This is a taster of an article published in the latest edition of EXPOSURE magazine. For the full article click here or visit the EXPOSURE website.
With the main benefits of Cloud computing now well-established, EXPOSURE explored why insurance and reinsurance companies have demonstrated some reluctance in moving core services onto a Cloud-based infrastructure.
While a growing number of insurance and reinsurance companies are using Cloud services (such as those offered by Amazon Web Services, Microsoft Azure and Google Cloud) for nonessential office and support functions, most have been reluctant to consider Cloud for their mission-critical infrastructure. Simply moving a legacy offering and placing it on a new Cloud platform offers a potentially better user interface, but it’s not really transforming the process.
EXPOSURE also asked whether now is the time for market-leading (re)insurers to make that leap and really transform how they do business, embrace the new and different, and take comfort in what other industries have been able to do.
On September 8, 2018, Marriott International received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. A subsequent investigation carried out by security specialists firm Kroll, determined unauthorized access had taken place. As the investigation progressed, Marriott discovered that the Starwood network had been accessed since 2014. An unauthorized party had also copied information and had taken steps towards removing it.
In its statement on November 30, Marriott stated that it had not finished identifying this duplicate information in the database, but believed it impacted around 500 million customers. For approximately 327 million of these guests, the information includes some combination of name, address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, and arrival and departure information. For some, the information also includes payment card numbers and expiration dates, but the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128).
With regards to the potential perpetrators, rumors have spread that Chinese state hackers might have been behind the cyberattack, although as with most cyberattacks the attribution to a specific threat actor is a lengthy and uncertain task.
Many of us across the risk management industry actively help communities in need after natural disasters, through donations, working with organizations to promote resilience, or through on-the-ground assistance. Our intimate understanding of the power of these catastrophes makes us acutely aware of the need to act.
This is true for everyone here at RMS, where our values embrace the need to understand risk, build resiliency, and make an impact to help improve the lives of communities who live with the threat of natural disasters. One of the ways we live our values is through our annual RMS Impact Trek, where both RMS employees and our clients work with the social enterprise Build Change in some of the world’s most catastrophe-prone areas.
If you are an RMS client, I would like to extend an invitation to our annual RMS Impact Trek. This is the fourth year that we are sponsoring representatives from our clients to join RMS employees and Build Change so that their skills can be used to build stronger communities.
The worst outbreak of Ebola in the DRC (Democratic Republic of Congo), Africa’s second largest country by area, with a population of over 77 million, has already claimed several hundred lives, and there have been more than three hundred and fifty cases.
Many of the Ebola cases have been in Beni (pop. ~230,000), a major city in North Kivu province, close to the Ugandan border. DRC is a failing state, where the government regime is weak, and cannot prevent militias from pillaging DRC’s abundant mineral resources. One such militia is the ADF (Allied Democratic Forces), which was formed in neighboring Uganda in the 1990s, and operates in the mineral-rich border area in North Kivu province.
The geography of the disease spread is intriguing for epidemiologists. Officially declared on August 1, 2018, this is the tenth outbreak of Ebola in DRC since 1976, but this is the first time that Ebola has affected the far northeast of this vast Central African nation. A crucial risk factor hampering the control of Ebola in this region is the conflict over mineral resources. This has limited the number of inhabitants who can be vaccinated, and restricted the access of health response teams, who are exposed to personal danger such as physical assault and kidnapping. Indeed, insecurity was a factor delaying the alert to the actual start of the outbreak, which was several months before the official declaration.
While California wildfires may seem far removed from Atlantic storms, for capital markets investors the fires may make the difference to how 2018 is remembered. Insurance Linked Securities (ILS) eyes are now trained on multi-peril aggregate catastrophe bonds.
It is evident that the opportunities presented by the U.S. private flood insurance market are attracting attention across the industry, and interest in this market is growing. I was recently invited by insurance financial ratings specialist Demotech to be a panelist on their U.S. flood insurance webinar to give an overview and delve into these issues. Joseph Petrelli, president of Demotech was our host, with contributors Fred Karlinsky, co-chair of law firm Greenberg Traurig, and Meg Glenn, consulting actuary at Merlinos and Associates.
The webinar is definitely worth a viewing. Fred started the discussion with an overview of the current state of the private U.S. flood insurance market. The National Flood Insurance Program (NFIP) has towered over the market for the past 50 years, reporting US$3.5 billion of written premium and some 5.1 million flood policies as at the end of September 2018. Florida has 35 percent of all NFIP policies, followed by Texas with 12 percent, and Louisiana with ten percent, with NFIP policies in force in all U.S. states.