Manufacturing Risk Advisor - May/June 2018

Mixed Reaction to New Steel and Aluminum Tariffs

The Trump administration recently announced a 25 percent tariff on steel and 10 percent tariff on aluminum in order to discourage imports of these materials. The administration also stated that the tariffs are part of an effort to increase jobs and protect U.S. businesses from foreign competition.

While the tariffs were established to help U.S. businesses, manufacturing experts believe that they may increase the price of new products and that sales will likely decrease as these costs are passed onto consumers. Although the tariffs only apply to imported materials, many U.S. steel and aluminum producers have raised prices in order to account for increased demand.

The Commerce Department also announced an exclusions process for the tariffs. However, businesses must first prove that they’re unable to obtain the materials from domestic sources.

For more information on the manufacturing industry, call us at 920-921-5921 today.

How Blockchain Technology Can Improve Supply Chains

Manufacturers need to rely on a consistent supply chain in order to operate. However, a lack of transparency between vendors and the use of separate management systems often leads to confusion, delays and lost business.

To solve these problems, many businesses have turned to blockchain technology—a platform that works by recording a separate record, or “block,” every time a supply chain progresses. This record is then encrypted and used to verify all subsequent blocks, which prevents any alterations to records.

Here are some of the potential benefits of a blockchain recordkeeping system:

  • Flexible scalability—Blockchain systems can be used internally to track projects and other workflows. Multiple organizations can share the platform to organize large-scale operations.
  • Security—Records that use blockchain are encrypted, verified and shared between all users. As a result, blockchain is very secure against tampering and cyber attacks.
  • Transparency—Advanced sensors and other tracking technology can update blockchain records to give businesses an ongoing view of a supply chain without fear of human error or biased reporting.
  • Innovation—New services are beginning to automate complex systems like contractual obligations, employee security credentials and personal data protection using blockchain technology.
  • Detailed analytics—Businesses can track individual products to gather important information at any time, such as the origin of a dysfunctional product or a food item’s expiration date.


Trucking Risk Advisor - May 2018

ELD Enforcement Contributes to Rising Freight Rates

Electronic logging device (ELD) enforcement has contributed to rapidly growing freight rates, according to a report from transportation information firm DAT Solutions. The firm found that 3 percent of surveyed truckers planned to retire instead of comply with the ELD rule, which was a large factor in a 7 percent drop in year-over-year trucking capacity.

Although the ELD rule came into effect at the end of 2017, the Department of Transportation only began enforcement of the rule on April 1, 2018. ELDs automatically track a driver’s compliance with federal hours-of-service limits, and drivers who don’t use the devices must stop driving until one is installed.

While freight rates in April are generally lower following the end of the first quarter, DAT Solutions’ report found that rates have increased as motor carriers struggle to account for a shortage of skilled drivers.

Call us at 920-921-5921 for more information on trends in the trucking industry.

New Technology May Replace Mirrors With Camera-based Systems

Although sideview mirrors allow drivers to stay aware of surrounding traffic, the large devices offer limited viewing angles and create drag that lowers fuel economy. As a result, some technology companies are advocating for the use of camera-based systems to improve safety and lower operating costs.

Prototype camera systems feature multiple, internally wired cameras that provide drivers with multiple views of adjacent lanes, the blind spot in front of a truck’s hood and the ground on each side of the vehicle. The cameras themselves also include a number of safety features:

  • Redundant systems to reduce the chances of a malfunction
  • Low-light visibility options
  • Heated glass to prevent the buildup of ice and frost
  • Special coatings that resist rain and moisture

Camera systems can improve a heavy-duty truck’s fuel economy by approximately 2.5 percent and lead to over $1,300 in annual fuel savings. The systems can also lead to savings by reducing crashes, as traditional mirrors are limited by large blind spots, glares, night visibility and adverse weather.

The FMCSA is currently accepting public comments on an exemption for the MirrorEye camera system, which has been used in Europe since 2016. For more information, visit the FMCSA’s notice in the Federal Register.


