From a cyber security standpoint, the move back to a work setting for employees should not be the challenge that moving to “work from home” may have been for many organizations. Network security in the workspace is already in place, and employees are quite familiar and at ease working in the work environment.

By now, businesses should have already addressed issues of remote access, the use of multifactor authentication and virtual private networks (VPNs). But in the wake of COVID-19, as businesses return to the workplace, organizations should take some lessons from the COVID-19 pandemic. We recommend they use this information to shore up potential weak spots in their cyber security program’s incident response plan.

The greatest lesson to take away from the pandemic has to do with preparedness. What has been witnessed over the last three months is crisis response, on a global level, taken to its extreme. Every business and local, county and state government, and even individuals were forced into some form of crisis management. Some were able to respond better than others.

“Something like this will never happen”

One of the reasons that many were not prepared for the pandemic and did not respond well was because they believed that “something like this will never happen.” It’s a phrase that is heard often by those in the cyber security industry. Organizations often rationalize they are able to live with less than optimal cyber security because they feel they are too small to attract hackers, or they don’t have anything that anyone would want to steal. We know now that "something like this" can happen, and the results can be catastrophic.

Additionally, an organization does not have to possess something that a hacker wants to steal, to be a desirable target. All it has to possess is an opening; some vulnerability that allows a bad guy entry to exploit the opportunity to interrupt business and maybe even demand a ransom.

See also: How to Fight Rise in Cyber Criminals

Lessons from the COVID-19 pandemic

As businesses begin to return to workplace operations, now is a great time for them to reevaluate their approach to cyber security as a whole, and cyber resilience in particular, while drawing some comparisons to what the world has experienced in the pandemic.

1. Identify assets

Using the National Institute of Standards and Technology (NIST) Cyber Security Framework as a guide, consider the first risk category of IDENTIFY. The first objective of cyber security is for an organization to understand its assets. A business must ask itself, “What do we have that needs to be protected? What are our high-value/high-criticality assets? What are the risks and vulnerabilities associated with those assets? Where are those assets located? Are they on the cloud? On the premises? Do we have all of our assets accounted for in an inventory? Do we verify that inventory regularly?”

When the pandemic hit, many entities found themselves without a full understanding of the assets they possessed and what they still needed. Assets including hospital beds, ventilators, usable test kits and procedures and personal protective equipment. In many cases, the result was a scramble over a long period to acquire the necessary assets.

2. Protect assets

Following the NIST framework, once assets have been identified, and risks assessed and ranked for criticality, what protective controls are in place to protect those assets? In the towns, cities and states that we live in, there are healthcare systems, networks of healthcare providers, nursing homes, pharmacies and other components all geared to providing protection to our countries’ most valuable assets: people.

What about in the business community? Are businesses providing their most critical assets, such as data, hardware, software and even business processes, with the protections aligned with their importance? Do these businesses segment their critical assets or encrypt critical data? Do they educate their employees about cyber security and the roles they play in maintaining it? Do they provide their employees with the proper amount of access to IT assets?

3. Detect the problem

The third risk category in the NIST framework is DETECT. How can businesses know when something bad might be happening? How do businesses monitor for indicators of compromise within their networks? In the pandemic, the World Health Organization has been acting as a parallel to a managed security services provider (MSSP) or a security operations center (SOC) for the network of countries around the world. The job is to detect the initial outbreak and alert the rest of the world to the danger.

4. Respond to the crisis

Each business needs to assess its ability to detect potentially malicious activity in corporate networks. Is each organization engaging a third-party MSSP? Is it performing up to expectations? If a business is doing its own monitoring, is that monitoring complete and effective? Is the business monitoring the most valuable or risky assets closely enough? Is it processing all the right information? Does the business even know what malicious behavior looks like or how to find it?

5. Find a path to recovery

With these steps developed, businesses can finally consider what response and recovery will look like. NIST suggests considering how to handle response and recovery in our networks compared with how the various government agencies have handled theirs.

See also: 10 Tips for Moving Online in COVID World

First, businesses should have a documented incident response plan for their networks and should make sure it has been reviewed recently for adequacy. The incident response plan needs to clearly define roles and responsibilities for all participants. It needs to include procedures for identification, containment, eradication, recovery and lessons learned. The plan should also state how the business will communicate information about the incident to internal and external audiences. In developing the incident response plan, it is key for businesses to line up and perhaps even contract with third parties for technical response services that they don’t have in-house.

Businesses also should make sure their incident response plan is designed to consider a “black swan” event, which is an unexpected, catastrophic event that forces a complete shutdown of a company’s network and its services. As rare as black swan events may be, they do occur. Many remember the first outbreak of ransomware just a few years ago and how it caused the complete shutdown of some global networks. Even some companies with what might be considered very good cyber security were severely hurt. Why? Because they did not contemplate such an event and therefore did not build their response plan for effectiveness against a black swan event. The development of an incident response plan is not complete until it contemplates and prepares for such a rare and devastating event.

Finally, with respect to response and recovery, testing plans is incredibly important. Plans that are in place, but have not been tested for several years, are likely to be missing some details that will limit their usefulness when it really counts – in a cyber event. Businesses that test their plans regularly – minimally once per year – and update the plan based on lessons learned from both tests and actual events will have experiences in actual cyber events that are probably much less painful than if they did not plan and test the plan regularly.

The COVID-19 pandemic of 2020 is real – it’s not a test – and the lessons learned from the event are substantial and painful. The phrase “Never let a good crisis go to waste” has been repeated in a cynical manner many times, but it does have value in the context of current events. City, state and federal governments will certainly be revisiting their pandemic crisis management policies and procedures in the near term. It’s also a good time to revisit cyber risk management and incident response procedures.

Visit Zurich’s COVID-19 Resource Hub for more information.

When it comes to education, there’s no such thing as one size fits all. That may seem obvious, because teaching spelling to a first grader is way different from teaching philosophy to a college student. 

The nuances increase when we start talking about continuing education. Professionals who are years into their careers have practical goals; they’re seeking knowledge to help them advance in their companies or do their current jobs better. Many of them will earn CE (continuing education) credits by completing a course. To say that they have a lot at stake is an understatement. Their ultimate success depends greatly on the quality of the teaching. 

So let’s talk about teaching industry professionals in a virtual environment, which has become necessary — even in vogue — in the era of COVID-19, and will likely increase in importance as the distributed workforce continues to grow.

Case in point: When the Network of Vertafore Users (NetVU) had to cancel its annual conference this year, staff restructured the entire course curriculum to an online format, and the “Summer of Accelerate” was born. It offers more than 100 courses, which are taken by thousands of independent insurance professionals tuning in from their dining rooms and home offices all over the country.

Based on our experience with our volunteer instructors, here are five tips for successful CE teaching in a virtual setting:

1. Move beyond the lesson plan

You have to prepare yourself differently to teach in a webinar format than in a classroom. Creating a good lesson plan will only get you so far. Yes, it’s always important to develop a solid outline of what you’re going to teach, but it’s also wise to consider that your students won’t be in the room with you. Instead, they’ll be at their computers and likely in their homes, where there are distractions. It may not be possible for them to raise their hand to ask a question or make a comment on the spur of the moment. The technology for virtual learning is good, but not that advanced yet. Which leads to our second tip.

See also: Building a Virtual Insurer Post-COVID

2. Make it practical

There’s no time for theory in a virtual setting. You have one hour to transmit a lot of information. That’s it. When you only have one shot at teaching the material, you don’t have the luxury of wading into the “whys” and “wherefores” of what you’re doing, like the college professor who gets to lecture a class once a week for a whole semester. Create snippets of information that are actionable and repeatable. Give step-by-step instructions, and create your PowerPoint slide or live demo accordingly, like a YouTube how-to video.

3. Adapt your materials to the technology

You probably won’t be able to interact with your students, and there won’t be that lively discussion you can get in a classroom setting. But you can still inject your presentation with personality and relevance. For example, a good way to lead in to a demonstration is, “I had a student just last week sharing with me that she was able to save 15 minutes a day using this technique.” Or, “I got a note from Sara Jones this morning saying she hoped we would dive a little deeper into this topic.”

4. Recognize the objectives

The sooner CE instructors understand a fundamental difference from teaching in an academic environment, the better off everyone will be. In grade school, high school, college and graduate school, the school sets the objectives. By contrast, the desired outcome of continuing education is improved performance, so the student sets the objectives. They are driven by the student’s career aspirations and the firm’s pursuit of happier customers and financial targets. This is true regardless of the classroom setting — at a distance or in person.

5. Understand your students

Because your students drive the curriculum, it’s important to ask them in advance why they’ve chosen your session, as well as their expectations for the session and even career goals. A short survey will open up a world of insight. Remember, you will be imparting practical knowledge, not abstract theory. In our member organization of more than 20,000 insurance agencies, carriers, MGAs and compliance organizations, our “students” usually want to know more about a specific feature of their firm’s Vertafore management system and how to use it more effectively.

For example, numerous times a day a customer service representative, or CSR, needs to engage in a conversation with an insured about that person’s needs while working in the ACORD application. The CSR has to listen, answer questions, give advice, even empathize with the customer while simultaneously looking at a screen full of questions, digesting the information and completing a number of fields. That's a skill that has to be taught and practiced. 

Rewind and Review

Before I begin those five steps of creating a successful CE course, I like to take a minute and go back to where it all starts: the customer. Remember, the customer doesn’t choose an agency because its CSR is an expert in the technology, but because he’s qualified to give sound advice.

The tool or technology can never become more important than the conversation with the customer.

If you look at a list of preferred jobs of college graduates, “claims adjuster” might not make the list. Insurance claims operations likely seem foreign to a 21- or 22-year old who probably has never had to file a claim. There is limited understanding about what is involved or why. One doesn’t hear much about claims adjusters on the news or on YouTube; the profession is all sort of a mystery. Because of this, claims operations tend to be jobs people “happen upon.”

