Page 1




December 2017

In This Issue The Cyber Opportunity 4 Trends Shaping Cybersecurity Now Member Resource: Cyber 101 Identity Theft Takes the Sparkle Off of the Season Fixes to Cybersecurity Weaknesses


In This Issue Cyber 101: New Member Resource

Page 5

Identity Theft Takes the Sparkle Off of the Season

Page 9

Holiday Light & Fire Safety: Consumer-friendly Info Paper

Page 11

4 Trends Shaping Cybersecurity Now

Page 12

The Cost of Data Breach

Page 15

Cyber Security for Insurance

Page 17

The Cyber Opportunity

Page 18

Fixes to Cybersecurity Weaknesses

Page 20

How to Build Relationships In Your Organization and with Vendors

Page 22

The Agency Proposal: A Potentially Key Piece of Evidence

Page 24

Texas News Round-Up

Page 25

David Gorman The escalating threat of cyber attack means increased risk for all businesses; however it also represents increased opportunity for us as independent agents. PIA is here to help address both the risks and the opportunities. We now offer a cyber liability insurance program for your agency at significantly discounted rates. Soon, we’ll be introducing Phase II, allowing you to offer this discounted coverage to your business clients. In this issue we strive to provide you with the information and valuable resources you need to both protect yourself and your clients. Cyber insurance is just one of the many exciting new programs coming our way in 2018. Watch for upcoming issues and our website for announcements in the New Year.

SAVE THE DATE 2018 Texas PIA Annual Convention & Expo May 17 - 19, 2018

In the meantime, wishing you, your entire agency and your family a very Merry Christmas. See you next year,


Arlington Sheraton Hotel & Arlington Convention Center Arlington, TX David (Red) Gorman

Watch for announcements about new educational opportunities coming in

Texas PIA P.O. Box 700877 Dallas, TX 75370 (972) 862-3333

Office: 214-374-9997 Email:


Page 2

Join Texas PIA Now If you’re not yet a member, discover the benefits! Membership in Texas PIA is an investment that provides tangible benefits & services, saving you time and money so you can increase your agency’s bottom line. As a member of the Texas Professional Insurance Agents, you are also a member of the National Association of Professional Insurance Agents and have access to a variety of valuable benefits and information that can support you in the growth and success of your business. Our focus is entirely on professional Texas agent.



Member Benefits Include: •

Insurance products to sell

Agency Marketing Guide

Agency Revenue Tools

DocIT for Agents and more

Together we’ve formed an alliance of experts to deal with any type of issue or question you may face. Visit for more information.

Congratulation to Texas Insurance Professional Services (TIPS) Texas Insurance Professional Services earned the Highest Retention Rate Award at the E&O States Sales and Appreciation Conference at the Gaylord Opryland Resort & Convention Center in Nashville, TN held November 1-3, 2017. The award was presented to “Texas Insurance Professional Services, Inc.” Accepting the award on behalf of that company was Don Miller, president, and Bob Dixon. The award recognized policy count retention among affiliates selling the Utica National Insurance Group, Insurance Agents E&O Insurance Program. The organization achieved a 95.5% policy count retention. Pictured from left to right are Bill Skorzyk - VP Chief Marketing & Sales Officer, Bob Porten - E&O Commercial Lines Underwriting Specialist, Don Miller, Texas Insurance Professional Services, Inc., Bob Dixon, Texas Insurance Professional Services, Inc., Mark Angelucci - SVP Insurance Agents E&O Segment, and John Burns - E&O Executive Commercial Lines Underwriter.


Page 3


Page 4

Cyber 101 Myth: Hackers and cyber criminals generally target large businesses because that is where they profit most.

Fact: 62 percent of cyber-attacks target small-and mid-sized businesses. Free Educational Website for PIA Members The National Association of Professional Insurance Agents (PIA National) and its carrier council, The PIA Partnership, have unveiled a new educational resource for PIA members and agents appointed by carriers participating in The PIA Partnership. Cyber 101 was created to help educate agents and their clients about the most common cyber risks faced by small and mid-sized businesses as well as the business practices and insurance coverages that can reduce those risks. Producers and CSRs using the Cyber 101 resources will gain the confidence they need to talk to their clients about cyber risks and coverages. The Cyber 101 tool box of resources includes materials that PIA members can share with their clients to help them understand their cyber exposure and why they may want to purchase a cyber policy for their business.

Seven Topics/Seven Months: With the help of ABA Insurance Services, Inc. (ABAIS), PIA has identified seven key areas in which small and mid-sized businesses have cyber risks: fraudulent funds transfer, extortion/ransomware, social engineering, business interruption, data breach/privacy, network security, and website media liability. Starting this month, Cyber 101 will introduce new resources on one of these topics each month. These topic-specific resources will include interactive claims examples that demonstrate loss risks to clients, 1-page PDFs explaining the risk, and PIA member webinars. This month’s webinar, which was held on December 12th, addressed the topic of Fraudulent Funds Transfer. A recording of this webinar, as well as those scheduled for upcoming months, will be available to members on the Cyber 101 website.


