On-demand Webinar, December 11
America’s 28 million small businesses have virtually the same exposure to hackers and other cyberthreats as America’s largest companies. While the billion-account hacks get most of the attention, what small businesses might not realize is that they are far more likely to be crippled or put out of business in the wake of a cyberattack.
On Monday, December 11, the Insurance Information Institute (I.I.I.) will host its I.I.I. Market Report Webinar: Protecting Small Business Against #cyberfail. Leading experts from CNA Insurance, Control Risks, The Institutes, the Small Business Administration and Verisk will join the I.I.I. to discuss the current commercial cyberrisk landscape, how small business leaders can use insurance products effectively, and how they may best employ risk management best practices and other tactics to protect their firms.
Monday, December 11, 2017
2pm – 3 PM EST
Introduction: James Lynch, Chief Actuary, Insurance Information Institute
Moderator: Marty Frappolli, Senior Director of Knowledge Resources, The Institutes
- Steve Clarke, Vice President, Government Relations, ISO
- Nick Graf, Certified Ethical Hacker, CNA Insurance
- Michael Rohrs, Associate Director of Global Cyber Practice, Control Risks
- Donald Smith, Director of the Office of Entrepreneurship Education, Small Business Administration
By Brent Carris
Back in October, in the wake of the sexual harassment allegations levied against Hollywood mogul Harvey Weinstein, I.I.I.’s Claire Wilkinson wrote this post about Employment Practices Liability Insurance (EPLI). It appears that companies are aware of the risk and are increasingly purchasing insurance, including EPLI, to cover costs associated with sexual harassment lawsuits.
In addition to buying insurance, companies have risk mitigation protocols in place to handle sexual harassment in the workplace. But a study of employee lawsuits recently published by Hiscox, illustrates how the aftermath of sexual harassment complaints can turn into charges of retaliation by the time the employee files a complaint with the EEOC. According to the EEOC, many of those who complain of harassment in the workplace also face retaliation. Retaliation was the most prevalent charge category, named in 46 percent of all charges with the EEOC.
The Hiscox study also found that employers in some states have a much higher chance of being sued than in others. In Washington D.C. employers have an 81 percent higher chance of being sued followed by Delaware, Nevada and California.
Employee negligence is the leading cause of cyber security breaches. This Willis Tower Watson blog post suggests several ways to improve employee awareness of good cyber hygiene. They include increasing the frequency of awareness training; adopting a ‘learn by doing’ training approach; gamification of training; appointing employee ‘cyber ambassadors’; ensuring the IT department has the right skills; and evaluating corporate culture to make sure it supports cyber awareness. More details on building a cyber savvy workforce are available here.
Source: Willis Tower Watson Claims Data
Nearly all major commercial insurance lines experienced premium renewal rate increases in October, according to the IVANS Index.
In its analysis, only workers’ compensation remained in negative premium renewal rate territory, IVANS said. Business Owners Policy remains as the line of business with the highest premium renewal rate change, despite continuing its downward trend.
October rate changes include:
- Commercial Auto: 3.10%, up from 2.55% at the end of September.
- BOP: 3.57%, down from 3.87% the month prior.
- General Liability: 1.79%, up from 1.70% at the end of June.
- Commercial Property: 2.83%, up from 2.40% the month prior.
- Umbrella: 1.34%, down from 1.45% at the end of June.
- Workers’ Compensation: -2.24%, down from -1.31% the month prior.
Analyzing more than 120 million data transactions, the IVANS Index measures the premium difference year over year.
Risk management services are an important way cyber insurance adds value for small businesses, according to a new I.I.I. paper.
In Protecting Against #Cyberfail: Small Business and Cyber Insurance, I.I.I. co-authors James Lynch and Claire Wilkinson say:
“The provision of these types of services is considered a growth area in the cyber market for SMBs, where price may be a barrier to insurance coverage in the first place. For larger companies, cyber-related risk management services may be offered at a discount or for free.
“For SMBs in particular, offering a risk management or training solution where they can learn more and keep themselves up-to-date on current threats is perhaps most valuable.”
Also heard at the Advisen Cyber Risk Insights Conference in NYC last week: part of the value proposition for SMBs is that cyber policies offer solutions, not just coverage.
Andy Lea, vice president underwriting for E&O, Cyber and Media, CNA, told the conference: “The value proposition is more prominent with SME and middle market companies that just don’t have resources available in-house to manage risks. This is an opportunity for brokers and carriers to add value.”
In the third week of National Cyber Security Awareness Month, Insurtech Insights newsletter by CB Insights gives a timely update on the cyber insurance market, and where startups are playing in this growing industry.
It notes the “tremendous opportunity” to sell cyber insurance to small businesses.
A recent Better Business Bureau study estimates that 15 percent of small businesses have cyber insurance. BBB Accredited Businesses are almost three times as likely to include cybersecurity insurance.
Fortunately, about nine out of 10 businesses reported to the BBB they have some cybersecurity measures in place, with the most common ones: antivirus; firewall; and employee education:
What are companies doing to protect employees against harassment? This question has added weight after the October 8 firing of Harvey Weinstein by the board of Weinstein Co. following reports of sexual harassment complaints against him. Earlier firings at Fox News and Uber have also brought the issue into focus.
From MarketWatch: “Companies are increasingly buying insurance, including employment practices insurance to cover costs associated with employment lawsuits,” said David Yamada, a professor of law and the director of the New Workplace Institute at Suffolk University.”
Some insurers are also providing training materials for companies to teach their employees about sexual harassment in hope of avoiding it, Yamada added.
Per this 2016 Betterley report, more insurers are partnering with vendors to offer risk management services, such as training and education, consultation and outreach to insureds:
“EPLI value-added services remain an important part of the product when done right, offering employers access to tools that can truly make a difference in the frequency and the severity of claims—as well as the bad feelings that accompany employee/ employer disputes.”
Gross written premium for employment practices liability insurance (EPLI) increased to $2.1 billion in 2015, according to MarketStance data.
I.I.I. information on EPLI coverage is available here.
The October issue of our Latest Studies digest is now available.
In this issue:
- Wharton, The Congressional Budget Office and B.E. Journal of Economic Analysis & Policy all have recent reports on the National Flood Insurance Program
- Lloyd’s of London on the future of cargo insurance
- The latest on marijuana impaired driving from the National Highway Traffic Safety Administration
- J.D. Power on U.S. homeowners insurance customer satisfaction
The I.I.I.’s Michael Barry briefs our membership every week on key insurance related stories. Here are some highlights.
Insurance coverage for riot-caused damage became a media issue this week after a 32-year-old woman was killed, and scores were injured, in Charlottesville amid violent, dueling protests centered on the removal of Confederate General Robert E. Lee’s statue.
Reporters want to know if the number of car accidents might rise on Monday, Aug. 21, when the population soars in 14 U.S. states, from Oregon to South Carolina (see page 4), as tourists flock to witness a total solar eclipse. It is the first one to be visible in the U.S. in 38 years.
Gert became the second hurricane of 2017 to develop in the Atlantic Basin but it never came near the U.S. before drifting into the middle of the ocean.