“The Importance Of Defending Your Company’s Data & Technology” with Don Nokes of NetCenergy

Jeffrey (0s):
Well, hello everybody. And welcome back to radio entrepreneurs. My name again, if it’s, if I haven’t worn it out is Jeffrey Davis. I’m the host of the show. Also chairman of the board and CEO and founder of Mage LLC kind of hard to believe since 1985, we worked with over 700 organizational leaders, organizations, defining leadership, excellence, organizational culture, strategy, long-term growth plans and survival. Sometimes in transition families. I’m really excited today. I’m joined by my number one guest hosts, and that is the one and only John Dustin president JED Insurance. And welcome back, John. You’ve been avoiding me far too long through these summer months and COVID is no excuse.

John (43s):
Yeah, exactly. Since we’re remote, but great to be here again and missing it now.

Jeffrey (49s):
Yeah and John, and I sure how many times a week you’re working out John?

John (53s):
Four about four. Okay.

Jeffrey (54s):
You want to show us the guns?

John (57s):
I don’t think I have a permit for them for this.

Jeffrey (1m 2s):
Well, our guest, I’m sure he doesn’t want to hear about your guns, but for those for Don who doesn’t know, John is a big weightlifter and you don’t see it in those sports shirts, but, but he is quite the athlete. And I’m talking about a Don Nokes principle of NetCenergy. Welcome, Don.

Don (1m 20s):
Cool. Thank you very much. Pleasure to be here.

Jeffrey (1m 22s):
And, and, you know, we started to talk offline. So I’m looking forward to you telling our entrepreneurs about what you do for a living, because you know, it’s an issue. I wouldn’t even call it daily anymore. It’s multiple times daily.

Don (1m 37s):
Yes. Securing people’s networks is a full time job these days. And it’s kind of a shame I got into business in 1980. And at that time it was all about how do you take computers and help integrate them into your business to make them make your business more productive and do things a little bit more efficiently. And unfortunately, over the years, it’s developed into a situation where it’s, it’s all about defense. Now, now that we’re all connected to the internet. There’s a lot of people out there trying to get to your data. And so it has become, instead of that, really what I signed up for back in 1980, helping people really take advantage and leverage the computers into their business. Now it’s become a matter of how do I protect everything that’s going on in my, in my organization today

John (2m 21s):
On the cyber liability Mac, it’s grown into the 20 billion plus range and they expect it to grow 20 to 30% in the next few years. But as a, as a NetCenergy, what are some of the tools like MFA and 0.5, explain some of what you do. If a company is sophisticated, as major were to come to you,

Don (2m 43s):
What would you basically,

Jeffrey (2m 47s):
He was named dropping what’s. What are all those terms that John just used? He just showed off his intelligence.

John (2m 56s):
I showed off my protection.

Don (2m 59s):
That’s a really important thing is by the way, you know, this business is built on acronyms. You know, I, I even the, the ETLA the extent that three letter acronym, you know, we have a lot of these acronyms in our business and it is difficult sometimes to get into a conversation without accidentally dropping some of those to someone who may not be familiar, but at any case, what are you talking about really are tools. There are tools that can be purchased and they can be purchased both in the enterprise level space where they have seemingly unlimited pocket books for this kind of protection and in the small entrepreneur space where you really don’t have a lot of money to be throwing at a lot of your administrative you’re you’re out there trying to drive business and, and get things going. And the last thing you want to do is have a big administrative overhead.

Don (3m 42s):
So some of these tools that John talked about can be purchased by entrepreneurs and, and people that don’t have unlimited budgets to make sure that they’re maintaining safety. And, you know, th th there’s sort of a ratio that we have to work with it’s it’s productivity versus protection, right? So when you, when you talk about MFA, which stands for multi-factor authentication, what that is, and we’ve all experienced it, it’s where you want to log into something and they want to send you a code into your cell phone that you would then plug in again. So it’s basically something, you know, you know, your, your password and then something you have your phone that allows that multifactor to authenticate and make sure that when you’re logging into something that you are, who you, who they think you are, but these tools, oh, go ahead, John.

John (4m 29s):
No, I was going to say going on, I think sometimes people don’t understand that it’s a spectrum and it does affect even small businesses. It’s not, they’re not just targeting, you know, target and the large ones that you’ve seen. They’re looking at even small businesses. These people,

Jeffrey (4m 46s):
I did it all the time. I consider myself a serial, small business owner. And I said it at the beginning. I think I’m susceptible multiple times a day because I have thousands upon thousands of connections online through the radio show, through my different companies. And I’m just, I’m just a spider web for anything that’s searching on the web.

