Business Protection News

New & emerging risks

We're happy to present Business Protection News (formerly known as P&C Minute). Every other month, the Corporate Property & Casualty Consultant team will briefly tell you about new and emerging risks, how to use your policy, and much more.

Insights on property protection

November 2024

The moment construction begins, a property is at risk for damage. The risks could include fire, theft, vandalism, windstorm, liability, or others. One common misstep is thinking that your credit union’s interests are always covered by your general contractor or builders, but they are not. To learn more about builder’s risk exposures, insurance protection, what’s covered and what’s not covered, or how to receive an insurance quote.

Listen
View transcript

In case you missed it

Here are a few resources to provide you with actionable insight and proven risk mitigation guidance to help you stay on top of emerging risks.

Webinars and education

• On-demand webinar: Cyber Landscape Threats — Cybersecurity strategies evolve as quickly as do data security threats. Stay on top of next-generation vulnerabilities to minimize risk and be prepared to respond to potential loss of info and data by joining us in this live webinar. Listen as special guest speakers from Beazley — claims manager Andrea McKay and cyber services manager Max Bradshaw — and TruStage™ risk consultant Brianda Rojas-Levering address cyber risks and related controls that can help you navigate the evolving cyber environment.
  Presentation | Recording
• 2025 Risk Management Virtual Events Schedule — Stay ahead of the complex array of ever-changing risks, compliance issues, and industry regulations with our 2025 risk management virtual events. Each session is focused on emerging risks and loss trends impacting organizations just like yours. You’ll gain actionable insights, proven guidance and relevant resources that you can use.
  
  New in 2025 — Cyber risks mini-series — a 90-minute session held quarterly focused on sharing best practices and fundamental components related to preparing for, defending against, and responding to cyber & data threat trends.
  Schedule 

Risk management resources:

Additional resources to help you manage the complex array of ever-changing risks.

• Critical vendor questions risk overview — As third-party vendor cyber attacks continue to grow in frequency and severity, so do the obligations for a credit union to understand their third-party and Nth party risks in all facets of its relationship. Unfortunately, vendor due diligence and contract safeguards mean nothing if third-party data privacy and security requirements are an afterthought. Read overview¹
• Incident response tabletop exercise & discussion guide — While there is no one correct way to develop and test your incident response plans; it is important to continuously improve the plan by incorporating lessons learned. Tabletop exercises for incident plans use a comprehensive set of resources designed to assist stakeholders in conducting their own exercises. These resources assist you to initiate discussions within your organization about your ability to address a variety of cyber threat scenarios. Read overview
• Third-party vendor cyber incidents risk overview — Cybersecurity risks remain a significant, persistent, and ever-evolving threat. In fact, third-party & fourth-party vendor or supply chain incidents continue to impact credit unions. The disruption and costs to identify and resolve these incidents — along with the operational downtime and resource impact for your organization — can be staggering. Read overview¹

RISK Alerts:

Recent alerts issued about risks impacting credit unions across the country.

• “Money glitches” spike with ATMs and mobile deposit services — Fraudsters are known to be discussing “money glitches” (aka fraud) they've discovered in the ATM and remote deposit capture processes of several financial institutions on dark web forums. However, rather than a machine glitch, it appears to be a massive check fraud scheme that involves depositing fake checks in ATMs and quickly wire transferring the money before the checks could be returned. The scheme went viral on the dark web and has now emerged similarly into mobile deposit apps. Fraudsters have identified financial institutions with mobile deposit limits as high as $100,000. View alert¹
• Simple internet searches can result in malvertising that exploits vulnerabilities — The National Credit Union Association (NCUA) recently issued an alert to credit unions warning of the ongoing threat in sophistication and frequency of cyberattacks. The alert specifically mentioned ransomware attacks attributed to “malvertising” where malware is injected to users’ computers when they visit malicious websites or click on digital ads. Malvertising can appear almost anywhere, even at websites credit union employees visit as part of their everyday browsing. Because ads are displayed to all website visitors, virtually every page viewer is at risk of infection. View alert¹
• Fraudsters hit the jackpot with ATM attacks — ATMs are once again the target of fraudsters nationwide taking advantage of weak security protocols for ATMs and attacking the physical terminal by installing malware through the top hat. Credit unions should be aware of any out of ordinary patterns of activity with their ATMs. ATM jackpotting events can drain all the cash from the ATM. View alert¹
• Developing an organization-wide safe driving policy — Distracted driving crashes accounted for approximately 3,300 deaths and 290,000 injuries annually according to the National Highway Traffic Safety Administration. Many distractions are related to business such as using cell phones to take business calls, to read or send emails/texts, and to focus on GPS navigation. While many credit unions typically have policies and procedures addressing the operation of credit union vehicles; in many instances, they do not include a focus on safe driving without distractions. View alert¹
• Fraudsters add social media accounts to fake account legitimacy — Fraudsters are getting better at making synthetic identities appear legitimate. They are using them to perpetuate synthetic identity fraud (or synthetic identity theft), a practice the Federal Reserve has labeled “the fastest-growing type of financial crime in the U.S.” View alert¹
• Cybersecurity threats continue to evolve as data breach costs spike — No organization is immune from cyber threats, including credit unions. According to IBM’s latest Cost of a Data Breach Report, the U.S. average data breach within the financial industry is $6.08 million. This average increase is primarily driven by rising business disruption costs like system downtime, reputation damage, and post-breach response expenses such as call center staffing, regulatory fines and credit monitoring services for members. View alert¹

Insights on cybersecurity protection

September 2024

Cybersecurity is one of the most dynamic risks for organizations to manage. The risks continue to rapidly evolve and the uncertainty of what’s next seems to get even harder to predict. Here are a few insights on cybersecurity protection and our recommendations on how to best manage them.

Listen
View transcript

The potential impacts or working remotely or in a hybrid work arrangement

As a result of the increased availability and desirability of remote work arrangements, employers must consider potential impacts to their operations and risks that they may not have previously considered. One potential impact relates to workers compensation and employees working remotely or in a hybrid work arrangement.

Artificial intelligence and potential threats regarding Cyber Liability Coverage

Did you know that an estimated 3.4 billion spam emails are sent each day?² On this episode of Business Protection News, learn more about Artificial Intelligence (or AI for short) and potential threats regarding Cyber Liability coverage. AI technology enables more sophisticated phishing attempts that are hard to uncover, but there are steps you can take to mitigate these risks.

How employee’s insurance and the credit union’s business auto policy work together

This episode of Business Protection News focuses on how the employee’s insurance and the credit union’s business auto policy work together when employees are driving their personal vehicles for credit union business.

Technology-based programs to manage and streamline day to day requests

We strive to provide your credit union with technology-based programs to manage and streamline your day to day requests which helps to stay on top of demanding verification needs. You can submit Certificate of Insurance requests, add, or change locations, file a claim and so much more online! Smart Forms, more formally known as Online Interactive Forms, is one great feature we offer at TruStage.