Cyberthreats in the Insurance Industry: MAPFRE at the Forefront

Cybercrime has advanced at a remarkable pace in recent years. According to the World Economic Forum’s 2024 Global Risks Report, cyber risks now rank among the leading global threats, with 16.6 million projected incidents in 2024. The economic fallout is equally striking: annual losses are estimated at 8 to 10 trillion dollars, as reported in the organization’s Global Cybersecurity Outlook 2025.

The trend in Spain mirrors this global pattern. Data from the Ministry of the Interior show that cases of online fraud rose from 88,000 in 2018 to 412,000 in 2024, an increase of 368%. During the same period, “traditional” offenses (excluding online fraud from the total volume of property-related crime) declined by 11.9%. Together, these figures point to an undeniable reality: crime has become digital.

Today, cybercrime represents the most critical risk facing society and any company, regardless of sector. “In the case of insurers, while they may be less exposed to direct monetary risks, a significant hidden vulnerability stems from the sheer volume of customer data they manage—data whose confidentiality and sensitivity are paramount, ranging from highly detailed policies to [direcciones, datos de contacto,..etc] complete medical histories,” explains Daniel Largacha, director of cybersecurity at MAPFRE.

This makes the sector a prime target for cybercriminals, as such information can easily be sold and used to commit other types of fraud, including telephone scams. Paradoxically, customers often become the weakest link in this chain. Criminals understand this and exploit the trust that naturally exists between policyholders and their insurers. “This reality requires a complete rethinking of how these new challenges must be addressed. Prevention, continuous monitoring of the environment, strong incident-response capabilities, and sustained awareness efforts are essential pillars for managing cyber risks in the insurance industry,” Largacha notes.

MAPFRE has a robust cybersecurity strategy tailored to current threats and sharply focused on emerging risks. It combines proactive protection and response measures, support for digital transformation, awareness programs for customers and providers, and a dedicated provider-risk management framework—elements that position MAPFRE as the leading insurer in cybersecurity in Spain.

Protecting customer trust is one of an insurer’s most valuable assets, as it forms the foundation of the relationship between the company and its policyholders. In this context, phishing, fake call centers, and password theft represent some of the most immediate and devastating threats.

In phishing schemes, cybercriminals exploit users’ lack of digital literacy to impersonate their insurer. They typically offer supposed gifts or benefits as a way to steal personal data and documents, which are then used to commit additional forms of fraud against the customer.

A particularly noteworthy emerging threat involves fake call centers. In these schemes, cybercriminals deceive distressed customers into calling premium-rate phone numbers. They then pose as intermediaries—without the insurer’s knowledge or the customer’s request—and charge for services that are, in reality, completely free. In many cases, victims remain unaware that they have been scammed.

Password theft in services outside the insurance sector represents another major risk. Many users routinely reuse the same passwords across multiple websites. “Cybercriminals take advantage of this poor practice: once they obtain a password, they can reuse it on other sites to silently access and steal customer data without the customer ever realizing it,” explains the director of cybersecurity.

All of these cyberattacks have a significant impact on the sector, as they substantially erode the trust between customers and insurers and deepen society’s sense of digital vulnerability. According to a TransUnion survey, 10% of citizens reported falling victim to a digital fraud attempt in 2024.

At MAPFRE, we fully recognize the relevance of cyber risks and have been working on a corporate security strategy since 2005. This long-standing commitment has enabled us to develop a global, certified security model backed by international standards such as ISO 27001, ISO 22301, and PCI-DSS. We also hold demanding certifications such as the medium level of the National Security Scheme (ENS).

But MAPFRE goes beyond simply complying with standards and regulations. We apply an integrated approach to security that brings together cybersecurity, personal security, and physical security, and that is fully aligned with our business processes and our relationships with customers and providers. This model combines cutting-edge technology, a culture of prevention, and strategic collaboration with top-tier tech providers.

A key component of this strategy is the Global SOC (Global Security Operations Center)—a 24/7 operations hub that processes more than five billion events every day, representing the largest data lake within the organization. This real-time monitoring capability allows us to anticipate potential incidents through early anomaly detection and rapid incident response, continually adapting our internal capabilities to the evolving cybersecurity landscape. Our protective capacity is further strengthened through MAPFRE’s connection to major international networks—such as FIRST, FS-ISAC, and Spain’s RNSOC (Red Nacional de SOC)—with which we share and receive threat intelligence.

Training and awareness are another essential pillar, both for our employees and our customers. MAPFRE dedicates significant resources to building internal capabilities and to educating customers through innovative initiatives such as #CulturaCibersegura. “This approach complements our technological tools by placing people at the front line of defense as a core element of our protection strategy,” Largacha notes.

Cybersecurity assurance also plays a critical role, as it provides a reliable understanding of MAPFRE’s readiness for real incident scenarios. In this regard, we participate in national and sectoral benchmarks organized by renowned institutions such as INCIBE (National Cybersecurity Institute) and DSN (Department of National Security), where we have consistently scored well above average. In addition, our business continuity plans, tested every year, ensure that we can maintain service to customers at demanding levels even in severe crisis situations—including ransomware attacks, large-scale data breaches, or widespread blackouts.

The future of cybersecurity is not yet written, but it will be shaped largely by three factors. First, the introduction of artificial intelligence across companies—and the ways in which cybercriminals will exploit both the AI deployed by organizations and the new attack vectors enabled by AI-driven tools. Second, quantum computing, which, although still in its early stages, has the potential to upend many of the technological and cybersecurity paradigms that underpin today’s systems.

Finally, and likely the most important, the role of cybersecurity in digital transformation processes. Today, new ways of adopting technology are reshaping the foundations of companies, and in the future they will become even more dependent on it. In this environment, “cybersecurity will be pivotal—one of the essential pillars supporting the reliability of emerging technologies. That is why a secure, trustworthy digital transformation is impossible without fully embedding cybersecurity at its core,” Largacha concludes.

RELATED ARTICLES: