<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
BLOG

Data at Risk Series: Cyber Attacks a Burden and a Blessing for the Insurance Industry

March 8, 2016

insurance 2

In our first insurance installment in the Data at Risk series, we took a fairly narrow approach to cyber attack analysis in the industry. While major breaches at health insurance companies such as Anthem and Blue Cross Blue Shield make it seem as if the insurance industry is especially vulnerable to cyber attacks, these are often classified under healthcare breaches. Non-health insurers may not see high-volume data breaches, but cyber attacks offer a great opportunity for the industry—but with that opportunity comes great risk.

Cyber Insurance: An Opportunity for New Business

In the past, we discussed the points to keep in mind when choosing a cyber insurance policy. These were important points, but we may have been a bit ahead of the game.

The truth is that cyber insurance policies have lagged far behind the volume and monetary damages of data breaches. Cyber insurance policies cannot currently cover the damages and remediation costs of major breaches.

Instead, companies must invest in cyber captives to prepare for attacks. While cyber captives—essentially savings accounts set aside for breach costs—are effective in low value, high frequency scenarios, data breaches tend to be high value, low frequency incidents.

Take the infamous Target data breach, for example. With cyber captives and piecemeal cyber insurance policies, Target was able to insure itself for upwards of $100 million. However, more than two years later Target is still paying for damages and the costs are expected to reach more than $1 billion.

>> Download Now: IT Security Whitepaper

 

As more companies experience data breaches that aren’t quite covered by cyber insurance, a door is opening wide for insurers to capitalize on the potential business. However, this new business isn’t without its dangers for insurers.

Growing Cyber Insurance Business—A Double-Edged Sword for the Industry

Even as the insurance industry benefits from increased demand for cyber coverage, insurers must be aware of their own growing vulnerability to attacks. The more corporate data that insurers begin to handle, the more hackers will target these companies.

Being approved for cyber insurance requires an in-depth analysis of the corporate network and a surprising amount of insider information. Insurers will request data regarding operations and finances when creating a risk profile—and this information is a prime reward for attackers. Insurers may not be threatened for their own corporate data, but as they store client data they will become the victims of more high-profile attacks.

The first step that companies can take to protect themselves for inevitable cyber threats is to ensure total network visibility. 

Using Network TAPs to Mitigate Risk in the Insurance Industry

While insurers worry about finding a more effective way to meet cyber coverage demands, they must also worry about protecting their own stored data. By implementing network TAPs throughout their designs, insurers can ensure 100% visibility of traffic to all security and monitoring appliances. If you’re in the insurance industry and you’re used to evaluating risk, it should be easy to see why 100% network visibility is a key factor in improving a risk portfolio. 

Looking to add inline or out-of-band security monitoring solutions, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.

IT security garland Technology tool deployment

See Everything. Secure Everything.

Contact us now to secure and optimized your network operations
Contact Us

Heartbeats Packets Inside the Bypass TAP

If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.

If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.

While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.

Some of you may have noticed a flaw in the logic behind this solution!  You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.

Glossary

  1. Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.

  2. Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.

  3. Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.

NETWORK MANAGEMENT | THE 101 SERIES