A Glimpse of the Future of Insurtech Paul Carroll, Editor-in-Chief of ITL Today’s announcement that Bold Penguin is acquiring RiskGenius marks a milestone in the maturation of the insurtech movement. I’ve known Chris Cheatham, the co-founder and CEO of RiskGenius, for years and have closely followed the developments of what I have often described as my favorite insurtech. So, under embargo, I chatted with Chris to ask him to summarize how he surfed the first wave of insurtech so successfully and where he sees the movement going from here. The deal feels to me like maturity because it exemplifies how insurtech has moved past some early ideas (e.g., that a Big Tech company like Amazon or Google would invade insurance and lay waste) and some early models (such as peer-to-peer provision of insurance coverage) that have yet to pan out. Instead, the Bold Penguin acquisition of RiskGenius exemplifies what I suspect will be the dominant model for some time: one where a company acquires a smaller firm for a particular skill or technology and incorporates it into the acquirer’s products and services... continue reading > SIX THINGS Why Haven’t More Startups Failed? by Stephanie Dalwin Insurers appear to be focused on tactical initiatives that can produce more immediate results in the pandemic, and insurtechs have the tools. Read More COVID, and How to Pivot to Innovation by Vivek Wadhwa The pandemic has almost shut down entire industries, forcing companies to adapt -- and doing incredible things for a pivot to innovation. Read More 6 Cybersecurity Threats for Insurers by Jordan MacAvoy The insurance sector faces a bigger threat than most industries because insurers deal with extremely sensitive data. Read More Optimizing Insurance’s Role in the Pandemic by Jason Schupp Policymakers must thoughtfully position insurance industry capabilities where they can have the greatest impact. Here is a proposal. Read More Secret to Leadership in Insurtech Innovation by Steve Boyd You need more than a product. You need to surround the product with proper execution, the right people and sustainable partnerships. Read More Managing Customer Opt-Ins in New Normal by Tara Kelly Insurers need a single source of truth on opt-ins and opt-outs across the enterprise to solidify the relationship with the customer. Read More GET INVOLVED Write for Us Our authors are what set Insurance Thought Leadership apart. Get Started Partner with Us We’d love to talk to you about how we can improve your marketing ROI. Learn More SPREAD THE WORD Share Share Tweet SUBSCRIBE TO SIX THINGS

In most insurance companies, it is time to take out the 2020 budget and see where line items need to move for next year. Did the claims organization meet objectives? If not, what adjustments need to be made? What technology partners were aligned with the organization at the beginning of the year? And how do those initiatives need to be moved forward?

It sounds like a reasonable place to kick off from, right? Actually, the answer is probably “no.” If 2020 claims plans are the baseline for 2021, I conjecture that this is the wrong place to start.

SMA’s recently released report, Claims Transformation Reset: The Impact of COVID-19, lays out the case for why claims transformation and claims operations have a new performance baseline because of COVID-19. In most cases, many things changed, such as work-from-home (WFH) practices and interactions with customers that are no longer being done face-to-face. The pandemic’s impact is generally part of everyone’s view, but it is still evolving daily.

It is vital for claims executives to reassess other external forces affecting claims operations to effectively plan for 2021, not the least of which are workforce evolution trends and the rapidly changing digital connected world. Much has happened in these two areas, as well as three others outlined in the report. The environment that existed when 2020 plans were developed has dramatically changed.

In particular, an area with both a ring of familiarity as well as notes of a new operating world is the claims ecosystem. Even at the most basic policy level, claims organizations have extensive ecosystems: repair shops, contractors, healthcare providers, attorneys, law enforcement and agents/brokers, and the list goes on. Most claims organizations have traditional ways of interacting with the various segments of their ecosystem. Many of the traditional methodologies may be appropriate, but totally relying on tradition can have pitfalls. Instead, a new lens needs to be applied to the claims ecosystem.

• How has the pandemic affected traditional players? Are organizations such as repair shops, independent adjusters, contractors and healthcare providers also working on a new COVID-driven playing field with related transformation initiatives? It is important that claims management reconnect with their traditional ecosystem partners and understand how innovation can improve outcomes on both sides of the transaction.
• Are there new claims ecosystem players that should become prominent components of 2021 plans? Digital payment providers became mission-critical during the pandemic, but what should the next steps be in the continuing evolution of payments? Given the pace of change, are there new data providers that can surface business insights that should figure significantly in 2021 plans?

See also: COVID-19 Sparks Revolution in Claims

Having had many years of planning experience, I recognize that this time of the year can be challenging, to say the least. However, claims organizations have experienced business-altering change more than most others within corporate insurance operations due to the pandemic. Baselines of customer and employee expectations have been reset. It is not reasonably possible to go back to the comfort of 2020 and do what has been done in years past. In a risk-averse industry, no one is fond of betting, at least from a business perspective. However, given the right set of lenses and a thorough review process, there’s a good chance that bets placed by claims management will have outcomes that “beat the house” and prove valuable.

When only a few employees know how to solve a specific problem or perform a task, the company becomes disproportionately reliant on them to function properly. Too often, when those employees leave, retire or get laid off, the company is left to figure things out on its own.

For instance, many companies have recently laid off employees due to COVID-19. While these decisions might make sense from a short-term financial perspective, risk managers should consider their long-term operational impacts. What if the people being let go are the only ones at the company who can do what they do? Can the company operate normally without them?

Risk managers should always be looking to identify and address these bottlenecks, also known as single points of failure (SPOF). Doing so will prevent critical business continuity issues in the future and help employees and organizations operate more efficiently. Here is why single points of failure are a company’s biggest unrecognized risk, and what risk managers can do to address them.

Background: What Is a Single Point of Failure?

A single point of failure is part of a system that, if it fails, will stop the entire system from working. While traditionally seen in an IT context, SPOFs can take the form of an employee, as well.

Imagine if one employee was asked to design code for a company’s proprietary software. Then, after the employee leaves the company, the software runs into problems. Because no one knows how to manage the code, the company loses time, money and effort trying to address one issue.

This scenario shows three reasons why single points of failure are so detrimental:

1. Complicated processes: Employees tend to work in a way that makes sense to them but not to others, which makes it difficult to transfer work.
2. Reduced collaboration: Relying on specific employees to fix problems or pursue certain projects means less teamwork and prevents others from learning relevant skills.
3. Disrupted operations: If an important employee leaves or retires, it can take a lot of effort and time from others to pick up where that employee left off.

SPOFs don’t present a problem until they do. Because many companies tend to operate in short-term decisions, risk managers should prioritize rooting SPOFs out of their company and taking measures to prevent them. Here’s how.

Step 1: Identify Single Points of Failure by Asking the Right Questions

At Saggezza, the first question we ask clients to help isolate SPOFs is, “What keeps you up at night?” Maybe it’s an IT system going down or payroll not working properly. Are there enough employees who can work to resolve these issues if they occur?

The second question is, “If X person went on vacation for more than a week, would the business be okay?” If not, this could be an indicator that the business is too reliant on that employee to function.

See also: Perspectives on Risk Culture Building

Adjacent to asking this second question is looking for the “superhero complex,” which is when a company consistently relies on certain employees to save it from emergencies. If an organization has lots of emergencies that constantly need superheroes, there are fundamental flaws to the business that risk managers should look to address.

Step 2: Offer Resources to Close Knowledge Gaps

Having a single point of failure means there are processes that many employees don’t know about or knowledge they don’t have access to. Consistent documentation and collaboration can help close these gaps.

Whenever anybody at Saggezza encounters specialized activities or receives information valuable for the entire team, they record a Google Hangout to share their findings. These videos are then transcribed into demos, turned into white papers or written out into step-by-step guides for others.

There are many other ways for keeping employees on the same page, including specialized training and education workshops. The main purpose is to make every employee responsible for documenting knowledge for others to use as a potential resource.

Step 3: Develop an Environment of Extreme Ownership

Single points of failure are a top-down issue. Many managers believe that having one point of contact or one subject matter expert for certain responsibilities is more efficient than having multiple options.

But that can create more problems than it solves.

Instead, companies should establish a culture of extreme ownership. In this environment, every employee understands what’s required, not just of them, but of the entire team, to succeed. These conversations instill personal accountability and reduce the chances of a single point of failure developing.

The Importance of Working as a Team

The word “team” gets thrown around a lot. Ideally, a company should act like a football team, where everyone collaborates and understands the game plan, including both the starters and bench players. This is why eliminating single points of failure is so important. There needs to be a “next man up” mentality so that the company can keep moving forward, no matter what happens.

See also: 6 Cybersecurity Threats for Insurers

Eliminating single points of failure is a long-term process. It requires reflection and time to educate employees on processes and skills that are critical for a business’s success. Taking steps to address these vulnerabilities now minimizes the risk of expensive setbacks later and fosters a culture of extreme ownership.

Today's announcement that Bold Penguin is acquiring RiskGenius marks a milestone in the maturation of the insurtech movement. I've known Chris Cheatham, the co-founder and CEO of RiskGenius, for years and have closely followed the developments of what I have often described as my favorite insurtech. So, under embargo, I chatted with Chris to ask him to summarize how he surfed the first wave of insurtech so successfully and where he sees the movement going from here.

