Boosting Cyber Resilience: Urgent Call for the Insurance Industry to Combat Evolving Threats

In the face of escalating cyber threats, leaders from the insurance and cybersecurity sectors are advocating for improved cyber resilience within the insurance industry. A recent roundtable event hosted by Intersys brought together industry experts to discuss the urgent need for insurers to transition from reactive to proactive risk management strategies. This shift is essential to safeguard against the evolving threat landscape.

Key Challenges Facing Insurers

During the roundtable, participants identified several critical challenges that insurers must address:

• Ransomware Attacks: Approximately 60% of businesses affected by ransomware operations cease to exist within three years.
• Outdated Systems: Many insurers are still using obsolete Windows systems, which heightens their vulnerability, as noted by GCHQ.
• MFA Limitations: Cybercriminals are increasingly bypassing Multi-Factor Authentication (MFA) by stealing access tokens.
• Quishing (QR Code Phishing): This attack vector has surged, rising from 0.8% of phishing attempts in 2022 to 12.4% in 2024.
• Evolving Tactics of Cyber Criminals: Attackers continuously adapt, necessitating that insurers employ advanced security measures.
• Lack of Industry Collaboration: A fragmented approach to cyber risk leaves insurers exposed, emphasizing the need for cross-sector cooperation.

Experts Weigh In on Cyber Resilience

Tim King, Business Development Lead at Intersys, highlighted the urgency of proactive security measures, stating, “Threat actors only need to succeed once, whereas businesses must remain vigilant at all times.” He stressed that the industry must prioritize proactive security, particularly as many insurers still rely on outdated systems.

Jake Ives, Head of Security at Intersys, echoed these concerns, asserting that relying solely on MFA is insufficient against sophisticated cyber threats. He urged the insurance sector to continuously evolve its defenses.

Douglas Robare, Venture Partner at Neo Ventures, pointed out the rising threat of QR code phishing, advising professionals to enhance their awareness of these tactics.

Aarti Ajay, IT Audit Manager at We Are Just, emphasized the importance of the discussions around key security challenges and areas of focus for industry professionals.

David Clamp, Founder of The Camelot Network, stressed the significance of practical solutions for implementing cyber resilience in the London Market.

Networking and Collaboration

Lisa Rowe, Senior Underwriter at Specialty MGA UK, remarked on the enriching experience of collaborating with peers, thanks to Intersys’ expertise in cybersecurity. Meanwhile, Robin Muir, Head of Contingent Risks at Devonshire Underwriting, called for the integration of robust cybersecurity measures into industry practices to protect sensitive data.

Mark Kirby, Professional Services Director at Intersys, summed up the event’s objective: to facilitate knowledge-sharing and innovative problem-solving among IT security experts, risk managers, underwriters, and auditors.

Conclusion: The Path Forward for Insurers

As cyber threats evolve rapidly, industry leaders emphasize the necessity for insurers to adopt a more collaborative and proactive approach to cyber risk management. Continuous dialogue between insurers and cybersecurity experts will be vital for safeguarding the future of the sector. For more insights on enhancing cyber resilience, visit Intersys and explore related resources on Cybersecurity.gov.