CIO Letter

When Your Organization Fall Victim to a Cyber-Attack Under Your Watch Through No Fault of Your Own, Will They Call You

Complacent or Just Incompetent?

 

It’s extremely unfair, isn’t it? Victims of all other crimes – burglary, robbery mugging, carjacking, theft – get sympathy from others. They are called “victims” and support comes flooding in, as it should.

But if your organization is the victim of a cybercrime attack where client or patient data is compromised, you will NOT get such sympathy. You will be instantly labeled as complacent or incompetent. You will be investigated and questioned about what you did to prevent this from happening – and if the answer is not adequate, your organization can be found liable, facing serious fines and lawsuits. Claiming ignorance is not an acceptable defense, and this giant, expensive and reputation-destroying nightmare will land squarely on your shoulders. But it doesn’t end there…

According to most state data breach laws, your organization will be required to tell clients and/or patients that YOU exposed them to cybercriminals not only to notify law enforcement and consumer reporting agencies. Your competition will have a heyday over this. Clients will be IRATE and leave in droves. Morale will TANK and your employer will BLAME YOU.

I do realize that the above statements and this letter may come across as little bit strong but given the severity of the threat and the devastating consequences of being complacent or ignorance is deadly.  I truly only seek to help. In fact, I’m writing to offer you a Free Cyber Security Executive Brief – 11 Critical IT Security Protections Every Business Must Have in the Place Now”. It’s around 30 minutes power point presentation that we created after spending thousands of dollars and consulting with many top cyber security experts in the country. It’s a must executive brief for any CIO, CTO or anyone with IT responsibility of the company.

To help you understand why I’m so concerned about this topic, let’s look at following few statistics:

  • More than 80% cyber-attacks are targeted to small and mid-sized businesses according to PCI Council.
  • 33% of businesses required 3+ days to recover from the attack according to Symantec.
  • 60% small to mid-sized businesses fail within 6 months of being hacked according to U.S. National Cyber Security Alliance.
  • The #1 security threat to your organization can’t be prevented by antivirus, firewalls and other network security protocols.

These statistics and real-life stories made me want to do something. It is unbelievable! We don’t deserve to be punished for a crime we didn’t even commit! Nobody does! May be our only “guilt” is either ignorance or complacency. That’s why I decided to start a personal mission to help – and at least EDUCATE – as many CIO/CTO and Senior Executives as I could about the dangers of cybercrime and how they can protect themselves from losing everything.

Obviously, I don’t know you or your situation. Your department might be brilliantly ahead of all of this for you, doing all the right things to protect you. However, it’s also VERY possible you’re vulnerable.

There are few reasons for this. First, it could be that your team might not be expert at cyber security. Second, they may be “too busy” with day-to-day workload. Third, many advanced cyber security tools are very expensive and you do not have courage to share with your executive team the necessity of latest protective tools. And finally, nobody (particularly, we IT professionals) likes to admit that cyber security is out of our depth. We feel compelled to exaggerate our ability to avoid being fired. Remember, it’s YOUR reputation, YOUR organization’s money and business that’s on the line.

I know you are extremely busy and there is enormous temptation to discard this, shrug it off, worry about it “later” or dismiss it altogether. That is, undoubtedly, the easy choice…but the easy choice is rarely the RIGHT choice. This I can guarantee: At some point, you WILL HAVE TO DEAL WITH A CYBER SECURITY EVENT.

You’ve worked hard to get where you are today. Don’t let some lowlife thieves operating outside the law in another country get away with taking that from you. And certainly don’t “hope” your employer will forgive you of this. Please do NOT underestimate the importance and likelihood of these threats.

Knowing and understanding the cyber security threat is the first step. Please call to my office at (800) 554-7822 or please click here to schedule a FREE executive brief for you and your executive team now.

Sincerely,

Neil Jesani
President & CEO