Unsafe at Home: The Heightened Cyber Risk of At-Home Workers

Two years ago, employees across the country and around the world collaborated with their employers to establish ways they could perform their job duties while working from home.  Today, the urgent need for home-based workers has receded, but the popularity of this option remains high.

And while certain trends point to an actual increase in productivity, job satisfaction, and a better work-life balance from working at home, the choice does also come with a few risks, some quite disturbing and potentially very costly.

The Cost of a Data Breach Report, conducted by the Ponemon Institute and IBM Security, reports that 76% of respondents whose organizations have shifted to remote work expect that working from home could increase the time required to identify and contain a data breach.  What’s more, 70% of respondents expect remote working to increase the cost of a data breach.

Those results should cause business leaders to pause, at least for a moment, to think about what remote work represents regarding risks to your organization’s cybersecurity status.  With the geopolitical upheaval emanating from Eastern Europe currently, the world is getting a first-hand lesson in the power of benign cyber systems to damage economies, influence migration of populations, even wage war.  Just imagine the wreckage a malignant cyber attack could create.

Are your remote employees following strict cybersecurity protocols regarding password control?  Tracking and protecting the physical location of their laptops and smartphones?  Accessing only approved downloads and avoiding personal usage or inappropriate personal apps on company equipment?

Keep in mind that three out of four business leaders have concerns about cybersecurity regarding remote work.  Being concerned is one thing.  Acting on those concerns by clearly stating acceptable and unacceptable cyber behavior, and enforcing those standards, is what can make a real difference.

Contact the professionals at The Reschini Group for more information.


Copyright 2022 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

 

Control the Variables: Keeping Workers Comp Costs In Line

Workers Compensation sounds pretty cut-and-dried, right?  Your rate – determined by the state where your company is located and the type of business – gets multiplied by your total payroll and then divided by 100.

But then modifiers enter the picture, which can raise or lower your costs, based on your loss history, or the record of measurably reducing the risk of injury to employees.  Naturally, you want a modifier that drives your workers comp costs down.  Here are some ideas on how to do just that.

  1. Save Money on Workers’ Comp Insurance – The same as selecting car or health insurance, it’s important to shop around for the best workers’ compensation insurance policies.
  2. Ensure You’re Following Workers’ Comp Claims Management Best Practices – By making sure your claims adjuster always follows best practices associated with claims management, payouts can be reduced by up to 50%.
  3. Focus on Safety – Create and embed a true safety culture, continually providing information on safe processes and procedures, instituting regular safety checks, and characterizing safety less in terms of statistics and more by how injuries impact people and their families.
  4. Have an injury procedure in place – It is essential to manage any injuries quickly and effectively before they become worse, and for managers and employees to know their roles and responsibilities when someone is hurt at work.
  5. Start an Incentive Program for New Hires – Employees, especially new hires, often benefit from incentive programs that reward them for learning the safety protocol. Older employees can also be encouraged to help the newer hires learn about the culture of safety through group incentives.
  6. Implement a Return-to-Work Program – Maintaining ongoing communication with injured employees leads to them returning to the job faster, which means returning to a regular paycheck for them and lower overall costs to the company.
  7. Check With Your State – Some states offer discounts if a company implements a program that promotes safety, so it’s worth checking on your state’s policies.
  8. Review Your Employee Classifications – The simple act of ensuring that each employee is classified correctly regarding his or her current job can represent substantial savings.

When you understand and control the variables surrounding workers comp coverage, you can achieve the modifier level that leads to better control of those costs.  Plus, in virtually every example cited here, it’s the proper, practical, and ethical thing to do, as well.  Contact the workers comp professionals at The Reschini Group today to learn more.


Copyright 2022 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Source: https://news.briotix.com/9-workers-compensation-cost-reduction-strategies

Time Is Money: Results from Latest ‘Cost of a Data Breach’ Report

A data breach creates all sorts of havoc, including significant financial costs.  That’s hardly new information.  But what those costs actually total does make news, as captured in the 2020 “Cost of a Data Breach” report, compiled by the Ponemon Institute and IBM Security.

The information from 2020 (the most current results available) provides a detailed glimpse the financial impacts security incidents can have on organizations, with historical data revealing trends in data breach causes and consequences.  The report shows some consistencies with past research.

