by Dan Astin

1) Change in Control

One of the most important legal tips every MSP should know involves “Change in Control.” In the event of an acquisition or other change in control of the client/customer, the MCA and ancillary SOW’s remain in full force and effect. “Change in Control” means any sale, exchange, transfer, conveyance or termination of any equity or ownership interests in the client/customer, or any corporate, limited liability company or partnership reorganization, restructure, merger, acquisition, transfer of assets, consolidation or adjustment with respect to Client if the persons currently in control of the client/customer would no longer have such control after such event.

2) BAA Requirements

HIPAA requires a covered entity to enter into “business associate contracts” with business associates to safeguard protected health information and to restrict its uses and disclosures to those permitted by the contract or required by law.  Business associates are also required to enter into business associate contracts with their subcontractors.  Business associates are persons or entities that perform, or assist in the performance of, any activity involving use or disclosure of individually identifiable health information. 45 CFR §160.103. This includes, e.g., claims processing, data analysis or processing, quality assurance, billing, practice management, and accounting and legal services.

3) Cybersecurity Insurance

According to the Ponemon Institute’s “2018 Cost of Data Breach Study,” the average cost of a stolen or lost record is $148, while the overall cost of a data breach is nearly $4 million. In addition, the likelihood of getting hit with another breach within two years after the initial one is 27 percent.

As noted by FICO, businesses typically shun cybersecurity insurance for three primary reasons:

A) The organization isn’t investing in cybersecurity overall, despite an increase in threat levels.
B) Leadership believes the organization will never be the victim of a cyberattack because it is too small to be targeted, or they believe security systems will protect it.
C) Leadership doesn’t understand how cyber insurance policy premiums are estimated or what exactly is covered.

Generally, cyber policies include coverage for costs incurred for remediation in response to a data breach, liability for claims arising from the data loss or breach, fines or penalties imposed by law or regulation, and additional payment card industry fines and penalties.

Dan Astin is a Managing Partner for Ciardi Ciardi & Astin law firm and regularly represents and provides legal and business consultations to commercial creditors, litigants, contract parties, corporate debtors, importers/ exporters, MSP’s, small business owners, and trustees, in matters of commercial business practices, litigation, customs and international trade, bankruptcy liquidations, administrative law, foreign corrupt practices act FCPA, contract negotiations, business restructuring, IT, select domestic and international trade. Dan’s legal experience includes prior service in the U.S. Navy’s Judge Advocate General’s Corps, as counsel to the Commanding Officer of USS Constellation (CV64); concious objector hearing officer in the first Gulf conflict; prosecutor and defense attorney United States Navy; trial attorney with the United States Department of Justice, Office of the United States Trustee; Associate Council customs and international trade.

The second ChannelPro event of the year found itself in Chicago, IL on May 2, with the special pre-day event hosted by The 20, Cytracom, Compliancy Group, and Deep Instinct on May 1^!

The event kicked off with a pre-day workshop on The Building Blocks of a Mature MSP.

The 20 hosted this alongside Cytracom, Compliancy Group, and Deep Instinct. The workshop covered the top challenges MSPs face, go-to-market strategy, adding monthly recurring revenue, developing stickier client relationships, and more!

The seminar also included two panel sessions, including one highlighting successful MSP owners: Rob Boles of BLOKWORX, James Velco of Tech Noir Solutions, Will Foret of Spot Migration and Paul Redding of Carlin Bradley. The vendor panel session featured Chuck Everett of Deep Instinct, Dave Goldie of Cytracom, Marc Haskelson of Compliancy Group and Tim Conkle of The 20.

It was a full house and so much fun.

The theme was Bigger. Better. Business. and the jam-packed event featured presentations from some of the brightest minds in the business who shared their insights on the hottest tech solutions in the SMB marketplace today. IT consultants, VARs, integrators, and managed service providers of all types networked with peers, and got detailed information on the latest technology trends and solutions.

The event concluded with attendees honoring vendor sponsors with the following awards:

Best in Show: Datto
Best Cloud Solution: Webroot
Best Hardware Solution: Epson and HP (tie)
Best New Solution: Domotz
Most Innovative Solution: TruGrid
Best Partner Community: Datto
Best Software Solution: NinjaRMM, RapidFire Tools (tie)
Best Revenue Booster: Datto
Best Add-On Product: SherWeb
Best On-Stage Presentation: The 20
Best Solution Presentation (Platinum or Gold sponsors): The 20
Best Solution Presentation (Silver sponsors): NinjaRMM
Best Distributor: SYNNEX
Best Silver Selfie: ConnectBooster, Domotz (tie)
Best IoT Solution: Domotz

The next seminar will be held in San Jose September 4-5!

Spots are filling up fast, so interested attendees should register immediately here!

We hope to see you there!

Crystal McFerran, SVP Sales and Marketing.

The 20-hosted workshop.

Tim Conkle, CEO.

Earlier this month, we saw the first of four ChannelPro SMB Forum events this year that featured presentations from industry experts and some of the top managed service providers in the country!

The event kicked off with a pre-day workshop on The Building Blocks of a Mature MSP.

The 20 hosted this alongside Cytracom, Compliancy Group, and Deep Instinct. The workshop covered the top challenges MSPs face, go-to-market strategy, adding monthly recurring revenue, developing stickier client relationships, and more!

The seminar also included two panel sessions, including one highlighting successful MSP owners: Rob Boles of BLOKWORX, Scott Meeler of Managed IT Systems, Terry Barden of Forward Systems and Paul Redding of Carlin Bradley. The vendor panel session featured Vance Carlaw of Deep Instinct, Dave Goldie of Cytracom, Marc Haskelson of Compliancy Group and Crystal McFerran of The 20.

It was a full house and so much fun.

The theme was Bigger. Better. Business. and the jam-packed event featured presentations from some of the brightest minds in the business who shared their insights on the hottest tech solutions in the SMB marketplace today. IT consultants, VARs, integrators, and managed service providers of all types networked with peers, and got detailed information on the latest technology trends and solutions.

The event concluded with attendees honoring vendor sponsors with the following awards:

Best in Show: Datto
Best Cloud Solution: Datto and SherWeb
Best Hardware Solution: Epson
Best New Solution: Domotz
Most Innovative Solution: Compliancy Group
Best Partner Community: Datto
Best Software Solution: Webroot
Best Revenue Booster: Cytracom
Best IoT Solution: Domotz and SYNNEX
Best Add-On: RapidFire Tools
Best On-Stage Presentation: The 20
Best Solution Presentation (Sapphire, Platinum, Diamond, Gold sponsors): Datto
Best Solution Presentation (Silver sponsors): bvoip
Best Distributor: SYNNEX
Best Silver Selfie: Domotz

The next seminar will be held in Chicago May 1-2!

Spots are filling up fast, so interested attendees should register immediately here!

We hope to see you there!

So, who should be held responsible when a company’s data system gets breached? Historically, the CIO, the CISO, or both have shouldered the lion’s share of data breach responsibility; well over half of security decision-makers expect to lose their jobs if a hack happens at their organizations. However, breaches don’t happen in vacuums, and CIOs and CISOs don’t operate in them, either. Many CIOs report directly to the CEO, and some security experts feel that CISOs should be elevated to the same reporting level.

Whatever an organization’s reporting structure, the bottom line is the same: the responsibility for everything that happens within the organization, positive or negative, ultimately falls on the CEO and the board of directors. This includes data breach responsibility. This has been reflected in the numerous CEO firings (or resignations) that have followed bad breaches over the past few years, including those at Target, Sony Pictures, and the Democratic National Committee.

Apparently, Yahoo didn’t get the memo about this a couple of years ago. After years of poor cybersecurity practices caught up with them, resulting in multiple breaches affecting over a billion user accounts, putting its acquisition by Verizon into question, and making the Yahoo brand name synonymous with the phrase “data breach,” the company decided to fire its General Counsel, Ron Bell. Shockingly, CEO Marissa Mayer remained in place, albeit with a pay cut (she then went on to leave Yahoo after the Verizon acquisition, however, but it was of her own choosing).

In Yahoo’s case, the CISO and the rest of the security staff couldn’t be fired. Fearing that a major security incident would eventually happen, they’d already run for the hills. The New York Times reported that former CISO Alex Stamos and his team had spent years warning Mayer of potential security issues, but Mayer insisted on putting “the user experience” ahead of cybersecurity and even cut the team’s budget.

