How to Get the Most Cost-Effective Cyber Policy

If you were to ask any company representative if cyber insurance is worth it, you’d undoubtedly be met with a resounding YES. The potential financial havoc that a cyber attack unleashes is significant enough for businesses both large and small to actively seek out cyber insurance coverage. The question therefore isn’t whether you require cyber insurance for your business. Instead, it’s: How much cyber insurance do I need?

Just like all insurance coverages, the answer is personal. You would not pay a higher level of homeowners insurance premium for a larger house than you own; so too should you not pay for more cyber coverage than your business needs. One-size-fits-all cyber insurance does not exist, and there are ways to drive the cost of coverage down by being proactive in your security efforts.

One business may need to purchase more cyber insurance, while others may need less. An organization that deals primarily online may have more potential exposure than another, for example. To get the most cost-effective cyber policy, do not just request a quote from the Internet. Instead, trust the cyber insurance advisors at W3 Insurance to learn about your company’s risks and to help you select a policy to mitigate them. 

Every day, cyber attackers become more savvy at draining company coffers. Those businesses who choose to pretend that they are not at risk stand to pay higher rates than those who actively protect themselves. Read below as we examine how cyber attack prevention can in fact be cost-effective and how a business can go about securing such coverage.

10 ways to reduce the cost of your cyber insurance policy

Think of this as akin to the ‘safe driving’ discount offered by some car insurance companies. If your business operates with safeguards in mind against cyber attack,  it is possible to reduce the cost of your cyber insurance policy. By reducing your risk, you also drive the cost of coverage down.

Some of these ways include the following:

1. Multi-Factor Authentication (MFA)

Are you who you say you are? That is the simple (yet effective) impetus behind multi-factor authentication. Also known as “two step” verification, this effective means to thwart cyber attack takes the standard ‘enter username and password’ command to a new level. Sure, you will need both of the above – and then some. Often, this added failsafe comes in the form of a code that is sent to a person’s cell phone. That way, even if a password and username are stolen, the attacker is stuck. 

2. Password managers

The days of the simple password are passe – pun intended. Password managers take complex combinations of letters, numbers and symbols and make undecipherable passwords that are nearly non-hackable. One of the type of cyber attack involves a hacker learning personal information about a mark on social media and then trying those elements as passwords. With password managers storing these intricate passwords, it’s not necessary to use the same one multiple times. 

The days of “I hate passwords 123” should be over. Thank you, password manager.

3. Keep your employees trained and up-to-date

In the event your business suffers from a successful cyber attack, don’t point fingers at the computer, because it is likely not the machine’s fault.. Nine times out of ten, security breaches are caused by human error. Cyber attack is a very human game, after all; human error is the reason many attacks do succeed. 

That’s why employee training is paramount. Have your employees been brought up-to-speed about the latest phishing attacks? Do they know not to respond to emails that demand sensitive information? Constant vigilance is required to fend off cyber attacks, and that means consistent, timely training for your employees about the latest threats and information regarding how to combat them.

4. Update your software when possible

Keep pressing ‘cancel’ when prompted for a software update? -Think again. Take a few minutes and let the software update; it most likely has built-in security protocols to protect against the latest cyber threats. Cyber attacks vary widely in their creativity and personalization; software updates can help thwart some attempts before they become a problem. 

5. Invest in cybersecurity tools

When it comes to protecting your business from cyber attack, cybersecurity tools are the weapons that can keep the threat at bay. Often, they are not exorbitantly expensive, either – at least, not in comparison to how much a successful cyber attack an potentially cause your business.

Consider the list below a good start:

  • Firewalls
  • Anti-virus software
  • Application whitelisting software
  • Intrusion detection/prevention systems
  • Managed detection and response systems

6. Create an adequate response plan

Even after all your best efforts, a cyber attack may crack your defenses and affect your business. Due to the ever-changing nature of cyber attack, this is a sad reality; knowing what to do if one occurs can minimize the damage. If you suspect your business has been a victim of cyber attack, first call your cyber insurance coverage provider. Then, use your response plan to move forward.

7. Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) are your friends

Plan for the worst and hope for the best. The adage is at the heart of business continuity planning (BCP) and disaster recovery planning (DRP). Have protocols in place as backups, and should a cyber attack occur, you may be able to continue business as (almost) usual while you work to restore prior workflows.

8. Continuously monitor your systems

Understanding what is normal for your business and what is not is a surefire way to spot a cyber attack. Watch for activity that is out of the ordinary, and if you spot something unusual in your data, dig into the cause. It may well be due to user error – or it may be a cyber attack in its infancy.

9. Hire a cybersecurity expert

Overwhelmed by the concept of cyber-securing your business? Professionals can assist you in deducing your business risk and implementing tools to address it. Consider hiring an expert to be an investment in your company’s wellbeing. The time you will spend to put all these measures in place may be better used elsewhere, and, if these protections are left undone, cyber attacks can have drastic fiscal consequences.

10. Be proactive

Simply follow the above advice, and you’ll be on your way to protecting your business from cyber attack. The proactive business owner understands that if it’s possible to prepare for an attack, fortifications should be made. Act early to prevent cyber attacks in the long run. What’s more, having these protections in place can result in a lower premium. After all, such a business is less risky than one that just buys coverage but does not put any safeguards into place.

Get an affordable quote from W3

The cyber advisors at W3 Insurance can help protect your business from cyber attack. For coverage that protects your business and advice that allows for personalization of your cyber policy, trust the W3 advantage. 

