Cybersecurity as Added Value in Insurance

MAWDY | 23.04.2026

In a world of growing cyber risks, cybersecurity has become a major challenge for any company or business, as the consequences of these threats can be devastating.

In such an unstable environment, insurers hold a clear competitive advantage by incorporating security into their value proposition and placing the customer at the center of protection—an approach exemplified by the Mawdy model, Mapfre’s assistance unit.

The World Economic Forum´s Global Risks Report 2026 – based on a survey of more than 1,300 global leaders and consultations with risk experts—identifies geoeconomic confrontation, armed conflicts, social polarization, and disinformation as the main short-term threats. These phenomena directly influence risks in the digital world.

As organizations continue to digitalize, cyber threats such as data kidnapping and leakage, identity theft, and IT disruptions have become top business concerns.

“It’s not surprising: today, cybercrime generates more money than drug trafficking and prostitution combined. In addition, online scams are proliferating and growing exponentially every year, surpassing crimes such as robberies and theft,” says Juan Manuel Muñoz Perales, Chief Security Officer (CSO) y Global CISO at Mawdy.

Drivers of evolution

Disruptive technologies are a major driver in this field. In the same survey, artificial intelligence appears as one of the risks with the greatest long-term projection. While AI brings clear advantages, its malicious use enables the automation of phishing campaigns and the creation of manipulated videos, images, or audio (deepfakes). Another emerging battlefield is quantum computing, which—with infinitely faster information processing speeds—could compromise current cryptographic systems that protect communications, financial transactions, and critical infrastructure.

Other external pressures include geopolitical instability and the rise of state-sponsored cyber activities, not only those driven by criminal organizations. These groups are also replicating corporate structures to carry out their illicit activities. Regulation is another key driver, especially in Europe, with the launch of new data protection regulations designed to benefit consumers. Finally, the customer perspective stands out, with increasing demands for security in products and services.

Comprehensive customer protection

In the insurance sector, cybersecurity is highly developed.

“The industry has always worked to maintain a solid level of security that balances business generation with protection. In fact, insurance must safeguard security more than other industries, as it is highly regulated—providing an additional guarantee for customers,” explains Mawdy’s Global CSO and CISO.

At Mapfre, we also have a Cyber Resilience Plan, a stable and global program that includes controls, vulnerability reviews, remediation, and all intrinsic security activities. The goal is to provide comprehensive protection to customers—meaning their inclusion within the protection framework itself, representing a significant evolution.

To protect identity and prevent data manipulation, Mapfre uses two-factor authentication for access, while also strongly promoting ongoing awareness and education.

“The weakest link in the security chain is always the human factor. In 99% of attacks, there is a human failure or error behind them—something that can be corrected through proper awareness,” emphasizes Juan Manuel Muñoz.

Security as part of the value proposition

On the product side, insurers have been developing cyber insurance for more than a decade, with significant growth driven by rising threats. According to data from The Geneva Association, the leading global insurance association of which Mapfre is a member, global cyber insurance premiums increased tenfold between 2013 and 2023—from $1.5 billion to nearly $15 billion.

Mapfre already offers cyber risk insurance, particularly aimed at organizations, with coverage such as damage to IT systems, business interruption guarantees, technological services to restore operations after attacks, protection against cyber extortion threats, and preventive services including antivirus solutions, vulnerability analysis, and data protection advisory services.

More broadly, the insurance market is now at a point where service offerings are becoming more sophisticated, and security is emerging as a true value-added component—providing individual and corporate customers with services related to digital identity protection, cyberbullying management, and antivirus tools in case of infection. The possibilities are vast.

This is where Mawdy has a strong voice, thanks to its digital nature, type of services, and management of sensitive information such as medical data.

“At our company, we are committed to incorporating our differentiated approach to security into the value proposition,” stresses Juan Manuel, who also calls for greater involvement of security leaders in business development and commercial proposals.

Certifications: a guarantee of trust

At Mawdy, and across the Mapfre Group, we hold numerous security standards and certifications that support our operations and provide an additional guarantee of trust for customers. We have also taken the step of having third-party companies assess our security level—another competitive advantage.

Although the cybersecurity strategy is global, Mawdy’s global teams allow us to stay close to specific attacks and regulations in different markets. Moreover, no new project is launched without first passing Security and Privacy by Design.

Looking ahead, external pressure will not slow down. Cyber threats will become increasingly sophisticated, making continued investment and progress essential. Another key issue is cyber resilience—the ability to restore operations and return to normal after an attack or disruption, as highlighted by the AWS cloud outage in October last year in the North Virginia (United States) region. “Fortunately, at Mawdy we had resilience mechanisms in place that allowed us to continue operations—in some cases within minutes, and in others in less than four hours.”

In short, the current trend in cybersecurity and cyber resilience is evolving from a traditional model focused on internal support to a new one where security becomes a value provider within the business proposition—leveraging the competitive advantage of comprehensive customer protection.

Artículos

La experiencia que deja huella

En un entorno donde la experiencia del cliente se ha convertido en un verdadero factor diferencial, Mawdy México ha sido reconocida con cinco premios en el Global CX Forum 2026, uno de los encuentros más relevantes de la industria de Customer Experience y Contact Centers en México.

Peace of mind travels too

When planning a trip, every detail counts. Transportation, accommodation, itineraries, connections, activities, and documentation are carefully reviewed to ensure that everything goes according to plan. However, do we devote the same attention to travel insurance?