Safety Focused Newsletter - October 2017

Driver Safety After Dark

The approach of autumn brings less daylight, which results in an increase in traffic deaths. Follow these tips to stay safe during your evening commute.

5 Common Reasons for Injuries to New Employees

Almost one-third of workplace injuries involve workers who have been on the job for less than one year. Learn the most common injuries to new employees and how to prevent them.

Driver Safety After Dark

The approach of autumn brings less daylight, which results in an increase in traffic deaths. In fact, since drivers aren’t used to the decreased visibility, traffic deaths are three times more common after the sun goes down than during the daytime—both for drivers and pedestrians.

Studies suggest that it can take several days to adapt after daylight saving time ends. Although the extra hour of sleep is often celebrated, many people still feel fatigued. Whether you drive for your job or commute home from work in the evening, it is important to remember the following safety tips:

  • Test your headlights, and turn them on one hour before sunset and one hour after sunrise so other drivers can see you easily.
  • Do not look directly at oncoming headlights. Look toward the right side of the road, following the white line with your eyes.
  • Increase your following distance by four or five seconds to give yourself more response time.
  • If you have vehicle trouble, pull off the road as far to the right as possible. Set up reflector triangles near your vehicle and up to 300 feet behind it. Turn on your flashers and your dome light, and call for assistance.

5 Common Reasons for Injuries to New Employees

Thirty percent of all work injuries involve employees who have been on the job for less than a year, according to the Bureau of Labor Statistics. The following are the most common reasons for injuries to new employees, as well as ways to prevent them.

  1. Unfamiliarity with workplace hazards—Even if you will be doing the same job as you did elsewhere, don’t assume you’re aware of all potential job hazards and hazardous substances in your new environment. If you have questions, ask.
  2. Fear of asking questions—New employees may be too intimidated to ask questions. Remember that there is no such thing as a silly question when it comes to your safety. Also, be sure to use constructive criticism as a learning experience.
  3. Improper use of personal protective equipment (PPE)—Your past employer may have been lax with its PPE requirements. Don’t bring any bad habits to your new role. Feel free to ask for proper PPE training.
  4. Employer’s assumption of expertise—Some employers may be accustomed to dealing with employees who have been on the job for years and fail to realize the need to properly train new hires. Although your resume may be impressive, don’t assume that you’re qualified to do the job without proper training.
  5. Poor safety communication—A common cause of employee injuries is the inability to understand urgent safety messages. Make sure you’re familiar with emergency safety protocols and that you understand not only what to do in an emergency, but also the method your employer will use to communicate the safety message.


HRL - Employees - Happy

Who’s using what in P&C insurance

With the emergence of 21st century technology, there are bountiful risks for the cyber lives of millions. In this article written by PROPERTYCASUALTY360, learn how different companies grow to combat the threat of employer risk.

You can read the original article here.


Guidewire Software, Inc. has entered into a definitive agreement to acquire Cyence, a software company that applies data science and risk analytics to enable P&C insurers to grow by underwriting “21st century risks” that have gone underinsured or uninsured. These emerging risks include cyber, reputation, and new forms of business interruption risk. “As traditional actuarial approaches struggle to address the unique characteristics of emerging risks like cyber, Cyence’s next-generation approach will enable insurers to broaden the scope and value of the products their policyholders need,” , Guidewire Software CEO and Co-Founder Marcus Ryu said in a press release.

In other news from Guidewire: MetLife Auto & Home has begun deploying Guidewire’s InsurancePlatform™ in a new cloud environment for customers using its MetLife Auto & Home MyDirect portal. MetLife Auto & Home is the first P&C insurer in the United States to offer a 100-percent digital experience from quoting to claim service. Rollout of the platform is expected to continue over the next several quarters.

Hearsay Systems recently announced a strategic alliance with Microsoft to help financial services firms empower advisors to be both high-tech and high-touch at scale in the digital age. The companies will focus on addressing the specific challenges faced by financial institutions, including the need for compliant advisor-client engagement technology that will enable advisors to better manage client relationships and grow business. The alliance will bring together the data-driven relationship insights from Microsoft Dynamics 365 with the financial industry-specific workflows, data and compliance capabilities from Hearsay, allowing advisors to more effectively acquire, convert and deepen client relationships.

Allianz Global Corporate & Specialty® (AGCS) has teamed up with Silicon Valley-based software company Zeguro, whose mission is to simplify and streamline cyber security and risk management  in small to medium-sized businesses (SMBs). Through its easy-to-use platform, Zeguro will serve as a virtual Chief Information Security Officer (CISO) to those who purchase Allianz’s cyber insurance coverage to further manage their cyber exposure and decrease the overall risk of financial loss following a cyberattack.

Accenture and Duck Creek Technologies recently teamed up to create several new digital and emerging technology solutions for P&C insurers that are designed to improve efficiency and value. The companies have integrated Accenture’s IoT and analytics technologies with Duck Creek’s core platform and launched a blockchain proof-of-concept for medical bill auditing. “These new tools are the product of our focus on providing a new generation of digital solutions to our insurance clients working in collaboration with our joint venture partners,” Cindy DeArmond, managing director and P&C Core Platforms Lead for Accenture in North America, said in a press release.

Louisiana-based Aparicio Walker & Seeling, Inc. (AWS Insurance) is live on TechCanary’s insurance platform replacing its outdated legacy agency management system.  TechCanary’s breadth and depth of insurance functionality built in Salesforce and flexibility to easily customize it further were key to the decision.

Speedpay, Inc., a Western Union company, and Nordis Technologies recently announced an alliance to offer cloud-based customer communications management services to Speedpay clients. This strategic agreement provides current and future Speedpay clients with the opportunity to add Expresso®, an easy-to-use, self-service application to organize, automate and execute print and electronic communications. Nordis also delivers print/mail and email production services, thus enabling a seamless end-to-end communications solution.

 

You can read the original article here.

Source:

PropertyCasualty360 (9 October 2017). "Who’s using what in P&C insurance" [Web Blog Post]. Retrieved from address http://www.propertycasualty360.com/2017/10/09/whos-using-what-in-pc-insurance-oct-9-2017?t=agency-technology?ref=channel-news


HRL - Office - Collaboration - Write - Paper

Better risk management means balancing old, new skills

What changes are happening within the P&C industry? Read this informative article written by  STEVEN R. CULP  and DUNCAN BARNARD of Property Casualty 360 degrees to find out!

You can read the original article here.


The P&C industry is undergoing fundamental change, with significant consequences for the risk function. New approaches to data, the workforce, partners and customers are changing the way insurers operate.

The stakes are high, and with interest rates low, revenue streams are under threat while new competitors are entering from all sides.

At the same time, insurers are encountering new obstacles — from regulatory uncertainty to reduced demand among millennials.  The Internet of Things, autonomous vehicles and other major shifts present major challenges along with large opportunities.

P&C insurers and insurance professionals can use these AI tools right now to run smarter, faster — and ahead of...

To survive — let alone thrive — insurers need to evolve. The scale of the evolution could be challenging, but many of the changes that are needed should add significant long-term value. For example, the availability of real-time data allows P&C insurers to think about new products and propositions to unlock predictive and opportunistic strategies.

 

Insurers are also rethinking their relationships with all stakeholders, becoming a "partner" to customers, brokers and other intermediaries while establishing deeper ties in adjacent industries such as automotive and home security. An openness to new technologies also demands a broader ecosystem of supply partners, including technology companies, insurtech firms, venture capitalists and digital specialists.

As we have done in alternate years since 2009, Accenture conducted extensive research in 2017 among nearly 500 global risk management executives in the financial services industry, including 190 in insurance.

We wanted, in part, to understand how insurers view the challenges facing the risk management function. We found that P&C insurers are facing the world with a bit more confidence than their life insurance counterparts. For example, only 61 percent of P&C respondents saw balancing the responsibilities for control and compliance with the need for effective customer service as a major impediment to effectiveness, versus 84 percent of insurers. And only 65 percent of P&C respondents reported being hampered by shortages of skills in new and emerging technologies, versus 71 percent of life insurers.

However, while there were some differences from sector to sector, we found that both P&C and life insurers are taking a more progressive approach to risk management when compared to our earlier research. They are investing to develop their risk functions in three key areas

Innovation is everywhere in insurance.

Innovation is everywhere in insurance. (Photo: iStock)

Harnessing digital innovation

Advances in big data and analytics are helping insurers better understand risk, build stronger predictive models and tailor customer relationships to suit personal preferences and risk attitudes.  At the same time, robot brokers are on the rise, new platforms are providing micro-pooling “social insurance” models, and sensors allow insured cargo to report every bump, scrape and drop impact it endures in transit. In parallel, some of the most transformative technologies are being implemented deep in the back offices of the world’s leading insurers.

P&C insurers and insurance professionals can use these AI tools right now to run smarter, faster — and ahead of...

The cloud is a great example. Our 2017 Global Risk Management Study finds that cloud technology is virtually ubiquitous—91 percent of insurers are using it — but just 26 percent are highly proficient in using cloud within their organization, 36 percent are not using it to its full potential, and 29 percent are only just introducing it. Respondents want to improve efficiency in response to cost pressures, and cloud is the top choice in this regard, with 77 percent indicating their risk function uses it to reduce costs.

Balancing old and new skills

New tools and processes change how risk teams interact with the business, alliances, regulators, customers and other external stakeholders, requiring new skills and a better balance of attributes across teams. Beyond quantitative skills, the risk management function needs to be able to deliver value by providing economic insights, generating new ideas and building strong relationships throughout the organization in pursuit of the overall strategic objectives.

To support these goals, some insurers are bringing staff into the risk function from other areas of the business to enhance credibility and facilitate relationships. Others are hiring from diverse disciplines, including economics, the law and engineering. There are few professionals who possess every skill the risk function needs. From general quantitative competencies to technology acumen, industry knowledge, niche risk specialties, communication skills, creativity and management experience, candidates with the whole package are extremely rare.

Integrating across the business

Currently, 54 percent of insurance respondents say there is limited coordination between risk management activities at the local level and the group level. While some aspects of centralization are desirable to enable a more aggregated and consistent picture for analysis and evaluation, the reality is that risk exists everywhere in the business and risk professionals need to be engaged throughout the business — not only at an aggregate level.

Central frameworks and tools help to provide a more standardized and coordinated response to regulation, a consistent set of rules for managing the portfolio of risks and the capability to perform complex and high-value calculations to measure risk exposure, liquidity and solvency. But decentralization is also valuable because local or specialized teams can focus on local regulatory requirements and market-specific topics. Any effective risk management function must be able to exist locally and centrally, being close to the business and connected across the organizational structure to manage the overall portfolio, including strategic and emerging risks.

As the study results indicate, the nature of risk is changing. It is up to P&C firms and their risk management functions to create and continually develop a dedicated emerging-risk working group that can identify and evaluate the nature of emerging risks and their potential impacts. That may be the best way to address the constant and disruptive change confronting the industry.

 

You can read the original article here.

Source:

Culp S., Barnard D. (6 October 2017). "Better risk management means balancing old, new skills" [Web Blog Post]. Retrieved from address http://www.propertycasualty360.com/2017/10/06/better-risk-management-means-balancing-old-new-ski?t=commercial-business%3Fref%3Dchannel-feature&page=2


HRL - Man - Working - Laptop

Using data to identify high-intent consumers

Does your company struggle with acquiring high performing leads? Check out this article from Property Casualty 360 degrees written by JAIMIE PICKLES.

You can read the original article here.


For years, insurance companies and agents have acquired third-party internet leads as an efficient way to supplement their own lead generation efforts. But with the shift toward digital engagement and increasing regulatory compliance concerns, acquiring high performing leads has become a much more complicated venture.

According to a recent study by J.D. Power, 74% of auto insurance consumers use insurance brand or aggregators websites for obtaining quotes and information. This is something that holds true across almost all lines of insurance.

Regardless of device, the preferred platform for shopping is now digital.

But while brand websites generate a percentage of insurance leads, more consumers are choosing the choice model that internet lead generators and aggregators offer to research and obtain quotes. This is because more consumers prefer to have access to what they perceive as independent and unbiased sources for information and quotes.

 

Mitigate TCPA compliance risk

Compliance with the Telephone Consumer Protection Act (TCPA) has become more of a priority for insurance brands and their partners over the past few years. TCPA lawsuits filed by consumers are on the rise — growing by a factor of 1,273 percent since 2010 — and a number of large insurance brands have been part of multimillion-dollar TCPA settlements.

For example, in May 2017, a Florida-based insurer settled a class action TCPA lawsuit for $4.25 million. And that does not include the court costs and legal fees or the cost to counter bad the bad PR and lost brand reputation from the case.

Knowing definitively that a consumer has given consent to be contacted is a must. Ted Todd Insurance is a multi-office agency in Florida which generates leads on its own website and buys online leads from third party lead generators. They assure TCPA compliance by using a SaaS-based solution to track and verify consumer consent.

CEO Charley Todd says, "the technology tracks and assures the existence of the consumer’s consent, delivering a positive first experience for every new customer, and provides persuasive evidence in the event of a consumer complaint or lawsuit."

 

Analyze the right data

With the overabundance of data that insurance brands have, from internal and external sources, it is not always easy to make sense of it all. Even with a sophisticated data science and analytics program, the key is getting access to the right data at the right time, to help optimize your marketing programs.

In the case of customer acquisition, that begins with having access to data that you can  use to help score, prioritize and route higher-performing leads. By knowing the origin and history of your leads, you’ll be able to mitigate TCPA compliance risk and prioritize selection of and engagement with higher-intent consumers.

