What We Do
How we do it
Jul 29, 2021
UPDATE: PetitPotam NTLM Relay Attack
THE THREAT PetitPotam is a variant of the NTLM Relay attack discovered by security researcher Gilles Lionel. It is tracked as an authentication bypass vulnerability in Active Directory (Certificate Services); currently no CVE identifier has been assigned to this vulnerability. Proof of Concept (PoC) code released last week [1] relies on the Encrypting File System Remote (EFSRPC) protocol to…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Jul 12, 2021
Tecala and eSentire Partner to Protect Enterprises across APAC from Business-Disrupting Cyber Attacks
Sydney, 12 July, 2021 - Tecala, Australia’s award-winning technology services and IT consulting provider, today announced it has chosen eSentire, the global Authority in Managed Detection and Response (MDR) cybersecurity services, as their exclusive MDR solution provider in Australia and New Zealand. This partnership will enable Tecala to augment its cybersecurity practice and offer enterprises…
Read More
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Blog — Jun 05, 2018

Insurance providers are at risk

5 min read

The insurance industry is built on trust. Unfortunately, this trust can easily be lost in the event of a cyber incident. The insurance sector has lagged far behind other financial-sector industries in its adoption of cybersecurity technologies. Although banks and other financial institutions were among the first to come under the attack of cybercriminals, they’re now among the most secure. Cybercriminals will move on to easier targets, which is where the risk lies for insurance providers.

Hackers have identified the insurance industry as one that handles extremely sensitive information but has yet to put in place the measures needed to effectively safeguard against cyber-attacks. According to a recent study, only 20% of insurance CEOs believe that their firm is prepared for a cybersecurity event, yet 42% realize that cybersecurity is their most serious concern – outweighing regulatory risk by a significant margin.

Cybercriminals are targeting insurance providers for confidential customer data including finance and health information, insurance claim files, trade secrets, business assets and more.

The potential effects of a breach include:

Threats targeting insurance providers

According to eSentire Threat Intelligence, common attack methods used against the finance industry include:

These methods – if successful – can cause serious business disruptions and extensive costs if not detected and responded to quickly.

Cybersecurity compliance requirements

Depending on your region and business activities, your firm will be required to comply with specific cybersecurity regulations from regulators like NAIC or other federal or state/provincial regulations.

In the US, insurance providers will need to meet NAIC’s Insurance Data Security Model Law. While it’s not technically enforceable, the NAIC aggressively encourages adoption. The NAIC’s model law establishes a legal framework for requiring insurance organizations to operate complete cybersecurity programs, including everything from planned cybersecurity testing and board-level involvement in the information security program to incident response plans and specific breach notification procedures.

American insurance providers may also need to meet Payment Card Industry regulations or HIPAA (depending on what information they are dealing with, e.g. health insurance). In Canada, insurance providers need to follow PIPEDA (Personal Information Protection and Electronic Documents Act) and/or provincial regulations.

In summary, here are a list of the top factors driving insurance providers to reconsider how they handle cybersecurity:

The faster the firm catches the threat, the lower the impact

Breaches can have a significant impact on your business and customs. The costliest types of attacks for insurers are denial of service, phishing and social engineering and malicious insiders. Because many firms have limited resources and defenses in place, protecting against these threats can be a challenging task.

Fortunately, the next victim doesn’t have to be you. According to Aberdeen’s Monte Carlo analysis, being twice as fast at threat detection and incident response lowers the business impact of a cyber-attack by approximately 70%. The only way to avoid an incident and react quickly is to have a certified Security Operations Center (SOC) with human analysts hunting and responding to threats on your network 24x7x365.

We defend against the threats facing insurance providers

eSentire Managed Detection and Response™ (MDR) keeps insurance providers safe from cyber-attacks that other technologies miss. Our 24x7 Security Operations Centres (SOC) are staffed by elite security analysts who hunt, investigate and respond to known and unknown threats in real time. With MDR, you’ll experience:

We prepare insurance providers for complex compliance and regulatory requirements

Beyond MDR, our dedicated security experts help firms assess risks, address known gaps and build a comprehensive cybersecurity program that meets stringent regulatory requirements. With eSentire Advisory Services, you’ll have access to:

Security Program Maturity Assessments

About eSentire

eSentire is the largest pure-play Managed Detection and Response (MDR) service provider, keeping organisations safe from constantly evolving cyber-attacks that technology alone cannot prevent. Its 24x7 Security Operations Centre (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business-disrupting events. Protecting more than £4 trillion in corporate assets, eSentire absorbs the complexity of cybersecurity, delivering enterprise grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.eSentire.com and follow @eSentire.

Emily Boden
Emily Boden Content Specialist

Emily is a content specialist on the Marketing team at eSentire. Drawing on her background in journalism and social media, Emily communicates eSentire's mission with compelling and thought-provoking content.