October 2021 – CONSTRUCTION INDUSTRY – Building Risks Evolve, Creating Unique Challenges


AS THE CONSTRUCTION industry booms, contractors face evolving risks that, left unchecked, can leave their operation exposed to new liabilities.
If you already operate a construction firm, you know that there is a labor shortage that has made it difficult to find experienced workers and that hiring entities are asking builders to take on more of the design function, as well.
Your liability picture has also likely changed with the increasing use of wrap-ups and, if you’re using technology in your operation, you now have rising cyber-security risks, too.

Lack of qualified workers

The bottom fell out of the construction industry in the U.S. during the first few months of the COVID-19 pandemic, and many worksites were idled. Now that the industry has found its footing, it’s been dealing with a severe labor shortage.
As construction firms struggle to find workers, the ones who are on the job are having to take on larger workloads, which can put them at risk of injury or making mistakes.
Also, many contractors are having to take on younger, less-seasoned laborers, who may lack the experience to identify and avoid hazards, which puts them and others at risk of injury. Those injuries in turn affect your workers’ comp
premiums.
A lack of workers coupled with inexperienced new ones on sites can also end up drawing out projects, forcing contractors to miss deadlines.

Professional liability risks

As more project owners want an all-in-one job with the lead contractor designing and building the project, contractors now face a new type of risk: professional liability.

But the typical contractor’s insurance policy doesn’t provide protection for any design work you take on.
Courts have ruled that:

  • Designers who perform “builder activities” lose limitation of liability typically enjoyed by design professionals.
  • Builders who perform “design activities” assume responsibility for design deficiencies.

Wrap-ups more prevalent

Many construction projects are now covered under one general liability policy to cover the work of the general contractor, as well as of all the subs. More lenders are requiring that liability is set up in one all-encompassing policy.
A properly assembled general liability wrap-up should provide coverage not only during the construction period, but also up to 10 years after the work is completed.  These policies often reduce the cost of coverage.

More cyber-security risks

Like all industries, the construction sector has grown increasingly reliant on technology to get the job done. That exposes contractors to a variety of cyber risks, including keeping project designs, client records and employee records confidential.
Many building contracts today include clauses requiring the contractor to be responsible for potential cyber breaches.
Given the increasing popularity of practices such as “building information modeling,” “integrated project delivery,” and file-sharing between participants in a construction project, contractors may be at increased risk of liability in the event of a data breach.


October 2021 – Wildfires Make for Difficult Insurance Market


MORE BUSINESSES in wildfire-prone areas are facing a difficult commercial property insurance market as insurers reduce their exposure and some have left the market altogether.

Many businesses in areas that have already been ravaged by fires in the past, or those located in areas that are near forests and large grassy areas are seeing their premiums increase – sometimes substantially by 300% or 400%.
Also, more businesses are finding few insurers that are willing to cover their properties.

According to a new report by insurance rating firm AM Best, California wildfires have caused over $4 billion in commercial property losses for insurers in three of the past four years.

It’s expected that 2021 fire losses could be even greater than those of the prior four years.

The fallout

  • Some insurers have stopped writing property insurance in high-risk areas.
  • Most insurers are increasing their rates substantially in high-risk areas.
  • Insurers are requiring policyholders to have mitigation measures like defensible space (see below).
  • Many policies have worse terms. One winery owner interviewed by the Los  Angeles Times said that his premium was typically $200,000 with a $25,000 deductible. His new policy costs $800,000 and includes a $500,000  deductible, and would only cover 20% of the value of his buildings.

The new playbook

Many insurers are applying three metrics in evaluating exposure to fire:
Brush mapping – This is a map of the tinder and brush, nearby trees, and other items that could contribute to your building(s) catching fire.
Wildland-urban interface – The closer that a building is to nature, the more at risk it is. A wildland-urban interface is defined by the Forest Services as a place where “humans and their development meet or intermix with wildland fuel.”
Concentration of properties an insurer covers in your area – If your carrier has a high concentration of policies for other properties in your area, they may opt to non-renew policies in order to reduce their exposure.

 

 

 

 

 

 

PROTECTING YOUR COMMERCIAL PROPERTY

  • Zone 1 (0-5 feet): Concrete, gravel mulch, and low-growing plants or lawns are good choices for this zone. Avoid combustible materials.
  • Zone 2 (5-30 feet): Vegetation island. Prune low tree branches. Remove shrubs.
  • Zone 3 (30-100 feet): Thin out vegetation between trees. Don’t let tree canopies touch.

The California FAIR Plan Is the Market of Last Resort 

Coverage options

If all insurers have rejected a property, we have two options:

– The non-admitted market – These insurers, which include Lloyd’s of London, are usually willing to write buildings in higher-risk areas, but they too have increased their underwriting criteria.

– The California FAIR Plan – If we cannot find an insurer in the non-admitted market, the last choice is the FAIR Plan, which is the market of last resort for property owners that cannot get coverage elsewhere.

Policies cover losses from fire, lightning, and explosion only.
Also, policies are limited in what they will payout, so if you have millions of dollars tied up in equipment and/or inventory, the policy may not be enough to cover all the damage you incur from a wildfire.

The maximum limit for commercial properties is $3 million for structures and $1.5 million for all other coverages, for a combined $4.5 million limit for all commercial properties at one location. But there are some exceptions.

Your options if you go to the FAIR Plan

If the FAIR Plan coverage is not enough for your needs, we can find another insurer that provides excess coverage that
would kick in at a certain dollar amount of damage.

And for risks that are not covered, we would have to also find you a “differences in conditions” policy. Combined with FAIR Plan coverage, adding such a policy can nearly mimic the coverage of a commercial policy.

 


July 2021 – Non-Admitted Carriers – The Option When No Insurers Will Cover You


SOME BUSINESSES are finding fewer insurers willing to write their policies for certain types of coverage that are seeing rapidly rising claims costs, particularly in liability lines as well as property insurance in areas with exposure to natural catastrophes.
When no insurers that are licensed in California are willing to write a policy, we as your agent have to go to another market made up of insurance companies that are not licensed or regulated by the state.
It’s called the surplus lines (or “non-admitted”) market, and it can be a valuable alternative for insurance buyers.
As insurers get more selective writing some risks, it’s important for you as an insurance buyer to understand this market.

