April 2021- Cyber Insurance – As Attacks and Costs Mount, Rates Climb Higher


CYBER INSURANCE rates are going to increase dramatically in 2021, driven by more frequent and more severe insured losses, according to a recent industry study.

The report by global insurance firm Aon plc predicted that rates would jump by 20% to 50% this year due to two main factors:

 

1. Cyber attacks are becoming more frequent

While publicly disclosed data breach/privacy incidents are actually occurring less often, ransomware attacks are exploding in frequency.

Ransomware incident rates rose 486% from the first quarter of 2018 to the fourth quarter of 2020. The comparable rate for data breach incidents fell 57% during the same period. The incident rates for the two types of events combined rose 300% over the trailing two years.

 

2. The costs of these attacks are growing

The average dollar loss increased in every quarter of 2020. Ransomware attacks were particularly severe – many of them resulted in eight-figure losses. Others may grow to that level as business interruption losses are adjusted and lawsuits against insured organizations proceed.

The combination of more frequent and more costly losses is a
recipe for higher rates.

Cyber insurance rates continued increasing in 2020, with rises of between 6% and 16% in the last four months of the year. In January 2021, most of the top 12 cyber insurance companies told Aon they were planning more drastic rate hikes. Nearly 60% reported that they would be seeking rate increases of 30% or more during the second quarter. None of them expected increases less than 10%.

 

New underwriting criteria

When insurers evaluate cyber insurance applicants, they will be particularly concerned with the organization’s overall cyber risk profile, its cyber governance and access control practices, and its network and data security. Prior loss history will be less important because the frequency of attacks is growing so quickly.

Some insurers may also cap how much they will pay for ransomware losses, or even exclude them entirely. They may also increase the waiting periods before coverage begins to apply.

 

WHAT BUSINESSES CAN DO

To improve your chances of getting more favorable pricing and coverage, the report recommends that you focus on:

  • Reducing the risk of cyber losses.
  • Measures to keep data private.
  • Building an internal culture of cybersecurity.
  • Preparing for ransomware attacks and disaster recovery planning.
  • How your contracts and insurance will respond to a supply chain security breach.
  • Understanding primary and excess coverage terms and
    communicating primary terms to excess insurers.

Essential Workers’ List COVID 19 Workers’ Comp – New Executive Order by Governor Newsom


On March 19, 2020, Governor Newsom issued Executive Order N-33-20 directing all residents immediately to heed current State public health directives to stay home, except as needed to maintain continuity of operations of essential critical infrastructure sectors and additional sectors as the State Public Health Officer may designate as critical to protect health and well-being of all Californians.
In accordance with this order, the State Public Health Officer has designated the following list of “Essential Critical Infrastructure Workers” to help state, local, tribal, and industry partners as they work to protect communities while ensuring continuity of functions critical to public health and safety, as well as economic and national security.

Note:  Employees have 14 days to file and the employer has 30 days to respond.  The new rules apply to workers who tested positive for COVID-19 within 14 days of performing work, or those who received a diagnosis within 14 days that was confirmed by a positive test no more than 30 days later. Employers have 30 days to rebut a claim.

 

HEALTHCARE / PUBLIC HEALTH
Sector Profile
The Healthcare and Public Health (HPH) Sector is large, diverse, and open, spanning both the public and private sectors. It includes publicly accessible healthcare facilities, research centers, suppliers, manufacturers, and other physical assets and vast, complex public-private information technology systems required for care delivery and to support the rapid, secure transmission and storage of large amounts of HPH data.

Essential Workforce
• Workers providing COVID-19 testing; Workers that perform critical clinical research needed for COVID-19 response.
• Health care providers and caregivers (e.g., physicians, dentists, psychologists, mid-level practitioners, nurses and assistants, infection control and quality assurance personnel, pharmacists, physical and occupational therapists and assistants, social workers, speech pathologists and diagnostic and therapeutic technicians and technologists).
• Hospital and laboratory personnel (including accounting, administrative, admitting and discharge, engineering, epidemiological, source plasma and blood donation, food service, housekeeping, medical records, information technology and operational technology, nutritionists, sanitarians, respiratory therapists, etc.).
• Workers in other medical facilities (including Ambulatory Health and Surgical, Blood Banks, Clinics, Community Mental Health, Comprehensive Outpatient rehabilitation, End Stage Renal Disease, Health Departments, Home Health care, Hospices, Hospitals, Long Term Care, Organ Pharmacies, Procurement Organizations, Psychiatric, Residential, Rural Health Clinics and Federally Qualified Health Centers, cannabis retailers).
• Manufacturers, technicians, logistics and warehouse operators, and distributors of medical equipment, personal protective equipment (PPE), medical gases, pharmaceuticals, blood and blood products, vaccines, testing materials, laboratory supplies, cleaning, sanitizing, disinfecting or sterilization supplies, personal care/hygiene products, and tissue and paper towel products.

• Public health/community health workers, including those who compile, model, analyze, and communicate public health information.
• Behavioral health workers (including mental and substance use disorder) responsible for coordination, outreach, engagement, and treatment to individuals in need of mental health and/or substance use disorder services.
• Blood and plasma donors and the employees of the organizations that operate and manage related activities.
• Workers that manage health plans, billing, and health information, who cannot practically work remotely.
• Workers who conduct community-based public health functions, conducting epidemiologic surveillance, compiling, analyzing and communicating public health information, who cannot practically work remotely.
• Workers who provide support to vulnerable populations to ensure their health and well-being including family care providers
• Workers performing cybersecurity functions at healthcare and public health facilities, who cannot practically work remotely.
• Workers conducting research critical to COVID-19 response.
• Workers performing security, incident management, and emergency operations functions at or on behalf of healthcare entities including healthcare coalitions, who cannot practically work remotely.
• Workers who support food, shelter, and social services, and other necessities of life for economically disadvantaged or otherwise needy individuals, such as those residing in shelters.
• Pharmacy employees necessary for filling prescriptions.
• Workers performing mortuary services, including funeral homes, crematoriums, and cemetery workers.
• Workers who coordinate with other organizations to ensure the proper recovery, handling, identification, transportation, tracking, storage, and disposal of human remains and personal effects; certify the cause of death; and facilitate access to behavioral health services to the family members, responders, and survivors of an incident.
• Workers supporting veterinary hospitals and clinics

