ABT’s Webinar Series | MITS

ABTs Managed IT Services Webinar with Natalie Suarez of ConnectWise

Cyber Insurance | What your business needs to know going into 2023

Full Transcript Below | Timestamped for reference

What Every Business Leader Needs to Know to Protect Against Cyberattacks

uh first we would like to thank you for registering and attending Automated Business Technologies inaugural managed

0:12I.T Services webinar we’re planning a very intriguing series for you and we

0:17hope you find them all valuable and impactful for you your business and the critical I.T decisions that you make

0:25today uh we’re pleased to welcome Natalie sures principal Solutions advisor for connectwise

0:31as the liaison responsible for partner and client education she brings more than 25 years of experience to today’s

0:38conversation for work encompasses both public and private sectors including technology

0:44service providers Fortune 100 companies and many sharing communities her career focus is centered around

0:52cyber security software and systems engineering that have formed from years

0:57of leadership positions supporting analysts within intelligence communities in cyber security industries

1:05while we are all here for the wealth of knowledge she brings I would also like to remind you that at the end of the

1:12session we will do a drawing for a pair of Beats fit Pro earbuds for you your

1:17favorite co-worker or alternatively just in time for re-gifting for the holidays

1:23we will be taking your questions in the Q a section and answer those at the end of the presentation

1:29so it is my pleasure to introduce you to Natalie seres Natalie

1:35well hello everyone good morning good afternoon wherever you may be calling from and I am going to talk to you about

1:43cyber security and why you should care about it so we found uh through

1:49experience and through our practice and partnership with Automated Business Technologies that a lot of businesses

1:55just don’t spend enough time evaluating cyber risks and it’s not because they

2:01don’t want to know it is because they are tasked with their Core Business and that would be one of the reasons why

2:07you’d bring in a trusted partner like Automated Business Technologies to help you navigate this because they do spend

2:14the time in their partnership with connectwise to learn the threats and be prepared

2:19um you know we’ve all experienced this rapid shift to remote work environments and it’s really difficult once you have

2:25your staff working from home to get them back in the office as you can see behind me I am also working from home I’m not

2:33sure about my other colleagues on the line here since they have put up these beautiful logoed backgrounds

2:41to hide from us um along with working from home

2:48um you know we’ve really made that uh jump to embracing the cloud you know the

2:53cloud really does help to improve our day-to-day tasks and to simplify our

2:59collaboration with our colleagues and our clients but with that does come additional risk right

3:06so um and again as I was stating earlier the problem is not that organizations

3:12don’t want to be prepared but either they don’t really know or they

3:17underestimate the risks that are out there um you know if you’re losing data or

3:23more importantly just losing access to your data due to Cyber attack I like to

3:29tell my partners when I talk to them it’s not really about um is your data valuable to attackers

3:36it’s about is your data valuable to you so what would you do if you couldn’t access your data uh if it was a couple

3:43hours it might not be such a big deal but what if that drags on to weeks or months could your business survive that

3:50so it’s really important to understand what is going on in the Cyber landscape so that we can reduce your risk of

3:58losing access to your data and having any of those business interruptions

4:03so as a cyber nerd I love my definitions and I think it’s important to lay the

4:09groundwork for you so that you know what I am talking about so I’m not just

4:16talking at you I am sharing my knowledge with you so one of those really

4:21important Concepts is dwell time and what time actually is exactly what it

4:27sounds like how long has an attacker dwelling in my environment how long are

4:32they present from the moment they first get entry until the time they have been

4:37booted out or eradicated from that Network

4:44so import some important stats a new ransomware attack does occur every 11

4:50seconds some stats say it’s less time some stats States more time but we don’t have any wild variation out there

4:57amongst experts so I think it’s important to share that information with you and I do like to use statistics

5:04because numbers should not Inspire fear numbers are simply facts and I want you

5:10to be prepared and I want you to understand what the landscape looks like so we’re going to give you some more

5:15exciting facts here so for ransomware uh the DeWalt time is about 23 days of the average downtime

