CYNERGISTEK C O R P O R AT E S T R AT E G Y N O V 2 0 1 9 NYSE - - PowerPoint PPT Presentation

NYSE AMERICAN: CTEK

CYNERGISTEK

C O R P O R AT E S T R AT E G Y N O V 2 0 1 9

Confidential and Proprietary to CynergisTek Inc.

2

SAFE HARBOR STATEMENTS

This presentation contains, and our officers and representatives may from time to time make, “forward-looking statements” within the meaning of the safe harbor provisions of the U.S. Private Securities Litigation Reform Act of 1995. Forward-looking statements can be identified by words such as: “anticipate,” “intend,” “plan,” “goal,” “seek,” “believe,” “project,” “estimate,” “expect,” “strategy,” “future,” “likely,” “may,” “should,” “will” and similar references to future periods. Examples of forward-looking statements include, among others, statements we make (herein or otherwise) regarding the size of the potential market for our services; the number of potential customers/clients for our services; plans and strategies of CynergisTek and its subsidiaries for future growth and performance; market acceptance of our business model; our ability to integrate acquisitions and merged companies; and timelines relating to growth, milestones, and strategic focus. Forward-looking statements are neither historical facts nor assurances of future performance. Instead, they are based only on management’s current beliefs, expectations and assumptions regarding the future of our business, future plans and strategies, projections, anticipated events and trends, the economy and

• ther future conditions. Because forward-looking statements relate to the future, they are subject to inherent uncertainties, risks and changes in circumstances

that are difficult to predict and many of which are outside of our control. Our actual results and financial condition may differ materially from those indicated in the forward-looking statements. Therefore, you should not rely on any of these forward-looking statements. Important factors that could cause our actual results and financial condition to differ materially from those indicated in the forward-looking statements include, among others, the risk factors discussed throughout Part II, Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations, and in Part I, Item 1A. Risk Factors of our Annual Report on Form 10-K for the year ended December 31, 2018; and throughout Part I, Item 2. Management’s Discussion and Analysis of Financial Condition and Results of Operations of our Quarterly Reports on Form 10-Q for the quarters ending March, June and September. Any forward-looking statement made by us in this presentation is based only on information currently available to us and speaks only as of the date on which it is made. We expressly disclaim any obligation to publicly update any forward-looking statement, whether written or oral, that may be made from time to time, whether as a result of new information, future developments, or otherwise.

Confidential and Proprietary to CynergisTek Inc.

3

Topics For Today

Market Direction

• The latest data and opportunities we see in the healthcare security and privacy market

100

First 100 Days

• Growth strategy coming out of the first 100 days as President and CEO

Backbone Consultants Acquisition

• Accretive growth executing on our strategy

Q3 Earnings

• Earnings call scheduled for November 11th at 11AM EST

Confidential and Proprietary to CynergisTek Inc.

4

Highly Targeted Industry

• Every year Healthcare is in the top ten most likely to be attacked industries1
• New research shows that 59% of all threat actors attacking the Healthcare industry come from the inside2
• One in eight Americans have had their medical records exposed in a data breach5

Highest Cost of a Data Breach

• New research shows that data breaches in Healthcare are 65% more costly than breaches in any other industry
• Average cost of a Healthcare data breach is $6.45M or $429/record3

Skills Gap to Address the Problem Continues to Widen

• 300,000 open security jobs in the United States and over 2 million world wide4
• Particularly problematic for health systems outside major metropolitan areas

Healthcare Remains Largely Unsophisticated with Information Security

• Only 26% of the healthcare market is using two factor authentication – less than half the rate of the rest of the industry
• Healthcare workers average 71 passwords per employee and reuse passwords across 10 systems on average6
• Networks are almost universally not segmented

Rise in Ransomware and Destructive Attacks has Kinetic Implications

• In the first 10 months of 2019, 140 local governments, police stations and hospitals have been held hostage by ransomware attacks
• In September a California provider was forced to close as they could no longer access medical records8
• In October three hospitals in Alabama had to turn away patients due to a ransomware incident9

Increasing Regulatory Pressure in Adjacent Markets

• There are now 52 different breach disclosure laws in the United States and they are all different10
• Fines are becoming real with GDPR leading the way: British Airways was fined 229M Euro; two hospitals in Europe fined over 400,000 Euro11
• California Consumer Privacy Act comes into affect in 2020 and is modeled after GDPR
• First cybersecurity claims have been paid under the False Claims Act

Healthcare Security Market Direction

Confidential and Proprietary to CynergisTek Inc.

