Double vision: insurers' biggest challenge is to see clearly what's needed both in the near term and down the road.
While improving the poor eyesight of many since then, Franklin's bifocals also provide a lesson in the kind of vision that businesses must possess to be successful. One of the biggest challenges for companies is to strike a balance between the effective management of the moment and the foresight to create the opportunities and challenges of tomorrow--to see clearly what's needed both in the near term and down the road.
Meeting that challenge confounds even the most dynamic leaders. Achieving the balance between long-term, lofty goals and short-term realities is a necessity in today's highly competitive and innovation-driven business climate--and attainable by relying on both a deeply embedded, analytically driven company culture and intuition.
Leaders today must be both data savvy and intuitive. Without intuition in addition to historical perspective about how past decisions have influenced future outcomes, leaders at any company will find themselves operating based merely on what information they have today. That's risky in any industry and particularly in those where innovations and opportunities emerge over longer periods of time.
For example, insurers and their commercial policyholders need to apply bifocal vision to cyber risk. Cyber preparedness should begin well before a data breach ever happens. The first step is to develop a comprehensive cyber emergency response plan for all employees in advance.
A well-thought-out plan should include best practices to help minimize the potential for a data breach, as well as outline steps to follow if an incident does take place. For example, an effective plan will typically identify managers to contact in the event of a breach, and outline when to make such contact. A company should also identify ways to make the response plan normative throughout its workforce--that is, make it almost second nature as opposed to an afterthought. One generally effective method to educate stiff is periodic drills. During the exercise, it's critical for everyone, including company management and key decision-makers, to be on board and know who will handle what.
Many of the tasks necessary to prepare for a potential breach, and those tasks that may be necessary after a breach, seem daunting. A company that has suffered a data breach may need to notify its customers. Currently, 47 states, the District of Columbia, Guam, Puerto Rico and the U.S. Virgin Islands have enacted laws that require companies to notify affected individuals of a potential data breach. Additionally, a company may also need to determine whether a data breach actually occurred. That may require a forensic analysis to help determine what, if any, personally identifiable information or protected health information was accessed and how the system was attacked.
But companies don't have to go it alone. Many cyber insurers have partnered with cyber-related service firms. They can provide pre-breach services, to prepare for and reduce the likelihood of a breach, and post-breach services, to respond to and reduce the impact of an incident.
Ben Franklin, as history attests, was a man not only with clear vision but also foresight. To prepare for a data breach now and understand what to do should a crisis occur is truly the definition of a bifocal view of cyber risk--and the source of security today and in the future.
Best's Review columnist Scott G. Stephenson is chief executive officer of Verisk Analytics. He can be reached at email@example.com
|Printer friendly Cite/link Email Feedback|
|Author:||Stephenson, Scott G.|
|Date:||Jan 1, 2015|
|Previous Article:||Reinsurers raise their game in the Middle East: a greater local presence for global reinsurers and a deepening local talent pool are remaking the...|
|Next Article:||Busy markets: Munich Re sees significant marine business growth in Asia via its new underwriting center in Hong Kong.|