PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

The Impact of Cyber Insurance on the Financial Sector

Kimberly Johnson by Kimberly Johnson
January 13, 2022
in Industry Opinions, Security
0
The Impact of Cyber Insurance on the Financial Sector

The Impact of Cyber Insurance on the Financial Sector

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

2021 was a record setting year for cyber crime, with damages expected to exceed $6 trillion, a drastic rise from the $3 trillion in 2015 according to Cyber Security Ventures. In a year of newsworthy attacks, such as JBS, Kaseya, and the Colonial Pipeline, enterprises are looking to better defend against ransomware organizations. 

In the financial sector, the stakes are raised 

Financial institutions are major targets for cyber crime. In the first half of 2021, the banking industry experienced a 1,318% year-over-year increase in ransomware attacks. Banks are lucrative for cybercriminals offering multiple ways of profit such as selling personal data, accessing credit information, and fraud. Overall, the financial industry has the second highest average total cost of a data breach, averaging $5.72M in 2021 according to IBM’s 2021 Cost of a Data Breach report. 

Knowing the high cost of an attack, financial institutions are looking for ways to safeguard against cyber threats. One way for organizations to protect themselves? Investing in cyber insurance and implementing the cybersecurity controls they require. 

What is cyber insurance?

Cyber insurance helps companies mitigate losses from a variety of cyber incidents, from a data breach involving sensitive customer information to network damage and disruption. Cyber insurance does not protect against the hack itself, however it does offer help before, during and after an attack. 

To start, insurers can help organizations appraise their current level of risk. Since the pandemic began, risk levels have skyrocketed driving up cyber premiums by over 25% in the second quarter of 2021 alone.

When attacks happen (which they will happen) insurers help organizations with the financial fallout of cyberattacks.

Should financial institutions invest in cyber insurance?

While there is some controversy around investing in cyber insurance, there are a number of benefits that need to be considered. Beyond aiding in financial recovery, insurers help monitor and assess risk within an enterprise. Cyber insurers also reduce attacks by identifying vulnerabilities and requiring stronger security protocols from the financial institutions they insure. As the cyber landscape changes, the insurers change their requirements and policies to better prepare financial institutions for an attack.

Further protect against threats

Often the controls required by cyber insurers, and those that financial institutions should already have in place include:

1. Requiring MFA and identity-bound biometrics

MFA enhances security by requiring that users authenticate themselves by more than a simple username and password. As part of any comprehensive MFA strategy, Identity-bound biometrics should also be included as the only way to positively identify an individual, not just a token, device, or phone. Identity-bound biometrics are connected to a person’s digital identity, rather than authenticating the presence of their device which can be easily compromised and open to unauthorized access. It leverages biometric authentication methods, such as fingerprint, palm, or facial recognition to go beyond traditional forms of MFA and confirm only authorized users are the ones gaining access. 

2. Adopting advanced approaches including contextual authentication

In addition to MFA, companies should also consider contextual authentication to strengthen security while improving the login experience for users. Contextual authentication takes factors surrounding a user’s login (location, time, IP address, etc.) into consideration to assess the level of risk associated with the login request. A login request can be completely blocked if it is too risky, while at the same time removing additional authentication requirements if the user’s context is low risk.

3. Training employees on cyber risks

When it comes to security and protecting the organization, people are often the weakest link and seen by attackers as the greatest vulnerability of a company, making for an easy target. Many times security controls that are implemented are not adopted by users, who work hard to circumvent controls. It is imperative to not only enhance security but also train employees on best practices and the “why” behind any security controls. Teaching your staff the basics of cyber risk can prevent security breaches. 

In short, having a proactive approach and detailed recovery plan is necessary to securing an organization against an attack. Cyber insurance can help to mitigate the risk of being attacked, along with any losses incurred, as well as drive financial institutions to adopt cybersecurity best practices. Financial institutions at a bare minimum should be implementing MFA, conducting cybersecurity awareness training, and have a prepared response and recovery plan for when the next cyberattack occurs. Financial institutions may have a target on their backs as an industry but should also know that avoiding cyberattacks is possible with the right approach. 

Tags: cyber insuranceCybercrimeinsuranceinsurance industrySecurity
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    cross-border payments

    Cross-Border Payments: Fighting
    E-Commerce Fraud Using Data

    March 20, 2023
    fraud, ChatGPT-4

    How to Fight Fraud While Still Enabling a Great Online Customer Experience

    March 17, 2023
    RTP

    Financial Institutions Without an RTP Strategy Risk Being Left Behind

    March 16, 2023
    visa chargeback

    New Visa Chargeback Guidelines Will Be a Game Changer

    March 15, 2023
    liquidity management

    Liquidity Management Takes on Increasing Importance in Uncertain Economic Times

    March 14, 2023
    payments

    Key Challenges from Growing Payment Methods and Volume

    March 13, 2023
    Data Governance is a Journey, financial data

    How FIs Can Power Their Operations with a Modern Data Architecture

    March 10, 2023
    ISO 20022

    How Banks Can Realize Business Benefits and Reduce Payments Fraud With ISO 20022

    March 9, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result

      Register to download the Autorek complimentary report: Payments Industry Outlook 2023: