Immediate Gains Immediate Vault Immediate Access

RIMS Kicks Off RISKWORLD 2022 Honoring Top Risk Professionals

SAN FRANCISCO—At today’s RISKWORLD 2022 opening ceremony and awards luncheon, RIMS recognized top risk management and insurance professionals with the society’s annual awards.

This year’s Risk Manager of the Year is Courtney Davis Curtis, assistant vice president of risk management and resilience planning for the University of Chicago. As reported in the cover story of the 2022 RIMS Awards Edition of Risk Management, Curtis oversees a small risk management team at UChicago that is responsible for insurance programs covering a wide array of risks, claims management and alternative risk financing and captive operations. In addition to weathering the pandemic and a couple of significant property losses in 2021, Curtis also co-led the sourcing and adoption of a new enterprise risk management framework. Additionally, she has made significant contributions to the broader risk community, serving as this year’s president of the University Risk Management and Insurance Association (URMIA), where she has instituted a new diversity, equity and inclusion (DEI) initiative for risk professionals in the education sector.

“Courtney Davis Curtis’ risk management philosophy is spot on,” said RIMS President Patrick Sterling. “Risk professionals must make it their priority to deliver solutions and create pathways for strategic initiatives to move forward. Not only is Courtney’s tremendous success at the University of Chicago inspiring but her commitment to giving back to the global risk management community and sharing her experiences to advance this profession is beyond admirable. It is RIMS honor to present Courtney with the 2022 Risk Manager of the Year Award.”

Risk management legend and former RIMS President Lance Ewing earned the society’s most prestigious award, the Harry and Dorothy Goodell Award. Ewing, vice president of enterprise risk management and operations for the San Manuel Band of Mission Indians, was honored for furthering the risk management discipline through outstanding service and achievement.

In recognition of outstanding programs implemented within her organization, the newest inductee into the Risk Management Honor Roll is Jana Utter, vice president of enterprise risk management for Centene Corporation.

“Collaboration is critical to risk management success and it is apparent that Jana Utter’s ability to bridge gaps across her company has created opportunities to build a strong, cross-functional program that accentuates risk management’s value at Centene,” Sterling said. “Through her volunteer work serving on RIMS committees, this society has benefited directly from her expertise and we could not be more proud than to induct Janna into RIMS Risk Management Honor Roll.”

The society also honored excellence among its chapters, which have been particularly pivotal for engaging the risk community with professional development and networking opportunities amid the pandemic. Lori Seidenberg, director and global head of real assets insurance risk management for BlackRock, Inc., and the current president of RIMS New York Chapter, received the Ron Judd “Heart of RIMS” Award for outstanding performance in furthering the risk profession through the society’s chapters. Several chapters were also recognized for offering exceptional resources, programming and professional opportunities for local members, including RIMS Chicago, RIMS Nevada, RIMS Upstate New York and RIMS Washington. The Atlanta chapter was named RIMS Chapter of the Year, an honor accepted by Tamieka Weeks, Atlanta chapter president and manager of insurance risk for Southwire Company.

Among rising risk professionals, the RIMS Rising Star Award went to Charles Vu, enterprise risk supervisor for California’s State Compensation Insurance Fund, who was honored as an up-and-coming leader in the risk management community for “demonstrating exceptional initiative, volunteerism, professional development, achievement and leadership potential.”

For more information on this year’s award winners and their experiences in risk management, RIMS members can also check out the April 2022 RIMS Awards Edition of Risk Management, available as a digital issue here and a special print issue for those attending RISKWORLD.

On Data Privacy Day, Catch Up on These Critical Risk Management and Data Security Issues

Happy Data Privacy Day! Whether it is cyberrisk, regulatory risk or reputation risk, data privacy is increasingly intertwined with some of the most critical challenges risk professionals face every day, and ensuring security and compliance of data assets is a make or break for businesses. In Cisco’s new 2021 Data Privacy Benchmark Report, 74% of the 4,400 security professionals surveyed saw a direct correlation between privacy investments and the ability to mitigate security losses. The current climate is also casting more of a spotlight on privacy work, with 60% of organizations reporting they were not prepared for the privacy and security requirements to manage risks with the shift to remote work and 93% turning to privacy teams to help navigate these pandemic-related challenges. Amid COVID-19 response, headline-making data breaches and worldwide regulatory activity, data privacy is also a critical competency area for risk professionals in executive leadership and board roles, with 90% of organizations now asking for reporting on privacy metrics to their C-suites and boards.

“Privacy has come of age—recognized as a fundamental human right and rising to a mission-critical priority for executive management,” according to Harvey Jang, vice president and chief privacy officer at Cisco. “And with the accelerated move to work from anywhere, privacy has taken on greater importance in driving digitization, corporate resiliency, agility, and innovation.”

In honor of Data Privacy Day, check out some of Risk Management’s recent coverage of data privacy and data security:

CPRA and the Evolution of Data Compliance Risks

Also known as Proposition 24, the new California Privacy Rights Act (CPRA) aims to enhance consumer privacy protections by clarifying and building on the expectations and obligations of the California Consumer Privacy Act (CCPA).

Frameworks for Data Privacy Compliance

As new privacy regulations are introduced, organizations that conduct business and have employees in different states and countries are subject to an increasing number of privacy laws, making the task of maintaining compliance more complex. While these laws require organizations to administer reasonable security implementations, they do not outline what specific actions should be taken. Proven security frameworks like Center for Internet Security (CIS) Top 20, HITRUST CSF, and the National Institute of Standards and Technology (NIST) Framework can provide guidance.

Protecting Privacy by Minimizing Data

New obligations under data privacy regulation in the United States and Europe require organizations not only to rein in data collection practices, but also to reduce the data already held. Furthering this imperative, over-retention of records or other information can lead to increased fines in the case of a data breach. As a result, organizations are moving away from the practice of collecting all the data they can toward a model of “if you can’t protect it, don’t collect it.”

3 Tips for Protecting Remote Employees’ Data

As COVID-19 continues to force many employees to work from home, companies must take precautions to protect sensitive data from new cyberattack vulnerabilities. That means establishing organization-wide data-security policies that take remote workers into account and inform them of the risks and how to avoid them. These three tips can help keep your organization’s data safe during the work-from-home era.

What to Do After the EU-US Privacy Shield Ruling

It was previously thought that the EU-US Privacy Shield aligned with the EU’s General Data Protection Regulation (GDPR), but following the CJEU’s recent ruling, the Privacy Shield no longer provides a mechanism for legitimizing cross-border data flows to the United States. This has far-reaching consequences for all organizations that currently rely on it. In light of the new ruling, risk professionals must help their organizations to reevaluate data strategies and manage heightened regulatory risk going forward.

The Risks of School Surveillance Technology

Schools confront many challenges related to students’ safety, from illnesses, bullying and self-harm to mass shootings. To address these concerns, they are increasingly turning to a variety of technological options to track students and their activities. But while these tools may offer innovative ways to protect students, their inherent risks may outweigh the potential benefits. Tools like social media monitoring and facial recognition are creating new liabilities for schools.

2020 Cyberrisk Landscape

As regulations like CCPA and GDPR establish individuals’ rights to transparency and choice in the collection and use of their personal data, one can expect to see more people exercise these rights. In turn, businesses need to ensure they have formal and efficient processes in place to comply with such requests in the clear terms and prompt manner these regulations require, or risk fines and reputation fallout. These processes will also need to provide sufficient documentation to attest to compliance, so if businesses have not yet already, they should be building auditable and iterative procedures for “data revocation.”

Data Privacy Governance in the Age of GDPR

As personal information has become a monetizable asset, risk, compliance and data experts have increasingly been forced to address the regulatory and operational ramifications of the rapid, mass availability of personal customer and employee data circulated both inside and outside of organizations. With new data protection regulations, Canadian and U.S. companies must reassess how they process and safeguard personal information.

Key Features of India’s New Data Protection Law

Among the new data protection laws on the horizon is India’s Personal Data Protection Bill. While the legislation has not yet been approved and is likely to undergo changes before it is enacted, its fundamental structure and broad compliance obligations are expected to remain the same. Companies both inside and outside India should familiarize themselves with its requirements and begin preparing for how it will impact their data processing activities.

Black Lives Matter: Taking Action on Diversity and Inclusion

As protesters across the United States call out systemic racism and police violence against Black people, and Pride Month honoring the LGBTQ+ community begins, diversity and inclusion issues are—and should be—drawing headlines and dominating conversations around the world.

RIMS CEO Mary Roth and 2020 President Laura Langone released a statement Friday saying:

“To the Black members of our community, we cannot fully appreciate how pained you must be by not only this most recent act—but by all acts that reflect bigotry and hatred in our nations’ communities. What we can do is accept the responsibility to ensure that RIMS community reflects something different. Let us be clear: RIMS does not tolerate any form of racism or discrimination in our global community. And we will always look for ways to improve.”

