For 168 years, Louis Vuitton has designed beautiful clothes and accessories. Now it’s also designing sustainable buildings.
This month, it opened its newest workshop, called Oratoire, a 65,000-square-foot building in the French town of Vendôme. The manufacturing facility was designed with sustainability in mind, and is part of Louis Vuitton’s broader effort to reduce its environmental footprint throughout its supply chain.
One of Oratoire’s key features is that instead of using traditional heat and air-conditioning, it regulates the internal temperature using nature, or what’s called a “bioclimatic” approach.
Oratoire was designed entirely by Louis Vuitton’s internal architectural department to keep up with steadily increasing demand for the brand’s products. It is one of the strongest-performing brands within its parent company, the luxury conglomerate LVMH, which reported a record $71.5 billion in revenue last year.
At this workshop, hundreds of craftspeople work at pristine white stations, constructing leather goods and accessories by hand.
The architects created a ventilation system featuring mini windows high up on the walls that have temperature-activated louvers, which allows air to circulate through the upper areas of the space—without gusts of wind blowing paperwork off the desks.
The interior is cooled by a network of rain-fed ponds and reservoirs on the northern side of the building, and the water from these features is ultimately used to nurture plants near the factory. A system of pipes under the floors circulates water to heat the building in the winter and cool it in the summer.
These bioclimatic elements help cut down on the building’s overall energy consumption, which is about half that of a traditional Louis Vuitton workshop. They also reduce greenhouse gas emissions.
The architects incorporated large floor-to-ceiling windows, particularly in the northern part of the building, to maximize the use of natural light, further reducing energy consumption. They strategically used fewer, smaller windows in the southern part, which can get excessively warm in the summer months.
The company’s architects used as many sustainable materials as possible, including recycled cement for the flooring, recycled metal for the structure, and Forest Stewardship Council-certified wood. This workshop serves as a template for others Louis Vuitton will build, including two set to open this year, in Drôme and Maine-et-Loire, France.
Across the U.S., many local governments and states are discovering their cyber insurance premiums have skyrocketed and that they must meet stricter guidelines if they want to get coverage or renew their policies.
[Photo: Colin Anderson Productions pty ltd/Getty Images]
BY JENNI BERGAL7 MINUTE READ
Horry County, South Carolina, officials were in for a shock earlier this year, when they discovered their cyber insurance premium would be spiking from $70,000 last year to about $210,000.
And if they couldn’t satisfy the insurance company’s requirements and prove they had the robust controls needed to protect and defend themselves against cyberattacks, they learned, they wouldn’t be able to get their $5 million policy renewed at all.
“The insurance companies have you over a barrel. There was not a lot of negotiation,” said Tim Oliver, the county’s chief information officer.
Across the United States, many local governments and states—as well as private companies—are in the same boat. They’re discovering their cyber insurance premiums have skyrocketed and that they must meet stricter guidelines if they want to get coverage or renew their policies.
“Cyber insurance used to be very cheap,” said Alan Shark, executive director of the CompTIA Public Technology Institute, a Washington, D.C.-based nonprofit that provides consulting services to local governments. “But things have changed, and insurance companies are increasing rates dramatically and raising the bar and making it harder to get insurance. Some local governments may no longer be able to get it.”
Insurance industry officials say the higher premiums for both public and private organizations are a result of rising demand for coverage amid more frequent and costly cybercrime incidents—often ransomware attacks. That means insurers have had to pay out more, which has led them to raise premiums and tighten standards for getting a policy. Some companies also have lowered caps on coverage or limited how many policies they write.
Last August, for example, American International Group, one of the country’s largest writers of cyber insurance, announced that rates for its clients had increased nearly 40% globally and that it was tightening the terms of its policies to address increasing cyber losses.
In the past three years, the number of cyber insurance claims reported in the United States rose by 100% a year, according to a May report by Fitch Ratings, a credit rating agency. In 2021, insurers paid 8,100 claims.
To reduce risk and potential losses, insurers are becoming more diligent during the application process about which safeguards and technology an organization uses to protect itself against cyberattacks, according to Loretta Worters, spokesperson for the Insurance Information Institute, an industry trade group.
“If a government entity or any business really has such vulnerabilities and fails to address them, it will likely result in either a higher premium or non-renewal of coverage,” Worters wrote in an email.
Companies now want to ensure organizations have updated software and firewall protections, a backup system, cyber training for staff and testing for vulnerabilities, among other requirements.
