21 April 2014 | Asset Insurance Brokers
The insurance sector is proving a particularly attractive target for data theft, according to a visiting international computer security expert.
John Ellis, Enterprise Security Director of Akamai Technologies, says the combination of highly accurate financial information and proliferation of online offerings and capabilities in the sector are luring cyber criminals.
“Insurance companies have very detailed information about individuals and that accuracy and completeness is very tasty for a cyber criminal,” he says.
“That accuracy means they’re going to have a high resale price for this information on the black market.”
Ellis says the financial services offer many advantages to would-be cyber thieves.
“You think about a company that might be transferring funds around or doing payroll services; their daily transfer limit is certainly a lot higher than the average person’s, so cybercriminals like to go after these people,” he says.
“Australia is also a big target because people are willing to innovate more here and sometimes the investment is security lags a bit behind that, which gives criminals the opportunity to do certain things.
“Businesses want to keep innovating to be in the market or be the leader. They want their customers to say they have had a great web experience when dealing with their insurers and cyber criminals know this, so it creates opportunities for to exploit the little gaps that only exist for a period of time.”
Additionally, Ellis says it is common to see companies not be prepared for things going wrong.
“One of the areas people tend to under-invest in is their response and recovery strategies,” he says.
“A lot of people are building these big walls but if those walls get breached they are not sure what they are going to do next.”
He says recent amendments to Australia’s privacy laws have only made the matter more perilous.