The insurance industry has a risk-minded approach and mindset; however, according to Chief Computer Scientist of CAST Research Labs Dr. Bill Curtis, the industry is continuing to use technology systems and practices that are “disturbingly unsecure.” Dr. Curtis is one of the lead authors of CRASH Report Insurance 2016, which evaluates the structural quality of IT applications used in various software technologies across 38 different insurance companies in eight countries. He and his team also found evidence to corroborate that North American insurance firms are among the “least secure as compared to other businesses in the financial services sector.”
He says that this trend can be a cause of many companies having “the mindset that it does what it’s supposed to do and if it ain’t broke, don’t fix it.” Insurers continue to utilize older technological practices because it’s adept at servicing older policies, and the systems’ size and complexity make it very time-consuming to replicate in an efficient manner. However, the need for insurance firms to reassess their systems’ vulnerabilities must be stressed. A thorough quality checkup of current software and implementation of a company-wide policy for identifying and addressing security problems are key.