Cyber attack is a persistent threat. Contact us today for more information regarding how to protect your organization.

W3 Small Business Solutions

Owning a small business is no small feat. 

It can be difficult to know whether the solutions you’ve selected are right for your organization, and the time it takes to implement them without help could be better used flipping that ‘closed’ sign to ‘open.’ 

Luckily, our insurance experts at W3 make getting coverage and finding business solutions a seamless process. We’re here to offer answers for multiple small business scenarios.

When a small business owner asks how they can get the right small business insurance for their employees, or how they can improve employee retention, the answer is simple: discover the responses by partnering with advisors who have the best interest of your organization in mind and the tools to make a difference. 

Too many situations can arise within a small business setting for owners to be cavalier about coverage and processes. Entrust the experienced advisors at W3 to handle DOL compliance assistance, HR technology solutions, employee retention guidance and more.

DOL Compliance Assistance

Staying up-to-date regarding minimum wage and overtime requirements? Know every single Department of Labor rule and regulation? Even the most fastidious small business owner can’t do everything. Labor laws change periodically, and unless a small business owner devotes time on a regular basis to these updates, an oversight (or two, or ten) can happen. Labor laws exist to protect workers from unjust compensation. W3 Insurance can provide guidance to prevent issues that commonly arise when a small business does not keep up with these changes.

Common infringements in Department of Labor (DOL) compliance include:

  • Federal minimum wage and overtime requirements
  • Misclassification of employees (exempt versus non-exempt)
  • Employment law changes spurred by regulatory changes and court precedent

Even if you fully intend to be perfect in your DOL compliance, why take the chance that oversight could happen? There’s plenty more that you need to think about when it comes to running a small business than endlessly checking statutes. Knowing you are in compliance offers peace of mind.

Workers’ compensation

Even businesses that don’t demand a large amount of physical activity from their employees need coverage for workers compensation

Any workplace accident can trigger the need for ‘workers comp’; repeated injuries like carpal tunnel syndrome, a faulty chair that breaks at the last second, or a trip & fall. 

Truly, the list of possible mishaps is endless. Workers’ compensation offers coverage for workplace accidents like these and many more.

Workers’ compensation provides benefits such as lost wages and medical treatment incurred as a result of the workplace injury. Go without the right insurance as required by your state, and a small business could open itself to further fines and legal action. It’s important to note that the reason to carry workers’ compensation insurance is twofold. Not only does it help the injured employee, but it protects the organization as well. 

When should you elect workers’ compensation insurance? -Before you hire your first employee. Laws vary by state and industry, so a one-size-fits-all policy does not truly exist. To ensure you obtain the right coverage, enlist an insurance professional to evaluate your risk and recommend coverage options that fit your needs.

Mandated Federal Minimum Wage

A mandated federal minimum wage exists, but different states have their own qualifications as well. Partnering with W3 for compliance and legislation services takes the guesswork out of the equation. Instead of asking, “Are we really paying our workers according to law? You have a partner to advise the business and keep abreast of any changes.

It should come as no surprise that paying employees less than they are owed sets a business up for litigation (and an angry, under-compensated employee). W3 offers help to ensure that scenario never occurs.  

HR Technology Solutions

Streamline your human resource efforts and ensure the actions are compliant – W3 can help. Through various HR tech solutions, W3 partners with small businesses to make compliance easier. Benefits include hours of time saved with total clarity for employees, who can feel secure knowing their benefits and payroll are consistently tracked and rewarded.

Every small business needs HR tools that enable it to go about operations in a timely, organized manner. There is no need to do HR the old-fashioned way, with folders and collation and plenty of room for error. Instead, embrace the HR technology that continues to change the way we work.

W3’s advisors help businesses connect with these HR technology solutions:

  • HRIS – Access your employee reporting with just a few clicks of the keyboard. From keeping track of employee PTO to tracking new hires and making certain elements accessible to employees, it’s easy for HR to get (and stay) organized.
  • Payroll software – Pay your employees on time, every time. While you’re at it, secure tax information, create W2s, and integrate with your HRIS in real time – no cumbersome systems necessary!
  • Time & attendance – Link employees’ time worked with the payroll system and make it simple for your workers to log their time. 
  • Benefits administration – All of the tools for Benefits you and your employees need are found under this section. Instead of entrusting a Benefits consultant to explain every nuance of coverage, give employees agency by allowing them access to their personalized plan and more. 

Employee Recruitment and Retention

Attract and keep employees who make your small business shine. Employee Resources offered through W3 can help. When Employee Benefits are clear and concise, employees understand what they are entitled to. Rather than tasking employees to wade through laborious benefits package printouts with no support, why not personalize the offerings for them? 

Employee benefits guidance makes the right coverage choices clearer for employees. Being able to concisely explain the reasons employees should choose to work with your organization should help with employee recruitment and retainment.

Whether a business is small or massive, employees should never answer the question “What’s the value of working here?” with “I’m not sure.” Recruit and retain employees by understanding what is important to your workers and delivering on your promises.

Request A Quote from W3

Small business benefits can make the difference between success and failure for an organization. Though a business may be small, the goals it puts forth are lofty. Achieving those goals depends on a multitude of factors. Small business benefits is an important one.

W3 small business solutions exist to help small businesses stay compliant and run smoother. Call us at (941) 377-7283 ext. 233 to talk to one of our experts today.

Why Your Business Needs a Surety Bond

Do you plan to do work with a government agency in the future? Does your business calendar include appointments to bid on construction jobs? If so, you’ll likely need a surety bond to be seriously considered for employment. 

