Cyber Vulnerability: Where Do You Stand?

July 2016

Advisen released a white paper featuring the results of a comprehensive cyber study between Advisen and BitSight Technologies focusing on the analysis of the cyber security posture of three industries: Finance and Insurance, Healthcare and Social Assistance, and Public Administration. The study looks into the number of event types by year from 2012 to 2016, the security ratings for cyber insurance by industry, and many other key data.

The free, 17-page paper is sponsored by BitSight Technologies.

A Closer Look at Cyber Events

Numerous reports show that the number of cyber attacks is rapidly growing. According to Symantec’s Internet Security Threat Report, the number of zero-day vulnerabilities discovered more than doubled in 2015, and this year there have been an average of over 4,000 ransomware attacks per day. As the cyber threat landscape continues to evolve, certain types of attacks are becoming increasingly common. Advisen indicates that although Digital Data Breach, Loss, and Theft continue to be the leading types of cyber events, Phishing attacks have gained momentum, especially between 2013 and 2015. Network-disruption events (such as denial of service attacks) have also seen an increase in recent years.

As part of a comprehensive cyber study between Advisen and BitSight Technologies, researchers analyzed the cyber security posture of three industries: Finance and Insurance, Healthcare and Social Assistance, and Public Administration.

Advisen partnered with BitSight Technologies to analyze the Security Ratings for each industry and through this enhanced lens, some industries have emerged as cyber leaders, while others appear to lag behind. As cyber insurers assess which companies to add to their portfolio, certain industry patterns reveal potentially risky engagements.

The paper highlights that by continuously monitoring companies and staying ahead of the latest vulnerabilities, insurers can enhance their approach to cyber underwriting and risk management.

Cyber criminals often target these industries because of the financial and personally identifiable information they manage. However, focusing on 2015 data from Advisen, it appears that Finance and Insurance experienced a slowdown in cyber events near the end of 2015.