Today, dog lovers all over this great nation walk their dogs through neighborhood streets, and after the dogs “do their business” or “deposit a love biscuit,” the dutiful owner takes a moment to pick up the waste and carry it home. The telltale swinging plastic bag of poop is a sign the responsible dog caregiver is keeping their neighborhood clean. After all, only in America can placing a naturally degradable substance inside a plastic bag where it will last 10,000 years in a landfill be considered ecologically responsible. But all of that difficult work is about to end, thanks to a ridiculous bit of technology --  and signals the sort of confusing adjustment that workers' comp will have to make as the definition of work and work sites changes. Imagine, not so far in the future, the dog owner does not pick up his pooch's steaming pile of love. Rather, they grab their cell phone (which they were probably holding because they’ve been on Facebook for most of the walk), snap a picture of the pile, tag its location with an app and simply walk away. Somewhere, an “Uber style driver” is notified that fresh feces is afoot. They race to the geographically tagged location and, quick as a flash, scoop up Fido’s poop. They will have the onerous and odoriferous task of keeping your neighborhood safe from unwanted piles of poop. One and done — and you are good to go. I suppose the picture is useful for identification purposes. You wouldn’t want to scoop the wrong poop, after all. You read that right. There will soon be an app that will allow you to summon someone else to clean up after your dog. See also: Five Workers’ Compensation Myths Beyond being the ultimate sign of a lazy and slothful society teetering on the brink of self-destruction, this idea actually just stinks. Imagine, if you will, the physical machinations of the concept. You are standing in your neighbor’s yard, taking a picture of dog shit. As your neighbor stands in their living room window, drinking their morning coffee, what could they possibly be thinking? You might just be arranging for a pick up, but, in their mind, you’ve now been labeled an irresponsible pervert who commemorated the officious occasion of your dog dumping in their yard. Maybe Fido should get a ribbon for his effort. While the developers of the “Pooper App” claim it is an “Uber-like service,” it seems to lack an actual verification factor. How do we know the poop was actually purloined? I mean, with Uber, we know whether the guy showed up or not. With the pooper app, you may be able to see the pooper scooper drove by, but you’ll have no idea if they actually scooped the poop. Maybe they have to take a selfie with the poop as proof. It is certainly going to be an interesting morning in your neighbor’s yard. And who would actually want this job? I know that services already exist that clean out yards and such on a scheduled basis, but who will want to troll an area waiting for an app to notify them that there is poop afoot? The developers tell us pet owners of all types will take this job because they love animals so much that scooping their poop is a pleasure. I would conjecture that if people loved bagging poop so much, we wouldn’t need the pooper app to begin with. No, these scoopers must be experiencing a serious call of doody. That is the only explanation. From a workers’ compensation perspective, I suppose these Uber scoopers will have the same challenges now being faced by other participants in the sharing economy. Who will cover them? What if they are hurt on the job; say shot for trespassing on your neighbor’s lawn? And if they are covered under workers’ comp, what class code would we possibly assign them? See also: How Should Workers’ Compensation Evolve?   Technology continues to challenge our industry. At least we can be comforted by the fact that it is challenging our common sense, as well. This article first appeared on WorkersCompensation.com.

The 1926 Model A is a far cry from the self-driving Tesla we see on the road today. The automotive industry has progressed light years since Henry Ford first paved the way for automobiles. From refrigerators to cars, technology is moving at warp speed. There’s just one industry that hasn’t quite kept up with the Joneses: the insurance industry. For over one hundred years, the $1 trillion industry has stayed pretty constant — consumers purchase a policy from an agent, pay their premiums and really don’t think twice about it. These four startups from Silicon Valley, New York City, etc. are about to turn the insurance world upside down. And, if you ask us, it’s about time. Mojio— Some may remember Mojio as a “connected car” hard- and software company, but the brand recently went through a major overhaul.  With a seasoned startup CEO on their hands, Mojio looked at industry trends and discovered a major hole and an opportunity for change. They plan to roll out their new business model in North America sometime this fall, in conjunction with the revamped AutoMobility LA, the first smart car technology trade show of its kind.  With their new model, Mojio hopes to create an automotive ecosystem where the automotive industry, insurance industry and telecom services thrive together. While staying mum about their North American partnerships, Kyle MacDonald, head of marketing had this to say:

“This open approach enables the owner of the car to become the owner of his or her data. Novel? Yes, but we believe this is simply the logical evolution of car ownership. As software continues to eat the world, startups like Mojio are poised to take a big bite out of the connected car market.”

Needless to say, your connected car is about to get a whole lot better. Mojio has been experimenting with their new model oversees with wild success. In an article posted on the Mojio blog, CEO Kyle Hawk said, “Deutsche Telekom and ZTE are turning to partners like Mojio to provide the platform for global, scalable connected car offerings, signaling an exciting time for not only the automotive and mobile industries, but ultimately for end users who’ll soon be able to enjoy a new era of car ownership and driving experiences.” See also: InsurTech: Golden Opportunity to Innovate   CoverHound— CoverHound is built for one-stop shoppers. With the wild success of things like Amazon's 1-click ordering, consumers are used to comparing and purchasing things in one place. Why not apply this philosophy to the insurance world? The brilliant minds behind CoverHound are doing just that. With $33.3 million in their series C round seed funding, this San Francisco startup is everything you would imagine. With urban chic offices and a mass of young professionals with immense potential, this start up is poised to rocket to even more success. They’ve already clobbered over similar sites like the now-defunct Leaky, and they’ve just secured a new round of investors. With this, they plan to take on business insurance coverage for small startups. CoverHound board member James D. Robinson III said, “The industry is ripe for change, CoverHound paves the way into the next generation of insurance.” They’re not just relying on a great user experience website; CoverHound allows potential customers to tweet at them for quotes, capitalizing on high traffic social media. With these innovative business practices, CoverHound will be the new way to get insurance as technology continues to push on. Trov— Insurance isn’t just about cars.; what about your house and all your belongings? There is nothing worse than coming home to a ransacked home and discovering that all your valuables have been stolen. Panic sets in. Did I pay my premiums this month? Will my renter’s insurance cover the cost of my bike? Do I even have proof of all my valuables? Trov solves all of these in one glorious mobile app. The brilliant minds behind Trov thought pretty critically about the behaviors of millennials before designing the platform Trov is built on. Insurance companies of the past have two fatal errors. The first is they don’t account for the fact that today’s consumer is far from stagnant and that moving every two years is commonplace. Home insurance policies for 30-plus years just aren’t happening anymore. The second, and perhaps the more frustrating, is claims. Insurance giants intentionally make the claims process difficult to discourage you from filing them. Trov solves it all with its cloud-based insurance app that — with a few swipes, photos and texts — you can catalog, insure and file a claim right from your phone. It’s a dream come true when it comes to insuring your valuables without the hassle. Right now, Trov is only available in Australia, but this Bay Area-based company plans to launch in the U.S. by 2017. Lemonade— For a company that has yet to launch after receiving one of the highest amounts in first-round seed funding, Lemonade is getting a lot of press. Claims like, “We aim to be the Facebook of insurance” are pretty bold, but we would be lying if we said we weren’t intrigued. Lemonade is a peer-to-peer insurance company. To put it simply, a group of small policyholders pay their premiums into a pool to pay claims. If there is still money left in the pool at the end of the period, the group gets money back. The company is backed by notable investors Sequoia and Aleph Capital and has brought on AIG and ACE veterans execs. A simple search of “Lemonade insurance” and you’ll find article after article of its “plans” to launch. As the end of 2016 creeps closer and closer, we can’t help but wonder what’s going on behind the hot pink doors. With a concept that’s yet to be tested in the American market, Lemonade has potential — but, then again, good press doesn’t last forever. See also: The Start-Ups That Are Innovating in Life Fast forward to 2017, and this list could be entirely different. That’s the beauty of startups: they’re constantly pushing boundaries. All of it is good news for the customer, who desires a better experience when it comes to their insurance policies. Giants such as State Farm and Progressive will have to rely on more than just clever marketing spokespeople to keep up with the tech trends. These four startups are already causing some mayhem of their own in the industry. With a piece of a $1 trillion pie at stake, it’s surprising it has taken this long for the shakeup. This article first appeared on obrella.com.

A part of my life allowed me the privilege of treating nearly 10,000 individual patients. Their openness and trust let me partner with them, deciding on and helping enact a course of care, which often helped change lives. We lived life together. Owning a practice means more than just providing necessary healthcare — through ethical and legal means. It allowed me to bring out a greater level of transparency and humanity, while remaining professional. It taught me to always put on a happy face, especially in times of personal stress or upset. I learned to make that one patient in that one moment of time feel like the most important person in the world. Some may think the majority of patients can't tell the difference in care and just want their symptom or disease treated. News flash — you're wrong.   It may seem as though patients are just putting out their time and money, but really they are giving us a high level of trust and control. Depending on the person and problem, we can have significant influence over the course and quality of their lives, as well as the lives of those closely attached to them. See also: Key Misconceptions on Health Insurance Too often, we forget nine out of every 10 patients makes less than $33,000 in income (see below). Nearly 40% of patients carry medical-related debt, and one-third of those must choose between payment for that debt versus rent, housing or heat. Many of these cash-strapped individuals will only come in and choose to make health a priority within later, irreversible stages of chronic disease. Most everyone knows our healthcare is in crisis. The solution appears clear: improve care quality, reduce cost, increase safety, grow healthier communities and deliver all this with greater consumer affordability. The advent of healthcare technology will certainly help make much of this possible. But we must not make the mistake of thinking patients will have the same level of dedication to population health, wearables and medication adherence as we do. Patients care about themselves and those they love. They care about money and their financial future. They care about feeling good and avoiding pain — but the pain can be more than just their symptoms and condition. Health payers acquired a longstanding, terrible reputation for not caring.  Many plan members, who suffer physically, emotionally and financially, felt as though they were treated like just another accounting line item, as if they were just commodities that made the business of healthcare payments go 'round. We're at a tipping point. As more risk shifts onto the shoulders of hospitals, providers and affordable care organizations (ACOs), we must not make the same mistakes. Tomorrow's healthcare will involve and require patient compliance and participation to get the best results. It is one thing to put technology in place that captures patient-generated health data, but it is quite another to show patients you care about the data. Patients deserve to feel the compassion, caring and humanity in our hearts and actions. See also: Innovation: a Need for ‘Patient Urgency’ I've retired from practice, my career now shifting into the business side of healthcare. I am carefully seeking my next path for the right healthcare company, where I can blend my experience, talents, skills and years of front-line patient experience. The healthcare sector is a target-rich environment, whose underlying industries, more than ever, have a tremendous ability to shape the course and outcomes of human lives. Technology, big data and Triple Aim aside, we must remember the human condition is more than just condition. It is a place where people reside because they often have lost hope and human support. In the future of patient data, we must recognize that behind the numbers lives a human life and heart and the potential for physical and emotional improvement.

