Following Lemonade’s first anniversary, I’m thrilled to announce a new product that could change the way people use their insurance. We call it Zero Everything.

With Zero Everything, Lemonade customers will no longer need to pay deductibles and have their rate increased when filing claims. That’s right: No deductibles. No increase in pricing. Nothing.

If you ever had to file an insurance claim, you probably thought well and hard before doing so. You’re in good company. Many people experience anxiety before filing a claim, and in many cases just give up altogether. Filing claims should be a pleasant and reassuring experience. After all, claims are the reason why we all get insurance in the first place.

Reading some of the negative feedback that insurance companies receive highlights just how serious this phenomenon is. Ask agents, and they will tell you that customers are reluctant to file claims, mostly because of two reasons:

The claim is below the deductible. For example, your policy’s deductible is set to $500, and your $450 headphones just got snatched. Tough luck. You’re not going to get a dime out of your insurance. Because the deductible is an amount that’s deducted from the value of the claim, there’s no sense claiming anything below it. In fact, claims that are lower than the deductible will be immediately declined.

Fear of having rates increased. There’s a famous saying -- “past claims are the best predictor of future ones.” This leads insurers to increase the rates for customers who file claims. They see it as a measure to make up for future potential losses from these customers.

See also: Lemonade: World’s First Live Policy  

Zero Everything provides the perfect peace of mind - never worry about paying deductibles or increased policy prices again (as long as there's no abuse, of course).

.@lemonade_inc Zero Everything is the closest thing to having an UNDO button for real life! #GoLemonade

But there’s more. Regardless of the value of your claim, with Zero Everything, you’ll get the full amount needed to replace your items with new ones! Someone stole your $500 bike? We’ll pay you $500 to get a new one!

[caption id="attachment_27885" align="alignnone" width="570"] Zero Deductible, Zero Rate Hikes, Zero Worries — Here’s how it works[/caption]

How it works

When signing up for a new Lemonade policy, look for the Zero Everything section under the settings tab in our quote page. If you already have a renters policy with us, just use our app to edit your Live Policy, go to the settings tab and look for the Zero Everything box. Condo policyholders, Live Policy is coming soon, so just open the app and tap on Ask Us Anything, and we’ll sort you out.

Why zero deductibles do not exist in home insurance today

In the U.S., home insurance companies spend more than $10 billion each year on the bureaucracy of claim handling alone. All of the endless paperwork, faxes and phone calls you hate? Someone has to pay for them.

In fact, small claims often cost incumbents more to process than the size of the claim itself. So, they brand small claims "nuisance claims" and use the deductible as a deterrent, to discourage you from ever filing them.

It’s important to note that there are no bad intentions behind this mechanism; it’s just an unfortunate consequence of the way insurance works.

How AI changes everything

But that’s where AI Jim, our claims bot, changes the game. AI Jim loves small claims; they’re his favorite. He settles them on the spot, with zero hassle and at zero handling costs. That’s because there’s no such thing as a nuisance claim for AI Jim. In fact, on a slow day, AI Jim can review, approve and pay 1,000x more claims than an entire team at one of the traditional insurers.

This kind of fundamental change is made possible by the replacement of manual labor with AI and bots!

So, if deductibles and rate increases get you nervous, I suggest you head on over to one of our apps or website (lemonade.com) and get yourself a Zero Everything coverage in a few seconds.

See also: Lemonade’s Crazy Market Share  

Zero Everything is rolling out in California, Texas and Illinois, where it will first be available for renters and condo policyholders. Follow us for updates on coming availability in NY and NJ and support for homeowners policies.

With 2017 Insuretech Connect happening this week, below is one industry insider’s top 10 of the notable insurtech changes since the inaugural event this time last year: See also: Insurtechs: 10 Super Agents, Power Brokers  

1. Early-stage ventures are moving beyond the online/UI experience and are focused on the core industry economics -- i.e. driving down the 56 cents of every premium dollar that is indemnity (loss costs), the further 12 cents needed to assess, value and pay those losses, and the circa 26 to 30 cents required to develop, distribute, select and price product.
2. There is an increased presence of early-stage-focused VCs that have insurance chops, meaning that high-quality startups focused on more complex industry issues have smart capital for funding (there wasn't much of that last year at this time).
3. An extraordinary boom in insurtech investment capital means that too many businesses with little chance for success are getting funding. (How many new millennial-focused renters insurance ventures does the market actually need?)
4. Despite the overwhelming level of capital focused on the space, valuations are generally rational. Yet, there are far too many high-profile investments that seem to make little sense, both in terms of funding levels and valuations. (I can personally attest to being recruited for two roles running pre-revenue startups that received term sheets from investors with pre-money valuations between $30 million and $40 million...exciting for the founder, but irrational in the cold light of day.)
5. Insurance (viewed by some/many as old school and boring) is showing signs that it can lead in the commercializations of new technologies (IoT, blockchain, telematics, etc.). This can only be positive for attracting "A" talent to our industry.
6. Lemonade has demonstrated that all of us in the industry can learn something from them. The most recent example is the zero-deductible product (and a no-rate-change protection for as many as two claims), which received unprecedented attention. While this is not new and is already offered by some, the lesson in this case is that being a marketing machine may be worth something (or Dan Ariely, the behavioral economist working with Lemonade, should be hired by us all).
7. The intractable trend in new risk-taking capital (pensions fund, hedge funds, SWFs, etc.) is leading to "infrastructure light" risk takers -- we now have some smart insurance entrepreneurs jumping in with solutions that enable this structural change.
8. Well-established insurance vertical solution tech companies are now providing attractive exits for insurtech early-stage companies.
9. Emergence of insurance-specific hot technologies in areas such as chatbots, machine learning and advanced analytics, etc. seems to be leading (in terms of trial by the insurance industry incumbents) the more established, industry-agnostic solutions -- watch this space!
10. The industry is all in on insurtech! Witness the presence of public company CEOs' commentary on the topic, the abundance of CVCs, the number of corporate intra-ventures, etc. Also compare and contrast year-over-year presence at this conference.