Risk Insights - Understanding Total Cost of Risk

Risk exists everywhere in business. One of the biggest mistakes that companies make is assuming that the cost of risk only involves their insurance premiums paid, retained losses and administrative costs. However, the total cost of risk encompasses much more than that.

While a risk management program can be an effective method for controlling risk, the resources used by the program may not be addressing all the risks faced by the business. One way to discover all of the risks facing your business—including the ones that might not be seen, considered or addressed in your risk management program—is to examine the total cost of risk (TCOR).

TCOR is the total cost of the items that businesses are responsible for, such as insurance premiums, retained losses in the form of deductibles and uninsured losses, indirect costs of claims and administrative costs, and other factors that can include the following:

  • Transaction costs
  • Loss of reputation
  • Loss of market share
  • Overtime
  • Additional training
  • Product loss
  • Production decrease
  • Claims reporting and investigation
  • Fines

Over time, an idea of an organization’s TCOR can provide a form of measurement for assessing how its risk-related costs are changing, relative to the overall growth rate of the business.

Why is Knowledge of TCOR Important?

If your business is only focusing on insurance premiums as your way of quantifying risk, you may be missing costs that you have more control over. For example, premiums may be the least controllable costs, as insurance rates are determined by outside forces such as weather-related events, the stock market, interest rates and the insurance marketplace.

Furthermore, the benefit of decreasing premiums is negated if an organization sees an increase in indirect costs of claims and administrative costs. True cost reduction is most impacted by lowering indirect costs, which can cost more than the actual claim itself. TCOR helps identify those costs.


Understanding your TCOR and your ranking helps identify areas where your organization can save money.


How Does TCOR Work?

TCOR is measured per $1,000 of revenue. By measuring TCOR against revenue, you can measure the progress that your safety and risk management programs make in reducing internal costs throughout the years.

Benefits of Knowing Your TCOR

When business owners accurately measure TCOR, they tend to possess the motivation to invest into a more effective risk management effort, which can provide a significant rate of return. Many business owners use TCOR to realize the following benefits:

  • Increased productivity, profitability and efficiency
  • Reduced costs across the entire business, not just reduced insurance premiums

A better idea of any inconsistencies in the organization’s risk management approach

Tips for Utilizing TCOR

Consider the following tips when evaluating TCOR for your organization:

  • Use a basic framework to break down costs into component categories such as insurance premiums, service provider costs, risk transfer costs and safety department expenses.
  • Identify existing costs for each risk category, expressed as a percentage of overall company revenues.
  • Establish targets for each category for future years.
  • Remember that it’s not just about premiums. TCOR also includes self-insured losses, internal administrative fees and outside vendor fees.
  • Work on one area of TCOR at a time. This helps expose weaknesses in other areas of your risk management program and helps identify problem areas that need attention.
  • Consider all components of TCOR proportionally, and examine how they’re operating in conjunction with each other. If losses are low and premiums are high, there may be a need to reduce annual premiums and retain more predictable losses.
  • Be patient. Don’t expect immediate cost savings. Be prepared to invest in risk management tools that can deliver financial benefits over time.

Contact Hierl Insurance Inc. for a TCOR evaluation and resources that can help you lower your TCOR and improve your bottom line.


Covered Establishments in All States Must Now Submit OSHA Electronic Reports

HIGHLIGHTS

·      The electronic reporting rule now applies to all affected establishments, including establishments in states with OSHA-approved plans.

·      It does not matter whether the state has ratified the electronic reporting requirements.

·      The OSHA ITA is currently available and accepting reports on OSHA 300A forms with 2017 data.

IMPORTANT DATES

December 31, 2017

Due date for first OSHA electronic reports through ITA (submit 2016 data)

July 1, 2018

Due date for second OSHA electronic reports through ITA (submit 2017 data)

OVERVIEW

On April 30, 2018, the Occupational Safety and Health Administration (OSHA) announced it will require all establishments affected by the electronic reporting rule to submit their 2017 data to OSHA by July 1, 2018.

