In my role as a sales and business development consultant, I come in contact with sales professionals and business executives across numerous industries. I understand the trends involved with the integration of physical security, IT infrastructure and cyber solutions. The emergence of the Internet of Things (IoT), perhaps more appropriately described as the “Integration of Things,” has created more visibility to the convergence model generally and cyber threats specifically. That said, I see a fundamental problem with sales organizations, outside of the cyber industry, with initiating a cyber discussion. This is the first step in aligning cyber threats in the context of overall business risk, and for providing the managed services and secure products that the industry increasingly requires. This Cyber 101 discussion is more of an informal conversation than a deep technical discussion. Cybersecurity is a confusing topic to many people and is at times assumed to be overly complex. In reality, it is a crime and espionage discussion with a rich history and interesting as a business case study. Put into this context, it is actually a compelling narrative and promotes a lively conversation that inevitably turns to the topic of operational risk and specific business issues. See also: Best Practices for Cyber Threats   The first step is to know your cyber history. This does not have to entail a debate as to when and how hacking evolved. I believe an appropriate starting point would be the first Gulf War. Perhaps the 1990s are ancient history for some, but most senior executives can identify. The important fact was the ease with which the U.S. military demonstrated technical dominance over the Iraqi army. Nightly newscasts of American generals proudly showing video clips of guided missiles accurately striking buildings and vehicles was enough to send chills down the spines of our nation-state adversaries, and jump start their offensive cyber commands. “I believe the Chinese concluded from the Desert Storm experience that their counter approach had to be to challenge America’s control of the battle space by building capabilities to knock out our satellites and invading our cyber networks. In the name of the defense of China in this new world, the Chinese feel they have to remove that advantage of the U.S. in the event of a war.” –Adm. Mike McConnell (ret.), former Director NSA, and Director National Intelligence Not to be left out, the Russian military also accelerated its cyber capabilities (post-Gulf War I), as well. In fact, many “retired” military cyber warriors established the early Russian cyber criminal syndicates and promoted global cybercrime as a business model. As a result, cybercrime evolved, and Cyber Crime as a Service eventually exploded.  It is a well-known operational fact that you only exist as a significant Russian cybercriminal if you abide by three hard and fast rules:

1. You are not allowed to hack anything within the country;
2. If you find anything of interest to the government, you share it;
3. When called upon for “patriotic cyber activities,” you serve.

In exchange, you are “untouchable” and immune from prosecution. Tom Kellermann, CEO of Strategic Cyber Ventures, is a cyber intelligence expert, author, professor and leader in the field of cybersecurity serving as a global fellow for the Wilson Center. He is the previous chief cybersecurity officer for Trend Micro and vice president for security at Core Security. Kellermann has told me there are approximately 200 “cyber ninjas” globally: truly elite hackers. This select group of black hat ninjas realized they could produce “malware for dummies,” (or criminals with average skill sets), along with online “how to hack” support services, in return for a cut of the profits. This business model returned more personal revenue at scale, compared with individual hacking activities, with much less risk. These operations created the original “Malware as a Service” business models, and, as a result, cybercrime has since exploded. (By the way, the model provides a recurring monthly revenue stream.) According to the Serious Organized Crime Agency (SOCA), global cybercrime has surpassed narcotics trafficking in illicit revenues, and in the U.K., more than 50% of all crime is now cyber-related. Kellerman added that cybercrime has moved from traditional burglary to digital home invasion: “The economic security of the West is in jeopardy.  Civilizing cyberspace must become a national priority.” Research firm Cybersecurity Ventures (not to be confused with Strategic Cyber Ventures) produced a report that predicts that cybercrime worldwide will grow from $3 trillion in 2016 to more than $6 trillion annually by 2021! As a comparison, the entire gross domestic product (GDP) for the U.S. was $14 trillion in 2016. Cybercrime today is professional, organized, sophisticated and most importantly “relentless.” These are not personal attacks. If you have any digital footprint, you are a target, period. The entire internet can be scanned for open ports within a few days, and IP cameras being activated on the internet are normally pinged within 90 seconds. You can’t hide very long. When it comes to security, the adage that “offense informs defense” is appropriate when protecting your specific business operation. A former client of mine, John Watters, CEO of iSIGHT PARTNERS (now FireEye), used an example: “A burglar and an assassin can use the same tools and tradecraft to gain entry to a location, but the intent, once inside, is very different. One wants your property; the other wants to kill your family. Prepare yourself accordingly.” Another challenge is that the risk of cyber attack is growing. This is a dual-edged sword in many regards. IoT and the Industrial Internet of Things (IIoT) open a much wider attack surface of many more devices. However, the operational efficiencies and human productivity advances cannot be denied and will move forward. This situation creates a new reality; essentially, cyber threats are morphing from a virtual threat into a physical danger. Matt Rosenquist, cyber security strategist, Intel Security Group, explained in his 2017 ISC West Keynote address that the same controls that provide auto assist to parallel park your vehicle can be hacked to force a car (or hundreds of cars) to accelerate to high speeds and turn abruptly, causing fatal accidents. Imagine for a moment what that hack does to that specific automobile manufacturer's reputation? Would the corporation even hope to survive? Planes, trains and automobiles are just the beginning. Intelligent buildings, campuses, hospitals, retail outlets, branch offices and mobile emergency services, etc., all need to be secured. Security, followed closely by privacy protections, will be at the top of all buying requirements to win business. The bottom line is that cybersecurity, like terrorism or tornados, is about risk management. This is a discussion that owners, managements and boards of directors know well. It is the responsibility of the sales professional to educate prospects and customer organizations to the sophisticated level of cyber risk that exists today and into the future. This is why understanding and explaining the evolving cybercrime business model is so important as an initial discussion. See also: How to Anticipate Cyber Surprises   In 2017, I have had the “Cyber 101 Discussion” with sales leadership and executives from many companies and industries:

1. The regional insurance firm in Texas (1,000 employees) that recognizes a huge and expanding cyber insurance market opportunity generating more than $3.5 billion in 2016, and growing at 70% annually! Yet the sales organization does not know the first thing about starting the cyber dialogue with potential clients. ‘‘We know insurance, not cybersecurity.”
2. The global video camera distributor that needs assistance in aligning marketing and sales messaging to answer customer concerns about cybersecurity. The industry needs a response to the Mirai botnet attacks that virtually guarantee that the internet will be flooded by hacks of new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.
3. The physical security integrator that recognizes the need to provide secure solutions and endpoints for enterprise customers, but needs to provide internal cyber education while recruiting strategic partners offering cyber solutions and support resources.
4. The domestic security monitoring company that now offers cyber managed solutions to the SMB market but struggles with positioning a compelling ROI and explains that customers cannot “quantify” the cyber risk to their business? (Hint: That’s the job of your sales organization; your customers need cyber education.)

It begins with a cyber sales comfort level within your own organization. Cyber education allows you to pass knowledge on to others as a trusted adviser. Get the Cyber 101 discussion started as a first step. Additional education and specific solutions can always be provided to secure passwords, mobile devices, access control, VMS, encryption and backups, etc. It’s a long list, but security managed services are providing recurring revenues and need to be positioned correctly. Whether providing cyber insurance, hardening physical security equipment or selling secure managed services, the Cyber 101 discussion starts with understanding cyber history and the evolution of adversary intent. Today’s cyber threat is a component in the new definition of digital business risk. Not always overly technically complicated, but essential to be countered and monitored constantly.

Hi, everyone! Have you ever sat down to work on a business pitch... or your resume... or an important speech you've been ask to give... and then realized it would be much less stressful to check the sports scores... or play solitaire... or check Facebook?  If so, join the crowd. Surveys find that 80% of college students are procrastinators, and 20% of the adult population, as well (although, of course, many of them may have just never been motivated to actually complete the surveys). But there is hope for those of us who, like Herman Melville, when writing "Moby Dick," need to be chained to our desks to complete a piece of work!   Here are my five quick tips to overcome procrastination: Tip 1: Start your day with the hardest task - that is, if you're up for it. This is the old Mark Twain advice to eat a live frog first thing in the morning, and nothing worse will happen to you the rest of the day. In other words: Do the most challenging and difficult to-do item on your list before anything else, and you will have checked it off. Good advice, but only if you're actually up for it. Some of us might not be at our best selves first thing in the morning -- and in fact, might be better off eating our frogs in the afternoon -- when we're at our peak performance level -- or at night. So, the advice here is to realize when you're going to be at your best self -- and, at that point, eat your frog. See also: To Predict the Future, Try Creating It   Tip 2: Do quick to-dos super quickly. I remember getting advice early in my career to keep all sorts of email folders to manage inflow into my inbox -- folders telling me to respond tomorrow... or respond on Friday... or respond early next week. And at the time, I remember how overwhelming and inefficient this all sounded. My best practice now is to make a super quick assessment of an incoming message, think about if I can realistically respond immediately and then just do it. I can report that, with this strategy, I have only 12 total messages in my inbox as I write. Tip 3: Make your intentions public (and be accountable to someone). If overcoming procrastination is outside your comfort zone, make a pledge to take the leap and, ideally, have that pledge be public. You don't necessarily have to announce it to the world. But find someone supportive you can be accountable to and tell the person. It might be a close friend, or a colleague, or a group you belong to. The more you're accountable, the more likely you'll be to follow through. Tip 4: Reward yourself for small wins. Those of us who are perfectionists and high achievers might not necessarily feel it's "worth" celebrating that we started to respond to a few more emails... or that we were able to accomplish our most difficult task first thing in the morning. But in actuality these are achievements worth noting and celebrating. It's not easy to take the plunge. So, celebrate your small win and move on to the next one. Tip 5: Remember that not all procrastination is bad. Sometimes procrastination can actually serve a useful purpose. It can allow you to consider different ideas, think in original ways and then come back to your original task at hand with fresh insight. But there's an important caveat here: You actually have to return to the task at hand! That can be tough for chronic procrastinators. In the end, procrastination can be challenging to overcome; but, with a plan in place and the courage to take it forward, you can make great strides in your time management and productivity. See also: How to Move to the Post-Digital Age?   Are you a chronic procrastinator? What are your go-to strategies? Until next time.

