Owning and operating a business takes a lot of time and energy: satisfying customers, attracting, finding, and retaining talented employees, marketing products and services. The list goes on and on, and on. One responsibility which may not receive the attention it should is ensuring your business has appropriate insurance coverage.

Here are some of the mistakes made by businesspeople when choosing insurance.

Failing to Read Your Policies

Your insurance policy does not make for exciting reading but knowing what is and is not included is crucial.  It is the only way to know what risks are covered and which are excluded. Looking at your policies after a loss occurs is not effective timing. You cannot buy coverage for a loss that has already taken place.

While many insurance policies are written in simplified language, they still contain some “legalese.” If you have trouble comprehending the wording, ask your trusted insurance advisor or attorney to explain the policy wording.

Buying Too Little Property Insurance

When insuring buildings and personal property under a commercial property policy, make sure to have adequate limits. This is essential even if your policy includes replacement cost coverage. While the replacement cost coverage will automatically cover the cost to repair or replace your damaged property, it will not pay more than the limit of insurance. If the cost to repair or replace your property exceeds the limit, your policy will only cover that portion of the loss within the policy limits.

Watch out for coinsurance clauses and agreed value provisions, which are often found in property policies. Both impose a penalty for underinsuring your property. If a loss occurs and you have failed to maintain a minimum amount of insurance, your insurer will not pay the full amount of the loss. Deliberately underinsuring your property is not a good way to save money on property premiums.

Failing to Insure Potential Income Losses

Many business owners are careful to insure their company’s physical assets but fail to consider a common consequence of physical losses, namely a loss of income. A company will lose income if its premises suffer a physical loss and the business cannot operate until the damage is repaired.

Business Income insurance is intended to help companies survive an interruption in operation by reimbursing the company for the income it would have earned if the loss had not occurred. It also covers continuing expenses like rent or electricity regardless of whether your business is operating.

Your business may also need Extra Expense insurance: which covers expenses you incur to avoid or minimize a shutdown when property has been damaged by a covered peril.

Failing to Accurately List Entities or Locations

Under most liability policies, only the people or entities shown in the declarations qualify as named insureds. People or entities not listed on the policy generally are not covered.  Failing to list a business entity on a general liability, commercial auto, umbrella, or other liability policy can have disastrous consequences.

For example, for tax reasons, you transfer ownership of all your business property to a newly created subsidiary. However, your liability policy only lists your company name as the named insured, not the new subsidiary. Were an accident to occur on the property and the subsidiary sued, your insurer can refuse to cover the claim as the subsidiary was not named on the policy.

Similar problems can occur if business locations are omitted from a commercial property policy. Most property policies cover physical loss or damage to covered property at the premises described in the declarations. If damaged property is situated at premises not shown on the policy, the damage may not be covered.

Sticking With the Same Insurer or Policy for Too Long

While a long-term relationship with an insurer can be an asset, avoid staying with an insurance company no longer meeting your needs. An insurer (or insurance policy) that was suitable for your business in the past may no longer provide adequate coverage.

Insurers do change over time. Some grow and expand their product offerings, some improve the quality of their service while others allow theirs to decline. You can determine whether your insurer is still competitive in the marketplace by asking your trusted insurance advisor to obtain quotes from other insurers.

The best advice is to meet with your trusted insurance advisor every few years for a full assessment of your risks and insurance needs to determine you have the most appropriate coverage for your current and future business needs.

Aspen Insurance Agency is in Denver, CO, and services clients nationwide. We are a family run business working with multiple insurance carriers to offer our customers the coverage they need at the lowest possible cost. We offer a wide range of personal, commercial, and professional insurance to residential and commercial customers enabling the cheapest rates available. Call to speak to one of our insurance advisors and see how painless insurance shopping can be.

Owning and operating a business takes a lot of time and energy: satisfying customers, attracting, finding, and retaining talented employees, marketing products and services. The list goes on and on, and on. One responsibility which may not receive the attention it should is ensuring your business has appropriate insurance coverage.

Here are some of the mistakes made by businesspeople when choosing insurance.

Buying on Price Alone

When shopping for any form of insurance, it makes sense to shop around. Some insurers provide better value than others, meaning the policy which costs the least will not be a bargain if you and your business are left vulnerable to costly claims.

Obtain quotes from multiple insurers and compare the proposals in detail, line by line of offered coverage. Be sure to consider the types of coverage and the coverage amounts listed in a quote. Here is where your trusted insurance advisor can help you by explaining what is covered and what your level of risk exposure might be.

Always know what exclusions and limits exist in any policy under consideration.

Buying Too Little Liability Insurance

Every small business can be hit with a lawsuit, costing anywhere from $3,000 up to $150,000 or higher. Legal actions can threaten your company’s financial stability and its reputation. One large claim could put your company out of business. Don’t skimp on coverage limits when buying general liability or auto liability insurance.

Many businesses will not employ you as a sub-contractor until you provide proof of liability insurance, with a minimum coverage amount specified in the contract. A landlord may refuse to lease property unless your business has purchased sufficient liability insurance. 

 Automatically Choosing a Low Deductible

A deductible can reduce the cost of insurance premiums as it enables the business owner to pay small losses out of pocket as a form of self-insurance.

Do not automatically select the lowest deductible when buying commercial property or auto physical damage insurance. Rather, consider how much premium you will save by raising the deductible. Generally, choose the largest deductible the business can comfortably absorb in the event of an accident.

Failure to Adjust Your Coverage as Your Business Changes

Most businesses change over time: small companies may grow adding locations and hiring additional employees. The mix of products or services offered may expand into new potential business areas. As businesses change, insurance needs change as well.

When making a major change to a business, such as acquiring a new company or location, notify your agent or insurer right away. Any other changes should also be reported before policies renew. Plan to talk with your trusted advisor annually to review business insurance coverage and limits to determine if your insurance needs have changed.

Your agent can help you decide whether your insurance coverages or limits should be adjusted.

Plan to meet with your trusted insurance advisor every few years for a full assessment of your risks and insurance needs to determine whether you have the most appropriate coverage for your current and future business needs.

Aspen Insurance Agency is in Denver, CO, and services clients nationwide. We are a family run business working with multiple insurance carriers to offer our customers the coverage they need at the lowest possible cost. We offer a wide range of personal, commercial, and professional insurance to residential and commercial customers enabling the cheapest rates available. Call to speak to one of our insurance advisors and see how painless insurance shopping can be.

In March of this year, CNA Financial Corp., among the largest insurance companies in the U.S., paid $40 million to regain control of its network after a ransomware attack. The Chicago-based company reportedly paid hackers two weeks after a large amount of company data was stolen. CNA officials were also locked out of their own network, according to individuals familiar with the attack, neither of whom was authorized to discuss the matter publicly.

CNA did release a formal statement stating the company consulted and shared intelligence with the FBI and the Treasury Department’s Office of Foreign Assets Control about the attack and the hacker’s identity.  The Treasury Department’s said last year facilitating ransom payments to hackers could pose sanctions risks.

Ransom Payment Trend

As Companies rarely disclose ransomware attacks or payments it is difficult to know actual past payments. According to Palo Alto Networks, the average payment in 2020 was $312,493, a 171% increase over the prior year. The $40 million payment by CNA is bigger than any previously disclosed payments to hackers, according to three people familiar with ransomware negotiations.

Ransomware demands have increased exponentially in the last six months, according to Melissa Hathaway, president of Hathaway Global Strategies and a former cybersecurity adviser to Presidents George W. Bush and Barack Obama.

The average ransom demand is now between $50 million and $70 million, Hathaway said. While those demands are often negotiated down, she stated that companies are frequently paying ransoms in the tens of millions of dollars, in part because cyber insurance policies cover some of the cost.

A taskforce of security experts and law enforcement agencies estimated that victims paid about $350 million in ransom last year, a 311% increase over 2019. The task force recommended 48 actions the Biden administration and private sector could take to mitigate such attacks, including better regulation of the digital currency market used to make ransom payments.

The task-force report, prepared by the Institute for Security and Technology, was delivered to the White House days before Colonial Pipeline Co. was compromised in a ransomware attack.  Bloomberg reported that Colonial paid the hackers nearly $5 million shortly after the attack.

What Is Ransomware?

Ransomware is a type of malware encrypting a victim’s data demanding a payment to unlock access to the data. Cybercriminals also use ransomware to steal too. The hackers then ask for a payment to unlock the files and promise not to leak stolen data. In recent years, hackers have been targeting victims with cyber insurance policies and huge volumes of sensitive consumer data that make them more likely to pay a ransom, according to cybersecurity experts.

The CNA hackers used malware called Phoenix Locker, a variant of ransomware dubbed ‘Hades.’ Hades was created by a Russian cybercrime syndicate known as Evil Corp., according to cybersecurity experts. Evil Corp. was sanctioned by the U.S. in 2019. Unfortunately, it is difficult to pinpoint blame as hacking groups share code or sell malware to one another.

Phoenix Locker appears to be a variant of Hades based on overlap of the code used in each, according to Barry Hensley, chief threat intelligence officer of cybersecurity firm Secureworks Corp. “We have a high degree of confidence this is a Hades variant,” Hensley said. He said they have not determined which hackers used the Hades variant to attack CNA.

Hades was created by Evil Corp. to bypass U.S. sanctions placed on the hacking group, according to research published in March by the cybersecurity firm CrowdStrike Holdings Inc.

CNA, which offers cyber insurance, said its investigation concluded that the hackers were a group called Phoenix not yet subject to U.S. sanctions.

The average ransom demand is now between $50 million and $70 million, subject to negotiation. Companies are frequently paying ransoms in the tens of millions of dollars, in part because cyber insurance policies cover some or all of the cost.

Aspen Insurance Agency is in Denver, CO, and services clients nationwide. We are a family run business working with multiple insurance carriers to offer our customers the coverage they need at the lowest possible cost. We offer a wide range of personal, commercial, and professional insurance to residential and commercial customers enabling the cheapest rates available. Call to speak to one of our insurance professionals and see how painless insurance shopping can be.

Computers are everywhere: homes, business, libraries, schools, even in your pocket, if you own a smart phone. Computers are used for entertainment, business operations, navigation, government administration, heating, and cooling: the list goes on and on. As ubiquitous as computers have become, criminals are increasingly attempting to extort money or use our personal information to create a duplicate of our identity, destroying our finances through impersonation.

Rise in Computer Crime

Computer crime is not decreasing:

• In 2020, 300 million people were affected by data breaches: 80% of the nation’s population.
• 91% of organizations experienced at least one damaging cyber attack over the past two years. 60% had two or more over the past two years.
• 1 in 4 businesses experienced a cyber event in 2020.
• Ransomware attacks (where villains lock computer until a ransom is paid for release) exceeded one million dollars in 2018: in 2020, it was more than $30 million!

As a result of the rise in computer crime, 78% of risk managers now purchase some level of cyber insurance, up from 34% in 2011.

Business Cyber Protection

As the majority of cyber criminals are overseas where law enforcement may not be able to reach. Business owners might evaluate their internal business cyber protection. Even well-defended companies experience cyber losses. What can a business owner do?

First and foremost, each business owner should have a robust cyber security plan in place. One that is continually updated as new weapons are wielded by criminals.

To begin with:

Maintain A Robust Perimeter Defense: Many networked computer systems are protected by a firewall: think of a firewall as the castle wall. The wall keeps invaders out allowing entry only through a protected gate. The firewall is absolutely the first line of defense. However, be concerned if it is the only line of defense. If the walls are breached, invaders may be inside with complete access to customer data and individual computers.

Change Passwords every 30 days: over 55% of unauthorized access is from “spoofing” a legitimate user. Criminals have become sophisticated in their use of social media and publicly available information to induce employees to click on links installing malware software on your systems. Such malware lies hidden tracking every keyboard click, including the capture of passwords, customer social security numbers and birthdates and a lot more. By changing passwords, it reduces a criminal’s ability to impersonate your employees.

Install Anti-virus Security Solutions: Install products such as Norton or McAfee on all computers and keep the software up to date. In 2020, 360,000 new malicious files were detected each day. Current virus software will capture and isolate the software for review and deletion, before inflicting damage.

Restrict Browsing: Every company uses internet browsing for business purposes. However, criminals will upload malware to appear as a seemingly innocent picture or video (cute kittens, romping puppies!) which, when clicked upon, is designed to infect the computer without the user knowledge, then seek and infect other computers on your network.

Minimizing Risk of Cyber Attacks

Six of ten small to medium sized business (under $250 million annual revenue) have no cyber insurance protection. Business owners should consider the cost of losing all business data or paying a ransom for locked out computers and the impact these situations represent. Consider investing in risk management protection by expanding coverage such as:

• Breach Response Costs
• Cyber Extortion/Ransom
• Business/Dependent Business Interruption
• Systems Failure/Dependent
• Systems Failure Digital Asset Recovery
• Cyber Crime (Social Engineering, Funds Transfer Fraud)
• Bricking

Speak to your Aspen Insurance industry expert to discuss possible options expanding your cyber security insurance and general liability insurance.

Aspen Insurance Agency is in Denver, CO servicing clients nationwide. We are a family run business working with multiple insurance carriers to offer our customers the coverage they need at the lowest possible cost. We offer a wide range of personal, commercial, and professional insurance to residential and commercial customers enabling the cheapest rates available. Call to speak to one of our insurance professionals and see how painless insurance shopping can be.

