Katie Siegel

Katie Siegel is a staff writer at Risk & Insurance®. She can be reached at [email protected]

Democratic National Convention

Philly’s Risk Manager: DNC Will Be a ‘Walk in the Park’

After nearly two years of planning, Philadelphia's risk manager expects a peaceful and well-organized Democratic National Convention.
By: | July 5, 2016 • 4 min read
Photo Credit: Bob Krist for Visit Philadelphia

On July 25, political leaders, news crews, visitors, volunteers, protesters and a few celebrities will descend on Philadelphia for the Democratic National Convention.

Advertisement




Though the city is no stranger to playing host for large events, the degree of national attention, sharp debate and pure emotion surrounding the 2016 presidential election could make the convention challenging from a risk management perspective.

Eruptions of violence have punctuated political rallies held by both Democratic and Republican candidates in a few cities so far. Is it possible there could be clashes between opposing parties at the upcoming event?

“We’re not expecting any of that,” said Barry Scott, deputy director of finance and risk manager for the City of Philadelphia.

“We hosted the Republican National Convention here in 2000 and we had a number of demonstrations, but we work to ensure that citizens can exercise their First Amendment Rights safely. I hear that from our police department all the time — they want to protect citizens’ right to speak freely but also safely.”

So far though, the city has received at least nine applications for protest permits.

“One march was scheduled to take place on Broad Street [a main route in Philadelphia’s Center City], during the evening rush hour. That one may have been denied due to the disruption it would cause, but most permits do get approved,” Scott said.

“We try to work with protest groups to make sure what works for them will also work for us.”

Planning for the DNC has been a nearly two-year collaborative process between Scott’s risk management department, the city’s police department, its office of emergency management, and the offices of the mayor and managing director, as well as SEPTA, the local transportation authority.

The convention visitors bureau is expecting about 50,000 visitors, which Scott called a “walk in the park,” compared to the roughly 1 million pilgrims who attended Pope Francis’ visit to the city in September 2015.

“Additionally, for our Fourth of July event, we generally have crowds in excess of 100,000 for the concert and fireworks on the Ben Franklin Parkway every year,” Scott said. “So we definitely have the experience with large crowds.”

“Frankly, my main concern is weather, because it’s one thing we can’t control.” — Barry Scott, deputy director of finance, risk manager, City of Philadelphia

“Frankly,” he said, “my main concern is weather, because it’s one thing we can’t control.”

While the convention will be held indoors at the Wells Fargo Center in South Philadelphia, the city plans to establish “free speech zones” for protesters throughout the surrounding area that will largely be outdoors.

“We won’t stop them, but bad weather could complicate things and potentially lead to injuries,” he said.

Scott said there will be limitations in the interest of safety on where protesters can gather— for example, divided highways are off-limits — and police will be on hand in the event of any property damage or other law-breaking, but he expressed confidence in the city’s ability to respect the rights of protesters while keeping both them and observers safe.

“If you look at the Occupy movement that was present here in the city [in 2011], you’ll see that the city’s response when compared to other cities was relatively peaceful,” he said.

“Dispersal of these folks in other cities was much more unruly and violent. There was more injury and property damage elsewhere than anything that happened in Philadelphia.”

The DNC Host Committee has obtained law-enforcement liability insurance to cover potential claims of police brutality and civil-rights violations.

Just in case, though, the DNC Host Committee — an entity separate from the City of Philadelphia — has obtained law-enforcement liability insurance to cover potential claims of police brutality and civil-rights violations.

The committee has also purchased event cancellation, terrorism, auto, kidnap and ransom, and general liability coverage for the event.

As far as logistical challenges, Scott said, SEPTA trains and buses should not be overloaded, partially because those actively involved in the Convention will have their own, tightly controlled private transport, and because the Wells Fargo Center sits about 3.5 miles outside of Center City, which will keep convention crowds somewhat separated from those living and working in the city.

On the whole, Scott expects the convention to be a boon for the city in terms of attracting tourists who will “fall in love” Philadelphia.

