Should Policyholders Share the Security Burden With Insurance Companies?

One of my coworkers consistently leaves her wallet sitting on her desk, usually half-open with money visible. I don't think she is deliberately tempting potential thieves or testing the honesty of the rest of us in the office -- she's in a rush, multitasking, just not thinking and at the same time, trusting. Of course, if her wallet ever actually is stolen she will be shocked, angry and embarrassed, along with out of luck, and the blame game will begin.

The average loss in brand value for a company that experiences a data breach can be anywhere from $184 million to more than $330 million, according to PwC. And the collective loss of consumer trust in the industry can be even more costly. Insurance & Technology's September digital issue examines the strategies and tools insurance companies are using to provide an exceptional customer experience without compromising security.

This behavior provides a perfect metaphor for the challenges insurance companies and other financial services firms face around security, challenges that are becoming increasingly complex in today's global, interconnected, consumerized and multichannel business environment. Customers and employees demand convenience, speed and simplicity in all kinds of transactions and interactions, whether it's getting a quote, filing a claim or updating customer information. At the same time, they are frustrated if they lose access to accounts, files or tools -- not to mention the outrage if their information (personal or corporate) is breached or lost.

Meanwhile, the insurance company -- whether as financial services provider or employer -- is in the uncomfortable position of knowing that, even if the customer or employee is at least partly to blame for the problem, it could and should have done a lot more to plan for and prevent the breach or loss. In addition to a more secure infrastructure, there could have been simpler security-related tools and processes, more training and better communications about the importance of data security, and stronger enforcement of security policies.

[Is Information Security an Impossible Dream?]

Security is always going to be a moving target for insurance companies because of the evolution of technology itself, along with changing competitive models and volatile market and economic dynamics. The one thing that is a constant (or at least close to one) is human nature. People inevitably are both demanding and passive, trusting and confrontational, humble and blaming, desirous of change and stubborn. This makes it harder than ever to simultaneously secure an increasingly mobile-based, real-time and open-access enterprise while also improving customer engagement -- the focus of much of our coverage in the September digital issue of Insurance & Technology.

And, as with my careless coworker, the potential losses to the customer, employee or corporation can be huge. The average loss in brand value for a company that experiences a data breach can be anywhere from $184 million to more than $330 million, according to PwC. But it's not just about money -- there's also a communal loss of trust, respect and confidence when theft, a data breach or identity fraud occurs.

With customer experience continuing to be one of the hottest topics in the insurance industry, it's critical for insurers to factor in security and risk considerations as they race to create more positive and revenue-generating experiences for their policyholders, distributors and staff.

Katherine Burger is Editorial Director of Bank Systems & Technology and Insurance & Technology, members of UBM TechWeb's InformationWeek Financial Services. She assumed leadership of Bank Systems & Technology in 2003 and of Insurance & Technology in 1991. In addition to ... View Full Bio