Search      Advanced Search | Browse By Topic
Magazine Content
Home
Features
Columnists
Industry Risk Reports
In-Depth Series
Special Reports
Point/Counterpoint
R&I One® Content
News & Analysis
Editor's Choice Stories
Resources and Tools
Power Broker® Directory
Risk InnovatorTM
Emerging Risks
Top Employee Benefits Consultant
Executives To Watch
Insights
Industry Events
WorkersComp Forum
Award Nominations
Webinars
RSS
R&I Information
Subscription Center
Advertiser Information
About Us
Contact Us
 

Newsletter Sign-up

Click on the name of the free newsletter below to preview:

R&I One®
WORKERSCOMP Forum TM Update
HTML Text
E-Mail Address:


Click here to unsubscribe
Privacy Policy
Preferences
 

Insurers Suffer from Security Breaches

The rampant use of mobile devices and older information-security programs were two reasons breaches were high for insurers.

Print Email Add to Facebook Add to Twitter Add to LinkedIn Write to the Editor Reprints

Forty percent of major insurers have experienced one or more security breaches in the past 12 months, according to a global survey of chief security or information security officers at 46 major insurance organizations by Deloitte.

That's compared to one-quarter of financial institutions, which suffered a security breach in 2011.

"I think, from an overall perspective, the insurance market is not really as focused on this area" as other financial services, said Vikram Bhat, a principal at Deloitte's financial services security and privacy team in New York.

Historically, he said, banking and other financial services have come under more cyber risk pressure, but due to a combination of a changing regulatory climate and "the bad guys figuring out there is an opportunity," the insurance industry is being hit more often. In addition, he said, information security programs in the insurance industry are generally not as mature as in other financial sectors.

"As a broad statement, it's lower but it's changing and people are starting to invest and react to the incidents that are happening," Bhat said.

Lack of budget and/or resources was cited as the top barrier for an "effective information security program" for insurers, according to the survey. The next most common barrier cited was "lack of visibility and influence within the organization."

Adding to the complexity is the rampant use of mobile devices in the insurance industry -- cited by respondents as resulting in 45 percent of the breaches. About four in five insurers support employee-owned or corporate-owned mobile devices, according to the respondents.

According to Deloitte's "2012 Global Financial Services Industry Security Survey: Breaking Barriers," two out of five financial services respondents felt "very confident" their organization was protected from an external attack, compared to the 21 percent who felt "very confident" protecting assets against an internal attack.

Bhat said risk managers need to work with IT and senior leaders to define their organization's "real critical assets and new threats and what you need to focus on because ... resources are limited," he said.

--By Anne Freedman

November 1, 2012

Copyright 2012© LRP Publications
 
 
 
 
 
 
 
 
 
 
 
RISK logo
 

Back to top

Entire contents copyright © 2013 Risk and Insurance® All rights reserved. May not be reproduced in any form without written permission.