Cowgills client Q&A summary – 23 April

On the 23 April we held a Q&A session for clients on cyber security and insurance risks. Guests were able to hear from Chris Houghton, CEO at Eventura and Joe Dolan and Mark Hoskins from Watson Laurie.

Below you will find a summary of some of the key topics from the discussion. We will be holding future events for clients and contacts, do drop us a line if you would be interested in attending enquiries@cowgills.co.uk

Summary of today’s call

Chris Houghton – Cyber security

Since the outbreak of COVID-19, we have seen a massive increase in the numbers of clients moving their employees to a home office.

With that comes an increased risk. Home network connections, employees not considering connection credentials and download breaches.

Scammers are using COVID-19 as an opportunity to scam businesses:

• We’ve seen an increase in the number of emails claiming they have been sent by the Government, encouraging clicks. Often this takes you to a website that is not legitimate.
• SMS messages, again claiming to be from the Government.
• Calendar invitations from Google Drive. This could be an invitation to a ZOOM call, you click the connection which has now made your PC susceptible to downloads from outside of the business.
• We’re seeing an increase in professional services (solicitors and conveyancing in particular) ‘man in the middle’ attacks whereby scammers are targeting those who are working from home, hacking their network, monitoring emails and at the right time interjecting and changing details, whether it be contact or bank details.

If you do notice anything like this happening when working from home, it is important you stop and inform your IT department of any breaches or if you are unsure of any links that have been sent.

GDPR should also be considered. Employees will be working from home and have access to client’s personal data, addresses, bank details etc. It is important to have put in place the right guidance to avoid any breaches.

Recommendations for you to consider:

• Offer your employees some form of guidance and best practice advice to follow during this time.
• Consider security training for your employees.
• Remote scans of home networks to make sure they are compliant.
• Working from home reports to monitor employees work activities during this time.
• Make sure you are ready for employees to return to work. Maintaining systems now will make it easier for when offices reopen.
• Think about the nature of your call with clients, if you are discussing very confidential, is ZOOM the right platform to use?
• Maintain regular contact with your employees, reinforcing the cyber security message. Reiterate the importance of network credentials, phishing emails and not to engage with any links etc that are suspicious.
• Use common sense. Sometimes a phone call to a client to check, is all you need to do to avoid a scam from happening.

Joe Dolan and Mark Hoskins – Potential Insurance risks

Cyber Liability

• If you don’t have cyber liability, there may be big problems ahead.
• Typical cover:
  • Hackers accessing data and demanding a ransom not release it.
  • Fines and penalties companies will occur if they are assessed as non-compliant on data protection of privacy.
  • It will cover virus’ that paralyse systems and covers for the income loss while systems are being restored.
  • Theft of funds.
  • Third party providers interrupting business when they are paralysed.
  • Accidental loss of data – followed by legal action by customers.
  • Cover the cost of putting clients organisations back together.

There may well be an extension of cyber liability insurance in current commercial combined policies, but it is likely to be a small limit of cover. We recommend you take out a bespoke cyber liability policy.

Over the last two years, there has been an increase in middleman claims where emails are being monitored and interjected. However, these polices are written with conditions. If you have not followed protocol (e.g., following up with a client to make sure changes etc are legitimate) then you may well invalidate your cover and not have your claim paid.

It is important to communicate with your broker regularly on these matters.

Impact of COVID-19 – Carrying out risk assessment and how we can help

Employers and Public Liability will vary from insurer to insurer, policy to policy but premiums are often priced based on payroll and turnover. With more employee being furloughed there is the possibility to revert back to your broker and treat these employee as clerical staff and perhaps get a reduced premium rate.

With regards to motor fleet and vehicles which are not being used, there is a possibility that vehicles can be classed as laid up and cover can be reduced to fire and theft only. This will clearly have an impact on the premiums normally charged for comprehensive.

As there are less vehicles on the road there, clearly there will be less claims and you should consider negotiating a claim rebate clause with your broker.

Areas of caution to query are as to whether employees resist temptation to drive vehicles while in their custody and control during this period.

If fleets are laid up within customer’s yards, there is an increase fire risk and any changes need to be communicated to your brokers.

Speak to your broker or Watson Laurie to assess your situation and the potential increases or reduced risks.

Consideration should be made regarding unoccupied premises. There may well be an increase in levels of stock and work in progress and enhanced risks that need to be considered. Please contact your broker to discuss your situation in more detail.

We are seeing more businesses are having contracts put on hold. There may well be the opportunity to have midterm reduction on premiums to reflect this. You can be pick this up again at the insurance year end declaration.

There may be an opportunity for you to take a premium finance payment holiday for a period of time. Most polices require you to pay over 10 months. There is potential for you to pick this up over the 11 and 12^th months. However, there is a lot to consider and insurers will look at it case by case and financials.

Credit insurance is also of benefit and important to look into. Not only does it affect you, it can also affect suppliers and customers. Credit insurance protects you against companies going insolvent. It also acts as a traffic light systems alerting companies to other firm’s performances.

All businesses need Directors and Officers cover and careful consideration should be taken as to the limit of indemnities selected and the additional purchase of employment practice liability (EPL).

Talk to your broker, anything is possible if you outline the details.

Social Distancing and what to consider

Businesses who now have the infrastructure in place for employees to work from home recognise that this could be the new norm. Businesses need to consider potential claims:

• Risk assessments should be carried out to assess employees work space, if an employee is working from home for a longer period of time.
• Employee wellbeing – are they at home alone? What measures are being put in place to manage this, email is not enough.

When working from home is not practical, make sure the correct protocols are in place to protect employees. The Government offers guidelines but there is a grey area as to whether there is a legal liability if protocols are not adhered to.

There may be a need to reconfigure work spaces if the Government relax restirctions.

As added protection, it may well require your human resources or health and safety representatives to ask employee to accept working conditions following a risk assessment.