The digital immune system of IT

These are merely the key pillars of a digital IT immune system. Depending on the environment, the size of the organisation and specific requirements, it can be supplemented with further technologies. Just as the human immune system is bolstered by vaccinations to fend off future attacks.

The fundamental DIS principle is not new. Gartner first introduced it in 2022 as one of the key strategic technology trends for 2023. Rapid advances in AI development are accelerating the adoption of these intelligent IT security systems in two ways. On the one hand, cybercriminals are increasingly using generative AI for even more sophisticated attacks, against which conventional security methods are largely powerless. On the other hand, AI is becoming the driving force behind virtually every technology within digital immune systems.

Why the Digital Immune System is a game-changer for insurers

A functioning DIS not only massively increases protection against cyberattacks, but also delivers tangible economic benefits for all stakeholders in the insurance value chain.

Benefits for policyholders

With a DIS, companies benefit from greatly improved cyber security, which is reflected in the insurer’s risk assessment. Furthermore, the costs of rectifying IT damage are reduced, as such incidents will occur less frequently and be less severe in future. Of particular importance here is the critical and cost-driving factor of business interruption. A DIS significantly reduces the number of outages and shortens recovery times following cyber incidents through clearly defined processes. The risk of serious data breaches decreases noticeably, leading to greater trust among end users.

Benefits for insurers

For primary insurers and reinsurers, a DIS means that companies with a strong Digital Immune System are significantly easier to assess and insure. The data basis for risk analyses becomes more robust and precise. This is particularly true when compared with previous IT security systems. The logical consequence for insurers is fewer claims, which are also significantly less severe. This enables profitability to be increased sustainably.

New targets: OT systems and the physical world

Until now, cyberattacks have primarily targeted the office environment with its email systems, databases and servers. However, the threat landscape has expanded significantly in recent years and now encompasses not only offices but also other parts of the physical world. Smart grids, networked lifts in office and residential complexes, automated logistics warehouses and production facilities are just as vulnerable as sensitive medical equipment in hospitals or fully automatic coffee machines with remote maintenance.

Through the Internet of Things (IoT), traditional IT and so-called Operational Technology (OT) – that is, the control technology of the physical world – are increasingly merging. A cyberattack on these physical systems in the real world does not steal data, but rather paralyses and blocks them. In the case of a coffee machine, this is merely annoying; in the case of a production facility, the damage is far greater and, in the worst-case scenario, can even endanger human lives.

Many of these OT systems have been in operation for decades and often lack adequate protection themselves. As many of the earliest IoT systems cannot simply be made more secure with a patch, a digital immune system is particularly helpful here. DIS’s holistic approach also protects the interfaces to the physical world and incorporates them into its learning and autonomous cyber defence system.

Conclusion: From mere claims settler to resilience partner

The role of insurers will undergo a massive transformation due to the fundamental shift in risks. Instead of merely settling claims once damage has occurred, insurers can become active partners in resilience and prevent damage proactively. Through forward-looking risk engineering, continuous cyber services and the use of IoT sensors, they actively support their customers in building and maintaining their own digital immune system. Preventing claims is more cost-effective for all parties involved than dealing with them after the event.

Text: Falk Hedemann