5:24from ransomware is about 21 days so that’s about three weeks without access to your data or your clients having

5:30access to their information uh the average total cost of a data breach actually got blurted out but it’s

5:37uh it’s it’s about two point I want to say it’s about 2.4 or 2.8 million

5:43dollars I’m not sure what happened to that slide there um we have some information on pending

5:49legislation as many of you know I’m sure many of you have received those wonderful cyber security Insurance

5:55renewals and you may see that the cost of insurance is skyrocketing or you may

6:01not even be able to be renewed unless you have certain cyber security controls in place and the impact of cyber warfare

6:09is pretty untested today I know um as I was listening to some of my podcasts the

6:14other day that um the Ukraine uh that Russia is

6:19specifically targeting NATO countries um that are supporting Ukraine either by

6:26vocally saying I support Ukraine or by doing things like supporting satellite services

6:33um and then of course your business reputation reputation is the key it’s

6:38what sets you above your competitors and the risk of losing or ruining your

6:44reputation due to a Cyber attack is very high okay so when we’re talking about some of

6:50this regulation I want you to note that I took my big red teacher marker and marked out pending

6:56um we’re talking about the Senate passing packages that require firms to report hacks we’re talking about

7:03um not just critical infrastructure which you’re going to see on the next slide this actual

7:08um this was actually signed into legislation on March 15th of this year

7:15um that requires critical infrastructure to report attacks within 72 hours but

7:20let me tell you there’s been a lot of activity this year regarding legislation around breach notification and privacy

7:28many other states have followed California’s example of the CCPA and

7:34California itself has amended those roles with a new regulation that’s going to take effect in January of next year I

7:43believe Utah’s don’t quote me because I don’t have this written down but I believe Utah’s new law is going to take

7:48effect in July either July or January July and January of 2023 are going to be very busy for cyber legislation and the

7:56federal government themselves are proposing additional legislation that may even Trump what is being required by

8:02the states and the important thing to note here is um just like the in the European Union

8:08where they have these laws under what they call gdpr which do apply to anyone who does

8:15business with these companies with any company residing in these states or residents in these states or countries

8:22these new laws that are coming out from multiple states require you to come with

8:27to comply as long as you’re doing business with someone who resides in that state so you could be in Florida

8:33doing business with someone who’s in Utah and you are required legally to

8:38comply with those laws and they’re really hard to keep up with that and that’s why connectwise partners with

8:45Automated Business Technologies and we share knowledge back and forth with one one another on these types of things so

8:52we can protect our partners and protect their clients uh another thing that I hear is that

8:58small businesses why why would bad guys care about small businesses well unfortunately that gap which used to be

9:06rather large um you know kind of Shifting towards um bad guys going after Enterprises is

9:12Shifting and is reducing and more and more smbs are being targeted by these

9:18attackers um and they are financially motivated if it you know if it takes them six months

9:24to break into a large Enterprise but it only takes them four weeks to break into several small businesses it’s a zero-sum

9:31gain uh gain they are making just as much money and they’re going after you

9:37because um they realize that you don’t have those big budgets so we need to be wise

9:42about how we spend our cyber dollars I just wanted to share with you I’m not

9:48going to read to you everything on this slide but I did want to share with you some of the information on recent cyber

9:55security threats and this list is honestly is updated every day I think I

10:00made this for um Automated Business about a week ago and I can tell you there’s already new

10:06stuff on here um I there are links in here so you can go read these articles for yourself to

10:12hear that this information is not just coming for me it’s not just coming from Automated Business but it’s coming from

10:18industry peers the I will point out that the the cyber security threats that are

10:25marked with one asterisk those are the ones that are in sisa sisa is a cyber security infrastructure and Security

10:32Agency of the U.S government these are the ones that are part of the top

10:37routinely exploited vulnerabilities I know this is a 2021 report but usually the reports

10:43um are released this year so the 2020 room reports are typically released in 2022 so this is accurate data and I work

10:51closely with our stock and our cyber Research Unit here at connectwise so I can validate this this is very real

10:57threats that are currently still happening uh the two with double asterisks are ones that are uh cyber

11:05Research Unit and our security operations center here at connectwise are actively seeing exploited amongst

11:11our customers our customer base so let’s talk a little bit more about

11:18what’s going on in the Cyber landscape so there are a couple of great resources

11:23that I heavily rely upon when I am talking to people who are interested in

11:30cyber security one of those is the FBI ic3 report it’s their internet crime

11:36report this is an organization that the FBI runs that you can either submit

11:41online or you can give a call or you can send an email and you can report any

11:46cyber breaches or incidents and they collect this information and you’ll see

11:52that um what they show here is that business email compromise we should all be

11:58familiar with this usually comes through many various methods one of those

12:03methods is the ReUse of usernames and passwords across multiple sites so using

12:11the same username and password which may be your Corporate email address across both your business and across maybe

12:18Amazon shopping or Home Depot or Target or one of those places and then one of

12:24those retailers is popped and these and that’s a technical term by the way popped it means there’s an incident or a

12:32breach by the way breach is a legal term and then these three actors what they do

12:37is they take those credentials that they’ve just popped from Target or Home

12:42Depot or insert miscellaneous retailer out there and they will try them especially because now they have your

12:49business domain right so they will try them and try to break into your business

12:54try to break into your email account maybe exfiltrate data and do other

12:59nefarious things make lateral movements across your network but those occur those account for about 31 percent of

13:06cyber crime losses that’s only about a third well the good news is that percentage went down the bad news is

13:13that percentage went down because we have a new player on the market right and another thing I want to point out is

13:19bad guys are getting smarter and smarter and the barrier to being a bad guy has

13:24been significantly reduced they have their own marketplaces they have fishing as a service ransomware as a service all

13:32you need is some Bitcoin you no longer need technical know how how to get the infrastructure and the information you

13:38need to attack a small to medium-sized business or even an Enterprise

13:43um so there’s always new business um email compromise schemes you can see

13:49from here that the complaints the average complaint was about 120k I don’t

13:55know about you but as a small to medium-sized business I I would think 120k loss could be devastating and

14:03here’s some of the figures that we’re missing from the last slide that disappeared about 2.4 billion in losses

14:08last year um so the new player on the market is cryptocurrency

14:14um I don’t know if you play in the crypto Market I personally don’t I have another enough things to keep me busy

14:19but um the actual amount of complaints for

14:25cryptocurrency where I’m talking people will break into your wallet and steal your crypto

14:31which can no longer be traced once it’s stolen that is 19 of crime so that took

14:36a big chunk percentage-wise of what was happening the previous year with business email compromise but the

14:43important thing is that crime increased Sevenfold since 2020 and it accounts for

14:48about 1.6 billion in U.S losses last year so like I said I like to use stats um

14:55they are numbers another great resource and oh by the way I do have these links

15:00in here for you very easy reading lots of numbers if you like that kind of thing I guess I kind of do and you will

15:07see that the Verizon report Verizon has been putting out this report for a number of years it’s highly regarded in

15:13industry and saying that the four key paths that lead to compromise of your estate or your business is credentials

15:21phishing exploit vulnerabilities and botnets botnets are like automated you

15:28can think of an automated network of computers that will go after trying to break into your systems exploit

15:34vulnerabilities we’re talking it could be um exploiting software availabilities like maybe some of the exchange

15:40vulnerabilities that were listed on a previous slide

15:46um so what do we do um you know we see all these stats um I’m realistic I know that they do

15:53invoke emotion even though numbers should have no emotion um so what do we do to to protect

15:59ourselves well the key to that is visibility and what I mean by visibility

16:04is again I love definitions um is you know the ability to just detect when one of those bad guys is in

16:11our system so we can shorten or minimize that dwell time and minimize the impact

16:17to our business and minimize the impact to any of our clients so this is just to show that the White

16:24House under executive order uh does realize that the problem is visibility

16:30um it has to do with inconsistent um deployment of foundational cyber

16:36security tools and they are asking that everyone deploy endpoint detection and response as one

16:43of those tools [Music]

16:49me so what is that minimum acceptable technology

16:55that would be

17:01an incident response plan notice that this is not technology this is a piece

17:07of paper that says this is what I do if there’s an incident in my business this

17:12is something that Automated Business Technologies is experienced in and can help you develop

17:18and the fact is an incident response plan alone is not going to protect you you actually need to practice that plan

17:25that plan needs to be actually put in a good old-fashioned binder and you’re carrying this from a techie who hates

17:31paper because what if you know what if the it happens what if you are

17:38compromised what if there is a ransomware attack and your files are encrypted you don’t want your incident

17:43response plan to be encrypted um you really need to have that paper copy you need to have tabletop exercises

17:49you need to practice that again something um automated can help you with a

17:55multi-factor Authentication really really important

18:00um there are again bad guys getting smarter I would even go so far as to say

18:06um and this we’re not seeing this in your applications yet but the insurance industry tends to be a little behind

18:12multi-factor authentication Maybe by an SMS text that you get which is not really the best but it’s better than

18:18nothing but I personally use Hardware tokens so if anyone wants to hear more about those reach out to me reach out to

18:25Steve and we’ll tell you all about Hardware tokens um endpoint detection and response you

18:31saw that referenced in the executive order from the White House security

18:37incident slash information and event management um you know a Sim this is much more than

18:44a log aggregator this is a system that sees what’s happening from your network perspective all of that infrastructure

18:51that you deploy whether it’s in the cloud whether it’s on-prem all of that generates a plethora of log files that

18:59do you absolutely no good unless you’re doing something to process them backups like your incident response plan

19:07not only is it important to have it is important to test to make sure that it works it’s important that it’s segmented

19:14away from the rest of your network back in the good old days we used to put those puppies on tapes and transport

19:21them to a different location I think we’ve evolved a little bit but we should still have them in a separate uh

19:27isolated location away uh from our Network even more than just the segmented but again rely on the

19:35knowledge of Automated Business Technologies to advise you on how you should manage those backups

19:42and how do we know which one of these we should do first and if anything we have

19:48is good enough or is a great starting point or whatever well the way we know is we do a cyber security assessment now

19:56I do want to tell you a cyber security assessment is all about people process and Technology as you can see from this

20:02list we are not all about technology even though Automated Business Technologies there’s many facets uh to

20:09cyber security that they’re going to be able to help you with and they’re going to start that with a cyber security

20:14assessment so they can analyze where you are and help you formulate a plan that

20:19aligns to your business objectives to see where you want to get and the reason

20:24you want to do this is this is not a one-size-fit-all solution this is going to be tailored to your specific business

20:33so I just want to show you a few examples about cyber insurance and renewals I just want to show you these

20:40are real screenshots of actual um cyber Insurance uh applications I

20:47want you to see that this is just not coming for me it’s not just coming from Stephen Wendy

20:53um these are real applications have you implemented endpoint detection and response security tools do you have

21:00processes and procedures are you using multi-factor authentication what other

21:06policies do you have are you properly configuring controls to protect your

21:11email um are you know do we Mark external email that’s coming in to warn our warn

21:19our staff on our colleagues and if you’re not doing these things you better be prepared to explain why

21:29again um more information so they’re going to want some

21:34information actually from your uh incident response plan in the event of

21:40an infection what are you going to do that’s incident response plan well you know I need to be able to answer those

21:46questions if I don’t have that plan I’m not going to be able to answer this and then they’re going to want to know specifically look at this they’re asking

21:54specifically what tools are you using to do this

22:01so what should we do well the first step we need to

22:06understand data responsibility and um you know I want to make sure that you

22:11know those of you who are on this call or on this webinar that uh you are the

22:18data owners your company owns the data that you process um you own the liability for it so this

22:24is where it comes down to your business objectives and you own the budget for protecting that data and that is why

22:31you’re going to work with Automated Business technology they’re going to help you implement the solutions and

22:36they’ll be custodians of your data and then the information security arm is going to provide that risk insight and

22:43mitigation information for you so you can make those decisions what do I need to do first what processes and policies

22:51do I need to put in place what kind of security awareness training do I need to do and what tools do I need to deploy

22:59so just as a takeaway for you these are the components of a well-designed cyber

23:04security solution and as I think I’ve fairly I’ve hammered home where do we

23:11start we start with the security assessment so I am a nerd I love analogies I think

23:17analogies make my text speak much easier for you to digest and understand right

23:22so I’m going to share an analogy with you you want to protect your house right well you also want to protect your

23:29business and I want to show you how similar protecting your house and protecting your business are in very

23:35simple terms so when we think about our house what

23:41things do we have we have our family we have our pets we may have Collectibles I

23:47don’t know if you can see behind me but I have some Lego and I have some superhero posters DC

23:53um just gotta throw that in your documents and valuables like your passport maybe your little TSA pre-check

24:00goes thing about Bob your birth certificate your marriage certificate um your electronics and computers uh we

24:07all know if my TVs stolen yeah that stinks but fairly easy to get

24:13that replaced by my insurance if my computer with all my data is stolen holy cow

24:19um how do we protect these things well we have a first layer of protection right we have our doors and windows we

24:25may lock those doors and windows unfortunately we do that these days education we educate our family we may

24:33even educate our friends I know as a mom of three girls that when they were teens

24:39and Facebook in Myspace and all that great new technology was out

24:44um occasionally these brilliant teenage girls of mine would post a photo and I’d be like I really don’t think you want

24:51that out there this is why the internet is forever and we’d remove them and it wasn’t that they were trying to be bad

24:57but they just needed to be educated on how they should use social media and

25:02that still holds true today um this isn’t and by the way protecting your business is just not about doing

25:10this while you’re at work it’s about doing this while you’re at home too don’t use your business email for your

25:16social your personal social media account or for shopping um yard signs everyone has what Simply

25:22Safe ADT Guardian I could name on and on and on saying hey don’t break into my

25:28house because I have great security here um what’s our next step what’s our next layer you may have not just the yard

25:35sign you may actually have that alarm um may have a motion sensor I know I have motion sensors inside and every

25:42once in a while we’ll set the alarm wrong and immediately uh notify everyone um that our motion sensor has gone off

25:48uh we have them outside we have the doorbell camera with a motion sensor we have our ring cameras with an emotion

25:54Center we have our neighborhood watch um even via our Facebook group or if you

26:00have a ring they have a neighborhood um program I think it’s actually called neighborhood

26:05um what other physical ways do we protect ourselves do we have a dog that barks

26:10some of them their barks are worse than their bites right um You may flee you may just run away I

26:16don’t advise running away and sticking your head in the sand as far as cyber security but some people do it

26:22um you may call the police the FBI you may if you’re particularly violent

26:28react with a baseball bat or more kinetic forces and this is the four components identify

26:37protect detect respond and then of course recover when that

26:43incident does happen um with your incident response plan you may have a family emergency plan your

26:50backup systems even backup systems maybe your home computer if God forbid that gets taken you know taken your cyber

26:56Insurance Emergency Equipment um and this is how you get that right

27:01cyber security provided by Automated Business Technologies um and oh by the way I just taught you

27:08all in this cyber security framework um identify protect detect respond and

27:14recover look how simple cyber is so when I first started my career a long

27:21long time ago and that’s why it’s only 25 or more because we’re not admitting age

27:26um I had a boss and he always used to say perfect is the enemy of done back in

27:31those days I was a software developer and um if any of you know any software developers we can get a little crazy

27:38when it comes to our code and we’d have little competitions to see who could write the shortest most obscure piece of

27:44code or or more usefully we would try to optimize our code to see who could write

27:50the best code that would get the job done well that’s all well and good but

27:55if you need to get the job done in 15 minutes and we’re spending five hours making sure that we get the code to

28:02operate in 15 seconds is really the best uh use of our time and this comes from a

28:08quote from Voltaire the perfect is the enemy of the good um in all the process of human activity

28:16it’s necessary ready to find that balance between doing something and

28:21getting it right or good enough you have to have a reasonable balance and again another reason for the risk assessment

28:27that’s going to help you with your business objectives which are going to be considered it’s going to help you find that reasonable balance so I would

28:37really suggest that what you do is you talk with Automated Business Technologies about starting with that

28:44assessment and with that I am going to open it up

28:50for Q and A and you are I can’t see all the chats because of the way my screens

28:55are arranged but you can send private chats and you can’t or you could say

29:01group chats and you can ask any questions about anything uh cyber

29:06related whether I covered it or not so I will hand it back to uh you Steve do you

29:11have any final thoughts for questions yourself yes uh you know in first it occurred to

29:18me that uh uh when I when I started off with your introduction I I forgot to

29:23mention that uh my name’s Steve Tucker I’m the vice president of managed I.T services for Automated Business

29:29Technologies and with us is is Wendy Campbell she’s our marketing director

29:35um uh as I mentioned earlier we’re going to be put together uh uh multiple

29:42um webinars that are based on on cyber security and this is just um uh one of many

29:48um one thing I also wanted to to mention uh Natalie is that uh a lot of things

29:53that we do in our assessments is is we we actually ping the dark web uh

30:00really to find out you know if a company’s uh uh email uh username email passwords

30:08have actually been sold out there on the dark web and present them to our uh to

30:13our clients and potential clients it’s kind of interesting to to see what reactions we get uh

30:19yeah yeah because it the thing is is that a lot of people have a have a bad

30:24behavior it’s human behavior you know to to uh uh actually keep the same password and

30:32multiple accounts and then use use uh an email address that you’re familiar with

30:38maybe not a personal one but you’re using your your business email address as your login you know and then tie

30:45those two together and and there you’ve got a a breach for disaster that’s right

30:50so I mean another thing that I would actually add is really I cannot stress

30:55enough using a password manager a password manager is just good uh cyber

31:00hygiene there is no way on Earth I could keep all of the user accounts I mean you

31:05can’t even go to the grocery store with having a a user account right

31:11um so there’s no way I could keep all that in my head um a password manager is a very

31:17um you know especially personally it is a very uh inexpensive way to protect

31:23yourself and to keep track of all those usernames and passwords and really even automate your life to some extent uh

31:31there’s no way I could remember all that and that keeps me from doing things like using my business email for personal

31:36purposes so um and I’d like to expand on something

31:42you just said to make sure because I think uh someone direct messaged me here

31:47um that the dark web so the way the internet works is you can think of it as

31:53an iceberg um the top part is the web that we interact with every day so we do a

32:00Google Search and we look for the best cyber security provider out there the best MSP right and we come out with

32:07Automated Business Tech right guys and you know we’re all familiar with

32:12that then we have um the Deep Web um so that’s another layer of that

32:17Iceberg and the Deep Web is where we do our things like our banking so you know

32:23most people do know enough to have a better password for their banking but the reason you choose this is a password

32:29manager professionally and personally is because a lot of times that breach

32:35starts somewhere farther you know the path of least resistance that grocery store account I have and if I’m reusing

32:41that username and password then that might lead to my banking and if I’m using that for my banking because I

32:47think that’s secure that’s going to lead to compromise of my business um you know so in the Deep Web that’s

32:55where our banking stuff is you know our IRAs our 401ks are you know checking and

33:01savings um and then below that that and if everyone’s familiar with icebergs you

33:06see this much but that below portion is huge and that’s where you’re going to

33:12find the dark web and that’s where why it’s important um you know part of that risk assessment

33:18they’re going to ask you about which domains to scan and they’re going to use that and they’re going to do a dark web search for you and remember earlier when

33:26I said that the barrier to being a bad guy has been greatly reduced well in

33:31that dark web typically you need specialized browsers like a tour client to access information on the dark web

33:38and that’s where they’re going to find those usernames and passwords and that’s

33:44where they’re going to find this whole Marketplace of ransomware as a service or fishing as a service and it’s

33:50important to know if if you’ve been if you or any of your staff or colleagues have been compromised out there so you

33:57could take immediate action during me to remediate that um and when they provide you that report

34:02that’s going to be a very high critical if anything is found on that and that is something in your little road map that

34:09you’re going to create to get to Great cyber security that you’re going to take care of immediately right Steve that’s

34:15correct yeah and also I wanted to mention uh some of our some of our clients have actually come

34:22to us about the cyber security Insurance uh forms that they have to

34:28fill out and let’s let’s also understand that uh the the Cyber the Cyber

34:33insurance is actually very it’s actually pretty new considering um and a lot of insurance companies are

34:40jumping on the bandwagon of providing this uh service now that that’s good and bad news you know

34:47the good news is oh great now we’ve got um we actually have quite a few to choose from or maybe the the one that

34:53you have been using for regular Insurance you could still use them for insurance the bad news part of it is is

35:00that a lot of them are not well I’m not going to say a lot of them but some of them are not actually uh

35:06you know really experts in this and and they they need to get into the game and

35:12so they start putting together a form that’s that has uh way more requirements or

35:19questionnaires you know that that maybe doesn’t really pertain to you what is the best way to to deal with that well

35:25that’s what we also do we don’t sell insurance but what we do is we get you in touch with somebody who can actually

35:33you know discuss what is necessary what is your business and how is it pertaining to the to the insurance that

35:39you’re looking for and try to get you the correct insurance for your cyber uh cyber insurance

35:46yeah I mean it really all comes down to your clients business objectives um you know what kind of coverage do

35:53they need how much coverage do they need how can we deploy the right tools or the

35:58right cyber security so they can obtain that coverage how much would you say as far as the

36:05businesses that currently think that they have the correct cyber insurance or maybe just don’t feel like they need

36:12it yet or need it at all how many people would you say are actually properly insured for cyber security issues oh wow

36:20that is such a loaded question um I I would guess not many I would get

36:25I guess not many and the other reason it’s really important to partner with

36:31um you know technology service provider like Automated Business Tech is because you guys are going to make sure that

36:38they have the right information to answer those questionnaires because if you don’t answer that questionnaire

36:43correctly um and then some you do have an incident um they’re gonna die your coverage or

36:51greatly limit it um and the cost for deploying these tools and even the cost for cyber

36:58Insurance um is is much much less than

37:05um actually having an incident or God forbid that legal term a breach um and that’s why it’s so important to

37:11work with people who understand the threat landscape and understand um what how to answer those questions

37:20um from that cyber Insurance perspective I unfortunately I don’t have a percentage but it’s it’s not many and

37:28we’re just now seeing um as people who did get on that uh Train Early are seeing that they’re

37:34getting their renewals this year when I say recent I mean like this year this is when we’re starting to see these

37:40questionnaires saying do you have xdr and I’m thinking do you even know what xdr is

37:46or MDR and those are all just fancy terms for endpoint detection and

37:52response um which is a critical tool that you will need and what that is is typically

37:59an agent that lives on your workstations and it monitors whether your staff is

38:04working from home or whether they’re working on a corporate Network it monitors what’s happening and can

38:09actually stop bad things from happening and it is way more advanced than antivirus I mean we could have a whole

38:16another hour conversation on what does EDR do what does that security incident

38:21and event management tool do what are the kinds of things I’m going to be asked on a risk assessment I mean those

38:28are webinars all on their own right we’ll bring you back for those of course of course I do have I do have one more

38:34question to follow up on that now um you know you get your car insurance it’s kind of a set it and forget it okay

38:40I’ve got it just renew it over and over and over and over um with the changes in the types of

38:46attacks that we’re seeing and the technology space as it is how often do you recommend that businesses review

38:52their cyber um I guess toolkit and as well as their cyber insurance and

38:59um I guess I guess the real question is how often do you think they should get in there to really look at that and

39:05review it ideally um Noah’s gonna like this answer ideally

39:11it’s going to be six months uh realistically it needs to at least be annually and that that goes to the risk

39:17assessment as well because you know you know it’s not like in the

39:23good old days where you had an antivirus and a firewall and you were golden and there wasn’t that much activity and you

39:28had to go to specialized news sources to see all these stats I mean cyber security threats and attacks and that

39:36are in the everyday news every day there’s a new story of something something new happening and not only on

39:44the good news side every day there’s some new technology happening too um and that’s why I

39:50idealistically I would say every six months realistically at least annually

39:56yeah and and that that’s what we also provide uh if with with all of our uh

40:02Services we always have the um what we call the the qbr the the it’s a it’s a

40:10review um it can be quarterly could be it could be uh every six months we we recommend

40:15that it’s either it’s either three or six months that we sit down and we go over what you know what has changed in

40:22your environment what can we do to improve it and and make you more consistent reliable and and secure very

40:28true yeah I was trying to be kind by saying six months yeah I mean honestly there’s something changing every day

40:36um you know but perfect is the enemy of the good right so we do what we can to

40:41make sure we’re staying ahead and still stay in business and that’s just why it’s so important to actually do that

40:47assessment and like I said it’s all about people practices and technology and uh all of that not one size fits all

40:55it has to do with your customers business objectives so

41:00you know it’s it’s a very in-depth process and it’s a critical one

41:07it’s a great conversation I wish participants could could chat with us

41:12um seriously do you guys have any other questions

41:18here I’ll open up I’ll open the floodgates so everyone can speak oh look at that

41:28when I’m teaching cyber security subjects I randomly call on people

41:35I’m thinking of employing those tactics or techniques here I know remember we’ve got those beats to

41:42give away so anybody wants to raise a hand there’s an automatic jump in oh okay well I do have any questions thank

41:48you you’re very welcome for the presentation thank you for taking the time to be with us I seriously

41:54appreciate it yeah thank you very much uh again we’re

42:00going to have multiple uh uh series you know that are going to be more uh specific

42:06um in in terms of of cyber security including disaster recovery and and how

42:12to keep your business more consistent and secure um

42:17we didn’t even touch on Disaster Recovery did we right right

42:23um so for now um I guess uh the last thing uh we have

42:28left to do is to is to choose um who gets our our uh give away the

42:35Beats or beats yeah um no just kidding

42:42so I’ve actually I’ve actually put um I I put a a number between one and

42:49five and I’ve I’ve labeled the uh participants who had actually got online

42:56um so um so Natalie if you choose a number between one and five let’s go right down

43:04the middle let’s choose three three okay well that’s Ave uh green

43:11uh congratulations Ave uh we will uh we’ll get in contact you about uh

43:18getting that to you and you can you can enjoy music on your own or re-gift

43:24[Music] excellent excellent all right well thank you everybody all right we appreciate it

43:31thank you I do have two follow-up questions as we close out the webinar uh just and simply just technical matters

43:37um you’ll be sharing this deck with the rest of the with all the participants yeah so I’ll send that out to everyone

43:43that are safe to click on you can Mouse over them and see what the links are

43:49I hope so I hope so and then also we’re going to be posting this online

43:55um on our YouTube channel and um and throughout so if anyone wants to go back and review it feel free to to check it

44:00out there appreciate it take care thank you Natalie all right bye-bye

English (auto-generated)

English (auto-generated)

Note | This webinar has happened in the past and can be viewed from the link above.

Who: ABTs Managed IT Services Team, Natalie Suarez of ConnectWise

Topic: Cyber Insurance

When: November 1st, 2022, at 10am

Where: Zoom link to follow with registration.

Leave a comment

Your email address will not be published. Required fields are marked *