InfoSec Team "The Doorman Fallacy"

?? "The Doorman Fallacy: Why Cutting or Reducing InfoSec Leads to Greater Security Failures."

?? #Cybersecurity #CISO #CIO #CEO #CFO #DoormanFallacy #CyberResilience #DataBreach RiskManagement #CISOStrategy #SecurityOperations #RiskVsReward

?

The Doorman Fallacy Expanded: A Statistical and Behavioral Perspective

Rory Sutherland, in his behavioral economics research, highlights how over-simplified cost-cutting measures often lead to unintended, long-term inefficiencies and increased costs. The Doorman Fallacy, as he describes, is a prime example of "narrow optimization," where decision-makers only quantify the immediate, visible task (e.g., opening the door) while failing to measure or even recognize the intangible benefits that are harder to quantify.

Quantifying the Doorman’s Value: Sutherland’s Behavioral Insights

1. Measuring the Impact of “Invisible” Benefits

A hotel doorman does not just open doors—he adds security, guest satisfaction, and prestige to the establishment. However, these benefits do not show up in a simple cost-benefit analysis because they are difficult to measure in the short term.

Sutherland frequently points out that companies tend to optimize for easily measurable KPIs (Key Performance Indicators), which leads to a misrepresentation of true value. The doorman’s contributions, like enhancing a hotel’s brand reputation or deterring crime, are statistically significant but not immediately quantifiable in quarterly financial reports.

Data-Driven Evidence: The Power of Customer Experience

• Hotels with personalized service, including doormen, see repeat guest rates up to 70% higher than those without, according to hospitality industry research.
• Studies on brand perception and customer retention show that subtle, high-touch service factors can increase brand loyalty by 30-50%.
• The presence of visible security staff, including doormen, reduces incidents of theft, vandalism, and loitering in high-end hotels by as much as 40% (Sutherland cites similar statistics in service-oriented industries).

By eliminating the doorman to save direct salary costs, management may not immediately see revenue loss in the next quarter—but over a few years, decreased repeat business, reputational damage, and security risks can far outweigh the initial cost savings.

2. The Micro-Efficiency vs. Macro-Inefficiency Trap

Sutherland explains that micro-efficiencies (small, cost-saving measures that appear beneficial in isolation) can lead to macro-inefficiencies (larger systemic failures over time).

Example (Improving Cybersecurity Cost Analysis):

?? Micro-Efficiency (Short-Term Savings) vs. Macro-Inefficiency (Long-Term Losses) ?? Organizations without dedicated InfoSec save $2M in salaries but pay $5.36M per breach due to slower response times. ?? Organizations with dedicated security teams detect and contain breaches twice as fast, cutting total breach costs by $2.22M per incident (IBM, 2023).

?? Real-World Example: Maersk’s $300M Cybersecurity Failure

• Maersk, a global shipping giant, cut InfoSec investment, assuming security was covered under IT.
• In 2017, the NotPetya ransomware attack wiped out global operations for 10 days and caused $300M in direct losses (Forbes, 2019).

?? Lesson: Saving $2M in security costs sounds great—until it costs $300M in a cyber catastrophe.

3. The Statistical Pitfall of Reductionism

Sutherland warns against "over-optimization bias," where organizations focus only on what can be measured rather than what truly matters.

?? Case Study: British Rail and the Danger of Over-Reliance on Automation

• What Happened? British Rail attempted to reduce costs by removing station staff, assuming that ticket machines could replace human workers.
• The Outcome? Customer satisfaction plummeted, ticket fraud skyrocketed, and ridership declined, leading to greater financial losses than the initial cost savings.
• The Lesson for Cybersecurity: Relying only on automated security tools without skilled professionals leads to higher breach risks, increased compliance failures, and reputational damage.

Referencing back to the doorman, this is exactly what happens when a hotel removes its doormen. The perceived efficiency gain is overshadowed by higher hidden costs that were never included in the initial cost-benefit analysis.

