National Cyber Security Awareness Month

The news headlines are filled with stories about high profile cyber breaches.  Recent examples include Yahoo, the Democratic National Committee (DNC), and the World Anti-Doping Agency (WADA).  These high profile cases can affect very large number of customers (Yahoo) or sensitive information (DNC emails, WADA test results).   Most businesses do not have the public profile of these three victims but the threat to small and mid-sized businesses is very real.  According to Symantec, 43% of cyber attacks target small businesses.

The potential cyber exposure can take on many forms.  Hacking and stealing sensitive information is one common and well documented cause.  Other causes can include theft of a laptop or cell phone, careless disposal of paper records, and theft / vandalism by a disgruntled or former employee.  Medical records are one of the more sought after targets by cyber criminals.  Other types of Personally Identifiable Information (PII) that must be legally protected include drivers’ licenses, credit card numbers, birth dates, court records, banking records and email addresses.  Social Engineering theft where outside party tries to mimic a manager in order to obtained wired funds is another common criminal tactic.

Relying on a third party such as cloud storage firm or credit card processing service does not insulate you from cyber exposure.   Contracts with these providers will favor the bank or servicing firm.  In fact, a merchant responsible for a breach might be contractually liable for damages incurred by the bank or processor.

Limiting your exposure to a cyber breach starts with good internal controls and employee training.  Keeping your software and firewall up to date are also important risk management strategies.  According to the Ponemon Institute, the causes for breaches involve human error (23%), system glitch (27%) and malicious or criminal act (50%).

The Department of Homeland Security has made October the National Cyber Security Awareness Month.  You can find a number of articles regarding various cyber issues on their website at  https://www.dhs.gov/national-cyber-security-awareness-month.  A data breach calculator can be found at http://www.ibmcostofdatabreach.com/.

Cyber Risk insurance is now widely available and affordable.  This type of insurance can be written to defend against litigation resulting from a breach as well as providing coverages for incurred expenses such as notification of impacted individuals, credit monitoring, business interruption, theft and extortion.  Please contact us if you would like to learn more about this insurance or if you would like to obtain pricing for this coverage.

Medicare D Compliance Overview

Employers with group health plans that provide prescription drug coverage must notify Medicare Part D eligible individuals by October 14th of each year about whether the drug coverage is at least as good as the Medicare Part D coverage (in other words, whether their prescription drug coverage is “credible”).

Please click here to learn more.

Fair Labor Standards Act (FLSA) Scorecard

Failure to comply with the FLSA can result in lawsuits, criminal charges, fines and restrictions in commerce. The scorecard tool will help you make a general estimate of risk.

Click here to download FSLA Scorecard

Newsletter Sign Up


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Posts

Archives

Categories