Risk Management News & Reports

Below is a collection of important news and reports vital to protecting your company from risk.
Please check back frequently to stay abreast of all the current industry news..

LicataRisk Presents on Cyber-risk to the Treasurers’ Group of New York

Along with law firm Anderson Kill, we provided the latest risk management thinking on cyber-risk to the group at their January 19th meeting at the Yale Club of New York City.

Following is the Group’s announcement:

Joshua Gold from Anderson Kill will join Frank Licata to discuss how corporate practitioners can better position themselves to obtain Cyber claims coverage.   Joshua Gold is a shareholder in Anderson Kill’s New York office. He has represented numerous corporate and non-profit policyholders in various industries, with recoveries for his clients well in excess of $1.5 billion. Mr. Gold is chair of the Cyber Insurance Recovery Practice Group.  Attached is Mr. Gold’s biography.

Networking will begin at 5:30pm followed by dinner at 6:00pm and the program at 6:45pm to allow enough time for Q&A.

Topic:  Cyber Insurance – Getting Your Claims Covered

We’ve previously discussed cyber threats, schemes and corrective measures to IT systems.  We know WHAT can happen; the question now is what can we do about it:

  • Cyber insurance
  • The insider threat – how is this loss covered?
  • Pitfalls in the application process
  • Coverage gaps, how to avoid them; did you know coverage terms were negotiable?
  • Interaction between computer fraud and funds transfer theft in the crime policy with the cyber coverage
  • Insurance for social engineering

Speaker:  Frank Licata, President of Licata Risk Advisors, a risk an insurance advisory and management firm.  Mr. Licata is a frequent lecturer involving cyber threats. He is the past president of the Massachusetts Society of Licensed Insurance Advisers, and has numerous honors and dedications including Adjunct Faculty, Finance Department, Babson College, Wellesley, MA and Adjunct Faculty, Finance Department, Bentley College, Waltham, MA.

IT Security: Finally a Path to Success!

Risk Intelligence Blog

The Cisco Annual Security Report – 2015 is eye-opening for several reasons:

  1. We know what to do – we are just not executing;
  2. Criminals are moving more toward social engineering as opposed to brute force entry;
  3. Users’ careless behavior is all that is behind a great number of breaches.

We are optimists so this report is heartening.  Why?  Because our job as risk managers just got easier.  A large part of security is just diligence rather than brilliance.

Watch for our full article summarizing the Cisco 2015 report.

Terrorism is Evolving – Our Insurance Decisions Need to Change

The nature of terrorism, and insurers’ actions, mean you need to be aware

 

Following September 11, the federal government created the Terrorism Risk Insurance Act (TRIA) and defined a “certified act of terrorism.”  This worked well for the buyers of insurance initially.  However, the terrorism insurance scheme has become outdated and the insurance industry has also perverted the process.  With awareness, you can protect yourself as a business owner.

There are two issues:

First, the insurance industry has gone to the point of excluding more than “certified” acts of terrorism, so that the buyback of terrorism coverage (opting to “accept” the offer of terrorism insurance) will or can still leave a gap in the coverage with respect to non-certified events.  Thus you would be exposed without coverage to events like the Boston Marathon Bombing (never certified), or the recent events in San Bernadino (probably will not be certified).  We wrote extensively on this particular part of the problem and you can read that analysis here:  http://licatarisk.com/cms/the-precarious-state-of-terrorism-risk-and-insurance/   (Not all insurers have taken this approach of excluding non-certified even if you purchase certified; this is more prevalent in the “surplus lines market” with insurers such as Lloyd’s of London).

The second issue concerns the purchase of the terrorism extension on liability policies.

There are two separate decisions to be made:

If we own and insure property, do we want terrorism coverage in the event of terrorism-caused damage to the property itself?

  1. Do we want the terrorism extension on our liability policy in the event we are alleged to be legally liable to others for bodily injury or property damage from a terrorist event?

Here’s how the changing nature of terrorism impacts that decision:

Until recently, we’ve thought of the following as being the major targets of terrorism:

  • government centers
  • high profile properties
  • high rise buildings
  • large malls
  • huge sporting venues
  • airplanes
  • trains

The concept was that the terrorists would go for the greatest carnage possible, generating the largest worldwide headlines.  Under this model, owners of the target properties and their security firms have had a clear liability exposure.  Other property owners were not likely to be targeted and would not reasonably be held liable if the unexpected were to happen.

Now, under conditions of smaller, more frequent attacks, the liability equation might be altered.  Experts in terrorism now point to a different model involving:

  • lone wolves
  • home grown terrorists
  • sleeper cells already in the country
  • smaller, more frequent events
  • a general randomness of the targets and a sense that it can happen anywhere

The news is full of talk of “the new normal,” and speculation we will become an Israeli-like permanent security state.

If terrorism attacks become more diverse, more frequent and more target- neutral, terrorism becomes like any event that causes injury and leads to lawsuits.  We have liability insurance for this in general, but now it may be excluded by a terrorism exclusion (excluding either certified or non-certified, or both) if it happens to be terrorism-related.   So it has come full circle.  Terrorism was once thought of as having so massive a loss potential that the insurance industry could not handle it and they would need the backing of the gargantuan federal government in order to pay the claims.  Now, though, if the exposure becomes more like the multitude of other loss-causing perils, but the exclusions remain, it will be the unsuspecting little guy who pays the bill, not his or her insurer, a truly unique (and unfortunate) situation.

Plaintiff attorneys are likely right now crafting their theories of liability related to San  Bernadino.  Whether this has any ethical validity or not, business owners and property owners who are victims of these terrorist attacks will experience  follow-on attacks by the plaintiffs and their lawyers.

Our recommendations to clients are now evolving.  In the past we purchased terrorism on property policies in the vast majority of  cases, but on liability to a much lesser degree.  We now see the liability exposure increasing, and will recommend terrorism coverage in many more cases.  Again, for a primer on this difference between certified and non-certified, and how you can protect yourself walking through that minefield, please read here:  http://licatarisk.com/cms/the-precarious-state-of-terrorism-risk-and-insurance/ .

© Licata Risk & Insurance Advisors, Inc., 2015

[return to top]

Risk Management News & Reports Archives

[return to top]