The majority of the top ten insurance companies in the United States are doing just that — connecting the dots and using sophisticated technology and data — to gain real-time intelligence into the origin, history and intent of the leads they are acquiring. Such solutions enable insurance companies and agents to follow consumers in real time on their buying journeys until the end when consumers purchase a policy, helping insurers observe and access behavioral data which they can use to analyze the intent of the consumer.

When marketers gain the ability to identify and take action on consumer behavioral data, buying low-intent leads is no longer part of the "cost of doing business" in lead management and analysis. Brands that leverage these insights gain efficiencies and can better focus their precious time and budgets on productive leads.

 

Optimize lead acquisition and marketing

In implementing technology solutions, here are five tips to supercharge your lead generation.

  1. Know the age of your leads. If you’re measuring speed-to-lead from the moment you received a lead post, you are missing a key data point. It’s not about when you received the lead, but rather when the consumer actually submitted the inquiry.
  1. Be proactive in avoiding fraudulent leads and those that are not TCPA compliant. Consumers who didn’t fill out the form or who filled it out six months ago have no intent to buy from you. Also, these leads put you at risk for TCPA complaints. Only purchase leads that are TCPA compliant. You don’t want to damage your brand and reputation, or take on the costs if you are sued by a consumer. You need a vendor who can help you identify, in real-time, that your leads are compliant and provide persuasive proof that a consumer gave consent to be contacted.
  1. Don’t get dupedMany marketers assume that a duplicate is the result of recycled data. They think that the same consumer means it is the same inquiry. In fact, it could very likely be the same consumer with a brand new inquiry, which is actually indicative of a high-intent consumer. Know the difference.
  1. Understand if leads are shared vs. exclusive. Know if your leads are being shared with some of your competitors. If they are, you need to determine how many other competitors that lead is being shared with and whether you are the first or last to receive it.
  1. Right price your leads. If you find a vendor who will help you identify low intent leads, you can reallocate that spend and pay more for higher intent leads. This is a key strategy to quickly and notably improve lead conversion.

 

You can read the original article here.

Source:

Pickles J. (9 October 2017). "Using data to identify high-intent consumers" [Web Blog Post]. Retrieved from address http://www.propertycasualty360.com/2017/10/09/using-data-to-identify-high-intent-consumers?ref=hp-news


P&C Pro-File Newsletter - September 2017

Did You Know?


Preliminary data from the National Safety Council (NSC) found that there were slightly fewer motor vehicle crash fatalities during the first six months of 2017 than there were during the same period in 2016. In 2014, the number of crash fatalities began to rise significantly after several years of steady declines. The NSC believes that this increase can be attributed to the increased affordability of driving after the economy recovered from a recession.

IN THIS ISSUE


  • Study Shows Average Workplace is Physically and Emotionally Demanding. A new study has found that most U.S. employees face significant stress in the workplace.
  • OSHA Restores Injury Tracking App After Security Fears. OSHA has restored user access to its Injury Tracking Application after being notified of a potential security breach.
  • United States, Canada and Mexico Begin NAFTA Negotiations. Representatives from the three countries concluded the first round of negotiations to update the trade agreement.


Provided by:

Hierl Insurance Inc.


IN THIS ISSUE


An analysis released by the Associated Press (AP) has shown that U.S. employees who are 55 years old or older are more likely to be involved in fatal workplace accidents than their younger counterparts. Additionally, as the average age of retirement continues to increase, older employees are becoming a larger portion of the overall workforce. The Bureau of Labor Statistics (BLS) estimates that by 2024, these employees will account for 25 percent of the entire labor market.

The AP used data from the BLS and the American Community Survey to conduct its analysis, and ignored fatalities that were determined to be the result of a natural cause, such as a heart attack or stroke. Despite this, the analysis found that the natural deterioration of vision, hearing and joint strength were the main contributors to the higher number of fatalities involving older employees.

The number of workplace fatalities for employees of all ages dropped from 5,480 in 2005 to 4,836 in 2015. However, fatalities for older employees over that same period increased from 1,562 to 1,681. As older employees continue to stay in the workforce, employers need to take extra care to protect them from hazards.

Study Shows Average Workplace is Physically and Emotionally Demanding


A new study conducted by the Rand Corporation, Harvard Medical School and University of California, Los Angeles has found that most U.S. employees face at least one form of workplace stress on a regular basis. And, although the study also found that most employees receive support from their employers, workplace stress is common in every job and industry.

Here are some of the key findings from the study:

  • Nearly 75 percent of employees report intense or repetitive physical exertion on the job.
  • Over half of employees are exposed to unpleasant and potentially hazardous working conditions.
  • Nearly 20 percent of employees are exposed to hostile or threatening social environments at work.
  • Nearly 50 percent of employees report that they must work on their own time to meet the demands of their jobs.

Physical and emotional stress in the workplace can lead to injuries, illnesses and poor job performance. Contact us today at 920-921-5921 for employee communications and workplace programs that can help manage stress at your business.

OSHA Restores Injury Tracking App After Security Fears


OSHA has restored user access to its Injury Tracking Application (ITA) after shutting it down due to fears of a security breach less than one month after its launch.

OSHA launched the ITA on Aug. 1 to allow employers to submit required injury and illness data electronically. However, on Aug. 14, the Department of Homeland Security contacted the agency to inform it of a potential compromise of user information.

OSHA suspected that one company was affected by the breach. The agency contacted the company and suspended access to the app while the National Information Technology Center conducted a complete scan. After the scan, OSHA confirmed that there was no breach of data, and it will continue with its security monitoring.

Although the electronic reporting rule initially required certain employers to start submitting their required information by July 1, 2017, the ITA website was not yet ready to receive electronic reports, and OSHA proposed Dec. 1, 2017, as the new deadline. However, it is not yet clear whether this incident will affect this new compliance deadline. Affected establishments should continue to record and report workplace injuries as required by law.

United States, Canada and Mexico Begin NAFTA Negotiations


Representatives from the United States, Canada and Mexico recently concluded the first round of negotiations to update the North American Free Trade Agreement (NAFTA). This agreement sets rules for trade between the three countries, but has not been updated since it came into effect in 1994.

The recent negotiations were prompted by comments from President Donald Trump, who believes that significant trade deficits with Canada and Mexico have led to unfavorable conditions for U.S. businesses. Although representatives from Canada and Mexico disagree with these assertions, all three countries hope to complete an update to NAFTA by early 2018.


4 Trends Shaping Cybersecurity in 2017

The threat of cyber attacks is increasing every day. Make sure you are stay up-to-date with all the recent news and trends happening in the world of cyber security so you can stay informed on how to protect yourself from cyber threats. Check out this great column by Denny Jacob from Property Casualty 360 and find out about the top 4 trends impacting cybersecurity this year.

No. 4: Growing areas of concern

Organizations with a chief information security officer (CISO) in 2017 increased to 65 percent compared to 50 percent in 2016. Staffing challenges and budgetary distribution, however, reveal where organizations face exposure.

Finding qualified personnel to fill cybersecurity positions is as ongoing challenge. For example, one-third of study respondents note that their enterprises receive more than 10 applicants for an open position. More than half of those applicants, however, are unqualified. Even skilled applicants require time and training before their job performance is up to par with others who are already working on the company's cybersecurity operation.

Half of the study respondents reported security budgets will increase in 2017, which is down from 65 percent of respondents who reported an increase in 2016. This, along with staffing challenges, has many enterprises reliant on both automation and external resources to offset missing skills on the cybersecurity team.

Another challenge: Relying on third-party vendors means there must be funds available to offset any personnel shortage.

If the skills gap continues unabated and the funding for automation and external third-party support is reduced, businesses will struggle to fill their cybersecurity needs.

No. 3: More complicated cyber threats

Faced with declining budgets, businesses will have less funding available on a per-attack basis. Meanwhile, the number of attacks is growing, and they are becoming more sophisticated.

More than half (53 percent) of respondents noted an increase in the overall number of attacks compared previous years. Only half (roughly 50 percent) said their companies executed a cybersecurity incident response plan in 2016.

Here are some additional findings regarding the recent uptick in cyber breaches:

• 10 percent of respondents reported experiencing a hijacking of corporate assets for botnet use;• 18 percent reported experiencing an advanced persistent threat (APT) attack; and

• 14 percent reported stolen credentials.

• Last year’s results for the three types of attacks were:

• 15 percent for botnet use;

• 25 percent for APT attacks; and

•15 percent involving stolen credentials.

Phishing (40 percent), malware (37 percent) and social engineering (29 percent) continue to top the charts in terms of the specific types of attacks, although their overall frequency of occurrence decreased: Although attacks are up overall, the number of attacks in these three categories is down.

No. 2: Mobile takes a backseat to IoT

Businesses are now more sophisticated in the mobile arena. The proof: Cyber breaches resulting from mobile devices are down. Only 13 percent of respondents cite lost mobile devices as an exploitation vector in 2016, compared to 34 percent in 2015. Encryption factors into the decrease; only 9 percent indicated that lost or stolen mobile devices were unencrypted.

IoT continues to rise as an area of concern. Three out of five (59 percent) of the 2016 respondents cite some level of concern relative to IoT, while an additional 30 percent are either "extremely concerned" or "very concerned" about this exposure.

IoT is an increasingly important element in governance, risk and cybersecurity activities. This is a challenging area for many, because traditional security efforts may not already cover the functions and devices feeding this digital trend.

