The Story Behind Practical Cyber
This is a story of crime, common sense, and outrage over price gauging. It explains why Elliot Turrini, a former federal cybercrime prosecutor, general counsel, and IT consultant EVP, and current entrepreneur, started Practical Cyber.
Bottom line: He started it to remove the fear and mystique from cybersecurity and cyber insurance; and to help small and medium sized business cost-effectively secure and insure their cyber-related assets without unnecessarily interferring with their daily operations.
Practical Cyber's job is to keep you profitable.
Beginning: federal prosecutions & the cybercrime book
In March 1999, while Elliot Turrini was a federal cybercrime prosecutor in New Jersey, the Melissa virus infected millions of computer around the world and caused over $77 million in damage. As the lead prosecutor, Elliot Turrini learned firsthand about (1) the dangerous battle for control over computing technologies between criminals and businesses and (2) the scary fact that criminals will always find ways to win.
Three years later, Elliot prosecuted a system administrator for UBS PaineWebber. He had installed a “logic bomb” that deleted the hard drives of over 1,000 personal computers in the UBS branch offices around the United States. But for a legacy terminal in each branch office prepared for decommission, UBS would have suffered far more than the $3 Million in damages reported during the prosecution.
Because Elliot recognized that protecting business from cybercrime required a complex mix of law, economics, technology, psychology, and insurance, he recruited a group of world-class experts to collaborate on his book, Cybercrimes: A Multidisciplinary Analysis. Edited and organized by Elliot Turrini and Professor Sumit Ghosh, these experts wrote a first of its kind multidisciplinary treatise about how to better protect your computing-related resources from cybercriminals.
The right balance between productivity and cybersecurity
While the general counsel and EVP of a 300 employee IT consulting company from 2004 to 2007, Elliot Turrini learned about how small to medium sized businesses were using computing-related technologies to generate profits. He saw their need to balance end—user simplicity and robust (but not overly intrusive) security. He also learned that many SMBs were relied too heavily and blindly on IT personnel who didn’t fully understand just how vulnerable their operations were to cyber attack; and that those who engaged cybersecurity experts, often adopted security practices that went over-board and hindered employee productivity.
Heightened cybersecurity threats & price gauging
In 2017, a group of sophisticated cyber criminals hacked into the NSA, stole its most sophisticated cyber weapons, and posted them on the Internet for everyone to use. Almost every credible cybersecurity and cybercrime expert agrees that the distribution of these tools significantly heighted the risk of cyber attack for all businesses worldwide.
In June 2017, these tools via the WannaCry ransonsome ware virus helped cybercriminals almost shut down FedEx and the international law firm, DLA Piper, causing hundreds of millions in damage. The tools were also used to hold thousands of small and medium sized business hostage, locking them out of their computers until they paid the attackers a ransom.
In late July 2017, Equifax learned that hackers had stolen the personally identifiable information (including social security numbers) of at least 143 million people. This attack will cost Equifax about one billion dollars from a mix of investigation, reporting and other liability costs. And, its stock lost nearly 4 billion in value.
Finally, from August 2017 to October 2017, while consulting for a high-end cybersecurity company, Elliot learned that all businesses using computers shared the same fundamental cybersecurity challenges, and that many cybersecurity vendors were over-charging for their services. He also learned that cyber insurance could be bought for a fair price, but that few people understood how to negotiate and buy cyber insurance customized for each business. So, he put together a team of experts to help him create Practical Cyber.