Advertisement




“We are absolutely hoping we have lots of people come here for the excitement of the event, even if they’re not directly participating,” Scott said.

“There will be a lot of activities, a lot of celebrities drawing folks in. SEPTA will be working with the city’s office of emergency management to ensure that we’ve got the events well-covered.”

“It will be a very rich time for folks in the city. They’ll get a better chance to see what a great city we are. It’s an opportunity to visit America’s birthplace.

“And unlike the papal visit, which was heavily controlled by the Secret Service and had a lot of restrictions, the city and everything it has to offer will be completely open for business.”

Katie Siegel is a staff writer at Risk & Insurance®. She can be reached at [email protected]
Share this article:

Presidential Election

Cyber Vulnerabilities Threaten 2016 Election

Out-of-date technology and unsecured networks put voters’ ballots at risk.
By: | July 5, 2016 • 5 min read
Man standing behind curtain in booth, low section

Nearly two-thirds (64 percent) of registered voters believe the 2016 presidential campaign will be compromised by a cyber breach in some way, according to a poll conducted by data security firm PKWARE and Wakefield Research.

Advertisement




Their concerns are not unwarranted; at a time when breaches and data theft make headlines on a regular basis, much of the voting process remains unprotected.

“There is a lot of vulnerability in paperless voting systems, whether they are direct reporting electronic machines, or email return ballots,” said Pamela Smith, president of Verified Voting, a nonprofit organization that advocates for accuracy, transparency and verifiability of elections.

Most polling places use paper ballots that are tabulated by a scanner. Even if the scanner goes haywire, there is a paper record of voters’ intent and officials can take a manual count. In fully paperless systems, no such backup exists.

“In a situation like that, there’s no way to demonstrate that the software is working properly. If something seems amiss or there is an unexpected outcome, you really wouldn’t have a way to go back and correct it because you don’t have an independent record of voter intent,” Smith said.

Electronic systems, then, offer a prime target for hackers looking to influence elections.

A few years ago, Smith said, Washington D.C. ran a pilot program of an online voting system that would enable overseas military personnel and other expats to cast their ballots remotely. It opened up a test version of the system to the public, inviting hackers to try and breach the system.

“If organizations the size of Google and Sony can get hacked, how can small townships without even an IT staff prevent a breach?” — Pamela Smith, president, Verified Voting

“Within 36 hours, some white hat hackers from the University of Michigan were able to fully breach the server. They could change votes; they had access to the PIN numbers assigned to the intended users. Nobody even knew they were in there,” Smith said.

“And while they were in there, they noticed the server was being pinged by IP addresses from places as far away as Iran and China, so they set up a firewall while they were at it.”

After the hackers confirmed the ease with which they were able to hack and manipulate the system, D.C. bagged the program.

Most jurisdictions, though, don’t run such tests. Standard polling place equipment undergoes federal testing and certification before jurisdictions can buy them, but online and email systems do not have to meet any federal or state standards.

Often, the counties and townships managing the voting process in their areas do not have the resources to test or fully protect their systems.

“If organizations the size of Google and Sony can get hacked, how can small townships without even an IT staff prevent a breach?” Smith said.

DOS attacks could also directly hit the online voting portals. While deadlines for registration could be extended, changing voting time frames on Election Day would likely not be possible.

In addition, more states are turning to email attachments and online portals as a way for absentee voters to return ballots.

“These methods are not secure. And it may be, overall, a very small number of ballots, but there are any number of contests in any number of states that are decided by a small proportion of the vote, and the inability to conduct a legitimate recount or audit on votes returned in this manner could become a significant issue,” Smith said.

Miller Newton, President & CEO, PKWARE

Miller Newton, President & CEO, PKWARE

Voter registration records are another probable target for a breach. A denial-of-service attack could crash registration sites right before deadline, blocking last-minute voters from the process. Records could also be hacked to change voter status or delete records altogether.

DOS attacks could also directly hit the online voting portals. While deadlines for registration could be extended, changing voting time frames on Election Day would likely not be possible.

