Latest news and updates on issues affecting business. - Bluefin Group
Latest news and updates on issues affecting business.
November 2016
In this issue • Internet of Things promises huge rewards, but it is not risk free • Recent HSE news and prosecutions • SMEs missing out on billions in export sales • Companies double cyber security spend yet still lack basic knowledge • 1 out of 2 companies have never had a health and safety inspection
Internet of Things promises huge rewards, but it is not risk-free A new study from 25 data protection regulators from around the world, including the Information Commissioner’s Office, found severe pitfalls for any business hoping to take advantage of the Internet of Things (IoT). The IoT is a vast interconnected system of devices, vehicles and even entire buildings capable of connecting to the internet and communicating with each other. And it promises big benefits. In fact, about 25 per cent of global manufacturers are already using IoT technology to streamline their operations, according to the Government. Businesses in all industries can use the IoT to monitor water usage and overall energy use; thus, saving money and minimising consumption - not to mention the industry-specific benefits. For example, using IoT technology in the retail sector to improve inventory management could save UK retailers £3 billion over the next several years, according to a Morgan Stanley report. And research from the Centre for Economics and Business Research estimates that the IoT and big data analytics will add £322 billion to the economy from 2015 to 2020. Yet, despite the potential benefits of using the IoT, the report found severe pitfalls - primarily with how it collects, stores and distributes your data. According to the report, 3 out of 5 IoT devices do not properly tell customers how their personal information is being used. What’s more, nearly 3 out of 4 devices failed to adequately explain how users can delete their information. These glaring omissions could leave companies vulnerable to cyber attacks. In fact, less than 1 out of 3 companies are prepared to handle the cyber security risks associated with the IoT, according to a survey conducted by Tripwire, a software company. If your company chooses to integrate IoT devices into your regular business operations, consider using these best practices: 1.
Provide your employees with comprehensive training on how to use each IoT device - including how to delete any unnecessary or sensitive information. 2. Inspect your cyber security system to confirm that each device has adequate cyber protections. 3. Schedule regular maintenance for your IoT devices to ensure that their software is up to date and they have the latest patches.
Recent HSE news and prosecutions Self-employed trader fined for safety failings A self-employed trader was found guilty of breaching Section 3 (2) of the Health and Safety at Work Act 1974, and was given 200 hours of community service along with a £918.02 fine. The trader had neglected to take the necessary safety precautions required to work at height while on scaffolding arrangements, placing himself and others at serious risk. In its investigation, the HSE found that the trader had been served a Prohibition Notice six months prior to this incident for breaching the Work at Height Regulations for a similar incident. Alton Towers’ owners fined £5 million over Smiler crash The owners of the theme park Alton Towers were fined £5 million and ordered to pay £69,955.40 in costs after a rollercoaster collision injured 16 people last June. The incident occurred after the ride’s engineers overrode its control system without verifying that it was safe to do so, which caused the occupied car to forcibly collide with a stationary car. In its investigation, the HSE found the central cause for the incident to be a lack of detailed, robust arrangements for making critical decisions, which includes training and fixing faults. The HSE emphasised in its official statement that the incident could have been easily avoided had the park implemented comprehensive safety systems. Scrapyard in BBC series prosecuted over worker injury The Scrappers Ltd, a Bolton-based scrapyard, was fined £30,000 and ordered to pay £26,687.88 in costs after an employee suffered a serious head injury. The employee was working on a raised car to remove its catalytic convertor when the petrol saw he was using spun in his hands and hit him in the face. In its investigation, the HSE found that the company had not provided the worker with any sort of formal training, which may have contributed to him not using the appropriate tool designed for this specific type of work, nor was the work appropriately supervised. The HSE investigators concluded that the incident would not have happened had the company developed and implemented a safe system of work. Manufacturer fined £1 million following worker’s death Parker Hannifin Manufacturing Ltd was fined £1 million, ordered to pay £6,311 in costs and a £120 surcharge after a worker was crushed to death by falling machinery. The worker was moving a large milling machine when it overturned and killed him. In its investigation, the HSE found that the company had not properly assessed the potential risks associated with the task nor had it provided the worker with the training necessary to successfully complete the task.
SMEs missing out on billions in Despite the growing demand for British-made goods, less than 20 per cent of UK SMEs currently sell their goods to customers abroad, according to a recent report from the Centre for Economics and Business Research. An explanation for this limited participation could stem from the difficulties encountered by SMEs in their efforts to expand into new international markets. These barriers to trade often include international shipping costs, concerns about foreign customs and duties, and insurance costs. Yet, if the number of SMEs that are able to successfully overcome these trade barriers increases to just 40 per cent, that effort would contribute an estimated £141.3 billion to the economy. Whilst it may seem like a daunting challenge to double the number of SMEs conducting business with overseas customers, business owners are optimistic that they will be able to meet that mark. In fact, nearly 48 per cent of SMEs believe that they will experience growth in international trade in the near future, according to a survey conducted by market research firm East and Partners. This confidence can be directly attributed to a weaker pound and a renewed sense of freedom from the EU’s red tape - both of which are repercussions of Brexit. Possibly the most straightforward strategy for SMEs to adopt in order to reach international clients would be to set up a robust online store and contact a Department for International Trade adviser for a free consultation by visiting www.greatbusiness. gov.uk/ukti. To make your business’ website more accessible, consider making these five changes: 1. 2. 3. 4. 5.
Offer customers the option of paying with multiple types of currency. Provide customers with the ability to change the language on your website. Keep your shipping costs low. Build and maintain an online presence on several different social media platforms, such as Instagram, Twitter and Facebook. Invest in search engine optimisation to ensure potential international customers can find your online store quickly and easily.
Companies double cyber security spend yet still lack basic knowledge If your company were to experience a cyber security incident - such as a security breach or cyber attack you should expect to pay an average of £2.6 million, which is more than double the cost in 2015, according to a new report from PricewaterhouseCoopers (PwC). What’s more, the impact of these incidents can be so significant that nearly 4 out of 5 companies experience downtime as a result. During these periods of business disruptions, you may experience further knock-on effects such as extra expenses, supply chain disruptions and reputation damage. To combat this threat, companies are spending an average of £6.2 million on cyber security, which is double what they spent in 2015. Yet, whilst companies are spending more on cyber security, many are foregoing the additional cost of cyber cover, which leaves them dangerously exposed. Only 38 per cent of companies are insured against cyber threats, according to PwC. To ensure that cyber defences are effective, companies need robust cyber cover as well as a holistic understanding of how cyber security works and what the common risks are - which a significant number of companies still lack. Merely 28 per cent of companies have board members that contribute to the development of a cyber security strategy, whilst only 33 per cent have board members that are directly involved in setting up their cyber security budgets. This minimal participation can inadvertently create potential gaps in a company’s cyber security that criminals could exploit. To ensure that your company’s cyber security system is comprehensive and effective, you should provide annual cyber security training for your entire staff - from interns all the way up to directors and officers. This training should include how to identify common cyber threats, password best practices and the procedure for a cyber security breach. And of course, all businesses need comprehensive cyber cover.
1 out of 2 companies have never had a health and safety inspection Regular health and safety inspections are recommended for any company, regardless of industry. Yet, 46 per cent of all companies have never had a health and safety inspection, and only 24 per cent have had an inspection within the past 12 months, according to a recent survey published by the Trades Union Congress. This pervasive inattention to health and safety may have been a contributing factor in the 611,000 work-related injuries and 500,000 new work-related illnesses that occurred in 2014/15, according to the HSE. The responsibility for ensuring the safety of your employees rests - first and foremost - with your company. For that reason, your company should consider implementing the following HSE-recommended best practices: 1.
Plan an inspection programme: Your company should appoint at least one health and safety inspector to conduct inspections, ideally once per quarter. These inspections should examine tools, tasks, equipment, methods and work environments to identify potential risks. 2. Discuss health and safety issues with staff: Your health and safety inspectors should meet with your staff to discuss what risks they regularly encounter. 3. Consult health and safety specialists: For certain situations or equipment, your company should contact a certified specialist to conduct the inspection. Ideally, these inspections should also be conducted quarterly. 4. Review and revise your inspection programme: Your company’s inspection programme should be reviewed annually, or after any health and safety incidents have occurred. The content of this newsletter is of general interest and is not intended to apply to specific circumstances. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly. © 2016 Zywave, Inc. All rights reserved.
bluefingroup.co.uk Bluefin Insurance Services Limited is authorised and regulated by the Financial Conduct Authority. 1353-1116
November 2016
In this issue • Internet of Things promises huge rewards, but it is not risk free • Recent HSE news and prosecutions • SMEs missing out on billions in export sales • Companies double cyber security spend yet still lack basic knowledge • 1 out of 2 companies have never had a health and safety inspection
Internet of Things promises huge rewards, but it is not risk-free A new study from 25 data protection regulators from around the world, including the Information Commissioner’s Office, found severe pitfalls for any business hoping to take advantage of the Internet of Things (IoT). The IoT is a vast interconnected system of devices, vehicles and even entire buildings capable of connecting to the internet and communicating with each other. And it promises big benefits. In fact, about 25 per cent of global manufacturers are already using IoT technology to streamline their operations, according to the Government. Businesses in all industries can use the IoT to monitor water usage and overall energy use; thus, saving money and minimising consumption - not to mention the industry-specific benefits. For example, using IoT technology in the retail sector to improve inventory management could save UK retailers £3 billion over the next several years, according to a Morgan Stanley report. And research from the Centre for Economics and Business Research estimates that the IoT and big data analytics will add £322 billion to the economy from 2015 to 2020. Yet, despite the potential benefits of using the IoT, the report found severe pitfalls - primarily with how it collects, stores and distributes your data. According to the report, 3 out of 5 IoT devices do not properly tell customers how their personal information is being used. What’s more, nearly 3 out of 4 devices failed to adequately explain how users can delete their information. These glaring omissions could leave companies vulnerable to cyber attacks. In fact, less than 1 out of 3 companies are prepared to handle the cyber security risks associated with the IoT, according to a survey conducted by Tripwire, a software company. If your company chooses to integrate IoT devices into your regular business operations, consider using these best practices: 1.
Provide your employees with comprehensive training on how to use each IoT device - including how to delete any unnecessary or sensitive information. 2. Inspect your cyber security system to confirm that each device has adequate cyber protections. 3. Schedule regular maintenance for your IoT devices to ensure that their software is up to date and they have the latest patches.
Recent HSE news and prosecutions Self-employed trader fined for safety failings A self-employed trader was found guilty of breaching Section 3 (2) of the Health and Safety at Work Act 1974, and was given 200 hours of community service along with a £918.02 fine. The trader had neglected to take the necessary safety precautions required to work at height while on scaffolding arrangements, placing himself and others at serious risk. In its investigation, the HSE found that the trader had been served a Prohibition Notice six months prior to this incident for breaching the Work at Height Regulations for a similar incident. Alton Towers’ owners fined £5 million over Smiler crash The owners of the theme park Alton Towers were fined £5 million and ordered to pay £69,955.40 in costs after a rollercoaster collision injured 16 people last June. The incident occurred after the ride’s engineers overrode its control system without verifying that it was safe to do so, which caused the occupied car to forcibly collide with a stationary car. In its investigation, the HSE found the central cause for the incident to be a lack of detailed, robust arrangements for making critical decisions, which includes training and fixing faults. The HSE emphasised in its official statement that the incident could have been easily avoided had the park implemented comprehensive safety systems. Scrapyard in BBC series prosecuted over worker injury The Scrappers Ltd, a Bolton-based scrapyard, was fined £30,000 and ordered to pay £26,687.88 in costs after an employee suffered a serious head injury. The employee was working on a raised car to remove its catalytic convertor when the petrol saw he was using spun in his hands and hit him in the face. In its investigation, the HSE found that the company had not provided the worker with any sort of formal training, which may have contributed to him not using the appropriate tool designed for this specific type of work, nor was the work appropriately supervised. The HSE investigators concluded that the incident would not have happened had the company developed and implemented a safe system of work. Manufacturer fined £1 million following worker’s death Parker Hannifin Manufacturing Ltd was fined £1 million, ordered to pay £6,311 in costs and a £120 surcharge after a worker was crushed to death by falling machinery. The worker was moving a large milling machine when it overturned and killed him. In its investigation, the HSE found that the company had not properly assessed the potential risks associated with the task nor had it provided the worker with the training necessary to successfully complete the task.
SMEs missing out on billions in Despite the growing demand for British-made goods, less than 20 per cent of UK SMEs currently sell their goods to customers abroad, according to a recent report from the Centre for Economics and Business Research. An explanation for this limited participation could stem from the difficulties encountered by SMEs in their efforts to expand into new international markets. These barriers to trade often include international shipping costs, concerns about foreign customs and duties, and insurance costs. Yet, if the number of SMEs that are able to successfully overcome these trade barriers increases to just 40 per cent, that effort would contribute an estimated £141.3 billion to the economy. Whilst it may seem like a daunting challenge to double the number of SMEs conducting business with overseas customers, business owners are optimistic that they will be able to meet that mark. In fact, nearly 48 per cent of SMEs believe that they will experience growth in international trade in the near future, according to a survey conducted by market research firm East and Partners. This confidence can be directly attributed to a weaker pound and a renewed sense of freedom from the EU’s red tape - both of which are repercussions of Brexit. Possibly the most straightforward strategy for SMEs to adopt in order to reach international clients would be to set up a robust online store and contact a Department for International Trade adviser for a free consultation by visiting www.greatbusiness. gov.uk/ukti. To make your business’ website more accessible, consider making these five changes: 1. 2. 3. 4. 5.
Offer customers the option of paying with multiple types of currency. Provide customers with the ability to change the language on your website. Keep your shipping costs low. Build and maintain an online presence on several different social media platforms, such as Instagram, Twitter and Facebook. Invest in search engine optimisation to ensure potential international customers can find your online store quickly and easily.
Companies double cyber security spend yet still lack basic knowledge If your company were to experience a cyber security incident - such as a security breach or cyber attack you should expect to pay an average of £2.6 million, which is more than double the cost in 2015, according to a new report from PricewaterhouseCoopers (PwC). What’s more, the impact of these incidents can be so significant that nearly 4 out of 5 companies experience downtime as a result. During these periods of business disruptions, you may experience further knock-on effects such as extra expenses, supply chain disruptions and reputation damage. To combat this threat, companies are spending an average of £6.2 million on cyber security, which is double what they spent in 2015. Yet, whilst companies are spending more on cyber security, many are foregoing the additional cost of cyber cover, which leaves them dangerously exposed. Only 38 per cent of companies are insured against cyber threats, according to PwC. To ensure that cyber defences are effective, companies need robust cyber cover as well as a holistic understanding of how cyber security works and what the common risks are - which a significant number of companies still lack. Merely 28 per cent of companies have board members that contribute to the development of a cyber security strategy, whilst only 33 per cent have board members that are directly involved in setting up their cyber security budgets. This minimal participation can inadvertently create potential gaps in a company’s cyber security that criminals could exploit. To ensure that your company’s cyber security system is comprehensive and effective, you should provide annual cyber security training for your entire staff - from interns all the way up to directors and officers. This training should include how to identify common cyber threats, password best practices and the procedure for a cyber security breach. And of course, all businesses need comprehensive cyber cover.
1 out of 2 companies have never had a health and safety inspection Regular health and safety inspections are recommended for any company, regardless of industry. Yet, 46 per cent of all companies have never had a health and safety inspection, and only 24 per cent have had an inspection within the past 12 months, according to a recent survey published by the Trades Union Congress. This pervasive inattention to health and safety may have been a contributing factor in the 611,000 work-related injuries and 500,000 new work-related illnesses that occurred in 2014/15, according to the HSE. The responsibility for ensuring the safety of your employees rests - first and foremost - with your company. For that reason, your company should consider implementing the following HSE-recommended best practices: 1.
Plan an inspection programme: Your company should appoint at least one health and safety inspector to conduct inspections, ideally once per quarter. These inspections should examine tools, tasks, equipment, methods and work environments to identify potential risks. 2. Discuss health and safety issues with staff: Your health and safety inspectors should meet with your staff to discuss what risks they regularly encounter. 3. Consult health and safety specialists: For certain situations or equipment, your company should contact a certified specialist to conduct the inspection. Ideally, these inspections should also be conducted quarterly. 4. Review and revise your inspection programme: Your company’s inspection programme should be reviewed annually, or after any health and safety incidents have occurred. The content of this newsletter is of general interest and is not intended to apply to specific circumstances. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly. © 2016 Zywave, Inc. All rights reserved.
bluefingroup.co.uk Bluefin Insurance Services Limited is authorised and regulated by the Financial Conduct Authority. 1353-1116
