Return of the Guru

Industry’s ‘Dull’ Image May Actually Protect Against Some Breaches

Ara Trembly
Insurance Experts' Forum, July 6, 2011

For some time now, I and others have been warning the insurance industry that we are vulnerable to cyber-attack, and that such attacks could be disastrous to our reputation as a trusted, rock-solid backup to accident and loss.  Now, however, it appears that at least one segment of the hacking community is really just doing their break-and-enter act for entertainment.  If that’s so, then our industry has little to fear. 

According to an online posting from The StarPhoenix, the Internet vigilante hacker group Anonymous claimed to have broken into an Apple Inc. server and published a small number of usernames and passwords for one of the company’s websites.  Anonymous said on Sunday via its account on Twitter that Apple could be a target for hackers and released the data as part of its Anti Security, or “AntiSec,” campaign. 

Anonymous, says the posting, teamed up with the Lulz Security group of hackers late in June. LulzSec, which gained wide recognition for breaching the websites of Sony Corp, the Central Intelligence Agency and a British police unit among other targets, said it had accomplished its mission to disrupt corporate and government bodies for entertainment (italics mine).  

Why is this good news for insurance?  The answer is that if the purpose of these hacks is to entertain the perpetrators and their friends, there really isn’t too much mojo to be gained by cracking an insurance company.  Surely in the status hierarchy of these crackers (“malicious, annoying people who get cheap thrill out of cracking computer codes, and breaking into systems” according to HackAnonymous.com), it is much cooler to have messed with a federal government spy organization or a major entertainment corporation than it would be to crack into the servers of the good hands people or to chip off a piece of the rock. 

It is certainly no secret in our industry that outsiders view us with downright boredom, unless of course there is a claim involved.  By definition, a cyber-break-in achieves notoriety based to a great degree on the stature and entertainment value of the victim.  If I beat my 75-year-old arthritic accountant at tennis, you probably won’t be terribly impressed, but if I beat Roger Federer (just a fantasy, I assure you), that would undoubtedly boost my personal tennis stock.  So if you want to build a reputation as a top-of-the-line cyber-meddler, other industries than insurance would seem to be more appealing targets. 

But let’s not get carried away with these comforting thoughts.  There are still plenty of cyber-criminals out there who are doing their nefarious deeds for profit and profit only.  From that point of view, insurance is just as likely a target as any industry, especially because we deal with sensitive data and often financial information.  With that in mind, prior warnings about vulnerability are still very much viable, and defenses, both physical and policy-based, are advisable.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

 

 

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

What It Takes to Have a Tech-Savvy Workplace

The tools and technologies to build the next workplace are available, but not common yet in corporate settings.

Avoiding the Bermuda Triangle of Data

Handled poorly, questions around data ownership, data quality and data security can sidetrack big data conversations and alienate business stakeholders.

Global Supply Chain, Local Problem

As a technology provider, your client’s ability to deliver products and services to their customers, when and where they need them, is at the heart of their business success.

Legacy Systems Are Increasingly a Competitive Handicap

Legacy systems, while reliable, increasingly hold insurers back, a new study finds

Five Reasons to Software-Define Your Operations

It may be possible to provision key services with the click of a mouse, but benefits go well beyond that.

From Her to Watson, and What’s Next?

Imagine a learning system that can replace the performance of your best employee to provide the same level of support across the organization.