Employees, mergers to blame for cyberattacks

Keep your enemies close but your friends closer: Insider attack is one of the leading causes of cyber breaches in insurance and consolidation is making it worse

Insurance News

By

Shreya Kalra

Mergers and acquisitions come with plenty of their own headaches no matter how closely aligned the corporate cultures and how similar the systems. The large amount of consolidation activity taking place is also a breeding ground for employee dissatisfaction and cyber vulnerabilities.
 
One of the findings from Verizon’s 2015 Data Breach Investigations Report is that “insider and privilege misuse” is the third biggest threat category in the insurance industry, following malware very closely. In fact, with the largest number of breaches caused by “miscellaneous errors”, which is a pretty vague category, insider threat could even be seen as a strong second in terms of identifiable vulnerabilities.
 
Twenty per cent of the all the breaches in the industry are caused by employees transferring information outside the company, said the report, adding: “The insurance industry has reported a number of cyber breaches involving the theft of client information by disgruntled employees, either for personal gain or to benefit a competitor”.

Stephen Busateri, global principal manager, Insurance industry, Verizon, said the industry has seen an increased number of mergers and acquisitions resulting in at least two systems integrating and sharing systems and information.

“There have been a number of breaches due to weak governance as data has been shared between systems,” the report claimed. 

But M&A’s also lead to redundancies, AIG is just one big name to announce widespread cuts, which leaves employees disgruntled and provides them with an incentive to share information with competitors as they seek to move on. Verizon said it saw many cases where employees give themselves leaving presents by transferring secrets via email, online storage services, or USB drives.

Busateri offered some tips on keeping your information safe from malicious insiders:
  • It’s essential to understand what data you have, exactly who has it, and where all it is stored
  • Implement processes to monitor who uses your systems, and how they are used to identify any suspicious behaviour
  • Keep an eye over data transfers out of the organization. “In our experience these controls have caught my incidents of insider data theft that would otherwise have been missed,” the report advised

Keep up with the latest news and events

Join our mailing list, it’s free!