Category Archives: Insurance

A Risk-Based Approach to Rating and Correcting Individual Cyberrisk

Posted on by

LAS VEGAS—At this week’s Black Hat conference, some information security professionals turned to a key issue to control enterprise-wide cyberrisk: hacking humans.

buy antabuse online blockdrugstores.com/wp-content/uploads/2023/10/jpg/antabuse.html no prescription pharmacy

As phishing continues to be one of the top threats for businesses, hackers and security professionals here continue to try and make sense of why this threat vector is so successful and how to better defend against these attacks.

In a session called “Blunting the Phisher’s Spear: A risk-based approach for defining user training and awarding administrative privileges,” Professor Arun Vishwanath presented some of his research on the “people problem” of cybersecurity, proposing a new model for quantifying the cyberrisk posed by individuals within the enterprise and tailoring training to best mitigate the risk they pose. While many corporate training programs stage fake phishing emails and then lecture those who fail, he said, this model continues to be ineffective, as proven by the increase in these attacks and their efficacy across all industries. People are not the problem, Vishwanath asserted, rather it is in our understanding of people.

Vishwanath and his colleagues have come up with a model to explain how users think, the Suspicion, Cognition, Automaticity Model (SCAM). Faulty ideas about cybersecurity practices, popular myths and other irrational beliefs lead to illogical and unsafe practices. Automatic behaviors also play a significant role in risky behavior, particularly with mobile devices and the ritualistic checking of email – users open messages mindlessly and get so used to clicking links, downloading files or entering credentials that they do not really factor logic into these decisions.

Based on this model of why individuals act in risky ways, he recommends developing a Cyber Risk Index (CRI) based on a short, 40-question survey given to individual employees to evaluate the cyberrisk they specifically pose, which can also be aggregated across divisions, sectors and organizations.

buy prelone online blockdrugstores.com/wp-content/uploads/2023/10/jpg/prelone.html no prescription pharmacy

buy silvitra online https://royalcitydrugs.com/silvitra.html no prescription

As the results highlight different areas of weakness that lead to the employee’s risky behaviors, the CRI can dictate the best ways to that individual and mitigate the risk.
phishing risk training What’s more, this quantitative score of individual cyber hygiene can be used to track changes in risk posture over time and to improve current decision processes regarding privileged access to the organization’s systems to better control data at risk.

buy cymbalta online blockdrugstores.com/wp-content/uploads/2023/10/jpg/cymbalta.html no prescription pharmacy

Check out Dr. Vishwanath’s whitepaper for more on this approach.

July P&C Composite Rate Steady, Transportation Increases

Posted on by

The property and casualty composite rate for July was the same as June’s rate, which was minus 1%, MarketScout reported today, adding that insurers are working to stop the downward trend.

“While insurers continue to grant minor rating concessions, many are pushing for an end to any further rate reductions,” Richard Kerr, CEO of MarketScout said in a statement. In the transportation sector, however, pricing is increasing “on all but the very best accounts. The poor loss experience in transportation has prompted underwriters to demand rate increases and restrict underwriting appetite.” Insureds that are unable to convinceBarometer underwriters they can control losses are left with few options “and ultimately end up paying a much higher rate/premium which impacts their profit margins,” he said.

Kerr continued that insurance buyers in the transportation industry are complaining about the lack of cooperation they are seeing from insurers as they try to manage their risk portfolio. “Business owners and corporate CEOs are concerned their insurance premiums will be larger than what was budgeted therefore negatively impacting net profits,” he said.

He advised these insureds to “allocate capital towards implementing loss control and companywide safety programs. That is how they will get cooperation from their insurers.”

A comparison of June 2016 to July 2016 rates by coverage classification reveals that workers compensation and property coverages were the most aggressively priced at minus 2%. Business interruption, business owners policies (BOP), fiduciary and directors & officers all moderated by moving rates from minus 1% to flat, or no increase. Professional liability rates moved from down 2% to down 1%. Rates for all other coverages were unchanged.
Rates-coverage class

There were no rate adjustments by account size from June to July.
Account size

By industry classification, rates for public entities moved up from minus 1% in June to flat or no increase in July. Transportation accounts were assessed at the largest rate increases from up 1% in June to up 3% in July, according to MarketScout.
Industry class

Information Security Teams Drastically Underfunded, Understaffed

Posted on by

LAS VEGAS—As the information security industry’s hackers, IT professionals, technology developers and even Hillary Clinton’s campaign descend on Las Vegas for this year’s Black Hat conference, Black Hat has released the results of a survey from last year’s convention, offering an insider’s look at the state of cyberrisk. The report offers a failing report card for current investment on cyberrisk and some key feedback for the C-suite about current risk exposure.

The Rising Tide of Cybersecurity Concern is the second annual Black Hat attendee survey. Last year’s results included the alarming findings that 72% of respondents felt it likely that their organizations would have to deal with a major data breach in the year ahead, while approximately two-thirds of respondents said they did not have enough staff, budget, or training to meet those challenges.

Unfortunately, these top security experts have only grown more concerned.

buy vilitra online rxbio.com/images/milestones/jpg/vilitra.html no prescription pharmacy

As cyberrisks proliferate – and attention from the C-suite increases – 15% “have no doubt” they will have to respond to a major security breach in the next year, with another 25% considering it highly likely and 32% calling it somewhat likely.

