Nearly Half of US Insurers Enhancing Security Capabilities Across the Board: Novarica

IT Security Update 2019

Boston, MA (Jan. 8, 2019) – IT security consumes more than 10% of insurer IT budgets and even more management bandwidth, according to a new report, IT Security Update 2019, from research and advisory firm Novarica. The report looks at 2019 plans among US insurers across a wide variety of IT security areas including technical, organizational, and regulatory compliance.

“Insurers are investing more in security as new regulations continue to drive new requirements,” said Mitch Wein, Vice President of Research and Consulting and lead author of Novarica’s new report. “Hiring a CISO is now not only a requirement, but also a key strategy point for insurers to manage regulations and related audits. Insurers who are implementing security frameworks like NIST and SSE-CMM will benefit when conducting audit calls. In addition, while there are many areas of security to invest in, insurers are looking to invest more in the areas of intrusion detection, application security, device security, and data encryption as new regulations continue to roll out.”

Among the key findings of the report are:

  • Insurers are enhancing security capabilities across the board. Nearly half of all insurers are enhancing capabilities in intrusion detection, app security, device security, and encryption.
  • Insurers are preparing for new regulations. Insurers are continuing to prepare for and implement programs to adhere to new regulations in both the US and EU.
  • Carriers are appointing CISOs to manage risk. The role of the CISO has expanded due to regulations and a need from carriers to implement effective cybersecurity programs.

A preview of the brief is available online.


As the insurance industry changes in response to continued digitalization,
IT leaders must continue to maintain and improve their ability to protect confidential data and customer information. While technological advances can streamline processes, they can also open the door for potential risks. Modern digital systems and procedures must be fully secure to retain the trust of agents and insureds and to protect companies from liability.

This report looks at 2019 plans among US insurers across a wide variety of IT security areas to help insurer CIOs understand how their peers are addressing key issues in cybersecurity.

Click here for the table of contents or to access the report.

About Novarica

Novarica helps more than 100 insurers make better decisions about technology projects and strategy through retained advisory services, published research, and strategy consulting. Its knowledge base covers trends, benchmarks, best practices, case studies, and vendor solutions. Leveraging the expertise of its senior team and more than 300 CIO Research Council members, Novarica provides clients with the ability to make faster, better, more informed decisions. Its consulting services focus on vendor selection, custom benchmarking, project checkpoints, and IT strategy. For more information, visit

Source: Novarica

Tags: , ,