407-445-2414 info@wrmllc.com
The insurance industry needs social media data

The insurance industry needs social media data

In the era of 24-hour news coverage, and in the aftermath of highly publicized catastrophic events including hurricanes, earthquakes and terrorist attacks, insurance policyholders have very little patience for a protracted claims process.

At the risk of alienating customers, especially younger policyholders who grew up in a digital age, the insurance industry must adapt to keep up with the speed of business and increased expectations regarding how companies administer claims.

Consumer expectations aside, there’s also pressure from internal stakeholders who expect up-to-date evaluations of risk and more efficient business practices that drive down costs and create competitive advantages.

So, how can insurance companies redesign their business models, particularly the claims administration process?

Leveraging the wisdom of crowds

With these challenges in mind, innovative insurance companies increasingly see a reason to incorporate alternative data sources as an element of their insurance contracts. Given the prevalence of smartphones and the general public’s willingness to use their social media accounts to share events as they happen, real-time social media posts are often the fastest indications of a breaking event. In fact, governments, news agencies, and businesses commonly rely on social media to keep track of breaking news stories.

The real-time nature of social media dovetails with the need for insurance companies to pick up the pace when processing claims. When analyzed correctly, social media data can inform a parametrics insurance contract, triggering the payment of a predetermined amount when conditions exceed certain metrics, such as the wind speed associated with a hurricane or tremors accompanying an earthquake. In addition to natural disasters, alerts derived from social media could justify payouts of a parametric insurance policy covering a man-made event, such as a terrorist attack.

In short, when a significant incident impacts policyholders, a parametric contract that relies on social media alerts can generate a payment. And there’s an added bonus: After an event, the real-time information from social media becomes historical information that helps underwriters assess future policy risks.

A front-row seat to insured events as they unfold

As the recent hurricane in Puerto Rico or the 2017 terror attack in the Parson Green Underground station in London demonstrate, a spike in volume of real-time social media posts is a leading indicator of breaking news. In the simplest terms, social media posts emanating from Puerto Rico or in the vicinity of the Parson Green station provided compelling evidence of an incident. Over time, as the volume of posts grows, the evidence of a covered event becomes incontrovertible.

Nonetheless, insurance companies don’t need to wait until there’s a vast amount of social media posts to initiate the claims process. With the right tools in place to mine social media, insurance companies can be alerted to an event before the volume of posts surges exponentially.

Whether an insurance company relies on the first post to act or decides to wait until the volume of social media posts mushrooms, the corroborative nature of social media, including the analysis of geolocated posts, offers an up-to-date portrayal of events.

While incorporating alternative data as part of parametric insurance contracts may face organizational resistance, making use of social media data benefits those covered by policies, as well as the insurers themselves — removing the burden of assessing a loss solely off insurance adjusters and shortening the time needed to assess a loss and issue a payment. Customers who are helped quickly are also less likely to complain about service and may support the insurance company publicly, contributing to brand strength.

The rush to leverage social media alerts

Up until recently, the insurance industry has resisted the pressure to jump on the technology bandwagon. However, in the midst of unrelenting changes in consumer expectations, and the proliferation of online insurance upstarts determined to disrupt the industry, many insurance companies are in the process of overhauling their business models and embracing the latest technology.

In particular, the claims process is ripe for change. While the industry’s staid approach to claims used to suffice, today’s policyholders no longer deem it acceptable for insurance companies to take months to evaluate and pay out claims. In order to attract and retain customers, while reducing claims processing costs and creating competitive advantages over less refined competitors, insurance companies must build business models that allow for a faster, more agile response. That means looking beyond the traditional tools and approaches for a nimble solution with the potential to support the accelerated payouts policyholders expect.

Using alerts derived from social media provides claims processors with real-time, actionable alerts, including images and video that offer third-party evidence of an event and the extent of the damage, and consequently, the ability to expedite and automate policy payments. Insurance companies that tap into social media data to speed the claims process may impress policyholders by avoiding typical operational challenges and may help the strength of public brand perception.

The competitive landscape of shifting business models may propel many insurance companies to use social media data as an indispensable linchpin in their revamped claims administration process.

