Category Archives: Business Risk

Things to know before your eclipse viewing party

The first total solar eclipse to sweep across the entire country since 1918 will happen on Monday and understandably there are some insurance issues that arise:

Business Insurance, via today’s I.I.I. Daily, explains what a company needs to know about workers compensation issues that may arise if it is hosting a viewing party.

Amy K. Harper, a director at the National Safety Council, said, “An employer should provide ISO 12312-2 compliant viewing glasses if they are encouraging or hosting a viewing party.” Employers should also be familiar with NASA’s safety guidelines that suggest people not look directly at the sun. Employees injured using a camera, binoculars or telescope to look directly at the sun can cause eye injuries in which employees may be covered under workers compensation.

Erie Insurance brings us a solar eclipse safety check: 1. Don’t look directly at the sun; 2. Keep your eyes on the road; 3. Renting out your home? Check your liability coverage.

NASA’s excellent safety information here.

The Week in a Minute, 8/17/17

The I.I.I.’s Michael Barry briefs our membership every week on key insurance related stories. Here are some highlights.

Insurance coverage for riot-caused damage became a media issue this week after a 32-year-old woman was killed, and scores were injured, in Charlottesville amid violent, dueling protests centered on the removal of Confederate General Robert E. Lee’s statue.

Reporters want to know if the number of car accidents might rise on Monday, Aug. 21, when the population soars in 14 U.S. states, from Oregon to South Carolina (see page 4), as tourists flock to witness a total solar eclipse.  It is the first one to be visible in the U.S. in 38 years.

Gert became the second hurricane of 2017 to develop in the Atlantic Basin but it never came near the U.S. before drifting into the middle of the ocean.

Proper protection is key in a sharing economy

Whether you’re sharing rides, homes, workspaces, driveways, food experiences, or even, as in China, umbrellas and basketballs, the sharing economy continues to expand into new areas.

And so do the associated risks and liability.

From today’s I.I.I. Daily, via The New York Times: “Airbnb, the peer-to-peer vacation rental and hospitality site, is facing a lawsuit in which a guest says that the company did not perform appropriate background checks on a host who allegedly sexually assaulted her. According to the plaintiff, a background check would have uncovered information that the owner had been arrested and charged with battery, preventing him from listing property on Airbnb according to the terms of service.”

Whether you’re looking to rent out your space to someone or rent a space from someone via a peer-to-peer network, it’s important to know whether you’re insured.

Some tips on peer-to-peer home rental from the I.I.I.

Note: Airbnb has a Host Protection Program that provides hosts and landlords up to $1 million coverage for property damage and liability claims that occur in a listing or on an Airbnb property, during a stay.

But here are the risks that the Airbnb policy doesn’t cover:

“The Host Protection Insurance program does not apply to liability arising from (1) Intentional Acts including: (i) Assault and Battery or (ii) Sexual Abuse or Molestation – (by the host or any other insured party), (2) Loss of Earnings, (3) Personal and Advertising Injury, (4) Fungi or Bacteria, (5) Chinese Drywall, (6) Communicable Diseases (7) Acts of Terrorism, (8) Product Liability, (9) Pollution and (10) Asbestos, Lead or Silica.”

 

Why are securities class action filings at record high?

Federal class action securities fraud filings hit a record pace in the first half of 2017 and are on track for a year-end total that hasn’t been seen since 2001.

From Cornerstone Research and the Stanford Law School Securities Class Action Clearinghouse:

“Over the past six months, plaintiffs initiated 226 securities fraud class actions in federal court, more than in any equivalent period since enactment of the Private Securities Litigation Reform Act of 1995 (PSLRA).”

The first half of 2017 saw 4.7 percent of U.S. exchange-listed companies sued in federal securities class actions:

“If activity continues at the same pace, 9.5 percent of exchange-listed companies will be the subject of filings in 2017—the highest annual rate since 1997.”

Pharmaceutical firms were the most common targets of filings, according to the report.

A significant factor in the record number of filings? The continued upsurge in merger objection lawsuit filings. The D&O Diary has more on this trend.

