Insurance

Industry Summary

• Carriers, MGAs, and TPAs process high volumes of PII, SPI, and PHI across policy, billing, and claims lifecycles
• Regulated by GLBA, HIPAA/HITECH (health lines), PCI DSS, state DOI/NAIC rules, and global privacy laws (GDPR/CCPA)
• Data flows span agent/broker portals, TPAs/adjusters, provider networks, reinsurers, and cloud-based InsurTech integrations
• Threat actors include FIN (ransomware/extortion), APT (data theft/espionage), affiliate fraud rings, and insiders
• Common tactics: portal credential theft, BEC at claims/finance, supply-chain compromise of vendor platforms, cloud misconfiguration

1. Protect Policyholder PII/PHI in Policy Administration Systems

Problem
Core PAS store identity, medical, and risk attributes required for quoting, issuance, and endorsements—prime targets for data theft.

Data in Scope
PII, PHI, Financial (e.g., name, SSN/tax ID, DOB, address, medical history, beneficiary, payment account)

Ubiq Controls Applied
Field-level encryption for PII/PHI; tokenize customer and policy IDs; encrypt document blobs (applications, medical questionnaires).

IAM / Access Policy Logic
Only PAS services and licensed underwriters can decrypt sensitive fields; administrators and DBAs see masked values.

Outcome / Impact
Reduces breach blast radius and supports GLBA/HIPAA compliance without disrupting policy workflows.

Threat Type
Data Theft / Espionage — FIN/APT actors use phishing and credential abuse to exfiltrate policyholder datasets; LOTL and bulk exports for silent extraction.

2. Secure Claims Intake, FNOL, and Evidence Repositories

Problem
Claims systems ingest photos, police reports, repair invoices, medical EOBs, and adjuster notes—rich sources of PII/PHI and fraud signals.

Data in Scope
PII, PHI, Evidence (e.g., claimant ID, images/EXIF, medical docs, invoices, adjuster notes)

Ubiq Controls Applied
Encrypt evidence files and structured claim fields; strip/cryptographically mask EXIF/geo; tokenize claim IDs across subsystems.

IAM / Access Policy Logic
Only claims processing and SIU teams decrypt; external repair/provider portals receive masked subsets.

Outcome / Impact
Prevents evidence-store scraping and limits overexposure during adjudication.

Threat Type
Extortion / Data Theft — FIN groups deploy ransomware in claims environments and exfiltrate evidence stores; initial access via helpdesk phishing and EDR evasion.

3. Apply Dynamic Masking in Agent/Broker and Customer Portals

Problem
Portals expose personal and policy details to a broad user base (agents, brokers, insureds); least-privilege display is required.

Data in Scope
PII, Policy (e.g., insured details, policy numbers, endorsements, member IDs)

Ubiq Controls Applied
Dynamic data masking in UI/API responses; show partial identifiers by default; step-up to reveal when justified.

IAM / Access Policy Logic
Agents see masked identifiers; only bound agents or carrier staff with case assignment may unmask with audit.

Outcome / Impact
Minimizes insider/affiliate misuse while maintaining servicing efficiency.

Threat Type
Insider Misuse / Account Takeover — Affiliate fraud and credential stuffing lead to overbroad lookups; tactics include session hijack and privilege escalation.

4. Tokenize Billing, Premiums, and Claims Disbursements

Problem
Premium collection and claim payouts rely on bank accounts and card-on-file; mishandling increases PCI/ACH risk.

Data in Scope
Payments, Financial (e.g., PAN/CVV, account/routing, payment tokens, payout instructions)

Ubiq Controls Applied
Tokenize PAN and bank details; encrypt payout files and remittance advice; enforce vaulted detokenization.

IAM / Access Policy Logic
Only billing/disbursement engines and PCI-cleared systems may detokenize; finance/CSR views remain masked.

Outcome / Impact
Shrinks PCI scope and prevents redirection/abuse of payment instruments.

Threat Type
Credential Abuse / BEC — FIN crews phish finance teams, steal API keys, and alter payouts; tactics include mailbox rule abuse and SFTP/API impersonation.

5. Encrypt Telematics/IoT and Usage-Based Insurance (UBI) Streams

Problem
Auto/home IoT telemetry (location, driving events, sensor data) is sensitive and broadly replicated for pricing and risk.

Data in Scope
Device & Location, Behavioral (e.g., GPS traces, speed/brake events, home sensor alerts, device IDs)

Ubiq Controls Applied
Encrypt telemetry at edge/gateway; tokenize device and insured IDs; minimize retention and segment keys by program.

