Author Archives

Preparing And Making The Right Trucking Insurance Decisions To Protect Your Investment

Whether you are a trucking start-up or a seasoned small carrier, insurance is both a necessity and a nuisance with which to be reckoned.

More times than not a carrier’s owner isn’t as prepared as needed with the necessary information required for the lowest insurance quote. Many small and micro-carriers request quotes when their insurance is renewing in just a few days or weeks. That in itself creates a challenge for the insurance agent to gather the required underwriting information about the carrier, package it to fit the different criteria of the multitude of insurance companies, and provide the time for insurance underwriters to return a quote with their best rates. Trucking company owners need to know that to get the lowest possible rates, an insurance company requires both time and detailed information about the carrier.

This is not like calling your local car and home insurance agent, or going online to enter personal information to receive a quote for your car. For trucking insurance, you’re talking about a multitude of risks that need to be evaluated to determine the best coverage at the lowest cost.

To do this and to ensure no coverage is left out and unnecessary coverage is excluded requires time. The typical length of time spent gathering the underwriting information from the carrier, packaging the information in the required format for each underwriter, and then providing those underwriters with the time necessary to assemble a quality quote is two to three months.

If your insurance agent hasn’t contacted you 90 to 120 days out from your renewal date or if you are a start-up carrier, you need to contact the agent 120 days from the date you are officially opening for business. Anything short of that and you will most likely pay far more than you should for your motor carrier’s insurance.

What follows is a list of the detailed information you should be providing to your insurance agent. It’s best to have it packaged and ready to go. When insurance companies ask for documents, the faster they are produced indicates you’re on top of your company’s business and financial situation.

Keep in mind there may be other documents and information required for special situations and operations, so verify with your insurance agent what he or she needs.

GENERAL INFORMATION

– A list of drivers, including license numbers, dates of birth, and dates of hire.
– A copy of current safety program and any incentive program.
– A list of primary customers.
– Current company financial statements.
– Three- to five-year-loss runs with details on any large losses.
– An updated business plan.
– Website address as well as any brochures, newspaper articles, etc., that describe insured’s operations.

PROPERTY

– A list of all facilities (buildings, tank capacity, etc.)
– Is vehicle repair or body work done on premises?
– Is fuel stored on premises? Describe type, amount, and storage.
– Are fuel pumps and tanks protected by concrete posts?
– Is the yard area fully fenced and lit at night?

GENERAL LIABILITY

– Are you involved in other operations besides trucking for hire?
– Are you involved in any warehousing of goods for others?
– Are drivers allowed to carry guns?

AUTO LIABILITY

– What type of carrier is your company, i.e., common, contract, exempt, or private?
– List the types and percentage of hauling done for each (van, reefer, flatbed, liquid, etc.).
– Describe in detail what commodities are hauled.
– List major cities insured served and give percentage of overall operations to each.
– Does insured ever haul into or out of Canada or Mexico?
– Are any federal or state filings required?
– Are special filings (oversized, overweight, etc.) required?
– Is your company involved in any intermodal shipping?
– Does your company haul double or triple trailers? If yes, list percentage of each.
– Do you act as a freight broker/forwarder or arrange loads for others?
– Do you hire equipment from others?
– Do you hire contract lease operators under your authority?
– Is your company named as additional insured on its policies?
– Do you or your contract lease operators require non-trucking coverage (bobtail)?
– Is equipment ever loaned or leased to others? With or without drivers?
– Is your trucking company responsible for primary auto liability coverage?
– Do any contract lease operators need to be named as an ‘additional insured’?
– Is your carrier party to a formal interchange agreement?
– What is your carrier’s policy regarding passengers riding in trucks?
– Do you operate any vehicles that may need downtime coverage?
– Describe the current maintenance program for trucks and equipment.
– Are any vehicles altered, customized or have special equipment?
– Are all trucks equipped with fire extinguishers?
– Describe driver hiring, training and safety programs employed by insured.
– Are drivers assigned to specific trucks? Do drivers perform daily inspections?
– Are motor vehicle reports (MVRs) obtained for all new drivers? Are annual MVRs run for all existing drivers?
– What percentage of drivers are employees versus contract lease operators?
– Are any drivers under 25 years old? Over 65 years old?
– What are the maximum number of hours driven daily and weekly by drivers?
– Are pre-employment physicals required for all new drivers?

 

Source: American Trucker

Four Steps To Prepare Your Small Business For Hurricane Season

While Hurricane Matthew may still be fresh in the minds of many local small business owners, forecasters warn this year’s hurricane season may be worse than normal.

The National Oceanic and Atmospheric Association predicts five to nine hurricanes, two to four of which could be Category 3 or higher. Hurricane season lasts from June 1 through Nov. 30.

Small business are particularly vulnerable to the high costs of weather damages. Almost 40 percent never reopen after a disaster, according to the Federal Emergency Management Agency.

Ed Bides, information security officer and disaster recovery team member at Florida Capital Bank, offers four practical ways to ensure your business is prepared for Mother Nature.

1. Know What You Have

Catalog computers, equipment and other property as well as files and important documents. Keep a digital copy of this list, photograph important equipment and back up your documents using a cloud service.

2. Check Your Insurance Policies

Do you need business interruption coverage? Will your insurance pay what your old equipment is worth now or what it will cost you to buy new equipment? Carefully consider what your policies will do for you, and make sure you have all the coverage you need.

3. Plan Ahead

Develop a plan for how to prepare your business and personnel for severe weather. Remember that your employees will need time to prepare their homes and pick up children from school in the case of an evacuation. “There’s always room to improve,” said Bides, noting that Florida Capital Bank modifies its plan every year. Communicate your plan, so everyone is on the same page when you need them to be.

4. Know Your Disaster Recovery Options

Check the Small Business Administration website after a disaster to see if your business is in a disaster relief zone and eligible for funds.

 

Source: SFBJ

New Hurricane Advisories To Give Storm Preparation Deadlines

Some coastal residents always put off emergency preparations until storm clouds loom on the horizon.

The National Hurricane Center is going to try giving those people a deadline this year, issuing experimental advisories showing when tropical-storm force winds may hit particular communities to help them understand when it’s too late to put up storm shutters or evacuate.

The forecasters’ advisories will be fueled by more data than ever, thanks to new weather satellites and an expanded network of underwater gliders.

To help people understand when storm preparations should be completed, the hurricane center will experiment with advisories showing the times when sustained tropical-storm force winds are estimated to hit land. If a tropical disturbance nears shore, forecasters also could post advisories or warnings before it develops into a tropical depression or named storm.

 “The new advisories could help validate evacuation orders for people who complain about hype around approaching storms,”’ Florida’s emergency management director,” Bryan Koon, said “We can say, listen, this is when things are going to get bad in your area. We can also use that to say, a few hours ahead of that, stores are going to close, roads are going to get jam-packed with people, we might have to shut down power substations.”

Storm surge watches and warnings will be issued when U.S. coastlines are at risk for life-threatening flooding.

Shrinking Cone

The “uncertainty cone” showing a storm’s projected path shrinks again this year, with continued improvements in track forecasts. It’s still the best-known advisory released by the hurricane center, but forecasters continue to emphasize individual hazards away from the center of a storm.

On his last day as hurricane center director before returning to The Weather Channel, Rick Knabb said better data and better computer models help create a narrower cone. But that can give a false sense of security to areas outside the cone.

“Hurricane watches and warnings can extend well outside the cone. In fact, the hurricane itself can be much larger than the width of the cone,” Knabb said. “So clearly a hurricane is not just a point on the map. Forecasters will add an outline of a storm’s wind field to the graphic to help people see hurricane impacts beyond the cone.”

Intensity Forecasts

Predicting the intensity of a storm remains a challenge. Apart from improving public communications about storm hazards, the hurricane center also has been working to improve its forecasts predicting when and how much a storm will strengthen.

“It’s difficult to measure what’s happening around a hurricane’s eye – where the strongest winds swirl – or how it interacts with the ocean and the atmosphere, and that affects the accuracy of storm intensity forecasts,” said Dan Brown, a senior hurricane specialist at the Hurricane Center in Miami. “It’s a combination of everything, but oftentimes, it’s understanding what the structure of the storm is and getting that right when the computer models are first run.”

Forecasting Technology

More and better data will be streaming into those models this year, which forecasters hope will help improve their predictions for a hurricane’s intensity.

NASA launched eight mini-satellites in December to measure surface winds deep in the hearts of hurricanes. Unlike other weather satellites, the $157 million Cyclone Global Navigation Satellite System can give scientists a clear look into a hurricane’s eye even through walls of clouds and rain.

Forecasters said the $1 billion GOES-16 weather satellite, launched in November, is as significant an upgrade as switching to high-definition television, with more detailed images and more channels looking at storms.

To keep up with higher resolution forecast models, the National Oceanic and Atmospheric Administration has upgraded the Doppler radar on its hurricane hunter aircraft to give scientists a more detailed look at hurricane winds.

NOAA again will launch four underwater gliders from Puerto Rico and the U.S. Virgin Islands to collect ocean data, and this summer the agency will expand its data pool by collaborating with universities and research institutions in the U.S. and Bermuda that have up to 20 their own gliders in the Gulf of Mexico and the Atlantic.

 “Glider data has helped improve the models’ understanding of the ocean,” said Gustavo Goni, director of the physical oceanography division at NOAA’s Atlantic Oceanographic and Meteorological Laboratory. “We want to put all these efforts together to make a better analysis.”

 

Source: Claims Journal

Here’s What the House Has In Mind For Revamping The National Flood Insurance Program

A much-anticipated House subcommittee proposal on flood insurance promises to reauthorize the National Flood Insurance Program (NFIP) for five years beyond its September 30 expiration date.

The proposal would introduce reforms to put the NFIP on stronger financial footing; provide aid for those unable to afford coverage; improve flood mapping, mitigation efforts and claims handling; and encourage greater private insurer participation in the market.

Rep. Sean Duffy (R-Wis.), chairman of the House Financial Services Subcommittee on Housing and Insurance, said the draft was being released so that all stakeholders could provide “input into protecting the program integrity of the NFIP.”

The schedule for consideration of this or other flood insurance proposals has not yet been announced. The far-reaching draft incorporates ideas from Republicans and Democrats, advocates for consumers and taxpayers, as well as ideas from the insurance, banking and real estate industries.

“The ideas stemming from this open process will ensure that everyone who needs flood insurance will have access to it while ensuring that the NFIP does not fall further into debt,” Duffy said, referring to the $24.6 billion the NFIP owes the Treasury.

In late April, U.S. Senators Bill Cassidy (R-La.) and Kristen Gillibrand (D-N.Y.)  released their draft legislation reauthorizing the NFIP for 10 years. The Cassidy-Gillibrand legislation addresses flood insurance affordability, coverage limits and solvency issues while encouraging increased mitigation and gradual private sector involvement. It also seeks to strengthen flood mapping and claims handling.

The House measure gives the Federal Emergency Management Agency (FEMA), which administers the flood insurance program, more responsibility and authority for the program’s financial stability and operations. The House blueprint incorporates several other House proposals dealing with various aspects of the flood program. Key provisions of the Duffy draft include:

Financial Issues

Independent Actuarial Study. Require FEMA to provide for an annual independent actuarial study of the NFIP to analyze the financial position of the program based on its long-term estimated losses and transmit the results to Congress. Additionally, require FEMA to submit quarterly reports to Congress on the changing policyholder composition and risk profile of the NFIP.

Risk Transfer Requirement. Require FEMA to use risk transfer tools, such as reinsurance, catastrophe bonds, collateralized reinsurance, resilience bonds, and other insurance-linked securities, to reduce direct taxpayer exposure to insurance losses. (FEMA has already begun buying reinsurance.)

Changes To Surcharges. Increase annual surcharges from $25 to $40 for all primary residences; reduce the annual surcharge from $250 to $125 for non-owner occupied residential properties that are currently subject to preferred risk premium rates; and increase the annual surcharge from $250 to $275 for all other non-primary residences.

Reserve Funding. Increase the current National Flood Insurance Reserve Fund assessment rate by 1 percent each year until the NFIP achieves its statutorily mandated reserve ratio phase-in requirement of not less than 7.5 percent.

Multiple Loss Properties. Enhance the managing and tracking of properties with a history of multiple claims by defining a new “multiple-loss property” term to cover all at-risk properties.

Properties With Excessive Lifetime Claims. Prospectively prohibit the availability of NFIP coverage of any multiple-loss property with lifetime losses so excessive that the aggregate amount in claims payments exceeds twice the amount of the replacement value of the structure.

High-Risk Properties. No longer make available NFIP coverage for certain high-risk properties after January 1, 2021, that have other available private flood insurance options. These would include any new structures added to today’s high-risk special flood hazard areas, as well 1-4 unit residential structures where the replacement cost of the building (exclusive of the real estate upon which the structure is located) exceeds $1 million.

Allowance For Write-Your-Own (WYO) Companies. The allowance paid to companies participating in WYO Program shall not be greater than 25 percent of the chargeable premium for such coverage.

Mandatory Purchase Requirements. Increase the civil money penalties on federally regulated lenders for failure to comply with the NFIP’s mandatory purchase requirements from $2,000 to $5,000.

All-Peril Policies. Provide for the satisfaction of the NFIP’s mandatory purchase requirement for those properties located in a state that adopts a state-based requirement for mandatory “all-perils” coverage that includes flood insurance.

Additionally, reiterate that nothing in the law prohibits states, localities and private lenders from requiring the purchase of flood insurance coverage for a structure that is located outside of an area designated by FEMA as a special flood hazard area.

Private Market

In terms of encouraging a private flood insurance market the draft includes provisions to clarify that a private carrier policy outside of the NFIP satisfies mandatory purchase requirements and eliminates the restriction that currently prevents insurers participating in the NFIP’s Write Your Own (WYO) Program from also selling private flood insurance policies. It would also open the government’s flood insurance rate making and loss information to insurers and the public. Private policies would be assessed to help pay for flood mapping as NFIP policies are.

It would allow refunds to policyholders who cancel during a policy term in order to obtain a private market policy — just one of the provisions designed to encourage the private insurance market.

Affordability

Rate Increase Cap. Lowers the cap on annual rate increases from 18 percent to 15 percent and limit the chargeable risk premium of any single family residential property to $10,000 per year.

State Affordability Program. Authorizes states to voluntarily create a state flood insurance affordability program for eligible owner-occupants of single family 1-4 unit residences who are unable to pay their chargeable risk premium due to family income. Assistance can be in the form of either capping the amount of chargeable risk premium paid, or limiting the amount of premium increase on an annualized basis. The program’s cost would be recouped through an equally distributed surcharge on all other policyholders within that state.

Commercial Exemption. Eliminate the NFIP’s mandatory purchase requirement for all commercial properties, while preserving the eligibility of commercial properties voluntarily to purchase NFIP coverage if they so choose.

Replacement Cost. Require the FEMA Administrator to incorporate up-to-date replacement cost, by structure, when calculating annual chargeable premium rates, as opposed to the current practice that relies upon a national average.

Coast vs. Inland. Require the FEMA, when calculating annual chargeable premium rates, to consider the differences in properties located in local coastal and inland areas.

Mitigation Credits. Authorize FEMA to provide policyholders with credits for actions to mitigate the flood risk of their property.

Flood Mapping

Community Mapping. Allow localities to elect to use their own resources to develop their own alternatives to NFIP flood maps subject to minimum standards developed by FEMA.

Beyond Mapping. Require FEMA to use other risk assessment tools, including risk assessment scores, in addition to applicable flood rate maps when determining annual chargeable premium rates.

Map Appeals. Create a new appeals process for states, local governments, or the owners or lessees of real property who want their maps updated.

Mitigation Credits

Community Mitigation Plans. Require covered flood prone areas to develop a community-specific plan for mitigating continuing flood risks if they have 50 or more repetitive loss structures or 5 or more severe or extreme repetitive loss structures.  Communities that fail to develop or make sufficient progress in executing their plan would be subject to certain sanctions.

Community Credits. Provide communities that have joined its Community Rating System program with appropriate credits in calculating their annual chargeable premium rates when those communities implement or benefit from measures that protect natural and beneficial floodplain functions.

Property Acquisition. Authorize a pilot program to provide financial assistance for states and local communities to purchase properties located in participating communities from eligible low-income owners that have incurred substantial damage from a flood event.

Claims Handling

Fraud Penalties. Require FEMA to prohibit false or fraudulent statements connected to the preparation, production, or submission of claims adjustment or engineering reports.

Policyholder Appeals. Codify the due process protections for policyholders established after Superstorm Sandy by FEMA for individuals wishing to appeal a full or partial denial of their NFIP claim by their insurance company, and require FEMA to provide policyholders with a written appeal decision that upholds or overturns the decision of the insurer.

Deadline For Claims. Require FEMA to make final determinations regarding the approval of a claim for payment or disapproval of the claim within 90 days of the claim being made.

Write Your Own (WYO) Company Litigation. Provide FEMA with additional authorities and responsibilities for overseeing litigation conducted by WYO insurance companies acting on behalf of the NFIP. Ensure that WYO litigation expenses are reasonable, appropriate, and cost effective. Give FEMA the authority to direct litigation strategy as necessary.

Underpayment Of Claims. Align penalties for WYO insurance companies that knowingly underpay claims for losses covered to be commensurate with the NFIP’s penalties applicable to overpayment of such claims.

Technical Assistance Reports. Restrict the use of outside technical reports by WYO insurance companies and the NFIP direct servicing agents.

The draft bill follows some of the recommendations in a flood insurance report by the Government Accountability Office (GAO).

Reinsurers’ Report

On the same day that the House proposal was unveiled, the Reinsurance Association of America (RAA) released a report claiming more private sector involvement in the flood insurance market could save billions in taxpayer dollars.

RAA’s findings are based on a comparative analysis between the NFIP and Florida Citizens Property Insurance Corp., a government-subsidized property insurer that has been following a “depopulation” strategy of having private insurers assume blocks of its business, while also increasing rates and investing in reinsurance.

According to the analysis, if the NFIP took actions similar to Citizens, it could reduce taxpayer exposure by 31 percent and would decrease the additional Treasury financing required to pay losses on floods that have a 1 percent chance of occurring by 91 percent over the next four years.

“Increased competition from the private sector would not only reduce the NFIP’s size and debt, but would ensure that the federal program remains sustainable for years to come,” said Frank Nutter, president of RAA.

 

Source: Insurance Journal

Maritime: The Next ‘Playground’ For Hackers

Cyber-security specialist CrowdStrike will be warning of the dangers the shipping industry faces from at hackers at Nor-Shipping 2017.

Appearing alongside the American Bureau of Shipping (ABS), CrowdStrike will lead a session focusing on the tactics, techniques and procedures of ‘invisible pirates’, and the actions the industry can take to rebuff them.

“Maritime has been described as ‘the next playground for hackers’,” said Crowdstrike’s John Titmus, director, EMEA – cybersecurity strategy advisor. “It’s an industry revolving around high value assets, moving valuable cargoes, that is transitioning to an increased reliance on digital systems. Smart shipping and the advent of broadband communication between ship and shore can unlock huge potential for the sector. Unfortunately that’s also true for the criminal fraternity.”

The joint CrowdStrike and ABS event takes place as part of Nor-Shipping’s Disruptive Talks program on May 31.

 

Source: Seatrade Maritime News

What’s Next After ‘Massive Disruption’ From Latest Cyber-Attack? A View From The Trenches

As the cyber-attack continues to spread around the globe causing massive disruption and damage for universities, hospitals, automakers and many other businesses including FedEx, only one thing is certain: It won’t be the last.

That’s because the cyber criminals are running a multibillion-dollar enterprise with the help of ultra-sophisticated tools, said Yuri Frayman, co-founder and CEO of Aventura-based cybersecurity company Zenedge. The company, which launched in 2014 after two years of development, helps companies worldwide protect their web applications and networks against cyber-attacks with its proprietary technology.

“If this was not a wake-up call to the corporate world, I don’t know what needs to happen next,” said Frayman, offering his view from the trenches. “About 220,000 companies have been hit, and this is just what we know. We are seeing a massive disruption in the network operations across the globe.”

A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing on Saturday. Thousands of companies were hit with a huge ransomware attack over the weekend that locked up computers and held users’ files for ransom in hospitals, companies and government agencies. (PHOTO CREDIT: Mark Schiefelbein AP)

None of the firms his company protects have reported any disruptions from the so-called “WannaCry” ransomware virus, he said. But as the attack has unfolded, Zenedge has been talking with industry security specialists around the globe about how they are mitigating the damage and seeking to stabilize large infrastructure companies.

What really worries Frayman is what comes next in this attack, and ones to follow. Companies such as FedEx will throw everything at this problem in the next three or four days at an unbelievable cost, said Frayman, who has himself been expecting a FedEx delivery for the past two days. But less-sophisticated firms may may not even know a virus lurks in their system.

 “A second problem is the massive shortage of cyber-security experts. The enemies are hackers who are years ahead, Frayman said.  “Telecommuting also creates risk. Ninety-eight percent of the world population doesn’t know if their home has been hacked. If I have your home, I can hack your corporate environment. Many people around the world work from home, and that is another black hole that is ready to explode.

The solution – beyond turning off the internet – is commitment to vigilance. Generally, the largest financial services companies are very proactive, appropriating the proper budget, staff and training and putting key processes in place. But take a step outside of that and you will see across the board that corporations have not taken this seriously. Hiring a chief security officer is not enough. It’s not about buying cyber insurance and hiring a couple of people – it’s about discipline. Having a dedicated staff and/or vendors whose single task is to secure and protect the company is key. So is continual staff training. You can’t just be clicking anymore…. Hackers are using very sophisticated tools to mimic regular emails you get every single day. If you click on one that downloads a virus, it eventually could discover the system administration credentials. Once the hackers know those, they can do whatever they want.”

Zenedge currently has about 250 clients spanning the financial, ecommerce, gaming, healthcare and manufacturing industries worldwide and also protects large internet service providers, said Frayman, who previously helped lead and sell four other companies. Zenedge raised $6.2 million in September to finance its global expansion; in total, it has raised $13.7 million in venture capital funding.