“In the last 12 months, we’ve seen one of the biggest breaches of a federal government agency in the breach of the Office of Personnel Management, when millions of security clearance documents were stolen,” said Miller Newton, president and CEO of PKWARE.

“If those documents are vulnerable, then voter registration is absolutely vulnerable.”

Using Cyber for Smear Campaigns

In addition to breaches of electronic voting systems and registration records, hackers could also compromise the election by targeting candidates’  email servers or other vulnerable campaign platforms, and publicizing confidential information.

“We could see some very damaging personal or campaign-related information revealed.” — Miller Newton, president and CEO, PKWARE

“It’s inevitable,” Newton said. “In this environment, with the mudslinging between candidates like we haven’t seen in years, it seems like the perfect recipe for disaster.

“We could see some very damaging personal or campaign-related information revealed.”

Bad press could potentially remove a candidate from the race. Newton offered the example of former Sen. Gary Hart, who was in the midst of a strong run for president in the 1988 election when proof of an affair became public, essentially removing him from the race in the face of public disdain.

“Depending on how severe the personal information is, it could definitely take down a candidate and throw off the whole campaign, which ultimately impacts the election,” Newton said.

Theft of candidates’ private information, he said, is more likely than a direct attack on voting systems.

Solutions

The root of election-related cyber vulnerability lies in old, out-of-date technology.

“The government is wrought with antiquated technology,” Newton said. “Budgets are tight. The government does not spend as much on IT as the private sector does. As a result, the information in these systems is not properly protected.”

When the federal government sought their insight on the development of a cyber security framework, Pamela Smith and Verified Voting proposed including elections as a part of critical infrastructure. This way, more resources would be targeted for system updates.

Advertisement




Newton said the problem is solvable as long as government officials have a “paradigm shift in thinking” about cyber security. Once they accept that their systems will inevitably be breached by adversaries, they will approach the problem more rigorously.

The solution, he said, lies in the encryption of confidential data so that even if it falls into the wrong hand, it will be useless.

While debate remains active over the privacy and transparency implications of encrypting government information, it may be more secure and less expensive to “approach the problem from the information out, rather than from the network in,” Newton said.

As the presidential election draws closer, the time to make these changes is running out.

Katie Siegel is a staff writer at Risk & Insurance®. She can be reached at [email protected]
Share this article:

Emerging Markets

Finding the Next Frontier

Frontier markets show growth potential, but political and economic instability pose risks.
By: | July 5, 2016 • 5 min read
World map

Brazil, Russia, India, China and South Africa (BRICS) are readily recognized as emerging markets for the insurance industry, accounting for more than half of emerging market output, according to a recent Swiss Re sigma study, “Insuring the frontier markets.” But these are larger, more established countries with stronger economies. What about the next wave of opportunity for insurers looking to take advantage of a smaller country’s growth potential?

Swiss Re’s study looked beyond BRICS for the next wave of “frontier” markets, loosely defined as “less established insurance markets in smaller emerging economies with promising growth outlook.”

frontier markets chartThe study identified five regions consisting of 21 frontier markets: Sub Saharan Africa (Angola, Cote d’Ivoire, Mozambique, Nigeria, Kenya, Ghana, and Ethiopia); the Commonwealth of Independent States (Azerbaijan, Kazakhstan and Georgia); Latin America (Bolivia, Colombia, Ecuador and Peru); Southeast Asia (Cambodia, Vietnam, Laos and Myanmar) and South Asia (Bangladesh, Pakistan and Sri Lanka).

These markets are also characterized by low insurance penetration rates, which offers insurers “significant catch-up potential” as their economies expand and insurance becomes more vital to that process.

Advertisement




“Right now, the culture in these countries is such that most people do not consider insurance because they must first meet their basic needs: food, housing, etc.,” said Arend Kulenkampff, senior economist with Swiss Re and a study author. “But as the economic situation improves, individuals and businesses will spend more on insurance to protect what they’ve gained.”

Regional Breakdown

Sub Saharan frontier markets grew by an average of 6.4 percent per year from 2000 to 2014. Of the Sub Saharan countries, Nigeria has the largest economy at $520 billion, followed by Angola at $130 billion.

A growing public awareness of the importance and value of insurance has led to more efforts to regulate the industry, which would stabilize it and support its growth. Both nations also enjoy a robust oil industry, although falling oil prices could jeopardize their economic stability at least over the short term.

Robert Hartwig, president, Insurance Information Institute

Robert Hartwig, president, Insurance Information Institute

“Some of these countries are resource dependent, so their economic fortunes are tied to commodities prices,” said Bob Hartwig, president of the Insurance Information Institute. “The ability to grow in a place like Mozambique or Nigeria will be tied to fluctuations in those prices.”

Additional challenges in Nigeria include terrorism and a corrupt government, Hartwig said. “That’s a good example of a country where you really have to understand the environment to be able to operate effectively and safely.”

The Commonwealth of Independent States countries also rely heavily on oil exports for revenue and have experienced slowed growth since the slump in oil prices. To be viable long-term markets, they will have to diversify their economies, the study said.

They have also, however, made legislative efforts to make certain types of insurance compulsory, such as medical coverage. Azerbaijan has probably made the most headway in this arena, mandating workers’ compensation and auto coverage as well.

In Latin America, Brazil attracts the most attention as an emerging insurance and reinsurance market, but the smaller frontier markets are projected to grow by 3 to 3.3 percent in 2016.

Advertisement




Insurers looking to enter these markets will face considerable constraints related to political instability, low income levels, and a prohibition on foreign investment that, despite ending in 1987, has caused this cluster of countries to lag behind other markets.

There have been reforms, however, to encourage more foreign investment.

“The influx of foreign capital in this region is promising; Colombia especially has seen a sizable growth of investment, and it will be necessary to keep the growing economy healthy,” Kulenkampff said.

In Southeast Asia, Vietnam represents the largest of the four frontier markets, accounting for 71 percent of the region’s total GDP in 2015.

“Vietnam is a dynamic economy that’s growing rapidly,” Hartwig said. “They seem open to foreign investment and have an increasingly popular manufacturing hub and tourism center. But there are a lot of issues with their relationship with China, so you have to be concerned about conflict there.”

Cambodia also shows promise if it can successfully resolve its internal political turmoil.

Indeed, political stability will be the primary factor determining the longevity of these markets.

In Pakistan, for example, political turbulence and violence undermine the potential that any economic growth might hold for insurers.

Sri Lanka, on the other hand, “has benefited from the peace dividend and political stability since the end of the civil war in 2009. The economy achieved average annual growth of 7.3 percent between 2010 and 2014,” the study said.

Gaining a Foothold

“We’re well beyond the stage of just keeping an eye on these markets. They are growing much more quickly than markets in North America, Western Europe or Japan,” Hartwig said.

Entering the markets, though, will require a long-term strategy and plenty of investigative research concerning their socioeconomic environments as well as what products are needed. Foreign insurers will need to partner with or acquire a local carrier to develop sales and distribution platforms within local laws and regulations.

“These frontier markets are not for everyone. Some insurers will enter them and they will fail, either because they don’t understand the market or because conditions on the ground will become too volatile.” — Bob Hartwig, president, I.I.I.

One strategy suggested by the study is the distribution of “micro insurance” — essentially low-limit, short-term policies that are affordable for the low-income population. Marketing and selling coverage through mobile technology also proves an efficient way to reach remote customers and make transactions easier.

Advertisement




No matter how insurers choose to place their stake in these markets, patience will be key to an eventual payoff. Initially, any premium dollars collected from these markets will have no significant contribution to profit.

“These frontier markets are not for everyone,” Hartwig said. “Some insurers will enter them and they will fail, either because they don’t understand the market or because conditions on the ground will become too volatile.”

Though not included in the Swiss Re study, Hartwig also suggested Cuba as an emerging market, given its proximity to the U.S. and the thawing of political tensions, as well as its vulnerability to natural disasters like hurricanes.

Katie Siegel is a staff writer at Risk & Insurance®. She can be reached at [email protected]
Share this article: