~*Uninsured or Underinsured in the wake of Hurricane Irma?*~

Hurricane Irma:

If you are a homeowner, business owner, or renter affected by Hurricane Irma, you still may be able to receive certain benefits through the Federal Emergency Management Agency “FEMA” if you are uninsured or underinsured.

Storm damage and losses from the hurricane and flooding must have occurred because of Hurricane Irma, beginning on September 4, 2017.

If your home was destroyed or your damage is very serious, you may be eligible for FEMA assistance regardless of whether you are also submitting an insurance claim.

Even if you have insurance, if your coverage falls short of compensating you for every aspect of your loss, you may still be eligible for relief from FEMA. If this is you, when applying for assistance, let FEMA know what insurance coverage you have, as they may be able to fill in the gaps. Also, understand that as part of the application process, you may be asked to provide evidence that your insurer denied your claim in order for FEMA to determine your eligibility for assistance.1

For some examples, FEMA’s Individuals and Households Program covers temporary housing and rental assistance, home repairs or replacement, and provides other benefits that are not always available through insurance. Although many insurance policies provide Additional Living Expenses “ALE” coverage, FEMA may kick in where your insurance company falls short. (see FEMA Fact Sheet, September 2017).

The other beneficial aspect of FEMA assistance is that, unlike a bank loan or even a loan backed by the U.S. Business Administration, (“SBA” loan), it does not have to be paid back.

In sum, for those affected by Irma who are insured, file separate claims with your insurance company and with FEMA. FEMA will not duplicate payments made by your insurer. Those without insurance may still be eligible for help depending upon the severity of your circumstance, and those of you who have insurance but may be underinsured may receive additional help from FEMA after your insurance claims have been paid. (See Tampa Bay Times article)

For a list of Florida counties that have made eligible for individual assistance under FEMA go to: https://www.fema.gov/disaster/4337.

For more information, or to register for assistance, go to www.disasterassistance.gov or call 1-800-621-FEMA (3362).

For those survivors with disabilities or who need other special accommodations, you can request specialized services from FEMA, including technologies such as braille, language interpreters, sign language interpreters (including video remote), amplified listening devices, and magnifiers. For more on this, see: https://www.fema.gov/news-release/2017/09/29/services-available-hurricane-irma-survivors-disabilities-access-needs

FEMA recommends that you have the following information ready when you apply for assistance:

  • •Social Security number
  • •Address of the damaged home or apartment
  • •Description of the damage
  • •Information about insurance coverage
  • •A current contact telephone number
  • •An address where you can receive mail
  • •Bank account and routing numbers for direct deposit of funds If you have suffered a loss not fully compensated by insurance, FEMA, or other program, you may be eligible for a long-term low-interest disaster recovery loan from the government, or SBA loan. This can be addressed by calling the SBA disaster customer service center at 800-659-2995 or (TTY) 800-877-8339 or www.sba.gov/disaster.
  • And if you need practical information on what to do long-term, FEMA just announced yesterday they will have mitigation specialists on hand in various locations available to answer questions and to offer home improvement tips, along with proven methods to prevent or reduce damage from future disasters and techniques on building hazard-resistant homes. The official press release with a list of locations and hours is available at: https://www.fema.gov/news-release/2017/10/07/4337/irma-mitigation-outreach-available-florida-home-improvement-stores
  • Hopefully you will be eligible for FEMA assistance and your claim will be paid. If not, you should receive written notification that your claim is not being accepted, why it is not being accepted, and how to appeal the decision.


~5 tips for Inventorying Water Damaged Sites~

Water damage in house after flooding with stains on the wall

5 tips for claims pros inventorying water-damaged sites

PCI360 |Oct 03, 2017 | By Joel Makhluf


Filing a flood claim begins with a thorough inventory of the contents and structural damage. A written inventory and photos are crucial to this aspect. (Photo: American Technologies, Inc.)

It is hard to put a dollar value on the water damage caused by severe weather events.

Hiscox estimated the cost of insured damage caused by Harvey and Irma at between $50 and $70 billion, and the National Centers for Environmental Information put the cost of severe floods in Missouri, Arkansas and California at $3 billion.

Of course, water damage is not limited to superstorms but are more consistently caused by broken water mains or pipes, expired water heaters, ice dams or roof failure.

Effective inventorying of water-damaged sites is a skill every claims professional should have in their arsenal. Here are five handy tips to help.


1. Safety first

Safety must always be your first priority when assessing water damage. Hazards include the risk of structural collapse, exposure to toxins (particularly sewage contamination and mold), an influx of rodents or other pests, and the risk of electrocution. Ask the policyholder to confirm the likely source of the water, and the height to which the water rose. This will help you to estimate the scale of the damage and the probability of contamination.

Ensure the safety of the policyholder and any third parties, and always use protective equipment. Your basic kit should include a facemask and eye protection. You may also need a full or half mask with respiratory filters, along with water resistant gloves and boots and a Tyvek suit. It pays to be prepared for any eventuality.



2. Save what you can

See if anything can be salvaged from the site. Non-porous items like glassware and ceramics can probably be saved. Hardwood furniture, some textiles, electrical equipment and appliances might be salvageable. Upholstered sofas, rugs or other soft items or furniture made of porous wood will probably have to be safely disposed of. That said, there are new industrial strength dry cleaning technologies today that can restore soft goods and hardware such as ceramics and consumer electronics.

Be guided by the value of the item, the cost of cleaning and restoration, and the risk to health. Even though a child’s plastic toy is not porous, the potential risk of contamination is not worth taking.


Survey the site

Next, make a thorough inventory of all contents room by room with the policyholder. This will furnish you with a wealth of information, but may be upsetting for the homeowner. Be patient, and take your time. In CAT situations where deployment of claims pros may be stalled or delayed, self-service websites like HarveyContents.com or IrmaContents.com can go a long way to help claimants with inventorying, photo/video and receipt uploading, and generating the appropriate documentation for claims submission.

Collect as much information on each item as you can. Confirm the purchase price, brand, materials, age and provenance. Pay particular attention to high-value items, heirlooms, antiques, original artworks and soft furnishings. Specialty items can be hard to value. You may need to recruit external appraisers with domain expertise. Check whether any items have already been disposed of and if there are any articles the policyholder is desperate to keep.

This is also a good time to manage the expectations of the policyholders. Let them ask questions, give them a clear picture of the timeframes involved with the claims process, and exchange contact details.


Document the damage

A site diagram is a great way of recording losses. Label the rooms using the names provided by the policyholder to make asking follow-up questions easier. Take photographs of everything from a variety of angles to catch useful information. For example, photograph a rug beside a tape measure to help you estimate the knot count. Highlight details that can help establish the value of an item later, like serial numbers and brand names. Remember that water-damaged items can be very fragile, so handle with care.


Collate, catalogue and classify

Organize items on your inventory into easy to manage categories. For high value items, you want as much detailed information as possible. For lower value goods, you can estimate a general figure for a class of item. For example, toiletries, cleaning products and food can be grouped together and a general estimate made. Designer clothes may merit individual valuation, but an estimated value may be sufficient for a closet of children’s clothes.

Documenting lost possessions in the aftermath of a catastrophe like Harvey or Irma may be the last thing people feel like doing. But this daunting task must be completed not only for claims purposes but for cases where the claimant wants to receive a tax write-off for uncovered losses. Effective inventorying of water-damaged contents will make the claims process faster and less painful for all parties, making your job as a claims pro a whole lot easier.


~Concealed Carry Insurance~

Concealed carry insurance coverage

Aug 30, 2017 | PCI360 | Christine G. Barlow, CPCU

Homeowners insurance may cover damages stemming from an incident where the owner is legally liable, but not criminally charged. (Photo: Shutterstock)

While most Americans have probably not read the Constitution or the Bill of Rights, most are familiar with certain sections, such as freedom of speech, freedom of the press, and the right to bear arms.

Americans love their guns and are proud to own and carry them. Estimates indicate that there are roughly 300 million guns owned by Americans. Many states have “shoot first” or “stand your ground” laws, allowing someone legally carrying a firearm to shoot first and ask questions later if they fear for their lives. What happens next though?

An individual legally carrying a weapon who shoots someone, even in self-defense, may very well be arrested and have to appear in court, and may even face criminal charges. The homeowners policy provides a defense if the insured is legally liable but will not defend criminal charges, nor do most carriers have special advisory teams to advise the insured on what to do once arrested.

Gun insurance available

Fortunately for those legally carrying guns, insurance for such actions is available. The United States Concealed Carry Association (USCCA) provides a policy for its members designed to provide immediate assistance after an incident. Limits range from $250,000 to $1,000,000 for civil suit defense, damages, and firearm theft coverage; $50,000 to $125,000 for attorney retainer and up-front criminal defense; $2,500 to $100,000 immediate bail bond funding; and $250 to $500 a day for compensation while in court.

The insured is to call the carrier immediately after calling the police. A crisis response team will advise the insured on what to say or not to say to the police, coordinate bail, retain an attorney for the insured, and provide support throughout the situation until the end.

The policy form advises the insured to call 911 after a shooting and state he was afraid for his life and had to defend himself, and to request police and an ambulance. Then the insured is to call the crisis team. Once the police arrive, the insured is advised to repeat that he was attacked, feared for his life and had to defend himself, point out evidence and witnesses, and state that he will cooperate fully but needs his attorney present.

Much of the policy uses common ISO policy language. Where it varies is the coverage for immediate retention of an attorney and bail bond funding, criminal defense, and coverage for civil suit defense and damages.

Coverage applies when the insured is liable for damages or injury that arise out of an “act of self-defense,” or “covered legal liability” arising out of a non-insured’s use of a stolen “safeguarded firearm,” firearm from a “secured location” or “secured auto,” or taken from the “personal possession” of the insured arising out of a robbery. An “act of self-defense” is just that, the act of defending one’s person or others by the actual or threatened use of a firearm or other weapon that is “legally possessed.” The policy is not looking to defend those with illegal weapons.

Liability from use of stolen firearm

“Covered legal liability” applies to liability arising out of a non-insured’s use of a stolen firearm. The firearm must have been secured before the theft, either with its operation disabled by a trigger lock or other mechanism, being locked in a vehicle out of sight from the outside of the auto, or from a locked residence or office. The theft of the firearm must be reported immediately upon discovery. Coverage will not apply if the police trace the gun to the insured only to have the insured say he noticed the gun missing two weeks ago but hadn’t gotten around to calling it in. Gun owners are supposed to be very responsible when it comes to their weapons.

Criminal acts are naturally excluded. Even if the insured legally owns a gun, using it to shoot a spouse’s lover will not be covered unless there was an altercation and the insured feared for his life. Simply using it to end the affair while the lover is asleep is not covered. Also, if the insured is under the influence of drugs or alcohol and uses the gun to inflict injury or property damage, there is no coverage. Again, the insured is expected to be responsible with his weapon, and if the insured is under the influence and starts shooting at tin cans on the back fence in the middle of suburbia, riddling the neighbor’s house with bullets, there is no coverage.

There are limits to what a homeowners policy will cover when there are claims involving the use of a gun. (Photo: Shutterstock)

NRA policy

The National Rifle Association (NRA) also has a policy available with limits from $100,000 to $1,000,000 for liability coverage and $50,000 to $100,000 for criminal defense. The main policy is geared toward coverage for truly accidental shootings when the insured is hunting or trapping on public or private land; shooting at competitions or for recreation at hunt clubs, gun clubs or supervised commercial or private ranges; or other shooting as long as it is an “accidental discharge” and not prohibited by any local, state or federal law.

“Accidental discharge” is defined as the firing of a firearm, air gun, or bow and arrow when the insured did not intend to fire. If the insured is cleaning his firearm and the weapon discharges, that is an “accidental discharge.” The policy does not cover self-defense, however, that coverage can be added by endorsement. An “act of self-defense” is defined as the use of a “legally possessed firearm” in compliance with local, state or federal laws in defending oneself, others or one’s property.

Also included is the rendering of emergency assistance, but only when such assistance is given at the request of a uniformed law enforcement officer. A “legally possessed firearm” is one owned by the insured in compliance with any local, state or federal law where the injury or damage occurs. Coverage is excess over any other coverage.

Defense of lawsuits

The policy agrees to pay defense of suits against the insured, premiums on bonds up to the limits of liability, and reimburse the insured for reasonable expenses other than loss of earnings. Expenses are not considered part of “damages” as defined. The obligation to defend suits ends when the insured is convicted of a criminal charge for the use of the firearm. If criminal charges are dismissed, the carrier will reimburse the insured for reasonable costs and expenses of his defense up to the defense reimbursement limit shown on the declarations.

The homeowners policy provides coverage for injury or damage caused by an “occurrence” the insured is legally liable for. An “occurrence” is an accident that results in bodily injury or property damage. Intentional acts are excluded, but there is an exception for using reasonable force to protect persons or property. Reasonable force is not defined, so that is open to interpretation.

An insured with a concealed carry permit is best protected by obtaining an insurance policy designed for such exposures. While the homeowners policy affords some protection, it is not geared towards that type of liability coverage nor the type of defense that may be needed.


~Hurricane Claim? We Are Here To Help~

Gulf Coast Underwriters is here for you, even if we are not your current agent. We have in our office a list of every Florida property carrier along with their phone number and website address. In some cases we even have the email address for reporting claims. In most cases for personal lines policies (such as home or auto) the carriers prefer the direct report by insured method while in most cases for commercial (business personal property or building) the loses are reported to the agency and we forward to the carrier.

Here are few common carriers for personal lines that may be helpful for you:

AMICA Insurance 800-242-6422

Avatar Insurance 877-233-3237 option 1

Bankers 800-765-9700 or by email at fnol@bankersinsurance.com

Citizens Property 866-411-2742

Edison 888-683-7971

Federated National 800-293-2532

Foremost 800-274-7865 (personal) and 800-435-7764 (commercial)

GEICO 800-841-3000

Heritage Property 855-415-7120 option 1

Olympus 866-281-2242 or by email at olypmusclaims@oigfl.com

Progressive 800-776-4737

Southern Fidelity 866-674-7342

Southern Oak 877-900-2280

If you have coverage through a carrier not listed and need their phone number please do not hesitate to contact our office.








~Office Closing in advance of Hurricane Irma~

With the approaching storm, Gulf Coast Underwriters will be closing both our Tampa and Merritt Island offices at noon today. Based on the current forecast track and models we will also be closed on Monday. This storm has been and proves to be very unpredictable. The photo above is the Euro model for land impact and is not indicative of where landfall will be. It’s just a projection point right now. No matter where Hurricane Irma makes landfall, every part of the state will be impacted. We want to keep our employees and their families safe and out of harms way. We will re-open on Tuesday to handle claims if conditions permit us to be at the office.

We encourage you to take inventory of your assets, taking photos and videos of your personal and commercial property with comments and details about the items including their cost. Make sure you back up your photos to the Cloud in case we lose power with the storm. This will help with claim reporting and documentation of your losses. Stay safe out there.



Time to Prepare If You Haven’t Already – Hurricane Season

While Hurricane Irma is still over 1,000 miles away it is not time to panic but it is time to prepare. Sharing this information from the NOAA website.

Two keys to weather safety are to prepare for the risks and to act on those preparations when alerted by emergency officials. These are essential pieces to the Weather-Ready Nation.

Refer to the Federal Emergency Management Agency’s (FEMA) Ready.gov/hurricanes for comprehensive information on hurricane preparedness at home and in your community.

Some highlights on how to prepare and take action are available below:

Gather Information

Know if you live in an evacuation area. Assess your risks and know your home’s vulnerability to storm surge, flooding and wind. Understand National Weather Service forecast products and especially the meaning of NWS watches and warnings.

Contact your local National Weather Service office and local government/emergency management office. Find out what type of emergencies could occur and how you should respond.


Keep a list of contact information for reference.

Image of Preparedness Checklist

  • Emergency Management Offices
  • County Law Enforcement
  • County Public Safety Fire/Rescue
  • State, County and City/Town Government
  • Local Hospitals
  • Local Utilities
  • Local American Red Cross
  • Local TV Stations
  • Local Radio Stations
  • Your Property Insurance Agent

Risk Analysis

Online hazard and vulnerability assessment tools are available to gather information about your risks.

Image of an Example Disaster Supply Kit

Plan & Take Action

Everyone needs to be prepared for the unexpected. Your friends and family may not be together when disaster strikes. How will you find each other? Will you know if your children or parents are safe? You may have to evacuate or be confined to your home. What will you do if water, gas, electricity or phone services are shut off?

Supplies Kit

Put together a basic disaster supplies kit and consider storage locations for different situations. Help community members do the same.

Emergency Plans

Develop and document plans for your specific risks.


Quickly Ensure your Home & Property is Secure from Damage


Health & Environment

Follow guidelines to guard your community’s health and protect the environment during and after the storm.


Image of Interstate Traffic in an Evacuation

  • Review the FEMA Evacuation Guidelines to allow for enough time to pack and inform friends and family if you need to leave your home. FOLLOW instructions issued by local officials. Leave immediately if ordered!
  • Consider your protection options to decide whether to stay or evacuate your home if you are not ordered to evacuate.
  • <!–

  • Determine multiple safe evacuation routes inland.
  • Keep copies of important papers such as identification and insurance policies with you.
  • –>

When waiting out a storm be careful, the danger may not be over yet…

Be alert for:

  • Tornadoes – they are often spawned by hurricanes.
  • The calm “eye” of the storm – it may seem like the storm is over, but after the eye passes, the winds will change direction and quickly return to hurricane force.


  • Wait until an area is declared safe before returning home.
  • Remember that recovering from a disaster is usually a gradual process.


<!–NWS StormReady Logo



~Nationwide Reaches $5.5 Million Dollar Breach Settlement~

Nationwide reaches $5.5M data breach settlement with 33 AGs

States claimed Nationwide and a subsidiary failed to apply a critical security patch to its network that could have protected it from the cyberattack!

PCI360 Aug 11, 2017 | By B. Colby Hamilton

Nationwide agreed to hire a technology officer responsible for monitoring application and software security as part of the settlement.

Nationwide Mutual Insurance Co. agreed to a $5.5 million settlement over a 2012 data breach that led to the theft of more than 1 million customers’ personal information, attorneys general for 33 states announced Wednesday.

The settlement came after the states claimed Nationwide and a subsidiary failed to apply a critical security patch to its network that could have protected it from the cyberattack. Attorneys general from Connecticut, Florida, New York, Pennsylvania, Texas and Washington, D.C., were among those involved with the settlement.

Data from consumers seeking quotes

Hackers were able to gain access to Social Security numbers, driver’s license numbers, credit scoring information and other personal data the company collected on consumers seeking quotes, according to New York Attorney General Eric Schneiderman’s office. Many of the victims were not ultimately insured by Nationwide.

Could Nationwide’s Security Breach Happen to Any Insurer?

The security breach of Nationwide Insurance last week is the last thing anyone in the business world wants to announce….

As part of the settlement, the insurance company agreed to be more transparent about its data collection policy for those that don’t become customers, Schneiderman’s office said.

“This settlement should serve as a reminder that companies have a responsibility to protect consumers’ personal information regardless of whether or not those consumers become customers. We will hold companies to account if they don’t,” Schneiderman said in a statement, noting that nearly 3,000 New Yorkers were among the victims.

Agreed to improve internal security practices

As part of the agreement, Nationwide will improve its internal security practices, according to the AGs. The company also agreed to more regularly apply security updates, and to hire a technology officer responsible for monitoring application and software security.

Connecticut Attorney General George Jepsen noted state law “requires that anyone in possession of another person’s personal information safeguard that data.” Nearly 1,000 Connecticut residents were affected by the breach.

In the wake of the breach, Nationwide provided free credit monitoring and identity theft protection to those impacted, in addition to fraud expense coverage up to $1 million and access to credit reports, the AGs noted.

“Consumers in the district and across the nation entrust their personal information to retailers every day,” D.C. Attorney General Karl Racine said in a statement. “Data breaches open the door to identity theft, which can have real and devastating consequences for hard-working people, and we hope today’s settlement reminds retailers that they have a responsibility to do everything they can to protect consumers’ private information.”

‘Protecting consumer data is something that we take seriously’

In a statement, Nationwide spokesman Eric Hardgrove said the company was “pleased” with the settlement over the data breach caused by “a sophisticated, criminal attack” that the company “took immediate steps to successfully contain.” The settlement itself “does not include any allegations that we violated data security laws” as the insurance company does not believe any such laws were violated.

“The decision to enter into a settlement agreement reflects our desire to continue our strong cybersecurity program and to concentrate on our core business operations,” Hardgrove said. “Protecting consumer data is something that we take seriously. We believe a private/public partnership would be the best approach to combat cyberattacks on U.S. companies, and we are pleased Nationwide is at the forefront of this approach.”


Lloyd’s Puts Potential Cyber Attack Loss in Range of Hurricane Sandy

LONDON – A major cyberattack could cause as much as $53 billion in economic losses around the world, putting it in the same category as Hurricane Sandy, which hit the East Coast of the United States in 2012, Lloyd’s has warned in a report.

The report, “Counting the cost: Cyber exposure decoded,” was prepared by Lloyd’s and cyberrisk modeling firm Cyence. The document sketched two possible incidents: a $53 billion malicious hack of a cloud service provider; and a range of attacks, costing $28.7 billion, on computer systems around the world. Lloyd’s and Cyence pointed to the estimated economic losses of between $50 billion and $70 billion from Sandy.

The Lloyd’s-Cyence report said there is a cyberrisk insurance gap in the range of tens of billions of dollars, with the majority of potential losses not covered.

“This report gives a real sense of the scale of damage a cyberattack could cause the global economy,” Inga Beale, chief executive officer of Lloyd’s, said in a statement. “Just like some of the worst natural catastrophes, cyber events can cause a severe impact on businesses and economies, trigger multiple claims and dramatically increase insurers’ claims costs. Underwriters need to consider cyber cover in this way and ensure that premium calculations keep pace with the cyber threat reality.”

Lloyd’s has detailed the possible incidents, Beale said, in order to encourage insurers to consider both their cyber exposures and their limits in a “fast-growing, innovative insurance class.”

The economic loss from an attack on a cloud system, the report said, could range upwards from $4.6 billion. “Meanwhile, average insured losses range from US$620 million for a large loss to US$8.1 billion for an extreme loss,” the report said.

A broad-based software incident, the report said, could produce economic losses from $9.7 billion, with the average insured losses ranging from $762 million to $2.1 billion.

The report put the uninsured gap surrounding a cloud-based incident at as high as $45 billion. This, Lloyd’s said, would mean just 17% of the economic losses would be insured.

“Cyber, as we all know, is the one of the most challenging risks that insurers and businesses are facing in today’s world,” Jon Hancock, director of performance management at Lloyd’s, told a seminar at Lloyd’s on the launch of the report. “It is fast-evolving as changes in technology drive both attack and defense strategies. It’s also just naturally by its newness one of the least-understood risks.”

Hancock said Lloyd’s is committed to increasing its market share in cyber, which he likened to Lloyd’s three centuries of experience in natural catastrophes. He said cyber premiums are predicted to double in the next three years.

Hancock, who emphasized Lloyd’s determination to increase its understanding of cyberrisk and exposures, listed previous studies Lloyd’s has released in this area. “Ultimately we do want to help businesses build greater resilience into their models,” he said.

Lloyd’s reports, Hancock said, have considered such issues as the possible effects of an attack on the U.S. power grid; and how organizations can help mitigate the impact of cyberattacks.

“We’re publishing a lot of material on this, and we will continue to do so,” Hancock said.

Sean Kanuck, director of future conflict and cybersecurity for Cyence, said the report was “an important stepping stone in maturing the conversation about how to think about the costs and develop this marketplace with a full appreciation of strategic trends.”

Kanuck, who cited his background in cyber analysis for the U.S. intelligence community, said he tends to think of global information risk rather than security. Networks, he suggested, will be compromised, particularly as the means of breaching data defenses are converging.

In the intelligence and national security world, Kanuck said, “you don’t think about building things. You think about breaking them.”

Kanuck said a rapidly increasing rate of technological change will create concerns as well as opportunities for those organizations that can provide products to help manage and transfer that risk.

~4 Trends Shaping Cyber Security This Year~

While cyber threats continue to evolve, many organizations are falling behind due to a lack of resources and skilled employees. As cyber attacks continue to increase in frequency, a company’s cybersecurity action plan must be able to rein in and mitigate threats as they develop.  ISACA’s third annual cybersecurity study finds that this issue is increasingly a business priority. The challenge? Resources and available skills are not keeping pace with a threat landscape that is rapidly escalating in complexity and volume. The ISACA survey targets managers and practitioners who have cybersecurity job responsibilities. Respondents primarily came from North America (42%) and Europe (31%), and were employed in an enterprise with at least 1,500 employees (49%). Its “State of Cyber Security 2017 report compares the results of this year’s survey with previous results to determine recognizable trends that impact how cybersecurity is practiced, particularly where such trends point to an overall shift in the profession.


With this in mind, here are four trends shaping cybersecurity in 2017:


As cybersecurity budgets fall short, businesses are increasingly relying on third-party vendors. (Photo: Shutterstock)


No. 4: Growing areas of concern.

Organizations with a chief information security officer (CISO) in 2017 increased to 65% compared to 50% in 2016. Staffing challenges and budgetary distribution, however, reveal where organizations face exposure. Finding qualified personnel to fill cybersecurity positions is as ongoing challenge. For example, one-third of study respondents note that their enterprises receive more than 10 applicants for an open position. More than half of those applicants, however, are unqualified. Even skilled applicants require time and training before their job performance is up to par with others who are already working on the company’s cybersecurity operation. Half of the study respondents reported security budgets will increase in 2017, which is down from 65% of respondents who reported an increase in 2016. This, along with staffing challenges, has many enterprises reliant on both automation and external resources to offset missing skills on the cybersecurity team. Another challenge: Relying on third-party vendors means there must be funds available to offset any personnel shortage. If the skills gap continues unabated and the funding for automation and external third-party support is reduced, businesses will struggle to fill their cybersecurity needs



As cyberattacks increase in volume and sophistication, businesses are increasingly exposed, particularly as their budgets to fight such breaches are declining. (Photo: Shutterstock) 


No. 3: More complicated cyber threats. 

Faced with declining budgets, businesses will have less funding available on a per-attack basis. Meanwhile, the number of attacks is growing, and they are becoming more sophisticated.

More than half (53%) of respondents noted an increase in the overall number of attacks compared previous years. Only half (roughly 50%) said their companies executed a cybersecurity incident response plan in 2016.


Here are some additional findings regarding the recent uptick in cyber breaches:

  • 10% of respondents reported experiencing a hijacking of corporate assets for botnet use;
  • 18% reported experiencing an advanced persistent threat (APT) attack; and
  • 14% reported stolen credentials.
  • Last year’s results for the three types of attacks were:
  • 15% for botnet use;
  • 25% for APT attacks; and
  • 15% involving stolen credentials.  Businesses are now more sophisticated in the mobile arena. The proof: Cyber breaches resulting from mobile devices are down. Only 13% of respondents cite lost mobile devices as an exploitation vector in 2016, compared to 34% in 2015. Encryption factors into the decrease; only 9% indicated that lost or stolen mobile devices were unencrypted. IoT is an increasingly important element in governance, risk and cybersecurity activities. This is a challenging area for many, because traditional security efforts may not already cover the functions and devices feeding this digital trend.   The number of code attacks, including ransomware attacks, remains high: 62% of respondents reported their enterprises experienced a ransomware attack specifically.
  • Businesses can conduct “tabletop” exercises that stage a ransomware event or discuss in advance decisions about payment vs. non-payment. Payment may seem like the easiest solution, but law enforcement agencies warn it can have an encouraging effect on those criminals as some cases lead to repeated attacks of the same business. Many cybersecurity specialists argue that the best way to fight a ransomware attack is to avoid one in the first place. Advance planning that might include the implementation of a governing corporate policy or other operating parameters, can help to ensure that the best cybersecurity decisions are made when the time comes to battle a breach.
  • What does that look like?
  • Half of the respondents believe financial gain is the biggest motivator for criminals, followed by disruption of service (45%) and theft of personally identifiable information (37%). Despite this trend, only 53% of respondents’ companies have a formal process in place to deal with ransomware attacks.
  • No. 1: Ransomware is the new normal.
  • Ransomware continues to be favorite means of attack for criminals. Respondents believe this is likely because of the possibility for financial gain. (Photo: Shutterstock) 
  • IoT continues to rise as an area of concern. Three out of five (59%) of the 2016 respondents cite some level of concern relative to IoT, while an additional 30% are either “extremely concerned” or “very concerned” about this exposure.
  • No. 2: Mobile takes a backseat to IoT.
  • Managing the Internet of Things (IoT) has risen as an area of business concern.
  • Phishing (40%), malware (37%) and social engineering (29%) continue to top the charts in terms of the specific types of attacks, although their overall frequency of occurrence decreased: Although attacks are up overall, the number of attacks in these three categories is down.

The Southeast’s Storm Surge Risk and Florida’s Hurricane Wake-Up Call



Amy O’Connor | July 11, 2017

The Southeast has seen its fair share of natural disasters and flooding in the last several years, including two hurricanes in Florida last year – the first hurricanes to hit the state in more than a decade. But none of these events have come close to reaching the potential impact a serious storm surge event could have on the region.

According to CoreLogic’s 2017 Storm Surge Report, which examines risk from hurricane-driven storm surge for homes along the Atlantic and Gulf coastlines across 19 states and the District of Columbia, as well as 86 metro areas, the total reconstruction cost value (RCV) in the event of a hurricane storm surge inundation in these regions would be more $1.5 trillion.

The total number of homes that could be affected along the Gulf and Atlantic coasts, defined by CoreLogic as the 3,700 miles of coastline extending from Maine to Texas, is nearly 6.9 million. In the Gulf Coast region – running from Texas through the tip of South Florida – almost 3 million homes are at risk with a total RCV of $593 billion. The Atlantic Coast accounts for 3.9 million homes and a RCV of more than $970 billion.

To estimate the value of property exposure of single-family residences, CoreLogic uses its reconstruction cost valuation (RCV) methodology which estimates the cost to rebuild the home in the event of a total loss. The reconstruction cost estimates more accurately reflect the actual cost of damage or destruction of residential buildings that would occur from hurricane-driven storm surge since they include the cost of materials, equipment and labor needed to rebuild and also factor in geographical pricing differences. Actual land values are not included in the estimates. The values in this report are based on 100 percent, or total, destruction of the residential structure.

The Southeast coastal states CoreLogic examined in its report of Alabama, Florida, Georgia, Mississippi, South Carolina and North Carolina, account for at least 3.6 million of the 6.9 million homes at risk along the Gulf and Atlantic Coast.

Unsurprisingly, the majority of those homes – about 2.7 million – are in Florida, which carries a whopping $536 billion reconstruction cost value, the highest of any of the 19 states.

The Southeast also accounts for nine of CoreLogic’s top 15 metropolitan areas at greatest risk of storm surge, with six of those being Florida cities.

It’s common knowledge that Florida is at risk of hurricanes, but the state has gone many years without experiencing significant damage from a major storm. Dr. Tom Jeffery, senior hazard scientist at CoreLogic, said that can often lead to “hurricane amnesia,” among citizens and municipalities and that can impact whether they are adequately prepared for when a big storm event does occur.

“This report is about making people aware of the fact that we are in hurricane season. We don’t know when or where they will happen, but they have the opportunity to affect the coastal U.S. and we want to put it on people’s radar,” Jeffery said. “A lot of these areas don’t realize what the risk is once you are outside the 100-year flood plain.”

He added that many people in these communities don’t realize what their storm surge risk is, outside of the 100-year flood plain.

“Large hurricanes especially can really push surge water quite a bit inland, but after big events people say they didn’t realize their property was at risk,” Jeffery said. “Hopefully, this information can give them the incentive to go to their insurer and find out if they are in a high-risk area and adequately prepare.”

CoreLogic included a probabilistic storm surge analysis focused on Florida in this year’s report, with specific emphasis on storm surge from Hurricane Matthew, which changed course before making landfall last year, sparing the state from the worst possible scenario. The goal of probabilistic modeling of hurricane perils, CoreLogic’s report said, is to provide risk managers with greater insight as to what could happen in order for them to better plan and manage their businesses.

“Probabilistic loss provides an evaluation of the specific amount of damage that could be expected from a single storm event or a set of simulated events, called probabilistic events, which are informed by historical storm records that are similar in size and scope,” the report states.

This analysis focused on the historical storms in Florida that have caused storm surge damage beginning in 1900, and how Hurricane Matthew compares. Of the 97 catastrophic hurricanes in Florida since 1900, Hurricane Matthew ranked No. 19 among historical storm surge events. CoreLogic said the storm surge damage from Matthew made up less than 10 percent of the total financial loss, with the rest being a result of wind damage.

Number one on the list was the “13th hurricane of 1944″ (before hurricanes were given actual names), which caused $15 billion worth of damage on 471,000 homes in today’s terms. Hurricane Andrew, which hit in 1992, was ranked No. 4, and Wilma, which hit in 2005, was ranked No. 15.

Though Florida’s first hurricanes in 11 years were not as devastating as they could have been, the two storms that did occur – Hurricane Hermine, which hit in September of 2016, and Hurricane Matthew – caused more than $3.2 billion combined in damage to Florida.

Jeffery said the state got lucky last year. He added that awareness is key to minimizing loss in the future, and the modeling company has seen an increased interest in information and proactive mitigation discussions this year.

“Florida went a long stretch without an impactful landfall hurricane and last year was an eye opener, an awakening to get people to think about it since we don’t know when that next one is going to come ashore,” he said.