R&I: What was your first job?
R&I: How did you come to work in risk management?
My employer was consolidating offices.I did not want to relocate again and an opportunity became available at Humana.
R&I: Who is your mentor and why?
In my career, Jim Bloom, the just-retired CFO of Humana; and from RIMS, former presidents Janice Ochenkowski and Scott Clark; and my fellow board member, Nowell Seaman.
R&I: What about this work do you find the most fulfilling or rewarding?
Having an opportunity to work with people at every level of my company, to continue to grow and learn new things, and meeting all of the great people connected to the risk management profession.
R&I: What is the risk management community doing right?
[It’s] doing a better job of proving our value to the success of our companies, and that we do more than manage insurance programs and losses.
R&I: What could the risk management community be doing a better job of?
Continuing to do what we are doing right, but to a bigger and broader audience.
R&I: What emerging commercial risk most concerns you?
The more sophisticated cyber attacks.
R&I: What have you accomplished that you are proudest of?
Raised a great daughter.
R&I: What is your favorite book or movie?
Favorite movie: 84 Charing Cross Road, with Anne Bancroft and Anthony Hopkins. It’s an old movie but [has a] timeless message of friendship. The book that made the greatest impression on me was The Diary of Anne Frank, which I read when I was about her age.
R&I: What is the most unusual/interesting place you have ever visited?
I love to travel, so it is usually the last place I visited. In the U.S., I love the great parks in Utah; and outside the U.S., my favorite place is Scotland.
R&I: What is the riskiest activity you ever engaged in?
A helicopter ride in Hawaii, which was to go over volcanoes. Helicopters do not glide but fall straight down, and I would never do that again.
R&I: If the world has a modern hero, who is it and why?
I admire Angela Merkel as a world leader, and Melinda and Bill Gates for their work on behalf of children.
R&I: What do your friends and family think you do?
My husband knows, but my friends just know I work at Humana, so they think, “It is something to do with insurance.” They are envious, however, since they know I love my job.
R&I: What was the best location and year for the RIMS conference and why?
San Diego is always a personal favorite of mine. Location, location, location — and our members seem to love it too as we always get a great response.
R&I: What’s the best restaurant you’ve ever eaten at?
Trattori Ponte Vecchio, Florence, Italy.
R&I: What is your favorite drink?
I am well known for always having a Tab available at all times. Otherwise, a nice glass of wine, but not chardonnay. I hate chardonnay.
R&I: What’s been the biggest change in the risk management and insurance industry since you’ve been in it?
The evolution of ERM/SRM for risk management and the sophistication of underwriters and products from the insurance industry.
R&I: Are you optimistic about the U.S. economy or pessimistic and why?
Optimistic most days — as I think we have tremendous resources in brain power in this country — but frustrated at the political gridlock.
Full Speed Ahead
Any further delays to widen the Panama Canal could have far-reaching cost implications for all parties involved in the construction project and the shipping companies and exporters who use the Canal, a marine risk expert warned.
The Panama Canal Authority (ACP) signed a deal this month to end a four-month dispute — and a two-week work stoppage — over $1.6 billion in cost overruns claimed by the Grupo Unido por el Canal consortium (GUPC) carrying out the work. The dispute had threatened to derail the whole project, which now is expected to cost nearly $7 billion.
Under the terms of the agreement, the Authority and the Spanish-led construction consortium will each invest an extra $100 million in the project.
Zurich North America, which holds $400 million surety bond on the project, “worked diligently with the ACP and GUPC to reach an agreement on the matter and fortunately the two sides have had a successful negotiation,” said Michael Bond, head of surety, Zurich North America. “We congratulate both of them on effectively reaching a favorable outcome. Zurich was glad to have played a role in a solution that brought the project forward.”
When the Canal expansion is completed in December 2015, the new third lock will house 12 giant lock gates designed to allow larger cargo ships through, and double the shipping lane’s capacity.
But Douglas Sakamoto, class underwriter, marine, Liberty Specialty Markets, warned that any further interruptions could result in shipping delays, increased costs and lost shipping tolls.
“The forecast for work to be completed has changed from 2014 to 2015, which is still not a massive delay when compared to the dimension of the work and the expectation in terms of international trade turnaround,” Sakamoto said.
“However, a longer delay could impact several international trade industries since there are lots of related ongoing investments, such as work on several international ports to adapt them to the new vessels, and orders placed for the new-Panamax vessels.
“If the work can’t be completed for any reason and costs still continue increasing, there are a number of serious implications such as the termination of the agreement with the current consortium, and the bond policy may be required in order to provide the extra amount needed to complete the work.”
When done, the Panama Canal Authority is expected to double the $1 billion in revenue it currently receives from shipping tolls.
With more than 13,000 ships passing through the Canal every year, Sakamoto said, construction delays could mean restrictions in the amount of goods producers can export as well as increasing the time it takes to ship the goods.
He noted that producers of commodities, such as LNG, which are exported from the U.S. Gulf Coast to target markets like Asia and the west coast of Latin America could be affected.
In addition, grain producers in the Brazilian ports of Itaqui, Suape and Pecém would also lose out on shorter shipping times, he said.
Shipping companies that have invested heavily in new-Panamax vessels orders several years ago would similarly miss out on vital revenue, Sakamoto said.
International port authorities that have poured vast amounts of money into developing their ports for larger vessels and cargo volumes would also be adversely affected, Sakamoto said.
Pressure to meet the new deadline for completion of 2015, he said, could also impact labor force costs and suppliers.
“The Panama Canal construction project has been highly debated,” said a spokesman for Allianz Global Corporate Specialty, “but it’s actually not unusual for a large construction project to run over/get delayed. In fact, that’s why with project cargo coverage, there is a particular element called ‘delay in start up’ protection to help mitigate that risk.”
Work on the Canal project is now 70 percent complete; however the delay has come at a considerable cost to Sacyr, the Spanish building company that is leading the consortium, which saw its share price drop 6.9 percent this month following a breakdown in initial talks.
5 & 5: Rewards and Risks of Cloud Computing
Cloud computing lowers costs, increases capacity and provides security that companies would be hard-pressed to deliver on their own. Utilizing the cloud allows companies to “rent” hardware and software as a service and store data on a series of servers with unlimited availability and space. But the risks loom large, such as unforgiving contracts, hidden fees and sophisticated criminal attacks.
ACE’s recently published whitepaper, “Cloud Computing: Is Your Company Weighing Both Benefits and Risks?”, focuses on educating risk managers about the risks and rewards of this ever-evolving technology. Key issues raised in the paper include:
5 benefits of cloud computing
1. Lower infrastructure costs
The days of investing in standalone servers are over. For far less investment, a company can store data in the cloud with much greater capacity. Cloud technology reduces or eliminates management costs associated with IT personnel, data storage and real estate. Cloud providers can also absorb the expenses of software upgrades, hardware upgrades and the replacement of obsolete network and security devices.
2. Capacity when you need it … not when you don’t
Cloud computing enables businesses to ramp up their capacity during peak times, then ramp back down during the year, rather than wastefully buying capacity they don’t need. Take the retail sector, for example. During the holiday season, online traffic increases substantially as consumers shop for gifts. Now, companies in the retail sector can pay for the capacity they need only when they need it.
3. Security and speed increase
Cloud providers invest big dollars in securing data with the latest technology — striving for cutting-edge speed and security. In fact, they provide redundancy data that’s replicated and encrypted so it can be delivered quickly and securely. Companies that utilize the cloud would find it difficult to get such results on their own.
4. Anything, anytime, anywhere
With cloud technology, companies can access data from anywhere, at any time. Take Dropbox for example. Its popularity has grown because people want to share large files that exceed the capacity of their email inboxes. Now it’s expanded the way we share data. As time goes on, other cloud companies will surely be looking to improve upon that technology.
5. Regulatory compliance comes more easily
The data security and technology that regulators require typically come standard from cloud providers. They routinely test their networks and systems. They provide data backups and power redundancy. Some even overtly assist customers with regulatory compliance such as the Health Insurance Portability and Accountability Act (HIPAA) or Payment Card Industry Data Security Standard (PCI DSS).
1. Cloud contracts are unforgiving
Typically, risk managers and legal departments create contracts that mitigate losses caused by service providers. But cloud providers decline such stringent contracts, saying they hinder their ability to keep prices down. Instead, cloud contracts don’t include traditional indemnification or limitations of liability, particularly pertaining to privacy and data security. If a cloud provider suffers a data breach of customer information or sustains a network outage, risk managers are less likely to have the same contractual protection they are accustomed to seeing from traditional service providers.
2. Control is lost
In the cloud, companies are often forced to give up control of data and network availability. This can make staying compliant with regulations a challenge. For example cloud providers use data warehouses located in multiple jurisdictions, often transferring data across servers globally. While a company would be compliant in one location, it could be non-compliant when that data is transferred to a different location — and worst of all, the company may have no idea that it even happened.
3. High-level security threats loom
Higher levels of security attract sophisticated hackers. While a data thief may not be interested in your company’s information by itself, a large collection of data is a prime target. Advanced Persistent Threat (APT) attacks by highly skilled criminals continue to increase — putting your data at increased risk.
4. Hidden costs can hurt
Nobody can dispute the up-front cost savings provided by the cloud. But moving from one cloud to another can be expensive. Plus, one cloud is often not enough because of congestion and outages. More cloud providers equals more cost. Also, regulatory compliance again becomes a challenge since you can never outsource the risk to a third party. That leaves the burden of conducting vendor due diligence in a company’s hands.
5. Data security is actually your responsibility
Yes, security in the cloud is often more sophisticated than what a company can provide on its own. However, many organizations fail to realize that it’s their responsibility to secure their data before sending it to the cloud. In fact, cloud providers often won’t ensure the security of the data in their clouds and, legally, most jurisdictions hold the data owner accountable for security.
Risk managers can’t just take cloud computing at face value. Yes, it’s a great alternative for cost, speed and security, but hidden fees and unexpected threats can make utilization much riskier than anticipated.
Managing the risks requires a deeper understanding of the technology, careful due diligence and constant vigilance — and ACE can help guide an organization through the process.
To learn more about how to manage cloud risks, read the ACE whitepaper: Cloud Computing: Is Your Company Weighing Both Benefits and Risks?