Tag Archives: surveillance

3 Game Changers — and How to Survive

The follow-the-leader principle works on a trail that has proven to be relatively safe from perils and predators. However, when new frontiers are breached, a new kind of leadership is required for survival.

Insurers have generally been able to just follow the leader for ages, but now a new frontier has been breached. The insurance industry is vulnerable to three game changers that consumers are eager to embrace.

Drawing on remarks I made recently at a keynote for the National Association of Mutual Insurance Companies Annual Conference, here are the game changers:

The first big disrupter is data collection. Insurance is built on the principle of using accurate data and statistics to build underwriting financial models that serve to predict behavior and events from an actuarial or probability standpoint. London’s Edward Lloyd figured this out when he opened his coffee shop in 1688, and people started selling insurance to merchants and ship owners. His motto was fidentia, Latin for confidence. We now refer to “confidence factors” when estimating future losses.

Insurers have been notorious for using forms to collect data. But, today, a person is subjected to more new information in one day than a person in the Middle Ages saw in his entire life. If modern competitors to the insurance industry can obtain more accurate data in a faster and more in-depth manner, they may beat insurers at their own game.

With cloud computing and its infinite data storage/retrieval capability, trillions of bits of information relating to insureds are available. Data sources track things like profile patterns, such as personal Internet searches or satellite surveillance data. Relevant data can be mined and analyzed to build a risk model for every insurable consumer or business peril from property and vehicle insurance to earthquake and weather insurance.

The five biggest data collectors on the planet are Google, Apple, Facebook, Yahoo and Amazon. These high-tech companies have the ability, financial resources and potential desire to foray into the insurance industry. Keep in mind that in 2014 the world’s top 10 insurers received $1.2 trillion in revenue, yet surveys have shown that people around the world have grown to use and trust the products and services provided by the five biggest data collectors.

Accessibility and familiarity are allowing profitable new brands to replace old brands. Consumers also prefer and use third-party validation and independent comparisons found on websites.

What does this spell for the insurance industry? Sadly, consumers have grown more uncomfortable with reliance on and interaction with agent relationships. John Maynard Keynes once said: “The difficulty lies not so much in developing new ideas, as in escaping from old ones.”

The second emerging threat to insurance is botsourcing — the replacement of human jobs by robotics. The robots haven’t just hatched in agriculture or auto assembly plants — they’re expanding in a variety of skills, moving up the corporate ladder, showing awesome productivity and retention rates and increasingly shoving aside their human counterparts.

Google won a patent recently to start building worker robots with personalities. Move over, Siri.

Author and entrepreneur Martin Ford, in his book Rise of the Robots, argues that artificial intelligence (AI) and robotics will soon overhaul our economy. Increasingly, machines will be able to take care of themselves, and fewer jobs will be necessary.

Reassessment of the way we employ our workforce is essential to cope with this new industrial revolution. The lucrative insurance realm of personal and product liability insurance lines and workers’ comp is being tempered as human risk factors — especially in high-risk areas — give way to robotics. The saying goes: “Management is doing things right, but leadership is doing the right things.”

How will the insurance industry react to the accelerating technology of bot-sourcing?

The third emerging threat to the insurance industry that has received enormous attention this past year autonomous vehicles. More than a half-dozen carmakers, as well as Google and Uber, predict that self-driving vehicles will be commonplace on our roads between 2017 and 2020. Tesla Motors CEO and general future-tech proponent Elon Musk has predicted that human drivers could someday be outlawed. Humans cannot outperform an autonomous vehicle, which can assess and react to more than 7,000 driving threats per second. There are no incidents of driver impairment, reckless driving, DUIs, road rage, driver texting, speeding or inattention.

With a plethora of electronic distractions, increased safety can only be achieved when human drivers are removed from the equation. Automakers have employed an incremental approach to safety in their current models. These new technologies are clever and helpful but do not remove the risks. There’s a phenomenon called the Peltzman Effect, based on research from an economist at the University of Chicago who studied auto accidents. He found that, when you introduce more safety features like seatbelts into cars, the number of fatalities and injuries doesn’t drop. The reason is that people compensate for it. When you have a safety net in place, people will naturally take more risks. Today, 35,000 vehicle occupants die in the U.S. because of auto accidents. Autonomous vehicles are expected to cut auto-related deaths and injuries by 80% or more.

