How brokers can keep their heads in the cloud

How brokers can keep their heads in the cloud | Insurance Business Australia

How brokers can keep their heads in the cloud

Amid the coronavirus pandemic, insurance brokers have been faced with a host of questions from clients on everything from business interruption, to the responsibilities surrounding unoccupied premises, to D&O implications. However, there is one more issue that has perhaps become more prevalent than ever – that of cyber insurance.

With hackers and malicious actors using COVID-19 as a prompt to launch a series of new threats, particularly in light of the fact that so many workplaces have transitioned to remote environments, it’s become more important than ever for brokers to be well-educated in the cyber sphere. Here, opportunities lie to not only sell policies to clients, but also to position themselves as thought leaders who can help clients and their businesses mitigate risks.

That’s why the insights drawn from Oracle and KPMG’s third annual Cloud Threat Report are so vital – it interviewed 100s globally, including within Australia, and highlighted the ongoing stresses business owners feel towards their IT security.

“Some of the key statistics that we’re finding is that IT professionals continue to be more concerned about their organisation’s information assets in terms of how secure they are,” said Chris Pickett (pictured), senior director of security and manageability, Asia-Pacific, at Oracle.

“At the moment, globally, they’re about three times more concerned about that security than they are about the security of their own house.”

Pickett believes the trend is particularly worrying as IT professionals are the people that “should know” how to keep their company’s information assets secure. Additionally, he says 75% of IT professionals around the world now regard security in the public cloud as being stronger than that of their own data centres.

Read more: Are cloud-based technologies and AI the future for insurance?

“This wasn’t the case some years ago,” he claimed. “That trend is now reversed and with the public cloud, we’re seeing IT professionals recognise that it is more secure.

“Most organisations still feel they have way, way too many security technologies to deal with in terms of managing and monitoring their security risk. That’s certainly an ongoing problem.”

The research also revealed that 90% of all IT professionals believe they will likely have to ask their cloud providers to automate patching for them, instead of doing it themselves. He says this knowledge gap has been consistent across their reports.

“There is a theme that is still common in this report and was common in the previous ones,” Pickett explained. “That being there is still some confusion as to what parts of cloud security are customers responsible for and what parts the cloud providers are responsible for? And that confusion can be the source of data breaches and so forth.”

Pickett says the concerns surrounding IT security in Australia are a result of it being a “mature” economy, which holds a deeper insight into IT and cyber security.

“Australia is moving more to a cloud-first environment and I think most Australian IT organisations are quite aware that they are not as efficiently securing their information assets in the cloud as they could be,” he explained.

“In other words, they’re possibly not exercising their security responsibilities as well as they could. Either because they’re not 100% clear as to what those responsibilities are, or they might just have too many tools – they’re too overwhelmed by the tools and technologies to affect this.”

Read more: "Cyber criminals never waste an opportunity": Health insurance sector targeted in cyberattack

That’s why savvy brokers have a key role to play – they can educate themselves in the areas of cyber risk and new technologies and point their clients not only towards the best coverages available, but also towards the better technologies that can help protect their businesses in the first place.

Companies need to ensure they fully understand what their security responsibilities will be in the cloud and what tools and technologies they will require.

“We can’t simply ignore the customers’ responsibility and say this is entirely up to you, we have to help them as much as we can because it benefits both parties,” Pickett said.