Manulife’s new CEO says insurance industry still in dark ages

BNN 

TORONTO – Incoming Manulife (MFC.TO 1.55%) chief executive Roy Gori said on Thursday the insurance industry is “still in the dark ages” and needs to transform its technologies to adapt to changing consumer behaviors.

Speaking at the Scotiabank Financials Summit, Gori, who is taking over as CEO next month, said the vast majority of Manulife’s technology budget is spent on maintaining existing systems rather than investing in new technologies.

“We need to transform our business to be much more of a technology-driven company,” he said. “We need to become a much more customer-orientated organization and quite frankly the entire industry does. In many ways, if I’m absolutely honest, our industry is still in the dark ages.”

Gori, who will replace Chief Executive Donald Guloien, said customers are looking to be able to buy insurance products instantly rather than be bogged down with paperwork.

“If you apply for an insurance product you’ll get a 16-page application form with 120 questions more often that not. It’s still very paper-based, very manual and, as a result, our industry net promoter scores are really very poor,” he said.

Gori said embracing new technology was key to changing processes.

“Customers engage today on their phones with other organizations in a seamless, transparent and very efficient way,” he said. “That’s not how they work with the insurance industry, so we need to transform our technology footprint.”

RBC first bank in Canada to enable bill payments using Siri

Who doesn’t wish they had an assistant to pay their bills? Thanks to an update to the RBC Mobile app, Royal Bank of Canada (“RBC”) personal banking clients are now the first in Canada who can ask Siri to pay their bills on iPhone and iPad.

Image of the final bill payment screen when paying a bill using Siri on iPhone. ILSTV.com

RBC also launched seamless Interac e-Transfer® payments within iMessage, which means clients can send a transfer without leaving their iMessage window. Building on its market leading, free person-to-person (P2P) money transfer services for chequing account clients launched last year, and money transfers with Siri earlier this year, RBC continues to develop simple and innovative ways for clients to make payments and bank with their mobile devices.

“By offering bill payments through Siri and P2P transfers through iMessage, we’re providing more convenient solutions to support our client’s payment needs,” said Sean Amato-Gauci, executive vice-president, Cards, Payments and Banking, RBC. “Our clients are avid users of Interac e-Transfer payments, and embraced our launch of money transfers using Siri earlier this year. By giving clients the ability to seamlessly and conveniently bank using voice commands, we’re delivering simple and innovative solutions.”

 

Using Siri to pay your bills with the RBC Mobile app

Paying your bills using Siri is simple. Once you give the voice command, Siri will confirm the name from your payee list and the RBC Mobile app automatically debits your account and sends the payment. The payment is secure and protected by TouchID.

Sending an Interac e-Transfer payment is just as simple. Clients simply type the amount of money they’d like to send to their contact in the iMessage window, and authenticate the transfer using TouchID.

These payment solutions are the latest enhancements from the RBC innovation labs, which test new ideas by partnering with academia, fintechs and RBC clients to make banking easier. The RBC labs are actively working on a range of client solutions that will be coming to market this year.

“We’re one of the leading voices on artificial intelligence in Canada, and our integration of Siri into bill payments and P2P transfers are an example of how our clients are already benefitting from these advancements in AI,” said Amato-Gauci. “We’re committed to providing clients with exceptional experiences when, how and where it’s most convenient for them, including exploring ways to integrate into social networks and digital platforms that are essential to their everyday lives.”

The RBC Mobile app was recently awarded the Highest in Customer Satisfaction Among Canadian Mobile Banking Apps by the J.D. Power inaugural 2017 Canadian Banking Mobile App Satisfaction Study. RBC has seen an increase of more than 20 per cent in active mobile users over the past year, a clear indication that more Canadians are using the RBC Mobile app to bank whenever and wherever they want.

The RBC Mobile app is available for free download from the App Store on iPhone and iPad or at www.AppStore.com. For more information about the RBC Mobile app, please visit www.rbcroyalbank.com/mobile/.

About RBC
Royal Bank of Canada is Canada’s largest bank, and one of the largest banks in the world, based on market capitalization. We are one of North America’s leading diversified financial services companies, and provide personal and commercial banking, wealth management, insurance, investor services and capital markets products and services on a global basis. We have approximately 80,000 full- and part-time employees who serve more than 16 million personal, business, public sector and institutional clients through offices in Canada, the U.S. and 35 other countries. For more information, please visit rbc.com.

RBC helps communities prosper, supporting a broad range of community initiatives through donations, community investments and employee volunteer activities. For more information please see: http://www.rbc.com/community-sustainability/.

SOURCE RBC Royal Bank

For further information: Heather Colquhoun, RBC Communications, 437-994-5044, heather.colquhoun@rbc.com; Sarah Hall Turnbull, Blue Sky Communications, 416-458-3878, sturnbull@blueskycommunications.com

Understanding Cyber Threats, Monitoring Data Leakage & Monitoring Reputational Damage

Article by Aaron Baer

Organizations around the world were recently (and rather rudely) reminded of their data vulnerability when WannaCry unleashed its international ransomware attack that seized data remotely and demanded a ransom for its release. This attack provided an important reminder of the risks associated with data breaches and it forced many organizations to take a cold, hard look at their data protection strategies.

In light of this incident, there has arguably never been a better time for organizations to prioritize monitoring and managing digital risk. A recent report published by Digital Shadows (the “Report“) highlights the need for more sophisticated strategies as organizations’ digital footprints continue to expand at an overwhelming rate. As their digital footprints expand, organizations are exposed to new levels of external risk that are not adequately protected by traditional tactics.

A digital footprint is comprised of information left behind as a result of an organization’s or individual’s online activity – it exists outside the boundaries of internal protection. Employees, suppliers and many others with access to corporate data contribute to an organization’s digital footprint on a daily basis, and they (often unknowingly) expose sensitive information in the process.

While most information in the digital footprint is benign, there is a significant portion that is not. Threat actors focus on a subset called the ‘digital shadow,’ which includes exposed personal, corporate or technical information. Usually this information is highly confidential, sensitive or proprietary. Information left exposed in the digital shadow can be embarrassing for a company and can be leveraged by attackers looking to exploit, launch ransomware or other cyberattacks.

At the same time, organizations should be mindful that cyber-attackers are leaving their own digital footprints and digital shadows behind. The Report suggests that the most effective external digital risk management strategies involve monitoring this activity in order to gain insight and plan defensive strategies.

At a basic level, the Report suggests that external digital risk management requires identifying, assessing and taking steps to mitigate risk exposed by the digital footprint. More importantly, however, external digital risk management should involve: 1) understanding cyber threats, 2) monitoring data leakage, and 3) monitoring reputational risks.

Understanding Cyber Threats

According to the Report, tailored threat intelligence capability is the key to understanding cyber threats. Such intelligence should be premised on four main areas:

  1. Indications and warnings;
  2. Actor profiles;
  3. Campaign profiles; and
  4. Emerging tools.

In order to leverage threat intelligence, organizations should adapt their approach to their particular business. Further, they should focus on who the threat actors are, what they are planning, what tools they are using, and what tools may be developed in the future. Simply receiving generic information is not enough. Involving human analysts in the process, it is suggested, will help weed out irrelevant information and ultimately deliver capable and tailored intelligence.

Monitor Data Leakage

Organizations should be vigilant about monitoring data leakage, since attackers can use leaked data to their advantage. The Report suggests focusing on sensitive code, private encryption keys, employee credentials, confidential documents, intellectual property, and social media over-sharing. These areas of data leakage leave organizations particularly vulnerable, not only to attackers who seek to leverage this information in targeted cyber-attacks, but also to competitors and corporate espionage. Knowing the type of information leaked can provide insight into how the information might be used against you in the future.

Knowing when, where and how this information has been leaked is critical to implementing effective mitigation tactics. For example, if employees are leaking sensitive confidential information through the use of personal email or social media, organizations should be aware of this so that they can implement training and disciplinary procedures to counteract the behaviour.

Monitor Reputational Damage

Finally, the Report suggests that monitoring for reputational damage is a key component of effective external digital risk management. Organizations should be aware of ways by which their goodwill and branding are being leveraged online. According to the Report, the top five risk areas include:

  1. Phishing;
  2. Domain infringement;
  3. Spoofed profiles;
  4. Brand defamation; and
  5. Mobile application issues.

Being able to monitor and detect these activities can not only mitigate reputational damage, but also the negative impact on employees and customers.

In the context of cybersecurity, risk is a well-developed concept. The Report suggests that all risk management strategies should take into account external digital risks. As organizations continue to expand their global online presence and digital footprint, risk mitigation strategies must continue to evolve at the same pace.

As set out in another article recently published on The Spotlight, there are many ways to ensure your organization’s data is adequately protected in order to prevent costly data breaches. Organizations need to recognize the true scale of the cyberattacks they face, adapt to the changing landscape, and incorporate these best practices to protect their bottom line from the costs of data breaches.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Source: Mondaq

Know the Odds: The Cost of a Data Breach in 2017

Source: Security Intelligence: Larry Ponemon & Wendi Whitmore

We’ve all heard that when it comes to experiencing a data breach, the question is not if it will happen, but when. You may be wondering about the actual odds of it happening to your organization.

Think about it this way: The chances of being struck by lightning this year are 1 in 960,000. When it comes to experiencing a data breach, according to the Ponemon Institute’s “2017 Cost of Data Breach Study: Global Overview,” the odds are as high as 1 in 4. Therefore, organizations must understand the probability of being attacked, how it affects them and, even more importantly, which factors can reduce or increase the impact and cost of a data breach.

Rapid Response Drives Down the Cost of a Data Breach

Sponsored by IBM Security and independently conducted by the Ponemon Institute, the 12th annual “Cost of Data Breach Study” is out. The findings revealed that the average total cost of a data breach is $3.62 million in 2017, a decrease of 10 percent over last year. Additionally, the global average cost per record for this year’s report is $141, which represents a decrease of 11.4 percent over last year.

Despite the reduction in cost, the average size of a data breach increased by 1.8 percent to 24,089 records. The influencers that impact the cost of a data breach are driven by the country and the IT initiatives underway.

The good news is that organizations can take measures to minimize cost and impact. The 2017 “Cost of Data Breach Study” found that having access to an internal or outsourced incident response team has been the top cost-reducing factor for three years running. An incident response team typically accelerates the time frame in which security events can be contained, which is a significant factor in reducing the overall cost of a breach.

The IBM X-Force Incident Response and Intelligence Services (IRIS) team specializes in providing incident response planning, program development, remediation and threat intelligence to clients in over 133 countries. The team has experience responding to and helping to contain many of the largest data breaches in the world.

Five Steps to Accelerate Your Incident Response

Listed below are five additional tips to help accelerate your organization’s response to a breach.

  1. Speed to respond is critical. The more quickly you can identify what’s happened, what the attacker has access to, and how to contain and remove that access, the more successful you will be.
  2. Set up retainers in advance. In the event of a breach, an experienced team of incident response experts can help you quickly identify and contain the attack, and minimize costly delays.
  3. Access the data needed to answer investigative questions. Be prepared to provide responders with logs and tools to help them understand what happened. For example, what did the attackers access and what did they copy or remove from your environment?
  4. Mitigate the attacker’s access quickly. Plan with the IT staff in advance to understand how to be effective and efficient in a crisis. Consider the following:
    1. How to execute an enterprisewide password reset quickly;
    2. How to reset your service accounts; and
    3. How many of your service accounts have domain administrator credentials.
  1. Establish an internal communications plan. If you have to shut down parts of your environment or reset thousands of users’ passwords, your employees will have a lot of questions. This speculation can have critical ramifications, so it’s important to document a plan to ensure that your employees understand what they can and cannot share publicly.

China propels rise of electric ultra high performance cars

Want an insanely fast ride with zero emissions? Startup NIO has the car: An electric two-seater with muscular European lines and a top speed of 195 miles per hour (313 kilometres per hour).

The catch: The EP9 costs nearly $1.5 million. NIO, a Chinese-Western hybrid with bases in Shanghai, London and Silicon Valley, created it to showcase the company’s technology and had no sales plans. But it is taking orders for “bespoke vehicles” after hearing from buyers ready to pay the eye-popping price.

“We are actually pleasantly surprised how much interest we are getting,” said the CEO of NIO’s U.S. unit, Padmasree Warrior, a veteran of Cisco and Motorola.

NIO is part of a wave of fledgling automakers _ all backed at least in part by Chinese investors _ that are propelling the electric vehicle industry’s latest trend: ultra-high-performance cars.

Manufacturers including Detroit Electric, Qiantu Motor, Thunder Power and NEVS aim to compete with Europe, Detroit and Japan by offering top speeds over 150 mph (240 kph) and features including carbon fiber bodies and web-linked navigation and entertainment.

The ventures mix U.S. and European technology with Chinese money and manufacturing, reflecting this country’s rise as a market and investor for an industry where Beijing wants a leading role. Communist leaders see electric vehicles as a way to clear China’s smog-choked cities and as an engine for economic development.

“We really haven’t seen non-Chinese companies get into this super-technology market,” said Chris Robinson, who follows the industry for Lux Research.

NIO’s backers include Chinese tech giant Tencent Holdings, operator of the popular WeChat messaging service; computer maker Lenovo Group, a Singapore government-owned investment fund and U.S.-based IDG Capital, TPG and Hillhouse Capital.

Some brands are following the strategy of Tesla Inc., which debuted with an eye-catching roadster to establish a premium image before launching lower-priced models.

The instant torque and acceleration of electric cars make them natural performance vehicles.

Detroit Electric, a revival of a pioneering U.S. electric car brand founded in 1907, launched a sports car venture this year with a Chinese battery maker and the government of Yixing, west of Shanghai. For a base price of $135,000, the company promises zero to 60 mph (100 kph) in 3.7 seconds and a top speed of 155 mph (250 kph).

The first seven of 100 cars ordered by European dealers have been delivered, according to its chairman and CEO, Albert Lam, a former Lotus chief executive. He said the company aims to release an SUV in 2018 and wants to have a four-vehicle lineup by 2020.

“Our target is to be the first Chinese-based vehicle company to sell worldwide,” said Lam.

Thunder Power, led by Hong Kong entrepreneur Wellen Sham, has a similarly multinational plan for a sport sedan due out in late 2018.

The company is building a factory in southern China and plans a second in Spain. Engineering work is being handled by Italy’s Dallara Automobili, which helped develop Bugatti’s Veyron, the fastest street-legal car with a top speed of 255 mph (408.84 kph).

Thunder Power promises a top speed of 155 mph (245 kph). The company says its competitive edge will be a battery that can go up to 400 miles (650 kilometres) on one charge, or almost double the 200 to 250 miles (320 to 400 kilometres) of current high-end electrics.

Beijing’s backing has helped to make China the biggest electric vehicle market at a time of uncertainty about the scale of support for the industry from Washington and European governments.

Sales in China of plug-in and hybrid vehicles in the first quarter of this year totalled 55,929, versus 44,876 for the United States.

The Cabinet hopes to have 100,000 public charging stations and 800,000 private stations operating by the end of this year. Regulators are pressing manufacturers to speed up development with a proposal to require that electrics account for at least 8 per cent of each brand’s production by next year.

To raise its profile, the electric vehicle industry launched its own racing circuit, dubbed Formula E, in 2014 with battery-powered Formula One-style cars and events in China, Europe, the United States and Mexico.

Still, no matter how appealing they are, there aren’t enough buyers to support so many high-performance brands, said Lux’s Robinson. He noted Ferrari or Lamborghini might sell only 15 of their fastest vehicles, which are treated as marketing tools and even at prices above $1 million fail to make a profit.

Manufacturers wanting to move into lower priced segments face a crowded market, he said.

“Really, not all of them are going to make it,” said Robinson.

Despite that, the newcomers express confidence they can take market share from established rivals.

NIO’s Warrior points to the transition from cellphones to smartphones, in which industry leaders were displaced by upstarts.

“We are in the beginning of a race. We are all at the same starting position,” said Christopher Nicoll, marketing director for Thunder Power.

Detroit Electric’s Lam said his financial plan calls for each car to be sold at a profit by 2019.

