Episode 64: Cyber Security 101 for the Small Business Owner - Business Bites

Cyber Security 101 for the Small Business Owner

Episode 64 on the Business Bites Podcast

The Gist Of It: We’ve all heard the news stories about data breaches at large companies. If it can happen to them, what about the little guys like you and me – what can we do to prevent it from happening to us? Join Rachel and Adam Anderson to learn some simple things you can implement right now to protect your small business from cyber criminals.

What you will learn:

  • What cybersecurity entails
  • How you can teach your employees about cyber risks
  • What to look for in cybersecurity insurance
  • Things you can implement now to protect your and your clients’ information
  • and more!

Expand To Read Episode Transcripts

RACHEL: Hey, guys, welcome to this episode of The Business Bites Podcast. I am your host, Rachel Brenke and today we’re going to be talking about cyber security for the small business owner. The guest that we have on is incredible with the amount of information and checklists that you will need to dig in to.

Adam Anderson is a long-time small business owner who also happens to be one of the leading authorities on small business cyber security. He is a serial entrepreneur, much like myself. He is also an author, he’s written several books on cyber security and cyber crime to help you guys understand and navigate the digital world. He is on a mission, today and all the time, to help fellow small business owners like you guys find the answer to the question, “Should I even care about cyber security?”

In his newest book, The Monster Within, it shows business owners that cyber security isn’t something reserved just for the nerds in Silicon Valley; we all have a stake in this. Whether or not you’re doing this part-time, full-time, all of the time, this is something you guys need.

Okay. Alright, so welcome to the show. Thank you so much for bringing this important information on cyber security to many small business owners who don’t really understand how important it is. Do you want to go ahead and share a little bit about yourself and kind of how you even got into this field?

ADAM: Yeah, Rachel, thanks for having me on. I totally love this field. No, that’s not true. I don’t love this field, because people never want to talk to me at parties.

RACHEL: Yeah, we have something in common. I’m a lawyer.

ADAM: Yeah, exactly. I like to tell people, I’m an entrepreneur. And then I say, “Oh, but in cyber security,” and then all the party stops. So, kind of how I fell into all this is I used to work for IBM. I had a 18-hour layover in Montgomery, Alabama, and I said, “I’m never going to do this for anyone else, ever again.” If you’ve ever been to the airport in Montgomery, Alabama, you might resonate and empathize where I’m coming from.

But eventually, I fired myself from my cyber security company. I put it under management and I started to do a passion project. That passion project was why are these big companies getting hacked through their supply chain with little companies? I fell in love with how do we move the needle on cyber security for small businesses, not just these major corporations?

RACHEL: You know what? I love that. Because my whole premise of when I talk to my audience and to my clients is this idea of prevention as opposed to clean up on aisle four later on, because that ends up costing a lot of time, money, and energy. And then they’re stuck dealing with people like me or people like you trying to fix things. And without sounding cliché, once the cat is out of the bag, once she’s been hacked, once your customer data has been revealed, you lose the confidence your consumers have in you and it’s really hard to get that back.

I’m glad that you’ve adjusted the focus to small business owners. I’ve talked about this in other episodes, guys, so you’ve probably heard this. But over the last decade, just look at the onslaught of online businesses that have exploded. The barrier to entry to have an online presence is extremely low. There’s so many systems available out there, but that doesn’t mean that we should put our blind confidence in all these other systems or all these other setups and structures. You guys have the responsibility to really make sure that you’re doing the things right. On that note, though, if you could go back in time to your very first business with this, and I know it’s a little cheating because you kind of were already in the field, but what would you tell yourself or change when it comes to cyber security?

ADAM: Well, the very first thing I would do is remind myself that cyber security is all about limiting and lowering liability, not about keeping the bad guys out. I spent a lot of time wasting money, time, and resources trying to build a cyber fortress when my employees would just let them in by clicking on a link. So, I think the really big thing for me is, it’s a behavioral science problem, not a computer science problem. That means you got to really focus on your employees and your behavior. I think the statistic is 75% of all employees will do something cyber risky behavior wise, like once a week. It’s terrifying.

RACHEL: That is scary. The thing is, I think that sometimes as the CEO, as the owner, the one in control, we educate ourselves on things like legalities or cyber security, and we forget that we need to share that with our employees. Many small business owners that I run into when we’re looking at, like you’re talking about limiting liability or reducing it, they don’t even have employee handbooks for the most basic things. They don’t even have educational resources. So, how would you recommend that the, let’s just say CEO, that the head person is disseminating this information? How should they do that to well equip their employees to make sure they’re not doing this to them?

ADAM: Well, so the first thing you should not do is get everybody into a room with a wonderful PowerPoint presentation, or bringing a guest speaker, or do any of that kind of stuff. Because that kind of training is great to raise awareness, but it doesn’t work over time. The thing that I really love is that there are products out there that will send fake cyber-attacks at your employees, like a phishing email attack or a text message. And if they click on it, they go to a three-minute training video.

RACHEL: I love it.


So, it’s on demand training for your worst actors, and it’s continuous and ongoing. I think the last time I did a price check was like 16 bucks a person a year.

RACHEL: That’s so worth it.

ADAM: Right? And so, there’s a lot of software products out there like that. The one that I’ve used in the past for the large corporations is PhishMe, but that’s probably not the right one for a small business. So, I would do some shopping.

RACHEL: So, you’re saying roughly, we’re looking $16, $20 per employee. That is a really low-cost investment for any education, especially one this important. So, let’s kind of look at the inverse. How much do you believe that a business owner could lose? It doesn’t have to be monetary, but what could they lose by having the cyber security risks in their business?

ADAM: Okay, well, I’ll be the boogeyman now and say, they’ll lose everything.

RACHEL: Everything.

ADAM: Your business is going. Oh, my God, the sky is falling. But honestly, it’s more of a disruption in your business and thousands and thousands of dollars. And if you’re not prepared, then it costs even more. If you bring a forensic investigating team in … Well, actually the first thing is most small businesses have no idea who to call, right? Something goes wrong, they’re stuck and they’re losing time. I had a buddy in Ohio, his controller for his manufacturing, the controller computer got hit with Ransomware, and was down for three days. His line could not move.

The very first thing he had to do is figure out what a Bitcoin was so he could pay the ransom. And I was like, “No, never pay the ransom. You’re on a list, and they don’t know how to fix your computer. They’re good at breaking stuff brother, not fixing them.”

RACHEL: I know that from watching TV shows.

ADAM: Right? Come on. So, he was down for I guess three days and he did some back the napkin kind of work, and he said it cost them about $42,000 all said and done by the time he was finished. And that’s a entry level employee’s salary for a year.

RACHEL: Yeah. And that’s just the monetary cost of dealing with this. That’s not even the time and the energy and the mind space that you guys will have to take away from your business, from your families, from any other personal hobbies that you may have, because you’re going to be stressed out when it comes to something like this. So, it’s going to impede all facets of your life no matter how good I think you are separating life and business.

I know that from a legal standpoint. We will get phone calls much like what you just said, “Oh my gosh, this happened. Now, what do we do?” It’s interesting how many small business owners don’t even think about this. So, again, I’m going to thank you for coming on to bring this to … Maybe they can learn from the lessons that you’ve seen happen. You just gave the one story about how it could be like $42,000, and obviously that’s going to be give or take, depending on the circumstances. But do you have a scary story? Because I have no problem scaring my audience. That’s what I’m here for to keep them out of trouble. A scary story maybe for a really small business owner. We’re thinking more like solo or one or two employees, or independent contractors.

ADAM: Yeah. Let’s pick on lawyers since we’ve been talking about you guys. So, I have a lawyer buddy.

RACHEL: We’re used to it.

ADAM: I know. You know what? We had a lawyer show up at a conference once, he looked lonely, I became his friend. It’s been ongoing ever since. Lawyers are people, too.

RACHEL: Be careful, they’ll bill every time you call.

ADAM: I know, even if it’s for social reasons. I get it. So, my buddy, his point of sales got hit. He’s like a small firm. I think it’s him and an aide, and he’s running everything through an online point of sale. So, you can bill credit cards. The bad guys got his administrative username and password and got access to his point of sale. Now they couldn’t see the credit cards, but they sure could bill all the credit cards he had on file. Since they had administrative access, they changed where that money went, to throw away debit cards.

One morning, he woke up to a lot of nasty phone calls. “Why did you just build me $10,000?” And they build every single one of his clients. Now, here’s the cool thing. This cat was smart. He had cyber security insurance.

RACHEL: I was going to ask you that.

ADAM: That was the difference between him going out of business. And by the way, his clients love him now, because they all got their money back. It was still three months of disruption where he had to work with the FBI, and think of what that means for your business. If you are a CPA and this happened during tax season, you’re done. You’re absolutely out of business.

RACHEL: Yeah. And if you’re working with the FBI depending on what type of lawyer you are, your clients might get a little antsy about that.

ADAM: Maybe. You may be right. Yeah.

RACHEL: Well, I’m glad you bring up the cyber insurance. I’ve talked about it in past episodes. More in line with the GDPR regulations and all that that came out and made everyone run around like a chicken with her head cut off. But the premise of me sharing that, since the majority of my audience is United States based anyways, and a lot of them are not marketing overseas, I was still telling them that a lot of the regulations in GDPR are a really good business. You need to have these sort of data breach type things in place anyways. I want to touch on that in one second, kind of the development of a policy. But as far as insurance, what should the small business owners look for when they call insurance companies? Not that I don’t trust the insurance companies, but I think that there’s great power in these small business owners being able to say, “I’m looking for X, Y and Z, does your policy cover this?

Because one of the problems that I see as an attorney, when people are having issues, they will say, “Well, I bought the insurance policy.” I’ll ask what their coverage is, and they kind of look at me like deer in headlights. They don’t really know what’s included. So, what would you recommend on that?

Adam: Most of the time, if you do not have cyber security insurance at this time, you are not protected. Most people are like, “Hey, my E&O or my other kind of liability reducing policies are going to cover this.” And it absolutely does not. So, what you go and do, if you are not working with a cyber security insurance salesperson who will talk to you about your business and find out exactly what you’re doing and then write up the policy for you and you’re just filling out a form letter, you’re at risk.

The second thing you want to look at is are they providing a disaster recovery team? I don’t want cyber security insurance because I want money. I want them because I want a solution, and that solution is getting me back to normal. And so, these policies should come with a cyber security lawyer, a PR person, a forensic investigator, and a systems admin, who can all get together and work on your case and get you back in business as fast as possible.

RACHEL: You said something in there about them providing a lawyer, because the fees can get very big very fast. And we still will sometimes supplement and come in and help small business owners. Even if they already have a cyber security lawyer, we may be on the other side going, “Well, now’s the time for you to really look at the other pitfalls and holes that you may have going on.” And we have seen cases where the insurance company and cyber security insurance policy has paid us to help them get further protected, because it was all arising out of that one issue. And so, I share that with you guys listening to say that for all these reasons, like Adam just outlined, but also to know that it’s not just a one-time data breach or a one-time cyber security issue. It can force you to have to end up spending extra money and funds in order to get all your stuff in order.

You said something in there that I wanted to touch on. The data breach policies. Actually, let’s get basic for one second and kind of define what a data breach is in the context of maybe let’s say we have individuals out there with WordPress sites and they’re using WooCommerce, or other online platforms. Maybe design the story for them to understand how a data breach can occur with that. And then we’ve kind of already outlined that you’d be able to reach into an insurance policy or to get all these different players to help you, but what is the step to even get there?

ADAM: Yeah, so I’m going to change it from maybe data breach to just plain old cybercrime. Because data breaches kind of ambiguous. What does that mean? Did someone see something they shouldn’t have? Did somebody have access, but did they do anything with it? So, the cybercrime is when somebody uses a digital format or a digital way to attack you and get access to something you don’t want them to have. And then, they can either leave something behind that lets them modify something, or they then grab something they’re not supposed to.

Like for example, the Cambridge Analytica with Facebook. That wasn’t a data breach. Everything worked exactly as it was supposed to. It was a policy breach. So, when you’re thinking about cybercrime, you go to like a WooCommerce and somebody is trying to disrupt your business through some kind of nefarious means. Disruption means you can’t take money with WooCommerce, or they’re redirecting where the money’s going, or they’re siphoning something off and you have no idea what’s going on. To me, the big scary thing in all of this is you have no idea if you’ve been breached.

RACHEL: How would you go about making sure you do know? Are there things that you can put into play to monitor this sort of stuff?

ADAM: Yes. But unfortunately, what most people will do is go off and buy some fancy firewall or some software. And they’ll buy the illusion of security, right? They’re like, “Yeah, I’ve spent money and I installed it. And it was somewhat painful. So, it must be working.” But when you get right down to it, this is where the magic happens. It’s you have to understand how your business processes work, and then have checks and balances throughout that business process.

Let me rephrase that in a maybe easier way to comprehend. So, a business’s job is to produce some result that’s maybe profit with a purpose of your impact on [inaudible 00:15:43] or revenue generating, or accomplishing some kind of mission. And it’s made up of all these business systems and all these business processes. These are things we’re really comfortable as business owners looking at. Yeah, I understand payroll and here’s the things I have to do. Well, you set policies and say, “Only these people are allowed to touch WooCommerce. Only these people are allowed to do these things in there.” And then cyber security is the technology you apply on top of your policies. Those technologies should be able to send your reports. Those reports are the things that you’re going to look at.

RACHEL: And that’s the thing. It is a way more simplistic way for you to explain it. But for someone like me that I know enough to develop a website, but I don’t know the next steps on security. Thankfully, I’m married to someone who does. But for those who don’t have that benefit, how can they go about hiring someone to ensure they know what they’re doing? What are some key things to look for?

ADAM: This is one of the problems. There is an emerging industry that is a chief security officer as a service. But most of the time, what you’re doing is you’re bumping into a managed service provider. The guy who installs your computers, the guys that help you build the website. Their typical response is to provide you the out of the box solutions from a WordPress security, or maybe some additional plugins. Or if you’re using Amazon at the back end, to turn those things on. But they’re typically not cyber security people. And so, the big problem that small business folks have is to hire a chief security officer, a really smart guy, that is expensive.

So, there’s a trend towards part-time fractional chief security officers coming from your accountant. The trend is now go to your CPA and say you already know all about my money. You already know all about how I’m doing taxes. You know a lot about my liabilities. Also, provide me a cyber risk assessment to all of my business, and then plug me into the right vendors. And more and more CPAs are picking that up,

RACHEL: Interesting. See, that’s new. I learned something in this episode. I didn’t know that. Do we need to request some sort of certifications within them? That’s my things. It’s easy for us to be told. Like you were kind of saying, the general person who sets up your website and maintains it may be like, “Yeah, I’ll do the security.” But all they’re doing is the basic stuff. How can we make sure we’re doing the checks and balances on that person, or the qualifying rather?

ADAM: I’m going to say a lot of alphabet soup here. And if I actually knew what any of these letters meant, I would totally tell you. But there’s way too many. The granddaddy is the CISSP. That is the master’s degree, and that’s what folks are looking for. But the government is with the National Institute of Standards and Technology has produced the NIST framework. And now if you say NIST, you sound really smart at dinner parties. So, that’s cool.

RACHEL: Or they say bless you.

ADAM: Yes, bless you, right? You’re like, “No, we’re talking cyber security, not hygiene.”

RACHEL: [laughter] I didn’t sneeze. I’m not sick.

ADAM: If you are talking to people and say, “Are you familiar with this NIST framework? Do you have a CISSP?” The reason why the NIST framework is important is that’s what the government’s going to be using to analyze the supply chain, right? And so, if you’re doing business with the government, you’re going to have to answer those questions anyway.

RACHEL: We have this big picture, we’ve kind of given you guys all this information. I want to just end with a couple of very simplistic things I feel like you can do today. Not that you can’t go out and get your cyber security insurance and look for someone to help manage. But something as simple as using two-factor authentication or sending of storing of passwords, especially if you have a virtual team, what are your tips for those little low hanging fruit so they can stop this podcast and go work on right now?

ADAM: All right. The number one thing you should do is stop logging onto your computer as an administrator. All of the bad—


ADAM: Ransomware hits you … Or let’s say your employee clicks on something they shouldn’t. The thing that’s going to happen is it will immediately install something on your computer. If you are not logged in as an administrator, you no longer have the right to hurt yourself. So, if you make it so your employees have less rights on their machines, they are unable to click on things and install them. Which basically, makes them immune to cybercrime delivered through that kind of link, right? Which is 99% of the problem. So, they stop logging on as administrator, you’ve just really gone ahead of the game. Now, there’s a lot of other things that they can do with social engineering and there’s more defenses that you need to put in place, but these are also easy.

The second thing is turn on automatic updates. Cyber criminals are very lazy. They just use the same attacks over and over again. And so, the folks at Microsoft and Apple or whatever operating system you’re using are really proactive about putting patches out there. Let those patches happen. Let them install. And again, you’re 99% ahead of the game. I love the idea of two factor authentication. Move as much as you can to the cloud. And yeah, Google gets hacked, Microsoft gets hacked. All these guys get hacked. But guess what? They’re still better at it than you are.

And when you’re talking to a customer, and you say, “I did everything I possibly could to keep your stuff safe. I trusted Google. Who else could I trust?” That’s a lot different story than, “Yeah, the server in my shed got hacked.”

RACHEL: Yeah, right?

ADAM: I would basically say those … And then really good backups. Hire a professional to back up your data and help you restore it. Because right now, I cringe when I see people backing things up on thumb drives. At the very least, use like a Google Drive.

RACHEL: Do thumb drives still exist at this point?

ADAM: Right? You have no idea. I see them all over the place. I’m like, “Wait, don’t use those. That’s how the problem happens.” Because we used to social engineer, we’d put viruses on thumb drives and distribute them in the parking lots in front of large corporations and people would be like, “Oh, neat, thumb drive.” And then we would have access.

RACHEL: Oh, my gosh, that’s is so … See, this is why I’m not a criminal because I don’t think about doing that kind of stuff. That’s interesting to me.

All right, so you said something about backups. And then you were also saying by having automatic patching or automatic updates. For somebody, and I have someone who helps manage my website, but I’m still really integrated and involved with updating and keeping on top of all that, since it is a big part of my livelihood. Now, it’s this kind of teeter totter. I want to do the backups and I want to do the updates. So, how often do I do the backups? And do I really want to have automatic updates? Because what if that breaks my website? And I’m being in more of the context of plugins. Kind of going back to that WooCommerce WordPress set up before.

ADAM: With the websites, it’s time to pay to play. It’s too important, you don’t want to break something. If it’s just your laptop, the patches aren’t going to hurt anything. But if you’re running a commerce site, or you’re running a website that is really important to you, it’s time to pay somebody. I’ve got a website, I pay $99 a month. And one person, a smart human being looks at all the security patches, makes sure everything is good, and updates everything for me. I’m paying to play.

RACHEL: You’re more than welcome to share that if you want, and I can stick that in the show notes if you’re charitable.

ADAM: Sure.

RACHEL: What’s their name? The company.

ADAM: Oh, shoot. Modern Traction.

RACHEL: Cool. Good deal. I’ll put that in the show notes for you guys to be able to grab that. Because that for me, like I said, I have an internal cybersecurity individual. I secured him 13 and a half years ago, but not everyone is so lucky. So, I told-

ADAM: Well, and he wants a break too, right?

RACHEL: Well, we try to keep separation of church and state. But this is the thing. This is so important, and I’ve recognized that this has always been important. I didn’t want to just hand it off to the person that maintained my website, because I knew they didn’t have much like what you were talking about. The certifications and the knowledge.

Okay. The major things that we’ve gone over here for cyber security, the seven things that you should do, backups, the automatic patching of all devices, don’t log in as an administrator, train your people about social engineering, two factor authentication, getting that cyber security insurance policy, and then having a plan for when this occurs. Let’s actually just briefly touch on getting a plan for when cybercrime or data breach occurs, and then we’ll send everyone off into cyberspace to figure this all out and take this knowledge and implement it. What would you recommend on developing of a plan?

ADAM: The first two questions on any cyber security insurance policy are, do you have a business continuity plan? And do you have a disaster recovery plan? And so, a business continuity plan is just a list of all the systems and all the processes in your business, what software is used to support them, what data do they touch, and how many humans different humans come into contact with them. And if you can explain all that, you now have yourself set to go through and start purchasing products. Because what folks do, like I said earlier, is you buy stuff to give you the illusion of security, but what we’re trying to do here is do business. I don’t care about cyber security, I care about revenue.

So, a plan is getting to know yourself first. I’ve got a spreadsheet that I can send you guys, you can download it for free. It is just that. It’s a really simple Excel spreadsheet, you fill it out, boom, you get a heat map that says, “This is where you should be paying attention.” And there will be no surprises, but you’ll have a real good starting place. We all know payroll probably is really important. We should focus on that. But it’s difficult to say something like that in a subjective point of view when you don’t have the data to back it up.

So, building the plan and then taking that plan to a managed service provider or some smart cyber security person say, “Hey, I want you to apply the NIST framework or GDRP. I want you to use some kind of methodology and apply that to my business continuity plan.” That gets you a roadmap. The cool thing is, is a roadmap. This is not overnight. You need to approach this with an idea that he wouldn’t be successful with marketing right away. You’re not going to be successful with cyber security anyway, overnight, so give yourself a break. It’s just a business process that you need to do.

