5 tips for a safer 2018
The first of the year is a good time to assess what types of insurance coverage you have and what needs to be updated.
An insurance review does not have to be complicated if you follow these basic steps:
Step 1 – Talk to your insurer
Contact your insurer or agent to set up a time to talk about your existing coverage and changes that could affect your liability in new or different areas. Together you can determine coverage limits, new risks such as identity theft or cyber attacks, and discuss your plans for 2018.
Step 2 – Read your policies
Most policyholders don’t read their insurance policies until they actually need to use the coverage. By then it’s too late to see what your deductible is, that your auto policy doesn’t cover towing or the cost of a loaner car for more than a few days, or that your policy pays the actual cash value (the depreciated amount of an item) instead of the actual replacement cost for items damaged in a flood or fire.
Step 3 – Consider additional types of coverage
Some insurance policies must be purchased separately from existing auto or homeowners policies. Flood insurance, earthquake insurance and cyber insurance are just a few examples. Flood insurance must be purchased at least 30 days before the policy becomes effective (meaning you can’t purchase it a few days before a hurricane is supposed to hit your area).
Step 4 – Do you need rental insurance?
If you’ve just moved into your first apartment or out of a dorm room into an apartment, it might be wise to look into rental insurance for your belongings. Some students may be covered under their parents’ homeowners policy, but it’s always good to verify coverage and limits.
Rental insurance isn’t terribly expensive, ranging from $10-$30 a month to cover losses from theft, fire and more.
Step 5 – Compare prices
Today’s apps make it easy to compare prices for coverage. Ask your insurer about multi-policy discounts, possible discounts for a clean driving record or other ways you can save money on a policy. When comparing insurance policies, make sure they offer the same levels of coverage.
January 03 2018 - By T.Irene Hargraves reference: propertycasuality360.com
The unexpected risks of popular holiday gifts
Giving art, jewelry and toys carry unexpected risks.
A gift of art
With artwork, it's true that the majority of successful clients won't be buying museum-quality, million-dollar paintings or sculptures. Nevertheless, many clients can easily spend thousands and even hundreds of thousands of dollars on a gift of art, often without much planning for its purchase or how to transport or display it afterwards.
Here are some risks associated with buying a gift of art:
Fraud. Sometimes, what you see and buy isn't really what you get. Art experts say it's important to always buy art from reputable dealers, whether online or at a bricks-and-mortar location. Have the dealer provide a thorough report on the provenance, or ownership history, of the piece and make sure ownership title is clear.
All that glitters
December is a peak time of year for giving jewelry. Like art, a gift of jewelry should be purchased from a reputable dealer who explains the firm's return and exchange policy clearly in writing. In addition, a complete record of the gift — including purchase price, full description and photo — should be kept in a safe place, with a copy in another location.
Inadequate coverage. Better insurance carriers include a jewelry purchase in your client's coverage immediately. Other policies may provide some limited coverage. If your client intends to buy a gift of jewelry and has an idea of his or her budget, suggest they phone their insurance agent before the purchase to be certain of adequate coverage immediately. If the purchase is made spontaneously, have them call, email or text their agent from the store to arrange coverage.
At one time, perhaps the biggest risk in buying a toy as a gift was duplicating what the child already had. Today, some toys pose an oddly modern risk in the form of cybersecurity. Almost $3 billion worth of smart toys that connect to the internet were sold in 2015 and sales are expected to exceed $11 billion by 2020, according to The Guardian.
These toys, which include dolls, action figures, games and tablets, can be terrific gifts, but they also can be targets for hackers. Some dolls can be turned into listening devices, for instance, and be used to spy on the children and their families. Meanwhile, if connected to a home Wi-Fi network, the toys can provide an access point for hackers to gain confidential information.
While toy manufacturers say they are working on security, the best advice to give clients now is to make sure each smart toy has a separate, unique password and that the toy is not linked to a home network. Although the risks in giving gifts of toys, jewelry and art are obviously different from those inherent in the financial markets, your interest in protecting your clients from such risks will be similarly appreciated.
December 27 2017 - reference: propertycasuality360.com
Here are the safest vehicles on the road for 2018
Just 15 vehicles qualify for the Top Safety Pick+ award from the Insurance Institute for Highway Safety (IIHS) after the requirements were strengthened to include good-rated headlights and good or acceptable passenger-side protection in small overlap front crashes, down from 48 vehicles in 2015.
- Toyota Motor Corp.
The Impreza, Legacy, Outback and WRX qualify for Top Safety Pick+ when equipped with optional front crash prevention and specific headlights. The Crosstrek and the Forester earn Top Safety Pick, also with optional front crash prevention and specific headlights. Seven models with standard autobrake — the Toyota Camry, Corolla, Prius, Prius Prime and Highlander and the Lexus IS and NX — also have standard acceptable or good headlights and qualify for Top Safety Pick without any added options.
- Hyundai Motor Co.
Which owns the Hyundai, Kia and Genesis brands — has six models earning the award. The Kia Forte, Kia Soul, Hyundai Santa Fe, Hyundai Santa Fe Sport, Genesis G80, Genesis 90.
December 20 2017 - By T.Irene Hargraves
6 ways cyber security changed in 2017
The number and types of cybersecurity threats multiplies with each new online endeavor. The insurance industry, meanwhile, with its focus on risk analysis and prevention, is in a unique position to battle cyber criminals and malfeasance.
The impact of widespread cybercrimes in 2017 paired with InsurTech innovations are spurring change in the way cyberinsurance is sold and packaged along with the role that insurers play in cybersecurity.
Here are a half-dozen ways that cybersecurity is changing as a result of the major breaches of 2017.
No. 1: Insurers stepped up cyber insurance sales and marketing.
Cyber insurance is no longer solely the concern of the commercial insurance world, according to GlobalData, a leading data and analytics company. Going forward — in light of the Equifax hack as well as the scope of the WannaCry and Petya events — individuals may have no choice but to seek personal insurance protection from cyber crime.
No. 2: Cyber risk modeling is evolving for the changing threat.
The Summer 2017 Petya ransomware attack targeted Microsoft Windows-based systems worldwide. During the attack, the radiation monitoring system at Ukraine's Chernobyl Nuclear Power Plant went offline, and several companies experience serious business interruptions.
Scott Stransky with AIR Worldwide says that despite the many eye-opening cybersecurity events during 2017, the insurance industry did not suffer significant cyber losses.
"Insurers have taken a conservative approach with cyber and while this is effective at protecting their balance sheets, there are some negative tradeoffs to that strategy such as missed growth opportunities or lack of innovation," Stransky says. "To overcome these drawbacks, insurers have been increasingly been relying on flexible and transparent catastrophe models to test how their portfolios would respond to new and unforeseen cyber threats or evaluate the impact of introducing different policy terms and conditions to their book of business."
No. 3: Ransomware grows up.
Equifax announced in September that an identity theft hack impacted about 145.5 million of its customers in the U.S. and many thousands more worldwide.
Heretofore, most cyber crimes focused on stealing money or personal records with hopes that victims will pay to keep those records secure. Now, cyber criminals are learning to go after entire information security systems, the impact of which can be catastrophic.
No. 4: Cybersecurity now demands a more sophisticated insurance workforce.
In light of findings in the "2017 Willis Towers Watson Cyber Risk Survey," organizations are moving from the defensive to the offensive when it comes to cybersecurity, and that means training staff at all levels on best practices that serve both a security function and the business as a whole.
No. 5: Insurers are exploring more sophisticated cyber insurance and security services.
"As cyberattacks become more frequent and more complex, there are concerns that hackers could target America's industrial control systems, causing power outages and electrical grid failures," says David Gerlach, senior director of Information Security and Privacy at Applied Systems, Inc. "This goes far beyond what cyber insurance was created to cover. So it begs the question, 'Should cyber insurance cover only financial losses caused by information breaches or with these potential threats in mind, should it cover all encompassing harm due to cyber technology?'"
He continues: "Cybersecurity is becoming much more than protecting information — it's become about protecting a client's wellbeing. There are many other questions insurers will have to answer, however. Will this kind of cyber insurance be available to everyday consumers? Businesses? The government even? What we do know is the cyber insurance landscape will continue to change drastically as new technologies and new hackers become known."
No. 6: Finance and insurance regulators are taking a stand.
On the heels of the Cybersecurity Regulation adopted by the New York Department of Financial Services, the NAIC also issued its own cybersecurity model law meant to provide guidance for state insurance regulators.
Company concerns include complying with current and forthcoming cybersecurity regulations, and stepping up protections of sensitive client data.
January 03 2018 - By T.Irene Hargraves reference: propertycasuality360.com
4 Keys to bridging the cyber insurance gap
You will suffer from a cyber incident.
That's the message insurance providers should relay to current and prospective clients. Whether that incident involves malware, a phishing strike, a breached system, a ransomware infection, a lost or stolen laptop, or a distributed denial-of-service attack, all organizations will at some point suffer the direct or indirect consequences of a cyber incident. Gone are the days when providers and insureds could focus solely on preventing incidents. We must now take steps to prepare for when insureds do get hit.
Any organization is fair game
I’m being a realist, not an alarmist. Hackers, crypto-extortionists and just plain troublemakers are now targeting vulnerable companies regardless of their industry, not just data-rich banks and retailers. In fact, the new generation of cyber criminals is spreading its lures so widely that any kind of organization is liable to bite. Just look at the recent headlines:
- Healthcare: United Kingdom's National Health Service was one of the organizations hit hard by WannaCry in May, forcing many hospitals within the country's healthcare system to divert or postpone operations and procedures.