One of the biggest revenue sources to insurers is vehicle insurance. As autonomous vehicles take over our roads and highways, you need to address all the numerous unanswered questions relating to the risk playing field. Who will own the vehicles? How can you assess the potential liability of software failure or cyberattacks? Will insurers still have a role? Where will legal liabilities fall? Who will lead the call to sort these issues out?

Clearly, the lucrative auto insurance market will change drastically. Insurance and reinsurance company leadership will be an essential ingredient to address this disruptive technology.

As I told the conference: Count on Insurance Thought Leadership to play a significant role in addressing these and other disruptive technologies facing the insurance industry. A Chinese proverb says: “Not the cry, but the flight of a wild duck, leads the flock to fly and follow.”

How to Avoid Work Comp ‘Fact-cidents’

Every workers’ compensation claim is not preventable, when you consider that some are deliberate. With due respect to the art and science of safety, preventing real physical accidents and repetitive traumas is essential. However, we also need to be mindful of and prepared for the non-accident accident. Let us refer to these situations as “fact-cidents” because their construct relies on the ability of a claimant to tell a credible story void of facts.

First of all, let’s establish fact-cident detection as an employer’s responsibility. An adjuster with the best list of “red flags” cannot match the gut instinct of an astute employer who knows an employee’s history and extraneous issues and has opportunity to look that employee in the eye. An unwitnessed fall out of a chair or a bump against a restroom-stall door, or a “giving out” of the knee when turning with a parts tray in hand can be very valid claims… until they are not, mainly because the employer knows something deeper about the employee’s motivation.

The employer must share concerns with the adjuster within the early hours or days of a claim to support heightened focus. Most fact-cidents cannot simply be denied. Very quick work is required. The good news is that fact-cident defense is time-consuming but not complicated. It simply involves obtaining multiple verifications of the story. Just like the old saying, “there is no such thing as the perfect crime,” there is also no such thing as the perfect false claim. Enough prodding will diminish credibility and isolate the fact-cident for the house of cards that it is.

Quick Tip: Ask, Ask Again and Ask Some More

An injured worker should be required to reiterate his story four to six times within the first 48 hours. Here is an optimal sequence:

– Report to supervisor, who writes down claimant’s account

– Call in to triage line, where a nurse interviews and records claimant’s detailed account

– Workers’ comp lead (WC or risk manager, HR, benefits, company nurse, etc.) requires discussion and writes down another reiteration of the incident

– Treating doctor requires a detailed reiteration of the incident as part of history

– Adjuster takes recorded statement of the claimant’s account

– Adjuster and employer-leaders separately circle back to claimant after doctor visit to get claimant’s version of the doctor’s assessment

With these multiple stories and queries, the true detective work begins in comparing and sharing claimant versions. Fact-cident claimants notoriously will assume what certain parties want to hear and adjust stories accordingly. They also may enhance their story gradually with each reiteration. After medical visits, they often alter what actually happened or was said by the doctor. Sadly enough, many seem to think they can play all sides to the middle with no cross-checking among the crowd. Don’t let that happen!

The investigative test relies on comparing all versions and then, as might be indicated, sharing with other parties. For example, if the initial supervisor and HR manager reports mention non-falling incident with ankle pain but the version to the doctor claims a fall to the floor adding hip, back and elbow pain, you have an immediate piece of evidence validating suspicions. You can confidently invest and engage denial, defense, independent medical exam (IME), surveillance, field nurse, et. al.

Inconsistencies can also be presented to the doctor for review and revision or re-exam to correct any false reliance on claimant’s story. If possible, with cooperative providers, the early internal reports can be shared with treating doctor in real time so she can diligently test the employee’s credibility against other statements.

