Author, Jack Marrs, Associate Account Executive, Rancho Mesa Insurance Services, Inc.

Social engineering fraud is when cybercriminals impersonate a trusted individual to manipulate others into performing actions such as making wire transfers, sharing confidential information, or granting access to their systems. It is often confused with hacking, but the two are fundamentally different. Hacking involves identifying vulnerabilities in software to breach a system, where as social engineering fraud relies on impersonation and manipulation to trick individuals into helping the cybercriminal.

There are multiple types of social engineering fraud schemes, but the most common one is called phishing. CrowdStrike, a global cybersecurity firm, defines phishing as “a cyberattack that leverages email, phone, SMS, social media or other form of personal communication to entice users to click a malicious link, download infected files or reveal personal information, such as passwords or account numbers.” This form of social engineering fraud has increased in popularity since the start of the pandemic as a result of an increase in the population working remote.

Research highlights that 98% of all cyberattacks come from some type of social engineering fraud. In the U.S., more that 80% of businesses have experienced phishing attacks, and nearly all successful network breaches (95%) involve phishing tactics. These statistics show that social engineering fraud is growing and can be challenging to detect because it is designed to grab the user’s attention through human emotions to manipulate their victims. Given these statistics, it is crucial that organizations adopt trainings and proactive measures to prevent these types of cyberattacks.

Even with an increase in these types of crimes, there are strategies organizations can put into place to mitigate risks.  

Trainings

Employees need to know exactly what social engineering fraud looks like and how to identify phishing emails, fraudulent phone calls, and other common tactics. Organizations should implement in-house phishing attempts to their own employees to practice guarding against these attacks. It is important that employees are mindful when receiving a potential fraudulent email and they should be checking the source by confirming with person it came from that it is a legitimate request. This is especially important if the email is requesting personal information like passwords or asking to wire money. Educating your employees will help build awareness and help guard against these kinds of cyberattacks.

Secure Devices

Organizations will need to make sure their anti-malware and antivirus software is always up to date to block malware from phishing emails before it reaches the receiver. Another way to secure your devices is to always use different passwords for your various accounts. If you have multiple passwords and a cybercriminal does get ahold of one of your passwords, they are not able to login into other accounts. Also, implementing a two-factor authentication process will also help guard against these attacks. If a cybercriminal does obtain a password, there is now a second step that is required by requesting a text message with a confirmation code or asking a security question.

Minimize Your Digital Footprint

Cyber criminals use social media to their advantage to gather personal information. Kaspersky, an international cybersecurity company, shares an example of how a common security question many banks ask is ‘what is the name of your first pet.’ However, the security firm points out that if someone innocently shares this information on Facebook or other social media sites, you could be vulnerable to a cybercrime. “In addition, some social engineering attacks will try to gain credibility by referring to recent events you may have shared on social networks,” explains Kaspersky. To protect yourself, make sure all of your social media accounts are set to private so only friends and family are able to see what you post. Also, make sure your social media accounts do not include addresses and phone numbers. These easy precautions will guard against social engineering fraud. 

Get Cyber Liability Insurance

While you can implement all the best strategies to protect your organization from social engineering fraud, it is still a best practice to talk to your risk advisor about a cyber-liability policy. They can explain the coverage and help you mitigate the risks.     

Social engineering fraud is a growing threat for individuals and organizations of all sizes. By implementing these strategies, organizations can help mitigate this risk. Focus on educating your employees by building awareness of what social engineering fraud is and looks like, securing your devices through anti-virus software and implementing two factor authorizations. Lastly, minimize your digital footprint by making sure your social media accounts are set to private and not sharing personal information. By implementing and practicing these steps, organizations and individuals will be better equipped to defend themselves from social engineering fraud.

For questions about your risk management program, contact me at (619)486-6569 or jmarrs@ranchomesa.com.

Author, Sam Brown, Account Executive, Rancho Mesa Insurance Services, Inc.

On Friday, July 14th Rancho Mesa hosted a popular workshop titled “Cyber Liability Explained: Hacking Trends for 2023” with presenter Beau Bechelli of Evolve MGA. His 60-minute presentation educated the audience on the cost of cyber attacks, the most common types of attacks, and practical ways to help reduce the threat of a breach.