“We are not from the internet world,” he said. “We know how important it is for a car company to make money.”

Other Chinese tech companies including internet search engine operator Baidu Inc. and LeEco, an online video service, are working on electric and self-driving vehicles. Most have research centres in Silicon Valley or Europe.

“China isn’t necessarily a technological leader. They are a production leader,” said Robinson. “A lot of the more advanced electric vehicle, power train and other technology research is going on in Europe and the United States.”

Chinese city governments are forging partnerships with automakers in hopes of becoming manufacturing centres.

That helped Detroit Electric carry out its plans after other investors were uncertain, Lam said. He said the company picked Yixing after talking with four cities.

“We were invited to come to China,” said Lam.

The most prominent homegrown competitor is Qiantu Motor, led by a former executive of a state-owned automaker.

Qiantu says its K50, on sale next year, will deliver a top speed of 125 mph (200 kph) and go 185 miles (300 kilometres) on one charge.

NEVS is developing a sedan to be made in China based on technology acquired from defunct Swedish automaker Saab.

Its owners include National Modern Energy Holdings Ltd., a Chinese developer of renewable energy technology, the government of the eastern city of Tianjin and State Research Information Technology Co., owned by the Chinese Cabinet.

NIO developed the EP9 to promote its technology for self-driving vehicles. The first, a seven-seat SUV, is due to be released in China in 2018.

The company worried buyers saw electrics as a “little toy car.” It wants to “break that mould and say that an electric car can be a serious performance car,” said Warrior.

NIO says a self-driving version of the EP9 hit 160 mph (256 kph) in February on an Austin, Texas, test track.

“We made seven, thinking it was essentially for a collector,” said Warrior. “Now there is increased interest. People actually want to buy this car.”

 

Researchers: We’ve discovered power grid wrecking software

Researchers have found a troubling new form of power grid-wrecking software, tying the discovery to a recent Ukrainian blackout in tworeports published Monday.

The malicious software has the ability to remotely sabotage circuit breakers, switches and protection relays, the reports say, a nightmare scenario for those charged with keeping the lights on.

“The potential impact of malware like this is huge,” said Robert Lipovsky, a researcher with Slovakian anti-virus firm ESET, which first obtained the rogue program. “It’s not restricted to Ukraine. The industrial hardware that the malware communicates with is used in critical infrastructure worldwide.”

Policymakers have long worried over programs that can remotely sabotage industrial systems because of their potential to deal catastrophic damage across the internet. Examples of hackers being able to turn off the lights were once confined to the movie screens, but that is slowly changing. In 2010 researchers discovered Stuxnet, a groundbreaking piece of malware apparently designed to sabotage Iran’s nuclear program by sending its centrifuge machines spinning out of control. In 2015, a cyberattack left upward of 200,000 people without power in Ukraine.

ESET’s report deals with malware tied to a more modest outage reported to have hit a transmission facility outside in Kyiv on the night of Dec. 17, 2016. Ukrainian officials have previous described the incident as a cyberattack, but ESET’s report _ along with another write-up by the respected Maryland-based industrial cybersecurity firm Dragos _ add a wealth technical details, showing how the malware could flip circuit breakers on and off with a string of code before mass-deleting data in a bid to cover its tracks.

The level of sophistication needed to write code for the generally obscure industrial controllers that operate the world’s electrical grids suggests a group of hackers well-versed in the field and with the resources to test their creations in the lab, ESET said.

Lipovsky, the researcher, declined to be drawn on who might be behind the malware, although Ukrainian officials have in the past laid the blame for such intrusions on Russia. Ukrainian officials didn’t immediately return a message seeking comment on the report.

For others in the field, the discovery highlighted the often-discussed dangers of connecting poorly defended industrial computers to the internet.

“The vast majority of industrial control system networks around the world are not protected,” said Galina Antova, the co-founder of infrastructure security firm Claroty.

Ordinary hacking can be disruptive enough, but when something like a power grid is involved, “the impact is much, much more significant.”

 

Page 1 of 5912345...102030...Last »

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from ILSTV

You have Successfully Subscribed!

Pin It on Pinterest