Yet information security teams are not getting the funding, staffing or training they need to combat this top risk. Only 26% of those polled said they have enough staff to simply defend against current threats.

buy apixaban online rxbio.com/images/milestones/jpg/apixaban.html no prescription pharmacy

Black Hat reports some 63% of security professionals say their departments do not have enough budget to defend their organizations against current threats, with 20% saying they are “severely hampered” by a lack of funding.

The training critical to effectively managing evolving cyberrisks also presents a considerable concern for many security professionals. Two-thirds of respondents said they feel they do not have enough training and skills they need to perform all of the tasks for which they are responsible — up from 64% last year. Ten percent of respondents said they feel “ill-prepared” for many of the threats and tasks they face each day.

Experts considered the top new cyberrisks:

blck hat enterprise security

The weakest links in enterprise security:

When asked why security initiatives fail, some 37% of respondents (a plurality) pointed toward this shortage of qualified people and skills, with a lack of commitment and support from top management the second-most frequently cited response at 22%.

blck hat enterprise security

“Organizational priorities such as compliance and risk measurement consistently reduce the time/budget available for security professionals to resolve issues they consider the most critical,” Black Hat noted. “These pressing issues include targeted attacks, social engineering, and internal application security troubleshooting. Although the 2015 report revealed this trend, rather than a reverse in expenditure behavior, the issue has continued to increase.

buy sinequan online rxbio.com/images/milestones/jpg/sinequan.html no prescription pharmacy

Additional findings from the survey include:

  • 37% see the re-emergence of ransomware as the greatest new threat to appear in the last 12 months
  • The attacker that 36% of security professionals fear most is the one with internal knowledge of the organization
  • While the emergence of the Internet of Things (IoT) has garnered much attention in recent years, only 9% of those surveyed are currently concerned with IoT security. However, 28% believe this will be a concern two years from now. This ranking has not altered since 2015.

P&C Insurers Face Lower Profit Margins

Posted on by

High insured losses from natural catastrophes, challenges from the personal auto business and pricing competition will make it more difficult for the property and casualty industry to maintain the favorable underwriting results it has seen for the past three years, according to S&P Global Market Intelligence.

In its U.S. P&C Insurance Market Report, S&P predicts an increase in the industry’sDown chart2 statutory combined ratio to 99.5% in 2016 from 97.6% in 2015 and reduction of pretax returns on equity to 8.7% from 10.8%—or to 7.5% from 9.9% when adjusting for the impact of prior-year reserve development.

“Profit margins are projected to be much narrower than they have been in the last few years, unless something dramatic happens,” report authors Tim Zawacki, senior editor and Terry Leone, manager of insurance research at S&P Global Market Intelligence said in a statement. “While insurers have wisely accounted for the fact that they haven’t been able to depend on investment gains to subsidize underwriting losses, they still need to practice restraint as they seek growth.”

Commercial Lines
The commercial lines combined ratio is projected to increase to 95.1% from 93.4% for 2015, which represented the third-consecutive year that the measure of underwriting profitability had ranged between 93.3% and 93.5%.

According to the report, premium growth in the commercial lines has benefited from factors such as slow, but steady macroeconomic growth and rate increases in commercial auto business, offset by continued downward pressure on commercial property rates. The outlook anticipates that the 93.9% combined ratio in the workers compensation line in 2015—which marked the first sub-100% result in that business since 2006—will not be repeated and that historically favorable results of the past three years in commercial multiperil and the fire and allied lines will begin to normalize over time.

Factors such as abundant reinsurance capacity, favorable underwriting results and relatively high levels of capitalization have contributed to downward pressure on commercial lines rates. The outlook assumes that carriers will continue to exhibit discipline in their underwriting, as recent contractions in Treasury yields in the aftermath of the U.K.’s June Brexit vote offer a reminder of the reinvestment risk the industry continues to confront, in what remains a low-for-long interest rate environment, S&P said.

Key observations
• Reduced Profitability: The P&C industry’s pre-tax ROE is projected to decline about 2 percentage points in 2016 while its combined ratio, which measures expenses incurred relative to premiums earned, is projected to increase to 99.5%, the highest level since 2012.
• Increased Investment Risk: Declining Treasury yields in the aftermath of the U.K.’s Brexit referendum have reinforced the challenges the industry faces to earn reliable, low-risk investment income, putting additional pressure on underwriting discipline.
• Weak First Half: Large increases in the amount of insured catastrophe losses during the first half of 2016 will negatively impact loss ratios in several business lines that have produced historically favorable results during the past three years.
• Personal lines: Historically unfavorable results in the private-passenger auto business are projected to deteriorate further in 2016 as miles driven by Americans continue to rise due to low gas prices. They will begin to improve once broad-based rate increases fully take hold, but this will take some time.
• Financial Results Hinge on Auto Line Performance: Private auto lines accounted for 34.4% of the industry’s 2015 direct premiums and, as financials demonstrated, the performance of those lines have played a significant role on the fate of underwriting.
• Future Issues: Favorable reserve development, broad access to reinsurance capacity, and a series of benign hurricane seasons have provided tailwinds to the industry in recent years. But none of those elements will continue in perpetuity and the absence of any one of them could create additional hurdles for the industry from a profitability perspective in 2016 and beyond.