Secure Insurance

Before insurers can offer effective coverage to their own customers, they must ensure that their own cyber security is up to the task. If they are vulnerable, their reputation as an expert in the field of cyber security insurance will be tarnished and they will lose consumer trust. The masses of sensitive and confidential personal data insurers possess could turn them into victims of cyber threats themselves. Worse yet, they could unwittingly surrender confidential customer data, possibly exposing them to massive class action lawsuits. Data breaches in the insurance industry can potentially inflict huge costs on insurers.

Insurers are an attractive target for cyber attacks. They are replete with massive stores of consumer data including credit card, medical bank account and confidential underwriting information. This data is “gold” to  hackers looking to commit identity theft, or insurance fraud.

KPMG survey of 100 insurance CEOs revealed that less than 20% believed that their organization is fully prepared for a cyber attack. They cited cyber security as their most pressing risk (42%), which means it was viewed as being more significantly risky than other difficult areas, such as regulatory risk.

The shift to digital depends on insurers maintaining customer trust, which of course requires strong cyber security discipline. They must defend themselves, and consequently, their customers and customer data, against all attacks and breaches, especially as cyber outlaws become more sophisticated.

In comparison to other financial services sectors – banking in particular – the insurance industry has lagged in cyber investment, focus and capabilities. In part, this is due to urgency: banks were getting pummeled by cyber-attacks and needed to move quickly to protect their reputations, customers and bottom lines. The cyber war has traditionally been much quieter on the insurance front.

All signs suggest this is about to change. As other financial sectors become more secure, attackers are moving on to find weaker targets and this is bringing insurance companies into the firing line, and the stakes are very high as insurers hold enormous amounts of data on individual health and personal property.

As a result, forward-looking insurers are now working to improve their capabilities and create alignment between their internal and external cyber risk management activities.

Insurers store massive amounts of data in cloud-based systems, tempting hackers looking to commit identity theft and other cyber crimes. The more attempts at cyber attacks there are, the more likely it is that one will eventually succeed. While an organization may be capable of stopping almost all attacks, even one or two that slip through could prove disastrous to the business.


Many insurers are also struggling with inconsistent and fragmented cyber security capabilities across lines of business and markets; often the legacy of years of M&A activity. So while, in most cases, cyber capabilities have been decentralised, resulting in significant control challenges at the Group level, our experience indicates that cyber security must be managed at a centralised level (allowing for adaptation by business units and markets to suit unique circumstances and requirements).

Who is creating risk?

Hackers Secure
Competitors Secure
Employees Secure
Customer Portal
External Hackers Credentials
Employees Using Cms
Credit Card Transactions
Big Data Warehousing Apps
Third Party Providers
Insider Threats
Cloud Data Storage

What is valuable?

  • Theft of personally identifiable information (PII) of the company’s customers
  • Theft of confidential banking information of company employees such as bank account numbers, user accounts, credit card numbers, social security numbers and passwords.
  • Preying on the insurer’s noncompliance with Payment Card Industry Data Security Standard (PCI DSS).
  • Targeting customer databases

Why is it valuable?

  • Insurance fraud
  • Theft


  • Customer Portals
  • Credit card transactions
  • Insider threats  – including employees
  • External hackers (credential acquisition)
  • Big data warehousing and applications
  • Cloud data storage
  • Employees using content management solutions
  • Third party providers

Our guarantee to you

Cryptoloc® provides an exceptionally high level of security. We uniquely encrypt each and every file with our patented two-stage encryption algorithm.


Do you have any further questions? Don’t hesitate to write us.

Send Message