Lately, businesses in India have widely taken the digital route leveraging artificial intelligence-based tools for analysis and decision-making, automation for improved efficiency and productivity, and more. However, the more digitalisation more the cyber risks, especially for banks, fintechs, and insurtechs. Kuldeep Dubey, CTO, Assurekit in an interaction with Express Computer highlighted how Assurekit, an insuretech platform, is adopting technology to innovate while securing its networks, systems, and data.
Assurekit is an insurtech platform that claims to have made insurance 10x simpler and more accessible for end customers. How? Further, what innovative disruptions do you bring to the Insurtech industry that could transform the way the industry functions?
Assurekit’s fundamental goal was to remove the unnecessary traditional approach of experiencing insurance. We are using our expertise in technology to do that. We are creating awareness, digitising the insurance journey, making it easy to understand, ensuring minimum data collection, giving customers options, and empowering businesses to explore their networks. There are some of the things which are our focus and we have been solving them by using technology.
We shall reduce the overheads and make insurance accessible and importantly allow the claims handling and management process through a click. All of this is part of our mission to use technology to solve problems and make the insurance experience better for everyone.
Being an insurtech company you deal with data from the insurance providers and end consumers. How do you manage to safeguard that data from malicious cyberattacks and ensure data privacy?
As a company, we take security very seriously. To protect our clients’ important data, we enforce strict access controls and regularly audit our access logs to ensure that no unauthorised access is taking place. We are committed to providing the highest level of security for our clients. Our platform has encryption both in transit and at rest to make sure the data is not compromised. As internal scrutiny team regularly checks the security patches and makes sure the software is updated which helps to fix any security vulnerabilities and prevent exploitation.
One of the most important things is to keep the employees trained and make them aware, of how important and sensitive the data is. We have complete guidelines that guide us step by step in case of any cyberattack. Also, we do regular VAPT, ISNP, and another security testing through a third party and the best agencies. Finally, we have a process to maintain regular backups.
As we know that hackers are also leveraging high-end technologies like AI, ML, etc. How much is Assurekit geared up to tackle such challenges? What are some of the key aspects that need serious attention to ensure overall cybersecurity?
In my opinion, it is important to pay close attention to certain aspects like network security, user access controls, encryption, software security, employee training, third-party risk management, and having an incident response plan in place. Nevertheless, it is essential to have robust firewalls and intrusion detection systems in place to prevent unauthorised access.
We ensure that we keep certain security measures handy like code signing and application whitelisting that can prevent malicious code from running on the system.
As part of planning ahead for the unfortunate event of a cyberattack, we keep a robust incident response plan ready as it is critical to quickly respond to security breaches and communicate it with customers and stakeholders.
It is a common notion among organisations that employees pose a vulnerable end to cyberattacks due to their lack of apt knowledge on the subject. What is your take on this? Is Assurekit organising any training programs or workshops for its employees to ensure they’re up to date with digital interfaces?
It is true that employees can pose a vulnerable end to cyberattacks due to their lack of knowledge or understanding of best practices for cybersecurity. However, it is important to note that employees can be an important line of defence against cyberattacks. By educating employees on best practices for cybersecurity and empowering them to identify and report potential threats, organisations can greatly reduce the risk of a successful attack.
To keep employees up to date with digital interfaces, mandatory training programs with customised content take place. These interactive techniques, regular phishing simulations, and up-to-date training content help ensure employee engagement and understanding. We ensure that we provide convenient training options and promote a culture of security awareness, starting with senior leadership, to complete the comprehensive approach.
Regular phishing simulations, convenient training options, and the promotion of a culture of security awareness is what make employee engagement and understanding better. It all starts with senior leadership setting the tone for a comprehensive approach to cybersecurity.
What is the way forward for Assurekit for the year 2023?
If I have to say it in one line – “we’re on a mission to revolutionise the insurance industry”. At Assurekit, we want to make insurance simpler, more accessible, and more efficient. We have started working on the data to increase insurance awareness among people.
Along with the evolution in technology like blockchain, AI, and data analysis, we are making the complete journey smart and valued. Our intention is to create a trademark tech platform that is going to change the whole traditional outlook of insurance with an experienced and knowledgeable team.
We’re excited to lead this transformation!