Skip to main content
Category

Cybersecurity Best Practices

evolvemga
In Cybersecurity Best Practices

Evolve’s #WFH Awareness Challenge Winners

Evolve | Work From Home Winners

Evolve’s “Work From Home” Awareness Challenge Winners 

 

After much deliberation, Evolve is very excited to announce the #WFH Awareness Challenge winners!!! 
 
In 1st place, Dana Dattola from Weaver & Associates will be taking home the $500 prize.
In 2nd place, Alicia Ambrose from JGS Insurance will be taking home the $250 prize.
In 3rd place, Hana Wyles, one of Evolve’s very own, will be taking home the $100 prize.
 

Thank you for participating in our Work From Home Awareness Challenge!  We appreciate all your support as we work together to fight the spread of the Coronavirus.  After much deliberation, Evolve’s team voted on the following three photos as our favorite submissions: 

 

  • Evolve MGA WFH Challenge
  • Evolve MGA WFH Challenge
  • Evolve MGA WFH Challenge

A special thanks to the following for their participation:

  • JGS Insurance

  • Weaver & Associates

  • GSM Insurors

  • NCG Insurance

  • ILSA

  • Riemer Insurance

  • Combined Agents of America

  • The Arizona Group

  • Hills-Hallmark & Company

  • Pan American Insurance Services

  • Commercial Insurance Associates

  • Beskin Divers Insurance Group

Please continue to stay safe and healthy!

Keep up with Evolve on social media for more fun posts from our team members and hot cyber insurance topics. 

evolvemga
In Cybersecurity Best Practices

Secure Your Business: 5 Easy Steps

Evolve MGA Cyber Insurance

Secure Your Business: 5 Easy Steps

 

 

Directions: Management should ask their IT department to review the minimum security standards highlighted below and report back on any security vulnerabilities that could be implemented across the entire organization.

1. Secure Ransomware Threat

Ransomware’s biggest threat to your organization is destroying essential data to operate. Back up, encrypt, and secure logins. 

2. Secure Your Employees

Control your employee security standards on the corporate level. 

  • Set Up a Corporate Password Manager: LastPass
    • Require Generated Security Passwords
    • Ensure Employees have a “Strong” Security Score
    • Do Not Allow Passwords to be Save in Web Browser 
  • Automatically Block Malicious Websites: Require DNS Blocker
  • Require Ad Blockers on Web Browsers: Adblock
  • Implement Mandatory Software Updates
    • Anti-Virus, Microsoft Office, Computer, and Phone Software

3. Secure Phishing Threat

Purposely phish employees, set up a security gateway, and stop hackers from impersonating your emails

4. Secure Company Website

Identify & correct security faults on your website.

  • Add SSL/TLS Encryption: ImmuniWeb
  • CMS Vulnerabilities & Website Compliance: ImmuniWeb
    • Update CMS Plugins
    • Update Web Server Software & HTTP Headers
    • Ensure Regulatory Compliance (GDPR, PCI)

5. Secure Software Vulnerabilities

Secure bank access & require transfer security protocols.

  • Enable Multi-Factor Authentication for Bank Login
    • Use a Bank Tokenized Keyfob (highest level of security)
  • On New Transfers, Require Call Back Procedure Prior to Transfer
  • Require a 2nd Internal Signature on Transfers Over a Certain Minimum Dollar Threshold (E.G. – $10,000.00)

Updated 11/16/2020: Microsoft urges users to stop using phone-based multi-factor authentication

evolvemga
In Cybersecurity Best Practices

Evolve’s “Work From Home” Awareness Challenge

Evolve’s “Work From Home” Awareness Challenge

Working from home is proving to be an incredibly effective method to fight the spread of coronavirus. By slowing the rate of infection, we can “flatten the curve” by reducing the number of active cases that could potentially overwhelm doctors, hospitals, police, schools, and vaccine manufacturers. 

In an effort to support the fight against coronavirus, Evolve is launching a “Work From Home” Awareness Challenge to keep everyone motivated, energized, and excited to work from home! The challenge will run from April 1st –  31st with weekly updates on Evolve’s social media every Friday. The winners will be announced on May 1st.  

 

How do I participate in the #WFH Awareness Challenge?

  1. Have a family member take a picture of you “working from home”
  2. Nominate 2 people in your network to participate in the challenge
  3. Submit everything to [email protected]

Are there any awards for the best photos?

Yes! Evolve’s staff will vote on the top 3 photos to win:

  • A Visa Gift Card: 1st place – $500, 2nd place – $250, 3rd place – $100
  • A WFH Gift Basket
  • Recognition on an Evolve Social Media post (LinkedIn, Instagram, & Facebook)
  • A Feature on Evolve’s Website
  • Invitation to the Evolve Team’s Virtual Happy Hour

Together, we can reach tens of thousands of people with the message: We are fighting this virus together, in solidarity, working from home!

