Category Archives: Emerging Risk

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

FAA’s New Drone Rules Ready for Takeoff

Posted on by

Drone
The commercial use of drones, or unmanned aircraft systems (UAS), has been widely discussed in the insurance industry. There is much to speculate upon as the technology is still emerging, with any number of possible applications and concerning reports of injuries. While drones bring the promise of efficiency, there is also the uncertain risk profile that comes with this most exciting technology.

With new Federal Aviation Administration (FAA) rules ready to take off (pun intended) in August, there will be improved visibility into the procedures and practices used by drone operators. The FAA recently finalized the first operational rules for routine commercial use of drones and, while the total risk picture is still unknown, we can now evaluate the strength and appropriateness of safety controls employed by UAS operators.

Drones are being used in many industries, from construction to utilities to agriculture, and these industries will need to prioritize compliance and risk mitigation. Some of the new operational limitations from the FAA include:

  • At all times the drone must remain close enough to its remote pilot in command and the person manipulating the flight controls must be capable of seeing the aircraft with vision unaided by any device other than corrective lenses.
  • Drones may not operate over any person not directly participating in the operation, or under a covered structure, or inside a covered stationary vehicle.
  • Drones may only operate during daylight hours or 30 minutes before sunrise or 30 minutes after sunset with appropriate anti-collision lighting.
  • Drones cannot operate from a moving vehicle unless it is over a sparsely populated area.

These rules appear to provide sound guidelines, but most regulations are only as good as the ability for them to be enforced. For example, under the rules’ operational limitations section, it is stated that most of the new restrictions are waivable if the applicant demonstrates that his or her operation can be safely conducted under the terms of a certificate of waiver. How often will these waivers be allowed and how will the FAA conduct investigations? Insurers will be watching to see how the rules are implemented and enforced.

Clearly, we should take note of this important moment for drones, as implementation of federal safety standards for emerging risk drivers has spawned or grown new insurance business lines that are now viewed as essential coverages. For example, environmental regulation in the late 1970’s and 80’s created the need for environmental coverage.

buy imodium online achievephysiorehab.ca/wp-content/uploads/2023/10/jpg/imodium.html no prescription pharmacy

State and more recent federal cyber laws are the backbone of cyber policies as insureds must comply with standards to prepare for and respond to breaches. Most recently, the FDA’s Food Safety Modernization Act is driving insureds to take a fresh look at product recall insurance.

Risk managers should expect operating rules to drive new coverages that support the insured’s risk evaluation process.

buy sildalis online achievephysiorehab.ca/wp-content/uploads/2023/10/jpg/sildalis.html no prescription pharmacy

This will allow for a spectrum of outcomes from exclusionary wording for UAS operations to distinct coverage grants for safe and compliant operators. Loss control and consulting services from insurers could be helpful to guide the risk management surrounding drones. The federal rules also enable additional objective underwriting questions tied to compliance. Expect to see these questions incorporated into specific UAS underwriting application questions.

The risk manager can readily imagine the Coverage A risks that can arise from UAS operations. Those could include but are not limited to third party bodily injury resulting from aircraft failure, a wildfire resulting from a crash and potential catastrophic terrorism uses. Privacy risk under Coverage B is also a risk easy to imagine and well-documented even in the early stages of this new commercial risk driver.

Insurance brokers or consultants can also offer guidance on the various ISO endorsements in circulation seeking to clarify the commercial general liability aircraft exclusions to include unmanned aircraft. ISO endorsements provide options to include Coverage A and/or schedule-specific aircraft for coverage. I do not believe that ISO has plans to amend the currently available endorsement in response to the aforementioned FAA operating rules.

There is no question the use of drones is only going to expand in its application and, with that, operational safety will improve as exposures grow. The industry should expect increased regulations, including flight worthiness certification as well as possible insurance requirements. According to a Goldman Sachs analysis, total global spending on drones in the commercial market is estimated to be around 0 billion over the next five years.

buy tretiva online achievephysiorehab.ca/wp-content/uploads/2023/10/jpg/tretiva.html no prescription pharmacy

Of that, about $11.2 billion will be generated by the construction industry.

