Watch to learn how our values as a company directly contribute to the security and compliance at the organizations we work with.
Having issues accessing the video above? Watch the video here.
“Our customers choose SecurityMetrics and stick with SecurityMetrics because we value quality over quantity,” states Jason Leland.
When we provide a service, we are ultimately looking to remove you as the low-hanging fruit for hackers, and our customers appreciate that underlying goal. Jason outlined for attendees the excellent service and security we’ve provided to notable customers, including Carnegie-Mellon, who reported that SecurityMetrics helped them “build credibility with campus stakeholders and allowed them to confidently report their compliance.”
Jason Leland explains how our values as a company directly contribute to the security and compliance at the organizations we work with; philosophies like proactivity vs. reactivity, a focus on security, and customer education that help give SecurityMetrics an unparalleled reputation for quality. Because SecurityMetrics is a full-service cybersecurity firm, customers often use the PCI DSS compliance product as a gateway to other professional services that address security gaps. We seek to keep communication high, simple, and fast throughout the entire process.
This webinar was hosted on September 24th, 2020, as part of SecurityMetrics Summit 2020.
Hi, everyone. Thanks for coming to my presentation today.
We're gonna be talking about well, my title's right there, why I partner with SecurityMetrics for data security and compliance.
So just a brief introduction for myself. My name is Jason Leland. I'm the director of our enterprise sales team here at SecurityMetrics, and I've been with SecurityMetrics for almost ten years now on the technical sales side. And so the the team that I'm with, we primarily facilitate, projects for, the professional services side of the organization. So, if you're looking for pen test, audit, forensics, really any data security needs, I would help, with the sales side and also the transition to fulfillment for your project.
So today, we're gonna be covering, information about SecurityMetrics so you can learn a little bit more about who we are and what we do.
We're gonna be talking about why security and compliance is important to your organization and, you know, reviewing some numbers and statistics and some lessons learned from SecurityMetrics from last year, as a company. We're gonna be talking about some of our industry experience and qualifications and what sets us apart from other potential vendors that you might, come in contact with or receive proposals from. And so you can see what really sets us apart as a company, and then reasons to partner with us, if that's what you guys decide to do. So, hopefully, we'll we'll be able to give you enough information so you can learn about who we are, what we do, and and and why we consider ourselves the, the best in the industry.
So just briefly, SecurityMetrics, we were founded in two thousand. We started out as a small security company specializing in vulnerability assessment scans, and we transitioned into a global leader of data security and compliance solutions. We're headquarters in headquartered in Orem, Utah.
In SecurityMetrics, we continue to provide expert security and compliance services needed to protect organizations in the world. So you can kinda see from the slide there, you know, what you know, data security and compliance, that's what we do. And, it's we've always had the goal, and and it's always been, our, personality as a company to protect our customers so they're not breached. When we provide a service, ultimately, that's what we're looking to do.
Either remove you from being the low hanging fruit to to compromise in a potential malicious actor, or just improving your overall security posture and, depending on where you are as a company at the time.
And that's our our mission statement there, close data security and compliance gaps to avoid data breach.
So we've we've had the privilege to work with thousands of great businesses over the years, you know, since two thousand, and and always having the goal of improving their security and helping them meet their compliance goals. And so here's just a brief customer quote, and and these are filtered throughout my presentation. So so I apologize, but give you some time to read that. Here's what the Carnegie Mellon team had to say about SecurityMetrics.
And and this it's a common review that we get, from a lot of our customers. Just a review of our understanding of PCI. I mean, that's where our our company really was born and and got our start and our break from was, being a approved scanning vendor in the PCI space. And we've kind of branched out to other, not just data security, but within PCI to be a QSA, a PFI, and and we'll explain what those organizations are and what that means.
But PCI is really our our bread and butter, although we offer a lot of data security, services, and and I'll explain those in in a bit.
So why are security and compliance important?
So we always say, yeah, be be proactive, about security and not reactive to compromise. So don't wait to improve your security posture even if it's doing just the little things. You know, you don't have to take it in in, you know, big chunks. You you can do little things to improve your overall security posture and a lot of things that other companies aren't doing. And, you know, we do that to reduce the risk of compromise, protect your brand, and then help you with confidence handle sensitive data, that might be flowing through your your environment, your business, your process.
And to be honest, you know, and I think most might relate to this.
Most companies, they go into business to sell their products. They wanna make money, and security is often looked at as an additional expense.
