US Pro CLUE Blog

US Pro CLUE Blog

Cyber Liability Underwriting Exposures (CLUE) is a leading industry news source and information medium specifically developed by US Pro for its agency partners.

CLUE gets its information from many resources, including industry experts, underwriters, insurance publications, and multiple web-based articles to keep our customers current in the areas surrounding Cyber Liability Insurance programs.


2018 Experian Data Breach Industry Forecast: It will SHOCK You!

Posted by on Mar 14, 2018 in Cyber Source | Comments Off on 2018 Experian Data Breach Industry Forecast: It will SHOCK You!

An excellent resource available to anyone interested in Cyber security and insurance, the annual forecast that Experian does is highly recognized in our industry.  We had a chance to review Experian’s annual Data Breach Industry Forecast for 2018.  It was shocking.  Seriously.  Here are the top 5 key points as seen through the eyes of our President, Kevin Sneed:

  1. Operating in the digital world in 2018 with no disaster plan in place may be fatal for any size of business.  Effective Cyber Insurance is at the top of that plan.  Risk avoidance is impossible, and event probability is almost certain.  Therefore, risk transfer is an absolute.
  2. Remember 5/25/18.  This is a date that will live in Cyber Infamy.
  3. The line between Cyber threat and physical threat is now thin ice.
  4. More intelligence creates sophisticated attacks easier and faster.
  5. Small business risks death.

Over the next couple of weeks, the blog will be updated to dive into each one of these take away themes.  Make no mistake, everything in the report confirms what we have been saying at the ground battle level about Cyber Liability.  The risk is getting much bigger, not smaller.  The bad guys are winning the war right now- we implement security in reaction to threat.  Most of American small business’ still do not buy effective Cyber Insurance, yet, the transfer of risk is one of the only effective weapons when under attack.

US Pro is working to change this dynamic.  We are working to help America’s small business understand what they are facing.  We are teaching America’s retail agencies how to understand Cyber risk by industry class.   We are “America’s Cyber Insurance Experts”, and we are working for you.

For access to a copy of Experian’s report, please visit their website directly to get your copy.  We highly recommend this as a resource.


National Cyber Security Awareness Month: Week 5

Posted by on Dec 4, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 5

Week 5: October 30-31 Theme: Protecting Critical Infrastructure from Cyber Threats

The best site I could find that dealt with the theme for Week 5 is Bluefin, and their recommendations is spot on.  A full reproduction of their article posted on their site October 31, 2017 follows:

(Reproduction of original document written by and posted on the Bluefin blog)



National Cyber Security Awareness Month: Week 4

Posted by on Dec 4, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 4

Week 4: October 23-27 Theme: The Internet Wants You: Consider a Career in Cybersecurity

According to the official position of the DHS on this week’s topic:

“According to a study by the Center for Cyber Safety and Education, by 2022, there will be a shortage of 1.8 million information security workers.  It is critical that today’s students graduate ready to enter the workforce to fill the vast number of available cybersecurity positions.  Students and other job seekers are encouraged to explore cybersecurity careers.”

There is a blog that we found that talks at length about how to explore such a career.  The blog is found at White Hat Security and was written by Jeannie Warner in September of 2017.  You can link directly to this by clicking the link:

A summary of the key takeaway points from the article:

#1- Decide where in the cybersecurity rainbow your interests fit

#2- Keywords are important to communicate

#3- Know someone

#4- Don’t get discouraged

#5- Be passionate

Look for more useful information in next week’s review of Week 5 of Cyber Security Awareness Month.

National Cyber Security Awareness Month: Week 3

Posted by on Dec 4, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 3

Week 3: October 16-20 Theme: Today’s Predictions for Tomorrow’s Internet

By now most of us have heard of the Internet of Things, known as the IoT.  Week 3 reminds us that our personal information is the fuel that makes our smart devices work.  In order to reap the benefits of these devices we must do so in an environment that uses our best practices in digital safety.

Everything we use today is seemingly smart.  TV’s, refrigerators, backup sump pumps, garage doors, video monitoring systems, and just about everything else in your home these days is smart.  You are in a smart home.  With a smart car.  In a smart city.  Everything is interconnected, analyzed, and computed.  The internet of today is a glimpse of the technology of tomorrow, and getting ahead of the security curve now is as important as the technologies themselves.

We came across an excellent white paper that was put together by the IEEE Internet Initiative.  The link for the full paper is:

The white paper frames the problem in an excellent and understandable way:



Some manufacturers have produced and sold IoT devices that do not include sufficient security features. This has resulted in serious harm, both economic and otherwise, to specific parties and to the general public. A recent example of this include the DVRs and IP cameras now recalled by XiongMai Technologies [1]. As IoT devices proliferate, unless some action is taken to secure these devices, harm caused in the future may be even more severe.

Corporate and individual consumers of IoT devices may not currently possess the technical expertise to evaluate the cost/benefit of purchasing perhaps more expensive properly secured devices. Further, if the dangers presented by the devices affect only parties other than the seller or purchaser of the devices, then there may be no financial incentive for seller or purchaser to worry about device security.


In their statement above, the latter statement is where the gap is created.  This lack of “technical expertise: they speak of goes overlooked, and creates a vulnerability gap each time it is done for each device.Fortunately, the white paper also provides useful practices that can be implemented to help mitigate these vulnerability gaps.  They have grouped them under two best practices:

Protect Your Devices

Protects Your Networks

We recommend a full and complete reading of these tools to help your organization stay protected in this ever-changing digital world.

Look for more useful information in next week’s review of Week 4 of Cyber Security Awareness Month.

National Cyber Security Awareness Month: Week 2

Posted by on Oct 18, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 2

Week 2: October 9-13 Theme: Cybersecurity in the Workplace is Everyone’s Business

Creating a culture of cybersecurity is critical for all organizations-  large and small businesses, schools, nonprofits, and government agencies – and must be a shared responsibility among all employees.  One of the most alarming statistics in Cyber insurance is that 80% of all events are caused by one’s own employees.  Week 2 will showcase how organizations can protect against the most common cyber threats.

Small businesses, schools, nonprofits, and government agencies are most at risk with the expected lack of resources, either physically or financially, to combat the risk like large corporations can.  Since there are multiple threats they face, they must focus their efforts towards mitigating the top threats likely to cause them the most harm.

These threats are as follows:

  • Ransomware events
  • Cyber Crime losses
  • Business interruption expenses

Here are some basic tips designed to help your clients reduce their risk to the occurrence of these events, and are only a few of several actions which can be implemented.



Since most Ransomware events occur due to unintentional employee negligence, some good advice for IT personnel to consider is following these tips:

  • Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.
  • Keep all software up to date, including operating systems and applications.
  • Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
  • Back up all information to a secure, offsite location.
  • Segment your network: Don’t place all data on one file share accessed by everyone in the company.



How do you try to avoid becoming a victim of a phishing attack?

There is a lot of valuable information on this topic, and implementing procedures and processes that can do a great job of mitigating the exposure points costs no money.  However, implementation is only successful if practiced properly.

Here are a few simple things to always remember:

  • Avoid clicking on links unless they were specifically requested. If you want to click a link you received, open up a new email and write the person back in a new message and ask if they sent the link.
  • Set a limit on the amount of money that can be electronically transferred.
  • Never open up any kind of attachment from sources you do not know.
  • Any message that requests for you to disclose any piece of personal information is suspicious. Never give out any personal information in response to a request for such.



Most businesses do not compute the cost of business interruption into other events that occur to their organizations.  They often do not correlate the down time expense with the event causing the down time. There are three costs associated with the non-physical business interruption event, regardless of the cause of the interruption:

  • Income loss– These are the dollars you lose because the website does not work, the widgets are not being made, the service is not being performed, etc.
  • Interruption expenses– These are the static costs of operating business that still must be paid during an interruption, such as employee costs, lights, rent, and so forth.
  • Extra expenses– These are the costs you incur to set up new systems to operate during the interruption, or costs to hire extra employees to enter data, etc.

The best defense against experiencing prolonged BI expenses is to have a disaster recovery plan in place, which is continuously reviewed and updated.  Elements of the disaster recovery plan should include at least these areas of focus:

Backups– The best defense against data recovery trouble is to have proper backup procedures in place.  Two important notes regarding data backups:

  • Protect your cloud Office 365 – This suite deserves unique mention because it is so widely adopted, with an estimated 50,000 small businesses added each month. Microsoft does permanent removal of deleted files after 14 days, generally before someone realizes that they deleted something they need again, and recovery within that 14-day window can take days. This means that O365 users need to setup their own backup system. The best tools offer self-service recovery capabilities for quick restores.
  • Ransomware resistant – Ransomware developers target Windows servers because of their large numbers. This is especially true among SMBs companies, as they specifically target those least likely to have good defenses. To keep from being a victim, backup appliances should be Linux-based, and ransomware resistant.

Disaster Recovery Processes- Disaster Recovery-as-a-Service, (DRaaS) is the ability to recover application and business performance on remote infrastructure after cyber-attacks, accidents, or natural disasters. This capability includes not just data storage but system settings pre-positioned to be deployed in the event of a disaster declaration. This capability can occur in remote corporate locations or in a public cloud.

Implement these DR Best Practices:

  • Automatic -Implementing disaster recovery should not depend on someone manually starting recovery, especially if they are from potentially failed servers. After you lose your servers, your DRaaS provider should be able to spin up your remote infrastructure in minutes.
  • Service Level Agreements (SLA) – It is important to have an SLA with your DR supplier. Not only does this give leverage to demand quick action, it is also a sign that the supplier is confident to offer compensation if they do not meet their standards.
  • Testing– While we all hope that we will never need our disaster recovery tools, hope is not a strategy. IT needs to ensure that if a disaster is declared, systems will work as planned. In fact, many federal and industry regulations such as HIPAA and SOX mandate regular testing to ensure compliance. Written proof of test results is common. However; superior testing should actually simulate the DR process up to, but just before applications are deployed.

A lot more information on these subject is available and credited to the article found at this link:

Look for more useful information in next week’s review of Week 3 of Cyber Security Awareness Month.

National Cyber Security Awareness Month: Week 1

Posted by on Oct 9, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 1

Cyber Security Awareness Month:  Week 1 is Simple Steps to Online Safety- What Can You Do?

Per the DHS, all members of the public can take some simple actions to protect themselves online and to recover in the event a cyber incident occurs.  In Week 1 will address the top consumer cybersecurity concerns, provide simple steps to protect against these concerns, and help the public understand what to do if they fall victim to cyber crime.

Today US Pro recommends some basic behaviors that can go a long way towards mitigating these online cyber security threats:

Encrypt your data:  Encryption is a safe harbor in almost every privacy regulation.  Using either Symmetric or Asymmetric encryption offers you a maximum layer of security against data theft.

Continuing education:  Employees are the largest threat to a commercial business.  As much as 80% of events are caused by unintentional employee negligence.  Continuous education and training of your employees on current threats should be implemented.

Some topics that should be included in this training are:

  1. Avoiding improper disposal by limiting the task to a position duty rather than allowing everyone to dispose unsupervised.
  2. Double check before hitting send to confirm that the information being sent is being sent to the right person and contains the right information.
  3. Avoid the clicking of links embedded in emails, even when the emails are from sources you trust.
  4. Learn to identify phishing scams.

Become Phishermen:  Social engineering is the tactic used by an individual to deceive or trick another individual into disclosing personal information they would not otherwise disclose.  The most common form is to mimic your bank and ask for you to click on a link and log into your account as a security test.  These are known as phishing scams.

Phishing is the leading cause of unauthorized access to or use of computer systems, and has evolved into a more sophistical technique known as Spear Phishing.  To minimize the threat of an event arising from a Phishing act, the very best policy is to become phishing experts, or Phishermen.  Consider these tips in addition to many others we advocate:

  • If you must click on embedded links, then verify embedded link integrity.  Hover your mouse over the link and the actual URL should be displayed.   If it differs from what is written on the link, it is suspicious.
  • Beware of child domains.  A child domain is when a URL is created using what appears to be a valid domain followed by the bad domain.   Most users will never notice it.
  • Failed the English test.  Any message filled with grammar, punctuation or spelling mistakes is likely suspicious.  Most companies sending out corporate emails proofread and spellcheck first.

There are many other different mechanisms that can be engrained into the daily corporate lives of employees that will serve to mitigate the risks against commercial business.  These 3 tips are a good “Simple Start” towards having better online behavior patterns and getting on the road to improving your Cyber risk health assessment.

Look for our article during the theme for Week 2: Cyber Security in the Workplace is Everybody’s Business.  We will give an in depth explanation of what a non-physical fire is and why they are so much more destructive to a business than the standard property fire.


Cyber Insurance Evolution

Posted by on Sep 21, 2017 in Cyber Source | Comments Off on Cyber Insurance Evolution

Contingent BI Coverage and more…

2017 is a fascinating year so far for Cyber Insurance. As fast as new carrier programs enter the Cyber marketplace, Cyber exposures evolve putting them behind the curve. Cyber Liability exposures manifest themselves in new ways every day, and as America’s Cyber Insurance Experts, US Pro is at the forefront of its evolution.

Today we want to bring you up to speed on the newest Cyber threats, and how these are being addressed by one of our leading carriers.