Source: Property Casualty 360

Author: Dillon Twombly

User Behavior Risk Starts With Staff

User Behavior Risk Starts With Staff

Computer hacking can occur at any time and entail a wide range of problems and embarrassments. And that’s not including hackers who invade a system for the express purpose of damaging or destroying it.

So, everyone is taking steps to keep those faceless hackers from getting in, and as long as we put up walls we’ll all be safe right?

Not so fast.

At the Nonprofit Risk Management Center 2016 Risk Summit, Jim Jackson, director of campus operations at Momentous Institute, and Paul Henry, network administrator/engineer of Momentous Institute, said that the biggest threat to cyber security lies in user behavior within the system.

In other words, when people in the organization use their computers/devices for purposes other than work, they are not just taking time off from work.

They presented the following statistics:

  • 29 percent of all data breaches are socially engineered attacks, taking advantage of human behavior to advance a data-breach scheme.
  • 67 percent of all web traffic (40 million viewers) to the world’s most trafficked free porn site was generated from the office.
  • Facebook is the Number One website visited during work hours.
  • 62 percent of people say it is acceptable to transfer work documents to personal computers, smartphones and online file sharing applications.
  • 95 percent of all security incidents involve human error.

Source: The Non Profit Times

Insurance market evolving to handle terrorism risks: Marsh

Insurance market evolving to handle terrorism risks: Marsh

While the number of incidents and casualties declined in 2017, a report released Monday by Marsh L.L.C. said terrorism is still a significant threat and that the insurance market is adapting to handle the evolving risk.

Marsh’s 2018 Terrorism Risk Insurance Report, which explores the state of the terrorism insurance marketplace, said that in the wake of recent events, terrorism insurers are expanding terrorism definitions to include active assailant events.

In some cases, the report said, insurers also are developing specialty products that offer first- and third-party business interruption protection for businesses that suffer lost income or revenue without the need for a direct property damage trigger.

Although fewer people were killed in terrorist attacks in 2017 than in 2016, the Marsh report said the means of attack and perpetrators have shifted.

“Past attacks were carried out primarily by specific groups against perceived high-value-high-profile targets,” the report said. “While that threat remains, many recent attacks have come against soft targets and been perpetrated by ‘lone wolves’ and small groups with no direct connection to known terrorist organizations. Weapons of choice now include vehicles, knives and other handheld devices.”

In 2017, the report said, pricing increased in five of the 17 industries surveyed by Marsh, with the sharpest increases being felt by hospitality and gaming companies, public entities and nonprofit organizations, which have been targets of terrorist acts in recent years.

Pricing declined in seven industries, the report said, most notably for energy and mining and construction companies, reflecting the generally positive conditions in the property insurance market prior to the 2017 Atlantic hurricane season.

Sixty-two percent of U.S. companies in 2017 purchased coverage embedded in property policies under the Terrorism Risk Insurance Program Reauthorization Act of 2015, or TRIPRA. Companies in the Northeast U.S. were most likely to purchase terrorism insurance, Marsh said.

The number of Marsh-managed captive insurers actively underwriting one or more insurance programs that access the TRIPRA increased 44% to 166 captives in 2017.

After incurring sizable ransomware losses in 2017, kidnap and ransom insurers are seeking to restrict coverage for cyber risks in their policies.

Terrorism insurance capacity remains strong, the report said, but pricing could increase as global insurance costs generally increase following natural catastrophe losses in 2017. January 2018 year-over-year pricing changes for a majority of reinsurance program renewals that included terrorism coverage averaged flat to an increase of 10% on a risk-adjusted basis, according to the report.

The Marsh report made several suggestions for businesses in the face of evolving terrorism risk, including continually reviewing and reevaluating their risk financing programs to ensure they have adequate protection for property, business interruption, workers compensation, general liability and cyber losses.

The report also encouraged businesses to effectively model their terrorism risk and to build and test robust crisis management and business continuity plans.