This announcement clarifies the requirement for establishments in states with an OSHA-approved plan. These establishments must submit electronic reports, regardless of whether the state has ratified or incorporated the electronic reporting rule into its OSHA state plan.

ACTION STEPS

Establishments in all states, including those with an OSHA-approved state plan, should prepare to submit electronic reports by July 1, 2018. Affected establishments can accomplish this by:

  • Becoming familiar with the requirements in the electronic reporting rule; and
  • Transitioning their OSHA records to an electronic format approved by the Injury Tracking Application (ITA)

OSHA Electronic Reporting

OSHA’s electronic reporting rule was issued in 2016. The rule requires establishments to report data from their injury and illness records to OSHA electronically if they:

  • Are already required to create and maintain OSHA injury and illness records and have 250 or more employees;
  • Have between 20 and 249 employees and belong to a high-risk industry; or
  • Receive a specific request from OSHA to create, maintain and submit electronic records, even if they would otherwise be exempt from OSHA recordkeeping requirements.

The electronic reporting rule applies to establishments, not employers. An employer may have several worksites or establishments. In these situations, some establishments may be affected while others are not.

To determine whether an establishment is affected, employers must determine each establishment’s peak employment during the calendar year. During this determination, employers must count every individual that worked at that establishment, regardless of whether he or she worked full-time, part-time, or was a temporary or seasonal worker.

OSHA-approved State Plans

The final rule required OSHA-approved state plans to adopt the electronic rule or “substantially identical” requirements within six months of the final rule’s publication date.

This means that OSHA-approved state plans have the authority to adopt reporting requirements that go above and beyond what is required by the federal rule. For this reason, establishments located in OSHA-approved state plan jurisdictions should consult with their local OSHA offices to make sure they are satisfying all electronic reporting requirements.

The OSHA-approved state plans shown on this map have not yet adopted the requirement to submit injury and illness reports electronically.

As a result, establishments in these states were not required to submit their 2016 data through the reporting website in 2017. However, OSHA has now clarified that they must submit their 2017 data in 2018.

All Employers
California

Maryland

Minnesota

South Carolina

Utah

Washington

Wyoming

Public Employers
Illinois

Maine

New Jersey

New York


Eliminate Electronic Distractions from the Workplace

It is a generally accepted fact that the use of cellphones and other electronic devices while driving present a distraction that greatly increases the chance for an accident. Unfortunately, what too many people fail to take into consideration is how distracting these devices can be in other situations.

In an industry of moving machinery and equipment, manufacturing workers are especially susceptible to workplace injury. They need to be alert at all times, as even the smallest slip-up can cause an accident. Not only can an inattentive worker injure themselves but their carelessness can also endanger others. In this type of work environment it is easy to see the importance of minimizing the potential distractions faced by your employees.

Cellphones

Whether it’s talking or texting, cellphone use takes the employees focus off their task. While handheld use compounds the problem, even using a hands-free device does not allow for full concentration. Studies indicate that the act of talking on the phone is distracting regardless of whether the user is physically holding the device or not. It is the conversation itself that takes an employee’s focus off their work and surroundings.

While some employees may need to use a work cellphone as part of their job, it is best to place restrictions on when and where those phones can be used. Personal cellphones should not be allowed on the manufacturing floor at all, as even the momentary distraction of a call or message alert can potentially lead to an accident. Employees should not have phones on their person during work hours unless they are on a break from their duties and are in a designated break area.

Attentive, focused employees are essential to creating a safe work environment. To reduce the chance for employee injury, it is important to keep the workplace free of distractions, such as cellphones and mp3 players.

Mp3 and Other Music Players

There are a variety of audio cues that alert workers to what is happening around them. Unfortunately, when an employee’s hearing is impaired by music, a shout from a coworker, an odd sound from a malfunctioning machine or the backup alarm on a truck or forklift can be easily missed. Besides limiting the worker’s ability to hear what is going on around them, there is also the potential distraction of operating the device. When adjusting volume or switching songs, not only is the employee’s hearing impaired, but they are also visually engaged with the device. This greatly decreases the worker’s awareness of his or her surroundings.

Potential Hearing Loss

In a manufacturing setting it is not uncommon for there to be high noise levels that require proper ear protection to prevent hearing loss. The use of cellphones, hands-free devices and headphones can interfere with an employee’s proper use of protective equipment. Even though such devices may cover the ear, most are not meant to provide hearing protection.

In fact, in noisy situations, devices that administer sound directly into the ear increase dangerous levels of noise exposure as employees turn up volume levels to drown out background noise. The combination of these noise exposures greatly increases the rate of hearing loss, which in turn increases the chance for occupational hearing loss claims.

Electronics Usage Policy

Attentive, focused employees are essential to creating a safe work environment, which is why it is important to eliminate possible distractions. Prohibiting employee use of personal electronic devices can aid in reducing workplace accidents. To clearly state your company’s rules on when and where usage is restricted, institute an electronics usage policy. Once instituted, train your employees in the policy requirements and make sure restrictions are diligently enforced.


The days of employers ignoring the opioid crisis are over

How can employers help reduce the risk of the opioid crisis? The CDC estimates prescription opioid misuse in the U.S. cost $78.5 billion per year. Read on to learn more.


Productivity, medical claims, work injuries, and the company’s bottom line — what do these things all have in common? They are all being drastically affected by the effects of substance abuse. The opioid crisis that is running rampant across the United States is having an impact on employees at every level.

As an employer, what do you need to know to support your employees and reduce the risk of this national crisis?

First, you need to educate yourself on the facts. According to the National Institute on Drug Abuse, every day, more than 115 people in the U.S. die after overdosing on opioids. It is not just the deadly heroin/fentanyl combination that we have been hearing about in the news, sources of opioid addiction include prescription pain relievers such as hydrocodone, oxycodone, oxymorphone, morphine, codeine, and other prescribed substances.

See also: A look at how the opioid crisis has affected people with employer coverage

The Center for Disease Control and Prevention estimates prescription opioid misuse in the U.S. cost $78.5 billion per year; affecting medical spend, productivity, and law enforcement supervision.

Substance abuse does not discriminate on any demographic, however if your business is construction, entertainment, recreation, or food service, the National Safety Council found your employees are twice as likelyas the national average to have substance abuse disorders.

Secondly, you need to take action. The most important thing an employer can do is to have a proactive plan in place to help your employees live a healthy lifestyle. It is easy to get in the habit of saying “that does not happen here,” but the reality is substance abuse can — and does — happen anywhere.

Solving the opioid crisis won’t happen overnight, but here are some steps to take to build a better relationship with your employees and quite possibly help someone overcome a substance abuse problem.

Train your staff. Explain what resources are available to help them help your employees. If you have an employee assistance program in place, leverage it, and have the information easily available so any employee can access the information at any time. This will help lower the fear barrier for employees who are not ready to ask someone they know for help. If you do not have the right resources in place today there are many programs available, and it is important that you adopt one that will fit your culture and help employees be high performers.

See also: Employers take steps to address opioid crisis

Show employees you care. Look for signs and symptoms that an employee might have a problem with substance abuse. Make sure supervisors, managers, and team leaders are aware of these signs and what actions they should take. Have an open door policy, and make sure your employees feel they can ask for assistance when they need it. It is important to know how to handle sensitive, often painful, discussions in a professional and action-oriented manner. It is essential that you have the right steps in place to ensure leadership is aligned with the organization’s strategy on how best to help your at-risk population.

Be transparent. Have clear policies in place that promote a drug-free workplace. Consider expanding your drug testing panel to include opioids.

Share the savings. Consider sharing the dollars a successful well-being program will save your organization’s bottom line through lower prescription drug costs and less lost productivity due to illness and time away from work.

See also: Taking A Page From Pharma’s Playbook To Fight The Opioid Crisis

If your organization is struggling with how to successfully address the challenges of substance abuse and opioid addiction, seek out employee benefit consultants to help you develop a strategy for success. Like anyone with an addiction, there is no shame in asking for help.