If you’re like most people, calling an insurance company isn’t among your favorite activities. That’s because the insurance industry is one of the least innovative areas for customer experience. Customers typically come away from their interactions dissatisfied. However, things are definitely changing, and artificial intelligence is playing a large role. The fast-growing technology has the potential to disrupt the entire industry and greatly improve the insurance customer experience. Artificial Intelligence in the Claims Process The insurance agency is notorious for its outdated processes. Filing a claim often looks the same today as it did decades ago because the industry isn’t consistently leveraging new technologies that are available. If an employee is busy or on vacation, a claims request could sit still until the right person is back. The outdated processes make it harder for agents by increasing the workload and forcing them to work with antiquated systems and frustrated customers. However, AI can be applied to improve the claims process. Claims currently are touched by multiple employees. However, a new process of “touchless” claims doesn’t require any human intervention. This process uses artificial intelligence and other technology to report the claim, capture damage, audit the system and communicate with the customer. The potential here is huge, as the process could allow clients the chance to file claims without having to wade through red tape. See also: Strategist’s Guide to Artificial Intelligence   Companies that have already automated some aspects of their claims process have seen a significant reduction in processing times and quality. AI-powered claims could also fight against one of the most costly elements of the insurance industry: fraudulent claims, which cost the industry more than $40 billion a year. Instead of relying on humans to manually comb through reports to catch inaccurate claims, AI algorithms can identify patterns in the data and recognize when something is fraudulent. Future of AI and Insurance The industry is definitely ripe for AI disruption. Customers expect to be able to interact with companies through modern technology; a recent survey found that 74% of consumers say they would be happy to get computer-generated insurance advice. Many insurance companies are already using artificial intelligence to some degree, and the number of companies following in their footsteps is sure to increase dramatically over the coming years. Artificial Intelligence has never been less expensive or more accessible, which means most companies don’t have a reason not to adopt it in at least some form. Chatbots Chatbots work through messaging apps that many customers already have on their phones, which makes them a natural next step in customer interaction. To truly be effective, chatbots must have natural language processing and sentiment analysis so they can understand what customers are really asking. Effective chatbots can process concerns that are either typed or spoken from customers and provide personalized service. In the insurance space, chatbots can be used to answer basic questions and resolve claims, as well as sell products, address leads or make sure customers are properly covered by their insurance. Marketing and Underwriting Insurance is a competitive market, so a strong marketing strategy is vital. Traditionally, insurance companies used blanket methods like cold calling customers, but today’s customers expect personalized sales tactics. AI can pull in customer data to create a full profile that can be used to offer only relevant insurance products and remember a customer’s preferences. Instead of spending valuable time and money on the underwriting process, which typically includes invasive questions and surveys about to dictate premiums, artificial intelligence could automate the entire process. Bots could potentially scan a customer’s social profile to gather information and find trends and patterns. For example, someone who has a healthy lifestyle and a steady job may be able to be connected to being a safer driver, which could lower insurance premiums. AI can analyze data better than humans to more accurately predict each customer’s risk, thereby providing customers with the right amount of insurance and companies with protection from risky customers. Data Insurance is driven by data, and it has a huge effect on the company’s bottom line and the satisfaction of the customer. A recent study found that nearly 80% of insurance executives believe artificial intelligence will revolutionize the way insurers gain information from their customers, with more than half saying the biggest benefit is being able to leverage better data for improved insights into the customers. See also: Seriously? Artificial Intelligence?   Telematics, or wireless communication of data back to an organization, is expected to be a huge area of growth for insurance. Many insurance companies already offer discounts to customers who transmit their driving data back to the company. Telematics and artificial intelligence can take this one step further by recognizing GPS patterns with the data, inferring road and traffic conditions and even predicting and helping avoid accidents, which could potentially lead to fewer claims to process and safer and more satisfied customers. The insurance industry has long been bogged down by outdated practices. However, the combination of a new wave of thinking and newly developed artificial intelligence technology has the potential to completely change the customer experience to provide great service in a way that resonates with modern customers. You can find more on this subject in More Is More: How the Best Companies Go Farther and Work Harder to Create Knock-Your-Socks-Off Customer Experiences.

I recently attended a lecture by a Stanford professor in which he offered an interesting take on the history of communication, as a way of shaking us out of our tendency toward "presentism"—the deep-rooted feeling that things have always been as they are now and, thus, will continue just as they are now.

He said we humans started speaking about 50,000 years ago and began writing about 5,000 years ago, but only passed the point of 50% literacy for the world's population probably during World War II. Look what's happened since. Not only has adult literacy increased to 85%, but about half the world owns a smartphone, with access, via Wikipedia, to basically all the information ever collected into an encyclopedia. Texting, Twitter and other new forms of communication allow for extraordinary, instant levels of connection. Artificial intelligence is letting us communicate with computers in ways once reserved for human-to-human conversations.

So, are we done with progress? I mean, how much further can we go?

A long ways, it seems.

For instance, the professor said that, before long, we'll go beyond communicating with chatbots—our chatbots will converse with other chatbots—and I'm sure he's right. I could actually take his claim back almost 20 years, to when I sometimes moderated a panel at an internet-related conference at the Kellogg School of Business at Northwestern University (my alma mater). A general partner at Sequoia Capital told us once that, in his quest to stay on the cutting edge, he had a voice-activated cellphone in his car, as well as voice-activated features for the car's controls. A random noise prompted the car to say, "I'm sorry, I didn't understand you." To which the phone replied, to which the car replied, to which.... "How do you make your phone and your car stop talking to each other?" the Sequoia partner asked.

