© CEOCFO Magazine -
Lynn Fosse, Senior Editor
Steve Alexander, Associate Editor
Bud Wayne, Editorial Executive
Christy Rivers -
Valerie Austin -
Founder and Managing Director
Cyber Special Ops, LLC
Interview conducted by:
Lynn Fosse, Senior Editor
Published – April 27, 2020
CEOCFO: Mr. Suhs, What was the vision when you founded Cyber Special Ops? What is the focus today?
Mr. Suhs: I’ve spent the past 23 years working with organizations to evaluate cyber risk and helped launch the first cyber insurance product back in 1997. While the acquisition rate for cyber insurance has increased over the years, today still only 2 out of 10 small and middle market enterprises buy stand-
That is where I looked to concierge medicine and the model of availability, same-
CEOCFO: How do you reach out to potential customers and why does your service feature make a difference for those eight out of ten who are not being proactive?
Mr. Suhs: We work directly with clients and their insurance brokers. We have packaged and bundled services to help the C-
CEOCFO: What do companies misunderstand about security?
Mr. Suhs: Cyber security isn’t a technology issue. We view cyber risk as a peril that involves the financial health of your organization. For example, how do you train employees to protect intellectual property? Does your organization have a process to evaluate third party vendor contracts for cyber risk? Just because you outsource to a third party doesn’t mean you aren’t legally liable for data of your employees and customers. Do you have dual authentication for online banking, including wire transfers? We help senior management proactively evaluate cyber risk from a multifaceted basis.
CEOCFO: Do you see increased interest, perhaps as a result of COVID, where people will pay more attention in general than they have in the past?
Mr. Suhs: A cyber virus and COVID-
With respect to COVID-
State Auto had argued that the direct physical loss requirement wasn’t satisfied because the attack merely blocked National Ink’s ability to access intangible electronic data files without fully disabling its computers. But Judge Gallagher was unconvinced, saying that, “in many instances, a computer will suffer ‘damage’ without becoming completely inoperable.”
Certainly if you look at the analogy with COVID-
CEOCFO: What has changed in your approach over time?
Mr. Suhs: I now communicate to organizations that they should operate with zero trust, an information security framework which states that organizations shouldn’t trust any entity inside or outside their perimeter at any time. While you can’t prevent a cyber incident, you can control the incident response by having the right team in place. Who do you call when you are sick? The answer isn’t your health insurance company. You call a first responder. Cyber Special Ops is your cyber first responder who will triage the cyber event and hand the matter to an experienced law firm who then may engage an information security firm under attorney client privilege. That can make a world of difference.
CEOCFO: What do you look for in your team; what is important for Cyber Special Ops?
Mr. Suhs: I look for people who are entrepreneurial, good listeners, and who can provide guidance to solve problems. Our team is consultative and collaborative and serve as a trusted resource to find the right resources to help our clients with the best solution.
CEOCFO: Are there continually new resources that become available?
Mr. Suhs: I see a lot of venture capital investment placed into cyber analytics firms. These companies will scan an organization’s URL and provide a security score based upon proprietary scanning and open source intelligence. I liken this model to a real estate drive-
For example, when Target was hacked, the bad guys stole a vendor’s credentials, which were used to access Target’s system. The discovery that the credentials stolen in the Target breach were from an HVAC contractor shows how much we live in a connected world and how insider threats are the hardest to detect since outside attackers look just like employees when they are on the network. How would an analytics firm look at that type of scenario? They wouldn’t even know about that vendor relationship.
CEOCFO: What is the competitive landscape for you? Are their many companies that have recognized the concierge approach?
Mr. Suhs: We have several broker clients. We also have direct clients ranging from small startups to one of our largest clients being a large national trucking company. Concierge Cyber® is new but the model is well proven in the healthcare industry. We are seeing a lot of interest and tremendous support on the Concierge Cyber® value proposition. We are building and growing considerably. We have offices in New York and Chicago are going to be launching in London next month. We continue to grow.
CEOCFO: Why London?
Mr. Suhs: We have a seasoned cyber risk consultant that I’ve worked with in the past in London and see an opportunity not only for U.S. placed business at Lloyds of London, what we call the reverse flow, but also Concierge Cyber® membership for U.K. organizations. We are unique and look to expand there for that opportunity. We have added two U.K. law firms that are very well-
CEOCFO: What has changed day-
Mr. Suhs: I think the most common discussion with clients and their insurance brokers is business interruption coverage related to the pandemic. I know that there are several states and federal legislation that would nullify existing exclusions and force insurers to cover business interruption from viral pandemics. Organizations are financially hurting and looking for any means to stay afloat. Sadly, cyber threats haven’t diminished, and organizations of all sizes are still getting hit with cyberattacks, particularly from ransomware.
CEOCFO: Why take a look at Cyber Special Ops?
Mr. Suhs: For a modest annual fee, we provide our clients with guaranteed access to personalized care and availability with a team of highly credentialled third-
“For a modest annual fee, we provide our clients with guaranteed access to personalized care and availability with a team of highly credentialled third-