The deal feels to me like maturity because it exemplifies how insurtech has moved past some early ideas (e.g., that a Big Tech company like Amazon or Google would invade insurance and lay waste) and some early models (such as peer-to-peer provision of insurance coverage) that have yet to pan out. Instead, the Bold Penguin acquisition of RiskGenius exemplifies what I suspect will be the dominant model for some time: one where a company acquires a smaller firm for a particular skill or technology and incorporates it into the acquirer's products and services.

I realize that Bold Penguin is itself only four years old -- I wouldn't be surprised to see it eventually acquired by an even bigger company -- but it already had some heft, having raised over $50 million, and has added RiskGenius' 24 employees and $13 million of capital.

As Chris explains the fit, "Bold Penguin focused on delivering commercial insurance faster, getting the insurance bound and issued faster. We help people analyze insurance coverage faster."

Bold Penguin provides an online exchange where brokers can request quotes for clients, which tend to be small and medium-sized businesses seeking nonstandard coverage. The exchange automatically matches those requests with carriers that might be interested in providing coverage, solicits quotes and feeds offers back to the broker and its clients. The process still requires manual underwriting, so it's not like you hit "Done" and instantly get your car insurance quote, but going from start to finish generally takes days, not weeks, as can happen with completely traditional processes.

RiskGenius fits in because it uses artificial intelligence to analyze policies, down to the level of individual clauses. Want to know how cyber coverage compares across policies? RiskGenius can find the relevant language for you, arranged for easy comparison. Want to see at renewal time how an insurer's policy has changed? RiskGenius can help you sort that out, too.

While Chris built a successful stand-alone business (out of that well-known insurtech hot spot Kansas City, Mo.), it seems to me that RiskGenius nests better inside Bold Penguin. Brokers using the Bold Penguin platform will not only get quotes from insurers but will now have a tool they can use to sort through the details of policies and to help customers understand those policies.

Bold Penguin's acquisition of a feature/technology for its platform very much fits the model in Silicon Valley, where some startups don't even try to build a full business. Why bother to build a marketing or legal operation when the acquirer only cares about the technology and would surely shed all the operations people anyway? So, I expect to see more narrow-bore deals like the takeover of RiskGenius.

"If you think about commercial insurance," Chris said, "there are just so many complexities. An innovator should just focus on one thing to fix."

He said he thinks the first wave of insurtech is ending, while wave two is just getting going. (I've seen people say that the first wave has passed startup phase and is into "scale-up" phase, as the best prospects have now identified themselves and are attracting big chunks of capital.)

He is seeing more focus on back-office technologies that can create much-needed efficiencies and less on the sorts of distribution opportunities that showed up so frequently in the first wave of insurtechs, but he generally sees a host of opportunities because of the pandemic.

"COVID-19 has just changed the way commercial insurance will be purchased," he said. "The number of people buying online has surged in the past six months, and that isn’t going to change. That cup of coffee to get to know someone or to review policy details just isn't going to happen."

Chris picked his own niche in classic fashion: He got annoyed at a problem and started a company to fix it, then pivoted when a customer pulled him into a new area that resonated much more broadly. Oh, and he got a little lucky, too.

After law school and a stint at a large firm, Chris became a solo practitioner and worked with clients on claims in the surety and insurance realm. Frustrated with all the paper he had to deal with, he started a company to digitize claims documents.

A customer had a better idea. An underwriter from a big insurer called him in 2014 and asked if she could use his technology with policy documents. Chris and his co-founder, Dan Burchett, agreed and began applying AI to the documents to do even more to help brokers with policy reviews.

"Policy reviews can take days to weeks if they're really complex," Chris said. "Even if a review just takes an hour, if you have lots of small accounts that's still a huge amount of time."

Chris' approach to attacking that problem made so much intuitive sense that he quickly developed a following among those of us following the insurtech world. He was still scrounging for customers, but then the good fortune kicked in. Rick Huckstep wrote a piece about RiskGenius in the Daily Fintech newsletter in January 2016 and called the company "the Google of insurance."

How can you ask for anything better than being called the Google of insurance?

"I was in Iowa doing the conference circuit," Chris said. After getting off-stage, "I opened my phone, and it was flooded with messages. I was standing next to my sales guy, and I thought, 'My gosh, we found a problem that is massive and worth solving.'

"We wound up with hundreds of leads. We never had leads before. I thought, I like this better."