Much more recently, we've all seen stories about all the bots on social media that will like or follow people to try to influence the dialogue, will generate responses, etc. Two bots even recently tried to prank each other, generating 15 messages a second for hours on end.

I don't have a clue where this all ends, but I am pretty well scared out of any tendency toward "presentism" and hope you are, too.

Cheers,

Paul Carroll,
Editor-in-Chief

At the 2017 PRIMA Annual Conference, a session discussed real-world examples of high-profile police shootings where media coverage and public perception affected litigation with allegations of police brutality. The speakers included:

• Michele Molinario – Partner, Jones Skelton & Hochuli
• John DiCaro – Partner, Jones Skelton & Hochuli

Are there more officer-involved shootings now than previously? There are no firm statistics on this, but the Washington Post estimates close to 1,000 shootings last year. Thus far in 2017, there have been fewer than 400 shootings. In spite of the publicity around officer-involved shootings, very few officers are convicted of a crime because of a shooting. Media coverage and celebrities have been highlighting some police shootings without full command of the facts,  which taints public perception of law enforcement and taints potential jury pools. The speakers discussed certain high-profile cases: Laquan McDonald

• Oct. 20, 2014
• Chicago
• Carrying a knife and breaking into cars
• Slashed tires on a patrol vehicle
• Disobeyed verbal demands
• Officer shot McDonald 16 times within a few seconds of arriving on scene.

Was the shooting justified? The first question to ask is, “What were the police investigating at the time of the shooting?” In this case, the person was known to be armed and committing crimes. Another question is always whether the person shot was a threat to officers at the time of the shooting. There were reports he was acting “crazed,” had threatened officers and had lunged toward officers. According to police training videos, a minimum reactionary gap of 20 feet is required for officers to draw their weapon and fire if an armed person attacks them. If the distance is less than 10 feet, there is little chance the officer can draw a weapon and fire before being stabbed. See also: Police Shooting Shows Gaps in Work Comp   Among the issues that need to be addressed during trial:

• Did the officer assess the scene prior to firing?
• Was more force used than necessary?
• Inconsistencies between video and police report.

From the media standpoint, the focus was on the number of shots fired, which many felt was excessive. They also focused on the fact that the suspect was not moving toward police at the time shots were fired. Some of the shots were clearly fired while the suspect was already on the ground. Among the discussion topics from the audience included the fact that it is very difficult to hit a moving target with a taser, and that tasers are not very effective against someone on PCP (which McDonald was). The officer in this case has been charged with first-degree murder and is awaiting trial. The city settled the civil case for $5 million. What level of force is reasonable?

• Severity for the crime and other circumstances to which the officer was responding?
• Whether the plaintiff posed an immediate threat to the safety of officers or others.
• Whether the plaintiff was actively resisting or attempting to evade arrest by flight.
• The amount of time and any changing circumstances during which the officer had to determine the type and amount of force that was necessary.
• The type and amount of force used.
• The availability of alternative methods to subdue the plaintiff.

NOTE: Each state has laws pertaining to criminal charges against police officers. Generally, reasonable justification is an affirmative defense to a criminal charge. The jury standard is beyond a reasonable doubt. Courts have said that “reasonableness” must be judged from the perspective of officers on the scene vs. a 20/20 hindsight analysis. NOTE: 42 USC 1983 statutes allow individuals to sue police officers and municipalities civilly for depriving someone of civil rights. Thus, civil cases in police shootings are usually federal cases, and the criminal cases are usually state. Walter Scott

• April 4, 2015
• Charleston, SC
• Pulled over for traffic violation (broken tail light)
• Suspect attempted to flee and was shot by officer multiple times

Officer claimed he felt there was a threat to his safety and claimed that the suspect tried to grab his taser. Before the filming started, apparently there was a physical confrontation, and the officer tried to tase the individual and missed. The officer tried to tase a second time, which was not effective. At that point, the suspect started fleeing and was shot by the officer. Courts have held that deadly force can be used against a fleeing suspect under certain circumstances, including the threat of deadly force immediately prior to the suspect fleeing. The officer in this case has been charged with murder, and the trial ended with a mistrial. 11 of 12 jurors favored conviction. A retrial has been scheduled. The officer was also charged under civil law. He plead guilty under federal law and is awaiting sentencing. He could face a life sentence. Tamir Rice

• Nov. 22, 2014
• Cleveland
• Police dispatched by 911 call with reports of person in the park with a gun threatening individuals.
• When officers arrived at the scene, they warned the suspect three times before firing.
• The video showed the plaintiff going to his waist for something under his jacket, at which time officers fired.

This case caused a lot of media attention because the suspect was 12 years old, and the pistol in his hand was a toy. The 911 caller told the dispatcher that the suspect was a child and that the gun was probably a fake, but this information was not given to officers. They were only told there was an armed suspect. The officer who fired the shots had been previously terminated by a different police department, which raised allegations of improper hiring/supervision. The city settled the civil suit for $6 million. A factor in this settlement was likely the fact that the dispatcher relayed inaccurate information. The officers were not charged. Eric Garner

• July 17, 2014
• Staten Island, NY
• Garner approached on street by law enforcement for illegally selling cigarettes.
• There was a physical confrontation, and the suspect was put in a choke hold
• Cellphone footage shows the suspect saying multiple times, “I can’t breathe,” while he is in the choke hold.