Page 5


Page 6

Educational Cyber Materials: In addition to resources about these seven topics, Cyber 101 provides general educational resources that agents can personalize and provide to their clients (shown below), as well as general resources just for agents.

Topics to be covered: 1. Fraudulent Funds Transfers, December, 2017 2. Extortion / Ransomware, January, 2018 3. Social Engineering, February, 2018 4. Business Interruption, March, 2018 5. Data Breach/Privacy, May, 2018 6. Network Security, June, 2018 7. Website Media Liability, July, 2018 Get Started: PIA members may visit the Cyber 101 website to access the materials, including the December webinar, and to register for upcoming webinars and alerts when new materials are added. Agencies appointed by Partnership companies may access Cyber 101. Other agents will need to become a PIA of Texas member to access Cyber 101. Learn more about PIA membership and join today!


Page 7


Page 8

Identity Theft Takes the Sparkle Off of the Season by Patricia L. Harman, November 21, 2017,

New Study Results: When it comes to shopping at retailers that have suffered a data breach, 75% of Americans say they would be more skeptical about shopping there during the holidays according to a new survey from Generali Global Assistance (GGA). While 91% of Americans expect to engage in some form of holiday shopping, the majority don’t believe that retailers can adequately protect their personal information.

“Consumers are clearly more concerned than ever about identity theft and related issues as we enter the 2017 holiday season,” said Paige Schaffer, president and COO of Generali Global Assistance’s Identity and Digital Protection Services Global Unit. “With data breaches at major organizations occurring so frequently and impacting literally millions of people in the U.S. alone, consumer confidence in the ability of businesses to protect their data has been shaken.” Despite these concerns, they still won’t be enough to deter shoppers from spending money. Credit cards will continue to be the most used form of payment, followed by cash and debit cards. Some consumers still use checks and a small group will utilize mobile payment apps. “The holiday season is the busiest shopping time of the year, and all this spending results in increased vulnerabilities for hackers and other nefarious parties to exploit,” explained Schaffer. “The increased use of credit cards, greater smartphone usage and even crowded malls can all pose identity theft risks during the holidays. Fortunately, there are steps that consumers can take to protect themselves in order to enjoy a worry-free and festive season.” Consumers are using their cell phones to make purchases online and while they are out shopping in traditional brick and mortar stores. “Regardless of where they are being used, consumers should limit the use of unsecured, public Wi-Fi networks,” cautioned Schaffer. “While using such networks may be tempting because of the convenience they provide, unsecured connections may create openings for hackers to steal your personal information.” Some malicious parties will set up unsecured networks in public areas, hoping that unsuspecting consumers will fall prey to their

Consumers Say Don’t think businesses are doing everything possible to protect their data:

40% Somewhat or very concerned about a data breach impacting their information:

75% Data is at risk when shopping with online merchants:

57% Data is at risk when shopping with traditional brick and mortar retailer:

22% Data is at risk when shopping with traditional brick


Page 9

schemes. “If you must use a public network, it is essential to never access your financial account or any other sites that require a password,” added Schaffer. When shopping online, consumers should make sure to look for the security certification logos on websites. They should also check the URL address to make sure it begins with “https” instead of “http” since the “s” indicates the site is secure. Using a single credit card for online purchases and a separate one for brick and mortar stores can make it easier to monitor the cards for unauthorized purchases. Online isn’t the only place where shoppers are at risk. “Throughout the holidays, many consumers will find themselves in crowded locations – malls, parties, airports and the like. Crowded areas are ideal for pickpockets, as all the hustle and bustle can leave even the shrewdest individuals unaware,” said Schaffer. She cautioned shoppers to keep their wallets, passports, smart phones and other sensitive items secure in their bags or pockets and only take them out when needed. “It is also important to remain especially vigilant and alert when you find yourself in a crowd, particularly when traveling.” Places like ATMs and gas pumps can be easy targets for fraudsters who utilize credit card skimmers to capture sensitive information. Make sure to hide your personal identification number when inputting it into a machine. Consumers should also be aware that credit cards offer more fraud protection than debit cards do if the account number is stolen. Other practical solutions to keep information safe include enabling fraud alerts from financial institutions to help track unusual activity; monitoring statements for unauthorized purchases or activity on accounts; keeping documents and valuables safe when traveling; keeping phones password-protected and changing passwords on accounts regularly. There are no shortage of opportunities for hackers and other fraudsters to gain access to personal and financial information throughout the year, but the holidays seem to magnify them because of the increases in shopping, entertaining and travel. Take time to implement some practical safety steps to keep fraudsters from stealing your holiday joy.

5 Tips to Secure Your Mobile Devices Before the Holidays by Tim Sheehan, December 4, 2017, 1. Mobile device technology stack: The first thing employees or IT staff can do to ensure a solid foundation of up-to-date features and security fixes is to use the manufacturer’s latest software update for the device(s) being used. 2. Mobile networks: All devices connected to the internet to share data need to be part of a network. These days you can find a way to connect almost anywhere you are. 3. Device physical systems: An obvious way for anyone to gain access to your device is via physical manipulation. If you do not protect your device with a strong password that includes a combination of uppercase, lowercase, numbers and/or special characters, you make it easier for someone to “brute force” a way into your device by guessing your password. 4. Mobile applications: There are applications you can download for your laptop, tablet or phone that can open the door for malicious use or privacy intrusion. 5. Mobile enterprise: Work with your IT department or IT vendor prior to taking your vacation or holiday to ensure that your device(s) are fully protected, updated and tested to connect back to your office.


Page 10

New: Consumer-friendly Info Paper PIA Member Benefit Just in time for Christmas, PIA has published a new consumer-friendly info paper, available for download by PIA members. Holiday Light and Fire Safety is available as: •

PIA branded PDF

Customizable PDF

Infographic JPG

Article in copy/paste format Word

Social media post. Are you hanging lights or lighting candles this holiday season? Be safe with these fire safety tips:

A complete library of consumer-friendly info papers are available on the PIA website for member download. Not yet a PIA of Texas member? What are you waiting for? Visit for more information.


Page 11

4 Trends Shaping Cybersecurity Now by Denny Jacob, June 26, 2017, Cbyer Attacks Increase in Frequency, a Company Must Deal With Threats ISACA’s third annual cybersecurity study finds that this issue is increasingly a business priority. The challenge? Resources and available skills are not keeping pace with a threat landscape that is rapidly escalating in complexity and volume. The ISACA survey targets managers and practitioners who have cybersecurity job responsibilities. Respondents primarily came from North America (42%) and Europe (31%), and were employed in an enterprise with at least 1,500 employees (49%). Its "State of Cyber Security 2017" report compares the results of this year's survey with previous results to determine recognizable trends that impact how cybersecurity is practiced, particularly where such trends point to an overall shift in the profession. With this in mind, here are four trends shaping cybersecurity in 2017:

4. Growing Areas of Concern Organizations with a chief information security officer (CISO) in 2017 increased to 65% compared to 50% in 2016. Staffing challenges and budgetary distribution, however, reveal where organizations face exposure. Finding qualified personnel to fill cybersecurity positions is as ongoing challenge. For example, one-third of study respondents note that their enterprises receive more than 10 applicants for an open position. More than half of those applicants, however, are unqualified. Even skilled applicants require time and training before their job performance is up to par with others who are already working on the company's cybersecurity operation. Half of the study respondents reported security budgets will increase in 2017, which is down from 65% of respondents who reported an increase in 2016. This, along with staffing challenges, has many enterprises reliant on both automation and external resources to offset missing skills on the cybersecurity team. Another challenge: Relying on third-party vendors means there must be funds available to offset any personnel shortage. If the skills gap continues unabated and the funding for automation and external third-party support is reduced,


Page 12

3. More Complicated Cyber Threats Faced with declining budgets, businesses will have less funding available on a per-attack basis. Meanwhile, the number of attacks is growing, and they are becoming more sophisticated. More than half (53%) of respondents noted an increase in the overall number of attacks compared previous years. Only half (roughly 50%) said their companies executed a cybersecurity incident response plan in 2016. Here are some additional findings regarding the recent uptick in cyber breaches: • 10% of respondents reported experiencing a hijacking of corporate assets for botnet

use; • 18% reported experiencing an advanced persistent threat (APT) attack; and • 14% reported stolen credentials. • Last year’s results for the three types of attacks were: • 15% for botnet use; • 25% for APT attacks; and • 15% involving stolen credentials.

Phishing (40%), malware (37%) and social engineering (29%) continue to top the charts in terms of the specific types of attacks, although their overall frequency of occurrence decreased: Although attacks are up overall, the number of attacks in these three categories is down.

Topping the Attack Chart Phishing: 40% Malware: 37% Social Engineering: 29%


Page 13

2. Mobile Takes a Backseat to IoT. Businesses are now more sophisticated in the mobile arena. The proof: Cyber breaches resulting from mobile devices are down. Only 13% of respondents cite lost mobile devices as an exploitation vector in 2016, compared to 34% in 2015. Encryption factors into the decrease; only 9% indicated that lost or stolen mobile devices were unencrypted. IoT continues to rise as an area of concern. Three out of five (59%) of the 2016 respondents cite some level of concern relative to IoT, while an additional 30% are either "extremely concerned" or "very concerned" about this exposure. IoT is an increasingly important element in governance, risk and cybersecurity activities. This is a challenging area for many, because traditional security efforts may not already cover the functions and devices feeding this digital trend.

1. Ransomware Is the New Normal. The number of code attacks, including ransomware attacks, remains high: 62% of respondents reported their enterprises experienced a ransomware attack specifically. Half of the respondents believe financial gain is the biggest motivator for criminals, followed by disruption of service (45%) and theft of personally identifiable information (37%). Despite this trend, only 53% of respondents' companies have a formal process in place to deal with ransomware attacks. What does that look like? Continued on page 21 TEXAS CONNECTION - TEXAS PROFESSIONAL INSURANCE AGENTS DIGITAL JOURNAL

Page 14

The Cost of Data Breach by Denny Jacob, July 5, 2017, Takeaways from the 2017 Cost of Data Breach Study In the 2017 global study, the overall cost of a data breach decreased to $3.62 million, which is down 10% from $4 million last year. While global costs decreased, many regions experienced an increase. In the U.S., the cost of a data breach was $7.35 million, a 5% increase compared to last year. When compared to other regions, U.S. organizations experienced the most expensive data breaches in the 2017 report. In the Middle East, organizations saw the second highest average cost of a data breach at $4.94 million — an uptick of 10% compared with the previous year. Canada ranked third with data breaches costing organizations $4.31 million on average. Time is Money For the third year in a row, the study found that having an Incident Response (IR) Team in place significantly reduced the cost of a data breach. According to the study, the cost of a data breach was nearly $1 million lower on average for organizations that were able to contain a data breach in less than 30 days compared to those that took longer than 30 days. There's still room for improvement for organizations when it comes to the time to identify and respond to a breach. On average, organizations took more than six months to identify a breach, and more than 66 additional days to contain a breach once discovered. Additional Key Findings •

For the seventh year in a row, healthcare topped the list as the most expensive industry for data breaches. Healthcare data breaches cost organizations $380 per record, more than 2.5 times the global average overall cost at $141 per record.

Close to half of all data breaches (47%) were caused by malicious or criminal attacks, resulting in an average of $156 per record to resolve.

Data breaches resulting from third party involvement were the top contributing factor that led to an increase in the cost of a data breach, increasing the cost $17 per record. The takeaway: Organizations need to evaluate the security posture of their third-party providers — including payroll, cloud providers and CRM software — to ensure the security of employee and customer data.

Incident response, encryption and education were the factors shown to have the most impact on reducing the cost of a data breach. Having an incident response team in place resulted in $19 reduction in cost per lost or stolen record, followed by extensive use of encryption ($16 reduction per record) and employee training ($12.5 reduction per record).

Related Stories: Humans, The Weakest Link in Social Engineering and Cyber Attacks Key Findings for Businesses from the 2017 FM Global Resilience Index Report


Page 15


Page 16

Cyber Security for Insurance

The Need is Real Our industry faces the same risks as other businesses, but most of us have failed to sufficiently prepare for these threats. Why? Many falsely presume their current cyber strategy is good enough, according to Arctic Wolf Networks, the Silicon Valley-based cybersecurity provider. Company representatives elaborated on this and other insights during a recent webcast titled, "Cyberattacks: Why mid-size companies believe they’re safe — but aren't."

As many independent agencies are in the learning curve, preparing themselves to make recommendations to their clients on cyber coverage, the first step is to evaluate your own needs for protection, take the appropriate security precautions and obtain the appropriate coverage. Cyber Protection for Your Agency PIA National has partnered with ABA Insurance Services to develop a cyber liability insurance program that addresses and covers the specific needs of small and mediumsized businesses. We have rolled out Phase I of that plan, with PIA Cyber Insurance for our member agents. Policy premium is significantly discounted from those rates found in the standard market and the policy includes enhancements not typically offered by competitors. We will be rolling out Phase II, which will be available to PIA members for your small business clients. Premium discounts and policy enhancements will also be offered. You need cyber insurance if you answer yes to any of these questions: Does your business store sensitive customer or employee data? Does your business accept credit card payments? Does your business bank online? Does your business use Facebook, Twitter or LinkedIn? For enrollment information, contact


Page 17

The Cyber Opportunity

Independent Agents to the Rescue As with all problems, the rising spread of cyber threats also represents an enormous opportunity for those agents willing to develop expertise in this area. In 2016, the size of the global cyber insurance market was valued at $3,416.4 million. But by 2023, it’s expected to balloon to $16,970 million, after a compound annual growth rate of 20 percent in the interim. Among all industries, banking financial services and insurance (BFIS) has been the largest consumer for cyber insurance thus far, since they are more prone to cyber attacks, the report says—in fact, contributing more than 35 percent of the global market share in 2016. However, going forward, the market will see the fastest growth in retail and manufacturing during the study’s forecast period. During a July 26, 2017 hearing before the U.S. House of Representatives Small Business Committee, Chairman Rep. Steve Chabot (R-Oh.) stated that cyber threats have become a critical concern for the country’s 28 million small businesses, with the Justice Department recording nearly 300,000 cybersecurity complaints in 2016 alone. Eric Cernak testified on behalf of the Reinsurance Association of America (RAA) and the Property Casualty Insurers Association of America (PCI). He helped the committee understand the current lay of the land with regards to cyber insurance policy offerings. "More insurers have become interested in offering cyber insurance over time," said Cernak, who is vice president and leader of the U.S. Cyber Privacy Risk Practice at Munich Re America. "Less than a dozen insurers offered some cyber insurance in the early 2000s compared to more than 70 in 2016. Reinsurance risk transfer options for insurers with regard to cyber may also become increasingly available." TEXAS CONNECTION - TEXAS PROFESSIONAL INSURANCE AGENTS DIGITAL JOURNAL

Page 18

Today’s reality is that it’s not a matter of if a company will encounter a cyber claim, but when it will happen, and how it will be covered. But preparing your agency, and in turn your clients, to embrace cyber coverage will still take some time and effort. With the predictions of an even faster pace in the increase of cybercrime costs to businesses, it’s time and effort well spent.

Barriers to Be Overcome

The entire 90-minute hearing, titled Penetration Still Low – Less than 30% "Protecting Small Businesses from Cyber Atof businesses currently have cyber politacks: the Cybersecurity Insurance Option," cies in the United States. Many buyers was streamed live via the House Small Busiare skeptical of the value of cyber insurness Committee’s YouTube channel. ance, especially in the absence of a "standard" policy that would enable them to compare coverage and pricing. Others who have a better grasp of the possible losses they face may be unable to obtain sufficient coverage, at least not without adopting costly and unrealistically stringent security measures. As an agent, you can become the educator, not only informing clients about the cyber policies available, and what they will cover, but in sharing the latest information about establishing appropriate cybersecurity measures for their business. Uncertainty About Claims Handling – There’s significant misunderstanding in how cyber losses will be paid out. Cyber liability policies are typically written by exclusion first and inclusion second. In the aftermath of a loss-causing event, insureds may seek coverage for anything not specifically excluded from their policy — a form of "hidden coverage" that may not be taken into consideration when policies are priced. It will undoubtedly take years and hundreds of actual claims before cyber policies become standardized. However, the need for effective risk management is now. Help become part of the movement to adopt a shared industry language to talk about exposure. The Verisk Cyber Exposure Data Standard helps to address this issue by providing a uniform method for data transfer across the insurance value chain, containing the critical parameters that must be captured to assess a company’s risk from cyberattacks. No Playbook Available – Because cyber insurance is still evolving, much more advance thought needs to take place for each individual client. In the absence of standardized cyber coverages and policy wording, insurers should test various payout scenarios, mapping losses not just to cyber policies, but to potentially applicable business interruption, errors and omissions, directors and officers, commercial general liability, and other policies, depending on the makeup of the portfolio and scenario being analyzed.

Every Business is a Prospect You should consider all organizations to be at risk of cyber-related losses (including nonprofit organizations, hospitals, utilities, and governments), regardless of whether it has affirmative cyber coverage. Data on attributes that can affect the organization’s cyber vulContinued on page 21 TEXAS CONNECTION - TEXAS PROFESSIONAL INSURANCE AGENTS DIGITAL JOURNAL

Page 19

Fixes to Cybersecurity Weaknesses by Jessica Dore, November 15, 2017, InsurTech Talk, Prevention Is Better Than the Cure Like all commercial insurance products, cyber insurance helps guard businesses, including insurance agencies, against potential loss. But arming yourself and your clients against some of the more common cybersecurity vulnerabilities is critical to a comprehensive risk management strategy. These tips will help your agency be better protected, and gives you yet another opportunity to be seen as a resource by your clients. Typically, the biggest risks in computer security lie with the user rather than the provider. Think about it this way — if employees have access to an internal system on their mobile devices, what happens if that device is lost or stolen? All companies should ensure they have the ability to erase the data remotely in case a device is lost or stolen. It is also critical to keep your software systems patched — as software companies release new updates and "patches" to safeguard against known vulnerabilities, companies using the software should download and apply them in a timely manner.

When it comes to employee training, be sure to encourage employees to create strong passwords that are updated regularly and kept confidential. Two-factor authentication is also an option — it requires users to provide two types of identification — a password and a fingerprint, for example — to access an account. This helps prevent the success of phishing and malware attacks and protect users' credentials. Cyber attacks take on myriad shapes, sizes and appearances. Some of the more common attacks to look out for include the following: System breaches System breaches, or account takeovers, take place when cyber criminals steal access to a system through account passwords and credentials, then begin executing fraudulent transactions. Methods vary — in some instances, system breaches involve keylogging software that records a user's keystrokes and sends them to the thief. It’s also common to see "phishing" emails that are designed to trick legitimate users into sending credentials to a bogus email account or entering them on a fake website. DDoS attacks Some days it feels impossible to keep up with all the emails. It's like you've received a million emails all at once. For victims of a distributed denial of service (DDoS) attack, that perception becomes a reality. In addition to overwhelming the server, other common results of DDoS attacks include degradation of web or email resources, slow network performance and the inability to access some network resources. DDoS attacks often run the course of several hours, enough of a distraction that fraudulent transactions can take place undetected. TEXAS CONNECTION - TEXAS PROFESSIONAL INSURANCE AGENTS DIGITAL JOURNAL

Page 20


You've likely heard of malware — enter crimeware, a unique form that installs itself on computers when users download files that seem innocuous, but are designed to do damage to your device. While malware originally was created by those acting out of curiosity or in search of notoriety, the goal of crimeware is financial gain. Crimeware is any program or set of programs designed specifically to steal information online. More often than not, crimeware programs are Trojans, which computer security software company Intel Security describes as follows: "Trojans are usually disguised as benign or useful software that you download from the Internet, but they actually carry malicious code designed to do harm — thus their name." After taking root on your device, the Trojan can log everything you type, take screenshots of the websites you visit and steal personal information. Employee usernames, passwords credit card numbers and more can be accessed by hackers once a Trojan has been installed. First Steps With so many cyber threats in existence, protecting your company can seem an insurmountable task. Here are four basic steps to get started: 1. Develop, implement and regularly test a cybersecurity action plan, ensuring your organization is prepared to fight the next potential breach. 2. Host employee training sessions to ensure the entire team is well-versed on the plan, and knows how to report security threats. 3. Protect against hackers looking to take advantage of software malfunctions by deploying patches as soon as they become available. 4. Leverage the tools at your disposal — use all built-in security features on your devices and online systems. Remember — hackers are after companies of all shapes and sizes. Don't assume you're too small, or too far off-the-radar to fall victim. It’s impossible to predict the next attack, but there are myriad ways to make sure you’re prepared when it strikes. From “4 Trends Shaping Cybersecurity Now”, page 14

but law enforcement agencies warn it can have an encouraging effect on those criminals as some cases lead to repeated attacks of the same business. Many cybersecurity specialists argue that the best way to fight a ransomware attack is to avoid one in the first place. Advance planning that might include the implementation of a governing corporate policy or other operating parameters, can help to ensure that the best cybersecurity decisions are made when the time comes to battle a breach. From “Cyber Opportunity”, page 19

storage and transfer methods, and cybersecurity measures, should be captured. Armed with information, you will be able to help all business clients effectively manage their unique cyber risks. There is a large opportunity for growth in the cyber insurance market, and you are in a position to help businesses and communities become more resilient to the potentially catastrophic impact of cyberrelated losses. Cyber risk management is still a nascent discipline, but with the increasing availability of promising tools that can help measure the risk, insurers can be more confident in offering more of the essential protection that society needs.


Page 21

How to Build Relationships In Your Organization and with Vendors John Chapin is a motivational sales speaker and trainer. For his free newsletter, or to have him speak at your next event, go to: E-mail:

We all know relationships are important with clients. If you own the relationship with a client account, you most likely own the business. Just as important as client relationships are the relationships within your organization and with vendors who help your business run smoothly. Problems in these relationships usually lead to problems in client accounts, which could result in lost business. You also spend a good amount of time with vendors and co-workers, so the better your relationships with them, the more pleasant your work life will be. All of that said, how do you ensure good, solid relationships within your organization and with vendors?

Steps to Building Strong Relationships Step 1: Follow Steven Covey’s Habit #5: Seek first to understand. In order to build a relationship with someone you have to get into their world. Here are some ways to do that with vendors and people you work with. a) Ask them: What can I do to make your job easier? During my first week at Diebold Banking Equipment, I approached each individual in installation and service and asked this question. When they realized I was willing to work with and help them, they in turn were willing to work with me and help me. Ask vendors this question too. You want to make their lives as easy as possible. An example of this is with insurance agencies I work with. They ask their carriers what a perfect submission looks like and then do their best to achieve that. Also keep in mind that your objective is to be a great customer for your vendors. Be easy to work with, make sure your interactions with them are good ones, and thank them when possible. b) Talk about their favorite subject. In other words, talk about them, their family, kids, pets, and related subjects. Try to keep the conversation positive and upbeat. While you may have to talk about someone’s cancer treatment or illness, you want to keep most conversations focused on good things going on in the person’s life. Also, be careful not to one-up people. If someone is talking about their daughter playing soccer, you can mention that you daughter plays soccer too, letting them know you have something in common with them. Just don’t talk about your daughter being a superstar or shift the conversation from their daughter to yours. Ask about activities they’re involved in such as bowling leagues, softball, golf, etc. Make sure to listen more than you talk. You have two ears and one mouth. Use them at least in that proportion. Drop in some of your own personal information so they have something they can connect with you on but again, make sure they are talking most of the time and be careful not to out-shine them. Remember everyone’s favorite radio station: WIIFM: what’s in it for me. Focus on that when you talk to people. What do they want and what are they interested in?


Page 22

c) Let others be right, let them go first, and make them feel important. Everyone’s number one need, provided they have food, shelter and the basics, is to be recognized and to feel important. Most people are mirrors. When you let other people be right and let them be first, they’ll do the same for you. They’ll also be much more willing to work with you. d) Use Dr. Tony Alessandra’s Platinum Rule. The Golden Rule is of course: Treat other’s the way you want to be treated. It’s effective more than 90% of the time. To get closer to 100%, use the Platinum Rule: Treat others the way they want to be treated. Ask for preferences regarding communication and other business protocols. Don’t assume that your preference is everyone else’s preference. Step 2: What gets rewarded, gets repeated. When I worked for Diebold, I used to give $5 and $10 gift cards to people in the installation and service departments. I also gave them baseball tickets and other gifts. On special occasions, during the holidays, or when they really went above and beyond, I used to give more expensive gifts such as jewelry or their favorite alcohol. Based upon rules and regulations you may or may not be able to do some of these. Either way, you must acknowledge and thank them for helping you and doing a good job. Stop by their office, thank them for what they just did for you, give them a small token of your appreciation, and ask about their favorite subject. Here are some other ideas for rewarding people that don’t cost anything: • Send an e-mail telling the boss what an asset they are to the • • • •

company. Make sure you copy them in. Send a handwritten thank-you note. Call them on the phone and thank them or stop by in-person. Build them up with sincere compliments. Praise them in front of their peers or higher-ups.

Step 3: Treat co-workers and vendors like one of your top accounts. A great way to build relationships internally and with vendors is to give them the same extra -special treatment that you give your top accounts. Here are some ideas: • • • • • • • • • •

Send them birthday cards and holiday cards. Give them holiday and birthday gifts. Study their areas of interest so you can have intelligent conversations with them. Give them books, articles, and other items related to their areas of interest. Pass on articles and other information about their high school, college, and hometown. Pass on good articles and information you come across about their kids, spouse, relatives, or their related interests. Find articles and other stories written about your vendors’ companies and industries, and occasionally discuss some of this information with them. Pass on items of religious and political interest. Give gift certificates to restaurants and stores. Get creative and come up with other great ideas to turn co-workers and vendors into loyal partners and great friends.

PIA of Texas will be hosting a series of exclusive webinars with John Chapin in 2018. Watch for details! TEXAS CONNECTION - TEXAS PROFESSIONAL INSURANCE AGENTS DIGITAL JOURNAL

Page 23

The Agency Proposal: A Potentially Key Piece of Evidence The agency proposal has played a key role in many errors and omissions (E&O) claims. If the proposal is clear about the proposed coverage and includes definitions and claim examples, it can be valuable for educating the client. If it also includes the necessary disclaimers, the proposal could tip the scales heavily in the agency’s favor in an E&O claim. However, without this information, the proposal can hurt, if not destroy, the agent’s chance of prevailing in an E&O matter. The following is an actual E&O claim. This E&O claim was asserted against the agency for providing inaccurate information about coverage when a dwelling fire policy was procured for the client’s rental property. The producer detailed policy coverages for a Dwelling Property 3 – Special Form (DP-3) in the agency proposal. Unfortunately, the agent only requested a proposal for a Dwelling Property 1 – Basic Form (DP-1) from the carrier. The client purchased the coverage, believing that he was securing broader coverage. As is the typical scenario, the client retained all documentation provided from the producer. The underlying claim involved an upstairs toilet waterline leak, which caused water damage to the dwelling’s second and first floors. The misstatement on the proposal of the coverages clearly put liability on the agency. The E&O carrier paid the claim, with offsets taken for the underlying deductible and premium difference. How could this issue have been avoided? There are several ways this could have been avoided. One way is to make sure the proposal matches what the carrier proposed. In the scenario above, it is possible that the agency asked the carrier for a quote for a DP-3 but the carrier only provided the DP-1 coverage. Carriers make mistakes, too. Agencies should have a process to compare the carrier quote against the application. There might have been something in the risk that precluded the carrier from offering a DP-3, or maybe the application only asked for a DP-1 quote when the intention was to secure broader coverage. Another method is to have the agency proposal reviewed by at least another set of eyes, with one set of eyes belonging to the producer. In the claim above, there is a good chance that further review would have identified the error. Another way is to use the carrier proposal. The advantage of this approach is that if there is a misstatement of coverages or a mistake on the carrier proposal, the carrier would probably bear liability for the error. If the agency is going to use the carrier proposal, it is suggested that a wrap-around document or disclaimer be included. Typically, carrier proposals do not contain the key disclaimers. A disclaimer similar to the following should be added. Information contained in this proposal is intended to provide you with a brief overview of the coverages provided for reference purposes only. It is not intended to provide you with all policy exclusions, limitations and conditions. The precise coverage afforded is subject to the terms, conditions, and exclusions, of the policies issued. Accuracy Based on your agency’s current procedures, could this type of incident happen to you? In the event of an E&O matter, the agency proposal is an admissible document that both lawyers can access. Since the legal standard in virtually all states will hold the agent responsible for what he or she says and what is put in writing, it is vital that the proposal be accurate.


Page 24

Texas News Round-Up Texas Workers’ Compensation Costs Down 63% Since 2005 More Texas businesses are providing workers’ compensation insurance as the cost of coverage continues to decline....more Texas Division of Workers’ Comp: Employees Stepped Up to Help After Hurricane When Hurricane Harvey devastated the Houston area two months ago, Texas Department of Insurance, Division of Workers’ Compensation employees around the state responded rapidly....more Texas Governor Calls White House Disaster Aid Bill ‘Inadequate’ Republican Texas Gov. Greg Abbott on Nov. 17 criticized as “completely inadequate” the Trump administration’s $44 billion request to Congress for disaster relief in his hurricane-ravaged state and other areas hammered by storms....more Texas Weather Forensics Company Unveils Hail Intensity Assessment Product Plano, Texas-based weather forensics company, Dynamic Weather Solutions (DWS) dba HailStrike, announced the launch of a product that indicates the intensity of hail within an area of a storm….more Researchers Find Dangerous Bacteria in Water Wells Near Texas Fracking Sites Two new studies from University of Texas at Arlington researchers show harmful bacteria levels in groundwater near hydraulically fractured gas drilling sites….more New Sensors Tracking Earthquakes Across Texas Three years ago, a series of quakes rattled North Texas — and some residents’ nerves….more

Report: Nearly $60M in Texas Windstorm Insurer Hurricane Ike Claims Still Unpaid The Houston Chronicle reports that several school districts, cities and other government agencies are still waiting for a Texas insurer to pay nearly $60 million in claims from Hurricane Ike, adding to more insurance worries in the wake of Hurricane Harvey….more Texas Officials: At Least 1 Traffic Death per Day Since 2000 The Texas Department of Transportation said that since Nov. 7, 2000, fatalities resulting from motor vehicle crashes on Texas roadways have numbered 59,388. The leading causes of fatalities continue to be failure to stay in one lane, alcohol and speed.…more Rate Increases Approved for Texas Automobile Insurance Plan Association Texas Insurance Commissioner Kent Sullivan has approved changes in the rates for private passenger and commercial automobile insurance provided through the Texas Automobile Insurance Plan Association (TAIPA), which is the state’s assigned risk plan. The changes, which are effective March 1, 2018, will result in an overall average increase of 4.8 percent in passenger automobile rates, according to the Texas Department of Insurance....more Sprowls Elected President of Texas Surplus Lines Association Garrett Sprowls, general counsel and managing broker of Austin-based Professional Lines Underwriting Specialists Inc. (PLUS Inc.), has been elected president of the Texas Surplus Lines Association Inc. (TSLA). ….more Texas Surplus Lines Premiums Exceed $5B at November’s End Surplus lines premium recorded through the end of November rose to $5.04 billion in Texas, according to the Surplus Lines Stamping Office of Texas (SLTX)….more Do you have news to share? Email with your story.


Page 25

AdvertiseINinTHE the Texas ADVERTISE TEXASConnection CONNECTION View our rates for the most cost effective method of keeping View our ratesin for the most cost effective method of keeping your message front of your customers…professional insurance your message in front of your customers…professional insurance agents. agents. Questions? Contact Victoria Reece at or (972) 862-3333. Questions? Contact Victoria Reece at or (972) 862-3333.

Ad Size


Pre-Pay 6 Issues

Full Page



Half Page



Third Page





Quarter Page


Page 26

Texas connection december 2017  
Texas connection december 2017