Here are the major highlights:

  • The average cost of a breach in 2020 was $3.86 million per breach. This is actually good news, in a way, representing a 1.5 percent reduction from the 2019 cost per breach of $3.92 million.
  • The average time to identify and contain a breach in 2020 was 280 days, virtually identical with the 279 days it took on average in 2019.
  • Regarding prevention against breaches, 59 percent of organizations now have security automation deployed, up from 52 percent in 2019.

If one takeaway leaps out from these high-level results, it is that time is money.  While a higher percentage of businesses have security automation in place, it still takes nearly 10 months to discover and contain a major breach.  And the financial ramifications, even if slightly lower, remain substantial at nearly $4 million per breach.

The need for robust cybersecurity practices and protections continue to grow in importance and relevance.  For more information, contact the professionals at The Reschini Group today.


Copyright 2022 The Reschini Group

Source: https://securityintelligence.com/posts/whats-new-2020-cost-of-a-data-breach-report/

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Heed the Warnings: Surfside Condo and Pittsburgh Bridge

On June 24, 2021, at approximately 1:22 a.m., a 12-story beachfront condominium in the Miami suburb of Surfside, Florida, partially collapsed, killing 98 people and injuring 11.

The main contributing factor was identified as long-term degradation of concrete structural support in the ground-level parking garage under the housing units, due to water penetration and corrosion of the reinforcing steel. The problems had been reported in 2018 and noted as “much worse” in April 2021. A $15 million program of remedial works had been approved before the collapse, although no main structural work had been undertaken.

On Friday, Jan. 28, 2022, at approximately 6:40 a.m., the Fern Hollow Bridge – which carried roughly 14,000 vehicles a day, connecting major areas of Pittsburgh, Pennsylvania – collapsed about 100 feet into a ravine.  Miraculously, no one was killed but about 10 people received injuries.  The bridge had received “poor” ratings for the past 10 years from inspectors, and was included in plans to be rehabilitated, but not for another five to seven years.

As the shock wears off, the impact on victims and families processed, and the physical work of cleanup and reclamation begins, next come the questions about liability and who is responsible for the costs involved in the aftermath.

In the case of the Surfside collapse, there may be issues surrounding the property insurance and the possibility of Director & Officer claims directed at the Condo board.  Regarding the Fern Hollow Bridge, various municipal bodies and agencies may face insurance investigations and subsequent litigation.  In each instance, warnings about potential failures of the respective structures had been issued, and corrective plans made, but none had been performed in time to prevent a collapse.

One thing may be more certain than anything else, however – claims of this scope will trigger enhanced underwriting by the marketplace.

Your organization may not necessarily face the same level of disaster as Surfside or Fern Hollow, but there may be identifiable risks in play nonetheless.  Once they have been identified and a plan to alleviate them has been developed, it is wise to implement those plans sooner than later, as much as practically and financially possible.

For more information on these matters and how to properly prepare, contact the professionals at The Reschini Group today.


Copyright 2022 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Benefits Blog: Five Ways to Save on Healthcare Costs

It’s no secret that healthcare expenses have been on a steady, and costly, climb for the past two decades.  Price hikes of 6.5 percent are projected in 2022, with the ongoing COVID-19 pandemic playing a significant role in those increases.  This fact of financial life means employers must think both strategically and creatively about how to lower their health benefits expenses in 2022.  Here are five ways to help achieve savings:

  1. Control Drug Spending – Drug prices rise faster than any other medical service or commodity, with costs now 33 percent higher than in 2014, according to GoodRx.  Employers can educate employees on the price differences between name-brand and generic medications, and encourage using generics to save money while still receiving the same quality treatment.
  2. Encourage Active Benefits Participation – This includes encouraging employees to improve their health literacy, research treatments, and price shop.  By seeing specific prices for procedures and other services, employees can educate themselves before making costly health decisions.
  3. Offer Savings Accounts with Carryovers – Health savings accounts (HSAs), flexible savings accounts (FSAs), and other tax-advantaged savings account options empower employees to control their own spending and improve their health literacy.  Many accounts allow for fund carryover year to year, encouraging more contributions. Since many employers match contributions up to a limit, more money added to these accounts means greater tax savings for everyone.
  4. Embrace Virtual Health Options – A major takeaway from the pandemic has been the expansion of telehealth services, allowing individuals to connect with health professionals quickly, safely, and less expensively.  Employers adding telehealth services into their plan expand access to care and lower expenses for everyone.
  5. Consider Plan Funding Alternatives – A more drastic option for reducing health costs is restructuring how plans are funded.  For instance, a self-funded plan may be more cost- effective than paying a monthly premium for a fully insured plan.  Other options include level-funding or reference-based pricing models, each of which carries its own set of administrative rules and legal constraints.  Funding decisions should not be taken lightly and should be based on several factors, such as size of an organization, risk tolerance, and financial stability, including employees’ ability to take on large premium increases.