Alarm systems have a long and varied history — from geese in ancient Rome, to noise makers that announced the presence of an intruder, to present-day electronic sensors and lasers. Originally, the creation of alarms was driven by the psychological need all humans have to establish a safe environment for themselves. Today, that same need exists, but it has been extended to include other concerns, such as valued personal possessions, merchandise and intellectual property. In the cyber realm, security is as important as it is in the physical world because people must be able to feel secure in their ability to store sensitive, high-value data. Without that sense of security, the cyber realm would lose almost all of its relevance. Cybersecurity is established by various hardware and software components, but none of the components are more essential than strong encryption. It is such encryption that keeps bank transactions, online purchases and email accounts safe. However, there is a disturbing worldwide governmental trend to weaken encryption, which was exemplified in the legal disagreement earlier this year between Apple and the U.S. government. While there are definite aspects of the dispute that fall outside of the professional insurance sphere, there is an undeniable part of the battle for strong encryption that the professional insurance sector must not fail to acknowledge and address. The outcome of this struggle will be felt well into the 22nd century, and, perhaps, at least in the business arena, the outcome will be borne most keenly by cyber liability and technology E&O insurers. With global attempts to reduce the effectiveness of encryption, no insurer can claim it lacks a part in the effort for resilient and ever-evolving encryption and cybersecurity measures. The Chinese government is not a supporter of privacy, and it has even hacked Google’s Gmail service and the Dalai Lama’s email account to gain access to information it has deemed disruptive. It also has been stepping up its “investigations” into products produced by U.S-based technology companies. Furthermore, after both the 2015 attack in Paris and the 2016 attack in Brussels, the debate regarding whether encryption should be allowed was re-ignited in Europe and the U.K. Recently, the French, Hungarian and British governments have made various attempts at weakening or removing encryption. Therefore, with this global challenge facing insurers, they are required to be completely aware of what is at risk for them, and they must help pave a path forward that endeavors to balance profitability of products (like cyber liability and technology E&O) with the protection those products should afford any insured. See also: Best Practices in Cyber Security Apple, perhaps, serves as the best example of how governmental interference with cybersecurity is an issue that requires direct and immediate intervention from insurers. There are thousands of businesses around the world that rely on the iPhone and iPad for productivity purposes — and almost all of those businesses also rely on the security that those devices provide, both from a hardware and a software standpoint. Recently, the U.S. government attempted to force Apple, in different judicial battles, to write code that will allow the government to have a master key to access the data of any iPhone. However, the U.S government is also pursuing a legislative avenue to pass a law that will force U.S. companies to give the U.S. government unfettered retrieval of any data on which it sets its sight. To provide such access would almost always require companies to write software code that is purposefully compromised from a security standpoint. It would be extremely unwise for professional insurance companies to assume this disagreement is only between the technology sector and world governments because, if there is an outcome favorable for the U.S. government, it will have direct and immediately negative effects on insurers that offer cyber liability and technology E&O insurance in the U.S., and it will set a dangerous precedent that will embolden other governments to justify similar breaches that will allow them to acquire what should be secure data. From a cyber liability standpoint, any vulnerability in software code gives hackers another way to compromise a victim's computers and network. If a company like Apple (which has thousands of businesses depending on it to keep them safe) has to create a master key, then all of the businesses that use Apple products will be vulnerable to attack. The U.S. government has a long history of being unable to keep its own data safe, which means, in time, hackers will be able to figure out what entrance point was created and then exploit it. The most worrisome entities that might access the backdoor would be non-democratic nation-states because they have the most to gain from exploiting any vulnerabilities in U.S-based companies. However, such companies are not the only ones who use products produced by Apple, which means companies located anywhere would also be vulnerable. Additionally, if world governments put restraints on encryption to make it illegal or to limit the ways data can be encoded then, again, that gives power to those entities that would exploit weak encipherment to the detriment of the private sector. From a technology E&O standpoint, any request by the U.S. government to weaken products produced by an insured creates a breach of contract, which will hurt claims made against technology E&O policies. If Foxconn, which builds the iPhone for Apple, was forced to alter firmware used in the iPhone to allow at least one software flaw, then Apple could sue Foxconn for a breach of contract were Apple to learn of Foxconn obeying a government order to create a security bypass in the firmware code. Worse yet would be a company like FireEye being forced to reduce the effectiveness of its virtual execution engines that are at the heart of its malware analysis appliances. FireEye, and other cyber security companies, are what often stand between a hacker and its victim. Should a cybersecurity company ever be forced to obey a government order, little would stand between a hacker and its potential victims. Moreover, all of the companies that depend on the products of a cybersecurity company would also be in a position to bring claims against the insured organization, which would certainly be detrimental to technology E&O insurers. To defend itself and its products from government interference, Apple is implementing a security feature that removes its ability to bypass the iPhone's security. While such method works from a simplicity standpoint, it will not work for a majority of technology companies, with cybersecurity and cloud providers being two examples of where such a solution would not work. Additionally, if a law were passed that forced a company by way of a court order, for example, to decrypt information on its products, then the company so ordered would be put into a bind. Cyber liability and technology E&O insurers could also add exclusions to policies that would void insurance contracts if an insured organization complied with a governmental request to create a backdoor. However, it would be extremely difficult for an insurer to prove the backdoor was created deliberately, and, ultimately, such exclusions would be ethically ambiguous given they would punish an insured firm for obeying the rule of law. Companies could also contest each governmental request, assuming no law makes it illegal to deny a government request, but not all companies have the time or financial resources with which to fight a government. The only reasonable avenue to rein in disruptive governmental orders, then, is for insurers, technology companies and others to unite and block any legislative attempt to pass a law that would force any technology company to create a security gap. Moreover, the resistance movement will also need to fight against any attempt to weaken or make illegal any type of encryption. See also: Paradigm Shift on Cyber Security Currently, the relationship that exists between the insurance and technology sectors is that of provider and client, but that relationship must now evolve into a partnership. The technology sector cannot afford to go without cyber liability and technology E&O insurance because almost every company needs to offset technological risk now that we are in a globally connected and highly litigious age. Insurers also need to continue offering cyber liability and technology E&O policies because they have the clout and financial strength to help protect companies — especially small- and medium-sized ones — from an ever-changing technological landscape. Then, too, whichever insurer develops a realistic understanding of the intersection of risk and technology will be in a position to enrich itself. The path forward, then, is to create a coalition whose first goal would be to stay on top of both pending and current judicial cases and bills being drafted or voted on in any legislature worldwide that would degrade the security strength of any member’s product. The U.S. government has recently tried to force Apple to create a master key to one of its product lines, and there is no reason to believe that it will not force other companies (like cloud providers) to build similar backdoors into their products. To work against such actions, the coalition might be composed of two representatives from each sector’s main representative organization. For instance, for the professional insurance sector that would be PLUS, and for technology companies that would be IEEE. Furthermore, the coalition might also be composed of members from automotive manufacturers, educators and telecommunication firms. The coalition’s protective approach, then, would be to identify cases or bills and then attempt to bring all resources forward to eliminate or mitigate the offending threat. A recent example on the judicial side of a case that would have been a threat to the putative coalition was the Apple vs. the U.S. government in Central District of California, Eastern Division. A current example of a legislative threat to the coalition is the Burr-Feinstein Anti-Encryption draft that seeks to allow courts to order a company to decrypt information it has encoded, like the way the iPhone protects a user’s data. In a judicial case, the main measure could be filing amicus curiae briefs on the part of the aggrieved organization, but another measure might be ensuring the defendant is crafting the most reasonably persuasive anti-governmental interference arguments and appealing unfavorable rulings. On the legislative front, measures might include lobbyists but, more importantly, ought to involve the unity achieved by the existence of the coalition, working with an organization like the EFF and even creating public relation campaigns to appeal to the support of the world populace. In the rare instances when a government attempts to work with the private sector to understand the concerns that it has — for instance, as the U.S. government is trying to do with the proposed “Digital Security Commission” — then the coalition would need to support such efforts as much as possible. It is true that the coalition’s efforts in countries like China and Russia might be limited, and they will be also be limited when a country feels that a criminal act, like terrorism, is better dealt with by eroding encryption and cybersecurity measures. In an instance concerning China, insurers could consider increasing the amount of re-insurance that they purchase on their cyber liability and technology E&O portfolios to offset the damage from increased claims. Insurers will also need to be extremely cautious when providing cyber liability and technology E&O coverage to organizations that have close relationships with non-democratic governments (like the Chinese government) or ones that produce products that have a high likelihood of being the result of IP theft, such as any mid- to high-end binary processor. The pursuit of the best encryption and cybersecurity measures needs to be unencumbered by the efforts of any government, just as alarm systems have been free to evolve over the past two or three millennia. This can only be achieved, though, through the unified actions and vigilance of a coalition. Encryption and resilient cybersecurity frameworks are the essential and irreplaceable elements in a safely connected world. To limit, in any way, the efforts to perfect those elements or to purposefully reduce their effectiveness is irresponsible regardless of whether the reason is national security or the pursuit of breaking a criminal enterprise. Lloyds, and other organizations involved with cyber liability and technology E&O insurance, see a future where insurers are able to achieve healthy profits off those two products. However, if insurers do not responsibly oppose governmental attacks on encryption and cybersecurity, that profitable future will give way to a future of excessive claims, damaging losses and very little profit.

