Intelligently designed, location and portfolio level intelligence. For 25 years, Risk Frontiers has been leading the development of natural catastrophe models for the Asia-Pacific region. Learn more about our tools to quantify insurance and portfolio risk.
By Andrew Gissing, Risk Frontiers and Michael Eburn, Australian National University
Published in The Conversation, 13th December 2019
Bushfires aren’t the only catastrophic emergency Australia is likely to see. AAP Image/Mick Tsikas
Calls are growing for a national bushfire plan, including from former prime minister Malcolm Turnbull, who says they are an issue of national security and the federal government must provide hands-on leadership.
It’s true that more people are living in high-risk bushfire areas, emergency services are stretched and the climate is rapidly changing. Future crises are inevitable. We must consider the prospect of a monstrous bushfire season, the likes of which we’ve never seen.
But bushfires aren’t the only catastrophe Australia must prepare for. If we are to create a national crisis plan, we must go much further than bushfire planning.
Not just bushfires
In the decade since Victoria’s Black Saturday fires, we have improved fire predictions, night-time aerial firefighting, construction codes and emergency warnings. All of these have no doubt saved many lives.
There are calls for more resources to fight fires, as part of a coordinated national plan. But few people have proposed an all-encompassing vision of such a plan.
For a start, it should not be confined solely to bushfires. Far more people die during heatwaves and residential housefires. Tropical cyclones, floods and hail each cost our economy more.
Any plan must provide a strategic vision across these various facets for at least the next ten to 20 years.
A national firefighting force?
Calls for a national firefighting force to supplement existing state resources are fundamentally short-sighted. A national force – quite apart from the level of duplication it would create – would spend much of its time idle.
Even during severe fires, such as those now raging, there would be limits to its usefulness. At a certain point, the size and energy of the fires means no amount of firefighting technology will extinguish them all.
Research conducted by Risk Frontiers, the Australian National University and Macquarie University through the Bushfire and Natural Hazards Cooperative Research Centre, has focused on better planning and preparedness for catastrophic events.
This research concludes it is unrealistic to resource the emergency management sector for rare but truly catastrophic events. It is wildly expensive to remain 100% prepared for the worst-case scenario.
Despite the smoke blanketing Sydney, we need to think beyond bushfires. AAP Image/Neil Bennett
Instead of simply scaling up existing arrangements, we need to think differently.
Bush firefighting could be improved by innovation and research. Future investments must focus on rapidly detecting and extinguishing ignitions before they spread out of control.
Everyone is responsible
States and territories are traditionally responsible for emergency management in Australia. But almost by definition, a catastrophic disaster exceeds one’s capacity to cope – inevitably drawing on nationwide resources.
This means preparing for catastrophic disasters is everyone’s responsibility.
Existing plans allow for assistance across state borders, and between state and federal governments. But there is no national emergency legislation defining the Commonwealth’s role or assigning responsibility for responding to a truly national disaster.
The Australian Defence Force has a well-defined support role in natural disasters but should not be relied on due to its global commitments. Expanding its role to firefighting would distract it from its primary role of defending Australia.
However, resource-sharing between states could benefit from more investment in programs that enable emergency services to work better together.
Bushfire haze at the SCG in Sydney during a cricket match. AAP Image/Craig Golding
International help in massive emergencies also needs better planning, particularly around timing and integration with local agencies.
Non-government organisations, businesses and communities already make valuable contributions, but could play a more central role. We could look to the US, which successfully uses a whole-of-community approach.
This might mean emergency services help community organisations provide aid or carry out rescues, rather than do it themselves. These organisations are also best placed to make sure vulnerable members of the community are cared for.
The most important task is to reduce the risk in the first place. The vast majority of disaster-related spending goes on recovery rather than risk reduction. Calls from the Productivity Commission and the Australian Prudential Regulation Authority (APRA) for more disaster mitigation funding have been largely ignored.
The federal government’s recent National Disaster Risk Reduction Framework highlights the need to identify highest-priority disaster risks and mitigation opportunities.
This would see priority investments in flood mitigation and strengthening of buildings against cyclones in northern Australia. (This will also help address insurance affordability.)
Land-use planning needs to be improved to reduce the chance that future developments are exposed to unreasonable risks.
Infrastructure must be constructed to the highest standards and, following a disaster, destroyed buildings should be rebuilt away from dangerous areas.
Finally, communities have the most critical role. We must understand our local risk and be ready to look after ourselves and each other. Governments at all levels must facilitate this spirit of self-reliance. Local leadership is crucial to any crisis plan and communities need to be involved in its construction.
Eastern Australia’s bushfire crisis has triggered emotional arguments for throwing resources at the problem. But planning must be careful and evidenced-based, taking into account the changing face of natural disasters.
by Salomé Hussein, Foster Langbein, Jacob Evans
On the afternoon of November 17th, 2019, the Bureau of Meteorology (BoM) issued a warning that Queensland would experience severe wind and giant hail. Multiple news sources reported cricket-ball sized hail in the greater Sunshine Coast region. Accompanying videos and images from social media, both during and after the event, often depicted the damage wrought by the deluge, with shattered car windscreens being a common sight. The Insurance Council of Australia (ICA) declared the Sunshine Coast storm a catastrophe two days later. The majority of claims lodged thus far have been for motor vehicle. The current estimated loss value is $115M as reported by the ICA. For comparison, the current bushfires (declared a catastrophe from November 8th) have an estimated loss of $165M.
Risk Frontiers implemented the same approach for this storm as for the December 20th, 2018 Sydney hail catastrophe. To determine storm footprints and estimate damage extents, the Maximum Estimated Size of Hail (MESH) algorithm ((originally due to Witt et al. (1998) ) was applied to radar volumes from the Australian Open Radar Dataset (AORD). The Marburg and Mt. Stapylton radars near Brisbane were chosen, over the time period from 10:00AM to 4:00PM AEST. Location of radars and the MESH results are shown in Figure 1. Image processing is applied to the cumulative MESH grid over the time period to extract the boundaries of the storm (using a threshold of 20mm, the criterion for a severe hail event in the BoM Severe Storms Archive). An ellipse is fit to that contour to compare against HailAUS, our detailed catastrophe loss model for hail, in order to estimate losses for the event.
Using the 20mm threshold ellipse fit and a range of hail sizes around the absolute maximum size detected of 7.7cm gives estimated damages of $150M +/- $40M using the HailAUS7.1 damage module against the PERILS 2018 Hail Industry Exposure Database. It is worth noting that the apparent storm footprint obtained from radar may not be equivalent to the ultimate damage footprint. The hail trajectories as they fall from the stormcell will be influenced by ambient wind. There is also a discrepancy in the location of max hail size relative to the ellipse centroid (the ellipse is fitted to an outer contour, but the 3D shape of that geometry is asymmetric along the ellipse axis).
Following the above event, on November 26th, the North Shore and Northern Beaches of Sydney experienced severe winds and pea-sized hail over a relatively short time window. The hail from this event is not expected to have generated much damage given the size. However, fallen trees from the wind disrupted transport and damaged structures and vehicles. The event caused multiple power outages in those areas, affecting 52,000 addresses at the peak of the storm with 13,000 addresses still without power 4 days later. The loss from this single event would be relatively small, but similar events could accrue substantial costs over the course of one season (hail is most frequent in the summer months).
 An Enhanced Hail Detection Algorithm for the WSR-88D, Witt et al, 1998
The Australian Government, through the Department of Home Affairs, has called for views regarding the cyber security strategy that Australia should adopt from 2020. This strategy will be the successor to the 2016 initiative which the Government accompanied with an investment of $230 million in cyber security. The call for views consists of a series of 26 questions ranging from technical solutions to legislative discussion. Few questions in the call for views were directly related to regulation and cyber insurance. In the response that Risk Frontiers submitted to the call, we stressed that Cyber Security is a risk and thus should be managed as such. This means that whilst mitigation and deterrence are important components in risk management, insurance has a role to play as a mechanism for risk transfer and for reinforcing robust cyber security practices through pricing and policy signals. Here is a summary of the top five questions that Risk Frontiers addressed.
4. What role should the government play in addressing the most serious threats to institutions and businesses located in Australia?
To accurately price risk, insurers require a robust quantitative understanding of frequency (how often) and severity (how much financial loss). These data are often obtained through years of claims data and experience dealing with natural catastrophes, for example. In the case of cyber-risk, this understanding is currently lacking. Overcoming this deficiency will require strong and pragmatic leadership from the government to ensure a cyber-risk resilient Australian economy.
The USA is amongst the countries with well-developed cyber security laws and regulations. In addition, the US government actively encourages US businesses to implement robust cyber risk management and, in particular, promotes the incorporation of cyber insurance into their Enterprise Risk Management strategy. According to a 2018 Aon report[i], the current global cyber insurance market premium is estimated to be between 4 and 5 billion US dollars with the US accounting for more than 80% of this market. Figure 1 shows the breakout of global cyber insurance premiums. The US market is considered to be maturing while the rest of the world is developing and expected to grow. In 2018, the Australian cyber insurance market premium was approximately $60 million US dollars, which was about 2% of the global market by premium volume.
In Australia, the recent enforcement of the Notifiable Data Breach (NDB) scheme as well as the introduction of APRA’s CPS 234 regulation are positive steps towards improving the resilience of Australian businesses to cyber threats. However, more information on breach frequency and severity needs to be shared with the insurance industry to assist in understanding frequency/ severity relationships underpinning risk transfer policies and to educate businesses and the community on the value of taking up cyber insurance.
Such governmental regulations have already proven effective for other countries and regions. In the case of the US, the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA) and the Federal Information Security Management Act (FISMA) form the three pillars for digital security compliance for businesses and governmental institutions.
Corresponding regulations for Australia are framed through the Privacy Act 1988 and subsequent amendments such as the NDB in 2017. However, compliance alone does not ensure resilience as shown by high profile cases such as the Target breach. At the end of 2013, hackers exfiltrated more than 100 million records containing credit card details and other Personally Identifiable Information (PII) from Target’s internal network. Target was PCI compliant and deployed state-of-the-art security systems but the breach still occurred due to a third party weak link, poor network segmentation and other system misconfigurations[ii]. Target did have cyber insurance that proved useful in offsetting some of the financial losses incurred during the post-breach response period. A well-planned response is an equally important defence strategy and cyber insurance will go a long way to providing a better incident response and business continuity.
10. Is the regulatory environment for cyber security appropriate? Why or why not?
Regulatory frameworks such as the NDB primarily focus on protection of privacy. In contrast, other regulation such as the CPS 234 is more balanced due to its focus on broader information security challenges beyond the protection of PII. While only currently enforced on APRA regulated entities, CPS 234 is applicable to other organisations and presents an encouraging point of departure to lift cyber security standards in the Australian economy. The standard is principle based and non-prescriptive, offering regulated entities scope to leverage their current investment in Information Security Management Systems (ISMS) to achieve compliance.
The 2019 update of CPG 234 (guidance for implementation of CPS 234) includes some concrete best practices such as information to be presented to the business board tabled in Appendix H. Implementation of the standard can be assisted by taking advantage of a standard cyber risk quantification framework such as Factor Analysis of Information Risk (FAIR).
The FAIR methodology is a quantitative approach that provides estimates on the frequency and severity of loss events using historical data, heuristics and expert opinions. FAIR is a comprehensive methodology that provides a framework for analysing tail losses through quantitative metrics such as Value at Risk. The quantification process provides a structured approach to prioritise risk and remediate efforts based on expected reduction in potential financial loss, enabling a prudent investment culture in cyber security based on established financial management principles.
15. Are there any barriers currently preventing the growth of the cyber insurance market in Australia? If so, how can these be addressed?
In the insurance industry, cyber-risk is broadly categorised either as affirmative (named as a risk) or as silent (covered without explicit recognition of the risk as it is not excluded). Increasingly, traditional commercial general liability and property insurance policies exclude cyber risk[iii] with insurers looking to provide explicit policies that are accompanied by robust risk management processes. However, there remains significant ambiguity, especially when it comes to attribution of a cyber-attack[iv][v]. This means that cyber insurance is emerging as a stand-alone coverage and insurance companies with “silent cyber” built into their products are exploring ways to isolate that component. Current cyber insurance policies are covering a relatively wide range of costs depending on the level of coverage. A comprehensive cover will typically include direct costs associated with a post-breach response. Figure 2 shows the classification of costs due to cyber-attacks[vi][vii]. Blue costs are direct first- or third-party losses and are usually explicitly attributed to the cyber event. Grey costs are less tangible and hard to measure. Costs with purple outlines are currently covered by various branded cyber insurance products. For instance, asset destruction is generally covered under silent cyber.