In the past, the insurance industry has not needed to recruit aggressively, but this is about to change. The average claims adjuster stays in the industry for only four years. Another swath of adjusters soon will retire. Employee turnover coupled with an aging out of other workers will create problems that can cripple organizations. Attracting new talent to the field while retaining a larger percentage of experienced workers is critical.

Gaps

There are two gaps that have to be addressed to preserve the health of claims adjusters: the mindset gap and the knowledge gap. The mindset gap pertains to negative perceptions of the field and its related responsibilities as well as to how workers approach their jobs. The primary generations of workers entering claims operations, millennials and Gen Zers, typically don’t plan to stay with the same company in the same position for long. Career aspirations are different than for previous generations ruling claims operations. According to Gallup, only half of millennials plan to be in their same job a year from now, and just 29% feel invested in their work. High millennial turnover costs the U.S. approximately $30.5 billion annually. The numbers don’t look much better for Gen Z — and, in a profession like claims, this paints an even bleaker picture.

The claims field already has strikes against it that other jobs don’t have. If droves of millennials are leaving positions because they are not engaged or emotionally invested, a general perception that claims is a data entry job becomes highly problematic. Piling on, claims representatives traditionally have been viewed as adversaries to claimants, with claims adjusters not trusting the people they are charged with helping. This hardly evokes the warm, fuzzy feeling workers want to experience with their respective jobs, likely hastening a quick exit from the profession.

Compounding the problem, it takes claims adjusters years to accumulate the knowledge needed to be effective. Experienced claims adjusters understand countless factors and nuances that come into play in a claim, creating a sizeable knowledge gap between new and veteran claims adjusters. If employees walk out the door before accumulating this knowledge, that is a huge loss on the investment spent on training without ever reaping the benefits. Similarly, there are significant issues as adjusters retire, taking a career’s worth of knowledge and experience with them before well-trained workers are in place.

See also: Future Is Already Here in Claims

AI: The Secret Weapon in the Battle to Recruit and Retain Talent

One of the most promising solutions to recruiting and retaining workers lies with artificial intelligence — and not in the way that you might think. I am not talking about the solutions that identify potential workers and send them an email. I mean applying AI to attack the actual gaps in mindset and in knowledge.

First, mindset. AI-driven solutions are being implemented across insurance organizations that can provide far richer information about claims while eliminating rote tasks. AI enables claims team members to dive deeper into a claim and instantly discover new information that is meaningful to their decision-making process. With the latest in data science (an attractive term to would-be applicants seeking cutting-edge jobs), AI-based solutions prompt adjusters to use data and apply their own brain to solve increasingly complex challenges.

Additionally, AI helps root out fraud, removing from claims representatives’ minds the fear that someone is trying to run a scam and helping to shift the adjuster’s role from adversary to advocate. Within this new paradigm, it becomes possible to scale compassion so that representatives can truly serve people in a highly efficient manner. This concept, one of scalable compassion, also creates a shift in how claims themselves are viewed. Instead of seeing a hassle or a mountain of red tape to fight through, claimants view their claims as actual benefits and treat representatives with greater respect. These factors combine to make a much more inviting environment for new recruits while assisting in the retention of the current workforce.

In terms of the knowledge gap, because AI adds intelligence to the claims process, the learning curve for newer representatives can be reduced dramatically. AI gets all workers to a competent level almost immediately. It’s an equalizer of sorts. While experience will always be an asset, the knowledge gap essentially disappears when a smart system that tells representatives what they need to know when they need to know it is in place.

See also: The Case for Paying COVID BII Claims

Fortifying the Industry

Because the nature of the claims representative position changes — from adversary to advocate, from heavy on data entry to full of opportunities for insightful decision-making, from a high barrier of entry to hitting the ground running — there is greater appeal and room for growth.

Additionally, in the current environment, the majority of the workforce is being asked to work from home. This has been a difficult transition for businesses across a range of industries. Insurance has been surprisingly adept, however, with many claims adjusters already working remotely. This practice will continue after COVID-19 passes, which can be a perk for many millennials and Gen Zers who don’t want to commute to an office every morning and who value flexibility.

With a little innovation, a more adaptable approach and proper application of AI-based technology, the claims industry can transform what it means to be an adjuster; attract new, talented workers to organizations; and provide them with long, fulfilling careers — all while averting a hiring crisis.

Without such change, I predict the claims process as we know it will unravel within a decade.

The next step is clear. Will you take it?

This year, we have witnessed explosive growth in technology adoption. Zoom video conferencing has risen 574%, Instacart grocery delivery has jumped 450% and Google Classroom usage has increased 580%—all due to COVID-19. The pandemic has truly altered how we think about and use technology. For businesses, it has introduced opportunities for digital transformation. Case in point: the automotive insurance industry.

While some may say insurers are slower to embrace change, the sector has moved at lightning speed to maintain business continuity since the start of COVID-19. The first step was what seemed like an overnight transition to a fully remote workforce. After setting up the required technology to support their employees, carriers then shifted focus to refining the digital solutions that would allow them to better manage the claims process and serve their customers virtually.

Automotive insurers have long relied on staff appraisers and collision repairers to assess vehicle damage after an accident. While virtual estimating—or using photos in place of a physical inspection—is not new, the pandemic has made it the preferred method of inspection.  

Prior to COVID-19, use of virtual estimating was limited and focused almost exclusively on low-severity claims. This was due, in part, to concerns about the ability to produce an accurate estimate. In fact, when compared with other methods of inspection, virtual estimating accounted for just 2% of all estimates written in the United States and Canada just a year ago. 

However, with an increase in our need to socially distance and a decrease in miles driven, the conditions were right for widespread adoption of claims virtualization. In just the first two months of the pandemic, virtual estimating usage jumped to 13%—all while growth in other methods of inspection has decreased or remained stagnant. In addition, some carriers announced early in the outbreak that they were moving almost all of their claims handling to a virtual model, and dozens more reached out to Mitchell to get started. Collision repair shops have also followed suit, providing customers with new tools for collecting and submitting damage photos.

See also: Future of Claims: Automation, Empathy

For insurers, the benefits of virtual estimating include increased efficiency and customer satisfaction. Field appraisers typically complete three to four estimates a day when factoring in administrative tasks and drive time. However, with virtual estimating, that number increases to 15 to 20. By eliminating travel and tasks like appointment setting, employees can focus their efforts on the actual appraisal. Consumers, on the other hand, benefit from the speed, ease and convenience that comes from a digital self-service solution—at a time when technology adoption has never been higher. 

So what impact does this have on claims automation? The first step toward automating the claims workflow was increasing insurers’ comfort level with using photos, instead of a physical inspection, to assess vehicle damage. With COVID-19 accelerating their adoption of virtual or photo-based estimating, we have now reached a tipping point. Insurers have validated the feasibility of using photos in the estimating process. They have seen virtual estimating used successfully for both low- and high-severity claims. And they can no longer dispute the efficiency gains and consumer benefits it provides. These factors combined may make them willing, and ready, to begin automating the complex, labor-intensive claims process. 

The natural next step is to use artificial intelligence (AI) to further streamline and improve estimating. With the photos—and eventually videos—submitted digitally, insurers can rely on an AI engine to identify component-level vehicle damage. From there, the data can be combined with other inputs to return a recommendation of either repair or replace. If repairable, the computer can then populate individual estimate lines with recommended parts and labor costs. Once the data is submitted, carriers can even incorporate automation in the auditing process. Instead of reviewing just a handful of estimates each day, auditors can let the computer review all of the estimates submitted. This will allow them to focus their energy on the claims that need attention. It will also give them the opportunity to rapidly uncover and address any issues.

Leveraging automation in the claims process has many benefits, as noted by McKinsey. First, it improves accuracy. Next, it increases efficiency, reducing expenses by 25% to 30%. Finally, it raises customer satisfaction by as much as 20%.

See also: Keys to ‘Intelligent Automation’

Over the last three months, insurers have taken an incremental step—or leap—closer to claims automation. However, the transition from virtual estimating to touchless claims will not happen overnight. It is an evolution that will require us to re-think how and where we use technology versus how and where humans apply their expertise. In the end, though, automating more of the claims process will allow us to better serve consumers and support the proper, safe repair of their vehicles.

Disasters come in all shapes and sizes and are indiscriminate in those they catch up in their chaos. As such, when it comes to disaster planning, it’s essential to account for linguistic diversity. Incorporating translation and localization services into the planning process is therefore an essential part of ensuring an appropriate and robust response. 

In this post, we’ll take a look at disaster planning from a linguistic inclusivity perspective. We’ll also consider the value of translation services in responding to disasters, from mitigating the impact of climate change-related disasters to health crises. Let’s get to work! 

We live in a globalized world, with people moving from one country to another for economic, personal and political reasons. Furthermore, many countries are home to a rich variety of indigenous languages. This global linguistic diversity means that monolingual disaster planning is risky in many circumstances and locations. 

Using translation and localization as part of disaster planning

Using translation in disaster planning is a dual-pronged process. Not only do the disaster planning documents themselves need to be in multiple languages, but plans need to be in place to ensure that the response to the disaster is delivered in multiple languages, as well. 

Localization needs to be considered, too. It's not enough to translate words from one language to another. Translated documents need to be shaped so they better connect with the target audience. 

When creating disaster plans and strategies, it is important to use translation and localization services to ensure that all the communities that are likely to be affected by the disaster are cared for as part of the response planning. The translation element of the process will ensure that the disaster planning documents are available in all the languages that will be needed. Localization, meanwhile, can ensure that the plans take account of factors such as how to connect with different communities in an emergency. 

Localization in action 

A recent example is how information has been shared with remote Amazon communities about COVID-19. Local interpreters have been used to share information over the radio in local languages, as many of the communities in question do not have access to the internet.

While every person who works on a disaster response strategy hopes that their work will never be used, they need to plan how it will be. That means having translation and interpretation resources lined up and ready to spring into action. 

The value of translation services in disaster planning 

When a disaster strikes and panic ensues, those who don’t speak the primary language of the area are often more likely to suffer because they receive information second-hand. This not only introduces delays at a time when action could be crucial but also builds in the potential for misinformation to spread. 

See also: Value of Optimized Resource Planning

That’s why it is so important to use professional translators and interpreters as part of a coordinated disaster response. They need the right skillsets, too: Experienced medical translation professionals are needed in this pandemic, for instance, to deliver technical information packed with medical details and not worry about any of it being lost in translation. 

Disaster planning can be tough. There are so many unknowns to account for. Building multiple languages into that process certainly doesn’t make it any easier, but it does mean that the disaster response can be applied in a way that helps as many people as possible, regardless of their native tongues.

Blockchain technology’s potential for disrupting the re/insurance industry is frequently mentioned, and it's easy to understand why, given the nature and volume of data that flows between the insured, insurer, broker, reinsurer, service providers and other external stakeholders.

Something that hasn’t been discussed, however, is the extent to which specific markets, and those in Latin America, in particular, could be helped by this technology. That markets across the Latin American region could use blockchain technology to establish a new status as a role model for efficiency and technological development and a desirable place to conduct and attract business appears not to have been recognized.

Approached correctly, blockchain technology represents a golden opportunity to not only introduce real, tangible operating efficiencies into Latin American market practices and operations but also to transform the image of the region’s business environment and discard many of the long-held and damaging misconceptions.

Lack of transparency, lack of data integrity, inefficient and outdated business practices, poor claims data and excessive operating expense are some of the more common complaints of foreign management on the subject of their participation in LatAm markets. While these concerns are certainly not valid across the board, it is difficult to argue that there’s no substance to some of them.

Implementing blockchain technology into market practices could instantly address all of these issues by bringing total transaction transparency, providing consistent processes (vertical and horizontal) and introducing multiple transactional efficiencies, enabling significant time and cost savings.

Putting this in an operational context, during typical high-pressured renewal periods, underwriters would witness considerable reductions in valuable processing time and in the cost of placing their risks by eliminating the rekeying of data and eliminating duplicate tasks for the cedent, broker and reinsurer. The new policy as a "single source of the truth" has considerable benefits for all parties in the chain, not least removing the likelihood of costly future disputes.

As blockchain applications can be designed to process treaties, send notices to all participating parties and process the associated premium and commissions, technical accounting teams can be leaner and more focused on improving transaction efficiency. Payments no longer become stuck or withheld for unreasonably long periods, as all parties can access and follow the payment flow, thus freeing considerable administration time and assisting Treasury needs. Claims teams will see faster processing and verification of claims. Audit teams and compliance staff will enjoy the substantial benefits that transparency brings, especially around the burdensome "know your customer" (KYC) and anti-money laundering (AML) processes. The impact could be significant and enterprisewide.

These benefits could, of course, apply to most re/insurance markets. However, several markets in Latin America have particular characteristics that mean they stand to achieve potentially greater upside benefits and, from a practical perspective, enable easier implementation.

See also: Blockchain in Insurance: 3 Use Cases

First, several ecosystems in Latin America are already familiar with blockchain technology as a result of the wide adoption of crypto currencies and digital assets in the region. As blockchain technology is a key element of crypto currencies, a high level of familiarity and expertise with the technology already exists in the region, which re/insurance industries could leverage. As adoption of crypto currency continues to grow in markets such as Argentina, Colombia and Brazil, in particular, the use of blockchain technology will also grow, increasing the supply of resources with technical blockchain knowhow.

The structure of markets such as Argentina, Brazil, Chile, Colombia and Mexico, lends itself to an easier adoption of blockchain. There are relatively fewer players (than in, say, U.S. markets) operating in more localized markets, which makes intramarket collaboration - which is vital - much easier and quicker to achieve than in larger international markets, which are often more fragmented. In addition, the more relationship-oriented nature of the markets in these countries where there’s a higher degree of trust, long-standing bonds and greater familiarity between players will also induce a greater level of collaboration.

The relatively lower direct cost of labor in Latin American markets has in many cases resulted in unnecessarily high head count in back office functions performing menial, heavily manual tasks such as rekeying of data, repetitive receivables collections procedures and reconciliation work. This has often resulted in bloated expense ratios, less effective processes and additional HR burden. Blockchain will streamline many operational processes, significantly improving efficiency and minimizing headcount.

The regulatory and compliance burdens imposed on businesses in several Latin American markets are substantially greater than in many other international markets. This burden translates to increased expense as well as greater demands on valuable management time. Blockchain would bring efficiencies to the compliance and regulatory aspects of the business through transparent, consistent processing and more streamlined processes. AML and KYC procedures are obvious examples that would see immediate benefits. The potential gains are exponentially greater where the regulatory burden is heavier.

So, the case for blockchain in Latin American re/insurance markets seems pretty clear. The big challenge facing these markets lies in making the transformation and successfully managing the implementation of blockchain technology. Stakeholder collaboration is absolutely fundamental to the success of blockchain in any market. The technology needs to be embraced by multiple market participants, and serious conversations need to take place among the risk takers, the service providers and regulators and national associations before any transformation can begin. No single entity alone can make this happen; influential players that see themselves as leaders need to step up and drive the initiative into their markets.

While blockchain is long-established in technology circles, it is perceived as a UFO in re/insurance circles, too complex to understand and beyond the reach and comprehension of most operational management. It shouldn’t be. There are several solutions and advisers who are accessible and can assist the entire process from preparing feasibility and design to managing implementation. Blockchain is an active and growing sector.

See also: Is Blockchain Ready to Hit the Market?

Largescale adoption of blockchain technology in Europe and the U.S. has been relatively slow to date, which probably means international companies are unlikely to invest the required resources in their Latin American operations, at least until a proof of concept has been established in the traditional markets. The onus may therefore lie with the larger indigenous entities in the region to take the first meaningful step forward and begin the collaboration.

Whoever seizes the initiative and delivers this new world stands to gain not only financial and operational rewards but also recognition in a larger context: true recognition as a market leader in thought leadership and innovation. Opportunities to make such a profound impact on a market do not come around often.

The Silos Are Coming Down Paul Carroll, Editor-in-Chief of ITL While I’ve heard many too many empty promises of corporate synergies over the years, I’ve learned that one form of cross-selling really does work: “Do you want fries with that?” So, I’ve been waiting (and hoping) for insurers to find ways to achieve similar sorts of easy, intuitive crossover sales. There are already a few combo meal sorts of offerings that show promise — e.g., Tesla bundling auto insurance with its cars, or Comcast selling insurance into homes that are tethered to it via coaxial cable — but my ears really perked up last week when stories surfaced about Walmart forming an insurance agency. It just makes sense. With 5,000 outlets in the U.S. alone and 265 million customers worldwide, Walmart has a target-rich environment for insurance sales... continue reading > CLM CE Tracker Tracking and renewing adjuster licenses doesn’t have to be an administrative nightmare and time burden. Untangle it with CLM Tracker. Learn More SIX THINGS 6 Life, Health Trends in the Pandemic Life and health carriers are responding with new protection products and services. Read More Reigniting Growth in U.S. Life Insurance Agile response to COVID-19 bodes well for returning the life insurance sector to long-term growth and wider financial protection in society. Read More COVID-19 Highlights Gaps, Opportunities The pandemic and the response to it have highlighted significant gaps in industry offerings that are yet to be resolved. Read More Sponsored Cyber Risk Impact of Working From Home Organizations should be checking to ensure that new modes of work aren't compromising cyber security. Read More Another Reason for Insurers to Embrace AI AI alerts have played and continue to play a critical role in detecting and controlling future outbreaks like COVID-19. Read More Wildfire Season Off to Perilous Start Fires can create their own weather: Smoke-infused thunderstorms produce lightning that starts new fires and can lead to fire tornadoes. Read More Lasting Impact of Plaid’s Innovation The temptation to try to own all the value at every layer of a solution can be fatal, and is something Plaid brilliantly avoided. Read More GET INVOLVED

Write for Us Our authors are what set Insurance Thought Leadership apart. Get Started Partner with Us We’d love to talk to you about how we can improve your marketing ROI. Learn More

SPREAD THE WORD Share Share Tweet

SUBSCRIBE TO SIX THINGS

Let’s be honest: Operational motivations are about speed and efficiency, not security. For manufacturing organizations to effectively manage cyber risk, they first need to understand that the global digital transformation making businesses run smarter and more efficiently is also creating a widening security gap that must be addressed. 

Creating Industry 4.0

In manufacturing, investments are largely motivated by the pursuit of increased operational effectiveness and efficiency: doing more for a lower per-unit cost. Often, these investments manifest as new operational technology (OT), for instance to enable higher degrees of automation, accelerated assembly timelines and improved real-time insights. New OT gets added to a large information technology (IT) stack, which has often been built over several decades; in that time, the IT stack has become a complex mix of legacy, aging and modern solutions held together by vulnerable protocols and a “don’t touch what isn’t broken” stability strategy.

Industry 4.0, driven by the pursuit of OT, is the connection of industrial equipment that accesses and analyzes centralized operational data. In essence, this is the next industrial revolution in advanced manufacturing and smart, connected, collaborative factories. This new paradigm is characterized by the action of the physical world becoming a type of information system through sensors and actuators embedded in objects and linked through networks. Beyond having the potential to completely change material and manufacturing processes, Industry 4.0 is expected to contribute to more efficient operations by aggregating data across all facilities, letting companies monitor, measure and improve performance. 

This digital transformation introduces new generations of intelligent solutions and integrates these solutions into existing manufacturing processes and technologies including SCADA/ICS and PLCs. In many cases, this collection is controlled by a manufacturing execution system (MES), which is tightly integrated into the manufacturing organization’s ERP system.

See also: The Rules of Digital Transformation

The Threats Grow

Unfortunately, this pursuit of improved operations comes with an unintended consequence: a widening security gap. As manufacturing has become more connected, the threat surface—the collection of points an attacker can use to try to gain access—has increased substantially and now extends from endpoints and networks into cloud services. In fact, the entire manufacturing process (and, by extension, the company that depends on that process running effectively) is more vulnerable to cyberattacks. From opportunistic attacks using commodity malware as a service, to sophisticated hands-on-keyboard attacks that surgically evade defenses, to advanced persistent threats that can operate for years undetected, to industrial espionage using legitimate credentials harvested from phishing campaigns—the list is long, and the consequences can be devastating. 

