ABTs Managed IT Services Webinar with Natalie Suarez of ConnectWise
Cyber Insurance | What your business needs to know going into 2023
Full Transcript Below | Timestamped for reference
What Every Business Leader Needs to Know to Protect Against Cyberattacks
uh first we would like to thank you for registering and attending Automated Business Technologies inaugural managed
0:12I.T Services webinar we’re planning a very intriguing series for you and we
0:17hope you find them all valuable and impactful for you your business and the critical I.T decisions that you make
0:25today uh we’re pleased to welcome Natalie sures principal Solutions advisor for connectwise
0:31as the liaison responsible for partner and client education she brings more than 25 years of experience to today’s
0:38conversation for work encompasses both public and private sectors including technology
0:44service providers Fortune 100 companies and many sharing communities her career focus is centered around
0:52cyber security software and systems engineering that have formed from years
0:57of leadership positions supporting analysts within intelligence communities in cyber security industries
1:05while we are all here for the wealth of knowledge she brings I would also like to remind you that at the end of the
1:12session we will do a drawing for a pair of Beats fit Pro earbuds for you your
1:17favorite co-worker or alternatively just in time for re-gifting for the holidays
1:23we will be taking your questions in the Q a section and answer those at the end of the presentation
1:29so it is my pleasure to introduce you to Natalie seres Natalie
1:35well hello everyone good morning good afternoon wherever you may be calling from and I am going to talk to you about
1:43cyber security and why you should care about it so we found uh through
1:49experience and through our practice and partnership with Automated Business Technologies that a lot of businesses
1:55just don’t spend enough time evaluating cyber risks and it’s not because they
2:01don’t want to know it is because they are tasked with their Core Business and that would be one of the reasons why
2:07you’d bring in a trusted partner like Automated Business Technologies to help you navigate this because they do spend
2:14the time in their partnership with connectwise to learn the threats and be prepared
2:19um you know we’ve all experienced this rapid shift to remote work environments and it’s really difficult once you have
2:25your staff working from home to get them back in the office as you can see behind me I am also working from home I’m not
2:33sure about my other colleagues on the line here since they have put up these beautiful logoed backgrounds
2:41to hide from us um along with working from home
2:48um you know we’ve really made that uh jump to embracing the cloud you know the
2:53cloud really does help to improve our day-to-day tasks and to simplify our
2:59collaboration with our colleagues and our clients but with that does come additional risk right
3:06so um and again as I was stating earlier the problem is not that organizations
3:12don’t want to be prepared but either they don’t really know or they
3:17underestimate the risks that are out there um you know if you’re losing data or
3:23more importantly just losing access to your data due to Cyber attack I like to
3:29tell my partners when I talk to them it’s not really about um is your data valuable to attackers
3:36it’s about is your data valuable to you so what would you do if you couldn’t access your data uh if it was a couple
3:43hours it might not be such a big deal but what if that drags on to weeks or months could your business survive that
3:50so it’s really important to understand what is going on in the Cyber landscape so that we can reduce your risk of
3:58losing access to your data and having any of those business interruptions
4:03so as a cyber nerd I love my definitions and I think it’s important to lay the
4:09groundwork for you so that you know what I am talking about so I’m not just
4:16talking at you I am sharing my knowledge with you so one of those really
4:21important Concepts is dwell time and what time actually is exactly what it
4:27sounds like how long has an attacker dwelling in my environment how long are
4:32they present from the moment they first get entry until the time they have been
4:37booted out or eradicated from that Network
4:44so import some important stats a new ransomware attack does occur every 11
4:50seconds some stats say it’s less time some stats States more time but we don’t have any wild variation out there
4:57amongst experts so I think it’s important to share that information with you and I do like to use statistics
5:04because numbers should not Inspire fear numbers are simply facts and I want you
5:10to be prepared and I want you to understand what the landscape looks like so we’re going to give you some more
5:15exciting facts here so for ransomware uh the DeWalt time is about 23 days of the average downtime
5:24from ransomware is about 21 days so that’s about three weeks without access to your data or your clients having
5:30access to their information uh the average total cost of a data breach actually got blurted out but it’s
5:37uh it’s it’s about two point I want to say it’s about 2.4 or 2.8 million
5:43dollars I’m not sure what happened to that slide there um we have some information on pending
5:49legislation as many of you know I’m sure many of you have received those wonderful cyber security Insurance
5:55renewals and you may see that the cost of insurance is skyrocketing or you may
6:01not even be able to be renewed unless you have certain cyber security controls in place and the impact of cyber warfare
6:09is pretty untested today I know um as I was listening to some of my podcasts the
6:14other day that um the Ukraine uh that Russia is
6:19specifically targeting NATO countries um that are supporting Ukraine either by
6:26vocally saying I support Ukraine or by doing things like supporting satellite services
6:33um and then of course your business reputation reputation is the key it’s
6:38what sets you above your competitors and the risk of losing or ruining your
6:44reputation due to a Cyber attack is very high okay so when we’re talking about some of
6:50this regulation I want you to note that I took my big red teacher marker and marked out pending
6:56um we’re talking about the Senate passing packages that require firms to report hacks we’re talking about
7:03um not just critical infrastructure which you’re going to see on the next slide this actual
7:08um this was actually signed into legislation on March 15th of this year
7:15um that requires critical infrastructure to report attacks within 72 hours but
7:20let me tell you there’s been a lot of activity this year regarding legislation around breach notification and privacy
7:28many other states have followed California’s example of the CCPA and
7:34California itself has amended those roles with a new regulation that’s going to take effect in January of next year I
7:43believe Utah’s don’t quote me because I don’t have this written down but I believe Utah’s new law is going to take
7:48effect in July either July or January July and January of 2023 are going to be very busy for cyber legislation and the
7:56federal government themselves are proposing additional legislation that may even Trump what is being required by
8:02the states and the important thing to note here is um just like the in the European Union
8:08where they have these laws under what they call gdpr which do apply to anyone who does
8:15business with these companies with any company residing in these states or residents in these states or countries
8:22these new laws that are coming out from multiple states require you to come with
8:27to comply as long as you’re doing business with someone who resides in that state so you could be in Florida
8:33doing business with someone who’s in Utah and you are required legally to
8:38comply with those laws and they’re really hard to keep up with that and that’s why connectwise partners with
8:45Automated Business Technologies and we share knowledge back and forth with one one another on these types of things so
8:52we can protect our partners and protect their clients uh another thing that I hear is that
8:58small businesses why why would bad guys care about small businesses well unfortunately that gap which used to be
9:06rather large um you know kind of Shifting towards um bad guys going after Enterprises is
9:12Shifting and is reducing and more and more smbs are being targeted by these
9:18attackers um and they are financially motivated if it you know if it takes them six months
9:24to break into a large Enterprise but it only takes them four weeks to break into several small businesses it’s a zero-sum
9:31gain uh gain they are making just as much money and they’re going after you
9:37because um they realize that you don’t have those big budgets so we need to be wise
9:42about how we spend our cyber dollars I just wanted to share with you I’m not
9:48going to read to you everything on this slide but I did want to share with you some of the information on recent cyber
9:55security threats and this list is honestly is updated every day I think I
10:00made this for um Automated Business about a week ago and I can tell you there’s already new
10:06stuff on here um I there are links in here so you can go read these articles for yourself to
10:12hear that this information is not just coming for me it’s not just coming from Automated Business but it’s coming from
10:18industry peers the I will point out that the the cyber security threats that are
10:25marked with one asterisk those are the ones that are in sisa sisa is a cyber security infrastructure and Security
10:32Agency of the U.S government these are the ones that are part of the top
10:37routinely exploited vulnerabilities I know this is a 2021 report but usually the reports
10:43um are released this year so the 2020 room reports are typically released in 2022 so this is accurate data and I work
10:51closely with our stock and our cyber Research Unit here at connectwise so I can validate this this is very real