EMERGENCY SERVICES SECTOR
Sector Profile
The Emergency Services Sector (ESS) is a community of highly-skilled, trained personnel, along with the physical and cyber resources, that provide a wide range of prevention, preparedness, response, and recovery services during both day-to-day operations and incident response. The ESS includes geographically distributed facilities and equipment in both paid and volunteer capacities organized primarily at the federal, state, local, tribal, and territorial levels of government, such as city police departments and fire stations, county sheriff’s offices, Department of Defense police and fire departments, and town public works departments. The ESS also includes private sector resources, such as industrial fire departments, private security organizations, and private emergency medical services providers.

Essential Workforce – Law Enforcement, Public Safety, and First Responders
• Including front line and management, personnel include emergency management, law enforcement, Emergency Management Systems, fire, and corrections, search and rescue, tactical teams including maritime, aviation, and canine units.
• Emergency Medical Technicians
• Public Safety Answering Points and 911 call center employees
• Fusion Center employees
• Fire Mitigation Activities
• Hazardous material responders and hazardous devices teams, from government and the private sector.
• Workers – including contracted vendors — who maintain digital systems infrastructure supporting law enforcement and emergency service operations.
• Private security, private fire departments, and private emergency medical services personnel.
• County workers responding to abuse and neglect of children, elders, and dependent adults.
• Animal control officers and humane officers

Essential Workforce – Public Works
• Workers who support the operation, inspection, and maintenance of essential dams, locks, and levees
• Workers who support the operation, inspection, and maintenance of essential public works facilities and operations, including bridges, water and sewer main breaks, fleet maintenance personnel, construction of critical or strategic infrastructure, construction material suppliers, traffic signal maintenance, emergency location services for buried utilities, maintenance of digital systems infrastructure supporting public works operations, and other emergent issues
• Workers such as plumbers, electricians, exterminators, and other service providers who provide services that are necessary to maintain the safety, sanitation, and essential operation of residences.
• Support, such as road and line clearing, to ensure the availability of needed facilities, transportation, energy, and communications support to ensure the effective removal, storage, and disposal of residential and commercial solid waste and hazardous waste.

FOOD AND AGRICULTURE
Sector Profile
The Food and Agricultural (FA) Sector is composed of complex production, processing, and delivery systems and has the capacity to feed people and animals both within and beyond the boundaries of the United States. Beyond domestic food production, the FA Sector also imports many ingredients and finished products, leading to a complex web of growers, processors, suppliers, transporters, distributors, and consumers. This sector is critical to maintaining and securing our food supply.

Essential Workforce
• Workers supporting groceries, pharmacies, and other retail that sells food and beverage products, including but not limited to Grocery stores, Corner stores and convenience stores, including liquor stores that sell food, Farmers’ markets, Food banks, Farm and produce stands, Supermarkets, Similar food retail establishments, Big box stores that sell groceries and essentials
• Restaurant carry-out and quick-serve food operations – including food preparation, carry-out, and delivery food employees
• Food manufacturer employees and their supplier employees—to include those employed in food processing (packers, meat processing, cheese plants, milk plants, produce, etc.) facilities; livestock, poultry, seafood slaughter facilities; pet and animal feed processing facilities; human food facilities producing by-products for animal food; beverage production facilities; and the production of food packaging
• Farmworkers to include those employed in animal food, feed, and ingredient production, packaging, and distribution; manufacturing, packaging, and distribution of veterinary drugs; truck delivery and transport; farm and fishery labor needed to produce our food supply domestically
• Farmworkers and support service workers to include those who field crops; commodity inspection; fuel ethanol facilities; storage facilities; and other agricultural inputs
• Employees and firms supporting food, feed, and beverage distribution (including curbside distribution and deliveries), including warehouse workers, vendor-managed inventory controllers, blockchain managers, distribution
• Workers supporting the sanitation of all food manufacturing processes and operations from wholesale to retail
• Company cafeterias – in-plant cafeterias used to feed employees
• Workers in food testing labs in private industries and in institutions of higher education
• Workers essential for assistance programs and government payments
• Workers supporting cannabis retail and dietary supplement retail
• Employees of companies engaged in the production of chemicals, medicines, vaccines, and other substances used by the food and agriculture industry, including pesticides, herbicides, fertilizers, minerals, enrichments, and other agricultural production aids
• Animal agriculture workers to include those employed in veterinary health; manufacturing and distribution of animal medical materials, animal vaccines, animal drugs, feed ingredients, feed, and bedding, etc.; transportation of live animals, animal medical materials; transportation of deceased animals for disposal; raising of animals for food; animal production operations; slaughter and packing plants and associated regulatory and government workforce
• Workers who support the manufacture and distribution of forest products, including, but not limited to timber, paper, and other wood products
• Employees engaged in the manufacture and maintenance of equipment and other infrastructure necessary to agricultural production and distribution

ENERGY
Sector Profile
The Energy Sector consists of widely-diverse and geographically-dispersed critical assets and systems that are often interdependent of one another. This critical infrastructure is divided into three interrelated segments or subsectors—electricity, oil, and natural gas—to include the production, refining, storage, and distribution of oil, gas, and electric power, except for hydroelectric and commercial nuclear power facilities and pipelines. The Energy Sector supplies fuels to the transportation industry, electricity to households and businesses, and other sources of energy that are integral to growth and production across the Nation. In turn, it depends on the Nation’s transportation, information technology, communications, finance, water, and government infrastructures.

Essential Workforce – Electricity industry:
• Workers who maintain, ensure, or restore the generation, transmission, and distribution of electric power, including call centers, utility workers, reliability engineers and fleet maintenance technicians
• Workers needed for safe and secure operations at nuclear generation
• Workers at generation, transmission, and electric blackstart facilities
• Workers at Reliability Coordinator (RC), Balancing Authorities (BA), and primary and backup Control Centers (CC), including but not limited to independent system operators, regional transmission organizations, and balancing authorities
• Mutual assistance personnel
• IT and OT technology staff – for EMS (Energy Management Systems) and Supervisory Control and Data
• Acquisition (SCADA) systems, and utility data centers; Cybersecurity engineers; cybersecurity risk management
• Vegetation management crews and traffic workers who support
• Environmental remediation/monitoring technicians
• Instrumentation, protection, and control technicians

Essential Workforce – Petroleum workers:
• Petroleum product storage, pipeline, marine transport, terminals, rail transport, road transport
• Crude oil storage facilities, pipeline, and marine transport
• Petroleum refinery facilities
• Petroleum security operations center employees and workers who support emergency response services
• Petroleum operations control rooms/centers
• Petroleum drilling, extraction, production, processing, refining, terminal operations, transporting, and retail for use as end-use fuels or feedstocks for chemical manufacturing
• Onshore and offshore operations for maintenance and emergency response
• Retail fuel centers such as gas stations and truck stops, and the distribution systems that support them.

Essential Workforce – Natural and propane gas workers:
• Natural gas transmission and distribution pipelines, including compressor stations
• Underground storage of natural gas
• Natural gas processing plants, and those that deal with natural gas liquids
• Liquefied Natural Gas (LNG) facilities
• Natural gas security operations center, natural gas operations dispatch and control rooms/centers natural gas emergency response and customer emergencies, including natural gas leak calls
• Drilling, production, processing, refining, and transporting natural gas for use as end-use fuels, feedstocks for chemical manufacturing, or use in electricity generation
• Propane gas dispatch and control rooms and emergency response and customer emergencies, including propane leak calls
• Propane gas service maintenance and restoration, including call centers
• Processing, refining, and transporting natural liquids, including propane gas, for use as end-use fuels or feedstocks for chemical manufacturing
• Propane gas storage, transmission, and distribution centers

WATER AND WASTEWATER
Sector Profile
The Water and Wastewater Sector is a complex sector composed of drinking water and wastewater infrastructure of varying sizes and ownership types. Multiple governing authorities pertaining to the Water and Wastewater Sector provide for public health, environmental protection, and security measures, among others.

Essential Workforce
Employees needed to operate and maintain drinking water and wastewater/drainage infrastructure, including:
• Operational staff at water authorities
• Operational staff at community water systems
• Operational staff at wastewater treatment facilities
• Workers repairing water and wastewater conveyances and performing required sampling or monitoring
• Operational staff for water distribution and testing
• Operational staff at wastewater collection facilities
• Operational staff and technical support for SCADA Control systems
• Chemical disinfectant suppliers for wastewater and personnel protection
• Workers that maintain digital systems infrastructure supporting water and wastewater operations

TRANSPORTATION AND LOGISTICS
Sector Profile
The Transportation Systems Sector consists of seven key subsectors, or modes:
– Aviation includes aircraft, air traffic control systems, and airports, heliports, and landing strips. Commercial aviation services at civil and joint-use military airports, heliports, and seaplane bases. In addition, the aviation mode includes commercial and recreational aircraft (manned and unmanned) and a wide variety of support services, such as aircraft repair stations, fueling facilities, navigation aids, and flight schools.
– Highway and Motor Carrier encompasses roadway, bridges, and tunnels. Vehicles include trucks, including those carrying hazardous materials; other commercial vehicles, including commercial motorcoaches and school buses; vehicle and driver licensing systems; taxis, transportation services including Transportation Network Companies, and delivery services including Delivery Network Companies; traffic management systems; AND cyber systems used for operational management.
– Maritime Transportation System consists of coastline, ports, waterways, and intermodal landside connections that allow the various modes of transportation to move people and goods to, from, and on the water.
– Mass Transit and Passenger Rail includes terminals, operational systems, and supporting infrastructure for passenger services by transit buses, trolleybuses, monorail, heavy rail—also known as subways or metros—light rail, passenger rail, and vanpool/rideshare.
– Pipeline Systems consist of pipelines carrying natural gas hazardous liquids, as well as various chemicals. Above-ground assets, such as compressor stations and pumping stations, are also included.
– Freight Rail consists of major carriers, smaller railroads, active railroad, freight cars, and locomotives.
– Postal and Shipping includes large integrated carriers, regional and local courier services, mail services, mail management firms, and chartered and delivery services.

Essential Workforce
• Employees supporting or enabling transportation functions, including dispatchers, maintenance and repair technicians, warehouse workers, truck stop and rest area workers, and workers that maintain and inspect infrastructure (including those that require cross-border travel)
• Employees of firms providing services that enable logistics operations, including cooling, storing, packaging, and distributing products for wholesale or retail sale or use.
• Mass transit workers
• Taxis, transportation services including Transportation Network Companies, and delivery services including Delivery Network Companies
• Workers responsible for operating dispatching passenger, commuter and freight trains and maintaining rail infrastructure and equipment
• Maritime transportation workers – port workers, mariners, equipment operators
• Truck drivers who haul hazardous and waste materials to support critical infrastructure, capabilities, functions, and services
• Automotive repair and maintenance facilities
• Manufacturers and distributors (to include service centers and related operations) of packaging materials, pallets, crates, containers, and other supplies needed to support manufacturing, packaging staging, and distribution operations
• Postal and shipping workers, to include private companies
• Employees who repair and maintain vehicles, aircraft, rail equipment, marine vessels, and the equipment and infrastructure that enables operations that encompass the movement of cargo and passengers
• Air transportation employees, including air traffic controllers, ramp personnel, aviation security, and aviation management
• Workers who support the maintenance and operation of cargo by air transportation, including flight crews, maintenance, airport operations, and other on- and off-airport facilities workers


COMMUNICATIONS AND INFORMATION TECHNOLOGY
Sector Profile
The Communications Sector provides products and services that support the efficient operation of today’s global information-based society. Communication networks enable people around the world to contact one another, access information instantly, and communicate from remote areas. This involves creating a link between a sender (including voice signals) and one or more recipients using technology (e.g., a telephone system or the Internet) to transmit information from one location to another. Technologies are changing at a rapid pace, increasing the number of products, services, service providers, and communication options. The national communications architecture is a complex collection of networks that are owned and operated by individual service providers. Many of this sector’s products and services are foundational or necessary for the operations and services provided by other critical infrastructure sectors. The nature of communication networks involve both physical infrastructure (buildings, switches, towers, antennas, etc.) and cyberinfrastructure (routing and switching software, operational support systems, user applications, etc.), representing a holistic challenge to address the entire physical-cyber infrastructure.
The IT sector provides products and services that support the efficient operation of today’s global information-based society and are integral to the operations and services provided by other critical infrastructure Sectors. The IT Sector is comprised of small and medium businesses, as well as large multinational companies. Unlike many critical infrastructure Sectors composed of finite and easily identifiable physical assets, the IT Sector is a function-based Sector that comprises not only physical assets but also virtual systems and networks that enable key capabilities and services in both the public and private sectors.

Essential Workforce – Communications:
• Maintenance of communications infrastructure- including privately owned and maintained communication systems- supported by technicians, operators, call-centers, wireline and wireless providers, cable service providers, satellite operations, undersea cable landing stations, Internet Exchange Points, and manufacturers and distributors of communications equipment
• Workers who support radio, television, and media service, including, but not limited to front line news reporters, studio, and technicians for newsgathering and reporting
• Workers at Independent System Operators and Regional Transmission Organizations, and Network Operations staff, engineers and/or technicians to manage the network or operate facilities
• Engineers, technicians and associated personnel responsible for infrastructure construction and restoration, including contractors for construction and engineering of fiber optic cables
• Installation, maintenance and repair technicians that establish, support or repair service as needed
• Central office personnel to maintain and operate central office, data centers, and other network office facilities
• Customer service and support staff, including managed and professional services as well as remote providers of support to transitioning employees to set up and maintain home offices, who interface with customers to manage or support service environments and security issues, including payroll, billing, fraud, and troubleshooting
• Dispatchers involved with service repair and restoration

Essential Workforce – Information Technology:
• Workers who support command centers, including, but not limited to Network Operations Command Center, Broadcast Operations Control Center and Security Operations Command Center
• Data center operators, including system administrators, HVAC & electrical engineers, security personnel, IT managers, data transfer solutions engineers, software and hardware engineers, and database administrators
• Client service centers, field engineers, and other technicians supporting critical infrastructure, as well as manufacturers and supply chain vendors that provide hardware and software, and information technology equipment (to include microelectronics and semiconductors) for critical infrastructure
• Workers responding to cyber incidents involving critical infrastructure, including medical facilities, SLTT governments and federal facilities, energy and utilities, and banks and financial institutions, and other critical infrastructure categories and personnel
• Workers supporting the provision of essential global, national and local infrastructure for computing services (incl. cloud computing services), business infrastructure, web-based services, and critical manufacturing
• Workers supporting communications systems and information technology used by law enforcement, public safety, medical, energy and other critical industries
• Support required for continuity of services, including janitorial/cleaning personnel

OTHER COMMUNITY-BASED GOVERNMENT OPERATIONS AND ESSENTIAL FUNCTIONS
Essential Workforce
• Critical government workers, as defined by the employer and consistent with Continuity of Operations Plans and Continuity of Government plans.
• County workers responsible for determining eligibility for safety net benefits
• The Courts, consistent with guidance released by the California Chief Justice
• Workers to ensure continuity of building functions
• Security staff to maintain building access control and physical security measures
• Elections personnel
• Federal, State, and Local, Tribal, and Territorial employees who support Mission Essential Functions and communications networks
• Trade Officials (FTA negotiators; international data flow administrators)
• Weather forecasters
• Workers that maintain digital systems infrastructure supporting other critical government operations
• Workers at operations centers necessary to maintain other essential functions
• Workers who support necessary credentialing, vetting and licensing operations for transportation workers
• Workers who are critical to facilitating trade in support of the national, state, and local emergency response supply chain
• Workers supporting public and private childcare establishments, pre-K establishments, K-12 schools, colleges, and universities for purposes of distance learning, provision of school meals, or care and supervision of minors to support essential workforce across all sectors
• Workers and instructors supporting academies and training facilities and courses for the purpose of graduating students and cadets that comprise the essential workforce for all identified critical sectors
• Hotel Workers where hotels are used for COVID-19 mitigation and containment measures, including measures to protect homeless populations.
• Construction Workers who support the construction, operation, inspection, and maintenance of construction sites and construction projects (including housing construction)
• Workers such as plumbers, electricians, exterminators, and other service providers who provide services that are necessary to maintaining the safety, sanitation, construction material sources, and essential operation of construction sites and construction projects (including those that support such projects to ensure the availability of needed facilities, transportation, energy and communications; and support to ensure the effective removal, storage, and disposal of solid waste and hazardous waste)
• Commercial Retail Stores, that supply essential sectors, including convenience stores, pet supply stores, auto supplies and repair, hardware and home improvement, and home appliance retailers • Workers supporting the entertainment industries, studios, and other related establishments, provided they follow covid-19 public health guidance around social distancing. • Workers critical to operating Rental Car companies that facilitate continuity of operations for essential workforces, and other essential travel
• Workers that provide or determine eligibility for food, shelter, in-home supportive services, child welfare, adult protective services and social services, and other necessities of life for economically disadvantaged or otherwise needy individuals (including family members)
• Professional services, such as legal or accounting services, when necessary to assist in compliance with legally mandated activities and critical sector services
• Faith-based services that are provided through streaming or other technology • Laundromats and laundry services
• Workers at animal care facilities that provide food, shelter, veterinary and/or routine care and other necessities of life for animals.

CRITICAL MANUFACTURING
Sector Profile
The Critical Manufacturing Sector identifies several industries to serve as the core of the sector: Primary Metals Manufacturing, Machinery Manufacturing, Electrical Equipment, Appliance, and Component Manufacturing, Transportation Equipment Manufacturing Products made by these manufacturing industries are essential to many other critical infrastructure sectors.

Essential Workforce
• Workers necessary for the manufacturing of materials and products needed for medical supply chains, transportation, energy, communications, food and agriculture, chemical manufacturing, nuclear facilities, the operation of dams, water and wastewater treatment, emergency services, and the defense industrial base.

HAZARDOUS MATERIALS
Essential Workforce
• Workers at nuclear facilities, workers managing medical waste, workers managing waste from pharmaceuticals and medical material production, and workers at laboratories processing test kits
• Workers who support hazardous materials response and cleanup
• Workers who maintain digital systems infrastructure supporting hazardous materials management operations

FINANCIAL SERVICES
Sector Profile
The Financial Services Sector includes thousands of depository institutions, providers of investment products, insurance companies, other credit and financing organizations, and the providers of the critical financial utilities and services that support these functions. Financial institutions vary widely in size and presence, ranging from some of the world’s largest global companies with thousands of employees and many billions of dollars in assets to community banks and credit unions with a small number of employees serving individual communities. Whether an individual savings account, financial derivatives, credit extended to a large organization, or investments made to a foreign country, these products allow customers to: Deposit funds and make payments to other parties; Provide credit and liquidity to customers; Invest funds for both long and short periods; Transfer financial risks between customers.

Essential Workforce
• Workers who are needed to process and maintain systems for processing financial transactions and services (e.g., payment, clearing, and settlement; wholesale funding; insurance services; and capital markets activities)
• Workers who are needed to provide consumer access to banking and lending services, including ATMs, and to move currency and payments (e.g., armored cash carriers)
• Workers who support financial operations, such as those staffing data and security operations centers

CHEMICAL
Sector Profile
The Chemical Sector—composed of a complex, global supply chain—converts various raw materials into diverse products that are essential to modern life. Based on the end product produced, the sector can be divided into five main segments, each of which has distinct characteristics, growth dynamics, markets, new developments, and issues: Basic chemicals; Specialty chemicals; Agricultural chemicals; Pharmaceuticals; Consumer products

Essential Workforce
• Workers supporting the chemical and industrial gas supply chains, including workers at chemical manufacturing plants, workers in laboratories, workers at distribution facilities, workers who transport basic raw chemical materials to the producers of industrial and consumer goods, including hand sanitizers, food and food additives, pharmaceuticals, textiles, and paper products.
• Workers supporting the safe transportation of chemicals, including those supporting tank truck cleaning facilities and workers who manufacture packaging items
• Workers supporting the production of protective cleaning and medical solutions, personal protective equipment, and packaging that prevents the contamination of food, water, medicine, among others essential products
• Workers supporting the operation and maintenance of facilities (particularly those with high risk chemicals and/ or sites that cannot be shut down) whose work cannot be done remotely and requires the presence of highly trained personnel to ensure safe operations, including plant contract workers who provide inspections
• Workers who support the production and transportation of chlorine and alkali manufacturing, single-use plastics, and packaging that prevents the contamination or supports the continued manufacture of food, water, medicine, and other essential products, including glass container manufacturing

DEFENSE INDUSTRIAL BASE
Sector Profile
The Defense Industrial Base Sector is the worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet U.S. military requirements. The Defense Industrial Base partnership consists of Department of Defense components, Defense Industrial Base companies and their subcontractors who perform under contract to the Department of Defense, companies providing incidental materials and services to the Department of Defense, and government-owned/contractor-operated and government-owned/government-operated facilities. Defense Industrial Base companies include domestic and foreign entities, with production assets located in many countries. The sector provides products and services that are essential to mobilize, deploy, and sustain military operations.

Essential Workforce
• Workers who support the essential services required to meet national security commitments to the federal government and U.S. Military. These individuals include but are not limited to, aerospace; mechanical and software engineers, manufacturing/production workers; IT support; security staff; security personnel; intelligence support, aircraft and weapon system mechanics and maintainers
• Personnel working for companies, and their subcontractors, who perform under contract to the Department of Defense providing materials and services to the Department of Defense, and government-owned/contractor-operated and government-owned/government-operated facilities

Download a pdf


CYBER SECURITY – Malicious Coronavirus-related E-Mails Spread – April 2020


AS IF BUSINESSES didn’t have enough to worry about, online scammers have started sending out malicious e-mails to organizations about coronavirus that appear to be from business partners or public institutions. The criminals send these to rank and file employees in the hope that at least one of them will click on a link or attachment in the e-mail, which unleashes malware or tries to trick them into wiring money for supplies purportedly to protect the organization’s workers.

The number of malicious e-mails mentioning the coronavirus has increased significantly since the end of January, according to cybersecurity firm Proofpoint Inc. The company noted that this wasn’t the first time they had seen such widespread cyber attacks associated with some type of disaster. But because this is global in nature, it decided to track the new threat. This practice of launching cyber attacks that are centered around global news and outbreaks (like the current COVID-19 coronavirus) isn’t anything new. Cybercriminals have long employed these tactics to take advantage of users’ desires to keep as up to date with any new information as possible or to evoke powerful emotions (like fear) in the hope that their sentiments will get the better of them and they will not pause to check for the legitimacy of these e-mails.

The cybercriminals are using the public’s ignorance about coronavirus, as well as the conflicting claims of how to protect against it, to lure people into clicking on their malicious links or get them to wire money. Because people are afraid, their guards may be down and they may not be as careful about identifying the e-mail as dangerous.

Some real-life examples

• Japanese workers were targeted in January and February with e-mails that looked like they came from local hospitals. The messages even included legitimate contact information for key personnel. The e-mails were focused on employees of various companies and came in a message that would look like it’s a reply to something or a warning that people are getting from the government. But when they clicked, it was malware. E-mails were sent to companies in the transportation sector that looked like they came from an employee of the World Health Organization.
They included the WHO logo and instructions about how to monitor crews aboard ships for coronavirus symptoms, and they included an attachment with instructions. This phishing e-mail attack was
intended to lure individuals into providing sensitive data, such as personally identifiable information and passwords.
• Companies in the US and Australia have been receiving malicious e-mails that use a display name of “Dr. Li Wei” and are titled “CORONA-VIRUS AFFECTED COMPANY STAFF.”

What you can do

All that it takes to break into your business is a cleverly worded e-mail message. If scammers can trick one person in your company into clicking on a malicious link, they can gain access
to your data. It’s important to train your staff to identify suspicious e-mails. They should avoid clicking links in e-mails that:
• Are not addressed to them by name, have poor English, or omit personal details that a legitimate sender would include.
• Are from businesses they are not expecting to hear from.
• Ask you to download any files.
• Take you to a landing page or website that does not have the legitimate URL of the company the e-mail is purporting to be sent from.
• Include attachments purportedly with advice for what to do. Do not open them even if they come from relatives or friends.


CONSTRUCTION RISK – Why You Need ‘Key Man’ Insurance – April 2020


IF YOU are operating a small business, you are likely relying on a small staff to get the job done. Many employees in small firms have to wear many hats and if one of them or an owner should die, the business could suffer greatly from that sudden loss of talent. If you don’t have “key man” insurance, that setback could be devastating to the viability of your operations, whereas coverage would provide you with extra funding that you would need while recovering from the loss. Keyman insurance is life insurance on a key person or persons in a business. In a small business, this is usually the owner, a founder or perhaps a few vital employees. These are the people who are crucial to a business – the ones whose absence would sink the company. You need key man insurance on those people.

Key man insurance basics

Before buying coverage, give some thought to the effects on your company of possibly losing certain partners or employees. In opting for this type of coverage, your company would take out life insurance on the key individuals, pay the premiums and designate itself as the beneficiary of the policy. If that person unexpectedly dies, your company receives the claim payout. This payout would essentially allow your business to stay afloat as you recover from the sudden loss of that employee or partner, without whom it would be difficult to keep the business operating in the short term.

Your company can use the insurance proceeds for expenses until it can find a replacement person, or, if necessary, pay off debts, distribute money to investors, pay severance to employees and close the business down in an orderly manner. In other words, in the aftermath of this tragedy, the insurance would give you more options than immediate bankruptcy.

Determining whom to cover

Ask yourself: Who is irreplaceable in the short term? In many small businesses, it is the founder who holds the company together – he or she may keep the books, manage the employees, handle the key customers, and so on. If that person is gone, the business pretty much stops.

Determining amount of coverage

• The amount of coverage depends on your business and revenue.
• Think of how much money your business would need to survive until it could replace the key person, come up to speed and get the business back on its feet.
• Buy a policy that fits into your budget and will address your short-term cash needs in case of tragedy.
• Ask us to get some quotes from different insurers. • Check rates for different levels of coverage ($100,000, $500,000, etc.)


KEEPING OPERATIONS GOING – Tips for Successful Telecommuting – April 2020


WITH THE current isolation orders for most workers in California, many companies have had to scramble to put systems in place to allow their employees to telecommute. Many businesses are not set up for having employees work from home, and they have legitimate concerns about productivity and communications. But there are steps you can take to make sure that you keep your employees engaged and on task.

1. Make sure they have the right technology

If you don’t already have one, you may want to consider setting up a company VPN so your employees can access their work e-mail and databases. You will also need to decide if you are going
to provide them with a company laptop, and you need to make sure that they have an internet connection that is fast enough to handle their workload. Also provide an infrastructure for them to be able to work together on files. If they are not sensitive company documents, they can use Dropbox or Google Documents, which allow sharing between co-workers.

2. Provide clear instructions

It’s important that you provide clear instructions to remote workers. Some people do not perform well without direct oversight and human interaction. Without that factor, you will need to spell out your expectations and the parameters of the projects they are working on in detail. Make it clear that if they are confused or unsure about any part of the work, they should contact a supervisor for clarification. If you can eliminate misunderstandings, then your workers can be more efficient.

3. Schedule regular check-ins

To hold your employees accountable for being on the clock, schedule calls or virtual meetings at regular intervals. Even instant messaging works. During these meetings they can update their
superiors on their work. This also helps with productivity, since there are consequences for failing to meet expectations and coming to the meeting empty-handed. Their supervisors should be working when they are, so they can be in regular communication.

4. Keep employees engaged

One of the hardest parts of working from home is the feelings of isolation and detachment from colleagues. It’s important that you build in interactive time for your workers. One way to do that is by using a chat program like Slack, Hangouts or WhatsApp (which has a group chat function). For remote workers, these programs are a blessing because they make it easy to keep in touch with their colleagues in and out of the office – and they level the playing field, so to speak, by making distance a non-issue.

5. Cyber protection

With employees working from home, you also increase your cyber risk exposure, especially if they are using a company computer that is tapped into your firm’s database or cloud. Teach them cyber security best practices, such as:
• Not clicking on links in e-mails from unknown senders.
• Making sure their systems have the latest security updates.
• Backing up their data daily.
• Training them on how to detect phishing, ransomware
and malware scams, especially new ones that try to take advantage of people’s fears about COVID-19.


Coverage Gap Concerns as Cyber Threat Grows – January 2020 RISK REPORT


Small and mid-sized businesses are increasingly bearing the burden of cyber threats, as criminals are betting they do not have the resources in place to mount a strong defense. A severe attack on a small company can incapacitate its ability to do business, and the expenses of getting operations back on track – coupled with loss of goodwill – can easily force a firm into bankruptcy.
Unfortunately, with more data breaches hitting the news, one of the main concerns that executives have is if their insurance will cover the costs of recovering from an attack.

If you are running a small or mid-sized company, do not underestimate the growing threat to your business. Your chief priorities should be protecting against the threat and having proper insurance coverage in place.

TOP REASONS FOR CYBER LOSSES

• Malicious breaches resulting in data losses: 52%
• Unintentional data disclosure by staff: 16%
• Physical loss or theft of data: 13%
• Network or website disruptions: 5%
• Phishing, spoofing and social engineering: 5%
• Other: 9%
Source: Advisen and Nationwide Insurance Co.

Insurance concerns

One of the chief concerns for executives is any overlap or gaps between their property, liability, crime and cyber policies when it comes to covering the costs of recovering from an attack, according to a report by insurance news website Advisen and Nationwide Insurance. Some companies feel they don’t need cyber coverage because they believe their property and liability policies will cover any related losses.

EXECUTIVES’ INSURANCE WORRIES

• 95% of respondents named data breach as the number-one risk they expect to be covered by a cyber insurance policy.
• 94.5% said they expect cyber-related business interruption to be covered by a cyber policy.
• 89% said they expect their cyber policy to cover ransom demands.
• 36% said they have cyber-related property damage/bodily injury coverage under another policy, reflecting the belief that some coverage for cyber-related losses can be found under traditional policies.
• 60% of respondents said they are concerned about perceived gaps and overlaps in their insurance coverage.
• 53% of respondents said coverage for funds-transfer losses should be found under the crime policy, but also stated they would like to be able to recover under both crime and cyber policies – or have separate policies with higher limits.

The takeaway

Since cyber insurance is a new and evolving product, all policies do not cover the same thing. That’s why it’s important to weigh your choices carefully and consult with us. While the cyber threat grows, more insurers are changing language in their property and liability policies to limit coverage of cyber events. Because of the high costs associated with a data loss, more
executives want to see higher limits for business interruption coverage on their cyber stand-alone policies.

This market demand may drive insurers to refine their cyber insurance policies, including increasing cyber-related business interruption limits, according to the Advisen report. To find the best coverage for your business, please talk to us. We can help you evaluate your risks and coverages and identify any gaps by looking at your existing policies.


CAL/OSHA REPORTING – New Law Changes When Injuries Must Be Reported


Gov.  Gavin Newsom has signed a measure into law that will greatly expand when employers are required to report workplace injuries to Cal/OSHA. The new law, AB 1805, broadens the scope of what will be classified as a serious illness or injury which regulations require employers to report to Cal/OSHA “immediately.” As of yet there is no effective date for this new law, but observers say regulations will first have to be written, a process that would start next year.

The definition of “serious injury or illness” has for decades been an injury or illness that requires inpatient hospitalization for more than 24 hours for treatment, or if an employee suffers a “loss of member” or serious disfigurement. The definition has excluded hospitalizations for medical observation. Serious injuries caused by a commission of a penal code violation (a criminal assault and battery), or a  vehicle accident on a public road or highway have also been excluded.

Compliance

Rules for reporting serious injuries and illness or fatalities are as follows:
• The report must be made within eight hours of the employer knowing, or with “diligent inquiry” should have known, about the serious injury or illness (or fatality).
• The report must be made by phone to the nearest Cal/ OSHA district office (note that a companion bill, AB 1804, eliminated e-mail as a means of reporting because e-mail can allow for incomplete incident reporting).

Because of the “diligent inquiry” component, employers should monitor any injured worker’s condition once they learn of an injury, particularly if they need to seek out medical treatment. A member of the staff should be on hand to monitor the employee and report to supervisors immediately if that person will need to be hospitalized. Employers should make sure that supervisors are made aware of the new rules so that any time a worker is injured to the point that they need to be  hospitalized, they know to notify Cal/OSHA within eight hours.

Also, if you have an employee that suffers a medical episode at work – such as a seizure, heart attack or stroke – you are required to report the hospitalization to Cal/OSHA. It’s better to err on the side of caution if an employee is hospitalized for any reason. Not doing so can result in penalties for failure to report or failing to report in a timely manner. Accordingly, it is important to educate management representatives, particularly those charged with the responsibility to make reports to Cal/OSHA, about the nuances of Cal/OSHA’s reporting rules.

One final note: The results of a serious injury or illness or workplace fatality will usually trigger a site inspection by Cal/OSHA, so be prepared if one should occur.


Workers’ Comp – New Experience Rating, Physical Audit Levels Set


Starting in 2020,  the threshold for California employers to be  eligible for experience rating (X-Mod) has been reduced by order of the state insurance commissioner. 

Commissioner Ricardo Lara in September approved the recommendations by the Workers’ Compensation Insurance Rating Bureau to lower thresholds for determining eligibility for experience rating and when a carrier needs to perform a physical audit of an employer’s payroll records.

