letter2

Your Data Worth More Than Gold

Most Probably Your Current IT Protection is Grossly Inadequate in The Growing Tidal Wave of Cybercrime & Putting Your Company at Serious RISK!

If you think gold is the most precious than think again. Your data is much more valuable than Gold. According to Ponemon Institute, the average cost of a stolen record is $201 and according to 2017 Forbes article, electronic medical record could be worth $1000 to hackers. I understand you are not a large company (an don’t have millions of records) but even if you have 10,000 records – multiply 10,000 X $201 = $2,010,000 (if you are healthcare organization then 10,000 X $1000 = $10,000,000)

We received a flood of positive responses from the other CEOs and senior executive to our Free Cyber Security Executive Brief – 11 Critical IT Security Protections Every Business Must Have in the Place Now”. Many of them were SHOCKED by the threat but at the same time deeply relieved by what we can do to protect you from these deadly cybercrimes. It’s around 30 minutes power point presentation that we created after spending thousands of dollars and consulting with many top cyber security experts in the country. It’s a must “executive brief” for any CEO, CFO, COO or one with a P& L responsibility of the company.

This is a very serious and real threat; I’m confident our free “executive brief” will be beneficial to you, either revealing security gaps that you can then fix AND/OR giving you the peace of mind that you truly ARE prepared and protected from a cyber security attack, whether you hire us or not. However, we haven’t heard from you. That can only be for a few reasons:

Maybe you got busy and set the letter aside to review more carefully later. Maybe you never received it? Or maybe you said to yourself, “We don’t need that because…” and finished the sentence with one of the following three knee-jerk responses we hear CEOs or other senior executives such CFO, COO or Partner saying over and over again that reveals a blind ignorance to the severity and high probability of getting nailed by a devastating, financially crushing cyber-attack:

Excuse #1: “I’ve got an IT company or department that’s taking care of us.”

It’s very possible that you are being ill-advised by your current IT company or IT department. What have they recently told you about the rising tsunami of cybercrime? Have they recently met with you to discuss new protocols, new protections and new systems you need in place TODAY to stop the NEW threats that have developed over the last few months? Have they EVER urged you to talk to your bank and your insurance company to make sure you’re covered on all fronts? Have you been fully and frankly briefed on what to do IF you get compromised? Have they provided you with a response plan? If not, WHY?

Four Reasons:

First, it could be that they simply don’t know how to advise you, or even that they should. Many IT guys know how to keep a computer network running but are completely out of their league when it comes to dealing with the advanced cyber security threats we are seeing in the last 6-12 months.

Second, they may be “too busy” themselves to truly be proactive with your business – or maybe they don’t want to admit the service package they sold you has become OUTDATED and inadequate compared (if you are using outside IT services providers) to far SUPERIOR solutions available today.

Third, many advanced cyber security tools are very expensive and these folks do not have courage to share with you the necessity of latest protective tools.

And finally, NOBODY (particularly IT guys) likes to admit they are out of their depth. They feel compelled to exaggerate their ability to avoid being fired. To be fair, they might actually have you covered and be on top of it all. However…

In my admittedly informal survey, talking to many CEOs and senior executives who have been hacked or compromised, almost all of them told me they thought their IT guys “had things covered.” I’m also very connected with other IT firms across the country via industry associations and can tell you most IT guys have never had to deal with the enormity and severity of attacks happening in the last few months. That’s why it’s VERY likely your IT guy does NOT have you “covered” and you need a pre-emptive, independent risk assessment.

As a CEO myself, I understand that you have to delegate and trust, at some level, that your employees and vendors are doing the right thing but it never hurts to validate that they are. Remember, it’s YOUR reputation, YOUR money, YOUR business that’s on the line. THEIR mistake is YOUR nightmare.

At a bare minimum, our Free Executive Brief will make you aware of the threat and 11 steps to protect against it.

Excuse #2: “We’re too small to worry about that. We don’t have anything a hacker would want to steal.”