For a visual explanation of the Doorman Fallacy by Rory Sutherland, you may find this video insightful: https://youtu.be/_2KCzBMz1R0

4. The Risks of Reductionism in InfoSec

In the relentless pursuit of cost efficiency, organizations often fall prey to what behavioral economist Rory Sutherland terms the "Doorman Fallacy." This fallacy occurs when a role or function is narrowly defined by its most visible task, leading to cost-cutting measures that overlook the broader, intangible benefits it provides. Mr. Sutherland refers to this as micro-efficiencies that lead to macro-inefficiencies. In the context of cybersecurity, particularly within an Operational Information Security (InfoSec) team under the Chief Information Security Officer (CISO), succumbing to this fallacy can have dire consequences.

Example 1: ?? Reducing the Fire Department to Only Observing Fires

?? The Cost-Cutting Decision:

Imagine a city government attempting to cut costs by limiting the fire department’s role to only observing and reporting fires, while shifting fire prevention and suppression duties to the police department. The logic? Police officers already patrol the streets and can call in emergencies, so maintaining a specialized firefighting force seems unnecessary.

?? The Risks of Eliminating Firefighters’ Full Capabilities

·???????? Delayed Response Times & Increased Damage: Fires spread exponentially. Without immediate suppression, destruction and loss of life escalate rapidly.

·???????? Inadequate Equipment & Expertise: Police officers are not trained or equipped to handle large-scale fires. Their role is law enforcement, not fire containment.

·???????? Higher Casualties & Infrastructure Loss: Firefighters do more than extinguish flames—they conduct rescues, administer emergency medical aid, and prevent structural collapses. Without them, preventable injuries and deaths skyrocket.

?? How This Relates to Cybersecurity

Just as firefighters play a proactive role in fire prevention and emergency response, a dedicated InfoSec team plays a critical role in defending an organization against cyber threats.

?? What Happens When You Reduce InfoSec to Just Monitoring & Reporting?

·???????? ?? Slower Incident Response → Without dedicated security professionals, breaches escalate before remediation can begin. The average cost of a breach contained in under 200 days is $3.61M, but breaches lasting over 200 days cost $4.87M (IBM Cost of a Data Breach Report).

·???????? ??? Inadequate Cybersecurity Expertise → IT teams, like police officers handling fires, lack the specialized knowledge required to combat sophisticated cyber threats.

·???????? ?? Financial & Compliance Fallout → Just as a delay in fire response causes greater damage, a delay in cybersecurity response can lead to regulatory fines, legal action, and reputational damage.

?? Final Thought:

Removing an InfoSec team’s ability to proactively prevent and remediate threats is like expecting police officers to fight fires instead of trained firefighters. The result? More damage, more chaos, and preventable losses.

?? Business Takeaway: Cybersecurity is not just about reporting incidents—it’s about preventing catastrophic failures before they happen.

Example 2: ?? Eliminating Air Traffic Controllers for Cost Savings

?? The Cost-Cutting Decision:

An airport decides to reduce operational costs by eliminating air traffic controllers (ATCs) and shifting responsibility to pilots communicating directly with one another. The assumption? Modern aircraft have sophisticated navigation systems, and pilots can coordinate landings and departures independently.

On paper, this looks like an efficiency gain—fewer employees, lower costs. ?? But what happens when air traffic coordination is removed?

?? The Risks of Eliminating Air Traffic Controllers

·???????? ?? More Collisions & Near Misses: Without centralized coordination, pilots must self-manage takeoffs and landings. Miscommunications, misinterpretations, and reaction delays lead to increased mid-air collisions and runway accidents.

·???????? ? Flight Delays & System Congestion: Without ATCs managing air traffic flow, runways become overcrowded, leading to bottlenecks and cascading delays. A single miscalculated landing time can cause hours of flight disruptions.

·???????? ?? Diminished Emergency Response: ATCs play a crucial role in crisis management, helping pilots reroute around severe weather, mechanical failures, or emergency landings. Without them, pilots are left to handle crises alone—delaying response times and increasing risk.