 

evolvemga
In Cybersecurity Best Practices

Secure Your Home Office: 5 Free Easy Steps

Evolve MGA Cyber Insurance

Secure Your Home Office: 5 Free Easy Steps

Cyber criminals are successfully hacking people working from home.

Don’t be one of them! Here are 5 free and easy tips to secure your home office:

1. Secure Your Accounts: Enhance your login security.  

2. Secure Your Devices: Identify malware before it is too late.

3. Secure Phishing Threat: Train your eye to phishing & social engineering attacks. 

4. Secure Ransomware Threat: Encrypt and back up local data on your computer.

5. Secure Software Vulnerabilities: Update old software to patch vulnerabilities.

evolvemga
In Cybersecurity Best Practices

WTF is Wire Transfer Fraud?!

Evolve MGA Cyber Insurance

This article is brought to you by ResourcePro, provider of insurance industry tools, technology and strategic services that enable profitable growth through operations excellence. Resource Pro and Evolve’s Principal, Patrick Costello sat down to discuss the damaging effects of Wire Transfer Fraud (WTF) and the importance of quality cyber insurance policies.

SAVAGE CYBERCRIME 

It’s fitting that wire transfer fraud can be shortened to WTF. This frustrating and costly scam can cause massive losses at a moment’s notice and applies to any business with a bank account.

In cyber insurance, we see wire transfer fraud impacting organizations on a daily basis, and it’s one of the most common claims filed. The FBI reports that scammers attempted to steal $5.3 billion using business email schemes from 2013 to 2016, and the number of cases continues to rise each year.

HERE ARE 5 KEY POINTS TO KEEP YOUR CEO FROM SAYING “WTF?!”

1. What is Wire Transfer Fraud?

Essentially, it refers to psychological manipulation that results in a wrongful wire transfer to a criminal third party. Insurance policies often use the term “social engineering.”

Here’s a classic example: the CEO is on vacation and gets an email from who they assume is the CFO asking for confirmation of a wire transfer. The email appears to be legit, but the CEO doesn’t realize that it is a few letters off from the legitimate email address. You’d be shocked at how sophisticated these attacks are, with email signatures copied word for word and other realistic touches. (Often those details are obtained through phishing scams, which is a whole other bucket of worms). The CEO, in vacation mode, doesn’t pay too much attention and OKs the transfer for a large sum. By the time the fraud is discovered the money is long gone and the CEO faces major scrutiny for their role in the scam.

While both large multinationals and small companies are victims of wire transfer fraud, often small to medium-sized businesses are specifically targeted. That’s because they typically do not have the protocols, training and procedures in place that will effectively defend against a serious cyber-attack.

 

2. What’s at stake?

The immediate aftermath is a loss of funds. We’ve seen it go over a million dollars. Again, every business with a bank account is at risk. Insurance agencies, for example, have massive cyber exposure because they are transferring money regularly and collecting a significant amount of personally identifiable information.

It’s not just revenue that’s affected by these scams, we’ve also seen folks jeopardize and lose relationships with key vendors. Recently, we worked with a client who found themselves in a situation that involved a criminal who impersonated a title company and tricked a first-time homebuyer into transferring $350,000 into a criminal account. That’s something that didn’t necessarily impact the insured directly as much as it affected the third party…their customer.

3. What should a policy look like?

As the newest form of commercial insurance, cyber insurance isn’t uniformly covered across the industry. Most people don’t know why they need cyber insurance or what a cyber policy entails.

The majority of markets do not offer this coverage. If they do, many times there will be caveats in the language around dual factor authentication. Did the CEO call the CFO to make sure the transaction was valid? If not, your claim might not be covered by many policies.

If you do have a cyber policy in place, make sure it’s a quality one that will include social engineering coverage at the highest limit available. Crime policies may include cyber triggers that reference social engineering. You need to see how the policies will react together—which one will be primary, which will be excess. Ideally, you build the highest coverage you can against wire transfer fraud because it’s such a massive exposure and the funds are rarely recovered.

4. Can I be a cybercrime fighter?

Yes! Speaking to a human being prior to transferring money is always a great starting point. Make dual factor authentication mandatory and provide standard procedures for wiring amounts over a certain threshold.

If you have a cyber policy in place, call your insurer’s 24-hour hotline as soon as possible. We see these types of claims all the time and the quicker we can be notified, the better.

5. How might this scam become more advanced in the future with AI?

The sky’s the limit for how someone can manipulate tech and computers to scam companies. As more and more things are connected to the internet (televisions, cars and even refrigerators!), it’s going to be easier and easier to exploit personal information.

THE GIST

Cyber exposure is growing on a daily basis and cyber insurance is a must for any business that is serious about mitigating their exposure to hacking attacks and data breaches.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

Close Menu