CYNERGISTEK NYSE AMERICAN: CTEK

Transcription

1 CYNERGISTEK I N V E S T O R P R E S E N TAT I O N NYSE AMERICAN: CTEK

2 SAFE HARBOR STATEMENTS This presentation contains, and our officers and representatives may from time to time make, forward-looking statements within the meaning of the safe harbor provisions of the U.S. Private Securities Litigation Reform Act of Forward-looking statements can be identified by words such as: anticipate, intend, plan, goal, seek, believe, project, estimate, expect, strategy, future, likely, may, should, will and similar references to future periods. Examples of forward-looking statements include, among others, statements we make (herein or otherwise) regarding the size of the potential market for our services; the number of potential customers/clients for our services; plans and strategies of CynergisTek and its subsidiaries for future growth and performance; market acceptance of our business model; our ability to integrate acquisitions and merged companies; and timelines relating to growth, milestones, and strategic focus. Forward-looking statements are neither historical facts nor assurances of future performance. Instead, they are based only on management s current beliefs, expectations and assumptions regarding the future of our business, future plans and strategies, projections, anticipated events and trends, the economy and other future conditions. Because forward-looking statements relate to the future, they are subject to inherent uncertainties, risks and changes in circumstances that are difficult to predict and many of which are outside of our control. Our actual results and financial condition may differ materially from those indicated in the forward-looking statements. Therefore, you should not rely on any of these forward-looking statements. Important factors that could cause our actual results and financial condition to differ materially from those indicated in the forwardlooking statements include, among others, the risk factors discussed throughout Part II, Item 7. Management s Discussion and Analysis of Financial Condition and Results of Operations, and in Part I, Item 1A. Risk Factors of our Annual Report on Form 10-K for the year ended December 31, 2017; and throughout Part I, Item 2. Management s Discussion and Analysis of Financial Condition and Results of Operations of our Quarterly Reports on Form 10-Q for the quarters ending March and June 31. Any forward-looking statement made by us in this presentation is based only on information currently available to us and speaks only as of the date on which it is made. We expressly disclaim any obligation to publicly update any forwardlooking statement, whether written or oral, that may be made from time to time, whether as a result of new information, future developments, or otherwise. 2

3 INVESTMENT Pioneer and leader in healthcare cybersecurity Innovative service offerings filling the gap in the industry Loyal national customer base with large upsell opportunity Capitalizing on strong cybersecurity market growth 3

4 WHO WE ARE #1 CYBERSECURITY AND INFORMATION ASSURANCE COMPANY IN HEALTHCARE TOP KLAS PERFORMER 3RD STRAIGHT YEAR 2018 Most Comprehensive Cybersecurity Services STRONG RELATIONSHIPS & TRACK RECORD THOUGHT LEADERS WELL-KNOWN INDUSTRY PLAYER CynergisTek won the 2017 Best in KLAS Award for Cyber Security Advisory Services CynergisTek has been recognized by KLAS in the 2016 and 2018 Cybersecurity report as a top performing firm in healthcare cybersecurity. KLAS KLAS KLAS TRUSTED ADVISOR MARKET DRIVEN TAILORED SOLUTIONS Top Performer Cybersecurity 2018 Top Performer HIT Advisory Services 2018 Top Performer Technical Services

5 WHY CYNERGISTEK? RELATED COMPANIES HEALTHCARE SPECIALIZED KLAS OVERALL SCORE CYBERSECURITY SERVICES CLASSIFICATION CynergisTek 92.6 Comprehensive Deloitte X 79.8 Comprehensive FireEye X 89.5 Comprehensive Fortified Health Security 85.7 Comprehensive Optiv X 87.8 Comprehensive Coalfire X 85.0 Broad PWC X 89.2 Broad EY X 91.1 Broad Clearwater Compliance 95.0 Advisory Focused *All information from KLAS Cybersecurity Services 2018 Report June

6 CYNERGISTEK S MISSION To be that trusted partner that enables our healthcare clients to build the cybersecurity and information assurance programs they need to protect and support patient safety and care operations by delivering exceptional service, expertise and knowledge.

7 INDUSTRY SNAPSHOT 7

8 ATTACK SURFACES CONTINUE TO GROW GLOBAL HEALTHCARE CYBERSECURITY SPENDING EXPECTED TO EXCEED ~$65B OVER NEXT 5 YEARS 8

9 NAVIGATE & PREVENT BREACHES Ransomware Privacy Threats Internal and External Threats IoT Threats Social Engineering Phishing Attempts 9

10 THE SERVICES WE PROVIDE COMPLIANCE ASSIST PARTNER PROGRAM (CAPP) ANNUAL ASSESSMENT An annual extensive review to identify security gaps through the combination of the following: Information Security Program Assessment Technical Security Assessment Risk Analysis Architecture Assessment Wireless LAN Security Assessment MU EHR Security Controls Assessment INTERNAL & EXTERNAL TESTING CynergisTek will conduct regular internal and external testing to uncover potential threats. External: Quarterly Internal: Bi-Annually PERIODIC EXECUTIVE REVIEWS CynergisTek s executive team leads workshops that are designed to: Review remediation progress Provide guidance on regulatory changes and security threats Promote knowledge transference CAPP COMMUNITY CynergisTek Advisory Service addresses questions, concerns, and advice covering technology, program development and maintenance, and regulatory compliance matters. OPTIONAL SERVICES CynergisTek also offers optional services that can be customized to meet a compliance program s unique needs. CAPP 81% OF REVENUE COMES FROM MANAGED SERVICES WHICH INCLUDE CAPP PROGRAMS 10

11 THE SERVICES WE PROVIDE MAKE THE MOST OF YOUR PRIVACY MONITORING PROGRAM PATIENT PRIVACY MONITORING AS A SERVICE (PPMS) CynergisTek collaborates with your organization to support functionality of your patient privacy monitoring tool. DESCRIPTION PPMS SELECT PPMS ELITE Audit Program Development ü ü Current & Future State Analysis ü ü Optimization Plan & End User Training ü ü Validation and Testing of Audit Tool ü ü PPMS Proactive Audit Reporting Analysis ü ü Incident Documentation and Escalation of Findings ü ü Audit Tool Optimization ü ü Standard Program Reports ü ü Reactive Audit Reports, Advanced Analysis, Advanced Program Reports and Advisory Services ü 11

12 THE SERVICES WE PROVIDE TAKE THE LEGWORK OUT OF MONITORING VENDOR SECURITY MANAGEMENT Collaborates with your organization to support functionality of your patient privacy monitoring tool. VSM ASSESSMENT APPROACH Initiation: Analyst gets notified of ticket and initiates assessment in RiskSonar Monitoring: Questionnaire/documentation request sent, and assessment progress updated/monitored. Analysis: Analysis of vendor s input conducted, and gaps identified upon assessment submittal Reporting: Single Assessment Vendor Report created, client notified it is ready for review within RiskSonar Next Steps: Vendors notified of remediation requirements/re-assessments High Risk Vendors: Client is notified of high-risk vendors client uses Risk Acceptance or Risk Exception process Risk Exception: If client approves risk exception, vendor is tagged and tracked for annual renewal VSM VSM DELIVERABLES Single assessment vendor with report outlining security gaps and risk rating Status Updates on vendor participation and escalation of issues Quarterly Program Report covering high-level of the vendor program including recommendations 12

13 THE SERVICES WE PROVIDE SECURE AND PROTECT YOUR BIOMEDICAL DEVICES BIOMEDICAL DEVICE SECURITY TECHNICAL ASSESSMENT A comprehensive inventory of networked biomedical devices and the associated vulnerabilities. BIOMEDICAL DEVICE SECURITY PROGRAM ASSESSMENT An evaluation of security controls and an identification of gaps or vulnerabilities in the management practices for biomedical device security. BIOMEDICAL DEVICE SECURITY MANAGEMENT STRATEGY A strategy articulating different risk categories and a remediation roadmap to address the different categories and the unique issues/vulnerabilities. Biomedical BIOMEDICAL DEVICE SECURITY PROGRAM MANAGEMENT Our service is built to address the security aspects, as it relates to each component of the biomedical device lifecycle including policy development, pre-acquisition procedures, implementation and security control setup, identifying and reporting vulnerabilities, and coordinating remediation in conjunction with the device maintenance schedule. 13

14 THE SERVICES WE PROVIDE RESOURCE & TALENT TO BRIDGE THE RESOURCE GAP STRATEGIC SECURITY STAFFING Alleviate the efforts to source and employ skilled talent for projects that are high priority. Virtual CISO and Privacy Officers Sourcing difficult roles to cost-effective solution Identified to align with your needs for short-term, project specific, long-term, or temp-to-hire cybersecurity and privacy engagements Advisory services from resources recognized as subject matter experts in the healthcare industry CYBERSECURITY REMEDIATION Next steps after a security assessment On-demand seasoned security experts prioritize, implement and execute unique remediation plan Short- and long-term remediation plan Professional Services CYBERSECURITY PROGRAM DEVELOPMENT Utilize best practice standards and guidelines to review, build, and implement components of your security program Improve the effectiveness of a complex strategy Well-versed in many industry frameworks, ensuring the alignment of policy charters, program playbooks, and process and procedure documents are a solid foundation 14

15 THE SERVICES WE PROVIDE MANAGED PRINT SERVICE PROGRAM WITH SECURITY AND COMPLIANCE IN MIND ONE-STOP SOLUTION For all service, supplies, and acquisition requests Strategic approach to identify cost savings opportunities Healthcare exclusive and manufacturer agnostic Assess risks associated with print devices and create remediation plan OPTIMIZATION & WORKFLOW SERVICES Toner: direct delivery to the device Helpdesk services: support and service for your fleet Control print: processes and technology to impact print utilization Device integration: test equipment against application and technology Print shop management: staff to support and oversee timely production of print jobs PERFORMANCE-BASED REPORTING SERVICES User-level utilization reporting: further reduce unnecessary print volume STANDARD ENGAGEMENT Service & support Asset management Installation & removal services Training Utilization review and reporting Device security assessment FINANCIAL MANAGEMENT SERVICES Invoice support: validate invoices against client contracts to ensure validity of charges Vendor contracts: we provide a comprehensive review of third- party contracts and provide opportunities for improvement Recurring Revenue model with 3-5-year contracts MPS 15

16 MULTIPLE DRIVERS FOR LONG-TERM GROWTH Expand into New Markets Non- Organic Growth Increase Sales Reach, Accelerate Land and Expand 16

17 TRUSTED BY HEALTHCARE NATIONWIDE Covered Entities* - over 1,000 healthcare provider locations and business associates Partnered with 4 of the top 10 largest health systems in the US *Covered entities are defined in the Health Insurance Portability and Accountability Act (HIPAA) rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which the department of Health and Human Services (HHS) has adopted standards. 17

18 CTEK ALLIANCE 18

19 FINANCIAL SNAPSHOT COMPANY TICKER NYSE: CTEK UNITS: USD Price (as of 11/06/18) $4.15 FD Shares Outstanding** 9.8M Market Cap $41M LTM Revenue $71.2M Cash** $6.4 Long- and Short-Term Debt** Total Enterprise Value $22.8M $63.4M ** Data as of Q3 ending September 30 th,

20 FINANCIAL HIGHLIGHTS REVENUE & GROSS MARGIN Financial Highlights ($Millions) Expanding New Revenue Lines to Increase Gross Margins $61 $60 $72 $53 $53 17% 20% 29% 28% 27% M M 2018 Managed Services Professional & Consulting Services Equipment & Software 20

21 FINANCIAL HIGHLIGHTS ADJUSTED EBITDA Financial Highlights ($Millions) Profitable While Investing in Growth $7.8 $3.4 $3.3 $6.1 $5.3 $4.0 $4.9 $3.6 $1.8 $ M M 2018 Adjusted EBITDA Adjusted Earnings 1 Adjusted EBITDA: adjusting EBITDA for stock-based compensation and non-recurring charges related to our recent debt refinancing and the departure of a senior executive. 2 Adjusted Earnings: adjusting net income for estimated cash tax adjustment, adjustment in contingent consideration from acquisition, amortization and impairment of intangibles, non-recurring charges related to our recent debt refinancing and the departure of a senior executive, stock-based compensation and depreciation. 21

22 THANK YOU! cynergistek.com NYSE AMERICA: CTEK 22