It’s October. That means a few things to the staff at the Insurance Tech Insider. First, it’s finally fall, despite the too-warm-for-comfort weather which made it feel like summer would never hand over control of the thermostat. Second, it’s National Cybersecurity Awareness Month. And third – and our personal favorite – we’re on the runway to one of our favorite holidays: Halloween.
The weeks leading up to Halloween are some of the spookiest of the year when you’re growing up. The weather starts to turn cold and the days shorter. The trees lose their leaves and become nothing but tree skeletons for the rest of the year. And – if your neighbors are as <cough> committed <cough> as ours are – scary decorations begin to pop up on every lawn on the block.
But what’s scary to us as adults aren’t the ghouls, goblins, ghosts, wraiths, vampires, zombies, ax-wielding murderers, mummies and other fictional baddies that went bump in the night when we were children. No…there are real scary things out there that we have to contend with as mature, responsible adults. But that doesn’t make them any less terrifying.
Among those real life baddies are hackers and other malicious actors that compromise networks – like they recently did to Equifax. These baddies don’t suck your blood…but they still suck all the same. They suck personally identifiable information (PII) and other valuable data out of computer networks, often leaving companies liable for compromising the identities of their customers.
It’s no wonder that October was chosen as National Cybersecurity Awareness Month! After all, there’s nothing scarier to the average American adult than having to change their credit card information on EVERY ONLINE SERVICE THEY USE.
Another creature of the night that insurers have to contend with are fraudsters – people that look to file fraudulent claims or lie to insurance companies so that their premiums don’t accurately reflect their level of risk. These bad guys lurk in the shadows ready to obliterate the bottom lines of insurance companies for their own personal gain.
In this edition of the Weekly Roundup, we look at the role that insurers are playing in protecting companies from one of these baddies – the hackers and malicious actors – through cybersecurity insurance. We also look at how insurers are using some exciting new technology to battle fraudsters, whose only true weakness is information and transparency.
Without further ado…LET’S GET SPOOKY!
Equifax’s Insurance Is Likely Inadequate for Breach
Cyber insurance – or cybersecurity insurance – is a relatively new service offering for many insurance companies. These policies look to help enterprises that have their networks compromised and data stolen overcome the financial loss that can result.
And that loss can be significant. Breaches at companies like Target and JPMorgan Chase cost them hundreds of millions of dollars.
The result Equifax breach is a doozy that could cost even more than that simply because of the sheer amount of data that was exposed. Initial estimates claim that 143 million people had their Social Security numbers, drivers license data, birth dates and other PII compromised as a result of the breach.
What’s worse is that – although the company had smartly decided to invest in cyber insurance – they may not have had enough. In this recent article by Bloomberg, they claim that the company had insurance that could cover as much as $100M-$150M in costs from the breach. But that is dwarfed in comparison to the more than $1 BILLION that Thinking Alpha anticipates the breach will ultimately cost.
This is a good life lesson to companies – not only should they be insuring themselves against the risk of cyber attacks, they need to be careful to cover themselves against multiple types of threats. They also need to ensure that they’re covered for much closer to the total cost of a breach should something truly terrifying happen.
Cyber Threats: 5 Questions Every Risk Manager Should Ask
The Equifax breach validates that enterprises need cybersecurity insurance – and enough of it to cover a catastrophic breach. So, how do they go about doing that?
In this recent article in Risk and Insurance, Jonathan W. Hall lays out five questions that risk managers should ask their property insurer to help them identify their risk and put steps in place to mitigate it.
Mr. Hall has some impressive credentials, serving as the chief operating officer at FM Global, where he oversees FM Global’s insurance operations and insurance staff functions, as well as the FM Global Resilience Index.
If you’re not sure where to get started, asking these questions to your insurance provider is certainly a step in the right direction.
Using smart technology to combat insurance fraud
For many insurance companies, there isn’t anything scarier than fraudsters – people who claim that terrible things happened for insurance payouts when they didn’t. Sadly, insurance fraud has been portrayed as a somewhat victimless crime in the media and become somewhat of a joke, with fraud even being portrayed on shows like Family Guy and in movies like Goodfellas.
But fraud isn’t a joking matter at all. In fact, it’s a major problem for insurance companies – and they may finally have some new weapons in the fight against in.
According to this recent article in Property & Casualty 360, new smart technologies could start to be used by insurance companies to validate stories and sniff out fraud.
“You claim that someone broke into your house and stole your valuables while you were asleep? Then why does your smartwatch show that you were wide awake when the supposed “crime” happened?”
This could become the reality of fraud investigations in the not-too-distant future.
But smart technology and sensors aren’t the only new tool in the insurance company fraud toolbox. There’s also social media. Between checking in places, posting updates and instinctually needing to post photos of every meal they eat – people are increasingly leaving digital trails for themselves and everything they do. Those trails can be a nightmare for fraudsters who may wind up leaving behind all of the evidence they need to prove to insurance companies that their stories simply don’t add up.