And we hear often the phrase, if I'm compromised, you know, I'm I'm such a small target, nobody will will come after me. I'm I'm not gonna be compromised. I'm not the right business type. I'm not big enough. You know, we we hear a lot of that just in our day to day conversations with with companies. And what we found is nearly every organization will experience system attacks from a variety of sources, and that could be due to inherent security weaknesses in systems or technology.
Some organizations have systems, environment, software, and website weaknesses that can be exploited by attackers from the day their environment is is set up even, you know, and and they continue to operate as a compromised business since they, you know, stood up their first environment.
In other cases, an organization becomes vulnerable because they fail to apply security patches over time and make system modifications without properly updating, related security protocols. And we see that often and tell our customers that security and compliance even isn't really about being secure at a point in time. It's ongoing.
And so over the years, we've seen repercussions from a breach to many organizations. And some of those repercussions are, I guess, examples of those could be financial loss, and that comes in many, ways, shapes, and forms.
Most commonly, it's, you know, fees and fines or the cost of a forensic investigation.
We see damage to your brand. We see, a loss of trust in your partners and or your customers depending on, you know, whose data or what data is compromised and leaked and how it's used and how you recover from that.
There could be, you know, legal and civil ramifications from partners and companies. And then it's also a huge operational disruption.
Most of the time when you're compromised, the first instinct you have as a business is just to shut down and unplug. You know? So that's the quickest way to stop leaking data and and stop stop the bleeding. So anytime you do that, depending on your business, if you're, you know, a a physical, more retail or restaurant or even if you're, like, website with a payment page and you're mostly doing online business. I mean, turning off is is bad for business, and and there's a lot of different ways to have a loss from a compromise. And we'll go further into that as well. But we always say, yeah, be proactive.
Keep yourself from being that low hanging fruit, and and don't let the more, you know, lazy, malicious hackers, hackers that are just looking for the easy target, don't let your business fall into that category. You know, do the little things even now if that's all you can do to just increase your odds of, not being a part of a potential compromise.
And so I wanna review some of the findings from our forensics team from two thousand nineteen. They put together some of these statistics that I'll that I'll run through with you briefly.
Let's see. So here's the slide. A lot of good numbers and details in here, but I wanna kinda explain what some of these definitions or or words mean.
You know, you'll see exfiltrated.
We define that as the unauthorized transfer of data from the system.
Captured, that means the time that data is being recorded, gathered, or stored from an unauthorized source and then vulnerable, a state in which a weakness in the system, environment, software, or website could be exploited by an attacker.
So you see those first two stats there. I think these ones are the most shocking, and they've actually come down over the years and and have gotten better.
But the first two, cardholder data was exfiltrated for an average of five hundred and thirty two days. And then the second one, cardholder data was captured for an average of five hundred and thirty two days. And I think some some might look at these and say, this is like the same number. Right?
What's the difference between these? But what it does is it paints a picture and shows that, you know, when when hackers or malicious actors are inside your environment, they don't just snoop around for a day, see what they can find, right, and then move on to the next thing. They they typically will, you know, put some piece of malware with inside your environment, and they'll keep digging as long as you let them until they're discovered. And they try to disguise and camouflage themselves the best they can.
But it's not just like, hey. We've compromised our environment. We've gotten some data. Let's run.
Like, you might see someone robbing a bank. Right? It's all about time.
No. They these guys sit in there for years before they're discovered, and this is just average numbers.
Some of our cases, it goes much longer than this. And I remember when I first started working with SecurityMetrics, the numbers back then were were staggering.
And that was, you know, near ten years ago.
But, yeah, they they sit there for as long as they can till you discover them and kick them out. It's not like I said, like, where they rob a bank and try to get away as quick as they can. They'll they'll keep digging. So as you add new data into your environment, you store new data, whatever that data might be, and, they'll take as much as they can or whatever they can as as long as they can.
Sixty six percent of organizations were breached through remote execution slash injection, and this stat is very, applicable to what we're going through now. Most of our organizations and most organizations have employees working from home, And now they're operating by remote access to get the data that they need to do their job. And if anyone's gone through, you know, PCI audit, a SOC audit, or or any of these data security assessments, you continually hear access, access, access. They wanna review your access. Because of this reason, the majority of breaches in a number of different ways, and there's there's lots of different ways to be compromised, sixty six percent of those are around one, you know, fatal flaw, and that's insecure remote access. And it's been that way for years.
And so, you know, we always use the example of, you know, small business. Right? They they get set up and they're they're working in the shop in and out every day. And then all of a sudden, their their, whoever's providing their equipment says, hey.
