At IntSights, a Rapid7 company, our goal is to ensure organizations everywhere understand the threats facing them in today's cyber landscape. With this in mind, we took a focused look at the insurance industry — a highly targeted vertical due to the amount of valuable data these organizations hold. We've collected our findings in the “2022 Insurance Industry Cyber Threat Landscape Report," which you can read in full right now.
As part of this research, we reviewed threats specific to each vertical in the insurance industry. Healthcare insurance providers, in particular, have large targets on their backs. Criminals often aim to breach healthcare providers to gain access to various personal health information (PHI), which can include everything from sensitive patient health information to healthcare insurance policy details. Once this data falls into the wrong hands, it can be used to conduct fraud and exploit patients in a variety of ways.
This being the case, health insurance providers need to lock down their security perimeter as much as possible, and there's one broader problem affecting the industry we want to highlight here: web app security. Security bugs or misconfigurations of public-facing customer web applications can often be overlooked, and they are major areas of concern because they serve as entry points for bad actors.
Let's explore why these vulnerabilities are dangerous, how they happen in the first place, and what healthcare insurance providers can do to mitigate these threats and protect their policyholders.
Web apps as an entry point
Public-facing web applications are commonly used in the insurance industry to gather information about an individual or a ..
Support the originator by clicking the read the rest link below.