There was no criminal indictment of the officers. The city settled the civil suit for $5.9 million. The coroner ruled the cause of death was the choke hold. See also: Change Accelerates in Core Systems   Conclusions

• Over the last four years, cases occurred in seven states with large populations (CA, NY, FL, PA, OH, TX, IL)
• Most verdicts on cases taken to trial have been defense verdicts. More cases settle than get a plaintiff award at trial.
• With all the media coverage, there is not necessarily more plaintiff verdicts – even in perceived liberal jurisdictions.
• Public outcry tends to lead to quicker settlements of civil cases.
• Courts have not ruled that officers must deescalate the situation before using deadly force, but is the public demanding it?
• Some municipalities are increasing training on deescalation techniques.
• The speakers indicated they did not see a difference in settlement behavior between self-insured and insured municipalities.
• The attorney fees can often be significantly more than any damages awarded because, if the plaintiff wins anything, fees are covered. Juries are not advised of this.

The whole transportation sector is in for massive transformation. The way that people and goods will be moved from point A to point B in the future will be completely different. I am not (yet) talking about a Star Trek-style transporter, although scientists have moved matter at the atomic level from one side of a room to another, so we may eventually get there. The transformation I want to focus on is much closer. Consider the future that the young children of today may experience. They may never own a car, or understand what it means to hail a taxi, or even rent a car. The next generation will find it odd that we used to put “gas” in our vehicles and may think of driving a vehicle as something that you do in an amusement park. Imagine the future at Disney World, standing in a long line waiting for the new “1978 Camaro ride.” See also: Connected Vehicles Can Improve Claims   When you consider the impact of telematics, electric vehicles, the sharing economy, autonomous vehicles and new modes of transportation – like the Hyperloop or the fleet of drone taxis that Dubai plans to have in operation by 2020 – you start to see that these developments are not just science fiction. They are becoming science reality. Collectively, these technologies and trends have the potential to dramatically reduce accidents, improve safety and optimize vehicle usage, which are great benefits for society as a whole. For insurers, however, this is a mixed blessing. Insurers have always been some of the biggest proponents of technologies that improve the safety of vehicles. But the potential to dramatically reduce accidents also comes with the probability of dramatically reduced premiums – the bread and butter of many P&C insurance companies (for both personal auto and commercial fleets).

If you are in the insurance/risk management industry, you likely have been to many presentations. How many do you remember? How many were interesting? How many were entertaining? When learning information, the human brain will attempt to relate the new concept to a familiar concept. For example, when Henry Ford described one of his earliest automobile designs, he may have said, “It’s like a horse and carriage without the horses.” That description creates a relatable picture that offers listeners a point of reference. What picture did you see in your mind? Stories work the same way. As long as they're relatable to the audience, people will follow along. A good story connects better with the audience than straight technical material, and provides a more effective teaching method. According to a study at the University of Wisconsin, by Jill Eck, when learners are exposed to storytelling in a classroom setting they are highly engaged in the learning process and are practicing reflective learning as they process information on a deeper, more meaningful level. See also: Strategist’s Guide to Artificial Intelligence   Here are just some of the ways a story can help with your presentations:

• Helps to break the ice
• Helps to engage the audience
• Helps to relate your message
• Helps audiences retain your message
• Reinforces your point

