abt-managed-it-services-webinar-natalie-suarez-connectwise

ABT’s Webinar Series | MITS


ABTs Managed IT Services Webinar with Natalie Suarez of ConnectWise

Cyber Insurance | What your business needs to know going into 2023

Full Transcript Below | Timestamped for reference

https://www.youtube.com/watch?v=1ocUouhpPVk

What Every Business Leader Needs to Know to Protect Against Cyberattacks

uh first we would like to thank you for registering and attending Automated Business Technologies inaugural managed

0:12I.T Services webinar we’re planning a very intriguing series for you and we

0:17hope you find them all valuable and impactful for you your business and the critical I.T decisions that you make

0:25today uh we’re pleased to welcome Natalie sures principal Solutions advisor for connectwise

0:31as the liaison responsible for partner and client education she brings more than 25 years of experience to today’s

0:38conversation for work encompasses both public and private sectors including technology

0:44service providers Fortune 100 companies and many sharing communities her career focus is centered around

0:52cyber security software and systems engineering that have formed from years

0:57of leadership positions supporting analysts within intelligence communities in cyber security industries

1:05while we are all here for the wealth of knowledge she brings I would also like to remind you that at the end of the

1:12session we will do a drawing for a pair of Beats fit Pro earbuds for you your

1:17favorite co-worker or alternatively just in time for re-gifting for the holidays

1:23we will be taking your questions in the Q a section and answer those at the end of the presentation

1:29so it is my pleasure to introduce you to Natalie seres Natalie

1:35well hello everyone good morning good afternoon wherever you may be calling from and I am going to talk to you about

1:43cyber security and why you should care about it so we found uh through

1:49experience and through our practice and partnership with Automated Business Technologies that a lot of businesses

1:55just don’t spend enough time evaluating cyber risks and it’s not because they

2:01don’t want to know it is because they are tasked with their Core Business and that would be one of the reasons why

2:07you’d bring in a trusted partner like Automated Business Technologies to help you navigate this because they do spend

2:14the time in their partnership with connectwise to learn the threats and be prepared

2:19um you know we’ve all experienced this rapid shift to remote work environments and it’s really difficult once you have

2:25your staff working from home to get them back in the office as you can see behind me I am also working from home I’m not

2:33sure about my other colleagues on the line here since they have put up these beautiful logoed backgrounds

2:41to hide from us um along with working from home

2:48um you know we’ve really made that uh jump to embracing the cloud you know the

2:53cloud really does help to improve our day-to-day tasks and to simplify our

2:59collaboration with our colleagues and our clients but with that does come additional risk right

3:06so um and again as I was stating earlier the problem is not that organizations

3:12don’t want to be prepared but either they don’t really know or they

3:17underestimate the risks that are out there um you know if you’re losing data or

3:23more importantly just losing access to your data due to Cyber attack I like to

3:29tell my partners when I talk to them it’s not really about um is your data valuable to attackers

3:36it’s about is your data valuable to you so what would you do if you couldn’t access your data uh if it was a couple

3:43hours it might not be such a big deal but what if that drags on to weeks or months could your business survive that

3:50so it’s really important to understand what is going on in the Cyber landscape so that we can reduce your risk of

3:58losing access to your data and having any of those business interruptions

4:03so as a cyber nerd I love my definitions and I think it’s important to lay the

4:09groundwork for you so that you know what I am talking about so I’m not just

4:16talking at you I am sharing my knowledge with you so one of those really

4:21important Concepts is dwell time and what time actually is exactly what it

4:27sounds like how long has an attacker dwelling in my environment how long are

4:32they present from the moment they first get entry until the time they have been

4:37booted out or eradicated from that Network

4:44so import some important stats a new ransomware attack does occur every 11

4:50seconds some stats say it’s less time some stats States more time but we don’t have any wild variation out there

4:57amongst experts so I think it’s important to share that information with you and I do like to use statistics

5:04because numbers should not Inspire fear numbers are simply facts and I want you

5:10to be prepared and I want you to understand what the landscape looks like so we’re going to give you some more

5:15exciting facts here so for ransomware uh the DeWalt time is about 23 days of the average downtime

5:24from ransomware is about 21 days so that’s about three weeks without access to your data or your clients having

5:30access to their information uh the average total cost of a data breach actually got blurted out but it’s

5:37uh it’s it’s about two point I want to say it’s about 2.4 or 2.8 million

5:43dollars I’m not sure what happened to that slide there um we have some information on pending

5:49legislation as many of you know I’m sure many of you have received those wonderful cyber security Insurance

5:55renewals and you may see that the cost of insurance is skyrocketing or you may

6:01not even be able to be renewed unless you have certain cyber security controls in place and the impact of cyber warfare

6:09is pretty untested today I know um as I was listening to some of my podcasts the

6:14other day that um the Ukraine uh that Russia is

6:19specifically targeting NATO countries um that are supporting Ukraine either by

6:26vocally saying I support Ukraine or by doing things like supporting satellite services

6:33um and then of course your business reputation reputation is the key it’s

6:38what sets you above your competitors and the risk of losing or ruining your

6:44reputation due to a Cyber attack is very high okay so when we’re talking about some of

6:50this regulation I want you to note that I took my big red teacher marker and marked out pending

6:56um we’re talking about the Senate passing packages that require firms to report hacks we’re talking about

7:03um not just critical infrastructure which you’re going to see on the next slide this actual

7:08um this was actually signed into legislation on March 15th of this year

7:15um that requires critical infrastructure to report attacks within 72 hours but

7:20let me tell you there’s been a lot of activity this year regarding legislation around breach notification and privacy

7:28many other states have followed California’s example of the CCPA and

7:34California itself has amended those roles with a new regulation that’s going to take effect in January of next year I

7:43believe Utah’s don’t quote me because I don’t have this written down but I believe Utah’s new law is going to take

7:48effect in July either July or January July and January of 2023 are going to be very busy for cyber legislation and the

7:56federal government themselves are proposing additional legislation that may even Trump what is being required by

8:02the states and the important thing to note here is um just like the in the European Union

8:08where they have these laws under what they call gdpr which do apply to anyone who does

8:15business with these companies with any company residing in these states or residents in these states or countries

8:22these new laws that are coming out from multiple states require you to come with

8:27to comply as long as you’re doing business with someone who resides in that state so you could be in Florida

8:33doing business with someone who’s in Utah and you are required legally to

8:38comply with those laws and they’re really hard to keep up with that and that’s why connectwise partners with

8:45Automated Business Technologies and we share knowledge back and forth with one one another on these types of things so

8:52we can protect our partners and protect their clients uh another thing that I hear is that

8:58small businesses why why would bad guys care about small businesses well unfortunately that gap which used to be

9:06rather large um you know kind of Shifting towards um bad guys going after Enterprises is

9:12Shifting and is reducing and more and more smbs are being targeted by these

9:18attackers um and they are financially motivated if it you know if it takes them six months

9:24to break into a large Enterprise but it only takes them four weeks to break into several small businesses it’s a zero-sum

9:31gain uh gain they are making just as much money and they’re going after you

9:37because um they realize that you don’t have those big budgets so we need to be wise

9:42about how we spend our cyber dollars I just wanted to share with you I’m not

9:48going to read to you everything on this slide but I did want to share with you some of the information on recent cyber

9:55security threats and this list is honestly is updated every day I think I

10:00made this for um Automated Business about a week ago and I can tell you there’s already new

10:06stuff on here um I there are links in here so you can go read these articles for yourself to

10:12hear that this information is not just coming for me it’s not just coming from Automated Business but it’s coming from

10:18industry peers the I will point out that the the cyber security threats that are

10:25marked with one asterisk those are the ones that are in sisa sisa is a cyber security infrastructure and Security

10:32Agency of the U.S government these are the ones that are part of the top

10:37routinely exploited vulnerabilities I know this is a 2021 report but usually the reports

10:43um are released this year so the 2020 room reports are typically released in 2022 so this is accurate data and I work

10:51closely with our stock and our cyber Research Unit here at connectwise so I can validate this this is very real

10:57threats that are currently still happening uh the two with double asterisks are ones that are uh cyber

11:05Research Unit and our security operations center here at connectwise are actively seeing exploited amongst

11:11our customers our customer base so let’s talk a little bit more about

11:18what’s going on in the Cyber landscape so there are a couple of great resources

11:23that I heavily rely upon when I am talking to people who are interested in

11:30cyber security one of those is the FBI ic3 report it’s their internet crime

11:36report this is an organization that the FBI runs that you can either submit

11:41online or you can give a call or you can send an email and you can report any

11:46cyber breaches or incidents and they collect this information and you’ll see

11:52that um what they show here is that business email compromise we should all be

11:58familiar with this usually comes through many various methods one of those

12:03methods is the ReUse of usernames and passwords across multiple sites so using

12:11the same username and password which may be your Corporate email address across both your business and across maybe

12:18Amazon shopping or Home Depot or Target or one of those places and then one of

12:24those retailers is popped and these and that’s a technical term by the way popped it means there’s an incident or a

12:32breach by the way breach is a legal term and then these three actors what they do

12:37is they take those credentials that they’ve just popped from Target or Home

12:42Depot or insert miscellaneous retailer out there and they will try them especially because now they have your

12:49business domain right so they will try them and try to break into your business

12:54try to break into your email account maybe exfiltrate data and do other

12:59nefarious things make lateral movements across your network but those occur those account for about 31 percent of

13:06cyber crime losses that’s only about a third well the good news is that percentage went down the bad news is

13:13that percentage went down because we have a new player on the market right and another thing I want to point out is

13:19bad guys are getting smarter and smarter and the barrier to being a bad guy has

13:24been significantly reduced they have their own marketplaces they have fishing as a service ransomware as a service all

13:32you need is some Bitcoin you no longer need technical know how how to get the infrastructure and the information you

13:38need to attack a small to medium-sized business or even an Enterprise

13:43um so there’s always new business um email compromise schemes you can see

13:49from here that the complaints the average complaint was about 120k I don’t

13:55know about you but as a small to medium-sized business I I would think 120k loss could be devastating and

14:03here’s some of the figures that we’re missing from the last slide that disappeared about 2.4 billion in losses

14:08last year um so the new player on the market is cryptocurrency

14:14um I don’t know if you play in the crypto Market I personally don’t I have another enough things to keep me busy

14:19but um the actual amount of complaints for

14:25cryptocurrency where I’m talking people will break into your wallet and steal your crypto

14:31which can no longer be traced once it’s stolen that is 19 of crime so that took

14:36a big chunk percentage-wise of what was happening the previous year with business email compromise but the

14:43important thing is that crime increased Sevenfold since 2020 and it accounts for

14:48about 1.6 billion in U.S losses last year so like I said I like to use stats um

14:55they are numbers another great resource and oh by the way I do have these links

15:00in here for you very easy reading lots of numbers if you like that kind of thing I guess I kind of do and you will

15:07see that the Verizon report Verizon has been putting out this report for a number of years it’s highly regarded in

15:13industry and saying that the four key paths that lead to compromise of your estate or your business is credentials

15:21phishing exploit vulnerabilities and botnets botnets are like automated you

15:28can think of an automated network of computers that will go after trying to break into your systems exploit

15:34vulnerabilities we’re talking it could be um exploiting software availabilities like maybe some of the exchange

15:40vulnerabilities that were listed on a previous slide

15:46um so what do we do um you know we see all these stats um I’m realistic I know that they do

15:53invoke emotion even though numbers should have no emotion um so what do we do to to protect

15:59ourselves well the key to that is visibility and what I mean by visibility

16:04is again I love definitions um is you know the ability to just detect when one of those bad guys is in

16:11our system so we can shorten or minimize that dwell time and minimize the impact

16:17to our business and minimize the impact to any of our clients so this is just to show that the White

16:24House under executive order uh does realize that the problem is visibility

16:30um it has to do with inconsistent um deployment of foundational cyber

16:36security tools and they are asking that everyone deploy endpoint detection and response as one

16:43of those tools [Music]

16:49me so what is that minimum acceptable technology

16:55that would be

17:01an incident response plan notice that this is not technology this is a piece

17:07of paper that says this is what I do if there’s an incident in my business this

17:12is something that Automated Business Technologies is experienced in and can help you develop

17:18and the fact is an incident response plan alone is not going to protect you you actually need to practice that plan

17:25that plan needs to be actually put in a good old-fashioned binder and you’re carrying this from a techie who hates

17:31paper because what if you know what if the it happens what if you are

17:38compromised what if there is a ransomware attack and your files are encrypted you don’t want your incident

17:43response plan to be encrypted um you really need to have that paper copy you need to have tabletop exercises

17:49you need to practice that again something um automated can help you with a

17:55multi-factor Authentication really really important

18:00um there are again bad guys getting smarter I would even go so far as to say

18:06um and this we’re not seeing this in your applications yet but the insurance industry tends to be a little behind

18:12multi-factor authentication Maybe by an SMS text that you get which is not really the best but it’s better than

18:18nothing but I personally use Hardware tokens so if anyone wants to hear more about those reach out to me reach out to

18:25Steve and we’ll tell you all about Hardware tokens um endpoint detection and response you

18:31saw that referenced in the executive order from the White House security

18:37incident slash information and event management um you know a Sim this is much more than

18:44a log aggregator this is a system that sees what’s happening from your network perspective all of that infrastructure

18:51that you deploy whether it’s in the cloud whether it’s on-prem all of that generates a plethora of log files that

18:59do you absolutely no good unless you’re doing something to process them backups like your incident response plan

19:07not only is it important to have it is important to test to make sure that it works it’s important that it’s segmented

19:14away from the rest of your network back in the good old days we used to put those puppies on tapes and transport

19:21them to a different location I think we’ve evolved a little bit but we should still have them in a separate uh

19:27isolated location away uh from our Network even more than just the segmented but again rely on the

19:35knowledge of Automated Business Technologies to advise you on how you should manage those backups

19:42and how do we know which one of these we should do first and if anything we have

19:48is good enough or is a great starting point or whatever well the way we know is we do a cyber security assessment now

19:56I do want to tell you a cyber security assessment is all about people process and Technology as you can see from this

20:02list we are not all about technology even though Automated Business Technologies there’s many facets uh to

20:09cyber security that they’re going to be able to help you with and they’re going to start that with a cyber security

20:14assessment so they can analyze where you are and help you formulate a plan that

20:19aligns to your business objectives to see where you want to get and the reason

20:24you want to do this is this is not a one-size-fit-all solution this is going to be tailored to your specific business

20:33so I just want to show you a few examples about cyber insurance and renewals I just want to show you these

20:40are real screenshots of actual um cyber Insurance uh applications I

20:47want you to see that this is just not coming for me it’s not just coming from Stephen Wendy

20:53um these are real applications have you implemented endpoint detection and response security tools do you have

21:00processes and procedures are you using multi-factor authentication what other

21:06policies do you have are you properly configuring controls to protect your

21:11email um are you know do we Mark external email that’s coming in to warn our warn

21:19our staff on our colleagues and if you’re not doing these things you better be prepared to explain why

21:29again um more information so they’re going to want some

21:34information actually from your uh incident response plan in the event of

21:40an infection what are you going to do that’s incident response plan well you know I need to be able to answer those

21:46questions if I don’t have that plan I’m not going to be able to answer this and then they’re going to want to know specifically look at this they’re asking

21:54specifically what tools are you using to do this

22:01so what should we do well the first step we need to

22:06understand data responsibility and um you know I want to make sure that you

22:11know those of you who are on this call or on this webinar that uh you are the

22:18data owners your company owns the data that you process um you own the liability for it so this

22:24is where it comes down to your business objectives and you own the budget for protecting that data and that is why

22:31you’re going to work with Automated Business technology they’re going to help you implement the solutions and

22:36they’ll be custodians of your data and then the information security arm is going to provide that risk insight and

22:43mitigation information for you so you can make those decisions what do I need to do first what processes and policies

22:51do I need to put in place what kind of security awareness training do I need to do and what tools do I need to deploy

22:59so just as a takeaway for you these are the components of a well-designed cyber

23:04security solution and as I think I’ve fairly I’ve hammered home where do we

23:11start we start with the security assessment so I am a nerd I love analogies I think

23:17analogies make my text speak much easier for you to digest and understand right

23:22so I’m going to share an analogy with you you want to protect your house right well you also want to protect your

23:29business and I want to show you how similar protecting your house and protecting your business are in very

23:35simple terms so when we think about our house what

23:41things do we have we have our family we have our pets we may have Collectibles I

23:47don’t know if you can see behind me but I have some Lego and I have some superhero posters DC

23:53um just gotta throw that in your documents and valuables like your passport maybe your little TSA pre-check

24:00goes thing about Bob your birth certificate your marriage certificate um your electronics and computers uh we

24:07all know if my TVs stolen yeah that stinks but fairly easy to get

24:13that replaced by my insurance if my computer with all my data is stolen holy cow

24:19um how do we protect these things well we have a first layer of protection right we have our doors and windows we

24:25may lock those doors and windows unfortunately we do that these days education we educate our family we may

24:33even educate our friends I know as a mom of three girls that when they were teens

24:39and Facebook in Myspace and all that great new technology was out

24:44um occasionally these brilliant teenage girls of mine would post a photo and I’d be like I really don’t think you want

24:51that out there this is why the internet is forever and we’d remove them and it wasn’t that they were trying to be bad

24:57but they just needed to be educated on how they should use social media and

25:02that still holds true today um this isn’t and by the way protecting your business is just not about doing

25:10this while you’re at work it’s about doing this while you’re at home too don’t use your business email for your

25:16social your personal social media account or for shopping um yard signs everyone has what Simply

25:22Safe ADT Guardian I could name on and on and on saying hey don’t break into my

25:28house because I have great security here um what’s our next step what’s our next layer you may have not just the yard

25:35sign you may actually have that alarm um may have a motion sensor I know I have motion sensors inside and every

25:42once in a while we’ll set the alarm wrong and immediately uh notify everyone um that our motion sensor has gone off

25:48uh we have them outside we have the doorbell camera with a motion sensor we have our ring cameras with an emotion

25:54Center we have our neighborhood watch um even via our Facebook group or if you

26:00have a ring they have a neighborhood um program I think it’s actually called neighborhood

26:05um what other physical ways do we protect ourselves do we have a dog that barks

26:10some of them their barks are worse than their bites right um You may flee you may just run away I

26:16don’t advise running away and sticking your head in the sand as far as cyber security but some people do it

26:22um you may call the police the FBI you may if you’re particularly violent

26:28react with a baseball bat or more kinetic forces and this is the four components identify

26:37protect detect respond and then of course recover when that

26:43incident does happen um with your incident response plan you may have a family emergency plan your

26:50backup systems even backup systems maybe your home computer if God forbid that gets taken you know taken your cyber

26:56Insurance Emergency Equipment um and this is how you get that right

27:01cyber security provided by Automated Business Technologies um and oh by the way I just taught you

27:08all in this cyber security framework um identify protect detect respond and

27:14recover look how simple cyber is so when I first started my career a long

27:21long time ago and that’s why it’s only 25 or more because we’re not admitting age

27:26um I had a boss and he always used to say perfect is the enemy of done back in

27:31those days I was a software developer and um if any of you know any software developers we can get a little crazy

27:38when it comes to our code and we’d have little competitions to see who could write the shortest most obscure piece of

27:44code or or more usefully we would try to optimize our code to see who could write

27:50the best code that would get the job done well that’s all well and good but

27:55if you need to get the job done in 15 minutes and we’re spending five hours making sure that we get the code to

28:02operate in 15 seconds is really the best uh use of our time and this comes from a

28:08quote from Voltaire the perfect is the enemy of the good um in all the process of human activity

28:16it’s necessary ready to find that balance between doing something and

28:21getting it right or good enough you have to have a reasonable balance and again another reason for the risk assessment

28:27that’s going to help you with your business objectives which are going to be considered it’s going to help you find that reasonable balance so I would

28:37really suggest that what you do is you talk with Automated Business Technologies about starting with that

28:44assessment and with that I am going to open it up

28:50for Q and A and you are I can’t see all the chats because of the way my screens

28:55are arranged but you can send private chats and you can’t or you could say

29:01group chats and you can ask any questions about anything uh cyber

29:06related whether I covered it or not so I will hand it back to uh you Steve do you

29:11have any final thoughts for questions yourself yes uh you know in first it occurred to

29:18me that uh uh when I when I started off with your introduction I I forgot to

29:23mention that uh my name’s Steve Tucker I’m the vice president of managed I.T services for Automated Business

29:29Technologies and with us is is Wendy Campbell she’s our marketing director

29:35um uh as I mentioned earlier we’re going to be put together uh uh multiple

29:42um webinars that are based on on cyber security and this is just um uh one of many

29:48um one thing I also wanted to to mention uh Natalie is that uh a lot of things

29:53that we do in our assessments is is we we actually ping the dark web uh

30:00really to find out you know if a company’s uh uh email uh username email passwords

30:08have actually been sold out there on the dark web and present them to our uh to

30:13our clients and potential clients it’s kind of interesting to to see what reactions we get uh

30:19yeah yeah because it the thing is is that a lot of people have a have a bad

30:24behavior it’s human behavior you know to to uh uh actually keep the same password and

30:32multiple accounts and then use use uh an email address that you’re familiar with

30:38maybe not a personal one but you’re using your your business email address as your login you know and then tie

30:45those two together and and there you’ve got a a breach for disaster that’s right

30:50so I mean another thing that I would actually add is really I cannot stress

30:55enough using a password manager a password manager is just good uh cyber

31:00hygiene there is no way on Earth I could keep all of the user accounts I mean you

31:05can’t even go to the grocery store with having a a user account right

31:11um so there’s no way I could keep all that in my head um a password manager is a very

31:17um you know especially personally it is a very uh inexpensive way to protect

31:23yourself and to keep track of all those usernames and passwords and really even automate your life to some extent uh

31:31there’s no way I could remember all that and that keeps me from doing things like using my business email for personal

31:36purposes so um and I’d like to expand on something

31:42you just said to make sure because I think uh someone direct messaged me here

31:47um that the dark web so the way the internet works is you can think of it as

31:53an iceberg um the top part is the web that we interact with every day so we do a

32:00Google Search and we look for the best cyber security provider out there the best MSP right and we come out with

32:07Automated Business Tech right guys and you know we’re all familiar with

32:12that then we have um the Deep Web um so that’s another layer of that

32:17Iceberg and the Deep Web is where we do our things like our banking so you know

32:23most people do know enough to have a better password for their banking but the reason you choose this is a password

32:29manager professionally and personally is because a lot of times that breach

32:35starts somewhere farther you know the path of least resistance that grocery store account I have and if I’m reusing

32:41that username and password then that might lead to my banking and if I’m using that for my banking because I

32:47think that’s secure that’s going to lead to compromise of my business um you know so in the Deep Web that’s

32:55where our banking stuff is you know our IRAs our 401ks are you know checking and

33:01savings um and then below that that and if everyone’s familiar with icebergs you

33:06see this much but that below portion is huge and that’s where you’re going to

33:12find the dark web and that’s where why it’s important um you know part of that risk assessment

33:18they’re going to ask you about which domains to scan and they’re going to use that and they’re going to do a dark web search for you and remember earlier when

33:26I said that the barrier to being a bad guy has been greatly reduced well in

33:31that dark web typically you need specialized browsers like a tour client to access information on the dark web

33:38and that’s where they’re going to find those usernames and passwords and that’s

33:44where they’re going to find this whole Marketplace of ransomware as a service or fishing as a service and it’s

33:50important to know if if you’ve been if you or any of your staff or colleagues have been compromised out there so you

33:57could take immediate action during me to remediate that um and when they provide you that report

34:02that’s going to be a very high critical if anything is found on that and that is something in your little road map that

34:09you’re going to create to get to Great cyber security that you’re going to take care of immediately right Steve that’s

34:15correct yeah and also I wanted to mention uh some of our some of our clients have actually come

34:22to us about the cyber security Insurance uh forms that they have to

34:28fill out and let’s let’s also understand that uh the the Cyber the Cyber

34:33insurance is actually very it’s actually pretty new considering um and a lot of insurance companies are

34:40jumping on the bandwagon of providing this uh service now that that’s good and bad news you know

34:47the good news is oh great now we’ve got um we actually have quite a few to choose from or maybe the the one that

34:53you have been using for regular Insurance you could still use them for insurance the bad news part of it is is

35:00that a lot of them are not well I’m not going to say a lot of them but some of them are not actually uh

35:06you know really experts in this and and they they need to get into the game and

35:12so they start putting together a form that’s that has uh way more requirements or

35:19questionnaires you know that that maybe doesn’t really pertain to you what is the best way to to deal with that well

35:25that’s what we also do we don’t sell insurance but what we do is we get you in touch with somebody who can actually

35:33you know discuss what is necessary what is your business and how is it pertaining to the to the insurance that

35:39you’re looking for and try to get you the correct insurance for your cyber uh cyber insurance

35:46yeah I mean it really all comes down to your clients business objectives um you know what kind of coverage do

35:53they need how much coverage do they need how can we deploy the right tools or the

35:58right cyber security so they can obtain that coverage how much would you say as far as the

36:05businesses that currently think that they have the correct cyber insurance or maybe just don’t feel like they need

36:12it yet or need it at all how many people would you say are actually properly insured for cyber security issues oh wow

36:20that is such a loaded question um I I would guess not many I would get

36:25I guess not many and the other reason it’s really important to partner with

36:31um you know technology service provider like Automated Business Tech is because you guys are going to make sure that

36:38they have the right information to answer those questionnaires because if you don’t answer that questionnaire

36:43correctly um and then some you do have an incident um they’re gonna die your coverage or

36:51greatly limit it um and the cost for deploying these tools and even the cost for cyber

36:58Insurance um is is much much less than

37:05um actually having an incident or God forbid that legal term a breach um and that’s why it’s so important to

37:11work with people who understand the threat landscape and understand um what how to answer those questions

37:20um from that cyber Insurance perspective I unfortunately I don’t have a percentage but it’s it’s not many and

37:28we’re just now seeing um as people who did get on that uh Train Early are seeing that they’re

37:34getting their renewals this year when I say recent I mean like this year this is when we’re starting to see these

37:40questionnaires saying do you have xdr and I’m thinking do you even know what xdr is

37:46or MDR and those are all just fancy terms for endpoint detection and

37:52response um which is a critical tool that you will need and what that is is typically

37:59an agent that lives on your workstations and it monitors whether your staff is

38:04working from home or whether they’re working on a corporate Network it monitors what’s happening and can

38:09actually stop bad things from happening and it is way more advanced than antivirus I mean we could have a whole

38:16another hour conversation on what does EDR do what does that security incident

38:21and event management tool do what are the kinds of things I’m going to be asked on a risk assessment I mean those

38:28are webinars all on their own right we’ll bring you back for those of course of course I do have I do have one more

38:34question to follow up on that now um you know you get your car insurance it’s kind of a set it and forget it okay

