Tag Archives: cyber liability

Emerging cyber risk regulations will move companies to fortify risk management strategies

New York has enacted regulations to protect the state’s financial services industry and consumers from cyberattacks. Future regulation may require a reliable, evidence-based approach to risk assessment as a minimum requirement for compliance.

In this article, Milliman’s Mark Stephens and Lisa Henderson discuss the evolution of cyber risk and the need for companies to understand their cyber risk exposure and the financial implications of a potential cyberattack event. They also outline several actionable steps companies can take to assess and quantify their cyber exposure.

Cyber risk landscape exposes insurers to new opportunities

As the cyber liability insurance market catches up with constantly evolving exposures, opportunities also continue to present themselves. In a recent Risk & Insurance article, Milliman’s Tom Ryan and Elizabeth Bart discuss some of the cyber market’s challenges and opportunities. They also discuss the sector’s current state and what lies ahead.

Here is an excerpt:

Tom Ryan, principal and consulting actuary at Milliman, describes the cyber insurance market as both “crystalizing and diversifying.”

“There are at least 40 different policy forms in use right now for cyber liability,” he said. “It’s like comparing apples to oranges to kumquats. However, Insurers are now in the process of smoothing out the wrinkles and developing some standardization of language and coverage.” …

…Insurers benefit by going beyond coverage and offering risk management tools and services to their insureds.

“Some carriers are getting really savvy about cyber. They want to avoid the losses as much as their insureds do,” [Elizabeth] Bart said. “So they get the right people in the right place. The right lawyers, the right PR team, and the right IT vendors.”

“We are seeing a lot of experts come into the insurance industry with knowledge of the hardware and software components of internal systems,” Ryan said. “They have a better understanding of how hacking happens.”

Limited capacity in cyber liability insurance is another hurdle that companies and insurers must navigate. The formation of an industry cyber insurance pool could increase options on the market and reduce the risk incurred by individual insurers. Tom’s article “Cyber liability insurance: As the market heats up, is it time to cool off in a pool?” provides more perspective.

The insurance risks of handheld devices

Carbone-WilliamAs handheld devices continue their march toward world domination, they have brought along a new set of insurance risks to threaten the bottom lines of insurers. While some of these risks are simply altering the landscape of traditional coverages, others are creating a need for innovative products that can address the arrival of new kinds of claims that may emerge. Let’s take a look at some of the dangers handheld devices have introduced to us and, in turn, the insurance world.

Distracted driving
No list of insurance risks related to handheld devices, specifically cell phones in this instance, would be complete without discussing the impact of distracted driving on the auto liability industry. The details and statistics are abundant and vary by source, but according to the latest annual report from the National Highway Traffic and Safety Institute over 3,100 people were killed and 420,000 people were injured in motor vehicle accidents involving a distracted driver during 2013. While talking on a cell phone is still the leading cause of distracted driving accidents, texting receives a great deal of attention because of the nearly universal understanding that it is a serious detriment to driving ability. Combine this with texting being the preferred mode of communication of most teenagers and young adults—the cohort with the least driving experience—and we have a dangerous combination on the roads and a rise in the auto liability frequency statistics.

Text (or iPhone) neck
Despite what you may believe about the egomaniac down the hall, most human heads weigh about 10 pounds, balanced atop a cord of bones and cartilage called a spine. For each inch we tilt our spine out of its proper alignment, checking e-mail on our tablet or instagramming our cheeseburgers, we double the pressure on it. This can lead to symptoms ranging from soreness and inflammation to pinched nerves to an overall decrease in our metabolism. These all seem like issues that the health industry will likely face as handheld device use—and chiropractor salaries—continue to trend upward.

Distracted walking
Despite an overall decrease in pedestrian injuries since 2005, the number of pedestrian fatalities that are due to distracted walking has doubled. Distracted walkers tend to walk at a slower pace with little to no arm swing, typically with their heads down, as cognitive abilities are focused on the task at hand rather than at foot. As those in heavily used pedestrian areas will tell you, distracted walkers also tend to change direction or stop seemingly at random and often struggle with obstacles such as curbs and other pedestrians. The potential for injuries is significant, whether it is due to stepping in front of moving vehicles or to rolling an ankle on an uneven sidewalk. Despite public service announcements to raise awareness of the issue, it does not appear to be going away.

Cyber liability
One of the hottest topics at any actuarial convention is intimately linked with your handheld device. While cyber security headlines focus on the large-scale theft of personally identifiable information, there is also an omnipresent threat of losing individual information through a stolen or hacked cell phone or tablet. A hacked cell phone (or one not password-protected) can be used to gain access to personal records, data, and information saved on apps as well as sensitive material, which can be held ransom. Those using these devices for professional purposes may also have corporate secrets or other nonpublic information on their phones or tablets. It is not a stretch to imagine that a lost handheld device could be as damaging as a lost laptop.

Product liability?
The pilot episode of “CSI: Cyber” was centered on a hacked baby monitor, a terrifying thought for any parent. Unfortunately, this was not a work of science fiction, but one based in fact. As the Internet of Things (IoT) grows to include more and more items, it opens up our daily lives to cyber vulnerability. Despite the basic preventive measures we take, allowing wireless access to nanny cams, security systems, and home heating systems will also open the virtual door for the motivated hacker as well. If damages occur and the manufacturer of these products, or the apps that service them, are deemed to have been negligent in protecting customers’ security or in warning them about security vulnerabilities, product liability claims may be brought against them. While the standard of care does not appear to be high to date, it would only take one landmark case to change the shape of the products liability landscape in the IoT universe.