CYNERGISTEK I N V E S T O R P R E S E N TAT I O N NYSE AMERICAN: - - PowerPoint PPT Presentation

cynergistek
SMART_READER_LITE
LIVE PREVIEW

CYNERGISTEK I N V E S T O R P R E S E N TAT I O N NYSE AMERICAN: - - PowerPoint PPT Presentation

Mar 09, 2024 286 likes •524 views

CYNERGISTEK I N V E S T O R P R E S E N TAT I O N NYSE AMERICAN: CTEK SAFE HARBOR STATEMENTS This presentation contains, and our officers and representatives may from time to time make, forward-looking statements within the meaning of the

slide-1
SLIDE 1

NYSE AMERICAN: CTEK

CYNERGISTEK

I N V E S T O R P R E S E N TAT I O N

slide-2
SLIDE 2

2

SAFE HARBOR STATEMENTS

This presentation contains, and our officers and representatives may from time to time make, “forward-looking statements” within the meaning of the safe harbor provisions of the U.S. Private Securities Litigation Reform Act of 1995. Forward-looking statements can be identified by words such as: “anticipate,” “intend,” “plan,” “goal,” “seek,” “believe,” “project,” “estimate,” “expect,” “strategy,” “future,” “likely,” “may,” “should,” “will” and similar references to future periods. Examples of forward-looking statements include, among others, statements we make (herein or otherwise) regarding the size of the potential market for our services; the number of potential customers/clients for our services; plans and strategies of CynergisTek and its subsidiaries for future growth and performance; market acceptance of our business model; our ability to integrate acquisitions and merged companies; and timelines relating to growth, milestones, and strategic focus. Forward-looking statements are neither historical facts nor assurances of future performance. Instead, they are based only on management’s current beliefs, expectations and assumptions regarding the future of our business, future plans and strategies, projections, anticipated events and trends, the economy and other future conditions. Because forward-looking statements relate to the future, they are subject to inherent uncertainties, risks and changes in circumstances that are difficult to predict and many of which are outside of our control. Our actual results and financial condition may differ materially from those indicated in the forward-looking statements. Therefore, you should not rely on any of these forward-looking

  • statements. Important factors that could cause our actual results and financial condition to differ materially from those indicated in the forward-

looking statements include, among others, the risk factors discussed throughout Part II, Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations, and in Part I, Item 1A. Risk Factors of our Annual Report on Form 10-K for the year ended December 31, 2018; and throughout Part I, Item 2. Management’s Discussion and Analysis of Financial Condition and Results of Operations of our Quarterly Reports on Form 10-Q for the quarters ending March, June and September 31. Any forward-looking statement made by us in this presentation is based only on information currently available to us and speaks only as of the date on which it is made. We expressly disclaim any obligation to publicly update any forward-looking statement, whether written or oral, that may be made from time to time, whether as a result of new information, future developments, or otherwise.

slide-3
SLIDE 3

3

INVESTMENT

Pioneer and leader in healthcare cybersecurity Innovative service

  • fferings filling the

gap in the industry Loyal national customer base with large upsell

  • pportunity

Capitalizing on strong cybersecurity market growth

slide-4
SLIDE 4

4

WHO WE ARE

#1 CYBERSECURITY AND INFORMATION ASSURANCE COMPANY IN HEALTHCARE

2018 Most Comprehensive Cybersecurity Services

TOP KLAS PERFORMER 3RD STRAIGHT YEAR

STRONG RELATIONSHIPS & TRACK RECORD THOUGHT LEADERS WELL-KNOWN INDUSTRY PLAYER TRUSTED ADVISOR MARKET DRIVEN TAILORED SOLUTIONS

CynergisTek has been recognized by KLAS in the 2016 and 2018 Cybersecurity report as a top performing firm in healthcare cybersecurity. CynergisTek won the 2017 Best in KLAS Award for Cyber Security Advisory Services

KLAS

Cybersecurity 2018

Top Performer

KLAS

HIT Advisory Services 2018

Top Performer

KLAS

Technical Services 2018

Top Performer

slide-5
SLIDE 5

5

WHY CYNERGISTEK?

RELATED COMPANIES HEALTHCARE SPECIALIZED KLAS OVERALL SCORE CYBERSECURITY SERVICES CLASSIFICATION CynergisTek ✓ 92.6 Comprehensive Deloitte X 79.8 Comprehensive FireEye** X 89.5 Comprehensive Fortified Health Security ✓ 85.7 Comprehensive Optiv X 87.8 Comprehensive Coalfire X 85.0 Broad PWC X 89.2 Broad EY X 91.1 Broad Clearwater Compliance ✓ 95.0 Advisory Focused

*All information from KLAS Cybersecurity Services 2018 Report - June 2018 ** FireEye (FEYE) – Price/Sales = 3.62, Enterprise Value/EBITDA = -29.01

slide-6
SLIDE 6

6

OUR MISSION

TRUST

To be that trusted partner that enables our healthcare clients to build the cybersecurity and information assurance programs they need to protect and support patient safety and care operations by delivering exceptional service, expertise and knowledge.

EXPERIENCE EXPERTISE

slide-7
SLIDE 7

7

INDUSTRY SNAPSHOT

slide-8
SLIDE 8

8

ATTACK SURFACES CONTINUE TO GROW

GLOBAL HEALTHCARE CYBERSECURITY SPENDING EXPECTED TO EXCEED ~$65B OVER NEXT 5 YEARS

slide-9
SLIDE 9

9

NAVIGATE & PREVENT BREACHES

Ransomware Internal and External Threats Privacy Threats Phishing Attempts Social Engineering IoT Threats

slide-10
SLIDE 10

10

THE SERVICES WE PROVIDE

COMPLIANCE ASSIST PARTNER PROGRAM (CAPP)

CAPP

OPTIONAL SERVICES CynergisTek also offers optional services that can be customized to meet a compliance program’s unique needs. ANNUAL ASSESSMENT An annual extensive review to identify security gaps through the combination

  • f the following:
  • Information Security Program

Assessment

  • Technical Security Assessment
  • Risk Analysis
  • Architecture Assessment
  • Wireless LAN Security Assessment
  • MU EHR Security Controls

Assessment INTERNAL & EXTERNAL TESTING CynergisTek will conduct regular internal and external testing to uncover potential threats.

  • External: Quarterly
  • Internal: Bi-Annually

CAPP COMMUNITY CynergisTek Advisory Service addresses questions, concerns, and advice covering technology, program development and maintenance, and regulatory compliance matters. PERIODIC EXECUTIVE REVIEWS CynergisTek’s executive team leads workshops that are designed to:

  • Review remediation progress
  • Provide guidance on regulatory

changes and security threats

  • Promote knowledge transference

81% OF REVENUE COMES FROM MANAGED SERVICES WHICH INCLUDE CAPP PROGRAMS Recurring Revenue model with 3-5-year contracts

slide-11
SLIDE 11

11

MAKE THE MOST OF YOUR PRIVACY MONITORING PROGRAM

THE SERVICES WE PROVIDE

PATIENT PRIVACY MONITORING AS A SERVICE (PPMS) CynergisTek collaborates with your organization to support functionality of your patient privacy monitoring tool.

PPMS

DESCRIPTION PPMS SELECT PPMS ELITE Audit Program Development ü ü Current & Future State Analysis ü ü Optimization Plan & End User Training ü ü Validation and Testing of Audit Tool ü ü Proactive Audit Reporting Analysis ü ü Incident Documentation and Escalation of Findings ü ü Audit Tool Optimization ü ü Standard Program Reports ü ü Reactive Audit Reports, Advanced Analysis, Advanced Program Reports and Advisory Services ü

*Some services may vary based on monitoring tool capabilities.

slide-12
SLIDE 12

12

THE SERVICES WE PROVIDE

VENDOR SECURITY MANAGEMENT Evaluate and monitor vendors on a regular and ongoing basis. VSM ASSESSMENT APPROACH

  • Initiation: Analyst gets notified of ticket and initiates assessment in RiskSonar
  • Monitoring: Questionnaire/documentation request sent, and assessment progress

updated/monitored.

  • Analysis: Analysis of vendor’s input conducted, and gaps identified upon

assessment submittal

  • Reporting: Single Assessment Vendor Report created; client notified it is ready for

review within RiskSonar

  • Next Steps: Vendors notified of remediation requirements/re-assessments
  • High Risk Vendors: Client is notified of high-risk vendors – client uses Risk

Acceptance or Risk Exception process

  • Risk Exception: If client approves risk exception, vendor is tagged and tracked for

annual renewal VSM DELIVERABLES

  • Single assessment vendor with report outlining security gaps and risk rating
  • Status Updates on vendor participation and escalation of issues
  • Quarterly Program Report covering high-level of the vendor program including

recommendations

Reducing The Supply Chain Risk

VSM

slide-13
SLIDE 13

13

THE SERVICES WE PROVIDE

SECURE AND PROTECT YOUR MEDICAL DEVICES

MEDICAL DEVICE SECURITY TECHNICAL ASSESSMENT A comprehensive inventory of networked medical devices and the associated vulnerabilities. MEDICAL DEVICE SECURITY ASSESSMENT An evaluation of security controls and an identification of gaps or vulnerabilities in the management practices for medical device security. MEDICAL DEVICE SECURITY MANAGEMENT STRATEGY A strategy articulating different risk categories and a remediation roadmap to address the different categories and the unique issues/vulnerabilities. MEDICAL DEVICE SECURITY PROGRAM MANAGEMENT Our service is built to address the security aspects, as it relates to each component of the medical device lifecycle including policy development, pre-acquisition procedures, implementation and security control setup, identifying and reporting vulnerabilities, and coordinating remediation in conjunction with the device maintenance schedule.

Medical Device Security

slide-14
SLIDE 14

14

THE SERVICES WE PROVIDE

24/7 Network Threat Monitoring/Alerting

MANAGED SECURITY SERVICES OFFERING Delivering a complete security monitoring solution and strategic security partnership with healthcare organizations CLOUD, ENDPOINT, SAAS & NETWORK

  • Simple to deploy SaaS solution designed to co-manage

security with our healthcare client

  • Native security for Cloud & SaaS Apps

CO-MANAGED & TRANSPARENT

  • 24x7 detection & response with cyber experts trained in

cloud security

  • Assigned analysts and industry focused teams maintains

continuity & awareness ASSESSMENT AND REMEDIATION SUPPORT

  • Highly skilled experts deliver incident response & recovery on demand
  • A remediation team, with seasoned security professionals to prioritize,

implement and execute the remediation plan.

  • Proactive threat hunting, penetration testing and cyber training

complete the solution

Managed Security Services

slide-15
SLIDE 15

15

THE SERVICES WE PROVIDE

RESOURCE & TALENT TO BRIDGE THE Cyber Skills GAP

CYBERSECURITY REMEDIATION

  • Next steps after a security assessment
  • On-demand seasoned security experts prioritize, implement and execute unique

remediation plan

  • Short- and long-term remediation plan

CYBERSECURITY PROGRAM DEVELOPMENT

  • Utilize best practice standards and guidelines to review, build, and implement

components of your security program

  • Improve the effectiveness of a complex strategy
  • Well-versed in many industry frameworks,

ensuring the alignment of policy charters, program playbooks, and process and procedure documents are a solid foundation STRATEGIC SECURITY STAFFING Alleviate the efforts to source and employ skilled talent for projects that are high priority.

  • Virtual CISO and Privacy Officers
  • Sourcing difficult roles to cost-effective solution
  • Identified to align with your needs for short-term,

project specific, long-term, or temp-to-hire cybersecurity and privacy engagements

  • Advisory services from resources recognized as subject matter experts in the

healthcare industry

Professional Services

slide-16
SLIDE 16

16

Increase Sales Reach, Accelerate Land and Expand Non- Organic Growth Expand into New Markets

MULTIPLE DRIVERS FOR LONG-TERM GROWTH

slide-17
SLIDE 17

17

TRUSTED BY HEALTHCARE NATIONWIDE

  • 250+ customers

nationwide

  • Covered Entities* -
  • ver 1,000

healthcare provider locations and business associates

  • Partnered with 2 of

the top 10 largest health systems in the US

*Covered entities are defined in the Health Insurance Portability and Accountability Act (HIPAA) rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which the department of Health and Human Services (HHS) has adopted standards.

slide-18
SLIDE 18

18

NATIONAL BUSINESS ACROSS DIVERSE INDUSTRIES

65.1% 13.1% 10.5% 9.1% 0.7% 0.7% 0.4% 0.4% Health Care Information Technology Consumer Discretionary Financials Government Industrials Consumer Staples Energy

  • 65% in the Health Care

Industry

  • 13% in the Information

Technology Industry

  • 10% in the Consumer

Discretionary Industry

  • 9% in the Financial Industry

Current Client Mix by Industry

slide-19
SLIDE 19

19

CTEK ALLIANCE

slide-20
SLIDE 20

20

FINANCIAL SNAPSHOT

COMPANY TICKER NYSE: CTEK UNITS: USD

Price (as of 3/29/18) $4.97 FD Shares Outstanding** 9.9M Market Cap $49M LTM Revenue** $22.7M Cash** $12.4M* Long- and Short-Term Debt** $2.3M

** Data as of Q1 2019 and includes recent sale of MPS division *Excludes tax liability of the sale of MPS

slide-21
SLIDE 21

21

FINANCIAL HIGHLIGHTS

REVENUE & GROSS MARGIN

2017 2018 Q1 2018 Q1 2019

Managed Services Professional & Consulting Services Equipment & Software

52% 48% 44% 40% $17.5 $21.3 $4.4 $5.8

F Y ’ 1 7 t

  • F

Y ’ 1 8 T

  • t

a l R e v e n u e : 2 2 % Financial Highlights ($Millions) – Expanding New Revenue Lines to Focus on Growth Q1’17 to Q1’18 Total Revenue: 32%

*Data excludes discontinued operations

slide-22
SLIDE 22

22 InvestorRelations@cynergistek.com cynergistek.com

NYSE AMERICA: CTEK

THANK YOU!