38:40I’ve got it just renew it over and over and over and over um with the changes in the types of

38:46attacks that we’re seeing and the technology space as it is how often do you recommend that businesses review

38:52their cyber um I guess toolkit and as well as their cyber insurance and

38:59um I guess I guess the real question is how often do you think they should get in there to really look at that and

39:05review it ideally um Noah’s gonna like this answer ideally

39:11it’s going to be six months uh realistically it needs to at least be annually and that that goes to the risk

39:17assessment as well because you know you know it’s not like in the

39:23good old days where you had an antivirus and a firewall and you were golden and there wasn’t that much activity and you

39:28had to go to specialized news sources to see all these stats I mean cyber security threats and attacks and that

39:36are in the everyday news every day there’s a new story of something something new happening and not only on

39:44the good news side every day there’s some new technology happening too um and that’s why I

39:50idealistically I would say every six months realistically at least annually

39:56yeah and and that that’s what we also provide uh if with with all of our uh

40:02Services we always have the um what we call the the qbr the the it’s a it’s a

40:10review um it can be quarterly could be it could be uh every six months we we recommend

40:15that it’s either it’s either three or six months that we sit down and we go over what you know what has changed in

40:22your environment what can we do to improve it and and make you more consistent reliable and and secure very

40:28true yeah I was trying to be kind by saying six months yeah I mean honestly there’s something changing every day

40:36um you know but perfect is the enemy of the good right so we do what we can to

40:41make sure we’re staying ahead and still stay in business and that’s just why it’s so important to actually do that

40:47assessment and like I said it’s all about people practices and technology and uh all of that not one size fits all

40:55it has to do with your customers business objectives so

41:00you know it’s it’s a very in-depth process and it’s a critical one

41:07it’s a great conversation I wish participants could could chat with us

41:12um seriously do you guys have any other questions

41:18here I’ll open up I’ll open the floodgates so everyone can speak oh look at that

41:28when I’m teaching cyber security subjects I randomly call on people

41:35I’m thinking of employing those tactics or techniques here I know remember we’ve got those beats to

41:42give away so anybody wants to raise a hand there’s an automatic jump in oh okay well I do have any questions thank

41:48you you’re very welcome for the presentation thank you for taking the time to be with us I seriously

41:54appreciate it yeah thank you very much uh again we’re

42:00going to have multiple uh uh series you know that are going to be more uh specific

42:06um in in terms of of cyber security including disaster recovery and and how

42:12to keep your business more consistent and secure um

42:17we didn’t even touch on Disaster Recovery did we right right

42:23um so for now um I guess uh the last thing uh we have

42:28left to do is to is to choose um who gets our our uh give away the

42:35Beats or beats yeah um no just kidding

42:42so I’ve actually I’ve actually put um I I put a a number between one and

42:49five and I’ve I’ve labeled the uh participants who had actually got online

42:56um so um so Natalie if you choose a number between one and five let’s go right down

43:04the middle let’s choose three three okay well that’s Ave uh green

43:11uh congratulations Ave uh we will uh we’ll get in contact you about uh

43:18getting that to you and you can you can enjoy music on your own or re-gift

43:24[Music] excellent excellent all right well thank you everybody all right we appreciate it

43:31thank you I do have two follow-up questions as we close out the webinar uh just and simply just technical matters

43:37um you’ll be sharing this deck with the rest of the with all the participants yeah so I’ll send that out to everyone

43:43that are safe to click on you can Mouse over them and see what the links are

43:49I hope so I hope so and then also we’re going to be posting this online

43:55um on our YouTube channel and um and throughout so if anyone wants to go back and review it feel free to to check it

44:00out there appreciate it take care thank you Natalie all right bye-bye

English (auto-generated)

English (auto-generated)

 

Note | This webinar has happened in the past and can be viewed from the link above.

Who: ABTs Managed IT Services Team, Natalie Suarez of ConnectWise

Topic: Cyber Insurance

When: November 1st, 2022, at 10am

Where: Zoom link to follow with registration.