Preventing Breaches Is Everyone’s Responsibility

Cybersecurity isn’t just an IT issue. It impacts every individual and department in an organization — from the board of directors all the way down to minimum-wage clerical and retail employees. The overwhelming majority of data breaches originate inside an organization, either because a negligent or untrained employee makes a mistake or a malicious insider decides to strike back against the company. No cybersecurity policy is complete unless it addresses the human factor behind data breaches by promoting a culture of cybersecurity awareness. This culture must start at the top of the organization; if the board, the CEO, and the rest of the C-suite do not take security seriously, front-line employees certainly won’t.

Yahoo’s firing of Ron Bell certainly shook up the legal community and caused much debate over where data breach responsibility ultimately lies. While this may have served to light a fire under organizations with questionable cybersecurity practices, the focus should not have been on whose heads would roll if a breach happened; it should have been on implementing proactive cybersecurity and compliance measures to prevent hacks from happening in the first place.

As for Yahoo, they settled in September a worldwide class-action lawsuit that alleged security issues dating back as far as 2003. Yahoo’s attorney and lead plaintiffs’ counsel told the U.S. District Judge in federal court that both sides had reached an “agreement in principle” — $47 million to be exact.

The Internet of Things (IoT) is an idea that could radically alter our relationship with technology. The promise of a world in which all of the electronic devices around us are part of a single, interconnected network was once a thing of science fiction. But IoT has not only entered the world of nonfiction — it’s actually taking the world by storm.

While the possibilities of these new technologies are mind-boggling, they also reveal severe IoT cybersecurity challenges. During the last few years, we’ve seen a dramatic increase in the number and the sophistication of attacks targeting IoT devices.

A Growing Network

IoT devices are no longer a niche market. They have started to move from our workspaces into our (smart) homes, where IoT devices are expected to have the most significant impact on our daily lives. Most smart home devices will be benign, everyday appliances like kettles and toasters. Even if these devices are hacked and compromised, short of ruining your breakfast, there’s not a lot a hacker can do to cause you grief. However, IoT will encompass a significant portion of the electronics around us in a variety of settings. This includes situations involving intruders and could have lethal consequences.

IoT Cybersecurity Challenges

Numerous cybersecurity experts have exposed severe security flaws in IoT architectures. Some have demonstrated how cars can be hijacked and controlled remotely. Perhaps more alarmingly, they’ve shown how medical devices, such as pacemakers, can be switched on and off at will. While this is undoubtedly alarming, what makes it even more shocking is just how little attention people pay to cybersecurity. IoT cybersecurity challenges are plentiful—and those are just the ones we know of.

Researchers who were able to access a multitude of IoT medical devices found that they weren’t password protected. And when they were password protected, many were using default passwords that an experienced attacker with information from the device manufacturer could crack in a few seconds. We can’t afford to have such basic cybersecurity blunders jeopardize the promise of IoT.

Regulate and Standardize Cybersecurity

Consider the difference in the number of security threats that exist for iPhones versus Android phones. Because all iPhone generations run on the same hardware—representing standardization across devices—it’s much easier to secure them from attacks, implementing comprehensive security measures.

If the IoT revolution is going to succeed, we need to have a robust regulatory framework in place to ensure that device manufacturers adhere to minimum, mutually intelligible IoT cybersecurity standards. We should also standardize device-level security protocols to ensure that each network element is part of a general strategy for combatting common threats. We can’t afford to leave any weak, low-level links unguarded.

With new types of cyber-attacks emerging constantly, it’s essential to get ahead of the curve as soon as possible. Every IoT device has a corresponding IP address. Therefore, each small device can have serious implications for global network privacy. An attacker could potentially infiltrate the network and follow a trail of data from any given device to an end-user.

The next few years will be critical for IoT. The entire concept may well rise or fall on the basis of how well we collectively address cybersecurity risks. Connectivity is always a double-edged sword, and most IoT cybersecurity challenges have yet to be overcome. Fortunately, it seems that device manufacturers are being spurred into action.

Cybersecurity Tops ECRI’s List of Top 10 Health Technology Hazards

Earlier in the week I wrote about how the airline industry needs us. Well, it would appear the healthcare field does as well.

ECRI Institute has published its annual Top 10 Health Technology Hazards for 2019, and cybersecurity is atop the list as the biggest risk to patient safety.

Researchers at ECRI say they’re concerned about software vulnerabilities that could allow hackers or cyber criminals to gain unauthorized remote access to hospitals’ networked IT systems and devices, disrupting operations, hindering care delivery and putting safety at risk.

Why it Matters?

Cyberattacks on healthcare have been steadily increasing, even as defenses have been stalling. ECRI noted that it has published 50 alerts and problem reports related to cybersecurity in just the past 18 months.

With so many hospitals running legacy software, networked with vulnerable medical devices, security is no longer just about costly fines for HIPAA noncompliance or the embarrassment of publicized data breaches – it’s a critical patient safety issue.

ECRI’s list is meant to help health system decision-makers plan and prioritize their efforts –  including technology strategies and investments – to protect patient safety.

What is the Trend?

The risks of hackers exploiting remote access to connected devices and systems “remain a significant threat to healthcare operations,” according to ECRI.

“Attacks can render devices or systems inoperative, degrade their performance, or expose or compromise the data they hold, all of which can severely hinder the delivery of patient care and put patients at risk,” researchers wrote. “Remote access systems are a common target because they are, by nature, publicly accessible.”

It’s little surprise to see it lead ECRI’s list of Top 10 Health Technology Hazards for 2019:

1. Hackers Can Exploit Remote Access to Systems, Disrupting Healthcare Operations

The remainder of the list in case you’re interested:

2. “Clean” Mattresses Can Ooze Body Fluids onto Patients
3. Retained Sponges Persist as a Surgical Complication Despite Manual Counts
4. Improperly Set Ventilator Alarms Put Patients at Risk for Hypoxic Brain Injury or Death
5. Mishandling Flexible Endoscopes after Disinfection Can Lead to Patient Infections
6. Confusing Dose Rate with Flow Rate Can Lead to Infusion Pump Medication Errors
7. Improper Customization of Physiologic Monitor Alarm Settings May Result in Missed Alarms
8. Injury Risk from Overhead Patient Lift Systems
9. Cleaning Fluid Seeping into Electrical Components Can Lead to Equipment Damage and Fires
10. Flawed Battery Charging Systems and Practices Can Affect Device Operation

On the Record

“The consequences of an attack can be widespread and severe, making this a priority concern for all healthcare organizations,” says David Jamison, executive director of ECRI’s Health Devices program, speaking of the list’s top cyber risk. “In critical situations, this could cause harm or death.”

This is quite scary. Contact us today.

Scenario: an email appears in your inbox where a complete stranger claims to have video footage of you watching porn and asks for $1,000. Your eyes widen. There’s outrage and embarrassment. You reach for your phone — but then you wonder, “Wait. Who do I even call?”

Unfortunately, the answer to that question is a little complicated.

As it turns out, even law enforcement officials can’t agree. The FBI and your local police both suggest that you should call them. But experts warn that in many cases, neither agency will be able to help, especially if the criminal is asking for so little money.

This dynamic really highlights why these kinds of hacks — and yes, the porn scam really happened — are starting to mushroom. And there’s no clear answer on who to call. It’s no surprise that cyberattacks have run rampant across the web, as thieves online find ways to steal credit card information from millions of people without leaving their homes.

“If the people doing it keep the dollar amounts small enough that no individual police department is going to be motivated enough to prosecute, you can collect a lot of money from a lot of people all around the world,” said Adam Bookbinder, the former chief of the US Attorney’s cybercrime unit in the district of Massachusetts.

Sometimes these crimes don’t even involve a hack. An email scheme in which scammers spammed inboxes threatening to blackmail victims, without any evidence, netted $28,000 over two months, researchers from cybersecurity company Digital Shadows found.

“But unless it’s a public concern, there’s a good chance no one will handle it,” said Bookbinder, who’s now a cybersecurity and privacy team member with the Holland & Knight law firm.

Local police

In an emergency, you’re supposed to call 911. If you are a victim of a crime, you should always contact the police.

But here, there’s not much your local police can do for you. For starters, you’d have to show that an actual crime happened, which is much more difficult when it’s digital.

“For example, if someone accesses your Facebook account without your permission, but only uses it to look around at your messages, it’s not enough to meet the threshold for a criminal investigation,” Bookbinder said.

“That’s a misdemeanor,” he said. “Could it be prosecuted? Yes. Is it likely that anyone is going to want to spend the resources on it? No.”

“But if someone used private photos from your Facebook account and threatened to blackmail you with it, then it would be something that police could investigate,” he said.

That’s assuming your local police have the resources to deal with investigating hacks. While more local and state police are improving their computer crime capabilities, it hasn’t happened across the board for every department.

