Duck Creek Blog
Blog Post - EMEA

The Complex Evolution of Cyber Attacks in Insurance

November 9, 2021

Duck Creek’s Scott Field recently joined senior executives from CyberCube and the Chartered Insurance Institute for an Intelligent Insurer panel discussion about how data-sharing could be the key to overcoming cyber threats

Cyber attacks are becoming increasingly common, but it isn’t just the scale that is of concern – it is the way in which they have evolved. Attacks are now threatening physical property, which is causing a headache when it comes to cyber insurance.

The situation has become so complex that governments are now being called upon to get involved, a point raised in the latest Intelligent Insurer panel debate, Cyber Threats: Global Escalation Creates Ever Greater Role for Reinsurers.

But cyber attacks are not just limited to large companies in one particular industry, and as Wyn Jenkins, managing editor of Intelligent Insurer, pointed out, new vulnerabilities are being exposed every day. This is why insurance companies need to be nimble, as Scott Field, head of international product strategy at Duck Creek, explained.

“For the end customer, they want to make sure they are covered, but they aren’t interested in the finer details,” Field said. “After an attack, they want to get back to business as quickly as possible, but for insurers it is much more complex. Cyber is not like traditional insurance where you look at the past and use patterns to predict the future – you need data.”

“With a centralised database, industries can learn from what has happened to their peers in past attacks and how to plan better going forward – and what to be on the lookout for,” Jenna McGrath, senior cyber economist at CyberCube, added. “It is not a case of if you will be impacted by a cyber attack, but when. It’s all about planning ahead and mitigating those damages when they do occur.”

“There are a lot of soft measures that support the sector and business in engaging this – such as fining firms for breaches of data,” fellow panellist Ian Simons, marketing director for the Chartered Insurance Institute, added. “But having cyber essentials as a standard means that businesses are clear on what they should be doing to have risk management in place.”

The solution, therefore, is to encourage everyone to work together, to be on the same page, and as the panel agreed, to share data so everyone can understand the risks.

However, as Field concluded, to achieve this, there needs to be continued investment in data infrastructure; this, he said, “is so that the industry can get smarter, have more standardisation, and create simpler and easier-to-understand insurance products.”

Listen to our podcast on Conquering Cyber Risk here.

Keep up on our latest news!