No. 1: Ransomware is the new normal

The number of code attacks, including ransomware attacks, remains high: 62 percent of respondents reported their enterprises experienced a ransomware attackspecifically.

Half of the respondents believe financial gain is the biggest motivator for criminals, followed by disruption of service (45 percent) and theft of personally identifiable information (37 percent). Despite this trend, only 53 percent of respondents' companies have a formal process in place to deal with ransomware attacks.

What does that look like?

Businesses can conduct "tabletop" exercises that stage a ransomware event or discuss in advance decisions about payment vs. non-payment. Payment may seem like the easiest solution, but law enforcement agencies warn it can have an encouraging effect on those criminals as some cases lead to repeated attacks of the same business.

Many cybersecurity specialists argue that the best way to fight a ransomware attack is to avoid one in the first place. Advance planning that might include the implementation of a governing corporate policy or other operating parameters, can help to ensure that the best cybersecurity decisions are made when the time comes to battle a breach.

See the original article Here.

Source:

Jacob D. (2017 August 25). 4 trends shaping cybersecurity in 2017 [Web blog post]. Retrieved from address http://www.benefitspro.com/2017/08/25/4-trends-shaping-cybersecurity-in-2017?ref=hp-in-depth&page_all=1


The Equifax Breach and How it Affects You

Equifax announced Thursday that it suffered a breach being discussed as one of the largest data breaches in history. Equifax learned of the incident in July 2017. The breach occurred from mid-May through July 2017.

Equifax is one of three nationwide credit-reporting companies that track and rate the financial history of U.S. consumers. The companies are supplied with data about loans, loan payments and credit cards.

The company reported that over 143 million of its U.S. customers may have been affected by the breach, wherein unauthorized users had access to the company’s data from mid-May through July of this year.

According to the company’s FAQ page, private identifying information, such as birth dates, addresses, names, driver’s-license numbers, and Social Security numbers, were obtained by the unauthorized users. Equifax also reported that “credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.”

Here are six steps to protect yourself from the recent Equifax Data Breach incident:

Step 1: Find out if your information has been put at risk

Equifax is offering a website where you can check whether you are one of the 143 million people whose data may have been compromised.

Consumers can go to EquifaxSecurity2017.com to find out if their information was impacted by the breach. On the website under “potential impact,” consumers can check the potential impact the breach had on their personal information by entering their last name and the last six digits of their social security number to receive a message alerting them if their data was compromised.

Even if the tool indicates you weren't exposed, you're still eligible for a free one-year subscription to Equifax's protection services. Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. You have until November 21, 2017 to enroll.

Step 2: Check your credit reports and bank statements

More than three months passed between the time the breach may have started and now. We're not sure if the data of those affected was used maliciously during that period, so consider looking through your credit reports for any suspicious activity. The federal government guarantees everyone a free annual credit report from the three major bureaus from annualcreditreport.com.

When looking through your reports, keep an eye out for new accounts you didn't open, late payments on debts you don't recognize and any other activity that looks unfamiliar.

Step 3: Freeze your accounts and report fraudulent activity immediately

If you suspect someone used your identity to open credit cards, take on loans, or re-open closed accounts, contact the credit card company's fraud department immediately. You are not responsible for charges made on a fraudulent card, but you must report the issue in a timely manner.

Even if your credit report comes back clean, remain watchful of your credit. One of the most reliable ways to prevent someone from opening credit cards in your name is to place what's called a "credit freeze." Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.

When you freeze your credit, you (or anyone acting as you) will be required to un-freeze your account by providing the PIN you got when you froze your credit.

To freeze your credit, contact each of the credit bureaus using these phone numbers:

Equifax: 1-800-349-9960 Experian: 1‑888‑397‑3742 TransUnion: 1-888-909-8872

After receiving your freeze request, each credit reporting company will send you a confirmation letter containing a unique PIN. Be sure to keep the PIN or password in a safe place.

Step 4: Set fraud alerts

If you decide against a credit freeze, a fraud alert is another way to make it hard for identity thieves to open accounts in your name. When a fraud alert is set, credit card companies will be required to verify your identity before opening an account. That, combined with the credit freeze, is a great way to keep your credit secure.

To set a fraud alert, contact just one of the credit card bureaus and ask for an initial fraud alert. Once the alert is set, it will last 90 days. After that, you have the option to renew it.

Step 5: Use strong passwords and allow two-factor authentication on accounts

Data suggests that between 31% and 65% of people use the same password at multiple sites. This is a means if your username and password are compromised at one website, cybercriminals can use automated means to test your credentials against other websites. This means a single hacked password could lead to a cybercriminal potentially taking control of your email account and online bank accounts.

Step 6: Alert family and friends!

Because Equifax is not notifying those affected through direct mail or email, some people will be left without the resources to protect their identities or find out if they were compromised. Consider notifying your loved ones – especially the elderly without computer access – of the above steps.

While increased cyber risk is a downside of the technological revolution, Hierl can help keep you safe. For more information on cyber security or to speak with an expert to assess your existing cyber-policy.

Download PDF version here.


Risk Insights: Donating to Disasters and Avoiding Scams

Hurricane Harvey is the strongest storm to make landfall in the United States since Hurricane Charley in 2004. News of the damage it has caused to southeastern Texas is prompting people to help in whatever ways they can. Unfortunately, there are dishonest people who prey upon people’s good intentions, creating fake charity campaigns to exploit victims and take advantage of those who want to help.

How to Avoid Scams

Despite the sense of urgency to help when disaster strikes, it is important to do some research before donating. Consider the following best practices to ensure that your resources go to a legitimate charity with experience in disaster relief:

  • Never wire money to someone who claims to be a charity. Legitimate charities do not ask for wire transfers. Once you wire the money, you’ll probably never get it back.
  • Be cautious about bloggers and social media posts that provide charity suggestions. Don’t assume that the person recommending the charity has fully researched the organization’s credibility.
  • Only donate through a charity’s official website, never through emails. Scammers have a knack for creating fake email accounts that seem legitimate.
  • Ensure that the charity explains on its website how your money will be used.
  • Be wary of charities that claim to give 100 percent of donations to victims. That is often a false claim, as well-structured organizations need to use some of their donations to cover administrative costs.
  • Never offer unnecessary personal information, such as your Social Security number or a copy of your driver’s license. However, it is common for legitimate charities to ask for your mailing address, and it is safe for you to provide it.

How to Choose a Charity

Even legitimate charities need to be considered with care. The Federal Trade Commission suggests avoiding new charities because, despite their legitimacy, they may not have the resources needed to get your money to its intended recipients.

Donors looking for a worthy charity can access an unbiased, objective list on a website called Charity Navigator. The site receives a Form 990 for all of its charities directly from the IRS, so it knows exactly how the charities spend their money and use their donations. It also rates charities based on their location, tax status, length of operation, accountability, transparency and public support.

Gaining popularity for charitable donations is a crowdfunding website called GoFundMe, which allows people to raise money for a wide variety of circumstances. Despite its popularity, visitors to the site should be cautious about the campaigns to which they donate. Visitors can report suspicious campaigns directly to GoFundMe via its official website or to their state’s consumer protection hotline.

National Organizations

The following national organizations have long-standing reputations for providing disaster relief and accepting donations:

  • The American Red Cross provides shelter, food, emotional support and other necessities to people affected by disasters.
  • AmeriCares takes medicine and supplies to survivors.
  • Catholic Charities USA supports disaster response and recovery efforts that include direct assistance, rebuilding and health care services.
  • The Salvation Army provides shelter and emergency services to displaced individuals.

Remember that there are other ways to provide disaster relief that don’t involve monetary donations, especially if you live near the affected area. Local food banks and blood centers commonly ask for donations during relief efforts.

To download the full article click here.


3 takeaways from the 2017 Cost of Data Breach Study

IBM has just released their findings on their cost of data breaches study. Check out this great by Denny Jacob from Property & Casualty 360 and find out what they key findings from IBM research means for you.

As companies continue to infuse technology into their business models, they must also keep up with an ever-changing digital landscape. In 2017 and beyond, companies need to consider their cybersecurity practices.

As cyber attacks continue to rise in frequency and sophistication, companies should also consider where data breaches are occurring. For those looking to understand data breaches by country, the latest report from IBM Security and Ponemon Institute sheds light on such a topic.

Sponsored by IBM Security and conducted by Ponemon Institute, the study found that the average cost of a data breach is $3.62 million globally, a 10% decline since 2016.

To explore the complete report, visit the IBM Security Data Breach Calculator, an interactive tool that allows you to manipulate report data and visualize the cost of a data breach across locations and industries, and understand how different factors affect breach costs.

Or, keep reading for highlights from the study's key findings.

The costs by region.

In the 2017 global study, the overall cost of a data breach decreased to $3.62 million, which is down 10% from $4 million last year. While global costs decreased, many regions experienced an increase.

In the U.S., the cost of a data breach was $7.35 million, a 5% increase compared to last year. When compared to other regions, U.S. organizations experienced the most expensive data breaches in the 2017 report. In the Middle East, organizations saw the second highest average cost of a data breach at $4.94 million  an uptick of 10% compared with the previous year. Canada ranked third with data breaches costing organizations $4.31 million on average.

European nations experienced the most significant decrease in costs. Germany, France, Italy and the U.K. experienced significant decreases compared to the four-year average costs. Australia, Canada and Brazil also experienced decreased costs compared to the four-year average cost of a data breach.

Time is money when you're containing a data breach.

For the third year in a row, the study found that having an Incident Response (IR) Team in place significantly reduced the cost of a data breach. IR teams, along with a formal incident response plan, can assist organizations to navigate the complicated aspects of containing a data breach to mitigate further losses.

According to the study, the cost of a data breach was nearly $1 million lower on average for organizations that were able to contain a data breach in less than 30 days compared to those that took longer than 30 days. The speed of response will be increasingly critical as General Data Protection Regulation (GDPR) is implemented in May 2018, which will require organizations doing business in Europe to report data breaches within 72 hours or risk facing fines of up to 4% of their global annual turnover.

There's still room for improvement for organizations when it comes to the time to identify and respond to a breach. On average, organizations took more than six months to identify a breach, and more than 66 additional days to contain a breach once discovered.

Additional key findings.

  • For the seventh year in a row, healthcare topped the list as the most expensive industry for data breaches. Healthcare data breaches cost organizations $380 per record, more than 2.5 times the global average overall cost at $141 per record.
  • Close to half of all data breaches (47%) were caused by malicious or criminal attacks, resulting in an average of $156 per record to resolve.
  • Data breaches resulting from third party involvement were the top contributing factor that led to an increase in the cost of a data breach, increasing the cost $17 per record. The takeaway: Organizations need to evaluate the security posture of their third-party providers  including payroll, cloud providers and CRM software  to ensure the security of employee and customer data.
  • Incident response, encryption and education were the factors shown to have the most impact on reducing the cost of a data breach. Having an incident response team in place resulted in $19 reduction in cost per lost or stolen record, followed by extensive use of encryption ($16 reduction per record) and employee training ($12.5 reduction per record).

See the original article Here.

Source:

Jacob D. (2017 August 8). 3 takeways from the 2017 cost of data breach study[Web blog post]. Retrieved from address http://www.propertycasualty360.com/2017/07/05/3-takeaways-from-the-2017-cost-of-data-breach-stud?ref=rss&_lrsc=05d8112f-7bfb-4c4d-916f-0e2085debd9a&slreturn=1502379703&page_all=1


Safety Focused August 2017

When traveling for work, even for short periods of time, it is important to take precautions to protect yourself from cyber criminals.

Cyber Tips for Traveling

Staying safe while traveling involves more than simply locking your valuables in a hotel safe. Today, cyber crime is just as prevalent as conventional crime. In fact, your digital property may be more valuable to criminals than your personal property. Before packing for your next business trip, take the following precautions to protect yourself and your belongings while away:

  • Turn off home and work computers before you leave. Computers that are always left on are more vulnerable to hacks.
  • Back up all data. Store sensitive files either on a removable storage device locked in a safe or in a secure facility in the cloud.
  • Be cautious when using public Wi-Fi. If it is necessary to go online in public, use a secured connection. If you have to use an unsecured connection, avoid checking bank balances or visiting any site that asks you for personal information, which can be easily stolen.
  • Enable a pass code on your smartphone. This can prevent hackers from accessing sensitive information should you lose your phone.
  • Use a credit card instead of a debit card for purchases. A cyber criminal can deplete your bank account with your debit card.

How to Avoid Distractions While Driving

Driver distractions have joined alcohol and speeding as leading factors in crashes that cause fatal and serious injuries. However, cellphones aren’t solely to blame. Anything that takes 100 percent of your attention away from driving is a distraction. There are three main types of distractions:

  • Visual—Taking your eyes off the road
  • Manual—Taking your hands off the wheel
  • Cognitive—Taking your mind off of driving

Whether driving for work or for personal reasons, it is important to remember that any activity that you engage in while driving is a potential distraction that increases your risk of crashing. Taking the following precautions can help you avoid distractions while driving:

  • Silence your mobile devices and keep them away from you while driving to avoid being distracted by incoming calls or texts. If you must receive phone calls while on the road, pull over before answering, even if using a hands-free device.
  • Set destinations in navigational devices before you depart.
  • Make a playlist on your smartphone before you leave to avoid the temptation to change radio stations.
  • Avoid eating while driving. Take proper breaks to allow yourself time for meals.
  • Speak up if you’re a passenger of a distracted driver. Offer to take over the driving responsibilities if possible.
  • Review ’s safe driving policy to ensure that you are fully aware of the best practices when it comes to road safety and know what to do in an emergency.

To download the full article click here.