The first obvious observation here is that current coverage is generally restricted to direct costs and excludes intangible losses or long-term impacts such as reputational damage. One example is the 2017 Equifax data breach where losses in market share prices and subsequent security improvements were not covered by their insurance policy.
Another barrier for the growth of cyber insurance in Australia, and globally, is that cyber risk is not well understood. Brokers and underwriters lack the training and tools to quantify this emerging risk efficiently as the tools to assessing cyber risk (and hence pricing and policy construction) are different from traditional property and casualty insurance. In fact, current approaches to assessing cyber security risk rely heavily on manual assessments that greatly impede the scalability and application to small and medium enterprises. Unlike other mature risks such as those arising from natural catastrophes, cyber security risk is extremely hard to quantify due to its dynamic nature, the scale, the lack of physical boundaries upon which accumulations are analysed and the aggregate expertise required to produce a good model of the risk. This gap in cyber risk modelling has a major impact on pricing where premium prices becomes unsound or unaffordable for SMEs.
Another issue with current cyber insurance is regarding policy terms, which drives the lack of certainty in successful claims. Since cyber-insurance products are still young compared to P&C insurance, the policy terms are constantly being tested in court and usually contain explicit exclusion clauses for cases such as “act of war”[viii]. A recent example of a more subtle exclusion occurred in the court case confronting National Bank of Blacksburg to its insurer Everest National Insurance Company[ix].
The above issues and challenges can be addressed (at least partly) through:
- Governmental initiatives including the development of a compelling regulatory framework for cyber security risk as well as the promotion of the cyber risk management with particular emphasis on cyber insurance.
- The government should encourage and support collaboration between academia and the industry into paving the way towards better understanding and modelling of the cyber-security risk landscape as it pertains to Australian businesses. Without a proper understanding of the risk, there is only a small degree of price differentiation across different firms.
- The government also needs to work with insurers to assist in the “attribution” process (which is important for certain policy exclusions) and potentially consider establishing a cyber reinsurance pool.
- Finally, the government should increase awareness and provide platforms for SMEs to explore their alternatives in terms of cyber risk transfer.
16. How can high-volume, low sophistication malicious activity targeting Australia be reduced?
The first and foremost protection against high-volume and low sophistication threats is the adoption of good cyber hygiene. Credential management (password usage, multi-factor authentication for example), regular patching and employee training (resilience against phishing and frauds) are amongst the top low-cost but high return strategies to prevent attacks in this category. These types of attacks are most prevalent for lower-tier enterprises, which should be encouraged and made aware of the impact of good cyber hygiene. This cyber security strategy mirrors the public health management strategy in encouraging hand sanitation to minimise the spread of the common cold and flu viruses that help to prevent flu pandemics. Through insurance engagement, the insurance industry can provide the services as part of a broader product offering to increase cyber hygiene.
20. What funding models should Government explore for any additional protections provided to the community?
A cyber reinsurance pool is one form of funding that the Government should explore to improve confidence in the cyber insurance market, increase the resilience of the economy and community to cyber-attacks and, more generally, as a signal to build market confidence. For instance, in the UK, Pool Re was established by the insurance industry and the government as a reinsurance pool to protect insurance companies against large claims originating from terrorist incidents. Since 2018, Pool Re also covers cyber-terrorism14. Thus, similar extension or more innovative approaches, such as Hiscox’s cyber Insurance-Linked Securities[x], can be explored through the ARPC to cover cyber-attacks on critical infrastructures. Risk Frontiers can provide more detail on these schemes if required.
About Risk Frontiers
Risk Frontiers specialises in the assessment and management of risk across the Asia-Pacific region. We help organisations ranging from the global insurance industry and infrastructure operators to government departments and emergency services.
Our research and expertise cover major hazards affecting the region including floods, tropical cyclones, storms, bushfires, heatwaves, coastal erosion and earthquakes. We also continue the development of a cyber risk model in partnership with the Optus Macquarie University Cyber Security Hub.
Our work with government encompasses a diversity of projects including understanding community risk perception, evaluation of resilience and recovery programs, research into catastrophic disasters and the development of resilience frameworks.
As a partner of the Australian Research Council Centre of Excellence for Climate Extremes, Risk Frontiers is well positioned to deliver the latest in climate change solutions to enhance our clients’ decision making.
Rigorous, independent and data-driven, Risk Frontiers is one of Asia- Pacific’s leading providers of risk management and catastrophe modelling solutions.
 Risk Frontiers
 Security Express
[ii] Xiaokui Shu et al. Breaking the Target: An Analysis of Target Data Breach and Lessons Learned, 2017
[iii] Sasha Romanosky et al. Content analysis of cyber insurance policies: how do carriers price cyber risk?, 2019
[iv] Mondelez International Inc. v Zurich American Insurance Company. No. 2018L011008. Circuit Court of Illinois, October 10, 2018.
[v] Milton Mueller et al. Cyber Attribution: Can a New Institution Achieve Transnational Credibility?, 2019
[vi] The Council of Economic Advisers. The cost of Malicious Cyber Activity to the U.S. Economy, 2018
[viii] Mondelez International Inc. v Zurich American Insurance Company. No. 2018L011008. Circuit Court of Illinois, October 10, 2018.
Risk Frontiers has a great deal of experience in delivering a wide diversity of consulting projects for commercial, infrastructure and government clients relating to hazard analysis, social research, risk management, resilience planning, policy development and risk assessment.
The World Economic Forum has identified extreme weather and the failure of climate change mitigation and adaption as the most likely and highest impact risks globally.
Risk Frontiers’ Underwriting Solutions enables better risk selection, more informed decisions on premium and capital allocation, as well as quantitative understanding of peak risk aggregation, policy limits and deductibles.
Complex enterprises require diverse and experienced teams. We recruit talented people who are experts in data-driven science, passionate learners and keen policy thinkers. This blend provides unique insights for our stakeholders. Meet the people solving the problems of the future.
To subscribe to our briefing notes
please email: firstname.lastname@example.org.
Briefing Note 407 [December 2019]
Australia needs a national crisis plan, and not just for bushfires
Briefing Note 406 [December 2019]
November 2019: Sunshine Coast Hailstorm
Paul Somerville, Risk Frontiers
Once again, wildfires have caused catastrophic property losses in the late Californian summer, but loss of life is much lower than last year, possibly because of radical mitigation measures including the widespread use of deliberate blackouts to avoid ignition by power lines and related equipment.
Causes of Fire Ignition
In the United States, about 84% of wildfires are caused by human activity or equipment, with the remaining 16% caused by lightning. 95% of the fires that the California Department of Forestry and Fire Protection (Cal Fire) responds to are caused by human activity.
The largest cause of wildfires is electric power lines and related equipment. Pacific Gas & Electric (PG&E) transmission lines caused the 2018 Camp fire in Northern California, which razed 90% of the town of Paradise, killed 86 people and destroyed more than 13,900 houses. This loss was the reason PG&E declared bankruptcy based on an estimated liability of $30 billion for fires in 2017 and 2018 (RF Briefing Note 372; see also Briefing Note 375). Sceptics have pointed out that, with stable revenue from electricity and gas subscribers, bankruptcy was declared to shield the company from its liabilities. California Governor Newsom implied on 1 November 2019 that the State may become involved in the restructuring of PG&E. Some of the largest fires in Southern California’s history were also caused by power lines: Southern California Edison (SCE) and San Diego Gas & Electric (SDG&E).
Other causes of fires are sparks from vehicles and other equipment. The Carr fire in Trinity and Shasta counties, which killed 8 and destroyed more than 1,600 structures, was caused by sparks from a wheel rim exposed by a flat tyre. Failure to fully extinguish the Berkeley–Oakland Hills fire in 1991 resulted in it blowing out of control, killing 25 people and destroying over 2,200 structures. Camp fires are another cause, and two small fires lit by a lost deer-hunting hiker in southern San Diego County resulted in 15 deaths and the loss of over 2,300 structures. Arson is a rare cause of large fires in California.
