Who Will Show Your Clients How to Fight the Growing Cybersecurity Threat?
Their accountant? Their attorney? A robo-advisor?
It Should Be You—Their Financial Advisor!
"Nearly every aspect of a hacked computer and a user’s online life can be and has been commoditized. If it has value and can be resold, you can be sure there is a service or product offered in the cybercriminal underground to monetize it. I haven’t yet found an exception to this rule."
Brian Krebs, Security Expert, KrebsonSecurity.com
It’s imperative you engage your clients immediately about cybersecurity and do your best to help them boost their safety!
Cybersecurity poses a massive threat to all of us. But most people have no idea what to do or how to fix it in a meaningful way. Just consider these items:
94 billion spam emails sent every day, most of them malicious…
500,000 children’s identities stolen every year—and they don’t discover it until adulthood…
100,000 new malware attacks released on the Internet every day…
1 in 5 businesses are the victims of business ID theft and 60% of those go out of business in just six months after a data breach…
1 in 4 data breach victims later suffer ID theft…
Now you may be thinking, “Why should I worry about my clients’ cybersecurity? After all, isn’t their personal liability limited?
It’s a fair question.
It’s true that if your clients get hacked and their bank or brokerage account is drained, they’ll likely get their money back.
But let me ask you this: Suppose a client suddenly is missing $50,000 or $500,000 from a hacked account.
Are you confident their local personal banker (or you) will simply just update their account and add the money back lickety-split?
No, I didn’t think so. I don’t wish that kind of problem on anyone.
You and I both know it’ll be a monumental headache. And the anger, anxiety, depression and paranoia associated with such cybercrime will hang around with your clients for quite a long time.
I don’t think I need to tell you that we’re experiencing an unprecedented breakout of cybercrime.
Frankly, I used to think this stuff was overblown.
Then a very smart colleague clicked on an email link. It was a phishing attack that slipped through our very good cyber defenses here at Horsesmouth.
In one second, his machine was totally locked up—a new victim of “crypto locker,” a ransomware attack. When he rebooted his computer, he got a screen that said he could have his machine back for $500 in bitcoin.
It was quite a shock. Of course, we didn’t pay the ransom. But our tech crew spent a day and a half fixing the machine. And data was lost.
It could have been worse.
My point is that this sort of phishing attack happens thousands and thousands of times each day around the world. And the next victim could be you or one of your clients.
You’ve probably noticed that cybersecurity is getting a lot of attention these days.
SIFMA issued an alarming notice last year. They asked the government to join with the financial services industry to create a cyberwar council. Their concern: Terrorists or rogue nations attacking the Internet and breaching the security of major banks and brokerages. Crazy, huh?
Some industry experts even voiced concern about a “Zero Balance Attack”: a hack so powerful it would turn all account balances to zero and trigger wide spread panic and bank runs. Ugh.
No doubt you’ve heard about the hack of JP Morgan Chase and other banks. Data breaches keep happening with ever increased frequency and reach. In 2016, there were 980 reported data breaches that exposed over 35 million personal records. That doesn’t include the two breaches from 2013 and 2014 disclosed by Yahoo last year affected over 1 billion users.
If you’re shocked by those numbers, just consider this. Last year, the Wall Street Journal wrote about some Fortune 500 IT execs meeting about cybersecurity. One of the participants, the Journal reported, argued that corporations shouldn’t even be required to reveal when their databases have been hacked. Nice.
And, no doubt, you’ve heard that FINRA now wants to know what advisors are doing to guarantee their own cyber defenses are strong.
Technology’s double-edged sword
The breadth and depth of the security threat is unparalleled in history. And it’s partly because of the technology itself.
Change comes rapidly in technology. We all know that. But few realize that that same pace of change applies to an important subarea of technology—security.
Just consider this. When we discovered in late 2013 that the Target breach had stolen 70 million names and 40 million credit card numbers—it was practically unthinkable.
Yet it took just over six months for a new data breach to reveal that 1.2 billion usernames and passwords had been stolen by Russian hackers. That’s a number 1,700 times greater than the Target breach!
That’s exponential growth. And it should frighten all of us.
In fact, the authors of the newly released Cybersecurity and Cyberwar (Singer & Feldman, 2014) say we’re actually in the midst of a cyber world war. The chief problem, they say, is that we’re all suffering from a “cybersecurity knowledge gap.”
AOL’s “You’ve got mail” is not so cute, anymore.
Many people formed notions about computers and Internet safety back when they first got on the Web. But the cybersecurity problem is fantastically more advanced than it was even 10 years ago.
The simple truth: You and your clients face extreme danger every time you open your email. It’s like a game of “Click Roulette.”
What Should You Do for Your Clients?
Since January of 2014, a team at Horsesmouth has labored over a simple but difficult question: How to get clients to ACT to improve their cybersecurity once we’ve educated them about the true, genuinely scary situation we all face?
Now we’ve got the answer.
Introducing the Savvy Cybersecurity Program
Every client needs a cybersecurity score that measures their relative level of cybersecurity AND a clear, do-able action plan for improving it.
That’s how we came up with the Savvy Cybersecurity program, a full-blown workshop presentation that leads attendees through creating their own action plan to boost their security.
The program includes two key components.
One involves a full-blown, interactive workshop presentation called “1 Hour to Savvy Cybersecurity: 10 Threats Every Person and Business Faces—and How to Fight Them.” (If you’d like to become a knowledgeable guide on this topic and present to clients and business owners in your community, learn about the whole program right here.)
The other involves the Savvy Cybersecurity Quick Reference Guide.
Both the workshop and the guide have the same goal: Show clients how to act now to improve their cybersecurity.
So let me tell you about how the workshop presentation works. Then I’ll explain in depth the role the Savvy Cybersecurity Quick Reference Guide plays.
The “1 Hour to Savvy Cybersecurity” presentation is designed for delivery in a workshop or seminar setting. It’s fast-paced and a bit hair-raising.
But while it raises scary issues, it does so in a mild mannered way—illustrated with simple drawings that keep attendees focused on solutions that will boost their cybersecurity.
Here are the key parts of the presentation.
The unseen cyber attack you face every day
The cybersecurity challenge
Discover your cybersecurity score
Three cybersecurity mindsets
The NEW Cybersecurity Rules: Top 10 Threats
How an email address can protect your finances
Why you MUST check your child's credit report today
The one best way to protect your credit from fraudsters
How you can track your money like the banks do
The software vulnerability everyone faces
How to make sure your home router is off-limits to hackers
How to create strong, unique passwords—that you can remember and actually help you
The one way you can protect yourself from a ransomware attack
How one wrong click can jeopardize your digital life and security
The easy way to unmask a phishing attack
Savvy Cybersecurity Action Plan commitment
How the Savvy Cybersecurity Reference Guide works
When we say the presentation is “interactive,” it’s because attendees actually complete several key activities throughout it.
Here’s how it works:
Step 1: Attendees complete 10-question cybersecurity assessment.
The first part of the presentation introduces attendees to the Top 10 cybersecurity threats and how to respond to them.
Before you introduce these threats, you ask the participants in the workshop to conduct their own, personal evaluation of that specific threat. They do that by answering a simple Yes or No question in the “scorecard” section of their copy of the Savvy Cybersecurity Reference Guide.
(You receive a personalized PDF copy of the Savvy Cybersecurity Reference Guide when you join.)
For instance, one question about Wi-Fi asks: “I know how to determine if FREE public Wi-Fi is safe to use.” (This is a critical question most people get wrong and it is really dangerous!)
Other questions cover these topics: credit reports, back-up, laptops/computers, Wi-Fi, devices, passwords, data breaches, and phishing.
This all happens in the first 5 minutes of the presentation. Once you’ve led the audience through the 10-question cybersecurity scorecard, they add their points for every Yes answer. That gives them a raw cybersecurity score.
Step 2: Discover your cybersecurity rating
Your clients then take their raw score and apply it to the rating index on the cybersecurity reference guide. It’s a simple system that tells them where they fit on a continuum from “Danger” to “Okay” to “Good.” (Most everyone is in danger.)
