Cyber security and insurance professionals have issued a critical warning about the escalating cyber threat landscape, calling for immediate and proactive risk management strategies across the industry.
In a recent roundtable hosted by Intersys, industry experts highlighted trends that pose significant risks to insurance businesses. Key findings revealed that 60% of businesses affected by ransomware ultimately shut down within three years, underscoring the devastating potential of cyberattacks.
The UK's Government Communications Headquarters (GCHQ) has raised particular concern about outdated technology, noting that many insurance firms continue to use vulnerable Windows systems. Cyber criminals are becoming increasingly sophisticated, exploiting weaknesses in multi-factor authentication and developing new attack methods.
"Threat actors only need to succeed once, whereas businesses must remain vigilant at all times," said Tim King, business development lead at Intersys. He emphasized the growing attractiveness of cybercrime, where the likelihood of prosecution remains low.
The roundtable participants painted a complex picture of cyber vulnerabilities. Outdated systems remain a critical concern, with GCHQ warning about widespread use of vulnerable technology in the insurance sector.
Multi-factor authentication, once considered a robust security measure, now shows significant limitations as criminals develop methods to steal access tokens and bypass these protections. The sophistication of cybercriminal tactics continues to evolve at an unprecedented pace, challenging traditional security approaches.
One emerging threat is "quishing" - QR code phishing - which has skyrocketed from 0.8% of phishing attempts in 2022 to 12.4% in 2024, demonstrating the rapidly evolving nature of cyber threats.
Robin Muir, from Devonshire Underwriting, stressed the critical nature of the challenge: "Cyber security must be embedded in the DNA of every insurance business. As the industry becomes increasingly interconnected, the risk landscape is evolving at an unprecedented pace."
The consensus among industry leaders is clear: proactive, robust cyber measures are critical to protecting sensitive data and maintaining operational resilience.
What cyber security challenges concern you most? Share your thoughts below.
