Cyber-risk and Data Security: Business Risks Need IT Solutions


NEOS blog on cyber crime

Cyber-crimes include a wide variety of activities:

  • Hacking
  • Unauthorized data access
  • Corruption of data
  • Phishing

We live in a data-driven society, and no matter what your business operations are, you have cyber and data security risks. Attacks are on the rise; 2012 and 2013 saw big brand names like Target, Neiman Marcus, American Express, Visa, Citibank and Barclays dealing with significant breaches. In 2014, cybercrime definitely makes the Top 10 list of business risks that IT needs to plan for and mitigate.

Financial services and insurance companies are not immune to these attacks. IT departments are hard pressed to ensure that their companies’ data and systems are secure. Cyber-attacks are costly to consumers and companies. In fact, studies show that about 70 percent of customers would leave a company following a data breach. So how will your IT strategy defend your data and keep you cyber-secure? We agree with Benjamin Franklin, “An ounce of prevention is worth a pound of cure,” so we offer 3 bytes (pun intended) of advice when creating, maintaining and updating your IT strategy:

  1. Design technology to support business processes, not the other way around.  Develop an “Enterprise Data Topology” or something similar. A data topology provides a complete view of data by following and mapping the data through the enterprise to explain its relationship to the business and how that data is supported in an organization’s systems.
  2. The devil is in the data details: Know your data, understand how data flows, and manage your data well. The increasing need for automation and cloud storage adds risk and small holes in your data flows, which can turn into costly and large issues. If you are not governing your data, start today.  Data Governance is an emerging discipline that refers to the overall management of the availability, usability, integrity and security of the data employed in an enterprise. Proper Data Governance provides consistency of data and business rules, increases speed-to-market, facilitates flexibility in product design, reduces costs and risks and ensures transparency of processes.
  3. To defend your data against attack, you need to be aware of the gaps and risks, big and small. Be realistic in this assessment and ask for help when needed, you will lose a lot more than data if a hacker finds your holes before you do.

At NEOS, we think a proactive approach to cyber risk is the only way to ensure security. Identify and close the gaps by sustaining direction, tracking progress and knowing when to seek outside assistance with your data management and/or overall IT strategy.

If you want to learn about the 4 additional IT risks NEOS practitioners have noticed affecting the insurance industry, download our whitepaper – Insurance IT Risks That Need to Stay at the Top of Your Business Agenda.

Observations at the Life Insurance Conference

With a theme like Stop Tweaking, Start Recalibrating!, you could assume that the 2014 Life Insurance Conference would have sessions indicating that the life insurance industry has some changes to make. The conference did not disappoint with its ability to match session topics to its theme. Many sessions provided valuable information and statistics that insurers can use to adapt to changing consumer demand and perceptions of the industry.

Life insurance companies as a whole struggle to adapt to changing consumer behaviors namely to the distribution shift toward seller beware mentality. Many insurance companies are still heavily relying on agents to sell policies, as they should, since the channel still holds a large share of sales specifically for higher value policies. However, insurance companies need to adapt to changing consumer behavior by offering a more diverse portfolio of sales channels.

As we all know in the last 10 years how we buy products and services has shifted with the introduction of social media on mobile apps. What we may not be aware of is our changing preferences to how we do business. Many who have done research into the matter on how insurance is purchased are learning that consumers want to go into a sales situation with all the information they can, mainly found on the internet, creating a seller beware mentality. The days of agents providing all the information to a potential customer and guiding them through the process are gone, instead replaced by consumers who are approaching agents with background knowledge and targeted questions.

The conference sessions stressed that the insurers who are embracing the change and adopting new sales methods are going to be more successful and less at risk.  Risk of disrupters entering the industry, which is slow to change, has companies becoming afraid of their inability to adopt new technologies and alter their sales strategy to life insurance being bought, no longer sold.

Overall, attendees left the conference with the knowledge of how consumer trends are changing and the perspectives of insurance executives who are at the forefront of innovation.

Observations at the Retirement Industry Conference

The retirement industry conference had a similar theme as the life insurance conference held directly prior. The same sales shift was again a prominent theme with the difference being how it would directly influence the retirement industry and sales of retirement products.  Highlighting and identifying how the millennial generation would fair when faced with saving for retirement based on their generation’s characteristics and spending history was a key differentiator.

What was unique at the Retirement Industry Conference was the importance of financial education to the industry. Many sessions highlighted the need for companies to increase transparency and build trust with the consumer.  One method of relationship management is providing educational services beyond what brokers have provided in the past with product education. By educating potential clients at an early age, the importance of saving is conveyed and understood.

Prior financial knowledge will ultimately lead to product sales through financial planners and the desire to financially plan. One speaker even made the distinction between two ways companies use educational programs. She stressed that companies could adopt financial literacy programs in order to compete with others who already offer the service or could take the program beyond what others provide to increase their competitive advantage. Either way on some level, financial literacy programs are becoming necessary to the retirement industry and those companies operating within.