Courtesy of iii.org

There’s a road in my town that’s widely regarded as a speed trap. We all know drivers who say they were unfairly stopped and ticketed on it. I’ve never been and, come to think of it, neither has anyone I talk to about it. Maybe it’s because we live in town and “everyone knows” about the trap.

Cyber is a relatively new, evolving risk. Insurers manage their exposures, in part, by setting coverage limits and excluding events they don’t want to insure.

Sure, people get ticketed. The road is straight and wide, and I guess some feel they should be able to drive faster than the clearly posted speed limit. Or maybe they think the “real” limit is somewhat north of the number posted.

Is that really a “speed trap”?

I think of this road when I hear people say they don’t buy cyber insurance because “everyone knows” cyber claims don’t get paid.

Poster child for “cyber” denial

The example on everyone’s lips when this topic comes up is Mondelez International, the food and beverage giant hit by the NotPetya ransomware attack in 2017. Mondelez incurred losses exceeding $100 million, and its insurer denied coverage based on a war exclusion.

The irony? The policy in question covered property, not cyber. One can argue – as Mondelez does in a lawsuit – that the war exclusion is being unfairly applied, but businesses aren’t ceasing to buy property insurance on account of it!

Cyber claims data are hard to come by, but for nine years NetDiligence has published a Cyber Claims Study analyzing paid claims. The 2019 study looks at more than 2,000 such claims aggregated in over 20 ways, including types and amounts of losses, incident causes, data types exposed, business sectors affected, revenue size of claimants, and financial impact.

Verisk, whose cyber products help insurers write coverage based on their policyholders’ risk characteristics, doesn’t publish claims data but aggregates and incorporates them into its analytics.

NetDiligence publishes an annual Cyber Claims Study. Verisk aggregates and incorporates claims data into its analytics. Why do so many believe cyber claims don’t get paid?

Why the perception/reality gap?

Cyber is a relatively new, evolving risk. Insurers manage their exposures, in part, by setting coverage limits and excluding events they don’t want to insure. Indeed, in a recent survey by J.D. Power and the Insurance Information Institute, small-business owners named “too many exclusions” among the top reasons they don’t buy cyber coverage.

Claims are often denied because of exclusions policyholders might not have known about or understood. Some insurers, for example, include “failure to follow” exclusions for claims arising from inadequate security standards.

Everyone’s responsibility

If insurers want businesses to buy cyber policies and not be hit with unpleasant surprises at claims time, they need to be aggressively transparent about what’s included and excluded. Relegating this to fine print is not a good strategy.

Brokers and agents need to educate themselves about their clients’ needs and be fastidious in aligning coverage recommendations with those needs.

And insurance buyers – those with most at stake – need to understand cyber perils and insurance. For example, insurers require a cyber hygiene self-assessment from applicants. If, after an incident, that assessment proves inaccurate – say, if encryption practices were misrepresented – coverage can be denied.

Insurance isn’t a replacement for cyber diligence. But it can complement it as part of a well-planned risk management program.

Courtesy of iii.org

There’s a road in my town that’s widely regarded as a speed trap. We all know drivers who say they were unfairly stopped and ticketed on it. I’ve never been and, come to think of it, neither has anyone I talk to about it. Maybe it’s because we live in town and “everyone knows” about the trap.

Cyber is a relatively new, evolving risk. Insurers manage their exposures, in part, by setting coverage limits and excluding events they don’t want to insure.

Sure, people get ticketed. The road is straight and wide, and I guess some feel they should be able to drive faster than the clearly posted speed limit. Or maybe they think the “real” limit is somewhat north of the number posted.

Is that really a “speed trap”?

I think of this road when I hear people say they don’t buy cyber insurance because “everyone knows” cyber claims don’t get paid.

Poster child for “cyber” denial

The example on everyone’s lips when this topic comes up is Mondelez International, the food and beverage giant hit by the NotPetya ransomware attack in 2017. Mondelez incurred losses exceeding $100 million, and its insurer denied coverage based on a war exclusion.

The irony? The policy in question covered property, not cyber. One can argue – as Mondelez does in a lawsuit – that the war exclusion is being unfairly applied, but businesses aren’t ceasing to buy property insurance on account of it!

Cyber claims data are hard to come by, but for nine years NetDiligence has published a Cyber Claims Study analyzing paid claims. The 2019 study looks at more than 2,000 such claims aggregated in over 20 ways, including types and amounts of losses, incident causes, data types exposed, business sectors affected, revenue size of claimants, and financial impact.

Verisk, whose cyber products help insurers write coverage based on their policyholders’ risk characteristics, doesn’t publish claims data but aggregates and incorporates them into its analytics.

NetDiligence publishes an annual Cyber Claims Study. Verisk aggregates and incorporates claims data into its analytics. Why do so many believe cyber claims don’t get paid?

Why the perception/reality gap?

Cyber is a relatively new, evolving risk. Insurers manage their exposures, in part, by setting coverage limits and excluding events they don’t want to insure. Indeed, in a recent survey by J.D. Power and the Insurance Information Institute, small-business owners named “too many exclusions” among the top reasons they don’t buy cyber coverage.

Claims are often denied because of exclusions policyholders might not have known about or understood. Some insurers, for example, include “failure to follow” exclusions for claims arising from inadequate security standards.

Everyone’s responsibility

If insurers want businesses to buy cyber policies and not be hit with unpleasant surprises at claims time, they need to be aggressively transparent about what’s included and excluded. Relegating this to fine print is not a good strategy.

Brokers and agents need to educate themselves about their clients’ needs and be fastidious in aligning coverage recommendations with those needs.

And insurance buyers – those with most at stake – need to understand cyber perils and insurance. For example, insurers require a cyber hygiene self-assessment from applicants. If, after an incident, that assessment proves inaccurate – say, if encryption practices were misrepresented – coverage can be denied.

Insurance isn’t a replacement for cyber diligence. But it can complement it as part of a well-planned risk management program.

Courtesy of iii.org

One might think that family-owned and operated businesses would be relatively immune from employee lawsuits, but that’s not the case according to a recent Gen Re article.

The reasons family-owned businesses get sued include: most family owned businesses employ at least one non-relative; the non-relative is likely to be first to be fired when the business is struggling; and family members are reluctant to discipline each other for bad workplace behavior, especially if the family patriarch is the one misbehaving.

The article gives several examples of lawsuits against family businesses and the awards paid out, concluding that a family-owned business would benefit from including employment practices liability insurance (EPLI) as a part of its insurance package.

According to GenRe:

These workplace scenarios and settlement amounts mirror those we see for all businesses. Discrimination and sexual harassment – as well as wrongful termination, violations of privacy and other employment wrongdoing – are not limited to any type, place or structure of business.

When it’s time to evaluate insurance for the family business, be sure that Employment Practices Liability insurance is not overlooked. The chances of needing EPLI protection are no less than for a slip and fall or fire loss. It’s all relative.

Courtesy of iii.org

Don’t be intimidated by specialized insurance language. Below you’ll find definitions of some of the most common terms used when dealing with auto insurance.

Adjuster

An insurance company employee or contractor who reviews the damages and injuries caused by an accident and okays claims payments.

Bodily injury liability

Usually mandated by state law, this insurance provision covers costs associated with injuries and death that you or another driver causes while driving your car.

Claim

The formal request to an insurer for payment under the terms of your policy.

Collision coverage

Optional coverage that reimburses you for damage to your car that occurs as a result of a collision with another vehicle or other object—e.g., a tree or guardrail—when you’re at fault. While collision coverage will not reimburse you for mechanical failure or normal wear-and-tear on your car, it will cover damage from potholes or from rolling your car.

Comprehensive coverage

Coverage against theft and damage caused by an incident other than a collision, such as fire, vandalism, hail, flood, falling rocks and other events.

Credit-based insurance score

A confidential ranking developed by insurance companies based on your credit history that may be used to determine the cost of your insurance policy. A good credit score—an indication of responsible money management—has been shown to be a good predictor of whether someone is more likely to file an insurance claim.

Deductible

The amount subtracted from an insurance payout that you are responsible for. For instance, if you have a $500 deductible for your collision coverage, and an accident causes $2,000 of damage to your car, you pay $500 and your insurance covers the remaining $1,500. There is no deductible for your liability coverage.

Defensive driving

Driving in a way that reduces that chance of an accident. Defensive driving techniques include maintaining a safe following distance, scanning the road ahead, keeping both hands on the wheel and much more. If you take a defensive driving course, you may be able to get a discount on your auto insurance.

Diminished value

The value of a car after it has been in an accident and repaired. Even though the car may look fine, it is worth less than its value before the accident. If you’re the victim of an accident, you may be able to collect payment for the diminished value of your car, beyond the repair costs.

Distracted driving

Driving your car while distracted is dangerous and often illegal. Texting and using your phone are the most well-known distractions, but fiddling with your radio, looking at a map or GPS system, eating and drinking, talking to passengers and applying makeup also take your eyes off the road—and raise the risk of getting in an accident. Traffic tickets for texting or using your phone, as well as accidents caused by distracted driving, can drive up your insurance rates.

Gap insurance

As soon as you drive a new car off the dealer’s lot, its value begins to depreciate. And if you lease or finance the car, you’ll be responsible for the full amount you still owe should something happen to it, but your collision and comprehensive insurance will only cover the actual market value of the car. Gap insurance covers the difference between these two amounts—what the vehicle is worth and what you owe on it. The coverage can be purchased from the auto dealer or directly from your insurance company. For leased vehicles, gap insurance is usually rolled into the lease payments.

Liability

Your legal obligation to reimburse others for damage or injury that you cause. Nearly every state requires that you have liability insurance for your car so that if you or someone driving your car causes an accident, the victim will receive appropriate compensation.

Medical payments/Personal injury protection (PIP)

Coverage that provides reimbursement for medical expenses for injuries to you or your passengers stemming from an accident where you or someone using your car is at fault. This coverage may also pay lost wages and other related expenses.

OEM and generic auto crash parts

Crash parts are those that form the outside “skin” of a vehicle—such as fenders, hoods and doors panels—and are the most frequently damaged in auto accidents. Replacement parts provided by the manufacturer of your car are called original equipment manufacturer (OEM) parts. Parts that are made by another manufacturer are known as generic or aftermarket crash parts and are generally a lower cost, equally safe match for an OEM auto part.

Premium

The cost of your insurance policy, payable annually, semiannually or in monthly installments.

Property damage liability

Insurance coverage that reimburses others for damage that you or another driver operating your car causes to another vehicle or other property, such as a fence, building or utility pole.

Totaled

A car is totaled if the cost of repairs exceeds the car’s value. If your car is totaled and you have comprehensive and/or collision coverage, an insurer will pay you the full market value of your car or the limit of the policy, less your deductible if you are at fault.

Umbrella liability

Extra coverage beyond the limits of your regular liability policies. This will provide an additional layer of protection for your assets in the event you are sued. Your umbrella policy also covers claims that fall under your homeowners insurance policy.

Uninsured/underinsured motorist coverage

Uninsured motorist coverage will reimburse you when an accident is caused by a driver who lacks insurance—or in the case of a hit-and-run. In the case of a serious accident, underinsured motorist coverage will make up the difference between your losses and the coverage limit of the policy held by the driver who causes the accident.

Courtesy of iii.org

Colorado State University’s Department of Atmospheric Science released a summary of the 2019 Atlantic hurricane season today.

Seven of the named storms lasted 24 hours or less – the most on record with such short longevity.

The 2019 season yielded 18 named storms, six of which became hurricanes, including three major ones (Category 3 or higher, with maximum sustained winds of at least 111 mph). While 18 is quite a bit more than the seasonal average of 12 , seven of the named storms lasted 24 hours or less – the most on record with such short longevity.

“The season ended up slightly above average when looking at integrated metrics, such as accumulated cyclone energy, that account for frequency, intensity and duration of storms,” said Dr. Phil Klotzbach, research scientist in the Department of Atmospheric Science, non-resident scholar at the Insurance Information Institute (I.I.I.), and lead author of the report. “We generally forecast a near-average season, so we slightly under-predicted overall levels of Atlantic hurricane activity.”

Dorian: most destructive

Of the three major hurricanes, Dorian was the most destructive. Forming in late August, it devastated the northwestern Bahamas at Category 5 intensity, causing over 60 fatalities and economic losses that could be as much as $7 billion, according to a recent Artemis report. It then made landfall near Cape Hatteras, North Carolina, as a Category 1 hurricane and later caused significant damage in the Atlantic Provinces of Canada. Insurance broker Aon estimates the economic value of the damage Dorian inflicted on the United States at approximately $1.2 billion.

Hurricane Humberto, forming in September, caused much less damage than Dorian, as it remained hundreds of miles offshore. Nevertheless, it caused large swells across the U.S. East Coast and resulted in one fatality when a man drowned due to a rip current in North Carolina. Another man was reported missing in St. Augustine, Florida after the storm. Bermuda officials reported that no fatalities occurred on the island during Humberto’s passage.

Hurricane Lorenzo became a Category 5 hurricane in the central subtropical Atlantic – the farthest east Cat 5 Atlantic formation on record. It generated 49-foot waves, with an occasional rogue wave nearing 100 feet, sending swells to both sides of the Atlantic. Lorenzo caused 10 fatalities.

She nearly didn’t get a name

The most destructive storm to hit the continental United States in the 2019 season almost didn’t have a name. Two hours before dumping 40 inches of rain in some parts of Texas, Tropical Storm Imelda was just “a tropical depression,” Dr. Klotzbach said. Imelda was upgraded to a named storm 90 minutes before landfall, but it proceeded to deluge southeast Texas, causing at least $2 billion in economic damage and at least five deaths, according to Aon.

“From a wind perspective, Imelda was practically a non-event,” Dr. Klotzbach continued. “But the rain it brought made it the most expensive tropical cyclone to hit the United States during the 2019 season.”

The 2019 Atlantic hurricane season began on June 1 and ends officially on November 30. Colorado State’s full summary and verification report is available here.