As more companies invest in insurtech, we know that the small business insurance market is in the crosshairs of a number of start-ups, because small businesses are underserved and often underinsured. What many have failed to discuss is the impact that serving a small business has on carriers and brokers and how innovation could help these folks, as well. It is both challenging and costly to manage a small businesses book because serving these smaller, often first-time business owners comes with more questions, more time spent on renewal and more upkeep. Small businesses often do not have someone solely responsible for operations, and, thus, business owners are figuring out insurance on their own, with little time or patience to learn every intricacy of the insurance process. See also: Start-Ups Set Sights on Small Businesses However, the small business market makes up $100 billion of the $1 trillion insurance market. While not serving these businesses comes with a cost, serving these businesses poorly perhaps comes with a greater cost — not the least of which could be the loss of trust, if not the loss of a customer for life. Without the right systems in place, brokers and carriers will continue to feel the burden of serving small businesses, and small business owners will continue to feel confused about their insurance needs. So the truth that no one is talking about is: Innovation goes beyond helping small businesses; innovation helps everyone, carriers and brokers included. So, what is the solution? When many insurance veterans hear the words “start-up,” “innovation” or “change,” they roll their eyes, and they have the right to. After all, many of these folks have dedicated their lives to selling insurance and managing books worth hundreds of millions of dollars. Traditional carriers and brokers have built strong brands and have served billions of businesses, both large and small. At CoverWallet, we don’t take the expertise of those who have come before us lightly, but we know that finding a better way to acquire, retain and improve lifetime value of small businesses policies in a more cost-effective way is an essential path forward for traditional carriers and brokers. What’s important to understand is that many carriers and larger brokers aren’t well-positioned to take on completely innovating their tech stack, which is where start-ups can fill an unmet need. Start-ups can innovate and build faster and can focus on a single group, while traditional carriers and brokers have largely been forced to focus on many groups, businesses and sizes of business. Overall, start-ups are better poised to:

• Acquire customers: Quotes and binds can take a long time, and carriers are more apt to focus on larger accounts. However, start-ups with an online application can serve businesses faster, moving from quote to bind in record time.
• Service customers: Finding information about insurance online is tough, but with peer comparison tools, informative landing pages and support any way you want it (email, chat, phone) a customer can get questions answered in 1-2-3.
• Retain customers: Retention of small businesses for traditional carriers and brokers gets tougher and tougher year-over-year as customer expectations grow. Many small business owners will at least shop around for a new quote when renewal time comes up, typically because they are disappointed with the level of customer service they have received. Start-ups focused on small businesses, providing a digital solution, built-in notifications and renewal reminders will likely make customers more comfortable with renewing — again and again.

This is not to say that introduction of start-ups into the insurance world means the end of traditional carriers and brokers. Quite the opposite. While start-ups are better-positioned in some ways, even the most innovative start-ups will need the help and support of traditional carriers and brokers. See also: InsurTech Boom Is Reshaping Market   Partnering with a start-up, especially one that focuses on making insurance a digital experience, from the bind to policy management, will no doubt prove valuable for today’s insurers. Doing so will allow carriers and brokers to focus on their largest binds and will reduce the cost of maintaining smaller businesses for the carrier. Having a strong digital presence and giving customers a way to buy online will be essential to the future of the industry. What is important for all players to understand, from start-ups to brokers to carriers, is that the most successful way forward is together.

Healthcare Matters sits down with Dr. Richard Anderson, chairman and CEO of the Doctors Company. In part 7 of our State of Defensive Medicine series, we asked Dr. Anderson how the medical liability insurance landscape has changed over the last 15 years.  