As an industry, we love to focus on “best practices.” We examine the strategies and tactics of the most successful advisers and ask how we can replicate those in our own businesses.

• The upside? Best practices focus us on what’s working today.
• The downside? Best practices don’t focus us on how things might be changing in future.

It’s fair to say that our collective goal isn’t just to keep pace, but to stay ahead of the curve. And if that’s the case, don’t we need to focus squarely on the trends that will shape our future? Instead of thinking about best practices, don’t we need to: think outside the proverbial box, look at how other industries are innovating and ask how that might affect the future of our own industry? In fairness, we do a good job of this when it comes to things like technology, perhaps because we expect it to play a disruptive force. But what if other aspects of our business – like the way we engage with clients – is also being disrupted? Don’t we owe it to ourselves to consider the future and ask how it will impact the core of what we do? See also: Should You Recommend Castlight to Your Clients?   The Big Five To understand how client engagement is being disrupted we draw on our own on-going investor and advisor research. As (or more) importantly we look outside the industry at case studies of (and research into) innovation in client engagement. We’ve identified the five ways in which client engagement is changing and in ways that will impact you, your clients and your business in future. 1. Client satisfaction is no longer enough. I’ve shared research more than once that highlights the low bar you set if client satisfaction and loyalty are your only goals. The reality is that clients are both satisfied and loyal. Achieving either (or both) makes you just as good as everyone else. In the future, we’ll need to find new metrics to measure success. If that’s the case, how do we measure success? 2. Client engagement is the new client satisfaction. When we create a deeper and more enduring relationship with clients we create a meaningful bond. While great service can drive satisfaction, driving deeper engagement means playing a qualitatively different role in the lives of your clients. Engaged clients see their advisor as providing leadership in areas that extend beyond investments. In the future we’ll need to find ways to proactively demonstrate leadership in the lives of our best clients to add value. If that’s the case, how do we create true value? 3. Value will not be provided, but co-created. While we often focus on the traits of effective leaders, leadership is really a two-way street. In the past value was firm-centric – you decided what you were offering and hoped it sold. It has since morphed to become client-centric, with clients influencing what is offered. We believe that, in the future, the client experience will be actively co-created between advisor and client. In the future, your clients will play a bigger role in defining the experience. If that’s the case, how do we co-create value when the needs of clients differ? 4. Cater to the needs of everyone and you cater to the needs of no one. In order to fully connect with clients, we need to focus our attention on a more defined target. We cannot be all things to all people so your client experience will need to reflect the unique needs of your ideal clients. In the future, advisors will need to build a client experience around a more narrowly defined target or offer. If that’s the case, how can we operate efficiently? 5. ‘Predictable’ and ‘consistent’ are so last year. In an effort to deliver a great client experience the industry moved toward the notion that we need to standardize processes to provide a strong and repeatable offer. While it’s clear that we cannot re-invent the wheel for every client, personalization and connection are the watchwords for the future. Our challenge is to determine how we can create a personalized experience efficiently, drawing on what we know about what is important to our clients and using technology effectively. See also: The New Paradigm of Connected Insurance   If that’s the case, how do we take action? Well, that’s the question, isn’t it? We have some thoughts on that.  I’d like to invite you to join us on May 25th, if you haven’t already registered. We’re going to run a webinar that will put these five ‘imperatives’ in context and focus on what we can do to take action. Join the webinar In fact, helping you craft a plan for the future of client engagement is so important to us we’ve formalized a new suite of programs to help you take action. It’s called The Client Engagement Suite and you’ll hear more about it very soon. Thanks for stopping by, Julie

