The Insurance industry is one of the richest data-driven businesses there are. They collect their customers’ financial, medical, professional, and personal information. This is why they have the obligation to protect such data and keep it safe. Consequently, cyber-attacks to insurance companies can be devastating and put at risk millions of people’s information.
During last year, we saw some of the worst cyber-attacks in history, with the NotPetya attack costing billions of dollars. This malicious ransomware attacked hundreds of companies around the world. Such vulnerability within the insurance industry could be as destructive, or even more than NotPetya was.
Number of Cyber-Attacks to Insurance Companies
Cyber-attacks to insurance companies target one specific branch of the business. According to WebMD, hackers are targeting medical data, and health insurance providers are particularly at risk. From all the data breaches that took place between 2010 and 2017, 63% of them involved medical data. This represents a total of 132 million breached medical records that year.
The most damaging cyber-attacks to insurance companies, however, were detected during 2015. Insurance providers such as Anthem, Premera Blue Cross, and CareFirst Blue Cross Blue Shield had almost 100 million records stolen during cyber-attacks. Not only that but in 2017 Anthem confirmed that the records of 18,500 customers had been compromised too.
How Do Insurance Companies Protect Your Data?
Despite the amount of sensitive information insurance companies have collected for years, digitalization of the business caught insurers off guard. This creates several challenges that insurance companies are currently facing. Even when several insurers are investing more in cybersecurity, there are still weak areas within the business that hackers take advantage of.
According to the 19th EY Global Information Security Survey by Ernst & Young, 49% of the 1755 insurance companies that took part in the survey discovered incidents of cybersecurity. Besides, 71% of those companies considered themselves ready to face an attack of this kind. Interestingly enough, only 11% of the companies believed they had taken the proper security measures to protect data.
What Strategies Do the Need to Implement to Reduce Cyber-Attacks to Insurance Companies?
There is a clear need for a better understanding of cybersecurity within the insurance industry. The current lack of proper measures to prevent hackers from breaching their data is worrying. This leads to a significant exposure to several risks, including infrastructure vulnerability, identity theft, and malicious codes systemic infection.
It is important for insurance companies to invest in efficient, professional, and specialized IT teams and consultants. The development and implementation of data security protocols are essential too. In addition, companies can’t forget to educate employees and partners on how to detect suspicious activity or malicious software.