Tag Archives: property policy

Space, Aviation Risks and Higher Education

What do you do when a group of precocious students decide to build a satellite and launch it into space? Or, when they decide to build an unmanned aviation vehicle (UAV)—more commonly known as a drone—and fly it over a busy urban market? Or, when they design and launch a few rockets October Sky-style from a training field on campus before heading to a NASA competition for a chance at $50,000 in prize money?

As a risk manager, considering the answer to these questions may cause a heart palpitation or two as you think about the potential effects of these educational opportunities on the educational institution. Not only does the institution face increased liability and property damage risks, but there is also the potential for increased risk to reputation and even regulatory compliance considerations.

Insurance was likely the last thing the students at St. Thomas More Catholic School in Arlington, VA, were thinking about when they began construction on a shoebox-sized satellite called Cubesat. According to a Washington Post article, the purpose of Cubesat, which was released from the International Space Station on Feb. 15, 2016, is to beam photos from 200 miles above the Earth back to computers in their school library. You can view pictures from the satellite here.

See Also: Should We Take This Risk?

Insurance was also, probably, the last thing students from the University of Wisconsin-Whitewater were thinking about in October 2015 when they launched their drone to capture aerial images of the new Whitewater City Market. According to the University of Wisconsin News, the purpose of the project was to respond to the market organizer’s request to geographically depict the organic growth of the Whitewater City Market. A video of the aerial images has been posted to YouTube and can be viewed here.

To the 54 college teams selected by NASA for 2015-2016 NASA Launch Challenge, insurance was likely pretty low on the list of considerations as the teams worked to design, construct, test, launch and successfully recover a high-powered reusable rocket and its payloads. The purpose of the challenge is to encourage participation in STEM fields and to examine innovative solutions to potential issues that may arise during space travel. There is also $50,000 in prize money for the top three teams that complete the challenge. For 2015-16, the competing rockets will be launched on April 16, 2016.

So, what are the risks associated with these types of activities, and how can insurance assist the college in transferring some of these risks?

According to a white paper recently published by Allianz, a large commercial insurer, these types of aviation/space risks can be bifurcated into two areas: (1) ground or pre-launch risks and (2) in-orbit or post launch risks.

Ground risks include:

  • Hazard or catastrophic risk to facilities because of fire. This type of risk can be significantly increased if someone is using flammable chemicals, such as nitrogen or any of the components present in rocket fuel. Keeping these materials on campus can create additional risk for the institution, which may not be contemplated in current insurance programs.
  • Transportation risk increases the risk of property and liability losses. Moving rocket components, including flammable materials, increases the potential for losses to (1) the components themselves and (2) a third party that may be injured as a result of an incident on the road.
  • Liability loss because of launch failure may result in damage to property near the launch site or even injury to a third party, faculty member or student. Failure to take adequate safety precautions during design/construction—working with chemicals, power tools and other materials—may result in increased potential for injury to students and faculty participating in the project.

Post-launch risks:

  • Loss of the object because of malfunction, damage or equipment failure, items that represent a significant investment of time, resources, and materials. Such a loss may result in the inability to participate in a competition, a loss of grant money or additional time spent rebuilding or reworking the project.
  • Liability loss due to in-air collision, falling objects or interference with another aerial object (such as a satellite signal or an airplane’s operating equipment)—these types of incidents may result in significant bodily injury or property damage of a third-party property.

Typical insurance policies maintained by most institutions may not provide adequate coverage for space/aviation risks:

Property policy—Provides coverage for loss or damage to property, equipment and materials of the university. Coverage is generally broad but may exclude: (1) hazardous materials, (2) property in transit or off premise, (3) property not owned by the university and (4) pollution because of the release of a hazardous substance or chemical.

General liability policy—Provides coverage for the injury or property damage of a third party because of the negligence of the institution or those operating on behalf of the institution. Coverage responds to a wide range of standard risks, but there may be exclusions for: (1) aviation risks, (2) loss caused by the acts of a third party, such as a student or contractor, (3) third-party liability related to a discharge of pollutants/chemicals, (4) loss of institutional reputation or cost of a crisis management team, (5) coverage for regulatory fines and penalties for failure to obtain proper permits, etc. and (6) the liability to a third party because of the failure of a vessel to perform as expected or because of a design flaw.

Automobile liability policy—Provides coverage for liability and property damage associated with the operation of a motor vehicle. Coverage responds to a wide range of standard risks, but there may be exclusions for: (1) pollution because of the discharge of a chemical substance transported on or in the vehicle, (2) liability for use of third-party transportation, such as a rental vehicle or bus charter or the use of a personal vehicle by a faculty member or student and (3) property damage to institutional property being transported on or in the vehicle.

There are additional types of coverage that may be needed, including:

Pollution coverage—Including premises pollution (to provide coverage for the institution’s own facilities) and pollution liability coverage (to provide coverage for third-party exposure to pollutants)

Aviation/space coverage—Specialized policies can provide coverage for losses to an aerial vessel or its equipment and, also, for the most common types of liability loss (collision, crash or interference). Note: Special endorsements may be required for drones.

Inland marine rider/policy—Provides coverage for scheduled equipment and property that may not otherwise be covered by the institution’s standard property coverage. This can include coverage for property that is being transported in a vehicle

Crisis management coverage—Provides coverage for loss or damage to the institution’s reputation; this may include coverage for the costs to engage a crisis mitigation team and public relations experts or the cost to take other steps to preserve and restore the reputation of the institution.

See Also: What Is the Future for Drones?

Professional liability—Provides coverage to professionals because of the failure of the design/construction or for the failure of the devise to perform as intended. This coverage may include coverage for damages not related to injury or to property damage— including the financial loss and the costs for rework and redesign.

Not all insurance policies are created equal—individual coverage and policies may respond differently. Please consult with an expert if you if you have questions about coverage for these types of institutional activities.

New Way to Audit Digital Assets

In the real world, it would be considered reasonable and appropriate to require an independent audit of digital assets to be insured. In cyberspace, this is more challenging. Insurers have to rely on the insured to tell the truth about what assets have been affected by a breach.

Integrity standards for data enable insurance companies to conduct an independent audit of what digital assets exist (e.g., client data, intellectual property) prior to a breach, thus preventing fraudulent claims.

One aspect of a data integrity standard is keyless signature infrastructure, known as KSI. KSI is a disruptive new technology standard that can effectively address some of the issues insurers face in the rapidly emerging cyber liability domain. It can enable mutual auditability of information systems to allow stakeholders to know the cause of a breach, mitigate the risk of breach escalation in real time and provide indemnification against subrogation and other legal claims.

The concept of a digital signature for electronic data is very straightforward: a cryptographic algorithm is run on the data, generating a “fingerprint of the data”; a tag or keyless signature for the data that can then be used at a later date to make certain assertions, such as signing time, signing entity (identity) and data integrity. KSI offers the first Internet-scale digital signature system for electronic data using only hash-function-based cryptography. The main innovations are:

  1. Adding the distributed delivery infrastructure designed for scale
  2. No longer requiring cryptographic keys for signature verification
  3. Being able to independently verify the properties of any data signed by the technology without trusting the service provider or enterprise that implements the technology

Other features include:

  • Unlike digital certificates, keyless signatures never expire; the historical provenance of the signed data is preserved for the lifetime of the data, and people are not required in the signing process.
  • Use of keyless signatures strengthens legal non-repudiation for data at rest.
  • There are no keys to be compromised or to revoke. This fundamentally changes the security paradigm. It is important to understand that if data integrity relies on secrets like keys or trusted personnel, when these trust anchors are exploited there becomes an unlimited liability for the data protected by those trust anchors. This occurs because there is no way to determine what has happened to the data signed by those private keys or maintained by those trusted personnel. Evidence can be eliminated; data changes can occur without oversight; and log/event files can be altered. The exploiters can provide the picture they want you to see. Keyless signatures remedy this problem.
  •  During a breach, active integrity can be provided with cyber alarms and correlated to other network events by auditors, network operations center and security operations center(s). Active Integrity means real-time, continuous monitoring and verification of data signed with keyless signatures. With active integrity, real-time understanding is achieved as to the coherence and reliability of technical security controls and whether the digital asset has integrity.
  • Underwriting cyber policies becomes much simpler and more efficient because there is transparent evidence certifying the integrity of the data, the technical security controls protecting the information and rules governing the transmission, modification, or state of the insured asset(s).

A “managed security service” resulting from the implementation of KSI marks a new era for insurers. As they seek organizational intelligence of digital assets to make real-time policy adjustments, they are also making concrete conclusions about the insured asset risks, threat, exposure and cyber landscapes affecting clients. Claims processing and disputes become simpler as the technology preserves the forensic traceability and historical provenance of the digital asset, enabling rapid determination of when and how a breach or manipulation occurred and who or what was involved. Hackers and malicious insiders cannot cover their tracks. Moreover, proving negligence is now possible. Negligent acts may be quickly detected and proven in the event the service provider does not comply with the contracts maintained in force with the enterprise.  

Most breaches today go unnoticed until long after they occur and the damage has been done. Active integrity involves continuous verification of the integrity of data in storage using keyless signatures. It is equivalent to having an alarm on your physical property and a motion detector on every asset that cannot be disabled by insiders.

Because of the volatile nature of electronic data, any hacker knows how to delete or manipulate logs to cover his tracks and attribute his activity to an innocent party, which is why attribution of crimes on the internet is so difficult. Integrity is the gaping security hole. A loss of integrity is what leads to data breaches, introduced by malware, viruses or malicious insiders.

Public key infrastructure (PKI) will never be the solution to integrity or usable for large-scale authentication of data at rest. The forensic evidence of keyless signatures makes legal indemnification issues easy to resolve, highlighting who, what, where and when a digital asset was touched, modified, created or transmitted. This places the onus on the “use” of data and not collection, providing auditability across service providers and the internet. Privacy is maintained, but there is also transparency and accountability for how data is used. Every action can be traced back to the original source that is legally responsible. This simplifies service-level agreements, pinpoints liability in the event of accidental or malicious compromise, and indemnifies independent data providers from legal claims.

This article is an excerpt from an EY report titled “Cyber Insurance, Security and Data Integrity; Part 1: Insights into cyber security and risk — 2014.” For the full report, click here