Insurers may believe they are protected from cyber attacks by guarding against external threats, but glaring internal risks remain if a carrier does not implement a layered approach to security that includes educating employees about how to recognize and avoid attacks.

According to the 2011 CyberSecurity Watch Survey conducted by the U.S. Secret Service, the CERT Insider Threat Center at Carnegie Mellon University, CSO Magazine, and Deloitte, 21 percent of identified electronic crime perpetrators are company insiders, whether those with malicious intent or unsuspecting victims of a phishing attack.

Almost half of responding corporations believe that damage caused by insider attacks is more severe than damage from outsider attacks, and not without without reason: CERT identified more than 800 "insider" threat cases since 2001, with more than 100 significant incidents occurring in the last year.

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.