This article will cover recommended steps an organization should take immediately following a data breach.

Call Insurance Agent

Immediately call the business’ insurance agent or the cyber insurance policy’s claim reporting line to report details of the incident.  

Secure Operations

According to the FTC.gov’s Data Breach Response Guide, an organization should first take steps to quickly secure its operations. This may require:

• New locks and access codes to physical areas

• Taking all affected equipment offline immediately

• Remove improperly posted information from the organization’s website

• Search for the organization’s exposed information on the web

FTC.gov also recommends interviewing individuals who discovered the breach and advises against destroying evidence.

Address Vulnerabilities

The organization should next address the system’s vulnerabilities compromised in the breach. Contact any service providers involved to assess the personal information to which the provider had access and determine if it’s necessary to change access privileges.

Work with the forensics team to understand if the breach is contained and determine the status of the network’s backup data. This process should also produce the number and types of records compromised. Begin corrective measures as soon as possible.   

Notify Appropriate Parties

The guide instructs businesses to notify law enforcement, other affected businesses, and affected individuals. Work with the insurance company’s assigned legal counsel to ensure compliance with all state and federal notification requirements.

Please refer to the Federal Trade Commission’s Data Breach Response Guide for more detailed steps.

For those who are interested in learning more about how cyber-crimes affect real businesses, watch “Cyber Liability Explained: Hacking Trends for 2023.”

 Contact me to discuss the merits of cyber liability insurance or a possible data breach at (619) 937-0175 or sbrown@ranchomesa.com.

Author, Jeremy Hoolihan, Account Executive, Rancho Mesa Insurance Services, Inc.

Cybercrimes are at an all-time high. News sources report cybercrimes almost on a daily basis with most of the press relating to company breaches and cyber extortion. However, one of the biggest cyber threats that is often overlooked is Business Email Compromise (BEC).

BEC is a type of email cybercrime scam in which an attacker targets a business to defraud the company. BEC attacks use real or impersonated business email accounts to defraud employees. In 2020, BEC scammers made over $1.8 billion – far more than any other type of cybercrime.

In this type of cybercrime, the scammer sends an email that looks like it came from someone the recipient knows, like a superior or co-worker, and asks them to do perform a task. For example, the email may request:

• A change to a vendor’s mailing address so future payments are sent to the scammer and not to the actual vendor.

• An employee to purchase gift cards for a charity auction or employee rewards and then asks for the serial numbers on the cards so the scammers can use them without ever having the physical card.

• A client is sent an email with wire instructions for payment of an invoice that appears to come from your company, but instead it is for the scammer’s bank account.

BEC scams use a variety of impersonation techniques. The following 3 techniques tend to be the most common:

• A spoofed email address or website often has a slight variation from the legitimate address or URL. At a quick glance, the spoofed email address may fool victims into thinking it’s authentic. However, upon a closer look, an “L” might be switched out for a “I” or an “0” for an “o.”

• Phishing emails appear to come from a trusted sender in order to trick the victim into providing personal or confidential information like account numbers, usernames, personal identification numbers, passwords or answers to security questions. Then, the information is used to gain access to networks, accounts, and other data.

• Cyber criminals can infiltrate a company’s network using malicious software and gain access to networks and legitimate emails, often getting information about billing and invoices. This type of cybercrime is often unnoticed until it is too late.

For ways on how to protect your business from BEC claims, Rancho Mesa recommends first starting with a Cyber Liability policy. A comprehensive Cyber Liability policy will not only respond to BEC claims, but it can also provide coverage for other cybercrimes such as cyber extortion, cyber breach, and network security. If you have an interest in obtaining a Cyber Liability policy please feel free to reach out to me at 619-937-0174 or jhoolihan@ranchomesa.com.

Author, Sam Brown, Vice President of the Human Services Group, Rancho Mesa Insurance Services, Inc.

The dramatic increase in cyber-attacks since 2020 has resulted in employer pain and made headlines as the economic cost skyrockets. The recent Hiscox Cyber Readiness Report 2021 states that the number of firms attacked rose from 38% to 43%. Not surprisingly, more than 28% of those employers suffered multiple cyber-attacks.

Determining the cost of a breach can be difficult, but the report states that one-in-six firms’ survival was threatened. Over 58% of firms hit with a ransom paid the threat-actors to regain access to the computer system and vital information. In 2020, the standalone cyber loss ratio increased to 73%, its highest level since separate cyber data were included in financial reporting, six years ago.

The increase in cyber-attacks and claim payouts is causing alarm in both insurance companies and businesses. According to the Insurance Journal, insurance companies are quoting significant premium rate increases and tighter coverage terms to improve underwriting performance and profitability. The average cyber renewal premium rate increased 11%. Meanwhile, written premiums for standalone cyber coverage increased 29% in 2020, a sign of growing demand.

The shift to a remote workforce and an increase in phishing email has tested network security systems. Fortunately, many insurance carriers now offer a cyber readiness assessment to help policyholders address vulnerabilities and avoid cyber-attacks.

As cyber-attacks continue, it is important for all employers to learn more about the specific exposures that cyber insurance coverage can cover along with ways to improve cyber security.

We will be offering a Cyber Liability workshop in the coming weeks, so be sure to look for that information on our workshops and webinars webpage.

Please contact me at (619) 937-0175 or sbrown@ranchomesa.com to discuss our process of developing competitive quote options.

Author, Dave Garcia, President, Rancho Mesa Insurance Services, Inc.

As we come to the end of 2020, the most challenging year most of us have ever experienced, where COVID-19, wild fires and other natural disasters took their toll emotionally, physically, mentally and financially on all of us, we can only hope for a brighter 2021.

The insurance industry did not escape the impact of COVID-19 and the natural disasters, either. Insurance companies, along with their reinsurance companies, suffered catastrophic losses as a result. As with many industries, there will be lagging actions that will take place in 2021 to help these companies in their efforts to recover.

While there really isn’t a line of insurance that wasn’t impacted, the lines of insurance that suffered the greatest losses and impacts include:

• Property

• General Liability

• Excess/Umbrella

• Workers’ Compensation

• EPLI

• Cyber Liability

• Surety

• Employee Benefits

For this article, I will limit my discussion to the property and casualty lines and leave surety and employee benefits to another day.

To offset these losses, I anticipate any number of steps insurance companies will take as we move into 2021. But, let me just touch on those that I think will have the greatest impact and need for attention to business owners in 2021. 

Let’s review these and I will try and give you a small sampling of the implications for each action.

• Non-renewing policies

  • Carriers in many cases will not offer renewal terms.

• Reducing coverage limits and terms

  • Increasing deductibles, lowering aggregate limits particularly in the excess/umbrella marketplace.

• Add new exclusions

  • Businesses will start to see “communicable disease” exclusions added to various lines of insurance.

• Increase underwriting information needed

  • A higher emphasis on information particularly as it relates to a business’s policies and procedures to mitigate COVID-19.

• Raise premiums

  • This is the ultimate consequence and one we are all anticipating to see beginning in early 2021.

To many businesses, this will seem daunting and hopeless - one more hurdle to overcome to keep their businesses going. However, there are proactive steps you can take to mitigate these circumstances and have a strong year despite the adversity.

I’m a firm believer in being pro-active and not re-active. Following are steps you can take to meet this challenge head on:

• Meet with your insurance advisor 90-120 days from your renewal date.

• Understand the specific challenges you will be facing.

• Create a strategy on how to approach the insurance marketplace to ensure the most cost effective and comprehensive risk management program.

• Review and enhance your existing safety program. Rancho Mesa offers our RM365 Advantage Safety Star™ certification program. This is a comprehensive web-enabled training course designed to enable your employees from supervisory to front-line workers to be trained and certified in safety best practices. The insurance marketplace already places a high value on these types of safety trainings and certifications, so this will help your company’s productivity through fewer claims but also position you in a more favorable position in the marketplace.

• Benchmark your company’s safety performance to your industry and see which areas you are outperforming your peers and areas that need your attention. Rancho Mesa offers a benchmarking report we call StatTrac™ to our clients or to other companies who want to see where they stack up.

To close, let me reassure you there is light at the end of the tunnel for 2021. Be proactive; start 90-120 day out from your renewal; don’t let insurance issues sneak up on you; attack them head on and I believe you can make 2021 a great year for you and your company.

If you have any questions or want any help in devising a plan and you are a construction company, please reach out to Sam Clayton, our Construction Group Leader at sclayton@ranchomesa.com. If you are in the human services industry, schools, non-profit, healthcare, assisted living, etc., please reach out to Sam Brown, our Human Services Group Leader. And finally, we can be reached at (619) 937-0164 or at our website, www.ranchomesa.com.

I really believe there is no limit to what you can do – best of luck in 2021.

Author, Sam Brown, Vice President, Human Services Group, Rancho Mesa Insurance Services, Inc.

As American employers navigate the Coronavirus Pandemic, many business leaders quickly adapted to a virtual office and virtual workforce. While many organizations anxiously wait for the day employees can all safely head into the office Monday through Friday, employers must adjust risk management practices to account for the virtual workforce.

Cyber Crime

Prior to the pandemic, the FBI would routinely receive 1,000 cybersecurity complaints, daily. Since the COVID-19 outbreak began, the number of complaints has increased to 3,000 to 4,000 every day according to Tonya Ugoretz, deputy assistant director of cyber division of the FBI in a webinar hosted earlier this year. The most commonly targeted industries are health care, manufacturing, financial services, and public sector organizations. Stated plainly, cyber criminals are successfully exploiting weak virtual cybersecurity and poor execution on the part of remote employees.

Brett Landry of Landry IT, recently stated that 85% of employees circumvent “acceptable use” policies when using a company owned device, reinforcing the need for increased employee training.

Mr. Landry highly recommends employers update security patches on all devices, adopt a higher standard for password security, utilize two-factor authentication, and train employees how to recognize phishing and social engineering efforts.

How will a cyber liability insurance policy respond to this new threat?

Important questions to ask:

• Will my policy cover a remote exposure?

• Will my policy cover incidents involving personal devices?

• Is Social Engineering covered?   

• Will my policy respond if an employee does not follow company procedures?

Workers’ Compensation

Allowing employees to work from home has resulted in some employees moving out of state. When this occurs, the employer should report the new working address to the insurance company to ensure the workers’ compensation insurance policy will cover an injury. In some cases, the insurance company can add the new location. If not, then the employer may need to purchase a separate workers’ compensation policy for that employee’s new state.

In an effort to manage the risk of employee injury, employers should design and implement work-from-home policies. Effective policies will clearly define work hours, communicate standards for a home office, train employees on ergonomics, reinforce work and safety rules, and remind employees of the claim reporting process. Establishing the above expectations may help employees avoid injury and legal disputes over compensability.   

Directors & Officers Liability

Remember that a Directors & Officers Liability policy protects individuals from personal losses if sued for their role as a director or an officer of a company and not indemnified by the company. While a move to a virtual workforce doesn’t inherently put a board member at risk, big changes to company policy can result in missteps if employees do not receive proper communication and training. Ultimately, directors and officers are held accountable if company policies are not followed, highlighting the need for diligent execution of important company changes.

Rancho Mesa supports clients in developing employee manuals, work-from-home policies, and 2021 changes to labor law. Please contact me at (619) 937-0175 to discuss how Rancho Mesa can support your business or mission.

Author, Drew Garcia, Vice President, Landscape Group, Rancho Mesa Insurance Services, Inc.

Even prior to the COVID-19 pandemic, many construction companies were utilizing some form of cloud-based systems to effectively streamline business operations and increase accessibility of information. While hosting sensitive data in the cloud has many benefits like shared access to data, applications and storage, there are some risks contractors should take into account before relinquishing their data to the cloud.

A leading provid//er of Cyber Liability insurance, CNA references three key risks companies utilizing cloud technology need to be aware of in an recent article, “Cloud computing 101: Getting clear about the cloud.” CNA explains data protection, data loss/disruption and inappropriate access are risks business take on in exchange for the benefits of cloud computing.

Data Protection

Protecting data is essential for any organization. Customers’ personal and payment information may be stolen by hackers once the data is stored in the cloud or even while in transit. So, your data in the cloud must be secured through encryption to prevent the data from being usable if stolen. As the cloud customer, the company should manage the encryption keys to ensure only authorized users can decrypt the data.

Data Loss / Disruption

You may be thinking about moving your data to the cloud as a way to protect it from electrical outages, fire, flood and other natural disasters. However, your cloud hosting provider can be left inoperable due to similar calamities. Before hosting your data in the cloud, review your host’s back-up and redundancies to ensure there will be a copy of your data available if something should happen to the host’s servers. Have a plan in place to help navigate your most critical information in the event something like this occurs. 

Inappropriate Access

When storing data in the cloud, it is imperative the company ensures stringent and complex user authentication. This may mean passwords are changed frequently or two-factor authentication is deployed to ensure hackers can’t find their way to your data. When you manage a large user-base, the risk rises. Ensure former employees no longer have access to your data by changing security rights or disabling their account. Complex user authentication can be an effective deterrent to keep those who should not have access to your information from finding their way into your network.

Assuming your information is safe and secure in the cloud is misleading. Be proactive in protecting your information and round out your risk management program with a strong cyber liability program that can fulfill your cloud based risk needs.

For more information about the CyberOne™ program, contact Rancho Mesa.

Article edited 4/19/2021.

Author, Sam Clayton, Vice President, Construction Group, Rancho Mesa Insurance Services, Inc.

Target, Capital One, and Equifax are all Fortune 500 Companies and household names we recognize. All have experienced a cyber liability breach in the last decade. When we hear of a data breach, we typically think of large corporations or more recently municipalities that collect customers’ personal identification information or are using technology to manage physical locations (i.e. buildings), transit systems, and people. However, just about any large, medium or small organization that uses technology to operate their business faces a cyber-exposure. And, as technology becomes more complex and sophisticated, so do the threats we face, which is why every business and organization needs to be prepared with both cyber liability insurance and an effective cyber security plan to manage and mitigate cyber risk. Below are two different cyber threats your company faces on a daily basis.

Ransomware is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment, typically in the form of Bitcoin, in order to unlock and regain access to your data.

Social Engineering is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity via e-mail. This is typically accomplished by directing users to enter personal information at a fake website which matches the look and feel of the legitimate website.

A Cyber Liability Policy can help protect against data breaches and other evolving cyber exposures that are not covered by a standard property and general liability policy. These policies can respond in multiple ways such as credit card data remediation and notifications expense, network and information security liability, regulatory defense expense, crisis management expenses and computer program and electronic data restoration expenses.

In addition to the coverages above, many cyber insurers offer policyholders pre-breach services, employee training and IT forensics specialists. Some also provide data breach “coaches” who specialize in the unique legal and regulatory issues surrounding breaches, and will assist businesses with navigating the response process and ensure compliance with state and federal privacy laws.

Please contact Rancho Mesa to learn more about implementing a strong Cyber Prevention Plan.

Author, Jeremy Hoolihan, Account Executive, Rancho Mesa Insurance Services, Inc.

Working within the construction unit at Rancho Mesa for over 15 years, I have developed strong long-term business relationships with my clients. As an insurance advisor, I have an obligation to insulate clients from exposures and liabilities. Many of which may remain the same from year to year. However, it is vital that business owners meet with their insurance advisor frequently, especially prior to an insurance renewal, to avoid potential gaps in coverage.  Below are a few key topics that should be reviewed on a regular basis by a company’s insurance advisor. 

Review and Discuss Business Operations

It’s always a good business practice to have the insurance advisor review the business’s operations to see if there have been any changes that could affect its risk profile.  For example, I once had a client in the construction industry that specialized in commercial tenant improvement work. The company wanted to start a residential construction division. By understanding this change before it actually took place it provided us the time to adequately access the differences in the insurance exposures between the commercial and residential marketplace.  As a result, we were able to proactively and affordably place their coverage with an insurance carrier that was comfortable with both exposures.

Review Financial Projections

With the economy fluctuating year to year, it is vital that you meet with your insurance advisor and go over your financial projections for the coming policy term.  These items should include projected; annual sales, payrolls, subcontract costs and any changes in your surety requirements. These factors will help in not only negotiating the most favorable renewal terms for you but help to avoid any unforeseen expenses like a large final audit

Discuss Business Assets

Businesses routinely buy, sell, and upgrade their tools, equipment, and vehicles. While most are conditioned to notify their insurance advisor of any changes, it is always a good business practice to review assets with the insurance advisor at each pre-renewal meeting. It is common that there are items that were either sold (that need to be removed) or new (that need to be added to policies). By reviewing the assets on a regular basis, it minimizes the chance that items are missed and you either are paying premium on an item you no longer have or have an uninsured loss.

Discuss and Revisit Recommended Coverages

Recommended coverages may include an Umbrella, Pollution Liability, Professional Liability, Employment Practices Liability, and Cyber Liability policies. Even if you have discussed these coverages in the past with your insurance advisor and have declined them, they should not assume you will do so again in the future. The business climate is constantly changing; therefore, so are the risks you are facing.  Understanding where you have gaps  in your risk management profile and making informed decisions to either transfer the risk to an insurance carrier (purchase insurance) or retain the risk yourself (don’t purchase insurance) is always a Best Practices standard.

If you would like to discuss and learn more about Rancho Mesa’s proprietary risk management tools and explore our help in developing a Risk Management program based on your specific business needs, you can reach out to me at 619-937-0174.

Author, Alyssa Burley, Client Services Coordinator, Rancho Mesa Insurance Services, Inc.

With the recent cyberattacks spreading across the globe, Rancho Mesa would like to remind its clients to take the necessary precautions to protect their business’s data.

We have supplied two documents to help you prevent a cyberattack: "Cybersecurity for Small Businesses” and “Cyber Security Planning Guide.”  Each of the documents may also be found in the Risk Management Center’s Library.

For questions about Cyber Liability insurance, contact us at (619) 937-0164.

As technology and the common usage of the internet in business grow, Cyber Crime is an ever increasing exposure for businesses.  Most businesses carry large quantities of sensitive data that if breached, can create a financial and administrative headache.  Many business owners are unaware of the real exposures they have should their information be compromised, whether directly or indirectly.  Here are two of the most common costs:

Required Notifications under HIPAA
Businesses are required to notify affected individuals following the discovery of a breach.  If more than 500 individuals are affected in a given state or jurisdictions, they are required to notify the media as well.  A 2015 article from the HIPAA Journal estimated the average cost per record is $154.  That means if you had a known breach resulting in 100 clients’ information being breached (regardless of what they do with the information) you would be paying roughly $15,000 just to notify the public.  This does not include the added IT costs needed to further investigate/mitigate any losses.

Violations Under HIPAA
Violations vary depending on the degree to which a business is found negligent.  The mildest violation is a Category 1, while the most severe is a Category 4.  In the case of a Category 1 violation, a business will be penalized $100 per violation, even if they were unaware and reasonably could not have avoided a breach.  Category 4 violations can be up to $50,000 per violation.

This is an ever growing exposure that is often overlooked until it happens and then the realization of what’s required hits home.  However, there is a way for companies of all sizes to protect themselves from these exposures by including Cyber Liability coverage as a part of their risk management program.  This coverage is available and will step in and pay some of the costs associated with a breach.  These costs include HIPAA fines, notification costs, credit protection costs and forensic investigation. 

This is such a growing area of concern that we have scheduled a “Cyber Liability” workshop for May 10th where an expert on this topic from Philadelphia Insurance Company will lead the workshop and provide both an overview of the trends and threats as well as answering specific questions.  If you or someone from your company is interested in attending this workshop, you can register for it below.  

Contact our Rancho Mesa staff to learn more about Cyber Liability.