Are we losing the war on cybercrime?

“I think with each new attack vector introduced, we learn something a little bit different about the bad actors and what their real motivations are”

Are we losing the war on cybercrime?


By Sam Boyer

From emails hacks influencing the presidential election to extensive global ransomware attacks in recent weeks, there have been high-profile examples to make you think the hackers are winning the cyber war.

But is that really the case? And how should we view the cyber landscape from an insurance perspective? Insurance Business asked James Sheehan, cyber risk practice leader at Integro.

Celebrate excellence in insurance. Nominate a worthy colleague for the Insurance Business Awards.

“It seems to me that we’ve lost some battles but I certainly don’t think the war has been lost,” he said. “[But] it’s an interesting question: how are we faring against cyberattacks? I think with each new attack vector introduced, we learn something a little bit different about the bad actors and what their real motivations are.”

But it’s a difficult game to play, this cyber cat-and-mouse. While cyber security experts are countering every attack with a defense, it does seem like the good guys are always on the back foot. Perhaps that is just the nature of criminal undertakings, though.

“I think it’s going to take us a little bit of time to catch up with what the criminals are doing … and trying to figure out what we need to implement to protect the data,” Sheehan said.

“The hard thing, I think, when we’re sitting on this side of the fence is to try to determine where the gaps in security are. If you are the guy hacking into a system, you just have to find that one gap in coverage, but when we’re managing a system, we have to take everything into consideration.

“It goes back to that old saying: we have to be right all the time, they only have to right once.”

So the hackers have – and maybe will always have – the edge. Cyber security is more robust than ever but, as Sheehan said, it only takes the criminals to find one weakness for there to be a serious breach. The good guys keep playing catch-up, trying to minimize the damage as quickly as possible after each breach.

What does this mean for insurance? We’re winning some and losing some, Sheehan said.

“I think we’re doing well when it comes to the transfer of risk for the protection of PHI, PII, and PCI [Protected Health Information, Personally Identifiable Information, and Payment Card Industry],” he noted.

“But I think on that second-tier data that drives businesses, that are unique to any one enterprise … we’re not doing very well at that, at all.”

Data that is specific to a business or organization – trade secrets, if you will – are not well protected by insurance, Sheehan said. And that needs to change.

“For example, in the healthcare world, you may be talking about a provider contract … if you’re talking about a financial institution, you might be talking about a unique algorithm … union contracts … a unique way to manufacture a product,” he explained. “It’s that type of information that, when exposed, it could be a huge issue for any one insured.

“We haven’t recognized that there’s this second-tier data that drives businesses and when put into the public stream puts them at a competitive disadvantage. Here at Integro, we’re in the process of developing something to address that issue, but it’s very difficult to quantify what an asset is worth to an enterprise. If you look at any mature line of insurance, you have a whole host of loss data that drives those analytics – it just doesn’t exist right now for cyber, especially on the broker side.”

Related stories:
The rise of ransomware: What should brokers know?
Security takeaways from latest global cyber attack

Keep up with the latest news and events

Join our mailing list, it’s free!