6 Emerging Supply Chain Risks You Should Know
The Wolf of RIMS
RIMS just concluded in Denver, and I had a few observations.
It was cold, very cold. Given that the Spencer/Gallagher Golf Tournament is always a part of RIMS, why isn’t the conference held in cities with much better weather? Who could forget Chicago a few years ago, where the golf tournament lasted three holes because of the snow and those who chose Cubs opening day didn’t fare much better. I know we can never really guarantee the weather but we might want to increase the chances of a good climate for a great meeting. Eighteen holes of golf in the sun beats three holes in the cold any day.
And then there was the keynote speaker – Jordan Belfort, the author of “The Wolf of Wall Street.” I actually couldn’t believe RIMS would pick him to speak at our convention. Let’s see, his redeeming values were abusing drugs, denigrating women and maybe worst of all stealing money from at least 1,500 people. Nobody should have money stolen from them, but Belfort concentrated mostly on the weak and vulnerable, retirees or people just getting by. Nice guy, our motivational speaker.
So I was thinking, is this the best our industry could do for a keynote speaker? Was there a lesson RIMS wanted to teach, like “Greed is Bad”?
Of course, people deserve a second chance, so I did a little research after I learned Belfort was the keynote speaker. Nancy Dillon from the Daily News wrote, “according to Federal prosecutors, Belfort failed to live up to the restitution requirement of his 2003 sentencing agreement. The agreement requires him to pay 50 percent of his income towards the 1,500 clients he defrauded.” The Federal government filed a complaint since Belfort had an income of $1,767,203 in 2013 from his book/movie rights and another $24k from speaking engagements like the one at RIMS. Yet, According to Ben Child of the guardian.com he has only paid back $11.6 million of the $110.4 million he was ordered to pay as restitution.
For more details of just how rotten Belfort is, read this NY Times article by Joel M.Cohen who prosecuted the case.
So I was thinking, is this the best our industry could do for a keynote speaker? Was there a lesson RIMS wanted to teach, like “Greed is Bad”? Most of us saw Michael Douglas in Wall Street, some lived it. Couldn’t we as an industry have done better?
In the last year, I saw some great conference speakers such as Garrison Wynn, author of “The Real Truth About Success” as well as Lt. Col. Rob Waldman, a highly decorated fighter pilot, author and businessman and wonderful motivational speaker. And we got a guy who stole money from people and has yet to pay it back. Belfort would be a solid choice if we we motivating crooks, however I like to think a bit more highly of our community
Maybe Albert Einstein said it best when he said “the value of a man should be seen in what he gives and not in what he is able to receive.”
There are plenty of good, decent people who give back to society – why don’t we stick with them as our guest speakers!
Read all of Joe Boren’s Risk Insider contributions.
Hot Hacks That Leave You Cold
Thousands of dollars lost at the blink of an eye, and systems shut down for weeks. It might sound like something out of a movie, but it’s becoming more and more of a reality thanks to modern hackers. As technology evolves and becomes more sophisticated, so do the occurrence of cyber breaches.
“The more we rely on technology, the more everything becomes interconnected,” said Jackie Lee, associate vice president, Cyber Liability at Nationwide. “We are in an age where our car is a giant computer, and we can turn on our air conditioners with our phones. Everyone holds data. It’s everywhere.”
Phishing Out Fraud
According to Lee, phishing is on the rise as one of the most common forms of cyber attacks. What used to be easy to identify as fraudulent has become harder to distinguish. Gone are the days of the emails from the Nigerian prince, which have been replaced with much more sophisticated—and tricky—techniques that could extort millions.
“A typical phishing email is much more legitimate and plausible,” Lee said. “It could be an email appearing to be from human resources at annual benefits enrollment or it could be a seemingly authentic message from the CFO asking to release an invoice.”
According to Lee, the root of phishing is behavior and analytics. “Hackers can pick out so much from a person’s behavior, whether it’s a key word in an engagement survey or certain times when they are logging onto VPN.”
On the flip side, behavior also helps determine the best course of action to prevent phishing.
“When we send an exercise email to test how associates respond to phishing, we monitor who has clicked the first round, then a second round,” she said. “We look at repeat offenders and also determine if there is one exercise that is more susceptible. Once we understand that, we can take the right steps to make sure employees are trained to be more aware and recognize a potentially fraudulent email.”
Lee stressed that phishing can affect employees at all levels.
“When the exercise is sent out, we find that 20 percent of the opens are from employees at the executive level,” she said. “It’s just as important they are taking the right steps to ensure they are practicing what they are preaching.”
Locking Down Ransomware
Another hot hacking ploy is ransomware, a type of property-related cyber attack that prevents or limits users from accessing their system unless a ransom is paid. The average ransom request for a business is around $10,000. According to the FBI, there were 2,400 ransomware complaints in 2015, resulting in total estimated losses of more than $24 million. These threats are expected to increase by 300% this year alone.
“These events are happening, and businesses aren’t reporting them,” Lee said.
In the last five years, government entities saw the largest amount of ransomware attacks. Lee added that another popular target is hospitals.
After a recent cyber attack, a hospital in Los Angeles was without its crucial computer programs until it paid the hackers $17,000 to restore its systems.
Lee said there is beginning to be more industry-wide awareness around ransomware, and many healthcare organizations are starting to buy cyber insurance and are taking steps to safeguard their electronic files.
“A hospital holds an enormous amount of data, but there is so much more at stake than just the computer systems,” Lee said. “All their medical systems are technology-based. To lose those would be catastrophic.”
And though not all situations are life-or-death, Lee does emphasize that any kind of property loss could be crippling. “On a granular scale, you look at everything from your car to your security system. All data storage points could be controlled and compromised at some point.”
The Future of Cyber Liability
According to Lee, the Cyber product, which is still in its infancy, is poised to affect every line of business. She foresees underwriting offering more expertise in crime and becoming more segmented into areas of engineering, property, and automotive to address ongoing growing concerns.”
“Cyber coverage will become more than a one-dimensional product,” she said. “I see a large gap in coverage. Consistency is evolving, and as technology evolves, we are beginning to touch other lines. It’s no longer about if a breach will happen. It’s when.”
About Nationwide’s Cyber Solutions
Nationwide’s cyber liability coverage includes a service-based solution that helps mitigate losses. Whether it’s loss prevention resources, breach response and remediation expertise, or an experienced claim team, Nationwide’s comprehensive package of services will complement and enhance an organization’s cyber risk profile.
Nationwide currently offers up to $15 million in limits for Network Security, Data Privacy, Technology E&O, and First Party Business Interruption.
Products underwritten by Nationwide Mutual Insurance Company and Affiliated Companies. Not all Nationwide affiliated companies are mutual companies, and not all Nationwide members are insured by a mutual company. Subject to underwriting guidelines, review, and approval. Products and discounts not available to all persons in all states. Home Office: One Nationwide Plaza, Columbus, OH. Nationwide, the Nationwide N and Eagle, and other marks displayed on this page are service marks of Nationwide Mutual Insurance Company, unless otherwise disclosed. © 2016 Nationwide Mutual Insurance Company.
This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Nationwide. The editorial staff of Risk & Insurance had no role in its preparation.