Surety bonds are a safeguard, and exist to assert confidence that your business will finish what it starts. They are required in multiple instances and across multiple sectors. Let’s talk more about them.

What is a surety bond? 

A surety bond is a promise backed by capital. This promise asserts that contract terms will be met by all parties, that agreements will be kept, and that all sides comply with the contract. 

Think of a surety bond as a handshake that holds legal weight. You or your business agree to complete a scope of work, and the entity employing you can have full confidence that this will happen. If it is not, recompense will be given to the slighted party.

The 3 parties of a surety bond

To understand how a surety bond works, you must first understand that each bond involves three parties. These are:

The Principal 

Often the owner of a small business, this bond purchaser opts to obtain a surety bond in order to enter a contract bid or do work. 

The Obligee 

If you require a surety bond, that means you’re the obligee. Obligees are commonly government agencies, but anyone looking for a solid guarantee of job completion can be one. 

The Surety

Someone has to guarantee this bond, and that is the surety, or insurance company. Think of them as the middleman: if the Principal neglects to hold up their end of the bargain, the surety steps in to remedy the situation. Completing the work is the overall aim, and the insurance company covers this as stated in the bond.

What do the terms licensed, bonded and insured mean?

These three terms are ‘the mighty three.’ A company that can list this trio has completed the triumvirate of items necessary to inspire ultimate consumer confidence. 

While a business can separately earn the designations of licensed, bonded and insured, there is a significant difference among the terms.

Licensed 

This is the bare bones, must-have designation for many industries. A company that is licensed meets some minimal guidelines for its sector. For example, it would be inadvisable to have an unlicensed stylist to cut your hair. The license hanging on the salon wall gives you confidence that the person holding the shears has completed some training as required by a licensing board.

Bonded

A company that says it is ‘bonded’ is simply sharing the information that a surety bond has been purchased to protect third parties doing business with it. If the agreed-upon project work is not completed, a claim can be filed for recompense.

Insured

A synonym phrase for insured is ‘transfer of risk,’ and that’s exactly what insurance does for a business.  An insured business commonly carries protection for workers compensation and general liability, though more coverage is available. Construction companies likely hold builders’ risk policies and property insurance as well.

What are the 4 types of contract surety bonds?

Bid bond 

Seen in the construction space, a bid bond guarantees that if a bid submitted by the contractor is accepted, that contractor will be entering a contract that involves an agreement of doing the work at the price given

Performance bond

An insurance company or bank stands behind a contractor in this situation, ensuring that a project is completed in a satisfactory manner. 

Payment bond 

A contractor opts for a payment bond, which is a surety bond that ensures subcontractors and those supplying materials are paid. Payment bonds are commonly seen alongside performance bonds.

Warranty bond 

This type of bond has an expiration date – consider it a limited warranty situation. Once that predetermined date has passed, the bond is no longer valid and active.

5 types of commercial surety bonds

License and permit bonds

Before you even apply for a permit or license in some instances, these bonds will be required. They act as a safeguard that the individual or business that obtained the license and/or bond will comply with applicable regulations and laws and that it can actually do what the license or permit details. This requirement discourages businesses that may not be completely able to perform the assigned work from agreeing to undertake it.

Court bonds

Whether one is the defendant or the plaintiff, it may be necessary to get a court bond. Included under the ‘court bond umbrella’ are the well-known bail bond, but bonds for appeal, attachment, replevin and injunction are available as well. 

Fiduciary/probate bonds

A surety bond, this type protects creditors, heirs and beneficiaries in the scenario of a trust. 

Public official bonds

If you hold a public office, you’ll likely be required to have a public official bond. These are designed to protect the public if the official does not perform as they are supposed to. It’s interesting to note the wide range of public officials who require surety bonds, including, but not limited to: treasurers, tax collectors, judges and more.

Miscellaneous 

Bonds can be personalized for nearly any situation. These fall under the category of miscellaneous, and do not fully comply with the already-mentioned common bonds. 

4 industries that need surety bonds

Auto dealers

Ever wonder why more lemons aren’t sold by well-known auto dealers? Surety bonds knows as auto bonds are a failsafe to make sure that auto dealers do not engage in fraudulent behavior. If the dealer lies about a vehicle’s age or condition or engages in another misleading claim, this surety bond protects the consumer. 

Construction contractors

If a construction contractor breaks laws and does not honor their contracts, a penalty 

lies ahead for them. That’s thanks to a contractor bond, whether residential, commercial or other. 

Financially responsible officer bond

Ethics is the name of the surety bond game here. A company’s FRO (financially responsible officer) is thus guaranteed to act becoming to a high standard. These bonds aren’t widely required. 

Healthcare providers

By now, you’ve likely learned that bonds ensure that an entity fulfills its contractual obligations. This is the same for healthcare providers, who may opt for a surety bond over an LOC (letter of credit). 

How much do surety bonds cost?

A variety of components factor into the answer to that question, including credit rating, industry expertise, riskiness of the undertaking and more. Consider a small construction company bidding for its largest project to date. It may need to pay more for a surety bond than, say, a larger company that has a proven track record of project successes. 

The best way to find out how much a surety bond will cost for your unique situation is to contact a professional, explain the scope of work, and let them do their due diligence.

How do I get a surety bond?

This answer is the most straightforward of all of them in the article: simply call our office at (727) 522-7777 to speak with one of the surety bond advisors at W3 Insurance. 

