January 2019 – As the insurance industry changes in response to continued digitalization,
IT leaders must continue to maintain and improve their ability to protect confidential data and customer information. While technological advances can streamline processes, they can also open the door for potential risks. Modern digital systems and procedures must be fully secure to retain the trust of agents and insureds and to protect companies from liability.

This report looks at 2019 plans among US insurers across a wide variety of IT security areas to help insurer CIOs understand how their peers are addressing key issues in cybersecurity.

Key Points and Findings

• Insurers are enhancing security capabilities across the board. Nearly half of all insurers are enhancing capabilities in intrusion detection, app security, device security, and encryption.
• Insurers are preparing for new regulations. Insurers are continuing to prepare for and implement programs to adhere to new regulations in both the US and EU.
• Carriers are appointing CISOs to manage risk. The role of the CISO has expanded due to regulations and a need from carriers to implement effective cybersecurity programs.