As we focus on Analytics & Data Science, I’ve been reminded of how a Competency Framework can help. Both work with clients, and my own experience in creating and leading analytics teams has taught me that such a tool can help in a number of ways. In this post I’ll explain what I mean by a competency framework and the different ways it can help analytics, data science or customer insight leaders. I wonder if you’ve used such a tool in the past? Across generalist roles and larger departments, the use of competencies has become the norm for many years, as HR professionals will attest. However, sometimes these definitions and descriptions feel to generic to be helpful to those leading more specialist of technical teams. But, before I get into overcoming that limitation, let me be clear on definitions. A dictionary definition of competency explains it as “the ability to do something successfully or efficiently”. In practice, in business, this usually means the identification of a combination of learnt skills (or sometimes aptitude) & knowledge that evidence that someone has that ability (normally to do elements of their job successfully). HR leaders have valued the ability for these to be separated from experience in a particular role, thus enabling transferable competencies to be identified (i.e. spotting an individual who could succeed at a quite different role). Defining a competency framework Building on this idea of competencies as building blocks, of the abilities needed to succeed in a role, comes the use of the term ‘competency framework’. The often useful, MindTools site, defines a competency framework as: “A competency framework defines the knowledge, skills, and attributes needed for people within an organisation. Each individual role will have its own set of competencies needed to perform the job effectively. To develop this framework, you need to have an in-depth understanding of the roles within your business.” Given many Analytics leaders have come ‘up through the ranks’ of analyst roles, or are still designing & growing their functions, most have such an in-depth understanding of the roles within their teams. Perhaps because HR departments are keen to benefit from the efficiencies of standardised competencies across a large business, there appears to have been less work done on defining bespoke competencies for analytics teams. See also: The Challenges of ‘Data Wrangling’   Having done just that, both as a leader within a FTSE 100 bank and for clients of Laughlin Consultancy, I want to share what a missed opportunity this is. A competency framework designed to capture the diversity of competencies needed within Analytics teams has several benefits as we will come onto later. It also helps clarify the complexity of such breadth, as we touched upon for Data Science teams in an earlier post. The contents of an Analytics competency framework Different leaders will create different flavours of competency framework, depending on their emphasis & how they articulate different needs. However, those I have compared share more in common than divides them. So, in this section, I will share elements of the competency framework developed by Laughlin Consultancy to help our clients. Hopefully that usefully translates to your situation. First, the structure of such a framework is normally a table. Often the columns represent different levels of maturity for each competency. For example, our columns include these levels of competency:

• None (no evidence of such a competency, or never tried)
• Basic (the level expected of a novice, e.g. graduate recruited to junior role)
• Developing (improving in this competency, making progress from basic ‘up the learning curve’)
• Advanced (reached a sufficient competency to be able to achieve all that is currently needed)
• Mastery (recognized as an expert in this competency, or ‘what good looks like’ & able to teach others)

Your maturity levels of ratings for each competency may differ, but most settle for a 5 point scale from none to expert. Second, the rows of such a table identify the different competencies needed for a particular role, team or business. For our purposes, I will focus on the competencies identified within an Analytics team. Here again, language may vary, but the competency framework we use at Laughlin Consultancy identifies the need for the following broad competencies:

• Data Manipulation (including competencies for coding skills, ETL, data quality management, metadata knowledge & data project)
• Analytics (including competencies for Exploratory Data Analysis, descriptive, behavioural, predictive analytics & other statistics)
• Consultancy (including competencies for Presentation, Data Visualization, Storytelling, Stakeholder Management, influence & action)
• Customer-Focus (including competencies for customer immersion, domain knowledge (past insights), engagement with needs)
• Risk-Focus (including competencies for data protection, industry regulation, GDPR, operational risk management)
• Commercial-Focus (including competencies for market insights, profit levers, financial performance, business strategy & SWOT)
• Applications (including competencies for strategy, CX, insight generation, proposition development, comms testing, marketing ROI)

Variations on those are needed for Data Science teams, Customer Insight teams & the different roles required by different organisational contexts. Additional technical (including research) skills competencies may need to be included. However, many are broadly similar and we find it helpful to draw upon a resource of common ‘holistic customer insight’ competencies to populate whichever framework is required. If all that sounds very subjective, it is. However, more rigour can be brought to the process by the tool you use to assess individuals or roles against that table of possible scores for each competency. We find it helpful to deploy two tools to help with this process. The first is a questionnaire that can be completed by individuals and other stakeholders (esp. their line manager). By answering each question, that spreadsheet generates a score against each competency (based on our experience across multiple teams). Another useful tool, especially for organizations new to this process, can be for an experience professional to conduct a combination of stakeholder interviews and review of current outputs. Laughlin Consultancy has conducted such consultancy work for a number of large organizations & it almost always reveals ‘blindspots’ as to apparent competencies or gaps that leaders may have missed. However you design your scoring method, your goal should be a competency framework table & consistent audible scoring process. So, finally, let us turn to why you would bother. What are some of the benefits of developing such a tool? Benefit 1: Assessing individual analysts’ performance All managers learnt that there is no perfect performance management system. Most are, as Marshall Goldsmith once described them, stuff you have to put up with. However, within the subjectivity & bureaucracy that can surround such a process, it can really help both an analyst & their line manager to have a consistent tool to use to assess & track their development. I have found a competency framework can help in two ways during ongoing management & development of analysts:

• Periodic (at least once a year) joint scoring of each analyst against the whole competency framework, followed by a discussion about different perspectives and where they want to improve. In this process remember also the greater benefit of playing to strengths rather than mainly focussing on weaknesses.
• Tracking of development progress and impact of L&D interventions. After agreeing on priorities to focus on for personal development (and maybe training courses), an agreed competency framework provides a way of both having clearer learning goals & tracking benefits (did competency improve afterwards).