The rest, as they say, is history -- except that I suspect that the RiskGenius deal is also the future. While a few companies like Lemonade will try for massive scale on their own, I think there will be a lot more deals that will pull a capability from an insurtech into a company that can deploy it as part of a broader offering that will have much more impact.

Stay safe.

Paul

P.S. Here are the six articles I'd like to highlight from the past week:

Why Haven’t More Startups Failed?

Insurers appear to be focused on tactical initiatives that can produce more immediate results in the pandemic, and insurtechs have the tools.

Optimizing Insurance’s Role in the Pandemic

Policymakers must thoughtfully position insurance industry capabilities where they can have the greatest impact. Here is a proposal.

COVID, and How to Pivot to Innovation

The pandemic has almost shut down entire industries, forcing companies to adapt -- and doing incredible things for a pivot to innovation.

6 Cybersecurity Threats for Insurers

The insurance sector faces a bigger threat than most industries because insurers deal with extremely sensitive data.

Secret to Leadership in Insurtech Innovation

You need more than a product. You need to surround the product with proper execution, the right people and sustainable partnerships.

Managing Customer Opt-Ins in New Normal

Insurers need a single source of truth on opt-ins and opt-outs across the enterprise to solidify the relationship with the customer.

The first COVID-19 business interruption claim met defeat in a Michigan courtroom three months ago. Since then, courts throughout the country have wrestled with similar motions to dismiss filed by insurance companies.

As summarized in the attached chart, 11 courts have ordered a dismissal. while four court orders have denied the insurance company's motion and allowed the policyholder to proceed to the discovery phase.

Summary of COVID-19 Business Interruption Rulings (Sept. 30, 2020) from Jason Schupp

These 15 rulings fall into three general categories.

1. The Policyholder Alleges COVID-19 Did Not Cause Physical Damage

Direct physical loss or damage is a prerequisite to recovery under standard business interruption coverage. Nine courts have dismissed complaints where the policyholder pointed to a state or local government's lockdown order - not the virus - as the cause of its loss. In all but one of these cases, the policyholder had been trying to avoid the policy's virus exclusion.
So far, this argument has only worked in a state court in Hackensack, NJ. In Optical Services v. Franklin Mutual, the court saw "an interesting argument ... that physical damage occurs where a policyholder loses functionality of their property and by operation of civil authority such as the entry of an executive order results in a change to the property." While characterizing the argument as a "novel theory of insurance coverage," the court found the policyholder should be given the opportunity to develop a factual record to support its argument. Certainly not a ringing endorsement of the approach, but a chance to keep moving forward for now.

2. The Policyholder Alleges COVID-19 Caused Physical Damage

A more successful strategy is to allege COVID-19 causes property damage. The same federal judge in Missouri has twice found allegations that "COVID-19 attached itself" to property as sufficient to survive a motion to dismiss. To keep their cases alive, policyholders must still convince a judge or jury that COVID-19 really did attach to property and that the resulting damage caused a suspension of business operations. Significantly, the policies in both cases did not contain a virus exclusion.

See also: COVID-19: Implications for Business Models

3. The Policyholder Attacks the Virus Exclusion

Three cases have taken the virus exclusion head-on -- two have lost. Federal judges in Florida and California both found the policy's virus exclusion clearly applies to bar the claim. Another federal judge in Florida was not so sure.

In Urogynecology Specialists v. Sentinel Ins., the court seemed uncomfortable with a virus exclusion applying to "fungi, wet rot, dry rot, bacteria or virus." Specifically, "COVID-19 ... does not logically align with the grouping of the virus exclusion with other pollutants." Accordingly, the policyholder has been permitted to proceed into the discovery phase. Two days earlier, the California court in Franklin EWC v. Hartford found this same language to be plain and unambiguous.

Importantly, the other Florida finding that the virus exclusion is unambiguous looked at a different formulation of wording. In Martinez v. Allied Insurance, the court considered an exclusion applying to ""[a]ny virus, bacterium or other microorganism that induces or is capable of inducing physical distress, illness or disease."

So, what do we know about COVID-19 business interruption claims?

• The most reliable formula to survive a motion to dismiss seems to be a policy unencumbered by a virus exclusion coupled with an allegation that COVID-19 itself caused property damage. The hard work follows as the insurer and policyholder litigate the science of the virus and the precise reason the business shut down.
• Prospects to survive a motion to dismiss appear far less promising if the policy contains a virus exclusion. Two doors have recently cracked open just a sliver. First, the policyholder can launch a frontal assault on the virus exclusion as unclear or ambiguous. The argument almost always fails - decisively - but some wording variations may lead a judge to at least pause. Second, the policyholder can point to the lockdown order (not the virus) as the cause of "property damage." This tactic draws attention away from the virus exclusion but invariably runs into a wall of deep judicial skepticism -- except when it doesn't.
• More than 1,000 COVID-19 business interruption lawsuits remain pending in court throughout the U.S. At this point, no court of appeals has yet to touch a COVID-19 business interruption case. While we can start to see some edges of the litigation landscape, we are a long, long way from having a clear picture of how COVID-19 business interruption claims will ultimately resolve.

