How can Artificial Intelligence (AI) help to embed an evidential culture of cyber resilience for insurers?
Following the Chartered Insurance Institute’s (CII)[1] research regarding cyber insurance knowledge gaps within firms, Adrian Harvey, CEO at leading AI provider Elephants Don’t Forget – which supports the employee competency improvement of some the UK’s top general insurers – examines how behavioural science & AI in the field of learning and development can support insurers to embed retention of critical subject matter and develop a positive and evidential culture of cyber resilience.
With the CII survey recently highlighting that cyber insurance knowledge gaps could result in mis-selling and poor customer outcomes; it was reported that almost six out of 10 insurance professionals stated they had not received any training about cyber risks even though they were involved with pricing or underwriting policies related to them.
Nine out of 10 insurance professionals actively stated that they wanted to learn more about cyber risks through their training, highlighting the requirement for continual professional development to ensure employee knowledge stays ahead of evolving cyber risks.
“However, it is vitally important for firms to remain vigilant about the methodologies they deploy to ensure that their training is continually retained.”
Harvey noted: “It is critical – from both a risk assurance and return on investment point of view – that the evidential outcome of their training actually improves the knowledge of their employees and provides insurers with the ability to forecast where their greatest individual people-based risks are and rectify these quickly.”
“We are elated that, in partnership with Elephants Don’t Forget, we have been awarded with a coveted gold award from this year’s Brandon Hall Group Excellence Awards 2021 in the category of Best Advance in Machine Learning and AI.
Clever Nelly – Elephants Don’t Forget’s employee-centric AI tool – has been instrumental in reinforcing our renowned approach to individual employee learning to ensure that, post-training, we can continually embed key learning concepts and quantify the impact of learning on our KPIs to further support the exacting standards of customer service and in-role colleague support that we set for ourselves at Aviva PLC.
This award is also representative of how, despite our geographical differences, both Aviva UK and Aviva Canada were able to implement an effective AI solution to further drive positive outcomes in different markets; showcasing the benefits of how employee-centric AI can play a primary role in helping our training, talent and engagement teams to continually develop the capability of our colleagues.”
“The methodologies requested by employees reported in the CII survey to help assimilate cyber awareness training may not provide the continual approach to learning which is needed to improve retention of critical subject matter and individual competency levels.”
The CII’s survey noted that, whilst almost all the respondents wanted more training about emerging cyber risks, most of the training methodologies requested were in the form of ‘default’ techniques such as online courses, webinars, self-selection e-guides and single-point-in-time assessments.
Harvey urges insurers to consider the shortcomings of these approaches and better understand the benefits of applying behavioural science within their learning and development deployment to better support their employees to retain key learning concepts.
“The principles of our AI – Clever Nelly – which is deployed by leading general insurers including Allianz, RSA, Direct Line, AIG, Legal and General, and Aviva; principles which, in conjunction with Aviva and Aviva Canada, recently secured a cooperative gold award at the Brandon Hall Group Human Capital Management (HCM) Excellence Awards 2021 in the category of Best Advance in Machine Learning and AI, have been cited as instrumental by the world-leading brands we support to ensure key learning concepts are continually embedded.”
Learn more about Elephants Don’t Forget and download a range of helpful resources
“Clever Nelly continues to be recognised as being invaluable to the insurers and financial firms we work with to help ensure their employees are knowledgeable and competent in critical subject material that relates to compliance, process, policy, and product. All of which can be difficult for employees to continually assimilate during the process of onboarding and throughout their careers.
Our AI enables our clients to methodically and repetitively attend to what employees need to be most effective in their individual role. Default training provisions – often characterised by employee engagement surveys, annual refresher training and single-point-in-time competency assessments – can run the risk of becoming perfunctory and offer little in the way of proactive indicators of genuine competency-related risks for firms.
They can also result in a reduction of objective employee engagement, diminished retention of critical-subject matter, and highly erroneous Management Information (MI) that is needed to inform individual performance management conversations and strategic business decisions pertinent to people-based risk in real time.”
“We commissioned a three-year study to assess the baseline competency of employees – many of whom work within the financial sector – analysing the responses to over 72 million competency interactions between 2017-19. Our analysis found that the average level of tenured employee competency stood at just 52%”.[2]
With reports now suggesting that if global multiline insurers fail to continually stay ahead of cyber trends then potential claims may no longer be insurable in extreme scenarios[3], prevention – through efficient training deployment – should be championed as a primary way for insurers to become more resilient to competency risks.
And, with notable insurers – including Hiscox – leading a renewed charge on highlighting that ‘human error is still by far the biggest vulnerability when it comes to cyber attacks’ and that ‘staff forgetting the basics of their training continue to manifest increased cyber risks for insurers‘[4], Harvey poses an interesting argument regarding the efficacy of traditional training methods for insurers and financial firms to consider.
“Is e-learning, annual refresher training, self-election training guides – supplemented with ad hoc simulation training – enough to really ensure employees are continually cyber secure in terms of their knowledge?”
“If the people inside your business are one of your biggest risks, insurers may need to focus more on effectively analysing individual employee behavioural decision making in real-time and fixing the knowledge gaps as they appear, rather than simply delivering perfunctory single point in time training or being reliant on employees self-electing to upskill their own knowledge. Simply satisfying training delivery per se – without ensuring competency is evidenced and, crucially, maintained – should be considered as a sub-optimal strategy to improve critical-subject knowledge pertinent to employee decision making.
Firms require a continual assessment methodology to assess individual cyber understanding and, when knowledge gaps are identified, instantly repair them. It’s about consistency and reinforcement; training at onboarding, six months, and annually cannot provide employees with effective patterns of learning behaviour to retain and apply their knowledge, especially as new risks appear – and the science behind this supports this idea.”
“Combine this issue with the fact that many employees are being deprived of vital peer-to-peer learning and face-to-face training due to hybrid working practices, financial firms face a significant amount of behavioural employee risk-taking and governance issues if competency is not being proactively maintained, analysed, and improved in critical subject areas such as cyber.
Employee centric AI – like Clever Nelly – is supporting insurers to assess and evidence individual competency levels cost-effectively and continually; automatically repairing any gaps or knowledge fade. It takes less than 1 minute 30 seconds of an employee’s day and engages with them in the flow of work, with no disruption to BAU.”
Find out more about the benefits of Clever Nelly
Spaced learning, repetition and self-testing, the principles behind our AI – Clever Nelly – have been cited as invaluable to some of the UK’s top general insurers we support including Allianz, RSA, Direct Line, AIG, Legal and General, and Aviva to help ensure their employees are knowledgeable and competent in critical subject material that relates to compliance, process, policy, and product.
Discover how it works…
Clever Nelly assesses and automatically repairs individual knowledge gaps cost-effectively and continually. It takes less than 1 minute 30 seconds of an employees’ day and engages with employees in the flow of work, with no disruption to BAU.
Sources:
[1] Chartered Insurance Institute, ‘Cyber Risk knowledge gap exposed by survey’, available here: https://www.cii.co.uk/news-insight/media/press-releases/articles/cyber-risk-knowledge-gap-exposed-by-survey/100869
[2] Elephants Don’t Forget, ‘Three-year competency assessment study’, 2017-19
[3] Insurance Times, ‘Insurers must ‘increase their knowledge and expertise’ around cyber risks, available here: https://www.insurancetimes.co.uk/news/insurers-must-increase-their-knowledge-and-expertise-around-cyber-risks/1438257.article
[4] Insurance Times, ‘Cyber insurance ‘needs to evolve’ as it is ‘not the right product’ for the future – Hiscox’, available here: https://www.insurancetimes.co.uk/news/cyber-insurance-needs-to-evolve-as-it-is-not-the-right-product-for-the-future-hiscox/1438375.article