Benefit 2: Designing roles and career paths Analytics & Data Science leaders are largely agreed that a mix of complementary roles are needed to achieve effective teams. However, it can be challenging to be clear, when communicating with your teams & sponsors, how these roles both differ & work together. Here again a consistent competency framework can help. Scoring each role against the competency maturities needed, can enable a manager to see how whole team scores or any gaps still left. It can also help in more objectively assessing candidates suitability for different roles within a team (e.g. are they stronger at competencies for ‘back office’ modeller or ‘front of house’ consultant type roles). See also: Insurtech: How to Keep Insurance Relevant   If that benefit provides more consistency when considering peer-level opportunities, this tool can also help guide promotion opportunities. It can help you define the different competency maturities needed, for example, by junior analyst verses analyst verses senior analyst verses analytics manager. Such clarity enables more transparent conversations between analysts & their managers (especially when one can compare & contrast an individuals competency score with those needed by different roles). Seeing how those competency profiles compare at different levels of seniority for different technical roles, can also enable a manager to see options for career development. That is, there are often options for junior members of the team (rather than a simple climb up the functional ‘greasy pole’). Examples might be: development of statistical skills to pursue a career path in the modelling roles; development of data manipulation skills to pursue a career path towards Data Engineer; development of questioning & presentation skills to aim for a business partner role, etc. Benefit 3: Identifying your team L&D priorities and where to invest Used together, all the elements mentioned above, can help an Analytics leader identify where the greatest development needs lie (both in terms of severity of gap & number of people impacted). Comparing the competency profiles for roles needed in team, with current capabilities of role holders, can identify common gaps. Sometimes it is worth investing in those most common gaps (for sufficient numbers, it’s still worth considering external training). Then you can also compare the potential career paths & potential for development that managers have identified from conversations. Are there competency gaps that are more important because they help move key individuals into being ready for new roles & thus expand the capability or maturity of overall team? Much of this will be subjective, because we are talking about human beings. But having a common language, through the competency framework tool, can help leaders better understand & compare what they need to consider. Do you use an Analytics Competency framework? If you are an Analytics or Data Science or Customer Insight leader, do you currently use a competency framework? Have you seen how it can help you better understand the capabilities of individuals, requirements of roles & how both best fit together in an effective team? Do you have the means to have meaningful career path conversations with your analysts? Being able to do so can be key to improving your analyst retention, satisfaction & engagement with your business. I’m sure there is a lot more wisdom on this topic from other leaders out there. So, please share what you have found helpful.

IT systems have never been more powerful or accessible to businesses. However, the scope and scale of cyber crimes continues to outpace tech innovation. For years, the challenge for internal IT and security teams has been to use existing company data to construct an integrated picture of oddities and unexpected actions on their network. Recent advancements in machine learning and behavior or anomaly-based analytics that leverage existing enterprise logs have provided security teams with much more accurate intelligence than ever before. See also: 3 Technology Trends Worth Watching   In the past, security expertise was embodied in signatures, representing particular and specific types of malware. In time, the experts couldn’t keep up, signatures were out of date or not installed quickly enough, and hackers began to take full advantage. An attack from an employee account is signature-less, making conventional security approaches that rely on blacklists ineffective. Security experts quickly realized that pattern patching alone wouldn’t work, so they added rules, such as the correlation rules found in security information and event management (SIEM). For example, if an HR employee has been terminated and begins accessing sales data for the first time, something is likely wrong, and an alert will immediately be sounded. Technology outpaces analysis As the number of endpoints (i.e. mobile devices) skyrocketed, so did the volume of data to be analyzed by firms, making it more difficult for security experts to rely on cut-and-dried rules. Existing—not to mention expensive—intelligence tools, typically some form of SIEM, were supposed to predict and detect these types of threats, but were unable to keep up. This left companies at an all-time vulnerable state for both insider threats and hackers. Experts predict a 4,300 percent increase in annual data production by 2020 and IDC anticipates that the “digital universe” of data will reach 180 zettabytes in 2025 (that’s 180 followed by 21 zeroes). Thankfully, open source big data systems have provided a way to collect, process and manage monstrous amounts of data. Open source big data technologies such as HDFS and Elasticsearch enable solutions that handle petabytes of security data with ease. This not only allows firms to store a wide range of data sources, but also reduces overhead cost of data storage altogether, which can reach millions of dollars annually for large organizations, due to the cost of vendor data management hardware and vendor per-byte pricing models. Consequently open source big data frees up the budget to invest in stronger analytics. Algorithms crunch data Another major advancement that has fortified cybersecurity tools is machine learning. The method of analysis flips the expert approach on its head; instead of requiring expert rule-writers to guess at attacks that might come, machine learning algorithms analyze trends, create behavior baselines—on a per user basis—and can detect new types of attacks very quickly using baselines and statistical models. These systems are more flexible and effective than any pure expert-driven predecessors. See also: Innovation: ‘Where Do We Start?’   Technology options available to enterprises are at an all-time high, and so are the number of cyber crimes that are committed. Fortunately, as technology has advanced, so has the ability to seek out cyber criminals that may have been virtually invisible in the past. User and entity behavior analytics and machine learning technology continue to provide chief information security officers with the accurate insights they need to thwart attacks before severe damage is done. This article originally appeared on ThirdCertainty. It was written by Nir Polak.

In 2015, an accountant looking at the balance sheets of a U.S. tech company noticed a $39 million hole in the figures. The accountant would have been even more dismayed to know where it had gone – a member of the financial team in an overseas subsidiary had transferred it directly to the thief. All the thief had to do was pretend to be a CEO. It’s a kind of attack known as a CEO email attack, and just one of a broad range of hostile tactics known as social engineering attacks. These are attacks that exploit the natural weaknesses of human beings – our credulity, our naiveté, our propensity to help strangers and, sometimes, in the case of phishing attacks, just our greed – to get around security systems. To put it in the language of 21st century cyber security: Social engineering operates on the idea that, just like any computer system, human beings can be hacked. In fact, a lot of the time they’re much easier to hack than computers. Understanding this fact, and the forms that social engineering can take, is essential to formulating a robust defense strategy. These strategies are even more important now, as the lines between the physical and digital worlds continue to blur and the assets at risk continue to multiply, thanks to the proliferation of connected technologies. In Depth From the serpent in the Garden of Eden, to the fake phishing emails that promise fortunes if only you’d just part with your bank details and Social Security number, social engineers have been with us for a while. But few epitomize their arcane arts quite like Frank Abagnale, whose exploits between the ages of 15 and 21 were immortalized in the Steven Spielberg film Catch Me If You Can. During those years, Abagnale posed as a doctor, a lawyer and an airline pilot and has become one of recent history’s most legendary social engineers. He now runs a consultancy, Abagnale and Associates, that aims to educate others – including government agencies such as the FBI, and numerous businesses – on how to catch people like him, as social engineering methods shift. Abagnale asserts: “Some people used to say that I’m the father of social engineering. That’s because, when I was 16 years old, I found out everything I needed to know – I knew who to call, and I knew the right questions to ask – but I only had the use of a phone. People are doing the same things today 50 years later, only they’re using the phone, they’re using the mail system, they’re using the internet, email, cloud. There’s all this other stuff, but they’re still just doing social engineering.” We live in an overwhelmingly digital world, and the projected 50 billion Internet of Things (IoT) devices due to be hooked up to the internet by 2020 means the already broad frontier of digital risk will only continue to grow. “I taught at the FBI for decades. There is no technology today that cannot be defeated by social engineering,,"Abagnale says. Making sure the human links that sit between this expanding set of digital nodes remain secure lies at the heart of securing the whole system; one increasingly tied up with physical as well as digital assets. New Risks In 2010, the Stuxnet worm, a virus believed to have been developed jointly by the U.S. and Israeli military, managed to cause substantial damage to centrifuge generators being used by the Iranian nuclear program. The virus was designed to attack the computer systems that controlled the speed that components operated in industrial machinery. By alternately speeding up and slowly down the centrifuges, the virus generated vibrations that caused irreparable mechanical damage. It was a new breed of digital weapon: one designed to not only attack digital systems, but physical systems as well. It was physical in another way. To target this system, the virus had to be physically introduced via an infected USB flash drive. Getting that flash drive into a port, or into the hands of someone who could, required human beings to intervene. In this case, anonymous USB devices were left unattended around a facility and were then accidentally inserted by unwitting technicians. See also: It’s Time for the Cyber 101 Discussion   The Stuxnet worm highlights the extreme end of the dangers that lie at the overlap between digital technology, physical assets and human beings, but the risks extend well beyond that. More prosaic, for instance, are email scams that work by tricking the receiver into sharing vital information – remember the notorious “Nigerian prince” emails, where a fraudster would promise a willing helper untold riches in return for money to be released from jail? Some of these scammers have elaborate networks that crossed countries and continents and can be worth more than $60 million. Move the concept into the organization now: Imagine receiving an email from someone purporting to be your boss, asking in an official and insistent tone for a crucial keyword or a transfer of funds. Could a typical employee be relied on to deny that request? What about a phone call? This was hacker Kevin Mitnick’s strategy. In a way, a Frank Abagnale of the digital age, Mitnick managed to make a range of high-profile attacks on key digital assets by just phoning up and asking for passwords. IoT: The Convergence of the Physical and Cyber Worlds “Humans are the weakest link in any security program,” says Dennis Distler, director, cyber resilience, Stroz Friedberg, an Aon company. In fact, it’s us, rather than computer systems’ weaknesses or failures, that lie at the heart of around 90% of cyber breaches. Social engineering attacks can come in various forms, and the risk from them will never be fully mitigated. But while full mitigation is impossible, you can limit your exposure – that strategy begins at the individual level. Humans are the targets, so the first line of defense has to be from humans. “You certainly remind people that you have to be smarter, whether you’re a consumer or CEO. You have to think a little smarter, be proactive, not reactive,” Abagnale says. While social engineering has a focus on financial loss, the focus of cyber risk is shifting to tangible loss with the potential for property damage or bodily injury arising out of IoT devices. Historically, cyber risk has been associated with breaches of private information, such as credit cards, healthcare and personally identifiable information (PII). More and more, however, the IoT – the web of connected devices and individuals – will pose an increased risk to physical property as breaches in network security begin to affect the physical world. Having a better understanding of vulnerabilities and entry points – both at the individual as well as device level – will be critical for organizations in 2017 and beyond. Organizational Mitigation While security awareness training and, to a lesser extent, technology can prevent successful attacks – whether IoT-related, human error or stemming from actual social engineering – the risk from them will never be fully mitigated. Organizations can take a number of steps to protect themselves. Distler of Stroz Friedberg, highlights a number of key steps a company can take to minimize exposure to social engineering risk:

• Identify what and where your organization’s crown jewels are. A better understanding of your most valuable and vulnerable assets is an essential first step in their protection.
• Create a threat model to understand the types of attacks your organization will face and the likelihood of them being exploited. From email phishing to physical breaches, the threat model can help teams prioritize and prepare how to best respond.
• Create organization-specific security awareness training addressing what types of attacks individual employees could expect, how to detect them and what the protocols for managing and reporting them are. Consider instituting a rewards program for reporting suspected attacks to further encourage vigilance.
• Provide longer and more detailed training for high-valued or vulnerable targets, such as members of the C-suite and their executive support staff, or members of IT, finance, HR or any other employee with access to particularly sensitive information. This training could vary from account managers to mechanical engineers working on major operational projects. These enhanced training procedures could include red-teaming exercises, which test the ability of selected staff to respond to these breaches in real time.
• Create well-defined procedures for handling sensitive information and provide routine training on these procedures for employees who handle sensitive information.
• Conduct routine tests (recommended quarterly at a minimum) for the most likely social engineering attacks.

Preparing for Tomorrow’s Breaches The term “cyber threat” is becoming more and more complex. No longer is it a threat posed to digital assets by viruses and malware or a financial threat posed to individuals and financial institutions. Now, cyber risk encompasses a broad range of risks with the potential to harm assets, from property to brand and reputation. And at the center of all of these interactions are people. Almost every breach begins with a human being. By understanding how such threats can manifest, and how to deal with them when they do, risks can be mitigated ahead of time. Bringing together various functional groups within an organization will be crucial as teams prepare for the more multifaceted risks of our increasingly connected future.

Houston and Harvey. Florida and Irma. The West and the Wildfires. Hail in the Midwest. Floods in the South. Will 2017 set a new record for catastrophe claims? According to the Insurance Information Institute (III), 2013/14/15 and the first 9 months of 2016 were welcome respites from insured disaster losses, totaling between $13 billion and $18 billion. This is far lower than several other periods in recent history. These would include Sept. 11 in 2001 ($39.5 billion), Hurricane Katrina in 2005 ($77 billion) and 2011/2012, which were among the costliest years in U.S. history with $35 billion to $37 billion in losses. The Insurance Information Institute points out that the long-term trend is for more, not fewer, costly events. Preliminary estimates by AIR Worldwide have placed the low end of 2017 damages at over $115 billion accounting only for damage from Hurricanes Harvey and Irma. When catastrophes hit, they hit insurers hard. They decimate the lives and livelihoods of individuals and families, but they can also wreak havoc on the systems and reputations of those who will be trying to assist in the restoration and rebuilding. Insurance executives are undoubtedly wondering if they are prepared enough, what they can do differently and what they can improve before the next natural disaster strikes. Customer service and marketing are worried about retention rates, service ratings and net promoter scores.  Operations is concerned about scalability during claims events. Finance is (understandably) concerned over losses. In my next three blogs, we will take a close look at holistic claims preparedness. How can we use catastrophe preparations to improve our customer value, save customers from additional loss and lessen claim impact on both the insured and the insurer? Claims Pays Back What is important to remember is that from a satisfaction standpoint, one claim or a tremendous number of catastrophic claims both have the potential to positively or negatively impact satisfaction, retention and recommendation. According to a 2016 J.D. Power post-claim survey of auto insurance customers, 84% of delighted claimants will definitely renew their policy and 83% will definitely recommend their insurer. Among displeased claimants, 12% will definitely renew and 7% will recommend their current insurer. What does this tell us? It suggests that any effort aimed at improving the claims experience through catastrophic preparedness isn’t effort wasted if the catastrophes never come. These efforts will bear fruit in loyalty and recommendation — the positive results of a thoughtful, “rethought” claims value chain. See also: Harvey: First Big Test for Insurtech  Adopting a Holistic View of Claims What does a catastrophe-prepared insurer look like? How can we use our new knowledge of catastrophic events and our years with fewer claims to ready ourselves for those times when we will be inundated? What can we do to give customers a superior claims experience from pre-claim through restoration — anytime — even outside of catastrophic events?  What new technologies can change and enhance the process? Some years ago, customer-focused business practices came into vogue and most insurers started paying attention to every area of the organization and its relationship to the customer. What many didn’t realize was that this shift was never-ending, because shifting demographics and customer expectations would continually be in flux. Very few insurers realized quickly that claims is perhaps the most vital front-line touch point because of its overall power to drive loyalty. This caused their definition of the scope of the claims process to remain limited. (“People make a claim. We assess the damage and pay the claim. We use technology to quickly assess and pay.”) In reality, claims has become a hotbed for opportunity, where a holistic vision of a technologically-advanced process can truly revolutionize everything from damage impact to efficient and effective replacement and restoration. In its depth and breadth, claims is no longer claims at all, but it encompasses everything that flows from prevention to protection to assessment and restoration. Where Technology Intersects with Catastrophe The process opportunities lie in the places where technology can be employed to achieve cost-savings and improve satisfaction. Just considering the possibilities can be overwhelming. Here is a tiny sample of places where technology can be employed to rethink the claims process.