IAM / Access Policy Logic
Pricing/actuarial services decrypt aggregates; raw device-level data remains masked for other functions.

Outcome / Impact
Enables UBI pricing while preserving privacy and limiting re-identification.

Threat Type
Cloud Misconfiguration / Data Leakage — FIN/APT actors harvest exposed object storage or analytics buckets; tactics include token reuse and API scraping.

6. Pseudonymize Underwriting Models and Actuarial Data Lakes

Problem
Aggregated risk and experience data power models but can re-identify customers if not de-risked.

Data in Scope
PII, Risk & Pricing (e.g., age band, health codes, loss history, occupation, region)

Ubiq Controls Applied
Pseudonymize direct identifiers; bucket rare attributes; encrypt model features and training sets at rest.

IAM / Access Policy Logic
Model training and actuaries use pseudonymized datasets; decryption blocked in BI/model notebooks.

Outcome / Impact
Retains modeling fidelity while satisfying privacy-by-design mandates.

Threat Type
Data Exfiltration / Access Broker — Access brokers and FIN actors target data lakes via stolen service accounts; tactics include API token theft and bulk export.

7. Minimize and Mask Data Shared with TPAs, Adjusters, and Providers

Problem
Outsourced claims (TPAs), independent adjusters, and provider networks often receive excess PII/PHI.

Data in Scope
PII, PHI, Claim (e.g., limited demographics, claim references, CPT/ICD codes, billing details)

Ubiq Controls Applied
Purpose-scoped tokenization; field-level redaction of non-essentials; encrypt exchange files and portal payloads.

IAM / Access Policy Logic
Vendors receive least-privilege masked datasets; re-identification limited to carrier’s escrow service.

Outcome / Impact
Reduces third-party breach blast radius and vendor compliance exposure.

Threat Type
Supply-Chain Compromise — UNC/FIN actors breach vendor portals to harvest PHI/PII; spear-phishing and unpatched apps are common vectors.

8. Protect Reinsurance Bordereaux and Catastrophe Exposure Files

Problem
Bordereaux and cat models reveal aggregated exposures by peril/region—valuable for competitors and adversaries.

Data in Scope
Exposure & Financial (e.g., TIV, policy counts, geocoded risks, reinsurance terms, ceded premium)

Ubiq Controls Applied
Encrypt files and per-recipient watermarked extracts; tokenize program and cedant identifiers.

IAM / Access Policy Logic
Only reinsurance/retrocession teams decrypt; brokers receive masked or aggregated views under NDA.

Outcome / Impact
Prevents competitive and adversarial intelligence leakage while enabling placements.

Threat Type
Espionage / Data Theft — APTs and competitor-aligned actors target exposure data; techniques include partner portal scraping and OAuth abuse.

9. Secure Health Claims (PHI), EDI/EOB, and Provider Adjudication

Problem
Health lines process PHI-heavy EDI streams (837/835) and EOBs—highly regulated and frequently targeted.

Data in Scope
PHI, Financial (e.g., member ID, diagnosis/procedure codes, claim amounts, provider IDs)

Ubiq Controls Applied
Encrypt PHI fields in EDI/EOB repositories; tokenize member/provider IDs; dynamic masking in care/customer portals.

IAM / Access Policy Logic
Only adjudication engines and authorized clinical teams decrypt PHI; general operations see masked outputs.

Outcome / Impact
Meets HIPAA/HITECH safeguards and reduces insider/affiliate risk.

Threat Type
Extortion / Data Theft — FIN actors exfiltrate PHI to pressure payment; initial access via provider portal phishing and VPN credential reuse.

10. Control Exposure in BI, Regulatory, and NAIC/State Reporting

Problem
BI dashboards and regulatory exports (NAIC, state DOI) can leak PII if filters and datasets are mis-scoped.

Data in Scope
PII, Financial, Regulatory (e.g., policy counts, loss triangles, HM/HIP-data fields, geography)

Ubiq Controls Applied
Tokenize identifiers in the warehouse; dynamic masking by role/region; row-level security; encrypt extracts and enforce expiry.

IAM / Access Policy Logic
Business users see masked metrics; compliance teams access detokenized views only under approved workflows.

Outcome / Impact
Prevents inadvertent disclosure while enabling analytics and timely regulatory filings.

Threat Type
Cloud Misconfiguration / Enumeration — FIN/APT actors enumerate exposed dashboards and signed links; tactics include credential reuse and API scraping for bulk data.