Avoiding inside jobs on the cybersecurity front

Be it negligence or data theft, the current landscape demands stronger measures

Avoiding inside jobs on the cybersecurity front

Cyber

By Kenneth Araullo

As cyber threats continue to evolve, insurance companies face an increasing risk not just from external attackers but from within their own ranks. Insider threats – whether from current or former employees, contractors, or others with access to sensitive information – pose a unique challenge to cybersecurity efforts.

Insider threats are an often overlooked but significant cyber risk for insurance companies, according to Sean Plankey (pictured), global leader of cybersecurity software at WTW. While external cyber attacks frequently make headlines, insider threats – stemming from individuals with access to internal systems and data – can be equally or more damaging due to their privileged knowledge of internal processes. These threats pose serious cybersecurity risks to insurers, requiring effective mitigation strategies to minimize potential harm.

Plankey said that insider threats involve cybersecurity risks from individuals who have, or once had, authorized access to a company’s systems, data, or physical premises. This group includes current or former employees, contractors, and other parties with insider knowledge.

Insider threats can be either intentional, driven by financial gain, revenge, or ideological motives, or unintentional, where negligence or social engineering compromises security. In the insurance sector, sensitive customer information, proprietary algorithms, and financial data are at risk, with insider threats manifesting in various ways, such as unauthorized access to databases or manipulation of financial records.

A 2024 Verizon Data Breach Investigations Report found that 35% of data breaches were caused by insiders, highlighting the prevalence of this issue across industries, including insurance.

Plankey noted that insurers are particularly vulnerable due to the vast amounts of personal and financial data that employees and contractors handle. The misuse or unauthorized disclosure of such information can lead to identity theft, fraud, and significant financial losses, both for the insurer and its customers.

There have been notable cases where insider threats impacted insurance companies. For instance, in 2018, a former employee at a major insurance firm was convicted of stealing confidential client data, including Social Security numbers and other sensitive information. The employee intended to commit identity theft and tax fraud, causing reputational damage for the insurer.

In another case, a claims adjuster altered claims records to inflate payments, leading to substantial financial losses before the fraud was uncovered. These incidents illustrate how insider threats can exploit weaknesses in insurers' systems.

To mitigate these risks, Plankey emphasized the importance of proactive and multi-layered cybersecurity strategies for insurance companies. Key measures include implementing access controls based on the principle of least privilege, where employees can only access information necessary for their roles.

Regular monitoring and auditing of system activity can detect unusual behavior early, while employee cybersecurity training is crucial in fostering awareness of best practices and the consequences of insider threats.

Enhancing data protection through encryption and data loss prevention technologies, along with regularly updating security protocols, are also essential steps in reducing the risk of insider threats. Insurance companies, Plankey advised, must take these precautions to protect sensitive information, safeguard financial assets, and maintain customer trust.

While insider attacks in the insurance industry may be underreported due to confidentiality concerns, the potential for financial and reputational damage underscores the need for strong cybersecurity measures.

By implementing comprehensive security controls and fostering a culture of cybersecurity awareness, insurers can better defend against insider threats and protect their assets in an increasingly digital world.

What are your thoughts on this story? Please feel free to share your comments below.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!