Minding Your Business
*Minding Your Business* is the podcast dedicated to empowering small business owners on their journey to success. Hosted by industry veterans David Praet and Scott Merritt, each episode features insightful interviews with experts, entrepreneurs, and thought leaders who share their knowledge and experiences to help you excel in your business. The discussions will equip you with actionable insights and inspiration.
mindingyourbusinessshow@gmail.com
Minding Your Business
Is Your Business Ready for Cyber Attacks?
Cybersecurity Essentials for Small Businesses:
Insights from Jim Hughes of Business Risk Solutions
In this episode of 'Minding Your Business,' David Praet speaks with Jim Hughes, founder of Business Risk Solutions, about essential cybersecurity measures for small businesses. Jim shares practical tips on how business owners can protect themselves from cyber threats like ransomware and malware, the importance of strong passwords and regular vulnerability assessments, and offers free resources such as a cybersecurity assessment checklist and identity theft awareness tips. The conversation also delves into Jim's background, his experiences with cybercrime, and his mission to educate seniors on identity theft. Whether you're a new business owner or experienced entrepreneur, this episode provides valuable insights into safeguarding your business in the digital age.
00:00 Introduction to Minding Your Business Podcast
00:16 Meet Jim Hughes: Founder of Business Risk Solutions
01:06 Jim's Early Life and Career Beginnings
04:00 Journey into Cybersecurity
05:25 The Growing Threat of Cybercrime
08:04 Practical Cybersecurity Tips for Small Businesses
15:25 The Importance of Strong Passwords
21:22 Advanced Security Measures: Biometrics and Authentication
23:33 Monitoring and Vulnerability Assessments
25:23 Understanding SOC and Business Vulnerabilities
26:24 The Role of Insurance Agents in Cybersecurity
27:30 Challenges in Cyber Liability Insurance
29:56 Responding to Cyber Attacks
33:31 Importance of Cybersecurity Budgeting
36:23 Incident Response Planning
37:12 Protecting Seniors from Cyber Threats
38:15 Engaging with Seniors on Cybersecurity
43:41 Special Offers and Final Thoughts
Free Offers:
CYBERSECURITY ASSESSMENT CHECKLIST
https://business-risk-solutions.kit.com/d06ed4644b
https://www.businessrisksolutions.net
jim@businessrisksolutions.net
Phone: (847) 710-1030
And it's a tool that will cost them nothing. The advantage of them at least taking the time to do that is they may be able to preclude themselves from being shut down. And most small business owners, put their business, their assets, their home, all their money, into running and owning and developing and growing their business. One mistake with cybersecurity wipes all of that out.
Hey guys, this is David Praet, and you've found Minding Your Business, the podcast where we highlight those businesses and individuals that help business owners not only survive, but thrive in their business. And today we have another awesome guest. Jim Hughes is the founder of Business Risk Solutions. And he's going to share the tips and tricks to protect your company's data and protect you from becoming the next victim of cybercrime. Welcome to the luxurious Exodus HR studio lounge. It's pretty nice. Uh, in downtown Brentwood. Listeners at home, you can't see this, but in your mind, think a lot of mahogany, leather, the smell of cigars, cognac. Yeah. Right. So Jim, we're really excited to have you because this is a topic that. Our audience, our business owners, really need this information. And I think a lot of times, especially the new business owners, might not be aware of the threat of what they, what's out there and what they need to know. But before we dive into the cyber security, let's learn a little bit about Jim Hughes, in your background. Where's home? Home is where my wife is. Get in, sir. Now, home is in Cain Ridge, Tennessee. I spent most of my life in the Chicagoland area. And finally wised up to how important it is to live in an area that you enjoy and aligns with your values and gives you opportunity. And Nashville checks off all of those boxes. So, we've been here three years, and it's been a great journey to here, and, uh, living here, we just love it. Did you grow up in Chicago? Southern Illinois, South Central Illinois, grew up there, then went to, I've been in Chicago for the last 40 years. Because there was opportunity there, obviously, more so than, in the center of the state of Illinois. What was your first job? I worked in a theater in the downtown off the square in a little town called Charleston, Illinois and they had a theater there and I all of the letters up on the marquee and ushered in that. Ushered meaning you clean up popcorn off the floor and get the drunks out or whatever the case may be. 35 cents an hour. Wow, you're killing it. But those first jobs We talked to every guest about this, but those first jobs are so formative in exposing you to what the world of employment is and what's expected out of you as an employee and you get to witness how the business owner runs the business and uh, it's so, so educational. I'm sure you learned a lot. It, at the time I didn't, I wasn't aware the older you get, the more you look back and see where there were little. Lessons that you learned from each of those and my second job was cleaning a little small office of about a thousand square feet clean. I was their cleaning man. So I'd go in after they closed and emptied the garbage cans and dust and just cleaning through it. And one of the things that my father had told me, they said, do something above and beyond what they required of you. So you can stand out a little bit. That was about the only. Good advice he gave to me, but he gave it to me and, uh, that worked, that was a, that was a good lesson in and of itself for, uh, for small business. So, and then I, over the course of the last 40 years, I've started, created, built and sold five businesses. Wow. 19 years ago, I started my sixth business after I sold my fifth business. And I always do this, put my hands together like I'm praying. And say, I'm thankful because when I sold that fifth business, the check cleared. It's always important. And so I retired for about 14, 15 minutes and said, this really bites. I'm not a retiring kind of guy. And I said to myself, okay, what is a need out there that is starting to grow its ugly head that maybe I could learn how to wrestle with and help. The business community, because I always worked in the business community. So, identity theft was that culprit, if you will. A few years into that 19, last 19 years, uh, my business owner came to me and said, Jim, you're providing identity theft coverage for my employees and for my family, but what about the business? What's this ransomware, malware, uh, issue that's out there? And so that business owner pulled me right into the world of cybersecurity. And so that's how things have progressed. And over the course of those years, and now I'm spending my time, uh, trying to learn as much as I can about that field because the small business owner is not conscious of, not Educated in, doesn't think they're a target of, or there's a threat to their business because they're so busy trying to keep the doors open, the payroll coming on Friday, and trying to grow their business. And they think that ransomware and malware attacks or cyber security issues are for the big boys. Because that's what they see, that's what they hear. I have read in the Tennessean, the June issue of the Tennessean, 2024. People still read newspapers? Unbelievable, isn't it? It's hard to believe that they're there. Actually, I had it, the article was sent to me digitally. Oh, there you go. I didn't read it in the newspaper. There you go. It was in the Tennessean. And so it said that over the course of the last two years in the Nashville area, small business, small and medium sized businesses, 49 percent of them have been hit with ransomware malware. Of the 49 percent that were hit, 60 percent of them are now out of business. The business owner doesn't know what they don't know. And what happens is I get the call because of people knowing I'm in the business after the fact. Okay, what can I do now? My computers are locked up. I can't get, I can't operate my system, etc. And, of course, that's a real hard issue. issue to solve. It's like trying to get all the cattle back into the corral after the corral's been open, right? Sure. So, I have taken upon myself, my mission is to help as many business owners and individuals who are concerned about that risk, and everybody should be concerned about that risk, to identity theft as well as cybersecurity attacks, because it's continually increasing. If you follow the statistics, they're rapidly growing. So, That's who I am and what my mission is. I'm going to spend the rest of my life doing this because I enjoy it. It's hard, but I like things that are difficult to figure out. So, obviously cyber security was something we didn't have to worry about. When you and I were kind of coming up, I guess. That's right. The bad guys were easy to identify. They were easy to, to see. That's not the case anymore. Looking at cybersecurity and how it affects business, are there any particular types of business that are at risk? Or any, maybe they're not at risk, or all of our business is at risk these days? Well, I heard a cybersecurity specialist say there is a way around the risk of cybersecurity. And that is if you move to the North Pole, throw all of your devices away, and don't communicate over the internet, you don't have any risk. Many of us find that a little bit silly. And as a result of that, to go back to answering your question, any business that has, operates A computer system in their business, which is all businesses, including the barber. The local barber has the risk and the problem is people don't understand what the risks are when the, when the, the services come out. I'll give you an example. One of the most recent tools that have come out from the banking system is a banking app. So you can put your app on your phone. We all do. Uh huh. And we can make deposits. You can take a picture of a check and deposit it into your account. You can check your balances, which you should be checking every day. And this holds true for the business owner, especially the business owner. And you conduct business right from the, your chair, right from your office. You don't have to drive into the bank. The problem with that is that the thieves know that. And the thieves know that if they get your banking information, they've got a grip on you. And so, when they send a text message, To you that is a phishing text message and you click on it because you're so busy you don't take the time to stop and think. That's a big mistake that most of us make. And you click on that, it downloads malware onto your phone. The next time you go into your bank via your phone, it follows you in, pulls all of your credentials right along with, and sweeps all of the accounts. 