Francis West – How cyber breaches have cost businesses over £1.4m

Follow the accounting podcast channels

Julie Wilkinson  00:03

Hi, I’m Judy Wilkinson, and I’m a chartered management accountant. And I’m excited to be launching the build and exit podcast. This podcast is for business owners and entrepreneurs who are looking to expand their business portfolio by acquisition, or at some point in the future, when to exit their business. We’re going to bring real life stories and experiences of people who have grown by acquisition, who have exited their businesses, and other areas of business such as funding and cash flows. So there’ll be lots of opportunity to learn different areas of business and how you can in the end, transition your business from a lifestyle to an asset to look forward to seeing you soon. Hi, and welcome to the building exit Podcast. I’m Judy Wilkinson and I’m the owner and founder of Wilkerson accounting solutions. We are an accounting and consultancy firm that specialises in business acquisitions, so we help people buy businesses and exit strategy plan. I’m really hoping you’re enjoying the episodes and today I am bringing you Francis West, who is the owner and founder of security everywhere. We’re primarily going to be talking about cybersecurity today, which is quite interesting, because it’s one of the things that not many people talk about because like Francis always says it’s quite invisible, unless you’re unless it impacts you. But there’s gonna be some great stories. And it’s really shocking to think that French is biggest issue we see there’s 1.4 million of cash lost because of cybersecurity. So I think you’re going to want to tune in to see what you need to think about in business, but then as a as an owner and acquisition, like what you should be looking for in due diligence. So firstly, Francis, I want to thank you for coming on the show,

 

Francis West  01:37

though. Thank you, Julia. It’s so nice to be invited to these podcasts I’ve done a did account the other day, I’ve done over 200 of these since, or presentations on cybersecurity since the beginning of COVID. And we’ll talk about mission later. But I am very grateful for the opportunity to help. Hopefully many more people that listen to this podcast after it goes down today. Yeah, absolutely.

 

Julie Wilkinson  02:00

So are you I just want to hand over to you. And maybe you can just give a bit of a background about why you’re so passionate about cyber, and what you’re helping people with.

 

Francis West  02:10

Yeah, God. So I’ve been in the IT support game for over 33 years now work with my business partner, he’s done 34 years, he’s got one year on me. And we’ve always done security. But I would say probably about three or four years ago, the only thing where I can describe as as what we saw was a tsunami of cyber attacks, especially on smaller businesses. And only two weeks ago, I was in London at the future of cybersecurity in event in London. And the guys were saying that, you know, a lot of companies out there today, when it comes to cybersecurity, they expect the flu jab to fix COVID And it doesn’t work anymore. So what is what I’m trying to say is old technology or the well known systems that we that we grew up with. Sadly, it’s just not man enough anymore to protect businesses. And I would say probably 95% of businesses that we meet are not even 5% adequately protected. Why? Because they’re still using old technology to fix a new problem. So what we decided to do, three or four years ago was to go out to the market. And we looked at I mean, we know all of them. But there are 12 and a half 1000 security solutions out there for businesses, how do you even know where to pick. So unless you eat, sleep, and breathe and dream about this every day, you don’t even know where to start? So we then found or with a lot of research and a lot of effort and a lot of blood, sweat and tears, we found the five top solutions or security services on the planet. And we’ve now made it in, we’ve enabled the smallest businesses where they they’ve got one user five years, 10 years as 100 users to have the same level of protection as NASDAQ and Netflix and TGI Fridays, because why should they not have the same level of protection? So yeah, so we made it our mission to educate and protect at least a million businesses, from hackers and scammers by 2020 was a 23rd. What are we now 20 23/26. So that’s we’re on a mission, and we’re helping as many people as possible.

 

Julie Wilkinson  04:17

Wow. Yeah, sounds sounds good. And obviously, I put a mission after this that I probably need to get myself checked out or the company checked out. So I’ll be doing that after this. I think I definitely should you owe to your clients. Yeah, we all do. We all have a duty of care don’t really so. And so. Yeah. So, you know, we talked about the biggest case you’ve ever seen. You mentioned you saw a 1.4 million loss. So I think that’s obviously a big number of people thinking oh my god, I don’t want to lose 1.4 mil so just talk us through like what what, why what happened?

 

Francis West  04:51

Yeah, so one thing I didn’t mention during the introduction is for my sins I now serve on six Cybersecurity panels including the home office and work with the cyber resilience centres. They are nine in the UK, also, a founding member of the Eastern fraud forum, also work very closely with a number of the UK Cyber Police teams, as in cyber police. And sometimes they even place young offenders with us so that we can help rehabilitate them. But this is a case that was actually referred by the Eastern cyber resilience centre. And it’s a local business in Hartfordshire, a building firm, and the hackers were on their systems for at least six months. And on that note, I don’t know if you know this, but the average in the UK now is Turner 37 days where somebody or the hackers are sitting on your system completely undetected. And they’re gathering information about you or about your clients or about your suppliers, with the view of them launching attack. And you should ask me a question about charities later, I’ll explain why. But what happened there was so they managed to get on to the main accounts, people’s PCs, and they then started monitoring the when these people were sending out a both statements and also invoices. And at the right moment in time, there was very, very well planned, they logged in remotely into the Xero accounting system because it wasn’t locked down properly, and change all the bank details. And of course, all the statements and invoices started going out. And within two weeks that business lost 1.4 million pounds. And of course, the bank’s turnarounds are tough. You know, it was your system, so insecure. So said, I haven’t checked recently, but they lost reckon they lost most of it, you know, nevermind the embarrassment, because all their clients and their suppliers started finding out that their business didn’t secure themselves properly. And as a result, they lost not only money, but they lost clients as well.

 

Julie Wilkinson  07:01

So on that scenario, because we’ll talk about internal control. So I’m going to move away a bit from cyber because I know in a finance well we talk about controls, what we recommend to people. So when you get a letter through from change your bank details from someone like a supplier, we would always recommend that you phone the supplier up to confirm, because it happens all the time, I remember when I worked at British sugar, and I used to work in purchase ledger. And we used to do that role. I’d say one year there was five, or at least it every year, there was about five letters that came in the phone in the number on the letter doesn’t help because normally they’ve changed the number or the letter to be. So we would always have to so it’s all about the data when you sign up the supplier because you want to get the contact details in the email address on your system that you verified at the beginning. So that if you get this letter, you then phone them so that then they can verify. And by doing that we actually had people go, Oh, no, no, we haven’t changed our bank details. So they had obviously been that had obviously happened to some of these customers, well, suppliers to us, but we picked it up. So actually, as as much as the individual company has a duty of care. I think out every business has their own duty of care to do their own due diligence when they’re getting like change a bank detail letters. Because this has been going on for years. I mean, this happened. car that was probably 15 years ago now 1516 years ago that was happening. So I can imagine it’s even worse now

 

Francis West  08:24

than it is I mean, it’s getting exponential, you know, every every day you wake up, there’s not a chance that you’re not going to hear something either on your computer or on the news or on the radio or on LinkedIn or a tweet or something. And just going back one step. Judy, you said about reporting earlier? Do you know that only between two and 5% of all cybercrime right now are being reported? Yeah.

 

Julie Wilkinson  08:54

And so you think people are being sort of conned out of money, but they’re not reporting it? Maybe through embarrassment? Do they know? Do they even know?

 

Francis West  09:02

too? Well, they know eventually, when you lose money, eventually you’re gonna it’s gonna paint it’s gonna hurt a bit, isn’t it? They don’t report it for two reasons. Number one, because it depends if they’re regulated or not. Are they scared of the ICO fines? Okay, because GDPR breach, of course, or to they they scared of the reputational damage, because, you know, we’ve seen cases of the cases that if when people find out that you were responsible for losing their data, they don’t want to do business with you anymore. And I mean, there are cases I’m trying to remember and I’m not just talking about the outcomes. We’ll talk about small companies as well. They simply tie Yeah, you asked me about a case about the the accountants here then if I told you this story, we had an account see referral a couple of weeks ago. So not only this the second time this guy got hacked right second time. So not only that, they get into his Dropbox accounts, his zero count all his email accounts, they started phoning his customers and saying, so by the way, we got your details from your accountant. And unless you pay us X amount of money, we’re gonna do the same to you. Do you know what is it company told him to do? Julie is it can’t be totally just wipe and reload your machines, you’ll be fine. You know, and that’s criminal. So, so not only did he lose so many customers, he will, he was very badly advised until of course, he came to us. And we told them how to fix this problem permanently. But this is this sad because this stuff could have been prevented.

 

Julie Wilkinson  10:37

Yeah. So on that note, then, you know, if someone wants to see if they’re at risk of cybercrime, I mean, is there? I mean, you know, do they have to sort of come to come to you? Or is there sort of their own due diligence they could do internally as a? Cause? That as an example, I mean, I’ve got an IT firm, and we think we’re doing data security through them. I suppose, as someone that doesn’t know anything about it, and security? How would I know as a person to check whether I am secure? Is there a way I can? Or

 

Francis West  11:06

there are many ways did they? For what size customer? Are you thinking about now? Because I’ll give you different answers. I can either give you bottom, middle top answers.

 

Julie Wilkinson  11:17

Well, I suppose if you take the accounting firm, which I suppose was that accounted for in a relatively small, medium sized firm, yeah, there was no that only 10. Staff. Yeah, so. So that might be similar size to me as an example. So if we use the accountants, as an example, and my firm that might be relatively similar size at that sort of size firm, what’s a practical step that someone could take to make sure.

 

Francis West  11:41

The first one I’d like to recommend is if, and I’m sure you’re gonna ask me later. But our website is security hyphen, everywhere.com. If you go to our website, on the main page, you’ll see we’ve created what we call a CYBER HEALTH quiz. It takes three minutes to complete, it’s 25 questions, it’s free to do. And within three minutes, you will get an audit report that shows you not only the areas that you need to improve on immediately, but it also gives you a lot of advice, and links to resources on how to do it yourself. Now, of course, if you can’t do it yourself, you come to somebody like me, but that’s the quickest and easiest way you can find out within three minutes where your risks are, when it comes to cybersecurity in a small or even larger business. So that’s one way. The other way, which I always recommend to people, you know, as I’m sitting on the on the security panel for the Eastern cyber resilience centre, is you go on to onto their website, if you just Google Eastern cyber resilience, and you’ll see, again, they’ve got so many different resources that you can use to do different but similar audits. Some of them are paid for, you know, for instance, there’s one on website auditing or insight auditing for I think about 400 pounds. Or if we jump up from there, we can actually work with a team of people, where we can do penetration testing, we can try and get into your business externally, we can try and run an audit or an again, a deep dive audit, we call them penetration tests from internally in your business. And those normally started about 1750 upwards, you know, so really, it depends on, on what your risks are, and how much you value your business, the way you start, you know, with with doing an audit on your on your systems, but I’m sure like you, you know, when you read a balance sheet, or profit and loss, I mean, you can just spot the problem straight away without even thinking. And that’s the same for us. And my view, sometimes, again, depending on the size of the business, is why spend money on an audit and spending 1000s of pounds on an audit where if you if we use the analogy of the car, you take your car to a garage, you get an MOT right. Now you drive out of the garage, and now you’ve just bumped a small pole and now your headlight or your zero reverse light is broken. So you’re completely out of compliance, would you agree? So that’s the same as an audit an audit just gives you a time slice of what the problem is rather invest that money. That’s my advice for any business owner, to improving your cybersecurity instead of just telling you what the problem is. We know what the problems are. Because we’ve been doing it for so many years. We know what the key areas are the quick wins to reduce your risk by 99 plus percent. Does that exactly give you an answer? As always,

 

Julie Wilkinson  14:37

no no it doesn’t. I think that free check that you’re talking about is a good starting place for smaller Pete people as well, isn’t it so?

 

Francis West  14:44

Yeah, they’d love it. It’s instant. It’s good. It’s all based around you know five key areas within your business and in originally originally, we took the sample Amina years of learning plus the National Cybersecurity centre advice And we made it better.

 

Julie Wilkinson  15:01

Wow. Yeah. So there’s a couple of big examples. And I’m sure there’s hundreds more. So I suppose if we flip it round, because that’s kind of looking, you know, if you don’t do cybersecurity checks, you know, you’re at risk of x, you know, losing 1.4 mil breaching Ico regulations. However, I suppose you’ve also got some positive stories. So if we think about it from an acquisition side, I know you mentioned to be about a recruitment firm that you actually improved the valuation from having helping them set up good, I suppose Securi. Network? You might that’s what I would call I don’t know, the official word. So tell us a little bit about that.

 

Francis West  15:39

Yeah, it was a lovely case. You know, I’m still waiting for my for my check. But anyway, I was only joking. But yeah, so So a client that we’ve had there in London, about 60 Odd staff, great company, you know, and we looked after them for years. And then within time, we improved all the security, and they were running all our core layers of services. And then one day phoned me up, Mrs. Francis, I’m really, I’ve got some bad news for you. I said, What’s that? He says, I’m leaving you. I said, What do you mean, geez, you know, you’ve been a good client, since now, you won’t believe I’ve just sold my business. He said, But here comes the best part. When when the company came in to do their due diligence on our business, they said, I’ve never ever found a business this secure. And well, you know, supported from an IT perspective. And as a result, we were able to get a higher multiple, for our business. So, and I thought brilliant that is, and that, to me is a good thing, because it is our personal and company responsibility to look after the data that we hold data is the new gold and off. And surely, you should look after data better than you look after your money. And if you do, you can sell your business for more. There’s another there was another great stat that I read the other day. And I wish I could remember, but it was a high percentage, you know that people say that, you know, if if somebody can prove that they that their data, for instance, is not for sale on the dark web or ever been leaked, then immediately they can they can determine a higher multiple for their business, again, depends on the sector. And that makes sense to me. Why? Because if I if your business is based purely around data, in other words, customers, databases, you know, trends, everything else, and I can steal their data, either, obviously, not in a legal way, then surely, why should I buy your business? Because I’ve got your data already?

 

Julie Wilkinson  17:43

Yeah, no, it makes sense. A lot

 

Francis West  17:45

of people and we haven’t spoken about the dark web yet. And the dark web, you know, where you can buy a child p**n and ak 40 sevens and any d**g of choice and have it delivered to your house this afternoon? Surely, it’s important to know what’s going on in the dark web. So that if any of your data becomes for sale, you can take action will because why? You know, you’re gonna need to be able to answer that question today. You sitting around a boardroom table, and you’re trying to sell your business.

 

Julie Wilkinson  18:13

Yeah, yeah. And I suppose if you think about it like that, you know, they get a higher multiple, I suppose we, you know, because we do a lot of acquisitions, I have to admit cyber isn’t something some people talk about a lot. But I suppose thinking about, you know, if somebody can lose 1.4 mil, if you’re buying a business that hasn’t got good security, ultimately your risk is you could lose, you can be hacked at any one point in time, you could be unlucky, and you could get hacked just after you bought the business. So, resize. So that’s the point. So yeah, so therefore, I think, you know, on the sell side, you can hopefully up with evaluation, and the question is on the buy side, are they actually thinking about security and cyber, as a risk? Because obviously, we can see from here is, it is a pretty big risk, and probably why we don’t see more going digital, it’s becoming a bigger and bigger risk, isn’t it with more things being online and things like that as well?

 

Francis West  19:08

Yeah, I’m just looking at a keep record of the stats, you know, so I attend a lot of the this was the one of the events that I attend, I was speaking at the other day, it was Essex, Essex police and one of the things that they shared there was 83% of small to medium sized businesses are not financially prepared to recover from a cyber attack. That’s a big number.

 

Julie Wilkinson  19:33

Yeah, well, yeah. Money.

 

Francis West  19:39

Well, it’s not for me, it’s not just the money. It’s, I’ll give you another example of that. Okay. You know, the other day again, this was last year, beginning of last year that there’s a lady again, funnily enough, another, another business. It wasn’t an accountancy business. It was a architectural business, right. And this poor lady, she’s been working in the business now for six years. I’m gonna Nicola Mary. Now Mary was responsible for clicking on a link and making a payment for 47,000. About a small business. Problem is, she took it so personally that she, she’s been I when I last checked, this was last year. Admittedly, I’m checked recently. She’s, she’s taken off work for over six months, because she felt personal, personally responsible for making that mistake.

 

Julie Wilkinson  20:28

So she paid

 

Francis West  20:30

to the owner. Yeah, because she made the mistake, she made the payment. Okay, but because really, it’s brought the business it lost all their cash flow. So the problem is, and when I spoke to the owner, the owner saw that there was Mary’s mistake. And I said, I’m sorry, I disagree with you, John. This is why I said for two reasons. One, you never had any email security in place to prevent that email to get into the inbox in the first place says she would have never made the payment to you spoke about processes earlier. So important. You had no process in place to actually for her or training and place for her to go Hold on a second, let me just, this is the way I need to triple check and make sure it’s a big amount. You know, how could you just make a payment for the 7000? I know she’s been there for 30 years, but still not there’s no one should change his mind. But he was Yeah. But he was blaming her. I’m like, No,

 

Julie Wilkinson  21:25

yeah, poor culture. At the end of the day, this is who you know, not people. And it goes to show even business leaders, you know, people don’t take enough accountability. But in the end, I used to work in businesses, and I used to see, you know, Senior Director standing in the hallway, screaming at Star blaming them for things I’m like, in the end, lower level star isn’t there. And accountability is is always somewhere above. So as the business owner is there and responsibility to ensure they have the processes controls in place, these things can’t happen. Because there’s an example. You know, that’s the sorts of payment things are quite simple to fix. You have a control when you get a change of bank letters, like I said earlier that you phone and check it Yeah, that that would remove the risk of anyone paying new bank details incorrectly, because you’d be checking it, you have a sign off DLA process of invoices and payments. So no one person should be able to pay 50,000 pounds, unless you’re the owner, and you’ve got full sign ability, but no lower level staff should have the ability to pay 50,000 pounds with no second authorization for a second thing, and also, like you say, let the email security as well. And actually, if they probably had those three things in place, you know, even probably just the sign off process. Even just one of those probably would have counteracted it so precisely. Yeah, yeah. So there’s so I think there’s two things isn’t that there’s the there’s the actual data security in terms of making sure you get a check and protect yourself as best you can. However, there’s also the controls and processes internally, because if something slips through the net, you know, and you know, things can go wrong get around is somewhat secure internet, you can have set secondary controls that stop it happening. And that usually comes through from segregation of duties on systems making sure like people can’t, one person can’t do multiple things.

 

Francis West  23:14

Yeah. And, Julie, just on that point, you know, one thing that we haven’t discussed, maybe we need to read another set another time is the supply chain. Because how many, and this is both supply chain in my head is both the customers and the suppliers to a business, not just the supplier. Because the customers send info, and I’m thinking now about an accounting firm, or even say they sent information files over that are infected, right? suppliers have access into your systems or using software that’s not properly secured, and they send attacks into your business. So the million dollar question in my head is when lost the people, will your top five or top 10 suppliers do an audit to actually determine what’s the risk to their own business from the people that they do business with? Or that they buy it from? Yeah, does it does it make sense? And that includes they’ll say your IT provider because your IT providers go full access? And people the people always say to all my IT companies got it covered? And I’m like great. I bet they are brilliant at fixing your PC set up email accounts and everything else. But then I asked him two questions. Number one is a security service gets it wrong. Will they pay the ransom? No, of course not. And why not? Surely they’re that good. Then they should be able to pay a ransom. Oh, number two. And I’m going to defend that it can be the minute number two will and when will they respond to an attack to a 30 am on a Saturday Bank, Bank Holiday Monday like we just had on Easter bank holiday. Oh, maybe on the Tuesday morning, I said exactly. And this is why I think that it support companies should purely be tasked to do it support related work, like accountants do accountants, you don’t find your accountant up and ask for legal advice do you buy? Well, some people do? They do. Give them no, no true. But and this is the what they’re doing with with the other providers. And this is why I think the whole supply chain thing, from a logical point of view, from a security point of view, really, really need some attention. The fact

 

Julie Wilkinson  25:39

is, as a business, you’ve got an ethical responsibility to your employees, your customers and your suppliers to make sure you do the right thing. You know, like someone you know, and even in a currency well, when it comes to sort of tax, sometimes, you know, real complicated tax areas, I think sometimes people feel pressurised to sort of always say they could do something because they don’t want to show face to think they can’t. So like, and, you know, we see this in the accounting and tax world, whereas, you know, they’ll go, Oh, my accountant can do this tax. And we’re like, this is a specialised piece of tax work, you know, some form of real specialised overseas vat or complicated stuff, and I’m a bit ly. I don’t think a traditional accountant could do this. You might need a specialised accountant, but actually, they found their accountants and they might not want to say, because they’re thinking, God, if I can’t do this, I might use the business. Well, the fact is, we live in a world where I think we have to be willing to lose business to be ethical. You can’t lie about what you can what you can do. And maybe it companies have a similar thing that may be there. I mean, I don’t know. I’ve never asked my IT committee about cybersecurity. Actually, I wouldn’t have even thought about cybersecurity until I talk to you. Yeah, but to be fair to them, they’ve never said to me, uh, we do cybersecurity. It’s just like a knowledge piece. Is that across the thing of Yeah,

 

Francis West  26:52

you know, and on that point, Julie, I think I’m glad you even said it, and you admitted it, because it’s great, because most people don’t. You know, when you take your house or your children or your husband or your partner for heart surgery, do you take them to the local GP? Or do you find a heart surgeon? And that’s my message today for a lot of people, you know, if you’re gonna get if you want to get properly protected, go to a specialist. I like myself or somebody else doesn’t matter. But get professional health. Don’t rely on the flu jab to fix COVID Because then you’re going to have a real problem. Because there’s a question of when not

 

Julie Wilkinson  27:31

if, yeah, yeah, it’s really interesting, actually, I

 

Francis West  27:34

think fungie Now God, sorry. Yeah, no, I think I’ve made this quiet.

 

Julie Wilkinson  27:41

First time ever. Judy’s quiet. Never speechless. So oh, God, the time just flies. I mean, this has been really interesting. I think this is, well, I think this is really interesting.

 

Francis West  27:51

We would start to even touched

 

Julie Wilkinson  27:53

on it, we’re gonna we’re gonna have to do another episode. Yeah, we’re gonna have to another episode.

 

Francis West  28:01

In May, maybe what you could do is, you know, I mean, there’s so many areas, we could, again, we can talk, we can go into detail about why does normal computer security not work? And I’ll tell you why quickly, because it doesn’t it can’t detect unknown threats. Number one, number two, it doesn’t pay your answer. Number three, it doesn’t have a security Operation Centre, that comes with the the computer security. So in other words, 230 in the morning, when you start sending files to China or to Russia, wherever normal computer security will think that you working late at night is the problem. You know, then we need to talk about things like password security. Why is that so important? What about the dark web, we need to talk about email security 94% of attacks coming by email? Why do you want to make your own staff member or even your children responsible for deciding whether this email is an attack on the business or personal life or not? Then talk about backup and recovery and about awareness training. You know, I mean, that’s just five key areas, which again, is covered in the, of course, in the in the quick audit, but it’s the, you know, people need to really understand the risks, and they need to know one good thing. The positive noise news here is we can’t control what’s going on in economy. Maybe some people can, you know, we can’t control what’s going on in Russia. But the one thing we can control is our cybersecurity fact we can fix that problem.

 

Julie Wilkinson  29:28

So if so, I think we will have to have a bit of a session because there’s a lot we can dive into. But as we’re coming to the end of this one, I mean as a stunt. So if someone’s buying a business, and they need to do cyber due diligence, what do you think is the main thing they can ask the sellers or check to see whether they are compliant? Is there is there is one thing, one top standard thing or was it not that simple?

 

Francis West  29:52

It’s about it’s a very broad question. That’s it but but I wonder if I can narrow that down for up to maybe five or 10 questions, I would the first thing I would do, I would get them to go and do the security audits, you know, the quiz that we’ve done, if they answered properly or honestly, you’ll get a very quick answer. Number one, number two, you can find out if they’ve got cyber essentials, accreditation, or cyber essentials plus, accreditation, and I bet you, none of you know, but out of 5 million businesses, today, only 30,000 businesses have them, right. Because if they have either of those accreditations, then at least we know they’ve made a big huge step towards getting their cybersecurity improves. If I was the buyer, then I would start looking at again, I’m gonna get a little technical now. But I want to see whether they email, which is really the only gate that you cannot close in any business or door, whether they’ve got the three key security email security records set up, because most companies don’t know, for me that immediately throws red flags, then you can run a proper audit on on their internal systems and their external cloud systems. It doesn’t need to be expensive. But that will kick out, you know, number five, and number six, I would see what security services that is, are they using Password Security? You know, are they using more than one password more than once? I mean, are any of the staff sharing passwords? You know? So the simple basic stuff that people don’t have the place? Do their email security in place? Do they actually backup stuff when lost, they recover the data from from their backups if they are backing stuff up, because these are all business critical things that could bring a business down like this. And that could affect, you know, the purchaser massively after they purchase the business, because then it’s too late, the guy’s got off in the sunset. And now you’re holding this little pup. Because remember what I said earlier, data is worth more than money. And you need to treat it so. And as soon as you can determine in any business, you mind that people are not treating their own data and their customers data better than money, then, you know, I wouldn’t pay the same, I’ll pay less.

 

Julie Wilkinson  32:13

Yeah, it’s interesting. I think a lot of people don’t even think about it. I mean, we do loads of deals, probably about three to five every month. And I don’t think I’ve ever wanted anyone mentioned cyber, or that sort of thing to me. So yeah, I think this podcast hopefully will reach a lot of people and get them to start thinking, well, actually, maybe it’s something I need to consider.

 

Francis West  32:33

Well, we’ll give them help with pleasure. I’ll save you the pain, simple as that. So increase your value. That’s it. Yeah.

 

Julie Wilkinson  32:42

So um, one last thing then before we leave. So obviously, there’s been a lot of touched on cybersecurity. There’s a lot you can help with. So if people do need help, where can they find you?

 

Francis West  32:53

Yeah, you know, gladly pick up the phone and give me a call. I’ll be delighted to have a chat with you just mentioned that you did you heard this podcast. And then I know there was because of all the great work that Judy is doing on plus 442031950 Triple five. Or if you go to our website, which is security, hyphen, or minus sign everywhere.com. I’m also on LinkedIn under Frances waist. And my email address is Frances dot w at security hyphen everywhere.com. And you’re going to love now, Julie, but I’m even on tick tock tick tock videos. I do tick tock videos every week. And I did one on passwords the other day. And that’s sitting on almost 300,000 views, which is a lot for me. But yeah, so so we post every day on LinkedIn. Every Thursday, sorry, every first Thursday of the month between 11 and 12am or 12pm. Sorry, we do a LinkedIn live, where I’ve got absolutely brilliant experts from around the country and the world. Talk about cybersecurity and we answer any questions that people have so so if you Google me, you’ll find me.

 

Julie Wilkinson  34:06

One of you lives obviously not for cybersecurity, but for let me know.

 

Francis West  34:12

But you know, Judy, it’s important because we normally have a mixture of two thirds or two thirds of his professional people and then 1/3 of non professional people. Why? Because their input or their questions, and they will experience like yours within m&a and building business and buying businesses is so important to note so your views are you’ll be very welcome to come and join us. I’d love to have you.

 

Julie Wilkinson  34:37

So Oh, thanks so much for coming on. And I just want to thank our listeners for listening to the show. I really hope you enjoy the episodes. You know if you enjoy it, click rate and review on Apple or subscribe on YouTube. So I’m sharing your network so we can get more listeners to hear the show. So thank you, Francis.

 

Francis West  34:56

Absolute pleasure. And again, thank you Judy, because you know this helps me With my mission to educate and protect at least a million businesses by 2026 You’re welcome.

 

Julie Wilkinson  35:05

So, once again, thank you so much for taking the time to listen to our podcast. I hope you found it useful. If you do this anyone else in your network that might benefit from our podcast and please share it with them even just click the link and send it to them, or send it in a Facebook group or other social media channel. Don’t forget to subscribe. So other podcasts come to you directly as of when we launch them. So I’m really looking forward to seeing you next time. We’ve got some really exciting things coming up. And we’ll see you again soon.