cyber liability insurance

Cyber Risks & Liabilities

By | Business Insurance, Specialty Insurance

Spear Phishing

“Phishing,” a type of cyber attack in which a hacker disguises himself or herself as a trusted source online in order to acquire sensitive information. It is a common and technologically simple scam that can put your employees and business at risk. However, more resourceful criminals are resorting to a modified and more sophisticated technique called “spear phishing.” This technique uses personal information to pose as colleagues or other sources specific to individuals or businesses.

A spear phishing attack is often disguised as a message from a close friend or business partner and is more convincing than a normal phishing attempt; when messages contain personal information, they are much more difficult to identify as malicious.

For businesses, the potential risk of spear phishing is monumental. A report released by the Internet Crime Complaint Center (IC3) stated that there were over 120,000 cyber crime-related complaints against businesses last year, resulting in over $800 million lost. A large majority of these attacks can be attributed to spear phishing, since the messages are designed and customized to make victims feel safe and secure.

The Basics of Spear Phishing

Any personal information that is posted online can potentially be used as bait in a spear phishing attack. The more a criminal learns about a potential victim, the more trustworthy he or she will seem during an attack. Once the apparent source gains the victim’s trust, and there is information within the message that supports the message’s validity, the hacker will usually make a reasonable request, such as following a URL link, supplying usernames and/or passwords, or opening an attachment.

Even if spear phishing perpetrators target just one of your employees, it can put your entire business at risk.

Falling for a spear phishing attack can give a hacker access to personal and financial information across an entire network. And, successful spear phishing attacks oftentimes go unnoticed, which increases the risk of large and continued losses.

How to Protect Your Business

Though it is difficult to completely avoid the risk that spear phishing attacks pose, there are ways to prevent further damage to your business. Make sure that your employees are aware of these simple techniques:

  • Never send financial or personal information electronically, even if you know the recipient well. It may be possible for a third party to intercept this information, especially if the recipient is later subject to a spear phishing attack.
  • Be cautious when you are asked to divulge personal information in an email. Even if it appears to be from a trusted source, it could be a hacker impersonating another person or group.
  • Only share personal information on secure websites or over the phone. When in a Web browser, you can ensure a website is secure when you see a lock icon in the URL bar, or when an “s” is present in the “https” of a URL. The “s” stands for “secure” at the end of the normal “http”.
  • Some spear-phishing schemes use telephone numbers, so be sure to never share information over the phone unless you initiate the call to a trusted number.
  • Never click on links or open attachments from unknown sources. Even opening a file that seems familiar can give a spear phishing attacker access to personal information stored on your device.
  • Ensure that your company’s security software is up to date. Firewalls and anti-virus software can help protect against spear phishing attacks.
  • Encourage employees to think twice about what they post online. Spear phishing hackers often attain personal information through social media sites. Make sure that employees know how to keep this information private to protect their own security as well as that of your business.
  • Regularly check all online accounts and bank statements to ensure that no one has accessed them without authorization.
  • Never enter any personal or financial information into a pop-up window or a Web browser.

What to Do If You Suspect a Spear Phishing Attack

If you believe that your business has been the target of a spear phishing attack, it is important to act quickly to limit your potential losses. The first step should be to immediately change the passwords of any accounts connected to the personal or financial information of your business or its clients, and to obtain a list of recent and pending transactions. It may also be necessary to contact law enforcement.

Next, an internal or third-party IT expert should be consulted to pinpoint any vulnerabilities that remain in your business’ network, and he or she can advise you on how to avoid future attacks.

If you have further questions about spear phishing or other types of cyber attacks, or if you would like to discuss potential coverage options to further protect your business, contact BHI at insurance@bhi365.com or (302) 995-2247, to speak with an insurance advisor today.

sexual harassment thoughts

Discrimination, Harassment, Sexual Harassment and How We Made it Here Today

By | HR Services

Thoughts from a DE HR professional about the changing regulations, policies, and legislation affecting our workplace and most valuable assets – our human resources.

 

I think I say it daily to clients, coworkers, friends and family “we live in interesting times today.” An understatement, for sure. But how did we get here? How did we get to a time where sexual harassment training is now mandated by state law? Have we simply swept this lack of education, self and social awareness, and disregard for such an obvious standard of workplace dignity under the rug for so long that it has now come to this? You bet we did. But there’s so much more to this subject that I’d like to address.

First of all, it’s not just about sex. If we’re going to discuss sexual harassment, which is only one type of harassment, we need to address everything else that relates to it including discrimination, stereotyping, and unconscious bias. When we talk about discrimination, we mean treating people differently on the basis of their protected class – race, nationality, age, gender, disability, pregnancy and military status. I think it’s equally as important to discuss this type of behavior because it happens just as frequently as sex-based discrimination or sexual harassment, if not more. But sex sells, so that’s what’s mostly in the news. Train yourself to not only be aware of sexual harassment, but also other forms of harassment and discrimination. How often have you heard someone make a racist joke at work or maybe make an employment decision based on a stereotype? It happens so often, and sometimes when we don’t even know we’re doing it. That’s called “unconscious bias.” My goal in pointing this out is to help you make it conscious. Take a step back and try your hardest to remove all bias from the scenario. Try to “not know” what you already know about someone. It can be challenging, but it comes easier with practice.

Now that we’ve addressed the fact that discrimination is just as important, let’s discuss sexual harassment. A female, Delaware employment attorney once said in a presentation about harassment that “it’s not about sex, it’s about power.” Truer words have never been spoken. Power. Think about that word. It’s a striking yet simple term, and we all know what it means for someone to have power over others – especially when it’s used negatively, selfishly or to deliberately cause harm to others. It leaves others in a helpless state because without their own power, what are they left to do but shut up and take it? THAT’S why we, Delaware business professionals, are currently in the place we are where sexual harassment training is now state mandated. It’s because for decades, those in power abused it and no one had the guts to speak up about it until you could do so behind a screen on social media. And now here we are. I think there is just as much positivity as negativity that can come from social media, but let’s simplify this for a second. Drive home the importance of educating our children, friends, and coworkers about what sexual harassment is, what it looks like, and how not speaking up about it is not an option anymore. And I’m not talking about taking to social media, I’m talking about having face-to-face interaction, in-person conversations with other humans about these issues. Dialogue is a very powerful thing in this fight against discrimination and harassment in the workplace. I believe that educating people on the subject, and therefore teaching self and social awareness, are the foundations for having productive dialogue about difficult topics like these. Additionally, let’s teach our children how to use power productively, and to garner respect instead of using it selfishly for sex or other vices that simply do not belong in the workplace. Let’s teach them how important it is to use our voices and ability to have face-to-face conversations as instruments of power when we feel we have none. And lastly, let’s instill in them the confidence to act and speak to protect dignity in the workplace and rid it of culture-killing unproductivity and negativity.

Lastly, let’s discuss the workplace because that’s where these behaviors are taking place. Work is where we go to make money to live, and ultimately to support ourselves and our families. We probably spend more time at work with our coworkers than we do with our families. Therefore, we must protect the workplace and quickly stop behavior that negatively affects it. We shouldn’t have to spend the majority of our time trying to make money to support our families in a horrible work environment. I’m not talking about the normal daily difficulties of work, like admitting a mistake we made to a client or teammate, or fielding complaints about poor service. That is normal and part of work. I’m talking about truly toxic behavior that is repeated, including inappropriate displays of romance in the workplace, or offensive remarks whether directed at someone or simply witnessed, that make people uncomfortable. The workplace is no place for that. It’s a place for WORK. This doesn’t mean there can’t be friendships or relationships amongst coworkers, I’m simply encouraging people to keep behavior at work professional and related to work. If it’s not job related, leave it at the door. I’ve often said this to clients, fellow HR professionals and managers: “It is your duty to protect the workplace and having a difficult conversation with someone whose toxic behavior is negativity affecting the work environment is part of your job.” That’s why we, Delaware business professionals, are here right now, because not enough people felt it was their duty to protect the workplace. That stops now because Delaware law forces us as business leaders to do so, but I hope that each of us start thinking a little more about what the workplace should mean for you, your business, and your most important assets, your human resources.

Yes, we absolutely live in interesting times right now, but everyone needs to take responsibility and accountability for their own actions, especially in the workplace, and whether or not it’s mandated by law. You can eliminate discrimination, harassment, sexual harassment, unconscious bias etc. by your daily actions, and you have more power than you think with your actions and voice. Be powerful such that you elicit respect, not for oppressive or selfish reasons, and especially not for sex. There’s certainly no place for that in the workplace.

Maria Clyde
PHR, SHRM-SCP

For more information about Sexual Harassment & Anti-Discrimination training visit training.bhi365.com or contact Maria Clyde.

DBT40 Honoree: John Boykin

By | Announcements

John Boykin:

Age: 36
Title: President/CEO
Workplace: B+H Insurance, LLC (BHI)

A former bartender and two-time college dropout, John Boykin entered the insurance game at age 23 for $8 per hour and only six hours of work per week. But he pushed himself, became a credible advisor, went to school full time, and six months later he was working full-time in the insurance industry. He gained the experience needed to eventually produce more than $1,000,000 in new business every year since 2007. As CEO at B+H Insurance, LLC (BHI), Boykin oversees more than 25 employees in five business areas.

Boykin volunteers and supports local charities, including the American Heart Association, atTAcK Addiction, Autism Delaware, the Boys and Girls Club, Delaware Hospice, the Elena Delle Donne Foundation, First Tee of Delaware, Habitat for Humanity, the Ministry of Caring, the Ronald McDonald House and the Mary Campbell Center. He also brings that philanthropic nature back to the office, forgoing a portion of his salary each year to reward employees for excellent performance as part of B+H’s “Pay for Performance” compensation program.

Personal Lines Meet the Team

By | Personal Insurance

WHAT is Personal Lines insurance?

    • Personal Lines insurance includes property and casualty insurance products that protect individuals from losses they couldn’t afford to cover on their own. Types of personal insurance include auto, home, renters, flood, valuable possessions, watercraft, RV, motorcycle, umbrella, etc. We highly recommend that our clients cover ALL their valuable personal property.

Read More

Delaware Business Times Announces the 2018 DBT 40 Awards Winners

By | Announcements | No Comments

40 under 40 leaders to be honored for Delaware Business Times, DBT 40 awards

Wilmington, DE (August 29, 2018) — Delaware Business Times is pleased to announce the 2018 DBT40 Awards winners. The DBT40 event pays tribute to these ambitious professionals who are making a name for themselves through professional excellence and community involvement. The honorees represent the best in a wide range of fields such as finance, law, non-profit, hospitality, education and technology.

The DBT40 are featured in both print and digital editions of the Delaware Business Times. Now in its 5th year, this special cocktail reception and awards ceremony has sold-out each year. This year’s winners will be profiled in the October 2nd issue of Delaware Business Times and celebrated at an awards ceremony on October 23rd at The Baby Grand.

Read More

Trouble Recruiting and Keeping Talent? Your Skimpy Health Insurance Is a Likely Cause.

By | Business Insurance, Employee Benefits

The most important decision your company will make for its bottom line just might be the health and wellness program it chooses.

Annual global health spending is now over $3 trillion — and growing rapidly. A good portion of that is driven by millennials, who have both a strong interest in personal wellness and, thanks to the Affordable Care Act (aka, Obamacare), an 86 percent coverage rate (more than 50 percent through individual plans, their parents’ plans or Medicaid). For those in or entering the job market, health insurance is an expectation.

Read More

OSHA: Employee Discipline, Drug Testing, and Incentive Programs

By | Safety Services

On May 12, 2016, the Occupational Safety and Health Administration (OSHA) issued a final rule, including anti-retaliation provisions, requiring certain employers to electronically submit data from their work-related injury records to OSHA. On Oct. 19, 2016, OSHA published an interpretation of how the anti-retaliation provisions affect employee discipline, drug and alcohol testing, and safety incentive programs.

The Anti-Retaliation Provisions

According to OSHA, the final rule clarifies existing law regarding employee anti-retaliation protections. Specifically, OSHA’s anti-retaliation provisions:

  • Require employers to inform employees that they have a right to report work-related injuries and illnesses free from retaliation;
  • Direct employers to adopt reasonable procedures (“not unduly burdensome” and does not “deter or discourage”) that employees can use to report work-related injuries and illnesses; and
  • Prohibit employers from retaliating against employees solely because they report work-related injuries or illnesses.

Read More

New Jersey Enacts Paid Sick Leave

By | Business Insurance, HR Services

On May 2, 2018, New Jersey Governor Phil Murphy signed the Paid Sick Leave Act into law. The Act will require virtually all employers to provide paid sick leave to employees, effective Oct. 29, 2018. Under the Act:

  • All New Jersey employers must provide paid sick leave to their employees;
  • Employees will accrue one hour of paid sick leave for every 30 hours worked, up to 40 hours per year; and
  • Employees must be paid for paid sick leave at the same rate (and with the same benefits) they normally earn.

Read More

Is Your Company Liable for Business-Related Vehicle Accidents?

By | Business Insurance

Regardless of the industry you operate in, it’s likely your employees need to operate vehicles for tasks like client visits, product deliveries, and product pickups. While larger organizations often provide insured company vehicles to their staff for daily use, small and medium-sized business often don’t have that luxury.

If employees use personal vehicles for business-related activities and get into an accident, your organization could be held liable. That’s why it’s critical to have non-owned auto liability insurance, which can provide the following benefits:

Read More