Cyber incidents cannot only create immediate harm to your business, but also damage your credibility and financial stability for some time after the incident. It is extremely important that your business has a cyber incident response plan prepared so you can mitigate loss. Click on the image to download or print the safety sheet.

Since the pandemic, many businesses have allowed their workers to work remotely or hybrid. However, there is a disconnect between employers and employees on their productivity at home. Click on the image to download or print the tip sheet for steps employers can take to combat what is now known as “productivity paranoia”

When you’re insuring your business, you want to tailor the protection to the specific risks. It’s important that your property is valued correctly so you get enough coverage. According to industry data, about 75% of commercial properties are underinsured by a significant amount. Click on the image to download or print the information sheet.

As a business owner, you’re constantly working to ensure every part of your business is running smoothly. It’s a good idea to get a business owners policy (BOP) to cover the parts of your business you don’t have control over. Click on the image to download or print the information sheet.

The quality of the indoor air in your business can affect the health and comfort of your employees. The Environmental Protection Agency has discovered that improved air quality in businesses can increase the productivity of their employees. Click on the image to download or print the safety sheet.

Cyber incidents have become increasingly more common, and no business is immune to attacks. With the variety of threats your company can face, you may not know where to start when it comes to cyber protection. Click on the image to download or print the safety sheet for practical measures you can implement to secure your business.

While it may be tempting to leave the complex, mysterious world of cybersecurity to “the experts,” business leaders cannot fall back on that handy escape hatch any longer. They need to be aware and involved, even to the point of elevating cyber reporting to the CEO directly. According to the federal Cybersecurity and Infrastructure Security Agency*, here are some practical steps that leaders would be wise to follow:

CEOs should ask the following questions about potential cybersecurity threats:

• How could cybersecurity threats affect the different functions of my business, including areas such as supply chain, public relations, finance, and human resources?
• What type of critical information could be lost (e.g., trade secrets, customer data, research, personally identifiable information)?
• How can my business create long-term resiliency to minimize our cybersecurity risks?
• What kind of cyber threat information sharing does my business participate in? With whom does my business exchange this information?
• What type of information sharing practices could my business adopt that would help foster community among the different cybersecurity groups where my business is a member?

What can CEOs do to mitigate cybersecurity threats?

• Elevate cybersecurity risk management discussions to the company CEO and the leadership team. Executives should construct policy from the top down to ensure everyone is empowered to perform tasks related to reducing cybersecurity risk.
• Implement industry standards and best practices rather than relying solely on compliance standards or certifications. Compliance standards and regulations (Federal Information Security Modernization Act) provide guidance on minimal requirements. Businesses should strive to go beyond the minimum, however.
• Evaluate and manage organization-specific cybersecurity risks. Ask the questions necessary to understand your security planning, operations, and security-related goals.
• Ensure cybersecurity risk metrics are meaningful and measurable. For example, reducing the days it takes to patch a vulnerability to directly limit risk to the organization.
• Develop and exercise cybersecurity plans and procedures for incident response, business continuity, and disaster recovery. It is critical that organizations test their incident response plans across the whole organization, not just in the IT environment.
• Retain a quality workforce. It is important to have people who can identify the proper tools for your organization, since new cybersecurity threats are constantly appearing.
• Maintain situational awareness of cybersecurity threats. Subscribe to notifications on emerging cybersecurity threats (e.g., National Cyber Awareness System products, MITRE Common Vulnerability Exposures, CERT Coordination Center Vulnerability Notes) and subscribe to the Homeland Information Sharing Network.

Of course, making sure your cybersecurity insurance coverage is sufficient and current remains vitally important, as well. The professionals at Evergreen Insurance can help.

* https://www.cisa.gov/tips/st18-007

Copyright 2023 Evergreen Insurance

Evergreen Insurance provides these updates for information only, and does not provide legal advice. To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Automobile insurance is very important when you own a business, so you can protect your company and the employees who use the vehicles. Check to make sure your policy includes personal injury protection coverage. This coverage pays for expenses due to an accident, no matter who is at fault. Click on the image to download or print the sheet for more information.

With the start of 2023, it’s a good time to analyze where your business is and how you can refresh it. What are some changes you can make that will help you and your business start off right this new year? Click on the image to download or print the checklist.