Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Emerging Technologies, Automation and Cybersecurity – What’s new and where are we headed?
Friday, September 16th(12:20pm to 1:10pm)
Page 2
Session Objective: Emerging Technologies, Automation and Cybersecurity – What’s new and where are we headed?
Agenda:20 to 30 minutes – Introductions and Panel Presentations15+ minutes – Q&A
Technology is consistently being implemented and improved upon within the workplace. It has the ability to change whole industries and allow for greater expansion and more opportunity to expand daily undertakings
• Understand what insurers are doing today to build a competitive advantage with technology, and discuss the future of technology innovation
• Focus on key technologies, such as cloud offerings, automation tools, mobility, data analytics and cybersecurity risks, and how it’s changing the way we operate and engage
• Learn more about the risks and benefits associated with emerging technology
ASK QUESTIONS – Text Questions to 732.770.3519
Page 3
YOUR PRESENTERS / PANELISTSIASA Metro NY/NJ CHAPTER
Moderator:Jerry Ravi, EisnerAmper, Partner, Consulting Services and Cybersecurity Practice Leader (ERM, Internal Audit & IT Advisory)
Panelists:James Tsai, Workday (Insurance Segment Leader)
Brian Hughes, Blackline (Solutions Consultant)
Deepesh Randeri, BrickStreet Insurance (Chief Information Security Officer)
Page 4
Emerging Technologies
Technology Trends
Data Analytics
Robotics Process
Automation
Information Security
Social Media
Mobile Devices
Cloud Computing
Page 5
Page 6
10. Longevity will improve
9. The risk landscape will change significantly
8. Policyholder interactions will increase
7. The business world will be less monolithic
6. Transportation will be autonomous
Top 10 Impacts
Technology is consistently
being implemented and
improved upon within the
workplace. It has the ability to
change whole industries and
allow for greater expansion
and more opportunity to
expand daily undertakings.
Page 7
5. The blockchain is coming
4. Behavioral Science takes a seat with Actuarial Science
3. You never know which next big idea will stick
2. Machine learning is here to solve workforce issues
1. Information security and risk is a top priority
Top 10 Impacts
The focus on insurance is due
in part to the perpetual slow-
moving nature of this field.
“When finances, security and
safety are on the line, you
don’t want to be playing catch-
up.”-Jennifer Fitzgerald Crunch Network Contributor
Page 8
Mobility
Source: Cisco
Enterprise mobility management (EMM) is the set ofpeople, processes and technology focused on managingmobile devices, wireless networks, and other mobilecomputing services in a business context.
Page 9
Risks of Emerging Technologies
Automated cars could eliminate hundreds of
thousands of jobs as a driver.
Bugs and breakdowns could cause major service or production delays.
Automated positions held within organizations could keep individuals from
employment.
Consistent learning curve for all employees to keep up with
advances.
Potential Risks
Page 10
CLOUD SOLUTIONS UPDATE
James Tsai, Insurance Segment Lead (Workday)
Page 11
The majority of Insurers are considering cloud suites for their ERP platforms in the next 24 months
Workday Confidential
60% will upgrade within 24 months
86% are adopting a suite or full ERP
platform
84% are favorable to cloud ERP
adoption
Source: Ward Insurance Systems Survey – April 2015
16%
18%
26%
21%
18%
Recent UpgradeUpgrade in next 12 MoUpgrade in next 12-24 MoUpgrade in next 24+ MoNo upgrade planned
17%
69%
14%
Replacing with Indiv. Components
Replacing with Application Suite
Replacing with HR/FIN Platform
13%
71%
16%
System entirely/partly cloud-basedSystem not cloud-based, would consider in futureSystem not cloud-based, would not consider
Page 12The New Cloud Construct
Workday Student
Page 13
Page 14
AUTOMATING THE FINANCIAL CLOSE WITH BLACKLINE
Brian Hughes, Solutions Consultant (BlackLine )
Page 15
Page 16
Continuous Accounting
RECORD-TO-REPORT PROCESS
Page 17
Continuous Accounting
RECORD-TO-REPORT PROCESS
Page 18
Efficiency, Control, Visibility
Automate your close activities‐ Automated reconciliation rules‐ Automated transaction matching‐ Workflow based review and approval
Use Continuous Accounting‐ Single integrated cloud platform‐ Scheduled loading of GL balances‐ Point in time reporting and analysis
Page 19
STATE OF CLOUD SECURITY
Deepesh Randeri, CISO (Brickstreet Insurance)
Page 20
Definitions of Cloud & Cloud Security
1. Gartner defines cloud computing as a"style" that can be applied in private,hybrid and public environments. This isconsistent with the NIST definition.
2. The general public understands cloudcomputing as “things accessed over theInternet.”
3. Cloud security addresses the processesand mechanisms used to control accessand usage of cloud‐based systems.
Page 21
Are you in charge of Cloud Security?
You feel compelled to solve the “cloud security problem”
But every suggestion is either too hot or too cold for you: No corporate policy just right for you No security product is just right for you
Too Little! Never
Just Right?
Too Much!
Page 22
Three Primary Areas of Cloud Security Concern
VirtualizationMultitenancy SaaS
Data out of your physical control
Shared processing with other customers
Minimal ability to set contract terms
No flexibility on service features
New vulnerability management and patching approaches
Software‐defined networking and security
No consensus on DevOps security approach
Complex, dynamic, distributed
Mostly under control of end users
Minimal transparency
No direct access to OS or database
You only get the features they provide
Complex, dynamic, distributed
Page 23
Top Three Reasons for not planning to use Public Cloud Services
Page 24
Public Clouds Are Secure!
• Gartner Position:• Clouds are usually a more secure starting point than in-house implementations.• Public cloud workloads can be more secure than in-house workloads.• SaaS applications are offering an increasing level of security and control
functionality.
• Justification:• No evidence indicates that CSPs have performed less securely than end-user
organizations – Quite the opposite.• The cloud business model enables and rewards high levels of provider rigor.
• Actions:• Reorganize yourself around how to safely and securely utilize cloud computing.• Don't put high trust into poorly managed clouds.• Track which clouds are used for what purpose.
Page 25
Mismanaged Credentials AreGreatest Source of Cloud Security Risk
• The rush to embrace public cloud, especially SaaS, meansthat reusable passwords are ubiquitous and poorly controlled:
• Cloud accounts are not always linked to directory services• External users are common• Privileged accounts are not well controlled• Activity monitoring is weak• Granular role-based access control is usually not provided
• This leaves data exposed to undetected misuse
Page 26
The Greatest Cloud Security Challenge ‐VISIBILITY
Page 27
Cloud Control
Page 28
Optimal CSP Transparency Information
Page 29
Strategic Planning Assumption
Page 30
Strategic Planning Assumption
Page 31
Make yourself Relevant to the Ubiquitous Cloud
Develop a corporate cloud strategy
Write and enforce policies on cloud usage and control
Develop technical and operational competencies for IaaS and PaaS
Develop processes and oversight for the effective use of SaaS
Page 32
Text Questions to 732.770.3519
Page 33
CONTACT INFORMATION
Jerry Ravi Partner, Consulting Services Group, EisnerAmper (732) 770‐3519 [email protected]
James Tsai Insurance Segment Lead, Workday (925) 667‐0903 [email protected]
Brian Hughes Solutions Consultant, BlackLine (646) 549‐9551 [email protected]
Deepesh Randeri Information Security Officer, BrickstreetMutual Insurance (304) 941‐1079 [email protected]
IASA Metro NY/NJ CHAPTER
Exhibits
Additional information on Top 10 Impacts to Emerging Technology
Page 35
Page 36
Robotics Process Automation
Robotic Process Automation (RPA) is the application of technology that allows employees in a company to configure computer software or a “robot” to capture and interpret existing applications for processing a transaction, manipulating data, triggering responses and communicating with other digital systems
Page 37
The Robotics / Automaton Evolution
Automation Robotic Process Automation Enterprise Process Robotics• Refers to executing single manual steps in processes, which mainly happen within and between business systems
• Task management – define, manage, monitor and report on the manual steps within an end to end process
• Integration of data flow rather than removing manual steps, e.g. data inserted in one system appears in another system as well
• Typically uses known and established technologies and point solutions such as BPM, workload automation, ETL, OCR
• Refers to software robots replicating a human’s manual activities performed on the user’s PC screen
• Can also include end user tools in the scope of automating a process
• A robot for every step
• A robot for every user
• Typically involves relatively new vendors and their technologies
• Executing end‐to‐end processes
• With manual intervention only for exceptions, approvals and judgements
• Independent of and across all involved business applications and end user tools
• Without the need to apply changes to the underlying business applications and respective processes
• Using business rules, encapsulated process IP and system intelligence to avoid the need for orchestration of manual work
PEOPLE DRIVE THE PROCESS
I/T PROJECTS AND OPERATIONS
AN ARMY OF DEVELOPERSFOR AN ARMY OF ROBOTS
I/T PROJECTS AND OPERATIONS
SOLUTION DRIVES THE PROCESS AND THE PEOPLE (WHEN REQUIRED)
BUSINESS DRIVEN PROJECTS AND OPERATIONS
Page 38
Technology is changing how we audit..
• Gaining effective insight through advances in visualization (“Audit by sight”)
Data Discovery and Presentation
• Alternative modeling and analytic techniques that can tackle audit objectives in hours instead of weeks
Agile Analytics
• Emerging methods to collect, organize, structure and search massive amounts of data not found in traditional databases
Unstructured Data
Integration
• Collaborative project management technology integrated into Audit Planning, Execution, and Reporting
Enhanced Audit
Management
Increased Risk Coverage
Efficient Audit cycle time
Insight in Real‐time or “Right‐time”
Manage Risk/ Return
Build a Learning Organization
Page 39
10. Longevity Will Improve
Biotech, smart homes, robotics and 3‐D printing are just some of the technologies helping people live longer.
Telematics, such as Fitbit®, help track and maintain data of daily routines.
Allows for individuals to be more conscious and wary of health, work, and personal time.
Scenario planning to assess the implications of possible outcomes and time frames for medicine and healthcare.
Page 40
Technology tends to be created or updated with the goal of reducing risk.
As society transitions to accept things like driverless cars and robotics, insurers will be navigating a winding path.
Who is liable for these new kinds of risks? The manufacturer, or the end user?
We will see more opportunities for new business to emerge as the industry changes.
9. The Risk Landscape Will Change Significantly
Page 41
8. Policyholder Interactions Will Increase
Mobile market is growing at an exponential rate.
Real‐time data streaming allows insurers to gain more information on policyholders.
Opportunity to create an ongoing relationship with policyholders and clients.
Should consider the implications of interacting beyond the relatively few communications.
Insurers have traditionally had a relative lack of
customer touchpoints.
Page 42
7. The Business World Will Be Less Monolithic
Working along with construction, medical, energy, and agriculture
companies.
There will be two fundamental questions for
insurers to answer:
1.) Which is the best fit for the core competency of the
industry?
2.) Who will own the customer relationship?
Must adapt to new roles, form new partnerships, and reevaluate their
role as an insurance agency.
Page 43
Driverless cars, commercial vehicles, marine vessels and trains will all begin to emerge.
There are two implications for insurers:• Commercial insurers will have to grapple with rapid changes in ownership.• Liability for the vehicles they insure will increase.
Insurers have an interest in the changes to the transportation infrastructure.
6. Transportation Will Be Autonomous
Page 44
5. The Blockchain Is Coming
Digital currencies based on blockchain could eliminate exchange rate risk.
Micro‐insurance transactions become more feasible with this kind of mechanism.
These contracts are a decentralized way to guarantee that information exchanged is trusted.
Building up behavioral sciences as a discipline will be a challenge.
Page 45
4. Behavioral Science Takes a Seat with Actuarial Science
More data means more kinds of data
are available to begin predicting the future.
The ability to measure and monitor everything raises the profile for behavioral
sciences.
Connecting with people more quick than before allows the opportunity to incorporate more
humanistic functions.
Building up behavioral sciences as a discipline will be a
challenge.
Page 46
3. You Never Know Which Next Big Idea Will Stick
Insurance technology startups are increasing at a rapid rate, but an estimated 9 out of 10 will fail.
Companies that will prosper are very likely to include some that
transform the industry.
Opportunities for investing, partnering, or learning lessons from these companies should be considered in strategic planning initiatives for other entities.
Page 47
Artificial intelligence and machine learning platforms could fill into rolls of other industries.
It is unlikely and undesirable for automation to replace all human experts
Automation could allow the smaller number of experts to multiply their impact.
2. Machine Learning Is Here To Solve Workforce Issues
Possibilities within the insurance industry could include:
Robots and drones could visit accident sites and perform damage assessments.
Automated advisors providing counsel on investment decisions.
Rules engines making more underwriting decisions.
Page 48
1. Information Security and Risk Is a Top Priority
Carriers must be cognizant and vigilant of the risk to their infrastructure.
Services that are already being created based on this data promise to be even more astounding in the future.
The drawback is an increased possibility of data being stolen, altered, and misused.
Damage to organizations reputation was biggest concern among executives, employees, and customers.
Page 49