The United States are a litigious society: every business must be aware of and protected from suits brought for any number of reasons. However, there are five types of suits more common than all others. Most, though not all, may be covered by insurance.

1. Employment Discrimination and Wrongful Termination

Many lawsuits filed against businesses are based on allegations of discrimination, harassment, retaliation, or wrongful termination. Most workers are protected from these acts by federal anti-discrimination laws, including:

• Title VII of the Civil Rights Act: Bars employers from discriminating against workers based on sex, race, religion, color, or national origin.
• Pregnancy Discrimination Act: Prevents employers from discriminating against a woman because of pregnancy or a related condition.
• Equal Pay Act: Requires employers to pay men and women the same wages if they perform equal work in the same workplace.
• Age Discrimination in Employment Act: Prohibits employers from discriminating against employees ages 40 or older based on their age.
• Title I of Americans With Disabilities Act (ADA): Prohibits discrimination against qualified employees who have a disability.

Many states have enacted their own anti-discrimination laws protecting workers. Both state and federal laws apply to applicants for employment as well as employees.

Harassment – Retaliation – Wrongful Termination

Harassment and retaliation are forms of discrimination. Harassment is defined as unwelcome conduct based on race, color, religion, sex (including pregnancy), national origin, age, disability, or genetic information. In a harassment claim, the alleged perpetrator is often a manager or co-worker; the plaintiff claims they reported the harassment to the employer who failed to stop it.

Retaliation is the termination, demotion or other action taken by an employer to punish the employee for filing a discrimination complaint or lawsuit.

Wrongful termination is firing an employee in violation of the law. Most wrongful termination claims against employers are based on allegations of discrimination, for instance firing an employee due to their age.

Small businesses are typically more vulnerable to employment-related lawsuits. Many small companies do not employ human resources professionals to ensure internal personnel actions comply with federal and state laws.

Claims alleging discrimination and other employment-related acts may be insured under an Employment Practices Liability (EPL) policy.

2. Discrimination Suits Not Based on Employment

All discrimination suits are not always brought by employees. Suits may be filed by customers, suppliers, patients, vendors, and other individuals with a connection to the business. For instance, a foreign-born customer sues a restaurant for discrimination alleging the wait staff made derogatory remarks about her native country and then refused to serve her.

Some EPL policies cover discrimination claims filed by individuals who are not employees.

3. Wage Law Violations

Many lawsuits filed against employers are based on allegations that the employer violated a federal, state, or local wage law. These laws are collectively called wage and hour laws.

The Federal Labor Standards Act (FLSA) sets the federal minimum wage. It also governs child labor, recordkeeping, and overtime pay. The FLSA creates two categories of workers, exempt and nonexempt. Generally, nonexempt employees are eligible for overtime pay while exempt workers are not. Many states and municipalities have enacted their own laws regarding wages and overtime pay.

Wage and hour suits are often based on claims that the employer failed to pay either the minimum wage or overtime pay. Workers may also contend that the employer avoided paying overtime by misclassifying them as independent contractors.

Suits based solely on allegations of wage and hour law violations are not likely to be covered by insurance. These types of law suits are not covered by general liability policies and are specifically excluded from employment practices and directors and officers liability policies.

4. Torts

Many suits filed against businesses by third parties are based on torts: violating a person’s civil rights. Two types of torts may lead to lawsuits against businesses: unintentional torts (negligence) and intentional torts.

Negligence committed by a business owner or employee may lead to an accident that causes personal injuries or damaging personal property. The injured party may sue the business or the employee for bodily injury or property damage. Intentional torts like false arrest and wrongful eviction can also generate suits against businesses.

Claims against a business for bodily injury or property damage may be covered under a general liability policy. Claims based on certain types of intentional torts are also covered by liability policies under personal and advertising liability coverage.

5. Breach of Contract

A business owner breaches a contract when he or she fails to comply with its terms. Most claims based solely on breach of contract are not typically covered by liability policies. Employers still may be able to avoid the risk of non-performance through the purchase of a surety bond.

We recommend discussing risk management and mitigation protection with your Aspen Insurance Advisor who can give trusted advice on protections for yourself and your business through small business insurance.

Aspen Insurance Agency is in Denver, Colorado, and services clients nationwide. We are a family run business working with multiple insurance carriers to offer our customers the coverage they need at the lowest possible cost. We offer a wide range of personal, commercial, and professional insurance to residential and commercial customers enabling the cheapest rates available. Call to speak to one of our insurance professionals and see how painless insurance shopping can be.