In July 2015, a hacker who goes by the name Phineas Fisher breached an Italian technology company, Hacking Team, that, ironically, sells spying and hacking software tools. Fisher exfiltrated more than 400 gigabytes from the company and declared his motive was to stop its “abuses against human rights.” “That’s the beauty and asymmetry of hacking: With 100 hours of work, one person can undo years of work by a multimillion-dollar company,” Fisher wrote online. “Hacking gives the underdog a chance to fight and win.” Hacktivism, or the act of hacking into others’ computer networks to promote one’s political or other agenda, has been around as long as the internet. But the technology that’s available is easier and cheaper than ever, lowering the barrier of entry even for those with little experience. “You don’t have to be an expert to have access and to cause damage to people and their websites,” says Rick Holland, vice president of strategy at Digital Shadows, which has tools to search the internet and the Dark Web to compile compromised information about their clients. Anonymous, perhaps the most notorious hacking group, largely markets itself as hacktivists. But with the emergence of social media as a loud megaphone that also enables anonymity, other lesser-known hacktivists have become increasingly emboldened in heralding their cause and calling for others to join. See also: 2 Novel Defenses to Hacking of Browsers   Here are five things every company should grasp about hacktivism: • Hacktivists are true believers. They are individuals who often belong to a hacker network group online that shares their values and ideology. They can act alone or be prompted by a broader hacktivist campaign, such as OpIcarus or Ghost Squad Hackers. Hacktivists are motivated by branding their agenda — Operation X — and distinguish themselves from cyber criminals who merely pursue financial gains. But “there’s a lot of blurring of the lines between criminals, espionage actors and hacktivists,” Holland says. “It’s oftentimes difficult to tell who it is. You see some of the cybercriminal organizations that might moonlight take contracts.” • Controversy can make you a target. Controversial individuals, companies and governmental and nongovernmental organizations are often targets. The list of past victims includes autocratic governments, politicians, agrochemical manufacturers, oil companies, pharmaceutical companies, genetically modified food makers, religious groups, social media websites and others. They generally target large organizations. Small- to medium-size businesses typically are not on their radar unless they operate in controversial industries. A small supplier to GMO manufacturers, for example, could potentially be a target. “Hacktivists can come after you because of that relationship in the supply chain,” Holland says. • Attacks can be widespread. Data on the frequency of attacks are hard to come by. But one group, Ghost Squad Hackers, plans to target banks, and their activity offers a glimpse of how quickly plans can proliferate. “We’ve seen 70 different organizations that they’ve announced are going to be targets,” Holland says. • Attacks can take varied forms. Hackers can compromise the target’s computer systems in all the ways that are available to cyber criminals. They can set up a phishing domain that looks like the target’s domain to acquire sensitive information, such as passwords and company data. Using Twitter (or other social media channels), they may coordinate a distributed-denial-of-service attack on a web page to take it down. See also: Hacking the Human: Social Engineering   “We may find this out, and then we can tell the company, ‘Look we’re seeing a campaign against one of your executives,’” Holland says. “We give them an idea of a risk to their staff that they didn’t know about.” • The best defense: Use security best practices, keep a low profile. All the usual cybersecurity steps should be established, such as virtual private networks, multifactor authentication protocol, firewalls and tools to guard against DDoS attacks. Companies should undergo a “threat modeling exercise” to determine how they’d respond in the event of an attack, Holland says. Knowing who to call for help is important. Organizations that can afford cloud-based services should consider them, as a company can move its traffic up to the cloud if it's attacked. “If you’re a big bank, you can afford those kinds of services. But if you’re a smaller-tier company, (you should ask) ‘Do I need to spend that kind of money?’ That’s a difficult question,” Holland says. According to Holland, executives should be trained by the PR staff or consultants to be more careful when speaking publicly and not say things that could incite hacktivists. Suppliers also should be alerted about the possible dangers. “A lot of hacktivists are typically younger, idealistic people who are getting attached to these causes. So there’s no shortage of that,” he says. “This will never end.” More stories related to hactivism: Cybersecurity a concern for candidates on 2016 campaign trail Despite precautions, DDoS attacks becoming more dire, damaging Chaos theory takes root in aftermath of Sony Pictures hack This post first appeared on ThirdCertainty. It was written by Roger Yu.

Paul Harvey used to say, “We’re not one world.” He was right. When I started in the business, it wasn’t one world. But that didn’t matter to the old guy who owned the place. The only opinion that mattered was that of the owner, and, if you didn’t like it, you could leave. That’s the way it was. Today we’re a more diverse world. Mark, a friend of mine and the leader of a very successful organization, reinforced that message. He’s wise beyond his years. He’s not young enough to be my son, but I’d be proud to have him as a younger brother. At a planning session, some of his senior employees went on a rampage about what was wrong with the Gen Xers and the millennials in his organization and in other companies. When asked his opinion, Mark said, “I think they’re bright, creative and very much the future. I think the rest of us are stuck in a rut and only want to criticize the new — we’re the past.” Did I say Mark was wise? See also: Selling to Millennials Is Easy!   Then, the other day, I saw an impeccably dressed white-haired gentleman heading into his boutique for another day of selling designer clothes to his upscale clientele. He wore a seersucker suit, white shirt and a colorful tie. He was dapper, or, as they said in the good old days, “dressed to the nines.” Not two blocks down the street I saw a young man in full urban wear. His pants were hanging to his shoes. He wore a baseball hat that was crooked on his head (either that or his head was off-center for his body). Around his neck hung more gold than my momma, wife and mother-in-law own collectively. He wore shoes that included more colors and probably cost more than all of the shirts in my closet. His look was capped off by a smile and a full “grill.” He was “dressed to it.” My first reaction was to shake my head, but the wisdom of Mark and Paul surfaced in my psyche. I realized that both the young man and the old must have had some success and some sense of style to dress as they were. Both had dressed perfectly for their audience. Yesterday, I finally saw “Bourne Ultimatum.” I anticipated a modern-day James Bond, but I saw more action in five minutes than in all the James Bond movies ever filmed. Bourne moved too fast for me, but I realized how bored most of this audience would be with Bond, James Bond. Much of today's audience is wired by seven hours of video games and three cans of Red Bull. I watched after taking a short nap to make sure I’d stay awake. We’re not one world. Success depends on meeting the needs of the niche you’re in. Don’t expect the marketplace to adapt to your style and values and needs — you must meet theirs.