The Internet of Things (IoT)

The IoT can be summarily defined as any device that is connected to and transmits data through the internet. This connectivity without security presents a variety of vulnerability gaps that may result in a security breach. Such a breach may allow users to gain access to important and even vital network resources, giving them control over the victim. This can be especially problematic for the healthcare industry, manufacturing sector, and many others who rely on network-based systems for their daily operations.

Many of today’s Cyber policies exclude Bodily Injury claims. Extending this coverage for such claims when they arise directly from a security breach or privacy compromise is important in this evolving frontier. This Contingent BI Coverage is important and exciting and the next chapter unfolding in the book of Cyber Insurance.

Look for even more exciting new coverages from US Pro as we are committed to remaining at the forefront of this coverage and America’s Cyber Insurance Experts!!

Cyber Extortion vs. Cyber Crime

Posted by on Feb 9, 2017 in Cyber Source | Comments Off on Cyber Extortion vs. Cyber Crime

What’s the Difference

Cyber Extortion and Cyber Crime (what many call social engineering). These were two of the fastest growing threats to commercial entities, nonprofits and municipalities in 2016 and are expected to surge in 2017. Cyber Insurance programs respond differently to these types of events, and the language in the policies for this coverage is very different from carrier to carrier.

​When dealing with coverage for both Cyber Extortion and Cyber Crime threats, be sure to first understand what event(s) trigger the coverage into response. Complement this knowledge with an understanding of the differences between these two types of crimes and what the potential financial impact may be.

Cyber Extortion

A Cyber Extortion event occurs when an intruder has gained unauthorized access to or use of one’s systems and infecting it with what is commonly known as Ransomware. Ransomware comes in varying forms, but with two main types: Computer Locker and Data Locker. Each presents a unique challenge, with Data Locker being the more sinister and serious of the types. Here are the characteristics unique to the Cyber Extortion crime:

1. ​The action is an overt action, known by the Insured, usually because of failing systems or networks, inability to access data, or by direct communication from the extortionist.
2. The extortionist will make a demand for a specified sum of money. This may be a flat fee to gain the encryption key, or it may be an escalating amount based on the sooner you pay, the less the amount is to gain the encryption key.
3. The financial impact from an extortion attack varies by size and by type of data ransomed, but many suggest that it remains under $1000 on the average per attack. But this is not the entire tale of a business’ financial impact. There is risk of data loss/restoration cost, business interruption expenses for lost productivity and employee salaries, and in some cases, third party lawsuits from individuals impacted by inability to process business with you during any interruption period. However, in most extortion events the cost is not bankrupting.

Cyber Crime

Cyber Crime is very different and it involves the fraudulent instruction of payment, the electronic theft of funds of the business, deceptive invoicing, and telecommunications fraud among other things. Cyber Crimes are committed through use of social engineering devices, such as phishing or whaling, outside hackers, or rogue employees. Some of these criminals’ methods have become very sophisticated and hard to discern, and as a result, huge financial losses by all sizes and types of entities have occurred.

​Cyber Crime is the most likely event any one commercial entity will experience. Training employees and implementing various written authorization and voice verification procedures relating to electronic funds transactions should be a priority. Most of all, understand the method and motive of the Cyber criminal vs. the exortionist above:

1. The action is a covert action. The cyber criminal goes undetected, committing their crimes disguised as you or your employee or your vendor while completing illegitimate business transactions in a Cyber Crime event.
2. The intent of the cyber criminal is to commit their crimes without your knowledge, rather than with your knowledge and with a specific demand for you to perform an action. Therefore, there is no direct communication or instruction to the Insured with a ransom or demand.
3. The financial loss to a business is usually substantial, and average in the tens of thousands of dollars. For some entities, it has meant financial ruin.

​Protect your customer by knowing the threats and how to transfer that risk. US Pro wants to help your customer get the best coverage for the best rate for their business. Send us your Cyber submission today, or enter the information shown on our web page to get your quote. Simply click HERE to enter that information.

The First and the Worst

Posted by on Jan 12, 2017 in Cyber Source | Comments Off on The First and the Worst

Cyber Liability – What You Must Know

“Understanding the First and the Worst”


The First

Cyber Liability Insurance is the first insurance that any business should buy. It is the only insurance that is more likely than not to pay for an event that is otherwise unrecoverable without insurance.

​Consider any commercial business and its insurance portfolio. The actual exposure to the risk of a covered event under a Property or General Liability policy is smaller, more frequent events. Under Cyber, the exposure to the frequency risk of an event is less, but the exposure to severity from that event is very real. In fact, 60% of all businesses will go out of business within 12 months following an event. Almost all of these will be uninsured businesses.

​Therefore, if an event was to occur, with no Cyber Insurance in place a business is more likely than not to shut its doors for good. This means that all the other money paid out for all of their insurance will become useless if they cannot sustain operations as a result of the financial loss.

​Another aspect of Cyber Insurance vs. other insurance policies that a typical business will buy is the probability of an event occurring. Many respected industry organizations as well as national intelligence agencies have repeatedly claimed that all business is at risk, and it’s not a matter of “if” but rather a matter of “when” it will occur.

​Buying Cyber Insurance FIRST ensures that a business’ viability is better protected against severity of loss in the face of the high probability of an event occurring.

The Worst

Another very important reason that buying Cyber Insurance should be the first is because the average Cyber claim is also the worst. The average Cyber event as of 2015 can cost a business $190,000+ in total expenses. This average, once calculated, is suspected to rise over $200,000 in 2016.

​Another problem with Cyber exposures is that more events are occurring on a small cost scale, primarily Business Interruption losses and ransom payment from Ransomware events. Ransoms in 2015 paid out were $20 million. This figure rose to more than $1 billion in 2016.

​Add to this the explosion of Cyber Crime losses to business impacted by hacking, social engineering, or other means of theft of monies and/or property. So many of these events are occurring, and since many businesses who are currently insured do not have this coverage included, the losses are uninsured. These financial losses average in the 10’s of thousands to a business.

What to Do?

5 years ago we could count maybe a dozen carriers writing Cyber Liability Insurance. Today, there are dozens of programs, including coverage packaged into the P&C program a business has in place.

​The first thing to do is to understand what Cyber Liability Insurance really is- Property and Liability coverage protecting the digital assets of an insured against what we refer to as “non-physical fires”. It is a comprehensive package policy.

Knowing this, a business should never package its Cyber Insurance with any other package policy, or with a Management Liability program. Only Technology E&O and Cyber should be packaged together. Also, when presenting Cyber Liability options to your customer, bigger is not necessarily better- broader is better.

​A common misconception is that a standard carrier or the largest insurers in America have better coverage since they are bigger companies. This is a false narrative. While there are many competitive forms out their today, standard market or otherwise, the broadest carriers are the boutique Cyber carriers who have been writing this line of business for almost a decade.

These carriers evolve their coverages as quickly as new exposures emerge, and they have proven risk response experience. Broader coverage in Cyber will be the difference between an uninsured or underinsured risk, and financial peace of mind.

​Send US Pro your Specialty Lines or Cyber Liability submission for a quote today at

Evil Ransomware is Lurking!

Posted by on Oct 27, 2016 in Cyber Source | Comments Off on Evil Ransomware is Lurking!

Trick or Treat?

Ransomware, a term which combines the words “ransom” and “software”, is a computer virus which prevents users from accessing their networks or computer systems until a ransom is paid. This kind of attack effectively relies on human error, and the network extortionists “trick” users into activating this malicious software.

Ransomware attacks, and others like it, have become rampant in 2016, and are expected to approach nearly 1 billion dollars in losses, according to the FBI. This is some very “scary” stuff and knowing what it is and how it happens can lessen the threat.

So here is how it works.

The virus itself is almost always embedded within an email, either as an HTML link or an attachment. Clicking on the embedded link or infected attachment will activate the virus. Once activated, all users are locked out of their machines, until such time as the ransom demand is paid. The virus encrypts the system’s data so that it is non-accessible. The information can then only be re-accessed using a private key that the criminals possess.

In order to pay the criminals, currency needs to be converted into the amount of ransom being sought, which is typically in the form of a Bitcoin. A Bitcoin is a digital currency that is highly used by Cyber criminals due to its ability to evade law enforcement.

In order to avoid such a “spooky” situation, make sure your customer takes these simple steps that can go a long way in keeping them safe this Halloween season and beyond:

1. Do not click on attachments from sources you do not know.
2. Do not click on suspicious or unusual attachments from sources you do know.
3. Never click on any link embedded in an email from sources you do not know.
4. Only click on a link embedded in an email from a source you know or if you are expecting it
5. Always use the mouse to roll over any link embedded in an email to verify its url source and credibility

Let US Pro “treat” you to America’s best Cyber, D&O, and Professional Liability programs! Simply send us your submission to today, and if you want to know a lot more about Cyber exposures, simply click on the Learn More link below. Don’t be “afraid”- it is a safe link!

Learn More