In January 2017, I attended a RIMS event at Minnesota RIMS. During the networking cocktail party, while I was introducing myself to new people, someone stopped me and said, “I know you. You’re the ‘thousand-legger’ guy.” He saw me give a presentation almost a year earlier, in May 2016 in St. Louis, and not only remembered my story but that it was about cyber exposures. I must admit I was a little surprised, but that is how it is supposed to work. If you tell a good story and tie it back to your message, people are more likely to remember. This was just one of many times this has happened over the years, but in this case I was delighted because I added that story into my talk just before I took the stage. That day, I had my slides together, but I was still struggling with my material, and I had yet to come up with a story to help make my point. I was speaking for the first time about cyber exposures, so I spent nearly all of my time preparing the technical side of the content and gave little thought about a story to go with it. Have you ever been in that situation? I was more concerned with getting the subject matter right and was going to skip the story altogether. After giving hundreds of speeches and presentations, I've learned that what makes your message memorable and your point stick with the audience is telling a good story. As I sat there waiting to go on stage, my mind was searching for a story, and finally it came to me. I immediately perked up and began thinking about how to integrate it. I hadn’t used this story before, so it was going to be a challenge, but I knew the story would to help me connect with the audience and make an important point. I realize that you may not have tried using a story in your presentations before, and you probably have some questions and concerns, so I will share with you three suggestions to help you get started on the right path. 1. What stories work best? Though you can use any kind of story, I have found personal stories work best because you know them well and can share them from direct experience. You won’t need to rehearse it to remember it, but you should practice how to tell it. Personal stories also connect with the audience and can quickly build rapport. Humans have emotions, so take advantage of a variety of them. There are no limits other than time and appropriateness. Not all stories are interesting, though, or have a point, so you’ll want to make sure you have the right components. 2. What are the main components? A good story is like Henry Ford's car. It can take you anywhere you want to go, but it must have the right components. The first part is the set-up. You’ll need to describe the situation so that people can see it in their minds. Where does it take place? Who is there? What is happening? Be descriptive enough to enable listeners to visualize the scene. Next, it must have a problem or dilemma. People will imagine what that must be like or perhaps even picture themselves in that situation. You want your audience to connect emotionally to the problem because it creates the suspense you’ll need for the next step. Once you have them where you want them, it’s time for the climax. The climax comes in many forms. If it’s a humorous story, it’s the punch line. If it’s a serious story, it’s the turning point. In either case, the best climax has an unexpected twist that makes it more interesting or funny. Any good book, sitcom or movie has these elements. Finally, it must have a lesson, a take-home message. When it is a part of a presentation or speech, you’ll need to relate that message to your presentation to reinforce the point you’re trying to make. 3. How do you integrate it into your speech? Once you have your story, you’ll need to figure out where to inject it. Sometimes, you can start off with the story and then segue into your presentation opener. Other times, it’s better to open the presentation and then work to the story. The transition is the key. This is the part where you move into your story, in a way that is seamless and smooth. You should not say, “And now I will tell you a story.” The better you get with making the transition, the better the results will be. What you want to avoid is losing the audience in transition. If they are wondering what you are talking about or why, they will not be listening. Once you’ve told your story, you can reference that point again and again to remind the audience of the connection. This is called a “callback,” and it can be very effective. Now, let’s explore how I did it in St. Louis. The point of my cyber presentation was that the cyber risk topic is fear-based, and it’s easy to become paranoid about cyber threats. But that’s not the best way to manage the risk. When I began my talk, I set the stage for all the outside influences and pressures around the cyber threats. Then, I said, “With all the uproar about cyber attacks, it’s easy to become a little irrational. [This is the transition to my personal story.] For example, my wife is a bit of a bug freak. She hates bugs and goes crazy when there’s a bug in the house. It’s not that she is afraid of them, but she doesn’t want them in our house, and, if there’s one inside, she will stop at nothing to kill it. [The set-up.] One day, my kids were playing with Legos on the dining room table. When it was time for bed, we told them to clean up the Legos. My five-year-old son, Chase, helped for a few seconds and then disappeared, leaving my eight-year-old daughter, Melina, to clean up the bulk of them. When Melina cleared the table, she stood up and then looked at the floor. She screamed in terror. ‘There’s a thousand Legos on the floor.” I was nearby and saw the mess and knelt beside her to help. [The climax.]) A few seconds later, my wife came running in from behind us with a shoe cocked and ready to strike. She demanded, ‘Where is it?' Confused and startled, we asked, ‘Where’s what?’ She said, ‘The thousand-legger!” [The twist.] The tie-in: When you are too uptight about anything - whether it’s cyber bugs or real bugs - everything starts sounding like a threat. The lesson: It’s far better to keep the risk in perspective. See also: Innovation Pivots: 10 Lessons Learned   There was a wave of laughter, and then the point set in. From there, I continued with my presentation, but, I can tell you, I had their attention. I then presented my Cyber Exposure Wheel, a framework to help risk management quantify a company’s exposures while putting cyber risks into perspective. At the end, I concluded, “If you focus from the inside out, you won’t need to chase any thousand-leggers. You’ll be prepared for whatever threat comes your way.” [The callback.] My story was true. It was funny, and I told friends the story for a laugh. All I had to do was draw the simile of the threat of bugs to the threat of cyber to make it work. I have lots of stories like this one and can use any of them to make various points. The good news is that you have lots of stories, too. Using stories in your presentations makes them more interesting for the audience and more fun for you as the presenter. The next time you have a presentation to give, whether it’s at RIMS or at a company meeting, add in a story of your own to help make your point. You’ll be amazed at the feedback you get. And you’ll be thrilled down the road when someone mentions your story. I know it sounds odd, but I’m proud to be the “thousand-legger” guy!

