Entries tagged with “Tech”.
Did you find what you wanted?
Technology is not enough in the fight against cybercrime, effective cybersecurity measures require policy and process changes as well.
That’s the takeaway from an analysis of cyber-risk spending included in the 2015 U.S. State of Cybercrime Survey recently released by PwC.
While cybersecurity budgets are on the rise, companies are mostly reliant on technology solutions to fend off digital adversaries and manage risks.
Among the 500 U.S. executives, security experts and others from public and private sectors responding to the survey, almost half (47 percent) said adding new technologies is a spending priority, higher than all other options.
Notably, only 15 percent cited redesigning processes as a priority and 33 percent prioritized adding new skills and capabilities.
When asked whether they have the expertise to address cyber risks associated with implementation of new technologies, only 26 percent said they have capable personnel on staff. Most rely on a combination of internal and external expertise to address cyber risks of new solutions.
As PwC advises:
Companies that implement new technologies without updating processes and providing employee training will very likely not realize the full value of their spending. To be truly effective, a cybersecurity program must carefully balance technology capabilities with redesigned processes and staff training skills.”
Employee training and awareness continues to be a critical, but often neglected component of cybersecurity, PwC said. Only half (50 percent) of survey respondents said they conduct periodic security awareness and training programs, and the same number offer security training for new employees.
Some 76 percent of respondents to the survey said they are more concerned about cybersecurity threats this year than in the previous 12 months, up from 59 percent the year before.
As PwC noted, in today’s cybercrime environment, the issue is not whether a business will be compromised, but rather how successful an attack will be.
Check out Insurance Information Institute (I.I.I.) facts and statistics on cybercrime here.
Monday, June 22, 2015
Posted by Claire under Auto Insurance, Customer Satisfaction
Gen Y customers–or Millennials–have expressed a sharp increase in satisfaction with their car insurance compared to other generations, according to the just-released J.D. Power 2015 U.S. Auto Insurance Study.
The study examines customer satisfaction in five factors: interaction; price; policy offerings; billing and payment; and claims.
Overall customer satisfaction with their auto insurer reached an all-time high of 818 on a 1,000-point scale, an improvement of 8 index points from 2014.
Satisfaction among Gen Y customers increased by 21 points—the biggest increase compared with the other generations. Satisfaction among Gen X customers was up 6 points, and among Boomers by 4 points, while Pre-Boomers were less satisfied (-3 points).
Improved interactions had the greatest impact on overall customer satisfaction and were also the largest contributor to the year-over-year improvement, the JD Power survey found.
Interaction satisfaction among Gen Y customers came in at 827, an increase of 20 points from 2014.
Customer interaction preferences are changing. Gen Y’s preference to interact exclusively via digital self-service (Web or mobile) increased to 27 percent in 2015, up from 21 percent in 2011.
A similar preference to interact via Web or mobile is true of other generations: Gen X (23 percent vs. 19 percent in 2011); Boomers (12 percent vs. 10 percent); and Pre-Boomers (6 percent vs. 4 percent).
However, auto insurers need to have their websites ready to resolve customer service issues.
The survey found that among the interaction channels, satisfaction with the website experience receives the lowest average score, most notably among Gen Y customers (816, compared with 826 for Gen X, 841 for Boomers and 861 for Pre-Boomers).
JD Power noted that while customers across all generations are able to use online self-service for basic tasks such as making a payment and gathering information about their account, they also need to be able to resolve more complex issues online.
Still, some activities are better performed through personal interactions, J.D. Power noted.
For example, when it comes to discussing price changes, one-quarter (25 percent) of Gen Y customers would rather talk to someone in person or over the phone, and 23 percent indicate they prefer in person or over the phone rather than the website channel when they have questions about their policy coverage.
The Insurance Information Institute (I.I.I.) has some must-read facts and statistics on auto insurance here.
A California Labor Commission ruling that an Uber driver is a company employee, not an independent contractor may dampen fears that the on-demand economy spells the end for workers compensation, liability and health insurance. At least for now.
As reported by numerous news outlets, here and here, the decision out of California – though it applies to a single driver – could significantly increase costs for the ride-sharing business if it is copied by other states and in other cases.
It could also have potential implications for other segments of the economy important to property/casualty insurers.
As the New York Times reports:
The classification of freelancers is in dispute across a number of industries, including at other transportation companies. And the debate is set to escalate as the number of online companies and apps like Uber and others rises.”
The ruling, which commentators say could hurt Uber’s $40 billion-plus valuation, orders Uber to pay Barbara Berwick, $4,152 in expenses for the time she worked as an Uber driver last year.
