November 20, 2015 by Jeff Pearce
Have some croissants with your conference. There was a French flavor to RIMS and NICC this year, and pourquoi pas? And the election intruded at both events. In Quebec City, RIMS keynote speaker David Suzuki followed up his standard ecology spiel with a few swipes at Stephen Harper during the Q&A session, arguing that the PM “ignores the Opposition and shuts them out. We desperately need to get out of this totally undemocratic government that we have now.” Electorate to Suzuki: wish granted.
There were no politics at the packed Marsh party in a nightclub on Grande Allée, where inhibitions fell as bar tabs rose. And the chatter was over Zurich stealing the show, first with its poutine truck brightening up days of panels and then a far-better-than-expected circus show after the fancy dinner, featuring a shirtless guy who can extend himself out perfectly sideways from a pole, and a woman who made you feel all kinds of inadequate because of what she can do with multiple hula hoops. If only the weather outside hadn’t turned so damn cold.
Meanwhile, over in Montreal, where Quebec’s sunshine was hiding, there was enthusiasm over an insightful Global Leaders panel. And then there was that after-dinner band. Yes, that one.… Well, at least the bar suddenly got more traffic. As usual, some of the best takeaways happened through private conversations with folks. Here are notes on a few that we had.
The talk of breaches and data loss is getting to the point where I’m sure we’ll see a long-bearded vagrant outside with a handpainted sandwich board that reads, “THE END IS 0110 11001100111.” It would be nice if someone could please for the love of gawd move the conversation on cyber to something useful, besides pointing out that it’s a major problem.
So what a refreshing pleasure it was then to discover Brian Huntley, a senior information security advisor for IDT911 Consulting. And yes, now that you ask, it is a subsidiary of a business-to-business provider of data breach management services to organizations and identity theft management services to individuals out of Scottsdale, Arizona. There’s nothing like finding your interview sources in a department store by the tie racks—everything is a teachable moment, and as Huntley paid for his purchase, he noted that credit card chips were “in response to the insufficiency of the magnetic strips to control cyber risks at the point of sale. This is better, and yet in North America the adoption rate has been extremely small.”
We’re in trouble, maintains Huntley, because of a mix of complacency and lack of awareness over how to monitor the sufficiency and adequacy of the security program. As well: “People don’t think through what they have. First off, they don’t inventory their assets. The most critical thing that they don’t inventory is they don’t inventory their information. When you don’t know what you have for information, you find out about your breaches from a third party outside.”
Most organizations, he points out, depend on their IT department to do anything. “IT, while a back office function, isn’t particularly astute necessarily at doing administrative things like compliance, like control, like accounting, that other areas of an organization are. And because of that lack of awareness, people have a tendency to put something in and assume that it’s going to be good forever. And it’s not.”
And people’s lives can change. “Today I’m fine, and my card works here, and I can afford to buy a tie, but if I suffer a financial setback, my employer may not know about that… I may have tons of motivation to commit an insider fraud attack, and they won’t know about it if they’re not paying attention to that.” Huntley argues that the wrong kind of thinking has ruled so far, a mentality that the security so expensively invested should be “built to last”—when that’s quite impossible. Instead of kneejerk reactions to threats, the approach “needs to be programmatic, it needs to be systematic…”
All this begs the question why some very smart people in charge of prominent corporations can be so foolish—or at least careless. But Huntley will remind you that the Gramm–Leach–Bliley Act, which requires financial institutions to provide privacy notices and information to consumers, only came into law around the turn of the millennium. “And people have been so busy reacting over the last 10 or 15 years that nobody’s ever stepped back and thought about it.”
Lynn Oldfield, CEO of AIG Canada, says her company’s board puts cyber at the top of the list in terms of risks. The insurer is “seeing approximately 50 percent of our cyber policies have incidents that [clients] are asking us to investigate on their behalf.” When I asked Oldfield why the lesson of major reported data loss incidents doesn’t seem to be sinking in, she replied, “So every breach that published the name of another million Canadians will up the level of attention, period, full stop. So breach upon breach that gets private information, that affects your next-door neighbour or your spouse or your kid’s teacher—all of a sudden you’ve got full knowledge and people are going to become aware of this risk profile. So it’s big, it’s expanding, it’s growing. Cyber risk is not about making a mistake.
“Employees are your biggest risk. Leaving the laptop in the car is still your biggest risk. However, we have international espionage, we have trade secrets, we have cyber terrorism, we have risks that we haven’t even begun to understand yet that we’re learning about every single day. And some true technology professionals would tell you every single corporation has already been hacked, the hackers will decide when to let you know. It’s big.”
Swiss Re’s chief economist Kurt Karl had said what he’d come to say in front of a podium: that the insurance industry should focus on the needs of the under-insured and engage with governments over risk mitigation. And then a funny thing happened. During the Q&A, he was quite ready to talk about immigration, and the folks who just loved ol’ Doc Suzuki’s save-our-millennial-vegetarian-whales shtick and Harper-bashing got suddenly very still over the issue of new arrivals. Dead silence. Despite a drowned little boy (whose family wanted to come to Canada) threatening to make the Syrian refugee crisis the top election issue—for a while. If it puzzled us, it puzzled him as well, Karl told Top Broker later. “I was travelling in Asia last week, and everybody at the end says, ‘Well, what about immigration in Europe? Isn’t that a real problem?’ And it’s not a problem on the economic side, but it’s a huge problem on the political side.”
Karl suggests that if Europe embraces immigrants and refugees, it’ll have a slightly better ratio of young, educated and skilled people to an aging population. He considers it “odd” that Europe is struggling so much. “The way I put it is that these countries have benefited from having people emigrate, right? Leave their countries and go to other places—you’d think they’d be flattered that somebody wants to come there. And… they could use the labour resources.” He expects it all to be sorted out eventually, “because the European Union is 500 million people, and we’re talking at most 1.5 million immigrants—it’s not a big percentage.”
And unlike others, he’s not sounding the death knell for the Eurozone. “I liken the euro, the European Union and the Eurozone [to] a big family with in-laws, and they like pointing fingers and getting in food fights, and you know, making alliances and complaining about each other. But in the end it’s a big family, and they seem to stick together.”
While the conferences were on, Ulrich Kadow was settling into his job as Allianz’s chief agent for Canada. The appointment made perfect sense, given that he used to head the company’s mid-market Package & Multiline product, which had its biggest growth in this country (he says it’s now projected to earn more than $70 million in terms of premium). But Kadow has been a man in a suitcase for quite a while, establishing lines of business in South Africa, Singapore, Hong Kong, Australia and Denmark.
“There are various industries in the Canadian market that are currently a bit troubled,” Kadow told Top Broker over a coffee. “The mining industry, the oil and gas industry, [and] with the commodities prices being so low, there’s a bit of a lack of investment… and that hurts us a little bit. But not just us, that’s a market risk that all of the carriers are facing.”
Then there’s the aviation industry, where Allianz spreads some pretty big wings. Kadow notes that rates are being driven down thanks to all the capacity and new entrants to the game; “but since Allianz is such a strong player in that space, it obviously affects our portfolio a bit more than it might others.”
If there was another buzz besides cyber going on over cocktails, it surely had to do with all the musical chairs being played. Consolidation, consolidation, consolidation. Kadow admitted that “we’re always looking at opportunities,” but he reasons that an acquisition has to fit an overall strategy. “…Any acquisition comes with a major integration task. It comes with a different culture. It really slows down the internal organization if it doesn’t perfectly fit or fit well into what you’re trying to achieve in the marketplace.”
The office motto, he pointed out, was that Allianz was “hungry but not greedy.”
I see a dark forest with spirits. I see a new man in your life… or a woman, maybe a woman. What were you looking for again? And more deaths on Game of Thrones. Yep, a political pundit’s prophesies and $3 will get you on the subway. To be fair, of course, those of Jamie Watt, the big brain of the Navigator PR firm, often go further than most. At NICC, he had the audience eating out of his hand, warning folks that if they believe an outrageous flake like Donald Trump could never get elected, remember Rob Ford. And he seemed quite sure Stephen Harper would win a minority government.
“But it won’t last,” he told Top Broker. “And the reason for that is that he won’t be able to make a deal with either the Liberals or the New Democrats. So he will get the most seats, I believe, at the moment. But when he goes to the House he will fall, and therefore the governor general will turn to one of the other parties, the second place party, and say to that leader—who I believe will be Mr. Trudeau—can you form a government?” Which he was also sure would need some support from the NDP.
Watt also was dead sure that the Conservatives’ negative commercial campaign was effective, despite their nastiness, and the fact that they were perfect meat for parody by everyone from the NDP to Facebook wits.
“The research would say they are working,” insisted Watt. “People say they don’t like them, but that’s not the test. They’re saying what message you take from them, right? And ‘Just not ready’ is something that keeps getting played back all the time. So it looks like they’re working.”
Perhaps Watt’s bulb shone less brightly over this election because of his own biases. He was credited as the rainmaker who catapulted the Harris Tories into power in Ontario in the 1995 election, only to step down after the Toronto Star dug into his past business affairs and found a conviction for fraud. Navigator has worked for other leading and controversial Tories like Alberta’s Alison Redford and Brian Mulroney, and—very briefly—it represented Jian Ghomeshi before it ditched him as a client.
Copyright 2015 Rogers Publishing Ltd. This article first appeared in the November 2015 edition of Canadian Insurance Top Broker magazine
This story was originally published by Canadian Insurance Top Broker.