/

Insurance

Myra has the right tools for IT security in the insurance industry. In this sector, evaluating risks is part of their day-to-day business. The industry knows the dangers posed by professional hacker groups, cybercriminals, and hacktivists – insurance providers have been a likely target for attackers for many years now. At the same time, the advancing digitalization trend has exponentially increased vulnerability to virtual attacks. These unfortunate circumstances can jeopardize the security of the entire industry – there is a severe need for action!

/

01

Patient data requires reliability

Cyber attacks can incur immense costs for insurance providers. The direct damages caused by disabling business processes are just the tip of the iceberg. The long-term damage to a company’s image can be much more costly. If you lose the trust of customers and business partners once, you will not be given a second chance. One aspect must be clear to all decision-makers: A severe cyber attack endangers the survival of the entire company.

02

The strictest security requirements for protecting insurance providers’ IT systems

In relation to IT system security, the insurance industry must fulfill the strict requirements set out by BaFin and VAG, as well as a number of other regulations, such as VAIT, MaGo, PSD2, and GDPR. They define the technical requirements that insurance providers must fulfill for their systems and which processes are to be conducted for risk management and continuous auditing. Insurance providers that serve over 500,000 citizens are among the critical infrastructures (KRITIS) to which even higher standards of IT security apply. On a regular basis, KRITIS companies must be able to evidence that they are using all available cybersecurity options to protect their systems, in accordance with German laws on IT security (IT-SiG).

More about MaGo and § 32 VAG
/

03

What penalties might the affected insurance providers face?

If insurance companies infringe upon the regulatory requirements for data security, they face the risk of incurring drastic fines of up to 20 million euros, or up to 4 percent of their global annual revenue. This depends on which sum is higher. German law also states that uncontrolled leaks of sensitive customer data can result in criminal charges being pressed against the company’s executives. If decision-makers are negligent in their responsibilities to handle customer data with due care, they may face fines or prison sentences.

Tailor-made solutions

from Myra Security for insurance providers, InsurTech companies, and insurance services providers

Comprehensive certification

ISO 27001 based on BSI IT-Grundschutz, PCI-DSS, IDW PS 951 (ISAE 3402)

Audited

MaRisk, BAIT, BSI-KRITIS qualified

Security Operation Center

24/7 full-service support from our IT experts

High scalability

quick installation and easy operation

Made in Germany

German manufacturer & GDPR-compliant

German manufacturer & GDPR-compliant

All communications are treated as highly confidential

Our technologies for protecting the insurance sector

Myra DDoS Protection protects online applications, websites, and the DNS servers and IT infrastructure required for communication in a fully automated way. Myra fulfills all performance requirements defined by the German Federal Office for Information Security (BSI) for qualified DDoS protection providers. As such, highly sensitive infrastructure is in safe hands with Myra.

To Myra DDoS Protection

Myra Application Security protects your applications against attacks as an upstream protective filter. Malicious traffic is filtered before it reaches your servers or cloud architecture. Using Myra’s multi-fingerprinting features, any applications attempting to access the servers are clearly identified and displayed in Myra Analytics.

To Myra Application Security

Do you have
questions?

Please contact us via contact form or call us at:
+49 89 414141 - 345.

0/500

All information on data processing can be found in our privacy policy.

© Myra Security GmbH 2023, all rights reserved

Responsible DisclosureLegal noticePrivacy policyTerms and Conditions