Essential Insurance contributed to the production of this article along with other partners.
Insurance Business’ Bethan Moorcraft had the opportunity to speak with Luc Ouellet, supervisor of digital downloads at Alive Medical, and Jordan McDonald, president and chief executive officer at The Standard Insurance Brokers Ltd., about the topic of cyber security in the brokerage industry.
Every single day, insurance agents are exposed to the possibility of being attacked online. A cyberattack that has the ability to bring down a brokerage can be triggered by the simple act of clicking on a malicious link included in an email or on a website.
In the realm of cyber security, awareness is the first and most important line of defense. Because they handle enormous amounts of personally identifiable information (PII) and sensitive commercial data, brokerage firms are potential target for cyber criminals. In addition to this, they make it easier to conduct payment information. All of these are vulnerabilities that cybercriminals are trying to find ways to exploit.
“We are concerned about the present cyber risk scenario in Canada,” said Luc Ouellet (shown left), who is Intact Insurance’s director of digital distribution and is responsible for the company’s Cyber Task Force Program. “During the course of the past year, we’ve observed a rise in the amount of criminal cyber activity that targets brokerage firms. The two primary vehicles for these attacks are ransomware and social engineering.
“Cyber security is a very serious matter for us, and we are also extremely conscious of the obligation that we share with brokerage to enhance cyber security within the insurance business and to protecting Canadian personally identifiable information.”
Only with the backing and participation of brokerage principals is it feasible to cultivate a robust culture of cyber security. Ouellet recommended that brokerages steer clear of putting all of their trust in a single employee or team that possesses technical knowledge of information technology (IT), or handing over responsibility for their network’s safety to an outside supplier. He advised brokerage principals to assume responsibility of their company’s vulnerability and to develop and model security knowledge and risk reduction from the top down. He also pushed them to assume responsibility of their firm’s weaknesses.
The Standard Brokerage Firms, a firm that has been in business for 125 years and offers retail and business management services to towns in Northwestern Ontario, Manitoba, and Saskatchewan, is one brokerage that is putting a lot of effort into this matter.
According to Jordan McDonald, chief operating officer of The Standard Insurance Brokers, “Cyber awareness is of the utmost significance to our brokerage.” (You can see Jordan McDonald on the right.) “We are aware of the dangers that exist in the world today. Maintaining a proactive strategy is essential to ensuring the continuity of our business.
We are confident that we have made the appropriate investments in protection to lessen the likelihood of a cyber incident occurring. In addition, we have a Cyber Incident Response Plan, which is tested on a yearly basis to ensure that we are prepared in the event that a cyber incident takes place.
The Standard Insurance Brokers puts its staff through phishing tests on a monthly basis to evaluate how well they can identify harmful content within emails, links, and attachments. According to McDonald’s explanation, if an employee fails a test because they clicked on the malicious link, they are required to do additional cyber security awareness training. Additionally, each phishing test is followed by a post-mortem where staff are trained on how the phish may have been spotted and averted.
“A training session in which you go over cyber security dangers is a start, but additional hands-on training is important,” said McDonald. “Personally, I believe that a training session in which you go over cyber security threats is a good start.” We have discovered that providing real-world examples of phishing to our staff members is helpful in modeling cautious behavior among them.
“Because individuals are afraid of accidentally clicking on a phishing test or a true phishing email, our Help Desk is now getting requests to analyze legitimate communications,” said the manager of the help desk. Purchasing software that quizzes your employees on their ability to spot phishing emails is an excellent investment that comes highly recommended by me. It will most definitely contribute to raising awareness of security issues within your brokerage.”
In addition to advising brokerages on how to train their staff, Ouellet recommends that these companies implement multi-factor authentication (MFA), which is the standard security measure for data-sensitive companies today. Recently, MFA was incorporated into the Intact Portal for brokers by Essential Insurance, which resulted in an increased level of functional protection. In addition to their username and password, brokers must now input a code that is specific to each session in order to access the site.
Both Ouellet and McDonald emphasized the significance of having backups that have been tried and tested in order to successfully recover systems and data following a catastrophe.
When was the last time you tested your backups, and how confident are you that they would be able to withstand an attack from ransomware? It was McDonald who initiated. “Have the talk with your third-party IT operator or the vendor that hosts your broker control system about where and when they test your back-ups. If you employ a third-party IT company or if your broker management system is managed by your manufacturer. In the event that every one of your workstations was locked by a ransomware attack, you should inquire with your IT team about what they would do.
According to Ouellet, the question of “if” a cyberattack will harm an insurance brokerage is no longer relevant; the question is “when.” Even with the strongest information security procedures in place, it is no longer a matter of “if” a cyberattack will impact an insurance brokerage. It is of the utmost importance to be familiar with how to respond to incidents in a manner that is both effective and compliant.
Ouellet told Insurance Business, “We’ve seen situations where brokerages have not been able to recover properly after a ransomware attack.” This was due to either the fact that they did not have adequate cyber insurance coverage or the fact that they did n’t really have the assessments and back-ups throughout position to restore their entrepreneurs. “We’ve seen contexts where brokers have not been able to recover properly after a hacking incident.”
“The vast majority of insurance brokerages in Canada are classified as either small or medium-sized businesses. As a result, these establishments have the ability to set a good example for their clients by posing the same inquiries to themselves as they do to their clients, such as, “Do I have sufficient coverage to pay a ransom?” Do I have sufficient coverage to contact with customers and pay for credit monitoring services for them in the event of a breach? By putting themselves through this procedure for the benefit of their own company, brokers will have an understanding of how to counsel other business owners regarding the requirements of their companies.
A cyber safe brokerage network will assist in protecting Canadian customers and companies from potential harm. According to Ouellet, this is something that must be worked towards jointly by the insurance industry and the brokerage industry by sharing resources and increasing knowledge of the most effective cyber security methods.