{"id":12896,"date":"2021-07-16T15:33:10","date_gmt":"2021-07-16T19:33:10","guid":{"rendered":"https:\/\/www.resourcepro.com\/4-key-cybersecurity-processes-for-insurance-organizations\/"},"modified":"2024-07-15T10:15:14","modified_gmt":"2024-07-15T14:15:14","slug":"4-key-cybersecurity-processes-for-insurance-organizations","status":"publish","type":"post","link":"https:\/\/www.resourcepro.com\/blog\/4-key-cybersecurity-processes-for-insurance-organizations\/","title":{"rendered":"4 Key Cybersecurity Processes for Insurance Organizations"},"content":{"rendered":"\n<p><em>David is the Senior Director of Information Security for ReSource Pro.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-mitigate-your-cyber-risk\"><strong>Mitigate your cyber risk<\/strong><\/h2>\n\n\n\n<p>The cost of cyberattacks is reaching new highs.<a href=\"https:\/\/www.coveware.com\/blog\/ransomware-attack-vectors-shift-as-new-software-vulnerability-exploits-abound\" target=\"_blank\" rel=\"noreferrer noopener\"> According to data from Coveware<\/a>, the average ransom payment in Q1 2021 was $220,298 compared to just $6,733 in <a href=\"https:\/\/www.coveware.com\/blog\/2019\/1\/21\/covewares-2018-q4-ransomware-marketplace-report\" target=\"_blank\" rel=\"noreferrer noopener\">Q4 2018<\/a>. Insurers are feeling the impact too, with <a href=\"https:\/\/www.reinsurancene.ws\/cyber-industry-loss-ratio-at-record-high-67-in-2020-aon\/\" target=\"_blank\" rel=\"noreferrer noopener\">Aon reporting<\/a> a 67% loss ratio in U.S. cyber market.<\/p>\n\n\n\n<p>Our industry is the <a href=\"https:\/\/www.ibm.com\/security\/data-breach\/threat-intelligence\" target=\"_blank\" rel=\"noreferrer noopener\">#1 target for cyberattacks<\/a>, but with the right processes, we can reduce cyber risk significantly and recover more quickly in the event that a disruption does occur. Below are four key processes insurance organizations can utilize to protect against cyber threats and other adverse events.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-1-security-awareness\">1. <strong>Security awareness<\/strong><\/h2>\n\n\n\n<p>Cyber threats, such as ransomware, rely heavily on <a href=\"https:\/\/www.csoonline.com\/article\/2124681\/what-is-social-engineering.html\" target=\"_blank\" rel=\"noreferrer noopener\">social engineering<\/a> to succeed. This means that building a strategy to enhance employees\u2019 capability of recognizing digital risks is one of the most important security processes for an organization to establish. Unfortunately, many companies struggle to create an impact on their employees when doing so. Below are three tips for success:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/searchsecurity.techtarget.com\/feature\/For-cybersecurity-training-positive-reinforcement-is-best\" target=\"_blank\" rel=\"noreferrer noopener\">Use positive reinforcement, not punishment<\/a><\/li><li>Training should be easily digestible and occur regularly<\/li><li>Don\u2019t tell employees what not to do, provide them with info and resources they can use<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-2-business-continuity-planning-and-disaster-recovery\">2. <strong>Business continuity planning and disaster recovery<\/strong><\/h2>\n\n\n\n<p>Every organization should establish and maintain a detailed <a href=\"https:\/\/www.resourcepro.com\/blog\/how-to-prepare-your-insurance-organization-for-the-coronavirus\/\" target=\"_blank\" rel=\"noreferrer noopener\">business continuity plan<\/a> (BCP) that will enable it to restore value delivery to its customers in the event of a disruption, such as a power outage or cyberattack. Three essential steps to creating and executing an effective BCP include:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Establishing a crisis management team to monitor the crisis and coordinate BCP execution<\/li><li>Creating a communications plan to inform and update affected clients, partners, and vendors<\/li><li>Evaluating and improving your remote work capabilities<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-3-incident-management\">3. <strong>Incident management<\/strong><\/h2>\n\n\n\n<p>Incident management refers to how an organization plans to respond to issues that impact the delivery of its services to customers. This goes beyond just calling the repairperson when the office printer is broken, but having a process in place to help:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Prevent such issues from occurring in the first place<\/li><li>Address incidents in order of importance<\/li><li>Escalate incidents that cannot be resolved quickly by IT or a security admin<\/li><\/ul>\n\n\n\n<p>Critical incidents, such as a power outage, may require a BCP response, or even outside support. When Hurricane Harvey impacted Texas in 2017, ReSource Pro supported several Texas-based property and casualty agencies in providing uninterrupted service to their customers.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.resourcepro.com\/wp-content\/uploads\/2019\/11\/beyond-customer-service.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">READ OUR CASE STUDY ABOUT DELIVERING EXCEPTIONAL SERVICE IN CRISIS<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-4-identity-and-access-management\">4. <strong>Identity and access management<\/strong><\/h2>\n\n\n\n<p>Organizations leverage dozens of services spread out across multiple providers. Think databases, benefits administration systems, and productivity applications. Each requires a separate account to access and, in some cases, provides control over confidential information. This emphasizes both the need for strong security awareness\u2014so that employees keep their accounts secure\u2014and for organizations to employ <a href=\"https:\/\/www.ibm.com\/topics\/identity-access-management\" target=\"_blank\" rel=\"noreferrer noopener\">identity and access management (IAM)<\/a>, monitoring and controlling:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>What users have access to the system<\/li><li>What permissions they have within the system<\/li><li>What they are doing within the system<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-how-can-leaders-bolster-their-teams-security-awareness\"><strong>How can leaders bolster their teams\u2019 security awareness?<\/strong><\/h2>\n\n\n\n<p>To foster a cyber-secure workplace, leaders should exercise strong performance management. As with any other skill, you should set clear expectations and responsibilities for employees. As you employ security awareness tests and other tools, ensure that leaders at all levels, from managers to C-suite, are engaged in identifying and acting to address underperformance.<\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p><em>Want to learn more about how we can securely support your insurance operations? <\/em><a href=\"https:\/\/www.resourcepro.com\/contact-us\/business-solutions\/\" target=\"_blank\" rel=\"noreferrer noopener\"><em>Let\u2019s get in touch<\/em><\/a><em>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Here are four key processes insurance organizations can utilize to protect against cyber threats and other adverse events.<\/p>\n","protected":false},"author":6,"featured_media":12897,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"news-category":[],"insurance-segment":[],"services":[],"type-of-content":[38],"resource-type":[],"class_list":["post-12896","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","type-of-content-blogs"],"acf":[],"publishpress_future_action":{"enabled":false,"date":"2026-04-19 11:09:37","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/posts\/12896","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/comments?post=12896"}],"version-history":[{"count":1,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/posts\/12896\/revisions"}],"predecessor-version":[{"id":13802,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/posts\/12896\/revisions\/13802"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/media?parent=12896"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/categories?post=12896"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/tags?post=12896"},{"taxonomy":"news-category","embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/news-category?post=12896"},{"taxonomy":"insurance-segment","embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/insurance-segment?post=12896"},{"taxonomy":"services","embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/services?post=12896"},{"taxonomy":"type-of-content","embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/type-of-content?post=12896"},{"taxonomy":"resource-type","embeddable":true,"href":"https:\/\/www.resourcepro.com\/wp-json\/wp\/v2\/resource-type?post=12896"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}