Nikki Johnson No Comments

Cyber Risks & Liabilities

By:  Dan Reith  BA(Hons) CAIB
       Principal Broker
       Reith & Associates Insurance and Financial Services Limited

Do You Have Adequate Cyber Insurance?

Given the number of variables, picking a cyber insurance policy can be a difficult task. Furthermore, while an organization may think it is protected by its current policy, new developments in cyber security and ventures by the organization itself may make those policies inadequate. Worst still, most, over 80% of Canadian small-medium enterprises fail to carry cyber insurance. Consider the following when creating or reviewing your existing cyber insurance plan.

Assess Your Unique Cyber Risks

Such as with any other liability policy, it’s important to understand the specifics of your cyber risks before picking a cyber liability policy. There is no one-size-fits-all, so asses your business needs to understand the best cyber insurance for you.

The following factors are some examples of what defines your organization’s distinct cyber risks:

  • The type of data your organization stores
  • How and what type of data is shared with business partners
  • Types of communication systems used and their level of security

Know What Policies Are Available and What They Cover

Cyber insurance policies may vary significantly due to the absence of market standardization. While most policies provide first-party and third-party coverage, the details of what is covered can vary across policies. First-party coverage typically includes data breach response costs and business interruption costs that result from network failures, data breaches or ransomware attacks. Third-party coverage typically includes coverage for the costs associated with responding to regulatory investigations and indemnification for regulatory fines or penalties. Take a close look at the terms and coverage offered in each policy for what most closely aligns with your unique cyber risks.

Know Your Responsibilities

Closely examine your selected plan to know your responsibilities, such as who to notify if there has been a breach. For example, a data breach that has been recently discovered might have, in fact, been compromised for years, requiring a retroactive cyber insurance plan. Understanding these requirements and what needs to be reported can be the difference between being covered and not being covered at all. Work these requirements into your organization’s incident response plan to ensure they are followed.

The Atypical Devices That May Be Vulnerable to Cyber Attacks

Increasingly more non-computing devices, such as equipment sensors, industrial control systems and teleconferencing equipment are being connected to global computer networks. Unfortunately, many of these devices are typically not held up to the same cyber security standards, therefore adding an additional vulnerability through which cyber criminals may be able to gain access to your organization’s valuable data or manipulate critical systems.

The Internet of Things

The internet of things (IoT) refers to the connection of web-enabled devices that are connected to each other in a network to exchange information. While this provides many benefits, such as reducing the need to input the same data into multiple systems and gathering data from different sources to be analyzed and used in a centralized location, there are risks associated with it.

For example, if a single device is compromised in a cyber attack, the data from all connected devices and even the devices themselves could be compromised. As such, all it takes for an outsider to gain access to sensitive information is to identify the device with the weakest cyber security that also has access to the network.

Securing IoT Devices

When looking to purchase and connect new devices to the IoT, ensure that there are plans and policies in place to minimize the chances of a cyber threat against those devices. Conduct a sweep of your organization to identify electronic devices and determine if each one is connected to a network that could be exposed to a cyber event, as well as what kind of data those devices are sending and receiving. Keep in mind that even seemingly mundane systems or devices such as heating, ventilation and air conditioning units could be running basic computer operating systems with the potential to connect to the internet. Track these devices by creating an asset map that lists the connected devices.

From here, you can start planning how to secure the devices that pose the largest threat of cyber exposure. Segment the network so that not every device provides access to the entire system, check for security updates or patches where possible and reach out to the device’s manufacturer for information if necessary. Restrict personal IoT devices to a separate network (like a guest Wi-Fi), update all default passwords on connected devices, use two-factor authentication and ensure that data generated by IoT devices is encrypted.

When looing for a provider of cyber insurance, don’t settle for just any provider.  Interview them, and ensure their knowledge of the product and of your unique exposure is sufficient to ensure you the protection your business requires.

Nikki Johnson No Comments

Crime Prevention Tips During COVID-19 Shutdown – Making your business less of a target

If it isn’t bad enough, that the Covid-19 pandemic has caused many small businesses to close their doors, our local police services report of a significant spike in calls for break and enters, property theft and vandalism to business properties. 
If your business has been forced to close, here are some key crime prevention steps you can take to be less of a target:

  • Remove all valuables from storefront displays to reduce smash-and-grab thefts
  • Remove all valuables such as cash from the till and leave it open. Place the empty cash tray in plain view on the counter to signal there’s no money in the till
  • Remove signage from front windows so police can see the inside unobstructed during patrols
  • Remove any items of value away from window displays, place in the back of the store so they are not visible 
  • Consider installing an alarm monitoring system. If you already have one, ensure the contact list is up-to-date, responders are aware of their duties and process should they get a call, and it is activated when the building is not occupied
  • Consider installing a surveillance camera system that can be monitored online by owner/management
  • Clearly post signage on the door/window to indicate that the premises are monitored by an alarm company; that no money is kept on the premises and contact information for police and the business owner in case a member of the public sees damage to the property or suspicious activity
  • If the premises are closed for an extended period of time clean all glass surfaces and create a tracking log of when cleaning was completed. This may help investigators with suspect fingerprints in the event of a break-in
  • Consider applying a laminate on all windows and glass doors to prevent the glass from being broken from blunt force thereby preventing entry during attempted break-in
  • Install latch guards on doors to protect against prying including on secondary doors such as employee and loading entrances
  • Keep some lighting on inside for surveillance opportunities during the evening
  • Ensure all doors are properly secured and regularly check all exterior lighting is functioning
  • Remove material around the exterior of the property that may be used to gain entry
  • Check on your business daily, both in and out, at different times each day and report any suspicious activity to your local police as soon as possible 
  • Prevent and reduce the opportunity for crime to occur.  Be a good business neighbour, when checking on your property, check on neighbours’ property too
  • For more info http://www.stps.on.ca/crime-prevention-tips-for-business-owners/

Taking these steps will make your business less of a target and will ensure you meet the requirements of your insurance policy.  Our team is available to assist with any questions or concerns you may have about your coverage during a shut-down. We welcome your call or email inquiry. Stay safe, stay healthy.

Nikki Johnson No Comments

Your Insurance and the Covid-19 Pandemic

By:  Dan Reith BA(Hons) CAIB
President/Principal Broker
Reith & Associates Insurance and Financial Services Limited

We are in the midst of an unprecedented situation in Canada and around the world.  COVID-19 is impacting all segments of our economy creating challenges never, before experienced.  Let us help you better understand the reality of your insurance and the Covid-19 pandemic.

Personal Insurance

There is no coverage under any personal insurance, home, auto or critical illness, that provides protection or indemnification against any financial loss as a result of a viral pandemic–Covid-19. 

Business Insurance

There is no coverage, under the standard commercial property policy, for any loss or cessation of business income as a result of a temporary business shutdown and/or closure caused by a viral pandemic. Simply because a viral pandemic is not an insured peril.  A property and liability policy insures the physical premises and therefore the insured peril must damage the premise preventing the business from operating. Pandemics do not negatively impact the premise.  It is important to understand that:

  1. Not all standard commercial insurance policies carry business interruption or income replacement.
  2. Policies that do carry business interruption, have a standard language in the contract that requires a “trigger” being an insured peril to cause damage to the premises of the business and/or a contributing or recipient property, in order to render the premises unusable and therefore the business unable to generate revenue.  This causes the policy to respond and the quantifiable loss is insured and replaced in accordance with the settlement option of the policy.  In the case of a viral pandemic, Covid-19, there is no damage to the business premise, by an insured peril, therefore, there is no physical reason for the business to cease operations or stop generating revenue and therefore, the coverage is not triggered.
  3. Where a policy contains business interruption, it typically carries an extension that provides for cases where a business is shut down by what is termed “civil authority”—an order, by a government body, not to access a property.  Again, however, the trigger is a physical loss to the premise and/or adjoining or neighbouring premise by an insured peril. In the case of Covid-19, the government order to close one’s business is effectively an arbitrary decision based on public health policy, not the cause of a real physical loss or damage to the business premises making it unsafe to access or occupy. Thus, the civil authority extension does not apply.

There are certain exceptions, to the norm, where certain industries can purchase secondary pandemic coverage; but this is restricted to niche industry classes such as healthcare and food processing because in these limited classes the loss can be isolated and quantified.  In the broad sense, as we are encountering today, such business interruption losses are not isolated, limited or controllable with reasonable certainty; therefore, not quantifiable.

Here are some common Q & A’s we have been fielding:

I pay my premiums monthly, what happens if I don’t have the money to pay my premium.

If your income, business and/or personal, is compromised in any way, and there is a likelihood you will not be able to make your premium payment call us immediately!  Generally speaking; most insurers are waiving NSF charges and not cancelling policies for non-payment in the first month.  Beyond that, insurers are willing to review and negotiate on a case by case basis.  Be proactive we are here to a find a solution that works best for you. Note, that while your insurer may be waiving NSF fees, that does not mean your bank is.  That is a conversation you need to have with your bank. 

What happens to my coverage if my business is shut down?

There is no change in coverage during the government mandated shut down.  That said, you must continue to maintain any warranty’s and or requirements your policy may have, i.e. alarms activated when building not occupied, heating on during heating season, building attended at least once every 72 hours.  Contact us so we can review your specific requirements to ensure compliance, we don’t want any surprises should you have a claim during this period of uncertainty.

Can I reduce coverage during shutdown?

Ultimately, you can make a change to coverage at any time.  In practical terms, any changes made need reflect the actual circumstances of your operational changes during the pandemic.  It is best to speak directly with your insurance provider to review operations to best determine what is right for you.

I/we are not working, currently laid off, what can we do to reduce our insurance costs?

That depends on your personal circumstances, needs and expectations in the event of a loss.  Call us, we will review your current coverage and find a solution to bring down your premium as best we can without placing you in jeopardy.  Note, changing insurance companies for a lower premium will STILL cause an early policy cancellation penalty if we make the change before renewal.  Insurance companies, at present, are not waiving early cancellation penalties, rather working with policyholders to make premium payment manageable.    

 I am laid off, I can get a job doing food delivery, am I insured?

No, if your current policy provides coverage for you to drive to and from work you are NOT insured to be a delivery service.  If you do this, call our office, to learn what the additional premium cost will be, it may not make sense.  If you do not, and you are in an accident while in the course of delivering food and/or other goods your insurer can deny the claim, both the repair/replacement of your car and/or liability if you are sued for injury to a third party.*

*some statutory coverage may apply speak to your broker for full details.   

To assist our customers and to keep our business going, we are now offering delivery service.  Are we insured?

Offering delivery is a great way to respond to customer demand; for some a great business decision, however, if you are using vehicles NOT insured as delivery vehicles, then there may not be coverage if a claim is filed as a result of a loss from delivering goods to a customer.  If your employees are using their personal vehicles to deliver to customers there is NO coverage for them unless their vehicle is rated, and a premium is paid for delivery purpose.  Speak to us before you make this operational change and/or offer a new delivery service to your customers; and do not require your employees to use their personal vehicles.  Reduce your liability exposure, partner with a professional delivery service instead.          

Will insurance companies honour claims during this period?

All insurers claim departments remain ready to respond.  Their claims representatives will be working in accordance with current protocols for personal and community safety and that may mean a delay in the settlement process, but it is business at usual at the present time.

We trust this information will assist to help you work through the current pandemic.  If you have any questions, or concerns about coverage during this uncertain period, we are here for you, we want to provide the right solutions for where you are today.  Let’s work through this together.  That is what we are here for. 

We look forward to hearing from you.

Nikki Johnson No Comments

Railway City Live!

We welcome you to join us at what promises to be an amazing series of original local talent. If you enjoy original performances by rising new talent this is the place to be!

The next scheduled evening is Friday June 5th, performances start at 7:00 pm at Streamliners Expresso Bar, 767 Talbot Street, St. Thomas.

Reith and Associates is proud to be producing, in collaboration with Rogers TV, and sponsoring  Railway City Live hosted by Streamliners Espresso Bar, St. Thomas, throughout 2020.  These evenings, led by local music talent, Jeff Butler, will be recorded and aired on Rogers TV 13 and streamed through the Rogers TV web site.

Railway City Live is an evening intended to provide local music and art talents a platform to perform their original songs, music, poetry and artistic talent to the public.  Performance registration is open to anyone.  The first session is fully subscribed but there are performance slots available in the future dates:  June 5, September 5 and December 4.

Consider joining us at this fun event filled with live original performances and don’t forget to tell your friends about it!

Nikki Johnson No Comments

Business Risk Advisory for 2020

By:  Dan Reith  BA(Hons) CAIB
President/Principal

Biggest Risks to Watch in 2020

The most relevant risks to Canadian businesses are constantly in flux. Only by observing trends and planning appropriately is it possible to reduce these risks and prevent being caught unprepared. According to experts, the following are the biggest risks for Canadian businesses to watch out for in 2020. 

Data Protection

The number of reported cyber threats targeting data, such as ransomware, continues to rise, indicating an increased need for data protection and privacy. This risk is further underscored by the growing amount of data being collected and number of devices being connected to each other, each representing a new potential avenue to exploit.

Third-party Liability

Risks increase as organizations become more interconnected, sharing data, systems and technology. Organizations need to not only worry about their own security and risk management, but also about every other organization that they share resources with, as each one represents a new potential vulnerability for cyber attacks. In fact, 24 per cent of ransomware incidents reported in the third quarter of 2019 were caused by a vendor or managed service provider.

Reputation

Employees, business partners, stakeholders, consumers and the public are increasingly holding organizations accountable for unacceptable behaviour or conduct. High-profile cyber breaches and social movements such as #MeToo have shown that damaging news travels faster than ever through major media and social network channels. Organizations must closely examine and refine their approach to dealing with risks, and emphasize crisis and contingency planning.

Benefits of Mental Health Days

Mental health is an increasingly popular subject these days, with many studies and organizations drawing attention to the fact that mental health issues are more prevalent and harmful than was previously believed. In many ways, mental health is just as important as physical health in that it has a significant effect on one’s ability to perform to the best of their abilities while at the workplace.