“Every single attack, every single malware, we take it apart, and we train our algorithyms to be able to pick up the behavior of an attacker,” Frayman said. “If you train a computer to think like a human, then you can protect as many customers as we do without a need for a human interaction.”

 

Source: Miami Herald

What To Do About Insurance Sticker Shock

Owners and buyers of multifamily housing are experiencing sticker shock when they refinance, sell or purchase properties.

Insurance premiums have jumped as much as 25% because of the broadened insurance requirements set forth by lenders.

GlobeSt.com caught up with Ryan Cassidy and Evan Seacat, both senior directors at Franklin Street Insurance Services, for a deeper understanding of why lenders have changed their standards and what owners and buyers can expect in part one of this exclusive interview.

GlobeSt.com: What caused originators and buyers of multifamily mortgages to change insurance requirements on multifamily properties?

Ryan CassidyThey were caught by surprise just as much as the rest of us by events of the past decade. Their overall requirements have become stricter, causing panic from multifamily owners. The government-sponsored enterprise also will not accept into its network multifamily properties with policies that limit or exclude from coverage natural causes of damages such as flood, hail, hurricanes and wind. Loss of rental income as a result of the before mentioned perils has become one of the most sought after coverages. The cost to add this specific item is one of the most expensive for owners. Freddie Mac has similar requirements.

GlobeSt.comAren’t those kinds of coverages to be expected even though we have not had a major terrorist attack like 9/11 or a hurricane like Wilma in more than a decade?

Evan Seacat: First, owners are having trouble finding standard policies that include these provisions, for a reasonable price. On top of the overall expense for the added coverage, this can be a very time-consuming exercise. Therefore, national and local proprietary programs are becoming more common and the level of interest has risen for property owners.

GlobeSt.com: Fannie Mae and Freddie Mac are the biggest financers of multifamily housing. But there must be alternatives.

Ryan Cassidy: Yes, but we have found that lenders providing financing for private portfolios are adopting similar rules, giving owners and buyers fewer ways to avoid the requirements. And most banks are making it harder to meet the insurance requirements.

 

Source: GlobeSt.

How The Insurance Industry Could Change The Game For Security

The recent growth in the cyber insurance market is already improving cybersecurity in some industry segments, and has the potential to do more — if the industry is able to address its data problem.

One area where cyber insurance has already made an impact is in the retail space, said David White, founder and COO at Axio Global, a cyber risk company. After the 2013 Target breach, it became very difficult for retailers to get a decent price for cyber insurance unless they had completely switched over to end-to-end encryption, or had a definite plan in place for doing that.

“I spoke to a large retailer at a conference a year ago who was wringing their hands because they could not buy cyber insurance — the sort that would cover a payment card data breach,” White said. “Their problem was that they had not allocated the funding to install end-to-end encryption and were not even planning to in the foreseeable future. The risk manager told me that they had approached the insurance market annually for several years and all she could get were ‘FU quotes.’ The cyber insurance industry has been a substantial force in driving retailers to adopt end-to-end encryption.”

Next, White said, he expects insurance companies to start insisting on anti-phishing awareness programs, strong network segmentation, and network hygiene controls for industrial control systems.

“A decent analog is the presence of sprinkler systems and other fire suppression systems as a consideration for property insurance,” White said. “Organizations don’t stop buying fire insurance because they install a sprinkler system, but they do get more attractive rates.”

“Insurance companies are helping set some general standards cybersecurity,” said Mark Sangster, vice president and industry security strategist at eSentire. “And it’s not just for the point at which the policy is written, he added. Insurers are adding language to contracts that require companies to maintain a particular level of security. For example, you must do annual cybersecurity training, and if you do those things, you can have the policy and it will cost you this amount. That’s like them saying, if you’re caught doing reckless driving, your auto insurance is null and void. I think they are one of the top influences at the moment when it comes to what cybersecurity policies and procedures need to be looked at.”

Insurance companies are asking for minimum controls, agreed Jenny Soubra, head of the U.S. cyber practice at Allianz Global Corporate & Specialty. But they’re also starting to go beyond that, with more services, she said.

“Pre-loss mitigation services offered by carriers have just become table stakes,” Soubra said. “Everyone wants their clients’ risks to be improved.”

And that translates to better security, she said, as companies become more aware of their vulnerabilities and take steps to close the gaps, train their employees, and reduce response times. But there’s a limit to how much insurance companies can actually do when it comes to measuring risk, she said.

Cyber Insurance Lacks Hard Actuarial Data, Technical Experts

According to Soubra, the insurance industry is still 30 to 50 years away from having a standardized cybersecurity data set, with relevant actuarial data, that it can pull insights from.

“The threat vectors are constantly evolving,” Soubra said. “There are new ways to get into the system, new types of ransomware are constantly being created. This, in turn, has the coverage that we’re offering constantly evolving. So we’re collecting new types of data that we weren’t collecting in the past. It doesn’t help that it’s difficult for insurance companies to share data. We need a way to standardize the data, share it, and repackage it in a way that would be useful.”

For example, insurance companies are often bound by non-disclosure agreements, and there’s no central body that collects cyber information — like, for the example, the Federal Aviation Administration does for airplane accidents and the National Highway Traffic Safety Administration does for driving.

“We need a way to standardize the data, share it, and repackage it in a way that would be useful,” Soubra said.

Instead, what happens is that insurance companies mostly sell coverage for loss of personally identifiable information and to cover the costs of business interruption due to cyber attacks, said Adam Thomas, principal at Deloitte Cyber Risk Services. The way it works is that companies looking to buy insurance fill out a questionnaire, then their insurance broker sets them up on a conference call with half a dozen carriers.

“It’s a high-level assessment — there’s not a lot of substantiation going on,” Thomas said.

And on the call itself, the carriers tend not to ask probing questions — they don’t want to give away their trade secrets to their competition, and they don’t want the client to think they’re hard to do business with.

“So that’s about as much due diligence as insurance companies do,” Thomas said. “And more recently, some of those calls have gone away because it was too much pressure on the customer.”

The cyber insurance industry doesn’t have anywhere near the kind of deep expertise as, say, property and causality, life insurance, or automotive.

“You’d think they’d take their actuarial knowledge, analytical knowledge and amass a ton of information about the claims they paid out, what the underlying causes were, so they can improve their policies,” Thomas said. “And the reality is, they haven’t.”

Instead, the industry is struggling with a dramatic shortage of personnel and a problem with getting good actuarial data.

“Most people writing cyber insurance don’t have technical backgrounds,” Thomas said. “They come from writing some other type of property and casualty insurance. They need to hire better people — and collect more data.”

And the data is another problem. In cyber insurance, the risks change more quickly than in any other type of insurance. Cars don’t — yet, at least — deliberately try to find new ways to kill their drivers. Tornadoes don’t deliberately aim for trailers parks. But cyber criminals actively look for news ways around security controls, and when they find something that works not only does the news spread quickly to all the other criminals, but through the use of automation, botnets, crimeware-as-a-service and other tools the criminals can launch fast, massive attacks against, well, everybody.

Take ransomware, for example. SonicWall saw the number of attacks go from just 3 million attacks in 2014 to 638 million last year. That added up to $1 billion in profits for the ransomware industry. As a result, there are very few hard criteria for insurance companies to use when pricing policies. “It’s largely qualitative, not quantitative,” said Thomas.

They can look at the total amount of data at risk, and cost of responding to breaches and outages. Insurance companies also look at compliance — does the customer meet PCI or HIPAA requirements, or the new financial services regulations in New York State? And these kinds of guidelines don’t help much when the threats come out of the blue.

“Last year, our industry saw a large-scale cyber incident that never occurred before,” said Mike Donaldson, solutions specialist at Bay Dynamics. “We had a DDoS attack executed successfully across millions of endpoints that took down some major retailers.”

The number of vulnerable endpoints is increasing, he added, and now includes cars and medical devices and cameras. That means that an insurance company may be dealing with tens of thousands to millions of endpoints. “That makes it very challenging to assess risks,” he said.

Plus, many companies use third-party services — such as the cloud services providers hit by the recent DDoS attack. In some ways that creates the possibility of wide-ranging, catastrophic risks. But in other ways, using third-party services can improve a company’s risk profile, if the vendor is doing a particularly good job in security. So, for example, a car owner might pay a lower insurance premium if they buy a safer car.

“The cyber insurance industry has not leveraged the same telemetry to make the same kind of decisions,” said Rajiv Gupta, CEO at Skyhigh Networks. “Part of it is that the cyber insurance industry is much younger than the auto insurance or home insurance industry. And, in many cases, the industry is still not even aware that there is a way to objectively determine, or as objectively as possible, what is the security posture of a company.”

One issue is that, traditionally, the insurance industry has been backward-looking, said Steve Durbin, managing director at London-based Information Security Forum. But in technology, a focus on the past isn’t particularly helpful when everything changes so quickly.

“The challenge for insurance companies is more of a cultural or mind shift change that we have to embrace,” Durbin said. “Insurance companies will have to look at predictive analytics until we reach the point where they can combine them with actuarial data. Until then, i think it will be quite challenging for them.”

Uninsurable Risks

When there’s a lack of hard data or strict compliance requirements, getting cyber insurance may be difficult or almost impossible.

According to the Information Security Forum, there is currently little or no insurance available for catastrophic risks such as critical infrastructure failure or state-sponsored attacks, operational mistakes, reputation damage, industrial espionage, and loss of intellectual property or trade secrets.

According to the Ponemon survey, inadequate coverage was a major reason not to purchase cyber insurance for 36 percent of companies, tying for first place with the high price of premiums. And too many exclusions, restrictions and uninsurable risks were cited by 27 percent of respondents. And if a company does get coverage, it may be difficult to get a payout.

“The onus is on the company to prove that their controls were adequate but they still got breached and the insurance company should pay up,” said Javvad Malik, security advocate at AlienVault. “It’s never an easy process. It doesn’t help sometimes that breaches don’t get discovered for months or years. It’s kind of like health insurance. Are you covered for existing conditions? This is where it really gets messy.”

The Problem Of Low-Value Policies

One of the reasons that insurance companies might not be doing as much research and analysis as they could, and requiring serious risk assessments on the part of their customers, is that the dollar values of the policies are still relatively low.

“They’re not risking a lot,” said Itzik Kotler, CTO and co-founder at SafeBreach, an automated penetration testing company. “As the industry grows, then they will revert into more means of measuring the risk.”

SafeBreach has insurance companies as customers, he said, but for internal security testing — not as a risk control for their clients.

“As the industry grows, and companies want to purchase bigger policies, with more money, then the question of how insurance companies will mitigate their risk will be more relevant,” Kotler said.

The global cyber insurance market is now over $3.25 billion, and is expected to reach $20 billion by 2020. The entire US insurance market is more than $500 billion, so that might not seem like much at first. But it’s a significant change for the industry.

“Insurance companies are extremely excited about the product because it’s probably the first new insurance product that they’ve been able to take it to the market in the last 80 to 90 years,” said Deloitte’s Thomas. “So there’s a lot of emotional excitement about it.”

And there’s a lot of room for growth.

According to recent research from the Ponemon Institute, the average company only has 15 percent of their information assets covered by insurance — compared to 59 percent for property, plant and equipment. That’s despite the fact that the average potential loss for the information assets is greater — $979 million, compared to $770 million.

Today, there is only a very small number of large writers, with over $100 million in cyber insurance premiums, according to a report by Betterley Risk Consultants.

There are several insurers in the $50 million to $100 million range, several more in the $25 million to $50 million range, and numerous insurers less than $25 million, the report said.

“That’s more that 60 carriers that offer cyber insurance altogether,” said Marc Schein, risk management consultant at New York-based Marsh & McLennan Agency. “Some carriers are offering it as a standalone product, other insurance companies will offer it in a package.”

Source: CSO

Insurance Triple Play: Three Recommendations For Companies

NJBiz.com recently talked to Michael J. Faul Jr. a shareholder in the Warren, New Jersey, law firm of Herold Law, P.A.

Mr. Faul concentrates his practice in the areas of complex commercial litigation, insurance coverage disputes, minority shareholder disputes, corporate fraud, and environmental litigation.

Here are the three things Mr. Faul recommends that companies should focus on regarding insurance:

Recommendation No. 1 – FOCUS

Focus on maximizing reclaimed amounts that are recovered under many lines of insurance, including D&O, E&O, public officials and employment liability, fiduciary liability, commercial, property and casualty, fire, theft and premises liability.

Redommendation No. 2 – SEEK

Seek counsel on all phases of complex insurance claims. Insurance coverage is a highly specialized area of the law and only experienced insurance counsel can navigate and expedite the recovery of insurance proceeds. Often, companies unduly rely on their brokers only to find out later on that the broker may be responsible for the lack of coverage or delay in recovering insurance proceeds.

Recommendation No. 3 – LEARN

Learn if corporations, officers, directors or individuals that are subject to government investigations have insurance coverage to defray the costs associated with the defense of such costly investigations.  Financial institutions, health care and financial sectors, financial service companies, insurance companies, security and commodity brokers and dealers, retail apparel companies, construction, waste management and a variety of other industry wide companies which may be regulated by federal, state and local agencies including state attorney general’s offices can be the subject of such investigations.

 

Source: NJBiz

Facing Rising Sea Levels And Greater Insurance Risk, Southern Florida Braces For Relocations, New Flood Design Standards

The moon over South Florida looked like a swollen grapefruit in November, its reflection rippling off pools of ocean water that bubbled up through storm drains, crept over seawalls, and swallowed Miami streets.

It was a “supermoon,” about 17,000 miles closer to Earth than usual, according to NASA, arriving just in time to supercharge the seasonal high waters known as king tides. The water made an island out of the lifeguards’ shack on Matheson Hammock Park, swept “No Wake” signs from marina harbors onto city streets, and marooned a live octopus in a parking garage along Biscayne Bay.

On days like these, it’s obvious that much of the region now home to about 7 million people began as a network of swampy canals meandering from the Everglades to the ocean. Sometimes nature conspires to remind the city of this fact, as it did in November 2016.

Lately those reminders have become more frequent. The rate of sea-level rise has tripled over the last decade, according to a recent study from the University of Miami, bringing with it more frequent coastal flooding. The U.S. Army Corps of Engineers projects that Miami-Dade County will see about 15 inches of sea-level rise by 2045. And because South Florida sits on porous limestone bedrock, saltwater is not just encroaching on coastal communities, but gurgling up from below.

Right now it’s a nuisance, but over the lifetime of a mortgage, flooding in South Florida could threaten tens of billions of dollars of real estate and upend development in the country’s 10th largest metropolitan area. Architects, planners, and developers are just beginning to overhaul the urban landscape, laying the groundwork for a sweeping transformation of building codes, municipal infrastructure, and design norms that could save the city from rising seas.

The crucial question is: Who will change that built environment? Will it be architects and city officials, safeguarding South Florida against the effects of climate change as the world’s living laboratory for so-called climate resiliency? Or is nature coming to reclaim Miami as a swampland?

Higher Ground

South Florida’s development boom is so lucrative it seems inevitable that it will continue. Before the city was founded in 1896, however, it wasn’t clear that the mouth of the Miami River would ever be anything more than a mosquito-infested trading post—until the industrialist Henry Flagler dragged his railroad south from Palm Beach along the highest ground he could find: a coral ridge between 12 and 25 feet above sea level. The tracks reached Biscayne Bay on April 22, 1896. Three months later Miami was incorporated.

Today, Miami is a bustling, sprawling urban landscape that has been remade to suit cars, but some planners say that the same limestone ridge Flagler used could anchor climate-friendly development.

The Urban Land Institute is drafting a plan for the Arch Creek Basin, a mostly low-lying area straddling 2,800 acres and four municipalities, as well as unincorporated Dade County, around one stretch of the railroad. Primarily poor people of color, the residents of Arch Creek face a severe threat from sea-level rise—one that could eventually force them to abandon the area. The development would be flood-resistant and transit-oriented, dense with mixed-use buildings and affordable housing, but also with a health clinic, backup generators, and other resources that could come in handy during disasters.

At a charette in November, designers Gustavo Sanchez-Hugalde, Max Zabala and University of Miami professor Sonia Chao presented their idea for a flood-resistant transportation hub at Northeast 125th Street. It would be transit-oriented development, dense with mixed-use buildings and affordable housing, but also with a health clinic, back-up generators and other resources that could come in handy during a disaster.

“Think of these as not just transit but resilience stations,” said Chao.

In the long run, South Florida’s scarcity of higher ground could also make its elevated areas more valuable as waters rise. That could exacerbate gentrification in minority neighborhoods with relatively high elevations like Liberty City and Little Havana.

“It’s a matter of time until investors will head for the higher land,” said James Murley, chief resilience officer for Miami-Dade County.

But climate change isn’t forcing people out of their homes just yet. Asked if climate change is a driving force for gentrification in Miami, Murley is skeptical, but others are starting to look toward the future.

“Right now we’re experiencing more of the classic gentrification that comes with a growing real estate economy,” Murley said.

While the mainland mulls long-term plans to adapt to rising seas, the coastal barrier island of Miami Beach is busy building.

Planning For High Water

Over the next five years, the municipality of Miami Beach will spend $400 to $500 million on flood defenses, installing 80 new pumps, raising roads, and strengthening seawalls across the city. So far the city has funded about $200 million of that project by more than doubling stormwater fees.

A law passed last year requires the owners of buildings larger than 7,000 square feet to pay a fee if they don’t get certified as at least LEED Gold. The builders of properties that don’t get LEED certified at all get slapped with a fee equal to 5 percent of their construction costs. That could help raise money for future infrastructure investments.

Miami Beach also requires new buildings to be at least one foot above the base flood elevation of six feet above sea level. As an additional incentive for developers, the city won’t count the raised elevation of a flood-proofed site toward the project’s height limit or floor-to-area ratio.

Miami Beach environment and sustainability director Elizabeth Wheaton said the new requirements wouldn’t stunt development.

“Developers want to build here,” Wheaton said. “They’re going to do what’s required.”

The first building completed under the new elevation requirements is Jean Nouvel’s Monad Terrace, a 59-unit luxury residential tower on the waterfront in South Beach. Nouvel built Monad Terrace’s ground floor more than 11 feet above sea level, elevating all of the building’s interior spaces and its entrance high enough to ward off flooding.

Building high is an increasingly popular choice for private residences, too. The local architect Rene Gonzalez, known for his high-end modernist houses, is building four new homes in the area that are modeled on mangroves—propped up with stilts and columns for an additional layer of privacy that also affords the owner some long-term insurance against flooding. Gonzalez designed his own home on Belle Isle the same way.

“It’s a responsibility that every architect should take on,” said Gonzalez. “Building a house up is not a luxury. It’s a necessity in our current environmental climate.”

For now, however, most of that work is clustered in tony Miami Beach. In Miami-Dade County at large, where nearly half of all residents live in poverty, there are fewer options.

Because saltwater rises up through South Florida’s porous limestone bedrock, it’s not just coastal communities that are at risk. Many of the most threatened areas lie miles inland, in suburban and often low-income areas of Miami-Dade and Broward County that can’t afford to elevate all their homes and streets.

“It’s unavoidable that there will be relocations,” said Anthony Abbate, an architect based in Fort Lauderdale in Broward County, just to the north of Miami-Dade. “It’s a difficult conversation but I think we’re on the verge of having it. This has to be a conversation with the people, with the public.”

Miami-Dade is in the middle of a vulnerability analysis for major infrastructure, from its airport to its water system, identifying “adaptation action areas” where city planners might best focus their efforts.

“There’s a lot of work that needs to be done and it needs to be done in short order,” said Abbate.

Some of that work is already underway. The newest addition to the county’s hospital system will pioneer a flood-friendly approach in the recently incorporated town of Doral, just west of Miami International Airport. Designed by Perkins + Will, Jackson West hospital will devote most of its 27 acres to green space and a retention pond to store runoff not just from the built-up part of the site that will house the hospital, but from the developments surrounding the site. Construction is set to begin later this year and the hospital could open in 2020.

Risk And Reward

Perhaps before it faces up to the force of nature, however, South Florida may have to reckon with its runaway real estate market. Wayne Pathman, a land-use attorney and chair of Miami’s Sea Level Rise Committee, said the face of Miami’s climate crisis might not be a natural disaster, but a collapse of the insurance market.

“Flood insurance is going to be the tip of the spear,” Pathman said. “Unlike hurricanes, which are a single event that may not happen for years at a time, sea-level rise is a constant. Once it’s here, it’s here, and it’s never going to get better.”

Pathman said some of his clients with property in Miami Beach and North Beach are already seeing a 500 percent increase in their flood insurance premiums. For now, that’s manageable, he said, because they were probably underpriced in the first place.

“When that jumps as high as $50,000 over the next 10 years, which it will, that’s alarming,” Pathman said.

Areas that today flood two or three times each year could see water in the streets every week, and banks may stop offering mortgages there. That could have ripple effects across the region, Pathman said, jeopardizing tourism dollars and property-tax revenue that Miami-Dade and Broward counties will need to fund new climate-resilient infrastructure.

“Those are our only two industries here in South Florida,” Pathman said. “If we don’t start dealing with the insurance risk, all the ideas we come up with for future infrastructure will be cost-prohibitive because we won’t have any money.”

Reinaldo Borges, an architect who sits on the sea-level rise committee with Pathman, said the luxury houses and museums already built to deal with higher seas show climate-resilient design can provide a return on investment.

“If you design correctly,” Borges said, “you shouldn’t be worried about insurance risk.”

Borges has a checklist for clients who are looking to invest in the future of Miami real estate—not just flip property for a profit. It includes elevating building mechanical systems, installing hurricane-proof windows, and planning for severe floods.

“For a building like that, all you have to do before a storm is bring your pool chairs inside,” Borges said.

Climate-proofing one building may be a straightforward design problem. Saving a metro region of 7 million is something else.

Borges came to Miami when he was six years old, brought from Cuba by parents who sought a better life for their children. Today he has two daughters, ages 23 and 29, and he has the same hope for them.

“When you’ve got political leadership in denial, these are challenges I’m concerned about,” said Borges. “This is a world-class city, but people are starting to ask if this is the place they really want to invest.” 

 

Source: The Architect’s Newspaper