Monthly Archives: September 2011

Cyber Liability

Review your client’s internet information.

When renewing any client’s coverage, always perform the following internet searches:
• Company name
• Company website
• Key executives


By searching the company name, you can find out quite a bit about your own client, such as customers or suppliers; trade shows in which they participate; property owned by them; lawsuits filed or pending against them; government contracts; articles written by or about them, etc.

By searching the company website, you can: identify many types of risks (some of which may be exaggerations by the company); use the “about us” page as part of your submission packet (always verify accuracy with company); identify key personnel and contact information; check for trademarks, logos; audio and video; ads from other companies; articles and commentary. Trademarks, logos, audio, video, articles and commentary all fall within the category of “intellectual property” and should be either owned by the company or the company has been given permission in writing to use or post these items.

By searching the key executives by their name, you can: find other companies, both profit and non-profit, that they are linked with. This can be both a sales opportunity as well as a means to identify coverage extensions that might be necessary. For example, you may find that the President of the company is also a board member of a local charity. The Directors and Officers Liability policy needs to be extended to pick up this exposure. This is also a perfect cross-sell opportunity.

Find more at



Tags: , , , , ,

Epsilon sustained the largest breach in U.S. History

Epsilon is one of the world’s largest providers of marketing services and many significant retailers and financial institutions make up their client list, such as Citibank, Capital One, U. S. Bank, Best Buy, Kroger, Visa, American Express, Home Shopping Network, Staples and many more. Epsilon is also now named by Reuters as the company that has sustained the largest breach of names and emails addresses in U. S. history.

This company handles about 40 billion emails annually and thus the hacker(s) have access to the names and emails of Epsilon’s clients customers. Why? The next phase of this hack job will come when the hacker uses that information to go phishing or smishing. What does this mean? Phishing is the use of email that appears to be from a legitimate company but is really a scam designed for the recipient to release private information that will be used for identity theft purposes. Smishing is the same approach but uses mobile phone text messaging to accomplish the same fraud. Who is at risk for being sued from persons that may become victims of this type of fraud?

Well, first up is Epsilon but right behind will come their client(s) whose customer was the victim. The claim will involve allegations of improper management of private information, breach of security due to improper monitoring and encryption technology resulting in financial harm to the customer.

This will not be covered under a General Liability or Umbrella policy. Coverage for this type of loss will be under a Cyber risk policy.

First reported 4/11



Tags: , , , , , , ,

This kind of exposure can be hazardous to your financial health!

A computer security breach at USC Sumter (WI) has exposed personal information, including social security numbers, for 31,000 faculty, staff, students and retirees at all of the university’s eight campuses, according to USC Media Relations.

USC Sumter mailed letters notifying the affected persons about the breach and how to check their credit records.

Covered – Not Covered?

So where would the university find coverage for the notification costs, possible credit monitoring expenses for the affected persons, restitution and any fines or penalties imposed by the state?

Not under any “normal” policy, that’s for sure. All of the above can be covered by a “Cyber” policy. Each insurance company’s policy is different, so you need to check it out before you have your client complete the application.




Tags: , , ,

Cyber Risk

Time to rest - 42/365

Image by tranchis via Flickr

What it means to your client.

With the ever-expanding arena of technology-driven marketing, data usage and product sales, every one of your clients has an exposure to losses that are not covered under “traditional” insurance policies. Along with the expansion of technology use, come the people who will seek to exploit those areas for the own use, misuse, scams and general mischief.

Businesses and their commensurate risk can be broken down into four main areas: 
1. Companies that use the internet to market their company
2. E-Commerce companies that exist on the internet sell their services or products or to provide information and content for use by website visitors or subscribers
3. Information Technology providers, such as website developers, systems analysts, computer consultants, software developers and the like
4. e-Professionals that provide their professional services over the internet

All of the above categories contain similar risks and each individual category contains risks that are unique to that sector. Knowing the difference will help you understand what coverage to look for in the marketplace as part of the challenge of today’s broker is that there is no common “name” for these coverages and each insurance company calls their Cyber coverage form something different.

