An Electrifying Threat
Energy and the natural resources industry face especially grim cyber threats.
“If there is a cyber attack, you can’t see or touch that attacker so your ability to quickly respond may or may not be successful,” said Norma Krayem, a senior policy adviser at the Patton Boggs law firm and co-chair of the firm’s homeland security, defense and technology transfer practice group.
“I think the likelihood of such an attack absolutely exists,” she said. “I think the question becomes more about who, when and why.”
According to Symantec, a data security company, the energy sector “has become a major focus for targeted attacks and is now among the top five most targeted sectors worldwide.”
The threats may come from competitive spying, corporate espionage, cyber criminals, hacktivism, disgruntled employees and state-sponsored disruptions, it said.
A bad result doesn’t even necessarily have to begin with bad intent, said Cliff Lancaster, senior risk analyst at Hartford Steam Boiler Inspection and Insurance Co. (HSB).
At the Davis–Besse Nuclear Power Station in Ohio, for example, the network became infected with a worm that shut it down for five hours in 2003 because a software consultant had created a shortcut for his own convenience that bypassed the firewall, he said.
Possible Widespread Devastation
As security measures increase, employees and vendors may be ever more tempted to bypass procedures, just to more easily get their work done.
Between July 2012 and June 2013, 16 percent of all cyber attacks each day targeted companies in the energy sector, according to Symantec. Only the government or public sector had more targeted attacks.
And should the energy delivery system be disrupted, that threatens the country’s finance, transportation, health care, water supply and emergency services systems — all of which depend on reliable energy.
– Norma Krayem, senior policy adviser, Patton Boggs
Electric grid vulnerabilities that lead to power disruptions are estimated to cost the U.S. economy between $119 billion to $188 billion each year, according to a 2013 report on grid vulnerability by Rep. Edward J. Markey, D-Mass., and Rep. Henry A. Waxman, D-Calif.
“Power disruptions today generally do not lead to insured losses,” said Robert Hartwig, president of the Insurance Information Institute.
“However, it seems only a matter of time before a major cyber attack leads to the type of damage covered by standard property and liability policies,” he said.
“As we look at what hackers have been able to do in terms of infiltrating presumed secure systems — even entities like the Department of Defense — it seems there must be vulnerabilities in the systems associated with major infrastructure in this country, whether it’s electric, water, transportation or communications.”
Complex Risk Management
The degree to which computer technology and networking are integral to the energy sector in an operational sense makes it a particularly complex risk-management challenge, said John Kerns, executive managing director of Beecher Carlson Financial Services.
“There was a question posed to us by a client earlier this year: What if there were a denial-of-service attack or virus that shut down the gas pipelines coming into Chicago in the middle of winter. Homes went cold and people went to the hospital or even died. There was no physical damage, but clearly there was a serious impact, and loss,” he said.
The challenges are not confined to traditional energy markets either, said Charles Long, vice president of renewable energy and green technology at William Gallagher Associates. “Many computers are covered under a basic commercial package, and wind farms have separate coverage. If there is a lightning strike, that is surely covered. If data just failed, that can be covered by E&O, but data corruption or a virus, that kind of thing is very much still under consideration.”
Fred Podolsky, executive vice president, executive risk, Alliant Insurance Services, said that “only a small fraction,” maybe 10 percent of U.S. based utility companies have bought cover, and most of the policies that have been purchased relate to data breach exposures.
Some companies, however, have “woken up and are looking for cover” to help them repair their power-generation network and computer systems should they be damaged, or to protect them from other service interruption or customer liability issues, he said.
But many utilities refuse to provide underwriters with sufficient information to get the coverage they need, he said.
The main reason? “It’s just a pure confidentiality concern. IT folks are just so fearful to release any information to anyone having to do with their security procedures, though pressure is building from risk management and others in the C-suite to address these exposures,” Podolsky said.
While protecting the actual control systems of energy companies is a high priority that is audited by the federal government, the smart grid — that measures and creates a more efficient distribution of electricity based on use — is vulnerable, said HSB’s Lancaster.
If false data were injected into that system, it could potentially cause turbine generators to speed up when they shouldn’t. “If you can get it spinning at the wrong speed,” he said, “it can just shake itself to death.”
Once a turbine or transformer is damaged, there is a limited amount of replacement equipment.
And once a turbine or transformer is damaged, there is a limited amount of replacement equipment, he said. “If you are able to damage many pieces of equipment at once, it would take a lot of time to fix it because you have to build and rebuild lots of equipment,” Lancaster said.
Krayem said the connectivity of entities that distribute electric power, for example, means there could be “cascading failures” throughout the country.
“You have this patchwork of systems that are being cobbled together, a lot of them are legacy systems, and they are not necessarily all at the same level of security,” she said.
According to KPMG, which cited data from the U.S. Department of Homeland Security, the “constant barrage of cyber attacks” on water and energy companies “usually take the form of cyber espionage or denial-of-service attacks against industrial-control systems.”
Inadequate Security Controls
The consultancy also noted that a survey by The Centre for Strategic and International Studies in 2010, found that critical infrastructure, including power grids, industrial control networks and oil refineries “are not adequately prepared to defend themselves.”
Video: Dissecting Stuxnet
The most famous of all attacks on an energy system occurred in Iran when unknown forces — believed to be the United States and Israel — created the Stuxnet worm, specially designed to target Iran’s specific industrial control system and reprogram it so that the nuclear centrifuges spun out of control and damaged themselves while the displays indicated normal functioning.
Most notably, Stuxnet spread using a USB drive, infecting networks that were unreachable by the Internet.
Another disturbing attack occurred in 2012, when a cyber attack hit Saudi Aramco, one of the largest oil producers in the world. The disruption, which continued for two weeks, disabled more than 30,000 of the company’s workstations.
The virus, later named “Shamoon,” was the first significant cyber attack on a commercial target to cause real damage. It is also the most destructive attack the private sector has experienced to date, said Malcolm Marshall, global leader for information protection at KPMG, based in London.
Marshall said that “one senior oil-industry executive to whom I spoke shortly after the Shamoon incident told me, ‘Well, there goes our worst-case scenario.’ ”
That same month, Rasgas, in Qatar, was hit by the same virus and forced to bring its entire network off line.
In 2011, hackers were able to install malware and “evidence of a sophisticated threat actor” was found in the U.S. energy sector, according to the U.S. Government Accountability Office.
An Active Market
Marshall noted that, in the aggregate, the global oil and gas industry “is effectively self-insured, but cyber security is an active and growing commercial market, especially in the U.S. It seems likely that will become an economic necessity.”
Kerns at Beecher Carlson said, “We are seeing multiple policies responding to these threats. Those include dedicated cyber policies, D&O coverage, and in the energy sector, even general liability policies are responding.”
That said, he added that “the insurance market is looking aggressively at cyber risk, and is putting on new exemptions, restrictions, and limits. The gray areas are still some GL, bodily injury, and third-party injury. Mostly, we are seeing GL carriers not willing to pick up many risks. That leaves owners and brokers to see what the cyber market is willing to do.
“There is capacity to address business interruption, but we are having to press on bodily injury and property damage as they relate to cyber,” he said.
Complete coverage on the inevitable cyber threat:
Risk managers are waking up to the reality that the cyber risk landscape has changed.
Cyber: The New CAT. It’s not a matter of if, but when. Cyber risk is a foundation-level exposure that must be viewed with the same gravity as a company’s property, liability or workers’ comp risks.
Critical Condition. The proliferation of medical devices creates a host of scary risks for the beleaguered health care industry.
Disabled Autos. It’s alarmingly easy for a hacker to take control of a driverless vehicle, tampering with braking systems or scrambling the GPS.
Unmanned Risk. The dark side of remote-controlled drones, which have already been hacked — by students.
Wind Turbines Slow Down Hurricane Winds
Off the New York coastline would be a perfect place for an array of wind turbines, according to a Stanford professor. It would not only offer clean energy to the Big Apple but it would protect it the next time a Superstorm Sandy comes calling.
“If you have a large enough array of wind turbines, you can prevent the wind speeds [of a hurricane] from ever getting up to the destructive wind speeds,” said Mark Jacobson, a professor of civil and environmental engineering at Stanford University.
Computer models demonstrated that offshore wind turbines reduce peak wind speeds in hurricanes by up to 92 mph and decrease storm surge by up to 79 percent, said Jacobson, who worked on the study with University of Delaware researchers Cristina Archer and Willett Kempton.
“The additional benefits are there is zero cost unlike seawalls, which would cost about $30 billion,” he said, noting that the wind turbines “generate electricity so they pay for themselves.”
The researchers studied three hurricanes, Sandy and Isaac, which struck New York and New Orleans, respectively, in 2012; and Katrina, which slammed into New Orleans in 2005. Generally, 70 percent of damage is caused by storm surge, with wind causing the remaining 30 percent, he said.
That’s why onshore wind farms would not be as effective, he said. While they would reduce the wind speed, they wouldn’t impact storm surge.
In 2013, one of the “most inactive” Atlantic hurricane seasons on record, insured losses totaled $920 million, according to Guy Carpenter, which relied on information from the Mexican Association of Insurance Institutions. The most noteworthy events were Hurricane Ingrid in the Atlantic and Tropical Storm Manuel in the Pacific, which displaced thousands as they caused excessive rainfall, flooding and mudslides.
According to the Insurance Information Institute, Katrina was the costliest hurricane in insurance history, at $48.7 billion, followed by Andrew in 1992 at $25.6 billion and Sandy at $18.8 billion. Economic losses, of course, were much higher.
Wind turbines, which can withstand speeds of up to 112 mph, dissipate the hurricane winds from the outside-in, according to Jacobson’s study. First, they slow down the outer rotation winds, which feeds back to decrease wave height. That reduces the movement of air toward the center of the hurricane, and increases the central pressure, which in turn slows the winds of the entire hurricane and dissipates it faster.
The benefit would occur whether the turbines were immediately upstream of a city, or along an expanse of coastline. It could take anywhere from tens of thousands to hundreds of thousands of wind turbines off the coast to offer sufficient hurricane protection.
