Insurtech Faces New Challenges in Cybersecurity

Share
The role of cyber insurance in healthcare
India's largest health insurer, Star Health, hit with a US$68,000 ransom demand after cyberattack exposes private customer data via Telegram chatbots

In 2023, there were 133m healthcare data breaches, in a sector which is traditionally an extremely complicated system to safeguard and it is something threat actors are exploiting. 

Star Health has received a US$68,000 ransom demand from a cyberhacker, following a customer data and medical records leak. Star Health is India's biggest healthcare insurer and has a US$4bn market cap - but that is at risk now. 

Cyberhackers used Telegram chatbots to expose customers' personal data, including tax details and medical claim papers. Investigations by Star Health have taken legal action against Telegram and the hacker, whose website has published some of Star Health’s customer data. Star Health’s shares have dropped by 11%, in an alarming reminder to the healthcare sector of how damaging cyber attacks can be. 

As cyber attacks focused on confidential healthcare data continue to be a lucrative option for cyber criminals, experts across cyber, healthcare and IT are working diligently to protect customers. 

The role of cyber insurance in healthcare

Chris Henderson leads threat operations and internal security for network security company Huntress. His team's task is to observe the activity of threat actors and ensure Huntress’ clients are defended. 

“In cyber insurance, you’re working against an adversary capable of developing and pivoting faster than a policy might expire,” Chris shared with Healthcare Digital. “Cyber insurers are building more insight into how they model risk during the underwriting process.”

To determine updated risk models and spot the most effective controls, cyber insurers are reviewing threat intelligence data from:
  • Previous breaches
  • Incident response firms
  • Intelligence, both open-source and closed-source

To provide the best quality of protection, cyber insurers are emphasising help desk verification and strong authentication, with tools like multi-factor authentication (MFA). These are reshaping the requirements from cyber insurers. 

“Cyber insurers are looking to ensure that your IT help desk has written procedures/policies to dictate that the person calling to reset a password, set up MFA and so on, is who they say they are,” Chris said.

TCS: The rise of AI in healthcare expands the attack surface for cybercriminals

Nitin Kumar, VP of Healthcare at Tata Consultancy Services, says it’s clear that AI offers opportunities and challenges in healthcare. Although AI improves access and affordability in healthcare, it also poses problems, such data privacy and security. Yet, AI also plays a crucial role in addressing these issues.

“Among our customers, we see an increased adoption of AI and in any AI initiative, there is a vast amount of sensitive data that is required,” Nitin states. “These include patient records, medical images, genomic information besides others. To effectively safeguard this data, our customers are keen on exploring innovative approaches such as homomorphic encryptions.

“Our customers are increasingly adopting AI-driven solutions on interconnected devices and systems, such as IoT medical devices, telemedicine platforms and cloud-based services. Each of the connected devices or systems introduces potential entry points for cybercriminals.”

To address customer needs, TCS is actively researching and developing quantum-resistant algorithms and encryption techniques to safeguard sensitive information.

“We will help our customers harness the benefits of AI while minimising the risks,” Nitin concludes. “Secure and Privacy by design for AI systems for healthcare is the mantra with a fine balance between security vs privacy vs latency vs usability vs accuracy.”

 

**************

Make sure you check out the latest edition of InsurTech Digital and also sign up to our global conference series for our sister site – FinTech LIVE 2024.

**************

InsurTech Digital is a BizClik brand.

Share

Featured Articles