It gets even more complicated if the hack crosses state or national lines. If your account is accessed by a Russian hacker, for example, your local police wouldn’t have the resources to investigate that.

“NYPD is probably an outlier in the resources they have available for investigation,” said Jake Williams, founder of Rendition Security. “But even then, it’s unlikely any law enforcement agency is interested in helping investigate who hacked your Facebook account.”

Homeland Security

If a threat came to your doorstep instead of your digital inbox, the answer would be much simpler: Call the police. But when it’s an online crime, some consider calling 911 a joke.

“I occasionally still hear of companies and locals that call 911 when they believe they’ve been under a cyberattack,” US Department of Homeland Security Secretary Kirstjen Nielsen said during the agency’s Cybersecurity Summit in July.

Nielsen, with a smile, let the remark hang in the air before she told the crowd who they should really call.

“The best thing to do would be to call this center,” she said, referring to the DHS’s National Risk Management Center, a dedicated hub for helping respond to cyberattacks with a focus on critical infrastructure.

But it’s not much help if you’re an average person and not a major company.

“When a person does call the DHS asking for help, the agency will refer them to the FBI,” a DHS spokesman said.

The FBI

The FBI recommends that cybercrime victims call them first — not your local police. The agency has an Internet Crime Complaint Center, where you can file details on what happened and analysts will review the case to determine what actions to take.

Often, though, nothing much is done. The FBI is the best-equipped agency to deal with cybercrime, with its vast resources and plentiful experts, Bookbinder said, but if the complaint isn’t a major case, it likely won’t be investigated.

“They won’t handle most cases of individual hacks unless they’re very high profile or a bunch of money was lost,” Williams said. “It varies from office to office, but most of them we’ve worked want to see $10K stolen before they’ll get involved.”

So is all hope lost? Not necessarily.

“The best way to get a response would be to report the incident to the FBI,” Bookbinder said. Even if your case doesn’t pop up on the agency’s radar, it’s logged into the FBI’s databases of cybercrime complaints. “If enough similar complaints come in, analysts can connect the dots and start building an investigation,” the former cybercrime unit chief said.

“They now have a good-sized crime, and all these people are victims in a case where they do prosecute someone,” he said.

Chances are, you weren’t the only one hit with an email threatening to blackmail you over porn, or whatever. The FBI — and security experts — encourage you to at least report potential cybercrimes in order to help build up a case.

But here’s the thing: The same spamming tactic that cybercriminals are using to cast a wide net may also be their downfall.

Want to learn how to protect yourself against cyberattacks? Download our Cybersecurity Guide!

I read a great article in the other day that posed that very thought, and so I felt I should share a bit of it with you. It serves as a nice follow up to the blog I wrote a couple of weeks ago, “Should I Be Concerned About Cybersecurity?”

First of all, did you know that cyberattacks jumped 32% between the first quarters of 2017 and 2018, according to a recent report? And yet many businesses assume their IT infrastructure is still secure.

Some entrepreneurs realize their security measures aren’t top-notch, but they don’t consider their companies targets because they don’t move billions of dollars each year. However, hackers aren’t just after money —  63% of those attacks specifically targeted data and credentials.

These numbers highlight why companies need up-to-date cybersecurity measures to effectively prevent, detect, respond to, and recover from cyberattacks.

Their cyberthreat report goes on to explain why you may want to think twice — even if you believe your company’s cybersecurity is taken care of.

Here are excerpts of their reasons:

1. Financial institutions aren’t as secure as you think.

The range of cyberattacks in 2017 was more varied than ever before, but banking and financial institutions still bore the brunt of the attacks. These attacks included infecting ATMs with malware that could be easily bought on the darknet and stealing funds straight out of victims’ accounts in more than 10 international financial organizations.

When these organizations’ cybersecurity measures failed, the situation was often made worse by insurance companies refusing to reimburse the losses incurred.

2. Every piece of data is valuable to hackers.

Almost every attack at banking and financial institutions is aimed at financial gain, but a recent report also showed that malware attacks increased by 75% during the last year, collecting information such as account logins, answers to security questions, Social Security numbers, and more.

Companies outside the financial sector don’t usually house customer financial data in their systems, but if you utilize a web application, your customers have to build profiles with personal data.

