• The insurance industry faces higher cybersecurity risks than most sectors, with third-party breaches accounting for 59% of incidents.
• Ransomware is the most significant cyber threat, often exploiting vulnerabilities in third-party software and supply chains.
• Even firms with strong security measures remain vulnerable due to weak vendor protections, necessitating stricter third-party risk management.
• Experts recommend enhanced security policies, stricter vendor cybersecurity standards, and better encryption practices to reduce risks.

A new report has revealed that the insurance industry is increasingly vulnerable to cyberattacks, with third-party breaches posing the greatest threat. Research from SecurityScorecard found that more than a quarter of insurance companies suffered a security breach in the past year, a rate significantly higher than the S&P 500 average and twice as high as the US energy sector.

Notably, 59% of these incidents were traced back to third-party attack vectors, a record high for the industry and double the global average across all sectors.

The heavy reliance on third-party software and IT services has created significant security gaps, with attackers exploiting vulnerabilities in supply chains to access sensitive data.

Over the past two years, more than half of insurance firms had at least one compromised credential, while 17% suffered malware infections and device compromises.

According to Andrew Correll, senior director of cyber insurability at SecurityScorecard, the industry's rapid technological advancement has outpaced its ability to secure its systems effectively.

He emphasized that cyber risks extend beyond direct defenses and deep into the supply chain, where vulnerabilities are more difficult to detect and mitigate.

The report highlighted that application security is the most critical cyber risk factor for insurance companies, accounting for 40% of security issues.

Weak or missing encryption, particularly in SSL/TLS protocols, unencrypted redirect chains, and unsecured cookies, further exacerbate security risks.

DNS health and network security followed as key concerns, making up 29% and 20% of identified risks, respectively. These vulnerabilities create opportunities for cybercriminals to exploit gaps in protection, leading to widespread breaches.

Ransomware has emerged as the most significant cyber threat to the insurance sector, with every attack linked to a known threat actor involving ransomware. The study also found that ransomware and third-party breaches frequently intersect, allowing attackers to target multiple victims through supply chain weaknesses.

The MOVEit campaign, which exploited a third-party file transfer tool, was a prime example of how inadequate security measures in vendor systems can lead to devastating consequences for insurers.

Surprisingly, 20% of the companies that suffered a third-party breach had higher-than-average security scores, suggesting that even organizations with strong internal protections remain at risk due to weak vendor security.

Researchers concluded that threat actors intentionally target firms with strong defenses by infiltrating their less-secure partners. This underscores the importance of comprehensive third-party risk management, as even well-protected companies can be compromised if their vendors lack adequate security measures.

To address these challenges, SecurityScorecard has urged insurance carriers to enhance their third-party risk management (TPRM) strategies.

The industry’s dependence on IT vendors and brokers, many of which have lower security scores, heightens exposure to cyber threats. The report recommends that insurers prioritize the security of their highest-risk partners and demand robust cybersecurity measures from vendors to prevent frequent breaches and credential compromises.

Another key recommendation is ensuring that vendors themselves maintain effective third-party risk management programs.

Too often, companies overlook the security practices of their vendors' suppliers, creating gaps that attackers can exploit. By requiring vendors to implement strong TPRM processes, insurers can close these security loopholes and mitigate the risks associated with supply chain vulnerabilities.

Third-party attacks are becoming more frequent and sophisticated, and without proactive measures, insurers risk further breaches that could have severe financial and reputational consequences.

Strengthening supply chain security, enforcing stricter vendor security standards, and prioritizing ransomware defense strategies will be crucial in safeguarding the industry against the growing cyber threat landscape.