Modern threats can readily bypass legacy antivirus solutions and take advantage of vulnerability windows. Organizations need solutions that can harden endpoints, prevent polymorphic malware and fileless attacks, mitigate malicious code execution and provide investigation and remediation capabilities with dynamic response to security incidents. 

As the knowledge of the growing threat landscape solidifies, tension develops between two core factions: OT and IT. Security was a distant priority when vendors created their new OT solutions, yet IT understands the security risks and best practices and wants to take the time to do things as safely as possible. OT is under pressure to hit targets and can feel like IT is slowing them down by unnecessarily overstating the risks. Plus, manufacturers must grapple with systemic vulnerabilities in operating systems and control systems. For instance, it’s important to recognize that many industrial communication standards don’t even consider security because they are based on the old firewall model of complete trust within the network. 

But from the shadows comes a third party: attackers. These bad actors see highly connected, unprotected systems built by vendors that know very little about system security and that are content to pass risk to their customer—the manufacturing organization. 

Additionally, the supply chain is vulnerable. As trusted partners, third-party vendors often become the overlooked or unwitting accomplice in criminal activities. A Spiceworks survey of 600 IT and security decision-makers that asked about supply chains highlights this risk. 

While the majority of respondents felt confident in their vendors to keep data safe, nearly half (44%) of firms had experienced a significant, business-altering data breach caused by a vendor. Human error and stolen passwords accounted for 26% of the breaches, while malware played a key role in half of the attacks. 

While past attacks against major manufacturers and industrial facilities were espionage believed to be sponsored by nation states and based on ideology, many of the latest attacks are the work of cyber criminals motivated purely by profit. Of course, criminals don’t need to shut down a facility to extract payment. In many cases they exfiltrate sensitive information (trade secrets, proprietary data and intellectual property, financial details, private emails, account credentials) and then threaten to release it publicly if a ransom isn’t paid. In some cases, attackers have even weaponized regulations like GDPR, which impose fines when breaches compromise personal information. 

See also: Will COVID-19 Be Digital Tipping Point?

As operation and information technologies converge following an almost predictable path of profit-driven natural selection, the leaders of each group have yet to attain a similar level of integration. The operational groups lack the security expertise of their IT counterparts, and IT experts are often excluded from operational decisions, creating an inherent vulnerability that reaches to the top of the organization.

Cybersecurity is not an IT problem to solve; it’s a business risk to manage. Until manufacturers realize that OT and IT are not in competition with each other, they will remain easy prey for cybercriminals who recognize this philosophical flaw and are willing to exploit it.

Insurance companies have been slow to embrace digital transformation. They talk about the cost of integrating legacy and non-legacy technologies, and they worry about the disruption to business operations and the resulting loss of productivity. More importantly, they have been insulated from market pressures to transform because of regulations and capital resources that limit competition. With the sudden shift to remote-only interactions, insurers can no longer dictate the speed of their transformations. 

As insurers scramble to implement digital solutions, they must divide their focus and resources. They have to implement policies and technologies to support employees working remotely while delivering customer-facing solutions that do not require in-person contact.  

On top of these changes, the industry must make adjustments during uncertainty.  

On the plus side, insurers have a wealth of research and experience to draw from. Because they are behind the curve when it comes to digital transformation, insurers should leverage what other industries have learned to jump-start their transformations. 

The first thing that needs to change is the culture. 

Changing corporate culture requires reforming the fundamental beliefs and values of an organization. For some insurers, that means changing a mindset that goes back centuries. It is not a simple task. Companies have to reshape their culture to align with a digital world, where customer loyalty rests more on experience than on products. According to a Walker study, customer experience will become a brand's key differentiator by the end of 2020, overtaking price and product.

See also: A Way Forward on Flood Insurance?

Customers, whether consumers or corporations, want the "Amazon experience." They want a self-service portal, an omnichannel delivery and a personalized experience. And, customers are not shy about moving to a different provider if the experience does not meet their expectations. In the U.S., even when people love a company or product, 59% will walk away after several bad experiences, 17% after just one bad experience.

According to Microsoft, 90% of consumers expect a self-service portal on a company's website. Insurers need self-service portals for buyers to evaluate products and make comparisons. Portals should allow customers to file claims and track status. Searchable portals let customers find information that can help answer questions or provide guidance.  Companies implement self-service portals to address the long wait times for phone calls or the slow response times to emails.

On average, consumers use a minimum of three delivery channels when interacting with a company. They may use the company's website or mobile app. They check reviews on Facebook or Twitter. Talking to bots, having live chats with agents or conversing via phone with customer support are all part of the delivery channel. Insurers may not support all delivery channels, but they do need to move beyond phone and in-person conversations.

Customers expect consistent communication across all delivery channels. Information on a company website must match the details of a mobile app. Whether talking to bots or people, consumers expect accurate information that is not contradicted by another channel. People expect a seamless experience, no matter how it is delivered.