• Global Information System (GIS) data to identify and predict impacted customers.
• Rules-based alert libraries, cross-referenced to policyholder property and contact data
• Drone views of property pre- and post-catastrophic events.
• Redundant and cloud-based operations and communications for reduced business impact
• Artificial Intelligence to predict likely post-catastrophe fraud scenarios.
• Adjuster mobilization, prioritizing and routing.
• Multi-touch communication plan and CRM that weaves human contact and digital contact into a cohesive approach (No claimant left untouched.)
• VR educational simulations to walk claimants through a process they may have never encountered.
• And there are so many more…

The simple exercise of walking through the claims process with an eye toward streamlining and improving service will yield a long-list of fantastic opportunities for claims innovation. Though every insurer will prioritize differently, we’ll highlight some of the most impactful areas, beginning with communications. Where the Digital Thread Begins You have just received a text from your insurer via a chatbot. “Hail is coming to your area. Place your car into the garage.” The insurer is in touch with current weather, knows your address, knows you have a garage and perhaps even knows where your car is currently parked. That would be a “digital win” and the beginnings of a digital thread that could run through many applications in insurance operations. If we can’t keep catastrophes from happening, we can keep our insureds aware of their potential. We can warn, suggest preparations, suggest evacuation, prepare and send an initial first notice of loss (just in case) and mentally prepare people for what is coming and what is next. This is just the beginning of the digital thread that will impact claims service. There are dozens of these digital threads and we’ll be discussing many of them throughout the course of this series. See also: Hurricane Harvey: A Moment of Truth   We should acknowledge at the outset, however, that no insurer can employ and “conquer” every digital opportunity at once, and every insurer will have a unique perspective on how these technologies should be acquired or employed. In some instances, technologies will be rented (e.g. drones), borrowed (AI) or tested (cloud) before diving into full use. In other cases, digital capabilities will be fully-integrated into operations at the outset. In all cases technology will add a valuable layer to protection and service. In our next blog in this series, we’ll be looking at these layers through the lens of Operations. How will our tech decisions move us toward the optimal claims value chain? How do we need to rethink the holistic process – possibly extending beyond where we have traditionally been?  Can these external disruptions positively impact our internal use of disruptive technologies? How will our internal catastrophe preparations not only create an innovative claims process, but also create a consistent claims experience that will foster loyalty and lift us above the competition? I hope you’ll join me in this relevant and rewarding conversation.

The way mediations start is important. A bad start can result in a lot of wasted time getting to the place you should have been at the beginning. The First Move The best way to start is to start. Don’t be afraid to make the first offer to settle. Setting a settlement floor or ceiling tells your negotiating opponent where you are. Silence can falsely communicate that you are in the same ballpark. Even if your offers did not get a response before, making a new offer now re-defines the settlement ballpark. An offer made “in light of new information” (even if that is simply a reconsideration) is not bidding against yourself. See also: ‘Twas the Night Before Mediation   Start Very Big or Very Small Think about how your negotiating opponent will react to your opening. Your initial offer should not be so ridiculous that your opponent will walk out. On the other hand, research tells us that an extreme number can lead to a final result closer to the speaker’s expectation than does a more moderate opener. Pick the Tiny Issue Seldom does a workers' comp settlement turn on only one issue.  Plan to start with the issue where the parties have the smallest evaluation difference and continue on as the challenge size increases. You may have to skip and come back to the thorniest issues regardless of size. Isolating issues and knocking them down one by one is an effective way to reach agreement.

Traditionally, insurers have siloed lines of business. But that presents a challenge for carriers working to meet the unified, user-friendly expectations of today’s consumers. A functional online portal has increasingly become a baseline expectation of carriers across all lines of business. Planning, design and governance are just as important as development for insurers launching customer portals; building out a successful customer portal means taking the following nine elements into account. Develop from the customer’s perspective. Carriers should consider how the products they offer in specific markets can be brought together in a way that is both logical and consistent with customer expectations. When it comes to defining the term “customer,” it makes sense to look at the individual or entity responsible for paying the premiums and then building from there. Other industries, such as retail and banking, have established effective user interfaces, and carriers should take advantage of the professional support conducted and experience gained in these other industries. Portals should be clean and efficient, expose information rationally, and provide clear direction on how to accomplish key tasks. Make omni-channel an inherent part of the design. Carriers should recognize that customer expectations and preferences for communication channels can vary widely. While websites, mobile apps, IVRs, and call centers are all viable, customers may want to utilize different channels, depending on their needs. Consumers should be able to easily change channels while retaining access to consistent, accurate information. Insurers should consider mobile capabilities from the outset so portals address changing consumer expectations and so that responsive design capabilities can be leveraged. See also: Happy Producers, Happy Customers  Design for maximum leverage across the distribution chain. The architecture of comprehensive portal solutions can be leveraged across the insurance value chain to include multiple distribution partners and business models. Reusability should be the primary focus, with a broad set of functionalities that can then be tailored to specific situations, with underlying functionality to support other touchpoints. A sound approach is through user-driven integration, which enacts product integration automatically when possible but allows customers to enable the process manually for products that fail to do so naturally based on business rules. Create a functional road map. Insurers can create a road map for the future by building a list of the various transactions, both financial and non-financial, that a customer portal should support. This composite list allows for an assessment of the relative complexity of these transactions and the business rules that surround them while providing a visual representation of commonalities and differences between participating organizations. In addition to creating a framework for work prioritization at the beginning of portal efforts, road maps can provide a foundation for regular touchpoints and discussions about priorities moving forward. Build a healthy “household.” A logical construct that allows multiple products to be integrated into a unified whole is a foundational component of any effective portal implementation strategy. In order to create this unifying structure, carriers should reconsider how they think about customer relationships. A common best practice is to look at the relationship from the standpoint of the person being insured, regardless of risk, to create a “customer information file” and a form of a “household.” Carriers should create this person-centric view of information, then integrate that information into any further relationships through an appropriate online tool set—which should be part of the portal. Test often and leverage feedback. Insurers should proactively leverage testing and feedback in the deployment process. By paying attention to users, insurers can follow through on their efforts to design from the customer’s point of view. Incorporation of insights should be done in an iterative manner, should engage sales partners who may already have a perspective on customer needs with respect to self-service capabilities, and should potentially utilize “secret shopper” studies. All of these capabilities maximize the potential for tools to be built from a client perspective, rather than an internal one. Implement a cross-function governance structure. Insurance carriers need to face the reality that creating a unified, enterprise-wide set of outward-facing portal capabilities may cause friction between business units. Typical best practices call for a centralized managerial structure to work with all areas, navigate political and organizational challenges, facilitate priority negotiation, and collaborate with a range of different IT organizations. As with any other tactical innovation initiative, the implementation of digital portal capabilities has the best chance of success through executive sponsorship. Build partnerships for implementation. It is important to consider both internal and external partnerships when approaching a portal implementation. Key partnerships include a managerial structure that crosses organizational boundaries along with third parties or suppliers, such as marketing agencies and consulting firms, focused on communications. A customer-view approach to portal design should be paired with an externally minded approach to implementation and deployment. Involving stakeholders to create a test market can support rapid “test-and-learn” capabilities and allow these stakeholders to become advocates for new capabilities, thus accelerating adoption across the organization as a whole. Plan for the long term. With portals at the heart of a company’s digital strategy, which is increasingly becoming its business strategy, it is critical to have both initial capability deployment and the ability to evolve over time. Product portfolios, distribution strategies, distribution partners, and end-point devices are all subject to change. Carriers need to build their architectures and road maps to support evolving standards. Additionally, building analytical capabilities into platforms is key to provide carriers with the insights needed to precisely target messages to their customers. See also: How to Captivate Customers (Part 2)   Customer portal efforts are continuing. The creation of a strong, customer-facing portal is an effort that defies the term “done.” CIOs implementing a customer portal should recognize that these initiatives will require continued funding, even after they are in production. Carriers will need to pay attention to the constantly changing trends and channels to meet evolving customer expectations.

With the insurtech world descending on Las Vegas next week for the InsureTech Connect event, we will, of course, have a big presence there, and we hope to see you. It's possible to do a lot via email, phone, Skype, etc. these days, but nothing beats face-to-face.

Look for us by the entrance, near the registration desk, where we'll be doing video interviews with luminaries. Our Paul Winston is about nine feet tall, so he's easy to spot. 

You can also find us at the Culture of Innovation panel on Oct. 4, moderated by Chief Innovation Officer Guy Fraker, and coordinating insurtech meetings with insurance regulators as part of the pre-conference agenda on Oct. 2.

We'll be available to do demos of our Innovator's Edge platform, which tracks more than 72,000 insurtechs and other companies that might be of interest for the insurance innovation ecosystem (pioneeers in AI, blockchain, medtech, etc.) and provides tools that can match insurance providers quickly and easily with the most appropriate innovators. Either look for us at our video site or email Chief Technology Officer Joe Estes at joe@insurancethoughtleadership.com to arrange a tour of Innovator's Edge during the conference.  

Next week, we'll send you a guide to insurtechs to check out, based on the Six Innovators to Watch notes we've been generating monthly. If you want to get a head start, the full notes are here: August, July, June, May, April and March. 

In the meantime, please check out these six articles from the past week and visit our website to explore the more than 3,100 articles from our more than 950 industry-luminary authors. As always, please pass this along to any colleagues who might benefit from it. 

Cheers,

Paul Carroll,
Editor-in-Chief