US Pro CLUE Blog

US Pro CLUE Blog

Cyber Liability Underwriting Exposures (CLUE) is a leading industry news source and information medium specifically developed by US Pro for its agency partners.

CLUE gets its information from many resources, including industry experts, underwriters, insurance publications, and multiple web-based articles to keep our customers current in the areas surrounding Cyber Liability Insurance programs.


Teenagers and the Cloud

Posted by on Oct 10, 2018 in Cyber Source | Comments Off on Teenagers and the Cloud

Cyber Liability Insurance is misunderstood, and as a result, it is not purchased by most commercial insureds.  However, it is the most important insurance a business can buy, and protects against the highest average per loss of any other insurance they can buy.

As I speak to industry groups, associations, and chambers of commerce across America, I often am told the same thing over and over again, no matter, the size or class of the organization, municipality, or business:  “we are in the cloud”.  Fantastic- there are a lot of angels here amongst us!

All jokes aside, the cloud offers some excellent conveniences to every day commercial insureds:

  • Modern, current, updated and effective virus protection, filters, and firewalls
  • Encryption of data
  • Storage Space
  • Ease of Access
  • Reduce overall IT costs

Having and doing business in the cloud is an essential part of most businesses today, and business is efficient and safe to do.  The reasons listed are excellent benefits of cloud-based services.  But like all things new these days, it comes with it a dangerous loophole that is very difficult to close.

Protecting our possessions is something we spend a lifetime doing.  We keep our purses and wallets secure.  We put our money into a bank.  We lock our car doors.  We close our windows and lock the doors in our house.  We make an everyday effort at keeping our “stuff” secure.

However, a locked door is only as good as those who lock the doors.  Being in the cloud is like having a teenager in the house.  You go to bed at night, and you lock up the house.  Your teenager is still out at work, or out with the friends, and comes home, parks the car in the garage, and leaves the garage door open all night long.

It’s an invitation for the neighborhood to come on over and take what you find.  The same is said of your own employees.  You have built your beautiful business on your employees, and each is a card.  Therefore, you have built a house of cards.  All it takes is for one card to fail and the entire house collapses around you.

If your business is in the cloud:

  • Be diligent to never give out your access information, user ids, passwords, or any other information needed to gain access to information stored into the cloud.
  • Discuss any requests for such information from people you trust and know, like the IT department employees, over the phone first.
  • Train employees to keep the garage door shut and do not click links they were not expecting and from people they do not know.

Simple changes to user behaviors will save a lot of aggravation, costs, and potential financial ruin down the road.

Human Error: The Primary Cause of Fire

Posted by on Oct 10, 2018 in Cyber Source | Comments Off on Human Error: The Primary Cause of Fire

Cyber Liability Insurance is misunderstood, and as a result, it is not purchased by most commercial insureds.  However, it is the most important insurance a business can buy, and protects against the highest average per loss of any other insurance they can buy.

Simply put, Cyber Liability Insurance is the FIRE INSURANCE of the FUTURE.  What does that really mean?  Let’s take a look at the 4 kinds of fires:

  • Commercial Structure Fire
  • Property Fire
  • Forest Fire
  • Cyber Fire

All of these fires share human error as the primary or secondary reason for the loss.  It is the intentional or unintentional negligence of you or your employees that is the biggest driver of claims within the Cyber fire, just as it is with the other types of fires.

Knowing that your employees account for over 80% of all claims, and 235 million phishing attacks occurred against US businesses in just the 3th quarter of 2017, understanding the risk and planning for the disaster becomes a real and present necessity.

Two immediate things can be done to help commercial insureds get ready for what may be coming their way:


Train your employees to use best practices when working online.  Use the ALWAYS, NEVER, SET rule.  Become a US Pro policyholder and gain access to training portals through your carrier and educational materials from US Pro.  Repeat training, and require it for all employees.  Keep training current and updated.


Changing the behavior patterns of people becomes easier when you educate them on the need for the changes, the threats they face together, and the potential impact of the threats to their business.  Employees who have a vested interest as educated consumers become better receivers of value added training.


Understanding Voluntary and Involuntary Parting

Posted by on Oct 10, 2018 in Cyber Source | Comments Off on Understanding Voluntary and Involuntary Parting

Cyber Liability policies today regularly include coverage for Cyber Crime events.  Many of these policies refer to this as social engineering or phishing coverage.  We call it Financial Fraud Loss, because it includes 3 elements in the coverage:

  1. Electronic funds transfer fraud ( the theft of money by electronic means)
  2. Involuntary parting
  3. Voluntary parting

Involuntary parting of money occurs when your financial institution is fraudulently instructed to transfer funds from your account(s) by a third party purporting to be you or your employee.

Voluntary parting of money occurs when your financial institution is instructed by you or your employee to transfer money, or you or your employee are instructed to transfer, pay or deliver money or property to a third party, because of a fraudulent instruction from a third party purporting to be your employee, customer or vendor.

The difference between involuntary parting and voluntary parting is that you intentional part with the goods and services.  There are many Cyber policies in 2018 that still do not cover these scenarios, and voluntary parting of money is much easier for a criminal to accomplish.  It is very easy to pretend to be one’s employee, customer or vendor and vigilance is needed to detect these phishing and other social engineering scams.

Consider that 62% of all Cyber Crime claims come from phishing to the tune of $97,000 per event.  It is estimated that 90% of all phishing claims arise from VOLUNTARY parting.  Be aware.

In order to mitigate the occurrence of these events, as well as the potential size of loss if they do occur, work in the extremes and follow these 3 steps:

  • ALWAYS be suspicious. If it doesn’t look right, it isn’t.  If it is unusual, then it is not usual.  It is better to be safe than to be sorry.  When it comes to a phishing loss, it is better to offend than to defend.  Pick up the phone for any big order or request for payment or transfer to verify authenticity.
  • NEVER open up an attachment or click on a link from ANYONE you do not know. You do not know Amazon.  You only buy from Amazon.  If they send you a link or attachment you did not ask for, delete it and move on to live another day.  If you use rule #1 correctly, rule #2 is automatic.
  • SET a maximum limit of funds that can be transferred electronically or paid by check without dual authorization. What is your pain threshold?  Also, SET a limit on either the value of property/goods that can be shipped or sold without some kind of additional authorization.

There are numerous other best practices that can be adopted company-wide to make your employees better digital users.  But if you do nothing else, be sure to ALWAYS, NEVER and SET.

2018 Experian Data Breach Industry Forecast: It will SHOCK You!

Posted by on Mar 14, 2018 in Cyber Source | Comments Off on 2018 Experian Data Breach Industry Forecast: It will SHOCK You!

An excellent resource available to anyone interested in Cyber security and insurance, the annual forecast that Experian does is highly recognized in our industry.  We had a chance to review Experian’s annual Data Breach Industry Forecast for 2018.  It was shocking.  Seriously.  Here are the top 5 key points as seen through the eyes of our President, Kevin Sneed:

  1. Operating in the digital world in 2018 with no disaster plan in place may be fatal for any size of business.  Effective Cyber Insurance is at the top of that plan.  Risk avoidance is impossible, and event probability is almost certain.  Therefore, risk transfer is an absolute.
  2. Remember 5/25/18.  This is a date that will live in Cyber Infamy.
  3. The line between Cyber threat and physical threat is now thin ice.
  4. More intelligence creates sophisticated attacks easier and faster.
  5. Small business risks death.

Over the next couple of weeks, the blog will be updated to dive into each one of these take away themes.  Make no mistake, everything in the report confirms what we have been saying at the ground battle level about Cyber Liability.  The risk is getting much bigger, not smaller.  The bad guys are winning the war right now- we implement security in reaction to threat.  Most of American small business’ still do not buy effective Cyber Insurance, yet, the transfer of risk is one of the only effective weapons when under attack.

US Pro is working to change this dynamic.  We are working to help America’s small business understand what they are facing.  We are teaching America’s retail agencies how to understand Cyber risk by industry class.   We are “America’s Cyber Insurance Experts”, and we are working for you.

For access to a copy of Experian’s report, please visit their website directly to get your copy.  We highly recommend this as a resource.


National Cyber Security Awareness Month: Week 5

Posted by on Dec 4, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 5

Week 5: October 30-31 Theme: Protecting Critical Infrastructure from Cyber Threats

The best site I could find that dealt with the theme for Week 5 is Bluefin, and their recommendations is spot on.  A full reproduction of their article posted on their site October 31, 2017 follows:

(Reproduction of original document written by and posted on the Bluefin blog)



National Cyber Security Awareness Month: Week 4

Posted by on Dec 4, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 4

Week 4: October 23-27 Theme: The Internet Wants You: Consider a Career in Cybersecurity

According to the official position of the DHS on this week’s topic:

“According to a study by the Center for Cyber Safety and Education, by 2022, there will be a shortage of 1.8 million information security workers.  It is critical that today’s students graduate ready to enter the workforce to fill the vast number of available cybersecurity positions.  Students and other job seekers are encouraged to explore cybersecurity careers.”

There is a blog that we found that talks at length about how to explore such a career.  The blog is found at White Hat Security and was written by Jeannie Warner in September of 2017.  You can link directly to this by clicking the link:

A summary of the key takeaway points from the article:

#1- Decide where in the cybersecurity rainbow your interests fit

#2- Keywords are important to communicate

#3- Know someone

#4- Don’t get discouraged

#5- Be passionate

Look for more useful information in next week’s review of Week 5 of Cyber Security Awareness Month.

National Cyber Security Awareness Month: Week 3

Posted by on Dec 4, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 3

Week 3: October 16-20 Theme: Today’s Predictions for Tomorrow’s Internet

By now most of us have heard of the Internet of Things, known as the IoT.  Week 3 reminds us that our personal information is the fuel that makes our smart devices work.  In order to reap the benefits of these devices we must do so in an environment that uses our best practices in digital safety.

Everything we use today is seemingly smart.  TV’s, refrigerators, backup sump pumps, garage doors, video monitoring systems, and just about everything else in your home these days is smart.  You are in a smart home.  With a smart car.  In a smart city.  Everything is interconnected, analyzed, and computed.  The internet of today is a glimpse of the technology of tomorrow, and getting ahead of the security curve now is as important as the technologies themselves.

We came across an excellent white paper that was put together by the IEEE Internet Initiative.  The link for the full paper is:

The white paper frames the problem in an excellent and understandable way:



Some manufacturers have produced and sold IoT devices that do not include sufficient security features. This has resulted in serious harm, both economic and otherwise, to specific parties and to the general public. A recent example of this include the DVRs and IP cameras now recalled by XiongMai Technologies [1]. As IoT devices proliferate, unless some action is taken to secure these devices, harm caused in the future may be even more severe.

Corporate and individual consumers of IoT devices may not currently possess the technical expertise to evaluate the cost/benefit of purchasing perhaps more expensive properly secured devices. Further, if the dangers presented by the devices affect only parties other than the seller or purchaser of the devices, then there may be no financial incentive for seller or purchaser to worry about device security.


In their statement above, the latter statement is where the gap is created.  This lack of “technical expertise: they speak of goes overlooked, and creates a vulnerability gap each time it is done for each device.Fortunately, the white paper also provides useful practices that can be implemented to help mitigate these vulnerability gaps.  They have grouped them under two best practices:

Protect Your Devices

Protects Your Networks

We recommend a full and complete reading of these tools to help your organization stay protected in this ever-changing digital world.

Look for more useful information in next week’s review of Week 4 of Cyber Security Awareness Month.

National Cyber Security Awareness Month: Week 2

Posted by on Oct 18, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 2

Week 2: October 9-13 Theme: Cybersecurity in the Workplace is Everyone’s Business

Creating a culture of cybersecurity is critical for all organizations-  large and small businesses, schools, nonprofits, and government agencies – and must be a shared responsibility among all employees.  One of the most alarming statistics in Cyber insurance is that 80% of all events are caused by one’s own employees.  Week 2 will showcase how organizations can protect against the most common cyber threats.

Small businesses, schools, nonprofits, and government agencies are most at risk with the expected lack of resources, either physically or financially, to combat the risk like large corporations can.  Since there are multiple threats they face, they must focus their efforts towards mitigating the top threats likely to cause them the most harm.

These threats are as follows:

  • Ransomware events
  • Cyber Crime losses
  • Business interruption expenses

Here are some basic tips designed to help your clients reduce their risk to the occurrence of these events, and are only a few of several actions which can be implemented.



Since most Ransomware events occur due to unintentional employee negligence, some good advice for IT personnel to consider is following these tips:

  • Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.
  • Keep all software up to date, including operating systems and applications.
  • Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
  • Back up all information to a secure, offsite location.
  • Segment your network: Don’t place all data on one file share accessed by everyone in the company.



How do you try to avoid becoming a victim of a phishing attack?

There is a lot of valuable information on this topic, and implementing procedures and processes that can do a great job of mitigating the exposure points costs no money.  However, implementation is only successful if practiced properly.

Here are a few simple things to always remember:

  • Avoid clicking on links unless they were specifically requested. If you want to click a link you received, open up a new email and write the person back in a new message and ask if they sent the link.
  • Set a limit on the amount of money that can be electronically transferred.
  • Never open up any kind of attachment from sources you do not know.
  • Any message that requests for you to disclose any piece of personal information is suspicious. Never give out any personal information in response to a request for such.



Most businesses do not compute the cost of business interruption into other events that occur to their organizations.  They often do not correlate the down time expense with the event causing the down time. There are three costs associated with the non-physical business interruption event, regardless of the cause of the interruption:

  • Income loss– These are the dollars you lose because the website does not work, the widgets are not being made, the service is not being performed, etc.
  • Interruption expenses– These are the static costs of operating business that still must be paid during an interruption, such as employee costs, lights, rent, and so forth.
  • Extra expenses– These are the costs you incur to set up new systems to operate during the interruption, or costs to hire extra employees to enter data, etc.

The best defense against experiencing prolonged BI expenses is to have a disaster recovery plan in place, which is continuously reviewed and updated.  Elements of the disaster recovery plan should include at least these areas of focus:

Backups– The best defense against data recovery trouble is to have proper backup procedures in place.  Two important notes regarding data backups:

  • Protect your cloud Office 365 – This suite deserves unique mention because it is so widely adopted, with an estimated 50,000 small businesses added each month. Microsoft does permanent removal of deleted files after 14 days, generally before someone realizes that they deleted something they need again, and recovery within that 14-day window can take days. This means that O365 users need to setup their own backup system. The best tools offer self-service recovery capabilities for quick restores.
  • Ransomware resistant – Ransomware developers target Windows servers because of their large numbers. This is especially true among SMBs companies, as they specifically target those least likely to have good defenses. To keep from being a victim, backup appliances should be Linux-based, and ransomware resistant.

Disaster Recovery Processes- Disaster Recovery-as-a-Service, (DRaaS) is the ability to recover application and business performance on remote infrastructure after cyber-attacks, accidents, or natural disasters. This capability includes not just data storage but system settings pre-positioned to be deployed in the event of a disaster declaration. This capability can occur in remote corporate locations or in a public cloud.

Implement these DR Best Practices:

  • Automatic -Implementing disaster recovery should not depend on someone manually starting recovery, especially if they are from potentially failed servers. After you lose your servers, your DRaaS provider should be able to spin up your remote infrastructure in minutes.
  • Service Level Agreements (SLA) – It is important to have an SLA with your DR supplier. Not only does this give leverage to demand quick action, it is also a sign that the supplier is confident to offer compensation if they do not meet their standards.
  • Testing– While we all hope that we will never need our disaster recovery tools, hope is not a strategy. IT needs to ensure that if a disaster is declared, systems will work as planned. In fact, many federal and industry regulations such as HIPAA and SOX mandate regular testing to ensure compliance. Written proof of test results is common. However; superior testing should actually simulate the DR process up to, but just before applications are deployed.

A lot more information on these subject is available and credited to the article found at this link:

Look for more useful information in next week’s review of Week 3 of Cyber Security Awareness Month.

National Cyber Security Awareness Month: Week 1

Posted by on Oct 9, 2017 in Cyber Source | Comments Off on National Cyber Security Awareness Month: Week 1

Cyber Security Awareness Month:  Week 1 is Simple Steps to Online Safety- What Can You Do?

Per the DHS, all members of the public can take some simple actions to protect themselves online and to recover in the event a cyber incident occurs.  In Week 1 will address the top consumer cybersecurity concerns, provide simple steps to protect against these concerns, and help the public understand what to do if they fall victim to cyber crime.

Today US Pro recommends some basic behaviors that can go a long way towards mitigating these online cyber security threats:

Encrypt your data:  Encryption is a safe harbor in almost every privacy regulation.  Using either Symmetric or Asymmetric encryption offers you a maximum layer of security against data theft.

Continuing education:  Employees are the largest threat to a commercial business.  As much as 80% of events are caused by unintentional employee negligence.  Continuous education and training of your employees on current threats should be implemented.

Some topics that should be included in this training are:

  1. Avoiding improper disposal by limiting the task to a position duty rather than allowing everyone to dispose unsupervised.
  2. Double check before hitting send to confirm that the information being sent is being sent to the right person and contains the right information.
  3. Avoid the clicking of links embedded in emails, even when the emails are from sources you trust.
  4. Learn to identify phishing scams.

Become Phishermen:  Social engineering is the tactic used by an individual to deceive or trick another individual into disclosing personal information they would not otherwise disclose.  The most common form is to mimic your bank and ask for you to click on a link and log into your account as a security test.  These are known as phishing scams.

Phishing is the leading cause of unauthorized access to or use of computer systems, and has evolved into a more sophistical technique known as Spear Phishing.  To minimize the threat of an event arising from a Phishing act, the very best policy is to become phishing experts, or Phishermen.  Consider these tips in addition to many others we advocate:

  • If you must click on embedded links, then verify embedded link integrity.  Hover your mouse over the link and the actual URL should be displayed.   If it differs from what is written on the link, it is suspicious.
  • Beware of child domains.  A child domain is when a URL is created using what appears to be a valid domain followed by the bad domain.   Most users will never notice it.
  • Failed the English test.  Any message filled with grammar, punctuation or spelling mistakes is likely suspicious.  Most companies sending out corporate emails proofread and spellcheck first.

There are many other different mechanisms that can be engrained into the daily corporate lives of employees that will serve to mitigate the risks against commercial business.  These 3 tips are a good “Simple Start” towards having better online behavior patterns and getting on the road to improving your Cyber risk health assessment.

Look for our article during the theme for Week 2: Cyber Security in the Workplace is Everybody’s Business.  We will give an in depth explanation of what a non-physical fire is and why they are so much more destructive to a business than the standard property fire.


Cyber Insurance Evolution

Posted by on Sep 21, 2017 in Cyber Source | Comments Off on Cyber Insurance Evolution

Contingent BI Coverage and more…

2017 is a fascinating year so far for Cyber Insurance. As fast as new carrier programs enter the Cyber marketplace, Cyber exposures evolve putting them behind the curve. Cyber Liability exposures manifest themselves in new ways every day, and as America’s Cyber Insurance Experts, US Pro is at the forefront of its evolution.

Today we want to bring you up to speed on the newest Cyber threats, and how these are being addressed by one of our leading carriers.

The Internet of Things (IoT)

The IoT can be summarily defined as any device that is connected to and transmits data through the internet. This connectivity without security presents a variety of vulnerability gaps that may result in a security breach. Such a breach may allow users to gain access to important and even vital network resources, giving them control over the victim. This can be especially problematic for the healthcare industry, manufacturing sector, and many others who rely on network-based systems for their daily operations.

Many of today’s Cyber policies exclude Bodily Injury claims. Extending this coverage for such claims when they arise directly from a security breach or privacy compromise is important in this evolving frontier. This Contingent BI Coverage is important and exciting and the next chapter unfolding in the book of Cyber Insurance.

Look for even more exciting new coverages from US Pro as we are committed to remaining at the forefront of this coverage and America’s Cyber Insurance Experts!!