Let’s start with the areas of risk that all four categories have in common: 

  • Property Losses
  • Loss or theft of data – their own and their customers
  • Virus
  • Denial of Service Attack (a program used by an outsider to send massive quantities of data to your client’s server causing it to shut down)
  • Programming errors
  • Hackers (outside intruders into the computer system
  • Employees
  • Consequential business income and extra expense if the company’s Internet Service Provider shuts down
  • Website extortion (a threat to shut down the website unless money is paid to the extortionist Third Party Losses
  • Breach of system security
  • Loss of business data and information such as customer lists
  • Theft of customer names, email addresses, social security numbers resulting in breach of security claims as well as notification costs and, in some states, large fines and penalties and customer credit monitoring. The average cost for crisis management, notification, and credit monitoring is in excess of $100 per affected person.
  • Transmission of a virus
  • Intellectual property claims
  • Infringement of copyright
  • Articles reprinted without permission
  • Improper use of video, audio, music (without permissions)
  • Unauthorized use of software to build and operate the website
  • Infringement of trademarks, service marks, trade dress
  • Unauthorized use of a collective or certification mark
  • Unauthorized use of another company’s logo, style of font, colors and graphics • Links or frames from other businesses’ websites
  • Infringement of patents
  • Many of the processes used on the internet have been patented, such as one-click or double-click shopping
  • Advertising for others
  • No revenue, but your client runs the risk of being named as a party to litigation involving the other company’s products or services arising out of their advertising
  • Revenue, then your client has the same risk as above, but added to that is that they are now acting as a publisher and marketing company

The second category of E-Commerce can add the following exposures: 

  • International sales of products or services, unless restricted access is built into the website. That means that ALL of their insurance policies must be reviewed and adjusted for proper coverage. Example, sales of a product overseas could result in a product liability claim filed overseas. Crime exposures
  • Use of a fraudulent credit card for the purchase
  • Computer fraud exposure, meaning that a hacker can intrude and establish hundreds of small, fraudulent orders within the system that are then shipped and go unpaid to the business. For the third and fourth categories, technology and other professionals (such as legal and medical), add:
  • Professional liability coverage that includes coverage for first party crisis management, public relations, information security breach and errors and omissions coverage that is specific to the type of technical services provided

Now that you have your “shopping list” of exposures, where’s the coverage for these risks? The basic answer will be found in cyber policies that include property, business income and extra expense, crime, third-party liability coverages. These policies should also include crisis management coverages to assist in paying such things as customer notification expenses, credit monitoring costs, penalties, punitive damages (where insurable by law) and defense costs. Until you become very conversant with this marketplace, use the list of exposures when speaking with your underwriters to identify whether or not the policy contains the needed basics and find out about policy enhancements, such as defense in addition to the limit of liability.

Bottom line, your clients have major risk exposures that can be covered by policies that are becoming easier to obtain and less expensive to buy. Don’t let a competitor bring this information to your client or wait until a loss occurs that is not covered.


Tags: , , , , , , , , ,

7 Reasons Why You Didn’t Get the Deal

Sad face

Image via Wikipedia

Have you been left wondering why you didn’t get chosen as the new agent of record?

Do you believe you had the right solutions for your prospect? Do you know you had a cost structure that would benefit your prospect in the long run?

Then what’s the problem?

I will outline 7 potential reasons you might be having this problem.

1)    Did you fail to establish your relationship, First. I literally mean first. You are the first and most important buying decision buyers make. Always sell yourself first, do it with modesty and a genuine interest in your buyer and their company. Fifty-Four percent of buyers say the most important factor in their buying decision is the quality of the relationship they have developed with their Agent. Do you take your relationship for granted or did you fail to develop it at all because you felt price was more important.

2)    Did you fail to explain how your solutions would benefit your buyer? Did you assume the benefits were so obvious that they did not need to be explained in detail? By not taking the time to explain in detail you did not engage your buyer in their input into the solutions. Perhaps they didn’t understand or perhaps they didn’t agree, either way you lost because to skipped an important step in the process. Prospects must understand how your proposed solutions benefit them, and not in insurance language but in straight person to person conversation.

3)    Did you miss something? Sometimes we are so sure of our solutions we just begin by “selling” our ideas. Before you begin to offer solutions always recap where you are and get agreement on the issues you have uncovered. Ask if the buyer has any additional thoughts or concerns.

4)    Did you do all the talking? This reminds me of the old axiom I heard once “God made us with two ears and one mouth for a reason. We should listen twice as much as we talk because listening is twice as hard to do well.” The great communicators are always great listeners, and their talk always relates back to what they heard.

5)    Did you present in a way that your buyer understood the importance to make the change required. Often making an important change can require a buyer to overcome inertiaThey may like the current agent or they may not find your ideas that different or more rewarding. You were not bold enough in your approach.

6)    Did you fall into the “Apples to Apples” trap?  This is very difficult because many buyer believe this is exactly what they want, an “Apples to Apples comparison”. Many of us have convinced ourselves that all we need to do is copy someone else’s policy coverages and offer a lower price. It doesn’t work long-term all you have done is set up the next shopping spree with you at the disadvantage. Think about the psychology of the buyer request for an Apples to Apples comparison what it really says is “I don’t perceive any differences between the services of one agent over another as far as I am concerned you are a commodity.” This attitude actually offers you the opportunity to show your differences the buyer has handed you the golden opportunity to succeed.

7)    Does your buyer have the authority to make the decision?  Very often we will start the sales process speaking to a person that does not have the authority to make the decision. Many times we will talk to people who may have the authority but are unwilling to make the decision. I have found that with complex sales such as insurance the decision is actually a team effort made up of several members of the business. It is critically important that you identify as you move through the process who all of these people are and what their concerns are. You will find that the concerns of Human Resources are not the same as the CFO and the CFO’s are not the same as the CEO. You need to expand your thinking and incorporate the entire team if the solutions you offer are going to place you on the team as their Outside Risk Management Consultant.

We will talk about these issues individually in the future but I’d love to hear your thoughts and reactions, please email me at


Tags: , , ,

Clients & Leases


Image by Bohman via Flickr

Working with clients and their leases are never fun.

The first hurdle for the insurance agent is: Do you ask for the lease or do you not? It would be easy to say – sure you should. Not so fast. If you have never read a lease in your life, how would you even know what you are reading? You are also not a lawyer, so how can you be asked to review a legal document? If you ask for the lease, but the insured only sends you the two pages called “insurance requirements” and now you only see a small sliver of the whole picture created by the lease.

Taking these questions separately, consider the following:

• If you have never read a lease before, ask for help from a more experienced insurance person.

• You should never, ever read a lease and give any legal advice. That would be practicing law without a license. You are reviewing the lease from a risk transfer, risk acceptance and insurance response perspective. You should have a disclaimer to the effect that your review is an insurance review and that this review should not be considered legal guidance and for that, the insured should look to their attorney.

• As for reading a legal document, you do so every working day – that would be the insurance policies you provide for your clients.

• If you ask for the lease and you only get a couple of pages, make sure that fact is documented permanently in your files as well as confirming back to your client in writing.
• A final comment here – if you are only placing insurance based upon specific orders from your client, a lease review is going above and beyond the order taking role you are playing. That could put you in an enhanced role of having a “special relationship” with that client. Meaning that your E & O exposure in some states just rose. If you are already in a consultative role with the client, you already have that type of relationship and NOT reviewing the lease (or at least asking for it) could place you at higher risk for an E & O claim should something go awry as a result of a lease condition.

The next hurdle: Your client has already signed the lease before you got a chance to review it. Now, your client is stuck with the results – rarely will a landlord or a tenant be willing to renegotiate lease terms once they have been agreed to and signed. If your client has a number of leases, one thing that is true, no two will be exactly alike. Do your best to request that you are part of the lease negotiations, but in the end, it will be the client’s decision.

Let’s move on to the next hurdle: What if you are the agent for both the building owner and the tenant? Since the lease will create risk that is transferred at the same time as risk that is assumed, how do you properly act as an advising insurance agent for both? Well, there are a couple of options. First, you can play it straight with both – ‘just the facts, ma’am” and offer no opinion as to the good or the bad results, just solutions, if there are any. If there are not, make a written disclosure, whichever is adversely affected. Some insurance agencies will split up this review and recommendations by having another insurance agent in the office review the lease for one or the other of the two clients.

One of the less tangible items regarding leases is the value of that lease to both parties. A landlord may make several concessions because they want a stable, long-term tenant that will care for the property and pay their rent on time. A tenant may find the location extremely valuable and will not want to run the risk of the lease cancelling or upsetting the landlord. A discussion about their motivations and long-term objectives is a necessary component in working with your client. An example of this was brought home to me clearly during a recent discussion with a client (tenant). The client wanted to avoid all problems with the landlord at, literally, all costs due the value of the location. This client has 143 locations around the U. S. and, while all of the leases are different in various ways, a common thread among all of them was a hold harmless and indemnity agreement along with a requirement that the landlord be added as an Additional Insured to the General Liability policy. At one of the retail locations, an elderly customer had fallen outside the actual retail premises on the common sidewalk at the strip mall. Since the Additional Insured – Managers, Lessors of Premises endorsement only applies to injury within the premises leased to the insured tenant, the protection under the Additional Insured endorsement did not apply. Although the insurance company initially denied, they ultimately picked up the defense for the landlord with a reservation of rights under the contractual liability section of the liability policy, this created great concern by the tenant. A discussion took place with the insured and their attorney regarding the language of the endorsement, including the changes affecting that endorsement that took place with the 2007 revisions.

That newer edition of the Additional Insured endorsement contains language that restricts the landlord’s access to the insurance policy only if the Named Insured (or a party over whom the NI has direction or control) contributes in some way to the injury. Many insurance companies have adopted this newer edition and the insured needed to understand that their desire to broaden the coverage response for the landlord, rather than restricting it, would limit their insurance marketplace options. The result of the discussion was that the insured’s attorney would specifically review the indemnity provisions, looking to those to be the backstop to the Additional Insured endorsement and the agent would be watchful for the proper AI endorsement on the future policies. A good division of labor for all.

Good luck and happy reading. ~M


Tags: , , , , ,

Wait a Minute – What Did They Say Again?

Fire Damaged House

Image by jp1958 via Flickr

The insured (tenant) entered into a lease agreement with the building owner.

The tenant provided the insurance requirements to the agent by copying that page of the lease and sending it to the agent. Under the terms of the lease, the tenant is required to purchase insurance to cover the building “at the cost to repair or replace the building”. So, the agent did exactly that – provided a policy that covered the building for replacement cost. The building sustained major damage from a fire.

As the adjustors reviewed the claim and discussed the repair of the building, it became immediately apparent that a significant number of changes were required to comply with current building codes. That is when the first hint appeared of the arguments that were about to erupt that resulted, ultimately, in litigation. The landlord claimed that the language of the lease was very clear – repair and replace the building and if that means that new codes must be complied with, then do it.

The insurance company said no coverage for ordinance or law compliance. Well, according the mediator – they were both right. He felt that the lease was very clear and that the insurance policy excluded ordinance or law. The tenant had to cough up the money to bring the building up to code. Well, you know where this is headed – right to the agent’s doorstep in the form of a lawsuit. This case did not go to trial, but was settled in favor of the insured on the courthouse steps after 3 ½ years of legal wrangling between the insured’s lawyers and the insurance agent’s E & O lawyers. The agent paid their $50,000 deductible.

Just one of the lessons from this claim: Take lease language very seriously and don’t “interpret”. The first misstep by the agent was reading “insurance lingo” into the lease wording. There really is a difference between the cost to repair or replace and replacement cost insurance language. On another level – it is helpful to have a thorough understand of insurance policy language and how it relates to lease language.


Tags: , , , , ,