Risk Insider: Tony Boobier

Is There a Need to Redesign Cyber Insurance?

By: | April 28, 2016 • 3 min read
Tony Boobier holds a WW Executive role at IBM, focusing on solutions for Risk and Finance, and was previously IBM Insurance Analytics leader for EMEA. He can be reached at [email protected]

When FBI Director James Comey said, “There are two kinds of big companies in the United States. There are those who’ve been hacked … and those who don’t know they’ve been hacked…,” he was reinforcing the fact that hacking is increasingly becoming a mainstream activity.


Tools such as Crackz, hackz, scriptz and others enable a user to gain additional access to computer systems and information or to run a program they have not legally purchased. Ask your search engine “how to hack” and not only will you get a long list of advice, but you will even find a video which has had more than four million visits.

The problem has moved beyond individual opportunists. It is an issue which increasingly involves premediated crime, often with a financial or disruptive motive. It also has its own language such as “Trojan” — a malicious program that perform actions not authorized by the computer user.

Will the vision of insurance marketers to have insurance based on connected cars, homes and people ultimately prove to be the Achilles’ Heel of their companies?

Increasingly hackers see themselves as guns for hire, selling both services and data on the dark web. Sometimes known as “Butterfly Hackers,” they focus on corporations and use sophisticated tools, often with inside knowledge of the organization.

This inside knowledge often comes from disgruntled employees. It’s even said that the most dangerous person in an organization is the IT manager, as they are best placed to know the system. They are paid through the very same technology that insurers and banks are contemplating for their own future, that of bitcoins operating in a blockchain environment.

Typical hacks may simply demand money from the personal user, using ransomware, which even provides call-back software for ease of payment. In a corporate environment, the hacks may extend to distributed denial of service (DDoS) attacks, effectively putting an online company out of business as it is bombarded with multiple anonymous inquiries.

But it isn’t always negative. A new profession of ethical hackers known as “white hats” has emerged. Their job is to assess the security of computer systems using penetration testing techniques. There’s even a professional qualification in the subject.

As this era of Big Data continues, 2.5 gigabytes of data are created daily by 6.4 billion connected things. In 2016, 5.5 million new things will get connected every day.

Technology research firm Gartner believes we will reach 20.8 billion connected things by 2020.

Some experts are already suggesting that the way into corporate systems will not be through a direct approach but rather through the multitude of less secure external devices. Will the vision of insurance marketers to have insurance based on connected cars, homes and people ultimately prove to be the Achilles’ Heel of their companies?

The recent news that cyber hackers stole $950 million in what is thought to be the world’s biggest bank raid should be enough to raise the alarm bells. JPMorgan’s 2014 hack is said to have affected 100 million customers. The recent hack of the Panamanian law firm Mossack Fonseca is said to involve 11.5 million documents. With the recent ‘Dieselgate’ affair at Volkswagen said to be likely to cost up to $35 billion, what might be the financial impact of a hacked connected car system for a major manufacturer?


As insurers increasingly focus on operational risk — that is, failure due to systems, processes, people and external events — as a key element of managing their capital adequacy and solvency, how will the regulators and insurance commissioners view the potential increase in the risk of someone infiltrating an insurer’s own site through some form of remote device?

Overall, there seems to be agreement that prevention is better than cure, but where cyber crime happens, it is critical that companies carry appropriate insurance cover. Cyber insurance cover has been around for a decade or so, but as cyber crime has developed, then doesn’t insurance cover also need to mature? With policies provided by some major insurers giving cover to $100m, isn’t it time to think about whether this is enough?

Share this article:

Column: Roger's Soapbox

Interconnected Idiocy

By: | April 28, 2016 • 2 min read
Roger Crombie is a United Kingdom-based columnist for Risk & Insurance®. He can be reached at [email protected]

You gotta love this. Experts advise not to worry about computer hackers compromising your company’s data.

Instead, you should be concerned that they’re going to take over your toaster. The risk is imminent. Smart toasters, refrigerators and corporate ventilation systems are among the greatest emerging risks, it seems.

Your freezer is one quick hack away from running amok. Your alarm clock is a silent killer. Mention that to your broker, before his security people come to throw you into the street.

Household wireless networks, on the other hand, have famously weak firewalls. This is why your coffee maker is now a deadly threat.

OK, let’s calm down. The Internet of Things (IoT) is the topic. It’s the wireless network of the future that will, for example, read your refrigerator’s contents, note that you have no milk, and contact your online grocer to order a quart and its delivery.

The IoT will also check how much fuel oil is in your tank and order whatever is needed before winter sets in.

But what if Russian hackers decide it might be amusing if you instead had 8,000 gallons of milk delivered to your fuel oil tank?

Given our total submission to things Internetty, you know that critical infrastructure has been and will further be thrown onto the IoT faster than you can say, “Wait! What if …”


The good news is that much of what has been placed online is protected. Anything can be hacked, but the important stuff is run with a suitable awareness of the risk attached, experts say.

Household wireless networks, on the other hand, have famously weak firewalls. This is why your coffee maker is now a deadly threat.

Cyber-assisted burglary might blossom, since bad guys could suck data from your heating system to tell them you’re not home, and then burgle you senseless. Remotely increasing the room temperature at a data center might eventually burn out a competitor’s servers.

This may all sound a little far-fetched, but I’m quoting (approximately) “Bloomberg,” which quoted (exactly) experts of the highest caliber. Technological systems require updating, and not even the few of us who know how to do that can be bothered. I mean, it’s a blender, right? How bad could it be if I don’t spend three hours trying to find the latest driver updates?

Hackers could send your microwave oven fallacious updates. The damn thing could spend years nuking your dinner while simultaneously serving North Korea without you even knowing.

Note to the insurance industry: Gentlemen, start your models. Hardly anyone writes stand-alone coffee maker insurance (except for extended warranties). The cyber-home opportunity is what Donald Trump would call “yuge.”

Profitability even more so, since — surely — the notion that your mom’s curling iron is working for the KGB seems unlikely, at best.

But remember this: You can’t spell idiot without IoT. &

Share this article:

Sponsored: Liberty Mutual Insurance

To Better Control Total Workers Comp Costs, Manage Physical Medicine

The time is ripe to consider physical medicine to better manage the total cost of risk.
By: | April 4, 2016 • 6 min read

Soaring drug prices get all the attention in the workers comp space. Meanwhile, another threat has flown under the radar.

More than 50 percent of lost time workers compensation claims involve physical medicine — an umbrella term encompassing physical therapy, occupational therapy, work conditioning, work hardening and functional capacity evaluation.

Spending on physical medicine accounts for 20 to 30 percent of total workers compensation medical costs, a percentage set only to increase in the coming years. Despite the rapid growth of this expense, very few employers are engaged in discussions around how best to manage it.

“Now is the time to take a look at physical medicine and think about how it impacts total cost of risk,” said Frank Radack, Vice President & Manager, Liberty Mutual Insurance, Commercial Insurance – Claims Managed Care. “Employers should investigate comprehensive solutions to keep costs manageable and to deliver quality, evidence-based care to injured employees.”

Liberty Mutual’s Frank Radack defines physical medicine and why it is so important in managing total workers compensation costs.

Cost Drivers

Upswings in both pure cost and utilization of physical medicine are driving the spending surge. State fee schedule changes are largely responsible for increases in cost. California, for example, has increased the cost of physical medicine services by 38 percent over the past two years, and will increase it a total of 64 percent by the end of 2017. North Carolina changed its approach to its fee schedule effective June 1, 2015, resulting in an almost 45 percent increase in the cost of the average physical therapy visit.

Increased utilization compounds rising prices. Low severity claims like soft tissue injuries typically involve physical therapy, especially when co-morbid conditions threaten to slow down recovery.

“When co-morbids are present, like obesity, more conditioning is necessary for recovery from injury,” Radack said. “With people staying in the workforce longer, we see these claims more often because these types of injuries and co-morbid conditions become more common as people age.”

De-emphasis on surgery also bolsters physical therapy prescribing as patients seek less invasive treatments that might enable a faster return to work, even in a light or transitional duty role. Sometimes, patients with a minor injury might seek out physical therapy on their own as a precaution after an injury or under the mistaken belief it will hasten recovery, even if evidence-based guidelines don’t call for it in every treatment plan.

LM_SponsoredContent“Now is the time to take a look at physical medicine and think about how it impacts total cost of risk. Employers should investigate comprehensive solutions to keep costs manageable and to deliver quality, evidence-based care to injured employees.”
–Frank Radack, Vice President & Manager, Liberty Mutual Insurance, Commercial Insurance – Claims Managed Care

“Without proper claims management procedures, some physicians might be inclined to prescribe physical therapy as a palliative measure, even when it doesn’t provide much benefit to the patient,” Radack said.

Building Solutions

Brokers and buyers may not be able to do much about fee schedule changes, but they can partner with an insurer that better manages utilization through a multi-faceted claims system, qualified network vendors, data analytics, and peer interventions.

The keys to better managing the soaring cost of physical medicine.

“There is an opportunity to move physical medicine spending into network solutions and partnerships,” Radack said. A strong, collaborative network is key to maintaining direction over treatment decisions.

Liberty Mutual uses a proprietary data analytics program to study its providers’ prescribing and referral patterns and their outcomes. It then builds a network of point-of-entry general practitioners with a proven track record of optimal outcomes.

“The treating physician is a gatekeeper to other services, so it’s important to start there in terms of establishing a plan and making sure evidence based guidelines are followed,” Radack said.

Radack and his team use similar data analysis and partnerships to deploy networks pertaining only to physical medicine, so it can identify physical therapists who understand the occupational space and are focused on effective Return-to-Work (RTW). A provider who doesn’t understand RTW, or even know that the employer of an injured worker has a modified RTW program, may over-utilize PT. Getting employees with soft tissue injuries back into the work place is critical for delivering the best possible medical outcome and a timely recovery.

These therapists know the value of adjusting a treatment plan based on a patient’s progress, which often cuts unnecessary appointments and therapies.

“Our data analytics program is built internally by people who are aligned with the claims organization,” Radack said. “These insights drive our ability to shape networks and direct injured workers to providers with proven outcomes.”

Peer-to-peer interventions also play a big role in adjusting provider behavior and ensuring adherence to evidence-based guidelines. Liberty Mutual’s in house regional medical directors can bring their expertise to bear on challenging claims and discuss how to redirect treatment to meet these guidelines. Liberty Mutual also partners with experts to build networks of physical medicine and physical therapy providers who deliver quality outcomes cost-effectively and to asses a patient’s progress, working with providers to identify and resolve treatment issues.

Sharing information and measuring performance in these settings helps to change the environment around physical medical care. For example, interventions that steer physical therapists back to  established, evidence-based medical treatment guidelines often reduce the use of passive therapy treatments, like hot and cold packs, which are not as effective and can slow down recovery.

“Active therapies that get people moving often help them get them back to work faster and at a lower cost,” Radack said. Utilization review also helps to identify unnecessary treatments and signals the insurer to communicate evidenced-based expectations with the therapist or prescribing physician.

Solutions in Action

Physical therapy offers great value in spite of rising prices — but only if it’s managed carefully.

An example of the benefits of managing physical medicine.

Take for example the case of a worker with a shoulder injury. In an unmanaged situation, a physical therapist may prescribe 12 appointments, and the injured worker will go through all 12 sessions with no pre-approval of the treatment plan and no interim checkup.

In a managed situation, the physical therapist may only prescribe eight sessions, because she understands the benefits of a faster return to work and sees that guidelines don’t dictate a full 12 sessions for this injury. Halfway through the eight sessions, she checks in on the patient’s progress and determines that only two more sessions are necessary given the recovery and the medical guidelines; and so adjusts the treatment plan to a total of six sessions.

In this scenario, managed care saves the cost of six sessions over the unmanaged situation, and the employee gets back to work faster with a healthy shoulder.

Ultimately, workers comp buyers can achieve cost savings by making treatment decisions that optimize patient outcomes, rather than cut pure cost. To achieve that, every player — point-of-entry physicians, physical therapists, medical directors, claims managers and patients — need to shoot for the common goal of shortening recovery time by following evidence-based medical guidelines.

“When medical experts and network vendors work in concert with each other, along with data analytics and research to back them up, we can drive down utilization while improving outcomes,” Radack said. “All of these working parts together are the solution to managing physical medicine costs.”

To learn more about Liberty Mutual’s Workers Compensation solutions, visit https://www.libertymutualgroup.com/business-insurance/business-insurance-coverages/workers-compensation



This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Liberty Mutual Insurance. The editorial staff of Risk & Insurance had no role in its preparation.



Liberty Mutual Insurance offers a wide range of insurance products and services, including general liability, property, commercial automobile, excess casualty, workers compensation and group benefits.
Share this article: