September 01, 2017

In May 2017, a massive cyber attack hijacked the data of almost 200,000 firms and organizations throughout 150 countries. Malicious software called Ransomware exploited vulnerabilities in the Microsoft Windows operating system, enabling cybercriminals to wreak havoc over a several day period. What steps should be taken to ensure data remains protected in our digitalized world, where data permeates almost all our everyday gestures?

The digital world processes billions upon billions of pieces of data on a daily basis – almost 2.5 trillion bytes to date - and this number is continuously on the increase. Everything from in-vehicle Sat Navs, to fitness apps, from e-commerce customer recognition software to smart thermostats and even stock assessors … in short, data is used to run almost everything. And the more connected and dependent we are, the bigger the movement becomes. In 2017, 8 billion connected objects collect, transfer, store and use all kinds of data, from the most innocent, such as those relating to the weather, to the most sensitive such as bank details. It is estimated that this figure will reach 12 billion by 2018.

Secure data, a top priority

In view of the explosion of data volumes, securing information flow and storage has become a major challenge. "WannaCry", the massive ransomware attack, which took place in May 2017 via Wanacryptor 2.0, is one of the most pertinent examples of this. As well as a constant reminder of the increasingly prevalence of this type of threat and is demonstrated by the exponential increase in the number of viruses and the seemingly mounting opportunities for criminals to wreak havoc.

Faced with this menace, states, organizations and companies are putting more stringent forms of protection in place. The new European General Data Protection Regulation (GDPR), which is set to come into effect in the spring of 2018, strengthens the obligations of companies that use personal data. In particular, it imposes enhanced security and risk assessment procedures and the implementation of specific measures (pseudonymization, data encryption, etc.) and provides for sanctions in the event of non-compliance.

Individuals affected by such data breaches will also be allowed to claim compensation for any damage caused. This new legal arsenal, governing the collection, the use and the security of data, is set to serve as an additional safeguard. It does not exempt individuals from being vigilant when they receive a request for personal information, and one which, to all intents and purposes, remains a firmly established practice.

For insurance firms, this new legislation represents an unprecedented opportunity: "Unlike many of the web giants, banks have very little tendency to exploit their customer data; this constitutes one of their strengths," underlines Thierry Mennesson, partner at Oliver Wyman, in a recent article.

This gives banks and insurance companies the opportunity to (re)affirm their status as a trusted third party who, on the one hand, does not exploit its customers’ data for commercial purposes, but who also guarantees its security by offering a type "digital safety deposit box" safeguard.

Wise web users, conscious of the value of their data

According to the major KPMG study conducted in 2016 in 24 countries, almost half of e-commerce transactions are never finalised due to customers’ fear of divulging personal information. Extremely aware of the pertinence of these details, they are nonetheless more willing to divulge them, if in exchange, they benefit from a personalized offer (insurance cover for example) or advantages such as a priority service, a price reduction, a piece of advice, or personal gain.

Indeed, in the recent KPMG survey, 78% of respondents acknowledged that geolocation (and therefore tracking) can be beneficial within the context of emergency relief response and management. In a similar vein, 57% are happy to provide household composition information to an energy provider, should this enable them to save money via a smart energy tool. Personal data and the reassurance that it will be used appropriately therefore lies at the heart of the contract of trust between consumers and suppliers. It is a decisive factor for businesses everywhere and forms the cornerstone of an excellent customer relationship.