Every day I probably see a dozen headlines about new insurtech breakthroughs and deals, but how many will actually succeed? How does one separate the leaders from the pretenders? Insurtech leadership isn’t about buying the technology, nor is it solely about inventing the technology.

Insurtech innovation is leveraging technology to improve the insurance experience. And technology is effective only when it is integrated into business processes and workflows and delivers measurable results over time. After all, insurtech should change the way insurance is sold.

Although I didn’t realize it when I started my first job in the '80s, I was about to devote my entire career to insurtech innovation. Back then — long before program administrators would adopt standard software — there was no such thing as insurtech. Little did I know as I drove up and down the West Coast installing software on agency systems that I was on the cusp of something transformative. 

That was 30 years ago, but the lesson is clear: It’s impossible to build a culture of insurtech innovation overnight. Growth is the result of a relentless pursuit of better ways to underwrite and service commercial insurance — enabled by technology. 

This is not to take anything away from startups; they’re developing game-changing solutions. But to thrive as an insurtech innovation leader, you need more than a product. You need to surround the product with proper execution, the right people and sustainable partnerships. 

No. 1. Execution: Commit to Continuous Improvement

When you’re an MGA and not the risk bearer, you’re less susceptible to market swings but more vulnerable to obsolescence. So, you have to out-execute the market. 

It helps to have what I call a healthy paranoia — a state of vigilance where you’re always looking around the corner, keeping an eye out for the next challenge or potential disruption. Behind that paranoia must be humility, an admission that we don’t have all the answers and that, if we don’t remain alert, we could easily get tripped up and overtaken.

We must constantly ask ourselves how we can infuse established businesses with technology and analytics that will help them do what they’re doing better and convert them to a digital state that will survive disruption. We must take advantage of market disruptions to launch innovative products and write business even as other MGAs are exiting markets.

The heartbeat of innovation is continuous improvement, an inexorable pursuit of unattainable perfection, and it starts by questioning the status quo. MGAs are best positioned to play the role of facilitator, enabling efficiency for carriers, producers and the end customer. A facilitator’s role is to know what its partners need to be more efficient — to understand what will save them time, reduce costs and manage their capital. 

Over time it’s possible to build an entrepreneurial incubator that helps partners along the value chain gain a competitive advantage. As an MGA, seek to provide fast and accurate quotes for coverage against a volatile peril, backed by data collected from a number of external sources, with little input required of the agent. Not only will you reduce the agent’s time, labor and costs, but you’ll also provide benefit to the carriers, who can receive reports that show exactly how their capital is being deployed. Arrowhead developed such a program; after 2 1/2 years, it’s become successful and profitable.

See also: Reflections on Insurtech, Pandemic

No. 2. People: Identify the Entrepreneurial Spirit

Every organization, regardless of what it does, should recognize that its most important asset is its people. Your team members don’t have to be Elon Musk or Tim Cook, but they must have a passion for what you do and continually strive to take the friction out of insurance. Those with an entrepreneurial spirit are curious, deeply engaged, proud of their craft — and unafraid to experiment and push boundaries in pursuit of a better way. 

As it happens, with the right people in place, leadership will play an important role by playing less of a role. Insecure leaders can have a chilling effect on innovation. An effective leader insists on forward momentum over personal agendas, communicating that every team member belongs and that their contributions are valued. Rather than competing internally, teammates can then channel their energy toward doing what’s best for customers. 

As a leader, you also need to keep your ego and pride in check, and that’s never been more important than during the pandemic. There’s something about a turbulent period that fosters humility and reflection. It gives us an opportunity to reflect on everything we do and why — because it’s often difficult during normal day-to-day operations to see the forest through the trees and not to mistake movement for progress. Every team member must gain a clear understanding of what the organization is capable of, where the gaps are and where it needs to go.

No. 3. Partners: Get Each One Invested

The true mark of success is performance, and that’s not possible unless every party brings its best to the table. Insurtech startups bring technical expertise, digital and advanced analytics, agile development and quick decision-making. Insurance organizations bring industry knowledge, a broad customer base, historical data, the capital and an ability to implement and manage change. 

