Stay ahead of hackers and the competition through cyber readiness
Cyber attacks are frustrating in so many ways, not least because fending them off can seem all too often like a game of whack-a-mole. They can be doubly challenging for the insurance sector, as processes and workflows are not typically set up to deal with the constantly changing landscape.
That doesn’t mean carriers should be resigned to insufficient cyber readiness, however. Through a combination of process review, partnerships with experts and a high level of vigilance over their own—and their customers’—ongoing approach to cyber protection, organisations can put themselves in a much stronger position.
On November 12, 2021, at 11.45am EST, Michael Drummond, head of technology and cyber product at At-Bay, will be adding his perspective to a panel of cyber experts at Underwriting USA discussing how to steal a march on the hackers, and keep clients protected at all times.
Drummond spoke to Intelligent Insurer ahead of the event.
Is staying ahead of the hackers an impossible task?
It is difficult, but not impossible. Think about the cyber threat landscape, it’s constantly evolving. A company may look very secure today but tomorrow a new vulnerability will occur and the next thing you know, they’re fully exposed.
Cyber risk is much more dynamic than the standard “check box” way of underwriting allows for in other lines of business, so insurers need to use technology in their underwriting processes to better understand potential vulnerabilities.
Everything is connected in the digital world. Today, ransomware is the biggest threat, and most attacks are not sophisticated. Attackers are looking for low-hanging fruit. Roughly 50 percent of attacks are attributable to an open Remote Desktop Protocol (RDP) port, and the rise of remote working has created more opportunities to exploit these vulnerabilities.
Open RDP ports are effectively an open door, and attackers are actively scanning businesses for them. Underwriters should be using similar tools during their assessment of the applicant’s risk.
What should insurers consider when it comes to information governance best practice?
For cyber insurers to be able to address this ransomware crisis, they need to understand the key drivers of losses and what controls can be put in place to prevent them in the first place.
Historically, cyber coverage has been underwritten using paper applications, or digital versions thereof. A lot of carriers don’t have an effective way of extracting that information and understanding it at a macro level across their entire portfolio.
Capturing that data and having a rich pool of it to analyse your loss history is vital in such a dynamic area.
“The biggest thing to focus on is how insurers can leverage technology in their underwriting process.” Michael Drummond, At-Bay
How can underwriters keep up to date with changes that seem to come so rapidly?
Cyber is not a “set it and forget it” product. Being able to stay on top of emerging threats in the market is essential. We have an in-house cybersecurity team, so if a new vulnerability emerges, we can incorporate it into our risk model. That ties into our scanning technology, which we use as part of the underwriting process to identify weaknesses in a potential client’s cyber resilience.
We can identify a lot of vulnerabilities upfront, but what that looks like tomorrow can be very different. Speed in updating underwriting models is key to staying ahead.
What should carriers be looking for in their cyber-technology partners?
The first thing to say is that underwriters shouldn’t just be using technology at the point of quote. They also need to deploy it to monitor the portfolio during the lifetime of the policies. Two percent of companies that are underwritten at the time of quote have an open RDP port, but a further 10 percent will go on to have an open RDP port during the length of their policy.
Active risk monitoring is vital if new vulnerabilities are discovered. Insurers need a partner that is actively sending security alerts so that the client can fix the vulnerability before it has a chance to be exploited.
How can underwriters be sure they have the correct protections in place?
The lack of plain English has plagued the industry for a long time. Whenever we see emerging threats and can mitigate that type of exposure, it needs to be distilled down into something that is easy for customers to understand.
Every time we update underwriting guidelines or appetite changes, we put together FAQ documents and materials in clear, simple terms about why they should be concerned and how they can protect themselves. It is a partnership between us and the insured.
The biggest thing to focus on is how insurers can leverage technology in their underwriting process and then, to realise that it’s not enough to leverage it only during the quote phase.
You have to deal with the risk in your book and leverage it throughout the lifetime of the policy. Working with customers to address vulnerabilities is central to maintaining a sustainable portfolio.
At Underwriting USA on November 12, 2021, at 11:45am EST, hear how Michael Drummond, head of technology and cyber product at At-Bay, and a panel of cyber experts structure their approach to keeping the cyber attackers out, and insurance organisations secure today—and for the future.
This is the biggest online event tailored specifically to underwriting—don’t miss out.
Register now!
