☰ Navigation

1-888-643-2217 Email ABEX
Keeping you updated

Archives

Protecting Yourself from Ransomware

Posted on by

Cyber hackerCyber security experts recently warned that ransomware attacks may be on the rise. This type of malware actually encrypts your data and then requires you to pay a fee in order to access it. With ransom sums often amounting to thousands of dollars, consider taking these simple steps to protect yourself from ransomware:

  • Use trustworthy anti-virus software and make sure it is up to date.
  • Enable automated updates of your operating system and browser.
  • Only download software from trusted sites.
  • Never open attachments in unsolicited emails, even if they come from people in your contacts.
  • Never click on a link in an unsolicited email.
  • Make sure to back up your data regularly and store it offline.

Preventive measures are important, but they can’t account for everything.  It is important to go over your policy and look for any gaps in your coverage.

 

© 2015 Zywave, Inc. All rights reserved.

Is a BYOD Policy Right for Your Company?

Posted on by

Executive with laptopMore and more employees—especially the young and technologically savvy—are no longer satisfied with company-issued tools to get the job done. Known as Bring Your Own Device (BYOD), businesses are finding that employees want to swap company equipment in favor of personally owned devices, such as laptops, tablets or smartphones that they are more comfortable using.

BYOD can be a money-saver for companies, reducing the amount spent on hardware and software purchases, maintenance and the cost of training employees to use the equipment. Especially for rapidly expanding companies, allowing personally owned devices could save thousands of dollars in upfront IT hardware costs for new employees. With BYOD, employees buy and maintain their own equipment. Companies can choose to compensate them by subsidizing or reimbursing their purchases, or offering flexible work schedules and the ability to work remotely.

In addition to saving money, BYOD can be effective for recruiting and retaining staff. With the freedom to choose the technology they are more comfortable working with, employees are more productive and satisfied with their jobs.

While BYOD saves some companies money, others could end up spending a lot more. Businesses that require the standardization of their applications, hardware and operating systems—meaning that some equipment must be integrated with others—could actually increase IT management costs if personally owned devices were added to the mix.

Adopting BYOD can expose companies to two major risks: IT security risks and data loss. This alone may be enough to compel a company to ban BYOD altogether. If you are considering adopting a BYOD policy, you should ask yourself whether the benefits are worth the risks. If your answer is yes, then employ risk management to mitigate those risks.

 

© 2015 Zywave, Inc.

PIPEDA Privacy Act Amendments Now Law in Canada

Posted on by

Privacy-iStock_000016948956XSmallSummary

The long awaited amendments to The Personal Information Protection and Electronic Documents Act (PIPEDA), called the Digital Privacy Act,  received Royal assent on June 18, 2015. Bill S-4 is now law in Canada.  Although Cabinet has not yet proclaimed the Act’s breach reporting provisions in force, Canadian businesses should be preparing to comply with them.

An Organization’s Obligations

There are now three breach reporting requirements “if it is reasonable in the circumstances to believe that the breach creates a real risk of significant harm to an individual” as follows:

  1. Reporting to the Privacy Commissioner;
  2. Reporting to the individual;
  3. Reporting to agencies that can reduce harm to the individual.

Significant Harm

In this context significant harm is now broadly defined and “includes bodily harm, humiliation, damage to reputation or relationships, loss of employment, business or professional opportunities, financial loss, identity theft, negative effects on the credit record and damage to or loss of property”.

Consequences for non-Compliance

The Commissioner’s office may disclose information about an organization’s personal information (PI) management practices to the public if it believes disclosure to be in the public interest. The Commissioner’s office can enter into compliance agreements with organizations that it believes are, or may be, subject to breaches. Anyone who knowingly contravenes these requirements is subject to a penalty of up to $10,000 on summary conviction or $100,000 on indictment.

What does this mean in the context of cyber risk management?

It is now a requirement of Canadian organizations to report cyber breaches which may cause “significant harm” as described above to report them both to the Privacy Commissioner and to the individual(s) affected. They may also be required to notify other organizations, such as law enforcement, should damage caused by the breach potentially be mitigated.

More than anything else, this development will substantially increase awareness of the extent cyber breaches involving personally identifiable information are occurring in Canada. As a result organizations of all sizes and sectors will now be more likely to take this important subject much more seriously. Not only may financial penalties be levied, considerable damage to the organization’s reputation may result as a result of public notification and disclosure.

Doug Blakey B. Math
President, Watsec Cyber Risk Management (watsec.com)
and Director, Canadian Centre for Cyber Risk Management (C3RM) (c3rm.org)

Tailoring a Cyber Policy to Your Business

Posted on by

Hazards to insureCyber insurance is relatively new to the insurance market, which can present some challenges for both businesses and insurers. To date, there are no official industry standards for cyber insurance, but there have been major strides made in recent years to establish some regulations.

Due to the breakneck pace of the technological evolution and increasing pressures to digitize data, most businesses are left vulnerable to cyber attacks. The best way to protect yourself and your company is to conduct a risk assessment and identify any gaps in your coverage. Here are a few things worth looking for:

Understand the coverage that you have, and the coverage that you don’t. Many people might make the mistake of assuming that a commercial general liability (CGL) policy covers losses in the event of a cyber attack. However, assumptions like that can be costly, as many CGL policies specifically exclude electronic data. Take the time to review your current coverage and identify any exclusions that might leave you vulnerable.

Understand your company’s specific needs. Companies vary in their use of and dependence on data. For instance, customer data held by financial businesses is comparatively more valuable to criminals. Other companies, like online merchants, may potentially suffer greater losses as the result of an attack that crashes a website or interrupts service. Different policies have different limits, sublimits and exclusions for different kinds of losses, so it’s important to work with an expert who can find exactly where your liabilities lie and what kinds of coverage you need.

Consider retroactive coverage. Unfortunately, cyber breaches often go undetected for a long time. As a result, a policy that only offers coverage to the date of inception might leave you vulnerable to a cyber attack that hasn’t yet been discovered. To mitigate your liability as much as possible, get coverage with the earliest possible retroactive date.

Obtain coverage for third-party vendors. Many businesses outsource their data processing or storage to a third-party vendor. This is a smart move, especially if you aren’t equipped to handle the IT side of your business. Unfortunately, it may leave you liable for damages if the actions of that third party are responsible for a breach. Make sure you have coverage for the actions or omissions of third parties with which you do business.

 

 

© 2015 Zywave, Inc.

ABEX’s Parent Company Divests its Retail Commercial Business

Posted on by

We are pleased to advise that ABEX Affiliated Brokers Exchange Inc.’s parent company, The Precept Group Inc., has divested its retail commercial business under the brand name Precept Insurance & Risk Management Inc. This decision will not affect ABEX’s ownership or operations, and ABEX will continue to solely focus on the wholesale business on a stronger footing.

Precept Insurance and Risk Management Inc. has decided to join ALIGNED Insurance. ALIGNED is an industry leading brokerage that was uniquely built to create, negotiate and deliver the best business insurance and risk management strategies/solutions to organizations.

We would like to thank our clients and business partners for their support and look forward to continuing to work with them in the future.

Please feel free to contact us with any questions.

Sincerely,

Jim McGregor
CEO
The Precept Group Inc.
375 Hagey Blvd., Suite 302 Waterloo, ON N2L 6R5
Telephone: 519-747-5210
Email: jmcgregor@preceptgroup.net
LinkedIn: https://ca.linkedin.com/pub/jim-mcgregor/14/897/aa7
www.preceptgroup.net

Blog

FOLLOW OUR BLOG

Receive notifications of new posts automatically.

ABEX - AFFILIATED BROKERS EXCHANGE IS ON FACEBOOK.

Like us on Facebook
Connect with us on LinkedIn

CONNECT WITH US ON LINKEDIN