Insurance corporations mustn’t neglect the altering technological panorama
For many within the insurance coverage discipline, technological developments might current a brand new calibre of vulnerabilities to be involved of. However, a extra risk-based method to cyber safety that’s rooted in a maturity-based mannequin will permit the business to maintain up with the tempo of recent life with out sacrificing its hard-earned vigilance.
“These innovations are an opportunistic risk,” stated Benjamin Dulieu, the chief info safety officer at Duck Creek Technologies. “There certainly is a yin and yang to adopting new technologies, but the benefits are beginning to outweigh the drawbacks.”
Speaking with Insurance Business, Dulieu outlines methods to get a agency footing within the ever-evolving world of cyber threats how his coaching within the United States navy helped put together him for the world of insurance coverage.
Cyber safety is a continuing battle
Throughout the previous decade, the necessity for strong cyber safety for companies each giant and small has solely gained momentum, changing into one of the talked about phenomena throughout industries.
This has additionally turn into a sizzling subject amongst insurers, because the panorama is ever evolving and requires safety professionals to at all times be forward of the curve.
“Once a vulnerability has been handled by cyber security professionals, a new code is written months later that builds upon the weaknesses of its previous iteration,” Dulieu stated. “This means that threat actors are getting a lot more attentive on how to sidestep protections and security measures that are put in place.”
“These ‘script kiddies’ are realizing it is actually quite easy to attack vulnerable businesses without having an extensive cyber threat background,” Dulieu stated.
Businesses have to be ready for the danger, and responses ought to embrace motion grounded in ingenuity.
“Having a foundational cyber security program that is rooted in a maturity-based model is more vital than ever,” Dulieu stated.
He highlighted the National Institute of Standards and Technology (NIST) and Control Objectives for Information and Related Technologies (COBIT) frameworks as fashions for superior safety measures that must be used for cyber safety measures. “If you follow any of these frameworks, you will organically and deliberately have data hygiene and will be following security best practices.”
A newer improvement is zero belief structure, which requires authentication and authorization throughout every stage of interplay between a person and a community, which might create hurdles for menace actors to navigate.
“The industry is the last to tap into innovation and change”
For Dulieu, the insurance coverage business has an notorious status for its luddite tendencies, and whereas this can be warranted in sure regards, it units the business again when it comes to a holistic evolution.
“The industry is still using antiquated technology and old school databases,” he stated. “There is a whole reservoir of untapped potential that these advancements can offer, and they certainly can be adopted without losing sight of the bigger, risk-aware framework of insurance.”
Generative AI applied sciences akin to ChatGPT provide one alternative that may assist streamline productiveness and help in bolstering safety measures; one other alternative is the adoption of cloud-based safety.
“The ‘migration to the cloud’ is an old term now but it brings a whole new way to look at security architecture,” Dulieu stated.
“If you don’t have that experience today, you’re falling behind. You need to learn how to defend that cloud environment, which isn’t the image of a castle with fortified walls like on-premises security infrastructure.”
“Understanding, empathy and compassion drive a team towards a common objective”
Dulieu’s foray into the insurance coverage business was slightly happenstance, however there are foundational connections to his coaching as a command and management methods officer within the United States Marine Corps.
“I actually thought I was going to head into the sales realm, but my training in the Marine Corps primed me for a venture into cyber security,” Dulieu stated. “My foundation in technology really opened these doors for me to break into governance, risk and compliance type roles.”
Dulieu’s time within the Marine Corps instilled the values of collective group constructing and accountability. “As a leader, I am responsible for everything I do and fail to do, including the team that I oversee,” Dulieu stated.
“This necessitates a need for understanding, empathy and compassion to drive a team towards a common objective.”
Dulieu additionally realized the significance of turning every thing right into a course of. “If you don’t make things repeatable, then you can never identify efficiencies and inefficiencies he said.”
“This is especially true for cyber security, where everything needs to be formalized and scalable, with the ability to adapt, but reliability is key.”
Related Stories
Keep up with the newest information and occasions
Join our mailing listing, it’s free!
