Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

MSP Spotlights, News & Articles

February 21, 2024 | Ann Westerheim

Peer to Peer: Ekaru’s Ann Westerheim Shares Tips on How to Talk About Cybersecurity

Westerheim says when customers hesitate to invest in cybersecurity, telling a compelling story can make the difference.

One of the biggest challenges cybersecurity professionals face is talking to clients about the threats they’re exposed to without instilling fear.

When you start describing how bad actors exploit organizations, you risk overwhelming business owners to the point that they don’t even want to think about it, let alone take action. Our goal, therefore, is to present reality in a way that drives clients to do the smart, affordable things that will tip the protection scale in their favor.

Opening the Cybersecurity Discussion

From our perspective, ransomware is the biggest threat to SMBs. But when it comes to protecting them against ransomware, many small business owners have a false sense of security. Because it’s the large enterprises that make headlines when they fall victim to a breach, it’s easy to conclude that the bad actors limit their victim pool to organizations with the financial resources to make the big payouts.

Ann Westerheim of Ekaru LLC

Ann Westerheim

However, as anyone working in cybersecurity knows, attackers are indiscriminate. The ransomware kits they procure on the dark web automate the process, and they don’t even know who is clicking on their phishing links. Attackers are highly aware, however, that they can make a great deal of money— even from SMBs. Small businesses may not have deep pockets, but if you attack enough of them, you can reap considerable returns.

That is the first concept we try to help our SMB clients understand. We emphasize that without the right protections in place, they run the risk of seriously compromising their organizations. When a breach occurs, small businesses have a much harder time rebuilding trust when client data has been stolen. As we all know, many SMB victims of ransomware wind up having to close their doors for good.

The best way to convey this message, we have found, is through storytelling. For example, we might talk about a small business whose employee spent an hour trying to override security to open a message from a high-profile data and analytics firm. The message turned out to be fake, delivering ransomware to the company’s network.

Artificial Intelligence also is a component of these conversations, especially with AI making headlines daily. We explain to clients that AI enables us to be much more efficient at threat detection and analysis. But we also express how bad actors take advantage of it to automate the process of scraping information from social networks and company websites to develop compelling phishing emails.

Again, our goal is not to scare our clients into buying as many services as we can sell. Fear, as I mentioned, can paralyze people into inaction. But we do want to make our SMB clients aware of the risks that are out there and help them make informed decisions.

How Cyber Insurance Comes Into Play

Another subject we explore with clients is cyber insurance. Until recently, policies were relatively easy to purchase for minimal coverage and SMBs weren’t required to have a strong security posture. As the threat landscape has evolved, however, insurers have narrowed the window of eligibility.

At Ekaru, we have seen policy application forms that are five pages long — sometimes longer — listing a comprehensive set of requirements businesses must fulfill to be eligible for coverage. We believe that our SMB clients ought to have cyber insurance against existing threats, and they won’t be insurable if they’re not taking ongoing steps to make their environments secure.

Framing the Cybersecurity Discussion

As a technology enthusiast, I love getting into the weeds about all things tech. While this is fine when I’m conversing with a peer, it’s not how I want to frame the conversation about cybersecurity that I’m going to have with an SMB client.

The goal is to help business leaders understand what they’re protecting their organizations from and how threats can impact their business. And, of course, reassure them that they’re in good hands. They don’t have to become cybersecurity experts — that’s our job.

Our clients are running really amazing, successful businesses. While we are experts in our field, these are accomplished entrepreneurs who are top performers in theirs. To have meaningful conversations about cybersecurity with these folks, we need to treat them with the respect they deserve.


ANN WESTERHEIM, PhD

Founder & President, Ekaru LLC and author of “Cybersecurity for Main Street: Cyber Fit in 21 Days”

  • Founded: 2001
  • Location: Westford, MA
  • No. of employees: 17
  • Website: ekaru.com
  • Company focus: We provide enterprise-class IT and cybersecurity services to small and medium-sized businesses.
  • Professional memberships: CompTIA, IEEE, Women in Cybersecurity, Society of Women Engineers
  • Recommended book: “Chip War” by Chris Miller — a great history of the computer chip industry, and how the complexity of design and manufacturing make bringing production back home to the U.S. not a simple task.
  • Favorite part of my job: Learning something new every day
  • Least favorite part: When details slip through the cracks
  • What people would be surprised to know about me: I have a 1,150-day streak of Norwegian lessons on Duolingo

Related MSP Spotlights, News & Articles

Growing the MSP

Editor’s Choice


Explore ChannelPro

Events

Reach Our Audience