September 2021

We are grateful to have the opportunity to share our knowledge and wisdom with you through our educational e-newsletter. Our e-newsletter aims to provide you informational tips to make you cyber-savvy.

We take special care to ensure the information we provide you in "Cyber 60" is the latest and most current information available to educate you on protecting your most valuable information assets. This edition explains how cyber is a corporate risk and the three steps to set your risk appetite.

We want to write about topics that are important and of interest to you. If you have topics, you would like us to cover, please email them to us at

We encourage you to share our e-newsletter with others in your sphere of influence. 

Jonathan Trimble
Founder/ CEO
Cyber is a Corporate Risk!
Cybersecurity centers around the use of technology, but it is not an issue that can be addressed solely by a company's Information Technology (IT) department. The potential impact of a cyber incident is too significant and requires leadership and awareness from the top of the organization. When Colonial Pipeline was hacked, the company paid a $4.4 million ransom. Some of this money was later recovered, but the attack has cost Colonial Pipeline in other ways. 

The company supplies approximately 45% of fuel to the East Coast and elected to shut down operations during the attack, affecting millions of customers with a spike in gasoline prices. Fearing gas shortages due to social media and news hysteria, nervous motorists waited in line at gas stations for hours in some areas. The following month, CEO Joseph Blount was called to testify before the Senate Committee on Homeland Security and Government Affairs. Once an obscure part of industrial infrastructure, Colonial Pipeline is now widely recognized as a ransomware victim, exposing the frailties of critical infrastructure to cyber-attacks.

The American Medical Collection Agency (AMCA) was a debt and medical receivables collection agency focused on collecting patient receivables for various third-party clinical-diagnostic laboratories. AMCA collected and maintained PII on millions of patients during normal business operations, including names, home addresses, Social Security numbers, and bank account and credit card information. AMCA invested over $1 million to upgrade its IT systems, but this did not prevent a significant data breach in 2019. After disclosing this cyber-attack, major clients, including Quest, Labcorp, and others, opted to terminate business with AMCA. In addition to the immediate revenue impact, AMCA began to incur significant costs resulting from the breach, including litigation and remediation. AMCA lacked cyber liability insurance, and the company covered the costs through a $2.5 million loan and company cash. AMCA also sought costs savings through a 75% reduction in headcount. Three months later, AMCA filed for bankruptcy, and the company was eventually dissolved.

The impact of a cyberattack quickly spills beyond the Information Technology (IT) space, and a company's top leadership needs to address cybersecurity as part of its overall risk management strategy. This holds true both from a risk mitigation approach before a cyber incident occurs and navigating the company through crisis when a major cyber-attack occurs.

What is your organization's cyber risk?

A cyber risk appetite statement explicitly defines what an organization has deemed an acceptable risk, and every organization's risk tolerance will be different. This statement should be unambiguous and measurable to enable strategic decision-making for the organization's leadership.
Set your risk appetite in three steps… Read More
Quick Links
Contact Us
Austin Main Office:
2802 Flintrock Trace, Ste 277
Austin, Texas 78738
Phone: 888-477-2296
Texas License #A12729101
Our Founder/CEO

As a Special Agent at the Federal Bureau of Investigation (FBI), our Founder, Jonathan Trimble, led several complex criminal and counterintelligence investigations, including the dismantlement of international organizations involved in cybercrime and financial institution fraud. Learn More
About Us
We decrease our client's risk of compromise to their most valuable information assets.

At Bawn, we serve our nationwide clients as a trusted advisor. We help our clients identify vulnerabilities regarding their sensitive information and intellectual property. We then develop a strategy and solution implementing people, processes, and technology.  Our solutions allow them to increase their ability to manage and protect their most valuable information assets. Our clients benefit by maintaining their reputation and confidentiality, reducing their operational costs, avoiding fines and lawsuits, and understanding the information security risks of both their own business and their clients.

We operate from a place of client focus, commitment, compassion, respect, and integrity. We are dedicated to providing fairness, quality service, and Leadership that fosters teamwork, performance, and excellence for our clients. Learn More