Cyber-security for your insurance business might be more important than you think. According to Panda Security, more than 230,000 new malware samples are launched everyday with an estimated annual cost of $400 billion for companies. China was the most affected region during 2015 with almost 60% of infected computers, followed by Taiwan and Turkey.
Here is Kaspersky’s real-time map to track cyber-attacks all over the world:
Financial sector, including insurance is one of the most frequently hacked industry due to the big amount of information that insurance firms possess. According to a survey by the New York State Department of Financial Services, only 51% of insurers from 43 entities (With combined assets of approximately $3.2 trillion) reported having a budget specifically for cyber-security events.
Cyber-security is all about scale
Big corporations are not the favorite target for cybercriminals. 62% of victims are small to mid-size businesses (SME’s), which have a low level of preparation against these threats. Criminals look for valuable data such as customers contact information, protected health information or credit card data.
On this subject, Greg Shannon, chief scientist at the CERT Division of the Software Engineering Institute at Carnegie Mellon, commented on CSO (News, analysis and research on security and risk management) this is not a matter of size, but of scale:
“Small business is a huge target because attacks are automated. The criminals don’t care who they’re attacking, and while any given business isn’t worth much, they have viruses or ransomware that allow them to attack thousands or millions,” said Shannon.
Another problem about SME’s is that they are cutting their security spending. According to a recent survey from PwC, small firms cut security spending by 20% while large companies increased their invested in cyber-security by 5%.
Here are 5 things you can do to protect your insurance business from cyber- attacks:
- Create internet security guidelines for your employees and limit the access to necessary data only.
- Require employees to build strong passwords and change them every three months.
- Prevent outsider to access key data with a firewall.
- Make sure your Wi-Fi network is hidden and encrypted.
- Back up data on your computers automatically if possible and store the copies offsite or in the cloud.