Specialty Coverage


The cyber insurance market for small- to mid-sized companies is much friendlier than the market for larger insureds, according to the findings of an annual survey just released by Betterley Risk Consultants.

The Cyber/Privacy Insurance Market Survey 2015 notes that there are many insurance products competing for the business of small and mid-sized (SME) organizations.

Brokers are actively selling cyber policies to their SME insureds, and more are buying than ever before, as they realize the potential for liability, breach and response costs, arising out of the possession of private data.

The report says:

Rates for the SME segment are still competitive and renewals are generally flat, even a bit soft, undoubtedly affected by the numerous insurers getting a foothold in the cyber insurance market. Smaller insureds tend to have lower limits and often have relatively modest claims.”

In contrast, cyber coverage for larger organizations, especially those in retail and healthcare, are finding it more difficult to buy adequate limits at a reasonable price, the report suggests, as insurers are increasingly strict about adherence to cyber security and payment card industry standards.

For the larger/retail/healthcare insured, rates are rising, with increases in the 10-25 percent range most common. But the report points out:

This is for untroubled organizations; it’s worse (up to 200 percent) if they have claims experience that has yet to result in significantly improved cybersecurity measures.”

While annual premium volume information about the U.S. cyber insurance market is hard to come by, the report concludes that annual gross written premium is growing and may be as much $2.75 billion in 2015, up from $2 billion in last year’s report.

We think the market has nowhere to go but up—as long as insurers can still write at a profit.”

This year’s report includes products offered by 31 insurers, up from 28 in 2014.

Check out the Insurance Information Institute’s (I.I.I.) online resource for business insurance here.

 

You may have read that the Justice Department is warning food manufacturers that they could face criminal and civil penalties if they poison their customers with contaminated food.

Recent high profile food recalls, such as the one at Texas-based Blue Bell Creameries and another at Ohio-based Jeni’s Splendid Ice Creams, have drawn attention to this issue once again.

Now a new report by Swiss Re finds that the number of food recalls per year in the United States has almost doubled since 2002, while the costs are also rising.

Half of all food recalls cost the affected companies more than $10 million each and losses of up to $100 million are possible, Swiss Re says. These figures exclude the reputational damage that may take years for a company to recover from.

Contaminated food also takes a financial toll on the public sector. According to the U.S. Department of Agriculture, costs for the U.S. public health system from hospitalized patients and lost wages in 2013 alone was $15.6 billion. In total, 8.9 million people fell ill from the 15 pathogens tracked, with over 50,000 hospitalized and 2,377 fatalities.

Demographic change is putting more sensitive consumer groups at risk. Ageing societies, an increase in allergies in the overall population and the fact that malnourishment is still prevalent in many countries are significant drivers of the increase in exposure, Swiss Re notes.

Which brings us to insurance.

A variety of insurance products are available to help companies protect their bottom line from this potentially catastrophic exposure.

Product recall/contaminated product insurance will cover the costs of recalling accidentally or maliciously contaminated food from the market, and impaired or mislabeled products that cause bodily injury, sickness, disease or death.

Product liability insurance also provides compensation of third party liability claims for bodily injury and property damage caused by an impaired product.

As Roland Friedli, risk engineer at Swiss Re and co-author of the report says:

Food recalls can be caused by something as simple as a labeling error on the packaging, or as complex as a microbial contamination somewhere along a vast globalized supply chain. Yet event a simple mistake can cost a food manufacturer millions in losses and even more in terms of reputation. Insurance and sound risk management are essential for keeping affected businesses afloat.”

Further information on product liability, recall and contamination insurance and is available from the Insurance Information Institute (I.I.I.) here.

The unfolding story on what is being described as the largest cyberattack into the systems of the United States government reads like an episode out of CSI Cyber.

Today the head of the Office of Personnel Management (OPM) Katherine Archuleta resigned as fallout continued in the wake of Thursday’s revelation that the second of two massive data breaches exposed the personal data of 21.5 million federal employees, contractors, applicants and family members.

This follows the previous breach OPM announced in June in which some 4.2 million federal personnel records were exposed.

The magnitude of the second breach is incredible. In a release, OPM states:

OPM has determined that the types of information in these records include identification details such as Social Security Numbers; residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details. Some records also include findings from interviews conducted by background investigators and fingerprints. Usernames and passwords that background investigation applicants used to fill out their background investigation forms were also stolen.”

As the New York Times reports here, every person given a background check for the last 15 years was probably affected (that’s 19.7 million people), as well as 1.8 million others, including their spouses and friends.

It is thought that both OPM attacks emanated from China, though this is not confirmed.

