Northdoor plc has released its 2021 insurance sector cyber security assessment report which reveals how the sector is responding to threats and where vulnerabilities lie. Using the RiskXchange Cyber Risk Rating, the assessment analysed over 150 companies across the insurance sector split across brokers, carriers, underwriters and service providers.
The past year has seen criminals up their efforts and the levels of sophistication of their attacks, with the insurance sector becoming an increasingly tempting target. The nature of the data held by the sector means that it is highly valuable and desirable. The report has shown that many are still not doing enough to close vulnerabilities that are putting organisations at a real risk of being breached.
The RiskXchange score is produced and presented in two ways. First, a raw target area score is calculated on a weighted sum of the underlying issues. These weights are based on issue severity, graded from low to medium, high and critical as well as each company’s digital footprint. The results are translated into letter grades from “F” to “A”. Second, all of these weighted scores are then rolled into the total score which falls on a scale of 300 to 900, with 900 equalling exceptional and <400 very poor.
Highlights from the report include:
- · Brokers continue to struggle with the average score falling from 758 to 750. However, several companies have significantly improved their scores – with one firm achieving an excellent score of 847
- · 54 percent of brokers scored a “D” on email security. 91 percent of all cyber-attacks begin with a phishing email and so this is one area that needs addressing immediately
- · The average cover-holder score has also fallen with the highest-scoring firm in this category achieving only 810 points out of 900
- · 25 percent of MGAs/cover-holders scored a “C” in encryption. Several are using encryption ciphers that are insecure, leading to confidential or client-personal data potentially being exposed
- · Scores amongst carriers have increased overall with the average rising from 764 to 778. However, several carriers need to better secure their public-facing digital footprints and work harder to improve their security operations
- · 33 percent of the carrier population use a mix of Microsoft Office 365 and/or Skype services, highlighting a potential resilience issue if Microsoft was to have an issue
- · This year’s survey includes central service providers to the London insurance industry. The results reveal some potentially worrying long-term security vulnerabilities which, if exploited by criminals, could put the entire market at risk of a large-scale data breach
- · 31 percent of service providers scored an E when it came to network security. Very large service providers continue to use weak and insecure encryption methods
- · A large proportion of the insurance companies surveyed have failed to implement the Domain-based Message Authentication, Reporting and Conformance (DMARC) policy management, and so remain vulnerable to phishing attacks.
AJ Thompson, COO at Northdoor commented. “The past year has been a challenging one for the sector. For many new ways of working have been forced upon them, new technology has had to be quickly sourced and implemented to ensure business continuity and customers are more demanding than ever. This scenario has also proved to be the perfect opportunity for cyber criminals to increase their efforts and the levels of sophistication of their attacks.
“The 2021 report has highlighted that many in the insurance sector have not reacted quickly enough to this threat, with companies continuing to exhibit weaknesses in their security operations across external attack surfaces.
“These issues are not complicated or sophisticated, but are worryingly obvious. Many in the insurance sector need to go back to basics, review where their vulnerabilities lie and identify what, often simple solutions, need to be implemented.
“The insurance sector is a tempting target for criminals. The nature of the data held is hugely valuable with criminals simply selling it on or holding it to ransom with ransomware attacks. Some of the basic ways of stopping criminals gaining access in the first-place need to be implemented immediately.
“Phishing attacks are the most common way for criminals to gain access to data and infrastructure. Some in the sector seem to have left the door open for criminals by not implementing DMARC. This is just one example of a simple step that can make a huge impact in securing systems and data. The threat from cyber criminals is only going to increase over the next year and the sector needs to do better if it is to prevent a high profile and costly breach,” concluded Thompson.
A copy of the report can be found here: https://www.northdoor.co.uk/wp-content/uploads/2021/01/Northdoor_RiskX_report_210126.pdf