At the Accelerate 2024 conference, the largest gathering of Vertafore users and industry professionals from across the independent insurance agent channel, panelists discussed cyber as a business risk. It should not be considered technical as the business impact of a cyber breach extends far beyond technology.
The cross-functional team included:
- Jace Hopper — Vice President, Product Management at Vertafore a best-in-class InsurTech solution provider,
- Ryan O’Donnell — Director, Digital Strategy, The Hartford, a leader in property casualty insurance,
- Keith Savino — Managing Partner and Cyber Leader at Broadfield Insurance, the 11th largest commercial insurance agency, and
- Aaron Wagner — Director of Cybersecurity, Rhodian Group, providing cybersecurity services.
Cyber security is an increasing business threat, and it is also an opportunity for insurance agencies. Small businesses are especially vulnerable as nefarious actors target these enterprises at a higher rate.
StrongDM, a technology company, reported that cyberattacks against small businesses have been on the rise in recent years as cybercriminals assume that weaker security measures will make small businesses easier to crack than larger enterprises. This is a risk for most independent insurance agencies because they are typically a small business. However, this is also an opportunity for agencies to inform their clients about cyber insurance policies and the protection available. These policies often include not only cyber breach coverage but also pre and post breach risk management services at no additional cost. Keith highlighted the opportunity by sharing that small business are under-represented with cyber insurance coverage.
The 2023 CrowdStrike Global Threat Report highlighted that 80% of cyberattacks leveraged identity-based techniques to compromise legitimate credentials. The panel discussed how a simple process like Multi Factor Authentication (MFA) can decrease breaches by more than 90%. MFA requires the user to provide two or more verification factors. Adding the second factor, beyond a password, significantly decreases the likelihood of a successful cyber-attack. Aaron, a cybersecurity professional who has first-hand experience in breaches, explained the importance of risk assessment as the first step to identify potential vulnerabilities and make risk-informed decisions on what security controls are best for your organization. No solution can provide 100% certainty, but simple steps like the use of MFA make businesses a smaller, less likely target.
As a leading technology provider for independent agents, Vertafore has invested in security making it a component of their product offerings. Jace reminded attendees that social engineering is one of the attack vectors, and ongoing education, in addition to technology, is an important consideration in preventing breaches. Authentication is critical in digital transactions. Ryan shared how The Hartford implemented SignOn Once© to allow agencies secure and efficient access to their agent portal. Using SignOn Once an agent can use the Vertafore ID, password and MFA process to access The Hartford’s agent portal without having to re-enter this information.
Both The Hartford and Vertafore are members of ID Federation, an nonprofit group of insurance industry leaders committed to working for the common good. ID Federation maintains a Trust Framework that enables member connectivity in a secure and operationally efficient manner.
Alvito Vaz is executive director of ID Federation. He is a long-time participant in AUGIE and has held business and technology leadership roles at Progressive and Travelers. He can be reached at alvito@idfederation.com.
