Lately Cyber Insurance and risk management have been getting a lot of attention—and rightly so, given the big-name breaches at Target, Home Depot and JP Morgan Chase. Most articles dealing with cyber breaches focus on pre-loss precautions, such as incident preparedness and improved information security. Other articles center on Cyber Insurance policies which offer some financial cushion to cover the loss and post-loss services and assistance. What is lost in these discussions is a paradigm shift that has occurred in the marketplace which exacerbates all breach and privacy concerns.
In the past, companies sold things: dishwashers, running shoes, underwear, automobiles, everything we live with every day. Today, these items have become nearly secondary in value. Without trying to sound Orwellian, the real commodity in the marketplace is now you: your personal preferences, idiosyncrasies, habits and beliefs.
Billions of dollars are spent each year to track and predict your buying habits. The science behind this is getting so refined that the aggregators of this information, with highly sophisticated mathematics, can tell what you will likely want to buy even before you know you want it. Ever searched for something on-line, like hiking boots, then have those hiking boots or similar ones follow you around the Internet for the next month? Those shoes also bring along with them other things like hiking socks, walking sticks, and binoculars. This phenomenon is the result of the aggregation, manipulation and sale of information about you.
The shift from commodity focus to information focus is one of the largest drivers of increased exposure and cyber events, and thus the increased need for Cyber Insurance. Twenty years ago, little information on you and your buying habits were kept by marketers. Today, companies know how long you shopped, what you looked for and didn't buy, what you actually purchased, which airline you traveled on, where you slept and probably what you ate.
So how is this information kept? To be valuable, this information has to be tied directly to each individual's personal identifiable information. Thus the advent and growth of “big data” and data analytics and the accompanying increase in concerns about network security and privacy.
For instance, there are only a few times in our lives when our buying habits change abruptly; first real job, marriage and divorce are a few. The biggest change of all, though, is having a baby. Studies show that all our buying habits are in flux when a baby is due, from the cars we drive to the breakfast cereal we eat. Capture this inflection point in people's lives and retailers can make some real money, both in the short term and for years to come.
So how is it determined that pregnancy has occurred or is imminent? Not through a pregnancy test, but by carefully and closely watching and monitoring an individual's personal buying patterns and ferreting out specific trends and markers.
From a personal story illustrating how personally invasive data mining can be (“How Target Figured Out a Teen Girl Was Pregnant Before Her Father Did,” Forbes, 2/26/12): Target assigns every customer a guest ID number, tied to their credit card, name, or email address that becomes a bucket for that person's history. “When someone starts buying scent-free soap and extra-big bags of cotton balls…it signals they could be getting close to their delivery date.” Target's computers crawled through this data and identified 25 products that assigned a “pregnancy prediction” score.
After his daughter got a packet in the mail with coupons for baby clothes and cribs, an irate father contacted the retailer and demanded an explanation. The store manager apologized and called a few days later to apologize again—when the father admitted that after a conversation with his daughter, he learned she was pregnant and due in August.
So what can be done about stopping or slowing big data and analytics? Likely nothing. The revenue associated with profiling customers is too great. Some people credited Target's growth from $44 billion in 2002 to $67 billion in 2010 to the company's focus on items designed to appeal to specific guest segments, such as mothers-to-be. As insurance and risk professionals, we should be cognizant that data collection on a massive scale is only going to grow.
Increased information security precautions, heightened privacy awareness, and overall security rigor must grow as data bases grow. That seems reasonable, logical and, frankly, essential. Limits for any Cyber Insurance purchase must grow proportionally also.
Big data is not only a concern in the retail segment; it's happening across all industries, including utilities, financial institutions and service firms. Big data is the future, and the insurance industry at all levels must proactively address this exposure. Most Cyber Insurance applications ask “a point in time” question regarding data base size. It seems prudent when devising a risk management plan or purchasing Cyber Insurance to evaluate how that data base may grow in the coming months and years by asking the IT specialists.
When considering Cyber Insurance, it is important to understand that the world of business has changed. Information about an individual is a commodity and the more information about more people, the more valuable the information/commodity is. Cyber Insurance and risk management professionals must deal with the large increases in information and the accompanying exposures by securing the expanding exposure and insuring the loss when aggregated personal information is compromised.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
