Category Archives: Property/Casualty

Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

Critical Infrastructure, Security and Resilience Highlighted in November

Posted on by

National Critical Infrastructure Security and Resilience Month (CISRM) kicked off on Nov. 1. The month’s initiatives address risks such as extreme weather, aging infrastructure, cyber threats and acts of terrorism.

online pharmacy tobradex with best prices today in the USA

Its timing is certainly appropriate, as the effects of recent hurricanes on infrastructures in southern states and Puerto Rico continue to be assessed, as well as Northern California’s devastating wildfires and the deadliest shooting massacre in modern U. S. history.

The month was created by the Obama administration and the Department of Homeland Security (DHS) hosts CISRM in an effort to promote education and awareness of the 16 critical infrastructure sectors that are vital to public safety and national security. Its page reads:

The evolving nature of the threat to critical infrastructure—as well as the maturation of our work and partnership with the private sector—has necessitated a shift from a focus on asset protection to an overarching system that builds resilience from all threats and hazards.

A CISRM toolkit provides companies with templates and drafts of newsletter articles, blogs, and other collateral material for use in outreach efforts. Activities geared toward business owners, public entities and private citizens focus on several key themes to enhance security and resilience, including:

  • Highlighting interdependencies between cyber and physical infrastructure
  • Pointing small and medium-sized businesses to the free tools and resources available to them to increase their security and resilience through Hometown Security and the four steps of “Connect, Plan, Train, and Report”
  • Promoting public-private partnerships
  • Fostering innovation and investments in infrastructure resilience

In his proclamation of CISRM earlier this week, President Trump further committed to helping businesses invest in “needed capital and research and development by reducing burdensome regulations and enacting comprehensive tax reform.” The proclamation states:

We will also renew our Nation’s focus on ensuring that the next generation has the education and training, particularly in science, technology, engineering, and math, required to meet the known and unknown threats of the future.

Overall the United States’ infrastructure is among the top 18 in the world, according to the 2017 FM Global Resilience Index, which aggregates data to help companies identify their key supply chain risks. The U.S. continued to hold high rankings among 130 countries based on drivers in three categories: economic, risk quality and supply chain factors. The U.S. is segmented into three regions to reflect disparate natural hazards exposure:

  • Region 1, encompasses much of the East Coast, is ranked #10 in the index (a one-spot upgrade from last year)
  • Region 2, primarily the Western U.S., is ranked #18 (a three-spot upgrade)
  • Region 3, which includes most of the central portion of the country, is ranked #9 (down three places)

Although the federal government is less focused on asset protection, business owners can still get involved by safeguarding workplaces. In its October 2017 edition, CLM magazine noted that another path toward resilience involves reducing property damage caused by extreme weather and natural disasters. Literally looking to the sky is one suggestion; business and property owners should pay particular attention to their roofs in order to prevent degradation and enable them to withstand high winds.

“Property owners need to have maintenance personnel adopt and implement preventative maintenance and roof inspection programs that alert them to potential and active degradation,” wrote the authors of the article, “Time For Resilience.

online pharmacy renova with best prices today in the USA

” “Weak links such as roof detachment, corrosion, or other damage could tear off roofing during an enhanced wind event. Such risks need to be mitigated before an event occurs.”

Ready.gov provides resources on disaster planning and management, and also has this section on Business Continuity.

Coverage, Breaches Highlighted at Advisen Cyber Conference

Posted on by

NEW YORK—Advisen’s Cyber Risk Insights Conference, held during Cyber Week, featured risk management professionals and more than 20 panels and sessions on Oct. 26. The keynote was delivered by former New York City Mayor Rudolph W. Giuliani, currently the chair of Greenberg Traurig LLP’s Cybersecurity, Privacy and Crisis Management practice. Giuliani used sports analogies to describe the cybersecurity industry, noting that, “the defense trails the offense by about five years.” Comparing the newest waves of protection software to a strong rookie pitcher, he said, “A new pitcher may come along and strike everybody out as he goes through the league a few times. But eventually he gets figured out and [hackers] figure it out,” he said. “It needs at least a year of being attacked for real,” to find the gaps in efficiency, and leads to the “the kind of experimentation that will yield better results.”

In the session, “SME: In A League of Their Own,” moderator John Mullen, CEO and founding partner of Mullen Coughlin, a cybersecurity and data privacy firm, discussed the growing importance of cyber insurance among small- and medium-sized companies. He asked panelists where they have seen productivity. Panelists agreed that growth among small law firms and accounting firms were strong contributors. Michael Bruemmer, vice president of Experian’s Data Breach Resolution Group, noted he is already seeing breaches of W2 tax forms, which he said is worrisome with tax season approaching. “With some of the recent, large incidents and all the information that was compromised, I think W2s are going to come roaring back again,” Bruemmer said.

As for a look into the future, Bruemmer noted that while startups show great potential for growth, they need to make cyber policy purchases while in their infancies. “Any startup needs cyber protection,” he said, adding that this is particularly crucial during the initial financing and hiring stages, as “You see too many of them go out [of business]. They’re great companies with great ideas but they don’t consider cyber.”

Andy Lea, CNA’s vice president of underwriting for E&O, cyber and media, echoed those sentiments, saying that with the thousands of businesses created each year, “there will always be new buyers and there will be opportunity for this industry to provide value.”

During an afternoon panel, Erica Davis, Zurich North America’s senior vice president, specialty products and E&O, highlighted results from the newly-released annual  Advisen Information Security and Cyber Risk Management Survey, which found that risk professionals view cyber-related business continuity risk less seriously than data integrity risk. This was surprising, she said, as business interruption costs have risen and high-profile business interruption attacks have taken center stage.

The survey also found that just 10% of respondents identified business interruption as the primary reason for purchasing cyber insurance and that purchase growth has gone stagnant after a steady six-year increase from 35% to 65%. Davis noted that the survey ended before the Equifax breach announcement in September.

“These findings may indicate that businesses are not up to speed on the magnitude of the impact that business interruption losses are beginning to have,” she said. “Annually, the survey results are critical for understanding how businesses are thinking about cyber risk and what we need to do to help them protect themselves as we watch this issue continue to evolve.”

The study found that corporate concerns about cyber may be waning, even as the nature of cyberattacks has evolved to include ransomware and malware

According to the study:

  • For the first time in the seven years of the survey, there has been a decline in how seriously C-Suite executives view cyber risk.

  • 60% of the risk professionals surveyed said executive management view cyber risk as a significant threat to their organization—down significantly from 85% in 2016.

  • Only 53% of respondents knew of any changes to their companies’ cyber security systems in response to the high-profile attacks that took place in early 2017.

Keeping Halloween Parties Safe in the Workplace

Posted on by


This year, Halloween is expected to be celebrated by a frightening number of Americans – 179 million. According to the National Retail Federation, 48% of adults plan to celebrate in-costume. These 18-year-olds-and-older are not just chaperoning young trick-or-treaters, many are also employees with their own collective sweet tooth. If you plan to indulge these kids-at-heart with a voluntary workplace celebration, here are some tips to consider:

Dress Code Updates

Your company’s dress code policy will obviously need some flexibility for the day, but one can still be enforced in an effort to limit costumes or themes that are too polarizing, provocative or offensive. It’s good practice to inform employees that certain dress code policies will be enforced.

“Provide examples of inappropriate costumes, such as costumes that are too revealing or are ethnic-, religious- or race-based costumes,” Obermayer Rebmann Maxwell & Hippel LLP, an employment and discrimination law firm, said on its blog. “Request that employees avoid political costumes that could be offensive. If an employee shows up in an offensive costume, send the employee home to change into appropriate clothes.”

Safety Hazards

Even when preparing your company’s party, safety should come first. Be sure that anyone involved in decorating and preparations uses proper equipment. It may seem basic, but related workplace accidents can lead to lawsuits and fines. For example, a preschool teacher broke her arm in 2010 while standing on a child’s seat to hang some decorations, and the school incurred a $5,000 penalty for violating OSHA’s safety terms. Decorations should not put any worker in harm’s way or prohibit their ability to do their job.

Fire risks increase during Halloween parties, often due to the combination of candles and the flammability of the decorations and costumes. PropertyCasualty360.com encourages holiday staples like jack-o-lanterns, but suggests using flameless LED candles that are bright enough to illuminate your carving but don’t pose the risks of a real flame. Due to their flammability, the site also dissuades the use of:

  • Dried flowers or floral arrangements.
  • Corn husks or dried corn stalks.
  • Crepe paper garland or other paper decorations.
  • Homemade paper-towel ghosts.
  • Driveway lanterns with real candles.

Food and Drink

It’s not just employees’ sensibilities that are delicate. According to the Center for Disease Control and Prevention (CDC), 50 million Americans suffer from an allergy each year. Be sure to have employees report any food allergies to the party planner in advance to ensure no one suffers a physical reaction.

If your business has a liquor license and continues serving a visibly intoxicated person, you may be liable for any accidents they cause. In many states, expanding employer liability is a gray area. Some state laws dictate that an employee’s conduct – even after he or she has left a company-hosted party – can still be traced back to the employer. That means that if, for example, an employee is caught driving while intoxicated and/or causes an accident afterward, an injured party can file a lawsuit against the company. When examining such a scenario based on a 2013 court case, Law360 noted:

Since liability is no longer confined to activities conducted on company property, employers may feel the need to police employees before they leave the premises.

Overall Appropriateness

If you’re still up in the air about hosting a party, then that in itself might be an indication to pass on it in the classic sense. The Society for Human Resource Management suggests reflecting on prior Halloween activities and the feedback received from employees or customers:

If most workers did not participate, this practice might not fit with the company culture. Consider alternative ways to celebrate, such as a company potluck or luncheon.

By following these tips, your company can reduce safety hazards and the risks of harassment, lawsuits and outbreaks. October is also Fair Trade Month. Check out Ben & Jerry’s sweet ways to have a “Fair Trade Halloween.”

Protecting Your Company from Rogue Employees

Posted on by

While employee malfeasance rarely takes down entire companies, it can result in serious fines, sanctions, court judgments, settlements and reputational damage. Big data analytics is one way leading companies are able to mitigate risk, by proactively detecting threatening or illegal behavior.

Traditional ERM Approaches Won’t Do

Compliance officers do their best. They generally work within enterprise risk management (ERM) frameworks to introduce corporate policies and procedures, conduct risk avoidance training and audits, and create inter-disciplinary committees. They work with IT to run compliance auditing software on critical structured data, including financial databases and transactional applications.

By targeting only well-behaved structured data, however, compliance officers can lose sight of one key fact—structured data is a small percentage of organizational data. Data storage analysts report that most organizational data are only 15% to 20% structured data and 80% to 85% unstructured.

buy cipro online www.urologicalcare.com/wp-content/uploads/2023/10/jpg/cipro.html no prescription pharmacy

This leaves a huge volume of data that presents serious compliance risk to IP, especially electronic communications.

While e-mail, instant messaging, texting and social media are ingrained in our culture, traditional auditing software does not focus on communications. These threats often evade notice until the damage is done.

Here are some ways threats can escape the radar of employers that have traditional ERM approaches:

  • Limited ability to analyze unstructured data. The inability to monitor unstructured data leaves the company open to regulatory consequences and other risk.
  • Keyword searching to winnow down data sets often delivers a high volume of false positive results. Filtering techniques such as keyword searches may not be highly accurate and require intensive manual review.
    buy ciprodex online www.urologicalcare.com/wp-content/uploads/2023/10/jpg/ciprodex.html no prescription pharmacy

    The result is higher cost and longer timeframes for manual-review projects.

    buy paxil online www.urologicalcare.com/wp-content/uploads/2023/10/jpg/paxil.html no prescription pharmacy

  • Potential security issues. Communication platforms are rapidly proliferating. Employees might be sharing inappropriate corporate information on social media, yet these mentions often go unmonitored by the company, potentially missing evidence of employee misconduct.
  • Complex regulatory changes. Many governmental and industry regulations are already complicated, and their revisions only intensify complexity. For example, since introducing Dodd-Frank, regulators have written 224 of 400 expected rules and continue to modify existing rules.
  • Case-by-case approaches. Case-centric approaches to litigation, investigations and regulatory compliance matters impede applying learning and attorney work product on these cases to other matters. This inability lengthens legal reviews and investigations and multiplies costs. Case-based discovery also makes it difficult to discover widespread risky communications between employee groups and outside organizations.
  • Geographic and organizational silos. Relevant data is spread across different storage locations and eDiscovery platforms, creating distinct data silos.

A Cautionary Tale

Here is an example of risk that can go undetected until it’s too late, as it did at Wells Fargo. Banker 1 is responsible for reaching high quarterly sales goals. His manager increases his sales goals for the next quarter. Banker 1 emails a colleague complaining about how his goals are impossible to meet. Banker 2 suggests he try a creative process called “pinning,” which consists of a banker enrolling an actual customer in online banking to create a “sale.” The banker fills in the customer’s name and address but puts in a fake email address so the customer never receives banking communications. The banker meets his sales goals—and hopes the customer never finds out.

How Big Data Analytics Can Help

Analytics tools are already omnipresent in eDiscovery and compliance reviews. They include predictive coding, email threading and concept searching. They are highly useful for culling large data volumes to more manageable sizes. They also locate meaningful text and concept patterns so that reviewers can strategically work with high priority documents.

The catch is that these analytics can only filter to a point, and only work on a single-case basis. No matter how the case management software learns from tagging and work product, that learning cannot be applied across multiple matters if it resides on different review platforms or with different vendors. Each time a new case begins, reviewers and their software must start over. This leads to very long and repetitive document review processes, already the single most expensive activity in eDiscovery. Clients and attorneys also risk exposing sensitive information as the matter makes its way between document review platforms and multiple stakeholders.

A big data approach, versus specific analytics tools can continuously consolidate billions of documents into a central repository. It can also apply machine and human learning to enable the reporting of trends, new data relationships, and fresh insights into data across all cases—not just a single matter—for greater efficiency, cost control and risk mitigation.