Seamless is what customers expect of an omnichannel delivery model. No matter the channel, customers expect the same experience. Whether it is product information or order status, the data should be the same on a mobile app as a website. No one wants to re-enter information or repeat a description of a problem when moving from one platform to another. All systems need access to the same information in real time for a seamless experience.

The desire for a seamless experience drives the expectation of a personalized one. Customers expect the companies they do business with to know who they are, what they prefer and what they might purchase. Consumers enjoy Amazon recommendations or on-target suggestions on other social media sites. They want to feel like they are more than a Baby Boomer or millennial market segment.

What does this mean for the insurance industry?

To meet customer expectations, insurers must communicate through self-service portals across multiple channels. No one willingly waits on hold for hours or sits patiently waiting for an online response. If insurers continue to rely on paper-based solutions, they will see their customers leave for more tech-savvy competitors. 

See also: Reigniting Growth in U.S. Life Insurance

Without a digital solution, companies cannot create a seamless experience. You cannot shuffle paper fast enough to meet expectations. More importantly, the change in culture must begin at the top. According to McKinsey, companies without executive participation are less likely to have a successful transformation. For an industry that's most comfortable with controlled risk, insurers need to embrace Mario Andretti's philosophy -- "If things seem under control, you're just not going fast enough."

While I've heard many too many empty promises of corporate synergies over the years, I've learned that one form of cross-selling really does work: "Do you want fries with that?"

So, I've been waiting (and hoping) for insurers to find ways to achieve similar sorts of easy, intuitive crossover sales.

There are already a few combo meal sorts of offerings that show promise -- e.g., Tesla bundling auto insurance with its cars, or Comcast selling insurance into homes that are tethered to it via coaxial cable -- but my ears really perked up last week when stories surfaced about Walmart forming an insurance agency.

It just makes sense. With 5,000 outlets in the U.S. alone and 265 million customers worldwide, Walmart has a target-rich environment for insurance sales. Many, in fact, are visiting Walmart to pick up pharmaceuticals or to buy other items related to their healthcare, so health insurance is on their minds. Walmart, given its relentless efficiency, could easily develop insurance products that undercut competitors' prices and would have the credibility with customers to sell boatloads of those products.

In fact, Walmart wouldn't even have to generate the sorts of profit margins that competitors do, because a tighter relationship with customers on their health needs would bring them into stores more often and let Walmart generate profits on groceries, home goods and all sorts of other products. (Regulators will surely weigh in on what constitutes fair competition.)

Walmart signaled that it will begin with a niche, Medicare Advantage, that plays to its price-sensitive demographic. In fact, through a $4 generic drug program, Walmart often provides pharmaceuticals to customers for less than their Medicare Advantage insurance would charge them, so Walmart has already made inroads.

In research I've done with Chunka Mui on major strategic mistakes, the kind of adjacency move that Walmart is making raises red flags, because retailing and health insurance have little in common. But Walmart has done all the right preparation, having spent more than 15 years testing the waters in health care and insurance -- hosting insurance agents onsite, setting up joint ventures with insurers, putting clinics in some stores, buying and deploying technology to help customers manage medications, experimenting with telemedicine and much more.

Walmart is also starting small with its agency, advertising for employees and building an internal capability, rather than spending a bunch of money on a splashy acquisition or two. (Sears made that mistake in the early 1980s when it bought Coldwell Banker and Dean Witter, only to be distracted by integration issues and take its eye off the ball in its core business, which it ceded to... Walmart.) So, I see no particular obstacles for Walmart.

In fact, health insurance is such a mess that many customers would love an outsider's approach, especially if the outsider is, like Walmart, known for being straightforward and inexpensive.

Given the battle to the death between Walmart and Amazon, it's reasonable to think that Amazon might now accelerate whatever plans it has for health insurance. It might behoove insurers to get ready, and even to go on the offensive, looking for partners outside the industry rather than waiting for them to define an opportunity in insurance.

Insurers won't be pushing fries and, alas, can't offer dollar meals or dollar anythings, but there are lots of healthy options that can be offered and sold easily if insurers get creative about how to bundle their products with partners'.

Stay safe.

Paul

P.S. Here are the six articles I'd like to highlight from the past week:

6 Life, Health Trends in the Pandemic

Life and health carriers are responding with new protection products and services.

Reigniting Growth in U.S. Life Insurance

Agile response to COVID-19 bodes well for returning the life insurance sector to long-term growth and wider financial protection in society.

COVID-19 Highlights Gaps, Opportunities

The pandemic and the response to it have highlighted significant gaps in industry offerings that are yet to be resolved.

Another Reason for Insurers to Embrace AI

AI alerts have played and continue to play a critical role in detecting and controlling future outbreaks like COVID-19.

Wildfire Season Off to Perilous Start

Fires can create their own weather: Smoke-infused thunderstorms produce lightning that starts new fires and can lead to fire tornadoes.

Lasting Impact of Plaid’s Innovation

The temptation to try to own all the value at every layer of a solution can be fatal, and is something Plaid brilliantly avoided.