Don (5m 12s):
Well, it’s very true. And you know, the, the problem is they only have to be successful once they’re out there. There’s an estimated 1.5 million people wake up every day and that’s, their job is to hack and with, with the successes that they’ve had, w you know, and then some pretty high profile successes, like the colonial pipeline hack, and which, you know, yielded millions of dollars, even though the, the award got reduced, there was still millions of dollars that were made in this business. So, you know, like any other business that it looks like a, it’s a lucrative thing. You have a lot of people that want to get involved. So not only did that pipeline payoff fund more hacking, but it also encouraged a lot of people who might not have previously been in the business to get in it.

Don (5m 57s):
And the big businesses are getting way more protection. So the little guys haven’t had the money to spend on that protection. They becoming even more target.

Jeffrey (6m 6s):
No, Don, sorry. I get excited about it. I sort of see this as the, like the, the metaphor of the ducks, swimming above the water and the lakes going like this underneath. I think you’re just touching the surface because we’re only hearing about the ones that make the news. I would assume for everyone that makes the news there’s tens of thousands or hundreds of thousands of breaches that we don’t hear about. It’s that frequent,

Don (6m 33s):
Right? There is no question about it. The I’ve had multiple companies contact me who have been hacked. Fortunately none of them have been my client to that point, but they’ve got the exit. What do we do? And here we are now. And of course, it’s kind of like, John, you probably get this in the insurance business. Hey, I just had a loss, but I didn’t have insurance. What can I do? Can you cover me now?

John (6m 55s):
Ironically, the cyber insurance market has had the capacity is limited, and it’s very difficult now to get a new separate policy with all the bells and whistles, unless you have a lot of protection in place, things like the Westpac to be in place. They want to make sure that the company is proactive with their risk management, not just by and a policy, but, but don’t, I’m beyond that. What else does NetCenergy offer and sort of what size clients are you working with?

Don (7m 26s):
That’s it? Oh, thank you. Sorry, Jeff. That Saturday basically covers companies within that 10 to 200 space. And we’ve chosen that niche because it’s an area that, you know, there is some funding available and unfortunately it does cost money to get the full package that we offer. And there are a lot of companies smaller than us that can really focus on that small entrepreneur, but real rarely in that, you know, really 10 is our minimum. And that’s because we put together a whole cadre of tools that we buy at a bulk rate. And then all of our clients basically use the same antivirus tools, the same email filtering tools, the same backup systems that we can actually run their business from the cloud.

Don (8m 16s):
Should there be a disaster? In other words, we can just, if there was even the fire, we could basically have a business up and running and literally an hour with all the data and all of the applications being able to run in the cloud. So unfortunately, those that bundle of tools that we put together does have a certain cost per month. And so our target market tends to be in that space.

John (8m 41s):
There’s a consultant, Boston, Jeff Davis. And he would probably tell you if you’re not an expert on something to outsource it, and you have to wonder why a lot of smaller companies don’t outsource the, it function to get the full breadth of what a company

Jeffrey (8m 56s):
Like NetCenergy. But I just had that discussion yesterday with a client that was complaining that they couldn’t recruit some people full time. And I was like, everybody’s got a recruiting comp, why don’t you outsource this? And they were like, oh no, no, no, our business is unique. And I’m like, yeah, but you can’t find anybody. It’s all idea. Right. Just outsourcing seems to be the big trend. And wouldn’t you agree, Don?

Don (9m 23s):
Absolutely. And you know, we, we use it ourselves. I mean, w we, there were times when, you know, I was finding myself dealing with, we are, we’re a 30 person company, but I was dealing with HR issues and myself. I was, and I, I didn’t know what I didn’t know, you know, so I really needed to, and I can’t keep up with this stuff. The same with marketing, we basically used to try to do our own marketing and outsource that recently, you know, you really have to understand what your mission is and what you’re really good at. And unless you’re really focused on that to get pulled away with these other issues where you’re like, I, I would say that there are some people in organizations, they haven’t hired a tech. Maybe there’s someone who’s kind of a savvy person, but he’s also got a full-time job in the organization.

Don (10m 7s):
I call it impersonating a technician. And, you know, by the time, you know, you spend that extra time trying to learn how to fix something that, you know, some outsource company has seen 10 times yesterday and can do it much more efficiently your costs to, to actually manage your network and manage your, it can be so much lower when you put it in the hands of someone who does it every day and knows what to look out for.

Jeffrey (10m 35s):
Wow. Can you give us one example before you go of somebody who was warned without giving a case and got themselves into a big problem?

Don (10m 45s):
Yeah. I can tell you exactly what happened. It’s really, really ironic. I had gone to a law firm there about a 40 50 person law firm, and they were not happy with their it support company that they currently had. Unfortunately for our industry. That’s not uncommon. And so they, they went to us, we went and provided them a presentation, and they said, you’re about a thousand dollars more a month than we wanted to spend. And so they went away about eight months later, I get a phone call, Hey lunch. So that the managing partners and I, who I’d met eight months prior, sat down at lunch, one of their partners was working late. It was probably eight o’clock in the evening.

Don (11m 25s):
On a Friday night, he got a pop up email from Microsoft that said, you’re infected. You’ve got to click here and let’s get you taken care of her call here. I think it was a call. So he picked up the phone, he called Microsoft. And so they said, well, here’s what we can do. We can get you cleaned up here, point your browser to here. So, and by the way, when anybody asks you to go to this website and click on approve, you know, that’s what they’re doing. They’re taking over your computer. And that’s what this hacker did took over this lawyer’s computer and set, put, put ransomware into the, into their system. And so here is the entire database, all the, and one of the things this law firm had done wrong, which unfortunately happens a lot is they had, they had a real estate division.

Don (12m 16s):
They had a, you know, IP division. They had all these divisions of law lawyers.

Jeffrey (12m 21s):
It’s a full offer.

Don (12m 23s):
Exactly. So what happened was what you can do and what you should do is you should limit the real estate. People shouldn’t have access to the IP information. So there was none of that sort of no walls. Exactly, exactly. So what happened was they got the whole enchilada and unfortunately it costs them hundreds of thousands of dollars, a thousand dollars a month paled in comparison to what they ended up paying. I’m sorry,

John (12m 51s):
Bitcoin, do they have to pay Bitcoin?

Don (12m 52s):
They had to pay Bitcoin. They had, and you can’t believe that one of their clients was, was a bank and what they wanted them to do in order to keep their business and implement was enterprise level stuff. And we actually got engaged. They hired us. We went to the bank, we showed them what our program was. And they were able to avoid some of the more costly things that the bank felt they needed to have in place, given the fact that they were

John (13m 20s):
And, and go on, that’s something else you should tell clients when now singing in these risk transfer agreements and people don’t read them closely. A lot of agreements now include cyber liability, both protections and insurance requirements. These clients just sign stuff. And then after the fact, read it and say, wait a minute, I was supposed to have 5 million of this and do this and not do that. And they don’t read it.

Don (13m 44s):
We were asking, wanted us to do a security assessment and backdated.

Jeffrey (13m 48s):
You know, a lot of these privately owned companies, partnerships, they’ve never worked, let’s say in big corporations and learned what I would call proper organizational controls and, and security and professional standards. And their standards are developed within their own organization, which are much more subjective. And I see it every day, how susceptible these entrepreneurs and leaders are too many factors, not just cybersecurity, Don. I love listening to you. And I hope that John brings you back because he’s in control of these segments. If someone wants to learn more about you, Don Nokes principle a NetCenergy, how would they find you

Don (14m 28s):
Basically going to www dot NetCenergy dot com and it’s any TC, and then the word energy.com NetCenergy dot com. You know, Dan Sharlin, my co-founder and business partner, and myself started this with just three of us, you know, back in 18 years ago, now this month. And so we’ve got about 30 folks end up, we have a very good client base that we, and we’re not trying to get huge. We want to be able to take care of our customers. And you know, it doesn’t have to cost a fortune and buying it’s less than the cost of having a full-time it person to have a full coverage organization. So, yeah. Check us out. Www dot NetCenergy dot com.

Jeffrey (15m 5s):
That was a no, no full proof close because you made it easy for all of us. John Dustin, JED Insurance, someone’s looking for you. How do they find you

John (15m 19s):
John dot Dustin at JED Insurance dot com or at www JED Insurance star comma by phone five a week five, four, three, one oh six seven.

Jeffrey (15m 31s):
Great. Thanks for being on the show, guys. I look forward to speaking to you again, have a great time for the rest of the summer and good luck in the fall and remind everybody, this is Radio Entrepreneurs.