No industry or business is immune to a cyber-attack. Your organization, knowingly or not, has likely experienced some brush with a cyber breach, potential breach, or near miss. Cyber threats emerge and evolve quickly, making them both difficult to predict and potentially volatile to manage.

The Greek community in particular is ripe for attack due to the volume and breadth of members’ personal identifiable information (PII) that is collected and stored by organizations. A breach of this information causes not only tangible and quantifiable harm, but also reputational harm, which can take years to rebuild, and in some cases, is lost forever.

Proactive risk management can make all the difference in the event of a cyber threat or breach. With that in mind, MJ Sorority has assembled a Cyber Toolkit to help your organization engage with key leadership, employees, and members to keep your operations safe and prevent business disruption due to cyber related incidents.

Here’s a peek into what’s included:

This kit equips your team to respond efficiently and effectively in the event of a breach or cyber-attack. We hope that you use the opportunities outlined in this communication to gain valuable insights about your current cyber security and make updates where you may be vulnerable. While this kit is not comprehensive, it can certainly help inform your next steps in creating and maintaining a secure environment for your employees, members, and other stakeholders.

Through education and proactive measures, we can mitigate the risks posed by malicious actors and safeguard sensitive information in an increasingly interconnected world.

If you have any questions about the programs and resources provided by MJ Sorority and our partners, please reach out to Kit Clark Moorman at kit.moorman@mjsorority.com.

Deepfakes

With new artificial intelligence (AI) technologies emerging every day, the threat of deep fakes is becoming more prominent and more dangerous, fooling even the keenest of eyes. A deepfake is a fabricated, extremely realistic image or video that has been digitally altered to impersonate someone else. They are typically used to spread false information or trick individuals into complying with the requests of a cybercriminal.

With the ability to convincingly impersonate real people, cyber criminals are able to orchestrate highly effective phishing scams, identity theft operations, and other cyber crimes that can have huge impact on your business operations and the safety of your personally identifiable information (PII).

Learn more about the threat of deepfakes and how your organization can get ahead of cyber criminals using this technology for malicious purposes here.

Complimentary and Discounted Cyber Services for Clients

Through your CHUBB policy (check with your client executive to see if you are covered), clients have access to a selection of essential mitigation tools and advisory resources that can help reduce your exposure. From cyber incident response solutions to education and training, CHUBB has compiled a group of experts to offer their services at a significant discount, sometimes even free of charge.

You can check out a full list of offerings here and learn more through CHUBB’s eRisk Hub. In addition, we have pulled a few FAQs and basic, complimentary services that you can learn more about in this loss mitigation article.

If you have questions about setting up or logging into your eRisk account, please contact your client executive.

Malware Response

Malware, short for malicious software, refers to intrusive and harmful programs or files developed by cybercriminals to steal, damage, or destroy data. Typically hidden in files, images, malware is usually distributed through malicious websites, emails and software.

We are all vulnerable to clicking on a link or attachment that contains malware, usually inadvertently. This article helps outline the important and immediate steps you and your organization should take in the event of a malware infection.

Managing Cyber Risk

Over the last decade, cyber security has evolved from a niche concern of IT professionals to a major priority for CEOs and Boards of Directors. Company leaders are now charged with managing cyber risk with the same urgency that they have treated tradition business risk in the past.

This paper explains the different forms of cyber risk and shows how the threat level has risen in recent years. It provides a basic framework for managing cyber risk. It also poses five key questions that business leaders should ask themselves to ensure their cyber risk stance is sufficiently robust and resilient to meet evolving threats.

The MJ Companies Cyber Practice

The MJ Companies has a specific cyber insurance practice, which has also developed several resources and services for your benefit. Please see the links below to engage with some of MJ’s free resources and for information on reviewing and assessing your organization’s cyber resilience with our team of experts.

Phishing

A common form of social engineering, phishing, occurs when a bad actor communicates via email, phone or text, requesting that a recipient take action, such as click on a link or provide account information. The collected information is then used to gain unauthorized access to protected PII or other data that isn’t meant to be shared.

See this article for examples of phishing attacks. The examples provided cost the victim-companies millions of dollars, with bad actors using a combination of phishing scams and business email compromise to manipulate people into sharing PII and in turn using that information to collect funds.

Phishing attacks can be particularly problematic as hackers use our own instincts against us, gaining access to PII by a victim’s own hand. KnowBe4, a partner of The MJ Companies and CHUBB, offers phishing simulations to help train employees to be wary of this kind of attack, discounted for MJ clients. To learn more, please reach out to Kit Clark Moorman at kit.moorman@mjsorority.com.

Business Email Compromise

In today’s digital world, the growing impact of cyber-attacks have become an ever-pressing concern for businesses of all sizes and across industries. While ransom events tend to capture the brunt of media attention, Business Email Compromise (BEC)—a type of cyber-attack where hackers gain access to a business email account and trick employees into sharing sensitive information or transferring funds—is actually among one of the most prevalent and damaging.

Check out this free webinar on the topic, hosted by MJ’s Carol Scully.