Whether you’re a Florida small business owner hoping to bid on a federal project or a contractor investigating the types of surety bonds necessary for the future, W3 has extensive surety bond expertise.

Cyber Insurance Coverage for Social Engineering Attacks

How many times has this happened to you: you’re checking your email and you find a message from a large trusted online company like Amazon or Facebook notifying you of some change to your account. But something doesn’t look right. Either the company’s never notified you this way before, or the email domain name is slightly off.

Suddenly you realize the message is a fraud: an attempt to get you to click a suspicious link or enter in personal information.

You’ve just been targeted by a social engineering cyber attack. And while sometimes these attacks are easy to spot, cyber criminals are getting more sophisticated every day. Read on to find out what social engineering is, what are the most common forms of social engineering attacks, and to find out how cyber insurance can protect you and your business from the risks these attacks pose.

What Is Social Engineering?

Social engineering is the use of psychological manipulation to get people to divulge private information online. The definition of social engineering is very broad, and it encompasses a wide variety of common cyber attack strategies.

Generally impersonation is the name of the game when it comes to social engineering. Instead of using an impersonal computer virus or other mode to obtain personal information, a thief using social engineering might impersonate a friend or a company to obtain sensitive data. In an age where personal credentials such as logins and passwords can mean the difference between emptying a bank account or keeping it secure, this means people need to be ever-vigilant about protecting their information.

For example, the social engineering swindle could involve a “repair person” who reaches out via email and asks for a credit card number in order to complete a renovation. Or a “supervisor” within your business requesting e-gift cards be sent to them. Or a fellow employee, who “forgot” the last four digits on the company credit card, and asks if you could please share those with them.

You get the picture. Within the façade created by social engineering, a thief may continue to ask questions of employees and build credibility until at least one person gives up the information. At that point, the jig is up. There are too many horror stories involving this type of swindle to name. That’s why it’s imperative that you double and triple-check any request, even if it seems that it’s coming from within your organization. Social engineers can be quite adept at procuring the items they seek.

Who Is Most Affected by Social Engineering Cyber Attacks?

It’s not just mammoth organizations that have to worry about cyber engineering as part of a cyber attack. Small to mid-sized businesses are frequently targeted. And the effects can be devastating: nearly 60% of small businesses victimized by a cyber attack close within six months.

Typically, cyber attackers employing the strategy of social engineering will target employees of small to mid-sized businesses who have initial access to a platform. They don’t necessarily reach out to those with the biggest influence. For instance, the target could be a receptionist who was just hired last week and hasn’t even finished onboarding, or an intern who is so quick to please that they respond quickly with log-in information without much cajoling.

But these are just the easy targets. Those most affected by social engineering cyber attacks are arguably businesses that have plenty to lose – but that doesn’t just mean the Googles or Microsofts of the world. Larger organizations usually have rigorous cyber policies that make them more impenetrable to attacks, but smaller businesses are often more lax with their security protocols.

Why Is Social Engineering a Common Cyber Attack?

Too few businesses have safeguards in place to combat cyber attacks, and that omission can be lethal. In fact, 98% of attacks are caused by employee error, and 65% of businesses don’t even enforce a password policy. That’s why social engineering attacks continue to happen – because employees have a lack of training regarding how to identify these threats and what to do when they occur. Social engineering is common as well because it exploits human nature. Depending on the swindle and the dedication of the cyber attacker, these attacks can be extremely well thought-out.

With the world going ever-more virtual, parasocial relationships affect the perceived validity of cyber requests. We pay our bills online, shop online and transfer money online – why not share sensitive data that way too? It’s in our automatic nature to do so in this age of quick transactions, and social engineering cyber attackers exploit this to their advantage.

What Are the 6 Social Engineering Attacks?

Phishing

Phishing is when a cyber attacker attempts to lure someone into revealing guarded information by claiming to be a representative of a reputable company. When sensitive credentials are revealed to a cyber hacker, the criminal may use them to spread malware or give access to websites that attack a company’s credibility and coffers.

Invoice Manipulation

This phishing-like scam involves the receiving party of the fraudulent request being a client. During this attack, the hacker requests payment of a client invoice, but the money never reaches the company who is seemingly requesting it. Instead, it goes right into the bank account of the criminal.

Baiting

“You’ve won $5,000 – click here to collect!” or “Enjoy a new computer, courtesy of _____ corporation!” – these are both examples of baiting. In the first giveaway scam, the cyber attacker collects personal or business information by claiming that the email recipient needs to provide that info to receive a prize. In the second example, software may be installed on the gifted equipment that uses trackers to transmit personal information such as bank accounts, etc. 

Pretexting

Some social engineering scams are more sophisticated than others. Hackers who take the long view (and take their time) employ pretexting, or gaining the trust of someone before asking for personal information. Within this scenario, a cyber attacker will swear by a story that makes them sound truthful. Later, when sensitive information is requested, the pretext gives the thief the social collateral necessary to convince others to answer his/her requests.

Scareware

Anyone who has ever had a warning pop up that their computer has been infected by a virus has experienced scareware. Designed to scare a person into submission, scareware is a type of cyber attack in which computer users are directed to purchase computer protection in order to avoid the loss of personal data.  

Business email compromise (BEC)

This is a targeted phishing attempt in which criminals pretend to be part of an organization in order to get what they want – usually goods, services, or – you guessed it – money. A business that has a “culture of caution” when it comes to cyber matters is better protected from this type of compromise, but sophisticated thieves still make it difficult.