You know, you can access this data from home. All you gotta do is turn on this setting. And they're like, man, that's great. That would simplify my life.
I don't have to come into work every time I wanna do my payroll or get this data that I need to to fulfill my job. And so they turn it on, not knowing that they're now presenting potential vulnerabilities to, to them as a business. Right? And how they're accessing that data and that others might be able to now use that remote access to also access their data, which they really enjoy because they don't have to go to your location.
But it's it's very common to us now. So, yeah, reviewing your ask access, make sure that, you're not, leaving yourself open or opening doors for others to compromise your business.
Seventeen percent of organizations were breached through ecommerce skimming.
This is more, you know, if you have a a payment page. Right? You have a payment page and you have, dynamic forms with inside that page so a user could enter data.
And and it could be, I don't know, name, email, address, and it could be credit card data. Right? It could be Social Security number. It could be more, sensitive data.
But, essentially, what hackers what we're finding is they're they're injecting malicious code into the page to pull that data when it's just even typed into the field. You don't have to push enter at any point. They can they can scrape the data from the field as it's being typed, and and taken. So if you code and go to make a purchase and you type in your credit card, you're like, actually, maybe I don't wanna do that. Your card data's already gone. It's incredible what they're what they're doing these days.
The average organization was vulnerable for six hundred and ninety nine days. So security, like I mentioned, it's it's ongoing.
There are always, consistently new patches and, additional security features need to be added to keep you protected from new exploits and for to keep you from being that low hanging fruit, which I keep mentioning. But have a plan. You know, have a plan to continue improving your organization, your security posture.
You know, we see a lot of companies doing risk assessments and and having risk management plans. And I think that's one of the most crucial things here is, a lot of companies don't know where their weaknesses are. And so having a third party come in with a fresh set of eyes to review, the potential risks that you're imposing on whatever data that you might have or your customers or, you know, whatever it may be, Identifying that risk and then working with you to build a plan that you can then present to your partners and say, we understand these are our risks and here's our steps that we're taking to, remediate the risk and or lessen the risk that's presented to the data that you might be handling.
Eighty three percent had firewalls in place at the time of compromise.
So it's not just about, hey. Let's buy a firewall. It's gonna protect us from the outside. No. It's it's you gotta look at those access controls and review the firewall rules and make sure that the security on those firewalls is up to snuff to make to to keep those, bad actors out of out of, your business. And then seventeen percent of organizations were be breached through malvertising, which is very common as well. So to keep yourself from being another statistic here and and showing up in the report, it's important to continually review your security risks as an organization and have a plan to remediate them.
So industry experience and qualifications. So learning a little bit more about SecurityMetrics.
Though those on our fulfillment team, we hold all sorts of certifications that have to do with security.
Not only security, but they have to do with compliance as well. So you'll hear things, you know, and I and I mentioned how we were kind of started in in the PCI world. So we're a QSA, which is a qualified security assessor.
We also have certifications like, PA QSA, which is in the payment application side of compliance. So if you see, like, the payment applications on terminals. We can we can audit those and and ensure their compliance and security.
Point to point encryption, which has been very popular over the past couple years.
So we have P2PE QSAs, and then there's also p two p e PA QSAs and PCI and secure and data security. I feel like they love acronyms and they're tongue twisters, but point to point encryption payment application qualified security assessors.
Essentially, we can do it all, in in the PCI space. And then the more general network security, search like CISSP, CISA.
I mentioned we're an ASB, which is an approved scanning vendor. We're a PFI, which is a PCI forensic investigator.
And then, HCISPP, which is more the health care side, and then OSCP for our pen test members of our pen test team. That's the penetration test offensive security, cert certified professional.
So, yeah, certifications are great. You know? They they kinda help publicize that, hey. We're we're a security company.
But what I feel really sets us apart for the past fifteen years, and you can see fifteen years experience helped over a million customers. You know? What really sets us apart is I feel the way that we we hire our team, and the members of our team and and who's here working on the day to day. We we hire members of our team that are have a wide variety of security specific to customer types.
You know, we we want an assessor or a pen tester that's familiar with how you do business.
You know, it's not just about, hey. I I know security. It's, hey. I'm I'm processing credit card data, completely ecommerce.
I'm hosting the cloud. Like, what are my potential risks? And then we can relate to you as a business, to help you secure the data based on how you do things, within your industry. So, you know, there's not many curve balls that you'll throw past our team.
And even if you do manage to throw a curve ball past one of the assessors, they have a great network of QSAs that are working for SecurityMetrics and their management that we can we can find someone familiar with your experience and what you're going through and provide a customized and tailored approach to helping you secure your business and also meet the the compliance requirements that you're chasing as well. So I feel like this approach and the people that we have here, it's it's really built a lot of confidence in our customers knowing that they will get an answer that's specific and and tailored to to their business.
So some examples of that, and I'll and I'll throw out some names here. So maybe if we have any current customers, you'll you'll know and and you'll hear some of these auditors' names. But, one of our auditors, Mike Mahn, you know, he comes from, working with the security side for for data centers. And he's been able to help, you know, he primarily works with majority of our data center customers, but he's been able to help them through their PCI validation.
And data centers are unique because they don't need to comply with everything, within the twelve standards of, like, PCI DSS. But what they do need to comply with, they need to get it right. And so Mike has been a huge asset in understanding what their experience is like going through compliance validation, to help them not only just streamline that process, but really focus and hone in on security aspects of of that assessment, to make sure that they're protecting themselves as a business and and helping them make those business decisions.
Mark Minor, he has experience in in in the hospitality industry. And so we we put that experience to work helping customers understand each process that potentially affects the security of sensitive data specific to hospitality.
You know? And I and I believe it's it's specific to to hotels.
And for a long time, it seemed like a lot of hotels were being compromised.
And we would get in there and they're like, we're we're secure. Here's our POS. Here's our front desk. Here's where we're taking all these transactions. And then the the assessor or the the the investigator would look over and like, well, what about the restaurant? You know? And so each each business type can have its own potential way of handling car data that's important to understand.
Mike Simpson, it was has been doing the same thing for years and IT related, work with universities.
And they have a complex network of merchants within the university. And so identifying each of those u unique processes like the bookstore and the restaurant restaurant and, you know, however, you know, you're renting just equipment for, you know, playing basketball or rafting or whatever it may be. There's so many different ways that universities handle credit card data, and Mike has been able to help a lot of, universities kinda understand what compliance looks like looks like to them.
So these are our our three main core professional services groups, penetration testing, audit, and forensics.
So we use these three core services to continually benefit each other. And so each service benefits each other essentially. If you're only using our pen test service, you can have comfort in understanding that it's benefited from the lessons learned from our forensics team And as they communicate and discuss the most recent vulnerabilities and vice versa, right, we're benefiting from the information lessons learned each year.
The experience relates, to or this experience really set it to multiple customers, but I had a customer specifically come to us requiring a forensic investigation.
This customer had been breached through a vulnerability exploited in one of their environments.
The breach had happened almost a year prior to engaging our forensics team, which is shocking.
It's crazy how long they're in your environment before you find them.
And our forensics team helped them stop the bleeding and remove malware infecting multiple systems that the malicious actor was able to pivot to.
Then they engaged our pen test team for a full penetration test, so they kinda widen the scope there. And with the understanding from the experience coming from our forensic investigation, our pen test team identified that scope for a fuller look into how how to secure this customer systems, and how secure they actually were. So our pen test team was able to find many more potential back attack vectors that the customer was able to remediate to button up their security.
The customer then moved on to our audit team to help them understand their organization's risks and to build a prioritized approach to reducing those risks. So a lot of work was done in their security policies and procedures, bringing understanding to the organization on how sensitive data is accessed.
So they're able to build a plan of action and present this to their organization to increase the awareness and importance of the overall security for the organization.
This customer now does yearly assessments and penetration testing with us and SecurityMetrics, just to have SecurityMetrics stay on top of their security needs and, help them as an organization. So it it kind of we've we've changed their mindset from, you know, security being a, and I use air quotations, nice to have to a need to have mentality.
And, you know, some of you can relate to this sitting in in your positions of I you know, you might be responsible for security, but your organization might not have the same response to security. You might still see it as an additional expense. But through some cost effective services, we can help you kinda outline that plan of, hey. You know, we're presenting our risk as an organization to you, and here's what we need to remediate that risk and protect ourselves better from potential breach. And so this example just shows how our services complement each other and how we can offer a full third party service review to help your organization reach your goals or gather the data needed to bring awareness to your security needs.
So here's another customer quote, that you can read through really quick.
And thanks, John, if if you're watching. But like I said, it's it's a very common, review of our of our business. Right? Is is we we work to to help people quickly and and and effectively, and our our mentality isn't to just check a box.
It's to help you secure your business moving forward. We're we're trying to ensure that you're not going to be compromised in the future. So we might look at it as and just this this customer needs us to be compliant, so we just need to check a box and move on. It's like, yes.
That's great. We can help you get there. But along the way, let's improve your security while we're working together.
So here's a few members of our team.
It's not all of them. I say meet the team, but there there are plenty more members of the team.
You know, and and it kinda goes back to our diversity beyond certifications.
And so you can see, like, Gary Glover is is the the VP of our assessments. And before, SecurityMetrics, he worked with NASA. And so we we always say we have a rocket scientist on our team.
You know, and then you have Dave Ellis who's, the VP of our investigations and heads up our forensics team, and he was a cop in in I think it was, San Francisco. We use a cop in in Oakland, for twenty five years. And and he has that experience to back up now all the cyber, investigations that that he's doing now. And then Chad Horton, who leads up our our pen test team, has sixteen years of IT experience and has done over a hundred penetration tests.
So we offer just a wide variety of, experience within our teams, and and it starts from our leadership down. And so the SecurityMetrics teams has that real, decades of of real world experience and hands on experience in PCI, network and data security, information systems administration, database administration, encryption, computer programming, network architecture, more. So we have extensive experience working with large global enterprise with their, distributed networks and multiple card data processing environments. And it's our goal to have every customer we work with be pleased with our superior customer service and attention to detail.
You know, our our customers primarily choose SecurityMetrics and stick with us because we're very much, quality over quantity, and they appreciate the quality of service and piece of expertise that we provide.
So another another customer quote for you.
This one's a little bit longer, so I'll I'll I'll give you a second to read it.
But, you know, it just kinda echoing that that same, same feeling. So, helped a lot of lot of customers over the year and over the years and, you know, customers that that go with us typically tend to stay. We keep our customers for a long time because of these types of experiences.
So re reason to to partner with SecurityMetrics.
I'm I'm gonna review now, you know, some of our processes and and our approach to how we work with you as a customer. So, you know, over over the years, we've tweaked our audit process to improve the customer experience, and we've really dialed it in. We understand the key to any effective project is consistent communication, successful implementation, and timely reporting.
Our project team's methodology and processes ensure that milestones are met, challenges are communicated, and reports are delivered on time. We take those points seriously. We wanna hit those things. So a big part of our sick of your success comes in our upfront effort to outline your scope, review your data flows, identify gaps against your specific requirements, and remediate items early on. And we call it, you know, setting you up for success. And and the specific name for this portion of our assessment is the initial audit review where the bulk of the work is done to make sure that, you know, when when we get on-site, we want you to pass. You know, we wanna identify the majority of issues that that need to be remediated prior to coming out and and fulfilling on the assessment.
And we we assign our most senior assessors to this part of the audit process.
This approach helps us provide a personalized assessment considering the unique elements of your business and your goals as a company and what you're looking to accomplish.
You know, throughout any of our professional services, you're provided with a minimum of three points of contact. This typically being your account manager, which is on the sales side, a coordinator, and then either your assessor, your pentest analyst, or your forensic investigator depending on the service you engage for. This simplifies communication and speeds up the turnaround on answers to your questions. So in addition, we manage the workload of each fulfillment resource to ensure that they have the time needed to assist you, the customer, and meet your deadlines. And we try to provide as much of a hand holding experience as we can, by not overwhelming, the analyst or the assessor assigned to your project. We wanna make sure they have time to, thoroughly and thoughtfully respond to your questions and help you throughout your project.
We've received great feedback, on the project management tool that we utilize for every project.
And so I'm gonna I'm gonna actually turn some time over to to Jake who's recorded a demo for us. He's one of the audit coordinators on our on our assessment side. And so the the demo that he's gonna do is is a review of our, PCI DSS assessment, what that looks like in our in our project management tool because we feel like this is one of the things that sets us apart as a as an organization. So I'll I'll turn some time over him to explain this for you.
Oh, sorry.
Today, we're going to be taking a look at Sirolink, which is a tool that we use for creating and tracking tasks, exchanging files, and overall just to help the audit process, move along more smoothly.
So upon logging in, you'll see under active engagements is a list of, projects that are currently in progress.
This is nice because if you're a larger company such as a university or a restaurant chain, you can have anywhere from five to fifty engagements going at a time, but it also works great if you're just a single company.
You can take a quick high level glance at the progress of each project from here. And, on the bottom left, you'll see a list of what's called my team.
This is the personnel from your company that we've added to help work on these projects.
One other nice feature of SureLink is I'm gonna hop over real quick to the, view of SecurityMetrics to show you this. But if you have, you know, over twenty or thirty people and they don't wanna have access to all the engagements at a time, you can restrict who has access to which engagements. I just have to request that through us.
So that's the company team. Over on the bottom right is the SecurityMetrics team. This is the personnel from SecurityMetrics that have been assigned to the project. It gives you their email address so you know who to contact if you have any problems or questions.
So now we'll go ahead and take a look at one of the engagements.
And once you click on it, you'll see a list of all of the requests. Clicking on any of those will give you a more descriptive, kind of a better description of what we're looking for to close the request. And you'll notice on some of these is a link with firm provided files.
These are documents or files that we've provided to you to help you with completing the request.
Each request has three statuses. There is outstanding, which is this blank status. This is how they all start.
Once you attach a file, which we're gonna do now, you'll get a little yellow exclamation point, which means it's fulfilled. This will flag it for the QSA's review.
If any of them are returned, you'll get this red x here. And in that case, you'll want to scroll down and check the comments. So I left one for myself here. It says pre please revise and update your network diagrams. This is just a description of what needs to be done in order to fulfill that requirement.
Now if you ever have a request that, is outstanding but you don't have a file to attach, you can change the request here manually to fulfilled.
Or if a file, that is attached to another request will fulfill this one, you can change it to fulfilled and leave a comment explaining that.
Once the requirement is is fulfilled, it'll turn green. One other thing I wanna note here is we break up all of the requirements, into different sections for each of the requirements for the PCI DSS. So it's easy to navigate between each section here.
When it's fulfilled, though, you'll get this little green check mark, and it'll, yet be closed.
That was just a high level look at Suralink. If you'd like a more in-depth look or have any questions, please feel free to reach out to your account manager.
K.
K. Thanks, Jake.
So that just gives you a deeper look into, kind of the customer experience and and the solution that we use to help, manage the project for for your assessment and also for your penetration test. And and it's really simplified things for just the customer experience and also the management experience that we have and the reporting side so you can continually keep, you know, executives or or team members in the loop and making assignments has been a great tool that's benefited us. So if you have questions on that, we're we're happy to answer as well, and I'll leave my details in this presentation.
So, you know, here at SecurityMetrics we put security first, and I'd mentioned that. You know, we take security very seriously, but we want we want to ultimately ensure the organization is not compromised, and we we provide a high quality customer experience. So here's just some of the things that, show evidence to that, that we have a ninety percent renewal rate for our auto services last year. We found that to be a great success. We we retained a lot of our customers, and we had, really good reviews. And and, you know, so we always recommend that if if you're looking for an assessor and and and SecurityMetrics, someone you're considering to, take us up on our references and talk to the our current customer base, and and we we, know you'll receive a a good review.
So our primary lead sources are referrals from customers. So we don't just earn their business, but they they, tend to send us more business, and they entrust us with their colleagues and other businesses. And, you know, we've always really appreciated that.
And like I said, security measures is about quality over quantity.
So this is my last one, I promise. My last customer, quote here.
But, yeah, you know, people are coming into this as a first time assessment, customer or they've been doing it for years and years. You know? We've we've worked with people that have a whole team of resources behind and and backing their project to get things done quickly, and we've worked with, you know, that that individual that's wearing about a thousand hats. You know, everyone is different in their approach to compliance, but we can help them all. And and and we can ensure that they have a good customer experience and help them achieve compliance as quickly as possible, and and also to ensure that they're secure at the end of the day.
Here's just a list of our products and services from, we we have kind of three sales teams here at SecurityMetrics. We have the professional services side, which is which is the team that I'm a part of. We also have, compliance that helps a lot more of the mom and pops and and, the customers that, have lower sick have lower compliance requirements, I guess you could say. And then we have the, program side or the channel side that works with a lot of, banks and, typically customers that have portfolios of businesses that need assistance with their data security needs. And you can see some of the services that we offer there.
So I I appreciate I appreciate you guys attending my short presentation. Hopefully, I didn't put anyone to sleep here, and I was able to provide some value, during my time that I had you. So if you have any additional questions, I'm I'm happy to answer them, happy to jump on a call or respond to emails.
This is my contact information. So please reach out.
We're we're happy to talk about our business, obviously. We have a bunch of people here today that are that are willing to do it. So hopefully, you learned something. I appreciate you attending the summit, but reach out if you have any questions. We're happy to chat. Thanks so much.
.svg)