Changes in the Frequency and Size of Fires
All ten of the largest fires in California have occurred since 1991. This is attributable, in part, to the increased numbers of houses located in regions of high fire hazard. However, in the past few years the winter rains (from storms originating in the Gulf of Alaska), that used to begin in late September (Figure 1), have been delayed by a month or more, which may be attributable to climate change. This has extended the fire season into October and, this year, into early November. The headline in an opinion article in the New York Times (2019) warned that “It’s the end of California as we know it” and declared that “at the heart of California’s rot” is the “failure to live sustainably.” The Atlantic (2019) wrote that “California is becoming unliveable.”
|Fires burning on 3rd November 2019 in California (Channel 4 TV)||Temperature and rainfall for Sonoma County, California. Source: LA Times and ChartFX.|
Mobile Phone Outages
According to the San Francisco Examiner on 4 November 2019, “As the lights flickered out and wildfires flared, PG&E’s blackouts also cut off thousands of Californians from cell phone service, leaving them unable to get emergency alerts or call 911. It exposed a troubling gap in the state’s readiness for mass outages that could, according to PG&E, keep happening for a decade. And it’s left regulators scrambling to find a fix — though it will be difficult. Neither California nor the federal government requires cell phone towers to have backup power, even though network service is a critical part of modern life. Instead, maintaining service is left up to cell phone companies, which have generators lasting days at some sites but batteries which can survive just a few hours at others. When those run out, they must send trucks to refuel or install generators, at times when fires may cut off roads, blackouts darken traffic lights and their own outages hamper communication. Companies said their personnel worked around the clock to put in place hundreds of generators during PG&E’s unprecedented and fast-changing power outages, but in some cases they couldn’t access sites because of the location — on top of buildings or in fire evacuation zones. They’re pledging to prevent future problems. But regulators, politicians and emergency response agencies are pushing for stricter rules to protect public safety.”
Fire Mitigation by Electric Power Companies
Responding to the declaration of bankruptcy by PG&E in 2019 following the fires in 2018, the major public utilities have engaged in intentional blackouts, to varying degrees, as a means to reduce fire ignition. These measures range from:
- no blackouts (Los Angeles Department of Water and Power, which admits that a branch blown from a eucalyptus tree onto its power lines ignited the Getty Fire beside the iconic Getty Museum)
- tightly targeted blackouts (in San Diego by SDG&E)
- less targeted blackouts (in Los Angeles by SCE) and
- large scale blackouts (in Northern California by PG&E instigating power outages for days and risked the health of people requiring power for medical support equipment)
The question of when to turn the power back on was highlighted by the outbreak of the Maria Fire 13 minutes after SCE turned the power back on in Ventura County on November 1. SCE is not yet conceding its fault but has announced that its electrical equipment will probably be found to be associated with the Woolsey fire of 8 November 2018, which burned more than 1,500 structures in Los Angeles and Ventura Counties and killed 3 people.
Financial Management of Fire Losses
In its quarterly earnings report, SCE disclosed that various fire and mudslide events could result in a liability of $4.7 billion, of which $1.8 billion will be borne by shareholders after insurance and other offsets. But in the company’s third-quarter earnings call last week, Edison International President and Chief Executive Pedro J. Pizarro said it was adequately prepared for the blow, saying on 1st November 2019 that the company “understands this is a difficult time for the many people who are being impacted. The company’s top priority is the safety of customers, employees and communities, which is why we continue to enhance our wildfire mitigation efforts through grid hardening, situational awareness and enhanced operational practices.”
The protocols for shutting down power are outlined in SCE’s 2019 Wildfire Management Plan. Incident management teams, that include meteorologists, base the decision on wind speeds, humidity and temperature, fuel moisture and fuel loading. Other less prescriptive considerations may include the potential effect on customers and communities, alternative ways to reroute power, the progress of the customer notification process and situational awareness from weather stations. The length of time customers are without power is one factor that may be considered in the decision to restore power. The plan states that, “The order in which circuits are re-energized will depend on many factors including, but not limited to, customer safety and well-being, consideration of affected essential services, damage to electrical and other infrastructure, and circuit design/topology.” Before power is restored, field crews inspect the lines for “any condition that could potentially present a public safety hazard when re-energizing circuits.”
The duration of a power outage can matter in small and large ways. Food may last only four hours in a closed refrigerator, while frozen food could last a day or two (depending on how full the freezer is) as long as the door stays shut most of the time. For those dependent on medical equipment requiring rechargeable batteries, time can be critical. SCE’s plan says it maintains a list of those customers and contacts them individually before a shutdown. If unable to confirm the notification, field representatives go to the customer’s house.
The Atlantic (30 October 2019). California Is Becoming Unlivable
New York Times (30 October 2019). It’s the end of California as we know it.