50 percent of the phone calls coming into my west coast in California, Sacramento, and in Chicago, which is the mid, uh, middle west. Call centers, 50 percent of the calls coming in are people who have had their accounts swept with that tool. So it's a, it's an issue that is affecting a lot of people. That's just one example of the securitist route that the black hats, meaning the thieves, are using to get to your and my money. It makes some big money. The money that they're making is unbelievable, and they're doing it all with techniques like that. Sure. Same reason the bank robber robs the banks, because that's where the money is, right? That old saying. Yes. Jim, I'm a small business owner, and maybe I haven't really thought about this topic before. Obviously, I'm doing a lot of my business online, whether it's my payroll, my banking, accepting payment. I'm connected to the internet. My employees are connected to the internet. Where do I start with all of this? Well, that's a really good question, uh, because if I was sitting as a business owner back and listening to me talk, I'd be asking that same question, where do I even start? I mean, it's overwhelming. And, uh, the answer to that is I have created a one page cybersecurity assessment tool. It's eight questions that drive into your knowledge base. Of cyber security and giving you the chance to answer some questions, those eight questions and determine if you need to go further. in having professional advice as to what to do next. And I think the, the answer to it is don't look at it as if it's an overwhelming field. Look at it as, let me find the doorway in so that I can, step by step, find the right professionals to help me through this process. Because the worst time in the world for you to be figuring this out is when you're at computers. are locked up, or the system is down, or your employee transferred the balance of your business account to what she thought you were asking her to do. And so that, that's where I'd start. And I have that for your listeners and they can, I can give you the URL as well as they can send it to my email address, which is jim at business risk solutions dot net. And I will forward that back to them so they can take that assessment. And this will reveal in one very short period of time, in just a few minutes, what you don't know about your system, what you should be doing next. And it's got a little tool, a key, at the bottom of that page that says, if you answered yes to these questions, or yes and no, or all no, this is what you should do. And it's a tool that will cost them nothing. The advantage of them at least taking the time to do that is they may be able to preclude themselves being from being shut down. And most small business owners, Dave, put their business, their assets, their home, all their money, their family's money into running and owning and developing and growing their business. One mistake with cybersecurity wipes all of that out. So as a result of that, they can lose everything they've worked so hard for. No matter how long they've been in business, no matter how smart they are, no matter what their field is. So hopefully answered your question. It's really exposure to everyone that's using computers. And that, it sounds like that's a great tool and we'll put that in the show notes for a business owner to at least start the process. And then I would imagine if a business were to start working with somebody like Business Risk Solutions. One of the things you probably start with is looking at the work processes in the office of the employees and, and I'll just, I'll throw this out there as just one example of that. Most of the time when we're doing business online, whether personal or through our business, we have to use passwords. And if I don't have a company policy on passwords, I might get the employee that thinks that the password of password 123 is a good idea. I say that tongue in cheek, is the password a, a point of weakness when it comes to my business? Absolutely. Just picture it being, the password is your front door to the business. Your password is your front door to your home. So if we're talking about the business, that password is so critical because once I'm in, If I've got your password, once I'm in, I've got the keys to the city, meaning I have full access to everything that's in your system. Unfortunately, most people put all of their information, like their passwords, in their computers. Of course! Or in their phones. As a result of that, as soon as I get access as a dark hat to either of those, any of your devices, then I have your passwords. And most people use the same password over and over and over and over and over. So, and the thieves know that. They can see those trends, if you will. What's the right way to do a password? Well, I do, for business owners and their employees, I do a training, a three part training, where I go in and teach them the basics of how to keep, how to develop a good password, and what is phishing about, and how do they handle incoming emails, and what to do when there's a request for any money, period. If you will, and I do that for the purpose of training them at entry level. That's a starting point for the business owner. Passwords, people just yawn. When I'm looking in out in the audience, I start talking about passwords and people go, oh, I've heard so much about passwords. I don't wanna have a password. I don't wanna make it complex. I, I can't remember the password. Why do I need a password? Why, why can't I just have. Password, the word password, and the problem is that's the front door to your business and the front door to your personal identifiable information, which is where the thieves go to get your information so that they can steal your money. So a good password is just to give you a feel for this. I got this from one of my cybersecurity courses, current statistic. If you have a password with 10 numbers in it. And they're just numbers that are scrambled. I've got a computer program that can break that password. Tell me what it is in 5 seconds. If you've got 8 numbers and letters scrambled in a password, 8, my computer, that same computer program can break that code and tell me what the pass, your password is in 34 days. If you have 16 characters, numbers, letters, Symbols, 16 characters, no words, numbers, letters, no words. It takes that same computer program 152, 000 years to break that code. So people then say to me, okay, Jim, alright, 16 characters, how in the world can I remember 16 characters? And so what I do in, in my trainings is teach people a, a specific process that is only their information. So I will say, take the first letter from a ten letter or ten word song, your favorite song. So one that you can remember the lyrics to. Take the first letter of each of them. That's your core center. Then add to the left of that. Another three or four characters forward slash number question mark and the right hand side of that add another few characters so that you get yourself to 13 characters. Then if it's BMO Bank, my, the account that I'm setting up this password is BMO, BMO Bank, then the last three characters would be BMO Bank. So, I can remember the 13 characters because, uh, and I, I've used this over and over and over. You have a structure. You have a structure there that only you know. And you don't put it in your computer system. You don't put it in your devices. You don't put it in your phone. Because that is something that the thieves can get a hold of. If any, if you need to write it down, write it on a piece of paper, but the old fashioned way, a piece of paper. They can't get to, the thieves can't get to that piece of paper. That gives you the opportunity to have 16 characters. And so the follow up to that, I say to them when they look at me and say, Oh, Jim, gosh, that's a lot of work. Just remember this phrase. Today, we live in a world, in the cyber world, the digital world, where security is not convenient and convenience is not secure. Wow, that's deep. I think if I were a bad guy and I was trying to figure out somebody's password, I would probably start with the name of their pet. That seems to be pretty common, name of the pet, and then maybe, I don't know, year of birth, or, yeah, or you could just say, what's Jim's mother's maiden name? They can get that online. So, that's the reason why I say no words, no words at all. I'm somewhat surprised that in the day and time that we live in, that we're still using passwords. And I know there's biometrics. Obviously, the most obvious is the iPhone. where you can unlock your phone with your face. Do you see biometrics being used more and more in the future where we'll maybe get away from having to manually put in passwords? Well, the newest thing to make that move that you're talking about, to get away from passwords, is pass keys. And that is a tool that is being used to give you another way of not having to remember a password. It's a key. I won't go into the depth of that right now, but that's, they're always trying to think of new ways. Way of trying to build more security is authentication. Now, most of us are aware that there's a term called two factor authentication. And that basically, that second factor. When you go in and log in and put your password in and it sends and asks you to send you want an SS, SMS or an email sent to you with their code, six digit code, that's a two factor authentication. The industry is talking about going to three factor authentication. So it's going to be more. Steps involved. Uh, in order to put enough air, if you will, between you and the thief. Because if a thief is following you, or his code is following your malware, is following you, the two factor and three factor authentication separates the code and the computer from the transaction that you're doing. So that it gives, puts air between it and you can't see it, so. That's what's going on now that is only part of what is security tools that are being developed. And used for the purpose of eliminating the fraud that's going on. So let's go back to our business owner for a second. We are looking at the processes, the workflows that we have in place to make sure that we are being as safe as we can. I assume there's also some kind of monitoring or software or something working behind the scenes that's also protecting my data? When I'm working with a company like yours, yeah, there's a number of ways to do that. We can monitor if you will the activity of the system and look to determine if there is any malware in your system or any ransomware or a Trojan horse or worm, these are all terms and used in this area that Or is waiting in their system. That's the reason why it's so important to have a vulnerability assessment at least once a year. Now Congress has gone to the point where they put into the FTC's hands. The teeth of, if you are defined by the Federal Trade Commission as a financial institution, and that is really broad, their definition of a financial institution. Anybody's basically dealing with customer's information. That once a year you must have a third party, not your IT team, even if they're qualified. A third party, another set of