Industry leaders urge insurance sector to tackle escalating cyber threats
Figures from across the insurance and cyber security sectors have issued a call to action to strengthen insurers’ cyber resilience
Intersys, a provider of cyber security and IT solutions for the insurance sector hosted a roundtable event in London on 10 March, bringing together senior cyber security, underwriting, and risk management professionals to address pressing challenges facing the sector.
Leaders warned that insurers must move beyond reactive approaches and implement more robust, proactive risk management strategies to counter growing cyber threats:
- Ransomware attacks: 60% of businesses affected by ransomware shut down within three years
- Outdated systems: GCHQ, the UK's intelligence, security and cyber agency, warned that many in the insurance sector still use outdated Microsoft Windows systems, increasing vulnerability
- MFA limitations: multi-factor authentication (MFA) is not foolproof, as cyber criminals are stealing access tokens to bypass it
- Quishing (QR code phishing): a fast-growing attack vector, increasing from 0.8% of phishing attempts in 2022 to 12.4% in 2024
- Evolving cybercriminal tactics: attackers continuously adapt, requiring insurers to stay ahead with proactive measures
- Lack of industry collaboration: a fragmented approach to cyber risk leaves insurers vulnerable, calling for greater cross-sector cooperation.
Urgent need for industry-wide action
Tim King, Business Development Lead at Intersys, said: “Threat actors only need to succeed once, whereas businesses must always remain vigilant. The risk-reward balance has shifted, making cybercrime an attractive option for criminals, with the likelihood of getting locked up for armed robbery higher than being arrested for cybercrime. The industry must prioritise proactive security measures to mitigate this risk as, rather worryingly, GCHQ says significant numbers in the insurance sector use out-of-date Windows.”
Douglas Robare, Venture Partner at Neo Ventures, added: “At the event I was introduced to the term Quishing – QR code phishing, which is rapidly rising … It’s a reminder that while we’re used to spotting phishing emails and texts, fake QR codes are now a real threat. The event was an excellent opportunity to discuss key cybersecurity challenges, particularly around data management, legacy systems, and the growing risks as artificial intelligence (AI) tools become more prevalent in the insurance industry.”
Mark Kirby, Professional Services Director at Intersys, said: “Our goal is to bring together IT security experts, risk managers, underwriters, and auditors to foster knowledge-sharing and innovative problem-solving in the face of emerging cyber threats.”
A recent report from SITA revealed that 74% of airlines and 72% of airports forecast an increase in overall IT spend over the next two years.
Chloe Fox
Chloe Fox is an Editorial Assistant for Voyageur Group, joining in 2024. She writes for ITIJ and AirMed&Rescue, covering a range of topics including international travel and health insurance, medical assistance provision, and air medical transportation. Chloe holds a BA (Hons) in English and an MA in English Literature from the University of Bristol.