Source: Business Insurance

Author: Rob Lenihan

Your Nonprofit Has RATs Spying On You Right Now

Your Nonprofit Has RATs Spying On You Right Now

When speaking on encryption and surveillance at Kenyon College in April 2016, James Comey, then the director of the FBI, divulged that he’d placed a piece of tape over the camera on his personal computer.

And after Facebook Chairman & CEO Mark Zuckerberg posted a photo that showed his work computer in June 2016, thousands of people noticed that he had tape over his MacBook camera and microphone.

Why would the director of the FBI and the founder of Facebook resort to placing tape over the cameras and microphones at their personal workstations?

The answer is RATs — Remote Access Trojans.

Almost everyone in business today is familiar with remote desktop applications such as LogMeIn, TeamViewer, GoToMeeting, WebEx, and Bomgar. These enterprise tools provide remote access to a system and are useful and efficient ways to cut operating costs, ensure fast response time with help desks, or just get that much-needed document from your workplace when you are out of the office.
RATs are a malicious variant of these remote access tools — custom-created software the user can execute to control any system without the victim’s knowledge.

One of the first RATs was made public in 1999. RATs have become more sophisticated through obfuscation in the years since first created. Today, most of the popular RATs are capable of performing keylogging, screen and camera capture, file access, code execution, registry management, password sniffing, and more. Through persistence, an attacker can run malware, exfiltrate data from the victim, and sell the data or use it to extort the victims at a later date.

RATs can be installed on a system through phishing links, email attachments, ransomware, infected USB drives, and more. They are custom-built to evade antivirus (AV) programs, intrusion detection, and prevention products (IDS/IPS) and are sold relatively cheaply on clearnet hacking forums and the dark web.

RATs are near the top in the hierarchy of cybercrime. There are dozens of techniques cybercriminals use to keep their RATs from being detected. RATS can be “binded,” or merged, into a legitimate program using very basic tools. The most popular are Adobe Flash, Google Chrome installers, and any web-based or local installer trusted by the workstation or domain. This is what makes a RAT unknown and undetectable to AV vendors.

The RAT’s role, like any creative virus, is to be persistent even after detection. Ten minutes of a target being “ratted” is more than enough time to upload multiple backdoors into a network that can stay persistent long after the RAT is discovered and eradicated, allowing future attacks. Ten minutes is also enough time to gain sufficient data to use in ransoming, extorting, or threatening an individual or business. The details of extortion techniques are changing on a monthly basis.

    There will never be a product that fully protects any person or organization from RATs, viruses, malware, exploits, zero-day vulnerabilities, or other cyber threats. At this stage, the best prevention against RATs is for your organization to follow these best practices recommended by security researchers, engineers, and coders:

  1. Do not save unencrypted private information on a home or organization workstation. Encrypt your files with fully audited open source VeraCrypt and AXCrypt (if you access remote). These provide multiple features and 99.99 percent chance of no government backdoors with access to the encryption key.
  2. Train everyone with access to your network on the importance of avoiding unsafe websites, particularly sites that are ad-driven and full of pop-ups, as these might contain a drive-by RAT waiting to be deployed.
  3. Ensure your organization performs daily backups with minimum 256-bit AES encryption and redundant data eliminated (de-duplicated). These backups should be replicated off-site.
  4. Watch your firewall, IDS/IPS logs for unusually large amounts of data being offloaded out. That is one of the biggest clues that your network has been penetrated. Basic network security should have egress filtering already in place with quality of service (QoS) controls to alert of such patterns.
  5. Use multi-factor authentication and print out the backup codes when you are offsite from your network. This is to prevent account takeovers if you have been compromised.
  6. Use your AV, IDS/IPS appliances and software and review the reports, especially those sent on the weekend. Most cybercrimes occur starting after hours on Friday afternoon, so customize your alerts to be a little more detailed during those times.

Also consider covering webcams and microphones when they’re not in use. If a RAT is used to activate them, the cybercriminals won’t be able to glean useful information.

Cybercrime has been unleashing significant destruction. The sinister nature of daily exploits, leaks, and hacks is numbing even the most hardened security researchers, and it seems the end is not in sight. While emerging technologies might be helpful in the fight against RATs in the future, for now your best protection is to follow the best practices above and layer your cybersecurity controls so that if one fails, others can help protect your organization.

