As noted previously, Hurricane Katrina seems unlikely to trigger any catastrophe bonds to pay out. Hurricane Rita could be different:
Continue reading"Cat bonds have been largely untested until these hurricanes in the U.S., so the industry will be watching Rita very carefully," said Rene Cotting, a specialist in insurance-linked securities at ABN AMRO. "It’s possible some bonds will get hit."
— Catastrophe bonds face test with Rita Fri Sep 23, 2005 11:22 AM ET By David Wigan LONDON (Reuters)
News stories have said that Hurricane Katrina was a cat 4 and New Orleans levees were built to withstand a cat 3. However, Katrina made landfall quite a bit east of New Orleans, which meant that NOLA did not get cat 4 winds, rains, or flood surges. It turns out that the surge was 11 feet and the floodwalls were supposed to handle 14 feet.
Continue readingBut with the help of complex computer models and stark visual evidence, scientists and engineers at Louisiana State University’s Hurricane Center have concluded that Katrina’s surges did not come close to overtopping those barriers. That would make faulty design, inadequate construction or some combination of the two the likely cause of the breaching of the floodwalls along the 17th Street and London Avenue canals — and the flooding of most of New Orleans.
— Experts Say Faulty Levees Caused Much of Flooding By Michael Grunwald and Susan B. Glasser Washington Post Staff Writers Wednesday, September 21, 2005; Page A01
Immediately after Hurricane Katrina, reports were that catastrophe bonds for hurricanes probably would not be triggered.
Continue readingStandard & Poor’s has ratings outstanding on $4.25 billion of natural peril catastrophe bonds. Of this, $1.61 billion carries an exposure to North Atlantic hurricanes, generally covering the Gulf and Eastern Seaboard states from Texas to Maine.
— Catastrophe bonds not likely to attach, S&P’s reports 8/30/2005
According to a
U.S. Congressional Budget Office (CBO) estimate of 6 Sept,
the insured cost of Hurricane Katrina could exceed $30 billion.
According to
Swiss Re on 12 Sept.,
the insured cost is probably actually $40 billion. That makes Katrina the most costly disaster ever for insurers, higher than the $35 billion for Hurricane Andrew in 1992,
$32.5 billion for 9/11, or $15-$20 billion for the 1994 Northridge Earthquake in Los Angeles.
According to the Congressional Budget Office (CBO) on 6 Sept., the current estimate for private insurance payouts due to Hurricane Katrina is more than $30 billion dollars. This is not counting federal flood insurance and federal crop insurance, both of which will probably exceed currently allocated funding. Private insurance paid $32.5 billion after 9/11. Hurricane Andrew of 1992 cost about $35 billion in insurance. The Northridge earthquake of Los Angeles in 1994 that prompted catastrophe bonds cost somewhere between $15 and $20 billion.
Continue readingFor a year or more now, there have been some attempts to insure risks of open source, mostly attempts to protect against lawsuits claiming intellectual property infringement, such as the SCO lawsuits. Most of this protection has been organized by indivdual open source vendors, such as Red Hat, HP, or Novell.
Now Lloyds is announcing plans to offer wider coverage that is not tied to any particular vendor, in conjunction with an organization called Open Source Risk Management (OSRM). According to an article by Gavin Clarke in the Channel Register:
OSRM will assess both the risk of the software in use and the individual company, before passing on the risk to the appropriate insurance company on the Lloyds market.According to OSRM’s web pages, such coverage will go beyond the specific code sold by open source vendors, to also cover code modified by users. That is, it will cover open source as open source, not just as a specific vendor’s product. Continue reading
The $7 million settlement Microsoft won against spammer Scott Richter is all over the news, as it should be. Microsoft says it will dedicate $5 million of that to further spam fighting. Go Microsoft!
One story says that the spammer’s insurance company will help pay. If there was ever anything that should be excepted from insurance coverage, deliberately spamming (as opposed to your computers being used without permission by somebody else) should be it.
Continue readingI happened to run across two articles yesterday that mesh in an odd sort of way.
Chris Anderson writes in his blog: Is the Long Tail Full of Crap? Chris has for a while now been writing about the long tail of distribution. Take movies, for example. Traditionally, there are only so many movie screens and so much shelf space in video stores. Movies that are popular enough to draw a mass audience get on the screens and on the shelves. A movie doesn’t have to be as popular to get on the shelves as on the screen, but the idea is the same: beyond the fat head of distributed movies there’s a long tail of movies that fewer people want to see and that don’t get on the shelves. Yet many movies in the back catalog are high quality, and some people would want to see them if they could get them, as for example Netflix has demonstrated. The total value of the long tail is probably as high as that of the short head. Chris’s current post is largely about filters to pick out of the long tail what a given potential audience would consider quality.
Meanwhile, Clay Shirky in his blog writes about Situated Software. He gives examples of how throwing away the Web School virtues of scalability, generality, and completeness lets Internet product designers take advantage of small groups as testers, customers, and reputation systems, thus building small products fast that make their small group customers very happy.
It seems to me that Clay Shirky is talking about building quality products for the long tail; quality products that are already filtered for their target customers.
What does all this have to do with Internet business risk management? Maybe one way of dealing with risks outside the firewall is to tailor an enterprise’s (or customer’s) Internet connection for maximal utility and least risk for that particular customer, maybe by selecting the best-fitting connection, and maybe by constructing an insurance policy to cover problems that are likely to occur, especially where it doesn’t fit so well. Maybe the best way to build Internet insurance isn’t to make a few big policies; maybe it’s better to tailor a policy for each customer’s Internet situation.
Now tailoring has connotations of handmade, and there probably would be a professional services aspect to this. But what if that aspect consisted largely of presenting a few automatically-generated tailored policies for the customer to choose from?
-jsq
Several people asked if I would make the RSA presentation available.
You do have to register. But it doesn’t cost you anything, and we don’t spam.
There may also be a published article version soon.
-jsq
I’m speaking at the RSA Security Conference tomorrow, with two panelists from the insurance industry:
Designing Risk Transfer Instruments for Internet Risk-jsq