Services industry especially attractive to cyber crime

By Advisen Ltd. on February 28, 2014

A broad industry that encompasses businesses from a large cross section of the economy, the services industry is made up of companies that primarily earn revenue by providing intangible products and services. Service industry sectors include health services, business services, educational services, recreation and hospitality services, and food services among others.

In a prior Data Spotlight the services industry was identified as the most highly targeted industry by cyber criminals. Based on the nature of the industry, many of these companies collect and store vast amounts of personal identifiable information (PII) which makes them an especially attractive target. As can be in the chart below, the services industry accounts for nearly half (45 percent) of all the cyber cases captured by Advisen. cyber-case-count-distribution-by-industry-650x392

Universities have found themselves to be particularly vulnerable, for example. In a recent case it was announced that personal information including names, Social Security numbers, and birthdates of more than 309,000 students, staff and alumni of the University of Maryland was compromised in a cyber-attack. Other highly targeted service sector companies include healthcare and business services. In fact, as illustrated in the chart below, more than three quarters of service sector cyber cases captured by Advisen involve companies from within these three segments.

cyber-case-count-by-service-sector-650x392
Also perhaps not surprising, due to the fact that they account for nearly half of all recorded cyber incidents, is the annual trajectory of service industry cyber events. This trend is consistent with annual number of cyber events across all industries. The number of cases spiked from 2004 to it its peak in 2011 and has since dropped back to 2009 levels.

 

As a percentage of the total events, the types of events experienced by service industry companies fluctuate from year to year. One of the most noticeable trends in recent years is the decline in ‘Digital Data Breach, Loss, or theft’ events and the increase in ‘System/Network Security Violation or Disruption.’ This follows a similar trend seen across all industries and illustrates the strategic changes made by cyber criminals in response to corporate cybersecurity practices.

Advisen Defines:

Digital Data Breach, Loss or Theft as a Digital breach, distribution, loss, disposal, or theft of personal confidential information, either intentionally or by mistake, in such a way to enable the information to be used or misused by another.

System/Network Security Violation or Disruption unauthorized use of or access to a computer or network, or interference with the operation of same, including virus, worm, malware, digital denial of service (DDOS), etc.

cyber-case-type-composition-by-year-650x390

Lastly, the sectors experiencing the highest frequency of claims; healthcare, business services, education, and engineering/accounting research/management/ and related services, also make up the majority (87 percent) of the claims cost in the industry.

cost-by-service-sector-650x391

Advisen generates, integrates, analyses and communicates unbiased, real-time insights for the global community of commercial insurance professionals. As a single source solution, Advisen helps the industry to more productively drive critical business decisions about pricing, loss experience, underwriting, marketing, transacting or purchasing commercial insurance. Visit www.advisenltd.com to learn more.