About Caroline McDonald

Caroline McDonald is the senior editor of the Risk Management Monitor and Risk Management magazine.

Weather Threatens Oroville Dam Emergency Efforts

As measures are taken to repair a damaged spillway at the Oroville Dam in Northern California, weather forecasters are calling for rain later this week. Almost 200,000 people were evacuated from their homes below the dam, the largest in the country, on Feb. 12 as erosion of the dam’s emergency spillway threatened to flood the towns below.

While the situation was said to have stabilized on Sunday morning, conditions worsened and evacuation orders were issued. Roads in the area quickly backed up as a result, according to reports.

The dam’s main spillway was damaged after a winter season of record rains and snows following years of drought in the state.

Photo: California Department of Water Resources

California Representative John Garamendi told MSNBC that the evacuation was essential. “Fortunately when they were able to open the main spillway gates. That began to lower the reservoir level, because the water coming into the reservoir was about half of what they were able to expel down the main spillway, so it’s stabilized.”

The next issue, he said, is whether the spillway can be patched up “sufficiently to weather the storms that are clearly ahead of us.” Garamendi added that the months of March and April are the heavy storm season in the state.

Sheriff Kory Honea of Butte County said at a press conference that the Department of Water Resources (DWR) reported that the dam’s erosion is not advancing as rapidly as they thought. He said a plan is in place to plug the hole in the spillway by dropping large bags of rocks by helicopter. The DWR said that another measure being taken to relieve pressure on the spillway has been to raise the rate of discharge water from 55,000 cubic feet per second to 100,000 cfs, which it said has been working.

Helicopters transport large bags of rocks from the Oroville Dam parking lot, to the erosion site at the Oroville Dam auxiliary spillway in California, to help fight further erosion, February 13, 2017. Oroville is in Butte County. Florence Low / California Department of Water Resources

The New York Times reported that Northern California is close to 225% above normal rainfall levels since Oct. 1. According to the Times:

Repeated rounds of rain have pounded the area in recent weeks, rapidly raising the water level at Lake Oroville, the second-largest reservoir in California and a linchpin of the state’s water system. On Tuesday, a gaping hole opened in the main spillway that is used to release extra water. Early Saturday, an adjacent emergency spillway was also put into use, the first time water flowed over it since the dam was finished in 1968, department officials said.

State officials have said the 770-foot Oroville Dam itself, the nation’s tallest, is sound.

The problems with Oroville Dam are not a surprise to some. In 2005, during a relicensing process for the dam, three environmental groups warned the DWR of potential dangers with the emergency spillway, which is not a concrete spillway, but a concrete lip with a dirt hillside below. The concern was that the hillside could be easily eroded in the case of an emergency.

The Washington Post reported:

The upgrade would have cost millions of dollars and no one wanted to foot the bill, said Ronald Stork, senior policy advocate for Friends of the River, one of the groups that filed the motion.

“When the dam is overfull, water goes over that weir and down the hillside, taking much of the hillside with it,” Stork told The Washington Post. “That causes huge amounts of havoc. There’s roads, there’s transmission lines, power lines that are potentially in the way of that water going down that auxiliary spillway.”

Federal officials, however, determined that nothing was wrong and the emergency spillway, which can handle 350,000 cubic feet of water per second, “would perform as designed” and sediment resulting from erosion would be insignificant, according to a July 2006 memo from John Onderdonk, then a senior civil engineer for the Federal Energy Regulatory Commission.

Garamendi said that “What happened with the widening of the sinkhole was the result of someone overlooking the problems, including the fact that there was no concrete apron on the spillway.”

He also noted that while there will most likely be federal dollars to help rebuild the dam, “This is just one really startling, quite tragic and potentially catastrophic example of what’s happened to the infrastructure across America. We’ve seen bridges collapse in Minnesota, we’ve seen them on I-5 in Washington State and now this reservoir, which is the linchpin of California’s water system.”

Delta Outage Spotlights Technology Risks


Delta’s computer outage on Jan. 29 was over by midnight, but its effects have extended into the week, not only resulting in 170 cancelations on Sunday, but grounding more than 100 flights on Monday and causing many delays. Adding to the frustration was the fact that the company’s mobile apps were also not working.

This latest incident follows another computer outage for Delta in mid-August, when flights were canceled for two days, leaving thousands of passengers stranded.

Such outages can be costly. A Southwest Airlines outage in July caused more than 2,000 flights to be canceled and cost about $54 million. The August Delta outage, which involved a fire, resulted in cancellation of 2,300 flights over three days and cost the airline $150 million in lost revenue, according to USA Today.

Jim Corridore, an analyst at CFRA Research, told USA Today on Monday that Delta’s computer outage puts a “spotlight on risks of airline technology infrastructure, much of which is old and patched with differing systems.” He said that airlines build new programming over old software, especially after a merger, when computer languages may differ. Programmers’ assumptions about how software will work are sometimes wrong.