Medical devices, such as pacemakers, insulin pumps and defibrillators, could become lethal in the hands of a hacker tampering with them remotely. A new study that shows medical devices—and patients—are vulnerable to cyber attacks is a wake-up call for manufacturers, according to a Silicon Valley software company that sponsored the study. Device manufacturers must change their culture and look at security as an equal to patient safety, says Chris Clark, principal security engineer of strategic initiatives for Mountain View, Calif.-based Synopsys. The company’s study, which surveyed about 550 employees of device manufacturers and healthcare delivery organizations (HDOs), found that nearly 70% of manufacturers and nearly 60% of HDOs believe an attack on a device built or in use by them is likely to occur during the next 12 months. The most surprising finding, Clark says, is that about 40% of manufacturers and 45% of HDOs—despite being aware of the risks—take no steps to prevent medical-device attacks. See also: How to Make Smart Devices More Secure   There are, however, some positive takeaways, he says. The study, conducted by the IT research organization Ponemon Institute, showed that “a significant percentage” of HDOs are concerned about the risk of insecure medical devices, and many are taking measures to test them for vulnerabilities. That’s a good sign, Clark says, because most study respondents work for small organizations “with limited resources and expertise in this area.” Security painfully lacking About 60% of respondents work for organizations with fewer than 1,000 employees, 10% said they had no budget for device security and 40% said their annual budget was less than $500,000. The study found that 59% of respondents employed by HDOs rated the importance of medical device security as very high relative to all other data and IT security measures deployed. Yet, only 37% of those who work for manufacturers consider such security of very high importance. A cyber attack on a medical device can manifest in various ways. This tells us the manufacturers still operate under the pretense that security is an HDO issue, and medical device security will be a lower priority for the foreseeable future, Clark says. “This statistic alone should be of great concern and a critical lesson for HDOs who are truly interested in protecting their infrastructure.” An attacker could take control of a device to administer inappropriate or harmful treatment to a patient, Clark says. The attacker could dispense the wrong dosage of medication via an infusion pump, manipulate the electrical output of a pacemaker, crash or render a device inoperable, access the data stored or transmitted by a device or use it to pivot to other systems or devices within the same network. Hospitals risk erosion of patient confidence Each of these scenarios has a physical impact to a device or group of devices, but the real danger is a loss of confidence in the ability of HDOs to deliver quality care and protect patient information, Clark says. “A breach could be catastrophic for a hospital system.” The Synopsys study found that 80% of respondents who work for medical device manufacturers or HDOs say medical devices are very difficult to secure. The top reasons cited for device vulnerability include accidental coding errors, lack of knowledge/training about secure coding practices and pressure on development teams to meet product deadlines. Security an afterthought Securing medical devices also is difficult, Clark says, because security is not a primary consideration early in the design process. “This, along with the need for flexible communications that are often unencrypted or have no security characteristics, create a wide range of challenges.” Respondents in the Synopsys study were surveyed before the WannaCry ransomware attack in May. The worldwide cyber attack targeted computers running the Microsoft Windows operating system and, within a day, reportedly infected more than 230,000 computers and medical devices in more than 150 countries. See also: Can Your Health Device Be Hacked?   Healthcare organizations are “some of the most commonly targeted cyber attack victims, second to only the banking and financial industry,” Clark says. “If you couple that trend with the results of this survey showing how little is being done to protect medical devices, it’s not unreasonable to expect things to get worse before they get better.” Most stakeholders, though, are “genuinely concerned” about the impact of insecure medical devices—“both in terms of patient safety and risk to their organizations,” Clark says. “What remains to be seen is whether the industry steps up to voluntarily address these challenges or the U.S. Food and Drug Administration takes a more aggressive stance.” This article originally appeared on ThirdCertainty. It was written by Gary Stoller.

According to McKinsey, customer satisfaction with your company has more to do with the end-to-end experience than individual touchpoints. This is important to understand, because we tend to evaluate business performance based on distinct metrics such as call handle times, quote starts or quote conversions. While each of those aspects of the customer experience is important, they provide only a snapshot of the customer’s journey and not the big picture. If McKinsey is right, it’s the picture as a whole that will influence a customer and generate their loyalty. A leading insurer, which has always placed the customer experience at the forefront of its strategy, proved this to be true as it transformed the entire customer journey with top-tier digital capabilities. Creating a Loyalty-Generating, End-to-End Experience The year was 2014, and a leading insurer that manufactured a much-sought-after auto product was meeting demands for homeowners coverage by sending leads to other carriers. Right away, this is where we begin to see that the sum of the end-to-end experience is worth more than its parts. Customers didn’t like being sent to another insurer, and, to be quite truthful, the leading insurer didn’t like sending them away. Providing a consistent customer journey across multiple insurers was difficult, and, once the customer was transferred away, the leading insurer lost the connection that encouraged satisfaction and renewals. See also: P&C Insurers: Come Out of the Dark Ages   Committed to providing every customer with the same high-quality end-to-end experience, the insurer had a thought. What if it could add homeowners coverage from a few select carriers—those that met its stringent customer experience standards—to its own auto policies, improve the efficiency of the quote-to-issue lifecycle AND still own the customer? It sounded like an impossible feat, but, as a leader in insurance innovation, the company knew it could achieve just about anything with the right help. It struck up a healthy relationship with a well-established insurtech innovator offering a leading digital distribution platform. In addition to gaining digital competence for its in-house agents, the company was able to offer product choice and bundle home coverage from other carriers with its own to improve the customer journey. Here is how the new customer experience looks:

• A customer calls the company’s internal agency for quotes on homeowners and is interested in auto insurance.
• Agents take a few pieces of information from the customer, such as name and address, enter it into the platform and let the magic begin.
• Automated capabilities draw verified data from third-party sources to complete the application. The agent receives instant pricing for various homeowner product options and an instant quote on the auto.
• The agent selects the appropriate coverage with a few clicks of the mouse and just as simply quickly binds and issues the policies.

