Meeting cybersecurity risks head-on: A guide to breach preparedness

How would you manage a data breach? No company is immune to cyberattacks and data breaches. Read on to learn how you can prepare your business.


Gauging a company’s true data breach risk from the outside is a difficult endeavor for insurers, with challenges both technical and informational. But even less attention has been paid to how companies would manage a breach if it happened, which has an enormous impact on the toll of the final damage.

No organization is immune to breach. If the National Security Agency can lose data, anyone can lose data, yet the scope of the current issue is still astounding.

According to another insurance company's 2017 cyber readiness report, 72% of large U.S. businesses — nearly three out of four — and 68% of small- and mid-sized businesses — about seven in ten — reported cyber incidents in the previous year. Among these, close to half (47%) experienced two or more cyber incidents during that same time.

The largest breaches, affecting big-name companies like Equifax, Target, Home Depot and many others, drew substantial headlines because of the huge number of identities involved. But almost every business holds some sensitive information, either regarding its customers or its own intellectual property, finances or employees. In fact, smaller organizations often lack the internal resources to dedicate towards preparedness, making them very attractive targets for hackers.

Assessing the threats to your business

The first challenge with measuring a company’s risk exposure relates to the industrywide problem of tying compliance and policy to actual security. A company may have checked all the right boxes on paper, but doing so guarantees little about their actual cyber risk position.

The second issue is that people often matter much more than technology.

The public conversation focuses on high-profile hacking events, but data breaches are even more likely to be the result of internal issues, including breakdowns in training, procedure or plain old mistakes.

The overwhelming majority of all cyber attacks are successfully executed with information stolen from employees who unwittingly give away their system ID and access credentials to hackers or provide a gateway via a malware link embedded in some form of communication.

One of the most important components of an effective data breach readiness program is mandatory and frequent training to remind employees about the importance of security awareness.

Education information security best practices can help arm a team against threats such as phishing, man-in-the-middle attacks, malware, and ransomware, substantially lowering the long-term risk.

An accurate understanding of a company’s sector-specific risks is another important point of departure in corporate cybersecurity. Healthcare employees, for instance, need to be especially on guard for EHR-related attacks and RDP server breaches, like the ones instigated by the SamSam virus (which took down Allscripts last month).

Other industries are more vulnerable to loopholes in common business apps; still, others are more frequently victims of point-of-sale malware or e-mail phishing scams. Once businesses understand where and how they are most likely to be targeted, they can begin providing training that takes into account the need for added vigilance in these specific areas.

The final challenge in correctly identifying breach risk involves understanding the extent to which recovery costs can vary. Discrepancies in cost depend not only on the severity of the breach, but also on how well the organization responds. Globally, the average cost to recover from a security breach is $158 per impacted individual, but that varies from of $60 to $400 per person.

While more companies than ever before are now either considering or have taken out some form of cyber insurance, this should not be considered an unloadable risk. Smart organizations are increasingly focusing on proactively identifying data breaches and preparing to efficiently react to them in advance of a data breach crisis.

Proper preparation means more education

The most devastating impacts of a data breach can only be avoided by coupling breach awareness and prevention efforts with readiness and response planning ahead of a cybersecurity incident.

Comprehensive breach readiness plans break down both pre-emptive and retrospective action steps by department: it’s sensible, for example, to task IT personnel with monitoring cloud connectivity and identifying network loopholes while entrusting financial staff with detecting suspicious activity along company bank and credit accounts.

Customer relations experts and account managers, on the other hand, are likely the best resources for overseeing client communications during and after a data breach, helping to re-establish trust and informing their consumer-facing workforce.

Here, inter-departmental communication is paramount: all workers should understand how and to whom they are to report possible breaches or scams, and when such breaches occur, the entire company should know what to expect employees in every department to do next.

Even for the most cyber-savvy corporations, however, internal resources alone are not enough these days. Outside resources are often critical to mitigating the threat of cyber attacks; Stop them once they start and restore company functions in a breach’s aftermath.

Establishing relationships and negotiating agreements with external subject matter experts is better done far in advance of an actual data breach. Contractual terms can be negotiated without the chaos and urgency of a crisis situation. The same is true for interfacing with law enforcement and regulatory agencies.

