Print PDF version
Cyber Security Awareness
Please contact me about a quick, no-obligation insurance review.
 
 
 
 
 
 

Captcha AntiSpam Security
Visual verification
Please type in the code shown in the image.
CAPTCHAs are used to prevent automated software from performing actions which degrade the quality of service of a given system, whether due to abuse or resource expenditure.
Submit

What To Compare As You Shop For Cybersecurity Insurance

Bookmark and Share Cybersecurity insurance covers liabilities your company faces if you’re the victim of a cybercrime. While important, not all cybersecurity insurance policies are the same. Find the right coverage for your needs and vulnerabilities when you compare several cybersecurity insurance features.  

Coverage

Your cybersecurity insurance policy can include coverage for a variety of pre-loss and post-breach events.

  • Fraud
  • Data breaches
  • Extortion
  • Forensics
  • Customer notification
  • Business interruption
  • Public relations
  • Regulatory fines
With your insurance agent, decide which of these coverage types are necessary for your business. Consider the most expensive consequence of cybercrime for your business, and at least get coverage for that area. For example, your most expensive costs may come from notifying the public, investigating the incident or covering business interruption costs. After you determine which types of coverage you need, review different policies to ensure they meet your needs.

Policy Language

Different cybersecurity insurance carriers use different names for policy features. For example, companies can use “data breach fund”, “event management” or another name when describing the money allocated to handle a privacy event. Carefully read the policy and ask your insurance agent to verify any language you don’t understand. Then ensure you compare the same items as you shop around for coverage.

Exclusions

Be aware of policy exclusions that limit your coverage. Exclusions can include: 

  • Acts of terrorism. 
  • Events caused by employee negligence.
  • Failure to maintain security standards.
  • Third-party providers your company hires to perform business operations or store and manage data.
  • International locations.
  • Employees who work from home or travel.
Review these and other exclusions to ensure your business remains adequately covered by your policy.

Triggers

A trigger describes the event that launches your insurance coverage. You may wish to pay extra for coverage that’s triggered immediately when the issue happens rather than days or weeks later when you notice it and file a claim, but verify that your policy includes this option.  

Customer Service

Ensure you receive the best possible care after you file a claim when you evaluate a company's customer service. Ask for details about the investigation process and how long it takes to pay a claim. Check online ratings, too, for insight from other customers.

Price

Instead of automatically choosing the policy with the lowest bottom line, be sure your policy has everything you need. Also, remember to calculate how much a cybersecurity incident will cost your business as you choose insurance that could ultimately save you thousands of dollars and save your company from financial ruin.  

Cybersecurity insurance protects your business. Use these tips and talk to your agent as you compare coverage and purchase the right policy for your needs and vulnerabilities.
Scurich Insurance Services 831-661-5697 Website
 

False Fears and Legitimate Threats

Bookmark and Share The main thing to keep in mind when comparing real threats to false flags: The most boring interpretation of the truth is usually the one that's closest to being correct.

Remember Y2K? Everyone was worried that turning our computer clocks over from 1999 to 2000 was going to crash the whole system and leave the world in chaos. Some companies even made a pretty penny by selling software that would make your system "Y2K compliant." Then what happened when the clock actually turned over? Absolutely nothing at all.

All that wasted time and energy spent fretting over something as simple as a change of date, and the world just kept on turning.

We need to be able to distinguish between a real threat and an imaginary threat for the simple reason that managing those threats demands that we draw upon finite resources. The team that you have chasing after false alerts are going to be too busy to handle actual threats to your data. Skilled cyber-security professionals are in short supply, which means that even if you have it in the budget to double your current cyber-security staff, the candidates might just not be out there. You might need to make it work with the people you already have on board, and that means spending less time chasing after false alarms.

Here are some steps we can take towards wasting fewer resources in cyber-security:
  • Let the software do its job
Preventive antivirus software is a good start, but it's also a good idea to cross-check with regular scans. This is common sense, but you'd be surprised at how many people don't do this. A prevention-only based approach is going to lead to longer infection dwell time.
  • Follow your security team's lead
You hire people so that you have less to do, and you've likely discovered that you tend to get the best results when you give your staff some breathing room and let them use their own judgment. Unless you're a cyber-security professional yourself, there's no reason to micromanage how your security team handles their responsibilities.
  • Don't stress about far-fetched threats
You probably don't have members of Anonymous working all day to crack your system. Don't stress about it.

The truth is that cyber-security is something that a good security team and some professional-grade software can manage. It seems like every few years the business world goes into a panic about Y2K or hackers or some supervirus ravaging systems across the globe. The truth is that leaked passwords and garden-variety malware are your main concerns.
Scurich Insurance Services 831-661-5697 Website
 

Risks for Remote Employees

Bookmark and Share Modern technology has made it easier than ever for employees to work from home and still remain connected to their place of employment. Using remote employment has actually become a popular trend over the last ten years, especially since selling to the global market has become such an important factor in a business being competitive. Many businesses have found that they can minimize their expenses and attract international customers with more attractive prices if they decrease their overhead by allowing workers to remotely commute.

Despite the many benefits of using remote employees, there are downsides. Many employers considering this trend wonder how they can ensure workplace safety when the employee's physical workplace is their own home. Another consideration is the degree of employer liability in remote employment.

Fortunately, OSHA has addressed some of the safety issues surrounding remote employment. According to OSHA guidelines, employers are required to maintain a safe workplace, even for employees working from their own home. OSHA will not require an employer to inspect a remote employee's home worksite, nor inspect it themselves.

However, OSHA may inspect the worksite of an employee that's performing an at-home job on behalf of their employer if it possibly involves health or safety hazards and there's a complaint. A record of all occupational illnesses and injuries must be kept on all at-home workers if an employer is subject to OSHA record keeping requirements. Keeping in mind that OSHA compliance measures shouldn't involve controlling the home worksite of employees, employers might need to take some additional practical measures to ensure OSHA compliance.

As far as safety compliance goes, the absence of immediate supervision for remote workers is one of the main problems employers face. Experienced, highly-trained, long-term employers are generally the worst offenders when it comes to taking safety risks. This group of employees often become complacent due to the fact they're so accustomed and comfortable with their job, feel they're familiar with the job's hazards, and might have escaped disciplinary action when ignoring safety procedures or taking shortcuts in the past.

One of the best ways that employers can counteract the above dangerous attitude toward safety is by using a holistic approach to safety. Employers should focus and place great importance on each individual employee actively participating in the safety process and taking responsibility for their own safety. Whether at home, on the road, or at a remote jobsite, remote employees need to be ready, willing, and able to take the appropriate actions to protect themselves in any given situation.

Employers will need employee support to make any approach to safety successful, which means that employers must have total employee involvement in the safety process. Involve your remote employees in the process of determining what's needed to prevent injury to themselves and others during remote location work. Most employers find that the experience and firsthand knowledge of their employees is actually very advantageous in creating safe remote worksites.

Remember, employees that understand the value of safety are more likely to be motivated and willing participants. They're also more apt to embrace safety behaviors for the longevity of their employment. Employers can reinforce their employee's positive attitude about safety by having electronic or person-to-person safety counseling in place and ensuring safety managers are encouraging safety participation.
Scurich Insurance Services 831-661-5697 Website
Logo
Copyright 2019. All rights reserved.