A program administrator is the nexus of this partnership and, as the facilitator, must ask the questions that help the partners collectively arrive at the desired result. Ask questions such as: 

• What does the carrier need to improve profitability on a book of business?
• What do producers need to improve their service or make the underwriting process less painful? 
• What do insureds need to make their lives easier?

The successful MGA must evaluate opportunities in the insurtech space and adapt them to existing infrastructures to simplify commercial insurance buying, servicing and claims. After vetting an insurtech offering, for example, why not take the next step and do a “proof of concept” with a handful of producers in a carefully controlled pilot? If the pilot is successful and sustainable performance can be predicted, it can be rolled out across the entire program. Making prudent investments in technology, data and analytics will position your MGA to grow programs at a time when hard markets are ahead and risks will only become more complex and challenging.

Remember, you don’t make a penny until your partners sell something. Maintain a shared interest in their success — which means that, when a carrier considers making an investment, you should participate in the discussion, the evaluation process and the execution. Better yet, you should be initiating the discussion. 

See also: The Future Isn’t Just for Insurtech

Be a Pioneer

Insurance is hustling to catch up to other industries as it pursues a frictionless value chain. MGAs must scale technology to meet the challenge — whether it’s using machine learning to streamline medical billing, or enabling agents nationwide to quickly quote and bind small commercial insurance polices, or helping a claims administrator deploy staff and resources more efficiently using the science of predictive analytics. 

The connectedness of everything – assets, people, business and commerce – has increased the severity and frequency of cyber attacks. The insurance sector faces a bigger threat than most industries because insurers deal with extremely sensitive data. Several insurance companies, such as Premera Blue Cross and Anthem, have experienced significant data breaches over the past years. However, these are not the only insurers affected. A report by Accenture shows that an average insurance company receives over 100 cybersecurity attacks each year, with 30% of the attempts being successful.

As an insurance leader, being aware of the potential cybersecurity threats puts you in a better position to adopt the right prevention measures. Here are the top cybersecurity threats in the insurance sector that you should know.

6 Cybersecurity Threats for Insurance Leaders

1. Cloud Vulnerabilities  

Cloud data access and storage has become a common practice for many people. However, this practice can increase the risk of a data breach. You can be susceptible to denial of services (DoS) and account hijacking attacks. With such attacks, hackers can access and tamper with your company’s data while preventing your team from accessing it. This threat can be prevented by implementing an extensive cyber risk management plan.

2. Patch Management

If your insurance company is using outdated software, you have a higher risk of cyberattack. Most cybercriminals exploit software vulnerability to access and steal company information. Failing to update your software patches makes your organization vulnerable to numerous data breaches.

Cybercrime vulnerability can be through something you consider as minor as the computer operating system. For instance, most organizations became exposed to cyber-attacks in 2018 for failing to update their Microsoft Office software following a patch release for Eternal Blue vulnerability. Therefore, it is advisable you stay up-to-date with any software you are using in your organization to avoid costly attacks.

3. Social Engineering

With the increase in social interactions, cybercriminals are exploiting such opportunities to launch social engineering attacks. Deception is the major aspect of such attacks. Usually, these criminals use trickery and manipulative approaches to lure individuals into taking various actions. For instance, you can be lured to disclose sensitive information or even bypass set security measures.

Social engineering threats are high because targets simply give hackers access to the system. Thus, it is hard for you to prevent these crimes with cybersecurity systems. However, regular training on cybersecurity is necessary for ensuring that your team members know how to detect and prevent such crimes.

See also: A Novel Approach to Cybersecurity

4. Ransomware Threats

If you thought it was only individuals who can be held hostage, think again, because your computer systems and data can, too. Ransomware attacks are some of the serious cyber threats you should worry about in the modern era. A report by the U.S Depart of Homeland Security reveals a rising number of ransomware attacks. The hackers attack your network and prevent you from accessing any data in it until a certain amount is paid. Such attacks are associated with significant losses. For example, besides the immediate losses, a ransomware attack can lead to huge monetary damages because of lost data and loss of productivity.

5. Third-Party Exposure Threats

The use of third-party services is a common practice nowadays, especially for payment processing. Most organizations do not take the necessary precautions when engaging in third-party transactions. Even where the party you are transacting with does not handle personal data directly, it can put your organization at risk of attack.

Hackers are using malware to access personal data, such as credit card numbers and Social Security numbers, through third-party companies. Therefore, it is important to take all the necessary precautions when dealing with a third-party vendor. For instance, inquire about their policy on data breaches and find out whether they have any measures in place to prevent cybersecurity attacks.  

