Insurance carriers have adopted a strategy of “inspired frugality” in relation to their spending on security, according to a Forrester senior analyst, Ellen Carney.

In Ms. Carney's definition, the term indicates a state where insurers have elected to delay security projects or upgrades over the past 18 months, even as the introduction of new technology has added complexity to their security environments.

“This reluctance can be traced to a lack of visibility and weaker skills to build the security business case,” writes Ms. Carney in a research paper, “Banking and Insurance 2010: IT Security Budgets and Spending.”

“Proactivity is a must, meaning vendor sales teams must be enabled with examples, case studies, and objective ROI business-case tools that can move stalled or cancelled projects forward,” she said.

That frugality is what enabled insurers to come through the recession less bruised than the banking industry, according to Ms. Carney.

“What I mean by [inspired frugality] is the insurance industry, when it came to replacing [any] technology, decided to use it up, wear it out, and make do,” she said.

If tools still were working, insurers stayed with them, even if the tools had reached the end of their depreciation life, Ms. Carney added.

That strategy will not last much longer, she predicted.

“I think there is going to be a catch-up when the market definitely turns around and carriers take [replacement projects] off the back burner,” according to Ms. Carney.

At that point, however, which kind of security will be the focus seems unclear–insurers have not shown interest in investing in any specific security technology, in Ms. Carney's view.

“[Insurers] are in the midst of upgrading core applications, and they are moving [processes] online,” she reported.

Fraud identification also falls into the security risk area, added Ms. Carney, as well as identity management, vulnerability management, and data security.

“These are all areas [insurers] need to invest in,” she said.

Banks have more security issues to deal with than insurers simply because banks are where the money is, according to Ms. Carney.

“Security threats around insurance involve identity theft, fraud, data theft, and those kinds of things,” she noted.

Banks are bearing the brunt of the attention from regulators on online security issues, pointed out Ms. Carney.

“[Insurers] lagged the banks in terms of moving online by six or seven years,” she said. “The same kinds of [security tools] banks bought a few years ago are what insurance carriers are implementing. Anything to secure that online transaction is a key investment right now.”

Robert Regis Hyle is Editor In Chief of Tech Decisions for Insurance, part of Summit Business Media's P&C Magazine Group, which includes National Underwriter. See www.tech-decisions.com for more information.

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.