Preparing for an era of cyber insecurity

Preparing for an era of cyber insecurity

Cyber security is a rising concern for insurers in light of their increased vulnerability via digital channels to theft or attack on the personal customer data on which they depend. Although the threat is not new, the frequency of high profile, disruptive and damaging security breaches is increasing and insurers have to respond. Around the world, regulators are becoming more interested in understanding controls to ensure data privacy is respected and customers are fairly treated.

Global Insurance Regulatory Lead

KPMG Australia


Related content

Preparing for an era of cyber insecurity

Overwhelmingly, insurers and intermediaries are focused on managing risk, with the greatest proportion of our respondents seeing data security as one of the top three business areas impacted by digital, followed by customer relationship management. Not surprisingly, this drives investment, with more of our respondents identifying investment in data and cyber security than any other area of the business.

What areas of your business do you see as being most impacted by digital?

Data security
31% 22% 14%
Customer relationship management
20% 8% 10%
Standardization and automation of IT systems
16% 12% 12%
Data storage
8% 14% 16%
Integration of sales and customer channels
8% 10% 12%
Sales processes
8% 10% 4%
Supply chain management
4% 4% 2%
Harmonization of IT and communication
2% 10% 6%
Internal collaboration
6% 12%
Claims management
2% 10%
Highest impact
Second highest impact
Third highest impact

What can be done?

  • Address cyber security maturity, to identify key risks and ensure the controls implemented are actually effective in mitigating risk. 
  • Be clear on what your key assets actually are. Know the impact and risk on of your extended supply chain, including third-party software suppliers and outsource providers, require equal attention.
  • Ensure IT staff have enough direction on what parts of the business contain the most critical information and processes to protect. To build these links, an insurer requires clear responsibility and accountability at a senior level to understand and explain the risks and drive decision-making. 
  • Recognize that some types of incidents are inevitable. Prevention must be balanced with mechanisms to detect attacks and contingency plans to respond effectively.


Insurance companies should shore up their defenses against the rising threat of cyber crime.

Read more


Frontiers in Finance examines rising cyber insurance sales and insurers’ challenges managing cyber risk and winning in the cyber policies market.

Read more

Connect with us


Request for proposal



KPMG's new digital platform

KPMG's new digital platform