First, there was science... Some sources suggest probability theory started in gambling and maritime insurance. In both cases, the science was primarily used to help people and companies make better decisions and, hence, make money. Risk management used the mathematical tools available at the time to quantity risk, and their application was quite pragmatic. Banks and investment funds started applying risk management, and they, too, were using it to make better pricing and investment decisions and to make money. Risk management at the time was quite scientific. In 1990, Harry M. Markowitz, Merton H. Miller and William F. Sharpe won a Noble Prize for the capital asset pricing model (CAPM), a tool also used for risk management. This doesn't mean risk management was always always accurate — just see the case of LTCM — but managers did apply the latest in probability theory and used quite sophisticated tools to help businesses make money (either by generating new cash flows or protecting existing ones). Then, risk management became an art... Next came the turn of non-financial companies and government entities. And that's when risk management started becoming more of an art than a science. Some of the reasons behind the shift were, arguably:

• Lack of reliable data to quantify risks — Today, certainly, there is no excuse for not quantifying risks in any type of an organization.
• Lack of demand from the business — Many non-financial organizations of the time were less sophisticated in terms of planning, budgeting and decision making. So, many executives didn't even ask risk managers to provide quantifiable risk analysis.
• Lack of qualified risk managers — As a result, many risk managers became “soft” and “cuddly,” not having the skills or background required to quantify risks and measure their impact on business objectives and decisions.

Many non-financial companies quickly learned which risks to quantify and how. Other companies lost interest in risk management or, should I say, never saw the real value. Today, it's just a mess... What I am seeing today, however, is nothing short of remarkable. Instead of being pragmatic, simple and focused on making money, risk management has moved into the “land of buzz words.” If you are reading this and thinking, “Hold on, Alex. Risk velocity is important; organizations should be risk resilient; risk management is about both opportunities and risks; risk appetite, capacity and tolerances should be quantified and discussed at the board level; and inherent risk is useful,” then, congratulations! You may have lost touch with business reality and could be contributing to the problem. See also: Risk Management, in Plain English   I have grouped my thinking into four problem areas: 1. Risk management has lost touch with the modern science. These days, even the most advanced non-financial organizations use the same risk management tools (decision trees, Monte Carlo, VaR, stress testing, scenario analysis, etc.) created in the '40s and the '60s. The latest research in forecasting, modeling uncertainty, risk quantification and neural networks is mainly ignored by the majority of risk managers in the non-financial sector. Ironically, many organizations do use tools such as Monte Carlo simulations (developed in 1946, by the way) for forecasting and research, but it's not the risk manager who does that. The same can be said about the latest development in blockchain technology, arguably the best tool for transparent and accurate counterparty risk management. Yet blockchain is pretty much ignored by risk managers. It has been years since I saw a scientist present at any risk management event, sharing new ways or tools to quantify risks associated with business objectives. That can also be said about the overall poor quality of postgraduate research published in the field of risk management. 2. Modern risk management is detached from day-to-day business operations and decision making.  Unless we are talking about a not-for-profit or government entity, the objective is simple: Make money. While making money, every organization is faced with a lot of uncertainty. Luckily, business has a range of tools to help deal with uncertainty, tools like business planning, sales forecasting, budgeting, investment analysis, performance management and so on. Yet, instead of integrating all the tools, risk managers often choose to go their separate ways, creating a parallel universe that is specifically dedicated to risks (which is very naive, I think). Examples include:

• Creating a risk management framework document instead of updating existing policies and procedures to be aligned with the overall principles of risk management in ISO31000:2009;
• Conducting risk workshops instead of discussing risks during strategy setting or business planning meetings;
• Performing separate risk assessments instead of calculating risks within the existing budget or financial or project models;
• Creating risk mitigation plans instead of integrating risk mitigation into existing business plans and KPIs;
• Reporting risk levels instead of reporting KPI@Risk, CF@Risk, Budget@Risk, Schedule@Risk; and
• Creating separate risk reports instead of integrating risk information into normal management reporting.

