Myra has the right tools for IT security in the insurance industry. In this sector, evaluating risks is part of their day-to-day business. The industry knows the dangers posed by professional hacker groups, cybercriminals, and hacktivists – insurance providers have been a likely target for attackers for many years now. At the same time, the advancing digitalization trend has exponentially increased vulnerability to virtual attacks. These unfortunate circumstances can jeopardize the security of the entire industry – there is a severe need for action!
Patient data requires reliability
Cyber attacks can incur immense costs for insurance providers. The direct damages caused by disabling business processes are just the tip of the iceberg. The long-term damage to a company’s image can be much more costly. If you lose the trust of customers and business partners once, you will not be given a second chance. One aspect must be clear to all decision-makers: A severe cyber attack endangers the survival of the entire company.
The strictest security requirements for protecting insurance providers’ IT systems
In relation to IT system security, the insurance industry must fulfill the strict requirements set out by BaFin and VAG, as well as a number of other regulations, such as VAIT, MaGo, PSD2, and GDPR. They define the technical requirements that insurance providers must fulfill for their systems and which processes are to be conducted for risk management and continuous auditing. Insurance providers that serve over 500,000 citizens are among the critical infrastructures (KRITIS) to which even higher standards of IT security apply. On a regular basis, KRITIS companies must be able to evidence that they are using all available cybersecurity options to protect their systems, in accordance with German laws on IT security (IT-SiG).
What penalties might the affected insurance providers face?
If insurance companies infringe upon the regulatory requirements for data security, they face the risk of incurring drastic fines of up to 20 million euros, or up to 4 percent of their global annual revenue. This depends on which sum is higher. German law also states that uncontrolled leaks of sensitive customer data can result in criminal charges being pressed against the company’s executives. If decision-makers are negligent in their responsibilities to handle customer data with due care, they may face fines or prison sentences.
Tailor-made solutions from Myra Security for insurance providers, InsurTech companies, and insurance services providers
ISO 27001 based on BSI IT-Grundschutz, PCI-DSS, IDW PS 951 (ISAE 3402)
MaRisk, BAIT, BSI-KRITIS qualified
Security Operation Center
24/7 full-service support from our IT experts
quick installation and easy operation
Made in Germany
German manufacturer & GDPR-compliant
All communications are treated as highly confidential
Our technologies for protecting the insurance sector
Myra DDoS Protection protects online applications, websites, and the DNS servers and IT infrastructure required for communication in a fully automated way. Myra fulfills all performance requirements defined by the German Federal Office for Information Security (BSI) for qualified DDoS protection providers. As such, highly sensitive infrastructure is in safe hands with Myra.
Myra Web Application Security protects your applications against attacks as an upstream protective filter. Malicious traffic is filtered before it reaches your servers or cloud architecture. Using Myra’s multi-fingerprinting features, any applications attempting to access the servers are clearly identified and displayed in Myra Analytics.