How Can You Protect Yourself From Social Engineering?

Protect yourself (and, if at work, protect your organization) by being aware of the existence of social engineering in cyber attacks and preparing for their inevitability. This includes using password security and using a checklist when receiving email before responding.

This checklist includes:

  1. Checking the email address in its entirety. Is there an extra letter in someone’s name? Is the address not quite correct?
  2. Check the time stamp. Was this email sent late – after work hours?
  3. Does the email involve a request of sensitive information that usually would not be viewed as urgent?
  4. Is it possible to call this individual – and if their phone number is listed in the email, does it match the one I have saved in my phone?

Password Security

Keep track of passwords with a secure Password Manager. Remember: longer passwords are better. The days of being able to use your name plus 12345 are long over. Ideally, you should use a password that includes numbers, letters and characters more or less at random.

Using the same password for multiple devices? Change that practice immediately. Sure, they’re easier to remember. It’s also easier for a hacker to access every single one of them the moment they gain access to just one.

Business Security

Use multi-factor authentication (MFA) to require a password plus. That means every time you log on (or someone pretending to be you logs on) they will be asked at least two more questions in order to gain access. This will cost you a few more seconds before you’re able to access your device, but those seconds are worth it to protect your information. 

Protecting Your Business

There are two ways to protect your business from social engineering: on the front end and on the back. On the front end, you should put safeguards in place to lower the threat of ransomware, secure employees through training, and instill a cyber attack-aware employee culture. Ensure company websites are secure, lower the threat of phishing, and make sure to double and triple check any bank accounts or transfers. It takes a good deal of diligence, but you can lower the chances of cyber attack.

And if the protection you’ve put in place somehow fails and you find your business is a victim of a social engineering cyber attack, cyber liability insurance can cover you on the back end to help limit the damages and make your business whole again. 

With Wallace Welch & Willingham’s cyber liability insurance policies, you can protect your business from the fallout of a cyber attack. Cyber insurance helps your organization recover data, restore damaged equipment, and even pay legal fees and fines. It’s peace of mind in an age when cyber attacks show no sign of abating. Contact one of our cyber insurance agents at W3 Insurance to learn more about how to protect your organization. Request a quote today!

How Likely is Your Company to Be Cyber Attacked?

If you’re worried about how likely your company is to be cyber attacked, you’re not alone. As the world increasingly embraces the digital marketplace, valuable data is more at risk than ever, and it can be difficult to know whether a business is fully protected against a breach.

Just as you would secure your home against intruders, so too must your business be kept as secure as possible. Of course, a business is more difficult to protect than a physical abode. Lock the doors and windows of a home and enlist a solid alarm system, and you’re likely set. Conversely, cyber attacks enter the foundation of your business through tiny (and not so tiny) cracks in the online mortar left vulnerable by business owners and employees alike. 

While the likelihood that your company could get cyber attacked is out of your hands, how it affects your company is largely up to you and depends on how carefully you’ve prepared for the attack.

What is a cyber attack?

Cue the virtual mugshots: cyber criminals hide behind their PCs and Macs to forcibly extract data from other computers (or networks). Depending on the sophistication of the attack and how targeted it is, these criminals’ actions can result in the shuttering of the victimized devices completely. Other attacks just use that single compromised computer as a stepping stone for other attacks, and still others suck the data out of the device, compromising personal and financial information and sparking a whole onslaught of trouble.

Cyber attacks occur at every level of commerce (and are now even part of modern day warfare). Take, for example, the Apache Log4j vulnerability, which results in java-based web servers getting hitchhiked and used for a variety of ill effects such as the spreading of malware or ransomware.

Cyber attacks are now a regular part of actual war; for example, when the Russia-Ukraine conflict began, Ukraine saw cyber attacks directed at its military increase by 196%.  

Another well-known attack with a deceptively positive name is the Solarwinds Sunburst attack, which targeted more than 18,000 organizations by enticing them to download what seemed like a normal software update. Unfortunately, the ‘software update’ made it possible for cyber criminals to access data. This cyber attack is ongoing and extremely destructive.

These big cyber attacks are what make the headlines, and they could lead you to assume that only large organizations get targeted. But you’d be wrong. Every day, businesses and individuals suffer cyber attacks that never make the news. What should make the news is how devastating these attacks can be for small businesses: 60% of small businesses close within 6 months of suffering a cyber attack. That’s why it’s imperative to enact safeguards in the cyber realm on a consistent basis.

6 Industries at Risk of Cyber Attack

Small Businesses

Resist the urge to believe that a business that is small is not attractive to cyber criminals; the small businesses sometimes make the biggest targets. After all, what type of training does a small business offer to inform employees what data should and shouldn’t be shared with outside entities? Without proper security protocols, employees are more likely to download programs they don’t recognize or offer login credentials to cyber criminals posing as fellow employees.

The list of possibilities is long, and it’s tough for a training to cover all of them (and that’s assuming the small business has a training at all). That vulnerability makes a small business low-hanging fruit to cyber criminals.

Healthcare

COVID-19 made a mess of so many things in our world – the healthcare industry included. Lots of healthcare entities were targeted during the pandemic because the pandemic opened up new vulnerabilities, and ransomware has been rampant. This software puts a proverbial wall up between a person and their data, keeping them apart until a ransom is paid. Healthcare organizations see these attacks as virtual emergency situations. Not being able to access patient data or other important health information can literally be a matter of life and death. 

Government agencies

Cyber criminals who want to make problems for state and municipal governments have their weapons at the ready, and the results are costly. Ransomware cost the United States government $18.8 billion dollars in 2020 (estimated using cost of recovery, etc.). Education for government employees regarding cyber security is a definite necessity, given the popularity of this type of attack.

Financial institutions

Online banking is widespread, and with it comes the risk of online theft. All it takes is for a hacker to make a fake login page that looks legitimate and, voila! Sensitive information falls into the hands of those who seek to do harm. Trojan horses are widespread problems in this sector – and they don’t have anything to do with the ancient city of Troy.

A Trojan horse is a type of malware disguised as a legitimate program in order to gain access to a server. Data and server attacks upon financial institutions go straight to the sources of delicate information – ripping credit cards and social security numbers from supposedly ‘safe’ storage places and making them visible for hackers to exploit. In this type of cyber attack, malicious code is deployed to steal that information. 

Education

Online education platforms have drastically increased over the past few years (remember the online learning boom during the pandemic?). This use of technology for educational purposes has opened more schools up to cyber attack – specifically, to malware and spam. 

Energy and utility companies

If the United State’s largest fuel pipeline can be compromised due to ransomware, anything and anyone is at risk for cyber attack. In 2021 hackers shut down the Colonial Pipeline which originates in Texas and serves the southeastern U.S. The resulting gas shortages across the country resulted in an increase in fuel prices and a loss in consumer confidence. And while that example may be extraordinary, still there are (and continue to be) many other attacks on smaller utilities.

Cyber Attack Statistics

If you’re still not convinced of the importance of keeping your online data secure from cyber attacks, consider these figures:

  • 50% of all cyber attacks are against small to mid-sized businesses.
  • The average cost of a data breach for small businesses ranges from $120,000 to $1.24 million.
  • Between 2018 and 2020, over two thirds of all small to mid-sized businesses reported a cyber crime incident.
  • Cyber crime went up by 600% during the Covid pandemic.

Any web search of ‘cyber attack statistics’ will reveal the danger you and your organization are in on a daily basis. 

The 10 Most Common Cyber Attacks 

While there are many types of cyber attacks, the ones listed below are currently the most common. 

  • DOS and DDoS Attacks
  • MITM Attacks
  • Phishing Attacks
  • Whale-phishing Attacks
  • Ransomware
  • Password Attacks
  • SQL Injection Attacks
  • URL Interpretation
  • DNS Spoofing

Remember: a full-scale strategy to protect your business (and yourself) from cyber attack is the best strategy. Work with a professional who understands the risks you face and knows how to mitigate them. 

Is Cyber Insurance Worth the Cost?

Cyber attacks can be devastating – both personally and professionally. The cost of cyber insurance hinges on the type of business being protected and the level of risk it experiences. If the amount of personal data a business handles is significant, the cost will likely be more. One way to lower cost and protect the business at the same time is to put security protocols in place that lower your business’s risk for a breach. The coverage limits you select, along with the size of the deductible, will also determine the cost.

Just as with historical warfare, protection and preparation are important to a defense. Don’t be left vulnerable to cyber attack. Instead, have a clear and ongoing strategy to combat it. And if cyber criminals do slip through your systems and take sensitive data or release ransomware into the equation, know that you have cyber insurance to back you up.

Cyber insurance can protect different industries from popular types of cyber attacks. Contact Wallace Welch & Willingham to find out how our cyber liability insurance products can help protect your business. Request a quote today!

W3 Insurance Featured in Hales Top 100 US Agents & Brokers List

W3 Insurance has made the Hales Top 100 list of American insurance agencies and brokerages. This list, based on 2021 revenue, distinguishes W3 as one of the largest insurance agencies in the country. For the past 97 years, W3 has advised clients regarding the coverages of property & casualty and employee benefits.

“It’s taken a group effort to achieve this honor, and I’m proud to say that our different departments really worked together to reach this new level,” says W3 President Jonathan Hammond.

“To be recognized in Hales Top 100 is a great honor and a tribute to W3’s focus on our employees’ experience and our clients’ experience,” says W3 CEO Scott Gramling.

Founded in 1925, Wallace Welch & Willingham is an independent insurance agency with a rich history of providing quality service and unwavering commitment to its clients and community. The agency represents an extensive list of “A rated” insurance companies in order to provide the best coverage at the most affordable rates available.  Wallace Welch & Willingham has insurance products to fit the specific needs of both businesses and individuals, offering commercial, homeowners, auto, boat and life insurance, as well as employee benefits coverage. For more information, call (727) 522-7777 or visit www.w3ins.com.

Inflation and Homeowners Insurance in 2022

Inflation, meet Florida homeowners insurance. Like the rest of America, the Sunshine State is experiencing the effects of inflation. Supply shortages, repair costs, limited inventory and a struggling economy are affecting the cost and availability of homeowners insurance in Florida.

Let’s talk about how increased repair costs and supply chain issues continue to have an impact on Florida home insurance costs and how you can be an informed purchaser of this pivotal coverage.

First, it’s important to actually answer the question: Do I need homeowners insurance in Florida? Legally: no. Practically: a resounding yes.

A home is a major investment that nearly every homeowner is going to want to protect. Therefore, it is imperative to purchase, at the very least, minimum home insurance. Thanks to inflation, even the bare-bones coverage for Florida homeowners is more expensive today than before the coronavirus pandemic.

Still, it is possible to insure your Florida home in a smart manner. Working with an insurance professional can help to give you peace of mind that you have not over or under-insured. Whether you have a beachfront residence with stunning views of the Gulf or an inland ranch abode out of the sight of water, proper coverage hinges on matching your exact needs to the coverage available in the marketplace.

Inflation and its impact on Florida home insurance costs

Why is this price increase happening?

It should come as no surprise that COVID-19 is one of the main reasons for the increase in homeowners insurance costs. Thanks to inflation sparked by the novel coronavirus, home costs continue to rise. One example of this is the roofing sector, which is not immune to these rising costs. Material and labor prices have both risen. Supplies like shingles are harder to find because of supply chain issues, and scarcity leads to higher prices passed on to consumers.

Additionally, with a rise in home purchasing cost comes premium rate increases. Premiums are not arbitrary rates that insurance companies guesstimate, after all; they take into account property location, loss history, type of property, and, of course, the type of coverage you wish to elect. Since home prices continue to spike, premiums stand to do so as well.

The change is all around us, and Florida homeowners insurance is not immune to the higher price phenomenon. There is the sticker shock we feel at the grocery store, where the bill keeps getting larger for the same food we have purchased for years. Home repair and construction projects are priced at a premium due to supply shortages and consumer demand in the housing sector. Globally, shortages continue to affect the world’s citizens on multiple levels.

Inflation can be traced to this overall increase in cost of goods. The roofing sector is a prime example. Today, when a Florida homeowner files a claim for repair, the insurance company is going to have to pay more to repair the home in accordance with the policy. That means rising Florida homeowners insurance costs for all as insurance companies raise their rates in an attempt to remain solvent. Unfortunately, several insurance companies have become insolvent this year; others went insolvent as far back as 2018.

Within this ‘doom and gloom’ outlook comes a bit of light: policies are usually issued annually. That means you may not see any rate difference until that expiration date looms and the renewal of your policy is imminent. Partnering with Florida home insurance advisors who understand both insurance trends and your unique coverage needs is pivotal.

Affordable home insurance options

The way to find the most affordable Florida homeowners insurance options is to truly know how much insurance you need. This is a tough forecast to make, and it is an individual one. Based on certain risk factors and your own comfort level with risk, a Florida homeowners insurance election should be a carefully curated, individualized policy. Here are some elements that can help.

  • Work with a Florida homeowners insurance advisor who truly understands our insurance marketplace. The ideal partner in this decision is an advisor who makes it their duty to understand risk and how to mitigate it in today’s purchasing climate.
  • Consider different options. Perhaps a certain level of coverage that stood you well in the past no longer seems practical. In this state of change, it is worth looking at that past policy and seeing if there are any gaps – or if you assume more risk. For new construction, the options will be different.
  • Is it time to raise your deductible? -Perhaps. Yes, if you need to file a claim, this strategy is going to hit you in the pocketbook. Consider the cost/benefit analysis of this choice before making it.
  • Remember that there is a difference between rebuilding costs and what you actually paid for new construction. This is an important element because rebuilding in the current market is more expensive than in years past.
  • Now may be the time for those impact-resistant windows and other safety upgrades. You may see a decrease in the Florida homeowners insurance rate because of it. Remember the old saying “That place is strong like Fort Knox?” Fortify your structure and make it impervious to the elements, and your rates may decrease. This brings to mind the insurance policy on Fort Knox…but that is for us to examine in another article. Perhaps.
  • Secure, secure, secure. Have you been considering home security measures? Alarms, sensors, and the like? You may see a policy decrease because of such upgrades.
  • Ask for more savings. Skyrocketing interest rates and rising insurance premiums have some consumers wondering if they can still afford home insurance in Florida in 2022. That leads surfers of the Internet to type in queries like Who offers the cheapest homeowners insurance? It can be tempting to just type that question into a URL search engine and select the first option that’s visible.

It bears saying again and again that working with a Florida homeowners insurance advisor is likely the easiest way to procure this knowledge. Instead of spending your time researching, let the homeowners insurance specialists do it for you.

Homeowner financing options to consider

After home improvements such as safety upgrades and fortifying measures come different homeowner financing relief programs. These programs that are designed to cushion the blow of COVID-19 on homeowners include Homeowner Stimulus and Homeowner Assistance Fund.

Homeowner stimulus – Congress has not levied a homeowner stimulus package. Still, homeowners may be able to find refinancing options, and lenders still offer forbearance (or the ability to pay at a lower rate).

Homeowner Assistance Fund – For those most affected by the onslaught of COVID-19, the Homeowner Assistance Fund can help keep them afloat financially. These monies can be used for homeowners insurance, mortgages and more. Additional information about the Homeowner Assistance Fund, which is a national program, is found here.

Many factors affect Florida homeowners insurance costs, and understanding how much it costs to insure a home in Florida and how to best do it is possible. Trust the advisors of W3 Insurance to provide up-to-date guidance regarding Florida home insurance for your unique abode. Your needs are different from anyone else’s, and it takes a personalized examination of those needs and the insurance products available today to make the most informed decision regarding coverage.

Coverage prices may fluctuate, but solid advice does not. Contact W3 Insurance today and have an experienced advisor at your side as you make an informed decision regarding Florida homeowners insurance for your residence.

Flood Insurance: What You Need to Know

Is your property more likely to flood or not to flood? That is the overriding question when it comes to flood coverage and FEMA is attempting to answer it as accurately as possible. Whether your property has been designated in the past as being within a high hazard flood zone or not, changes are underway that could affect the insurance requirements of your business or residence. Read below as we discuss why this is happening, what this means for you, and what your coverage options are.

RISK RATING 2.0

FEMA is using what they’ve deemed “Risk Rating 2.0” as a means to deduce fair and equitable rates across the board to property owners. Since 2021, this Risk Rating has combined such factors as data sets from the private sector, catastrophe models and actuarial science to determine rates.

Much thought has been given to this rating, with the intended results being rate increases and decreases are as transparent as possible. Elements that are considered within the data set include: frequency of flood, flood type and the common risk many property owners cite as an obvious reason for flood possibility – proximity to a body of water.

Why don’t you want a lapse in coverage?

A lapse will trigger additional consequences including a new application with a 30-day waiting period and the loss of glide path, which has a maximum year-over-year rate increase cap.

Glide path provides a discount from paying full risk rates.

  1. The benefit to glide path is that it provides the policyholder with a maximum year-over-year rate increase cap until the premium reaches full risk rates.
  2. This is significant, as the policyholder may experience a huge premium spike if they suffer a lapse in coverage.
  3. Example – The 2.0 renewal offer is $688. Payment is received by the insurance company after the grace period (29 days), or insufficient funds are received. The premium without glide path is now in excess of $4,000.

Helpful tips include:

  1. Consider using Certified Mail when sending premium payments. The certified mail date is used as the premium receipt date, which ensures the earliest receipt date possible. You can also track your payment from the post office to the remittance center at: www.usps.com/shipping/trackandconfirm.htm.
  2. Premium payment must be received by the insurance company, not the agent/insurance agency.
  3. If the premium payment is mortgage billed, be certain the lender remits payment on time. The grace period to avoid a lapse in coverage applies is regardless of being lender or insured paid. If the lender is late with an escrow payment, there is no recourse provided to the policyholder. Be certain the lender information shown on your policy is current.

More information regarding Risk Rating 2.0 can be found on the FEMA link: https://www.fema.gov/flood-insurance/risk-rating

REMAPPING

Changes in premium are also happening due to remapping. These map changes are not just topographical; they potentially shift flood zones. Florida is currently being reviewed and remapped by FEMA. That means possible changes to flood insurance requirements for many homeowners are on the horizon, if not already in effect. FEMA carefully considers the risk profile of different areas; therefore, your home may be designated at a lower or higher risk of flood than previously indicated. Read further about remapping.

PRIVATE MARKET FLOOD

Whether you select coverage through the National Flood Insurance Program (NFIP) or Private Market Flood coverage depends on your individual situation. Unlike the NFIP, Private Market Flood has no waiting period (the waiting period for NFIP is thirty days).

Look for additional important information from your flood insurance company, which accompanies your renewal offer, and call your W3 advisor with any further questions.

Funding a Buy-Sell Agreement with Life Insurance

Life Insurance to Fund Buy Sell AgreementsLife rarely goes according to plan. An unexpected death, disability, divorce, or another event can derail a business and create a huge financial impact on its success. Your business is likely your biggest investment and the future resource for funding your retirement.

All businesses should prepare for a multitude of issues that could put the future of the business in danger. For instance, who would manage/own the business upon retirement or unexpected death/disability of an owner?  Is there an internal candidate who is experienced enough to manage the business, or would the business need to be sold to an outside competitor? What about your family’s needs regarding the business?

A buy-sell agreement is an excellent solution to this risk. It is simply a “will” for how you want the business to transition on Your Terms based on certain triggers such as retirement, death or disability.

There are options for funding a buy-sell agreement, but some options open the door to other problems.

  • A company savings account would pay cash when an owner dies, but if death unexpectedly occurs, there may not be enough funds in the account to carry the business.
  • A loan could be obtained at the time. Unfortunately, interest could be high and it may create unnecessary risks for the surviving owners and business.

The best option to fund a buy-sell agreement is a life or disability insurance policy. These types of policies allow for instant cash/liquidity to be used in either continuing the business or preventing a fire sale, allowing proper time for a buyer to be found. Other advantages include: death benefits proceeds are generally income tax free, funds are purchased for pennies on the dollar, and premiums are likely to be significantly lower than loan interest.

Life insurance also offers the option of a Cross-Purchase Plan or an Entity Plan. In a Cross Purchase Plan, each owner purchases a life insurance policy on all other owners and is named beneficiary. In an Entity Plan the business purchases a life insurance policy on each owner and is named beneficiary of plan allowing the business to buy shares stock redemption style, preventing other owners from paying out of pocket.

Both a Cross Purchase Plan and an Entity Plan offers flexibility such as:

  • Price fixing, formula, or appraisal (most important! Establish fair market value of stock or business at time of agreement.)
  • Pay in cash or installment.
  • Different terms for different events (different prices for retirement, death, disability, etc).

Having a buy-sell agreement is imperative. Preparing one in advance eases negotiations and agreements as no one is sure what the next day will bring.

If you would like more information on how a life insurance product could fit into your business plans, contact Abbey Bowersox today at 727.522.7777 or by email at abowersox@w3ins.com.

 

What is Key Person Life Insurance?

Key Person Life Insurance (also known as Key Man Insurance) is a life insurance policy purchased by a company on a key employee such as the owner, partner(s), majority shareholders or another person(s) whom the continued successful operation of the business depends on.  The policy protects the company in the event of their unexpected death.  Separate key person life policies are purchased for each key employee.  The company pays the premium and is the beneficiary of the policy.

key person life insurance

[Read more…]