Tag Archives: RIMS 2012 Philadelphia

Immediate Vault Immediate Access

ERM, Cyber Risk and Ed Hochuli

Posted on by

Risk management and the sports world unexpectedly intersected in a morning session at RIMS 2012, when panelists discussed how adopting an ERM strategy can help mitigate cyber risk while under the watchful eye (and whistle) of session moderator and well-known NFL referee Ed Hochuli. Much like in an NFL game, Hochuli, who is also an attorney with Jones Skelton & Hochuli, took control of the discussion by donning his referee jersey and throwing his penalty flag whenever any of the presenters went over a pre-determined time limit for remarks.

Panelists Carol Fox of RIMS, David Speciale of Identity Theft 911, Richard Magrath of USLAW NETWORK and John Hall of Hall Booth Smith & Slover were flagged for multiple delay-of-game penalties (and one good-natured taunting violation), but this did not stop them from delivering their timely and informative presentation.

As data breach incidents, such as Sony’s infamous PlayStation Network breach last year,  have increased, so has the financial and reputational impacts. Perhaps more importantly, however, this so-called cyber risk no longer only belongs to IT departments. In fact, many IT departments may not even understand the entire scope of the risk. “They are used to dealing with how many servers they have, not necessarily what is on those servers,” said Fox. Since data breaches effect the entire enterprise, mitigation and remediation efforts need to involve all departments in order to effectively limit damages and reduce costs. This makes a data breach plan a vital component of a company’s ERM program.

And given all the complex data protection regulations, jurisdictional issues, and due diligence and privilege concerns, Magrath and Hall recommended that risk managers do not try to go it alone and instead, should engage counsel as a kind of quarterback to help them assess their risk and make sure they are as protected as they can be.

Speciale warned that despite all of a company’s best efforts, 100% protection may be impossible and some fallout may be unavoidable. “When a company is breached, a small percentage of people will never do business with them again,” he said. The key, then, is to be able to prevent as many breaches as you can and then strengthen your defense so you are a less attractive target.

In order to help companies develop a plan of their own, RIMS, US LAW NETWORK and Identity Theft 911 developed an executive report entitled “ERM Best Practices in the Cyber World.” The report details how risk managers can go about developing an effective data breach plan of their own. As the session made clear, thousands of dollars of investment could prevent millions of dollars in losses.

Former Presidents Roundtable at RIMS 2012

Posted on by

Ever wonder what the former RIMS presidents have been up to since they fulfilled their leadership service to the Society? Well, they’re still practicing risk management — and doing it well.

At the RIMS 2012 Conference & Exhibition in Philadelphia, one of this morning’s sessions brought together past presidents who have a combined 100 years of experience in the field. They were:

  • Louis Drapeau, director of risk management for the University of Kentucky
  • Lance Ewing, vice president of Chartis
  • Michael Liebowitz, director of insurance and risk management for New York University
  • Christopher Mandel, executive vice president of professional services for rPM3
  • Janice Ochenkowski, managing director at Jones Lang LaSalle Incorporated
  • Mark Walls, assistant vice president of claims for Safety National (moderator)

The first issue discussed was the state of the economy and how that affects risk managers across all industries, to which Ewing remarked, “I don’t think they’re looking at the poor economy and wondering what to do, I think they’re living the economy and figuring it out as they go.” He also emphasized the importance of risk managers taking this opportunity to get in face time with senior management and claims people. Liebowitz added that companies will likely go looking for other sources of revenue during hard economic times and, therefore, will look to emerging markets. But with emerging markets come emerging risks.

When asked about the impact of the eurozone financial crisis, everyone was in agreement that it undoubtedly affects the industry. “We’re seeing the beginning of a hardening market in Europe,” said Liebowitz. “It’s a mirror of what we’re seeing here in the U.S.” Ochenkowski reminded everyone that investors in European banks are from all over the world and the impact from the eurozone financial crisis is global, not centered solely in Europe.

The topic of social media and cyber liability was brought up, and rightly so and it is a serious emerging risk that will affect every company sooner or later. “We’ve decided to embrace social media but we can’t ignore the risks,” said Ochenkowski. “We ask ourselves, ‘how can we do it not viewing it as a risk, but as an opportunity?'” To control the risks, Jones Lang LaSalle has incorporated social media guidelines for employees. “You can go from a nobody to viral in 15 seconds,” said Ewing. Referencing the recent Pink Slime incident and how both traditional media and social media coverage of the event eventually caused the company’s demise. “There should be no doubt about its potential,” he said. Indeed. As Leon Panetta has said, the next Pearl Harbor is going to be a cyber attack.

And it wouldn’t be a meeting of risk management minds without the mention of reputational risks. “A company’s reputation comes down to its weakest employee,” said Ewing, as he emphasized that the risks of reputational damage gives risk managers an opportunity for more face time with senior leaders and a chance to explain how the’re going to protect the company’s reputation and brand image. Drapeau recounted his school’s recent NCAA championship win and how he prepared for the following riotous behavior of students and fans because, if he had not, the school’s reputation would have suffered. “We faced risk immediately [following the game], but we did a lot of preparation in advance,” he said.

Napco Spencer Cup Hockey Tournament Raises Money for Risk Management Education at RIMS 2012

Posted on by

On Saturday night, some 60 RIMS 2012 attendees gathered to skate around an ice rink carrying sticks and shoot rock-hard pucks of vulcanized rubber at one another. Not exactly the type of behavior you would expect of risk managers: even with helmets, gloves and pads, ice hockey is dangerous.

buy female cialis online meadowcrestdental.com/wp-content/uploads/2023/10/jpg/female-cialis.html no prescription pharmacy

But there are no rewards without risks, and for all involved, the upside of the Napco Spencer Cup hocket tournament — fun and raising money for risk education — far outweighed any safety concerns. After all, the four-team round robin tournament raised $12,000 for the Spencer Educational Foundation, a nonprofit that grants scholarships to college students pursuing degrees in risk and insurance.

According to Napco CEO David Pagoumian, who played in the game along with RIMS Director of IT Mike Peters (pictured above), his company has been sponsoring the event since 1997, when it took over from the retiring executives who founded the Spencer Cup in the 1970s to “keep the spirit going.

buy tenormin online meadowcrestdental.com/wp-content/uploads/2023/10/jpg/tenormin.html no prescription pharmacy

The Oakland A’s Billy Beane Addresses RIMS 2012

Posted on by

As the saying goes, “Winning isn’t everything.” That is unless you’re the general manager of a Major League Baseball team. Then it’s probably the main thing. But in the baseball world, winners and losers are often separated by millions and millions of dollars. The smaller market have-nots can’t easily compete with their wealthier large-market counterparts that can spend much more money acquiring star players. Famously, however, the Oakland Athletics’ GM Billy Beane was able to buck this trend in the 1990s by using data analysis to craft a winning team on a relatively small budget. The subject of the book and movie Moneyball, Beane recounted his story in his keynote address this morning at the the RIMS 2012 Annual Conference & Exhibition in Philadelphia.

Beane talked about how his unsuccessful playing career first gave him experience with the proper valuation of assets. As a young prospect, Beane was a first-round draft pick and projected to be a star. But it turned out he was an “overvalued asset” and as he said, he just didn’t have the skills. Beane only played for a few years, compiling a meager .219 career batting average. As an executive, Beane didn’t want to make the same mistakes, particularly since his team didn’t have the money to spend on a pick that didn’t pan out. His cash-strapped team had to get the most bang for its buck, and in order to do that the Athletics needed to identify and invest in undervaled assets that other teams missed.

“The biggest risk for the Athletics was doing things like everybody else,” he said. Beane and his assistant, Paul DePodesta, looked at years of baseball statistics and found that many teams were “paying for skill sets that didn’t correlate with winning.” By concentrating on these areas, such as on-base percentage rather than stolen bases, for instance, Beane put together a baseball team that may not have been glamourous, but it was effective. Throughout the 1990s and early 2000s, the A’s became a frequent contender, depsite their low payroll.

Throughout his career, this adherence to data-driven decision making has meant that Beane has had to make some unpopular and seemingly illogical personnel choices, including trading some of his best players. “The riskiest thing as an A’s fan is to buy a jersey with your favorite player’s name on the back,” he said.

Ultimately, however, the metrics are what rules out. His strategy may not always be popular with the fans, but for Beane, it’s all about what benefits the team. Kind of sounds like what many risk managers have to go through, doesn’t it?