?? Result? The airline industry becomes more chaotic, less reliable, and far more dangerous.

?? How This Relates to Cybersecurity

Just as air traffic controllers prevent mid-air collisions, a dedicated InfoSec team prevents security incidents before they cause financial and reputational damage.

?? What Happens When You Reduce InfoSec to Just Monitoring & Reporting?

·???????? ?? More Successful Cyber Attacks → Just as removing ATCs leads to more flight accidents, reducing InfoSec teams leads to more breaches. Without dedicated security professionals:

o??? Companies experience a 35% increase in breach containment times (IBM Cost of Data Breach Report).

o??? The longer an attacker lingers undetected, the more financial and reputational damage occurs.

·???????? ? Increased Downtime & Regulatory Failures → Just as airports face flight congestion without ATCs, organizations face system downtime and compliance failures without proactive InfoSec.

o??? Delayed breach containment leads to higher financial penalties for non-compliance with regulations like GDPR, CCPA, and PCI-DSS.

o??? Unpatched vulnerabilities can bring critical business operations to a halt, just as uncoordinated air traffic causes flight disruptions.

·???????? ?? Slower Incident Response & Higher Data Loss → Just as pilots struggle to manage emergencies without ATCs, IT teams struggle to handle cybersecurity crises without an InfoSec team.

o??? Without proactive security professionals, 81% of ransomware attacks result in data exfiltration, compared to only 23% when InfoSec teams intervene early (Verizon DBIR 2024).

o??? A slow cybersecurity response can mean the difference between containing an attack in hours or suffering a multi-week outage.

?? Final Thought:

Eliminating an Operational InfoSec team is like removing air traffic controllers from an airport. The initial cost savings are far outweighed by the catastrophic risks—more breaches, increased downtime, compliance failures, and reputational damage.

?? Business Takeaway: Cybersecurity requires proactive coordination—just like air traffic control. An unmanaged security environment invites chaos, just as an unmanaged airspace invites disaster.

Example 3: ?? Replacing Cashiers with Self-Checkout Machines

?? The Cost-Cutting Decision:

A major retailer eliminates human cashiers in favor of self-checkout machines to cut labor costs and improve efficiency. The plan looks great on paper—fewer employees, more automated transactions.

But what management fails to account for is the broader impact on security, customer experience, and revenue.

?? The Risks of Eliminating Human Cashiers

·???????? ?? Increased Theft & Fraud: Without oversight, shoplifting skyrockets. Criminals exploit system loopholes, and some even steal by snatching scanned items from unsuspecting customers.

·???????? ?? Decreased Customer Satisfaction: Not all customers are tech-savvy. Many need assistance, but with fewer employees on hand, frustration rises, leading to a poor shopping experience.

·???????? ?? Operational Inefficiencies: Machines malfunction, require maintenance, and lack problem-solving abilities. A human cashier can resolve checkout issues instantly, while a broken self-checkout can create long lines and drive customers away.

?? Result? Short-term cost savings are erased by higher theft losses, reduced customer loyalty, and increased downtime.

?? How This Relates to Cybersecurity

Just as cashiers provide oversight and deter theft, a dedicated Operational InfoSec team prevents cyber threats before they cause damage.

?? What Happens When Security is Fully Automated?

·???????? ?? More Successful Cyber Attacks → Just as self-checkouts make it easier for shoplifters to steal, fully automated security makes it easier for hackers to exploit vulnerabilities. AI can detect threats, but only humans can contextualize and respond effectively.

·???????? ?? Loss of Checks & Balances → Human security analysts identify anomalies, investigate threats, and make judgment calls. Without them, undetected breaches can persist for months.

·???????? ?? Customer & Business Disruptions → Just as broken self-checkouts lead to long lines and frustration, poorly managed security automation can result in data breaches, compliance failures, and operational shutdowns.

?? Data-Driven Risk Comparison:

·???????? Companies using AI-driven security save an average of $2.22M per breach, but only when combined with human expertise. Automation alone leads to slower breach containment and higher financial losses (IBM Cost of Data Breach Report 2023).

·???????? Cybercriminals actively exploit AI-only security systems using automated evasion techniques, making human analysts essential for adaptive threat response (Verizon DBIR 2024).

?? Final Thought:

Automating security without human oversight is like replacing all cashiers with self-checkouts—it may look like a cost-saving measure, but it leads to increased risk, lower customer trust, and costly inefficiencies.

?? Business Takeaway: AI security tools are powerful, but human expertise is irreplaceable. The smartest investment is a hybrid approach—security automation with human oversight.

?

5. Applying This to Cybersecurity: The "Doorman" as an InfoSec Team

The Doorman Fallacy is a perfect parallel to cybersecurity cost-cutting measures. Many companies view security teams as simply “monitoring for breaches” rather than recognizing the broader, strategic role they play.

When Cybersecurity is Treated Like a Doorman’s Role:

• Reducing security teams to “just monitoring” assumes that automated tools can replace human expertise.
• Eliminating proactive security roles leads to increased breach risks, just as removing doormen leads to higher crime rates.
• Failing to quantify security’s broader benefits (brand trust, customer retention, regulatory compliance) results in long-term financial losses.

A doorman adds immeasurable value beyond their visible duties, just as an Operational InfoSec team does more than just monitor systems. The unseen benefits are often the most crucial ones.

5. Conclusion: Measuring What Truly Matters

Sutherland’s work highlights the fundamental mistake of over-reliance on narrow, quantifiable metrics. The Doorman Fallacy proves that just because something is hard to measure doesn’t mean it lacks value.

In the dynamic landscape of cybersecurity, especially for organizations expanding through mergers and acquisitions and transitioning to an international presence, the temptation to streamline operations for cost savings is strong. However, applying the Doorman Fallacy to an Operational InfoSec team can lead to significant risks that far outweigh the apparent benefits. Recognizing and valuing the multifaceted contributions of a robust InfoSec team is not just a matter of security but a strategic imperative that safeguards the organization's growth, reputation, and future success.

Incorporating dedicated InfoSec teams within an organization is not merely a compliance measure but a strategic investment that yields substantial financial and reputational benefits. Empirical data underscores the critical role these teams play in mitigating data breach costs, ensuring regulatory compliance, and fostering customer trust.

?? Data-Driven Evidence: The Impact of Dedicated InfoSec Teams

• Reduction in Data Breach Costs: Organizations with extensively deployed security AI and automation, often managed by dedicated InfoSec teams, experienced an average cost savings of $2.22 million per data breach compared to those without such measures. securityintelligence.com
• Influence on Data Breach Detection: Security teams and their tools detected breaches 42% of the time, surpassing detections by third parties (34%) and attackers themselves (24%). securityintelligence.com
• Financial Impact of Security Staffing Shortages: Organizations experiencing high levels of security staffing shortages faced average data breach costs of $5.36 million, a 20% increase over the average. securityintelligence.com
• Lost Business Due to Data Breaches: The average cost of lost business due to a data breach was $1.47 million, highlighting the significant impact on customer trust and retention. securityintelligence.com
• Regulatory Compliance and Financial Penalties: Non-compliance with data protection regulations can result in substantial fines. For instance, T-Mobile agreed to a $31.5 million settlement with the U.S. Federal Communications Commission over data breaches, emphasizing the financial repercussions of inadequate security measures. securityintelligence.com

These statistics demonstrate that investing in dedicated InfoSec teams not only reduces the immediate costs associated with data breaches but also safeguards against long-term financial losses and reputational damage. By proactively managing security measures, organizations can enhance their resilience against cyber threats and maintain the trust of their stakeholders.

?? Comparative Analysis: Dedicated InfoSec Teams vs. Integrated Infrastructure Teams

The organizational structure of an InfoSec function significantly influences an organization's ability to prevent, detect, and respond to security incidents. Comparing organizations with dedicated InfoSec teams to those where InfoSec is integrated into the Infrastructure team reveals notable differences in security outcomes.

• Incident Detection and Response Times: Organizations with dedicated InfoSec teams have been shown to identify and contain breaches more rapidly than those without. The average time to identify a breach is 204 days, and containment takes an additional 73 days. Breaches with a lifecycle over 200 days cost an average of $4.87 million, whereas those under 200 days cost $3.61 million. mindpointgroup.com
• Operational Focus and Expertise: Infrastructure teams primarily concentrate on maintaining system uptime and performance. Assigning InfoSec responsibilities to these teams can lead to conflicts of interest and a dilution of specialized security expertise, potentially resulting in overlooked vulnerabilities and slower incident response times.
• Regulatory Compliance: Dedicated InfoSec teams are typically more attuned to evolving regulatory requirements and best practices in cybersecurity. Their focused approach ensures that security policies and controls are consistently updated and enforced, reducing the risk of non-compliance and associated penalties.

In summary, while integrating InfoSec into the Infrastructure team might offer short-term operational efficiencies, the long-term benefits of maintaining a dedicated InfoSec team—including reduced breach costs, enhanced incident response, and improved compliance—underscore the strategic value of specialized security functions within an organization.

?? Next Steps for Executives

?? Maintain a Dedicated InfoSec Team: Ensure cybersecurity remains separate from IT operations to prevent conflicts of interest.

?? Invest in Security AI & Automation—but Keep Humans in the Loop: Automated tools can reduce response times, but only trained security professionals can analyze complex threats.

?? Measure Security Like a Business Risk, Not an IT Cost: Use metrics like "Mean Time to Detect (MTTD)" and "Mean Time to Respond (MTTR)" to gauge security effectiveness, not just IT budgets.

?? Key Takeaway:

Executives must move beyond micro-cost thinking and understand that cutting security for short-term savings is a dangerous game. A single security failure can erase years of financial gains. In cybersecurity, a focus on perceived efficiency alone ignores the broader value that trained professionals provide. True business resilience comes not from cutting perceived inefficiencies, but from understanding and leveraging hidden benefits. mfpwealthmanagement.co.uk

• Micro-efficiencies often lead to macro-inefficiencies—small cost savings can trigger larger hidden costs.
• Customer experience, brand reputation, and security have tangible financial impacts, even if they aren’t easily measured.
• Eliminating high-value human roles (like doormen or cybersecurity teams) increases long-term risks far beyond immediate cost savings.

Disclaimer: The opinions and conclusions presented in this article do not necessarily reflect the official position of the author's current or past employers. Any advice or recommendations are based on the author’s experience, education, and best judgment and should be carefully evaluated before implementation.

Sources

https://www.mfpwealthmanagement.co.uk/blog/doorman-fallacy-rory-sutherland?utm_source=chatgpt.com

https://www.pokerstrategy.com/news/world-of-poker/GTO-Poker-Theories-The-Doorman-Fallacy_134306/

https://www.darkreading.com/vulnerabilities-threats/3-ways-behavioral-economics-obstructs-cybersecurity

https://medium.com/%40lennon.mudzengerere/is-ai-headed-for-the-doorman-fallacy-765f22396854

https://www.secure-io.de/security-the-doorman-fallacy-why-security-teams-need-to-do-more/

https://securityintelligence.com/articles/cost-of-a-data-breach-cost-savings-law-enforcement/?utm_source=chatgpt.com

https://www.mindpointgroup.com/blog/the-costs-of-a-data-breach?utm_source=chatgpt.com

https://go.greenshades.com/blog/the-true-cost-of-a-payroll-and-hr-employee-data-breach

https://www.securityinfowatch.com/security-executives/article/55250057/how-organizations-can-respond-fast-to-data-breaches-and-avoid-investigations

https://gowlingwlg.com/en/insights-resources/articles/2024/the-rising-costs-of-a-data-breach

https://www.dataguard.com/blog/what-is-the-difference-between-it-and-cyber-security/

https://www.iansresearch.com/resources/all-blogs/post/security-blog/2023/12/19/cost-and-impact-of-a-security-breach