Why use a non-admitted carrier?

The most well-known non-admitted insurer is Lloyd’s of London, famous for insuring insurance companies and celebrities’ or sports figures’ body parts and global sporting events. Often non-admitted insurance companies are located in other states or domiciled abroad, like Bermuda or another tax-haven country.
Unlike licensed insurance companies, non-admitted companies do not have to obtain approval from state regulators for the policy forms they use or the rates they charge.

 

 

Since they are not regulated by the state, non-admitted insurers can offer creative coverage options and they can quickly and easily introduce new types of insurance that businesses need.
Some types of policies that are standard today, such as cyber insurance and employment practices liability insurance, got their start in the non-admitted market.
State laws typically permit a broker to obtain coverage from a non-admitted insurer only if at least a few standard insurance companies refuse to offer coverage. However, most also have coverage options that are not available in the standard market.
When someone needs one of the latter coverages, no rejections from licensed companies are required. An example might be liability insurance for contractors who demolish buildings.

Risks

There are risks to purchasing insurance in the non-admitted market. Policies may provide less coverage than do standard policies, or there may be restrictions on when coverage applies. Policies should be reviewed carefully. Also, because the insurers can charge whatever they feel is appropriate, premiums can be higher than you may expect. The policies may also be exempt from state laws regarding notices of cancellation and non-renewal.
Also, in every state but one (New Jersey), non-admitted policies are not backed by a guaranty fund. Guaranty funds cover claims left unpaid when an insurer is unable to pay for them. If a non-admitted company becomes insolvent, the policyholder has no recourse.

The takeaway

Despite the risks, the non-admitted market serves an important function, giving buyers a place to get needed coverage that would be otherwise unavailable.
Those who think they may need to tap this market should consult with us to find the right coverage at an acceptable price.


April 2021 – Social Engineering Crime – Business Compromise Scams Growing Fast


BUSINESS COMPROMISE scams that use both technology and a human touch to steal funds from businesses are growing as criminals engage in social engineering tactics to dupe unsuspecting employees.

Businesses have lost millions of dollars to social engineering scams, where attackers impersonate a company president or executive who is authorized to approve wire transfers to trick employees into transferring funds into a fake client or vendor account.

According to the FBI’s Internet Crime Complaint Center, in 2019 U.S. businesses were hit with an estimated 23,775 e-mail compromise scams that
resulted in aggregate losses of $1.7 billion. Figures for 2020 are not yet available.

Vishing – or voice phishing – attacks have been growing. The FBI in January warned of an increase in vishing attacks targeting employees working remotely in the COVID-19 pandemic, and of the heightened risks companies face when network access and broadening of online privileges may not be fully monitored.

 

How to train employees

Providing practical employee phishing training is key to keeping your company safe. The following are activities and tips to help you train employees to stay vigilant.

Remote workers should be vigilant in checking internet addresses, more suspicious of unsolicited phone calls, and more assertive in verifying the caller’s identity with the company, the FBI recommends.

When training staff, you should:

  • Explain what vishing and phishing is, how it happens, and what risks it poses on a personal and company level.
  • Explain the different types of phishing attacks.
  • Train your workers in identifying signs of phishing attacks, like e-mails with poor spelling and grammar, incorrect e-mail addresses (for example BobS@ Startbucks.com), and fraudulent URLs.
  • Train your staff in recognizing phishing links, phishing attachments, and spoofed e-mails. Additionally, your employees should know what steps to take after they identify a threat.
  • Conduct simulations that send employees fake phishing e-mails. The results should be shared with them to show how they fell for the scam and the damage that being duped into clicking on a malicious link can cause.

 

Insurance

As vishing and business e-mail compromise scams increase, more employers are seeking to add coverage in their commercial crime policies.
Typically, these policies have been used to cover losses for internal theft, but lately, about 50% of claims are for losses related to phishing and fishing scams.
The price of social engineering coverage varies by risk and limit, but it can often be added to a crime policy as a rider.
One thing though: social engineering coverage will often have lower limits than a typical commercial crime policy. This is because of the risk of much larger financial losses than a company could expect from internal theft or white-collar crime perpetrated by an employee.

 

ADVICE FROM THE FBI

  • Consider instituting a formal process for validating the identity of employees who call each other.
  • Restrict VPN connections to managed devices only (meaning not on employees’ personal devices).
  • Restrict VPN access hours.
  • Employ domain monitoring to track the creation of or changes to corporate brand-name domains.

April 2021- Cyber Insurance – As Attacks and Costs Mount, Rates Climb Higher


CYBER INSURANCE rates are going to increase dramatically in 2021, driven by more frequent and more severe insured losses, according to a recent industry study.

The report by global insurance firm Aon plc predicted that rates would jump by 20% to 50% this year due to two main factors:

 

1. Cyber attacks are becoming more frequent

While publicly disclosed data breach/privacy incidents are actually occurring less often, ransomware attacks are exploding in frequency.

Ransomware incident rates rose 486% from the first quarter of 2018 to the fourth quarter of 2020. The comparable rate for data breach incidents fell 57% during the same period. The incident rates for the two types of events combined rose 300% over the trailing two years.

 

2. The costs of these attacks are growing

The average dollar loss increased in every quarter of 2020. Ransomware attacks were particularly severe – many of them resulted in eight-figure losses. Others may grow to that level as business interruption losses are adjusted and lawsuits against insured organizations proceed.

The combination of more frequent and more costly losses is a
recipe for higher rates.

Cyber insurance rates continued increasing in 2020, with rises of between 6% and 16% in the last four months of the year. In January 2021, most of the top 12 cyber insurance companies told Aon they were planning more drastic rate hikes. Nearly 60% reported that they would be seeking rate increases of 30% or more during the second quarter. None of them expected increases less than 10%.

 

New underwriting criteria

When insurers evaluate cyber insurance applicants, they will be particularly concerned with the organization’s overall cyber risk profile, its cyber governance and access control practices, and its network and data security. Prior loss history will be less important because the frequency of attacks is growing so quickly.

Some insurers may also cap how much they will pay for ransomware losses, or even exclude them entirely. They may also increase the waiting periods before coverage begins to apply.

 

WHAT BUSINESSES CAN DO

To improve your chances of getting more favorable pricing and coverage, the report recommends that you focus on:

  • Reducing the risk of cyber losses.
  • Measures to keep data private.
  • Building an internal culture of cybersecurity.
  • Preparing for ransomware attacks and disaster recovery planning.
  • How your contracts and insurance will respond to a supply chain security breach.
  • Understanding primary and excess coverage terms and
    communicating primary terms to excess insurers.

Essential Workers’ List COVID 19 Workers’ Comp – New Executive Order by Governor Newsom


On March 19, 2020, Governor Newsom issued Executive Order N-33-20 directing all residents immediately to heed current State public health directives to stay home, except as needed to maintain continuity of operations of essential critical infrastructure sectors and additional sectors as the State Public Health Officer may designate as critical to protect health and well-being of all Californians.
In accordance with this order, the State Public Health Officer has designated the following list of “Essential Critical Infrastructure Workers” to help state, local, tribal, and industry partners as they work to protect communities while ensuring continuity of functions critical to public health and safety, as well as economic and national security.

Note:  Employees have 14 days to file and the employer has 30 days to respond.  The new rules apply to workers who tested positive for COVID-19 within 14 days of performing work, or those who received a diagnosis within 14 days that was confirmed by a positive test no more than 30 days later. Employers have 30 days to rebut a claim.

 

HEALTHCARE / PUBLIC HEALTH
Sector Profile
The Healthcare and Public Health (HPH) Sector is large, diverse, and open, spanning both the public and private sectors. It includes publicly accessible healthcare facilities, research centers, suppliers, manufacturers, and other physical assets and vast, complex public-private information technology systems required for care delivery and to support the rapid, secure transmission and storage of large amounts of HPH data.

Essential Workforce
• Workers providing COVID-19 testing; Workers that perform critical clinical research needed for COVID-19 response.
• Health care providers and caregivers (e.g., physicians, dentists, psychologists, mid-level practitioners, nurses and assistants, infection control and quality assurance personnel, pharmacists, physical and occupational therapists and assistants, social workers, speech pathologists and diagnostic and therapeutic technicians and technologists).
• Hospital and laboratory personnel (including accounting, administrative, admitting and discharge, engineering, epidemiological, source plasma and blood donation, food service, housekeeping, medical records, information technology and operational technology, nutritionists, sanitarians, respiratory therapists, etc.).
• Workers in other medical facilities (including Ambulatory Health and Surgical, Blood Banks, Clinics, Community Mental Health, Comprehensive Outpatient rehabilitation, End Stage Renal Disease, Health Departments, Home Health care, Hospices, Hospitals, Long Term Care, Organ Pharmacies, Procurement Organizations, Psychiatric, Residential, Rural Health Clinics and Federally Qualified Health Centers, cannabis retailers).
• Manufacturers, technicians, logistics and warehouse operators, and distributors of medical equipment, personal protective equipment (PPE), medical gases, pharmaceuticals, blood and blood products, vaccines, testing materials, laboratory supplies, cleaning, sanitizing, disinfecting or sterilization supplies, personal care/hygiene products, and tissue and paper towel products.

• Public health/community health workers, including those who compile, model, analyze, and communicate public health information.
• Behavioral health workers (including mental and substance use disorder) responsible for coordination, outreach, engagement, and treatment to individuals in need of mental health and/or substance use disorder services.
• Blood and plasma donors and the employees of the organizations that operate and manage related activities.
• Workers that manage health plans, billing, and health information, who cannot practically work remotely.
• Workers who conduct community-based public health functions, conducting epidemiologic surveillance, compiling, analyzing and communicating public health information, who cannot practically work remotely.
• Workers who provide support to vulnerable populations to ensure their health and well-being including family care providers
• Workers performing cybersecurity functions at healthcare and public health facilities, who cannot practically work remotely.
• Workers conducting research critical to COVID-19 response.
• Workers performing security, incident management, and emergency operations functions at or on behalf of healthcare entities including healthcare coalitions, who cannot practically work remotely.
• Workers who support food, shelter, and social services, and other necessities of life for economically disadvantaged or otherwise needy individuals, such as those residing in shelters.
• Pharmacy employees necessary for filling prescriptions.
• Workers performing mortuary services, including funeral homes, crematoriums, and cemetery workers.
• Workers who coordinate with other organizations to ensure the proper recovery, handling, identification, transportation, tracking, storage, and disposal of human remains and personal effects; certify the cause of death; and facilitate access to behavioral health services to the family members, responders, and survivors of an incident.
• Workers supporting veterinary hospitals and clinics

EMERGENCY SERVICES SECTOR
Sector Profile
The Emergency Services Sector (ESS) is a community of highly-skilled, trained personnel, along with the physical and cyber resources, that provide a wide range of prevention, preparedness, response, and recovery services during both day-to-day operations and incident response. The ESS includes geographically distributed facilities and equipment in both paid and volunteer capacities organized primarily at the federal, state, local, tribal, and territorial levels of government, such as city police departments and fire stations, county sheriff’s offices, Department of Defense police and fire departments, and town public works departments. The ESS also includes private sector resources, such as industrial fire departments, private security organizations, and private emergency medical services providers.

Essential Workforce – Law Enforcement, Public Safety, and First Responders
• Including front line and management, personnel include emergency management, law enforcement, Emergency Management Systems, fire, and corrections, search and rescue, tactical teams including maritime, aviation, and canine units.
• Emergency Medical Technicians
• Public Safety Answering Points and 911 call center employees
• Fusion Center employees
• Fire Mitigation Activities
• Hazardous material responders and hazardous devices teams, from government and the private sector.
• Workers – including contracted vendors — who maintain digital systems infrastructure supporting law enforcement and emergency service operations.
• Private security, private fire departments, and private emergency medical services personnel.
• County workers responding to abuse and neglect of children, elders, and dependent adults.
• Animal control officers and humane officers

Essential Workforce – Public Works
• Workers who support the operation, inspection, and maintenance of essential dams, locks, and levees
• Workers who support the operation, inspection, and maintenance of essential public works facilities and operations, including bridges, water and sewer main breaks, fleet maintenance personnel, construction of critical or strategic infrastructure, construction material suppliers, traffic signal maintenance, emergency location services for buried utilities, maintenance of digital systems infrastructure supporting public works operations, and other emergent issues
• Workers such as plumbers, electricians, exterminators, and other service providers who provide services that are necessary to maintain the safety, sanitation, and essential operation of residences.
• Support, such as road and line clearing, to ensure the availability of needed facilities, transportation, energy, and communications support to ensure the effective removal, storage, and disposal of residential and commercial solid waste and hazardous waste.

FOOD AND AGRICULTURE
Sector Profile
The Food and Agricultural (FA) Sector is composed of complex production, processing, and delivery systems and has the capacity to feed people and animals both within and beyond the boundaries of the United States. Beyond domestic food production, the FA Sector also imports many ingredients and finished products, leading to a complex web of growers, processors, suppliers, transporters, distributors, and consumers. This sector is critical to maintaining and securing our food supply.

Essential Workforce
• Workers supporting groceries, pharmacies, and other retail that sells food and beverage products, including but not limited to Grocery stores, Corner stores and convenience stores, including liquor stores that sell food, Farmers’ markets, Food banks, Farm and produce stands, Supermarkets, Similar food retail establishments, Big box stores that sell groceries and essentials
• Restaurant carry-out and quick-serve food operations – including food preparation, carry-out, and delivery food employees
• Food manufacturer employees and their supplier employees—to include those employed in food processing (packers, meat processing, cheese plants, milk plants, produce, etc.) facilities; livestock, poultry, seafood slaughter facilities; pet and animal feed processing facilities; human food facilities producing by-products for animal food; beverage production facilities; and the production of food packaging
• Farmworkers to include those employed in animal food, feed, and ingredient production, packaging, and distribution; manufacturing, packaging, and distribution of veterinary drugs; truck delivery and transport; farm and fishery labor needed to produce our food supply domestically
• Farmworkers and support service workers to include those who field crops; commodity inspection; fuel ethanol facilities; storage facilities; and other agricultural inputs
• Employees and firms supporting food, feed, and beverage distribution (including curbside distribution and deliveries), including warehouse workers, vendor-managed inventory controllers, blockchain managers, distribution
• Workers supporting the sanitation of all food manufacturing processes and operations from wholesale to retail
• Company cafeterias – in-plant cafeterias used to feed employees
• Workers in food testing labs in private industries and in institutions of higher education
• Workers essential for assistance programs and government payments
• Workers supporting cannabis retail and dietary supplement retail
• Employees of companies engaged in the production of chemicals, medicines, vaccines, and other substances used by the food and agriculture industry, including pesticides, herbicides, fertilizers, minerals, enrichments, and other agricultural production aids
• Animal agriculture workers to include those employed in veterinary health; manufacturing and distribution of animal medical materials, animal vaccines, animal drugs, feed ingredients, feed, and bedding, etc.; transportation of live animals, animal medical materials; transportation of deceased animals for disposal; raising of animals for food; animal production operations; slaughter and packing plants and associated regulatory and government workforce
• Workers who support the manufacture and distribution of forest products, including, but not limited to timber, paper, and other wood products
• Employees engaged in the manufacture and maintenance of equipment and other infrastructure necessary to agricultural production and distribution

ENERGY
Sector Profile
The Energy Sector consists of widely-diverse and geographically-dispersed critical assets and systems that are often interdependent of one another. This critical infrastructure is divided into three interrelated segments or subsectors—electricity, oil, and natural gas—to include the production, refining, storage, and distribution of oil, gas, and electric power, except for hydroelectric and commercial nuclear power facilities and pipelines. The Energy Sector supplies fuels to the transportation industry, electricity to households and businesses, and other sources of energy that are integral to growth and production across the Nation. In turn, it depends on the Nation’s transportation, information technology, communications, finance, water, and government infrastructures.

Essential Workforce – Electricity industry:
• Workers who maintain, ensure, or restore the generation, transmission, and distribution of electric power, including call centers, utility workers, reliability engineers and fleet maintenance technicians
• Workers needed for safe and secure operations at nuclear generation
• Workers at generation, transmission, and electric blackstart facilities
• Workers at Reliability Coordinator (RC), Balancing Authorities (BA), and primary and backup Control Centers (CC), including but not limited to independent system operators, regional transmission organizations, and balancing authorities
• Mutual assistance personnel
• IT and OT technology staff – for EMS (Energy Management Systems) and Supervisory Control and Data
• Acquisition (SCADA) systems, and utility data centers; Cybersecurity engineers; cybersecurity risk management
• Vegetation management crews and traffic workers who support
• Environmental remediation/monitoring technicians
• Instrumentation, protection, and control technicians

Essential Workforce – Petroleum workers:
• Petroleum product storage, pipeline, marine transport, terminals, rail transport, road transport
• Crude oil storage facilities, pipeline, and marine transport
• Petroleum refinery facilities
• Petroleum security operations center employees and workers who support emergency response services
• Petroleum operations control rooms/centers
• Petroleum drilling, extraction, production, processing, refining, terminal operations, transporting, and retail for use as end-use fuels or feedstocks for chemical manufacturing
• Onshore and offshore operations for maintenance and emergency response
• Retail fuel centers such as gas stations and truck stops, and the distribution systems that support them.

Essential Workforce – Natural and propane gas workers:
• Natural gas transmission and distribution pipelines, including compressor stations
• Underground storage of natural gas
• Natural gas processing plants, and those that deal with natural gas liquids
• Liquefied Natural Gas (LNG) facilities
• Natural gas security operations center, natural gas operations dispatch and control rooms/centers natural gas emergency response and customer emergencies, including natural gas leak calls
• Drilling, production, processing, refining, and transporting natural gas for use as end-use fuels, feedstocks for chemical manufacturing, or use in electricity generation
• Propane gas dispatch and control rooms and emergency response and customer emergencies, including propane leak calls
• Propane gas service maintenance and restoration, including call centers
• Processing, refining, and transporting natural liquids, including propane gas, for use as end-use fuels or feedstocks for chemical manufacturing
• Propane gas storage, transmission, and distribution centers

WATER AND WASTEWATER
Sector Profile
The Water and Wastewater Sector is a complex sector composed of drinking water and wastewater infrastructure of varying sizes and ownership types. Multiple governing authorities pertaining to the Water and Wastewater Sector provide for public health, environmental protection, and security measures, among others.

Essential Workforce
Employees needed to operate and maintain drinking water and wastewater/drainage infrastructure, including:
• Operational staff at water authorities
• Operational staff at community water systems
• Operational staff at wastewater treatment facilities
• Workers repairing water and wastewater conveyances and performing required sampling or monitoring
• Operational staff for water distribution and testing
• Operational staff at wastewater collection facilities
• Operational staff and technical support for SCADA Control systems
• Chemical disinfectant suppliers for wastewater and personnel protection
• Workers that maintain digital systems infrastructure supporting water and wastewater operations

TRANSPORTATION AND LOGISTICS
Sector Profile
The Transportation Systems Sector consists of seven key subsectors, or modes:
– Aviation includes aircraft, air traffic control systems, and airports, heliports, and landing strips. Commercial aviation services at civil and joint-use military airports, heliports, and seaplane bases. In addition, the aviation mode includes commercial and recreational aircraft (manned and unmanned) and a wide variety of support services, such as aircraft repair stations, fueling facilities, navigation aids, and flight schools.
– Highway and Motor Carrier encompasses roadway, bridges, and tunnels. Vehicles include trucks, including those carrying hazardous materials; other commercial vehicles, including commercial motorcoaches and school buses; vehicle and driver licensing systems; taxis, transportation services including Transportation Network Companies, and delivery services including Delivery Network Companies; traffic management systems; AND cyber systems used for operational management.
– Maritime Transportation System consists of coastline, ports, waterways, and intermodal landside connections that allow the various modes of transportation to move people and goods to, from, and on the water.
– Mass Transit and Passenger Rail includes terminals, operational systems, and supporting infrastructure for passenger services by transit buses, trolleybuses, monorail, heavy rail—also known as subways or metros—light rail, passenger rail, and vanpool/rideshare.
– Pipeline Systems consist of pipelines carrying natural gas hazardous liquids, as well as various chemicals. Above-ground assets, such as compressor stations and pumping stations, are also included.
– Freight Rail consists of major carriers, smaller railroads, active railroad, freight cars, and locomotives.
– Postal and Shipping includes large integrated carriers, regional and local courier services, mail services, mail management firms, and chartered and delivery services.

Essential Workforce
• Employees supporting or enabling transportation functions, including dispatchers, maintenance and repair technicians, warehouse workers, truck stop and rest area workers, and workers that maintain and inspect infrastructure (including those that require cross-border travel)
• Employees of firms providing services that enable logistics operations, including cooling, storing, packaging, and distributing products for wholesale or retail sale or use.
• Mass transit workers
• Taxis, transportation services including Transportation Network Companies, and delivery services including Delivery Network Companies
• Workers responsible for operating dispatching passenger, commuter and freight trains and maintaining rail infrastructure and equipment
• Maritime transportation workers – port workers, mariners, equipment operators
• Truck drivers who haul hazardous and waste materials to support critical infrastructure, capabilities, functions, and services
• Automotive repair and maintenance facilities
• Manufacturers and distributors (to include service centers and related operations) of packaging materials, pallets, crates, containers, and other supplies needed to support manufacturing, packaging staging, and distribution operations
• Postal and shipping workers, to include private companies
• Employees who repair and maintain vehicles, aircraft, rail equipment, marine vessels, and the equipment and infrastructure that enables operations that encompass the movement of cargo and passengers
• Air transportation employees, including air traffic controllers, ramp personnel, aviation security, and aviation management
• Workers who support the maintenance and operation of cargo by air transportation, including flight crews, maintenance, airport operations, and other on- and off-airport facilities workers


COMMUNICATIONS AND INFORMATION TECHNOLOGY
Sector Profile
The Communications Sector provides products and services that support the efficient operation of today’s global information-based society. Communication networks enable people around the world to contact one another, access information instantly, and communicate from remote areas. This involves creating a link between a sender (including voice signals) and one or more recipients using technology (e.g., a telephone system or the Internet) to transmit information from one location to another. Technologies are changing at a rapid pace, increasing the number of products, services, service providers, and communication options. The national communications architecture is a complex collection of networks that are owned and operated by individual service providers. Many of this sector’s products and services are foundational or necessary for the operations and services provided by other critical infrastructure sectors. The nature of communication networks involve both physical infrastructure (buildings, switches, towers, antennas, etc.) and cyberinfrastructure (routing and switching software, operational support systems, user applications, etc.), representing a holistic challenge to address the entire physical-cyber infrastructure.
The IT sector provides products and services that support the efficient operation of today’s global information-based society and are integral to the operations and services provided by other critical infrastructure Sectors. The IT Sector is comprised of small and medium businesses, as well as large multinational companies. Unlike many critical infrastructure Sectors composed of finite and easily identifiable physical assets, the IT Sector is a function-based Sector that comprises not only physical assets but also virtual systems and networks that enable key capabilities and services in both the public and private sectors.

Essential Workforce – Communications:
• Maintenance of communications infrastructure- including privately owned and maintained communication systems- supported by technicians, operators, call-centers, wireline and wireless providers, cable service providers, satellite operations, undersea cable landing stations, Internet Exchange Points, and manufacturers and distributors of communications equipment
• Workers who support radio, television, and media service, including, but not limited to front line news reporters, studio, and technicians for newsgathering and reporting
• Workers at Independent System Operators and Regional Transmission Organizations, and Network Operations staff, engineers and/or technicians to manage the network or operate facilities
• Engineers, technicians and associated personnel responsible for infrastructure construction and restoration, including contractors for construction and engineering of fiber optic cables
• Installation, maintenance and repair technicians that establish, support or repair service as needed
• Central office personnel to maintain and operate central office, data centers, and other network office facilities
• Customer service and support staff, including managed and professional services as well as remote providers of support to transitioning employees to set up and maintain home offices, who interface with customers to manage or support service environments and security issues, including payroll, billing, fraud, and troubleshooting
• Dispatchers involved with service repair and restoration

Essential Workforce – Information Technology:
• Workers who support command centers, including, but not limited to Network Operations Command Center, Broadcast Operations Control Center and Security Operations Command Center
• Data center operators, including system administrators, HVAC & electrical engineers, security personnel, IT managers, data transfer solutions engineers, software and hardware engineers, and database administrators
• Client service centers, field engineers, and other technicians supporting critical infrastructure, as well as manufacturers and supply chain vendors that provide hardware and software, and information technology equipment (to include microelectronics and semiconductors) for critical infrastructure
• Workers responding to cyber incidents involving critical infrastructure, including medical facilities, SLTT governments and federal facilities, energy and utilities, and banks and financial institutions, and other critical infrastructure categories and personnel
• Workers supporting the provision of essential global, national and local infrastructure for computing services (incl. cloud computing services), business infrastructure, web-based services, and critical manufacturing
• Workers supporting communications systems and information technology used by law enforcement, public safety, medical, energy and other critical industries
• Support required for continuity of services, including janitorial/cleaning personnel

OTHER COMMUNITY-BASED GOVERNMENT OPERATIONS AND ESSENTIAL FUNCTIONS
Essential Workforce
• Critical government workers, as defined by the employer and consistent with Continuity of Operations Plans and Continuity of Government plans.
• County workers responsible for determining eligibility for safety net benefits
• The Courts, consistent with guidance released by the California Chief Justice
• Workers to ensure continuity of building functions
• Security staff to maintain building access control and physical security measures
• Elections personnel
• Federal, State, and Local, Tribal, and Territorial employees who support Mission Essential Functions and communications networks
• Trade Officials (FTA negotiators; international data flow administrators)
• Weather forecasters
• Workers that maintain digital systems infrastructure supporting other critical government operations
• Workers at operations centers necessary to maintain other essential functions
• Workers who support necessary credentialing, vetting and licensing operations for transportation workers
• Workers who are critical to facilitating trade in support of the national, state, and local emergency response supply chain
• Workers supporting public and private childcare establishments, pre-K establishments, K-12 schools, colleges, and universities for purposes of distance learning, provision of school meals, or care and supervision of minors to support essential workforce across all sectors
• Workers and instructors supporting academies and training facilities and courses for the purpose of graduating students and cadets that comprise the essential workforce for all identified critical sectors
• Hotel Workers where hotels are used for COVID-19 mitigation and containment measures, including measures to protect homeless populations.
• Construction Workers who support the construction, operation, inspection, and maintenance of construction sites and construction projects (including housing construction)
• Workers such as plumbers, electricians, exterminators, and other service providers who provide services that are necessary to maintaining the safety, sanitation, construction material sources, and essential operation of construction sites and construction projects (including those that support such projects to ensure the availability of needed facilities, transportation, energy and communications; and support to ensure the effective removal, storage, and disposal of solid waste and hazardous waste)
• Commercial Retail Stores, that supply essential sectors, including convenience stores, pet supply stores, auto supplies and repair, hardware and home improvement, and home appliance retailers • Workers supporting the entertainment industries, studios, and other related establishments, provided they follow covid-19 public health guidance around social distancing. • Workers critical to operating Rental Car companies that facilitate continuity of operations for essential workforces, and other essential travel
• Workers that provide or determine eligibility for food, shelter, in-home supportive services, child welfare, adult protective services and social services, and other necessities of life for economically disadvantaged or otherwise needy individuals (including family members)
• Professional services, such as legal or accounting services, when necessary to assist in compliance with legally mandated activities and critical sector services
• Faith-based services that are provided through streaming or other technology • Laundromats and laundry services
• Workers at animal care facilities that provide food, shelter, veterinary and/or routine care and other necessities of life for animals.

CRITICAL MANUFACTURING
Sector Profile
The Critical Manufacturing Sector identifies several industries to serve as the core of the sector: Primary Metals Manufacturing, Machinery Manufacturing, Electrical Equipment, Appliance, and Component Manufacturing, Transportation Equipment Manufacturing Products made by these manufacturing industries are essential to many other critical infrastructure sectors.

Essential Workforce
• Workers necessary for the manufacturing of materials and products needed for medical supply chains, transportation, energy, communications, food and agriculture, chemical manufacturing, nuclear facilities, the operation of dams, water and wastewater treatment, emergency services, and the defense industrial base.

HAZARDOUS MATERIALS
Essential Workforce
• Workers at nuclear facilities, workers managing medical waste, workers managing waste from pharmaceuticals and medical material production, and workers at laboratories processing test kits
• Workers who support hazardous materials response and cleanup
• Workers who maintain digital systems infrastructure supporting hazardous materials management operations

FINANCIAL SERVICES
Sector Profile
The Financial Services Sector includes thousands of depository institutions, providers of investment products, insurance companies, other credit and financing organizations, and the providers of the critical financial utilities and services that support these functions. Financial institutions vary widely in size and presence, ranging from some of the world’s largest global companies with thousands of employees and many billions of dollars in assets to community banks and credit unions with a small number of employees serving individual communities. Whether an individual savings account, financial derivatives, credit extended to a large organization, or investments made to a foreign country, these products allow customers to: Deposit funds and make payments to other parties; Provide credit and liquidity to customers; Invest funds for both long and short periods; Transfer financial risks between customers.

Essential Workforce
• Workers who are needed to process and maintain systems for processing financial transactions and services (e.g., payment, clearing, and settlement; wholesale funding; insurance services; and capital markets activities)
• Workers who are needed to provide consumer access to banking and lending services, including ATMs, and to move currency and payments (e.g., armored cash carriers)
• Workers who support financial operations, such as those staffing data and security operations centers

CHEMICAL
Sector Profile
The Chemical Sector—composed of a complex, global supply chain—converts various raw materials into diverse products that are essential to modern life. Based on the end product produced, the sector can be divided into five main segments, each of which has distinct characteristics, growth dynamics, markets, new developments, and issues: Basic chemicals; Specialty chemicals; Agricultural chemicals; Pharmaceuticals; Consumer products

Essential Workforce
• Workers supporting the chemical and industrial gas supply chains, including workers at chemical manufacturing plants, workers in laboratories, workers at distribution facilities, workers who transport basic raw chemical materials to the producers of industrial and consumer goods, including hand sanitizers, food and food additives, pharmaceuticals, textiles, and paper products.
• Workers supporting the safe transportation of chemicals, including those supporting tank truck cleaning facilities and workers who manufacture packaging items
• Workers supporting the production of protective cleaning and medical solutions, personal protective equipment, and packaging that prevents the contamination of food, water, medicine, among others essential products
• Workers supporting the operation and maintenance of facilities (particularly those with high risk chemicals and/ or sites that cannot be shut down) whose work cannot be done remotely and requires the presence of highly trained personnel to ensure safe operations, including plant contract workers who provide inspections
• Workers who support the production and transportation of chlorine and alkali manufacturing, single-use plastics, and packaging that prevents the contamination or supports the continued manufacture of food, water, medicine, and other essential products, including glass container manufacturing

DEFENSE INDUSTRIAL BASE
Sector Profile
The Defense Industrial Base Sector is the worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet U.S. military requirements. The Defense Industrial Base partnership consists of Department of Defense components, Defense Industrial Base companies and their subcontractors who perform under contract to the Department of Defense, companies providing incidental materials and services to the Department of Defense, and government-owned/contractor-operated and government-owned/government-operated facilities. Defense Industrial Base companies include domestic and foreign entities, with production assets located in many countries. The sector provides products and services that are essential to mobilize, deploy, and sustain military operations.

Essential Workforce
• Workers who support the essential services required to meet national security commitments to the federal government and U.S. Military. These individuals include but are not limited to, aerospace; mechanical and software engineers, manufacturing/production workers; IT support; security staff; security personnel; intelligence support, aircraft and weapon system mechanics and maintainers
• Personnel working for companies, and their subcontractors, who perform under contract to the Department of Defense providing materials and services to the Department of Defense, and government-owned/contractor-operated and government-owned/government-operated facilities

Download a pdf


CYBER SECURITY – Malicious Coronavirus-related E-Mails Spread – April 2020


AS IF BUSINESSES didn’t have enough to worry about, online scammers have started sending out malicious e-mails to organizations about coronavirus that appear to be from business partners or public institutions. The criminals send these to rank and file employees in the hope that at least one of them will click on a link or attachment in the e-mail, which unleashes malware or tries to trick them into wiring money for supplies purportedly to protect the organization’s workers.

The number of malicious e-mails mentioning the coronavirus has increased significantly since the end of January, according to cybersecurity firm Proofpoint Inc. The company noted that this wasn’t the first time they had seen such widespread cyber attacks associated with some type of disaster. But because this is global in nature, it decided to track the new threat. This practice of launching cyber attacks that are centered around global news and outbreaks (like the current COVID-19 coronavirus) isn’t anything new. Cybercriminals have long employed these tactics to take advantage of users’ desires to keep as up to date with any new information as possible or to evoke powerful emotions (like fear) in the hope that their sentiments will get the better of them and they will not pause to check for the legitimacy of these e-mails.

The cybercriminals are using the public’s ignorance about coronavirus, as well as the conflicting claims of how to protect against it, to lure people into clicking on their malicious links or get them to wire money. Because people are afraid, their guards may be down and they may not be as careful about identifying the e-mail as dangerous.

Some real-life examples

• Japanese workers were targeted in January and February with e-mails that looked like they came from local hospitals. The messages even included legitimate contact information for key personnel. The e-mails were focused on employees of various companies and came in a message that would look like it’s a reply to something or a warning that people are getting from the government. But when they clicked, it was malware. E-mails were sent to companies in the transportation sector that looked like they came from an employee of the World Health Organization.
They included the WHO logo and instructions about how to monitor crews aboard ships for coronavirus symptoms, and they included an attachment with instructions. This phishing e-mail attack was
intended to lure individuals into providing sensitive data, such as personally identifiable information and passwords.
• Companies in the US and Australia have been receiving malicious e-mails that use a display name of “Dr. Li Wei” and are titled “CORONA-VIRUS AFFECTED COMPANY STAFF.”

What you can do

All that it takes to break into your business is a cleverly worded e-mail message. If scammers can trick one person in your company into clicking on a malicious link, they can gain access
to your data. It’s important to train your staff to identify suspicious e-mails. They should avoid clicking links in e-mails that:
• Are not addressed to them by name, have poor English, or omit personal details that a legitimate sender would include.
• Are from businesses they are not expecting to hear from.
• Ask you to download any files.
• Take you to a landing page or website that does not have the legitimate URL of the company the e-mail is purporting to be sent from.
• Include attachments purportedly with advice for what to do. Do not open them even if they come from relatives or friends.


CONSTRUCTION RISK – Why You Need ‘Key Man’ Insurance – April 2020


IF YOU are operating a small business, you are likely relying on a small staff to get the job done. Many employees in small firms have to wear many hats and if one of them or an owner should die, the business could suffer greatly from that sudden loss of talent. If you don’t have “key man” insurance, that setback could be devastating to the viability of your operations, whereas coverage would provide you with extra funding that you would need while recovering from the loss. Keyman insurance is life insurance on a key person or persons in a business. In a small business, this is usually the owner, a founder or perhaps a few vital employees. These are the people who are crucial to a business – the ones whose absence would sink the company. You need key man insurance on those people.

Key man insurance basics

Before buying coverage, give some thought to the effects on your company of possibly losing certain partners or employees. In opting for this type of coverage, your company would take out life insurance on the key individuals, pay the premiums and designate itself as the beneficiary of the policy. If that person unexpectedly dies, your company receives the claim payout. This payout would essentially allow your business to stay afloat as you recover from the sudden loss of that employee or partner, without whom it would be difficult to keep the business operating in the short term.

Your company can use the insurance proceeds for expenses until it can find a replacement person, or, if necessary, pay off debts, distribute money to investors, pay severance to employees and close the business down in an orderly manner. In other words, in the aftermath of this tragedy, the insurance would give you more options than immediate bankruptcy.

Determining whom to cover

Ask yourself: Who is irreplaceable in the short term? In many small businesses, it is the founder who holds the company together – he or she may keep the books, manage the employees, handle the key customers, and so on. If that person is gone, the business pretty much stops.

Determining amount of coverage

• The amount of coverage depends on your business and revenue.
• Think of how much money your business would need to survive until it could replace the key person, come up to speed and get the business back on its feet.
• Buy a policy that fits into your budget and will address your short-term cash needs in case of tragedy.
• Ask us to get some quotes from different insurers. • Check rates for different levels of coverage ($100,000, $500,000, etc.)


KEEPING OPERATIONS GOING – Tips for Successful Telecommuting – April 2020


WITH THE current isolation orders for most workers in California, many companies have had to scramble to put systems in place to allow their employees to telecommute. Many businesses are not set up for having employees work from home, and they have legitimate concerns about productivity and communications. But there are steps you can take to make sure that you keep your employees engaged and on task.

1. Make sure they have the right technology

If you don’t already have one, you may want to consider setting up a company VPN so your employees can access their work e-mail and databases. You will also need to decide if you are going
to provide them with a company laptop, and you need to make sure that they have an internet connection that is fast enough to handle their workload. Also provide an infrastructure for them to be able to work together on files. If they are not sensitive company documents, they can use Dropbox or Google Documents, which allow sharing between co-workers.

2. Provide clear instructions

It’s important that you provide clear instructions to remote workers. Some people do not perform well without direct oversight and human interaction. Without that factor, you will need to spell out your expectations and the parameters of the projects they are working on in detail. Make it clear that if they are confused or unsure about any part of the work, they should contact a supervisor for clarification. If you can eliminate misunderstandings, then your workers can be more efficient.

3. Schedule regular check-ins

To hold your employees accountable for being on the clock, schedule calls or virtual meetings at regular intervals. Even instant messaging works. During these meetings they can update their
superiors on their work. This also helps with productivity, since there are consequences for failing to meet expectations and coming to the meeting empty-handed. Their supervisors should be working when they are, so they can be in regular communication.

4. Keep employees engaged

One of the hardest parts of working from home is the feelings of isolation and detachment from colleagues. It’s important that you build in interactive time for your workers. One way to do that is by using a chat program like Slack, Hangouts or WhatsApp (which has a group chat function). For remote workers, these programs are a blessing because they make it easy to keep in touch with their colleagues in and out of the office – and they level the playing field, so to speak, by making distance a non-issue.

5. Cyber protection

With employees working from home, you also increase your cyber risk exposure, especially if they are using a company computer that is tapped into your firm’s database or cloud. Teach them cyber security best practices, such as:
• Not clicking on links in e-mails from unknown senders.
• Making sure their systems have the latest security updates.
• Backing up their data daily.
• Training them on how to detect phishing, ransomware
and malware scams, especially new ones that try to take advantage of people’s fears about COVID-19.


Coverage Gap Concerns as Cyber Threat Grows – January 2020 RISK REPORT


Small and mid-sized businesses are increasingly bearing the burden of cyber threats, as criminals are betting they do not have the resources in place to mount a strong defense. A severe attack on a small company can incapacitate its ability to do business, and the expenses of getting operations back on track – coupled with loss of goodwill – can easily force a firm into bankruptcy.
Unfortunately, with more data breaches hitting the news, one of the main concerns that executives have is if their insurance will cover the costs of recovering from an attack.

If you are running a small or mid-sized company, do not underestimate the growing threat to your business. Your chief priorities should be protecting against the threat and having proper insurance coverage in place.

TOP REASONS FOR CYBER LOSSES

• Malicious breaches resulting in data losses: 52%
• Unintentional data disclosure by staff: 16%
• Physical loss or theft of data: 13%
• Network or website disruptions: 5%
• Phishing, spoofing and social engineering: 5%
• Other: 9%
Source: Advisen and Nationwide Insurance Co.

Insurance concerns

One of the chief concerns for executives is any overlap or gaps between their property, liability, crime and cyber policies when it comes to covering the costs of recovering from an attack, according to a report by insurance news website Advisen and Nationwide Insurance. Some companies feel they don’t need cyber coverage because they believe their property and liability policies will cover any related losses.

EXECUTIVES’ INSURANCE WORRIES

• 95% of respondents named data breach as the number-one risk they expect to be covered by a cyber insurance policy.
• 94.5% said they expect cyber-related business interruption to be covered by a cyber policy.
• 89% said they expect their cyber policy to cover ransom demands.
• 36% said they have cyber-related property damage/bodily injury coverage under another policy, reflecting the belief that some coverage for cyber-related losses can be found under traditional policies.
• 60% of respondents said they are concerned about perceived gaps and overlaps in their insurance coverage.
• 53% of respondents said coverage for funds-transfer losses should be found under the crime policy, but also stated they would like to be able to recover under both crime and cyber policies – or have separate policies with higher limits.

The takeaway

Since cyber insurance is a new and evolving product, all policies do not cover the same thing. That’s why it’s important to weigh your choices carefully and consult with us. While the cyber threat grows, more insurers are changing language in their property and liability policies to limit coverage of cyber events. Because of the high costs associated with a data loss, more
executives want to see higher limits for business interruption coverage on their cyber stand-alone policies.

This market demand may drive insurers to refine their cyber insurance policies, including increasing cyber-related business interruption limits, according to the Advisen report. To find the best coverage for your business, please talk to us. We can help you evaluate your risks and coverages and identify any gaps by looking at your existing policies.