The document outlines a cybersecurity webinar focused on managing risks for small businesses, emphasizing that size does not mitigate vulnerability to cyber attacks. It details a five-step risk management process, including identifying critical assets, threats, and vulnerabilities, assessing risks, and creating management strategies. The presenter advocates for proactive risk management, noting that many small businesses are unprepared and often in denial about their cybersecurity needs.

1. Cybersecurity Webinar Series
5 Steps to Managing your Risks
“Size Doesn’t Matter”

2. Presenter
• William J McBorrough, MSIA, CISSP, CISA, CRISC, CEH, CCSFP
• Managing Principal, MCGlobalTech
• 17 years Information Security Professional
• 9 years Adjunct College Professor
• Security and Risk Management “Expert”
• Small Business Owner

3. The PROBLEM is Real
• FACT: Cyber attacks on small business
are on the rise
• FACT: The impact to a small business is
much greater than larger counterparts.
• FACT: Most small businesses aren’t
prepared to face this reality.

4. The PROBLEM is Real
• Small Businesses are in denial when it comes to
cyber risks. Common excuses are:
• “We’re too small.”
• “We can’t afford it.”
• “It’s too complicated.”
• “Our IT guy is taking care of it.”
• But that’s not all, is it?
• More pressing priorities
• Competing demands on
time, resources and energy

5. Sources of Cyber Information
Security Vendors want to see their products.
“If I’m selling hammers, I’m only interested in
your nails. I’m not concerned with the fact that
your screws are all falling out” - WJM
News media reports are
focused on sensational
stories. Large brand names.
Millions of affected users. A
small business getting hacked
is not sexy.

6. Risk Driven vs. Controls Focused
Security
“Technology”
Risk Management
“Business”

7. Case Study - Size Doesn’t Matter
Meet Sam
Solopreneur = Sam, Inc!
 “Always on the Go!”
 “No office space.”
 “No Infrastrure”
 ”No Employees”
 ”No Security Program”

8. Risk Management Step 1
1. Identify Critical Asset
• Communication
• (Calls, Email, Text, Social Media,etc)
• Data
• (Contacts, emails, files, Photos, Videos,
etc)
• Apps
• (Productivity, Financial, etc)

9. Risk Management Step 2
1. Identify Critical Assets
2. Identify Threats
I. Gravity, Clumsy
Fingers
II. Thieves, Faulty
Memory
III. Shoulder surfers,
Nosy people
IV. Software bugs

10. Risk Management Step 3
1. Identify Critical Assets
2. Identify Threats
3. Identify Vulnerabilities
I. Glass screen - Scratches,
Cracks, Breaks
II. Small, portable - Easy to
conceal, lose track of
III. Screen visible from above,
sides
IV. Poor Software Development,
Testing - Vendor

11. Risk Management Step 4
1. Identify Critical Assets
2. Identify Threats
3. Identify Vulnerabilities
4. Assess Risks
I. High
II. High
III. Medium
IV. Low
Likelihood = Probability of threat exploiting Vulnerability
Consequences = Impact to business
Risk = Likelihood of Consequence

12. Risk Management Step 5
1. Identify Critical Assets
2. Identify Threats
3. Identify Vulnerabilities
4. Assess Risks
5. Manage Risk( Avoid, Mitigate, Transfer,
Accept)
I. Mitigate - Purchase Case, Screen
Cover
II. Mitigate, Transfer - Password,
Backup, Location Service/App,
Insurance,
III. Mitigate - Privacy screen, Behavior
IV. Accept - Delay upgrades? Oh well
V. Avoid - Toss phone out the window

13. Now that you know…..
1. Have you identified your business critical
assets?
2. Have to thought about the threats that
may affect them and adversely impact
your business?
3. Have you looked for where your assets
might be susceptible to those threats?
4. Have you assessed the risk by considering
the potential likelihood and impact to your
business?
5. Have you made an informed, conscious
decision in line with your business mission
and needs about your risk?

14. Key Takeaways
 Size doesn’t matter.
 Your “IT Guy” can’t do this for you.
 It doesn’t have to be expensive and
complicated.
 We can help.

15. QUESTIONS

16. About Us
MCGlobalTech
– Mission Critical Global Technology Group (MCGlobalTech) is
a minority owned, small business founded by industry
leaders to provide strategic advisory and security consulting
services to public and private sector business managers to
better align technology and security programs with
organizational mission and business goals.
– The Principals at MCGlobalTech have been providing
Information Security services to the Federal Government
and the private sector for over 25 years

17. Our Values
At MCGlobalTech, we believe that strong values create
long term relationships with our customers,
employees, partners and the communities we serve.
At the heart of everything we do, our corporate values
are:
– Providing customer satisfaction
– Delivering innovative solutions
– Empowering staff for success
– Promoting Entrepreneurial spirit
– Maintaining technical excellence
Staff
Skills
Success

18. What we offer
MCGlobalTech is able to provide our customers with
innovative, mission-critical solutions in a broad variety
of technologies. We consider the following our core
competencies:
– Information Assurance (Security Authorization)
– Vulnerability Management
– Security Risk Management
– Security Engineering
– Penetration Testing
– Network Security

19. Contact Us
Mission Critical Global Technology Group
1325 G Street, NW
Suite 500
Washington, District of Columbia 20005
Phone: 202.355.9448
Email: Info@mcglobaltech.com
William J. McBorrough Sales Division
Co-Founder/Managing Principal Corporate Headquarters
wjm4@mcglobaltech.com sales@mcglobaltech.com
(202) 355-9448 x101 (202) 355-9448 x200
(571) 249-4677 (cell)