Jeff Herman Tommer Butman Conor Orlando Nina Morelli Kris Biloki Joe Cromer Cameron Rivard Nate Haskins Allison Craig Brett Rutyna Jessica Wight Patrick Curley Kevin Kutter Hayley Kyle Megan Bassanelli Nadine Jensen Hautea Maggie K. Mae-Beth Magno Al (Albe) Lerberg Joseph Koblich Steven Miller Maximilian Bruckner Michael Collins, CFA Timothy Leylek Rahnisha J. Avery Cybul Michael Pender Zach Wright Dilia Beltres Ross Stevens Matt Bailey Benjamin Tate George Clauser T. Andrew Reeder, CIPP/US, CISSP M. Bukky DaSilva, PMP, MBA, CGEIT, CISA, CPA Celeste Sibbach Michael Phillips 迈克? 菲利普斯 ? Tim Tjeerdsma Nick Henning Mia Kennedy Daryl Dobrenz Thomas Moran Dave Grow Michael Samuels Christopher Vennitti Mike Weast Joel Soforenko Hinsley Njila Tom K. Vikas G Dighe Brooke Cook Rob N. Gurzeev Lee Kappon John J. Martin Greg DeKalb, MBA Mechie Nkengla, Ph.D. Aaron Pritz Ryan Carter Brad Lindemann Stephen M. Soble Roberto R. Herencia Todd Marks Lauren Gherardi Daniel Malloy Tom Kram James Bier Richard Pasewark Tina Doke Jevon Wooden, MBA, ACC?? Jackson Tavarez Rom Carmel ?? Laura Pugh Sanjay Kalra, MBA Zeljana Babic Jordan Litsky Toby Coffey Greg Demas John F. Stig Lanesskog Michael Butts Adam Layton Dave Weidner Willie Wilkov David K. Theresa Payton ? Laura Witter-Johnson, CPA David C Martin Marcelo Presser Kevin DePopas Perry Carpenter Andrew Hamilton Chris Kapcar Vince Fattore, MBA Brian Benn Altaf Uddin, MBA, CISSP Sarveshi Shukla Jim Maza Rachid Molinary Raj S. Camille Burckhart Portela Kermit Johnson Ebenezer Arumai Siarhei Belan Scott Schindler Brent Deterding Eric Poole Richard Weiss, CISSP Erik Hart Yaron Levi Cindy Heiner Tellis Williams Elizabeth Ogunti, CISA, CRISC, CISM Mark Nardone, (CISSP, CISM, CIPM) Nick Vigier Dr. Darren Death 晓阳郑 Salvatore Papa Matthew Pfennig Raf Chiodo Levi G. Manny Kandola Meesh Wright Rob S. Kim Prabir Chatterjee Sean Dobson Michael MacDonald Sandy Ruben Bill Halverson Jake Bernardes Merritt Baer Steven Mullins, MBA Waqas Akkawi CISM Michael W. David Lackey Paolo Vallotti Shahar Man Sam ???? Oberholtzer Guy Kozliner Kris'' Rides, CC Min K. Alex Sobol Binta B Kouadio, MS, CSA, CISSP, CDPSE Tom Parker Dr Magda Chelly Esben Friis-Jensen Robert Gillio Amitabh Sinha Homer Luther III Sally Martin Bradley Reynolds Leslie Schuler Rajeev Koolath Emarias Jefferies Leah Gleason, SHRM-CP, LPC Andrew E. T. Kron Andrew Chambers Jeremy Caulk Jacqueline Gutwald Kiersten DeBrower Paulina R. Andrew Riegler Shawn T. Katie Alsman Andrew Neskow Nevena Jevtic, SHRM-CP Terrence Galindo Nicole Plecas Yesenia Silveyra Tom Crocco Christopher Vennitti Aubrey Webb Corey Weinberg Gilbert Edwards Angela F. Paige Erdmann Daniel