Knowing whom to contact and having an established communication chain can pay off when trying to execute an urgent data breach response.

Both internally and externally, the human element of cybersecurity remains a business’s best defense across an ever-widening threat landscape. With the right planning and a rapid response team, companies should be able to withstand a breach with the least damage possible, limiting losses – and claims.

SOURCE: Thompson, J. (2 March 2018) "Meeting cybersecurity risks head-on: A guide to breach preparedness" (Web Blog Post). Retrieved from https://www.propertycasualty360.com/2018/03/02/meeting-cybersecurity-risks-head-on-a-guide-to-bre/


6 ways HR can help prevent a data breach

Employees are often an organization's first line of defense against cyberattacks. Continue reading to learn the 6 ways HR can play a critical role in preventing data breaches.


Employees are an organization's first line of defense against and response to cyberattacks—which have become widespread in recent years. HR, in particular, can play a critical role in protecting sensitive information and minimizing employer liability.

Data breaches can lead to enormous liability, said Danielle Vanderzanden, an attorney with Ogletree Deakins in Boston. Some losses are easy to calculate, such as time spent on help desk activities, investigations and legal defense. Other losses are harder to quantify, such as reputational damage to the business. But it's clear that the costs can be staggering: The average total organizational cost of a data breach in the United States is $7.35 million, according to a 2017 study.

Whether a worker intentionally sold customer data, unintentionally left a laptop on a train or carelessly left boxes of medical records unattended in a high-traffic area of a hospital, employers can wind up paying millions of dollars in damages.

So what can HR do to mitigate these costs? In large part, data security is an issue for the technology department, but HR professionals can help ensure that effective programs are in place, Vanderzanden said at the 2018 Society for Human Resource Management Employment Law & Legislative Conference. Specifically, HR can lead the way by:

  1. Knowing who is hired. Protecting personally identifiable information (PII) starts with properly vetting job candidates who will have access to sensitive information: those being considered for HR, payroll and finance positions, to name a few.
  2. Accounting for equipment. During the onboarding process, employers should complete a checklist so that they have a record of all the equipment each employee receives. Then, at the time of separation, the checklist should be consulted to ensure that all equipment is returned and workers don't walk out of the building with sensitive information.
  3. Training employees to spot issues. Workers may not always know how to identify an issue—such as a phishing scam through which a cybercriminal sends an e-mail that looks like it came from someone in the company. An employee may quickly respond to the message and divulge personal information that can be used to access payroll and other information. Employees should be trained on how to identify scams and also should know what to look for in a legitimate company e-mail, such as a standard signature line, a photo of the sender and a company e-mail address.
  4. Encouraging workers to speak up. When a breach or attempted breach occurs, employees who handle PII must feel comfortable stepping up and notifying the appropriate staff. This is essential for resolving the situation, but also because employers must provide certain notices when information is compromised.
  5. Carefully crafting BYOD policies. Bring-your-own-device (BYOD) policies may turn into bring-your-own-breach policies in practice, Vanderzanden said. The more mobile the device, the easier it is for an unauthorized person to walk away with the device and any sensitive information that is stored on it. If employers are going to have a BYOD policy, they should have written policies about what will happen if the device is lost or stolen and what will happen upon termination of employment. Among other things, they should also have a procedure for remotely wiping data from the device.
  6. Building a culture of compliance. Representatives from different business functions—such as IT, HR, security and finance—should work together to ensure that data security measures are ingrained in the organization's practices. Moreover, compliance and cooperation must start in the C-suite. HR can play a role in influencing senior management about the importance of having everyone in the organization follow security procedures.

Check State Laws

HR professionals should note that state laws are the primary source of potential identity-theft liability for employers. "State laws in this area are a patchwork collection and are neither uniform nor completely consistent," said Patrick Fowler, an attorney with Snell & Wilmer in Phoenix, in an interview with SHRM Online. California and Massachusetts have been more active than other states in passing data privacy legislation, but virtually all of the states have data breach notification laws at this point, he noted. Employers should make sure they know what is required under relevant state laws.

SOURCE: Nagele-Piazza, L. (14 March 2018) "6 ways HR can help prevent a data breach" (Web Blog Post). Retrieved from https://www.shrm.org/resourcesandtools/legal-and-compliance/employment-law/pages/6-ways-hr-can-help-prevent-a-data-breach.aspx


Cryptocurrencies and what they mean for businesses

Technology has added efficiency and modern conveniences to daily life. Among these conveniences, computer experts have managed to apply digital traits to new, online currencies that are commonly called cryptocurrencies.

Simply put, cryptocurrency is digital money that operates independently of a bank and can be used similarly to cash around the world. However, the digital nature of these new currencies add some benefits that appeal to consumers and have led to their increasing popularity. Bitcoin—the most popular cryptocurrency—was declared legal tender in Japan in 2017, and online services like Microsoft, Overstock and PayPal also accept the currency.

While it can be easy to get caught up in the excitement and potentially lucrative nature of cryptocurrencies, it’s important to understand how they work as well as their positives, negatives and risks.

How Do Cryptocurrencies Work?

While it may seem confusing on the surface, the way cryptocurrencies function is actually quite simple. Like most currencies used around the world, cryptocurrencies store value, have specific exchange rates and are limited in supply. However, most cryptocurrencies are decentralized and work without administrators, and instead rely on encryption technology and verification to make transfers. This means that there is no central authority that manages the creation and use of cryptocurrency.

In the place of a central authority, most cryptocurrencies implement a network that allows users to make transactions directly between each other. These networks use a shared system of private keys and public ledgers to authenticate new transactions and create an encrypted log of past transactions. Bitcoin, the first cryptocurrency to implement this form of authentication, encourages users to participate in the system by rewarding them with additional bitcoins. In fact, this is the only way that new bitcoins circulate.

Despite concerns over cryptocurrencies like bitcoin, they aren’t going anywhere soon as an alternative method of payment, investment or means of raising capital.

To use cryptocurrencies, consumers and businesses must first acquire a cryptocurrency wallet account. These accounts work like a bank, but are designed specifically for individuals who want to purchase or accept cryptocurrency. Most cryptocurrency coins have an official wallet or recommended third-party wallets, and it’s important to conduct thorough research before choosing a service.

After you have acquired a wallet, you can purchase cryptocurrencies on open exchanges and use them for a variety of transactions. You can even convert cryptocurrencies to cash at a later date if you so choose.

The Positives and Negatives of Cryptocurrencies

Before adopting cryptocurrency at your business, you must consider how this new technology’s benefits and drawbacks may impact your operations.

The Benefits of Cryptocurrencies

  • Little or no processing fees—Unlike credit cards and other traditional forms of payment, cryptocurrencies often have no processing fees. This is because transactions are facilitated through the cryptocurrency’s public network on what’s known as a blockchain. Transactions are recorded on the blockchain chronologically, and users can create, verify and enforce transactions without an intermediary or central authority.
  • High transaction speed—Credit and debit card payments often take two to three days to process and clear. With cryptocurrencies, transactions happen in real time and take about 10 minutes or less. As an added bonus, cryptocurrency transactions are final, which means consumers can’t dispute a charge and negate a sale.
  • Increased payment options—The more payment options you can provide as a business, the better. As such, cryptocurrency has the potential to attract a wider customer base.

The Drawbacks of Cryptocurrencies

  • Price volatility—The value of bitcoins and other cryptocurrencies can change drastically over a small period of time. Bitcoin reached a value of $17,000 in January 2018 before falling to $7,000 less than a month later.
  • Anonymity—While the details of cryptocurrency users and transactions are often held in a public ledger, names and locations are encrypted. This can be an issue when complying with regulations on customer identification or fraud protection.
  • Cyber security—Cryptocurrencies exist digitally, and the proof of ownership is often limited to the private keys used to authenticate transactions. This makes cryptocurrencies a prime target for hackers, especially because many businesses aren’t aware of how to protect this new form of currency.

Should You Accept Cryptocurrency?

While global companies like Amazon and Microsoft accept cryptocurrency, that doesn’t necessarily mean it’s right for your organization, especially if you’re a small business. Before using cryptocurrency, it’s important to conduct adequate research and understand how it may impact your company. In addition, you should speak to a qualified insurance broker to determine how using cryptocurrency opens you up to new risks.

