Category Archives: Technology

Hope the (fire)wall is high enough

Getty Images

Fans of Game of Thrones are getting ready to learn the fate of their favorite characters when the final season of the show starts airing on HBO on April 14th. At the same time, security experts are warning that cyber-crooks are ready to take advantage of the show’s popularity to attack people’s computers.

The huge popularity of the show makes illegal download sites, where users can view episodes without the required subscriptions, popular distributions point for malware. In 2018 Game of Thrones accounted for 17 percent of all infected pirated content, according to Kaspersky Labs, even though no new episodes aired on TV over that time. This suggests that the coming premiere could be the most dangerous time to be downloading the torrents.

According to Kaspersky, the most popular kind of attack via pirated content was a trojan, a piece of software that is installed on a computer and allows the hacker to take control of that device.

The good news is that, overall, the prevalence of TV show-related malware has been declining. In 2018, the total number of users who encountered this kind of malware was 126,340, a third less than it was the year before. The number of total attempts dropped by 22 percent, to 451,636. Kaspersky said that drop was in line with a reduction in the number of security threats across the internet. But it might also be linked to a drop in the number of people using torrents, as interest in the technology declines.

Blockchain: the anatomy of a hype

Remember blockchains?

They were going to change the world. Is there a problem or challenge? Consider using a blockchain. Engaged in a business? Consider the blockchain. Thinking about where to get lunch? Again, blockchain.

No industry would be left un-disrupted. Insurance would never be the same again.

And sure, that all might come to pass someday. Very smart people are working on blockchain applications. But right now it seems like the hype bubble is bursting, at least in the public mind.

Here are Google searches for “blockchain” over the past five years in the “finance” category:

Data source: Google Trends

Here is the search for “cryptocurrency”:

Data source: Google Trends

And just for fun, here’s the valuation of bitcoin:

Data source: CoinDesk

I’m not the first person to notice this, of course. The Gartner “Hype Cycle for Emerging Technologies” 2018 report put “blockchains” on the cusp of the dreaded “trough of disillusionment”.

Source: Gartner

Trough of disillusionment. Sounds ominous.

Why the cool down about blockchains? The short answer: expectations have begun to re-align with reality.

There are several reasons why.

Earlier this year I wrote an article for the Actuarial Review about blockchains – and how they might be solutions in search of a problem. In the article, I cited Stephen J. Mildenhall from the School of Risk Management of St. John’s University, who compared a blockchain to a military tank. In theory you could drive your kids to school in a tank. But why would you? Tanks are extremely expensive, slow and inefficient (plus, I’m not sure they’re road-legal). A minivan would be a better solution. Like a minivan, a simple SQL database could probably do most jobs that a blockchain could do, except much more cheaply, quickly and efficiently.

Another big sell of blockchains was that they were theoretically unhackable. As I wrote last year, that’s only kinda-sorta the case. Blockchains themselves might be unhackable (depending on their governance structures), but for a lot of applications they need to connect to that extremely hackable thing called The Internet. Which is why you’re regularly reading about massive cryptocurrency heists.

But just because we’re in the trough of disillusionment (sorry, I just love that phrase), doesn’t spell the end for blockchains. This is a normal process for emerging technologies: a new technology is developed, everyone gets extremely excited, then reality kicks in and the hard (and underreported) work begins of perfecting the technology for real-world use.

I wouldn’t be surprised if blockchains quietly become ubiquitous for some applications in the near future – but how they’re integrated and what kind of real impact they’ll have are anyone’s guess.

In the meantime: beware the hype about any emerging technology.

The future of telemedicine and workers’ compensation insurance

You can’t talk about workers’ compensation insurance these days without mentioning “telemedicine” at least once. It should therefore come as no surprise that telemedicine was given its own panel discussion at the 2019 Workers’ Compensation Research Institute’s (WCRI) Annual Issues and Research Conference.

(In case you don’t know, the American Telemedicine Association (ATA) defines telemedicine as the “remote delivery of health care services and clinical information using telecommunications technology.” Think of an app that lets you video chat with a doctor, for example.)

The potential benefits of telemedicine to patients, providers, and employers could be immense. Improved access to healthcare services. Fast, personalized care. Treatment efficiencies. Reduced costs. Dr. Stephen Dawkins of Caduceus USA put it this way: “It’s crystal clear, as a provider, that telemedicine is a tsunami that will change the paradigm of medical care.”

Indeed, as Dr. David Deitz of Deitz & Associates noted, telemedicine is almost the perfect storm of improved healthcare services – and is already experiencing exponential growth in the commercial health sector. Citing the ATA, he noted that there were an estimated 1.25 million telehealth visits in 2016 alone – and that some sources estimate that over 400 million of U.S. medical visits could have been telemedicine encounters.

But has telemedicine made inroads into workers’ compensation?

Dr. Deitz pointed out that there is “essentially no quantitative data on [telemedicine] use in workers’ compensation.” Furthermore, he argued that there are several open questions when it comes to telemedicine: what are the appropriate regulations and reimbursement models? Is there a quality trade-off for telemedicine versus in-person encounters? Are there any privacy or cybersecurity concerns?

Kurt Leisure, vice president of risk services for The Cheesecake Factory, offered some preliminary answers when describing his company’s new telemedicine program for worker injuries, implemented in February 2018.

According to Leisure, the program basically works as follows. An injury occurs. If urgent, the injured worker proceeds directly to urgent care or the emergency room. If it’s non-urgent, the worker calls the company’s nurse triage system for preliminary care. If the phone call isn’t enough, the worker has the option of being escalated to a telemedicine program on their smartphone.

What have been the results so far? Generally positive, with the program leading to $153,000 in hard dollar savings in 2018. But Leisure did note that there are still wrinkles that need to be ironed out. Identification of telemedicine candidates during the triage phase needs improvement.  Employee trust in the program could also improve.

But the injured workers seem to approve of the program. “Overall, I’m really excited, there’s a lot of upside potential just in our initial program,” Leisure said. “I think it will explode over time.” One particular benefit of telemedicine could be keeping workers and employers out of the courtroom. “We think the litigation rate is going to drop significantly” with widespread and effective telemedicine, said Leisure.

Indeed, despite some open questions about workers’ compensation adoption of telemedicine, the panel agreed that the industry would benefit tremendously. “Telemedicine basically gives you a conduit through which you can achieve better case management,” said Dr. Dawkins.

Latest Driverless Vehicle Roadblock: Bicycles

I hope he’s wearing a helmet.

As someone who (perhaps unwisely), likes to bike around New York, I’ve long looked forward to driverless cars. They can’t drive drunk. They won’t drive like reckless teenagers. They won’t threaten to beat me up for ringing my bell (true story).

Even better: they’ll be able to see and avoid me even on a dark and stormy night.

Or so I thought.

As it turns out, bicycles could slow driverless vehicle deployment. Case in point: Holland, land of bicycles.

According to a recent KPMG report, the Netherlands is the country most prepared for autonomous vehicles. The country is actively working to begin autonomous truck platooning on highways; a legal framework has been developed for testing AVs on public roads without a driver; and the country is even preparing a drivers license for AVs.

But whether AVs will ever operate in Holland’s cities is an open question. Because, as an executive quoted in the report put it, “We have a lot of bicycles.” That’s an understatement. According to The Guardian, there are an estimated 22.5 million bicycles for a population of 17 million people.

And unfortunately, as the article notes, bicyclists are unpredictable: “the varying sizes and agility of cyclists, with their sudden changes in speed and loose adherence to the rules of the road, present a major challenge to the [AV] existing technology.”

Such a major challenge, in fact, that KPMG suggests forgetting about ever integrating AVs into a bicycle-heavy environment: just keep AVs and bicyclists separated entirely.

We don’t have as many bicyclists in New York. The city estimates somewhere in the ballpark of 1.5 million casual riders.  But that’s probably enough cycling on our already-crowded, dilapidated streets to put a hold on my dream of a safe, driverless vehicle future. (AVs in Phoenix, meanwhile, have an entirely different problem…)

In the meantime, you would do well to wear a helmet and stop texting!

Data Analytics Comes to the Legal Profession

there are insights in there somewhere

Did “data analytics” ruin baseball? Depends on whom you ask: the cranky old man in a Staten Island bar or the nerd busy calculating Manny Machado’s wRC+ (it was 141 in 2018, if you cared to know).  

What is indisputable, though, is that the so-called “Sabermetrics revolution” rapidly and fundamentally changed how the game is played – this is not your grandpa’s outfield! 

And data is eating the whole world, not just baseball. Now it’s coming for the legal profession, of all places. The Financial Times recently published an article on how law analytics companies are using statistics on judges and courts to weigh how a lawsuit might play out in the real world. One such company does the following (per the article):  

The sort of information that might be analysed includes how many times the opposing lawyer has filed certain types of lawsuit, in which court, with what success rate, who they have represented, and which attorneys they have faced. Once a judge has been assigned to the case, legal research companies can provide statistics on his or her record as well.  

Another law analytics firm “shows the litigation history of judges, lawyers and law firms, including win/loss rates for trials that are benchmarked to competitors, the success rates of different types of motion in individual courts and a database of who sues and gets sued most often.” 

Proponents reportedly argue that this is a) a more efficient way to go about the business of law and b) a way to identify where the legal system is inconsistent.  

That being said, it’s not yet all sunshine and roses for legal system Sabermetricians. As the FT notes, most litigation is dropped or settled, which means there are no public court documents for those cases. Which means no data to be mined. How many cases get dropped or settled? Perhaps as many as 90 percent. Big data is hard when most of the data don’t exist.  

So that means doing things the old-fashioned way. One law firm identified by the FT supplements data gaps by using (quel horreur!) real human lawyers to assess how a case might fare during the legal process.  

Another issue is whether anything useful can be gleaned from what little data there are. One gentleman quoted in the article put it thus: “The judge analytics demonstrations I have seen to date oscillate between the blindingly obvious and the statistically irrelevant.”  

Nonetheless, as the datasets grow, it doesn’t seem impossible that the ability to assess lawsuits will only improve. Which leads me to wonder: will judges change their behavior in response? The baseball data revolution didn’t just reveal information – it changed how players actually played in response to that information. Data isn’t passive, turns out. It remains to be seen how shining the light of data on the court system could change the court system itself.

Much Ado About AI at I.I.I. Joint Industry Forum

By Lucian McMahon

You’re familiar with the buzzwords by now. Internet of things. Blockchain. Artificial intelligence.

At the 2019 I.I.I. Joint Industry Forum, a panel on artificial intelligence and insurance cut through the buzz. How can AI be used to help build resilient communities? And how can the insurance industry leverage AI to better help customers address risk?

Pictured left to right: Andrew Robinson, Sean Ringsted, Ahmad Wani, Kyle Schmitt, James Roche

New products, more resilience

Regarding resilience, Ahmad Wani, CEO and co-founder of One Concern, said that AI is being used to harness vast troves of data to identify, on a “hyperlocal level,” the impact of a whole range of hazards. His company is already doing just that, partnering with local governments and insurance companies to better plan for future losses. “We don’t need to wait for disasters to happen to prioritize the response, we need to make changes and to act now before the disaster,” Wani said.

Sean Ringsted, executive vice president, chief digital officer and chief risk officer at the Chubb Group, also pointed out that insurers are already expanding their product offerings thanks to AI and big data. Contingent business interruption, for example: the sheer volume of data can now allow insurers to effectively analyze supply chain risks and price them accordingly.

Transparency and fairness are top of mind

But as Ringsted said, “it’s not all good news and roses.” What sorts of concerns should insurers and the public have about using AI?

Kyle Schmitt, managing direct of the global insurance practice at J.D. Power cited consumer concerns with the data and algorithms used for AI-enabled products. Consumers are deeply concerned with the security and privacy of any data they share with insurers. Per Schmitt, consumers also worry about the fairness of AI products, when algorithms instead of people are making decisions in an opaque way.

This is the so-called “black box problem” of AI, in which complex algorithms will arrive at answers or decisions without anyone being able to explain how they did so. Ringsted stressed that, for AI to be a viable tool, its mechanisms will need to be explainable to regulators and the public.

James Roche, vice president, personal lines product development at ISO, echoed this sentiment: social responsibility requires both robust data stewardship and strict control over AI outputs to ensure that outcomes are fair and within ethical standards.

From a consumer perspective, ensuring ethical use of AI is critical. Schmitt said that at the end of the day consumers are open-minded, “but they just want some ground rules.”

Reminder: your smart home security system is hackable

Doors that can be locked remotely with a smartphone app. Facial recognition cameras that alert you when certain people arrive at your front door. Motion sensors that trigger video recordings when someone steals your Amazon packages.

If we’re being honest, smart home security systems sound extremely creepy to me.

But I understand the sell: smart home security devices can keep people safe and offer peace of mind – did I remember to lock the door? Doesn’t matter, my phone can lock it.

Nothing in this world is perfect, though. Unlike smart home security systems, you can’t use a computer to hack into and unlock a standard deadbolt.

The Insurance Journal recently ran a piece describing yet another experiment where researchers easily hacked into someone’s smart home security system. In one scenario, a researcher hacked into a person’s phone using a coffee shop’s free WiFi. Once inside, he accessed their smart light switch app, and then jumped from there into the smart home’s security devices. Voila, smart door unlocked. All that’s missing is a red carpet to welcome thieves as they waltz in the front door.

This shouldn’t be news. Here’s a video from 2016 of researchers hacking into a smart lock:

Everything is a trade-off. As informed consumers, we can’t assume that a solution to one security problem (forgetting to lock our doors) will solve every other security problem – or that it won’t create new ones (hacking into our front doors). It’s important to weigh the risks and benefits of smart home security, and to conduct due diligence in researching the cybersecurity protections of each system. It’s also important to consider additional protections, like purchasing cybersecurity insurance coverage, just in case.

If that sounds onerous, it’s nothing compared to dealing with a robbed house.

“Deepfakes”: a looming nightmare for insurers?

Picture a world where sophisticated machine-learning algorithms generate hyper-realistic video footage of you doing things you’ve never done and saying things you’ve never said.

If that sounds like a nightmare, I’ve got bad news for you. That world is increasingly our world. Those videos, called “deepfakes,” are already being created, often for unsavory purposes.

(You can watch a deepfake video of former president Obama giving a fake speech here.)

Anyone can download the software needed for DIY deepfake videos. And even though deepfake technology hasn’t yet been perfected, it’s getting better every day.

This has obvious implications for national security. Indeed, congressmen have already expressed concerns about the use of deepfakes as weapons of international intrigue.

What about insurance – could deepfakes be the next frontier of risk? It’s not hard to imagine some scenarios:

  • Cyber: A deepfaked audio recording of a CFO directs a company’s billing department to route thousands of dollars to a fake bank account.
  • Directors and officers: A deepfake video is created of a large corporation’s CEO reporting (fabricated) negative financial results, leading to a significant drop in the company’s stock.
  • Employment-practices liability: An employee is “deepfaked” to portray him making disparaging remarks about coworkers and engaging in harassment.
  • General liability: Someone creates a deepfake video of a person slipping in a grocery store and “injuring” herself, leading to allegations of negligence.

I’m sure you could think of a hundred more like these. How will we adapt to a world where video and audio can’t be trusted to tell the truth? What if deepfakes become too sophisticated to detect – how will this impact insurance claims and fraud prevention?

If the worst comes to pass, deepfakes could soon become an insurance nightmare.

But hopefully, the best case scenario happens instead: detection technology keeps up with deepfake advancements – and keeps everyone honest.

Highlights from the 2018 Society of Insurance Research Annual Conference

I recently spent two days (10/22-10/23) at the Society of Insurance Research (SIR) Annual Conference in New Orleans where a line-up of insurance executives and intelligence analysts talked about ways the insurance industry can leverage research, analytics, competitive intelligence and analysis techniques to get past the hype and develop effective strategies to move forward.

Here are just a few of the many interesting insights gathered at the extraordinarily intensive conference.

Digital Transformation

Implementing digital transformation will require an integrated approach across departments as well as a companywide culture shift. It will not work if executives are on-board but middle managers are not, said Robert Mozeika, Munich Re’s innovation executive.

Competitive intelligence

Competitive intelligence is not just about understanding what your competition is doing, but having a deep understanding ever changing market conditions, said Dr. Ben Gilad of the Academy of Competitive Intelligence. He suggested companies test strategic moves through role playing, with participants taking the parts of high-impact players.

Gilad had some advice for us information professionals as well – unless you can turn your insightful intelligence-gathering reports into action, they are useless. That’s why we need to become the trusted “sense maker” to our company’s top decision makers.

Innovation by insurance companies – customer experience

This year, SIR conducted a consumer survey on innovation by insurance companies. It found that auto and homeowners insurers were considered “pretty innovative” by 40 percent of respondents when compared with banks which were considered “pretty innovative” by 46 percent. This is a “pretty interesting” finding! When was the last time you heard about a new and exciting bank product?

Interestingly, there was a whopping 365 percent increase in the percentage of people reporting an increase in communication from P/C insurers regarding simplicity and ease of use of their products. It looks like people don’t equate improvements in ease of use and simplicity with innovation.

When asked which three things insurance customers would change through new technology or innovation, the top three were: privacy, ease and personalization in that order.

Artificial Intelligence (AI)

Reliance on AI is expected to increase in the next 20 years. How will AI change the world of insurance? According to Peter Grimm, CEO of Cipher Systems, it will involve:

  • The explosion of data from connected devices leading to new product categories, more personalized pricing and increasingly real-time service delivery.
  • Increased prevalence of physical robots (drones, self-driving cars, autonomous farming equipment) will lead to shifting risk pools, changing customer expectations and new products and channels.
  • Standardized data frameworks and formats will lead to highly connected data ecosystems between multiple private and public entities across many industries.
  • Advances in cognitive technologies (machines that mimic human learning) will enable products that re-evaluate risk in real time based on consumer behavior.

Chatbots and roboadvisors are already making roadways into the insurance industry and according to a survey by AXA; 34 percent of millennials want to interact with their insurer online only which shows that the market is prime for robo-advisor interaction.

Reading List

Here are a couple of books recommended by speakers that I can’t wait to dive into.

Geeta Wilson, vice president, consumer experience at Humana, recommends Competing Against Luck: The Story of Innovation and Customer Choice by Clayton M. Christensen. The author, a Harvard Business School professor who coined the term “disruptive innovation”, introduces the concept of “jobs to be done” theory in this book.

According to the theory, instead of asking customers what they want, companies would do better to get a deep understanding of what their customers do at the point when they require their product. Then the company needs to invent ways to help them do it easier, better and faster. Companies need to become obsessed with solving their customers’ problems or as Geeta put it, they need to “fall in love with the problem.”

Another book I look forward to reading is Professor Al Naqui’s The Beaver Bot of Yellowstone: Pure-Play Leadership for the Artificial Intelligence Revolution.  This book, targeted towards business leaders, promises to be an accessible guide through the mysterious and complicated cognitive transformation that firms are in for if they want to stay alive in the dawning age of AI.

 

Small businesses need cyber insurance – just like everyone else.

Used to be, hackers would spend most of their time hitting big companies with deep pockets and troves of customer data.  

But the times have changed. Launching a hack is as cheap and as easy as never before. Because of this, lots of hackers are playing small-ball by going after small businesses.  

Their calculations make sense. A ransomware payout might only be a few hundred dollars, but if hackers can hit hundreds of businesses simultaneously, their ill-gotten loot adds up pretty quickly.  

Small businesses know they’re at risk. According to a recent Insurance Information Institute (I.I.I.) and J.D. Power 2018 Small Business Cyber Insurance and Security Spotlight Survey, 70 percent of surveyed businesses said that the risk of being victimized by a cyberattack is growing at an alarming rate.  

But only a minority have cyber insurance. Only 31 percent said they have cyber insurance – and 70 percent said they don’t have plans to purchase a policy. (Commercial cyber insurance varies across policies but will usually cover expenses incurred from a data breach, like lost revenue, legal costs, and crisis-management.) 

Meanwhile, we found that 10 percent of respondents said they have experienced at least one cyber incident in the prior year. To give you some perspective, that’s about the same rate as drivers get into auto accidents.  

Imagine getting into an accident and not having auto insurance. It’s an expensive proposition. The same goes for cyberattacks – we found that the average small business cyber losses for the past year were $188,400. That’s a lot of money for a small company to absorb.   

As hackers continue to get nimbler, the need for small businesses to have cyber insurance will grow. It’s incumbent on insurers to educate their business clients about the value of cyber coverage.  

And the value is there to see: 97 percent of our survey respondents who had cyber insurance and were hacked said that their coverage was good enough to make them whole again.