SOURCE: Panning, C (7 September 2018) "The days of employers ignoring the opioid crisis are over" (Web Blog Post). Retrieved from https://www.benefitnews.com/opinion/employers-cannot-ignoring-the-opioid-crisis?feed=00000152-a2fb-d118-ab57-b3ff6e310000


Construction Risk Advisor: September 2018

Industry Overspending $177 Billion Per Year

The average time construction professionals in the U.S. spend on avoidable issues like conflict resolution, rework and looking for project data costs the industry over $177 billion annually, according to a new report.

The participants surveyed for the report said they spend 65 percent of their time on “optimal” activities like communicating with stakeholders and optimizing resources that keep projects on track. They spend the remaining 35 percent of their time on “nonoptimal” tasks like hunting down project information, resolving conflicts and dealing with mistakes that require rework. That amounts to almost two full working days lost per person each week.

Some of the reasons for the nonoptimal costs include poor communication, constrained access to data, incorrect data and the lack of an easy way to share data with stakeholders. Another possible reason is that more than 80 percent of the survey’s respondents said they don’t use mobile devices to collaborate and access project data, despite the fact that mobile devices could help them work more efficiently.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter

States Say Contractors Must Guarantee Wages

Maryland’s General Contractor Liability for Unpaid Wages Act becomes effective on Oct. 1, making private contractors for prime construction projects in the state financially responsible for unpaid wages of subcontractor employees. And unless the reason for nonpayment is related to a legitimate dispute, general contractors could be held responsible for up to three times the amount owed, plus attorney fees.

California and Oregon also enacted similar laws earlier this year. In California, general contractors are now liable for the unpaid wages of any employee who furnishes labor to or through them, plus unpaid benefits and interest.

Oregon’s wage protection law creates liability for the general contractor only if the worker’s subcontractor employer has not yet been paid in full.

Mitigating The Risk

In order to reduce the risk of general contractors having to pay their subcontractors’ employee wages, some industry experts are recommending that subcontractors provide their own payment bonds.

Opponents of the recent laws argue that it could be difficult for subcontractors on rocky financial ground to meet bond underwriting requirements. And since large projects could require several new bonds per job, overall project costs could increase significantly. Plus, if subcontractors don’t pay up, prime contractors will have to pay twice for the same labor.


The DOL Audit: Understanding the spectrum of risk

Avoiding Department of Labor (DOL) audits are the best way to survive them but audits can happen. Read on to learn more about the spectrum of risks.


Risk is discussed in many contexts in the retirement plan industry. It comes up as a sales tactic; as good counsel from trusted advisors preaching procedural prudence; or, often, in the form of intimidating industry vernacular like fiduciary liability, fidelity bond or the big, bad Department of Labor.

This DOL paranoia is an underlying motivation that drives the risk conversation with distributors and retirement plan sponsors. Naturally, the question of probability comes up: What is the likelihood the DOL will audit my plan? The answer is low, but it can happen.

When evaluating retirement plans in terms of risk, it’s best viewed as a spectrum. Generally, risk falls into three principal areas of concern.

Lawsuit risk: The likelihood of a fiduciary-based lawsuit for most plan sponsors is very low. However, if this does arise, it will be unpleasant and expensive, both financially and in terms of reputation.

Administrative breach: Upon inspection, most plans will have some kind of operational defect. Typically, these are either an administrative, fiduciary or a document-level defect. If left uncorrected, they are potentially disqualifying. The good news is the IRS has corrective methods in place for the most common errors. Generally, these are relatively inexpensive to correct but will cost clients a little time and money, and likely some aggravation.

DOL/IRS audit risk: It’s usually the administrative breach discussed above that leads to the DOL/IRS investigation or audit. These agencies are not interested in disqualifying plans; they are more interested in correcting them and protecting the participants from misdeeds (intentional or not).