At present, there are no wind farms off the U.S. coastline, although 18 have been proposed for off the East Coast. Proposals have also been made for off the West Coast and the Great Lakes. There are 25 operational wind farms off the coast of Europe.
“Overall,” Jacobson and his colleagues concluded in the study, “we find here that large arrays of electricity-generating offshore wind turbines may diminish hurricane risk cost-effectively while reducing air pollution and global warming, and providing local or regionally sourced energy supply.”
Global Program Premium Allocation: Why It Matters More Than You Think
Ten years after starting her medium-sized Greek yogurt manufacturing and distribution business in Chicago, Nancy is looking to open new facilities in Frankfurt, Germany and Seoul, South Korea. She has determined the company needs to have separate insurance policies for each location. Enter “premium allocation,” the process through which insurance premiums, fees and other charges are properly allocated among participants and geographies.
Experts say that the ideal premium allocation strategy is about balance. On one hand, it needs to appropriately reflect the risk being insured. On the other, it must satisfy the client’s objectives, as well as those of regulators, local subsidiaries, insurers and brokers., Ensuring that premium allocation is done appropriately and on a timely basis can make a multinational program run much smoother for everyone.
At first blush, premium allocation for a global insurance program is hardly buzzworthy. But as with our expanding hypothetical company, accurate, equitable premium allocation is a critical starting point. All parties have a vested interest in seeing that the allocation is done correctly and efficiently.
“This rather prosaic topic affects everyone … brokers, clients and carriers. Many risk managers with global experience understand how critical it is to get the premium allocation right. But for those new to foreign markets, they may not understand the intricacies of why it matters.”
– Marty Scherzer, President of Global Risk Solutions, AIG
Basic goals of key players include:
- Buyer – corporate office: Wants to ensure that the organization is adequately covered while engineering an optimal financial structure. The optimized structure is dependent on balancing local regulatory, tax and market conditions while providing for the appropriate premium to cover the risk.
- Buyer – local offices: Needs to have justification that the internal allocations of the premium expense fairly represent the local office’s risk exposure.
- Broker: The resources that are assigned to manage the program in a local country need to be appropriately compensated. Their compensation is often determined by the premium allocated to their country. A premium allocation that does not effectively correlate to the needs of the local office has the potential to under- or over-compensate these resources.
- Insurer: Needs to satisfy regulators that oversee the insurer’s local insurance operations that the premiums are fair, reasonable and commensurate with the risks being covered.
According to Marty Scherzer, President of Global Risk Solutions at AIG, as globalization continues to drive U.S. companies of varying sizes to expand their markets beyond domestic borders, premium allocation “needs to be done appropriately and timely; delay or get it wrong and it could prove costly.”
“This rather prosaic topic affects everyone … brokers, clients and carriers,” Scherzer says. “Many risk managers with global experience understand how critical it is to get the premium allocation right. But for those new to foreign markets, they may not understand the intricacies of why it matters.”
There are four critical challenges that need to be balanced if an allocation is to satisfy all parties, he says:
Across the globe, tax rates for insurance premiums vary widely. While a company will want to structure allocations to attain its financial objectives, the methodology employed needs to be reasonable and appropriate in the eyes of the carrier, broker, insured and regulator. Similarly, and in conjunction with tax and transfer pricing considerations, companies need to make sure that their premiums properly reflect the risk in each country. Even companies with the best intentions to allocate premiums appropriately are facing greater scrutiny. To properly address this issue, Scherzer recommends that companies maintain a well documented and justifiable rationale for their premium allocation in the event of a regulatory inquiry.
Insurance regulators worldwide seek to ensure that the carriers in their countries have both the capital and the ability to pay losses. Accordingly, they don’t want a premium being allocated to their country to be too low relative to the corresponding level of risk.
Without accurate data, premium allocation can be difficult, at best. Choosing to allocate premium based on sales in a given country or in a given time period, for example, can work. But if you don’t have that data for every subsidiary in a given country, the allocation will not be accurate. The key to appropriately allocating premium is to gather the required data well in advance of the program’s inception and scrub it for accuracy.
When creating an optimal multinational insurance program, premium allocation needs to be done quickly, but accurately. Without careful attention and planning, the process can easily become derailed.
Scherzer compares it to getting a little bit off course at the beginning of a long journey. A small deviation at the outset will have a magnified effect later on, landing you even farther away from your intended destination.
Figuring it all out
AIG has created the award-winning Multinational Program Design Tool to help companies decide whether (and where) to place local policies. The tool uses information that covers more than 200 countries, and provides results after answers to a few basic questions.
This interactive tool — iPad and PC-ready — requires just 10-15 minutes to complete in one of four languages (English, Spanish, Chinese and Japanese). The tool evaluates user feedback on exposures, geographies, risk sensitivities, preferences and needs against AIG’s knowledge of local regulatory, business and market factors and trends to produce a detailed report that can be used in the next level of discussion with brokers and AIG on a global insurance strategy, including premium allocation.
“The hope is that decision-makers partner with their broker and carrier to get premium allocation done early, accurately and right the first time,” Scherzer says.
For more information about AIG and its award-winning application, visit aig.com/multinational.