While large companies such as Delta would have fewer outages with more testing of their systems, this is an expensive proposition.

According to USA Today:

Gil Hecht, CEO of Continuity Software, which tests computer systems for large banks and insurers, compared the construction of complex computer systems to a layer cake, with web servers, database software, storage and possibly interaction with other systems such as government computers that check whether passengers are allowed to fly.

“Testing should be done by every single layer and every single business service that participates in the critical infrastructure, and some of them are simply not under the airline’s control,” Hecht said.

He compared one way of testing to running a car into a tree to see whether the airbags work, which isn’t possible while keeping a computer system working. Instead, testing for a large financial institution or airline must confirm that each layer is configured to work well with all the others, he said.

“In order to do that, critical infrastructure operators must do much more testing, whether it’s manual by humans or by technology or by any means possible,” Hecht said. “Yes, it costs money. Quite a lot. But if more money and more effort will be driven into testing, we will have far less down time and data-loss events.”

Aon Introduces Single-Parent Captive Cyber Insurance Program


With cyberattack listed as one of their top risks, organizations are looking for ways to mitigate their risk in a market where cyber insurance rates are quickly rising. According to the Center for Strategic and International Studies, the annual cost of cyber crime and economic espionage to the world economy runs as high as $445 billion, or about 1% of global income.

This does not include intangible damage to an organization, however. Companies are purchasing more insurance to cover the risk. In 2014, the report said, the insurance industry took in $2.5 billion in premiums on policies to protect companies from losses resulting from hacks.

As a result, captive insurers are being used more and more for coverage.

Aon said it is addressing shortcomings in traditional cyber coverage with a cyber captive program with capacity of up to $400 million. Companies looking to form a captive would undergo a review to quantify their cyber exposures.

According to Peter Mullen, CEO of Aon Captive and Insurance Management, the program is designed to help clients understand their risk profile. “Once this is understood, they are is in a better position to make decisions about how much risk to retain in their captive and how much risk to transfer to the program,” Mullen said. “The program allows captives to purchase coverage up to $400 million on a reinsurance or excess insurance basis.”

The cyber captive program will be domiciled in Bermuda and is available to single-parent captives. The basis for coverage will be “a very broad form which includes coverage for property damage and business interruption following a cyber event,” he added.

“Building a large tower of limits can be hampered by differing policy terms and conditions and dislocation of rates at different layers in a program,” Mullen said. “Additionally, many organizations facing cyber risks that can result in physical impacts, such as property damage and business interruption, agree that a more comprehensive approach to cyber risk is needed.”

Flood, Wind Dominant Natural Hazards in 2016

While most natural hazards occurring in the United States last year saw average or below average activity, the exceptions were flood and wind, according to the CoreLogic report Natural Hazard Risk Summary and Analysis, released today.

Severe flood events driven by substantial rainfall were the dominant natural hazards, with Louisiana and North Carolina floods being the major loss contributors. As in 2015, hurricanes and tropical storms in 2016 continued to cause inland flooding through increased and intense rainfall—even when not making landfall, according to the report.

The National Oceanic and Atmospheric Administration (NOAA) said there were 12 individual weather and climate disaster events in the U.S. with losses exceeding $1 billion in 2016.

According to the report:

  • Based on NOAA and CoreLogic analysis, the overall flood loss in 2016, driven by six, 1,000-year plus rain events, was approximately $17 billion, which is six times greater than the overall flood damage experienced in 2015.
  • The U.S. Geological Survey (USGS) recorded 943 earthquakes of magnitude 3.0 or greater in 2016, with more than 60 percent of these earthquakes located in Oklahoma.
  • The National Interagency Fire Center (NIFC) reported a total of 5,415,121 acres burned from 62,864 separate fires in 2016. While the total acres burned in 2016 fell below the 10-year average, significant losses occurred, with thousands of homes in California and Tennessee destroyed by several smaller fires that burned in populated areas.
  • Wind activity in 2016 was slightly above average, due in large part to strong winds brought by Hurricane Matthew.
  • Hail activity in 2016 was near the average, and Texas experienced the worst of this natural hazard.
  • Tornado activity in 2016 was near average compared with previous years.
  • Hurricane Matthew developed late in the year and grew to a Category 5 storm, resulting in substantial damage along the southeastern seaboard.
  • There were below-average levels of tropical cyclone activity in the western North Pacific Basin encompassing East and Southeast Asia in 2016.

However, 2016 became known as the year without a winter. Nine winter storms impacted the U.S. in 2016, the most notable being the late-January winter storm in New York.

“History has continually shown us that it is impossible to determine exactly when or where the next wildfire, flood or earthquake will strike, which is why preparedness, response and post-loss assessment are paramount,” CoreLogic said.