When a DOL audit does happen, it tends to occur because someone invited investigation. This could be the result of a disgruntled former employee, a standard IRS audit that somehow spiraled into a full DOL investigation or a variety of other reasons. So, what can employers and their service providers do to avoid an audit?

The IRS and DOL don’t publish an official list of items that could lead to an investigation, but it’s a good idea to look at your plan’s most recent IRS Form 5500 filings to decrease the likelihood of an audit. This is publicly available information that can signal to government agencies that something might be wrong and they should take a closer look. Some of the more common red flags include:

  • Line items that are left blank when the instructions require an answer
  • Inconsistencies in the data disclosed on the Form 5500 schedules
  • A large drop in the number of participants from one year to the next
  • A large dollar amount in the “Other” asset line on the Schedule H
  • Having an insufficient level for the plan’s required Fidelity Bond
  • Consistently late deposits or deferrals and hard-to-value or non-marketable investments (including self-directed brokerage accounts or employer stock) could be counted as red flags as well.

Plan sponsors should make sure that 5500s are completed with the same care and attention to detail used when filling out IRS 1040, and ensure the plan is being governed properly and in compliance with ERISA. This can be a challenge even for the most well-intentioned plan sponsors, given the complexity of the task and the fact that most employers don’t have the expertise in-house.

Calling in a specialist

But you don’t need to navigate these waters on your own. Instead, you might consider the “Prudent Man” rule, which implies that when expertise is required yet absent, a prudent person outsources the needed expertise. There is a wealth of talented retirement plan specialists and advisors available to help guide you through the audit process or, better yet, steer clear of it altogether.

When considering whether to employ one of these specialists, you will need to evaluate their experience, expertise and training, as well as if they provide services to help the plan sponsor keep the DOL (and the IRS) out of their offices. Some commonly available services include:

  • 5500 reviews to help plan sponsors avoid potential audit triggers
  • Coaching services to help plan sponsors identify and eliminate some of those difficult-to-value assets like employer stock or self-directed brokerage accounts
  • Service provider evaluations to help plan sponsors identify those who will work as a plan fiduciary and put the appropriate guardrails in place on an automated basis

In conclusion, the best way to survive a potential DOL investigation or IRS audit is to avoid one altogether. Committing to best practices for running the plan may mean outsourcing a great deal of the work to specialist retirement plan providers and advisors. Plan sponsors would be wise to consider working with service providers who operate as plan fiduciaries themselves. In this way, you’re more likely to avoid problems and achieve better plan results, leading to better outcomes for everyone.

SOURCE: Grantz, J (7 June 2018) "The DOL Audit: Understanding the spectrum of risk" (Web Blog Post). Retrieved from https://www.benefitnews.com/opinion/dol-audit-understanding-the-spectrum-of-risk?feed=00000152-18a5-d58e-ad5a-99fd31fe0000


Agriculture Risk Advisor: September/October 2018

3 Tips For Hiring Farm Labor

With some farmers struggling to find reliable farm labor, it is important to invest some thought in the hiring process. Here are some tips for finding the right help:

  1. Examine your needs. You might have a general idea in your head of what work needs to be done, but it’s best to be specific. Narrow down broad processes into specific jobs so you can determine how much help you truly need.
  2. Think about desired traits. Do you need someone to fill a temporary need, or are you hoping that person can go on to fill a managerial role? You’ll have to determine whether people skills are more important than manual labor or machinery skills, and list those traits in your job description.
  3. Consider hiring for a trial period. If you’re hesitant about a candidate but need immediate help, consider hiring them for a short-term trial period. This saves you from high employee turnover while buying you time to recognize your needs. It allows both you and the worker to communicate any frustrations and expectations after the trial period before considering whether the working relationship is worth investing in long term.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter

Rise Of Robotics In Farming

Producers are increasingly considering using farming robots to replace human workers who either can’t or aren’t interested in picking crops. Agriculture is a prime market for robotics since it is less regulated than other industries.

Robots Needed To Fill Unwanted Jobs

Farming’s labor crunch is a global problem, and industry experts expect things to get worse in the years to come. Produce growers are struggling to man the fields, and higher wages aren’t persuading people to perform the physically demanding tasks.