Selecting the best methods to contain healthcare costs depends on each organization’s unique capabilities.  The Benefits Team at The Reschini Group can help sort out the right option for your particular situation. Contact us today to get a conversation started.

Resources:

Benefits Insights: Preventive Care

Benefits Insights: Flexible Spending Accounts (FSA)

Know Your Benefits: Strategies for Saving on Prescription Drugs


Copyright 2022 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Cover Your Bases: Lack of Controls May Limit Cyber Insurance Access

Feeling lucky?  Like to gamble?

It’s one thing to play a small-potatoes hunch on your smartphone as you watch your favorite professional team on television.  It’s quite another to risk your entire business enterprise on something that never needed to be at risk at all – your cybersecurity protocols.

As the scope and expertise of malicious online operators grows, so is the insistence of insurers that their business clients have adequate cybersecurity controls in place.  A growing consequence for those who have not installed and maintained such controls is that they cannot acquire the needed coverage.

An industry leader recently conducted a study that concluded underwriters have adopted a “laser focus” on data security controls when looking at renewal risks, with “even greater underwriting scrutiny” of those controls as time goes on.  The desired preventative controls cited include:

  • Multifactor authentication
  • Remote desktop protocol
  • Segregation of networks
  • Encryption

Those without these protocols in place will be increasingly met either with a decline of coverage or rates increased as much as 200 percent or even higher, according to the report.  The threat of hackers successfully breaching cybersecurity protections has become such an issue for businesses, that even best-in-class risk managers – who have all preferred protections in place – may still see their premiums increase, but at a much lower rate.

So play those little parlays on your phone all you like.  But don’t leave your entire business enterprise open to such a huge bet.  Survey your cybersecurity protections and make sure they’re in place and working.

For more information, contact the professionals at The Reschini Group today.


Copyright 2022 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Source: www.commercialriskonline.com/buyers-without-security-controls-risk-cyber-insurance-refusals-warns-gallagher-report/

How Safe is Safe?: The Impact of COVID on Employer Practices Liability

In addition to the multiple and myriad changes already introduced to the business community by COVID-19, employers may now add possible increased liability and costs, perhaps ironically due to policies instituted to help stem the spread of the virus.

According to a 2021 report conducted in part by the Insurance Information Institute, employers need to be aware of the impact of the pandemic, particularly a shift in the burden of proof onto the employer for certain types of claimants and the changing exposure from people working from home.

Workers compensation saw five consecutive years through 2019 where that line of business posted an underwriting gain, but the institute-sponsored study said that trend could change with COVID-19.  Employer practices liability insurance (EPLI) – separate from workers compensation – has the potential to feel an impact from the pandemic, as well.

Mask-wearing mandates, vaccination or regular COVID testing requirements, increased flexibility and the associated variables of home-based work, plus similar pandemic safeguards, may fall prey to varying levels of adherence.

This lack of clarity has the potential for coverage-related issues, should employees become infected and require ongoing treatment for the virus.  Similarly, this uncertainty feeds into the increased premium costs for employers to adequately protect their businesses.

As new variants of the COVID virus develop and spread – even as vaccines become more refined and effective – the pandemic will continue to have wide, deep, and continuous ripple effects on all aspects of business, including EPLI and workers compensation insurance.

For more information on these matters and how to properly prepare, contact the professionals at The Reschini Group today.


Copyright 2022 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Source: https://www.iii.org/press-release/recession-pandemic-to-affect-p-c-underwriting-results-new-triple-i-milliman-report-shows-081320

 

Holding the Door Open for a Thief: Controlling Social Engineering Online

A professional hacker – who has gone straight and now goes by the job title of “Ethical Intruder” – lays out the truth with this simple statement:  “Take it from a hacker, we are not trying to break in through your next-generation firewall when we can simply ask your users for credentials.”

The sloppy, ill-informed, or unthinking release of credentials – the user names and passwords that permit access to your cyber files online – by employees or vendors is the digital equivalent of holding the door open for a thief to stroll into your sensitive operations with little or no resistance.  In the parlance of cyber security, the ways in which legitimate users either control or surrender control of their credentials is known as “Social Engineering.”

Social Engineering typically is seen within organizations as either an IT issue or the responsibility of Human Resources.  At its core, Social Engineering is a behavioral and awareness issue that hackers know is the easiest and quickest way to crack a cyber defense and avoid detection.

This has become an even more prevalent problem during the COVID-19 pandemic.  Attackers have increased use of their predatory skills against unwitting employees, who simultaneously have become more susceptible to clicking on or downloading files by providing their credentials on nearly anything related to the pandemic.

Entering this commonplace, yet incredibly valuable, information without giving a second thought as to who else might be watching can spell real trouble down the line.

It becomes incumbent on employers to educate and enforce standards regarding the unauthorized or uncontrolled use of employee credentials.  This single step can actually become one of the most effective ways to convey the very real threats that exist, and to tighten up the business’ cyber security protection.


Copyright 2021 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Cybersecurity Resources from The Reschini Group

For more information on cyber security safeguards, contact The Reschini Group today.

 

Safety Can Be Fleeting: Maintaining a Safe Fleet Program

Operating a fleet of vehicles remains a necessity for many businesses.  Drivers climb into cars and trucks every day, occasionally using multiple vehicles for differing purposes.  But do they know the expectations of their employers?  What kind of training and instruction have they received?  What are the rules about purchasing fuel?  Is personal usage ever permitted?  What about parking a company vehicle at their homes during non-working hours?

A consistent fleet safety program means not only cost savings, but also reduced liability, improved employee satisfaction, and enhanced safety performance.  While a program is best when tailored to the exact parameters of a specific business, here are some basic elements that every plan should include:

  • Secure and promote the support and commitment of all levels of management.
  • Issue written policies and procedures regarding all aspects of vehicle use related to the business, and ensure that all drivers have ongoing access to this information.
  • Create a roster of all drivers, including those who drive on behalf of the business using fleet vehicles, personal cars and trucks, and rented vehicles.
  • Screen and select drivers to create a reliable team of safe drivers as the key to ongoing fleet safety success.  Adhere to clear and detailed hiring standards.
  • Offer and record completion of training to all drivers, covering vehicles safety policies and procedures, including defensive driving.
  • Formalize schedules and record keeping related to vehicle inspections, repairs, and maintenance, to avoid costly breakdowns and accidents due to faulty equipment.
  • Manage drivers regularly, offering additional training where needed. Also manage accidents carefully to better understand areas of exposure and reduce the likelihood of future accidents.

The professionals at The Reschini Group can help your organization get a fleet safety program in place that works for your specific needs.  Contact us to talk more about this important consideration.


Copyright 2021 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice. To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Fleet Management Resources from The Reschini Group:

Contact us to talk more about this important consideration.

 

The Reschini Blog: The Pros and Cons of PTO

In the ever-shifting world of people management, the discretion over when time away from the job is justified has long been a source of friction and compromise.  What is vacation?  What is a sick day?  What is an emergency?  And who gets to make those final designations, the employee or the supervisor?

Paid Time Off, or PTO, offers a management strategy designed to alleviate or eliminate those points of possible contention, by changing the nature of the discussion.  Under a PTO system, employees can “bank” a pre-determined number of hours – either by pay period, or by month, or annually – then draw from those hours for whatever purpose they want.

In addition to simplifying the administration of an employee’s time away, PTO treats the employee as an adult capable of managing his or her time responsibly while not needing to worry about justifying the reason to a manager, or offer misleading information about taking a sick day when not actually being sick.  Also, PTO keeps healthy employees from feeling “penalized” for not taking sick days available to them.

Having a PTO system in place also makes a company more attractive to potential employees and increases loyalty among current employees, since time off is treated as a pool of hours, and not segmented into categories.  This means, for example, that unused sick days can be automatically used to take more time for vacation.

Of course, some caution must be taken with plans like PTO.  Managers must watch so that employees do not abuse the system, taking unreasonable stretches of time away that impact the company negatively.  Also, managers must still take responsibility for sending home an ill employee, who would prefer to stockpile time for vacation instead.

But for organizations with a culture that welcomes flexible work schedules, PTO can be a great tool for all involved, as an attractive alternative to traditional vacation and sick time off.

Contact the Benefits team at The Reschini Group to learn more.


Copyright 2021 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.