- Elections: A high-ranking official of the Department of Homeland Security told the U.S. Senate Intelligence Committee in June that election mechanisms in 21 states were targeted in cyber incidents during the 2016 presidential election.
- Transportation: The Danish transport and logistics conglomerate Maersk revealed in August that the Petya ransomware let loose in June cost the company some $300 million in lost revenue. Other enterprises victimized by Petya include advertising shop WPP, food company Mondelez, legal outfit DLA Piper, French construction materials corporation Saint-Gobain, and Russian steel and oil firms Evraz and Rosneft.
- Critical infrastructure: Reports emerged this June that late last year unknown hackers used malware to shut down an electric transmission station in Kiev, the capital city of Ukraine. In the same reports, cyber security experts were quoted as saying that the malware, known alternatively as Industroyer, CrashOverride or Electrum, is a threat not just to Ukrainian power grids. Any system run or monitored by automated controls (in other words, almost all the systems that make up critical infrastructure in the United States) is also vulnerable.
Disconnect between awareness and action
Expect more types of organizations to bite the cyber hook in the months to come. Many of them will be victimized through connected devices. The Internet of Things will vastly increase the number of points at which hackers, crypto-extortionists and other cyber criminals can access corporate digital systems and, just as important for insurers, expand the scope and complexity of risk. Pretty much everyone and everything will soon be connected to the internet — personal things such as the systems that heat homes, monitor babies and control medical devices; and public items such as security cameras, transportation networks and power plants. The analyst firm Gartner says that 26 billion connected devices will be in existence by 2020.
Owners and operators of many businesses and organizations are slowly starting to grasp the extent of the threat. Allied Market Research forecasts the global market for cyber insurance will rise from $3 billion today to $14 billion by 2022. Yet many organizations are still not getting the message.
Recent compelling evidence is found in the Cyber Governance Health Check 2017, a UK government report that supplies results on the levels of cyber security awareness and preparedness of the 350 largest firms in that country. Published in August, it reveals that more than 68% of these firms’ boards had not received training to deal with cyber incidents, despite 54% of these same boards saying that cyber threats were a top risk to their businesses. That separation between understanding the severity of the risk and failing to take an appropriate response is what I call the cyber insurance gap.
December 27 2017 - reference: Propertycasuality360.com
The term cyber itself invites the questions: What is “cyber,” what are some of the key risk areas that are evolving around cyber risk, and how is it important to claims professionals?
The International Risk Management Institute (IRMI) defines cyber as, “A type of insurance designed to cover consumers of technology services or products. More specifically, the policies are intended to cover a variety of both liability and property losses that may result when a business engages in various electronic activities such as selling on the internet or collecting data within its internal electronic network.”
Key cyber risk claim implications
1. It's not just cyber liability — Cyber risk is often narrowly categorized as “cyber liability.” Third-party liability was the focal point of cyber risk in years past, but clearly first-party property insurance has emerged as a key area. First-party insurance offerings include loss of digital assets, business interruption and extra expense and cyber extortion. One example of property-driven cyber attacks involves the 2016 Iran oil field fires and resultant property losses that have tentatively been linked to malware attacks.
2. Wearables — The explosion of wearable devices such as Fitbits and Apple Watches has created new cyber risk concerns related to linked application access from the devices, as well as individual data from the devices themselves. Claims personnel should be aware of the potential exposure for employee-based group policies (group health; group life) that provide incentives to acquire, wear and upload personal health and fitness data. There is also a potential data risk when “connected employees” use corporate e-mail or groupware accounts from smart watches. Claims in either situation could be initiated on the loss of confidential information and typically provide coverage for the consumer.
3. Medical devices — Imbedded medical devices (IMD) such as insulin pumps, pacemakers, defibrillators, etc., are an increasing area of concern for cyber risk. Recent events, such as Johnson & Johnson's warning to users of cyber intrusion potential, illustrate the possibility for abuse. One key implication for claims organizations is to look for aberrant data that is reported from or to the devices, and to any potentially related cyber-driven claims that might be aligned with IMD data intrusion.
4. Intellectual Property (IP) theft — IP theft has occurred for years, but the ease of accessing data and information via digital means is resulting in an increased risk. Claims organizations require more awareness of this potential type of loss, and should coordinate closely with underwriting to understand the level of claim reserve to establish. The loss of intellectual property and the policies that provide potential coverage can be confusing. First-party IP theft policies (generally issued as Specialty Lines commercial products) are becoming more available, but reviewing the existing Commercial General Liability and Professional Liability policies for relevant coverage is also necessary.
5. Professional Liability/Tech E&O Insurance — Tech E&O is designed to cover providers of technology services, whereas cyber policies focus on consumers of technology products and services. The confusion happens because cyber insurance policies offer a number of the same insuring agreements as Tech E&O policies. Claims professionals should confirm what policies are held by the customer submitting a cyber claim, and indicate the coverage focus for the Tech E&O and cyber policies.