Category Archives: Insurance

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

Cybercrime Costs Global Economy Up to $575 Billion

Posted on by

Cybersecurity

Cybercrime costs the global economy about $445 billion every year, though the damage may be up to $575 billion, according to a new report from the Center for Strategic and International Studies and software company McAfee. Further, the damage to businesses exceeds the $160 billion loss to individuals.

“Cyber crime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” said Jim Lewis of CSIS. “For developed countries, cyber crime has serious implications for employment.”

Indeed, the biggest economies have suffered the most – the losses in the United States, China, Japan and Germany totaled at least $200 billion.

Businesses are sitting up and taking notice. A recent survey from Munich Re found that 77% of mid-size to large companies have or will have cyberinsurance in the next year. Yet, of the 23% that do not plan to buy insurance, nine out of 10 said this was because current coverage available does not meet their needs or would not be relevant for their business.

What are companies doing to manage cyber risk? Munich Re found:

Munich Re graph

Reputational damage has emerged as one of the biggest sources of loss from cyberbreach. Respondents said the biggest risk an incident would have pose to their business’s reputation is:

Munich Re reputational risk of cyberbreach

 

RIMS Risk Maturity Model: Root Cause Discipline

Posted on by

After the last article, which discussed the first two attributes of the RIMS Risk Maturity Model (RMM), ERM Based Approach and ERM Process Management; our focus here is on the third attribute, Root Cause Discipline.

Root Cause Approach

In Washington, D.C., officials tried, but were nearly helpless in stopping the deterioration of the Lincoln Memorial. Rather than address the damage with costly repairs, they instead traced the concern back to a root cause. Deterioration was caused by the high powered hoses needed to clean the building—which were necessary because the building was an attractive home for birds.

online pharmacy vidalista with best prices today in the USA

Birds were drawn to a very dense population of insects, which were attracted to the bright lights of the memorial.

online pharmacy amoxil with best prices today in the USA

So how do you stop the Lincoln Memorial from deteriorating? You dim the lights.

The root cause methodology provides clarity by identifying and evaluating the origin of the risk rather than the symptoms. Unveiling the triggers behind high level risk and loss events point to the foundation of where an organization is vulnerable.
buy eriacta online https://galenapharm.com/pharmacy/eriacta.html no prescription

Uncovering, identifying and linking risk back to the root causes from which they stem allows organizations to gather meaningful feedback, and move forward with accurate, targeted mitigation plans.

To illustrate an example in a business environment, consider the risk of inadequate training. Within an organization, there may be multiple departments experiencing risk regarding their training policies, procedures and documentation, yet each area is likely to be recording and recognizing this risk in its own way. The result is an extensive amount of information recorded in spreadsheets that requires time and energy to sort and sift through. By identifying the root cause, a risk manager can expose the underlying commonality between departments and their concerns, allowing more effective identification and mitigation of systemic risk.

Applying root cause to your current approach

To integrate this type of approach to an enterprise risk management (ERM) program, you must first identify the root cause foundation of your organization. The RMM is built on five root cause categories which cover all enterprise risks:

  • External – risk caused by third-party, outside entities or people that cannot be controlled by the organization
  • People – risks involving employees, executives, board members and all those who work for the organization
  • Process – risks that stem from the organizations business operations including transactions, policies and procedures
  • Relationships – risks caused by the organization’s connections and interactions with customers, vendors, stakeholders, regulators  or third parties
  • Systems – risks due to theft, piracy, failure, breakdown, or other disruption in technology, plant, equipment, facility, data or information assets

Understanding which core area of the organization a risk stems from provides the ability to effectively understand and mitigate the risk. For instance, theft from an external third party is very different than theft from an internal employee, and will thus have a very different response and mitigation strategy.

online pharmacy cymbalta with best prices today in the USA

One strategy would require an investment in IT or infrastructure, while the latter would need an HR policy change or new ethics program.

Looking for an example of root cause? Download our complimentary Risk Assessment Template.

Insuring Against Third-Party Cyberrisk

Posted on by

The tremendous growth in cyber insurance is being fueled in part by the desire of companies to cede some of the risk of a cyber breach to insurers.

  In many cases insurers are eager to take on this risk—provided they can objectively quantify and understand the risks they are underwriting.