To learn more, contact Hierl Insurance Inc. today.

Download the PDF here.


Self-driving tech could put motor carriers back in the driver’s seat

Self-driving vehicles may feel like something that will only be available in the distant future, but autonomous technology is already having an impact on the transportation industry. Many motor carriers are promoting new equipment to attract tech-savvy drivers, and advanced safety sensors are helping decrease accidents on the road.

Over 30 automakers and technology companies are working to make trucks fully autonomous, and many states have already passed self-driving legislation that allows for testing on public roads. But, even though this technology offers motor carriers a way to increase efficiency and improve safety, there are a number of topics your business needs to consider before adopting self-driving trucks.

The Different Levels of Automation

Most of the technology used in autonomous vehicles is an evolution of common safety features that use vehicle-mounted cameras and sensors, such as automatic brakes, lane departure systems and blind spot alerts. However, self-driving technology takes this concept a step further by having these systems work together to perform some or all driving functions.

Because there are multiple self-driving systems in development that offer different levels of autonomy, most companies use a system developed by SAE International to classify levels of autonomous vehicles. Levels 0-2 mainly define limited control systems that are commonly available in consumer and commercial vehicles:

  • Level 0: No automation—The driver performs all driving tasks, but automated system issue warnings may be present.
  • Level 1: Driver assistance—The vehicle and driver may share control in limited circumstances, such as adaptive cruise control and parking assistance. However, the driver must be ready to retake control at all times.
  • Level 2: Partial automation—The vehicle has combined automatic functions (such as controlling acceleration and steering simultaneously), but the driver must be constantly engaged and aware of the surrounding environment.

Self-driving trucks can offer motor carriers a way to increase efficiency and improve safety, but there are a number of topics to consider before these vehicles are adopted widely.

Levels 3-5 define vehicles that are commonly referred to as autonomous or self-driving:

  • Level 3: Conditional automation—A driver must still be present, but doesn’t have to monitor the environment. However, they must be ready to take control at all times and with no notice.
  • Level 4: High automation—The vehicle can perform all driving functions under certain conditions, and switching control back to the driver may be optional.
  • Level 5: Full automation—The vehicle can perform all driving functions at all times.

How Can Self-driving Trucks Help Carriers?

Self-driving trucks could help motor carriers address a number of common issues:

  • Safety—Properly functioning self-driving systems operate without the chance of human error and can react to changing traffic patterns faster than a regular driver.
  • Driver shortage—Regulations likely won’t allow vehicles to operate without a driver in the near future. However, the technology will attract applicants who don’t want to spend long stretches of time in full control of a commercial truck.
  • Increased efficiency—Autonomous technology can give carriers real-time information on location, maintenance status and traffic patterns in order to increase efficiency and better manage fleets.
  • Cost reductions—Motor carriers can reduce costs by sending autonomous trucks on more fuel-efficient routes or by platooning the vehicles together to reduce air drag.

What Risks Does This Technology Present?

Although autonomous technology is advancing rapidly, there are still a number of risks and obstacles to overcome before the vehicles can be widely adopted:

  • Public perception—Advanced sensors generally make self-driving trucks safe, but recent high-profile collisions and fatalities during tests have lowered the public’s opinion of the technology.
  • Long-term employment—Autonomous technology will help to attract new drivers in the near future, but some experts believe that fully independent vehicles may someday eliminate millions of jobs.
  • Liability—The liability of an accident involving human-driven vehicles is fairly easy to judge. However, self-driving trucks bring a nonhuman factor into the equation that makes it difficult to determine if an operator, technology developer, manufacturer or other party is at fault for an accident.
  • Compliance—Individual states, cities and jurisdictions currently manage laws regarding the testing and use of self-driving trucks, making interstate commerce more complicated. However, the FMCSA recently requested feedback on the regulations that would have to be updated, modified or eliminated to safely allow for the use of autonomous vehicles. Key questions discussed by the agency include the following:
    • How will motor carriers ensure automatic systems are functioning properly?
    • What changes, if any, should be made to distracted driving regulations?
    • How will enforcement officials determine a vehicle’s SAE classification level, and would easily identifiable classification signage negatively affect other drivers?
    • How should a driver’s hours of service be recorded when using an automated driving system?

Considering Your Options

As self-driving vehicles continue to develop, your business should carefully consider how both the advantages and risks of this new technology will impact its operations. Contact us at 920-921-5921 today for help analyzing your unique risk exposures.

Download the PDF here.


Construction Risk Advisor - July 2018 Edition

DATA SCIENCE TO BOOST EFFICIENCY AND SAFETY


In order to improve worker safety and boost efficiency, about 20 construction companies have launched data science initiatives over the past few years.

One of those pioneers is a Boston-based company whose data scientists have developed an algorithm that analyzes photos from its job sites and then scans them for safety hazards. The algorithm then correlates those images with its accident records.

Although the technology still needs some fine-tuning, the company hopes to use the algorithm to rate project risks. As a result, the technology could prove extremely helpful in detecting elevated threats and then intervening with safety briefings.

Combining the data collected from these efforts could also be used to forecast project delays. Although data science is somewhat new to construction, a recent McKinsey report said that firms could boost productivity by as much as 50 percent through real- time analysis of data.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download Full Newsletter

AVOIDABLE ESTIMATION MISTAKES IN CONSTRUCTION


In the past three years, only 31 percent of construction projects came within 10 percent of their budgets, according to RSMeans, a provider of construction cost information. Completing projects within budget is a constant challenge for many contractors. Here are five estimating mistakes to be aware of, along with best practices to combat them.

1. Unrealistic expectations—Don’t rely on ideal orworst-case scenarios, which can lead to impractical estimates. Find the middle ground to avoid setting expectations too high and blowing timelines.

2. Flying solo—Don’t be afraid to use outside data sources from a credible third party. Create a realistic estimate by including a combination of your own historical data and their custom data.

3. Lack of or wrong permits—If you lack permits or have the wrong type, work can come to a standstill. Factor proper permits into your estimate, as well as their corresponding costs.

4. Unclear parameters—Parameters must be established clearly at the onset of each project.Make sure you clearly understand your clients’limitations and restrictions before creating an estimate to avoid unnecessary change orders.

5. Missing details—A lack of knowledge, missing items or generalized task descriptions can lead to estimates that are too low. Take the time to account for all necessary materials, labor and equipment by referencing similar work done in the past or detailed cost data from a third party.


Cyber Risks and Liabilities July/August 2018

Training Staff to Guard Against Cyber Attacks


Using mobile devices to work remotely is becoming the new norm. But when your employees use phones, tablets and laptops to access your networkand do their jobs, they’re essentially providinghackers with more entry points, leaving your organization highly vulnerable to attacks.

No matter how many security measures you take,they’re useless if you don’t supplement them withemployee training. Here are five ways to help employees protect your company from cyber attacks:

  1. Offer training on phishing and spam. Show your employees what to look for so they can alert IT if they receive a suspicious email. You can also use phishing simulator training tools, which attempt to trick your employees into opening the wrong types of email. The employees who click on those emails can then be flagged for additional training.
  2. Provide strong password training. Passwords should be changed on a regular basis and contain more than seven characters, an uppercase letter, a number and a symbol.
  3. Teach employees to report problems. Even if your employees clicked on something they shouldn’t have, it’s important that they feel comfortable reporting their infractions so any potential threat can be addressed immediately.
  4. Insist that your employees update all software when new updates become available.Vulnerabilities spread like wildfire among hackers. If employees fail to perform updates,they’re allowing hackers access to the device and possibly your entire network.
  5. Give remote access and Wi-Fi training and set up a virtual private network (VPN). Any employee that works remotely should use that VPN at all times for all activities.

Businesses Need Both Cyber Threat Intelligence and Business Risk Intelligence


Devising an all-encompassing strategy that protects your organization from cyber criminals, data breaches and other cyber security threats is no easy task. You need to ensure protection from not only hackers, but also the actions of your own staff.

Your employees may not intentionally threaten your organization, but without proper training and policies on using, storing and transferring data, there will always be a chance of them inadvertently putting your business at risk. In order to protect against such threats and react accordingly, businesses need to two types of intelligence: cyber threat intelligence and business risk intelligence.

Cyber Threat Intelligence

Cyber threat intelligence is information that has been collected, evaluated and analyzed. It involves looking outward, always being on the defense for potential cyber threats and turning unknown threats into well-known, mitigated threats. Cyber threat intelligence helps organizations understand the threat landscape they face and improve the effectiveness of their defense.

Cyber security analysts can use the data from their own internal security systems and outside vendors to build an understanding of the threats they face. They may also enlist the help of outside providers who understand the behavior of cyber criminals, as well as the long-term trends and short-term risks that might affect a particular sector.

Business Risk Intelligence

Business risk intelligence addresses the broader risks facing a business, including the digital risks. Due to the connected nature of the “internet of things,” business risk intelligence can also include cyber threat intelligence. But unlike cyber threat intelligence—which primarily affects the day-to-day operations of a company’s chief information security officer—the impact of business risk intelligence is likely to be felt across the entire executive suite.

A company with business risk intelligence is aware of the broad risks it faces. That may include insider threats to the physical security of staff or the risk of engaging with third-party vendors in the supply chain. Any type of activity that can alter business operations can be combatted with business risk intelligence.

Save Your Website from ADA Lawsuits


The Americans with Disabilities Act (ADA) of 1990 prohibits discrimination based on disability, which involves ensuring that everyone has reasonable access to all areas of public life. Although the ADA doesn’t explicitly mention the internet, the federalgovernment has taken the position that Title III of the ADA covers access to websites of public accommodations, including service and rental establishments, retail stores, educational institutions and recreational facilities.

Currently, ADA website compliance is only mandatory for government-managed websites. However, the absence of laws enforcing ADA compliance for websites ofpublic accommodations hasn’t prevented people from filing lawsuits againstcompanies that don’t meet the suggested guidelines.

Businesses in health care, government and education have been the most common targets of these lawsuits. Attorneys looking for easy money typically target small businesses’ websites by offering a low settlement fee. If your business is targeted by an ADA website compliance grievance, consider taking the following steps in response:

  1. Review the grievance for credibility. A lawsuit may likely begin by citing“violations of the Americans with Disabilities Act, Title 42 U.S.C. 12101 and12181.” It may also include an inexpensive settlement option—a prime indicator that the lawsuit has no legs to stand on and is likely a scam.
  2. Consult a lawyer. Doing so will help determine the credibility of the threat and stop future threats to your business.
  3. Respond to the plaintiff. Ask your attorney to draft something explaining thatyou’ve reviewed their grievance and consulted a lawyer. Realizing that you’vesought legal help may scare away anyone trying to file a lawsuit.
  4. Update your website. Do this regardless of whether there is a legal need. If your site is easily accessible by people with disabilities, you may see beneficial returns from those users.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download Full Newsletter


Safety Focused Newsletter - July 2018

Back Strain: A Workplace Risk for Every Employee


Back injuries are common in the workplace and are typically the result of a strain or sprain to back ligaments or muscles, the spinal cord, thoracic spine, lumbar spine, sacrum or coccyx. What’s more, you don’t need to work in a manual labor-intensive job to experience back problems. Employees of all kinds can maintain back health by keeping these tips in mind during their workday:

  • Take small breaks throughout your workday and stretch regularly.
  • Manage your stress level to reduce discomfort and back pain.
  • Exercise and stay active to reduce your chances of developing back pain.
  • Adjust your posture frequently.
  • Position your desk chair so your feet are flat on the floor.
  • Lift with your knees, and keep what you are lifting close to your body. Ask a co-worker to assist you when performing tasks that require heavy lifting, pushing, pulling or throwing.
  • Drink enough water and eat a healthy diet. This helps keep your spinal discs hydrated and healthy.
  • Watch where you walk. Many back strain injuries are the result of involuntary motion, like an attempt to recover from a slip.It may also be a good idea to work with your manager to plan your working hours in a way that helps you avoid long periods of repetitive work.

EMPLOYEES DO NOT NEED TO WORK IN THE CONSTRUCTION INDUSTRY OR A MANUAL LABOR- INTENSIVE JOB TO EXPERIENCE BACK PROBLEMS.

5 WAYS TO IMPROVE COMMUNICATION

  1. AVOID CLICHÉS
  2. BE BRIEF
  3. BE SINCERE
  4. AVOID ARGUMENTS
  5. ALLOW OTHERS TO RESPOND WITHOUT INTERRUPTION

How Employees Can Improve Workplace Communication


Communication is key in all aspects of life, but especially in the workplace. Without good communication, employees and productivity can suffer.

However, there are things you can do to establish better communication and improve the way things are done at your workplace. When it comes to interacting with your co-workers, keep in mind the following:

Make sure you are being clear and concise.

This applies not only to face-to-face conversations, but also to emails and all other types of communication. Your messages should be complete and include everything you want to convey.

Listen carefully. Don’t respond to what someone has said—aloud or in your head—until they have finished speaking. If you start thinking about a response before your co- worker has gotten their message across, you could miss important pieces of information and derail the conversation.

Summarize what you’ve said. After you’vegiven a long-winded speech or written an extensive email, go over the basic, most important points. This will help refresh yourlistener’s memory and potentially weed outopportunities for miscommunication.

Make meetings meaningful. Schedule a meeting to elaborate on complex tasks and make the most of scheduled time. Don’tstray from the topic, and keep conversations productive.

Follow up in writing. No matter how compelling a meeting or conversation was, it’s likely that people will not remember everything that was shared. For important matters, follow up with an email that highlights key takeaways from the conversation or meeting.

Above all, it’s important to be mindful ofyour body language and tone when you communicate. Together, these strategies ensure clear, effective correspondence.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download Full Newsletter


Agriculture Risk Advisor- July/August 2018

FARM BILL UPDATE


On June 13, in a 20-1 vote, a Senate panel approved a modest, bipartisan rewrite of federal farm and nutrition programs. The sole vote against the bill was by Sen. Chuck Grassley, R-Iowa, because his amendment to limit subsidy payments was omitted.

If passed, the legislation would renew farm programs that include subsidies for crop insurance, farm credit and land conservation. It would also extend the Supplemental Nutrition Assistance Program (SNAP)—formerly known as the Food Stamp Program—which helps feed more than 40 million people.

The House failed to pass a version of this bill in May due to a still unresolved immigration debate. Contrary to the Senate farm bill, the House is asking for greater job training opportunities for SNAP recipients. However, the bill has been heavily criticized for what some call a poor design and the possibility that it could exclude 2 million people from SNAP.

The current food and farm bill expires at the end of September. Although enacting the legislation this year is unlikely, a short-term extension is expected when the bill is brought back to the floor.

NEW WEB TOOLS FOR CATTLE MARKET


Two new web tools created by the Noble Research Institute will allow cattle producers to easily access Oklahoma cattle auction data. The tools include a price slide table and market charts.

PRICE SLIDE TABLE

The first web tool is a breakdown of the price slide (PS) and value of gain (VOG) for the reported markets. The PS and VOG tool looks at the sales receipts for the selected market, as well as frame size, gender, yield grade and the sale date to give producers a glimpse at the type of cattle buyers are looking for.

Cattle with notes about their features aren’t included in the table in order to prevent the PS and VOG from being affected. However, a link to the original USDA- AMS report is provided near the top of the page for producers who want more details and to see where the original data was taken from.

MARKET CHARTS

The second web tool is a set of charts for slaughter, feeder and replacement cattle. The tool offers an option to compare each group across whichever markets the user selects, either during a specific year or across years.

The auction comparison tool was designed to provide producers with information to help them in their marketing and purchasing options. By comparing years, producers can better evaluate how the current year is stacking up against previous years for a particular market.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download Full Newsletter


Construction Risk Advisor - June 2018 Edition

ARE SIGNING BONUSES ENOUGH TO KEEP WORKERS?


As the shortage of skilled labor in construction continues, it’s becoming more common for contractors to offer one-time bonuses to attract skilled workers. In fact, according to the Associated General Contractors of America, close to one-quarter of contractors reported using bonuses to attract employees, ranging between a few hundred dollars to over $1,500 per worker.

What employers like about bonuses is that they’re one-time payments that don’t affect employees’ base pay. However, there is a drawback to offering an incentive for getting skilled workers in the door—there’s no proof that they’ll stay, especially if they can easily find another job elsewhere. Workers can stay long enough to collect the bonus but then leave for another opportunity, and yet another bonus.

According to the Bureau of Labor Statistics, construction pay in the U.S. only rose by a meager 2.4 percent in 2017, even though construction costs are increasing. Unless employers offer competitive pay, it may be difficult to keep workers.

TIME TO GET ON THE CLOUD


By using the cloud, construction companies have been able to completely overhaul the way they interact with each other and with their workers. In a nutshell, the cloud consists of multiple networks of servers that allow apps to be accessed anywhere through the internet instead of confined to a particular computer or network.

Contractors that have projects and crews in multiple locations especially appreciate the benefits of the cloud, since it is efficient and allows for the seamless transfer of information.

What’s more, the cloud allows construction companies to utilize software-as-a-service solutions that are updated automatically as opposed to using traditional products that need to be manually installed and periodically replaced with newer versions.

SMALL CONTRACTORS BENEFIT TOO

Small contractors tend to be under the assumption that using the cloud is either too complicated, too expensive or intended for large construction firms. However, smaller firms may actually benefit most from using the cloud. In fact, the cloud has helped small contractors develop smarter work practices that have allowed them to become more profitable.

The smarter work practices made possible by the cloud can eliminate time- and money-wasting redundancies traditionally caused by the disorganized flow of paperwork and emails.

The overall lower cost of using the cloud also puts small contractors in a better position to compete with their larger competitors for projects.


Safety Focus Newsletter - June 2018 Edition

Your Role During Safety Meetings


One of the most effective ways to promote a healthy working environment is to get involved in company safety meetings. These informal, brief meetings allow you the opportunity to stay up to date on potential workplace hazards and safe workplace practices, such as machinery use, tool handling and equipment use.

When it comes to workplace safety meetings, you should keep the following in mind:

  • Attending safety meetings is mandatory. Be aware of what days your employer holds meetings, and plan accordingly.
  • Actively participating is important. Some of the best safety ideas come from workers, often because they know what and where the dangers are.If you have something to add during safety meetings, don’t hesitate to speak up.
  • If you have an idea for a safety topic, chances are others will find it of interest as well. Feel empowered to share safety concerns and improvements with your supervisor.

Above all, it’s important to take safety training seriously. Together with the help of your peers, employers can use safety meetings, training and hazard identification practices to ensure workplace health and safety.

4 Ways Employees Can Supplement Wellness Programs


Workplace wellness refers to the education and activities that a worksite may do to promote healthy lifestyles for employees and their families. Workplace wellness programs can increase productivity, decrease absenteeism and raise employee morale.

Because employees like you spend many of their waking hours at work, the workplace is an ideal setting to address health and wellness issues. While it is an employer’s job to implement general wellness policies, there are a number of things employees can do to supplement health initiatives.

Specifically, to improve physical and mental health and to enhance their employer’s wellness programs, you should do the following:

  1. Eat sensibly.It’s easy to snack at work, particularly if your office is equipped with vending machines. When it comes to healthy eating, moderation is key. Eat a healthy,filling breakfast and substitute greasy food with salads.
  2. Drink plenty of water.Dehydration can cause ill effects, such as drowsiness and sluggishness. Aim to drink between six and eight glasses of water every day. Doing so can even reduce hunger.
  3. Stop smoking.Tobacco use increases your risk for heart disease, cancer, stroke and chronic obstructive pulmonary disease. Abstaining from tobacco is one of the best ways to protect your health and get the most out of wellness programs you participate in.
  4. Manage your stress.Too much stress can lead to insomnia, anxiety, depression, low morale, short temper, headaches and back problems. Finding ways to manage stress will not only improve your physical and mental health, but it can also help you approach wellness initiatives with a positive mindset.

5 BENEFITS OF WORKPLACE WELLNESS PROGRAMS


1. IMPROVED PRODUCTIVITY

2. LOWER HEALTH CARE COSTS

3. A STRONG SENSE OF ACCOMPLISHMENT

4. WEIGHT LOSS

5. LESS STRESS