eyes, to do a vulnerability assessment both internally and your computer system. Externally, your website to determine if there is any lurking code sitting there and have a findings report, a written findings report for that analysis. So we do a lot of that now in the business world, in the small business world, it's starting to, this is starting to develop what we call SOC 2 type 2 attestations. Well, SOC is standard organizational controls, designed, set up. And must follow the AICPA's five step guideline for determining if you're vulnerable. And the reason where this is coming up now in the business world is that if I, Dave, I want to buy your business and you've got 30 employees and 30 computers and 30 years of experience and 30 years of customers, et cetera. You've been gathering a lot of information for a long period of time, and you've got a lot of people working on your, their computers. I want to know if I'm buying your business. There's nothing lurking there that's going to come into my system when I connect to you, when I take over your system. And that's what a SOC 2 Type 2 attestation is, and it is high caliber, Audit that must be signed off by a CPA and we have a CPA on our staff. Yeah, that makes sense. Is this, is all of this something that maybe my commercial insurance agent should be knowledgeable about or what's your experience been with that? Wow. What a topic. I love it. I've owned an insurance. That's your background. Yeah. And so I'm a little closer to it than the average cyber security person. The problem is most of the insurance agents don't have any depth. They've got so many other subjects. There are general liability, workers comp, umbrella liability, automobile. All the other things that, that are important for them to stay up with. Business continuation. Oh yeah, and property coverage, and employee practices, liability, and it just keeps growing. So they, they don't have the scope, they don't have the understanding, all they get is a little bit of information from their insurance companies who are pushing them to sell their cyber security. Cyber liability insurance, which they should have, they being every business owner, 9 out of 10 of them don't, the small business owners, because of the cost. But the problem is, and stay with me on this Dave, this is real, real important. The application process for a cyber liability insurance policy is a warranty process. So, The underwriter puts out the application. The business owner answers those questions on the application. There's an incongruity between the two because the underwriter knows the language, knows and understands the depth of the terms, and the business owner doesn't. So the business owner is a little bit more cavalier. In answering those questions, therein is the opportunity for the underwriter at time of loss to get out from under the loss. So it's really important, very important, that application be completed by someone who understands the cybersecurity world. And that average agent doesn't have a lot of depth in it. I've interviewed many agents here in Nashville, and they look to me to answer the questions, and they're the ones that are taking the application. So it's really important. There's a big void there. I'm glad you brought that up. It's so doggone important. So you actually partner with commercial insurance agents to help them help their clients. And I'm basically trying to educate them as much as I possibly can on the underwriting process and on their scope and responsibility. There's a little law called failure to procure in the insurance business. And that means that if you're my client, And you look to me as I'm your agent for your commercial insurance, and I may handle your personal insurance as well. I'm your agent. You have a responsibility to bring all of the insurance protection that you need. I need to bring that to you. And if I don't, and I don't offer it to you, that's called a failure to procure. And I'm liable because I didn't offer it to you. It's almost a fiduciary type relationship. Yeah. I don't think it meets the definition. As you stated earlier, most of the time when you start working with the business, it's because they've had something bad happen. Right. How much are you able to go in and I guess fix what went wrong and save the day, uh, or in many cases, is it too far gone and they just have to suffer the financial loss and kind of move on from that point? Yeah, good question. I think that there are two answers to that question. One is that if it's a basically a shutdown of the computers and they've got, they've done their due diligence as far as backing up, uh, we can swipe, literally clean the computer. Because we've got the backup and reinstall a new operating system and then download from backup their systems and they're off to the races and moving. They don't have to pay a ransom. Unfortunately, a lot of the business owners take steps that they shouldn't take before they make the call. So sometimes it's impossible to turn it around because the thieves are too far in. They've got to buy the short hairs, so to speak. They've got them shut down. Every day is costing them lots of revenue each and every day. And the business owner gets frantic. And they say, well, how can I solve this? I need to pay that ransom. The problem with paying the ransom is once you start paying ransom, then they know you pay ransom. Then they're, it's an easy revisit to you. And so if it's a larger case, and I've got one in Mount Juliet that I'm thinking of with your question, they've 35 employees. All of the computers, all the employees were on the computers, and they got a ransomware attack for, they wanted 35, 000. The business owner How did they come up with the number? Based on what they see in the information that they have, as to a wild guess as to what you will pay. And so, a big hospital compared to this small company. They know the difference. Long story short, in this particular case, the guy borrowed against his home equity loan from his home equity source, HELOC or whatever they call that, and paid the 35, 000, and he's out of business today. Still, after he paid the 35, 000. So, the ramifications is not only the loss of the ransom, the money, it's loss of reputation, it's downtime. What's your customer doing while you're down? And especially if they're interacting with you on a daily or regular basis, they go elsewhere. So it'll shut your business down. What happens to the key employees? When it's shut down, they say, Hey, this is no place for me. I'm out of here. And they go elsewhere. So, I mean, it's a crumbling effect, if you will, from the time of the, the proximate cause occurred. So, what do you say to the small business owner who is good at his craft, gets up every day, is battling to meet payroll on Friday, and he says, I understand the importance of this. Quite frankly, I'm doing everything I can just to keep the business in the black. Yeah. What do you say to those? Small business owners that say, I understand the importance, I just don't feel like I can afford it. Well, I think one of the things that has to be, the business owners have to start thinking about is they have to have a line item in their budget for cybersecurity. And 90 percent of the people that I see, the business owners I see, don't have any money set aside for that at all. They moan and groan because they have to hire a virtual chief information security officer, such as a, what we call a VCSO. And because that's an extra payment that they have to make, or an extra expense, if you will. The problem is that if they don't, have some defense, set themselves up for some defense. They don't do a vulnerability assessment. They don't train the employees on what to do and what not to do when they're on the company's computers. They're a wide open target just waiting to happen. So, get used to the fact that you're going to have to set some money aside and have a cybersecurity assessment. You're going to have some tools in place. To protect the endpoints, what we call the endpoints, which is the computer, all the devices, those are the endpoints, from being attacked. And furthermore, we need to know routinely, and that includes backup, which everybody yawns over when I say backup. They've got to backup and then test their backup. A lot of people do backup. It's so easy to do backup. But then when it comes to testing it to see if it's actually working, they don't do that regularly. So those are little tools, and cybersecurity specialists can help them down that path. Just like anything else, you develop a relationship, you vet that person, you vet that company and see what they've been doing, who they have been helping, and have conversation. Because the worst thing in the world is for you to come to me after the fact. So in this day and age, with it being as prevalent as it is, it's just a business requirement. Yes. What does that look like when they start working with business risk solutions? What is the process? What can they expect in terms of? Well, it depends upon whether they have any IT department at all, but as far as ongoing support is concerned, we can provide that. Initially, it is a, it's a, um, a simple process to assess front end, starting with my cybersecurity checklist that I was talking about earlier, to determine what are their needs right now. What haven't they done? What haven't they done? One of the questions is, do you have an incident response plan in place? And sometimes I get the look of, what's that? And an incident response is, when you get attacked, what do you do? What's your first step? Who's your first phone call? Where do you go? What don't you do? Et cetera. That plan is a tool that can help you recover because you've got something in place that right away you can react to, as opposed to Willy nilly chaos, and have no idea of where to go, who to call, what's the next thought or procedure. And a team like mine can help put that emergency response plan together, so there's a logical sequence to follow, and we can get you back up as quickly as possible. I know one of the most vulnerable segments of our society when it comes to cybersecurity and being a victim of it is the senior population. And I know that's one area where you are putting a lot of focus. Why is that? Because I are one. Yes. And I've got asked several times to just do a basic identity theft awareness workshop for some senior facilities in the Chicagoland area. And so I, I brought that after going in and seeing what was actually happening to these seniors. Boy, that opened my eyes wide open. So it's a mission today. I want to get to as many seniors as I possibly can to help them understand what they don't know. They were raised, we were raised with the front door unlocked on our house. We didn't have cell phones. You had dial phones. I remember people leaving their keys in the car. In the car. In the ignition. Yeah. Yeah. Yeah. Well, all of that has changed. All of that has changed big time. So, one, when you go in, Dave, to a senior living facility, and they know who you are, then they promote me so that they know what I'm going to speak on when I come in. And they come up to you and say things that have happened to them last Friday. Tell us a story. I'm in, I'm in Summerbee's, which is in Franklin, Tennessee. It's a senior living facility, and I'm going in there setting up, and there's a room for about 30, 35 residents, and I'm going to give an identity theft awareness workshop, and a guy comes up to me, looks like about 80, 85, somewhere in that age group. And he says, and he wants to talk, so I'm setting up, setting up my computer, setting up my stand, setting up my promotional stuff, et cetera. And he says to me, I just was scammed out of 9, 500 last Friday. I thought it was my grandson. He needed money. Then he said, what really hit hard to me, he said, that's the second time that's happened. He didn't learn from the first time. How did they do it? That's called social engineering. They get them on the phone, and today it's even more sophisticated than it was just a few years back in that they can replicate the sound of your grandson. If your grandson's spending any time online, any videos, and they, you know how the kids, they video back and forth to each other? They can capture that information and with AI, create your grandson. Wow. So it sounds just like your grandson. And so I said to him, please come to the class. He said, I'll be there, I'll be there. And, and he, this guy, I don't know his financial background, but most seniors. are on a fixed income, and they don't have time to remake the money that they lose. So that, that's one example. The other one I'll tell you about is I'm out in Carthage, Tennessee, which is way east, out by Knoxville, headed in that direction. And I give a, there's about 40 people in the audience, and I, in a senior living facility, and I give my presentation and education, answer questions, and blah, blah, blah. And I'm still putting my gear together to leave. And a guy comes up to me that had been sitting in the center of the audience with his wife and says, with his hand cupped over his mouth so people couldn't hear him, that was in fellow residence, says, my wife and I were just scammed out of 109, 000. Now, we'll be all right. I told my wife, we'll get through this. We thought it was our church. Again, social engineering. Social engineering has become so sophisticated, you don't know who you're talking to. I could be talking to you right now, and I know Dave, I know his voice. And that's going to get more and more sophisticated. Yes, especially with AI, artificial intelligence. So. Those are just two current examples. I got gazillions of them from all of the seniors. So you're actually going out and presenting and speaking to associations, senior living centers, churches probably. What a great way to kind of help seniors by sharing this information with them. Well, I'm in hopes. It's my mission. I love doing it because The need is so strong when you look out into to the audience, Dave, and they pay attention and seniors have a tendency to fall asleep. They have a tendency to be diverted by something, some other noise or whatever. But when I start talking about some of these issues, they always have examples. I had this lady just popping into my mind right now stood up. She had oxygen tubes in her nose and she's sitting in a wheelchair and she's. Stood up or pushed her back and, and said, when I was talking about the issue of clicking on a link on your text messages and downloading malware on your phone, and then goes into your bank the next time you go in, she said, I had all my bank accounts swept. All of them. That just hits you in the solar plexus, if you will. And so if I can get to and save one, uh, Senior from losing their life savings or a significant amount of money that they should have for their health, their, for their being, their wellbeing. Then that's what drives me. I get excited about that. So if someone would like to hire you to come out and speak to their group, what's the best way to get in touch with you? Email at the jim@businessrisksolutions.net. Um, I'm also in LinkedIn, Jim LinkedIn, Jim Hughes, BRS, which is Business Risk Solutions, LinkedIn. And you could DM me there on Instagram and in the show notes we'll have the contact information too. And you'll go anywhere in the country as long as they. Pay for the flight. You bet. Earlier, you offered a special offer. Yeah, I actually, I've got two offers. One is the Cybersecurity Assessment Checklist, which is a one page, eight question assessment that the business owner, uh, can self assess and then take that information to me or their, their cybersecurity specialist that they, they work with. and know what the next steps are. What don't I have in place? What do I have in place? Et cetera. That's free. You can get it in the show notes. I'll have the URL there. You can download that. And a lot of companies charge an assessment fee. There is no assessment fee. And I'm giving this to your listeners purposely to try to get the word out. Second thing is I've got a tool called the Identity Theft Awareness Tips. And it's a list of the Eight strongest ways that the thieves get to you and how to prevent that, how to give yourself defense. So they say, your identity, you have to wear those tips. I'll have that in the show notes. That's another URL. And that is, is free to your listeners as a gift. Very nice. Thank you, Jim. It's really been educational for me, and I know for our listeners as well. We appreciate you coming by. Thank you. I appreciate the opportunity, and look forward to the next conversation we get to have. Sounds good. Thanks, Jim.
