Jun 18, 2020

Are digital ecosystems the future of insurance?

Insurtech
Insurance
Matt High
1 min
waves
Faced with considerable digital disruption, the insurance industry should turn towards a digital ecosystem approach, says Accenture and McKinsey...

The insurance industry stands on the precipice of a paradigm shift.

Digitisation is accelerating at pace, with new and innovative technologies, the greater use of data and a mobile-first approach not only changing how the industry operates, but also how customers expect it to operate.

So too is the competitive landscape changing the playing field for those incumbents in the industry, forcing them towards a better defined, service-based approach similar to that being adopted by many of the larger players in the financial services industry.

According to research by Accenture that analysed close to 20 industries, insurance is among those most susceptible to future disruption.

Accenture explained that, by 2022, carriers that are slow to respond to digital - or ‘hyper-relevant’ - competitors could suffer market share erosion close to $200bn and miss the opportunity to pursue new growth activities worth $177bn.

For insurers to deliver on the technology innovation needed will require the nurturing of digital ecosystems that sees traditional insurers join forces with new, innovative insurtechs.

According to McKinsey, digital ecosystems are already emerging in several sectors worldwide, such as healthcare and finance, driven by the increased use of digital technologies by consumers and the realignment of global markets into one, connected whole.

It explains that there are three key values derived from being an ecosystem player:

  • They can be gateways that reduce friction for customers wishing to switch between related services, to not toggle between different portals or log-in networks.
  • They harness network effects
  • They integrate data across several different services, thus providing better and more personalised solutions to customers.

Accenture, in its The Ultimate Guide to Insurance Ecosystems report explains that “if insurers fail to create their own ecosystems, they run the risk of being limited to the role of a pure risk cover provider.

“Other players may then be in a better position to provide a more nuanced and valuable customer experience, to impose their brand, and to own the customer relationship.”

It is recognised that ecosystems have the potential to open several new revenue streams. They also allow insurers to take up different roles depending on the nature of the ecosystem

A successful ecosystem strategy could, for example, provide opportunity to enter new or emerging market sectors.

It may also allow for faster scaling of business models than if an insurer was working alone.
 

Share article

Jun 11, 2021

3 security concerns for financial service providers in 2021

Cybersecurity
Fintech
financialservices
Cloud
Dominik Birgelen, CEO of onecl...
5 min
With cyberattacks on the rise and more transactions taking place digitally than ever before, financial services face challenges, says Dominik Birgelen

The financial sector has been a long-standing target for cybercriminals for a number of years.

Not only does it hold the financial details of millions of users but banks and financial organisations arguably hold more personal information than any other institution. Not only do these institutions have information on how much money you have or earn but also they can gain insight on how you spend or save this money.

The sheer amount of data that these organisations hold on each individual means that cybercriminals could obtain your money but also your identity. 

What’s more, the past year has seen a multitude of industries navigate a global pandemic, and working from home has caused additional challenges for the sector.

When the UK went into its first lockdown back in March 2020, financial institutions moved swiftly to adjust their operations. But cybercriminals also worked rapidly to take advantage of the now remote workforce that created a feeding ground for online criminal activity.

As a result, credential and identity theft have skyrocketed in the past 12 months as cybercriminals looked to exploit vulnerabilities in personal firewalls and antiviruses; using malware attacks and ransomware to target users and obtain confidential information. While the global workforce looked to navigate the new remote working environment, cybercriminals have been trying to exploit it with a number of challenges currently facing the financial sector.

Credential theft on the rise

Credential theft, whereby a cybercriminal is able to obtain a victim’s proof of identity, is not a new threat to the financial industry. In fact, from the 2021 Verizon Data Breach Investigations Report, it is stated that credentials remain one of the most sought-after data types and also the fastest data point to compromise. While the threat itself may not be something new, the environment we find ourselves currently navigating is, and cybercriminals are using this to their advantage.

As the workforce rapidly shifted from being siloed to remote, many organisations had to roll out additional services and solutions to remain operational. However, these devices or services also gave cybercriminals additional entry points within their networks. With many organisations operating via cloud-based solutions, having access to these networks means that hackers can gain access to a multitude of sensitive data within minutes.

Alarmingly, the majority of credential theft is the result of targeted phishing or malware attacks. As many people reuse their passwords for a number of services, once a single password has been compromised they can then try to connect with another service or network. With people working remotely, educating staff on the importance of setting resilient passwords, isn’t on the agenda for many organisations and therefore leave them vulnerable due to this negligence. 

Increased AI adoption

Artificial intelligence (AI) has been a technology that has been cementing itself within many sectors for a number of years. Due to its ability to carry out repetitive and arduous tasks, organisations are beginning to see the benefits from rolling out this technology with the financial sector also taking note. A report from Deloitte revealed that 30% of financial service organisations they describe as “frontrunners” are more adept when it comes to utilising AI; using the technology to enable them to increase revenue at a faster rate than their competitors. 

What’s more, the report states that 45% of “frontrunners” invest US$5mn in AI initiatives with 70% planning to increase their spending within the next year. Yet, as AI continues to establish itself within the financial services sector, business leaders need to ensure that they have robust and resilient infrastructures in place.

With so much trust being placed on the AI to automatically manage, distribute and in some cases, duplicate data, these organisations need to ensure they have protocols in place if this technology is also targeted by hackers and cybercriminals. 

Fintechs need cloud-based security

Technology is helping to solve many of the financial sector’s challenges and protect various institutions through advancements in the digital landscape. The evolution of cloud computing, which was traditionally valued for its cost-saving capabilities, is now invested in its enablement for future innovation.

Cloud-based technologies also allow financial institutions to implement critical cybersecurity measures that prove extremely difficult to penetrate including shielded logins, disconnecting the end-user environment, and Zero Trust Architecture (ZTA).

With many organisations still working remotely and as we seemingly emerge into a new era of hybrid working, financial service providers are undoubtedly going to be providing additional solutions for their workforces to remain efficient. However, with credential theft on the rise, we can see the vulnerabilities that these expanded ecosystems present when it comes to phishing and malware attacks. 

Financial institutions can look to easily implement the offerings of cloud-based solutions via shielded logins to external partners they’re dealing with. Using an authentication service whereby the user’s logins are transported via the browser as a client, all other authentication processes are performed by backend systems.

This means an extra layer of protection is provided when coordinating third-party involvement. Additional processes in the cloud can be implemented for further security, such as dynamically generated, unique passwords and tokens that the service provider does not store, so that the login information to applications remains hidden for all other users.

More and more organisations are also embracing Zero Trust Architectures aimed at protecting modern businesses from security threats by removing the “trust” from an organisation’s network.

As a result, many are utilising identity and rights management systems powered by blockchain technology to bolster the level of security for these organisations. Using these systems, users gain self-determination over their data by means of digital authorization chains meaning it is always traceable who has accessed which data or systems when and with which authorisations and where these authorisations originate from. 

Remote workforces and data security

The past year has forced a number of sectors to rethink the way in which they operate. As remote working looks to remain on the agenda for many financial service providers, it’s imperative that they consider the sensitive nature of the data that they hold.

Additionally, with many cyber-attacks being the result of phishing or malware incidents, organisations need to first educate their staff on the importance of vigilance around protecting their credentials whilst also ensuring that they roll out the right technologies that can combat these kinds of phishing attacks. Innovative cloud-based solutions can offer a solution.

Implementing end-to-end cloud security systems provide simple yet highly effective barriers to intrusion. Sensitive data cannot afford to wait therefore investing in secure cloud solutions now will ensure the safety of your organisation’s future.

 

Share article