3 Surefire Signs Your IT Company

Is Failing To Protect You From Ransomware…

Is Your IT Company Putting You At Risk Of Ransomware?

Discover what the vast majority of businesses don’t know and haven’t been told about changes to cyber security risks, insurance requirements, and threats that are allowing them to operate at UNDERAPPRECIATED RISK for a crippling cyberattack and subsequent costs, lawsuits, and fines – and what to do about it now.

Exactly How Can Your Business Be Damaged By Cybercrime?

  • If you are breached, you will be forced to notify your clients and employees that you exposed their private information to hackers.

    Do you think all your clients will rally around you? Offer sympathy? News like this travels fast on social media. They will demand answers: HAVE YOU BEEN RESPONSIBLE in putting in place the protections outlined in this report, or will you have to tell them, “Sorry, we exposed your sensitive information and financial data to criminals because we didn’t think it would happen to us,” or “We didn’t want to invest in protecting your data because we’re small.” That will not be sufficient to pacify them and the trust you’ve worked so hard to build will be destroyed.

  • When a breach happens, you will incur emergency IT support and services that can quickly run into thousands of dollars. You and your already busy, overburdened staff will be forced to take time to respond. You will be questioned and investigated and will likely want to retain the services of an attorney to represent you or negotiate with the hackers. None of this will be cheap and it will have a lasting, negative effect on your business.

  • According to Cyber Security Magazine, 61% of all SMBs have reported at least one cyber-attack during the previous year. So, WHEN your organization gets hacked (not IF), this giant, expensive, the reputation-destroying nightmare will land squarely on YOUR shoulders.

    This will result in your clients being IRATE, leading them to take their business to your competitors.

    You will be fined according to how much data you’ve lost. According to the IBM Cost Of Data Breach Report, the cost for lost or stolen records is between $150 to $225 per record compromised, after factoring in IT recovery costs, lost revenue, downtime, fines, legal fees, etc.

The cost of Ransomware goes beyond service interruption…

Here are a few of the costs you might not have considered:

  • Paying the ransom to get your data back. According to Palo Alto, the average ransomware payment is just north of $920,000 nowadays.

  • Credit and ID theft monitoring for EVERY person impacted, at a cost of $10 to $30 per record.

  • Costs of your staff having to deal with a tsunami of paperwork, phone calls, tasks, and projects to clean this mess up and deal with the recovery, which takes them away from the productive work you hired them to do.

  • The fees and IT costs to remediate all of your insurance company’s forensic findings and re-establishing working agreements within your supply chain.

  • If the breach involves a computer that transmits or hosts credit card data:

    • Fees of $500,000 per incident for being PCI non-compliant 

    • Increased audit requirements

    • Potentially increased credit card processing fees

    • Potential for company-wide shutdown of credit card activity by your merchant bank, requiring you to find another processor

  1. Have they met with you recently – in the last three months – to specifically review and discuss what they are doing NOW to protect you? Have they told you about new and inexpensive tools such as two-factor authentication or advanced endpoint security to protect you from attacks that antivirus is unable to detect and prevent? If you are outsourcing your IT support, they should, at a MINIMUM, provide you with a quarterly review and report of what they’ve done – and are doing – to protect you AND to discuss new threats and areas you will need to address.

  2.  Do they proactively monitor, patch and update your computer network’s critical security settings daily? Weekly? At all? Are they reviewing your firewall’s event logs for suspicious activity? How do you know for sure? Are they providing ANY kind of verification to you or your team?

  3. Have they ever asked to see your cyber liability insurance policy? Have they verified they are doing everything your policy REQUIRES to avoid having a claim denied in the event of a cyber-attack? Insurance companies don’t make money paying claims; if you are breached, there will be an investigation to prove you weren’t negligent and that you were actually doing the things you’ve outlined in your policy.

  4. Do THEY have adequate insurance to cover YOU if they make a mistake and your business is compromised? Do you have a copy of THEIR CURRENT policy? Does it specifically cover YOU for losses and damages? Does it name you as a client?

  5. Have you been fully and frankly briefed on what to do IF you get compromised? Have they provided you with a response plan? If not, WHY?

  6. Have they talked to you about replacing your old antivirus with advanced endpoint security? Anti-virus tools from two or three years ago are useless against today’s threats. If that’s what they have protecting you, it’s urgent you get it resolved ASAP.

  7. Do they allow your employees to connect remotely using GoToMyPC, LogMeIn or TeamViewer?  If they do, this is a sure sign you should be concerned! Remote access should strictly be via a secure VPN (virtual private network).

  8. Do they have a ransomware-proof backup system in place? One of the reasons the WannaCry virus was so devastating was because it was designed to find, corrupt and lock BACKUP files as well. ASK THEM TO VERIFY THIS. You might *think* you have it because that’s what your IT vendor is telling you.

If you answered no to any of the above

YOUR BUSINESS IS AT RISK

Click the button below to take the full 3 Surefire Ways Lab, which will help you determine if you are at risk.