All posts in Technology

How can cyber liability coverage help?


          Cyber Attacks – A Growing Business Interruption Threat

servicestop

Most traditional commercial general liability (CGL) policies will not cover business interruption losses due to a cyber event. Luckily, cyber liability coverage can fill that void.

Should your business be unable to perform normal business operations, a cyber liability policy can help pay for expenses related to an interruption. The coverage pays for:

        • Lost income due to the event

        • Profits that would have been earned had the event not occurred

        • Operating expenses, such as utilities, that must be paid even though
        business temporarily ceased

        • Rented or leased equipment

Cyber liability coverage also helps protect your business from the following events:

        • Data breaches, including costs for customer notification, some legal
        costs and credit monitoring for those affected

        • Damages to third-party systems, if, for example, an infected email from
        your servers crashes the system of a customer or vendor

        • Data or code loss due to a natural disaster or malicious activity. Physical
        destruction of equipment is covered under a different policy.

        • Cyber extortion, including ransomware, which is malicious code installed into
        a computer on your network that prevents you from accessing it until a
        ransom is paid

Even though business interruptions due to cyber attacks are relatively uncommon, being unprepared for one could prohibit you from doing business as usual. Contact Scirocco Group today to find out how we can help you avoid a business interruption.


Third-party interruptions can have a major effect on your business

You can still be affected even if it isn’t your business that experiences a cyber attack. Imagine what would happen if one of your vendors suffered an attack, resulting in a complete shutdown of its warehouse or website. Unfortunately, attacks on third parties are often out of your control. Such an event could have a profound effect on how much business you are able to do, and that would trickle down to your customers, who may rely on your products or services.

When you think about what usually causes a business interruption, natural disasters such as fires, earthquakes and floods probably come to mind first. These events can physically damage your property and equipment, making your workspace unusable for a time. The damages from Hurricane Katrina and Superstorm Sandy are great examples of how a natural disaster can put a halt to a business’ day-to-day operations. Many of those affected businesses remain closed to this day.

While natural disasters are still the main reason for an interruption, another cause is quickly moving up the ranks: cyber attacks. As businesses continue to rely on computers and digital storage of essential data, cyber attacks will continue to be a potential exposure. Read on to learn how a cyber attack could lead to a business interruption and what you can do to mitigate the risk.

servicesbottom

Ways to prevent a cyber attack from causing a business interruption


          Cyber Attacks – A Growing Business Interruption Threat

servicestop

A common saying in the cyber security world is, “It’s not if you’ll be a victim of a data breach, but when.” While 100 percent protection is impossible, you can help lower your chance of business interruption due to a cyber attack by following these tips:

        • Create a formal, documented risk management plan that addresses
        the scope, roles, responsibilities, compliance criteria and methodology
        for performing cyber risk assessments. This plan should include
        a characterization of all systems used at the organization based on
        their functions, the data they store and process, and their
        importance to the organization.

        • Make sure all firewalls and routers are secure and kept up to date.

        • Implement a cyber security policy that educates employees about
        the dangers of computer intrusions and how to prevent them. Scirocco
        Group can help you draft a cyber security policy specifically
        tailored to your company.

        • Download and install software updates for your operating systems
        and applications as they become available.

        • Implement a strict password policy and have employees
        change system passwords every 90 days.

        • Limit employee access to company data and information, and
        limit authority to install software. 

        • Make sure you are covered by a cyber liability insurance policy.

When you think about what usually causes a business interruption, natural disasters such as fires, earthquakes and floods probably come to mind first. These events can physically damage your property and equipment, making your workspace unusable for a time. The damages from Hurricane Katrina and Superstorm Sandy are great examples of how a natural disaster can put a halt to a business’ day-to-day operations. Many of those affected businesses remain closed to this day.

While natural disasters are still the main reason for an interruption, another cause is quickly moving up the ranks: cyber attacks. As businesses continue to rely on computers and digital storage of essential data, cyber attacks will continue to be a potential exposure. Read on to learn how a cyber attack could lead to a business interruption and what you can do to mitigate the risk.

servicesbottom

Hiring Independent IT Contractors



Technlogytop

Consider using an IT staffing agency. Using an IT staffing agency eliminates the potential headache of hiring a contractor yourself, as the agency will do all the legwork for you.

Do your homework. You usually get what you pay for when hiring an independent contractor. Good contractors may come with a hefty price tag, but when the reputation of your business is on the line, only the best contractors should do. Screen all potential contractors and perform a thorough interview to narrow down the best candidate for the task you need performed. Make sure to request references. There are several websites on the Internet where companies can hire IT contractors.

Avoid misclassification. Misclassification of an independent contractor can occur when a contractor receives many of the benefits of an actual employee, such as paid time off or health insurance, or is hired for an indefinite period of time. While the cost savings as a result of not having to pay contractor benefits or payroll taxes sounds enticing, the government enforces tough penalties for misclassification.

Retain knowledge. If you hire an independent contractor to perform tasks around the office, it is important to pay attention to what he or she is doing so that you won’t have to pay for the same services in the future. By learning the processes the contractor used to complete the job, you can use that knowledge in the future to keep costs down and increase security.

Develop a contractor-specific security policy. Intellectual property stored on your computer network is probably worth a lot of money. If you hire a contractor, make sure there is a policy in place to let him or her know your expectations for keeping your assets safe. The contractor should know that protecting sensitive information, such as lead lists, email addresses, medical records, credit card numbers and Social Security numbers should be the top priority while performing the task. Make sure your employees are aware of any security policies, as well.

Ultimately, it is in most companies’ best interest to employ a full-time IT staff, if possible. Full-time IT employees have the time to intimately learn your business’ network and are the best defense against cyber attacks, whereas relying on independent contractors can be expensive in the long run. If your firm does not have the size or scope to require full-time IT personnel, it’s important to set expectations with your IT contractor to ensure your data and systems remain safe and your security expectations are upheld. Whichever option your business chooses, cyber security should be taken very seriously.

When it comes to IT work, many small and mid-size companies just don’t have the budget to employ a full-time IT staff. Often, these tasks are performed by the owner or current employees with limited knowledge of how the company’s computer system or related tasks work. This creates potential cyber security problems that can lead to a data breach, theft or destruction of intellectual property and identity theft.

Luckily, businesses can hire independent contractors to assist them with all IT-related tasks. Businesses can reach out to contractors for short-term help, such as setting up a network or firewall or designing a company website, or opt for long-term contracts, such as providing 24/7 network troubleshooting support or developing cyber security policies.


technologybottom

Recommendations on Technology-Based Enrollment




Usefullinkstop

  • • Introduce the new enrollment software and train employees before open enrollment begins. Make sure all employees are comfortable with the software and that someone is available to answer additional questions and provide further help.
  • • Use various communication mediums for initial alerts concerning open enrollment to prepare employees for the process.
  • • Use existing resources to promote technology-based enrollment such as your company’s intranet, bulletin board postings or your newsletter.
  • • Encourage management to promote the use of technology-based enrollment to increase employee buy-in.
  • • Establish online communities or blogs where employees can discuss successes and problems they are having while enrolling. That way, they can assist one another with the process and HR can address any problems that employees may be having.
The enrollment period is a daunting time for both employers and employees; it is a lot of work for companies and can be a confusing process for workers. For instance, if you have 500 employees and offer 10 benefit plans with several documents correlated to each plan, you may be sifting through as many as 20,000 documents during open enrollment. However, by using technology-based enrollment, you can save time and money, make the process more efficient and user-friendly for your HR department and your employees.


Usefullinksbottom

Disadvantages of Technology-Based Enrollment




Usefullinkstop

  • • Employees may be intimidated by the software and may also desire interpersonal assistance, rather than making their selections via a computer.
  • • Employees may not make informed benefit decisions if they are only advised via the computer and are not provided personalized recommendations.
The enrollment period is a daunting time for both employers and employees; it is a lot of work for companies and can be a confusing process for workers. For instance, if you have 500 employees and offer 10 benefit plans with several documents correlated to each plan, you may be sifting through as many as 20,000 documents during open enrollment. However, by using technology-based enrollment, you can save time and money, make the process more efficient and user-friendly for your HR department and your employees.


Usefullinksbottom

Benefits of Technology-Based Enrollment




Usefullinkstop

  • • Every step of the benefits management process is automated, eliminating the need for paper-based processes and improving efficiency and accuracy.
  • • Online enrollment lowers the overall cost of providing services to your employees by eliminating the costs of distributing and collecting paper enrollment packets.
  • • Online enrolment shortens the enrollment cycle.
  • • Online enrollment enables employees to self-enroll in benefit programs, review their benefit data and report life event changes.
  • • Employees can choose plans based on eligibility criteria and can compare costs and coverage of previous elections against new offerings.
  • • Elections can be automatically applied to employee records.
  • • Employees receive written confirmations detailing their elections.
  • • Employees can easily view and update their records and plans.
  • • HR can check the status of enrollment in real time and may be able to generate detailed reports regarding the cost of employee benefits.
The enrollment period is a daunting time for both employers and employees; it is a lot of work for companies and can be a confusing process for workers. For instance, if you have 500 employees and offer 10 benefit plans with several documents correlated to each plan, you may be sifting through as many as 20,000 documents during open enrollment. However, by using technology-based enrollment, you can save time and money, make the process more efficient and user-friendly for your HR department and your employees.


Usefullinksbottom

How can a cyber attack cause a business interruption?


          Cyber Attacks – A Growing Business Interruption Threat

servicestop

Hackers, thieves and other unauthorized individuals have become adept at exploiting weaknesses in a business’ computer system, whether through traditional hacking methods or social engineering. There are several types of attacks that could completely cripple your ability to perform normal business activities, including:

        Malicious code that renders your website unusable

        Distributed denial of service (DDoS) attacks that make your website
        inaccessible to employees and customers alike

        Viruses, worms or other code that deletes critical information on a
        business’ hard drives and other hardware

It is quite easy to see how any of these events might leave your company scrambling to do business. Unfortunately, many smaller businesses don’t have the manpower available to detect the problem and work on fixing it, which only increases the length of an interruption.

When you think about what usually causes a business interruption, natural disasters such as fires, earthquakes and floods probably come to mind first. These events can physically damage your property and equipment, making your workspace unusable for a time. The damages from Hurricane Katrina and Superstorm Sandy are great examples of how a natural disaster can put a halt to a business’ day-to-day operations. Many of those affected businesses remain closed to this day.

While natural disasters are still the main reason for an interruption, another cause is quickly moving up the ranks: cyber attacks. As businesses continue to rely on computers and digital storage of essential data, cyber attacks will continue to be a potential exposure. Read on to learn how a cyber attack could lead to a business interruption and what you can do to mitigate the risk.

servicesbottom

Why Cyber Liability Insurance


        Cyber Liability Insurance

Technlogytop

A traditional business liability policy is extremely unlikely to protect against most cyber exposures. Standard commercial policies are written to insure against injury or physical loss and will do little, if anything, to shield you from electronic damages and the associated costs they may incur. Exposures are vast, ranging from the content you put on your website to stored customer data. Awareness of the potential cyber liabilities your company faces is essential to managing risk through proper coverage.

As technology becomes increasingly important for successful business operations, the value of a strong Cyber Liability Insurance policy will only continue to grow. The continued rise in the amount of information stored and transferred electronically has resulted in a remarkable increase in the potential exposures facing businesses. In an age where a stolen laptop or hacked account can instantly compromise the personal data of thousands of customers, or an ill-advised post on a social media site can be read by hundreds in a matter of minutes, protecting yourself from cyber liability is just as important as some of the more traditional exposures businesses account for in their general commercial liability policies.

technologybottom

12