Source: The Non Profit Times

Author: Lisa Traina

Think before you email

Think before you email

A tectonic societal shift is happening right under our noses. You don’t need a seismometer to see it. If you’ve watched any recent entertainment awards show, it’s easy to see and hear.

“Oh,” one might say, “that’s just fallout from the Sony Pictures hack and the Harvey Weinstein implosion. Those people are all famous public figures. It couldn’t happen to me.”

It could.

It’s amazing that anyone who lived through the 2016 presidential election is still using email or Twitter. Regardless of your political leaning, that election taught us that emails and tweets follow the sender around like a hungry dog at feeding time. Unlike dogs (alas) emails, tweets and social media posts are essentially immortal. Someone sufficiently motivated to find them can do so.

Indelible media

The examples of improper comments later in this article have been reported by several public sources, and they’re included for effect. The quoted sections may or may not be accurate, but they illustrate the kinds of comments that people write in indelible media from time to time that come back to haunt them.

Perhaps the reader can recall other examples, closer to home. Early in my career as a lawyer, we used to communicate with international clients via telex. (Yes, that long ago.) I sent a number of telexes overseas, requesting settlement authority in a relatively small case, and kept receiving responses that questioned my analysis.

Then I noticed that the responses were addresses to “Mrs. Louis Castoria,” perhaps mistaking “Louis” for “Lois” or “Louise.” When I re-sent the same advice and typed my name as “Mr. Louis Castoria,” the reply came back, “We agree with your wise recommendation.”

If the reader is surprised by my relatively mild story, or by the more dramatic ones told in the excerpts from media reports, imagine the impact of sexist comments on conscientious jurors in a civil case.

In employment discrimination cases, “Me, too” evidence — examples of discriminatory or harassing comments made to or about employees other than the plaintiff — can be admitted into evidence. The California Supreme Court ruled in 2006 that the state’s fair employment and housing act was “not designed to rid the workplace of vulgarity. ” [Lyle v. Warner Brothers Television Productions (2006) 38 Cal.4th 264, 295.] Still, such evidence gets to the jury.

In Pantoja v. Anton [(2011) 198 Cal.App.4th 87], the California Court of Appeal sent a case back for retrial because the trial court had improperly excluded evidence of a supervisor’s use of the term “Mexicans” to refer to employees.

It may be easy to see why evidence of sexist or racist terms might be relevant in some types of employment-related cases. Could the same kind of evidence be relevant in professional liability cases?

Character doesn’t count

I’m not aware of a reported decision in which “Me, too” evidence has come before the jury in an errors and omissions (E&O) case. The basic question in most E&O cases is did the professional person (insurance broker, lawyer, accountant or acupuncturist, for example) act within the standard of care of the profession in the community where the services were rendered? The defendant’s character is not usually considered admissible, unless it goes to credibility. A misogynist jerk can perform a perfectly correct appendectomy, just as a paragon of virtue can perform a negligent one.

Lawyers try to keep potentially damaging evidence away from the jury’s eyes by asking the trial judge to forbid the other side from introducing or mentioning such evidence. The judge is the filter, keeping out evidence based on whether it is “more prejudicial than probative,” or so likely to poison the jurors against a party that they may be unable to fairly decide a particular issue or the case.

It’s difficult to see offensive emails and tweets being material, or even relevant, in a typical E&O case. If a doctor leaves a sponge inside a patient during surgery, the fact that the doctor sent a distasteful email about a coworker’s appearance earlier that day adds nothing to the case. If the doctor is commenting, distractedly, about the coworker’s appearance during the surgery, that could be another story.

