Other parts of this series:
Since 2018, cyberattacks on insurers have doubled. How can firms respond?
Our previous blog explored cybersecurity threats facing banks and capital markets firms—and now I’d like to look at insurers. In our previous insurance industry report about cyber risk we noted a bit of overconfidence in executives’ responses to our survey.
For example, about 80 percent of insurers said they were either “confident” or “extremely confident” in their cybersecurity capabilities. The actual performance numbers did not universally support that position, but some of them did. So, the respondents chose to see the glass as half full.
We had a hunch that insurance companies were buying time. They were being successful … for now. Cyber criminals were more focused on banks than on insurers, but we didn’t think that situation would last forever.
According to a 2019 survey of global leaders prepared by the World Economic Forum, damage from large-scale cyberattacks is one of the top-five global risks.
In fact, it didn’t. Our latest findings, based on Accenture’s “State of Cyber Resilience” report, show the number of cyberattacks on insurers has more than doubled since our 2018 survey (from 240 to 519 attacks, on average). This number is more than twice as much as the cross-industry cyber resilience leaders in the survey and over three times more than their banking/capital markets peers. When it comes to insurance and cybercrime, it’s clear the “bad guys” are now paying attention.
Follow the leaders
Our research also found, however—based on our detailed modeling and statistical analysis of cybersecurity performance—a select group of insurance leaders (about 8 percent) have shown they are far more effective at cybersecurity and cyber resilience than non-leaders. They particularly excel in four areas. They:
- Stop more attacks
- Find breaches faster
- Fix breaches faster
- Reduce the impact
The difference in performance between leaders and non-leaders was striking. (See Figure 1.)
A key insight about the leaders: They are investing with an eye on improving operational speed. Breaches are a given, but cybersecurity leaders are faster at detecting and responding. The top-three measures of cybersecurity effectiveness named by leaders all emphasize speed: how quickly they can detect a security breach, how quickly they can respond, and how quickly they can get operations back to normal.
Beyond these priorities, leaders also measure the effectiveness of their resiliency (how quickly they recover from a breach) and their precision (improving the accuracy of locating cyber incidents). Non-leaders, by contrast, over-spend on defense and under-spend on detection and response.
How to become a cybersecurity leader
I’ll leave you with three things you can do to improve your cybersecurity capabilities.
Scale more. The rate at which surveyed organizations scale investments across their business has a significant impact on their ability to defend against attacks. The leaders best at scaling technologies—defined as having moved 50 percent or more of their tools from pilot to full-scale deployment—perform four times better than the average respondents.
The ability to scale is an important factor in the reach of security programs. The cybersecurity programs for those that are best at scaling actively protect three-fourths of all key assets in the organization. Average performers cover only one-half of their key assets. It’s hardly a surprise, then, that 86 percent of leaders agreed that new cybersecurity tools are increasing cybersecurity coverage for their organizations.
Train more. The speed with which organizations in our survey find security breaches is faster for those who provide higher levels of security-related training. Fifty-nine percent of top performers among our insurance respondents offer training about security tools to more than half of users, compared with just 29 percent of non-leaders.
Across the global sample, those who were top performers in terms of training found 52 percent of security breaches in less than 24 hours, compared with only 32 percent for average performers.
Collaborate more. The organizations best at collaborating—the ones using more than five methods to bring together their strategic vendors and collaborators, the security community, cybersecurity consortiums, and an internal task force to increase understanding of cybersecurity threats—are twice as successful as others at defending against attacks. Organizations that collaborate more have a breach ratio of 6 percent versus an average of 13 percent for the rest.
Becoming more strategic
Cybersecurity challenges are daunting, to be sure. In fact, our survey found 83 percent of insurance respondents say their security investments are failing them. This situation won’t be fixed with a single stroke.
Rather, becoming more strategic with security investments is often incremental in nature. Know what’s currently possible to control and what isn’t and prioritize investments to increase your sphere of control wherever possible.