10:57threats that are currently still happening uh the two with double asterisks are ones that are uh cyber
11:05Research Unit and our security operations center here at connectwise are actively seeing exploited amongst
11:11our customers our customer base so let’s talk a little bit more about
11:18what’s going on in the Cyber landscape so there are a couple of great resources
11:23that I heavily rely upon when I am talking to people who are interested in
11:30cyber security one of those is the FBI ic3 report it’s their internet crime
11:36report this is an organization that the FBI runs that you can either submit
11:41online or you can give a call or you can send an email and you can report any
11:46cyber breaches or incidents and they collect this information and you’ll see
11:52that um what they show here is that business email compromise we should all be
11:58familiar with this usually comes through many various methods one of those
12:03methods is the ReUse of usernames and passwords across multiple sites so using
12:11the same username and password which may be your Corporate email address across both your business and across maybe
12:18Amazon shopping or Home Depot or Target or one of those places and then one of
12:24those retailers is popped and these and that’s a technical term by the way popped it means there’s an incident or a
12:32breach by the way breach is a legal term and then these three actors what they do
12:37is they take those credentials that they’ve just popped from Target or Home
12:42Depot or insert miscellaneous retailer out there and they will try them especially because now they have your
12:49business domain right so they will try them and try to break into your business
12:54try to break into your email account maybe exfiltrate data and do other
12:59nefarious things make lateral movements across your network but those occur those account for about 31 percent of
13:06cyber crime losses that’s only about a third well the good news is that percentage went down the bad news is
13:13that percentage went down because we have a new player on the market right and another thing I want to point out is
13:19bad guys are getting smarter and smarter and the barrier to being a bad guy has
13:24been significantly reduced they have their own marketplaces they have fishing as a service ransomware as a service all
13:32you need is some Bitcoin you no longer need technical know how how to get the infrastructure and the information you
13:38need to attack a small to medium-sized business or even an Enterprise
13:43um so there’s always new business um email compromise schemes you can see
13:49from here that the complaints the average complaint was about 120k I don’t
13:55know about you but as a small to medium-sized business I I would think 120k loss could be devastating and
14:03here’s some of the figures that we’re missing from the last slide that disappeared about 2.4 billion in losses
14:08last year um so the new player on the market is cryptocurrency
14:14um I don’t know if you play in the crypto Market I personally don’t I have another enough things to keep me busy
14:19but um the actual amount of complaints for
14:25cryptocurrency where I’m talking people will break into your wallet and steal your crypto
14:31which can no longer be traced once it’s stolen that is 19 of crime so that took
14:36a big chunk percentage-wise of what was happening the previous year with business email compromise but the
14:43important thing is that crime increased Sevenfold since 2020 and it accounts for
14:48about 1.6 billion in U.S losses last year so like I said I like to use stats um
14:55they are numbers another great resource and oh by the way I do have these links
15:00in here for you very easy reading lots of numbers if you like that kind of thing I guess I kind of do and you will
15:07see that the Verizon report Verizon has been putting out this report for a number of years it’s highly regarded in
15:13industry and saying that the four key paths that lead to compromise of your estate or your business is credentials
15:21phishing exploit vulnerabilities and botnets botnets are like automated you
15:28can think of an automated network of computers that will go after trying to break into your systems exploit
15:34vulnerabilities we’re talking it could be um exploiting software availabilities like maybe some of the exchange
15:40vulnerabilities that were listed on a previous slide
15:46um so what do we do um you know we see all these stats um I’m realistic I know that they do
15:53invoke emotion even though numbers should have no emotion um so what do we do to to protect
15:59ourselves well the key to that is visibility and what I mean by visibility
16:04is again I love definitions um is you know the ability to just detect when one of those bad guys is in
16:11our system so we can shorten or minimize that dwell time and minimize the impact
16:17to our business and minimize the impact to any of our clients so this is just to show that the White
16:24House under executive order uh does realize that the problem is visibility
16:30um it has to do with inconsistent um deployment of foundational cyber
16:36security tools and they are asking that everyone deploy endpoint detection and response as one
16:43of those tools [Music]
16:49me so what is that minimum acceptable technology
16:55that would be
17:01an incident response plan notice that this is not technology this is a piece
17:07of paper that says this is what I do if there’s an incident in my business this
17:12is something that Automated Business Technologies is experienced in and can help you develop
17:18and the fact is an incident response plan alone is not going to protect you you actually need to practice that plan
17:25that plan needs to be actually put in a good old-fashioned binder and you’re carrying this from a techie who hates
17:31paper because what if you know what if the it happens what if you are
17:38compromised what if there is a ransomware attack and your files are encrypted you don’t want your incident
17:43response plan to be encrypted um you really need to have that paper copy you need to have tabletop exercises
17:49you need to practice that again something um automated can help you with a
17:55multi-factor Authentication really really important
18:00um there are again bad guys getting smarter I would even go so far as to say
18:06um and this we’re not seeing this in your applications yet but the insurance industry tends to be a little behind
18:12multi-factor authentication Maybe by an SMS text that you get which is not really the best but it’s better than
18:18nothing but I personally use Hardware tokens so if anyone wants to hear more about those reach out to me reach out to
18:25Steve and we’ll tell you all about Hardware tokens um endpoint detection and response you
18:31saw that referenced in the executive order from the White House security
18:37incident slash information and event management um you know a Sim this is much more than
18:44a log aggregator this is a system that sees what’s happening from your network perspective all of that infrastructure
18:51that you deploy whether it’s in the cloud whether it’s on-prem all of that generates a plethora of log files that
18:59do you absolutely no good unless you’re doing something to process them backups like your incident response plan
19:07not only is it important to have it is important to test to make sure that it works it’s important that it’s segmented
19:14away from the rest of your network back in the good old days we used to put those puppies on tapes and transport
19:21them to a different location I think we’ve evolved a little bit but we should still have them in a separate uh
19:27isolated location away uh from our Network even more than just the segmented but again rely on the
19:35knowledge of Automated Business Technologies to advise you on how you should manage those backups
19:42and how do we know which one of these we should do first and if anything we have
19:48is good enough or is a great starting point or whatever well the way we know is we do a cyber security assessment now
19:56I do want to tell you a cyber security assessment is all about people process and Technology as you can see from this
20:02list we are not all about technology even though Automated Business Technologies there’s many facets uh to
20:09cyber security that they’re going to be able to help you with and they’re going to start that with a cyber security
20:14assessment so they can analyze where you are and help you formulate a plan that
20:19aligns to your business objectives to see where you want to get and the reason
20:24you want to do this is this is not a one-size-fit-all solution this is going to be tailored to your specific business
20:33so I just want to show you a few examples about cyber insurance and renewals I just want to show you these
20:40are real screenshots of actual um cyber Insurance uh applications I
20:47want you to see that this is just not coming for me it’s not just coming from Stephen Wendy
20:53um these are real applications have you implemented endpoint detection and response security tools do you have
21:00processes and procedures are you using multi-factor authentication what other
21:06policies do you have are you properly configuring controls to protect your
21:11email um are you know do we Mark external email that’s coming in to warn our warn
21:19our staff on our colleagues and if you’re not doing these things you better be prepared to explain why
21:29again um more information so they’re going to want some
21:34information actually from your uh incident response plan in the event of
21:40an infection what are you going to do that’s incident response plan well you know I need to be able to answer those
21:46questions if I don’t have that plan I’m not going to be able to answer this and then they’re going to want to know specifically look at this they’re asking
21:54specifically what tools are you using to do this
22:01so what should we do well the first step we need to
22:06understand data responsibility and um you know I want to make sure that you
22:11know those of you who are on this call or on this webinar that uh you are the
22:18data owners your company owns the data that you process um you own the liability for it so this
22:24is where it comes down to your business objectives and you own the budget for protecting that data and that is why
22:31you’re going to work with Automated Business technology they’re going to help you implement the solutions and
22:36they’ll be custodians of your data and then the information security arm is going to provide that risk insight and
22:43mitigation information for you so you can make those decisions what do I need to do first what processes and policies
22:51do I need to put in place what kind of security awareness training do I need to do and what tools do I need to deploy
22:59so just as a takeaway for you these are the components of a well-designed cyber
23:04security solution and as I think I’ve fairly I’ve hammered home where do we
23:11start we start with the security assessment so I am a nerd I love analogies I think
23:17analogies make my text speak much easier for you to digest and understand right
23:22so I’m going to share an analogy with you you want to protect your house right well you also want to protect your
23:29business and I want to show you how similar protecting your house and protecting your business are in very
23:35simple terms so when we think about our house what
23:41things do we have we have our family we have our pets we may have Collectibles I
23:47don’t know if you can see behind me but I have some Lego and I have some superhero posters DC
23:53um just gotta throw that in your documents and valuables like your passport maybe your little TSA pre-check
24:00goes thing about Bob your birth certificate your marriage certificate um your electronics and computers uh we
24:07all know if my TVs stolen yeah that stinks but fairly easy to get
24:13that replaced by my insurance if my computer with all my data is stolen holy cow
24:19um how do we protect these things well we have a first layer of protection right we have our doors and windows we
24:25may lock those doors and windows unfortunately we do that these days education we educate our family we may
24:33even educate our friends I know as a mom of three girls that when they were teens
24:39and Facebook in Myspace and all that great new technology was out
24:44um occasionally these brilliant teenage girls of mine would post a photo and I’d be like I really don’t think you want
24:51that out there this is why the internet is forever and we’d remove them and it wasn’t that they were trying to be bad
24:57but they just needed to be educated on how they should use social media and
25:02that still holds true today um this isn’t and by the way protecting your business is just not about doing
25:10this while you’re at work it’s about doing this while you’re at home too don’t use your business email for your
25:16social your personal social media account or for shopping um yard signs everyone has what Simply
25:22Safe ADT Guardian I could name on and on and on saying hey don’t break into my
25:28house because I have great security here um what’s our next step what’s our next layer you may have not just the yard
25:35sign you may actually have that alarm um may have a motion sensor I know I have motion sensors inside and every
25:42once in a while we’ll set the alarm wrong and immediately uh notify everyone um that our motion sensor has gone off
25:48uh we have them outside we have the doorbell camera with a motion sensor we have our ring cameras with an emotion
25:54Center we have our neighborhood watch um even via our Facebook group or if you
26:00have a ring they have a neighborhood um program I think it’s actually called neighborhood
26:05um what other physical ways do we protect ourselves do we have a dog that barks
26:10some of them their barks are worse than their bites right um You may flee you may just run away I
26:16don’t advise running away and sticking your head in the sand as far as cyber security but some people do it
26:22um you may call the police the FBI you may if you’re particularly violent
26:28react with a baseball bat or more kinetic forces and this is the four components identify
26:37protect detect respond and then of course recover when that
26:43incident does happen um with your incident response plan you may have a family emergency plan your
26:50backup systems even backup systems maybe your home computer if God forbid that gets taken you know taken your cyber
26:56Insurance Emergency Equipment um and this is how you get that right
27:01cyber security provided by Automated Business Technologies um and oh by the way I just taught you
27:08all in this cyber security framework um identify protect detect respond and
27:14recover look how simple cyber is so when I first started my career a long
27:21long time ago and that’s why it’s only 25 or more because we’re not admitting age
27:26um I had a boss and he always used to say perfect is the enemy of done back in
27:31those days I was a software developer and um if any of you know any software developers we can get a little crazy
27:38when it comes to our code and we’d have little competitions to see who could write the shortest most obscure piece of
27:44code or or more usefully we would try to optimize our code to see who could write
27:50the best code that would get the job done well that’s all well and good but
27:55if you need to get the job done in 15 minutes and we’re spending five hours making sure that we get the code to
28:02operate in 15 seconds is really the best uh use of our time and this comes from a
28:08quote from Voltaire the perfect is the enemy of the good um in all the process of human activity
28:16it’s necessary ready to find that balance between doing something and
28:21getting it right or good enough you have to have a reasonable balance and again another reason for the risk assessment
28:27that’s going to help you with your business objectives which are going to be considered it’s going to help you find that reasonable balance so I would
28:37really suggest that what you do is you talk with Automated Business Technologies about starting with that
28:44assessment and with that I am going to open it up
28:50for Q and A and you are I can’t see all the chats because of the way my screens
28:55are arranged but you can send private chats and you can’t or you could say
29:01group chats and you can ask any questions about anything uh cyber
29:06related whether I covered it or not so I will hand it back to uh you Steve do you
29:11have any final thoughts for questions yourself yes uh you know in first it occurred to
29:18me that uh uh when I when I started off with your introduction I I forgot to
29:23mention that uh my name’s Steve Tucker I’m the vice president of managed I.T services for Automated Business
29:29Technologies and with us is is Wendy Campbell she’s our marketing director
29:35um uh as I mentioned earlier we’re going to be put together uh uh multiple
29:42um webinars that are based on on cyber security and this is just um uh one of many
29:48um one thing I also wanted to to mention uh Natalie is that uh a lot of things
29:53that we do in our assessments is is we we actually ping the dark web uh
30:00really to find out you know if a company’s uh uh email uh username email passwords
30:08have actually been sold out there on the dark web and present them to our uh to
30:13our clients and potential clients it’s kind of interesting to to see what reactions we get uh
30:19yeah yeah because it the thing is is that a lot of people have a have a bad
30:24behavior it’s human behavior you know to to uh uh actually keep the same password and
30:32multiple accounts and then use use uh an email address that you’re familiar with
30:38maybe not a personal one but you’re using your your business email address as your login you know and then tie
30:45those two together and and there you’ve got a a breach for disaster that’s right
30:50so I mean another thing that I would actually add is really I cannot stress
30:55enough using a password manager a password manager is just good uh cyber
31:00hygiene there is no way on Earth I could keep all of the user accounts I mean you
31:05can’t even go to the grocery store with having a a user account right
31:11um so there’s no way I could keep all that in my head um a password manager is a very
31:17um you know especially personally it is a very uh inexpensive way to protect
31:23yourself and to keep track of all those usernames and passwords and really even automate your life to some extent uh
31:31there’s no way I could remember all that and that keeps me from doing things like using my business email for personal
31:36purposes so um and I’d like to expand on something
31:42you just said to make sure because I think uh someone direct messaged me here
31:47um that the dark web so the way the internet works is you can think of it as
31:53an iceberg um the top part is the web that we interact with every day so we do a
32:00Google Search and we look for the best cyber security provider out there the best MSP right and we come out with
32:07Automated Business Tech right guys and you know we’re all familiar with
32:12that then we have um the Deep Web um so that’s another layer of that
32:17Iceberg and the Deep Web is where we do our things like our banking so you know
32:23most people do know enough to have a better password for their banking but the reason you choose this is a password
32:29manager professionally and personally is because a lot of times that breach
32:35starts somewhere farther you know the path of least resistance that grocery store account I have and if I’m reusing
32:41that username and password then that might lead to my banking and if I’m using that for my banking because I
32:47think that’s secure that’s going to lead to compromise of my business um you know so in the Deep Web that’s
32:55where our banking stuff is you know our IRAs our 401ks are you know checking and
33:01savings um and then below that that and if everyone’s familiar with icebergs you
33:06see this much but that below portion is huge and that’s where you’re going to
33:12find the dark web and that’s where why it’s important um you know part of that risk assessment
33:18they’re going to ask you about which domains to scan and they’re going to use that and they’re going to do a dark web search for you and remember earlier when
33:26I said that the barrier to being a bad guy has been greatly reduced well in
33:31that dark web typically you need specialized browsers like a tour client to access information on the dark web
33:38and that’s where they’re going to find those usernames and passwords and that’s
33:44where they’re going to find this whole Marketplace of ransomware as a service or fishing as a service and it’s
33:50important to know if if you’ve been if you or any of your staff or colleagues have been compromised out there so you
33:57could take immediate action during me to remediate that um and when they provide you that report
34:02that’s going to be a very high critical if anything is found on that and that is something in your little road map that
34:09you’re going to create to get to Great cyber security that you’re going to take care of immediately right Steve that’s
34:15correct yeah and also I wanted to mention uh some of our some of our clients have actually come
34:22to us about the cyber security Insurance uh forms that they have to
34:28fill out and let’s let’s also understand that uh the the Cyber the Cyber
34:33insurance is actually very it’s actually pretty new considering um and a lot of insurance companies are
34:40jumping on the bandwagon of providing this uh service now that that’s good and bad news you know
34:47the good news is oh great now we’ve got um we actually have quite a few to choose from or maybe the the one that
34:53you have been using for regular Insurance you could still use them for insurance the bad news part of it is is
35:00that a lot of them are not well I’m not going to say a lot of them but some of them are not actually uh
35:06you know really experts in this and and they they need to get into the game and
35:12so they start putting together a form that’s that has uh way more requirements or
35:19questionnaires you know that that maybe doesn’t really pertain to you what is the best way to to deal with that well
35:25that’s what we also do we don’t sell insurance but what we do is we get you in touch with somebody who can actually
35:33you know discuss what is necessary what is your business and how is it pertaining to the to the insurance that
35:39you’re looking for and try to get you the correct insurance for your cyber uh cyber insurance
35:46yeah I mean it really all comes down to your clients business objectives um you know what kind of coverage do
35:53they need how much coverage do they need how can we deploy the right tools or the
35:58right cyber security so they can obtain that coverage how much would you say as far as the
36:05businesses that currently think that they have the correct cyber insurance or maybe just don’t feel like they need
36:12it yet or need it at all how many people would you say are actually properly insured for cyber security issues oh wow
36:20that is such a loaded question um I I would guess not many I would get
36:25I guess not many and the other reason it’s really important to partner with
36:31um you know technology service provider like Automated Business Tech is because you guys are going to make sure that
36:38they have the right information to answer those questionnaires because if you don’t answer that questionnaire
36:43correctly um and then some you do have an incident um they’re gonna die your coverage or
36:51greatly limit it um and the cost for deploying these tools and even the cost for cyber
36:58Insurance um is is much much less than
37:05um actually having an incident or God forbid that legal term a breach um and that’s why it’s so important to
37:11work with people who understand the threat landscape and understand um what how to answer those questions
37:20um from that cyber Insurance perspective I unfortunately I don’t have a percentage but it’s it’s not many and
37:28we’re just now seeing um as people who did get on that uh Train Early are seeing that they’re
37:34getting their renewals this year when I say recent I mean like this year this is when we’re starting to see these
37:40questionnaires saying do you have xdr and I’m thinking do you even know what xdr is
37:46or MDR and those are all just fancy terms for endpoint detection and
37:52response um which is a critical tool that you will need and what that is is typically
37:59an agent that lives on your workstations and it monitors whether your staff is
38:04working from home or whether they’re working on a corporate Network it monitors what’s happening and can
38:09actually stop bad things from happening and it is way more advanced than antivirus I mean we could have a whole
38:16another hour conversation on what does EDR do what does that security incident
38:21and event management tool do what are the kinds of things I’m going to be asked on a risk assessment I mean those