In a week in which reported technical issues halted trading on the New York Stock Exchange, grounded United Airlines flights and took the Wall Street Journal’s website offline for several hours, the OPM announcement once again highlights the limitless nature of cyber exposures.

Meanwhile, a joint report from Lloyd’s and the University of Cambridge, points to the insurance implications of a cyber attack on the U.S. power grid and potential aggregation issues for insurers.

A hypothetical blackout that plunges 15 states into darkness, including New York City and Washington DC, leaving 93 million people without power would result in estimated insurance claims of $21.4 billion, rising to $71.1 billion in the worst case scenario, the report suggests.

Insurers would see losses across many lines of business, including property damage, business interruption, contingent business interruption, liability, homeowners and events cancellation.

Claims across other areas of insurance not included in the estimate are also possible, such as: injury-related claims; auto; property fire; industrial accidents; and environmental liability.

As Lloyd’s says in the report, one of the biggest concerns for insurers is that cyber risk is not constrained by the conventional boundaries of geography, jurisdiction or physical laws:

The scalability of cyber attacks – the potential for systemic events that could simultaneously impact large numbers of companies – is a major concern for participants in the cyber insurance market who are amassing large numbers of accounts in their cyber insurance portfolio.”

The financial impact of cyber exposures is close to exceeding those of traditional property, yet companies are reluctant to purchase cyber insurance coverage.

These are the striking findings of a new Ponemon Institute  survey sponsored by Aon.

Companies surveyed estimate that the value of the largest loss (probable maximum loss) that could result from theft or destruction of information assets is approximately $617 million, compared to an average loss of $648 million that could result from damage or total destruction of property, plant and equipment (PP&E).

Yet on average, only 12 percent of information assets are covered by insurance. By comparison, about 51 percent of PP&E assets are covered by insurance.

The survey found that self-insurance is higher for information assets at 58 percent, compared to 28 percent for PP&E.

In some ways, these results are not surprising.

Cyber insurance is a relatively new product, and while interest continues to increase, it will take time for the purchase rate to catch up with traditional insurances.

That said, the values at stake are enormous and as the report states, the likelihood of loss is higher for information assets than PP&E.

Another important takeaway from the survey is that business disruption has a much greater impact on information assets ($207 million) than on PP&E ($98 million).

This suggests the fundamental nature of probable maximum loss (PML) varies considerably for intangible assets vs. tangible assets, Ponemon says.

Business disruption represents 34 percent of the PML for information assets, compared to only 15 percent of the PML for PP&E.

A footnote states that while the survey results suggest PML in the neighborhood of $200 million, a growing number of companies are using risk analysis and modeling to suggest potential losses in excess of $500 million to over $1 billion and seek cyber insurance limit premium quotes and policy terms for such amounts.

More information on the growth in cyber insurance is available from the I.I.I. here.

Some 2,243 individuals involved in cyber and enterprise risk management at companies in 37 countries responded to the Ponemon survey.

The Kentucky Derby is upon us and insurers are more than just spectators at this major sporting event.

Bloodstock and equestrian insurance is big business with underwriters who specialize in offering tailored protection for high value animals.

Consider the staggering values at stake. A BloombergBusiness article by Mason Levinson tells the tale of American thoroughbred racehorse Tapit.

Tapit began his stud career with an initial stallion fee of $15,000. That fee has soared 20-fold in the past decade and in 2015 Tapit will generate over $30 million for his owners.

Why?

Tapit’s offspring tend to win races.

As Bloomberg reports:

By 2009, his offspring’s racetrack earnings placed him 28th on a national ranking of stallions, according to data compiled by the Bloodhorse. He climbed to 12th the next year, then third in 2011 and first in 2014, a position he has maintained over the first four months of this year.”

One of Tapit’s sons, Frosted, is a top contender in Saturday’s Kentucky Derby.

Today, Tapit’s total value is estimated at about $120 million, the article reports.

Luckily, there’s insurance for that. Whether you own racehorses, stallions, broodmares, or showjumpers, insurers are able to tailor a policy that meets your needs.

A bloodstock insurance policy typically would cover a number of different risks.

For example, all risks mortality would cover the value of the animal if it dies as a result of accident, disease or illness. Theft can also be covered, as well as loss of use (covering financial loss) and public liability.

If you run an equine breeding program, permanent infertility insurance is another important coverage. Stallions are the “calling card” of a major farm and can be synonymous with the farm’s name and reputation.

If a stallion becomes permanently impotent, infertile, or incapable of serving mares, it can be a huge setback for the owner, breeder or shareholder. This important coverage protects one of their most valuable assets.

Perhaps one of the most high-profile equine insurance claims over the years involved the death of thoroughbred Alydar in 1990. Check out this Blood-Horse feature article by Tom Dixon, the Lloyd’s of London insurance adjuster who was first on the scene when Alydar was found in his stall at Calumet Farm with a broken leg.

The decision by Texas-based Blue Bell Creameries to recall all of its products after two samples of its ice cream tested positive for listeria is a timely reminder of the importance of product recall insurance.

Product recalls can be costly and logistically complex. In Blue Bell Creameries’ case the expanded voluntary recall announced Monday night includes ice cream, frozen yogurt, sherbet and frozen snacks distributed in 23 states and international locations.

Blue Bell said it was pulling its products “because they have the potential to be contaminated with listeria.”

The company had issued an earlier more limited recall last month after the U.S. Centers for Disease Control and Prevention (CDC) linked ice cream contaminated with listeria to three deaths in Kansas.

As of April 21, 2015, the CDC says a total of 10 people with listeriosis related to this outbreak have been confirmed from four states.

A 2014 report by Aon notes that the number of product recalls in the United States and Canada for both food products and nonfood products continues to grow year over year.

Each year, hundreds of products are recalled in the U.S. Some historically significant recall events have included such well-known brands as Tylenol, Perrier, Firestone Tires, Pepsi and Coca-Cola.

The Insurance Information Institute (I.I.I.) reminds us that product recalls can be financially devastating and potentially put a company out of business. No organization is immune to the risk of a product recall—even those with the best safety records, operational controls and manufacturing oversight.

In a post in the Wall Street Journal’s Morning Risk Report, crisis management experts note that how well a company succeeds at regaining customer trust following a product recall will likely determine whether it recovers from the negative hit to its reputation and bottom line.

True. Insurance can also help defray the financial hit on a company.

Product recall insurance helps cover a wide range of costs including advertising and promotional expenses to launch a recall, as well as the costs related to product destruction and disposal, business interruption and repairing a damaged reputation, the I.I.I. says.

Another coverage worth considering is product contamination insurance, which protects a company’s bottom line in the event its product is accidentally or maliciously contaminated.

A new report from across the pond points to a large gap in awareness when it comes to cyber risk and the use of insurance among business leaders of some of the UK’s largest firms.

Half of the leaders of these organizations do not realize that cyber risks can be insured despite the escalating threat, the report found.

Business leaders who are aware of insurance solutions for cyber tend to overestimate the extent to which they are covered. In a recent survey, some 52 percent of CEOs of large organizations believe that they have cover, whereas in fact less than 10 percent does.

Actual penetration of standalone cyber insurance among UK large firms is only 2 percent and this drops to nearly zero for smaller companies, according to the report.

While this picture is likely a result of the complexity of insurance policies with respect to cyber, with cyber sometimes included, sometimes excluded and sometimes covered as part of an add-on policy, the report says:

This evidence suggests a failure by insurers to communicate their value to business leaders in coping with cyber risk. This may, in part, reflect the new and therefore uncertain nature of this risk, with boards more focused on security improvement and recovery planning than on risk transfer. It nevertheless risks leaving insurance marginalized from one of the key risks facing firms.”

Senior managers in some of the UK’s largest firms were interviewed for the report published jointly by the British government and Marsh, with expert input from 13 London market insurers.

As a first step to raising awareness, Lloyd’s, the Association of British Insurers (ABI) and the UK government have agreed to develop a guide to cyber insurance that will be hosted on their websites.

Reuters has more on the report here.

Cyber attacks against businesses may dominate the news headlines, but recent events point to the growing number and range of cyber threats facing public entities and government agencies.

City officials yesterday confirmed that city and county computer systems in Madison, Wisconsin were being targeted by cyber attackers in retaliation for the shooting death of Tony Robinson, an unarmed biracial man, by a Madison police officer last Friday. A Reuters report says the cyber attack is thought to have been initiated by hacker group Anonymous.

Then on Sunday the website of Colonial Williamsburg was hit in a cyber attack attributed to ISIS. The attack targeted the history.org website and comes just a week after the living history museum offered to house artifacts at risk of destruction in Iraq.

Meanwhile, Florida’s top law enforcement agency is reported to be investigating testing delays in public school districts caused by cyber attacks on the Florida Standards Assessment (FSA) testing system.

And a recent cyber attack at multiple New York City agencies including the office of the NYC mayor recently took down computer systems for most of a day.

There are many more examples.

Given the large amounts of confidential data held by public entities and government agencies, it’s not surprising that they are a target for cyber attacks.

Last year data breaches in the government/military sector accounted for 11.7 percent of U.S. breach incidents, according to the Identity Theft Resource Center (ITRC).

A GAO report here points to the cyber security risk to Federal agencies and critical infrastructure.

In a viewpoint at American City & County blog, Robin Leal, underwriting director at Travelers Public Sector Services recently warned of the growing cyber risks facing public sector organizations.

Leal cited data from a survey at the 2014 Public Risk Management Conference and 2014 National Association of Counties (NACo) conference showing that public officials’ confidence in their cyber protections is alarmingly low.

Only 13 percent of respondents to the survey were “very confident” that their public entity has adequate protection against cyber threats.

As well as written policies and procedures to handle cyber threats, Leal said public entities should consider cyber insurance.

Only 10 percent of current public sector clients add cyber protections to existing insurance policies, and for the majority of new business submissions cyber insurance is not part of their current coverage, Leal noted.

Check out the I.I.I. white paper Cyber Risks: The Growing Threat.

As a longtime Madonna fan and as a parent of two young cape-wearing superheroes, I was concerned to read of the 56-year-old star’s fall on stage – view here – during the closing performance at the UK’s Brit Awards earlier this week.

The Queen of Pop apparently suffered whiplash in the incident as she was dragged backwards when the tightly tied Armani cape she was wearing wouldn’t come undone.

Madonna managed to go on with the show, but it’s good to know that if she hadn’t there’s insurance for that.

From providing appearance/event cancellation coverage, to insuring celebrity body parts, to writing death and disgrace policies, specialist insurers play a major role in providing protection to the stars – and the companies that promote and sponsor them.

For example, through the years the Lloyd’s insurance market has insured a long line of celebrities and celebrity body parts.

This Lloyd’s article notes that Rolling Stones guitarist Keith Richards’ hands were insured for $1.6 million, while Marlene Dietrich insured her voice for $1 million and actress Bette Davis once insured her waistline against expansion to the tune of $28,000.

More recently, in 2006, soccer giant David Beckham’s legs were insured for £100 million and in 2007, Ugly Betty television star America Ferrera’s smile was insured for $10 million.

Whether a musician, sports star, TV personality, or a top chef, each celebrity risk profile comes with its own unique set of risks, according to the individual’s occupation, health, lifestyle and associated risks.

Another type of celebrity fall from grace is covered by a recently launched product from AIG’s Lexington Insurance Company. Known as Celebrity Product RecallResponse, the new product covers companies in the event of a celebrity endorser’s public fall from grace, scandal or unexpected death.

Basically, the product covers certain costs incurred by companies to recall products bearing a celebrity endorser’s name and image.

AIG says the insurance is triggered when “significant news media coverage of an endorser’s actual or alleged criminal act or other distasteful conduct that results in (or is likely to result in) public contempt for the individual and a significant adverse impact on a company’s product.”

As Jeremy Johnson, president and CEO of Lexington Insurance Company, notes:

In this age of social media and instant news, reports of indiscretions by celebrities or high profile athletes can spread worldwide instantly, with swift, adverse implications for products or brands associated with the individual.”

Just another example of how innovative insurance can be.

Just in time for Valentine’s Day Jim Lynch brings us a heartfelt tale of love and insurance:

Last year I wrangled a review copy of Love Insurance, a century-old novel by Earl Derr Biggers, whose better known works created Charlie Chan in a spectacularly unsuccessful attempt to sweep away anti-Chinese stereotypes. The book was re-released by London’s Hesperus Press.

2015.02.03 PHOTO Love insurance

The story: A member of the British peerage buys a Lloyd’s policy that will pay him £75,000 if his impending marriage falls through. To protect his investment, the underwriter sends an earnest delegate to monitor the engagement. Earnest delegate falls in love with fiancée. They end up together despite several plot twists, most not memorable to me six weeks after finishing the book. So unfortunately I cannot recommend the work.

I do remember the insurance policy: £7,500 for a £75,000 limit. The cash-strapped lord can’t afford more cover – he’s marrying into an American fortune, a fact that addresses adverse selection.

Anyhow, as you can see above the policy is priced at 10 percent rate on line. Back then, the load for expenses and profit was a factor like 100/80ths or 100/75ths. Stripping that from the rate on line implies the underwriter and the lord implicitly agreed the probability the policy would pay was between 7.5 percent and 8 percent.

When you’re an actuary, you think like that.

These days wedding insurance covers calamities from the event, not of the heart, as the linked I.I.I. article and video explain.

Next Page »