At a time when the COVID-19 pandemic was wreaking havoc on the global economy, businesses began to recognize the value of digitization. But with increased digitization come cybersecurity challenges. The risks accompanying the shift to new technologies are already mounting the pressure on cyber insurance carriers and distributors.
The pandemic disrupted insurers’ ability to operate normally, making it impossible for them to engage with their customers. Due to the closure of offices and workspaces, remote work has become necessary for many companies. Insurers have to adapt to the circumstances and embrace the digital environment to remain competitive.
The switch to a fully digital domain has left businesses vulnerable to cyber-attacks. Insurers must, therefore, ensure that their clients are equipped to handle the rapid IT transformation to protect their valuable assets against this threat.
But this is no easy feat, as the pandemic’s financial impact has forced many companies to undergo significant expense cuts and even halt upcoming projects.
Cyber liability insurers are facing challenges to remain competitive. As such, they must be wary of their clients making budget cuts when cybersecurity risks are already intensifying.
A recent survey conducted by the cyber risk services team at Deloitte & Touche LLP and FS-ISAC emphasized companies’ need to prioritize and invest more in their cyber protection programs.
The survey highlighted several concerns and observations for insurers, other financial institutions, and businesses regarding the following factors:
1. Budget
FS-ISAC members reported a rise in cybersecurity expenditures. This was explained by the need for access control, protective technology, and data security by investing in emerging technologies, such as cloud, data analytics, and robotic process automation.
2. Embracing Change
Revolutionary IT changes and increasing sophistication were recognized as the top cybersecurity challenges. Companies should consider adopting a “security by design” format to reduce the threat of cyber risks during their technology development process. That will allow for more secure products and services.
3. Governance
CISOs often report directly to superiors (typically the Chief Information Officer or Chief Technology Officer). This indicates a need for closely integrating cybersecurity and information technology. However, this may result in a lack of independence for cybersecurity. Their crucial risk management decisions may be overshadowed by IT constraints.
4. Access Control
Businesses must adopt a “zero trust” policy for their operations, which means seeking verification from anyone who wants to access data, whether from inside or outside the company.
5. Adjustment
Many companies are under pressure to cut costs in today’s recovering economy. But any action taken to reduce expenses must be carefully evaluated to ensure they do not increase exposure to cyber risks, such as insider threats.
As the risk of cyber-attacks continues to grow during the pandemic, CISOs should continue focusing on achieving their long-term targets of aligning with the company’s strategic priorities. They also have to manage talent challenges and address external issues. The secret to effective cybersecurity strategy implementation is including all key stakeholders in the process. As a result, it could be useful in preventing exposure to could pre- and post-pandemic threats.