3. Even smart employees get phished.

Phishing attacks have proven to be one of the most prolific ways for hackers to get malware into companies’ systems. A cybersecurity report by Barracuda noted more than 10,000 unique phishing attacks in June 2018 alone, and the most successful ones were impersonating well-known companies such as Netflix and Citibank. Even smart employees need to remain diligent for things — like minor spelling errors in unsolicited emails — that could give away the scam.

4. Cybersecurity is an approach, not a single solution.

In response to these threats, Gartner predicts that companies worldwide will spend up to $96 billion on cybersecurity this year. Yet much of that spending will be in reaction to specific breaches rather than focused on implementing holistic, prevention-focused cybersecurity measures. This means many of those measures will still leave entrepreneurs’ organizations vulnerable, especially ones that work with smaller, less secure companies.

It’s common for companies to believe they’re safe from cyberattacks, but it isn’t always true. In 2017, the Online Trust Alliance tracked more than 159,000 cyber incidents. Those breaches cost companies up to $608 billion total, according to McAfee and the Center for Strategic and International Studies. This year, industries have the opportunity to stem the flood of attacks — which begins with acknowledging they may not be as secure as they thought.

Want to learn more about the IT services we deliver, and how we can implement holistic, prevention-focused cybersecurity measures? Contact us today!

Yes.

Of course you should be.

Experts predict that by 2020 there will be 200 billion connected things. We’re talking cars, planes, homes, cities, and yes, even animals. Software is being placed everywhere, and it’s changing the way we live, and how we behave and interact with the world around us. As technology becomes more and more integrated into our day-to-day lives, we become more and more dependent on it. But this dependence makes us vulnerable if technology fails.

I mean, I know for me, when I’m on the road and my iPhone runs out of battery, it pretty much feels like the end of the world. Am I directionally challenged? Yes. But even more than my GPS being gone, I’m not able to access my contacts; my messages are disabled. In such moments, you realize how dependent you are on technology. It’s ridiculous, but it’s 100% true.

In today’s world, it’s important that technology is available, protected and secure. If not, we will all suffer consequences in our daily lives.

Cybersecurity Problems Are Everywhere

While I have a generally positive view of technology, I am worried about our future. I believe it’s important to be aware of the serious cybersecurity problems currently affecting technology.

And it seems that the same problems keep happening over and over again. We are not getting any better as far as what’s vulnerable and what’s secure. Technology appears to be becoming more and more insecure as we get more and more dependent on it.

From what I can see, most technology is vulnerable and can be hacked. We see examples of this every day: alarm systems, power grids, automobiles, traffic systems, the list goes on. Every year, thousands of cybersecurity problems are identified in technologies from well-known vendors. Some of those vendors are among the best at cybersecurity, yet they still have hundreds of security problems each year.

Cybersecurity Threats Are Increasing

A recent report on IoT cybersecurity found that 70% of devices did not encrypt communications, while this survey found that IoT cybersecurity and privacy are a top concern for people and companies.

Another report found that cyberattacks have been growing quickly over the last couple of years, and there’s nothing to indicate they won’t just keep increasing.

All of these cybersecurity problems make cyberattacks easier and more dangerous. So why are there so many cybersecurity problems in today’s technology? My research has shown that the main problems are threefold.

First, a lack of knowledge and awareness about the importance of cybersecurity. Some companies don’t care about cybersecurity, while others care but don’t know what to do or how to do it. Second, complex scenarios where old, new and different technologies are used together. This happens frequently as businesses update, and just one insecure component could make a whole system insecure. Finally, a lack of time and money for security. Products need to be built and released quickly. There is a “fail fast, fail often” mantra, which is only fine as long as you “fail safe.”

The Economic Impact of Cybersecurity Attacks is Significant

Cybersecurity problems and attacks cause billions of dollars in losses every year. For example, the smart alarm SimpliSafe hack that affected 300,000 devices, and the only possible fix was to replace all of them. The UK company TalkTalk was hacked and lost about £50 million. They also lost more than 100,000 customers, and their stock value declined by 20%. A car hack in 2015 resulted in 1.4 million cars being recalled by Chrysler. And we can’t forget the Sony hacking scandal that resulted in millions of dollars in losses.

It’s clear that there are growing cybersecurity problems. And beyond having an economic impact, they also have an impact in our daily lives as our technology dependence continues to grow. In 2018, we must work together to change this situation before it gets even worse.