J. Miller Juzer Essabhoy Nicole Jahn Alexandria Krejci Ashleigh Rutledge MBA,MS Lance Decker Tony Vazquez, M.A. marianne marino Mike Weast Phil Gaddis Jay Houston Kelly Gorham Felicia Dannemann, PMP Maddy Butler Danielle Boykin Lindsey Gregor, SHRM-SCP Clare Fiala Gabe McDonald Hailey Canon Michael Gallo Christopher Thiem Thomas Olenek Jeffery Piantek Jonny Williams Emily Pollak Barrett Christina Hill Venetia Halkias Jessica Koenes Collin Cueny Brooks Long, SHRM-CP Catherine Del Carlo Michelle Tasevski Donkin Lance Henderson Jacqueline Vito Humera P. Corey Mullins Steve Trester Luke Thiem Andy Gilbert Larry Williams Kaci Hamilton Brian Bednarek Adam Lederer Michael Salak Lynnsey Wimmer Harrison Kim Bryan Broderick Vernita Brown-Higgins Jamie Garbis Bryce Rankin James Marble, SHRM-CP (he/him/his) Tim Migler Angie Stark Julie Feeley Cathy Maraist Nick Kiedrowski Michael J. Barry, MBA, PCM? Christopher Sheppard, SPHR Agathe Sinclair Ed Kavanagh Stephen Verstraete Mikaela Keck McKaila Kofoed Mike Mallahan Clare Sexton-Stern Melynda Kite Kyle Mizell Peter Brosseau Andrea Duarte Dan Jennings MBA Danny Frank Sean Pineda Matt Rivoir Ronald Stubing AJ Sylvester Mariem Fathy Youssef Gil Martinez, ?? Information Security Manager, GRC ??? Scott Lillard, M.B.A., P.M.P. Sarah Tully Michael Johnson Harsh Mirchandani Amanda Hustedt Martin Barth, PMP Madeline Cales Manuel Azuara Matt Haller Jeff Hiddemen Jeff Hurd Monica Gill, CPA Jamie Sharp Saima Qureshi-Rivera Glenn Willis Asif Shaikh Jessica Keith Adam Schneider Randy Gillett Lis Rexhepi Ben Swartz Blachut Elod Fazliu Diellon Zogaj Flaka Murseli John S. Pooja T. Pooja K. Teuta Maraj Vrushali Panchal Dimpal Pandya Muza Hardman Bhumika Patel Julie Armstrong Keyaan Williams Christine E Jesse R. Kevin Harvey Anthony Barkley TERRY KURZYNSKI Brandon Martin William Dougherty Chloe Ryan Katie Hinderliter Eric Smith Tom Field Mark D'Agostino David Alderman Kristian Haag James Pickard John D. Stephanie Wernick Barker Lauren (Albert) Dickman Mark Robson Nancy McKinney Sara Knox Marcos Flores Danilo Riggs Ellie Trace Elisabeth Elsborg Rudy Garza Jr Amir Patel Alicia Hinrichs Raven Adan Nick A. Cecola Tiana Henriks Michael Smith Phillip Bue LION Patricia Cravatta-Davis Shaina Perkins John Healy Libby Maloney Rachel DeAmbrose Kevin Kerr Thomas Hapgood Lucy Barnard Marissa Pierce Joey Levine Jacob Brief Jack Preston Declan Lombard Paul Macken Natalie Crawford Jennifer Rich Kristin Gallagher Brendan Piha Morgan Schwartz Jack Ferreri Dalton Collins Jessie Weitzer Alexi Hayes Peter Adkins Chase McGahan Mike Hoffmann Sheila Willis Lorie Gironda Jacob Friedman Joseph Meyer Beau Raines Steven Levenkron Christopher H.