Here are a couple of key excerpts from the California Labor Commission decision:
Plaintiffs’ work was integral to Defendants’ business. Defendants are in business to provide transportation services to passengers. Plaintiff did the actual transporting of those passengers. Without drivers such as Plaintiff, Defendants’ business would not exist.”
Defendants hold themselves as nothing more than a neutral technological platform, designed simply to enable drivers and passengers to transact the business of transportation. The reality, however, is that Defendants are involved in every aspect of the operation.”
In response to the ruling (which it has appealed) Uber stated:
The California Labor Commission’s ruling is non-binding and applies to a single driver. Indeed it is contrary to a previous ruling by the same commission, which concluded in 2012 that the driver ‘performed services as an independent contractor, and not as a bona fide employee.’ Five other states have also come to the same conclusion.”
Potential insurance issues arising out of the on-demand or sharing economy are a recurring topic of conversation these days.
In a recent presentation I.I.I. president Dr. Robert Hartwig noted that traditional insurance will often not cover a worker engaged in offering labor or resources through these on-demand platforms.
For example, private passenger auto insurance generally won’t cover you while driving for Uber and a homeowners insurance policy won’t cover a homeowner for anything other than occasional rents of their property.
Also, Dr. Hartwig said: “Unless self-procured, on-demand workers (independent contractors) will generally have no workers comp recourse if injured on the job.”
Wednesday, May 13, 2015
Posted by Claire under Business Risk, Specialty Coverage, Technology
The financial impact of cyber exposures is close to exceeding those of traditional property, yet companies are reluctant to purchase cyber insurance coverage.
These are the striking findings of a new Ponemon Institute survey sponsored by Aon.
Companies surveyed estimate that the value of the largest loss (probable maximum loss) that could result from theft or destruction of information assets is approximately $617 million, compared to an average loss of $648 million that could result from damage or total destruction of property, plant and equipment (PP&E).
Yet on average, only 12 percent of information assets are covered by insurance. By comparison, about 51 percent of PP&E assets are covered by insurance.
The survey found that self-insurance is higher for information assets at 58 percent, compared to 28 percent for PP&E.
In some ways, these results are not surprising.
Cyber insurance is a relatively new product, and while interest continues to increase, it will take time for the purchase rate to catch up with traditional insurances.
That said, the values at stake are enormous and as the report states, the likelihood of loss is higher for information assets than PP&E.
Another important takeaway from the survey is that business disruption has a much greater impact on information assets ($207 million) than on PP&E ($98 million).
This suggests the fundamental nature of probable maximum loss (PML) varies considerably for intangible assets vs. tangible assets, Ponemon says.
Business disruption represents 34 percent of the PML for information assets, compared to only 15 percent of the PML for PP&E.
A footnote states that while the survey results suggest PML in the neighborhood of $200 million, a growing number of companies are using risk analysis and modeling to suggest potential losses in excess of $500 million to over $1 billion and seek cyber insurance limit premium quotes and policy terms for such amounts.
More information on the growth in cyber insurance is available from the I.I.I. here.
Some 2,243 individuals involved in cyber and enterprise risk management at companies in 37 countries responded to the Ponemon survey.
Monday, April 27, 2015
Posted by Claire under Auto Insurance, Auto Trends, Technology
Everyone wants to talk about autonomous vehicles, and for proof I.I.I. chief actuary Jim Lynch offers the AIPSO Residual Market Forum, at which he spoke in mid-April.
AIPSO manages most of the automobile residual market, where highest risk drivers get insurance. Each state has a separate plan for handling risky drivers and AIPSO services most of them in one way or another, acting as the linchpin in the $1.4 billion market, about 0.7% of all U.S. auto insurance written in 2013, according to Auto Insurance Report.
Though small, the residual market is important, but it’s not an area that would naturally lend itself to discussing the self-driving car. If cars could drive themselves, of course, there wouldn’t be much of a residual market.
Even so, I was one of three speakers at the forum’s panel exploring industry trends, and at AIPSO’s request, all three of us touched on autonomous cars.
Though he spoke last, Peter Drogan, chief actuary at AMICA Mutual Insurance, probably did the best job of laying out the future technology and some of its challenges. Particularly spooky was a 60 Minutes clip in which a hacker took over a car Lesley Stahl drove over a parking lot test course. She wasn’t driving fast, but she couldn’t stop after the hacker took over the brakes of her car.
Karen Furtado, a partner at Strategy Meets Action, a consultancy that helps insurers plan for the future, laid out the case for disruption. Autonomous vehicles will not only make vehicles safer, they will change driving habits. Fewer cars will be on the road, and more people will share them, summoning self-driving vehicles through ride-sharing apps, all of which could potentially shrink the $180 billion auto insurance market.
I’ve made my thoughts clear before, both in this blog and elsewhere: the technology will change driving forever, but it takes about three decades for auto technology to become common on roadways, giving insurers a lot of time to adjust. And some coverages, like comprehensive, will not be affected, as they protect cars when they aren’t in accidents.
A PowerPoint of my presentation is posted here.
Thursday, March 19, 2015
Posted by Claire under Auto Insurance, Auto Trends, Technology
I.I.I. chief actuary Jim Lynch looks into the future of self-driving cars:
I wrote about autonomous vehicles and insurance for the March/April edition of Contingencies magazine.
I argue that while the safety improvements will reduce the number of automobile accidents, any predictions of the end of automobile insurance look overblown today.
The first cars to drive themselves will only do so for a few minutes at a time – far from the curbside-to-curbside Dream Vehicle that gets most of the media attention. Any new auto technology takes two or three decades to cascade from a pricey option on luxury vehicles to standard equipment found on every used Chevy.
The slow rollout means claim frequency – the number of claims per hundred vehicles – is likely to decline over the next few decades at about the same rate as it has over the past five decades, giving insurers plenty of time to adapt, just as they have since the first policy was issued in Dayton, Ohio, in the 1890s.
Here is an excerpt:
The property/casualty industry will react as it has for decades, as regulation and innovation have made auto, products and the workplace safer. The impact will be carefully measured by actuaries, who will adjust rates as the innovations prove out. Insurers will find new coverages that customers will want.
The Dream Vehicle will change auto insurance, sure, but it won’t destroy it.”
The I.I.I. has an Issues Update on Self-Driving Cars and Insurance.
Friday, March 6, 2015
Posted by Claire under Homeowners Insurance, Technology
Much hay is being made of an apparent decline in the number of identity theft victims and losses, amid an ongoing number of significant data breaches.
The headlines follow release of the 2015 Identity Fraud Study by Javelin Strategy & Research. The study found that there were 12.7 million identity fraud victims in 2014, down 3 percent from the near record high of 13.1 million victims in 2013.
At the same time, some $16 billion was stolen from fraud victims in 2014, an 11 percent decline from $18 billion in 2013. Javelin attributes the decrease to the combined efforts of industry, consumers and monitoring and protection systems that are catching fraud more quickly.
As we know, 2014 saw a number of major data breaches, notably from retailers Home Depot, Neiman Marcus, Staples and Michael’s as well as financial institutions such as JP Morgan Chase.
But lest you think that the swift response to data breaches has nullified the identity theft threat, think again.
Javelin found that two-thirds of identity fraud victims in 2014 had previously received a data breach notification in the same year. Also, individuals whose credit or debit cards were breached in the past year were nearly three times more likely to be an identity fraud victim.
Meanwhile, identity theft just topped the Federal Trade Commission’s (FTC) national ranking of consumer complaints for the third consecutive year, accounting for 13 percent of all complaints.
Government documents/benefits fraud (39 percent) was the most common form of reported identity theft, followed by credit card fraud (17 percent), phone or utilities fraud (13 percent), and bank fraud (8 percent), the FTC said.
Whether or not identity theft is caused by a data breach (remember, stolen laptops, wallets, dumpster diving, phishing scams are some of the most common causes of identity theft), or whether an individual even knows how their information was compromised (many don’t), it’s important to stay vigilant to this threat.
A 3 percent decline in identity fraud victims in one year isn’t much. As Al Pascual, director of fraud & security at Javelin notes:
Despite the headlines, the occurrence of identity fraud hasn’t changed much over the past year, and it is still a significant problem.”
Wondering if your homeowners insurance policy includes coverage for identity theft? Check out these useful tips from the I.I.I.
Thursday, January 22, 2015
Posted by Claire under Risk Management, Technology
Measures and methods widely used in the financial services industry to value and quantify risk could be used by organizations to better quantify cyber risks, according to a new framework and report unveiled at the World Economic Forum annual meeting.
The framework, called “cyber value-at-risk” requires companies to understand key cyber risks and the dependencies between them. It will also help them establish how much of their value they could protect if they were victims of a data breach and for how long they can ensure their cyber protection.
The purpose of the cyber value-at-risk approach is to help organizations make better decisions about investments in cyber security, develop comprehensive risk management strategies and help stimulate the development of global risk transfer markets.
Among the key questions addressed by the cyber value-at-risk model concept are: how vulnerable are organizations to cyberthreats? how valuable are the key assets at stake? and, who might be targeting them?
The proposed framework is part of a new report, Partnering for Cyber Resilience: Towards the Quantification of Cyber Threats, that was created in collaboration with Deloitte and the input of 50 leading organizations around the world.
As the report states:
The financial services industry has used sophisticated quantitative modeling for the past three decades and has a great deal of experience in achieving accurate and reliable risk quantification estimates. To quantify cyber resilience, stakeholders should learn from and adopt such approaches in order to increase awareness and reliability of cyber threat measurements.”
One potential option, it suggests, is to link corporate enterprise risk management models to perspectives and methods for valuing and quantifying “probability of loss” common to capital adequacy assessment exercises in the financial services industry, such as Solvency II, Basel III, albeit customized to recognize cyber resilience as a distinct phenomenon.
The report points out that the goal is not to provide a single model for quantifying risk. Indeed for cyber resilience assurance to be effective, it says participants need to make a concerted effort to develop and validate a shared, standardized cyber threat quantification framework that incorporates diverse but overlapping approaches to modeling cyber risk:
A shared approach to modeling would increase confidence regarding organizational decisions to invest (for risk reduction), distribute, offload and/or retain cyber threat risks. Implicit is the notion that standardizing and quantifying such measures is a prerequisite for the desirable development and smooth operation of cyber risk transfer markets. Such developments require ERM frameworks to merge with insurance and financial valuation perspectives on cyber resilience metrics.”
Monday, January 12, 2015
Posted by Claire under Auto Insurance, Auto Trends, Technology
We’re reading that self-driving cars are no longer a thing of the future, but it’s in the subhead of this Time article: how long will it be before your car no longer needs you? where the heart of the story lies.
Jason H. Harper writes of how he earned one of the first new driverless motor licenses – technically known as an “autonomous vehicle testing” permit – from the California DMV.
He then describes his chauffeured ride by a prototype Audi from Silicon Valley to Las Vegas for last week’s Consumer Electronics Show:
The car uses an array of sensors, radars and a front-facing camera to negotiate traffic. At this point, the system works only on the freeway and cannot handle construction zones or areas with poor lane markings. When the car reaches a construction zone or the end of a highway, a voice orders you to take the wheel back.”
Before taking the 550-mile road trip, Harper had to get special instruction on how not to drive, per California regulations:
The training included basics like turning the system on and off and learning the circumstances in which it could be used. The rest was about handling emergencies, such as making lane changes to avoid crashing.”
Harper says the training was far more difficult and involved than a regular driving test. However, average buyers will not need such training.
Because rollout of this technology is gradual. Audi’s program for example would allow the car to self-drive in stop-and-go highway traffic, but when traffic clears the driver takes the wheel again.
It’s at the very end of the article that a voice from academia reminds us that this approach may be no bad thing as both technology and driver acceptance need time to mature.
Dr. Jeffrey Miller, an associate professor at the University of Southern California, tells Time that in his opinion licenses and drivers will never be obsolete because “the driver will always have to take over in case of a failure.”
It’s an interesting point. From the insurance perspective, too, while self-driving cars are definitely on the way, the implications for insurers are evolving. In its issue update Self-Driving Cars and Insurance, the I.I.I. notes:
Except that the number of crashes will be greatly reduced, the insurance aspects of this gradual transformation are at present unclear. However, as crash avoidance technology gradually becomes standard equipment, insurers will be able to better determine the extent to which these various components reduce the frequency and cost of accidents.”
They will also be able to determine whether the accidents that do occur lead to a higher percentage of product liability claims, as claimants blame the manufacturer or suppliers for what went wrong rather than their own behavior.”
More on auto insurance here.
Monday, November 17, 2014
Posted by Claire under Legal Environment, Technology
If you know someone who leads an active lifestyle, you may already know what a Fitbit is. For everyone else, a Fitbit is a wearable device that tracks steps, calories, distance and even sleep.
Now it appears data from wearable devices may be admissible in court.
Forbes.com reports that a law firm in Calgary is working on the first known personal injury case that will use activity data from a Fitbit to help show the effects of an accident on their client.
According to the report, the young woman in question, who used to be a personal trainer, was injured in an accident four years ago. While Fitbits weren’t on the market back then, her lawyers believe they can use data from her Fitbit to show that her activity level has significantly decreased and is now below where it should be for someone of her age and profession.
The article suggests that “cases like this could open the door to wearable device data being used not just in personal injury claims, but in prosecutions.”
The young woman’s lawyer is also quoted saying that such data could be useful to insurers assessing questionable claims and that just as courts requisitioned Facebook for information several years ago a court order could compel disclosure of that data.
Sounds like another case where digital information has an unintended use in the courtroom.