MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA
Transcript of MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA
![Page 1: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/1.jpg)
A Berkshire Hathaway Company
MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA
![Page 2: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/2.jpg)
MAY 1-4, 2016 | THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA
A Comprehensive IT Strategy for Insurers Presented by John Connors, CIO Gen Re May 2, 2016
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 2
![Page 3: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/3.jpg)
Agenda
Impacts of Technology in Insurance Developing a Comprehensive IT Strategy Key Considerations for CEOs Cyber Security Q&A
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 3
![Page 4: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/4.jpg)
Impacts of Technology in Insurance
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 4
![Page 5: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/5.jpg)
Technology Changing the Insurance Ecosystem
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 5
Technology 10
9
8
6
5
2
Pricing
Customer Expectation
Economy & Interest Rates
Regulations
Catastrophes
Digital technologies will continue to transform the market landscape
Impact of External Forces on US P&C Market in 2016 (0=Very low impact, 10- Very high impact)
Source: EY 2016 US property-casualty insurance outlook
![Page 6: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/6.jpg)
Disruptive Technologies in Insurance
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 6
• Which of these are relevant to your business?
• What are the threats and opportunities? Challenge:
Mobile – Computing Everywhere
Cloud Computing
Digital Marketing
Robotics/ AI
Internet of Things
Sensors/ Telematics
Advanced Rating Engines
Decision Analytics
Social Collaboration
Drones
Cyber Security
Electric & Driverless Vehicles
![Page 7: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/7.jpg)
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 7
Where “InsurTechs” May be Better or Faster
•Personalized Service •Online purchasing •Digital Claim Management
Customer Engagement
•Fraud detection •Storage of personal data • Identity verification •Blockchain
Security •Real-time risk mitigation •Pay-per-use •Adapted pricing
Data & Analytics
•Vehicle telematics •Home security •Body sensors •Asset tracking
Internet of things •Blockchain platforms
•APIs •Process Automation
Processing
Threats and opportunities across all functions
![Page 8: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/8.jpg)
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 8
Impacts on Traditional Insurers
Expense advantage opportunity awaits the early movers
Back office Operations will be subject to radical change
![Page 9: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/9.jpg)
Gen Y Customers & Technology
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 9
By 2017 a new breed of customer will start to dominate – Digital Natives
Source: PwC Insurance 2020: Digital
![Page 10: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/10.jpg)
Developing a Comprehensive IT Strategy
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 10
![Page 11: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/11.jpg)
Business Strategy
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 11
How will you determine a clear IT Strategy and measure its success if you cannot articulate your Business Strategy?
Product Innovation
Customer Experience
Speed to Market
Disciplined Underwriting
New Markets
Cost Optimization Distribution Channels Investment
Management Operational Excellence
Risk Management
Technology Strategy must follow and align with the Business Strategy
![Page 12: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/12.jpg)
IT Strategy – Approach
1. Articulate Business Strategy
2. Determine the Business Capabilities
3. Assess the Current State Technology
5. Develop Common Vision & Target Architecture
4. Identify Gaps 6. Assess Solutions and Develop the Roadmap
BusinessServices
Advisor
Participant
Sponsor
Employee
B2B GatewayB2B Gateway
Institution
Constituents Interactions Components
Regulator
Vendor / PartnerSystems
Integration
TechnicalServices
Text Message
Phone PDA
Forms
Browser
Services
ProcessServices
VisibilityServices
OptimizationServices
InformationServices
Plan Setup
Participant Setup
Investment
Reserve Calc
Elections
SecurityServices
VirtualizationServices
Systems MgmtServices
DataServices
Product
Client
Marketingand Sales
Record-keeping
InvestmentMgmt
Financials
Pac
kage
Lega
cy
Cus
tom
Ext
erna
l
InstitutionView
ContactCenter
ParticipantView
FinancialAdvisor
EmployeeWorkplace
Processes
FinancialFinancial
ProductProduct
ClientClient
Offer andCampaignOffer andCampaign
Plan Participants
Plan Participants
InvestmentsInvestments
Data
Rules
Product
Plan
Process
OnBoardingOnBoarding
PricingPricing
FulfillmentFulfillment
CommunicationsCommunications
Contract SetupContract Setup
Receipt ofPayroll
Receipt ofPayroll
SocialMediaInfluencer
Paper
UserServices
RuleServices
ComponentServices
ServiceServices
ProcessServices
InteractionServices
DataServices
SecurityServices
Application Integration ServicesGateway Services Data Integration Services
Systems Management Services
Infrastructure Services
Common Services
Web Browser
Rich Internet Access
HTTP Server
Web Portal
Mobile
Disconnected
Collaboration
Telephony
Imaging
Database Mgmt
Data Quality
Document Mgmt
Business Intelligence
Reporting
ServiceRegistry
ApplicationServer
RulesEngine
BPM
Workflow
Authentication
Authorization
Encryption
Directory Services
GatewayServices Messaging Application Integration
HubETL Data Synchronization
Data Propagation Data Federation
Monitoring Backup and Recovery
Operating Systems and Platforms Job Scheduling ServicesVirtualization Services
Email / SMTP Fax Web Content Mgmt Document Generation Knowledge Mgmt Archival Audit and Logging
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
Institutional
Plan Sponsorand AdvisorSelf Service 3 5RM ServiceDesktop / ToolsOps ServiceDesktop / ToolsParticipantSelf Service 3 5PSC ServiceDesktop / Tools
Data Foundation
Data Strategyand OrganizationalReadiness 3 5OperationalData StoreData Warehouse
Core Data and Functional Services
Customer ProfileInstitutional ViewCustomer ProfileIndividual ViewProducts andServicesPlanFinancialsInvestments 2 3
Analytics / ReportingOperationalReporting 2 3Sales and MarketingAnalytics 5 8Risk ManagementReports and Analytics 2 4Operational ManagementReports and Analytics 0.5 1Corporate PerformanceManagementReports and Analytics(Finance and Pricing) 2 3
Document and Content Management Content Management
HP DialogueUpgrade 1 2iStreamReplacement 1 2Contract Management
ProcessAutomation
CFE and STARSRationalization 6 8NBS - PEAQ - ADB Alignment with STARS 0.25 0.5Additional ProcessAutomation 3 6
On-boardingTransition Team Services and Portal 1 1.5
Integration
Integration Strategyand OrganizationalReadiness 3 5ApplicationIntegration Platform 2 5DataIntegration PlatformRules Platform
ApplicationPlatforms PRT Solution 1 2
$40.75 $69.00
Cost EstimateProgram Project Year 1 Year 3 Year 4Cost
EstimateYear 2
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 12
![Page 13: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/13.jpg)
Business Capabilities
Business capability describes the capacity, materials and expertise an organization needs in order to perform core functions
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 13
0% 10% 20% 30% 40% 50% 60% 70% 80%
Digital marketing/customer engagement
Reduced operational risk
Support new distribution channel
Policyholder self-service
Distributor ease of doing business
Speed to market for true-new products
Speed to market for product changes
Optimized internal workflows
Reduced opearting expenses
Business intelligence/data analytics
Top Capabilities that Business Wants IT to Deliver in 2016 and Beyond (percentage of respondents citing each in the top 3)
Midsize P/C
Large P/C
Source: Novarica Research Council Report
![Page 14: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/14.jpg)
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 14
Systems of Engagement
• Distribution Channels • Underwriting • Customer Relationship
Management • Marketing • Learning & Talent
Management • Collaboration
Systems of Insight
• Risk Analysis • Decision Analytics • Data Warehousing • Reporting • Enterprise Risk
Management • Knowledge
Management • Actuarial – Pricing
Systems of Record
• Technical Accounting • Contract Management • Claims • Collections &
Disbursements • Policy Administration • General Ledger • Records Management • Reserving
Business Capabilities by System Category
Consider Your Current State
SWOT analysis of your technology landscape
What are the major pain points?
Where are the gaps?
![Page 15: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/15.jpg)
Develop a Common Vision
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 15
Gen Re’s Technology Matrix
![Page 16: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/16.jpg)
Develop a Future State Vision
16
Systems of Engagement Systems of Insight Systems of Record
L&H Cert Administration
Technical Accounting
General Ledger
Business Partner
Document Repository
Reserving Systems
Contract Administration
Risk Modelling & Analysis
Rating & Pricing Tools
Decision Analytics
Business Intelligence
Enterprise Data Warehouse
Knowledge Management
Traditional Reporting
L&H Underwriting
Business Process Management
Marketing
Collaboration
Mail & Calendar
PC Treaty Underwriting
Client Connectivity Portal Knowledge Sharing Straight Through Processing
Self Service Analytics Transaction Status Personalized Content
Employee Portal Task Management Calendar
Collaboration Personalized Content
PC Facultative Cert Admin Facultative Underwriting
Enterprise Risk Management
‘Single Purpose’ Apps CRM
Learning & Development
SAP Solution
Microsoft Solution
Other Solution
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016
![Page 17: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/17.jpg)
2013 2014 2015 2016 2017 2018 2020
S O N D J F M A M J J A S O N D J F M A M J J A S O N D J F M A M J J A S O N D J F M A M J J A S O N D J F M A M J J A S O N D F M A M J
Project A
Project B
Project C
Project D
Project E
Project F
Project G
Project H
Project I
Project J
Project K
Project L
Project M
Project N
Project O
Modernization Roadmap
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 17
Sep 2014 Analysis or Prep
Blue Printing
Realization or Development
Warranty Support
Production – Roll Out
Decision Point
Sep 2015 Sep 2016
Mar 14 Nov 14 Sep 2016 Analysis
PUMA Production Definition Aug 2017
Aug 2017 May 2020 Aug 2016 Sep 2014
Oct 2016 Project Gap Analysis
May 2020 Aug 2017
Go Live in 2021
Go Live in 2021
Sep 2017 Aug 2018
Jun 14 Rel 1B Rel 2 Rel 3
![Page 18: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/18.jpg)
IT Roadmap
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 18
• Corporate Priorities / Business Opportunity
• Technology and Product Maturity
• Scale of Investment Requirement
• Budget Distribution – Run vs. Transform vs. Grow
• Organizational Execution Capability (e.g. Resources & Skills)
• IT & Vendor Execution Capability
– Outsourcing of Legacy Systems
• ‘Bi-Modal’ IT
Sequencing Considerations
![Page 19: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/19.jpg)
Key Considerations for CEOs
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 19
![Page 20: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/20.jpg)
Adoption of Cloud Technologies
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 20
0%
10%
20%
30%
40%
50%
60%
70%
80%
SaaS/Cloud for core insurancesystems
SaaS/Cloud for non- coreinsurance systems
Current and Planned Deployment for Cloud/SaaS
Pilot/Test capabilities
Launch capabilities in this areafor the first time
Currently deployed
Source: Novarica Research Council Report
Transfer expertise required to the cloud
provider
Cloud based solutions can:
Reduce capital investments in
technology
Reduce cyber security risk
![Page 21: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/21.jpg)
• Each constrains and enables the others
• All impact business capability
• Transforming one necessitates changing all
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 21
Operational Excellence
People
Technology Process
Operational Transformation
![Page 22: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/22.jpg)
+
22
Gartner‘s1 Governance and Pace Layering Model for Bi-Modal IT
+
Systems of Engagement
-
Systems of Insight
Systems of Record
VEL
OCI
TY A
ND
FRE
QU
ENCY
OF
CHA
NG
E
-
EXECUTIO
N G
OV
ERNA
NC
E
Mode 1
Mode 2
1 #GartnerSYM
Bi-Modal IT
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016
![Page 23: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/23.jpg)
High Priority Projects for US Insurers in 2016
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 23
Percentage of respondents citing each area among their top three priority projects Source: Novarica Research Council CIO Survey
0% 10% 20% 30% 40% 50% 60%
Costs and Budget
Security
IT Opeartions
IT Infrastructure
New Capabilities
Data and Analytics
Digital/User Exp
Core System
High Priority Projects for Insurers in 2016
![Page 24: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/24.jpg)
Can you Execute? Critical Success Factors
• Executive Commitment
• Team Culture
• Due Diligence
• Strong Partners & Methodology
• Robust Contracts & Effective Governance
• Scope Discipline
• Project & Risk Management
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 24
![Page 25: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/25.jpg)
Cyber Security
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 25
![Page 26: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/26.jpg)
State of Cyber Security: Key Stats
Cyber crime incidence continues to rise and outstrip pace of defensive investments
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 26
8%
13%
14%
14%
19%
29%
0% 5% 10% 15% 20% 25% 30%
Germany
Australia
United Kingdom
Japan
United States
Russia
Source: Ponemon Institute
One-year net change in cyber crime in six countries Net change could not be calculated for Brazil N=252 separate companies
![Page 27: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/27.jpg)
State of Cyber Security: Key Stats
For 2015 – There were 38 percent more security incidents detected than in 2014.
• Source: “The Global State of Information Security Survey 2016” | PWC
– Even fewer SMBs (29 percent) used standard tools like configuration and patching to prevent security breaches, compared with 39 percent who did so in 2014.
• Source: “Cisco 2016 Annual Security Report” | Cisco
– The median number of days that attackers stay dormant within a network before detection is over 200.
• Source: “Microsoft Advanced Threat Analytics” | Microsoft
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 27
![Page 28: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/28.jpg)
State of Cyber Security: Major Breaches 2015
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 28
Represents only
30% of the 620 million records lost
in 2015
![Page 29: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/29.jpg)
State of Cyber Security: Sources of Loss
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 29
![Page 30: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/30.jpg)
State of Cyber Security: Crypto malware trend
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 30
Ransomware: Would you pay?
Crypto-ware is everywhere • The ratio was 83% in Q4 2015
• Large percentage delivered through email
• Typical payment was one or two bitcoins ($500 to $1,000)
50%
72% 81% 83%
50%
28% 19% 17%
0%
25%
50%
75%
100%
1Q 2Q 3Q 4Q
Cryto-ransomware Ransomware
Compared to last year’s data, this year’s crypto-ransomware numbers steadily rose up to the end of 2015 and
even overtook ransomware.
![Page 31: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/31.jpg)
Cyber Security: Building your Defense
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 31
Implementation of key security safeguards A quality building
requires quality architects, materials and builders
A quality security program is no different
![Page 32: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/32.jpg)
Cyber Security: Use a Framework
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 32
• Align with NIST Cyber Security Framework
• Define and oversee Security Program & Strategy
• Coordinate interdepartmental affairs
Basic Components
GOVERNANCE
PROTECT
DETECT
RESOLVE
• Layered Defenses
• Extensive and Continuous Monitoring
• Incident Response
![Page 33: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/33.jpg)
PROTECT
DETECT
RESOLVE
Cyber Security: Framework Components
Layers of Defense
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 33
Extensive and Continuous Monitoring
Incident Response
• Informed Mindset & Culture • Policies & Standards • Relevant Technologies (e.g., firewalls, anti-malware) • Training & Awareness (everyone, not only IT)
• Security Event Data Collection • Security Information & Event Manager (SIEM) • Intrusion Detection / Prevention System (IDS/IPS)
• Risk-based Triage • Incident Management Leadership
(Human Resources, Legal, Compliance, IT) • Well-rehearsed Procedures • Forensics Capabilities
![Page 34: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/34.jpg)
Cyber Security: Landscape Assessment
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 34
PROTECT DETECT RESOLVE
Virus Control
Basic Access Management
Content Filtering
Vulnerability Management
Encryption
IDS/IPS
Security Awareness
Scenario-based Training
Firewall
IDAM& Single Sign-on Anomaly/End Pt. Detection
Email Attack Protection
Data Classification
Network Segmentation Network Access Control
Data Loss Prevention
Email/Spam Filtering
Multi-Factor Authentication
Privileged Access Management
Threat Processing
Rights Monitoring
Security Assessments
Mobile Security
Incident Response
Pen Testing 24/7 SOC
Denial of Service Defense
Cloud Security
Forensics
At Standard
Improving
Improvement Needed
Configuration Mgt. & Hardening
Security Skills Training ( IT ) Extranet Monitoring
![Page 35: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/35.jpg)
Cyber Security: Tips
• “You can’t boil the ocean” – Protection commensurate with importance of asset
• “Many hands make light work”
– Every manager and every employee ‘owns’ security too – Train and train again
• “Box ticking won’t work”
– This isn’t about compliance, it’s about ownership Compliance is about meeting a minimum standard
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 35
![Page 36: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/36.jpg)
Cyber Security: Tips
• “Tone at the top” – Granting endless exceptions to security policy
undermines the entire program
• “The best things in life are free” – Make sure the assets you own are configured and
operated as securely as they can be. This includes patching. No amount of shiny new security ‘medicine’ will overcome poor basic hygiene
– Train your finance staff to be skeptical of emails and phone calls requesting funds transfers
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 36
![Page 37: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/37.jpg)
Cyber Security: Final Tip
• You’re not alone – Join an ISAC – http://www.isaccouncil.org/memberisacs.html
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 37
![Page 38: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/38.jpg)
Questions
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 38
![Page 39: MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA](https://reader034.fdocuments.net/reader034/viewer/2022042109/62570b734931274aca6eb6f6/html5/thumbnails/39.jpg)
Comprehensive IT Strategy for Insurers John Connors Chief Information Officer, Gen Re The pace of change in the insurance industry continues to challenge insurers’ ability to react and evolve as well as manage their day-to-day operations. Nowhere is the challenge greater than in technology. Insurer CEOs consistently respond that technological change is the biggest risk, and opportunity, to their companies. Insurers need to develop a comprehensive IT Strategy that balances the competing forces of modernization (whether legacy system replacement, mobility and cloud computing, or digitalization initiatives), and the need to reduce the overall cost of IT to the organization. John Connors, our Chief Information Officer is responsible for this strategy at Gen Re and will share with you the key considerations and recommended approach to navigating this complex area. Most importantly, he will describe the need for and approach to starting with the business strategy and fundamentally connecting the IT Strategy to key business objectives.
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 39