News & Commentary

01:03 PM
Colin Armitage, Original Software
Colin Armitage, Original Software
Commentary
50%
50%

Insurers: Avoid “Black Swans” in Product Launches

Insurers want to avoid a debacle like the launch of the federal government's healthcare website.

We've all seen it happen: An IT project plagued with delays, changes and complications goes so far off the rails that it becomes a liability. Seventeen percent of these so-called "black swans" end up threatening a company's survival, according to McKinsey & Company and the BT Centre for Major Programme Management at the University of Oxford.

Black swans are projects that exceed budget by more than 200%--sometimes as much as 400%. If one such project is tied to a product or service launch, it's easy to see how it could threaten the future of an entire organization.

In the insurance industry, where new concepts and products must be developed quickly and away from the competition's prying eyes, a black swan can be devastating to the company. Insurers want to avoid a debacle like the launch of the federal government's healthcare website, which was plagued by glitches and malfunctions from its October 2013 rollout to March's enrollment deadline.

Unlike most insurance product launches, however, the federal government's healthcare website is tied to a law mandating that people sign up, which virtually assured its viability once the kinks were fixed. In contrast, when insurers launch a product, it must be compelling on its own by providing an attractive new service or an unbeatable value.

Colin Armitage, Original Software
Colin Armitage, Original Software

Today, in a marketplace heavily influenced by e-commerce capabilities, many insurance customers seem more influenced by price than they are by brand loyalty, so a new insurance product launch must be trouble-free. That isn't easy, considering the complexity of the distribution network for insurance products. To reach customers, insurers use their own websites, call centers and online comparison services. The practice of creating white-label products for other companies and brokers also can complicate the process. Adding further convolutions are the myriad regulatory requirements, which vary by state and distribution channel, making development and deployment a major challenge.

To avoid a black swan, when insurers launch a new product, there should be no glitches or malfunctions in all the technical aspects of the launch, including the corresponding website. If the website does not function properly right off the bat, or displays incorrect pricing for a new product, the results can be fatal. Such errors can cause financial hits, the loss of customers and possible regulatory fines.

[Alfa to enhance rating, product development]

Disasters are avoidable, though. Implementing a quality management solution will help insurers introduce new products and get them to market in a timely fashion while still allowing for the rigorous testing that prevents glitches and compliance issues. Testing prior to a product launch is essential, and insurers should pay heed to the following when testing:

1. Validate all IT and business data and technology. To ensure the quality of the product and the systems supporting it, insurers must validate all relevant data and technology--on the IT and business sides.

2. Cover every aspect of a product launch. This includes relevant systems, data sets and processes, the people handling the product and all applicable regulations.

3. Test everything that could go wrong. Anything that could fail should be tested and retested to prevent malfunctions.

4. Test the live environment. Testing in a staging environment is common, but it's also less reliable. The only thing that matters is what is live, so test your production environment.

5. Use technology to ensure your software and website quality processes are fast and efficient. Functionality should include instant access to live information, real-time control of tasks and resources, workflow, and audit capabilities, as well as rapid system testing, regression testing, and user acceptance testing.

With insurance environments becoming increasingly intricate, insurers must protect themselves and their customers through thorough and transparent quality assurance. A quality management solution can ensure that the project and product launch stay on track--and help insurers avoid a black swan--which could be the difference between a product's success and its failure.

About the author: Colin Armitage is CEO of Original Software, a software testing solutions company serving more than 400 organizations, from multinational corporations to small development shops, operating in more than 30 countries.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Kelly22
50%
50%
Kelly22,
User Rank: Author
6/30/2014 | 7:45:55 PM
re: Insurers: Avoid “Black Swans” in Product Launches
Launching a new product is a risk for insurers, especially given the current decrease in consumer loyalty. If a product isn't unique, appealing and glitch-free at launch time, it'll be tough to attract customers. As insurers saw with healthcare.gov, extensive testing of a product and its technical aspects is essential and can save companies the hassle of addressing errors after launch.
KBurger
50%
50%
KBurger,
User Rank: Author
6/27/2014 | 5:12:50 PM
re: Insurers: Avoid “Black Swans” in Product Launches
These kinds of risks are, I think, a big reason for the shift from build to buy -- of course that is for systems insurers are implementing on their own behalf (as opposed to products they are developing to hopefully sell to their policyholders). But the concerns about launching something on time, within budget, that delivers on its promises are probably pretty much the same. I think it's safe to say that the healthcare.gov debacle was a very effective cautionary tale to insurers (and any kind of business) about launching something without proper testing and support.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.