If you’re an insurance company — especially if you sell cyber liability coverage — and if you’re not yet awake to the fact that your data, all of your digital assets (including personally identifiable information or PII), and some of your hardware are at risk, this would be a good time to get up and at ’em.
The September/October edition of Claims Magazine features an article entitled, “CYBERSECURITY: Key Threats Endangering Insurers“. We don’t mean to be alarmist, but it’s alarming:
Insurers are smarting from the relentless attacks on their computer networks by hackers … 82% of the world’s largest insurers are vulnerable to phishing … During 2021 alone, hackers exposed the PII of 1.5 billion users … insurers specializing in cybersecurity insurance find they are of even greater interest to hackers, given that the stolen details of cyber-insurance policies also offer hackers a bird’s-eye view into the amount of ransom an insurer has agreed to pay for its insured.
Three aspects of this are particularly alarming to us: (1) That it’s happening at all. (2) That it’s happening to this extent. (3) That it’s so preventable, but so few companies are preventing it.
Forewarned is Forearmed
Conventional wisdom says knowing you have a problem, and admitting it, are the first steps to resolving it. They’re also the first steps to protecting your business and its digital assets. Cybercrime is. It exists. That’s a problem. There’s no denying the evidence. Since there’s so much evidence, you can’t claim not to know it. And if you know it and admit you’re at risk because of it, you can fix it.
Start with an audit. Examine your environment and your infrastructure to determine your level of preparedness and to determine your ability to recover from cyberattacks or data breaches. If you discover weaknesses, identify compliance gaps in your IT infrastructure. Evaluate your points of remote access. Assess your authorization levels for access to networks and systems. Analyze your perimeter and internal defenses and system configurations. Categorize the risks and prioritize remediation efforts. Then conduct penetration testing: Use scanning tools and act like hackers to evaluate your network, your software, your security controls, and your defenses.
Better yet, call us and we’ll do all that for you. That’s we’re here.
And that’s why our customers trust us.