6. Outdated Hardware

There is a common misconception that cybersecurity threats have to come from software. If you are using outdated hardware, your company data is vulnerable, too. With the increasing rate of software updates, some hardware may find it challenging to keep up. Obsolete hardware may be difficult to accept the latest security measures and patches. In such cases, your organization’s data is exposed; hence, at a high risk of cyberattack. Therefore, it is critical to regularly check your devices and replace any obsolete ones to avoid outdated hardware-related cyber-attacks.

See also: The Missing Tool for Cyber Resilience

Holistic Risk Management Plan

There you have it – a comprehensive overview of some of the top cybersecurity threats in the insurance sector. Evidently, as technology advances, insurance companies will continue to face different forms of cybersecurity threats.

While there might not be a one-size-fits-all approach to address or prevent cyber threats, being knowledgeable on the various cybersecurity vulnerabilities can help you adopt better risk detection and prevention measures. Therefore, make sure to adopt a holistic management plan to stay away from most of these threats.

As the pandemic accelerates insurers' efforts to communicate more efficiently and effectively with customers, two-way texting has emerged as the preferred choice of a new generation of customers, who communicate natively via text with everyone — family, friends and brands included. Two-way texting is more popular than chat, but, unlike chat, it raises new issues around customer opt-ins and opt-outs.

In the new normal, insurers will have to manage customer opt-ins and opt-outs carefully to keep the conversation going. It will take more than having policies on accepting cookies and handling customer data — it requires a better understanding of customer consent, and changes to your data management strategy.

Here’s the good news: It doesn’t have to be hard. 

Unite the Data, Solidify Relationships

Business people understand that customers are willing to share data (including email and mobile phone numbers) in exchange for something of value. In the insurance sector, maybe that “something of value” is a quote on renters’ insurance, a video download of drone-based damage assessment after a storm, the status of a claim or a renewal or payment reminder. The opt-in to communicate could be captured at any point in the customer journey.

While the business unit that captures the opt-in might be a call center, a claims department, a vendor that handles assessments, etc., it’s all the same — your brand. So, the opt-in doesn’t have to apply only for one business unit and specific situation. That’s why it’s so important to unite your data across business units and partnerships. You need a single source of truth on opt-ins and opt-outs to solidify the relationship with the customer. 

With the power of the cloud and APIs, it can be easier than you think to integrate data across systems using the infrastructure you already have in place, including on-premises systems. You may have gotten away with not consolidating opt-in data before, but, in the new normal, customers expect more. It’s time to unite the data and solidify the customer relationship across the organization. 

Opt-In, Opt-Out, Opt-In Again

Have you ever opted-in to a text or email communication with a brand to get something you wanted (a discount, a free ice cream cone, etc.), then opted out again? It happens all the time, and privacy regulations are increasingly putting teeth into consumer preferences about data use. That’s another reason it’s so important to have a single source of truth on opt-in status across all operating units, as well as the ability for everyone to collect and process opt-ins and opt-outs.  

See also: COVID and ‘the Great Reset’

The upside is huge for any business, and maybe especially for a sector that relies as heavily on customer relationships as the insurance industry does. When you create a way to unify and manage opt-in and opt-out data on top of your existing infrastructure, you multiply the opportunities to converse with customers and show respect for their preferences. Your automated text solutions, chat agents, call centers, automated claim submission portals, etc., can all collect an opt-in to start and continue conversations. And everyone can join in the conversation as appropriate. 

You can set your insurance company up for success in the post-COVID-19 world right now by enabling all business units to manage consumer consent for communication on their preferred channels, and it will be a lot easier than you think with cloud technologies and APIs. So, what are you waiting for? Disconnected communication data might have worked before, but the new normal is here, and it’s time for your customer data management strategies to reflect it.