5

Strategic Imperatives

Deliver growth from areas of strength

Return to Growth - double digit growth rate by mid next year with a focus on managed services growth

• Continue and strengthen CAPP growth with Threat Intelligence
• Grow and mature privacy monitoring, medical device monitoring and vendor security
• Optimize offerings and address strategic gaps
• Reboot penetration testing / red teaming offering
• Backbone Consultants acquisition

Reduce Managed Services Delivery Backlog

• Focus on maintaining customer satisfaction

Build a team for success

Strengthen our Team

• Invest in stronger security and privacy skills

Rebuild go-to-market

Rebuild Go-To-Market

• New leadership
• Return sales team to full strength
• Elevate communications and brand awareness
• Reboot digital presence

Control costs

Balance Infrastructure and Overhead Requirements

• Redeploy some resources to delivery and R&D
• Targeted cost reductions over the next six months

1 2 3 4 5

Confidential and Proprietary to CynergisTek Inc.

6

IDENTIFY PROTECT DETECT RESPOND RECOVER

▪ Asset Management ▪ Business Environment ▪ Governance ▪ Risk Assessment ▪ Risk Assessment Strategy ▪ Supply Chain Risk Management ▪ Access Control ▪ Awareness and Training ▪ Data Security ▪ Information Protection Processes and Procedures ▪ Maintenance ▪ Protective Technology ▪ Anomalies and Events ▪ Security Continuous Monitoring ▪ Detection Processes ▪ Response Planning ▪ Communications ▪ Analysis ▪ Mitigation ▪ Improvements ▪ Recovery Planning ▪ Improvements ▪ Communications

NIST Cybersecurity Framework

Confidential and Proprietary to CynergisTek Inc.

7

IDENTIFY PROTECT DETECT RESPOND RECOVER

CynergisTek Services Strength

Emerging Opportunity With Destructive Incidents & Data Manipulation CynergisTek Services Strength

Left of Boom Right of Boom BOOM

Security Product Marketplace 1200+ vendors

Confidential and Proprietary to CynergisTek Inc.

8

IDENTIFY PROTECT DETECT RESPOND RECOVER

Emerging Opportunities

Emerging Opportunity With Destructive Incidents & Data Manipulation

Security Runbooks Response Planning Incident Response Incident Management Crisis Communications Immersive Simulation Business Continuity

CynergisTek Services Strength

Left of Boom Right of Boom BOOM

Security Product Marketplace 1200+ vendors

Confidential and Proprietary to CynergisTek Inc.

9

IDENTIFY PROTECT DETECT RESPOND RECOVER

Uniquely Positioned

Left of Boom Right of Boom BOOM

STRENGTH IN IDENTIFY ENABLES RESPONSE Trusted Advisor at the Executive Level Respected Security and Industry Knowledge Up-To-Date Local Knowledge of Environment Understanding of Business Risk and Impact

Emerging Opportunity With Destructive Incidents & Data Manipulation

Security Runbooks Response Planning Incident Response Incident Management Crisis Communications Immersive Simulation Business Continuity

Confidential and Proprietary to CynergisTek Inc.

10

KEY HIGHLIGHTS

Backbone at a Glance:

• Provides cybersecurity, IT Audit and compliance and data privacy consulting services.
• Led by seasoned team of former Big 4 executives who built an organization of talented and certified professionals.
• Trusted advisor to some of the largest and most respected companies in healthcare and other industries.
• 99% Client Retention with multiple Fortune 1,000 clients.
• #1 leader in the Drug Enforcement Agency (DEA) Electronic Prescriptions for Controlled Substances (EPCS)

compliance third party audit market and trusted by the top EHR vendors to certify product security.

Confidential and Proprietary to CynergisTek Inc.

11

$21 $43 $8 $24 $- $10 $20 $30 $40 $50 $60 $70 $80

2018 2019 2020 2021 2022 2023 2024

Millions

Five Year Revenue Growth Strategy to $75M

Organic Adjacent Markets M&A

OUR MISSION: LONG-TERM GROWTH

$75M Revenue Target M M M M

Confidential and Proprietary to CynergisTek Inc.

12 InvestorRelations@cynergistek.com cynergistek.com

NYSE AMERICA: CTEK

THANK YOU!

Confidential and Proprietary to CynergisTek Inc.