DIGITAL ECOSYSTEMS
5
Cybersecurity Threats Affecting Insurance
Companies in
2022
WRITTEN BY : VIKKI DAVIES
With cyber attacks on the insurance industry increasing in size and scale , Cyber magazine looks in depth at IntSights , a Rapid 7 Company ’ s 2022 Insurance Industry Cyber Threat Landscape Report
T he insurance industry is increasingly being targeted by a myriad of cyberattacks . Much like many other sectors , ransomware is a top threat to the industry due in part to the role of cyber insurance coverage of ransomware attacks . Yet it is also falling foul to other types of attack . Because insurance companies possess a great deal of personally identifiable information ( PII ) on their retail business-to-consumer ( B2C ) policyholders that bad actors can use for fraud and other malicious purposes , insurance fraud is also a big threat to the industry . In addition , hacktivists have been known to target insurance companies for ideological reasons and the PII of B2C policyholders is also useful to state sponsored threat actors because of the amount of detail that it contains .
Paul Prudhomme , Head of Threat Intelligence Advisory at IntSights , a Rapid7 company says :
“ The insurance industry has been a key target for ransomware gangs and other threat actors due to the role insurance firms play in cyber insurance coverage and the significant amounts of Personally Identifiable Information ( PII ) they hold .
“ Breaches of insurance companies result in cyber criminals being able to find the policy details and security standards of their cyber insurance customers and use stolen information for fraud or cyber attacks later down the line .
“ We ’ ve seen threat actors target a variety of insurance companies from the automobile and agricultural industry to the healthcare sector . With different insurance companies being targeted by different threat actors it doesn ’ t make sense for organisations to have the same cybersecurity solutions in place to combat them . Rather , organisations need individually tailored security policies in place which provide context around which threat actors are targeting them , what they are after and what techniques they may use . By having access to such intelligence , insurance companies can put themselves on the front foot against attackers .”
cybermagazine . com 85