Author, Sam Brown, Account Executive, Rancho Mesa Insurance Services, Inc.

On Friday, July 14th Rancho Mesa hosted a popular workshop titled “Cyber Liability Explained: Hacking Trends for 2023” with presenter Beau Bechelli of Evolve MGA. His 60-minute presentation educated the audience on the cost of cyber attacks, the most common types of attacks, and practical ways to help reduce the threat of a breach.

This article will cover recommended steps an organization should take immediately following a data breach.

Call Insurance Agent

Immediately call the business’ insurance agent or the cyber insurance policy’s claim reporting line to report details of the incident.  

Secure Operations

According to the FTC.gov’s Data Breach Response Guide, an organization should first take steps to quickly secure its operations. This may require:

• New locks and access codes to physical areas

• Taking all affected equipment offline immediately

• Remove improperly posted information from the organization’s website

• Search for the organization’s exposed information on the web

FTC.gov also recommends interviewing individuals who discovered the breach and advises against destroying evidence.

Address Vulnerabilities

The organization should next address the system’s vulnerabilities compromised in the breach. Contact any service providers involved to assess the personal information to which the provider had access and determine if it’s necessary to change access privileges.

Work with the forensics team to understand if the breach is contained and determine the status of the network’s backup data. This process should also produce the number and types of records compromised. Begin corrective measures as soon as possible.   

Notify Appropriate Parties

The guide instructs businesses to notify law enforcement, other affected businesses, and affected individuals. Work with the insurance company’s assigned legal counsel to ensure compliance with all state and federal notification requirements.

Please refer to the Federal Trade Commission’s Data Breach Response Guide for more detailed steps.

For those who are interested in learning more about how cyber-crimes affect real businesses, watch “Cyber Liability Explained: Hacking Trends for 2023.”

 Contact me to discuss the merits of cyber liability insurance or a possible data breach at (619) 937-0175 or sbrown@ranchomesa.com.

Author, Sam Clayton, Vice President, Construction Group, Rancho Mesa Insurance Services, Inc.

The recent coronavirus (COVID-19) pandemic has created numerous challenges for both individuals and businesses all over the world. Last week, California Governor Gavin Newsom required all residents to “shelter-in place” and all “non-essential businesses” to cease “in-person” operations. In doing so and in order to keep their business operating, many employers transition employees to work remotely, otherwise known as Telecommuting. 

While this approach is nothing new for many businesses, employers have been required to expedite these accommodations which creates unanticipated Cyber Liability Exposure.

Below are three online threats that remote workers should be aware of:

1. Secured WiFi Networks

Make sure that all employees are using a secure WiFi network. An unsecured or public WiFi network are prime targets for malicious parties to spy on internet traffic and collect confidential information.

2. Use of Personal Devices and Networks

Many employees will be forced to use personal devices and home networks for work. These devices often lack the tools built into company networks, such as strong antivirus software and firewalls. This lack of security could increase the risk of malware which may allow personal as well as confidential information being exposed.

3. Phishing Scams

Workers may receive emails from hackers impersonating a supplier/vendor or even someone within the organization to obtain confidential information or to transfer funds unknowingly.

In order to minimize these threats, companies should implement a written “Telecommuting Agreement” that outlines specific practices and procedures when employees are working remotely. 

For information on implementing these and other internal policies, visit www.ranchomesa.com/COVID-19 and login to our RM365 HRAdvantage™ portal. Contact Alyssa Burley aburley@ranchomesa.com in our Client Services Department to learn more about the platform.

Author, Sam Clayton, Vice President, Construction Group, Rancho Mesa Insurance Services, Inc.

Target, Capital One, and Equifax are all Fortune 500 Companies and household names we recognize. All have experienced a cyber liability breach in the last decade. When we hear of a data breach, we typically think of large corporations or more recently municipalities that collect customers’ personal identification information or are using technology to manage physical locations (i.e. buildings), transit systems, and people. However, just about any large, medium or small organization that uses technology to operate their business faces a cyber-exposure. And, as technology becomes more complex and sophisticated, so do the threats we face, which is why every business and organization needs to be prepared with both cyber liability insurance and an effective cyber security plan to manage and mitigate cyber risk. Below are two different cyber threats your company faces on a daily basis.

Ransomware is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment, typically in the form of Bitcoin, in order to unlock and regain access to your data.

Social Engineering is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity via e-mail. This is typically accomplished by directing users to enter personal information at a fake website which matches the look and feel of the legitimate website.

A Cyber Liability Policy can help protect against data breaches and other evolving cyber exposures that are not covered by a standard property and general liability policy. These policies can respond in multiple ways such as credit card data remediation and notifications expense, network and information security liability, regulatory defense expense, crisis management expenses and computer program and electronic data restoration expenses.

In addition to the coverages above, many cyber insurers offer policyholders pre-breach services, employee training and IT forensics specialists. Some also provide data breach “coaches” who specialize in the unique legal and regulatory issues surrounding breaches, and will assist businesses with navigating the response process and ensure compliance with state and federal privacy laws.

Please contact Rancho Mesa to learn more about implementing a strong Cyber Prevention Plan.

Author, Alyssa Burley, Client Services Coordinator, Rancho Mesa Insurance Services, Inc.

With the recent cyberattacks spreading across the globe, Rancho Mesa would like to remind its clients to take the necessary precautions to protect their business’s data.

We have supplied two documents to help you prevent a cyberattack: "Cybersecurity for Small Businesses” and “Cyber Security Planning Guide.”  Each of the documents may also be found in the Risk Management Center’s Library.

For questions about Cyber Liability insurance, contact us at (619) 937-0164.