They also are requiring organizations to use multi-factor authentication systemwide, including for remote work. Such security technology confirms a user’s identity before they log in, usually through a randomized one-time password or number sent to a smartphone or email address.
Cyber insurance typically covers a variety of services, such as providing forensic expertise to investigate the attack, legal support, hardware replacement, data recovery and notification of people whose personal data may have been breached. Some policies also include ransom negotiations with the hackers and payment of the ransom.
The insurance changes largely spring from the explosion of ransomware, which hijacks computer systems, encrypts the data and holds it hostage until the victims pay a ransom or restore the system on their own. It typically spreads through phishing, in which hackers email malicious links or attachments and people unwittingly click on them, unleashing malware.
In 2020, ransomware attacks accounted for 75% of cyber insurance claims in the U.S., according to AM Best, a credit rating agency.
In the past several years, there has been a rash of ransomware attacks on cities, county governments, school districts, police agencies and health care systems. Local governments, especially smaller ones, can be easy prey because they may have fewer resources and staff with cybersecurity expertise.
In 2021, there were at least 77 successful attacks on local and state governments and another 88 on school districts, colleges and universities, according to Brett Callow, a threat analyst for cybersecurity company, Emsisoft. This year, as of late June, there were at least 28 attacks on governments and 33 on schools.
In Baltimore, where thousands of computers were crippled in a massive ransomware attack in 2019, it wound up costing the city at least $18 million—a combination of lost or delayed revenue and the expense of restoring systems.
The city, which didn’t pay the ransom and didn’t have cyber insurance, decided to spend about $835,000 for one year to buy $20 million worthto cover any additional disruptions to its networks. It continued to purchase cyber insurance annually.
Other local governments choose to pay the ransom because they need their data back quickly and think it’s the best option. Some figure it would be too costly and time-consuming to start over from scratch and rebuild everything.
Many local governments see cyber insurance as a necessity in case they’re attacked, which makes it even more disconcerting that their premiums have shot up and there are new requirements, according to Rita Reynolds, chief information officer at the National Association of Counties.
In the past year and a half, Reynolds said, instead of answering a few questions from their cyber insurance company when it was time to renew, counties now are being asked to fill out lengthy questionnaires about their security practices.
“Insurance companies are saying higher standards are needed at a higher cost and lower coverage,” she said. “It’s kind of like a perfect storm.”
Reynolds said these new requirements aren’t necessarily a negative as counties try to keep up their cyber defenses, but officials were surprised at how fast it’s happened.
“It caught a lot of us a little off guard,” she said. “Some of the things the insurance companies want are fairly easy to implement, but others can be costly and take time. You can’t just flip a switch.”
Counties want to be secure from cyberattacks and agree that they should be doing all they can to have the proper protections, Reynolds said. But those who don’t—or can’t—may find themselves unable to renew or get cyber insurance.
“Counties are scrambling,” Reynolds said. “And no matter what you have in place, the premiums have doubled, and sometimes tripled.”
Some local governments are switching to self-insurance, in which officials set aside a pot of money in reserve to be used in case of a cyberattack, according to Reynolds. Some are joining insurance pools with similar organizations and shopping for preferable rates.
Oliver, the South Carolina official, said his county didn’t find out about changes in its policy’s requirements until two months before it was time to renew. Fortunately, he said, officials were able to answer “yes” to all the initial questions about security protections. If they hadn’t, they would have been turned down.
Officials then spent the next two months responding to the company’s second questionnaire, which was dozens of pages long, Oliver said. The county was able to resolve issues and make fixes to meet the requirements.
The county council had to approve a budget resolution allowing officials to transfer money from another account to pay the $210,000 premium because it had budgeted only $70,000 for cyber insurance, he added.
Oliver said he is fortunate that his county, with a population of about 365,000 and about 3,000 employees, has four staffers dedicated to cybersecurity and the resources to pay for the insurance and meet the cyber defense requirements.
But smaller counties, which may not even have an information technology staff, may be unable to do either, he noted.
“They may be out of luck,” he said. “If they can’t get cyber insurance, the only option for a lot of these smaller organizations may be to cross their fingers and hope that they don’t get hit.”
In Lehigh County, Pennsylvania, with a population of about 375,000, officials also have had a stressful time getting their cyber insurance policy renewed, said Chief Information Officer Bob Kennedy. About a week before Christmas 2020, they learned that they wouldn’t be renewed because they didn’t have multi-factor authentication on all the computers accessed by staffers remotely.
Fortunately, Kennedy said, the county already was planning to make those changes and had purchased the necessary software. It was able to speed up the timeline and negotiate with the insurer to allow it make the changes in February 2021 rather than January. The premium rose 30%. And this year, he noted, the premium nearly doubled from $82,000 to $158,000.
“A lot of things they’re mandating are good things. There’s not too many hoops,” Kennedy said. “But the increased pricing is more of a problem. It’s requiring us to pay premiums that are going up year after year, even if you meet all those requirements.”
In the end, with all of the worry about cyber insurance, there may be a silver lining for local governments, said Reynolds, of the association of counties.
“They are becoming much more savvy about what they need to do,” she said. “With every challenge there’s an opportunity. And in this case, it’s an opportunity for them to improve their cyber defenses.”
Since health officials confirmed the first COVID-19 cases, misinformation has spread just as quickly as the virus. Social media may have made the amount, variety, and speed of misinformation seem unprecedented, but COVID-19 isn’t the first pandemic where false and harmful information has set back public health.
What sets the COVID-19 pandemic apart, however, is the sheer magnitude of damaging disinformation put in circulation around the world. Data shows that regions and countries where disinformation thrived experienced more lethal pandemic waves despite vaccine availability. In the U.S., for example, viewership of a Fox News program that downplayed the pandemic is associated with increased COVID-19 cases and deaths. Similarly in Romania, disinformation is a contributing factor to the country’s disastrous fourth wave of COVID-19.
The problem of misinformation has been so widespread that it has its own word: “infodemic,” a portmanteau of “information” and “epidemic.” Coined by journalist David Rothkopf during the 2003 SARS outbreak, it describes a situation where “a few facts, mixed with fear, speculation and rumor, are amplified and relayed swiftly worldwide by modern information technologies.”
Infodemics can affect economies, politics, national security, and public health. The COVID-19 infodemic became such a problem that the Royal Society and the British Academy released an October 2020 report noting its significant impact on vaccine deployment, endorsing legislation that prosecutes those who spread misinformation.
In general, these groups tend to also deny germ theory, claiming that infectious diseases are not caused by pathogens like viruses and bacteria. Instead, they promote the idea that pathogens don’t cause disease, but rather are a consequence of it.
Likewise, some denied the role of the HIV virus in AIDS infection. AIDS denialist Peter Duesberg was one person who disseminated this misinformation, which had been refuted by the scientific community at large. But his erroneous claim still reached the then president of the Republic of South Africa, Thabo Mbeki, who banned the use of lifesaving antiretrovirals in public hospitals. This decision resulted in the deaths of over 330,000 people from HIV/AIDS between 2000 and 2005.
Mbeki’s decision was considered so damaging that scientists and physicians worldwide signed the Durban Declaration, reiterating that HIV indeed causes AIDS and urging Mbeki to reconsider his decision. While the government did reverse the ban after strong international political pressure, the damage had been done.
GAIN OF FUNCTION CLAIMS
Gain of function experiments involve manipulating a pathogen to understand what contributes to its ability to cause disease. At the same time, such experiments can give pathogens new abilities, such as making viruses more transmissible or more dangerous to humans. Conspiracy theorists have made claims that the COVID-19 virus resulted from alterations to a bat version of the virus that gave it the ability to replicate in human cells.
But these claims ignore several key facts about the COVID-19 virus, including that all coronaviruses from bats can infect humans without additional adaptation. The mutations that increased the transmissibility of COVID-19 occurred after it started circulating in people, resulting in even more infectious variants.
HIV also saw conspiracy theories claiming that it was created in a lab for genocide. But research has shown that HIV also naturally evolved from an animals. African nonhuman primates are natural hosts to a vast group of viruses collectively called simian immunodeficiency viruses (SIV). Despite their high rates of SIV infection in the wild, these primate hosts typically don’t experience symptoms or progress to AIDS. Throughout the evolutionary history of SIV, jumping to a new host species involved naturally occurring genetic changes over the course of thousands of years.
During a public health crisis, researchers and health officials are learning about a disease in real time. While missteps are expected, these can be perceived by the public as hesitation, incompetence, or failure.
As researchers looked for possible COVID-19 treatments, others were offering their own unproven drugs. Multiple treatments for COVID-19, including ivermectin and hydroxychloroquine, were tested and abandoned. But not before large amounts of time, effort, and money were spent on disproving claims that these were supposed miracle treatments. Similarly for HIV, frustration and anxiety from a continued lack of available treatments amid rising deaths led to fraudulent cures, with price tags of tens of thousands of dollars.
Even though treatment delays and changing guidelines are a natural process of learning about a new diseases as it unfolds, they can open the door to disinformation and generate distrust in doctors even as they care for infected patients.
The next pandemic is not a question of if but when and where it will occur. Just as important as devising ways to detect emerging viruses is developing strategies to address the misinfodemics that will follow them. The recent monkeypox outbreak has already seen similar spread of mis- and disinformation about its source and spread.
As author Gabriel Garcia Marquez once said, “A lie is more comfortable than doubt, more useful than love, more lasting than truth.” Countering misinformation is difficult, because there are reasons other than ignorance for why someone believes in a falsehood. In those cases, presenting the facts may not be enough and may sometimes even result in someone doubling down on a false belief. But focusing on urgent scientific and medical needs to the exclusion of rapidly addressing misinformation can derail pandemic control. Strategies that take misinformation into account can help other pandemic control measures be more successful.
Cristian Apetrei is a professor of immunology, infectious diseases and microbiology at the University of Pittsburgh Health Sciences.
Some conversations feel more manageable than others. It’s easy to talk with your colleagues about the Netflix show you’ve been binging, the vacation you have coming up, or even the annoying coworker you have in common.
Other conversations feel trickier, especially those where we are concerned about rocking the boat, worried about hurting someone’s feelings, or not wanting to put a colleague in a difficult situation. This could be anything from giving some challenging performance feedback to telling someone no to their request for a more flexible schedule, or asking someone to change their tone of voice when speaking to a client.
Chances are, those are the interactions that keep you up at night. And, as a result, these may be the ones you’re most likely to avoid. It’s ironic, isn’t it? These potential conflicts are taking up valuable headspace, and yet, we’d rather calculate and ruminate than activate.
Why? Well, you might think that by avoiding a conversation you can prevent hurt feelings–yours or theirs. Or you may tell yourself that you don’t have enough information to have “the talk” yet. Perhaps you’re not sure how they’ll react–or you can predict exactly how they react and you don’t want any part of that.
And we are very skilled at matching that resistance with mindsets that keep us quiet. Here are some common ones:
“I should just figure this out myself.”
“Asking for what I want or need will be an uncomfortable conversation.”
“I should put the team’s needs ahead of my own.”
“I don’t have the time to advocate for what I want.”
“I will be seen as pushy.”
Do any of these sound familiar?
And yes, there are times where the situation may resolve itself, or your concern isn’t critical to the relationship or work product, or the time to address it has really, truly passed. But far too often, we make up excuses for why we should delay or skip a conversation.
And then we may minimize the problem, pretend we don’t see the problem, hope that someone else will address the problem, talk to everyone else about the problem (other than the person we’re having the problem with), or just pray it goes away.
When that happens, we need some new mindsets and new language to help us step into a potentially uncomfortable conversation with the goal of achieving an outcome and tending to the relationship.
Here are some new mindsets to try that are more likely to lead to action:
“My needs are valid–as valid as anyone else’s. “
“If I don’t start the conversation, who will?”
“I’m curious about what could happen if I dealt with this now rather than wondering and worrying . . .”
“The most successful professionals model self-awareness. And that’s what I’m doing.”
“Telling the truth is a brilliant way to create healthy relationships.”
Once you have a new set of beliefs, you are more likely to feel more confident, willing, and brave.
Now, let’s look at some language you can use to start the conversation:
“I’d like to talk about something that feels important to me. When would be a good time for a conversation?”
“I need this to feel engaged/respected/safe at work, and I have some ideas of what we could do differently.”
“I am happy in my role, and I recognize that there’s something I need to feel even happier.”
“I notice I / we have a pattern. Here’s what I see as the issue. What do you think?”
“I’ve been avoiding talking to you until now because I’m not always sure the best time/way to approach you. I realize that I should have brought this up sooner, and I’m bringing it up now.”
Not every conversation needs to happen–but there are plenty you could be having instead of avoiding. And, once you start advocating for your own needs in a timely and honest way, you’re likely to feel less stressed and feel more confident that you are your own best advocate.