As such, it’s important for organizations to recognize the importance of mental health in the workplace, and adjust policies and expectations accordingly. This can be done through offering greater flexibility in the workplace, such as by offering flexible hours, the ability to work from home and greater autonomy. Additionally, it’s also important to encourage employees to take mental health days if they are feeling mentally burdened.

While there is no need to create a separate form of time off specifically for mental health days, being candid with employees about the importance of their mental health and highlighting the ability to take time off or adjust hours worked to focus on mental health can go a long way toward improving morale, employee satisfaction and productivity.

To help encourage the use of time off for mental health at your organization, consider adopting the following practices:

  • Encourage conversations about mental health—Speak candidly to your employees about the topic, underscoring the fact that you understand and support decisions made in the interest of maintaining or improving mental health. Provide resources and education about mental health to increase awareness and communicate any related policy changes to employees.
  • Adopt a policy of confidentiality—Employees may not feel comfortable disclosing the use or purpose of a mental health day, whether it’s a full day off to rest or a few hours off to see a therapist. Make it known that requests for mental health days will not need a stated reason for approval.
  • Follow up after time off—While respecting their privacy, check in with employees after they have taken time off to find out if they are doing alright and if they require any additional support on your end, such as a temporarily lighter workload.

Your group benefits provider can provide a number of tools to assist in tracking these sorts of issues to ensure you a healthy and productive workplace.

Nikki Johnson No Comments

“How are we going to afford Post-Secondary School for our Children?”

By: Darren Reith, BA, RIB(Ont), CHS, RCIS, RFC
Director/Partner – Financial
Services

As an advisor, I hear this question regularly. At this time of year as your teenager is finishing first semester and thinking about September, the panic may begin to set in, and the dollar figures become clearer. With the high cost of post-secondary education, many parents, grandparents and other family members and friends recognize the need to save for education well before the expenses become a reality. That’s why the Registered Education Savings Plan (RESP) is such a popular saving vehicle.

What is an RESP?

An RESP is a tax-deferred savings plan designed to allow you (the subscriber or contributor) to save for a beneficiary’s post-secondary education. All the interest, dividends, capital gains and government incentives in the plan grow on a tax deferred basis. Depending on the type of plan you choose, you can name one or more beneficiaries on the plan and make contributions for their benefit. Contributions to an RESP are not tax-deductible.

An RESP is an investment option sponsored by the Canadian government that helps individuals save for their child’s, grandchild’s, niece’s, nephew’s and similar beneficiary’s post-secondary education. Plan subscribers—those that open an RESP and make contributions into it—designate a beneficiary who can then use the funds to cover expenses related to apprenticeships, trade schools, colleges and universities. Subscribers can enrol in RESPs simply by opening an account with a financial institution.

In addition, RESPs have the following benefits;

  • RESPs are flexible, and anyone can open an account for a beneficiary. There are two basic types of RESPs—family and individual plans. The major difference between the two is that, with family plans, subscribers can name more than one beneficiary and funds do not need to be shared equally.
  • The first $2,500 you contribute each year gets a 20 per cent matching contribution from the federal government using what’s called a Canada Education Savings Grant (CESG). Under CESGs, beneficiaries are entitled to $7,200 of government contributions.
  • Subscribers can contribute any amount to an RESP. However, there is typically a lifetime contribution limit of $50,000 per beneficiary.
  • RESPs allow subscribers to get an early start on saving for their beneficiary’s education expenses. In fact, RESPs can be opened as soon as the beneficiary has a social insurance number.
  • Subscribers don’t pay taxes on contributions until the money is taken out. Account holders can make lump-sum contributions at any time or set up automatic payments.
  • Qualifying investments include savings deposits, guaranteed investment certificates and mutual funds.

What can a RESP be used for?

A Registered Education Savings Plan can be used to pay post-secondary tuition and fees, as well as associated costs like textbooks, transportation, and living expenses. It’s a very flexible account in this regard! All that matters is that an enrolled student is using the funds to attend a qualifying educational institution.

Withdrawing funds from an RESP

An RESP can stay open until the beneficiary is 35. But the best time to withdraw from the account is when the child is in post-secondary. When withdrawing the funds, many financial companies will ask for a proof of enrollment from the school to ensure the funds are actually going towards the beneficiary’s education. Make an effort to spend the entire RESP while the beneficiary is a student, as you can transfer any excess cash to an RRSP when the education funding is no longer required.

Learning is the key to success at every stage of life. Education is among the best investments you can make today for your child’s future. Close to 70% of all new jobs now depend on some form of education after high school. To help you save for the large financial burden a RESP will be an imperative tool to help aid in the cost and the success of your child in education. A RESP will give you peace of mind and ease any stress you may have when sending your children off in the world to post-secondary education. It is crucial that you find an investment advisor that you feel comfortable communicating with and who listens to your future goals and dreams when it comes to your finances.