1-888-643-2217 Email ABEX
Keeping you updated

What to Expect When Applying for Cyber Insurance

Every insurance policy starts with an application, and cyber liability insurance is no different. While the underwriting process in long-established insurance lines is streamlined, this is not the case for cyber liability insurance. Currently, application forms for cyber insurance are not standard and can be complex—often consisting of dozens of pages.

For businesses attempting to acquire cyber insurance, the application process itself can be daunting. However, proper cyber liability insurance remains a vital risk-transfer tool for organizations of all sizes. To ensure your organization has the right level of insurance when it needs it most, it is critical to prepare for the application process itself.

What Type of Information is Reviewed?

An underwriter’s job is to assess risk and determine limits and pricing. Insurers depend on the detail contained in an organization’s application, and any vagueness or incorrect information can create issues if and when you file a claim. In order to properly determine your organization’s cyber risks, insurers will review information related to the following:

  • The basics. Insurers will want to know what industry your organization operates in, as well as how much and what types of information your organization stores, processes and transmits. In addition, underwriters will look to see how you manage data security and who is in charge of overseeing cyber-related matters.
  • Information security. When it comes to on-site security, underwriters want to know if you have a formal program in place to test and audit security controls. In addition, underwriters typically look to see if you have basic controls in place, including firewall technology, anti-virus software and intrusion detection software.
  • Breach history. During the application process, underwriters will take a closer look at your breach history. In general, they want to know if the data you house is particularly vulnerable and how effective your data security techniques are.
  • Data backup. Knowing how your organization handles data backup helps insurers better understand your level of data loss risk. Underwriters will want to know if you back up all of your valuable data on a regular basis, if you utilize a redundant network and if you have a disaster recovery plan in place.
  • Company policies and procedures. Communication is important when it comes to reducing your organization’s cyber risk. That’s why, during the underwriting process, insurers want to know what types of cyber security and incident response policies you have in place. In addition, it’s likely you will be asked how you handle password updates, the use of personal devices and revoking network access to former employees.
  • Compliance with legal and industry standards. Failing to comply with cyber-related legislation can be incredibly costly, and insurers will want to know how you handle compliance. Specifically, they will review whether you are compliant with applicable regulatory frameworks, are a member of any outside security or privacy groups, or utilize out-of-date software and hardware.

The more detailed and specific an organization can be during an initial underwriter review, the more likely it is that the organization will receive the proper amount of coverage and good terms.

Tips for Applying

For cyber coverage to be effective, it requires a high level of due diligence on the part of prospective policyholders. To get the most out of your policy, you will want to consider the following best practices when applying for cyber insurance:

  1. Gather accurate data. Before the application process, it’s critical to speak with your information technology (IT) management team and any vendors you utilize in order to collect accurate data. It’s important to quantify the data on your network. Above all, get a solid estimate on how much personally identifiable information you have, including employee data.
  2. Be honest. To complete the application process properly and get the best possible policy, honesty is important. When working with your insurer, be clear about your organizational setup, security protocols and breach history. Not only will this help in securing adequate coverage, but it will also reduce the risk of your policy being voided if carriers find out you were dishonest during the underwriting process.
  3. Don’t wait. Even if your organization hasn’t taken the appropriate steps to reduce its cyber risk, going through the cyber insurance application process can help identify exposures. Your insurer can work with you to get the best coverage possible today, leaving room to negotiate down the line when your data security methods are stronger.
  4. Involve the right people. The application process for cyber insurance can be complicated, and it’s important to have key personnel help you. In order to complete a cyber liability insurance application, an organization may need to work with their risk managers, IT professionals, HR department, financial officers, board of directors, executives, privacy officers, marketing team and legal professionals.
  5. Work with experienced brokers. Because cyber insurance is relatively new, some brokers are more experienced in the underwriting process than others. To get the most out of your policy, work with a carrier who can accurately assess your exposures and offer your organization the best protection. More experienced brokers can even provide details on how similar companies in your industry handle cyber security.

Taking all the above into account will not only prepare you for the cyber insurance underwriting process, but it can also improve data security up front.

Don’t Go in Unprepared

The application process for cyber insurance is both detailed and exhaustive. However, taking the proper steps before the application process for cyber insurance should reduce your data breach risk, making your organization more attractive to insurers and reducing your insurance costs overall.

When applying for cyber insurance, be sure to scrutinize policy terms, premiums and underwriting programs. Doing so can put you in a better position to secure the right coverage. For assistance applying for cyber liability insurance, contact your broker today.

© Zywave, Inc. All rights reserved

The Importance of Condo Insurance

The proper insurance is critical for those that own or are looking to own a condominium (sometimes referred to as a strata). However, understanding how condo coverage works is not always a straightforward process.

To protect their investment, condo owners must purchase coverage (also known as condo or unit owner insurance) that works in conjunction with a condo association or corporation’s master policy. Condo owners often wrongly assume they do not need coverage because their condo corporation already has a policy.

Failing to purchase a condo or unit owner policy can leave you exposed to gaps in coverage—gaps that could be incredibly costly in the event of a claim. To better understand the need for coverage, it’s important to learn what master and condo policies commonly cover.

Master Policies and What They Typically Cover

Typically, your condo corporation has a master policy that insures all of the property and common areas that are collectively owned by unit owners. Generally, condo corporation insurance covers the following:

  • The buildings shown on the condo plan
  • Common property such as hallways, stairs, roofs, pools, garages and driveways
  • Fixtures built or installed as part of the original or standard construction, including floor and wall coverings as well as electrical and plumbing fixtures
  • Condo assets like furniture and equipment
  • Liability of the condo corporation for claims of property damage and bodily injury suffered by others

One of the key takeaways is that your condo corporation’s insurance may cover insured losses to the condo building and common property, but it does not cover your personal contents, liability or improvements to your unit. That’s why purchasing additional coverage in the form of condo insurance is so important.

Condo Policies and What They Typically Cover

While having a separate insurance policy for your condo unit is not mandatory, it is highly recommended.

As noted above, a condo corporation’s master policy typically covers common areas. Not only does this limited protection put your personal belongings at risk, but any improvements you make, damage you do to another unit or injuries that occur in your unit will also not be covered.

What’s more, in the event of a major disaster (like a pipe bursting in your unit), you could be held liable for the cost of any repairs. Master policies often include language that identifies the owner of the unit where a specific loss began as the individual responsible for the entire deductible. With this cost sometimes exceeding tens of thousands of dollars, condo insurance is a must in order to protect your finances.

Condo insurance typically provides coverage related to the following:

  • Contents or personal property. Condo policies will often protect personal property such as clothing, appliances and furniture.
  • Additional living expenses. In the event of an insured loss that leaves your condo unit uninhabitable, condo policies may provide policyholders with funds over and above the normal cost of living. This coverage is essential, as condo owners will need a place to live if their unit is ever uninhabitable.
  • Third-party liability. Condo policies can provide coverage for your personal liability for any bodily injury or property damage unintentionally caused to others.
  • Improvements and betterments. Condo polices provide coverage for any upgrades to your unit (e.g., adding in custom hardwood flooring or custom counters). This coverage is available whether the improvements were made by you or previous owners of your unit.
  • Loss assessments. In the event that that your condo corporation’s insurance fails to provide adequate coverage, loss assessment protection kicks in. This protection helps insure common property and liability.
  • Contingent coverage. Similar to loss assessment protection, contingent coverage insures your condo unit itself in the event that the master policy fails to protect you or is insufficient.

Other Considerations

When it comes to condo insurance, it’s important to remember that a condo corporation will seldom protect your personal property or pay for your living expenses if you are displaced following an incident.

As such, before purchasing your unit, it is imperative that you ask for a copy of the condo corporation’s insurance agreement. That way you are aware of your responsibilities and the amount you need to pay for any deductibles.

In addition, when meeting with your insurance broker, bring a copy of your condo’s bylaws and master policy. This will help in the underwriting process and will ensure that you get the right level of protection.

Depending on the province, condo associations may be required to offer certain levels of protection, and your broker can help you better understand any insurance gaps.

© Zywave, Inc. All rights reserved

Responding to an Active Shooter Incident

Workplace violence may be a rare occurrence, but you should never underestimate the importance of being prepared in the event that your company and employees are targeted by an active shooter. An active shooter is an individual who intends to use deadly force against his or her victims without the expectation of his or her escape.

An attack like this can happen to anyone, anywhere. The general perception is that these events happen in “bad areas” or buildings with key people in society. However, this is not always the case, and the majority of shootings that occur in the workplace are carried out by employees (or former employees) for reasons associated with their job.

While you may not be able to prevent an attack from happening, it’s critical to keep the following tips in mind in the event that your organization experiences an active shooter incident:

  • Evacuate the premises if at all possible.
  • Call 911 if you can do so safely.
  • Warn everyone you encounter to leave the area.
  • Remain silent and still if you can’t flee safely. Be sure to silence any devices you may be carrying.
  • Block any doors with heavy furniture if you are hiding in a room. Don’t stand near any windows.

Employees should be instructed to fight back only as a last resort. During active shooter incidents, co-operating with emergency personnel can mean the difference between life and death.

Attacks can happen without warning. As such, it’s important to consider the threat of an active shooter in advance and make an effort to assess your organization’s vulnerabilities. To do this, take into account the number of workers you employ, the number of exits each of your locations have, secure areas that could act as hiding spots and the types of incident response training your leaders receive.

It is equally important to inform everyone of the actions taken to mitigate the risk as well as what to expect from the company should an attack occur.

© Zywave, Inc. All rights reserved

Donating to Charities and Avoiding Scams

Whether they are providing supplies to help the victims of a disaster or simply want to support a cause they believe in, Canadians donate to charities each year to help those in need. And while most charities are trustworthy and work hard to provide for the less fortunate, there are dishonest groups of people who prey upon the good intentions of others.

By creating fake charity campaigns or abusing donations, scam artists take advantage of those who want to help. To ensure that your donations directly support your intended cause, it’s important to learn some best practices for avoiding scams and choosing a trustworthy charity.

How to Avoid Scams

Despite the urge to help a cause as soon as possible, it is important to do some research before donating to any charity. Consider the following best practices to ensure that your donations go to a legitimate charity:

  • Never wire money to someone who claims to be a charity. Legitimate charities do not ask for wire transfers. Once you wire the money, you’ll probably never get it back.
  • Be cautious about bloggers and social media posts that provide charity suggestions. Don’t assume that the person recommending the charity has fully researched the organization’s credibility.
  • Donate through a charity’s official website only and never through emails. Scammers have a knack for creating fake email accounts that seem legitimate.
  • Ensure that the charity explains on its website how your money will be used.
  • Be wary of charities that claim to give 100 per cent of donations to victims. That is often a false claim, as well-structured organizations need to use some of their donations to cover administrative costs. Be sure to review the charity’s financial information, which can often be found online.
  • Never offer unnecessary personal information, such as a copy of your driver’s licence. However, it is common for legitimate charities to ask for your mailing address, and it is safe for you to provide it.
  • Ask for written information about the charity, including its name, address and telephone number. Legitimate charities will be able to provide you with information about its mission, how your donation will be used and proof that any contribution you make is tax deductible.
  • Confirm the charity’s registration information through the Canada Revenue Agency (1-800-267-2384).
  • Write cheques to specific charities and not individuals. Whenever possible, avoid providing cash donations as it is not traceable and cannot be cancelled. It’s also important to ensure that your online payments are secure.
  • Be warry of organizations that use free emails from Google, Yahoo and similar services, strange phone numbers or names that are similar to popular charities.
  • Be cautious when using online donation platforms. For example, GoFundMe is an up-and-coming crowdfunding service that allows people to raise money for a wide variety of circumstances. Despite its popularity, visitors to the site should be cautious about the campaigns to which they donate. Visitors can report suspicious campaigns directly to GoFundMe via its official website.

Above all, it’s important to avoid being forced into donating. Reputable charities will rarely pressure individuals into donating on the spot. If you come across a charity scam, you should report it to your local police department, as well as the Canadian Anti-Fraud Centre.

How to Choose a Charity

Even legitimate charities need to be considered with care. To ensure that your donations are going to a worthy cause, search a list of qualified charities, which can be found on the government of Canada’s website.

Donors can use this database to confirm that a Canadian charity is registered, revoked, annulled, penalized or suspended. In addition, this service makes it easy to view a charity’s contact information, general actives and financial information. Together, donors can use this tool to help guide their donation decisions.

When choosing a charity it’s also important to consider if your donation will qualify for a tax deduction. In order to qualify, your donation must go to one of the following:

  • A registered charity, Canadian amateur athletic association, national arts service organization or municipality
  • A housing corporation resident that is registered in Canada and created to offer low-cost housing for the elderly
  • A municipal or public body that is registered and performing a function of government in Canada
  • The United Nations and agencies affiliated with the United Nations
  • Her Majesty in Right of Canada

Recognized Organizations

If you are concerned about how your donations will be used, it’s always a safe bet to choose a reputable, registered charity. Popular choices include the Canadian Cancer Society, World Vision Canada and the Canadian Red Cross. Just be sure to cross-reference these charities with the government of Canada as registration status can change suddenly.

Remember that there are other ways to provide relief that don’t involve monetary donations, especially if you live near an impacted area. Local food banks and blood centres commonly ask for donations during relief efforts.

© Zywave, Inc. All rights reserved

What Should Canadians Affected by Equifax Data Breach Do?

Equifax, one of the largest credit reporting agencies in the United States, was recently the victim of a massive cyber attack—an attack that may have compromised the personal information of 143 million people.

Impacted individuals were not simply limited to the United States either, as the hackers gained unauthorized access to personal information of certain Canadian and U.K. residents. Initial reports suggest 209,000 credit card numbers were stolen in the attack, some of which may belong to international customers.

The breach itself occurred between mid-May and July 2017 when cyber criminals gained access to sensitive data by exploiting a weak point in website software. In the United States, sensitive information like Social Security numbers, birthdays, addresses and driver’s licence numbers were compromised.

The recent attack on Equifax is the third major cyber security threat the organization has experienced since 2015 and one of the largest risks to personally sensitive information in recent years. The attack is so severe, in fact, it’s likely that anyone with a credit report was affected.

If you are concerned that you may have been impacted by the breach, Equifax has set up a website to help individuals determine if any of their personal information may have been stolen.

It should be noted that it may not be obvious that you are a customer of Equifax, as the company gets its data from credit card companies, banks and lenders that report on credit activity. As such, it’s important to follow the appropriate steps and check to see if your information was compromised.

Additionally, you should review your online bank and credit card statements on a weekly basis. This will help you monitor any suspicious activity.

Equifax will work with regulators in Canada and the United Kingdom to determine appropriate next steps.

© Zywave, Inc. All rights reserved



Receive notifications of new posts automatically.


Like us on Facebook

Connect with us on LinkedIn