Australian life insurer pulls out all stops to protect its most valuable assets

A glowing lock icon overlays a computer chip and circuit board.
Metamorworks / Getty Images

The Australian insurance industry is being inundated with rapidly changing customer expectations and demands with digital transformation a necessity for insurers to increase customer engagement, make claims processes easier, better serve employees and for competitive advantage.

This increased reliance on digital technologies, as well as the sensitive data collected by insurance providers, have made the industry a prime target for cybercriminals. Insurance accounted for 34 of 446 data breaches notified to the Office of the Australian Information Commissioner (OAIC) in the first half of 2021, placing it in the top five sectors. 73 percent of breaches were malicious or criminal attacks deliberately crafted to exploit known vulnerabilities for financial or other gain.

Placing further pressure on the industry is the recently passed Security Legislation Amendment (Critical Infrastructure) Bill 2020, designed to boost the security and resilience of the country’s critical infrastructure, which now includes insurance and the financial services industry.

TAL hardens its IT environment

With the important role of protecting 4.5 million Australians, TAL has made strengthening vulnerability detection and response a key priority of its digital transformation journey. As one of Australia’s leading insurance providers, TAL focuses on delivering a broad range of digital services to meet customer demand, as well as to harness data-driven workflows to streamline key processes and support enhanced customer experiences.

According to TAL’s chief information security officer Venkat Balakrishnan the increasing cyber threats have made it more important than ever to harden their IT environment and remediate vulnerabilities rapidly.

“Our previous tools made it difficult to gain a holistic view of vulnerabilities across our environment,” says Balakrishnan. “We were limited in the manner remediation of vulnerabilities could be prioritised based on which types of exploits and attacks were happening out in the world.”

TAL deployed a new vulnerability management platform with stringent detection, management and response capabilities. As a result, the insurer gained a single, accurate and complete picture of the vulnerability status of all its IT assets. It now has immediate insights into the most severe threats—allowing TAL to precisely target remediation activities for maximum impact.

“What our initial data revealed were more insightful, and we knew that a structured approach is crucial to remediate those vulnerabilities,” continues Balakrishnan. “Based on the severity of the vulnerabilities, attack exposure, ease of exploitation, criticality and sensitivity of information assets, we drew up a plan to fix the issues we’d identified and shrink the attack surface.”

In addition, TAL has increased its patching frequency on all endpoints and added an extra out-of-band process to ensure that zero-day threats are shut down rapidly. Changes to discovery schedules have meant that new insights are provided every eight hours, rather than based on month-old data.

“The data we now have access to is more than just a severity rating: it’s enriched with valuable additional insights including how exploitable the vulnerability is, how those exploits work and whether the affected asset is hardened or not,” Balakrishnan adds.

According to Qualys’ CISO for Asia Pacific - Rahn Wakeley, getting security right is crucial for insurance businesses to protect their reputations as trusted custodians of customer data. Gaining real-time visibility into vulnerabilities is a crucial step in protecting customers and employees first and foremost, as well as addressing regulatory and reputation issues.

“Increasing cyberattacks and the Bill are a clear call to action for critical infrastructure sectors including insurance providers to have the most stringent protections in place for their most valuable IT assets.” said Wakeley. “One of the key issues is that they can’t protect what they can’t see – particularly when the nature of evolving threats means near real-time visibility is required.”


Copyright © 2022 IDG Communications, Inc.