10th September 2023

Insurers fear rise in sensitive data theft as cyber crime tops list of the sectors key concerns-PwC

The potential theft of sensitive data, as well as phishing and ransomware attacks pose the greatest global threat to the insurance sector according to new research from PwC and CSFI, the financial services think tank. The findings track the opinions of insurance leaders around the world about what they see as the most significant risks facing the sector over the next two to three years.
The so-called "banana skins" include challenges for the industry such as changing regulation, climate change and talent/recruitment; however, the risk posed to insurers’ operations by cyber crime remains the greatest threat. It also topped the rankings in 2021-when the research was last carried out.
The Insurance Banana Skins 2023 report, run biennially, is based on responses from insurers in 39 territoriesand over three-quarters of the respondents were from the primary insurance industry ie: the life and non-life sectors. The remainder were from the reinsurance and broking sectors. Responses also came from non-practitioners such as regulators, consultants, analysts, and other professional service providers. Half the respondents came from Europe, and almost a third from the Asia Pacific region. The remainder were almost all from North America and Africa.
PwC Insurance Partner Andy Moore, said: “For large-scale insurers, the prospect of a serious cyber attack is daunting, especially as organisations rightly look to new digital solutions to promote efficiencies, improve customer engagement and shore up the critical bottom line.
The challenge for insurers is that as their businesses become more complex-with new hardware, cloud computing and third-party services in longer supply chains-cyber vulnerabilities unfortunately increase.
Criminals are becoming more adept at monetising their breaches, and with the prospect of sensitive customer data leaks, it seems that for the insurance sector the ability to be resilient to cyber-attacks is a core requirement, with cyber security being less a 'bolt on' and rather something to be designed into the business and IT architecture.”
There were also fears that artificial intelligence can be used as a powerful new weapon to breach insurers’ security. Several research respondents focused on the state-sponsored dimension of cyber crime, which is perhaps exacerbated by the current political climate with companies, nations and other entities under increasing cyber attacks, and where assigning clear blame for such actions becomes ever more difficult.
On top of the potential damage caused by cyber crime, a concern was of the potential mounting costs that could occur to assist with mitigating potential bad actors. Investing in defence could become more challenging as the IT ecosystem around the insurance industry expands, due to the growth of internet connected devices and increased reliance on cloud and third-party services.
The report also found that the fastest-growng risk was climate change which moved into the top three for the first time. It is clear that the impact of climate change is a much nearer-term risk than previously perceived and in many cases, the effects are already being felt. The worldwide focus on climate change as part of the wider ESG agenda is resulting in a step-change for most insurers. Reporting requirements are increasing, and governments and regulators continue to press companies to better articulate and explain how they are quantifying and managing the related risks.

PwC Trends(202 articles)
Cyber Trends(1,445 mentions in Insurance Newslink)
AI Trends(473 mentions in Insurance Newslink)