However, is it enough to only look at the cyber risk of the insured?  Increasingly companies are being attacked through their third-party vendor networks; one study by the Ponemon Institute reported 23% of data breaches are attributable to third party vendors. As companies share critical customer information with vendors, they expose themselves to a breach through these extended networks. Criminals have even started to target small to medium sized companies as a way to access the sensitive information of the larger firms they serve.

One case of this new tactic is documented in a recent New York Times article in which a mischievous attack was perpetrated by inserting malware into a Chinese take-out menu favored by employees of the targeted company. Last December, when Target Corp was breached and hackers stole credit card data for 70 million customers, the attack was traced to malicious code getting into Target’s network through a heating and air conditioning vendor.

For an insurer, these risks are very real and pose a potential blind spot in the risk assessment process.  When a breach occurs through a third-party vendor and involves the loss of sensitive data on behalf of a customer, the financial and reputational damage that ensues falls primarily on the owner of the data—and their insurer. While insurers today are grappling with the task of evaluating the cyber risk of the insured themselves, often there is little thought given to the cyber security of the insured’s third-party vendors.

Some underwriters are asking prospective clients to list their critical vendors in policy applications, but this is primarily to identify areas of risk aggregation—where a large percentage of insureds are all relying on the same set of vendors.

 Identifying risk aggregation is an important part of overall risk assessment, however simply enumerating critical vendors and identifying potential aggregation issues fails to identify whether those vendors are secure.

In order for underwriters to overcome this obstacle, objective cyber risk metrics can be used to both assess the insured AND their critical vendors. Ratings can be a valuable tool in identifying problem areas within an insured party’s internal network and extended ecosystem. Identifying and mitigating these problems before a breach occurs can help both client and insurer avoid costly monetary losses and damage to their reputation.

NOAA Releases 2014 Hurricane Season Outlook

Posted on by

hurricane season

In a press conference this morning, the Climate Prediction Center of the National Oceanic and Atmospheric Administration (NOAA) released its official 2014 outlook for the Atlantic and Eastern Pacific hurricane seasons.

The East Coast may see below-average activity this year, thanks, in part, to the anticipated development of El Nino this summer. According to NOAA, “El Niño causes stronger wind shear, which reduces the number and intensity of tropical storms and hurricanes. El Niño can also strengthen the trade winds and increase the atmospheric stability across the tropical Atlantic, making it more difficult for cloud systems coming off of Africa to intensify into tropical storms.”

There is a 50% chance for a below-average season, a 40% chance of a near-normal season, and only a 10% chance of an above-average season, the center predicts. “For the six-month hurricane season, which begins June 1, NOAA predicts a 70 percent likelihood of 8 to 13 named storms (winds of 39 mph or higher), of which three to six could become hurricanes (winds of 74 mph or higher), including one to two major hurricanes (Category 3, 4 or 5; winds of 111 mph or higher),” they announced.

2014 Atlantic Hurricane OutlookBut the forecast is no reason to take preparations lightly. “Thanks to the environmental intelligence from NOAA’s network of earth observations, our scientists and meteorologists can provide life-saving products like our new storm surge threat map and our hurricane forecasts,” said Kathryn Sullivan, Ph.D., NOAA administrator. “And even though we expect El Niño to suppress the number of storms this season, it’s important to remember it takes only one land-falling storm to cause a disaster.”

On the West Coast, it may be a more tumultuous summer. The outlook calls for a 50% chance of an above-normal season, a 40% chance of a near-normal season, and a 10% chance of a below-normal season. The center predicts there is a 70% chance of 14 to 20 named storms, which includes 7 to 11 hurricanes, of which 3 to 6 are expected to become major hurricanes (Category 3, 4 or 5 on the Saffir-Simpson Hurricane Wind Scale).

online pharmacy flagyl with best prices today in the USA

“The key climate factor behind the outlook is the likely development of El Niño this summer. El Niño decreases the vertical wind shear over the eastern tropical Pacific, favoring more and stronger tropical storms and hurricanes,” said Gerry Bell, Ph.

online pharmacy reglan with best prices today in the USA

D., lead seasonal hurricane forecaster with NOAA’s Climate Prediction Center. “The eastern Pacific has been in an era of low activity for hurricanes since 1995, but this pattern will be offset in 2014 by the impacts of El Niño.

online pharmacy paxil with best prices today in the USA

Next week (May 25-31) is National Hurricane Preparedness Week, and NOAA and FEMA will be offering additional tips and insight on their websites ahead of the official start of hurricane season on June 1.