While professionals today may be savvy when it comes to navigating the world of online tools and resources, cybersecurity is often left as an afterthought.
Or, small business owners and entrepreneurs think downloading a one-size-fits-all software program is sufficient to keep their business secure.
But thanks to the complexities of IT infrastructure today, remote work, and aggressive cyber attacks, this simply isn’t good enough.
To discuss why cybersecurity is so important and how business owners should start prioritizing it, we talked to Alex Cole, member of The Post and CEO of Cole Technologies, a managed IT support and cybersecurity business here in Tucson.
Here’s what he told us.
The Post: What’s your background and how did you get into your line of work?
Alex Cole: As long as I can remember I’ve been tinkering with computers and interested in the tech world. Even so, I started university as a pre-med student. I quickly realized I didn’t like Chemistry, so switched to IT and the rest was history!
While in university, I worked as an IT manager at a specialized eye health clinic, which had advanced imaging systems, equipment, and software. After graduating with an IT degree, I moved to Minneapolis and worked for the government there for about four years. We did everything from managing public safety systems to managing large databases for city hall to working on critical infrastructure for the city.
After that, I was recruited by Raytheon Missiles and Defense, where I supported some classified Department of Defense programs and other large projects. I relocated to Tucson for the role, and am still located here today.
After leaving Raytheon, I founded my own business in 2021, right in the middle of COVID. Many of my friends and professional contacts were getting me to help transition their business to work from home and I realized how big of an opportunity there was in this, so started doing it full-time.
We’ve grown quickly—last year it was just me, but now I have three full-time employees and a couple of contractors. We now have three private offices here at The Post, where we work from.
What kinds of services does Cole Technologies offer to its clients?
We specialize in the niche of security and compliance. I had to follow many compliance standards in my government and defense background, but now we’re applying some of that same methodology with small and mid-sized businesses (SMBs) to keep them secure.
We’re also finding that a lot of companies want cybersecurity insurance, so we can help boost their security so they qualify for a good rate and be protected against potential claims in the event of a ransomware incident.
Working with small and medium-sized businesses is where we thrive—our ideal clients have around 50-60 employees, maybe one or two locations.
We serve anyone, including healthcare, financial institutions, accounting offices, legal firms, manufacturers, defense contractors, or engineering firms—we kind of help everybody.
What are the most significant cybersecurity threats SMBs face today?
The first thing to note is that 80% of all ransomware and malware attacks start with an email asking you to open an attachment or click on a link. So, there’s a human component to it—somebody who either isn’t educated or is absentminded, clicks or downloads something and opens up the company to risk.
Now that a lot of people are working on hybrid schedules, there’s another layer of complexity to the IT architecture of an organization. People may be working from home or maybe in coffee shops with their laptops, which opens you up to increased risk for cyber attacks. If there aren’t the right tools, software, and frameworks in place, you may not be protected.
To fill in some of the gaps and ensure protection, companies need to either work with an external managed services provider, like us at Cole Technologies, or have someone inside the organization champion cybersecurity efforts.
At the end of the day, it’s about the people—they’re both the risk and liability, but they also are needed to manage tools and ensure protections are in place. Tools and software alone are not enough—you need people from the inside or outside to manage things.
What are the potential risks associated with ransomware and malware?
If your company is targeted with malware or ransomware and successfully breached, many forms of data can be accessed, including:
- Contacts and mailing lists
- Purchase orders
- Confidential personal data
- Financial information
- Email content and addresses
There are always shifting trends for cybersecurity attacks. For example, there’s one happening now where cyber attackers will compromise the email systems of manufacturers or contractors that handle a lot of purchasing.
They will then spy on your emails and gather information on who the vendors and suppliers are. Instead of sending out a ton of spam, they send targeted emails to collect payment information from suppliers because they know which purchase orders are valuable and worth a lot of money. Sadly, I’ve seen someone lose over $1 million with this kind of scam.
Besides the financial impact on your business, there’s also a reputational one. If confidential information is breached, you can lose client and industry trust in the future.
Unfortunately, if you don’t have the right systems in place, it is hard to detect a breach or compromise based on how things are performing. In this example, the attacker isn’t sending spam or deleting emails—they’re essentially spying on you, so it’s hard to figure out what’s happening.
It takes an average of eight to nine months for an organization to detect that there’s even been a breach. This is why it’s so important to have the right system in place which can immediately alert you to any kind of anomaly or compromise in your system.
How can SMBs start thinking about protecting themselves from these risks?
I like to compare cybersecurity to an onion because there are lots of layers.
Whenever we onboard clients, we ensure we’re covering all these layers—it starts with training and education, then there are network firewalls, the design of the systems, etc., etc. I won’t bore you with them all!
But the reality is that there’s no one tool that’s going to save the day. Home solutions are not totally adequate for businesses.
Instead, you need to work with somebody who specializes in each layer of cybersecurity to ensure you’re adequately protected.
You mentioned some increased risks are working from home or a coffee shop. How does that compare to a coworking space when it comes to staying safe?
We worked on the network at The Post when it was recently overhauled. We have a system here that segregates everything out logically.
You can either have physical separation, where everyone has their own connection, or logical separation, which is what we have here. This is when everyone shares a fiber Internet connection, but there’s a device that we manage to separate your laptop or computer and The Post. The outcome is that you can’t see your neighbor’s web traffic and there’s separation that protects individual members and offers privacy.
Another layer of protection and the difference between a coworking space and, for example, a coffee shop is that you’re on a trusted network. If you’re in a public space, you’ve got to assume it’s compromised in some way and take measures to protect yourself—encryption, avoiding entering personal information, and the like.
But on a trusted network, like here at The Post, we’ll notice if somebody’s doing a bunch of stuff they shouldn’t be—there’s an alert if something goes wrong. Again, it’s that human element that is checking things on a regular basis to make sure it’s secure.
How can SMBs take the first step toward improving their cybersecurity?
The first step is a conversation. We offer a free assessment to anybody, so you can reach out and bring up your concerns or questions to see what we can do for you. We want to make a difference in the community and support SMBs with their cybersecurity, so reach out and we can start that conversation.
Connect with Alex on LinkedIn or through the Cole Technologies website, where you can book a free assessment.
And if you’re looking for a productive workspace with a secure, trusted network and on-site support, contact us to book a tour of The Post today.