Joe Reschini, President of The Reschini Group and CEO of Evergreen Insurance was named one of Pennsylvania Business Central’s Top 100 people in business and economic development. To read more about Joe and the Top 100, click here

Joe Reschini, President of The Reschini Group and CEO of Evergreen Insurance, was named one of Pennsylvania Business Central’s 2023 Top 100 people in business and economic development. To read more about Joe and the Top 100, click here.

While it may be tempting to leave the complex, mysterious world of cybersecurity to “the experts,” business leaders cannot fall back on that handy escape hatch any longer. They need to be aware and involved, even to the point of elevating cyber reporting to the CEO directly. According to the federal Cybersecurity and Infrastructure Security Agency*, here are some practical steps that leaders would be wise to follow:

• CEOs should ask the following questions about potential cybersecurity threats:
  How could cybersecurity threats affect the different functions of my business, including areas such as supply chain, public relations, finance, and human resources?
• What type of critical information could be lost (e.g., trade secrets, customer data, research, personally identifiable information)?
• How can my business create long-term resiliency to minimize our cybersecurity risks?
• What kind of cyber threat information sharing does my business participate in? With whom does my business exchange this information?
• What type of information sharing practices could my business adopt that would help foster community among the different cybersecurity groups where my business is a member?

What can CEOs do to mitigate cybersecurity threats?

• Elevate cybersecurity risk management discussions to the company CEO and the leadership team. Executives should construct policy from the top down to ensure everyone is empowered to perform tasks related to reducing cybersecurity risk.
• Implement industry standards and best practices rather than relying solely on compliance standards or certifications. Compliance standards and regulations (Federal Information Security Modernization Act) provide guidance on minimal requirements. Businesses should strive to go beyond the minimum, however.
• Evaluate and manage organization-specific cybersecurity risks. Ask the questions necessary to understand your security planning, operations, and security-related goals.
• Ensure cybersecurity risk metrics are meaningful and measurable. For example, reducing the days it takes to patch a vulnerability to directly limit risk to the organization.
• Develop and exercise cybersecurity plans and procedures for incident response, business continuity, and disaster recovery. It is critical that organizations test their incident response plans across the whole organization, not just in the IT environment.
• Retain a quality workforce. It is important to have people who can identify the proper tools for your organization, since new cybersecurity threats are constantly appearing.
• Maintain situational awareness of cybersecurity threats. Subscribe to notifications on emerging cybersecurity threats (e.g., National Cyber Awareness System products, MITRE Common Vulnerability Exposures, CERT Coordination Center Vulnerability Notes) and subscribe to the Homeland Information Sharing Network.

Of course, making sure your cybersecurity insurance coverage is sufficient and current remains vitally important, as well. The professionals at The Reschini Group can help.

* https://www.cisa.gov/tips/st18-007

Copyright 2023 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice. To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Joseph C. Totten III is joining The Reschini Group and Evergreen Insurance as Chief Revenue Officer. Joe will be responsible for overseeing the management and growth of current client relationships as well as supporting the firm’s long-term growth initiatives. Prior to joining the Reschini Group, Joe was the Vice President for a large national broker in Pittsburgh.

“Joe’s impact on our organization will be significant,” said Joe Reschini, President of The Reschini Group and Chief Executive Officer of Evergreen Insurance. ” Joe’s experience will help us reach a new level of service for our clients and growth for The Reschini Group.”

“This is a great opportunity to help build on the legacy of a historic company,” said Joe Totten. “They are a leader in the industry and I look forward to working with the teams in Pittsburgh and Indiana..”

Joe Totten is a graduate of Central Catholic High School and Duquesne University. He will work out of the firm’s Pittsburgh office but will be meeting with clients throughout Pennsylvania. Connect with Joe Totten on Linkedin.

The Reschini Group’s website, www.reschini.com received an exciting upgrade and redesign over the holiday weekend. 

The new site features a dynamic responsive homepage with clickable links to the most important content pages and functionality you may use for your customer service or informational needs:

• Benefits Bookcase
• Zywave Client Portal
• InsurLink
• Property and Casualty information
• Employee Benefits information
• Latest Blog page
• Careers page

The website also features resources about many key issues your organization may face regarding Property and Casualty, Employee Benefits, or Cybersecurity issues. Plus, the site archives the Reschini blog – a useful library of pertinent information about recent issues in the market and economy.

Take a moment to look at the new site and let me know what you think!

While a majority of U.S. business executives rank cyber risk as their top organizational concern, fewer than half have adopted even basic preventive measures, according to results of an industry survey.

Cyber risk has risen to become the top concern in the U.S. and few risk experts believe governments are equipped to handle the threat. Among 1,200 executives who participated in the survey, 59% said they worry some or a great deal about cyber, and 25% said their company has been a cyber victim, up 150% since 2015.The top three specific concerns cited by survey respondents included security breaches, system glitches, and unauthorized access to bank accounts.Yet only 61% of these leaders said they felt extremely or very confident in their company’s cyber practices. The survey found that 43% said their company has a written business continuity plan in the event of a cyberattack, and 48% said their company has adopted multifactor authentication to mitigate the risk.The need for heightened attention and action regarding cyber protection has only increased with the rise of employees working remotely. An easy way to begin would be to require simple preventative measures, such as requiring multifactor authentication – as in using a one-time dedicated passcode as a secondary verification of identity – to gain access to websites or files.They say the first step in getting yourself out of a hole is to stop digging. The wise business leader acknowledges and addresses issues before they become problems. If the state of your cyber security preparation is troubling you, don’t wait to find out how problematic it can become. Invest the time and resources to fortify your protection now.Contact the professionals at The Reschini Group for guidance on cyber security.

As a business gains traction, achieves success and expands, it can outgrow its original location and facilities, making a move to a new, larger site necessary.

Don’t forget to consult with an insurance professional as part of researching that new location, however. The results can be either advantageous or detrimental to your ongoing financial health.Any change in how a business operates – including where it positions its facilities, equipment, and personnel – requires an analysis of coverage. Physical location can be impacted – either positively or negatively – by factors including:

• The likelihood of severe weather, like hurricanes, windstorms, tornadoes, or hail.
• Does the property sit in a floodplain? Is flooding becoming more common due to the effects of climate change?
• Whether the area shows a statistical trend regarding crime, vandalism, and theft.
• The condition of existing infrastructure, such as plumbing, electrical wiring, and HVAC, as these help to determine the chances of causing fire or water damage.

Similarly, a new service or line of products pursued as part of a business’ expansion plans also introduce new variables in terms of number of employees, equipment needed, safety procedures, and much more – all of which need to be incorporated into a package providing the best insurance coverage possible.“New” in the world of business should mean “better.” To safeguard your investment on the road to improving your overall performance, make sure you have the right insurance protections in place, as well.Contact the professionals at The Reschini Group for more information.

The U.S. Securities and Exchange Commission has begun to crack down on companies it deems to have breached securities laws by making inadequate cybersecurity disclosures, a policy that shows no sign of slowing down.

As a result, businesses have been advised to establish clear internal communications strategies on cybersecurity issues, and to also examine their directors and officers liability insurance and cyber liability policies to determine whether they have adequate coverage if the issue arises.Some SEC cyber disclosure actions have resulted in penalties of up to $1 million. Industry experts attribute the increased attention on cyber intrusion preparation to the reality of cyberattacks in the economy today, and an alarming lack proper preparation on the part of organizations to fight it.The agency will likely become even more aggressive in the future, as the SEC is expected to have less tolerance for organizations that don’t take the basic steps to protect sensitive data.Companies should develop incident response plans that include how to deal with a vulnerability’s discovery before it becomes an intrusion, then make sure the infrastructure is in place to address that vulnerability. Organizations need to get a clear picture of their own cybersecurity environment and communicate regularly about roles and responsibilities. Also, a well-constructed D&O policy should cover investigation costs in the event of a breach.It pays to invest in solid cyber security plans, whether or not the SEC or any other entity is looking for problems. It’s just good business these days. Contact the professionals at The Reschini Group for guidance on cyber security.

In life, as in business, education, and any large organization, the only thing that doesn’t change is that everything changes.

New operational subsidiaries are formed, people in key leadership positions leave and arrive, school districts see new clubs and sports teams rise and fall. Nothing wrong with any of this. It’s the natural ebb and flow. It’s how the world works.The sticky part comes in, however, when you assume the insurance coverage in place extends to any or all of those modifications. Or worse, you don’t think of that question at all.The old adage about why it’s dangerous to assume certainly applies. A policy is written at a moment in time, under specifications and structures that exist then. Unless provisions have been written into that policy to automatically include new elements to the entity being covered, they may not – and probably will not.Always err on the side of caution and communication. Check with your insurance provider any time the terms, shape, size, or any other variable impacts your organization. When changes are afoot, make sure you know who and what is covered under your policy – so that any necessary adjustments can be made before costly surprises arise.Contact the professionals at The Reschini Group for more information.

The federal Affordable Care Act (ACA), through Internal Revenue Service (IRS) guidelines, has adjusted its affordability percentages downward in 2022, meaning that employers may need to change some of their employee contribution levels.

On August 20, 2021, the IRS issued Revenue Procedure 2021-36 to index the contribution percentages in 2022 for determining affordability of an employer’s plan under the ACA.

For plan years beginning in 2022, employer-sponsored coverage will be considered affordable if the employee’s required contributions for self-only coverage does not exceed the following:

• 61% of the employee’s household income for the year for purposes of both the pay-or-play rules and premium tax credit eligibility; and
• 09% of the employee’s household income for the year for purposes of an individual mandate exemption (adjusted under separate guidance). Although this penalty was reduced to zero in 2019, some individuals may need to claim an exemption for other purposes.

The updated affordability percentages are effective for taxable years and plan years beginning on Jan. 1, 2022.This is a significant decrease from the affordability contribution percentages for 2021, which had been set at 9.83% and 8.27%.  As a result, some employers may have to lower their employee contributions for 2022 to meet the adjusted percentage.Under the ACA, the affordability of an employer’s plan may be assessed in the following three contexts:

• The employer shared responsibility penalty for applicable large employers (also known as the pay-or-play rules, or employer mandate).
• An exemption from the individual mandate tax penalty for individuals who fail to obtain health coverage.
• The premium tax credit for low-income individuals to purchase health coverage through an Exchange.

Although all of these provisions involved an affordability determination, the test for determining a plan’s affordability varies for each provision.Understand where your organization falls within these ACA guidelines.  Contact the Benefits Team at The Reschini Group for more information.

When are you not you?

When hackers and other malicious parties steal your identity online, that’s when.  Identity theft occurs when others obtain and use your personal information without your permission.  Once this information has been acquired, thieves can use your existing credit cards or open new ones in your name, write bad checks, take out loans, and generally ruin your credit and reputation.

Once the theft has been spotted and reported, significant damage may – and most likely will – have been done.Beyond taking the obvious precautions, another way to safeguard yourself from the impact of identity theft is to secure the proper identity theft insurance coverage.Identity theft insurance can be purchased as a standalone policy or added as endorsement to existing homeowners or automobile insurance coverage.  Even though identity theft insurance does not protect against the cost of the actual theft, it offers a relatively inexpensive option that will cover the cost of reclaiming your identity, to include such items as:

• Phone call charges, photocopying costs, and postage fees.
• Salary loss due to uncompensated time off from work.
• Legal fees.

Another attractive feature of this special coverage is that you can gain access to a fraud specialist who can provide valuable assistance in restoring your good name and protecting your identity.  This service is part of the reimbursement offer for expenses associated with credit restoration, as well.Make sure you are always you.  Protect yourself from identity theft and the financial fallout it wreaks.  Contact the Benefits Team at The Reschini Group for more information.

Two years ago, employees across the country and around the world collaborated with their employers to establish ways they could perform their job duties while working from home.  Today, the urgent need for home-based workers has receded, but the popularity of this option remains high.

And while certain trends point to an actual increase in productivity, job satisfaction, and a better work-life balance from working at home, the choice does also come with a few risks, some quite disturbing and potentially very costly.

The Cost of a Data Breach Report, conducted by the Ponemon Institute and IBM Security, reports that 76% of respondents whose organizations have shifted to remote work expect that working from home could increase the time required to identify and contain a data breach.  What’s more, 70% of respondents expect remote working to increase the cost of a data breach.Those results should cause business leaders to pause, at least for a moment, to think about what remote work represents regarding risks to your organization’s cybersecurity status.  With the geopolitical upheaval emanating from Eastern Europe currently, the world is getting a first-hand lesson in the power of benign cyber systems to damage economies, influence migration of populations, even wage war.  Just imagine the wreckage a malignant cyber attack could create.Are your remote employees following strict cybersecurity protocols regarding password control?  Tracking and protecting the physical location of their laptops and smartphones?  Accessing only approved downloads and avoiding personal usage or inappropriate personal apps on company equipment?Keep in mind that three out of four business leaders have concerns about cybersecurity regarding remote work.  Being concerned is one thing.  Acting on those concerns by clearly stating acceptable and unacceptable cyber behavior, and enforcing those standards, is what can make a real difference.Contact the professionals at The Reschini Group for more information.

Workers Compensation sounds pretty cut-and-dried, right?  Your rate – determined by the state where your company is located and the type of business – gets multiplied by your total payroll and then divided by 100.

But then modifiers enter the picture, which can raise or lower your costs, based on your loss history, or the record of measurably reducing the risk of injury to employees.  Naturally, you want a modifier that drives your workers comp costs down.  Here are some ideas on how to do just that.

1. Save Money on Workers' Comp Insurance – The same as selecting car or health insurance, it’s important to shop around for the best workers’ compensation insurance policies.
2. Ensure You're Following Workers' Comp Claims Management Best Practices – By making sure your claims adjuster always follows best practices associated with claims management, payouts can be reduced by up to 50%.
3. Focus on Safety – Create and embed a true safety culture, continually providing information on safe processes and procedures, instituting regular safety checks, and characterizing safety less in terms of statistics and more by how injuries impact people and their families.
4. Have an injury procedure in place – It is essential to manage any injuries quickly and effectively before they become worse, and for managers and employees to know their roles and responsibilities when someone is hurt at work.
5. Start an Incentive Program for New Hires – Employees, especially new hires, often benefit from incentive programs that reward them for learning the safety protocol. Older employees can also be encouraged to help the newer hires learn about the culture of safety through group incentives.
6. Implement a Return-to-Work Program – Maintaining ongoing communication with injured employees leads to them returning to the job faster, which means returning to a regular paycheck for them and lower overall costs to the company.
7. Check With Your State – Some states offer discounts if a company implements a program that promotes safety, so it’s worth checking on your state’s policies.
8. Review Your Employee Classifications – The simple act of ensuring that each employee is classified correctly regarding his or her current job can represent substantial savings.

When you understand and control the variables surrounding workers comp coverage, you can achieve the modifier level that leads to better control of those costs.  Plus, in virtually every example cited here, it’s the proper, practical, and ethical thing to do, as well.  Contact the workers comp professionals at The Reschini Group today to learn more.

A data breach creates all sorts of havoc, including significant financial costs.  That’s hardly new information.  But what those costs actually total does make news, as captured in the 2020 “Cost of a Data Breach” report, compiled by the Ponemon Institute and IBM Security.

The information from 2020 (the most current results available) provides a detailed glimpse the financial impacts security incidents can have on organizations, with historical data revealing trends in data breach causes and consequences.  The report shows some consistencies with past research.Here are the major highlights:

• The average cost of a breach in 2020 was $3.86 million per breach. This is actually good news, in a way, representing a 1.5 percent reduction from the 2019 cost per breach of $3.92 million.
• The average time to identify and contain a breach in 2020 was 280 days, virtually identical with the 279 days it took on average in 2019.
• Regarding prevention against breaches, 59 percent of organizations now have security automation deployed, up from 52 percent in 2019.

If one takeaway leaps out from these high-level results, it is that time is money.  While a higher percentage of businesses have security automation in place, it still takes nearly 10 months to discover and contain a major breach.  And the financial ramifications, even if slightly lower, remain substantial at nearly $4 million per breach.The need for robust cybersecurity practices and protections continue to grow in importance and relevance.  For more information, contact the professionals at The Reschini Group today.