MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA
Transcript of MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA
A Berkshire Hathaway Company
MAY 1-4, 2016 THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA
MAY 1-4, 2016 | THE RITZ-CARLTON, DOVE MOUNTAIN, ARIZONA
A Comprehensive IT Strategy for Insurers Presented by John Connors, CIO Gen Re May 2, 2016
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 2
Agenda
Impacts of Technology in Insurance Developing a Comprehensive IT Strategy Key Considerations for CEOs Cyber Security Q&A
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 3
Impacts of Technology in Insurance
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 4
Technology Changing the Insurance Ecosystem
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 5
Technology 10
9
8
6
5
2
Pricing
Customer Expectation
Economy & Interest Rates
Regulations
Catastrophes
Digital technologies will continue to transform the market landscape
Impact of External Forces on US P&C Market in 2016 (0=Very low impact, 10- Very high impact)
Source: EY 2016 US property-casualty insurance outlook
Disruptive Technologies in Insurance
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 6
• Which of these are relevant to your business?
• What are the threats and opportunities? Challenge:
Mobile – Computing Everywhere
Cloud Computing
Digital Marketing
Robotics/ AI
Internet of Things
Sensors/ Telematics
Advanced Rating Engines
Decision Analytics
Social Collaboration
Drones
Cyber Security
Electric & Driverless Vehicles
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 7
Where “InsurTechs” May be Better or Faster
•Personalized Service •Online purchasing •Digital Claim Management
Customer Engagement
•Fraud detection •Storage of personal data • Identity verification •Blockchain
Security •Real-time risk mitigation •Pay-per-use •Adapted pricing
Data & Analytics
•Vehicle telematics •Home security •Body sensors •Asset tracking
Internet of things •Blockchain platforms
•APIs •Process Automation
Processing
Threats and opportunities across all functions
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 8
Impacts on Traditional Insurers
Expense advantage opportunity awaits the early movers
Back office Operations will be subject to radical change
Gen Y Customers & Technology
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 9
By 2017 a new breed of customer will start to dominate – Digital Natives
Source: PwC Insurance 2020: Digital
Developing a Comprehensive IT Strategy
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 10
Business Strategy
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 11
How will you determine a clear IT Strategy and measure its success if you cannot articulate your Business Strategy?
Product Innovation
Customer Experience
Speed to Market
Disciplined Underwriting
New Markets
Cost Optimization Distribution Channels Investment
Management Operational Excellence
Risk Management
Technology Strategy must follow and align with the Business Strategy
IT Strategy – Approach
1. Articulate Business Strategy
2. Determine the Business Capabilities
3. Assess the Current State Technology
5. Develop Common Vision & Target Architecture
4. Identify Gaps 6. Assess Solutions and Develop the Roadmap
BusinessServices
Advisor
Participant
Sponsor
Employee
B2B GatewayB2B Gateway
Institution
Constituents Interactions Components
Regulator
Vendor / PartnerSystems
Integration
TechnicalServices
Text Message
Phone PDA
Forms
Browser
Services
ProcessServices
VisibilityServices
OptimizationServices
InformationServices
Plan Setup
Participant Setup
Investment
Reserve Calc
Elections
SecurityServices
VirtualizationServices
Systems MgmtServices
DataServices
Product
Client
Marketingand Sales
Record-keeping
InvestmentMgmt
Financials
Pac
kage
Lega
cy
Cus
tom
Ext
erna
l
InstitutionView
ContactCenter
ParticipantView
FinancialAdvisor
EmployeeWorkplace
Processes
FinancialFinancial
ProductProduct
ClientClient
Offer andCampaignOffer andCampaign
Plan Participants
Plan Participants
InvestmentsInvestments
Data
Rules
Product
Plan
Process
OnBoardingOnBoarding
PricingPricing
FulfillmentFulfillment
CommunicationsCommunications
Contract SetupContract Setup
Receipt ofPayroll
Receipt ofPayroll
SocialMediaInfluencer
Paper
UserServices
RuleServices
ComponentServices
ServiceServices
ProcessServices
InteractionServices
DataServices
SecurityServices
Application Integration ServicesGateway Services Data Integration Services
Systems Management Services
Infrastructure Services
Common Services
Web Browser
Rich Internet Access
HTTP Server
Web Portal
Mobile
Disconnected
Collaboration
Telephony
Imaging
Database Mgmt
Data Quality
Document Mgmt
Business Intelligence
Reporting
ServiceRegistry
ApplicationServer
RulesEngine
BPM
Workflow
Authentication
Authorization
Encryption
Directory Services
GatewayServices Messaging Application Integration
HubETL Data Synchronization
Data Propagation Data Federation
Monitoring Backup and Recovery
Operating Systems and Platforms Job Scheduling ServicesVirtualization Services
Email / SMTP Fax Web Content Mgmt Document Generation Knowledge Mgmt Archival Audit and Logging
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
Institutional
Plan Sponsorand AdvisorSelf Service 3 5RM ServiceDesktop / ToolsOps ServiceDesktop / ToolsParticipantSelf Service 3 5PSC ServiceDesktop / Tools
Data Foundation
Data Strategyand OrganizationalReadiness 3 5OperationalData StoreData Warehouse
Core Data and Functional Services
Customer ProfileInstitutional ViewCustomer ProfileIndividual ViewProducts andServicesPlanFinancialsInvestments 2 3
Analytics / ReportingOperationalReporting 2 3Sales and MarketingAnalytics 5 8Risk ManagementReports and Analytics 2 4Operational ManagementReports and Analytics 0.5 1Corporate PerformanceManagementReports and Analytics(Finance and Pricing) 2 3
Document and Content Management Content Management
HP DialogueUpgrade 1 2iStreamReplacement 1 2Contract Management
ProcessAutomation
CFE and STARSRationalization 6 8NBS - PEAQ - ADB Alignment with STARS 0.25 0.5Additional ProcessAutomation 3 6
On-boardingTransition Team Services and Portal 1 1.5
Integration
Integration Strategyand OrganizationalReadiness 3 5ApplicationIntegration Platform 2 5DataIntegration PlatformRules Platform
ApplicationPlatforms PRT Solution 1 2
$40.75 $69.00
Cost EstimateProgram Project Year 1 Year 3 Year 4Cost
EstimateYear 2
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 12
Business Capabilities
Business capability describes the capacity, materials and expertise an organization needs in order to perform core functions
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 13
0% 10% 20% 30% 40% 50% 60% 70% 80%
Digital marketing/customer engagement
Reduced operational risk
Support new distribution channel
Policyholder self-service
Distributor ease of doing business
Speed to market for true-new products
Speed to market for product changes
Optimized internal workflows
Reduced opearting expenses
Business intelligence/data analytics
Top Capabilities that Business Wants IT to Deliver in 2016 and Beyond (percentage of respondents citing each in the top 3)
Midsize P/C
Large P/C
Source: Novarica Research Council Report
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 14
Systems of Engagement
• Distribution Channels • Underwriting • Customer Relationship
Management • Marketing • Learning & Talent
Management • Collaboration
Systems of Insight
• Risk Analysis • Decision Analytics • Data Warehousing • Reporting • Enterprise Risk
Management • Knowledge
Management • Actuarial – Pricing
Systems of Record
• Technical Accounting • Contract Management • Claims • Collections &
Disbursements • Policy Administration • General Ledger • Records Management • Reserving
Business Capabilities by System Category
Consider Your Current State
SWOT analysis of your technology landscape
What are the major pain points?
Where are the gaps?
Develop a Common Vision
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 15
Gen Re’s Technology Matrix
Develop a Future State Vision
16
Systems of Engagement Systems of Insight Systems of Record
L&H Cert Administration
Technical Accounting
General Ledger
Business Partner
Document Repository
Reserving Systems
Contract Administration
Risk Modelling & Analysis
Rating & Pricing Tools
Decision Analytics
Business Intelligence
Enterprise Data Warehouse
Knowledge Management
Traditional Reporting
L&H Underwriting
Business Process Management
Marketing
Collaboration
Mail & Calendar
PC Treaty Underwriting
Client Connectivity Portal Knowledge Sharing Straight Through Processing
Self Service Analytics Transaction Status Personalized Content
Employee Portal Task Management Calendar
Collaboration Personalized Content
PC Facultative Cert Admin Facultative Underwriting
Enterprise Risk Management
‘Single Purpose’ Apps CRM
Learning & Development
SAP Solution
Microsoft Solution
Other Solution
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016
2013 2014 2015 2016 2017 2018 2020
S O N D J F M A M J J A S O N D J F M A M J J A S O N D J F M A M J J A S O N D J F M A M J J A S O N D J F M A M J J A S O N D F M A M J
Project A
Project B
Project C
Project D
Project E
Project F
Project G
Project H
Project I
Project J
Project K
Project L
Project M
Project N
Project O
Modernization Roadmap
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 17
Sep 2014 Analysis or Prep
Blue Printing
Realization or Development
Warranty Support
Production – Roll Out
Decision Point
Sep 2015 Sep 2016
Mar 14 Nov 14 Sep 2016 Analysis
PUMA Production Definition Aug 2017
Aug 2017 May 2020 Aug 2016 Sep 2014
Oct 2016 Project Gap Analysis
May 2020 Aug 2017
Go Live in 2021
Go Live in 2021
Sep 2017 Aug 2018
Jun 14 Rel 1B Rel 2 Rel 3
IT Roadmap
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 18
• Corporate Priorities / Business Opportunity
• Technology and Product Maturity
• Scale of Investment Requirement
• Budget Distribution – Run vs. Transform vs. Grow
• Organizational Execution Capability (e.g. Resources & Skills)
• IT & Vendor Execution Capability
– Outsourcing of Legacy Systems
• ‘Bi-Modal’ IT
Sequencing Considerations
Key Considerations for CEOs
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 19
Adoption of Cloud Technologies
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 20
0%
10%
20%
30%
40%
50%
60%
70%
80%
SaaS/Cloud for core insurancesystems
SaaS/Cloud for non- coreinsurance systems
Current and Planned Deployment for Cloud/SaaS
Pilot/Test capabilities
Launch capabilities in this areafor the first time
Currently deployed
Source: Novarica Research Council Report
Transfer expertise required to the cloud
provider
Cloud based solutions can:
Reduce capital investments in
technology
Reduce cyber security risk
• Each constrains and enables the others
• All impact business capability
• Transforming one necessitates changing all
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 21
Operational Excellence
People
Technology Process
Operational Transformation
+
22
Gartner‘s1 Governance and Pace Layering Model for Bi-Modal IT
+
Systems of Engagement
-
Systems of Insight
Systems of Record
VEL
OCI
TY A
ND
FRE
QU
ENCY
OF
CHA
NG
E
-
EXECUTIO
N G
OV
ERNA
NC
E
Mode 1
Mode 2
1 #GartnerSYM
Bi-Modal IT
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016
High Priority Projects for US Insurers in 2016
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 23
Percentage of respondents citing each area among their top three priority projects Source: Novarica Research Council CIO Survey
0% 10% 20% 30% 40% 50% 60%
Costs and Budget
Security
IT Opeartions
IT Infrastructure
New Capabilities
Data and Analytics
Digital/User Exp
Core System
High Priority Projects for Insurers in 2016
Can you Execute? Critical Success Factors
• Executive Commitment
• Team Culture
• Due Diligence
• Strong Partners & Methodology
• Robust Contracts & Effective Governance
• Scope Discipline
• Project & Risk Management
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 24
Cyber Security
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 25
State of Cyber Security: Key Stats
Cyber crime incidence continues to rise and outstrip pace of defensive investments
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 26
8%
13%
14%
14%
19%
29%
0% 5% 10% 15% 20% 25% 30%
Germany
Australia
United Kingdom
Japan
United States
Russia
Source: Ponemon Institute
One-year net change in cyber crime in six countries Net change could not be calculated for Brazil N=252 separate companies
State of Cyber Security: Key Stats
For 2015 – There were 38 percent more security incidents detected than in 2014.
• Source: “The Global State of Information Security Survey 2016” | PWC
– Even fewer SMBs (29 percent) used standard tools like configuration and patching to prevent security breaches, compared with 39 percent who did so in 2014.
• Source: “Cisco 2016 Annual Security Report” | Cisco
– The median number of days that attackers stay dormant within a network before detection is over 200.
• Source: “Microsoft Advanced Threat Analytics” | Microsoft
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 27
State of Cyber Security: Major Breaches 2015
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 28
Represents only
30% of the 620 million records lost
in 2015
State of Cyber Security: Sources of Loss
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 29
State of Cyber Security: Crypto malware trend
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 30
Ransomware: Would you pay?
Crypto-ware is everywhere • The ratio was 83% in Q4 2015
• Large percentage delivered through email
• Typical payment was one or two bitcoins ($500 to $1,000)
50%
72% 81% 83%
50%
28% 19% 17%
0%
25%
50%
75%
100%
1Q 2Q 3Q 4Q
Cryto-ransomware Ransomware
Compared to last year’s data, this year’s crypto-ransomware numbers steadily rose up to the end of 2015 and
even overtook ransomware.
Cyber Security: Building your Defense
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 31
Implementation of key security safeguards A quality building
requires quality architects, materials and builders
A quality security program is no different
Cyber Security: Use a Framework
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 32
• Align with NIST Cyber Security Framework
• Define and oversee Security Program & Strategy
• Coordinate interdepartmental affairs
Basic Components
GOVERNANCE
PROTECT
DETECT
RESOLVE
• Layered Defenses
• Extensive and Continuous Monitoring
• Incident Response
PROTECT
DETECT
RESOLVE
Cyber Security: Framework Components
Layers of Defense
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 33
Extensive and Continuous Monitoring
Incident Response
• Informed Mindset & Culture • Policies & Standards • Relevant Technologies (e.g., firewalls, anti-malware) • Training & Awareness (everyone, not only IT)
• Security Event Data Collection • Security Information & Event Manager (SIEM) • Intrusion Detection / Prevention System (IDS/IPS)
• Risk-based Triage • Incident Management Leadership
(Human Resources, Legal, Compliance, IT) • Well-rehearsed Procedures • Forensics Capabilities
Cyber Security: Landscape Assessment
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 34
PROTECT DETECT RESOLVE
Virus Control
Basic Access Management
Content Filtering
Vulnerability Management
Encryption
IDS/IPS
Security Awareness
Scenario-based Training
Firewall
IDAM& Single Sign-on Anomaly/End Pt. Detection
Email Attack Protection
Data Classification
Network Segmentation Network Access Control
Data Loss Prevention
Email/Spam Filtering
Multi-Factor Authentication
Privileged Access Management
Threat Processing
Rights Monitoring
Security Assessments
Mobile Security
Incident Response
Pen Testing 24/7 SOC
Denial of Service Defense
Cloud Security
Forensics
At Standard
Improving
Improvement Needed
Configuration Mgt. & Hardening
Security Skills Training ( IT ) Extranet Monitoring
Cyber Security: Tips
• “You can’t boil the ocean” – Protection commensurate with importance of asset
• “Many hands make light work”
– Every manager and every employee ‘owns’ security too – Train and train again
• “Box ticking won’t work”
– This isn’t about compliance, it’s about ownership Compliance is about meeting a minimum standard
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 35
Cyber Security: Tips
• “Tone at the top” – Granting endless exceptions to security policy
undermines the entire program
• “The best things in life are free” – Make sure the assets you own are configured and
operated as securely as they can be. This includes patching. No amount of shiny new security ‘medicine’ will overcome poor basic hygiene
– Train your finance staff to be skeptical of emails and phone calls requesting funds transfers
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 36
Cyber Security: Final Tip
• You’re not alone – Join an ISAC – http://www.isaccouncil.org/memberisacs.html
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 37
Questions
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 38
Comprehensive IT Strategy for Insurers John Connors Chief Information Officer, Gen Re The pace of change in the insurance industry continues to challenge insurers’ ability to react and evolve as well as manage their day-to-day operations. Nowhere is the challenge greater than in technology. Insurer CEOs consistently respond that technological change is the biggest risk, and opportunity, to their companies. Insurers need to develop a comprehensive IT Strategy that balances the competing forces of modernization (whether legacy system replacement, mobility and cloud computing, or digitalization initiatives), and the need to reduce the overall cost of IT to the organization. John Connors, our Chief Information Officer is responsible for this strategy at Gen Re and will share with you the key considerations and recommended approach to navigating this complex area. Most importantly, he will describe the need for and approach to starting with the business strategy and fundamentally connecting the IT Strategy to key business objectives.
2016 Spring CEO Conference | John Connors | MAY 1-4, 2016 39