Both traditional and M&A-related filings were at record levels. Traditional filings increased from 95 in the second half of 2016 to 131 in the first half of 2017. At the same time, M&A-related filings rose from 57 to 95.

“London Calling…”

I.I.I.’s James Ballot, Senior Director of Marketing and Content Strategy, contributes these highlights from the IIS Global Forum 2017.

Established millennia ago and since visited continually by perils ranging from fire, flood, pestilence, civil unrest and wave upon wave of attacking foreign enemies, it’s no great stretch to call London the de-facto global headquarters of resilience. So it’s fitting that London should host this year’s International Insurance Society’s (IIS) Global Insurance Forum (GIF), given that the event’s focus was set squarely on Global Resilience and the Role of Insurance.

At the Forum more than 500 delegates and other attendees gathered to set a truly global agenda for how insurance and other parties–NGOs, policymakers, businesses, educational institutions, the media, among others—will respond to challenges ranging from political instability to cyberthreats to the need to create the right talent infrastructure to master the technological changes presently shaping our industry to innovating ways to address threats posed by intensifying natural catastrophe cycles.

Among the highlights:

  • A video address from HRH The Prince of Wales to open the Day 3 Insurance Development Forum (IDF) in which he outlines four key areas where insurance can assume leadership in fostering resilience.
  • Wide-ranging discussions of the “insurance gap” and how narrowing it is essential to building financial resilience against cyberattacks, as well as mitigating uninsured natural catastrophe losses among vulnerable populations in developing nations.
  • The Nature Conservancy, a top-line partner at this year’s GIF, introduced an innovative insurance product underwritten by Swiss Re that insures coral reefs and other natural coastal fortifications.
  • Insurtech and emerging innovations are changing the business—mostly by creating a climate in which, as one insurance fund capital manager asserted, insurance and tech startups can partner to help make “yesterday’s risks insurable today.”

A lot to cover in a single posting, to be sure. For a deeper dive into the goings-on at IIS Global Forum, Asia Insurance Review (AIR) offers gavel-to-gavel coverage of the event, as well as valuable insights from Forum participants.

 

 

Cyber protection gap akin to nat cat

FedEx Corp has disclosed in a securities filing that its international delivery business, TNT Express BV, was significantly affected by the June 27 Petya cyberattack.

Apparently, the courier company did not have cyber insurance or any other insurance that would cover losses from Petya, according to this report by The Wall Street Journal, via the I.I.I. Daily.

A new emerging risk report from Lloyd’s and risk modeling firm Cyence notes that cyberattacks have the potential to trigger billions of dollars of insured losses, yet there is a massive underinsurance gap.

Take its first modeled scenario: a cloud service provider hack. The event produced a range of insured losses from $620 million for a large loss to $8.1 billion for an extreme loss (overall losses ranged from $4.6 billion to $53 billion).

This left an insurance protection gap of between $4 billion (large loss) and $45 billion (extreme loss), so between 87 percent and 83 percent of the overall losses respectively were uninsured.

In another modeled scenario, the mass vulnerability attack, the underinsurance gap is between $9 billion for a large loss and $26 billion for an extreme loss, meaning that just 7 percent of economic losses are covered by insurance.

From the report:

“In some ways, the cyber insurance market can be considered in the same light as underinsurance in the natural catastrophe space – risks are growing and insurance penetration figures are low.”

How do ransomware attacks impact cyber insurance loss ratios?

Another global ransomware attack, dubbed Petya, has disrupted operations at major firms across Europe and the United States.

More than 100 companies and organizations across various industries were affected, including shipping and transport firm AP Moller-Maersk, advertising firm WPP, law firm DLA Piper, Russian steel and oil firms Evraz and Rosneft, French construction materials company Saint-Gobain, food company Mondelez, drug giant Merck & Co, and Pennsylvania healthcare systems provider Heritage Valley Health System.

Today’s Insurance Information Institute Daily, via The Wall Street Journal, reports that the attack has exposed previously unknown weaknesses in computer systems widely used in the West.

The U.S. cyber insurance market grew by 35 percent from 2015 to 2016, based on recent reports.

From A.M. Best: U.S. property/casualty insurers wrote $1.35 billion in direct written premium for cyber insurance in 2016.

Overall, cyber insurance for the majority of companies was profitable and the direct loss ratio decreased by 4.5 percentage points to 46.9 percent in 2016, from 51.4 percent in 2015.

Ransomware attacks are part of the reason for the decline in the loss ratio, A.M. Best explains:

“The decline in direct loss ratio for 2016 is partially attributed to the majority of reported cyber-attacks being related to ransomware heists. In almost all ransomware cases, the losses were well below the deductible and a simple backup recovery resolved and remedied any negative long-term effect of the attacks.”

Read our earlier post on insurance for ransomware attacks.

Knowledge transfer gap at retirement needs attention

Talent management is a key concern among business owners, yet only 40 percent of businesses transfer knowledge from retiring staff, a Travelers survey found.

Only 60 percent of businesses surveyed reported that they provide employee training. These business practices can help promote a safe and well-trained workforce, Travelers said.

While businesses use a wide range of measures to prevent or mitigate common risks, including talent management, many could be doing more.

The survey found that roughly 2 out of 5 organizations do not safeguard the security of their premises (42 percent), post emergency exit plans (40 percent), or have emergency contact plans to reach employees or their families (39 percent).

Travelers surveyed 1,202 business owners and decision makers, including 493 small businesses (2 to 49 employees), 453 midsized businesses (50 to 999 employees) and 256 large businesses (1,000+ employees) across 11 industry sectors.

Check out the latest Insurance Industry Employment Trends report from I.I.I. chief economist Dr. Steve Weisbart.

I.I.I. facts and statistics on Careers and Employment are available here.

Ransomware: Does Cyber Insurance Make Sense?

As organizations look to recover from the disruption caused by Friday’s massive global ransomware cyberattack, the value of cyber insurance, and other cybersecurity tools, just multiplied exponentially.

Security researchers at Kaspersky Lab recorded more than 45,000 attacks in 74 countries including the UK, Russia, Ukraine, India, China and Italy, the Guardian reports.

The UK’s National Health Service, French car manufacturer Renault, and Spain’s telecommunications giant Telefonica were among those hit by the so-called WannaCry ransomware, which locks up computer systems until the victims pay a ransom.

Cyber risk modeling firm Cyence estimates the average individual ransom cost from the attacks at $300, and the total economic costs from interruption to business at $4 billion, according to this Reuters report.

Kevin Kalinich, global head of Aon’s cyber risk practice, told Reuters:

“If you’re a hospital that turned away patients, if you’re a global delivery company that can’t send a package, or a telecom company in Spain, Russia or China, the financial statement impact from the business interruption is much larger than the $300 ransomware.”

Insurance coverage for ransomware (see earlier post), and other forms of extortion, is available under cyber insurance policies, or other types of policies that specifically cover cyber extortion.

An insured’s ransom payment following an attack is typically covered, subject to individual policy terms and conditions, according to this I.I.I. white paper.

Cyber policies also provide coverage for the costs of forensic investigation, restoring lost or corrupted data, legal expenses and business interruption.

Here are some of the considerations that go into the decision to purchase coverage.

Where To Go For Small Business Cybersecurity Advice

Small businesses are increasingly vulnerable to cyberattacks. A new website launched by the Federal Trade Commission (FTC) is aimed at helping small business owners be better prepared.

The site – ftc.gov/SmallBusiness – is a one-stop shop where small business owners can find information to protect themselves from scammers and hackers, as well as resources they can use if they are hit with a cyberattack.

Online FTC resources include a new Small Business Computer Security Basics guide with information to help companies protect their files and devices, train employees to think twice before sharing the business’s account information, and keep their wireless network protected, as well as how to respond to a data breach.

Specific information on ransomware and phishing schemes targeting small businesses is also provided.

According to the U.S. Small Business Administration, there are more than 28 million small businesses nationwide, employing nearly 57 million people.

Cyberattacks can be particularly damaging to small businesses, and many lack the resources that larger companies have to devote to cybersecurity.

For example, the percentage of spear-phishing attacks targeting small business rose from 18 percent to 43 percent between 2011 and 2015.

Insurance is one of the ways in which small businesses can protect themselves. See I.I.I. resources on cyber liability risks.