Risk management has become an objective in itself. Executives in the non-financial sector stopped viewing risk management as a tool to make money. Risk managers don't talk, many don't even understand business language or how decisions are being made in the organization. Risk analysis is often outdated, and by the time risk managers capture it, important business decisions are long done. 3. Risk managers continue to ignore human nature. Despite the extensive research conducted by Noble Prize winners Daniel Kahneman and Amos Tversky (psychologists who established a cognitive basis for human errors that are the result of biases) and others, risk managers continue to use expert judgment, risk maps/matrices, probability x impact scales, surveys and workshops to capture and assess risks. These tools do not provide accurate results (to put it mildly). They never have, and they never will. Just stop using them. There are better tools for integrating risk analysis into decision making. Building a culture of risk awareness is critical to any organization's success, yet so few modern risk managers invest in it. Instead of doing risk workshops, risk managers should teach employees about risk perception, cognitive biases, fundamentals of ISO31000:2009 and how to integrate risk analysis into day-to-day activities and decision making. 4. Risk managers are too busy chasing the unicorn Instead of sticking to the basics and getting them to work, many are busy chasing the latest buzzwords and innovations. Remember how “resilience” was a big thing a few years ago? Before that, there was “emerging risks,” “risk intelligence,” “agility,” “cyber risk” — the list goes on and on. It seems we are so busy finding a new enemy every year that we forget to get the basics right. See also: Key Misunderstanding on Risk Management Lately , consultants seem to have too much say in how modern risk management evolves. The latest installment was the new COSO:ERM draft, created by PwC and published by COSO this June.  The authors sure did “innovate” — among other “useful ideas,” they came up with a new way to capture risk profiles. That is nice, if risk profiling was the objective of risk management. Sadly, it is not. Risk profiling in any form does little to help executives and managers make risky decisions every day. For more feedback on COSO:ERM, click here. To be completely fair, the global team currently working on the update for the ISO31000:2009 also has a few consultants who have a very limited understanding about risk management application in day-to-day decisions and in helping organizations make money. I think it's time to get back to basics and turn risk management back into the tool to help make decisions and make money. I am interested to hear your thoughts. Please share and like the article and comment below.

As Bruce Buffer, voice of the UFC, would say, "IIIIIIIIIIIIIIIIIIIIIIIT'S TIME!" In this case, it's time for big pharma to stop just defending its prices and to start to tap into the consumerism that is transforming healthcare. Check out these stats (mostly from Google and Decisions Resources Group):

• One in 20 online searches is for health-related questions.
• According to comScore, health topics are the No. 1 search category on mobile.
• 72% of people with pre-existing conditions searched for medical info online.
• Half of all patients and caregivers already turn to digital channels to look up formulary or dosing information.
• After a diagnosis, 84% of patients searched for options.
• In a report by Decision Resources Group of 1,000 physicians, more than 50% reported their patients are more actively involved in treatment decisions — and these doctors called on pharma to support affordable options, provide relevant information and make online information more understandable.

The latest survey from Medical, Marketing & Media (MMM) shows 76% of pharma respondents use digital marketing, but the channel segregation below shows respondents devoted the greatest percentage of their marketing budgets to professional meetings/conferences and sales reps/materials. Digital channels — including websites, digital advertising and social media — lagged behind. More surprising is that only half of both large and small pharmaceutical companies see the growth of consumerism in healthcare as an opportunity. But that's EXACTLY where the opportunity for growth lies. To thrive in the new era of value-based care, pharma companies will need to change their marketing strategy toward partnering and will certainly need to focus far more on the individual consumer. See also: Checklist for Improving Consumer Experience   Trying to scare politicians away from lower-price reforms with the “It will kill our R&D” excuse is becoming the “BOO!” that no longer scares the grown-ups. Both 2016 presidential candidates, Hillary Clinton and Donald Trump, plan to stimulate price competition through imports — and there is bipartisan pressure to lift the ban on Medicare's negotiating drug prices. Apart from trade groups and shareholders, high-priced pharma doesn't have many friends. Payer pressure is bad enough, but if you don't get into the value-based care game, you are going to be on the wrong side of a very emotional equation. Patients have greater financial burdens because of higher deductibles and greater cost-sharing requirements, with varying medication tiers. Providers are ever-burdened with less time, and, now, a greater level of risk is being put on them to deliver higher-quality care, better outcomes and greater patient satisfaction — all at a lower price. Patients are not just seeking advice from providers. They are increasingly online, and at all hours. Plus, we're going to start to see greater levels of patient-generated healthcare data with wearables and digital technology. And, as we have seen, half of consumers spend their online time on social media. (HINT: Tap into consumers' behaviors and beliefs, show that you genuinely care and engage them in ways that let them feel as though you are part of their health team.) The writing is on the wall. Consumers are practically screaming out what they want and need from you. Partner with wearable and EHR companies. Start developing ways to capture and interact with your customers — specific to individuals, at the best times to engage. Find ways you can partner with hospitals, physicians and affordable care organizations (ACOs) to get into their care pathway in ways that help them lower costs to patients and payers. See also: Stop Overpaying for Pharmaceuticals   Say “yes” to predictive modeling, big data, analytics, lots of testing and customer segmentation. “Yes” to retaining some of the traditional marketing. Most of all, become human in your approach. Put yourself out there and let people know that you are no longer on an island, separate from everyone else. Let them know your port and beaches are open to more boats and more people than ever before.