The magic starts with a single call. The agent doesn’t need to put customers on hold to enter information into a multitude of back-office systems or tell the customer he’ll call. Nor does the agent send the customer to another agent or website. Come renewal time, the insurer works with the customer to renew both the home and the auto. It’s simplicity at its best and drastically improves the entire customer journey. What Customers Feel Customers have provided their affirmation of the new capabilities with their wallets. In 2014, as the platform was implemented, the leading insurer had only 100 agents handling a quote volume of 100,000. Customers will talk -- and, in this case, they had all good things to say as they encouraged their friends and family to call the leading insurer. By 2016, the insurer added 150 new agents as quote volumes doubled. The insurer was now providing 70% of customers with an offer and converting 35% of those to sales. In fact, sales doubled year over year. And the magic continues as the insurer sold 20,000 policies in the first quarter of this year alone. The insurer has skyrocketed to No. 5 in the list of top carriers by direct premiums written by group and has no plans to come down any time soon. See also: How to Reinvent P&C Pricing   It looks like McKinsey is right. A top-notch customer journey can make all the difference.

“Irresponsible”; “entitled”; “the gilded generation that never had it so good,." It’s fair to say that society, in general, has a pretty dim view of the group of people currently aged between 18 and 34 - collectively known as millennials or Generation Y. Among the various criticisms leveled at the young professional cohort (immature, lazy, flippant -- the list goes on), there is one theme that stands out. To quote a 2016 article from Ratesetter: "The YOLO generation is clueless about money." (Disclosure - the authors of this article are both in their 20s.) But is this criticism fair and accurate? We ask this question on the back of recent research from Aviva and others that suggests that the millennial generation might be more careful about what they spend their money on than they are given credit for. Perhaps surprisingly, the research showed that 50% of millennials categorized themselves as savers and that the average 18-to-34-year-old spends a great deal more time researching a purchase before clicking the Buy Now button than you might have thought. See also: 3 Ways to Leverage Digital Innovation   This could be as a result of a number of things - the generation grew up amid one of the toughest recessions in living memory, are increasingly saddled with student debts and are facing the ever-increasing cost of housing. According to a study carried out by Aviva, millennials typically have just £156 left each month after basic living costs and repaying student loans. Regardless of fault or cause, the research seems to suggest that the average 18-to-34-year-old has less money to spend on, well, pretty much everything. Perhaps we have a case of “we’d love to save more -- if we could.” Notwithstanding all of the above, 70% of young people in the Aviva survey indicated that their main motivation for work was to be able to afford to travel. Pair this with that generation-transcending, young person’s mindset of “it’ll never happen to me”; one starts to realize why arranging adequate non-compulsory insurance cover does not appear very high on their lists! However, with 16.2 million millennials in the U.K. alone, they now account for the largest generation in Western history, and this presents insurers with a great, significantly under-tapped market opportunity (we stop short of saying untapped, as some of the more innovative insurers have seen the light already). The only slight problem (and it’s no secret) is that many insurers struggle to effectively engage with the young. Generation Y -- technically savvy, independent, agile, synonymous with social media and the selfie -- tend to be the polar opposite of most insurance companies. Unlike companies in many other industries, insurers don’t yet appear to have worked out the magic combination required to target, convert and retain business from the young -- indeed, a recent Gallup web panel survey found that 69% of millennials said they are actively disengaged with or indifferent about their insurance provider. Enter the insurtechs, which have come to the party with all manner of technological lotions and potions, and boy are they thriving. To paraphrase Sun-Tzu, “to engage your customer, you must think like your customer.” With a better understanding (and to a certain extent, empathy) of the common problems faced by Generation Y and how to solve them, and the ability to adapt quickly to changes without the hindrance of long decision-making processes and slow turnaround times, insurtech businesses are perfectly positioned not only to tap the gold mine themselves but to help the incumbents to do so, as well. Spoiler alert: As much as we might hate to admit it, millennials are not known for their patience. In today’s world, where you can order food online in less than five minutes and book a holiday in just a few clicks, we want things now, and, where that isn't possible, we want things quickly. As members of the rental economy, we are also averse to paying for something we aren’t using. The insurtech community has risen to the challenge and responded with the creation of no-fuss insurance policies, such as MetroMile, which allows you to pay for insurance for only the miles you drive, appealing to, among others, students at university who leave their cars at home while they study. On-demand protection is also the idea behind Trov, which enables users to simply turn on and off their insurance, in a few taps, as and when they need it. This shift in approach is something that is going to become more commonplace, with more solutions to insure a generation who view insurance as a luxury required as and when, not all the time. So how do incumbent insurers compete in the increasingly digitized, by-the-minute economy? Beyond the creation of novel covers, it’s important for insurers to realize that millennials don't want to be sold to -- with so little disposable income, they want to feel as though they have made the buying decision themselves. Millennials want to feel connected to the product/service that they buy, and this starts during the purchasing journey. See also: The Mystery of the Millennial Buyer   Traditional sales methods are no longer effective in their own right. Insurance companies need to give their younger customers the tools to make purchasing insurance quick and personal -- for example, by allowing them to autofill an online quote form using their social media data from Facebook or LinkedIn (with their permission), or by helping them to understand where they might be under- (or over-) covered. Here at Digital Fineprint, our focus is on helping the insurance community to disrupt itself from the inside out. We see ourselves as digital enablers, helping the oil tanker-esque behemoths to take on the mind of a jet ski. We firmly believe that if the major players lead from the front, adapting to the shift in the market and making the whole experience simpler and faster, all the while driving transparency between their customers and themselves, then we might just see millennials spending less time taking pictures of their food and more time getting covered! Comments welcome - as long as they are 140 characters or less….