Before the scar of the previous cyber attack heals, another starts haunting the cyber world. The factors influencing cyber attacks are constantly changing and hence it’s becoming difficult for information security and risk management professionals to manage the risks. They have to put strenuous effort to keep the integrity, confidentiality, and availability of the organization’s intellectual property and information technology assets safe. Satyanandan Atyam, CISO, Bharti AXA General Insurance, in a conversation with EC’s Rachana Jha, speaks about the biggest security concerns in the insurance industry and how Bharti AXA General Insurance has taken a holistic view of its security policy
Some edited excerpts…
How do you see the present scenario of digitization in the insurance industry?
In insurance, digital is the way forward to tap business and to provide superior claims service experience to customers. The ball has started rolling and the insurers are joining the bandwagon to go digital.
Is cyber security a major concern for an insurance company? Which are the major risks?
With the adoption of cloud and digital as the way to do business, cyber security has come to the forefront as a control for the risks emanating from these interventions of technology in the digital world. Every insurance business collects, processes and stores personal data of the customer. The onus to protect the personal data of the customer lies with the insurer. In light of regulations and the increased deliberations on data privacy and data protection, the investment in information security controls become relevant for businesses. With ever-increasing cyber-heist of personal data, the risks of data breach, across the digital footprint, become the top risk for the insurers.
What measures do you to take to mitigate these attacks? What are your strategies to combat such security threats?
There is a need to have a very robust information security risk management framework. The investment in protection technologies at the network perimeter would not be the right strategy. The security baselines need to be designed and the investment needs to be directed toward response and recovery methods.
Today, insider threat is an important concern for CISOs as insiders have more access to information and their activities can go undetected longer than external threats. What kind of processes do you have in place to prevent unauthorized use of information?
Insiders as the threat vector have always been acknowledged in risk frameworks. The investment in technologies and processes to detect/protect/monitor the data leakage vectors for insiders is something we have seen in last few years. The DLP/DRM/DC solutions have become baseline controls around detection and prevention. Machine learning based solutions can do real-time monitoring to prevent data leakage and prevent the intrusion of malware or compromise of machines.
How can emerging technologies like Artificial Intelligence (AI) be useful to the insurance industry? In which areas do you think AI can be useful in security?
AI is software that perceives its environment well enough to identify events and take action against a predefined purpose. AI is particularly good at recognizing patterns and anomalies within them, which makes it an excellent tool to detect threats. Cyber threats have become more and more complex. The amount of data and events generated in corporate networks are beyond the capacity of human experts. The new approach is to monitor a wide number of factors and identify patterns of what constitutes normal and abnormal activity, without looking for specific traces of a particular malicious activity, but for spikes or silent moments. Staying a step ahead of hackers is increasingly a need of the hour.
For security analysts, what is the approximate amount of work that will come down by using AI?
There is a growing shortage of cyber security specialists, and the mix of L3 activities and routine tasks should be divided between man and machine. With advent of AI, computers are expected to automatically perform daily tasks like analyzing network traffic, granting access based on some set of rules and detecting abnormalities, while the cyber security specialists can work on designing algorithms and studying emerging threats. This will reduce the requirements of cyber security specialist for L1 Tasks.
Does AI have the potential to segregate false positives from the suspicious traffic. If yes how?
Removing false positives is one of the main tasks that require human assistance and one of the reasons why AI is not ready to take over security completely. Can we say machine learning(ML) algorithms is a cybersecurity silver bullet? .ML could be the way forward. To build reliable and strong cybersecurity defenses, organizations should opt for a solution offering multiple complementary technologies with high detection rates and a low number of false positives. In other words – I would like to use the home metaphor to explain this – one that catches thieves but doesn’t react when a neighbor’s cat walks across the lawn.