NEW THRESHOLDS

Annual physical audit
As of Jan. 1, 2020: Any employer with $10,500 or more in annual premium.
Current threshold: $13,000 or more in annual premium.
Threshold for experience rating (to have an X-Mod)
As of Jan. 1, 2020: $9,700 in annual premium.
Current threshold: $10,000 or more in annual premium.

 

“Physical audit” is defined as an “audit of payroll, whether conducted at the policyholder’s location or at a  Remote site, that is based upon an auditor’s examination of the policyholder’s books of accounts and original payroll records (in either electronic or hard copy form), as necessary to determine and verify the exposure amounts by classification.”

The eligibility rating threshold is the amount of payroll developed during the experience period in each classification, multiplied by the expected loss rates for each class. If the total for all assigned classes is at or above the threshold, then the employer is eligible for an X-Mod.

Changes to dual-wage class codes

Lara also approved the Rating Bureau’s recommendations for changes to a number of construction dual-wage class codes. While most workers’ comp classes have one rate, in some classes the difference in claims costs between high- and  lowerwage workers is so great that a dual-wage  classification is needed.  In those cases, the workers above the threshold rate are assigned one rate, while those below that threshold are assigned a higher rate. The new thresholds are for 14 construction classifications, and any workers above the threshold will have a lower rate applied.


New State Law Alters Employment Landscape


Governor Gavin  Newsom has signed a bill into law that will codify a court ruling from last year that set new ground rules for what constitutes an independent contractor, and which expands on that ruling.

There’s been a lot written in the media about the law, AB 5, and much of it misses the point. Some news reports have said it will spell the end of independent contractors in the state and that anyone a company hires to do a temporary job on contract must be treated as an employee.

Now that AB 5 is the law, state and federal labor laws will apply to independent contractors who have to be reclassified as employees.  That means they would be afforded all of the associated worker protections, from overtime pay and minimum wages to the right to unionize. Employers would have to cover them under their workers’ comp policies, and extend benefits to them as they do to other employees. The law also gives the state and cities the right to sue employers over misclassification.

AB 5 codifies and expands on a 2018 California Supreme Court decision that adopted a strict, three-part standard for determining whether workers should be treated as employees. Known as the “ABC test,” the standard requires firms to prove that people working for them as independent contractors meet certain standards:

THE ABC TEST
A) Must be free from the company’s control when they’re on the job;
B) Must be doing work that falls outside the company’s normal business; and
C) Must be operating an independent business or trade beyond the job for which they were hired.

 

The first prong aligns with the common-law test for employment and evaluates the degree of control exercised by the company over the worker.

The second prong examines whether the worker can reasonably be viewed as working in the hiring company’s business.

The third prong inquires whether the worker independently made the decision to go into business. The fact that the hiring company does not prohibit the worker’s engagement in such an independent business is not sufficient.

 

Occupations exempted include:

• Doctors
• Some licensed professionals (lawyers, architects, engineers)
• Accountants, securities broker-dealers, investment advisors
• Real estate agents
• Direct sales (compensation must be based on actual sales)
• Builders and contractors (who work for construction firms that build major infrastructure projects and large buildings)
• Freelance writers, photographers (provided the worker contributes no more than 35 submissions to an outlet in a year)
• Hairstylists, barbers (must set their own rates and schedule)
• Estheticians, electrologists, manicurists (must be licensed)
• Tutors (must teach their own curriculum)
• AAA-affiliated tow truck drivers. 

 

What employers should do

Legal experts recommend that employers:
• Perform a worker classification audit, and especially review all contracts with personnel.
• Determine which benefits and protections should be provided to any workers who are reclassified from  independent contractor to employee (think health insurance and other benefits).
• Notify any state agencies about changes to a worker’s status.
• Discuss with legal counsel whether you should also include a worker as an employee for the purposes of payroll taxes, workers’ comp insurance, federal income tax withholding,  ICA payment and withholding.

 

Note: Federal law remains unchanged. The IRS and National Labor Relations Board have their own independent contractor tests.


Cal/OSHA – Rulemaking Protecting Outdoor Workers from Wildfire Smoke


CAL/OSHA is developing rules that would require employers of outdoor workers to provide respiratory equipment when air quality is affected by wildfires. Smoke from wildfires can travel hundreds of miles and while an area may not be in danger of the wildfire, the smoke can be thick and dangerous, reaching unhealthy levels. Many employers want to hand out respirators to outside workers, but regulations governing the use of ventilators can be burdensome.

The California Code of Regulations, Title 8, Section 5144 requires employers that distribute respirators to implement a written respiratory protection program, require seal-testing before every use and conduct medical evaluations prior to use.

What to expect:
The regs are still in draft form and are unlikely to be completed this summer for the upcoming fire season.
But here is what you can expect:
The draft of the regulations would require that employers take action when the Air Quality Index (AQI) for particulate matter 2.5 is more than 150, which is considered in the “unhealthy” range. The protections would also be triggered when a government agency issues a wildfire smoke advisory or when there is a “realistic possibility” that workers would be exposed to wildfire smoke.

All California employers with “a worker who is outdoors for more than an hour cumulative over the course of their shift” would be required to comply with these regulations:
• Checking AQI forecasts when employees may reasonably be expected to be exposed to an AQI of more than 150.
• Establishing a system of communication to inform employees about AQI levels and changes in conditions that can lead to bad air quality, and about protective measures.
• Training workers in the steps they would have to take if the AQI breaches 150.

The regulations are pending with the Cal/OSHA Standards Board, which is expected to vote on them in July.  For now, if you do have outside employees who are confronted with working in smoky conditions, you should start stockpiling a two-week supply of N95 masks for all of your workers.


Request a Wholistic Mindful Analysis

Ask us how we can help your organization