38:28are webinars all on their own right we’ll bring you back for those of course of course I do have I do have one more
38:34question to follow up on that now um you know you get your car insurance it’s kind of a set it and forget it okay
38:40I’ve got it just renew it over and over and over and over um with the changes in the types of
38:46attacks that we’re seeing and the technology space as it is how often do you recommend that businesses review
38:52their cyber um I guess toolkit and as well as their cyber insurance and
38:59um I guess I guess the real question is how often do you think they should get in there to really look at that and
39:05review it ideally um Noah’s gonna like this answer ideally
39:11it’s going to be six months uh realistically it needs to at least be annually and that that goes to the risk
39:17assessment as well because you know you know it’s not like in the
39:23good old days where you had an antivirus and a firewall and you were golden and there wasn’t that much activity and you
39:28had to go to specialized news sources to see all these stats I mean cyber security threats and attacks and that
39:36are in the everyday news every day there’s a new story of something something new happening and not only on
39:44the good news side every day there’s some new technology happening too um and that’s why I
39:50idealistically I would say every six months realistically at least annually
39:56yeah and and that that’s what we also provide uh if with with all of our uh
40:02Services we always have the um what we call the the qbr the the it’s a it’s a
40:10review um it can be quarterly could be it could be uh every six months we we recommend
40:15that it’s either it’s either three or six months that we sit down and we go over what you know what has changed in
40:22your environment what can we do to improve it and and make you more consistent reliable and and secure very
40:28true yeah I was trying to be kind by saying six months yeah I mean honestly there’s something changing every day
40:36um you know but perfect is the enemy of the good right so we do what we can to
40:41make sure we’re staying ahead and still stay in business and that’s just why it’s so important to actually do that
40:47assessment and like I said it’s all about people practices and technology and uh all of that not one size fits all
40:55it has to do with your customers business objectives so
41:00you know it’s it’s a very in-depth process and it’s a critical one
41:07it’s a great conversation I wish participants could could chat with us
41:12um seriously do you guys have any other questions
41:18here I’ll open up I’ll open the floodgates so everyone can speak oh look at that
41:28when I’m teaching cyber security subjects I randomly call on people
41:35I’m thinking of employing those tactics or techniques here I know remember we’ve got those beats to
41:42give away so anybody wants to raise a hand there’s an automatic jump in oh okay well I do have any questions thank
41:48you you’re very welcome for the presentation thank you for taking the time to be with us I seriously
41:54appreciate it yeah thank you very much uh again we’re
42:00going to have multiple uh uh series you know that are going to be more uh specific
42:06um in in terms of of cyber security including disaster recovery and and how
42:12to keep your business more consistent and secure um
42:17we didn’t even touch on Disaster Recovery did we right right
42:23um so for now um I guess uh the last thing uh we have
42:28left to do is to is to choose um who gets our our uh give away the
42:35Beats or beats yeah um no just kidding
42:42so I’ve actually I’ve actually put um I I put a a number between one and
42:49five and I’ve I’ve labeled the uh participants who had actually got online
42:56um so um so Natalie if you choose a number between one and five let’s go right down
43:04the middle let’s choose three three okay well that’s Ave uh green
43:11uh congratulations Ave uh we will uh we’ll get in contact you about uh
43:18getting that to you and you can you can enjoy music on your own or re-gift
43:24[Music] excellent excellent all right well thank you everybody all right we appreciate it
43:31thank you I do have two follow-up questions as we close out the webinar uh just and simply just technical matters
43:37um you’ll be sharing this deck with the rest of the with all the participants yeah so I’ll send that out to everyone
43:43that are safe to click on you can Mouse over them and see what the links are
43:49I hope so I hope so and then also we’re going to be posting this online
43:55um on our YouTube channel and um and throughout so if anyone wants to go back and review it feel free to to check it
44:00out there appreciate it take care thank you Natalie all right bye-bye
English (auto-generated)
English (auto-generated)
Note | This webinar has happened in the past and can be viewed from the link above.
Who: ABTs Managed IT Services Team, Natalie Suarez of ConnectWise
Topic: Cyber Insurance
When: November 1st, 2022, at 10am
Where: Zoom link to follow with registration.