At this point in the presentation, you’ve really got everyone’s attention.
They’ve just discovered how vulnerable they are to being hacked. Then you lead them through the second half of the presentation. You show them exactly what they need to do to boost their cybersecurity rating by following the New Cybersecurity Rules.
Near the end of the presentation, you ask the attendees to pull out their cybersecurity reference guide again.
This is the part where they take action.
Step 3: Consult the cybersecurity checklist
You direct the workshop attendees to the “checklist” portion of the guide. The checklist is designed to help people identify activities they can act on now that will boost their security and improve their cybersecurity score.
Your clients and workshop attendees can pick from among more than 30 simple, clear checklist actions covering 13 different topics. Each action shows roughly how long it will take to complete and how many points it adds to their cybersecurity score. After reviewing the checklist, the workshop participants are ready for the final step.
Step 4: Complete your action plan and then get going
Remember, the goal of the Savvy Cybersecurity presentation is to get your clients to take action.
That’s why we’ve set up a simple, 3-item action plan for them to complete, also right on the reference guide. After reviewing the checklist, the client writes down three steps they’ll take ASAP to improve their security. They also enter a completion date and sign it. We do this for two reasons:
1) When people write things down, they’re more likely to actually do what they say.
2) Studies show people are also more likely to act when they pick a completion date and sign a commitment to get something done.
So, rather than just informing clients and workshop attendees of the cybersecurity problem and hoping they do something, we’ve made taking action more real and concrete.
Getting people to do things—as every advisor knows—is hard business. But adding the action plan element to the reference guide should help, along with some follow-up from you.
What else is included in the program?
One of the chief goals of the Savvy Cybersecurity program is to position you as a knowledgeable guide on this topic. You’re not presenting yourself as a “guru” or “expert.”
People, including your clients, who have serious technology challenges will need to get those problems resolved with help from a friendly, local IT expert.
Here are some other resources in the program that we believe will help you achieve the right level of knowledge and awareness about cybersecurity:
Will Hackers Scam Your Business? 5 Threats Every Company Faces and What Executives Should Do to Boost Cybersecurity at Work (Client Presentation): A one hour presentation to give to business owner and executive clients and prospects. It includes 70+ slides and speaker notes. This presentation introduces attendees to the top cybersecurity threats facing businesses and actions they can take to safeguard company data.
How hackers can drain thousands from your business account
Five types of CEO Scams and how to prevent them
Three areas of your business that you must secure
The best way to protect your company from a ransomware attack
Tips for employee training
Hack-Proof Your Smartphone (Client Presentation): Our smartphones have become the digital nerve center of our business and private lives. But many people don’t take the necessary cybersecurity precautions needed to safely protect them from being hacked. Use this short presentation to educate attendees on eight critical steps to hack-proof their devices. It includes 15+ slides and speaker notes. Hack-Proof Your Smartphone can be presented on its own or added on to the 1 Hour to Savvy Cybersecurity presentation.
Savvy Cybersecurity Business Protection Checklist (PDF): A two-sided, customizable checklist is the perfect resource for your business owner and executive clients. It's designed to guide them through cybersecurity conversations with important business associates such as their IT team and CFO. Give this reference to “Will Hackers Scam Your Business?” attendees or send to business owner clients. The checklist contains 40+ questions covering eight different cybersecurity topics, such as cybersecurity plans, data protection, employee policies, networks, and fraud prevention.
Do we have a written information security policy?
How do we control transfer of customer data?
How restrictive is our firewall for inbound communication and access?
How do we ensure all devices are running up-to-date software?
Do any third parties have access to our data?
Do we have a PIN on our mobile phone accounts?
How do you protect any personal device that also contains business data and contacts?
What is our password policy?
Savvy Cybersecurity Watch E-Newsletter (monthly): Each month we’ll send you our exclusive e-newsletter. You’ll get the latest on new scams and frauds, and what to do to prevent them, with links to resources you can share with anyone.
You’ll also get links to critical software updates. Microsoft, Adobe, Apple, Java, Firefox, and other makers or supporters of widely used software programs constantly discover new security holes in their programs.
The second they issue updates, they’ve actually tipped off the hackers, too. That’s why it’s crucial to keep your software updated and encourage your clients to do the same.
The newsletter will also monitor emerging threats and tell you what problems may become serious in the future.
For instance, we recently started following security experts’ conversations about USB memory sticks or thumb drives, the ubiquitous way to carry and transfer files.
It’s very likely hackers will soon begin planting malware on the USB devices. Then every time you stick one in a new machine, the malware will secretly infect the computer it connects to. So the newsletter will keep you posted on new threats. ($197 value)
Emergency Alert E-Newsletter: When word of serious, widespread new scams hit, we’ll send you an email alert with the latest details so you can share immediately with your clients and other people in your network.
Sadly, we’ve issued these with more frequency than we initially expected. Just the other day we got early word about the massive vulnerability revealed at the MBIA bond platform. Because of extremely poor IT work, their web servers were open to hackers and client account records were actually being indexed by Google! And it took them almost two weeks to close the door after a security expert notified them of the vulnerability.
You can see many cybersecurity issues actually exist right in your wheelhouse, so to speak. We’ll act as your eyes and ears.
Article Reprints (PDF): Throughout the year we’ll give you FINRA-reviewed article reprints you can personalize and use as part of your marketing and client communications. Each article focuses on important security measures clients should consider in order to maintain the best safety measures possible. Some titles include:
10 Ways to Protect a Small Business From Hackers
5 Ways to Boost Your Security Against ID and Credit Card Theft
Child ID Theft: 8 Steps to Keep Your Kids Safe
How to Create Ultra-Secure Passwords That Keep Hackers Away
The articles are great to use in your own e-newsletter, post on your website, or put up on any social media site like LinkedIn, Facebook, or Twitter. ($588 value.)
Marketing Toolkit (PDF): We want you to have the best turnout possible when you host a “1 Hour to Savvy Cybersecurity” program. That’s why we’ve created a marketing toolkit that will help you organize and promote your event.
You get a fully customizable flyer/invitation for your event. Just add your photo, logo, and other info, and you can print it out and use in your promotional activities.
You also get a press release to customize and share with your local media. (Don’t overlook this approach—many local news outlets are desperate for new topics to write about. They’ll be interested to learn your educating local people about cyberthreats.)
The toolkit also provides you with extensive, step-by-step instructions for planning your event. It includes timelines, checklists, and templates you and your team can use; it’s very in-depth and is a great resource for the planning of any type of event. ($375 value.)
Special Bonus! 10 Copies Included!
Hack Proof Your Life Now! The New Cybersecurity Rules: Protect your email, computers, and bank accounts from hacks, malware, and identity theft.
The headlines constantly report new data breaches and cybersecurity incidents. You and your clients are at risk. Learn the new cybersecurity rules to stay safe against the biggest cybersecurity threats we face every day.
Hack Proof Your Life Now! The New Cybersecurity Rules: Protect your email, computers, and bank accounts from hacks, malware, and identity theft..
How to stop phishing attacks every day
How to best protect your email account from hackers
How to create strong but memorable passwords
Why your child’s identity may be more at risk than your own
The best way to protect your credit
Ten copies of Hack Proof Your Life Now! The New Cybersecurity Rules: Protect your email, computers, and bank accounts from hacks, malware, and identity theft will be delivered to your office when you join Savvy Cybersecurity now ($119.82 value).
7 Reasons to Get the Savvy Cybersecurity Program
Eighty-nine percent of advisors surveyed are worried about fraud for their clients, and themselves. More and more cyberthreats emerge every day and it's time to do something about it.
Advisors who educate their clients on cybersecurity differentiate themselves from other advisors and connect with clients at a higher level.
Here are 7 reasons why you need the Savvy Cybersecurity Program:
Because it leads your clients and prospects through the cybersecurity process. The guide measures their current security level and provides actions they can take to boost their security.
Because no one else is talking to them about this. Cyberthreats are everywhere, yet no one is educating your clients on this topic. You should be that person.
