HOT TAKES. ONE PLACE.
There's a LOT to know about insurance. So, whether you've got a specific question or just want the 411 on what we do, click around on the articles below.
FTC Proposes Rule to Ban Noncompete Agreements
On Jan. 5, 2023, the Federal Trade Commission (FTC) announced a proposed rule that would ban noncompete clauses in employment agreements. In making its historic announcement, the agency stated that noncompete agreements harm competition; suppress wages for workers, including those not subjected to noncompete clauses; reduce labor mobility; and hamper innovation.
Media Liability Insurance
Today’s society has become increasingly digital in nature, prompting businesses to leverage additional technology and online services in their operations. Specifically, some businesses have grown more reliant on the internet and social media platforms to market their products and services, allowing them to connect with a wider range of customers.
Inflation Guard
In the commercial property insurance space, rising inflation increases the risk of undervaluing property. A rise in building costs due to factors such as labor shortages, worker wage growth, supply chain disruptions and raw material price increases can increase the severity of a property insurance claim and create potential underinsurance issues for the policyholder.
Managing End-of-Life Software
At some point, all software will reach the end of its life. This means manufacturers will no longer develop or service the product, discontinuing all technical support, upgrades, bug fixes and security fixes. As a result, end-of-life (EOL) software will have known vulnerabilities that cybercriminals can easily exploit. This article discusses the risks of continuing to use EOL software and discusses best practices for organizations to mitigate this risk.
Attack Surface Management Explained
An attack surface is the total possible entry points (a.k.a. attack vectors) for unauthorized access into any system. The recent increase in remote and hybrid work combined with the shift to the cloud and widespread implementation of software-as-a-service (SAAS) applications have made attack surfaces increasingly large, complex and difficult to defend against cyberattacks.
Patch Management Explained
Patch management is the process of acquiring and applying software updates to a variety of endpoints, including mobile devices, computers, servers and embedded devices. Installing patches regularly is necessary to correct errors, help protect data and optimize system functions. This article provides information on how a consistent approach to patching and updating software can limit exposure to various exploits.
Endpoint Detection and Response Explained
Endpoint detection and response (EDR) is a cybersecurity solution that continuously monitors security-related threat information and endpoint data to detect and respond to ransomware and other kinds of malware. It provides visibility into security incidents occurring on endpoints—such as mobile devices, desktop computers, laptops, embedded devices and servers—to prevent damage and future attacks.
Signs of Trouble Seen for U.S. Commercial Auto Insurance Market
Despite having cause for optimism in 2021, the U.S. commercial auto insurance market shows signs of falling behind again in 2022 as losses increase, according to a new segment report from AM Best. The sector had its best year in a decade in 2021, with a combined ratio under 100, a small net underwriting loss and strong premium growth, the company noted.
Clear and Precise Policy Wording: The Key to a Mature Cyber Insurance Market
According to a recent analysis from S&P Global Ratings (S&P), the cyber insurance sector needs “clear and precise policy wording” to build a sustainable market and encourage contract certainty for buyers and insurers. The cyber coverage segment has grown faster than any other subsector of the insurance market, reaching $9.2 billion in global premiums in 2021.
Median Ransom Payment Drops 51% in Second Quarter
Fewer ransomware victims paid to retrieve access to their systems, and the median ransom payment dropped 51% in the second quarter of 2022, according to a recent report from Coveware. Though the median payment dropped to $36,360, the average ransom payment increased 8% to $228,125, boosted by a few outliers. However, the improvement in the median payment reflected threat actors’ shifts toward less risky, lower-profile targets, and the average remains below a fourth quarter 2021 high of over $300,000.
CISA’s Known Exploited Vulnerability Catalog Explained
The Cybersecurity & Infrastructure Security Agency (CISA) maintains the Known Exploited Vulnerability (KEV) catalog to help organizations better manage and mitigate cybersecurity vulnerabilities. The agency encourages organizations to utilize the KEV catalog—the authoritative list of vulnerabilities that have been exploited—to keep pace with threat activity and remediate the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.
Cyberespionage Explained
Cyberespionage is a type of cyberattack that involves an unauthorized user (or multiple users) accessing a victim’s sensitive information in order to secure economic benefits, competitive advantages or political gain. Also known as cyberspying, the primary targets of such cyberattacks include government entities, large corporations and other competitive organizations.
Hacktivism Explained
Hackers exploit virtual vulnerabilities to gain access to networks and devices illegally. While most engage in this activity for financial gain, others, called hacktivists, have different motivations.
Jackware Cyberattacks Explained
Ransomware incidents entail cybercriminals compromising their victims’ computers or servers with malware and demanding large payments in order to restore the technology (as well as any files or data stored on it). They have often been considered one of the most damaging cyberattack methods.
Identifying and Avoiding Phone Scams
Every year, people report fraud, identity theft and bad business practices to the Federal Trade Commission (FTC) and law enforcement partners. According to FTC data, more than 2.8 million people reported fraud in 2021, and 1 in 4 said they also lost money.
Credential Stuffing Cyberattacks Explained
Credential stuffing incidents entail cybercriminals leveraging stolen usernames and passwords in attempts to gain access to additional accounts and systems. For example, a cybercriminal may obtain a target’s username and password for a social media account and use those same login credentials to try and access the victim’s other systems (e.g., email accounts, banking applications or workplace networks).
Man-in-the-Middle Cyberattacks Explained
A man-in-the-middle (MITM) cyberattack refers to a cybercriminal intercepting a digital interaction or exchange between individuals, systems or an individual and a system. During a MITM incident, a cybercriminal could either eavesdrop on an interaction or pretend to be a genuine participant in the exchange.
Cyber Hygiene Best Practices
As cyberattacks become more frequent and severe it is increasingly important for organizations to practice good cyber hygiene to minimize their exposure to risk. Cyber hygiene refers to habitual practices ensuring critical data and connected devices are handled safely.
Cybersecurity Tips for Business Travelers
Organizations face heightened cybersecurity risks when their employees travel. Business travelers are prime targets for cybercriminals, as they often carry valuable data and may not always be careful about securing their devices.
Coverage Insights | Business Owners Policy (BOP)
A business owners policy (BOP) combines commercial general liability coverage with commercial property insurance for qualifying small and medium-sized companies. A BOP offers businesses the opportunity to get more affordable coverage to meet basic insurance needs.