The insurance industry finds itself both a leader and a follower in this global fight against cybercrime, in that it can offer unique solutions to at-risk organizations, but the industry must also, in many cases, educate itself more fully on the type of threats facing businesses of all stripes.
The New York Insurance Association this week held a cybersecurity summit, inviting interested insurers to come and hear about the threats they and their clients face, the perpetrators they should fear, and the resources available for fighting back. Studies show that many of the nation’s smaller insurers do not yet offer a cyber insurance product, but the packed room at the NYIA event indicated a budding level of interest. The audience reactions ranged from disbelief at the audacity of hackers to determination to meet this new challenge.
Steve Stasiukonis, president of Secure Network Technologies, regaled the group with tales of hackers living the high life, until, luckily, they were caught. He cited the activities “Vladimir Lenin” a historically named group that hacked Citibank, and explained the motivations behind many overseas hackers in countries where jobs are limited but Internet access offers another revenue stream.
“In Belarus, you either work in the Belarus Tractor Factory or you’re harvesting wheat,” he said. “So, you get an Internet connection … it’s sad because crime does pay.”
Insurance professionals shook their heads as cyber stories truly turned to the stuff of science fiction as Stasiukonis described a type of crimeware called “Weyland-Yutani” – a reference to “The Company” that funded the explorations in the “Alien” movie franchise – that aimed its attacks at users of Mac computers and iPads back in 2011.
For an industry that has kept ahead of risk for hundreds of years, cyber is moving at a faster speed than many can comprehend.
“I’m very glad I’m less than four years from retirement,” commented one attendee. He also questioned why the venerable insurance industry isn’t tackling cyber with the same aplomb as other perils, saying, ”Why can’t some of us, who are more mature with greater brains, get our heads around it?”
However, the insurance industry moves ahead with all risks fully calculated, with a reasonable expectation of when to hold and when to fold. According to Stasiukonis, the hackers can afford to lob digital bombs over and over until they succeed.
“They know what they’re doing and they’re relentless. It doesn’t cost them anything to keep trying,” he said. And hackers aren’t bound by antitrust laws – sharing of new tactics for theft and disruption occurs on the Internet every hour, every minute.
However, insurers new to the field aren’t alone in the fight, either, as the group learned. Speaker Ryan Spelman of the Center for Internet Security shared tips for collaboration and some basic guidelines for securing systems against digital threats. He cited theCyber Hygiene Campaign and the resources within the federal government. He also encouraged insurers to discuss the threats they and their clients face.
“When you think you have a problem, and you don’t talk about it, that’s the wrong attitude. If it’s affecting you, it could be affecting many other people at the same time,” said Spelman.
In addition, the industry boasts many experts that have been engaged in the cyber insurance market for over a decade. While this is a new and puzzling area for many, the ability for any insurer to take on the challenge and offer solutions to their clients is well within reach.
Erin is the managing editor of Advisen’s Front Page News. She has been covering property-casualty insurance since 2000. Previously, Erin served as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at [email protected].
