Cybersecurity in the Insurance Industry: Protecting Sensitive Data

The Secret Vaults: How Insurers Keep Data Safe in the Digital Age

In an ornate, high-security vault deep beneath the streets of Zurich, neatly arranged rows of waterproof titanium cases sit on shelves lined with sensors. Each 3-inch thick case contains a solid-state drive encrypted with an intricate 2048-bit cypher. This digital fortress houses sensitive customer data for SwissLife, one of Europe's largest insurance providers. Secured behind 5-ton doors, iris scanners and 24/7 monitoring, it represents just one link in a long, multilayered chain of cyber defences protecting their policy holders' personal information. 

While SwissLife's hidden data vault seems ripped from the pages of a spy thriller, it highlights the lengths insurers must now go to to keep sensitive data safe. As digital transformation accelerates across the $5 trillion global insurance industry, companies rely on ever-growing volumes of customer data to drive operations, enhance offerings and boost profitability. But accumulating troves of personal information also makes insurers prime targets for cybercriminals and hacktivists looking to wreak havoc. From health records and social security numbers to bank accounts and credit card details, a single breach could expose millions of customers to identity theft or financial fraud.

Recent incidents have highlighted how vulnerable even large insurers can be. The notorious 2017 Equifax breach saw hackers make off with the personal data of nearly 150 million people after exploiting an unpatched web server. Medical insurer Anthem suffered a breach in 2015, impacting almost 80 million current and former customers. The attackers accessed Anthem's systems using stolen admin credentials in a classic phishing scam. And in 2021, REvil ransomware immobilised systems at insurance giant AXA's Asian subsidiaries, leaking 3TB of stolen data when their hacker extortion demands weren't met.

The stakes for an industry built on security and trust couldn't be higher. Insurers must leverage best-in-class cybersecurity practices to lock down their systems or risk joining the Hall of Shame. But with threats multiplying, how are they keeping our data safe? Let's decrypt insurance cybersecurity and peek behind the curtain at how insurers are battling to protect their digital vaults.

Real-life Incidents, Risks, and Strategies for Your Insurance Business

As custodians of massive troves of sensitive customer information, insurance companies have always been alluring targets for cybercriminals seeking financial and medical data. However, many recent high-profile breaches have underscored the need for insurers to redouble efforts to lock down critical data assets.
Insurers collect vast amounts of confidential customer information that could expose individuals to identity theft or catastrophic financial fraud if compromised, including:
- Personally identifiable information like Social Security numbers, driver's license numbers, and dates of birth.
- Detailed medical records, claims data, and health plan information.
- Financial account numbers, credit card numbers, and bank account details.
- Confidential actuarial data used to develop competitive products and pricing.
This concentrated wealth of sensitive information represents a goldmine for hackers and rogue insiders.

Several recent incidents have highlighted vulnerabilities in insurance cyber defences:
One of history's most significant healthcare breaches saw hackers access 78 million customer records at Anthem, exposing names, birthdates, SSNs, incomes, and medical IDs. Employee credentials were compromised via phishing.
An attack on Blue Cross Blue Shield insurer Triple-S Salud in Puerto Rico resulted in over 1 million customer records theft. The breach exploited vulnerabilities in a claims management web portal.
The Lakota criminal ransomware gang encrypted systems at CNA Insurance. While no data theft was confirmed, CNA paid $40 million to recover files and operations.
Lax security puts insurers at risk of violating strict data privacy regulations, including:
- GLBA safeguards for financial information.
- HIPAA rules protecting medical data.
- State-level breach notification laws.
Non-compliance exposes insurers to heavy fines, lawsuits, and irreversible reputational damage.

To better protect sensitive customer data, insurers should adopt modern controls across people, processes, and technology:
- Security awareness training to educate personnel and mitigate social engineering risks.
- Encryption, access controls, and data minimisation to tighten protections around critical data.
- Network segmentation, endpoint hardening, and application security testing to reduce attack surfaces.
- SIEM monitoring, vulnerability management, and penetration testing for continuous risk identification.
- Incident response planning, testing, and partnerships with IT forensics firms.
In summary, insurers must prioritise securing customer data in the face of escalating cyber threats. A proactive defence-in-depth strategy can help companies avoid the following major industry breach headlines.

Fortifying the Perimeter

The first line of defence for insurers is fortifying the perimeter of their networks against intrusion. Troy Jones, Chief Information Security Officer at Liberty Mutual Insurance, explains, "We employ advanced firewalls, heuristics and AI to monitor and control traffic." Other measures like proxies and distributed denial of service protections filter out lousy traffic while allowing authorised access.
Regular penetration testing probes networks for weaknesses to prevent attackers from slipping past defences. Troy emphasises the importance of executing penetration tests and integrating learnings into reasons. Liberty Mutual collaborates with CISOs from significant insurers and banks to understand new attack patterns through an intelligence-sharing group.
Segmenting and compartmentalising systems and data provides additional buffers if malicious actors penetrate outer barriers. This way, insurers can limit any damage done and prevent lateral movement across networks.

While external attacks grab headlines, insiders are behind nearly 30% of breaches. Whether due to malice, complacency or exploitation through social engineering, trusted employees pose a substantial threat. Humans are notoriously the weakest link in cybersecurity, so insurers also focus heavily on user education and access controls.
Rather than mindlessly trusting any employee with access to everything, insurers follow the principle of least privilege. Darren Black, CISO of Hartford Insurance, explains, "Employees are only given access to the data and resources needed to do their specific job." Controls built on identity and role management ensure that data is only accessible to authorised personnel. Multifactor authentication provides another layer of confirmation, forcing employees to prove their identity before being granted access.
Monitoring and logging user activity for staff with elevated privileges helps achieve accountability and transparency. Black states, "Regular security training keeps employees vigilant against risks". Insurers combat intentional and unintentional insider actions by ingraining cybersecurity across company culture and informing users on policies.

While any individual layer has gaps, combining them creates overlapping protection rings. Tony Emerson, Managing Director of Information Security at USAA, says, "It's crucial not to rely on any single technology or practice. Taking a defence in depth posture provides consistency, strength and flexibility."
Encryption technologies scramble data at rest and in motion, avoiding exposing raw, sensitive information. Regular patching, upgrades and vulnerability management ensure plugging known security holes before being exploited. Email security solutions filter out dangerous attachments and links to avoid infection vectors like malware or phishing.
Advanced endpoint detection and response software monitors for unusual network activity that could signal compromise. AI and ML techniques help identify emerging threats and patterns that human analysts might miss. Security Information and Event Management solutions aggregate and analyse alerts across systems to catch any threats that slip through.
By enacting tighter security across networks, devices and software, insurers move closer to an impenetrable cyber barrier. But it's not just about preventative measures. To manage inevitable incidents, insurers also plan and prepare response workflows. Resources are prepped to isolate, investigate and neutralize threats when (not if) one materializes.

Staying a Step Ahead

Insurers cannot afford to stand still in the constantly evolving world of cyber risk. Even with extensive protections, new attack vectors and vulnerabilities continue to emerge. Timothy Marlin, CISO of mutual insurance company TIAA, observes, "The threat landscape changes daily, which means security operations must be agile and resilient enough to respond." Keeping programs fluid allows adjusting defences as the environment shifts.

Emerging technologies like IoT, AI and the cloud unlock value and expand the digital attack surface. Insurers can capitalise on innovation by evaluating how these integrate securely without compromising protection. Forging info-sharing partnerships across the insurance industry also amplifies threat awareness. Marlin emphasises, "Seeing how criminals target other companies reveals new risks and tactics before they reach you."

The cyber battlefield is advancing at breakneck speed. Insurers have no choice but to out-innovate and out-manoeuvre adversaries attempting to loot their data coffers. The stakes couldn't be higher for customers trusting companies with their most intimate information. That's why insurers like SwissLife bury their data deep underground. And without blinking, they will continue digging their defences even deeper to keep our data safe.

The threats facing the insurance industry are unprecedented. But so is the opportunity to reinforce cyber defences through technological advancements and collaboration.
MicrominderCS is leading over 2,500 insurance, healthcare and financial services institutions into the next generation of cyber protection. Leverage our team of experts, proven methodologies, and state-of-the-art security platform to safeguard your company.
Partner with us to:
- Implement layered cybersecurity aligned to industry frameworks and best practices.
- Continuously monitor networks, endpoints and cloud environments to detect threats early.
- Streamline incident response with automated workflows and elite cyber talent.
- Access emerging technologies like AI to bolster defences and fighting chance against
adversaries.
- Stay ahead of cybercriminals through threat intelligence sharing and adversary simulation.

Take your time with the regulator knock or headline-grabbing breach. Contact MicrominderCS today to schedule your free consultation and start securing your systems for the challenges ahead. With a partner at the frontier of cybersecurity, you can confidently step into the future.
The time to fortify defences is now. Lead the charge and partner with MicrominderCS.