When You Fall Victim To A Cyber-Attack By No Fault Of Your Own, Will They Call You Stupid…Or Just Irresponsible?
It’s EXTREMELY unfair, isn’t it? Victims of all other crimes – burglary, mugging, carjacking, theft – get sympathy from others. They are called “victims” and support comes flooding in, as it should.
But if your business is the victim of a cybercrime attack where client or patient data is compromised, you will NOT get such sympathy. You will be instantly labeled as “stupid” or “irresponsible.” You may be investigated, and clients will question you about what you did to prevent this from happening – and if the answer is not adequate, you can be found liable, facing serious fines and lawsuits even if you trusted an outsourced IT support company to protect you. Claiming ignorance is not an acceptable defense, and this giant, expensive and reputation-destroying nightmare will land squarely on YOUR shoulders.
This Event Is Full!
September 21st, 5:30PM-7:30PM
Please submit one form per attendee.
But it doesn’t end there…
According to Wisconsin law, you will be required to tell your clients and/or patients that YOU exposed them to cybercriminals. Morale will tank and employees will blame you. Your bank is not required to replace funds stolen due to cybercrime (go ask them), and unless you have a very specific type of insurance policy, any financial losses will be denied coverage.
Please do NOT underestimate the importance and likelihood of these threats. It is NOT safe to assume your IT company (or guy) is doing everything they should be doing to protect you; in fact, there is a high probability they are NOT, which we can demonstrate with your permission.
Exactly How Can Your Company Be Damaged By Cybercrime? Let Us Count The Ways:
1. Reputational Damages: What’s worse than a data breach? Trying to cover it up. Companies like Yahoo! are learning that lesson the hard way, facing multiple class-action lawsuits for NOT telling their users immediately when they discovered they were hacked. With dark-web monitoring and forensics tools, WHERE data gets breached is easily traced back to the company and website, so you cannot hide it.
When it happens, do you think your clients will rally around you? Have sympathy? News like this travels fast on social media and you must tell your clients, “Sorry, we got hacked because we didn’t think it would happen to us,” or “We didn’t want to spend the money.” Is that going to be sufficient to pacify them?
2. Government Fines, Legal Fees, Lawsuits: Breach notification statutes remain one of the most active areas of the law. Right now, several senators are lobbying for “massive and mandatory” fines and more aggressive legislation pertaining to data breaches and data privacy. The courts are NOT in your favor if you expose client data to cybercriminals.
Don’t think for a minute that this only applies to big corporations: ANY small business that collects customer information also has important obligations to its customers to tell them if they experience a breach. In fact, 47 states and the District of Columbia each have their own data breach laws – and they are getting tougher by the minute.
If you’re in health care or financial services, you have additional notification requirements under the Health Insurance Portability and Accountability Act (HIPAA), the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA).
3. Cost, After Cost, After Cost: One breach, one ransomware attack, one rogue employee can create hours of extra work for staff who are already maxed out when things are going well. Then there’s business interruption and downtime, backlogged work delivery for your current clients. Loss of sales. Forensics costs to determine what kind of hack attack occurred, what part of the network is/was affected and what data was compromised. Emergency IT restoration costs for getting you back up if that’s even possible. In some cases, you’ll be forced to pay the ransom and maybe – just maybe – they’ll give you your data back. Then there are legal fees and the cost of legal counsel to help you respond to your clients and the media. Cash flow will be significantly disrupted, budgets blown up. Some states require companies to provide one year of credit-monitoring services to consumers affected by a data breach, and more are following suit.
According to the Cost of Data Breach Study conducted by Ponemon Institute, the average cost of a data breach is $225 per record compromised, after factoring in IT recovery costs, lost revenue, downtime, fines, legal fees, etc. How many client records do you have? Employees? Multiply that by $225 and you’ll start to get a sense of the costs to your organization.
4. Bank Fraud: If your bank account is accessed and funds stolen, the bank is NOT responsible for replacing those funds. Take the true story of Verne Harnish, CEO of Gazelles, Inc., a very successful and well-known consulting firm, and author of the best-selling book The Rockefeller Habits.
Harnish had $400,000 taken from his bank account when hackers were able to access his PC and intercept e-mails between him and his assistant. The hackers, who are believed to be based in China, sent an e-mail to his assistant asking her to wire funds to 3 different locations. It didn’t seem strange to the assistant because Harnish was then involved with funding several real estate and investment ventures. The assistant responded in the affirmative, and the hackers, posing as Harnish, assured her that it was to be done. The hackers also deleted his daily bank alerts, which he didn’t notice because he was busy running the company, traveling, and meeting with clients. That money was never recovered, and the bank is not responsible.
Everyone wants to believe “Not MY assistant, not MY employees, not MY company” – but do you honestly believe that your staff is incapable of making a single mistake? A poor judgment? Nobody believes they will be in a car wreck when they leave the house every day, but you still put the seat belt on. You don’t expect a life-threatening crash, but that’s not a reason to not buckle up. What if?
Claiming ignorance is not a viable defense, nor is pointing to your outsourced IT company to blame them. YOU will be responsible, and YOUR company will bear the brunt.
5. Using YOU As The Means To Infect Your Clients: Some hackers don’t lock your data for ransom or steal money. Often, they use your server, website, or profile to spread viruses and/or compromise other PCs. If they hack your website, they can use it to relay spam, run malware, build SEO pages, or promote their religious or political ideals. (Side note: This is why you also need advanced endpoint security, spam filtering, web gateway security, SIEM and the other items detailed in this report, but more on those in a minute.) Are you okay with that happening?
Please…Do NOT Just Shrug This Off
(What To Do Now)
I know you are extremely busy and there is enormous temptation to discard this, shrug it off, worry about it “later” or dismiss it altogether. That is, undoubtedly, the easy choice…but the easy choice is rarely the RIGHT choice. This I can guarantee: At some point, you WILL HAVE TO DEAL WITH A CYBERSECURITY EVENT.
Hopefully you’ll be brilliantly prepared for it and experience only a minor inconvenience at most. But if you wait and do NOTHING, I can practically guarantee this will be a far more costly, disruptive, and devastating attack that will happen to your business.
You’ve spent a lifetime working hard to get where you are today. Don’t let some lowlife thief operating outside the law in another country get away with taking that from you. And certainly don’t “hope” your IT guy has you covered.
To avoid dealing with a cybersecurity event, attend our cybersecurity event to learn how you can proactively protect your business against cyber threats and negligence. Join us on September 21st from 5:30-7:30 PM at The Turn: Top Golf Swing Suite for an exciting evening of golf, cocktails, and cybersecurity insights, brought to you by Barracuda and LoyalITy.
We'll kick off the evening with a presentation on the changing landscape of cybersecurity. Hear from our experts about the latest threats, trends, and strategies for protecting your digital life.
Take a swing on the golf simulator and show off your skills while representatives from LoyalITy and Barracuda will be on hand to answer your questions and discuss how you stay secure in today's ever-changing cyber landscape.
In our unwavering commitment to cybersecurity, we’re delighted to offer all attendees an invaluable FREE networks assessment (valued at $497).
When done, we’ll give you a report of findings that will not only reveal if your data and computer network really are properly backed up and secured but also if there is anything you need to do now to prevent a major network outage, data loss, hacker attack or other expensive, data-erasing disaster. We can also help provide solutions that will align your technology with your business needs to avoid future headaches and facilitate productivity and business growth.
Our free Network Assessment comes with zero strings attached, no expectations, and no obligations on your part. If nothing else, it will be a good third-party validation of how well your systems are currently performing.
To sign up for this event, sign up using the form. Space is extremely limited!
Awaiting your response,
Kari Renn
President
LoyalITy
krenn@loyality.com
(920) 489-3187 - Work | (920) 655-7510 - Mobile
www.loyality.com
