{"id":24935,"date":"2026-04-17T16:46:52","date_gmt":"2026-04-17T16:46:52","guid":{"rendered":"https:\/\/insurance-canada.ca\/?p=85453"},"modified":"2026-04-17T16:46:52","modified_gmt":"2026-04-17T16:46:52","slug":"triple-i-fenix24-report-identifies-emerging-cybersecurity-priorities-for-insurers","status":"publish","type":"post","link":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/2026\/04\/17\/triple-i-fenix24-report-identifies-emerging-cybersecurity-priorities-for-insurers\/","title":{"rendered":"Triple-I\/Fenix24 Report Identifies Emerging Cybersecurity Priorities for Insurers"},"content":{"rendered":"

Malvern, PA (Apr. 2, 2026) \u2013 The Insurance Information Institute (Triple-I), in partnership with Fenix24, is pleased to announce the publication of a new report examining how insurance companies are managing their own cybersecurity risks and where critical vulnerabilities remain: Cybersecurity for Insurers: Squaring Safety with Service<\/strong><\/i><\/a>.<\/p>\n

The report found that while property\/casualty insurers have made impactful cybersecurity investments, gaps remain in areas including patching cadence, authentication practices, and recovery testing, which are all weaknesses that could complicate responses to today\u2019s threat environment. The report draws on a series of conversations with insurance industry executives, with questions aligned to best practices, regulatory requirements and security controls commonly required in cyber insurance underwriting.<\/p>\n

\u201cInsurers occupy a paradoxical position in the cybersecurity landscape,\u201d said Sean Kevelighan, CEO, Triple-I. \u201cThey assess cyber risk for policyholders and establish security requirements as conditions of coverage, yet they also need to demonstrate their own cybersecurity practices meet or exceed evolving standards.\u201d<\/p>\n

\u201cMost organizations have tested their recovery plans for natural disasters or standard IT outages, but not for ransomware attacks,\u201d said Mark Grazman, CEO of Fenix24. \u201cUnderstanding what actually happens in a ransomware scenario is critical to architecting true resiliency. It\u2019s not just backups at risk, attackers systematically target and destroy infrastructure including Active Directory, identity systems, virtual machines, hypervisors, and even core communications like email. Resiliency planning requires understanding backup survivability, architecture for rehydration, and integrity, along with comprehensive asset intelligence, prioritization of business-critical applications and their associated dependencies. Resiliency is achievable if you know what to architect and that is the power of Fenix24\u2019s insights.\u201d<\/p>\n

A Growing Market Facing Evolving Threats<\/b><\/h4>\n

The cyber insurance market reached $15.3 billion in net premiums written in 2024 and is projected to grow to $16.3 billion in 2025, according to Munich Re. While ransomware remains a major driver of insured cyber losses, it accounted for only 19% of cyber claims in 2023. Business email compromise and funds transfer fraud represented a far larger share, generating 56% of reported claims. Business interruption accounts for roughly half of the $1 million average cost associated with ransomware incidents, according to NetDiligence.<\/p>\n

Key Findings<\/b><\/h4>\n

The report identified strengths and areas for improvement across several critical cybersecurity domains:<\/p>\n