Risk managers should anticipate liability exposure for those that fail to comply with the new regulations. The uses are vast, and given the diversity of users the levels of knowledge and awareness of compliance obligations will vary. Education will be key to ensure users understand their responsibilities and the consequences for not meeting regulatory standards.

As the technology and uses continue to advance, catastrophic loss examples will likely arise in the future. I am hopeful that the new FAA regulation will be a useful tool to mitigate the unknown risks to both drone operators and third party premises owners that might be exposed to drone-related accidents.

Terrorism Incidents Down, Disruption Up in 2015

Posted on by

A number of high-profile terrorism attacks worldwide have raised people’s fears this year, but the reality is that the number of attacks and deaths from such attacks actually decreased in 2015, according to Marsh’s 2016 Terrorism Risk Insurance Report.
Marsh2

The report summarizes terrorism risk insurance trends, benchmarks terrorism insurance take-up rates and pricing, and offers risk management solutions for terrorism exposures.

The more current attacks, often perpetrated by a single individual or small group, are different from those carried out in the 1990s and 2000s when high profile locations were targeted. Individuals carrying out the more recent attacks may have no direct contact with a known terrorist organization, but could be drawn to them through writings and video, particularly on the internet, Marsh said.

These events can be very disruptive to operations in some companies. In the travel industry, for example:

  • About 10% of American travelers canceled booked trips due to the recent attacks in Egypt, France, Lebanon and Mali, which impacted $8.2 billion in travel spending, according to a survey by YouGov.
  • Booking losses for Air France were estimated to be €50 million ($56 million), the company said in a statement.
  • Airlines, hotel chains and travel websites experienced drops in their stock prices after this year’s airport bombing in Brussels.

In the United States, the Terrorism Risk Insurance Program Reauthorization Act of 2015 (TRIPRA) offers businesses a federal backstop against terrorism-related losses. While the overall take-up rate for TRIPRA coverage in the U.S. increased slightly in 2015, it has remained in the 60% range since 2009, Marsh said.

Managing terrorism risk requires a combination of strategies that protect people, property and finances. On the financial side, the choice is whether to retain or transfer the risk with insurance. But the changing pattern of terrorism risk has some companies asking if they are adequately insured for business interruption and related losses. They also wonder how to prepare for potential losses from cyber terrorism and other events.

Other key takeaways from the report include:

  • As small group and “lone wolf” terrorist attacks appear to be the changing face of terrorism, many organizations are assessing their coverage for indirect losses stemming from business interruption risks.
  • Following the 2015 passage of the Terrorism Risk Insurance Program Reauthorization Act (TRIPRA), take-up rates in the US edged up for TRIPRA terrorism coverage embedded in property programs.
  • Among industry sectors, media organizations had the highest take-up rate for terrorism insurance in 2015.
  • Workers’ compensation markets for terrorism risks generally stabilized.
  • The number of Marsh-managed captives accessing TRIPRA increased by 17% from 2014 to 2015, but many captives that could offer a terrorism program do not.
    19906-TRIR-Infographic

 

A Risk-Based Approach to Rating and Correcting Individual Cyberrisk

Posted on by

LAS VEGAS—At this week’s Black Hat conference, some information security professionals turned to a key issue to control enterprise-wide cyberrisk: hacking humans.

buy antabuse online blockdrugstores.com/wp-content/uploads/2023/10/jpg/antabuse.html no prescription pharmacy

As phishing continues to be one of the top threats for businesses, hackers and security professionals here continue to try and make sense of why this threat vector is so successful and how to better defend against these attacks.

In a session called “Blunting the Phisher’s Spear: A risk-based approach for defining user training and awarding administrative privileges,” Professor Arun Vishwanath presented some of his research on the “people problem” of cybersecurity, proposing a new model for quantifying the cyberrisk posed by individuals within the enterprise and tailoring training to best mitigate the risk they pose. While many corporate training programs stage fake phishing emails and then lecture those who fail, he said, this model continues to be ineffective, as proven by the increase in these attacks and their efficacy across all industries. People are not the problem, Vishwanath asserted, rather it is in our understanding of people.

