Readiness Pro

FMS Presentation

Ross Federgreen

CEO of CSR

Oct 26, 2017

p a g e . 2

You can net

$100,000+

for every 1,000

cashiering

lanes.

I will show you how.

* Assume 5 cashiering lanes per grocery store location.

p a g e . 3

5 Crucial Takeaways

Increase Recurring Monthly Revenue (RMR)

Increase Valuation

Increase Customer Retention

Increase Geographic Footprint

No Capital Investment

1

2

3

4

5

p a g e . 4

CSR’s Current Footprint

Established in 1999

50+ Global Resellers

Singularly focused on regulatory complianceas it relates to data privacy and security

Providing right sized solutions for SMB’s to meet regulatory compliance requirements in a cost

sensitive environment

North Amer ica

Western Europe

Austra l ia

100,000+ SMB’s are current users

p a g e . 5

MANDATORY: All businesses must report a breach and have a plan in place to protect against PII being breached

MANDATORY: All businesses must report a breach, have a plan in place to protect against PII being breached and must perform an annual self audit

MANDATORY: All businesses must report a breach

No Breach Notification Laws

All businesses have no

choice but to comply

p a g e . 6

Enforcement Organizations

p a g e . 7

Types of Breach There are unlimited ways that PII may be lost.

Did you know that employees

are the primary cause of the

data loss?

They are the cause of least 75% of breaches through accidental error, misplacing a file, sending information to wrong person, or most recently, losing their laptop or portable USB.

It is very important for your customers to realize that even with heavily protected computer systems, employees can still cause a breach. With all the focus on digital protection, some businesses are forgetting that paper PII can still be reportable.

Nefarious:

"The email asked me to enter my

password, so I did."

Accidental:

"Oops. I didn’t mean to

send that email."

Malicious:

"I quit, and I’m taking the

files with me."

So remind your customers

THAT NO MATTER HOW LOSS, OR EVEN SUSPECTED LOSS, OCCURS,

BRS is going to handle it for them. Our experts will know if the type of PII that may be lost must be reported and who to report it to.

p a g e . 8

R e s o u r c e s

R e g u l a t o r s

August 1 2017, Class Action Lawsuit

Federal Circuit Court, Washington D.C.

Attias v.

CareFirst, Inc

B R E A C H E S

L a w y e r s

L a w s u i t s

R e g u l a t o r s

P o p u l a t i o n

B R E A C H E S

Consumers may sue companies - by class action or individuallif they fail to safeguard personal data.

Companies must be able to demonstrate documented efforts to identify, prioritize, and remediate gaps in their DLCM (data life cycle management).

Establishes legal standing for data owners to bring an action for a data breach at any business or institutionwithout the necessity of alleging an actual loss or damage.

- EX: identify theft

The

Result?

p a g e . 9

BRS is the REACTIVE solution that provides breach reporting for the SMB

Breach Reporting Service™

Collect security event information and call

the toll-free number

A CSR Privacy Professional conducts an

interview to evaluate the incident

Review panel of CIPP professionals

determines if breach reporting or consumer

notification are required

THE BRS EXPERIENCE - 3 SIMPLE STEPS

p a g e . 1 0

07/01/18

Assessment and Remediation

Scores are calculated after questionnaire completion.

Once tasks are completed, they must be initialled and checked off

FMS

FMS

p a g e . 1 1

Readiness Pro Can generate substantial RMR.

Value of Utilization

Wholesale Price $8.00

Retail Price: $21.00

=

$133K Profitat an 85%Take Rate

For 1000 Users

p a g e . 1 2

50+ Partners Globally

50 Partners Globally

Records InfoManagement& Shredding

RegulatedMedicalWaste

Security &

Alarm

Managed IT&

Employee Services

100,000+ Small Businesses

100,000+ Small Businesses

CSR Data Privacy Products

CSR Data Privacy Products

BreachReporting Service

ReadinessPrivacy Assessment

Software as a Service.

Direct call for Breach Report.

New NetRMR

Example One

p a g e . 1 3

Readiness Pro

- Readiness Suite

- Breach Reporting Service

Example One - Details

BENEFITS FOR THE CUSTOMER

✓

✓ Increase in Compliance

✓Risk Reduction

✓ Peace of Mind

Turnkey Solution

- No Capital Investment

- Increase In Revenue

- Increase in Gross Margins

- CSR walks your company through the rollout

BENEFITS FOR OUR CHANNEL PARTNER

✓

$21.00 Per Customer for 1,000 lanes billed per month with a 90% Take Rate

EXAMPLE:

900 Customers X $21.00/Lanes = $18,900

$18,900/Month X 12 months= $226,800

Can be put on invoices as a separate fee or bundled with current pricing

p a g e . 1 4

Benefits to Partner

Increased RMR

+ + a higher valuation!

No capital investment

Fatter bottom line

An extra hook to battlecustomer attrition

A way to differentiate from the

competition

p a g e . 1 5

Alphabetical order, with lawsuits noted in most instances. Lawsuits are standard fair now.

Reported Grocery Store Breaches

Albertson's /Jewel-Osco

· Malware Strikes Albertsons, Supervalu in New Data Breach

· Grocery Store Chain Hit by New Data Breach

B&G Foods, NA (Maple Grove Farm)

· Maple Grove Farms of Vermont site hacked; customers notified

Crest Foods

· Discarded Crest Foods job applications found

DeCicco & Sons Grocery

· DeCicco & Sons Grocery Store Suffers Data Breach

Hannaford Brothers & Sweetbay Grocery

· Data thieves steal credit card data from supermarket chain

· Supermarket breach exposes 4.2M accounts

· Sweetbay stores affected by credit card breach

· Hannaford Data Breach Maybe 'Tip of the Iceberg"

· Hannaford Data Breach an Inside Job

Kroger

· Major Grocery Store Chain Hacked! 500,000 at Risk

Schnuck Markets Inc.

· Millions of Cards Exposed

· Supermarket chain struggled to find breach that exposed 2.4M cards

· Schnucks Grocery Store Hack Details Emerge

· [LAWSUIT] Settlement Breaks Down: Why Data Breaches Are So …

· Schnucks agrees to settle class action suit in credit card breach

Sprouts Farmers Market

· Data Breach Puts Tax Data of Supermarket Chain’s 21,000 Employ…

· [LAWSUIT] Sprouts Farmers Market Employee Data Breach Lawsuit

SuperValu / AB Acquisition Stores

· Supervalu announces another possible data breach, finds malware …

· [LAWSUIT] SuperValu Hit with Lawsuit After Breach

· [LAWSUIT] Court revives one case related to SuperValu data breach

Shop n Save, Shoppers Food & Pharmacy, Farm Fresh, Cub Foods…

· Grocery Stores in Multiple States hit by Data Breach

· [LAWSUIT] Shaw's shoppers sue over credit-card breach

URM Stores: Yoke’s Fresh Market, Super 1 Foods, Harvest Foods…

· URM probe into card data breach wrapping up

Natural Grocers

· Natural Grocers Investigates Data Breach

· Natural Grocers Data Breach Proves Companies Still Need to …

MAPCO Express

· MAPCO Express Experiences Data Security Breach

· [LAWSUIT] $1.9M Mapco Express Data Breach Deal Gets Final OK

Natural Provisions, Inc

· [LAWSUIT] Grocery Store Agrees to Pay $30K to Settle Breach…

Hanover Foods

· PA: Hackers breach Paytime, Inc. payroll company

· Over 5800Hanover Foods Employees Affected by Paytime Breach

Raley's Supermarket

· Raley’s warns customers after network attacked

Uncle Giuseppe's Marketplace

· Uncle Giuseppe's Marketplace Announces Data Breach

Whole Foods Grocery

· Whole Foods Discloses Data Breach

· Whole Foods suffers data breach in some stores

· Whole Foods reports data breach

· Whole Foods, Latest to Fall Victim to Credit Card Breach

· Whole Foods Market investigating payment card breach

· [LAWSUIT] Whole Foods Class Action Filed After Data Breach

Winn-Dixie

· [LAWSUIT] Former Winn-Dixie Employee Sues Over Security Breach

· Winn-Dixie Sued Over Employee Data Breach

Yellowfront Grocery

· Maine's Yellowfront Grocery Hit by Breach, Other Stores maybe Affected

· Hackers strike Damariscotta grocery store’s credit card system

Morrisons Supermarket (UK)

· Morrisons supermarket suffers major payroll data breach

· Morrisons suffers from insider breach

· [LAWSUIT] 6000 staff join data breach lawsuit against Morrisons

Walmart (Canada)

· Up To 60,000 Canadians Affected By Possible Walmart Credit Card…

T&T Supermarket (Canada)

· T&T supermarket chain in Canada discloses hack affecting 58,000 …

View Data Set

p a g e . 1 6

7 U.S.C. US Code, 2016 Ed. Title 7 – AGRICULTURE Ch. 51 - SUPPLEMENTAL NUTRITION ASSISTANCE PROGRAM

Federal Rules Concerning Disclosure of EBT PII

Section 9(c) of the Act, 7 U.S.C. 2018(c), limits the use or disclosure of information received from applicant and participating SNAP retailers. Use and disclosure of such information is limited to purposes directly connected with the administration and enforcement of the Act, or the regulations issued pursuant to the Act, with limited exceptions for law enforcement and use by the Special Supplemental Nutrition Program for Women, Infants, and Children.

Section 9(c) imposes criminal penalties for disclosure of such information in a manner not authorized by Federal law or regulation.

Thank you!

Questions?