a Data Breach report from IBM has revealed that the financial sector (including insurance) has the second highest average cost of a data breach at $5.97 million. This is up from $5.72 million last year and positions the sector just below healthcare in the costliest sector for a breach to occur.
These figures are considerably higher than the average cost, which is up this year to $4.35million, up 2.6 percent from last year and an incredible 12.7 percent from 2020.
Such huge figures should act as a warning to all companies in the insurance sector. As well as the financial cost, the nature of the type of data held by an insurance company means that any breach has a disastrous impact on reputation, customer trust and day-to-day business.
As well as the financial cost, the nature of the type of data held by an insurance company means that any breach has a disastrous impact on reputation, customer trust and day-to-day business. Click To TweetIn light of this and the increasingly sophisticated threat from cybercriminals, insurance firms need to up their focus on implementing cyber defences that keep the criminals out and data secure.
Companies are suffering more than one breach
Another stand-out statistic from the report was that many companies have suffered more than one breach. 83 percent of organisations have seen their data accessed by unscrupulous criminals on more than one occasion.
This points to a huge issue in general, particularly in the insurance sector. With data held by insurance firms so valuable, the sector becomes a natural target for cybercriminals who will make multiple attempts to gain access.
The Cyber Insurance Risk report has revealed that the rate of hacks on the insurance sector has increased 300 percent in the last year and that 82 percent of the largest insurance carriers were the focus of ransomware attacks.
Cybercriminals target the insurance sector because of the data they hold and the likelihood that they will pay the ransom. Most insurance providers seem more willing to pay the ransom than lose data and suffer service outages. Therefore, a successful hack can be hugely profitable for cybercriminals.
Ransomware attacks are the most expensive type of breach
The trends in ransomware attacks are also borne out in the Cost of Data Breach report.
The report reveals that ransomware remains more expensive than the average cost of a breach. Although slightly coming down from last year, it still comes in at $4.54million per attack.
Ransomware is a real issue for all companies across all sectors. However, the consequences of such a breach are even more serious for those sitting in a highly regulated setting as insurance. The overall picture across sectors shows that the share of breaches caused by ransomware has grown since last year, up 7.8 percent from 2021 to 11 percent in 2022, a growth rate of 41 percent.
Cyber resilience and isolated data silos are now key
The other issue with ransomware is that traditional backup and disaster recovery solutions cannot protect firms from such threats. The nature of the malware used is that it actively seeks to encrypt or delete backups.
However, some insurance firms are turning to cyber resilience solutions. One key aspect of the cyber resilience tool kit is cyber recovery. It differs from disaster recovery as it provides an isolated, operational air gap for data vaulting. This is a crucial difference. A true logical air gap needs to be inaccessible and offline – not just in a different location; otherwise, it can still be compromised by cybercriminals.
Unlike data recovery, cyber recovery identifies critical data and claims it. DR takes the data pushed from the website or infrastructure. It is not specifically identified as key data and comes in huge volume. DR then takes the large quantity of data collected and places it in a data centre and sometimes a secondary backup data centre. In contrast, the cyber recovery solution takes the business-critical data collected. It holds it in separate offline silos, ensuring that the data is inaccessible to criminals who might gain access to infrastructure.
The data is collected also means that the silo is only open for the split second it needs to grab what it has identified as business-critical information. The DR solution approach means that the portal is almost constantly open, offering cyber criminals an easier route in.
So, protecting data by taking it out of the reach of cybercriminals will be critical. It will also be important for the insurance industry to shut down all vulnerabilities that can give access to data.
Identifying vulnerabilities within supply chains
The Cyber Insurance Risk report highlighted the threats facing the insurance sector. 100 percent of insurance underwriters indicated that alongside ransomware, supply chain attacks were among their top-three biggest concerns from a threat standpoint.
This is backed up by findings in the Cost of a Data Breach report which showed that supply chain attacks now make up one-fifth (19 percent) of all breaches. Some of the most high-profile attacks over the last couple of years have been made through third parties rather than directly attacking the primary company.
In an increasingly digitally connected sector, the insurance industry has to do more to identify and plug vulnerabilities within its supply chain.
Gaining a 360-degree view of supply chain vulnerabilities through AI
Having the ability to gain a 360-degree view of potential vulnerabilities within your supply chain before they are exploited is going to be increasingly important.
There are AI-powered solutions that give companies precisely that. They can provide an insurance firm with a view of not just their security but also their entire supply chain, end-to-end, giving them insight into possible vulnerabilities which otherwise might be missed.
This allows insurance companies to have an informed discussion with partners to help close gaps in security. With this information, companies can also be confident that they are adhering to regulations with closed vulnerability.
Without an ongoing, intelligent view of all the possible vulnerabilities throughout a supply chain, it is almost impossible for companies to be entirely secure. With partners inadvertently offering cybercriminals an entry through the ‘back door’, companies must do more to close supply chain weaknesses. With a 360-degree view, you can be confident that you are as secure as possible and adhering to an increasingly complex regulatory landscape.
The threat against insurance sector is facing an increasingly sophisticated threat from cybercriminals. Not only is the result of a breach costing more than ever (both financially and reputationally), but criminals are finding new, innovative ways of gaining access to the sensitive data held within insurance organisations.
Identifying and shutting down vulnerabilities across supply chains and networks is critical. If the worst does happen, though, following a cyber resilience strategy and keeping data out of reach of cybercriminals, even if they have gained access, is an important step to keep data safe, remain in line with the regulation and avoid the increasing cost of a data breach.