Wrapped In Bubble Wrap

So I thought this was an interesting risk management strategy…


One colleague joked with me that:

“Everyone should just wrap themselves in bubble wrap!”

Reminded me of that game where people put on big wearable inflatable bumpers and then smash into each other for fun.


The problem though is that sometimes we put on the bubble wrap, bulletproof vest, or seat belt, but then we get stupidly overconfident. 


We think we are protected, but nothing human in impenetrable. 


So the person with the seat belt and air bag drives too fast and off a cliff and still gets him/herself killed. 


Or the person with the bulletproof vest gets shot with a high caliber armor piercing shell or in the back of the head.


Like on many cars, where the mirror says, “objects in mirror are closer than they appear,” we need not over rely on safety, protective, and risk measures and still do stupid things.


One guy told me, he backed up into the wall in the garage, because he thought there was more room and that’s not how things looked in the mirror. 


Let’s face it, there is no bubble wrap that can fully protect us from life. 


Everyday we face risks out there, and we need to manage them with common sense or else… 😉


(Source Photo: Andy Blumenthal)

Advertisements

Luxury Survival


Interesting underground survival shelters by Vivos–and they are built for luxury. 

With everything from cushy entertainment theater rooms, indoor swimming pools, upscale kitchens and bathrooms, gyms, and stocked with clothing, bedding, toiletries, survival gear, and food and medical supplies for a year–this is for planning to survive and thrive. 

 

They have dual generators, multiple water systems, airtight nuclear biological and chemical filtration systems, and medical and dental facilities.  This is communal living for 80-5,000 people. Shelters are co-owned–and it costs about $50,000 for an adult and $35,000 for children.

Vivos will also make you a private shelter, but obviously this is a more expensive option.  Is this an insurance policy for you and your family to protect against the ultimate catastrophes or is this simply preying on people’s worst fears? 

You’ll have to decide for yourself–and in the end, it’s a gamble either way. 😉

Insuring Against Cyber Attacks

Insuring Against Cyber Attacks

More and more, our technology is at risk of a cyber attack.

In fact, just today the Wall Street Journal reported that Iran has hacked into the Navy’s unclassified network.

While we can fix the computers that were attacked, the damage done in terms of data exfiltration and malware infiltration is another matter.

To fix the computers, we can wipe them, swap out the drives, or actually replace the whole system.

But the security breaches still often impose lasting damage, since you can’t get the lost data or privacy information back or as they say “put the genie back in the bottle.”

Also, you aren’t always aware of hidden malware that can lie dormant, like a trojan horse, nor can you immediately contain the damage of a spreading computer virus, such as a zero-day attack.

According to Federal Times, on top of more traditional IT security precautions (firewalls, antivirus, network scanning tools, security settings, etc.), many organizations are taking out cybersecurity insurance policies.

With insurance coverage, you transfer the risk of cybersecurity penetrations to cover the costs of compromised data and provide for things like “breach notification to victims, legal costs and forensics, and investigative costs to remedy the breach.”

Unfortunately, because there is little actuarial data for calculating risks, catastrophic events such as “cyber espionage and attacks against SCADA industrial controls systems are usually not covered.

DHS has a section on their website that promotes cybersecurity insurance where they state that the Department of Commerce views cybersecurity insurance as an “effective, market-driven way of increasing cybersecurity,” because it promotes preventive measures and best practices in order to lower insurance premiums and limits company losses from an attack.

Moreover, according to the DHS Cybersecurity Insurance Workshop Readout Report (November 2012) cybersecurity insurance or risk transfer is the fourth leg of a comprehensive risk management framework that starts with risk acceptance, risk mitigation, and risk avoidance.

I really like the idea of cybersecurity insurance to help protect organizations from the impact of cybersecurity attacks and for promoting sound cybersecurity practices to begin with.

With cyber attacks, like with other catastrophes (fire, flood, accident, illness, and so on), we will never be able to fully eliminate the risks, but we can prepare ourselves by taking out insurance to help cover the costs of reconstituting and recovery.

Buying insurance for cybersecurity is not capitulating our security, but rather adding one more layer of constructive defense. 😉

(Source Photo: Andy Blumenthal)

One-Two-Three Punch For Cyber Security

Punch

Here are three crafty ideas for improving our cyber security that can be used to protect, prevent, and recover from attacks:

1) Intrusion Deception (not detection)–Mykonos Software aims to protect websites by putting up a virtual minefield–“setting traps to confound hackers.” When the software detects hackers trying to infiltrate, it can flood hackers with false information on vulnerabilities that goes nowhere, mess with the hackers computers such as by pop-up flashing maps of their locations and local defense attorneys, and disrupt their connections and slow down their hacking attempts (Bloomberg BusinessWeek).

2) Scamming The Scammers–Notorious email spams such as from Nigeria that look to ensnare victims into wiring money overseas in order to secure some lost fortune costs $9.3 billion in losses in 2009. Psychology professors Chris Chabris and Daniel Simons suggest that we can prevent many scammers from succeeding by raising the cost of their doing business by scamming them with ” baiters” that send responses to scammers and occupy them but never actually send any money. They suggest that artificial intelligence could actually be used to create “automated scam-baiters bots” simulating potential gullible victims. These bots could even be programmed to provide phony account numbers and data to scammers to really get them spun up. (Wall Street Journal)

3) Insuring Again Losses–Insurance is a common way to manage risk by purchasing coverage for potential liabilities–this is used to indemnify against losses for everything from auto accidents to home fires, personal theft, and business interruptions. However, according to Bernard Horovitz, CEO of XL Insurance’s Global Professional Operations, businesses (and of course, individuals) are rarely are covered by insurance for hacker attacks. Insurance companies are now offering specialty products to recover from the insuring liabilities. Additionally, the insurers will “help with preventing and mitigating cyber crime” through security audits. (Wall Street Journal)

These three cyber security strategies are great examples of how we can make it technically and financially more difficult for cyber attackers to succeed in geting in a knockout punch on their victims. 😉

(Source Photo: Minna Blumenthal)

Have It When You Need it

Candy_machine

At an event that I attended recently, I heard a young woman explain her philosophy on life.

She said, her grandmother taught her: “Better to have it and not need it, than need it and not have it.”

Thinking about it at the time, it seemed pretty wise–because you never want to be without something you really need. 

And good planning and survival skills say to always be prepared–you never know what happens. 

But then with the fiscal cliff and all the talk about social entitlements, I started to think about this some more. 

In a sense, as a society, we have come to think of social entitlements as something that we better have in case we need it–Unemployment Insurance, Medicare, Social Security, Medicaid and more. 

You never know when it’s your turn to get laid off, sick, old, or needy. 

And isn’t that what’s it for–it’s a safety net–these are like personal insurance and you never want to need the coverage and not have it. 

But as we should know by now, having it–doesn’t come for free. 

So the question is how much social entitlements or insurance do you need–and part of the answer is how much can you afford. 

So is it really better to have it and not need it, than need it and not have it–if you can’t afford what you’re buying?  

In this case, our grandparents and parents having it and not really needing all of it–may mean that we and our children will not be able to have it when we do need it. 

To have social entitlements, we need to be able to pay into the system for it or borrow to finance it. 

Unfortunately, as a nation we have been doing more borrowing, because we have spent beyond our national means–we have even raided our very own social entitlement programs that we hold so dear, to pay for other things–maybe that’s why they call it a trust fund, because you really do have to trust, almost blindly, that there will be something there, when it’s your time to need it. 

It’s great to have it, but if we are gluttons and don’t responsibly plan for genuine needs–then as a nation, we really will be left needing and not having it when the time comes.

In short, spend all your money to soon, and tragically, there won’t be any candy later. 😉

(Source Photo: Andy Blumenthal)

9/11 – A Lesson In Risky Business

Twin-towers

Corresponding to the 10th anniversary of 9/11, Bloomberg BusinessWeek (5-11 Sept 2011) has a great article on risk management called The G-d Clause.

When insurers take out insurance–this is called reinsurance, and reinsurers are “on the hook for everything, for all the risks that stretch the limits of the imagination”–that’s referred to as The G-d Clause–whatever the almighty can come up with, the “reinsurers are ultimately responsible for” paying for it.
And obviously, when insurers and reinsurers don’t well imagine, forecast, and price for risky events–they end up losing money and potentially going out of business!
Well when it came to 9/11, insurers lost fairly big financially–to the tune of $23 billion (it is in fact, the 4th costliest disaster since 1970 after Japan’s tsunami, earthquake and Fukushima nuclear disaster ($235B), and hurricanes Katrina ($72B) and Andrew ($25B) in the U.S.)
Even Lloyd’s “that invented the modern profession of insurance [and] publishes a yearly list of what it calls ‘Realistic Disaster Scenarios,'” and while they had imagined 2 airlines colliding over a city, even they failed to anticipate the events of September 11, 2001. 
According to the article, even insurers that make their living forecasting risks, “can get complacent.”
And the psychology of the here and now, where “people measure against the perceived reality around them and not against the possible futures” is the danger we face in terms of being unprepared for the catastrophic events that await, but are not foretold.
In a sense, this is like enterprise architecture on steroids, where we know our “as-is” situation today and we try to project our “to-be” scenario of the future; if our projection is to far off the mark, then we risk either failing at our mission and/or losing money, market share, or competitive advantage.
The ability to envision future scenarios, balancing reality and imagination, is critical to predict, preempt, prepare, and manage the risks we face.
Post 9/11, despite the stand-up of a sizable and impressive Department of Homeland Security, I believe that our achilles heel is that we continue to not be imaginative enough–and that is our greatest risk.
For example, while on one hand, we know of the dangers of weapons of mass destruction–including nuclear, chemical, biological, and radiological devices–as well as new cyber weapons that can threaten us; on the other hand, we have trouble imagining and therefore genuinely preparing for their actual use.  
Perhaps, it is too frightening emotionally or we have trouble coping practically–but in either case, the real question is are we continuing to proceed without adequate risk-loss mitigation strategies for the future scenarios we are up against?
Frankly, living in the suburbs of our nations capital, I am fearful at what may await us, when something as basic as our power regularly goes out, when we get just a moderate rain storm in this area. How would we do in a real catastrophe?
In my mind, I continue to wonder what will happen to us, if we proceed without taking to heart the serious threats against us–then the tragic events of 9/11 will have unfortunately been lost on another generation.
Like with the reinsurers, if we do not open our minds to perceive the catastrophic possibilities and probabilities, then the risky business that we are in, may continue to surprise and cost us. 
(All opinions my own)
(Source Photo: here)

>Health Care Reform is Technologically Deficient

>

The debate on the news, in the streets, and on the Hill these days is health care reform—getting insurance coverage for those who lack it. And while this is an important and noble pursuit, there is something extraordinary absent from the health care reform discussion—and that is technology—in terms of how we get better care to everyone, the uninsured and insured alike?

We are living with a health care system that is functioning devoid of the most basic technology aids—such as electronic medical records, electronic scheduling, e-appointments with doctors using IM or video, electronic prescription handling, and much more.

If the finance industry is at the advanced end of the technology spectrum, the medical industry is at the extreme low end—and how sad a commentary is that: is our money more important to us than our health?

An article in Fast Company in May 2009 called “The Doctor of the Future” states: “This is a $2.4 trillion industry run on handwritten notes. We’re using 3,000 year-old tools to deliver health care in the richest country on the planet.”

The health care system is broken for sure, but it goes way beyond the 45 million American’s that lack insurance.

  • “Health care accounts for $1 in every $6 spent in the United States.”
  • “Costs are climbing at twice the rate of inflation.”
  • “Every year, an estimated 1.5 million families lose their homes because of medical bills.”
  • “Although we have the word’s most expensive health-care system, 24 counties have a longer life expectancy and 34 have a lower infant-mortality rate.”

Based on these numbers, the medical industry in this country is overcharging and under-delivering, and part of the reason for this–as Fast Company states is the lack of technological innovation: one of the paradoxes of modern medicine is that it demands continual innovation yet often resists change.”

New medical technology programs are available that provide for a vastly improved patient experience.

For example, using the Myca platform the user-experience is simpler, faster, and cheaper. Here’s a view of how it would work: “your profile shows your medical team…to make an appointment, you look at the doctors schedule, select a time slot or at least half an hour and the type of appointment (in-person, video, IM), and fill out a text box describing your ailment so the doctor can start thinking about treatment. Typically follow ups are e-visits. A timeline doted with icons representing appointments lets you review the doctors comments, read the IM thread, watch the video of an earlier electronic house call or link t test results.”

Using other technological advances, we could also benefit the patient by being able to:

  • Send electronic prescriptions to the pharmacy and automatically check for drug interaction.
  • Enter a patient’s symptoms and test results and get a comprehensive software generated diagnosis along with the probability of each result as well as other pertinent tests for the doctor to consider.
  • Provide electronic medical records that can be shared securely with medical providers including medical history, exam notes, tests ordered and results, and drugs prescribed.
  • Utilize telemedicine for consultation with medical providers anywhere and anytime.
  • And even apply robots to surgical procedures that result in less invasive, more effective, quicker recovery rates, and with less chance of infection.

None of this is science fiction…and this is all possible today.

Therefore, if we are going to call for a revamp to our health care system, let’s go beyond the coverage issue and address the logjam on quality of care for all Americans.

Absolutely we need to address the 18% uninsured in this country, but while we do that and figure out how to pay for it, let’s also deal with providing 21st century care to all our citizens through the modernization of our medical industry benefitting both the patients and medical providers through more efficient and effective care-giving.