Emails on company network

There are plenty of good reasons to avoid writing odious emails in the workplace. The fear of an E&O lawsuit is probably low on that list. But if such messages are in the company’s network, they may see the light of day during litigation. The mere threat of them being made public could make a difference in whether a case settles at a small value or in the high six figures, as in one of these examples:

  • Example No. 1: According to Vox.com (08/08/17), a leading high-tech company fired an employee who posted a controversial 10-page memo arguing for less emphasis on gender diversity in the workplace. The memo argues that the reason women are underrepresented in the tech industry has to do with “biological causes” between men and women, and criticizes the company for its ongoing diversity and inclusion initiatives, arguing that “gender gaps [do not always] imply sexism,” and declaring that “discriminating just to increase the representation of women in tech” is “unfair, divisive, and bad for business.”
  • Example No. 2: The Associated Press reported on Feb. 27, 2018, that an eastern Iowa police chief was fired by the Anamosa, Iowa, City Council for having made sexist comments about a female officer in emails, and retaliated against her after she complained about his mistreatment. One email “joke” complained about “bras not showing enough of women’s ” The officer settled her suit against the city for $750,000.

The world is changing for the better. We are being called to exercise a higher standard of respect for one another. Being risk-averse is one good reason to apply the golden rule to workplace interactions. But there’s a far better one: It’s the right thing to do.

Source: PropertyCasualty360

Author: Louie Castoria

Assessing technology’s impact on insurance claims

Assessing technology’s impact on insurance claims

Claims magazinePropertyCasualty360.com and RMS recently participated in a Twitter chat (#PC360ClaimsTech) discussing the effect of technology on the insurance claims process. Insurance executives from multiple companies shared their insights on what’s working and how it affects claims and communication with policyholders.

“Companies are looking to reduce costs by allowing customers to self-serve and use digital tools to inspect property without having to send out an adjuster,” shared Kristin Marr, president of Valen Analytics.

In addition, “many of the leading companies are leveraging digitalization to improve processes, quality and outcomes,” according to Chris Tidball, vice president of sales and claims transformation strategy for EXL Group.

Related:  InsurTech & the latest trends in core systems purchasing

Some insurers are concerned that implementing new technology could preclude human involvement with the claims process, leading to less satisfied customers. However, as Rebecca Morgan, senior director of product management for Mitchell’s Workers’ Compensation Solutions pointed out, “If we look at Amazon as an example, we have very little human interaction with Amazon employees, yet Amazon customers continue to be incredibly loyal because of the excellent overall customer experience. The same is true for insurance.”

Technology & disasters

A series of devastating hurricanes last fall allowed insurers to see first-hand the impact InsurTech can have on the claims process. “Technology is making the interactions more accurate, timely and faster,” said John Sarich, vice president of strategy for VUE Software.

RMS COO John O’Connell agreed, tweeting, “Claims processors with event response capability undoubtedly reacted fast to claims based on their real-time analytics.”

Neeraj Sibal, assistant vice president of EXL Analytics, recognizes the value InsurTech brings to the claims process and how it exceeded conventional boundaries as mobile apps allowed for the easy transmission of information. “A photo share, a video chat with an adjuster or reporting through chatbots are changing the customer experience. Early adopters of these technologies are leveraging reduced cycle times and creating happier and more satisfied customers.”

“In addition to creating a more seamless, hassle-free process, InsurTech can also help members become smarter about risk and prevent future losses,” added Derek Zahn, vice president of claims for the western division of PURE Insurance.

InsurTech is also changing the first notice of loss for policyholders and insurers. “Historically, FNOL has been very manual,” tweeted Jonathan Silverman, director, worldwide insurance at Microsoft. “It makes sense to target it as an area for improvement. Today, we can automate the identification of an accident (for example) using manufacturer’s data and the alerts when there is an impact or an airbag deployment.”

Technology is also changing the interaction between insurers and policyholders. “The use of InsurTech is key to reducing the friction points that occur at every level, including with providers,” shared Don Lipsy, managed care specialty products manager with Sedgwick.

Farhana Alarakhiya, vice president of RMS concurred, tweeting, “There are many ways – delivery of analytics to the point of impact so smarter decisions can be made that are of benefit to both the customer and insurer.”

The experts agreed that InsurTech is a positive addition to the insurance claims process for carriers and policyholders. PC360 will continue the conversation at #PC360ClaimsTech.

Source: PropertyCasualty360

Author: Patricia L. Harman