This is your very first post. Click the Edit link to modify or delete it, or start a new post. If you like, use this post to tell readers why you started this blog and what you plan to do with it.

This is the post excerpt.
This is your very first post. Click the Edit link to modify or delete it, or start a new post. If you like, use this post to tell readers why you started this blog and what you plan to do with it.

Anita Byer
Tax-related identity theft occurs when a criminal uses your Social Security number to file a tax return under your name to steal your tax refund. According to the Treasury Inspector General for Tax Administration, the Internal Revenue Service stopped nearly $2 billion in fraudulent refunds last year. In 2023, the IRS identified over a million tax returns as potentially fraudulent, with associated refunds exceeding $6 billion. Since victims of tax-related identity theft and fraud are typically unaware until it is too late, staying alert and knowing the signs of fraud is key.
According to the IRS, you should be alert to possible tax-related identity theft and fraud if:
Since many scams begin with someone contacting you under false pretenses, knowing how and when the IRS contacts people can make it easier to identify imposters and impersonators. According to the IRS, initial contact is typically done by mail delivered by the U.S. Postal Service. The IRS may also contact you in other ways, depending on the circumstances. However, the IRS does not:
To protect against taxpayer identity theft, the IRS recommends:
When preventative measures fail, insurance is available to help victims through the often expensive and time-consuming process of recovery. Please contact us if you would like more information about insurance specifically designed to protect against identity theft.
Indemnification agreements are commonly used in business transactions to allocate risk. Risk allocation involves identifying who is responsible for what and for how much. In some cases, a contract requires one party to assume the liability of another party. These risk transfers are commonly found in construction and landlord/tenant agreements, and are becoming common practice in other industries as well.
Assuming responsibility for the acts of another is obviously a big deal. So, it’s important to know the nature and extent of the risk being assumed, and to have a plan to pay in the event of a loss. At a minimum, this requires an understanding of indemnification and Additional Insured status.
Indemnification
An indemnification agreement generally requires one party (the indemnitor) to assume the liability of another party (the indemnitee). In the event of a loss that is specified in the contract, the indemnitor agrees to compensate the indemnitee for their loss. It is important to understand that these provisions commonly require the indemnitor to assume liability that would not otherwise exist.
For example, construction contracts routinely include broad indemnification provisions that transfer liability for not only bodily injury or property damage, but also for pollution, design flaws, delays and other perils not typically understood or contemplated by the indemnitor. Therefore, the indemnitor must understand all the risks being assumed.
Additional Insured Status
Fortunately, insurance coverage is available to cover assumed (or transferred) risks, so indemnitors can use insurance to finance some of their assumed risks. But indemnitees often request or require their indemnitors to not only purchase insurance, but to also name them as an Additional Insured so they can directly access benefits under the indemnitor’s policy.
Though Additional Insured status can be used to finance indemnification obligations, it is important to know that there are limitations. For example,
Perhaps the most common and potentially costly problem occurs when an indemnitor assumes a risk that is not covered by their insurance. For example, a plumber agrees to indemnify a general contractor for economic damages caused by the plumber’s delay in completing the work. The plumber takes a week longer than expected to finish the job. The general contractor hires additional workers to make up for the lost week and sends the bill for the extra labor to the plumber. Under the indemnification agreement, the plumber must pay for the extra workers. Unfortunately, since there was no bodily injury or property damage to trigger coverage under the plumber’s general liability insurance policy, the plumber must pay the cost himself. Remember that Additional Insured status cannot be used to cover indemnification obligations that are broader than the insurance coverage.
Before signing on the dotted line, ask the following questions:
When used properly, indemnification agreements and various insurance coverages can be combined to effectively allocate and finance assumed risks. Since the process of allocating and transferring risk in any business transaction is always significant and often complex, businesses should consult an experienced and licensed professional before signing on the dotted line. Please contact us to learn more about allocating and transferring risk effectively and affordably.
Generative Artificial Intelligence (GAI) is a type of artificial intelligence that creates new content (text, images, audio, video) in response to basic user prompts. Many organizations are now exploring ways to leverage this transformative technology to advance operational and business objectives. But despite its seemingly limitless upside, the operational use of GAI introduces new, potentially significant liability exposures. The consequences of failing to control organizational risks associated with GAI are underscored by the fact that insurance companies are beginning to include AI-specific coverage exclusions in their commercial general liability policies.
The operational use of GAI can expand existing and generate new liability exposures. According to Verisk, a data and analytics company, these exposures may include the following.
Copyright infringement and invasion of privacy. If the datasets used to train a GAI model contain copyrighted or sensitive information (many do), such information may end up in the new content generated by GAI. This could result in claims of copyright infringement and privacy invasions.
Professional errors & omissions. AI models are increasingly being trained to dispense expert-level professional advice, but their output continues to include mistakes or “hallucinations.” If the professional guidance provided by an AI chatbot is flawed or incorrect, the organization may be exposed to claims of professional malpractice.
Products liability. GAI is increasingly being used in design and product manufacturing applications. With its current limitations, GAI may create or produce defective or poorly designed products capable of causing serious damage or injury to those who use or are otherwise exposed to them.
Bias and discrimination. AI tools have been known to recreate patterns of bias and discrimination that are present in their training datasets. GAI output that includes biased or discriminatory components may result in claims of unlawful discrimination.
Compliance and regulatory risks. GAI is increasingly being used to assist with critical compliance and regulatory functions. But as we know, GAI’s output can be flawed or incorrect. If, for example, a public company submits a false or misleading document created by GAI to the SEC, the lack of due diligence could expose the organization to D&O and professional liability claims.
Importantly, the Insurance Services Office (ISO), an advisory organization that provides standard policy forms and rating information to insurers, recently introduced Generative Artificial Intelligence exclusions for commercial general liability policies. Under these exclusions, claims for bodily injury, property damage, and personal advertising injury that arise out of GAI are not covered by insurance.
These exclusions may present a big problem for many organizations because they apply broadly to all claims arising out of “generative artificial intelligence,” which is defined as a machine-based learning system or model that is trained on data with the ability to create content or responses, including but not limited to text, images, audio, video or code. Many anticipate that general liability policies will increasingly include AI-specific coverage exclusions going forward. Organizations using generative artificial intelligence operationally must ensure that their insurance covers the new and expanded liability exposures created by GAI.
The holiday travel season is officially underway. In the coming weeks, tens of millions of people will be gathering at airports, train stations, baggage claims, car rental counters, and toll booths across the land hoping that their best laid plans will endure the chaos of holiday travel. Despite springing eternal, hope tends to disappear along with lost luggage and missed flights. But the benefits of a travel insurance policy, like reimbursement for covered financial losses, will remain even after the hope of a smooth trip is gone.
Travel Insurance is designed to limit financial losses caused by various travel-related risks. These losses can range anywhere from a few hundred dollars to tens of thousands of dollars. Many types of travel insurance policies are available, but there are a handful of coverages that most travelers are likely to need.
Trip Cancellation. Reimburses pre-paid, non-refundable travel expenses if your trip is cancelled for a reason that is covered under the policy, which may include:
Medical Emergencies and Evacuations. Covers emergency medical and dental treatment that is needed while traveling abroad. Treatment for pre-existing conditions is typically not covered. Policies may also cover emergency evacuations, medically equipped transportation, and repatriation of remains.
Lost or Delayed Baggage. Covers personal belongings if your baggage is lost, stolen or damaged. Baggage delay coverage reimburses the cost of buying essential items that are needed while waiting for your baggage.
Trip Delay. Reimburses expenses, like food and lodging, caused by travel delays.
Here are a few tips to remember when purchasing travel insurance.
Please contact us to learn more about your travel insurance options.
Florida employers will be paying less for workers’ compensation insurance next year. The Florida Office of Insurance Regulation approved a statewide overall average rate decrease of 6.9 percent for workers’ compensation insurance premiums. It will be the ninth consecutive year with a rate decrease. According to Florida Insurance Commissioner Michael Yaworsky, “this rate decrease directly translates to reduced operating costs for businesses, encouraging investment and growth throughout Florida’s economy.” The rate decrease will apply to new and renewal policies beginning January 1, 2026.
The 6.9 percent rate reduction was proposed by the National Council on Compensation Insurance (NCCI), a rating organization authorized to make rate filings on behalf of workers’ compensation insurance companies in Florida. The reduction was based on NCCI’s analysis of data from the two most recently available full policy years (i.e., 2022 – 2023) as of December 31, 2024. According to NCCI, the data supports the following changes to the components of the overall average rate level decrease.
Overall Average Rate Level Change: 6.9 percent decrease.
NCCI also proposed an overall average rate level decrease of 14.3 percent for Federal classifications. These “F-classifications” refer to operations conducted on or about navigable waters for which benefit levels and related costs are determined by the United States Longshore and Harbor Workers’ Compensation Act, rather than individual state laws. Typical F-classifications include those covering ship builders and stevedores.
Please contact us to learn more about the upcoming workers’ compensation rate reduction.
Anita Byer
A recent report on global natural catastrophe losses revealed that despite an uncharacteristic lack of major events during the third quarter of 2025, insured losses still managed to top $100 billion globally for the sixth consecutive calendar year and the eighth year since 2017. Gallagher Re’s 2025 Natural Catastrophe and Climate Report (Q3) found that governments and insurers are currently well within their annual catastrophe budgets due to the “abnormally low frequency of high-cost events” to date. Gallagher Re, however, cautions that the trend of greater losses over time is likely to persist as volatility and the likelihood of greater loss potential continue to increase.
Despite losses already topping $100 billion, the data set forth in the report reveals below-average economic and insured losses during the first nine months of 2025. According to Gallagher Re’s preliminary loss data,
The report notes that the financial health of property insurers will strengthen further if these unusually low losses persist for the remainder of 2025. Gallagher Re estimates that it would require unexpected catastrophic events resulting in insured losses of at least $115 billion to meaningfully impact the insurance industry, but the year is not over yet.
While the fourth quarter is typically the least expensive quarter for economic and insured losses, it seems nobody to Hurricane Mellissa, which tied long-standing Atlantic Basin records for lowest recorded pressure (892 millibars) and peak sustained winds (185 mph) when it made landfall in late October. According to Verisk, a data analytics firm, insured property losses for Hurricane Melissa are expected to range between $2.2 and $4.2 billion. Fortunately, these loss estimates are well below Gallagher Re’s estimated loss cushion retained by insurers due to the uncharacteristic lack of major events during the third quarter of 2025.
Contact our team of experienced and responsive insurance and risk management professionals to find affordable options to protect your home and your business against natural disasters and other catastrophes.
Anita Byer
Before closing the book on this year’s Cybersecurity Awareness Month, it is important for businesses to recognize the expanding scope and severity of cyberattacks and the consequences for failing to implement and maintain adequate cybersecurity measures. According to Aon’s 2025 Global Risk Management Survey, most organizations identified cyberattacks and data breaches as the top current risk and top future risk they face. The fact that the FBI reported over $2.7 billion in losses in 2024 from business email compromise attacks alone seems to justify their concerns.
Despite the near universal acknowledgment of cyber threats, Moody’s 2025 Cyber Survey (10/1/2025) reveals less than universal adoption of adequate cybersecurity measures, particularly when it comes to the use of artificial intelligence.
AI Governance Policies. The survey found that large numbers of organizations lack rules governing the safe use of AI tools in the workplace. While a majority of respondents have policies restricting the use of internal and proprietary data with public AI tools, nearly a quarter of respondents have no such policies in place. According to Moody’s, insufficient AI governance can increase the likelihood of data breaches, regulatory penalties, and loss of competitive advantage.
Growing risk from third-party (vendor) software. The use of third-party software, systems, and applications for operational purposes often creates vulnerabilities that can be leveraged to gain unauthorized access. According to Moody’s, third-party software increases the attack surface by providing more entry points for hackers to exploit. Bad actors tend to favor supply chain attacks because compromising a third-party vendor allows them to also attack the vendor’s customers, clients, and end users. However, despite the growing risks associated with third-party software, only 49 percent of respondents annually reviewed their vendors’ cybersecurity risk practices. Although twenty-two percent perform such reviews every few years, a startling fourteen percent of respondents have never reviewed their vendors’ cybersecurity practices.
Adoption of multi-factor authentication (MFA) is lagging. Despite the proven effectiveness of multi-factor authentication, nearly 25 percent of respondents fail to implement and enforce a mandatory MFA policy for all applications.
Ransomware defenses are patchy. Moody’s notes that ransomware attacks are increasing in frequency, severity, and sophistication. Bad actors have evolved from basic data encryption to include double and triple extortion ransomware attacks. In addition to encrypting sensitive data, double-extortion attacks also involve the exfiltration of data, which can then be released or sold by bad actors if the target is reluctant to pay. In triple extortion attacks, bad actors threaten to attack the target’s customers, partners, or employees, or launch Distributed Denial of Service (DDoS) attack to encourage payment.
Although daily data backups can provide an effective safeguard against ransomware attacks, the survey found that nearly a quarter of the respondents do not scan their backup data for malware or other vulnerabilities. The failure to do so may leave businesses at the mercy of ransomware attackers, which is far from ideal.
Cyber managers increasingly report to CEOs and CFOs. The survey revealed that more senior cyber managers are reporting to chief executives than before. In 2023, only 15 percent of respondents reported to the CEO or CFO. In 2025, the percentage increased to 28 percent. Many, including Moody’s, view this as a positive development.
Small and medium-sized businesses should have Cyber Perils Insurance Coverage to protect against various cyber threats and liability exposures, including the cost of complying with data breach notice laws. Please contact us if you would like more information about insurance specifically designed to protect against cyber threats and data security breaches.
Businesses wanting to make the most of Cybersecurity Awareness Month (October) should consider implementing a mandatory multi-factor authentication (MFA) policy for all employees. MFA ranks among the most effective measures that organizations can implement to protect sensitive systems, accounts, and data. In fact, research conducted by Microsoft found that MFA can block more than 99 percent of account compromise attacks.
Multi-factor authentication is a security process that requires more than one method of authentication from independent sources to verify a user’s identity. When MFA is enabled, a person cannot access a system or account without first providing at least two identity authentication factors (credentials). These credentials can be:
The Cybersecurity & Infrastructure Security Agency (CISA) recommends taking the following steps to secure sensitive business data using multi-factor authentication.
Require MFA wherever possible. Businesses should coordinate with IT to activate MFA across all systems, including email, file and data storage, and remote access. Administrative accounts and sensitive employee accounts should be made a priority.
Use the strongest MFA option available. CISA cautions that not all methods of MFA are created equally. Although any method of MFA is better than nothing, some methods provide more protection than others. CISA recommends that businesses implement a policy requiring one or a combination of the following MFA verification methods, which are listed from most to least secure.
Training. Employees must be trained to understand the organization’s commitment to security and their individual obligation to implement and use MFA when accessing systems and data.
MFA makes it difficult for hackers to access sensitive business accounts or data even with the password. If you have the option to enable MFA, do it now. Systems and platforms without MFA capabilities are way behind the curve and should probably be avoided. Businesses should also have Cyber Perils Insurance Coverage to protect against various cyber threats and liability exposures. Please contact us if you would like more information about insurance specifically designed to protect against cyber threats and data security breaches.
Anita Byer
October is Cybersecurity Awareness Month. The purpose of this global initiative, which began in 2003, is to raise awareness about online security and empower individuals and businesses to protect themselves against cyber threats. This year’s theme—Building a Cyber Strong America—highlights the need to strengthen the country’s infrastructure against cyber threats, ensuring resilience and security. Unfortunately, after more than 20 years, the need for cybersecurity awareness is arguably greater than ever before. According to the Identity Theft Resource Center, there were 1,732 data breaches and more than 165 million victim notices during the first half of 2025.
The Cybersecurity & Infrastructure Security Agency (CISA), which is the federal lead for Cybersecurity Awareness Month, notes that businesses and organizations without basic cybersecurity precautions make easy targets for bad actors. According to Verizon’s 2025 Data Breach Investigations Report, the human element remains the common link in most (60 percent) data breaches, so enabling employees to identify and thwart cyberattacks is crucial. To reduce the chances of being victimized by a disruptive cyberattack, CISA recommends the following best practices.
Implementing, maintaining and updating security policies and procedures is important, but it’s not always enough. Small and medium-sized businesses should have Cyber Perils Insurance Coverage to protect against various cyber threats and liability exposures, including the cost of complying with data breach notice laws. Please contact us if you would like more information about insurance specifically designed to protect against cyber threats and data security breaches.
Anita Byer
Florida employers may be paying less for workers’ compensation insurance next year. The National Council on Compensation Insurance (NCCI) is recommending an average rate level decrease of 6.9 percent for the voluntary market effective January 1, 2026. NCCI, which is authorized to recommend rates on behalf of workers’ compensation insurers in Florida, submitted its proposed rate reduction to the Florida Office of Insurance Regulation for review. If approved, it will be the ninth consecutive year workers’ compensation rates have gone down in Florida.
The proposed 6.9 percent rate reduction is based on experience data for policy years 2022 and 2023 as of year-end 2024. It also reflects the estimated impact of the Health Care Provider Fee Schedule changes effective January 1, 2026. The rate filing submitted by NCCI notes that the number of claims (frequency) and the cost of claims (severity) continue to be key metrics for the health of the workers’ compensation system. Indeed, improved loss experience resulting from declines in the frequency of lost-time claims during these policy years is identified as the primary driver of NCCI’s proposed rate decrease.
The rate filing notes that the workers’ compensation system in Florida and nationally generally remains healthy. According to NCCI:
NCCI also recommends extending published rating values from two to three decimal places. According to NCCI, this decimal extension allows for more precise adjustments that will be particularly beneficial for classification codes with lower rates by minimizing rounding limitations that are more likely to impact these class codes. The methodology for determining rates, however, remains unchanged.
Remember, NCCI is recommending a 6.9 percent rate decrease for 2026. Next year’s workers’ compensation premium rates will not be known until the Office of Insurance Regulation issues a final order. State regulators must still analyze NCCI’s data and may request an adjustment to the current recommendation before holding a public hearing.