Tag Archive for: small business

employee claim being discussed between two women

how EPLI can protect your business

For many business owners, the prospect of a lawsuit by a disgruntled former employee looms like a shadow in the background. If there’s one thing you can use to prevent that, it’s this:

Employment Practices Liability Insurance (EPLI).

Well, of course, there are others but if you’re only going to do one thing– get EPLI coverage. Let’s chat about how EPLI can protect your business in the event of an employee lawsuit.

infographic for "how EPLI can protect your business"

what is EPLI?

Employment Practices Liability Insurance, or EPLI, is insurance that “provides coverage to employers against claims made by employees.”

Policies typically extend coverage to the following:

  • Wrongful Termination
  • Sexual Harassment
  • Wage-Related Claims
  • Claims of Unequal or Unfair Pay
  • Discrimination Claims (i.e. age, race, gender, sexual orientation)
  • Third-Party Claims

Read on for three tips to avoid employment practice issues.

who needs EPLI?

Although some industries are more prone to these types of claims than others, the most common industries to have EPLI claims filed against them include:

  • Construction
  • Healthcare
  • Professional services
  • Restaurant and food services
  • Retail, and
  • Manufacturing

how can EPLI protect your business?

EPLI helps protect your business from financial devastation.

Employee claims—whether the employee is currently or had been previously employed—can be very expensive; and even detrimental to small businesses.

EPLI helps cover the financial costs associated with legal action. Attorney fees and settlement costs are reimbursed by the policy, which means your business does not have the unexpected financial burden of paying off employee claim-related legal fees.

turn to benchmark commercial insurance

Don’t know whether you have EPLI coverage or the quality of it? Our team at benchmark commercial insurance can help.   

We’ll review your coverage and give you recommendations free of charge. No hard sell, just insights. 

For those who want to learn more, including if their business needs EPLI coverage, read our article “employment practices liability insurance — do you need it?

man holding phone at computer with blue screen that says cyber security

the evolution of the cyber insurance market

Considering today’s digital world, cyber-attacks have become increasingly common over the past decade—and with more significant financial impact. Breaches including phishing emails, viruses, ransomware, or other malicious attempts can cost companies billions of dollars.

As a result, more businesses and organizations—both small and large—are investing in cyber insurance to avoid catastrophic losses and expenses—and we don’t blame them. However, the cyber insurance market itself has changed a bit as well. Let’s discuss the evolution of the cyber insurance market and where it is right now.

what is cyber insurance?

Cyber insurance is a policy that protects your “business’ liability for a data breach involving sensitive customer information.” This sensitive information might include:

  • Credit card numbers
  • Account numbers
  • Health records
  • Social security numbers
  • Driver’s license numbers
  • And more

Typically, cyber liability insurance covers network security and data privacy incidents, including first-party costs and third-party claims. Remember, no business—no matter how big or small—is safe from the threats of a cyber attack today.

Not quite on board yet? Check out the shocking cyber attack statistics from AAG below.

cyber attack statistics

Did you know…

  • There is a hacker attack every 39 seconds
  • 64% of companies have experienced web-based attacks; 62% experienced phishing and social engineering attacks; 59% of companies experienced malicious code and botnets
  • Since 2013, there are 3,809,448 records stolen from breaches every day
  • 43% of cyber-attacks target small business
  • Over 75% of the healthcare industry has been infected with malware over the last year

where is the cyber insurance market today?

Today, despite the increased need for cyber protection, organizations are faced with a difficult cyber insurance market. The market is characterized by:

  • Rapidly increasing losses
  • Non-renewal cases
  • Increased premiums
  • Coverage restrictions
  • And longer underwriting periods due to increased requirements

Infographic of the evolution of the cyber insurance market

how benchmark can help

The United States cyber insurance market, according to the National Association of Insurance Commissioners, expanded to $4.1 billion in direct premium in 2020, an increase of over 29% from 2019.

Our team at benchmark commercial insurance is understanding of today’s cyber insurance market—and is here as your partner to navigate insurance compliance around everyday business transactions, ensuring you have the right coverage for your risk tolerance.

Reach out to benchmark today to learn more about our dedication to providing global capabilities with our boutique experience.

animated email with red notification bubble

how to educate your team to avoid email scams

In 2019, the losses for business email scams sat at $1.7 billion, according to the Internet Crime Complaint Center (IC3).

With cybersecurity risk at an all-time high, there is no room for a financial blow caused by the simple click of a malicious link in an email.

So, how can you avoid falling victim to cyber-attacks? The first step is educating your team on how to avoid email phishing and what red flags to look out for. Below are some tips to include when training your employees about phishing; but first, what is phishing?

infographic of how to educate your team to avoid email scams

what is phishing?

Email phishing is a cyber-attack where a hacker targets email to gain sensitive data or personal information. This is often performed by the hacker masking themselves as a trusted source or business.

Typically, the hacker starts the scam with research on the internet. Although there is not much that can be done to avoid someone researching you, there are ways to avoid getting directly scammed—and therefore, to avoid huge financial loss as a result.

Let’s discuss.

signs of a BEC scam

The FBI lists the primary ways a business email compromise (BEC) can occur in a company. These identifiers should be well-known to employees so that these signs serve as automatic recognition of a BEC scam.

The list of elements to be wary of includes:

  • Spoof websites and email addresses
  • Spear phishing emails (i.e. when an email is posed from a trusted sender)
  • Use of malicious software that can gather information
  • False invoice
  • Data theft
  • Account compromise
  • Attorney impersonation
  • And more

red flags in an email

Now that we’ve discussed what phishing is and the signs of a BEC scam occurring in your company, let’s dive into what red flags suspicious emails might contain.

There are many red flags to educate your team on. Some of the common features of phishing emails include:

  • “Too good to be true” offers: These are exactly what they sound like. One example is the common scheme of “you’ve won a FREE iPhone!” 
  • Sense of urgency: This scam is when a deal or offer is going to expire soon; often seen in the subject line of an email claiming to be “URGENT.”
  • Hyperlinks: Links are often used in phishing attacks. The hyperlinks typically look like a real website but may have one letter off, leading to a fake website, for example.
  • Attachments: Attachments are also something to look out for. A great recommendation is to not click on any attachments or unexpected emails.
  • An unusual sender: This might seem obvious, but it’s important to update your team on who might be emailing them to avoid clicking on emails that aren’t internally sent or from clients.

additional training requirements

Aside from informing your team about the common email phishing emails listed above, you must set clear policies and expectations regarding email scams.

The policies that can be set in place should eliminate your company’s risk of a security breach of information. For example, the policy on sharing passwords and credit card information should be unassailable to hackers.

If your company is already performing larger cybersecurity training due to the rise of scams, adding additional security training on BEC scams should be easier to include.

be careful what you post on social media

Lastly, we have to mention social media.

Social media is typically part of all businesses’ marketing strategies. If an employee is providing too much information about the office on social media, a hacker might be able to pick up on schedules and patterns of the company.

For example, if an employee is frequently posting about the company having a retreat or week off, this could make a hacker’s jobs way easier—so be mindful.

a final word

The steps you take internally in your company to protect your data can dramatically reduce your insurance coverage costs when it comes to cyber liability insurance.

Is your business properly insured against cyber attacks? And do you know how much this insurance should be costing you? Read on to learn the main factors that will affect the cost to insure your business.

the insurance you purchase for your business depends on your business type

how do I insure my business?

Have you recently started a business and don’t know where to start when it comes to insurance? As a business owner, you might understand the benefits of an insurance policy as it pertains to paying for damagesso you aren’t paying them out of pocketbut what policies does your unique business need?

After all, commercial insurance isn’t one size fits all. The insurance needs of a marketing agency, for example, will likely vary from those of a law office.

Watch Robert Cohen, Principal at benchmark commercial insurance, explain how to insure your business in the video below.


what types of insurance does my business need?

Some insurance types are required on a federal level while other are required by the state. Some insurance types, however, are required by contractual agreements or motivated by “best practices” corporate governance.

So, what types of insurance does your business need? This depends on a variety of factors, including:

  • How many employees your business has 
  • Your sales revenue
  • Your annual revenue 
  • The industry you’re in
  • Your level of expertise
  • Where your business is located
  • How much risk you’re willing to tolerate

insurance for different business types

Let’s discuss four different business insurance types: home-based business insurance, small business insurance, medium-sized business insurance, and insurance for large businesses.

home-based business insurance 

Home-based businesses account for half of the businesses in the United States. Insuring this type of business model with homeowners insurance alone won’t cut it when it comes to business property loss or liability. 

small business insurance 

The Small Business Administration (SBA) defines small businesses as businesses that are owned and operated independently, and are for-profit. Often, these businesses have fewer than 500 employees.

A common small business policy is a Business Owners Policy for businesses with fewer than 100 employees and revenues of up to about $5 million or less. 

While you can purchase customized insurance to cover your specific type of business, insurers offer standardized small business policies that enable you to protect your company against the most common risks at an affordable rate.

medium business insurance 

Medium businesses usually range between 50 to 1,000 employees and have annual revenues between $10 million and $1 billion. Typically, there are specialized insurance policies designed for medium-sized businesses.

Here, policies become more flexible based on the needs of the company. For instance, if your business owns expensive equipment or has multiple locations, you can seek out customized policy options to address these elements.

large business insurance

A large business is considered such if they have over 500 employees. There aren’t linear revenue requirements for a business to be considered “large.”

Since these businesses employ hundreds of people and more than likely have multi-million-dollar revenue risks, their commercial insurance policies must be tailored to the business’s unique needs.

types of insurance to insure my business

Understanding your insurance needs for your unique business is essential to your success.

At benchmark commercial insurance, we often find business owners who are either under-insured or even over-insured at times. Your policy supports your business operations and gives you peace of mind that if something occurs, you are covered financially.

So, what type of insurance do you need for your business? There are many insurance policies to choose from to support your unique business. A few to consider include:

how to properly insure my business

The number one thing to consider as you invest in insurance for your business is: Do any of my current policy forms have coverage restrictions or exclusions that limit my coverage for the business I am in?

When insuring your business, at the highest level, transfer the risk of financial loss to the insurance company from your balance sheet in as many ways possible.

Doing so, however, comes with a cost. Sometimes that cost is too much to bear.

A key component of insuring your business is your relationship with your risk management/insurance services service provider. How will they help you structure your policies to be the most effective in coverage and cost? It takes time.

Your insurance professional should be sitting with you periodically to make sure that both parties are up to speed on all of the moving parts of your business operation.

Moreover, your insurance professional should make sure they’re offering you every commercially available tool to transfer the risk from your balance sheet to the insurance company (again, in as many ways possible). Once organized, it’s up to you to determine what may or may not fit into your budget or what policies best protect your business.

If you’re not having these conversations with your insurance services provider, reach out to our team at benchmark insurance. Here, we thrive on creating a boutique insurance experience for our clients.

Now that you understand how to insure your business, read our article on how much you should pay to insure your business.

all businesses need to mitigate risk with cyber insurance

I don’t have an online business, do I need cyber insurance?

The insurance policies a business chooses is based on their specific business model. What works for one business may not work for another. One policy, however, lives as a baseline policy all businesses should have- cyber insurance


This rings true, especially in light of today’s tech-reliant world. Even businesses that do not operate online are not free from the dangers of a cyber attack. 


Furthermore, recent events regarding the ongoing Russian-Ukrainian War have the potential to impact all businesses and their cyber security in the United States. Cyber security risks are escalating, so let’s discuss more why even non-online businesses should invest in cyber insurance.

do all businesses need cyber insurance? 

Yes. All businesses need cyber insurance regardless of business type—especially in today’s digital environment. 


Even if your business is not an online business, cyber insurance helps mitigate risk. Cyber-attacks occur regularly (every 11 seconds in 2021), and can target individuals and businesses alike. No one is safe from the threat of a cyber attack – no matter the business model. 


Typically, attackers use the following tactics in a cyberattack:

  • Phishing 
  • Compromised/stolen devices
  • Credential theft 


General and professional liabilities may include basic cyber liability coverage, however, businesses that store personally identifiable information or any sensitive information for employees and customers should seek out further coverage. 


Data your business has (i.e. phone numbers, credit card numbers, social security numbers, and more) puts any business at risk for an attack.  


A report by Nerdwallet, “​​Among small businesses with fewer than 250 employees, the average reported cyberattack cost was about $25,600.”


Consider the following cyber attack statistics below before dismissing a cyber security policy for your business. 


  • Cybercriminals can penetrate 93% of company networks
  • In 2021, businesses suffered 50% more cyberattack attempts per week
  • Corporate cyber attacks increased by 50%
  • Small to medium-sized businesses are most commonly targetted   
  • 43% of cyber-attacks are targeted against small businesses 
  • 83% of small businesses are not financially prepared for a cyber attack


The threat of a data breach is here to stay. We here at benchmark have first-hand experience with what cyber attacks look like, and what to do to keep your business safe. Read on to learn how we mitigated a cyber attack against our vendor’s business. 


benchmark case story

A few years ago, our data vendor’s cloud server was hacked.  All of the vendor’s “mission-critical” information stored in the Cloud was breached (i.e. email servers, client databases, and more)- that included our sensitive information and the information of their other clients. 


The hacker asked for a ransom to not share all of the data and to return the data back to our vendor. 


Luckily, because the vendor had benchmark’s cyber insurance coverage, our office and all of the vendor’s clients came out unscathed. The cyber insurance covered the entire ransom the hacker was asking for– which meant our vendor was able to keep their data safe and unharmed. 


Our cyber insurance policy coverage protected our vendor, our business, and their clients from leaking private information. It also kept the vendor in business so they wouldn’t go bankrupt from paying the hacker’s ransom out of pocket. 


Read our next blog post for a complete guide to cyber insurance and why you need it. 


all businesses need cyber insurance

cyber liability insurance protects your business in case of a cyber attack

your guide to cyber insurance: why do you need it?

The cyber insurance industry is a rapidly growing market that can be difficult to navigate for those seeking or renewing insurance. With underwriting and renewal processes taking longer to complete, read on our full guide on why you need cyber insurance.

why should you invest in cyber insurance?

Cyber insurance covers expenses from data breaches, viruses, or other cyber-attacks and fraud. It can also cover legal claims that come from a security breach. As companies utilize cloud software, personal computers and laptops, and other technology-based means to store their sensitive data, their risk for a security breach grows exponentially.

The Identity Theft Resource Center claims that in 2018, businesses experienced 571 breaches in security, which exposed 415 million employee and customer records.

In 2021, a cyber-attack incident occurred every 11 seconds.

If your company experiences a breach, federal law requires you to perform an extensive list of tasks. If you have cyber insurance coverage, however, your carrier will take on that responsibility.

Investing in cyber insurance helps protect your business from financial losses that can come with a cyber attack, and help keep reputation damage at bay.

is your business vulnerable to cyber-attacks?

As many businesses moved to a work-from-home model, cyber-attacks have increased. With most company communication through e-mail, Slack, and other online platforms, the risk of a breach increases. This could cause a company to experience massive monetary losses as well as reputation damage.

who needs cyber liability insurance?

While some general liability and professional liability policies include some basic cyber liability coverage, some additional coverage may be needed. Businesses that store personally identifiable information (PII) for both employees and customers should have additional coverage.

Cyber breaches can occur in a multitude of ways. They can be executed through phishing emails, viruses, ransomware, or other malicious attempts to corrupt your data. The best way to begin protecting your data is to establish internal safeguards with cyber security. This includes using strong passwords and monitoring electronic device access and access to software tools.

This form of coverage is growing in demand as we shift towards a cyber-reliant world. The National Associate of Insurance Commissioners found that the U.S. cyber insurance market “expanded to $4.1 billion in direct premium in 2020, representing an increase of over 29% from 2019.”

what does cyber liability insurance cover?

There are a few types of coverage within a cyber liability policy. First-party and third-party coverage help ensure you’re protected for whatever comes your way.

first-party coverage

First-party coverage includes coverage for immediate expenses related to the cyber breach. These expenses typically include:

  • The cost of notifying employees and the public
  • Marketing and public relations response that protect the company’s reputation
  • Extortion money
  • Repairing the damage to software and hardware
  • The cost of business interruption and missed income while operations are suspended
  • Other ancillary costs

third party coverage

On the other hand, third-party coverage helps a company defend against lawsuits and legal claims. There are a few lawsuits that may occur. Privacy lawsuits are covered under this coverage in case you have breached the privacy of customers and employees.

Regulatory body fines are covered as well as media liability claims (copyright infringement, libel, or slander). Lastly, breach of contract and negligence claims are covered under third-party coverage.

what does cyber liability insurance not cover?

It’s important to understand what your insurance coverage does not cover. When you review your cyber security protections, you may be able to identify where your vulnerabilities lie. Some common exclusions from cyber liability insurance include:

  • Bodily injury and property damage claims: Any claims of bodily injury or property damage will not be included in your cyber liability insurance policy. However, a general liability policy will cover these claims.
  • Criminal activity: Cyber liability insurance policies do not cover fraud, robbery, employee theft, and other crimes. However commercial crime insurance will cover these claims.
  • Social engineering: A cyber liability insurance policy will not cover when employees are tricked into transferring company funds. This can be an additional add-on with some cyber liability plans.
  • Loss of property: When an employee loses a piece of property, like a phone or computer, cyber liability will not cover the cost. However, a commercial property insurance policy will.

Like many businesses, you likely utilize computers, and other electronic devices to send, receive, and store electronic data. Data is one of your most valuable assets. It’s important to ensure that you protect that data and consider the cost of losing it.

signs you’re at risk of experiencing a cyber-attack

Cyber-attacks occur without forewarning. Sometimes, businesses don’t initially realize that they’re under a cyber attack. Review the following signs that your business is experiencing a cyber attack.

  • You’re receiving requests for transactions, like direct deposits or electronic fund transfers.
  • Unsolicited communications are coming through from unknown companies or people.
  • Links within emails do not match—check links by rolling your cursor over the link to see if the two match with the content and the email address!
  • Requests with a high sense of urgency, asking you to complete documentation immediately.
  • Requests for usernames, passwords, and other personal details like banking information.

If you realize you’re under a cyber attack, act immediately. First, disconnect your device from the internet, restore your system, and report the attack to your IT department.

After the attack, make sure you file a report with the police and your insurance.

how to mitigate risk

There are ways to decrease your business’s risk of falling prey to a cyber-attack. Being proactive about cybersecurity, and having cyber insurance helps keep your business information secure. Other ways to mitigate risk include:

  • Limit your use of large email attachments and programs that put pressure on your company’s bandwidth ecosystems.
  • Do not forward emails with attachments that contain highly restricted or company confidential information to personal accounts.
  • Avoid reading, talking about, or leaving confidential information in unsecured work-from-home areas.
  • Log off of work devices when you’re not using them.
  • Shred sensitive documents.
  • Restart your computer regularly.
  • Be aware of third-party risk because 59% of companies experience a cyber breach because of a third party.

cyber claim tips

When submitting a claim, use our tips to make sure you have the most successful outcome.

  1. Prepare and understand your insurance policy beforehand. Before a breach occurs, understand and review your policy, and what it covers. Make sure the structure of the claim fits your business needs.
  2. File your claim correctly. Most cyber insurance claims are first-party claims because the most common types of cyber-attacks are ransomware, malware, and social engineering fraud. However, file a third-party claim if you experience the need for defense in a lawsuit. Once assigned, insurer claim adjusters quickly help mitigate losses and help the legal and forensic response.
  3. Do not wait to report your claim. Once you become aware that there is a breach in your cyber security, the first step is to report and file the claim as soon as possible. No matter what type of breach, do not wait to file a report because it’s easier to give assistance early on during a breach.
  4. Obtain insurer consent. Once the claim is filed, the insurer must give their consent to onboard attorneys, IT professionals, and investigators for the breach.

At benchmark commercial insurance, we offer global capacities with a boutique experience. What we do best is look at your company holistically and use our knowledge of changing policy to give you the security of knowing you’re covered.  It’s true, anyone can get you cheap insurance, but not anyone can be there for you like we can when structuring your policy and filing a cyber security claim.

Curious about what other areas of your company may be putting you at risk for a cyber security breach? Read our article about why email may be your biggest cyber risk here.


your business needs cyber liability insurance to protect against cyber attacks