The editors of Risk Management and the Risk Management Monitor echo this message and stand with our Black colleagues, RIMS members and the Black community at large.

As we all look to support, advocate, learn and do better, we have compiled a list of resources to help, including industry advocacy groups for Black risk and insurance professionals, as well as resources for strengthening your organization’s policies, procedures and diversity and inclusion programs. You can also review selections from our previous coverage of diversity and inclusion below:

Industry Advocacy Groups and Research

National African American Insurance Association (NAAIA)

International Association of Black Actuaries

REPORT: The Journey of African American Insurance Professionals, from Marsh and NAAIA

For public sector risk professionals:

The Government Alliance on Race and Equity (GARE)

National Forum for Black Public Administrators

From ICMA, the association for professional city and county managers: WEBINAR: Sharpening the Focus on Social Equity to Make Strategic Budget Decisions

ARTICLE: Silence Is Complicity: Can White America Demonstrate that Black Lives Matter?

Diversity and Inclusion Resources

Global Diversity and Inclusion Benchmarks, Standards for Organizations Around the World, from the Centre for Global Inclusion

The Diversity & Inclusion Revolution, Eight Powerful Truths, from Deloitte

Corporate Equality Index, from the Human Rights Campaign

Previous Risk Management Coverage on Bias, Diversity and Inclusion

Beyond Pride: Building Strong Diversity and Inclusion Programs

Pale, Stale & Male: Does Board Diversity Matter?

The Benefits of Diversity & Inclusion Initiatives

Getting Serious About ESG Risks

Why Cultivating and Maintaining a Diverse Workforce Is Important

Activists Against Insurers

RIMS Risk Forum India 2019: Top Risks and a Special Edition Magazine

rims risk forum india 2019

MUMBAI—”Why are we here?” asked RIMS CEO Mary Roth, welcoming over 100 risk professionals to the recent RIMS Risk Forum India 2019 in Mumbai. “If you look around this room, I think we all share very similar reasons. Risks are changing. Today’s risks seem more complex, and they hit our organizations faster. Think about our climate: heat waves, droughts, and other extreme weather events we’re experiencing. Data: it’s abundant and rich. Technology: it’s evolving overnight, and so are the related risks and opportunities.”

She added, “Expectations have never been greater for our organizations to quickly adapt and implement emerging technologies, address cyber exposures, brace for political change, and uphold ethical and social standards.”

The day’s sessions delved into critical issues like emerging technology, fraud, regulation, and building a risk culture, drawing upon expertise from panelists ranging from the C-suite to regulators themselves. Another key theme was clear to all in attendance: the rapidly shifting role of risk management in organizations across India, and the opportunities that new risks are presenting here.

top risks india 2019According to the new Marsh and RIMS “Excellence in Risk Management” report State of Risk Management in India 2019, which was unveiled at the forum, many of these issues dominate the risk landscape for organizations operating in the country. Indeed, cyberattacks, extreme weather, and data fraud or theft top the agenda for risk professionals in India this year.

Across 23 industries, a vast majority of senior risk professionals cited cyberrisk as their top concern, with 62% agreeing cyber poses the greatest risk to their organization—nearly four times the number who prioritized the runner up, weather events.

“India, like other countries, has been susceptible to malicious cyber attacks and there is growing awareness among corporates of the need to ensure they have appropriate cybersecurity controls,” said Sanjay Kedia, Country Head and CEO, Marsh India. “Firms need to keep up with the evolution of cyber threats if they are to capitalize on technology-based opportunities. This will require organizations to make additional investment to ensure they have adequate protection.”

As the profession matures and expands in the region, risk professionals looking to earn a seat at the table are focusing on their potential to serve as a key strategic partner driving these investments.

“Global business leaders who have engrained risk management into the fabric of the organization’s strategic planning processes have become better equipped to make informed, proactive, and rewarding decisions,” said RIMS CEO Mary Roth.

“India’s risk management community continues to demonstrate its strength, as well as its passion for developing advanced capabilities that support growth and innovation.”

risk management india special edition coverTo that end, these top issues are also covered in greater depth in a recent special issue of Risk Management curated specifically for risk professionals in India. Originally available exclusively for attendees of this year’s RIMS Risk Forum India, Risk Management Special Edition: India is now available for readers worldwide. Check it out today and, if you have any feedback, we would love your input to help inform future international coverage—email your thoughts to HTuttle@rims.org.