While insurance companies are focused on alerting clients to the dangers of cyber breaches, their own internal security systems have failed to detect about 47% of cyber breach attempts.
Accenture’s annual cyber security study shows 50% of respondents require more than a week to detect a breach. About 22% of breaches were successful this year, down from 30% last year.
The number of “cyber capabilities” insurers have mastered has jumped to 20 from 12, out of 33 capabilities identified by Accenture.
However, 40% of respondents’ business is not protected by cyber security, while 40% of study participants do not apply the same security standards to partners as they do to themselves.
Companies are extending their infrastructure into digitally connected devices such as cameras, sensors and smart watches, giving criminals more access points and forcing security professionals to safeguard more devices.
About 80% of respondents are confident they can manage the financial risk of a cyber-security event, and 68% say they can minimise resulting disruption.
This has led Accenture to suggest insurance executives may be overconfident in their security.
About 88% of respondents expect cyber-security investment to increase in the next three years; 75% say advanced technologies are essential to a secure future, yet only 40% are investing in machine learning and automation technologies.
About 70% of insurers say cyber attacks are a “black box”, and they do not know how or when they will affect their organisation.