Vishwanath and his colleagues have come up with a model to explain how users think, the Suspicion, Cognition, Automaticity Model (SCAM). Faulty ideas about cybersecurity practices, popular myths and other irrational beliefs lead to illogical and unsafe practices. Automatic behaviors also play a significant role in risky behavior, particularly with mobile devices and the ritualistic checking of email – users open messages mindlessly and get so used to clicking links, downloading files or entering credentials that they do not really factor logic into these decisions.

Based on this model of why individuals act in risky ways, he recommends developing a Cyber Risk Index (CRI) based on a short, 40-question survey given to individual employees to evaluate the cyberrisk they specifically pose, which can also be aggregated across divisions, sectors and organizations.

buy prelone online blockdrugstores.com/wp-content/uploads/2023/10/jpg/prelone.html no prescription pharmacy

buy silvitra online https://royalcitydrugs.com/silvitra.html no prescription

As the results highlight different areas of weakness that lead to the employee’s risky behaviors, the CRI can dictate the best ways to that individual and mitigate the risk.
phishing risk training What’s more, this quantitative score of individual cyber hygiene can be used to track changes in risk posture over time and to improve current decision processes regarding privileged access to the organization’s systems to better control data at risk.

buy cymbalta online blockdrugstores.com/wp-content/uploads/2023/10/jpg/cymbalta.html no prescription pharmacy

Check out Dr. Vishwanath’s whitepaper for more on this approach.

Information Security Teams Drastically Underfunded, Understaffed

Posted on by

LAS VEGAS—As the information security industry’s hackers, IT professionals, technology developers and even Hillary Clinton’s campaign descend on Las Vegas for this year’s Black Hat conference, Black Hat has released the results of a survey from last year’s convention, offering an insider’s look at the state of cyberrisk. The report offers a failing report card for current investment on cyberrisk and some key feedback for the C-suite about current risk exposure.

The Rising Tide of Cybersecurity Concern is the second annual Black Hat attendee survey. Last year’s results included the alarming findings that 72% of respondents felt it likely that their organizations would have to deal with a major data breach in the year ahead, while approximately two-thirds of respondents said they did not have enough staff, budget, or training to meet those challenges.

Unfortunately, these top security experts have only grown more concerned.

buy vilitra online rxbio.com/images/milestones/jpg/vilitra.html no prescription pharmacy

As cyberrisks proliferate – and attention from the C-suite increases – 15% “have no doubt” they will have to respond to a major security breach in the next year, with another 25% considering it highly likely and 32% calling it somewhat likely.

Yet information security teams are not getting the funding, staffing or training they need to combat this top risk. Only 26% of those polled said they have enough staff to simply defend against current threats.

buy apixaban online rxbio.com/images/milestones/jpg/apixaban.html no prescription pharmacy

Black Hat reports some 63% of security professionals say their departments do not have enough budget to defend their organizations against current threats, with 20% saying they are “severely hampered” by a lack of funding.

The training critical to effectively managing evolving cyberrisks also presents a considerable concern for many security professionals. Two-thirds of respondents said they feel they do not have enough training and skills they need to perform all of the tasks for which they are responsible — up from 64% last year. Ten percent of respondents said they feel “ill-prepared” for many of the threats and tasks they face each day.

Experts considered the top new cyberrisks:

blck hat enterprise security

The weakest links in enterprise security:

When asked why security initiatives fail, some 37% of respondents (a plurality) pointed toward this shortage of qualified people and skills, with a lack of commitment and support from top management the second-most frequently cited response at 22%.

blck hat enterprise security

“Organizational priorities such as compliance and risk measurement consistently reduce the time/budget available for security professionals to resolve issues they consider the most critical,” Black Hat noted. “These pressing issues include targeted attacks, social engineering, and internal application security troubleshooting. Although the 2015 report revealed this trend, rather than a reverse in expenditure behavior, the issue has continued to increase.

buy sinequan online rxbio.com/images/milestones/jpg/sinequan.html no prescription pharmacy

Additional findings from the survey include:

  • 37% see the re-emergence of ransomware as the greatest new threat to appear in the last 12 months
  • The attacker that 36% of security professionals fear most is the one with internal knowledge of the organization
  • While the emergence of the Internet of Things (IoT) has garnered much attention in recent years, only 9% of those surveyed are currently concerned with IoT security. However, 28% believe this will be a concern two years from now. This ranking has not altered since 2015.