An even more powerful reason to collect and solidify various versions is to avoid future attorney representation and fact-cident influencing. Worst-case scenario with lack of early employee statements is that an attorney gets to coach the employee into a tighter self-serving story later on.

When you suspect an accident is actually a fact-cident, don’t accept any aspect at face value. Put in the time to either confidently validate and pay the claim or justify heavy investments in defense.

As a bonus, from the big-picture perspective, this type of consistent diligence establishes a general no-nonsense workplace attitude and culture when it comes to workers compensation.

Surveillance Cams: A Hacker’s Delight

It didn’t take much tech savvy for the creator of the website insecam.com to aggregate web links to more than 73,000 live surveillance cameras in 256 countries. The result: Anyone can use insecam.com to tap into any of these webcams and see what they’re pointed at, mostly in commercial properties.

Each of these webcams uses the default password that shipped with the unit. And so now each is accessible by anyone via insecam.com.

The Internet of Things (IoT) is on the verge of explosive growth. Research firm IDC projects the market for Internet-connected webcams, cars, electricity meters, gaming consoles, TVs, refrigerators and other household items will grow at 9% a year for the next few years. Global spending on technology and services to expand IoT will climb from $4.8 trillion in 2012 to $7.3 trillion by 2017, IDC predicts.

Insecam.com’s unique search service highlights the fact that wide swaths of the IoT are being implemented without so much as a nod toward the sudden creation of profound privacy and security exposures.

More: 3 steps for figuring out if your business is secure

ThirdCertainty asked Hagai Bar-El, CTO of Sansa Security, to outline what’s at stake for consumers and businesses.

3C: How did we get to a point where thousands of webcams are essentially wide open on the Internet?

Bar-El: Webcams today are incredibly inexpensive and practically commoditized. Unfortunately, most consumer-grade webcams do not offer much in terms of added security. Consumers who are unaware of the importance of security measures typically rely on the default username and password that shipped with the webcam. Or their passwords are so weak that they are easily guessed, thus leading to new websites that enable voyeurs to peer into people’s personal lives in real time.

3C: Is it just security cams in commercial buildings? How exposed are the home surveillance cams that are being widely marketed to consumers?

Bar-El: Most surveillance cams that are sold to households have three shortcomings: First, they lack strong security features. Some cameras do not encrypt traffic, some do not encrypt user passwords, and many do not support user authentication by any mechanism other than passwords. Second, many cameras are designed and distributed without any security engineered into the hardware or software layer of the product.

The Insecam project creators were able to feature real-time personal video-streaming data because the only security measure implemented on the affected cameras was a default administrative log-in. Lastly, most webcams have limited and hard-to-use update capabilities, so even as flaws are discovered, it is practically impossible to update them on a large scale.

U.S. Security Cameras

3C: Besides webcams, what are one or two other aspects of IoT that folks should be most concerned about?

Bar-El: In the industrial enterprise space, people should be concerned with situations where IoT touches physical security and/or money, such as SCADA, automotive, financial and medical devices. In the home automation space, we are concerned about hackable IoT devices that control door locks and alarm systems.

3C: The mobile banking and mobile wallet industries are moving to take passwords out of the equation. Are any consensus solutions gaining traction?

Bar-El: The trend we are seeing is the adoption of secure cryptographic authentication between an IoT device and the service with biometric or PIN authentication between the human user and the IoT device. This type of two-factor authentication will make future IoT devices both user-friendly and more secure.

hagai-bar-el150px

3C: It seems like IoT is going to spread faster than good security and privacy practices. Agree or disagree?

Bar-El: Agree. IoT manufacturers today want to sell as many devices as they can to quickly establish market share. Security takes time and requires skills that many manufacturers currently do not have. By providing security solutions starting at the chip level and allowing developers to provision security updates to their devices from the cloud, we believe we can make the security around next-generation IoT devices future-proof.

3C: How do you see the fundamental situation playing out in 2015?

Bar-El: In 2015, IoT manufacturers will recognize the “build now, fix later” model is not sustainable and that important security features must be baked in when products ship. Considering that the IoT devices currently entering the market are smart-home-focused, the security mechanisms manufacturers introduce in 2015 must be future-proof for at least a decade, and they need to include mechanisms that enable that device to be updated in real time in the event a critical vulnerability is ever discovered in the product.

4 Technologies That Are Changing Risk

This summarizes a session from RIMS that was headlined by Google Risk Manager Kelly Crowder as well as Google Global Safety Manager Erike Young. I served as the event host and moderator, teeing up the subject matter. We focused on four major areas of technology that are driving transformative change in the way we do things and, thus, changing risk. Disruptive technology, as the panel pointed out, forces risk managers and insurers to imagine and forecast how various advancements affect: safety; risk assessment; regulatory and legal parameters; and insurance implications.

Albert Einstein set the course for the future when he said: “The true sign of intelligence is not knowledge but imagination.” Ideas can reach beyond probable or practical restraints.

Google takes that notion to heart at Google X, a semi-secret lab located in Silicon Valley that aims via research and development to advance scientific knowledge and fuel discoveries that can change the world. “What if” abstract concepts, also known to Google as “moonshots,” are tireless experiments that often fail but that occasionally produce disruptive technology. The mantra is “fail fast, fail often, fail forward.” Learn and change. Sergey Brin, one of Google’s co-founders, and scientist Astro Teller (Captain of Moonshots) seek to improve existing technologies by a factor of 10. Google began with the self-driving car in 2010. Google X now includes a life sciences division involved in bionics.

As with the radical transportation shift to horseless carriages 130 years ago, the technologies are changing risk in profound ways, but the positive and negative impact of new technology can be hard to predict.

Starting with Botsourcing and Robotics, the panel highlighted the trend of companies to utilize robots and artificial intelligence for a wide array of service industries, manufacturers, medical providers and first responders, which seek safer, more efficient and cost-effective ways of serving clients or conducting business. While more dangerous occupational risks and blue-collar jobs are expected to be safer and more efficient, it remains uncertain whether the demand for labor will continue to grow as technology marches forward. Within 10 years, more than 40% of the workforce is expected to be affected by or replaced with robotics.

One positive sign noted in the presentation is that many American companies using robotics and 3D printing technologies, are transferring production facilities from overseas back to the U.S. and creating homeland jobs in the process. New job skills will become necessary to sustain broad-based prosperity. With respect to the highly advanced robots expected to integrate into society, the panel if their cognition will ever replace emotionally oriented skills. Will the warmth of human interaction remain a value in the future?

Another area of advancement is Surveillance and Wearable Biometrics. The Internet of Things represents the embedding of physical objects with sensors and connectivity. Devices like smart thermostats, as Google pointed out, are able to learn from our behavior patterns to anticipate our needs at home or work on a 24- hour basis. Our security and monitoring systems are tied to public safety, medical providers and our smartphones. Data collection is growing at an enormous pace, effectively tracking our every move. This, as pointed out, has created concern for privacy and for the increasing vulnerability to cyber threats.

Fixed and mobile surveillance cameras have facial identification technology. Unmanned aerial vehicles (UAV’s), also known as drones, can be preprogrammed to operate autonomously, although the panel pointed out that current FAA restrictions require an operator following visual line-of sight rules below 400 feet of altitude. It’s expected that, within the next few years, there will be autonomous drone surveillance and product delivery systems.

Utilities can use drones to monitor power transmission lines at 1/10th the cost of a helicopter and with safety and efficiency impossible with helicopters. Public safety departments can use UAVs to assess damages as well as risks. Four U.S. insurers are currently using human-operated drones to assess property damage claims arising from natural disasters. The panel showed photos of UAVs that look like insects that are the size of a fingertip.

Wearable biometrics are much more sophisticated than Apple watches and Fitbits. Google explained the company’s quest to improve health monitoring systems. With 9.3% of the U.S. population alone (29 million) suffering from diabetes, Google sells a revolutionary contact lens, developed with Novartis, that monitors glucose levels and corrects vision similar to an autofocus camera. Other panel photos show tattoo-like patches thinner than a human hair that stick to the skin. Using microfluidic construction, these nearly invisible patches monitor EKG and EEG bodily functions and transmit the data 24/7 wirelessly. Similar monitors, known as smarty pants, can be sewn into underclothes and bras.

Exoskeleton Technologies are being developed by more than a dozen major manufacturers, as the panel demonstrated, and their products are expanding human capacity and endurance far beyond most expectations. These are wearable machines that combine human intelligence and machine power to achieve nearly any conceivable task without falling. Used by the military, public safety, hazmat teams and industries and for medical rehabilitation, exoskeletons let humans perform feats that would have been physically impossible a few years ago. Neuro interfaces with bio-logical signals allow paraplegics to relearn lost functions. Some patients can actually experience running a four-minute mile or play certain sports. Lifting is painless and commonplace with weights of 40 to 60 pounds, with new technology allowing a person to run without falling down with 200 pounds of weight on their back. A la “Iron Man,” exoskeleton suits are being designed into wearable fabrics with micro energy packs.

This area of technology has the greatest potential of protecting workers from soft tissue strains and back injuries. In addition, it serves a dual purpose of advancing an injured worker’s rehabilitation and recovery process without the inherent risk of getting reinjured. As pointed out, experts expect industrial injuries to be reduced as much as 70% as exoskeleton technology is woven into the workplace as personal protective equipment (PPE). Perhaps a bigger question, with an aging workforce and population, is the unknown cost and whether employers, insurers or individuals will bear the expense.

The fourth and final technology covered by the panel was Autonomous Transportation Systems and Devices. Google pioneered self-driving vehicles and leads in the development of its associated technology, but autonomous vehicles are now being produced and tested by a growing number of manufacturers. In March 2015, Delphi sent a driverless Audi SUV on a 3,400-mile trip through 15 states from San Francisco to New York City in eight days without an accident. Auto manufacturers are approaching self-driving features on an incremental basis with self-braking, self-parking and other autonomous safety-related features. Google has inspired a jump to a fully autonomous vehicle with no steering wheel or brake. These self-driving vehicles perform 7,000 safety processes per second at high speeds with far safer results than any human driver.

The impact of self-driving vehicles, including trucks, is expected to be commonplace within 20 years or sooner. A recent national survey of drivers indicated 44% are looking forward to autonomous vehicles. Respondents cited safety as their first priority. Their second reason was their expectation that they would not be paying for car insurance, which averages $820 per licensed vehicle per year in the U.S. Statisticians expected a drastic reduction of injuries as well as reduced violations like DUI, speeding and running red lights. With 35,000 motor vehicle deaths each year in the U.S., increased safety coupled with increased freeway efficiencies of ultimately more than 10 fold are issues that will make this a disruptive technology that will seem long overdue.

As the Google risk management team pointed out, insurers don’t know how to react or respond to the inevitable switch to autonomous vehicles. Even on a road test basis, auto insurance underwriters are scratching their heads trying to assess the risk implications.

As the panel pointed out to the inquisitive audience during the Q&A session, it may be relatively simple to determine the impact of new technology from a measurable, scientific basis. But the big challenge for risk managers is imagining the implications these various technological advancements will have on our organizations, workforce and insurers. Auto insurers have at least $500 billion in annual premiums at stake in the U.S. alone. What will happen to that revenue when we shed our need to get behind the wheel every day?

Google also pointed out that each of the technological areas cover a wide range of regulatory implications. While they attempt to notify every conceivable regulatory entity as they develop and test new products, it’s clear that there often aren’t clear legal or regulatory guidelines in place. How will regulators be able to promulgate new rules, regulations and laws as these science fiction-like inventions come to reality?

As Dr. Seuss said so profoundly, “Think and Wonder. Wonder and Think.”

ITL and its 400-plus thought leaders are providing the kind of wisdom and insight we will need to help bring all the parties together to solve these challenges. We welcome you to the conversation.

RIMS 2015