A recent Accenture survey suggests that while knowing your exposure to cyber-risk is critical, most companies across all sectors fall short in doing so, leaving the company and its customers vulnerable to data breaches and cyber-attacks. Clearly, no organization is fully resistant to cyber-threats due to the number of “moving parts” and the constant development of new threats but C-suite executives can do more to find the “right balance between spending to protect and spending to enable.” While the survey covers industries across the board, Accenture released a supplemental report regarding the insurance industry titled How Insurers can Boost Resilience in the Face of Cyber Risk – Infographic which provides some frightening facts about the vulnerability of the insurance industry:
- 59% of insurance executives surveyed by Accenture Strategy said that their organizations experience significant attacks that test the resilience of their IT systems on a daily or weekly basis
- 43% of insurance executives believe their cyber defense is fully functional
- Only 5% of those surveyed stated that they proactively run inward-directed attacks and intentional failures to test their systems on a continuous basis
- 53% of those surveyed have a continuity plan that is refreshed as needed
- Less than half of insurance executives map and prioritize security, operational and failure scenarios
- Just 14% said they constantly design resilience parameters into their operating model and technology architectures
- 52% have produced threat models for existing and planned business operations
With insurance companies holding confidential health and financial information for so many customers, it is hard to imagine that the industry is not doing more to protect such valuable data from cybercrime.