COVID and ‘the Great Reset’ Paul Carroll, Editor-in-Chief of ITL Although the insurance industry seems to have aggressively and (mostly) successfully shifted toward digital interactions during the pandemic, an even trickier transition lies just ahead as part of what is being called “the Great Reset.” That transition to a post-pandemic world requires insurers to not just understand the internal workings at their companies, or even the new preferences of that fickle beast known as the customer; it means figuring out what the world of work and home life will look like after the universe resets, so insurers can revise products and revisit sales and marketing tactics. Maybe, for instance, some insurers will want to deemphasize small businesses, in general, as long as so many may go out of business and migrate toward “ghost kitchens” (which only offer takeout or delivery). To try to help as we all sort through the complexity, I’ve pulled together the smartest thinking I can find on what comes after “the Great Reset.” (Warning: McKinsey provides some serious pessimism at the end of what follows.)... continue reading > CLM CE Tracker Tracking and renewing adjuster licenses doesn’t have to be an administrative nightmare and time burden. Untangle it with CLM Tracker. Learn More SIX THINGS Where Blockchain Shines Right Now by Ivan Kot The seafood supply chain, for instance, can become transparent and trustworthy, while blockchain automates location updates. Read More Reflections on Insurtech, Pandemic by Mark Breading Will the dramatic change to work and life patterns unleash innovative startups and new rounds of funding? Read More Is Intuition Dead? Probably Not, but… by John Sviokla With the pandemic throwing historic data out the window, more algorithms and AI are being used in what might be called bionic decision-making. Read More Commercial Claim’s Journey With AI by Ji Li AI is still very new to insurance, and claims teams are only scratching the surface on how it can be applied for the betterment of all constituents. Read More Life Insurance’s New Occupation by Denise Garth Insurers must rethink their scope, away from a policy transaction and to a broader lifestyle experience across health, wealth and wellness. Read More Adios to ‘3 Lines of Defense’ Risk Model by Horst Simon The only way forward is building an effective risk culture and teaching everyone in the company radical risk management skills. Read More GET INVOLVED Write for Us Our authors are what set Insurance Thought Leadership apart. Get Started Partner with Us We’d love to talk to you about how we can improve your marketing ROI. Learn More SPREAD THE WORD Share Share Tweet SUBSCRIBE TO SIX THINGS

The global COVID-19 pandemic has almost shut down entire industries, forcing companies of all sizes to adapt and evolve. It has also done incredible things for a pivot to innovation.

Safety has had to come first. And for many, that meant changing how they worked, using technology to power a shift to remote work and servicing of customers. For some, like retailers, restaurants and manufacturers, it meant shutting down key services or production lines and pivoting to new offerings or entering new markets just to survive and stay relevant. Others, rather than just close doors, have repurposed their assets to contribute to the collective effort to fight the crises.

When commercial flights were shut down, airlines like Virgin Atlantic, Lufthansa and American Airlines switched to cargo-only flights. In the U.K., healthy fast-food chain Leon announced it was turning its 65 restaurants into shops, selling meals via both click-and-collect and delivery. Hotels started offering day rates for remote workers. And multiple manufacturers, like Scottish craft beer specialists BrewDog, converted their plants to produce hand sanitizer.

What does it take to shift this fast successfully? And is this kind of progress sustainable?

The reality is that it is not essential that we be thrown into crisis before this kind of change can take place.

With the enforced change in human movement and behavior came a change in customer demand. Businesses had to think and act fast to repurpose assets, talent, resources, distribution channels, offerings. Minus the crisis, it’s what successful businesses do every day.

SpaceX’s giant step

On April 11, 2019 – before we knew what 2020 would bring – a Falcon Heavy rocket was launched Cape Canaveral, FL, making history. It was the first in a new generation of space exploration: a rocket that would not only be able to pilot its way through space but be able to navigate and return to Earth for re-use, radically reducing the cost of space travel.

To achieve this, SpaceX combined radical and creative funding systems, brilliant talent and, perhaps most importantly, vision. But the question at the heart of this isn’t – "How did SpaceX achieve this?"; the question is, "Why didn't the incumbents?" How has innovation and creativity become so stifled in large, established organizations that it takes a new kid on the block to go, quite literally, where no one has gone before?

It’s about culture, leadership and some very practical steps that enable businesses to be their own catalysts for change, rather than relying on a crisis to spark exponential change.

The DNA of organizations that thrive through change

From Incremental to Exponential, a book I have written with Ismail Amla, looks at what it takes to drive exponential change in an enterprise. We examine five common components that make up the DNA of organizations that thrive through change.

• Firstly, speed. Leading companies just operate faster – from reviewing strategies to allocating resources. McKinsey research indicates that these companies relocate talent and capital four times more quickly than their less nimble peers.
• Secondly, being ready to invent. While business need to maintain the profitable elements of what they do, business as usual is dangerous. Leading businesses are investing as much in upgrading the core as they are on innovation.
• Thirdly, being all-in. These companies aren’t just making decisions faster, the decisions themselves are bolder, braver and further outside the box.
• Fourthly, making data-driven decisions. Data is providing the fuel to power better and faster decision making. High-performing organizations are three times more likely to say that data and analytics initiatives contribute at least 20% to EBIT. Which is profound.
• And finally, following the customer. Top companies that sustain a comprehensive focus on the customer (in addition to operational improvements) have been shown to reap economic gains ranging from 20% to 50% of the cost base.

See also: COVID-19’s Once-in-a-Lifetime Opportunity