X
NEXT
Forgot password?

DigitalXRAID

The Threats Insurance Companies Face

Insurance companies have had little change in the current COVID-19 climate in terms of the running of their business, consumers still need insurance. However, threats to insurance companies have increased since we have entered this difficult time.

Threats that will stay

Infrastructure

There are always going to be hackers looking for a payday and they know insurance companies have the money to pay. Insurance companies can’t afford to be without their network for even an hour and hackers prey on such instances.

Social Engineering

Phishing is always going to be a constant in the insurance industry. Identifying an easy target and phishing/spear phishing is one of the easiest ways for a hacker to find their way into a network.

New Threats

Increase in attacks

With more people at home, more people losing jobs and more people needing more money the threat is increasing the longer we are quarantined. The increase includes insurance fraud and infrastructure attacks. Desperation could cause people to do dangerous things. As we are in a connected world it would not take long for any individual to find malware online and send it. Whether it be a disgruntled customer, disgruntled employee or a desperate individual the time to be extra vigilant is now.

What insurance companies will be at risk?

Quite simply, all of them. Any insurance company will come across individuals that are not happy, and these individuals could turn into huge threats for the business. To the extent they could try to maliciously attack a business, and with little to no knowledge be empowered by the web. Find like minded individuals, increasing the threat. The dangers then multiply, this is not a risk worth taking.

The measures the Insurance industry can take?

Our last blog included some of the threats insurance companies, but now we are going to look at how to mitigate those threats.

Compliance Mandates

The insurance industry is heavily regulated by different compliance mandates. Which does a lot to help the way they manage, store and use information that they have. Ensuring compliance in something like the ISO-27001 information management standard goes a long way to mitigate threats.

Penetration Testing

Insurance companies are also required to test their network infrastructure regular to ensure that their infrastructure is secure. This includes web application and infrastructure penetration testing.

What more can be done?

Phishing training and awareness is something that isn’t pushed down by compliance, but it is a huge threat to the insurance industry. Even with filters and security software to pick up malicious emails there is always something new that can get through undetected at which point the attack is dependant on the recipient. Often somebody that isn’t technically minded, and someone that may only know the basics of what to look for in a phishing email. Phishing training and awareness can help mitigate this risk, and help employees learn not to trust emails and ensure they check everything.

Previous Article

Why Councils Are Being Targeted By Hackers

Next Article

Explaining Cyber Security – The Easy Way

Cyber Security Experts

Accredited and regulated, we're in the top 1% of cyber security agencies globally

Crown Commercial Service Supplier Cyber Essentials Plus ISO 27001 BSI ISO 9001 CHECK NCSC Cyber Incident Response CREST

We’re trusted by the UK Government as Crown Commercial Service providers as well as being accredited by two of the leading cyber security governing bodies. Our ISO9001 certification means you can rest assured our processes and approach are market leading.

Protect Your Business & Your Reputation.

With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.

Speak To An Expert

x

Get In Touch

[contact-form-7 id="5" title="Contact Us Form"]