Because it shows that you care. Educating clients and prospects about cybersecurity shows that you are interested in their well-being and want to keep them safe.
Because it allows you to communicate with clients and prospects. Using the Savvy Cybersecurity Program, you can expand the types of important conversations you have with clients. It’s not entirely about investments or planning.
Because it builds trust. Your clients will now have another reason to sing your praises and recommended you to others.
Because it will set you apart. Most advisors are not talking about cybersecurity with their clients. This allows you to differentiate yourself from the competition.
Because identity theft is on the riseEvery day we see new breaches, hacks, and scams that target your clients' identities. With 13.1 million victims of identity theft in a recent year, it's important that you help your clients guard against this growing threat.
Risk-Free GUARANTEE for Cybersecurity
Advisors who educate their clients on cybersecurity differentiate themselves from other advisors and connect with clients at a higher level. Horsesmouth's cybersecurity survey found that advisors want to protect their clients from cybercrime and identity theft but do not have the resources to do so. That's why I urge you to buy Savvy Cybersecurity to start talking to your clients today about their security. And that's why I can make this guarantee:
Use Savvy Cybersecurity as your chief guide for developing a client education program on identity theft and cybersecurity. Take a full year to implement the knowledge and tools included in Savvy Cybersecurity. If after 12 months you don't feel that you are more confident in educating others on cybersecurity, we'll completely refund 100% of your purchase price—guaranteed, no questions asked.
Just call and tell us you're returning all the materials to Horsesmouth at: Horsesmouth, 21 W. 38th St., 14th Fl., New York, NY 100018. Phone: 212-343-8760, Ext. 1.
Order Savvy Cybersecurity Now—Your Clients Will Appreciate It
There couldn’t be a timelier client service to add to your business. Cybersecurity is an unparalleled danger to you, your team, and your clients.
When you take steps to help people improve their security—whether they’re clients, prospects, or just folks around town—you’ll be demonstrating once again the type of citizen and professional you are. You and I both know this is a business based on trust—it’s not really about the investment results.
And this is no flash in the pan topic. In fact, when you learn more about Savvy Cybersecurity, you’ll quickly realize that the topic is very fluid. While there are critical fixes your clients can make to their cybersecurity posture, nothing is ever set and done.
A useful metaphor for cybersecurity is the gas tank. When someone takes all the key security steps included in the Savvy Cybersecurity principles, their security posture is at its fullest level.
But as time moves on—just like with a full tank of gas—the level of your security drops. New software updates are released, people buy new devices, new threats emerge, and new security holes are discovered.
The passing of time naturally erodes the quality of your security. That’s why everyone—you, your team, your clients, and your community—needs someone to remind them about this critical issue. And who better to be that person in your clients’ lives?
Savvy Cybersecurity will elevate your status in the community. You’ll become a knowledgeable guide on the topic. People will value your insights.
That’s why I urge you to become a subscriber today. There’s no risk involved. If you subscribe and don’t like the program, we’ll gladly issue a refund.
Remember, you get 10 copies of Hack Proof Your Life Now! The New Cybersecurity Rules: Protect your email, computers, and bank accounts from hacks, malware, and identity theft; the “1 Hour to Savvy Cybersecurity” presentation; pdf of the Savvy Cybersecurity Quick Reference Guide; article reprints about cybersecurity that you can customize and use on the web, in newsletters, or print and handout to clients and prospects any time; a monthly Savvy Cybersecurity e-newsletter keeping you updated on new developments and emerging threats in the field; an Alert email when serious cybersecurity news breaks; plus a complete marketing toolkit to organize your event, I think this is one situation where you should not hesitate. With FINRA and the SEC preparing to breath down advisors’ necks about cybersecurity, it’s much better to get ahead of the curve and actually develop a strong knowledge base on this topic.
Since 1997, Horsesmouth has been helping financial advisors succeed by providing timely guidance on key topics such as business development, practice management, financial planning and investment strategies.
FOR INSTANT SERVICE Call Toll Free: 1-888-336-6884 ext 1 (Outside U.S.: 1-212-343-8760)