ACH Transactions Language

ACH transactions are electronic money transfers made between banks and credit unions across the Automated Clearing House (ACH) network. While convenient and sometimes appropriate, you should NEVER fulfill a request to wire money from an email alone. Below are some examples of language vetted by a cyber law firm that can be helpful to include in your email signature as notice of your organization’s best cyber practices on this topic:

Data Privacy Provisions for Vendor Agreements

When contracting with third party vendors, it is important to be sure that you are reviewing contracts for appropriate data privacy provisions. Privacy provisions explain how a third party can collect, use and distribute PII and what other obligations that vendor will have with regards to the PII you share with them. See this document, compiled by CHUBB partner McDonald Hopkins, for some suggested language to look for or add to vendor contracts that addresses the handling of PII.  

Sorority Program Claim Examples

Click here for examples for the MJ Sorority program that help demonstrate the need for risk management around cyber risks.

This visual guide empowers chapter members to see the big picture, ensuring every detail is covered from start to finish. Simplify your planning process and make your next event a success!

Our team at MJ Sorority is always looking for ways to help clients manage risk. We continually identify and vet business partners that we believe will add value to your chapter house and simplify its operations.

Since the beginning of time, the biggest risk to your property is water related incidents. In the Sorority Program, water related claims make up 56% of the total property claims. These claims range from water seepage, internal pipes bursting, equipment breaking down (water heaters, ice machines), to sprinkler leakage incidents. We also see water claims ranked in the top five most frequent and most severe incidents.

The one phenomenon that has changed recently is the change in the weather pattern, specifically the increase in freezing claims of regular piping, as well as the automatic sprinkler system. In the last three years alone, we have seen a substantial increase in frozen pipes claims.

What we have learned from many of these claims is that in many situations freeze incidents are preventable. Unlike so many other changes in the weather pattern, the weather reports generally forecast an impending freeze, giving property owners advance notice to make the necessary arrangements to eliminate or minimize a claim.

One of the strengths of MJ Sorority in our risk analysis is the ability to uncover emerging vendor solutions to help our clients in their property risk management. In this pursuit, we uncovered a great tool to help property owners stay ahead of any of their sprinkler pipes freezing.

We are excited to partner with Salamander to share their freeze detection technology, which will help prevent future claims at your chapter house. Your participation in this webinar is crucial to ensure the safety and well-being of your chapter house.

Watch the recording.

In this issue of our monthly newsletter, we cover background checks, mitigating the risk of wind and hail storms, share a webinar on security technology, review claims examples, our upcoming health promotions course, and more.

Ensuring the safety and security of the chapter house is obviously a top priority. The chapter house is not just a residence; it is a home where members build lifelong bonds, create cherished memories, and engage in activities that shape their futures. Given its significance, implementing robust security measures is essential to protect both the physical space and the well-being of its residents. One of the most advanced and effective security solutions available today is biometric entry systems.

Biometric entry systems utilize unique biological traits, such as fingerprints, facial recognition, or iris scans, to grant access. Unlike traditional locks and keys or even electronic keycards, biometric systems offer several distinct advantages that make them particularly well-suited for sorority chapter houses.

If your chapter house utilizes a biometric security system, it is prudent to provide annual written notice to all individuals whose biometric information identifiers are collected or stored and specify the purpose of the collection and length of time the information identifiers will be held, stored, and used. Written consent and release of this information should be included in an annual housing agreement. Read more about our suggestions for Housing Agreements here.

Investing in a biometric entry system for the sorority chapter house is a forward-thinking decision that prioritizes the safety and well-being of your members. By leveraging advanced technology, the chapter can provide a secure, convenient, and efficient environment that supports the flourishing of its community. In a world where security concerns are ever-present, adopting biometric entry systems reflects a commitment to excellence and proactive care for all members of the sorority.

Join our business partner and security expert, Johnson Controls, to learn more about smart security strategies for your chapter house. Watch recording.

From May 2024 News & Notes

In times like these, the stability of your insurance companies is critical. The pandemic challenged every aspect of the fraternal community. Both your insurance companies and MJ Sorority, as your insurance agent, made significant concessions to help alleviate some of the pressures your organizations have faced.

The insurance industry went from the chaos of the pandemic to the chaos of the effects of climate change, specifically the catastrophic weather events we’ve experienced over the last several years. Insurance coverage and policy terms and conditions are on a collision course with the changing climate in many states, most notably in Florida and Louisiana. The seriousness of changing climate patterns is further compounded by the fact that in Florida’s southwestern coastline, sea levels have risen eight inches since 1950, and the risk of storm surge is estimated to double by 2030. Louisiana’s coastline is facing a similar risk. Florida is by far the most worrisome for standard property insurance companies. Several insurance companies providing property insurance in the state have gone insolvent despite state and industry efforts to prevent insolvency. To stabilize the insurance market, the Florida state government began the Florida Hurricane Catastrophe Fund in 1992. The Fund reimburses insurers for a percentage of catastrophic hurricane claims. Insurers of last resort were formed and in 2002, both carriers merged to become Citizens Property Insurance Corporation. Some additional insurance capital (or capacity) is returning to Florida in 2024, however, this has not provided much, if any, relief to consumers trying to find insured coverage for their property.

As we’ve discussed repeatedly in this newsletter, the property insurance market has been chaotic for several years. Recently, the MJ Sorority program has experienced rate increases and changes in wind and hail property deductibles in certain parts of the country.

It’s natural to feel that these changes suggest your insurance companies are abandoning the program. However, these actions are actually positioning the program for a stable future.

Without the stability of the MJ Sorority program and our partnering insurance companies, your insurance coverage would be far more vulnerable. The saying, “you get what you pay for,” is especially true for the insurance program provided by MJ Sorority. Otherwise, you risk compromising your crucial protection.

Should you wish to discuss the property insurance industry concerns further, please do not hesitate to contact us.

In the News 
The property insurance crisis has been making headlines outside of your typical insurance industry publications. To learn more, we recommend the following:

As weather patterns continue to evolve, it is crucial for housing corporations to update their chapter house roofs to withstand the increasing intensity of wind and hail events. Convective storms in particular are a major cause for concern. Convective storms are extremely severe storms with defining characteristics of high winds, sudden temperature changes, and severe thunder and lightning.  

In light of these more severe weather conditions across the country, carriers are isolating geographic areas at greater risk to weather perils and are requiring additional measures be taken to update roofs. It is imperative to consider retrofitting affected chapter house roofs to mitigate risk.

Also at issue are state building codes. Many states have not updated their building codes to prepare for more severe weather, leaving existing and new structures vulnerable to sever weather damage. Building codes set the minimum standards for construction, however these standards may not always align with insurance requirements, leaving sorority houses vulnerable to potential coverage gaps. Furthermore, in many states and municipalities, building codes are not adequately enforced.

It is crucial for chapter houses in areas with inferior building codes to exceed minimum building code specifications to meet insurance expectations. This reduces the risk of roof damage and associated expenses if a convective storm hits a property. Housing corporations should be particularly wary of properties in the west and mid-west, where predictive modeling has determined a sharp increase in the frequency and severity of wind and hailstorms. Fortunately, universities are rarely near coastal areas, so that minimizes some of the increased risk of severe hurricanes.

MJ Sorority has consulted extensively with industry experts to create a list of recommendations for your chapters as they consider updating or replacing their chapter house roofs. At a minimum, we recommend that all of your chapter houses do an intake on the age and condition of their roof, which many roofing companies will do free of charge!

When it comes to fortifying your existing roof or installing a new one, MJ Sorority recommends the following:

Given the heightened risk of volatile weather, it is imperative that organizations do an intake and analysis of the health of chapter house roofs. Taking proactive measures to update and fortify roofs and bridging the gap between building codes and insurance requirements can mitigate the risk of roof damage and will maintain the safety and longevity of your properties. Prioritizing the fortification via the recommendations above will not only enhance the overall structural integrity of the properties in question but will also undoubtably contribute to the long-term sustainability of these important spaces for members.

Further Reading:

So, we’re betting at least some of your apps and online accounts have asked, “Do you want to opt into two-factor identification?” And, if you’re like many people, all that texting and code retrieval might seem just a little too much trouble.

Is all that security really necessary? Short answer: YES. And it doesn’t have to be hard.

Why should you use two factor identification?
Cyber attacks, personal data leaks, and phishing scams are becoming more common as hackers get more sophisticated and as we conduct more of our personal and financial transactions on apps and online. Scary factoid: the FBI’s Internet Crime Complaint Center reported that people lose $57 million in phishing and smishing schemes each year.1

Two-factor identification (2FA) provides an extra layer of protection to help safeguard your personal data and your dollars when you are accessing websites and apps.

What exactly is two-factor identification?
Also referred to as “two-step authentication,” “two-step verification” or “multi-factor authentication,” 2FA is an electronic security protocol that prevents you from accessing a website or an app until you validate your identity with two or more pieces of proof. This helps ensure that unauthorized users can’t pretend to be you.

Multi-factor identification “secures your logins from attackers exploiting weak, stolen, or leaked credentials,” says Laura Bennett, Senior Vice President, e-Consumer North America for BlinkSM by Chubb®.

How do you enable 2FA protection?
Many widely-used internet service providers (e.g. Google, Apple, Amazon) and social media platforms (e.g. TikTok, Snapchat, Facebook/Instagram), as well as financial sites, productivity, and personal apps (e.g. Paypal, Slack, Fitbit) have 2FA capability.

We do not endorse any particular vendor or brand of 2FA, but consumers should take time to research options along with the benefits of utilizing 2FA for their circumstances.

Is two-factor identification foolproof?
Currently, 2FA apps are the most secure user authentication methods. However, it is important to always practice good cyber hygiene habits:

We do not endorse any particular vendor or brand of 2FA, but consumers should take time to research options along with the benefits of utilizing 2FA for their circumstances.

Source: Chubb, the cyber insurance provider for MJ Sorority