Insurers have vast amounts of data that is incredibly valuable to cybercriminals. So lucrative is the data held by insurers that one attack even targeted people who weren’t customers but had simply requested a quote from the insurer.
Documentation and communication is often where customer data is the most vulnerable. After all, so much of the information that insurers have on their customers resides in personal, confidential documents, such as bills, policies and claim forms. These documents can reside in multiple places, both within the organisation and on customer devices.
At the recent InsureTech conference in Las Vegas, insurers were asked what their biggest challenge or concern is and it’s no surprise that data, cyber and trust were in the top concerns. Here are some of the latest cybersecurity trends insurers should be thinking about when it comes to their document and communication strategies.
For a long time, organisations of all kinds (including insurers), would adopt technological solutions and then figure out ways to make them secure afterwards. Digital documentation was no exception, with many putting accessibility to those documents ahead of security.
Then, security was incorporated at various points in the development of digital document and communication solutions. Ultimately though, it was still an afterthought in comparison to all the other features.
Increasingly, however, organisations have realised that security needs to be built into these systems from the ground up.
While users must shoulder some responsibility for document security, insurers must, at the very least, take steps to encrypt and protect the sensitive documents they make available on the web or by email.
Adopting security by design doesn’t have to be overly complex either. For example, Viewing a document (such as a policy or bill) should be an interactive web or PDF experience, allowing a user to securely view the contents, while the information remains secure should the document be part a breach.
The next phase of this evolution will see cybercriminals making their phishing efforts personalised, tailoring their attacks to each individual target.
It’s therefore critical that organisations continue to invest heavily in educating consumers on the the latest phishing methods and how to avoid them, as well as ensuring that any digital customer documents are secure and these customers understand the importance of this security measure
Every customer should understand what an organisation will ask them to do, especially when it comes to accessing documentation.
The past couple of years have seen an increased regulatory focus on data protection, especially in the document and communication space. The European Union’s General Data Protection Regulation (GDPR) has drawn the most headlines and is generally understood to be the gold-standard when it comes to consumer data protection.
Properly enforced, these regulations will go a long way to ensuring that organisations do everything in their power to look after their customer data.
It’s been well established that communication falls within these regulations, however, it’s often forgotten that digital documents also need to comply with privacy rules around data protection. They have historically been particularly vulnerable points when it comes to cyber attacks. Anything that makes them safer should, therefore, be welcomed.