WRONG. For starters, small and mid-sized businesses are the #1 target for cybercrime groups because of their inability (or unwillingness) to implement proper security protocols. You’re easy prey. Second, not all cyber-attacks are about stealing your data. Ransomware attacks, like the recent WannaCry worm, are about stealing what’s valuable to YOU and extorting money. Hackers corrupt ALL of your customer records and e-mail addresses, ALL of your work files and other data, then ask you to pay to get them back. If you don’t pay, they delete your files. If you DO pay, they delete your files anyway OR come back and demand MORE money because you’ve indicated you’re willing to pay. They’re called cybercriminals for a reason: they’re lawless scumbags who don’t follow the rules.

Can you honestly say your client or patient records and ALL of the history, data and work files on your server are something not worth protecting?

And finally, just like a real virus (common cold), malware spreads without anyone intentionally giving it to you. They are designed to be self-propagating; so claiming “nobody would want to attack us” is akin to saying, “I won’t catch a cold because nobody wants to give me one.” It doesn’t work that way.

Most of the attacks are 100% automated using software programs designed to hammer millions of computers at once, working 24 hours a day, 365 days a year, to find security loopholes on ALL computers connected to the Internet. You’re under attack by highly organized, highly motivated TEAMS of sophisticated coders who attack en masse – not some lone hacker sitting at home selecting his victims. All it takes is to miss ONE critical software update and you’re toast. ONE employee clicking on the wrong link. ONE client or trusted vendor sending you an infected file.

Excuse #3: “I don’t have the budget for that.”

Nothing is COSTLIER than SOLVING A CRISIS AFTER the damage is done. Prevention costs pennies compared to the cure.

One cyber-attack can cost you THOUSANDS of dollars in emergency restoration fees and DAYS of downtime – the average being 10-14 days. If files are corrupt and/or deleted, it can produce HOURS OF EXTRA WORK for your already-overburdened staff to try and restore order.

CLIENTS will be IRATE. If it’s discovered that patient or client data is compromised, you will be investigated and questioned about what you did to prevent this from happening. If the answer is not adequate (and it won’t be if your response is “We were too cheap to put proper cyber security protocols in place”), you can be found liable, facing hefty fines and lawsuits EVEN IF you trusted an outsourced IT support company or your owned IT department to protect you.

Sales will be DISRUPTED while you scramble to recover. Employees will blame you. Project DEADLINES WILL BE MISSED, and this giant, expensive and reputation-destroying nightmare will land squarely on YOUR shoulders. But it doesn’t end there…

If money is siphoned from your bank account, your bank will NOT replace the stolen money. (They aren’t required to. Please go and ask your bank) “But I have insurance,” you say? Have you RECENTLY scrutinized the fine print in your policy? If you did, you’d be ill. Unless you have purchased a specific policy that covers cybercrime or fraud, you’re screwed.

Almost no general liability policy will cover losses from cybercrime. Even if you have crime or cyber liability insurance, it’s not uncommon for insurance companies to find some loophole in the policy to get out of paying you. You can Google it.

Further, insurance cannot undo or restore the reputational damage done, the loss of business from clients who leave you, future sales lost, the work and TIME involved in restoring YEARS of history and work, the downtime, damaged company morale and/or the lost client data and history. The shame, the STRESS and the worry over it all…

Please…Do NOT Just Shrug This Off

I know you are extremely busy and there is enormous temptation to discard this, shrug it off, worry about it “later” or dismiss it altogether. That is, undoubtedly, the easy choice…but the easy choice is rarely the RIGHT choice. This I can guarantee: At some point, you WILL HAVE TO DEAL WITH A CYBER SECURITY EVENT. Hopefully you’ll be brilliantly prepared for it and experience only a minor inconvenience at most. But if you wait and do NOTHING, I can practically guarantee this will be a far more costly, disruptive and devastating attack that will happen to your business.

You’ve spent a lifetime working hard to get where you are today. Don’t let some lowlife thieves operating outside the law in another country get away with taking that from you. And certainly don’t “hope” your IT company or IT department has you covered. Please do NOT underestimate the importance and likelihood of these threats.

Please call to my office at (800) 554-7822 or click here to schedule a FREE “executive brief” for you and your executive team now.

Sincerely,

Neil Jesani
President & CEO