2016 Most Dangerous Emerging Risks

Fragmented Voice of Authority: Experts Can Speak but Who’s Listening?

Myopic decision-making based on self-selected information sources results in broad-based societal and economic harm.
By: | April 4, 2016 • 6 min read

On Jan. 11, a German-Russian girl alleged she’d been assaulted by a Muslim mob. Her allegations fed into weeks of anti-immigrant hysteria in Germany and tension between Moscow and Berlin before her statements were unveiled as a hoax.

Advertisement




Fears over Syrian immigrants and Ebola light up our mobile devices as the much broader dangers of E. coli in our food supply and hospital-acquired infections get lost in the digital noise.

Misinformation on the connection between vaccination and autism spreads globally, leading parents around the world to stop inoculating their children. As a result, the measles, thought to be contained, re-emerges as a health threat in California, Germany and elsewhere.

All of these are examples of the fragmentation of the voice of informed authority.  This emerging risk stems from our tendency to self-select information sources, choosing reports that conform with our pre-established notions, rather than trust official statements.

Helen Thompson, director of commercial marketing, Esri

Helen Thompson, director of commercial marketing, Esri

In essence, there are large segments of the population giving more credence to friends’ Facebook posts than to information from the government or some other informed source.

“Because of the way that information is curated and supplied to audiences, people are increasingly curating their own sources of facts, and this changes society’s ability to understand and respond to information. Consequently authoritative information is being distorted based on our own lens,” said Helen Thompson, the director of commercial marketing for Esri.

Thompson pointed to a February extreme weather event in Virginia in which four people were killed as a risk that most people ignore, either because the death toll was “low”, or the risk wasn’t sensational enough.

“Natural disasters slip off the agenda because unless you are directly impacted something you consider equally or more important comes down your curated channel and displaces it,” she said.

“We know that when people are seeking new information, when they perceive a risk of some sort, that they hold onto the first piece of information that makes common sense to them,” said Barbara Reynolds, a senior crisis and risk communications adviser with the Centers for Disease Control and Prevention.

“Unfortunately, sometimes that piece that they are exposed to and hold onto right away could be incorrect, making it more difficult to share correct information,” she said.

The risk is that stakeholders will underestimate grave threats, magnify less substantial ones, and fail to take appropriate action. And negative information, whether by street corner gossip, or through social media, spreads much faster than accurate information which might not be as dire.

“When we see something that affects us in a negative way, we are more inclined to retweet or rebroadcast that information without trying to understand whether this is an actual fact,” said Emilio Ferrara, a researcher with the Information Sciences Institute & Department of Computer Science at the University of Southern California.

“That is one of the most dangerous consequences,” Ferrara added.

“The fact that this conversation can foster the spread of panic, or even mass hysteria, whereas there is no practical risk involved.”

International Consequences

Advertisement




Perhaps the most glaring example is the current presidential election cycle in the United States.

An executive with a European reinsurer said he and his colleagues see the tone of political dialogue in the United States as a threat. That the acrimony, extremism and misinformation being expressed in some corners could lead to grave international consequences.

Among members of the Democratic and Republican parties, what’s emerged is a widespread belief that substantial disruption is needed.  That there is something very “wrong,” and that a radical overhaul is in order.

“Our willingness to accept decentralized dissemination of knowledge and reject centralization of knowledge is what’s changed.” —Helen Thompson, director of commercial marketing, Esri

That’s leading to extreme ideas like building a wall between the United States and Mexico or free college student tuition — without calculating the financial cost or the societal impact.

This when the national unemployment rate is at 5 percent, violent crime is down and we have access to better health care than previous generations, said Thompson.

“Our willingness to accept decentralized dissemination of knowledge and reject centralization of knowledge is what’s changed,” she said.

“For whatever reason, there is widespread mistrust of government and the information it shares at the federal, state and local level.”

Technology Holds the Answer

But just as technology, in the form of social media and the internet, are the vehicles for the spread of misinformation and mistrust, experts agree that technology holds the hope of mitigating, not only internet-spread rumors, but real threats such as food supply chain dangers or internet propaganda campaigns of terror organizations.

Barbara Reynolds, senior crisis and risk communications adviser, Centers for Disease Control and Prevention

Barbara Reynolds, senior crisis and risk communications adviser, Centers for Disease Control and Prevention

“Yes, we have the fragmentation that you are talking about, that is true,” said Barbara Reynolds, the CDC risk and communications adviser who spent her career at the nexus of communications and social psychology.

“But when I put those parts of my knowledge together, I find that for every negative there is a positive,” she added.

In Reynolds’ view, these online postings, Tweets and “shares” mean that government agencies become less paternalistic.

“For someone in the business of trying to help people make good health decisions, this is an invaluable feedback mechanism for me,” she said.

Whereas before it might take her days or weeks to filter through reactions to CDC statements, now she gets that feedback almost immediately.

“You can’t just put out a recommendation, you have to be able to withstand attacks,” she said. “What’s really important is to be out there first. It has to be repeated and it has to come from more than one source.”

That means dropping the notion that you are the only authority and seeking strength in numbers. Reynolds said her organization now knows to communicate in concert with other health care organizations.

“It’s important for us to work with other authorities who are trusted and bring them into the conversation,” Reynolds said.

USC’s Ferrara said he and his co-researchers are creating algorithms that are capable of learning the characteristics of misinformation campaigns.

“We are seeing promising advances into the realm of detecting — and even predicting when it’s possible — forms of artificial orchestrated campaigns.

And a campaign can be defined as sustained efforts from some party or entity or a group of people to push some information out.”

Ferrara is collaborating with a company in Washington, D.C. on a system to be used by the U.S. Department of Defense to identify and mitigate terroristic propaganda campaigns. He is also working on frameworks for the CDC and other health care authorities.

“Yes, we have the fragmentation that you are talking about, that is true. But when I put those parts of my knowledge together, I find that for every negative there is a positive.” —Barbara Reynolds, senior crisis and risk communication adviser, Centers for Disease Control and Prevention

Even though the general population might not be focused on food supply chain risks, Thompson’s Esri is working on solutions.

She said her company is working with international organizations to create a unique way to link every farm in the food supply chain to the produce they grow.

Advertisement




“Now when you say, where did this apple come from and where did this prawn come from, you know its exact origin,” Thompson said.

It’s not only food supply chain risk that can be mitigated in this manner.

Labor law compliance, supply chain concerns over conflict diamonds or “gray market” gold could also be tracked through advanced technology.

“It’s going to require us to exchange information, transfer liability and quantify risk in a different way that’s happened before,” she added.

She said technology improvements and the Internet of Things will also allow for the tracking of every single unit a factory, farm or mine produces. That should provide much greater clarity for companies mitigating or facing a product recall.

“The IOT is going to fundamentally transform the way we monitor compliance and mitigate these classes of major risks,” she said. &

BlackBar

2016’s Most Dangerous Emerging Risks

brokenbridgeThe Fractured Future Infrastructure in disrepair, power grids at risk, rampant misinformation and genetic tinkering — is our world coming apart at the seams?

01b_cover_story_crackCrumbling Infrastructure: Day of Reckoning Our health and economy are increasingly exposed to a long-documented but ignored risk.

01c_cover_story_leadCyber Grid Attack: A Cascading Impact The aggregated impact of a cyber attack on the U.S. power grid causes huge economic losses and upheaval.

01e_cover_story_dnaGene Editing: The Devil’s in the DNA Biotechnology breakthroughs can provide great benefits to society, but the risks can’t be ignored.

Dan Reynolds is editor-in-chief of Risk & Insurance. He can be reached at [email protected]

More from Risk & Insurance

More from Risk & Insurance

2017 RIMS

Resilience in Face of Cyber

New cyber model platforms will help insurers better manage aggregation risk within their books of business.
By: | April 26, 2017 • 3 min read

As insurers become increasingly concerned about the aggregation of cyber risk exposures in their portfolios, new tools are being developed to help them better assess and manage those exposures.

One of those tools, a comprehensive cyber risk modeling application for the insurance and reinsurance markets, was announced on April 24 by AIR Worldwide.

Advertisement




Last year at RIMS, AIR announced the release of the industry’s first open source deterministic cyber risk scenario, subsequently releasing a series of scenarios throughout the year, and offering the service to insurers on a consulting basis.

Its latest release, ARC– Analytics of Risk from Cyber — continues that work by offering the modeling platform for license to insurance clients for internal use rather than on a consulting basis. ARC is separate from AIR’s Touchstone platform, allowing for more flexibility in the rapidly changing cyber environment.

ARC allows insurers to get a better picture of their exposures across an entire book of business, with the help of a comprehensive industry exposure database that combines data from multiple public and commercial sources.

Scott Stransky, assistant vice president and principal scientist, AIR Worldwide

The recent attacks on Dyn and Amazon Web Services (AWS) provide perfect examples of how the ARC platform can be used to enhance the industry’s resilience, said Scott Stransky, assistant vice president and principal scientist for AIR Worldwide.

Stransky noted that insurers don’t necessarily have visibility into which of their insureds use Dyn, Amazon Web Services, Rackspace, or other common internet services providers.

In the Dyn and AWS events, there was little insured loss because the downtime fell largely just under policy waiting periods.

But,” said Stransky, “it got our clients thinking, well it happened for a few hours – could it happen for longer? And what does that do to us if it does? … This is really where our model can be very helpful.”

The purpose of having this model is to make the world more resilient … that’s really the goal.” Scott Stransky, assistant vice president and principal scientist, AIR Worldwide

AIR has run the Dyn incident through its model, with the parameters of a single day of downtime impacting the Fortune 1000. Then it did the same with the AWS event.

When we run Fortune 1000 for Dyn for one day, we get a half a billion dollars of loss,” said Stransky. “Taking it one step further – we’ve run the same exercise for AWS for one day, through the Fortune 1000 only, and the losses are about $3 billion.”

So once you expand it out to millions of businesses, the losses would be much higher,” he added.

The ARC platform allows insurers to assess cyber exposures including “silent cyber,” across the spectrum of business, be it D&O, E&O, general liability or property. There are 18 scenarios that can be modeled, with the capability to adjust variables broadly for a better handle on events of varying severity and scope.

Looking ahead, AIR is taking a closer look at what Stransky calls “silent silent cyber,” the complex indirect and difficult to assess or insure potential impacts of any given cyber event.

Stransky cites the 2014 hack of the National Weather Service website as an example. For several days after the hack, no satellite weather imagery was available to be fed into weather models.

Imagine there was a hurricane happening during the time there was no weather service imagery,” he said. “[So] the models wouldn’t have been as accurate; people wouldn’t have had as much advance warning; they wouldn’t have evacuated as quickly or boarded up their homes.”

It’s possible that the losses would be significantly higher in such a scenario, but there would be no way to quantify how much of it could be attributed to the cyber attack and how much was strictly the result of the hurricane itself.

It’s very, very indirect,” said Stransky, citing the recent hack of the Dallas tornado sirens as another example. Not only did the situation jam up the 911 system, potentially exacerbating any number of crisis events, but such a false alarm could lead to increased losses in the future.

The next time if there’s a real tornado, people make think, ‘Oh, its just some hack,’ ” he said. “So if there’s a real tornado, who knows what’s going to happen.”

Advertisement




Modeling for “silent silent cyber” remains elusive. But platforms like ARC are a step in the right direction for ensuring the continued health and strength of the insurance industry in the face of the ever-changing specter of cyber exposure.

Because we have this model, insurers are now able to manage the risks better, to be more resilient against cyber attacks, to really understand their portfolios,” said Stransky. “So when it does happen, they’ll be able to respond, they’ll be able to pay out the claims properly, they’ll be prepared.

The purpose of having this model is to make the world more resilient … that’s really the goal.”

Additional stories from RIMS 2017:

Blockchain Pros and Cons

If barriers to implementation are brought down, blockchain offers potential for financial institutions.

Embrace the Internet of Things

Risk managers can use IoT for data analytics and other risk mitigation needs, but connected devices also offer a multitude of exposures.

Feeling Unprepared to Deal With Risks

Damage to brand and reputation ranked as the top risk concern of risk managers throughout the world.

Reviewing Medical Marijuana Claims

Liberty Mutual appears to be the first carrier to create a workflow process for evaluating medical marijuana expense reimbursement requests.

Cyber Threat Will Get More Difficult

Companies should focus on response, resiliency and recovery when it comes to cyber risks.

RIMS Conference Held in Birthplace of Insurance in US

Carriers continue their vital role of helping insureds mitigate risks and promote safety.

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at [email protected]