According to the Department of Labor, the 2017 median pay for an agricultural worker was $11.41 per hour. In California, farm wages can top $20 per hour. But this is still not enough to attract laborers at a sufficient level.

Advances In Farming Technology

Driscoll’s, one of America’s largest produce distributors, has been testing a robot made by Harvest CROO Robotics, a Florida-based startup. The robot is capable of covering 8 acres in a single day and replacing a team of more than 30 human pickers.

Another emerging farming technology is a “no-touch” vineyard developed by researchers at UC Davis, which waters vines and picks fruit while improving yields, quality and costs. It costs about 7 cents in labor per vine to manage the touchless vineyard, compared to $1 per vine in a conventional vineyard.

Although robotics isn’t expected to steal all of the farming labor jobs, experts believe it could still be a disruptive technology, requiring a change in the way traditional growers operate.


Cyber Risks & Liabilities: September/October 2018

In this Issue

Who’s to Blame if a Security Breach Affects Your Organization?

A recent survey found that 70 percent of consumers expect businesses to take responsibility in the event of a data breach. But who within your organization should take the heat?

Acronyms All Businesses Need to Know

As cyber security evolves, it’s easy to become overwhelmed with all the terms and acronyms used. This article lists some of the most common acronyms in cyber security.

Increase in Attacks Against 911 Call Centers Highlight Need for New System

There have been 184 cyber attacks on public safety agencies and local governments since 2016, and 42 of those attacks targeted 911 call centers

Who’s to Blame if a Security Breach Affects Your Organization?

If a security breach affects your organization, your main focus may be to solve the problem as quickly as you can, not point the finger in blame. But your customers want to know why it happened and who was responsible, even if the breach occurred because of their own lax security measures (e.g., sharing passwords or opening suspicious emails). In fact, a recent survey found that 70 percent of consumers expect businesses to take responsibility in the event of a data breach. But who within your organization should take the heat?

The CEO

If an organization doesn’t budget enough for security solutions, the fault will likely be placed on whoever makes the financial decisions, stemming from the CEO. In fact, 29 percent of IT decision-makers who took part in a recent VMware survey thought that the CEO should be held responsible in the event of a large-scale data breach.

The CISO

If a data breach occurs even after your company adequately budgets for cyber security solutions, 21 percent of IT security professionals surveyed would still hold your CISO accountable in the event of a data breach.

IT Personnel

According to a 2014 report, 95 percent of cyber security incidents are due to human error. That’s why personnel who manage IT security on a regular basis are easy targets for blame.

Other Employees

While accountability may start with the CEO and board of directors, everyone in your organization should take responsibility for cyber security. Even if you have the most modern cyber security technology, its return on investment will be nonexistent without full employee participation

Increase in Attacks Against 911 Call Centers Highlight Need for New System

There have been 184 cyber attacks on public safety agencies and local governments since 2016, and 42 of those attacks targeted 911 call centers, according to cyber security firm SecuLore Solutions.

Over half of the attacks involved ransomware, in which hackers used a virus to control the emergency systems and hold them hostage for payment. Most of the remaining attacks were denial-of-service attacks, which involved a flood of fake calls that prevented call centers from addressing valid emergency calls.

Due to the vulnerabilities in the current 911 system and the fact that it doesn’t address the ways people communicate in the modern world—such as through texts—the emergency response industry is encouraging state and local governments to adopt a system called Next Generation 911.

The Next Generation 911 system will have advanced security and be able to seamlessly move incoming calls to other centers when needed. The new system also gives callers the choice of calling from a phone line or sending data through approved telecommunications carriers and internet service providers.

Next Generation 911 is expensive, however, and governments have been slow to adopt it. Plus, its increased connectivity also opens new potential means of attack, according to industry experts. Sophisticated defense systems run by in-house cyber security teams will be vital as the emergency response industry adopts any new technology.

Acronyms All Businesses Need to Know

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter