Janet Aschkenasy

Janet Aschkenasy is a freelance financial writer based in New York. She can be reached at riskletters@lrp.com.

Risk Management

The Profession

The executive director of risk management for the SFUSD says enterprise risk management has come a long way, but still needs improvement.
By: | May 6, 2015 • 4 min read

R&I: What was your first job?

At my first ever full time job, I was a counselor in a group home for emotionally disturbed adolescents. I was 22. It was part of a volunteer program in Phoenix.

R6-14p42_Profession.inddR&I: How did you come to work in risk management?

I got a claims job at a TPA back in Orange County, Calif., where I grew up. I had a degree in psychology and the claims business has always been open to liberal arts majors.

R&I: What is the risk management community doing right?

I think we are doing well in strategic and enterprise risk management areas in terms of spreading the word about these disciplines within our organizations.

R&I: What could the risk management community be doing a better job of?

I think we could still improve on the above, particularly in terms of communication. Getting the buy-in from management remains a challenge.

R&I: What was the best location and year for the RIMS conference and why?

Advertisement




For me, Vancouver was the best venue. I attended RIMS’ annual conference there roughly four years ago and to me, it seemed to have a more international audience.

R&I: What’s been the biggest change in the risk management and insurance industry since you’ve been in it?

I’d come back to the focus on enterprise risk management. I get to spend more time in a broader context instead of just being the “insurance guy.” For example, we have some 300 community-based organizations — nonprofits doing mentoring, tutoring, reading, etc. — that want to come and work in our district comprised of 140 schools. [We] work together to bring quality control and internal structure to those nonprofit programs to help us bring more effective programming to our students.

Dave George, executive director, risk management, San Francisco Unified School District

Dave George, executive director, risk management, San Francisco Unified School District

R&I: What emerging commercial risk most concerns you?

I would say cyber security. For me it’s the risk of exposing student data and being sure students are using technology in a safe manner because technology is so integral to the curriculum today.

R&I: What insurance carrier do you have the highest opinion of?

Not an insurance carrier, but an underwriter. His name is Rich Vincelette and he is consistently an excellent thought partner beyond any parameters of an insurance policy.

R&I: Is the contingent commission controversy overblown?

I would say no. Working in the public sector, transparency is paramount and any business model that has the potential to compromise that — or even give the appearance of a compromise — is going to be problematic and rightly so.

R&I: Are you optimistic about the U.S. economy or pessimistic, and why?

Optimistic. I happen to be in a part of the country that is booming right now, in terms of technology, construction and real estate.

R&I: Do you think the technology surge is sustainable this time around?

I would say more sustainable than it was last time because I believe there were lessons learned by those who invest in these companies.

R&I: Who is your mentor and why?

Advertisement




It’s my boss, Myong Leigh. He is the deputy superintendent for policy and operations for our district. He is very good at thinking big picture and helps give me the latitude to do the same and a broader perspective along with it. He has supported our efforts at enterprisewide risk management and gets the broader application of what we do.

R&I: What have you accomplished that you are proudest of?

We have reduced our risk management expenditure 25 percent and have held that steady over the last five years — partly by looking at operational efficiencies across our work, but primarily by more tightly managing our workers’ comp claims.

R&I: What’s the best restaurant you’ve ever eaten at?

Probably Spago in Los Angeles when I was about 25; it was trendy then and I was young and impressionable.

R&I: What is your favorite book or movie?

My favorite book is called “The Kindness of Strangers,” by Mike McIntyre. It renews your faith in people. It’s a true story about a guy who attempts to hitchhike across the country without bringing any money or credit cards, wanting to see if he can make it all the way “on the kindness of strangers.”  The title probably gives away the ending, but well worth a read regardless.

R&I: What is your favorite drink?

A good craft brew IPA.

R&I: What is the most unusual/interesting place you have ever visited?

Vietnam. It was not what I expected. What surprised me was it did not feel very “Communist.” It felt very entrepreneurial. They had wholeheartedly embraced tourism, for instance.

R&I: What is the riskiest activity you ever engaged in?

Driving a Ford Pinto at over 100 mph on a Los Angeles freeway, as a teenager.

R&I: What about this work do you find the most fulfilling or rewarding?

Advertisement




The fact that I contribute to things that make a real difference, in this case educating kids.

R&I: What do your friends and family think you do?

I joke that they think I am just always saying “no” to people, in terms of things they can’t do.

R&I: Is it true?

Not at all. We help people find solutions to their problems.

Janet Aschkenasy is a freelance financial writer based in New York. She can be reached at riskletters@lrp.com.
Share this article:

Cyber Insurance

Cyber Prices Hardening For Large and Complex Risks

Large, PII-Laden Firms May Find Rates and Conditions Toughest
By: | May 5, 2015 • 4 min read
Internet security

Cyber coverage for small businesses is competitive. But for larger entities, it’s a completely different matter.

Recently, a $3 billion in revenue hospital saw its Information Security & Privacy Insurance premiums increase 20 percent while its deductible went up by a third, said Greg Gamble, a director with insurance brokerage Crystal & Company.

The cyber program in question covers both first- and third-party claims and includes partial reimbursement for first-party claims such as digital asset recovery and privacy notification, as well as third-party claims for such risks as privacy related regulatory defense and fine.

“Competing insurers did not offer more compelling terms when we went to market,” he added, saying that “for businesses with $1 billion or more in revenue and 1 million or more names or personally identifiable information [PII] on record, it has become a harder and more selective market in the last 18 months.”

Gamble spoke to Risk and Insurance® following a panel discussion in Manhattan. While addressing the panel, which focused on nonprofits, he broke down Information Security and Privacy Insurance market pricing for nonprofit organizations as well as corporate firms as follows:

  • – A hard and selective market for large and complex risks.
  • – A competitive excess market for a $50 million attachment point.
  • – A very competitive and inexpensive market for small or mid-sized businesses.

The information jibes with a WillisWire post last month.

The post, by Willis’ Matt Keeping, said that, generally speaking, the trend remains positive for insurance buyers, with softening conditions accelerating this year.

On the other hand, cyber coverage for point-of-service retailers is increasing by a minimum of 10 percent to a maximum of 125 percent at annual renewals, according to Willis.

“The threat of [continued, significant] cyber-related losses seems to be a matter of if, not when,” Keeping added.

Marsh found that during 2014, the number of its U.S.-based clients purchasing stand-alone cyber insurance was up 32 percent over 2013.

Its existing health care and education clients had the highest cyber take-up rates last year at 50 percent and 32 percent, respectively, according to a Marsh Benchmarking Trends Report released in March.

Marsh found that during 2014, the number of its US-based clients purchasing standalone cyber insurance was up 32 percent over 2013.  Its existing health care and education clients had the highest cyber take-up rates at 50 percent and 32 percent, respectively.

Things have certainly changed. Gamble recalled his days at the former Reliance National, when he wrote his first network computer liability policy in the late 1990s.

At the time, ‘We wrote maybe three policies a year,” he said.

“It was slow on the uptake.”

Today, that has changed markedly. “Virtually all larger health care companies are opting for cyber coverage,” he said.

Much More Than a PII Issue

During the Crystal & Company panel discussion, Gamble stressed that cyber risk is not just a matter of PII exposure.

“Businesses without consumer information also have exposure to losses related to network disruption and damage to digital assets by hacking,” Gamble said.

For example, when Sony Pictures was subject to a high-profile, studio-wide cyber attack last fall, its computing enterprise was compromised for several weeks, and the organization incurred significant first party costs related to getting the computing resources back to working order.

Coverage for forensic investigations is also increasingly sought after, Gamble said.

Recently, he recalled, one of his customers noticed strange network activity after experiencing a power failure in the building. Because they had cyber insurance, the underwriter was able to hire a forensic consultancy to come in.

“They paid $500,000 to learn that two employees had simply downloaded BitTorrent, the movie file sharing software. There was no external hack and no data compromise,” said Gamble.

“The point is, there is financial loss associated with information security incidents tied to non-PII events,” he said.

On the other hand, Bob Parisi, Marsh’s cyber product leader, suggested during an April webinar that price increases do depend largely on PII exposure.

“We are seeing significant price increases for large buyers with significant volumes of protected health information (PHI) and credit card data, simply as a result of the catastrophic risk they present to insurers,” Parisi said.

Executives during the webcast stated that, from a risk management perspective, managing cyber risk cannot be the sole responsibility of the information technology department.  Finance, legal, compliance, operations, and others must also be committed to reducing the risk, they said.

Regulatory oversight of companies’ cyber risk management policies is likely to increase, Marsh officials emphasized, reasoning that cyber is one of the few areas on which both major U.S. political parties can agree.

Citing a third key takeaway from the webcast in a published report, Marsh stated that information sharing among those who have been affected by cyber attacks can help prevent hundreds, if not thousands, of future attacks.”

The importance of intelligence cannot be overstated,” the brokerage said.

Janet Aschkenasy is a freelance financial writer based in New York. She can be reached at riskletters@lrp.com.
Share this article:

Risk Management

The Profession

The VP of risk management for the Tutor Perini Corp. understands the value of risk management for a company’s long-term success.
By: | April 8, 2015 • 4 min read
Topics: April 2015 Issue | ERM

R&I: What was your first job?

I was hired at a local bank in Chicago as the first person to go through their new management-training program. I worked in all of the major areas of the bank and ended up in the controller’s office.

Advertisement




R&I:  How did you come to work in risk management?

Over time, I have held all of the major financial positions — I was controller at North Park College, treasurer at Bank Western, and CFO at Adwest Minerals International — a gold mining company.

In each of those positions I managed various elements of risk management. My focus became full time when Mary Gardner hired me into risk management, finance, insurance and claims, at MediaOne during the 1990s and I have enjoyed the job ever since.

R6-14p42_Profession.inddR&I:  What is the risk management community doing right?

When the community started to see itself as an asset to their companies rather than just a cost center, the real value of risk management started to come into focus. Today’s risk managers are pulling together various elements of risk and creating profit centers for their corporations.

R&I:  What could the risk management community be doing a better job of?

For me, I need to continue to focus on our partnership with the safety team — project executives that have the most influence on their job site — and to look for trending data to support the various business units.

R&I:  What was the best location and year for the RIMS conference and why?

Most people will say San Diego and I would not disagree.

R&I:  What’s been the biggest change in the risk management and insurance industry since you’ve been in it?

Rather than a “fire and forget” [i.e., buy your corporate policy once a year and never look back] tool, risk management is an active partner around the CEO’s table.

R&I:  Is the contingent commission controversy overblown?

Yes.

R&I:  How much business do you do direct versus going through a broker?

Some of our London placements are direct — otherwise we use our broker to our fullest advantage.

R&I:  What emerging commercial risk most concerns you?

The risks of cyber security and the rise of tribalism, which is unsettling communities and country borders.  A return to a Cold War is also a very real risk. We pulled most of our operations out of several Middle Eastern countries for these reasons.

R&I:  Are you optimistic about the U.S. economy or pessimistic and why?

Optimistic. We have a growing economy, relatively secure borders, and we are close to having an immigration policy.

R&I:  Who is your mentor and why?

Advertisement




I mentioned Mary Gardner, director of risk management, finance insurance and claims with the former Media One in an earlier answer.  She took the time to teach me the important aspects of what we were doing and also gave me an opportunity to learn and grow. That’s the definition of a mentor.

R&I:  What have you accomplished that you are proudest of?

Personally: my marriage and our three daughters.  In my professional life, it is those that I was able to support and mentor in the various roles I have been entrusted with.

R&I:  How many emails do you get in a day?

Plus or minus 100.

R&I:  How many do you answer?

Probably 20 or 30. I have several risk managers that work for me around the country and they frequently copy me on emails to keep me apprised as to what is going on at the firm.

Bill Buchan, vice president, risk management, Tutor Perrini Corp.

Bill Buchan, vice president, risk management, Tutor Perini Corp.

R&I:  What is your favorite book or movie?

The last movie I watched was “Fury.” A guy movie to be sure, but the sub-story to the tank battles was “what does it take to build a team?”

In this case, in a tank in the middle of World War II, it was the statement that “I promise to get each of my men home safely,” even though the reality of death was all around them.

I have often told people I was recruiting that I would take the first bullet for them. People have a need and a desire to know that managers and co-workers will stand with them in both good and hard times.

R&I:  What’s the best restaurant you’ve ever eaten at?

I like pizza — so most pizza places are on this list.

R&I:  What is your favorite drink?

I live in Sonoma — so I need to say wine!

R&I:  What is the most unusual/interesting place you have ever visited?

Cambodia, about 10 years ago. The border had just opened up with Thailand and we were on a guided tour and visited Angkor Wat, which had been a large thriving city containing many religious and ceremonial buildings.

R&I:  What is the riskiest activity you ever engaged in?

A high ropes course in Ecuador.

Advertisement




R&I:  If the world has a modern hero, who is it and why?

The world has many heroes. We just need to look around us — they are everywhere.

R&I:  What about this work do you find the most fulfilling or rewarding?

When all of the construction crews go home at night to their families.

R&I:  What do your friends and family think you do?

I’ve had a few careers and right now they would say I buy insurance and handle claims.

Janet Aschkenasy is a freelance financial writer based in New York. She can be reached at riskletters@lrp.com.
Share this article: