You’ve Been Hacked: Few Surprises in Cybersecurity Study
Robert Regis Hyle | April 21, 2015
When Janeen Blanton asked the audience at a session of ITA LIVE last week to guess the number of insurance carriers where Salient Commercial Solutions had discovered vulnerabilities among the 10 that volunteered to be ethically hacked by Salient, there was nervous laughter in the room as several in the audience guessed the answer was probably all 10 companies.
Ten was the correct answer, which shouldn’t surprise anyone, but should nonetheless be a cause of concern for each of us. All 10 had what Blanton characterized as moderate vulnerabilities, nine had minor vulnerabilities, and eight had critical vulnerabilities, according to Blanton, vice president of Salient’s commercial operations.
Her co-panelist at the session, Thomas Dunbar, chief information risk officer, reminded the audience of insurance executives something they surely must be tired of hearing (but often refuse to accept), “It is no longer if you will be attacked, it’s when you will be attacked; no matter how good your security program is.”
That surely must be disheartening to corporate risk officers because there is no guarantee that the amount of time and money being invested to protect their data, a sizeable amount for most carriers—it still might not be enough to get the job done.
The best most companies can ask for are minor vulnerabilities, but even those minor issues eventually reach major problems if the holes that are exposed are left open for others to find and flaunt. That is why both Blanton and Dunbar encouraged the industry to continually test for vulnerabilities.
The other point that IT leaders need to stress is that while cybersecurity often falls under the discretion of the IT department, it is not simply a technology issue. Cybersecurity is the responsibility of the risk management team because exposures often result from sloppy data handling from people working within the business units.
Like anything in life, there are two ways of doing things—the easy way and the hard way. The hard way in data security means removing names and other personal information from the data before it is used for analytics, explained Dunbar. It is a step that could avoid major embarrassment for your company someday.
- Electronic Chat with Jeroen Morrenhof
- Legacy Systems Are Dead. Really? Don't Count On It.
- Now Accepting Nominations for the 2019 ITA Bridge Awards
- It's time to register for ITA LIVE!
- Registration is Now Open for ITA LIVE 2019!
- What to Expect from a Digital Experience Platform Implementation
- ITA Pro Magazine September Edition is Now Available
- It's National IT Professionals Day
- Save the Date for ITA-LIVE 2019
- OneShield Software and UrbanStat Work Together to Improve Real-Time Analytics and Risk Decision-Making
- ITA LIVE 2019 - SAVE THE DATE!
- Insurance Technology Association Announces New Editor-in-Chief
- August 2018 Edition ITA Pro Magazine is Now Available
- Enterprise Architecture in an Agile World
- Top 10 Tips for Securing Your Mobile Devices and Sensitive Client Data
- Industry Insight: 4 Global Insurance Trends in Digital, Data, Content Services and Security
- Diving Deeper into Prioritizing Your Strategic Digital investments
- Why Content Rules
- How Mass Personalization Will Open the Small Business Benefits Market
- At Year End 2017, Will Your Organization Be Protected from Cyber Risks?
- Do Insurance Bots Dream of Mitigating Risk?
- Conditioned to Respond
- Managing & Mobilizing Insurance Data in a Connected World
- Race to the Finish Line
- New Tools, New Opportunities in Claims
- ITA LIVE: Reaching Insurance Industry Crossroads
- Advice to Insurance IT Leaders: Keep Your Eye on the Ball
- New Date, Venue for ITA LIVE 2017
- Guidewire Makes Major Push to Small and Midtier Market by Acquiring ISCS
- Insurance Disruption is Happening Right Now
- Insurity Adds Strategic Investment Partner, General Atlantic
- Beyond Transformation: The Convergence of Finance, Risk, and Actuarial Functions
- The Rapid Evolution of Consumer Protection Regulation
- Talent Hunt: Finding, Attracting, Retaining Top People
- Insurers Flexing Their Distribution Models
- Technology Driving Disruption in Insurance
- Fear of ‘Next Bubble’ Challenges Life, Annuity Carriers
- Technology Allows Commercial Lines Insurers to Stand Out
- Single Sign-on Viewed as Biggest Tech Challenge for Agencies
- ISCS Observes 20th Anniversary; Scurto Predicts Major Changes Ahead
- Policyholders and Their First Impressions
- Progressive Making Progress on the UBI Front
- High and Dry: Insurers Search for Disaster Recovery Plans
- Insurers Sign The (Un)Dotted Line
- Reflections of a Retired Insurance CIO
- Mobile Device Management Just One Answer to BYOD Issue
- Lessons from GEICO and Progressive on Winning the Critical Buying Stage
- You Are a Target for a Cyber Attack
- Web-based Systems are the Next Evolution in Claims Technology
- Gaining a “Wow” Experience from Web Users
- Time to Shift from Business/IT Alignment to Business/IT Alliance
- Healthcare Insurers Changing to Consumer Model
- Organization is the Key for Selecting Software Vendors
- Analysts Expound on the Needs of the Mid-tier Insurance Market
- Finding the Cure for Obamacare’s Website
- New Software Solutions Benefit Insurers on the Inside and Outside
- Products, Market Impede Investment in Systems for Life Insurers
- Combatting Cyber Threats: Predict, Prevent, Persist
- The Future of Telematics Heads Beyond Insurance
- The Shame in Cyber Security Lapses
- Building Policy Administration Systems for the Future
- Insurers Look Into The Eyes of Their Policyholders
- It’s a New Dawn for the ITA
INSURANCE IT NEWS
- Crawford Technologies Announces Release of ePresentment Gateway for Box
- New Study of More than 100 Insurers Finds Success Among Early Adopters of Emerging Tech, Says Novarica
- Anshuman Purohit Assumes Senior Technology Leadership Role at CastleBay Companies
- AVYST Welcomes Kitty Ambers as Chief Growth Officer
- Agero Strengthens Executive Team with Bill Gerraughty as Chief Financial Officer
- Electronic Chat with Jeroen Morrenhof
- 2019 Global Insurance Accelerator Cohort Reflects Evolution of InsurTech
- Nearly 50% of US Insurers Are Enhancing Security Capabilities Across the Board, Says Novarica
The Email Chat is a regular feature of the ITA Pro magazine and website. We send a series of questions to an insurance IT leader in search of thought-provoking responses on important issues facing the insurance industry.
ITA LIVE 2019
The tide is up! It's time to register for ITA LIVE 2019, our annual educational and networking conference! Our theme is "The InsurTech Revolution: Cutting Through the Hype." and we'll be bringing in a torrent of industry thought leaders, amazing insight and wonderful perspectives on the world of insurtech and its impact on the insurance landscape.
ITA LIVE 2019 will present real-life examples of true startup technologies that are helping insurers gain real advantage -- and a competitive edge -- in the marketplace. We’ll highlight the more successful InsurTech partnerships, while offering case studies that demonstrate exciting innovation and cutting-edge techniques impacting all aspects of the insurance ecosystem.
Ride the wave to LIVE 2019. Sign up today! We look forward to seeing you in May, 2019!
BLOGS AND COLUMNS
You have surely heard it said that small businesses are the growth engine for America. Today, the phrase has a special ring to it for benefits... READ MORE
With stagnant growth and lingering low interest rates, the life insurance industry faces a challenging future... READ MORE
Finding insurance carriers willing to write commercial lines risks has always been a challenge for producers... READ MORE
As Guidewire Software prepares for the start of Connections, its 11th annual user conference that begins on Nov. 2, Brian Desmond, chief marketing... READ MORE