The Future of Risk and Insurance in a Digital World

Mike Taylor, Chief Claims Officer at the PURE Group of Insurance Companies

Facebook, Under Armour, Panera and Lord & Taylor.

This is just a small sampling of major corporations that have fallen victim to a cyberattack in 2018.While these incidents may have grabbed the headlines, data breaches that put our personal information at risk are happening all the time. According to McAfee and the Center for Strategic and International Studies, the annual cost of cybercrime globallyis estimated at$600 billion. Cyber fraud has become such a common occurrence, one can argue we are growing slightly desensitized and have adopted a feeling of“when,”instead of “if,”our personal information will be compromised.

Cyber threats can come from anywhere. For example, the exploitation of real estate transactions has become a popular trend for cybercriminals. During a recent home purchase, one of our members received a legitimate-seeming email from what appeared to be the seller’s attorney. They proceeded towire nearly $1 million to complete the sale. By the time the member realized what had happened, the account had been closed and the funds were gone without a trace.

Our world is becoming increasingly more connected and the threat of cyber fraud is growing accordingly. Although commercial insurers understand the risk this poses to businesses and have been developing products in response, individuals are left exposed to more risk than ever before. Personal insurers have failed to keep pace with commercial providers in this space, and it’s time for them to catch up. As new potential threats continue to emerge – from cryptocurrency to autonomous driving –so must the tools and services insurers provide to proactively address this risk landscape.

Making Policyholders Smarter About Risk

At its core, consumer education continues to be the most effective way to thwart cyber fraud. It’s in the best interest of the insurer to make best practices, resources and actionable advice immediately availableto help policyholders protect themselves or recover from a cyberattack. At PURE, we’ve even gone as far as partnering with identity protection specialists to provide a real-time cyber advice phone line. Ultimately, insurers must develop ways to help their insureds live more confidently in a world of increasing cyber risk.

Coverage for Online and Offline Fraud

The line between personal and cyber insurance has become effectively blurred. Insurers must consider evolving the expansions of their cyber coverage to ensure policyholders are properly reimbursed for financial loss due to fraud both online and offline. What happens if someone gathers the personal information they need to reset your bank password from digging through your trash? Or, you receive a USB drive that is riddled with ransomware that locks up your computer and demands an exorbitant amount of money to retrieve your data? These situations are not only common but highlight the types of questions insurers need to ask themselves when developing a cyber offering.

ID Theft Notifications and Restoration Services

In 2016, there were more than 15 million identity fraud cases in the U.S., costing Americans more than $16 billion, according to a report by Javelin Strategy & Research. Identity theft monitoring services promote the proactive measures necessary to reduce the impact of these scenarios. However, preventing all incidents is nearly impossible. So, insurers have an opportunity to showcase true value by also offering restoration services to help individuals recover from identify theft – which is often an overwhelming and confusing situation.

Active Cyber Monitoring to Reduce Risks at Home

It may be a nuisance if your work computer requires you to change your password every 90 days or blocks commonly-used websites like Google Docs; however, this is not done without reason. Businesses have long been cognizant of the dangers of cyber fraud and implement theseprocesses to prevent, or reduce the impact of, a cyber-attack.

Security measures for most home networks often pale in comparison to those enforced by workplaces, making them amajor vulnerability. This risk is exacerbated by the growing connectivity of smarthome technology, such as thermostats, voice assistants, and security systems. 24/7 active monitoring, that companies like Rubica provide play a key role in blocking malware and phishing scams. These services also investigate suspicious activity, patterns and behaviors, and notify individuals when action is necessary. Some will even warn of unsafe behaviors, such as entering a password on an insecure website. For insurers, partnerships with companies like this will help drastically expand the depth of their cyber coverage in the future.

  As the world continues to grow more connected, personal insurers must remain diligent in their efforts to provide effective solutions for evolving cyber threats​  

Recovery and Reimbursement Services

Ransomware and cyber extortionhave advanced significantly and are among the most common types of cyber fraud. For example, Shadow Brokers, a highly organized hacker group, successfully breached the National Security Agency (NSA), stealing tools that enabled them to access the systems of corporations and governments across the globe including FedEx, hospitals, oil companies and thousands of other enterprises. If a major government agency couldn’t fully protect themselves, how safe is the average individual?

While protection services must continue to be the core of cyber plans, insurers must also explore additional elements such as access to crisis management advice to help best respond to the threat. Or, with ransomware, if a payment is eventually made, the policyholder should be able to have peace-of-mind knowing they’ll be reimbursed for some, or even all, of the amount extorted. By making a concerted effort to protect policyholders from fraud, but remaining prepared to appropriately react to it, insurers will have the two-pronged approach necessary to tackle the expansive capabilities of cyber fraud.

As part of our effort, we launched our cyber insurance program PURE Starling and CyberSafe Solutions^SM resource center in 2017. More than half of our new eligible members have purchased this offering, and the response has been extremely positive, confirming the importance and desire for effective cyber coverage. As the world continues to grow more connected, personal insurers must remain diligent in their efforts to provide effective solutions for evolving cyber threats.