RACHEL: From a practical standpoint, too, taking it out of this whole cyber security and cybercrime discussion, having all of these things written down. What if something happens to you? I’ve shared the story in past episodes about I had cancer at the age of 20, and I had to quickly go into surgery and all this kind of stuff. Having this cyber security plan is just a piece of that bigger plan, that big packet. Whether it’s digital or not, for me to be able to hand over to someone else and say, “I was in a car accident. I’m having emergency surgery. Can you please manage all this for me?” You don’t have time to train someone else. And this is especially, especially important.

Well, I guess it’s important even if you’re not a solopreneur. I was going to say, especially if it’s only you. But if you have other team members to manage as well, you need to be able to hand over all that information, all those processes and procedures. And so, this is a really good tangible place for you guys to go and sit down and think about all the systems you’re using, and how you implement that and the data that it holds and all of that that Adam just touched on. So, I encourage you guys. I’m going to put this checklist that we just went over on to the show notes. It’s going to be Episode 64. So, it’s going to be rachelbrenke.com/epi64. I’ll include all of Adams resources as well. He’s got books, he just speaking engagements, so you can hop over to his site, find out where he’s going to be so you can learn more about this.

Even I recognize that this is not that sexy of a topic. I find it interesting, but then again, I find the law interesting. So, that’s not saying much. But we definitely encourage you guys to dig into this, to recognize how important it is. As the internet is growing, as technologies are advancing, so are cyber criminals. They’re going to be ahead of us. They are going to be out there targeting who are the most vulnerable. The most vulnerable are not necessarily going to be the large corporations that have huge amount of money to invest in a cyber security team. It’s going to be the smaller people. The ones like us that are just trying to make a living and support our families. So, definitely dig into this.

Adam, do you have any last tips to leave with them today? Something that can really maybe inspire them to get up and go or strikes some fear a little bit more into them before they go to implement this checklist.

ADAM: Let me talk to all of you who are not going to implement the checklist, because you believe something, right?

RACHEL: Yeah. That’s beautiful.

ADAM: You got three core beliefs. The first one is, you’re not important. The second is, no one’s looking for you. And the third is, you probably can’t do anything to stop them anyway, right? But look, you are important because you have money and they’re not looking for trade secrets anymore. They’re looking to disrupt small business and put you in a position where you write a check. The fact that you are important, meaning that you have money, means they are absolutely looking for you. It doesn’t take a whole lot to fix this, guys. This is a problem that a business person can solve. Not a nerd. You do not need a nerd. You do not need a computer scientist. You need somebody who understands business processes and systems, and knows how to reduce risk.

RACHEL: It really is as simple as that, which I think is easy when we’re sitting here because we’ve implemented this. But honestly, I think this is a subject matter guys, that it sounds overwhelming. But when you just go through the steps, when you get to the other side, you’re going to feel empowered with the information. You’re going to kind of look back and go, “Really? That’s all there was to it?” Because we’re not asking you to find the cybercrime. We’re just asking you to implement things to kind of help prevent that to occur against you.

Again, this is going to be Episode 64 at rachelbrenke.com/epi64. Also, on Apple Podcast, Stitcher, and other options that you can check out also through the website. If you guys have any questions at all, please feel free to reach out to us. I’m going to put all of Adam’s contact information on the show notes page, so you can reach out directly and harass him as much as you need, so you can get the information to help keep your business legally protected. Thank you so much for coming on today. I really appreciate it.

ADAM: Thank you, Rachel. It’s been great fun.

Featured Guest & Resources

Adam Anderson is a long-time small business owner who also happens to be one of the leading authorities on small business cyber security. He is a serial entrepreneur, author, and founder of Element Security Group, a cyber security and education firm focused on the problems unique to small businesses. With over 20 years experience in cyber security and more than a dozen years as a small business owner, Adam can talk to business owners without having to use “tech speak.” Adam’s previous books, Small Business Cyber Security and Built to Survive, have helped to position him as the leading expert in the field. His new book, The Monster Within, takes that knowledge to the next level, helping businesses around the world combat cyber crime. Adam works one on one with business owners to develop cyber security strategic plans, but doesn’t have the time to meet with everyone. To help a larger audience, he writes books and offers self-paced online education courses through his website.  From DFARS (Defense Federal Acquisition Regulation Supplement) in manufacturing and supply chains to protecting your small business from foreign hackers, Adam’s knowledge covers the gamut.

You can find Adam online here:

About the author

Rachel Brenke is a lawyer, author and business consultant. She is currently helping professionals all over the world initiate, strategize and implement strategic business and marketing plans through various mediums of consulting resources and legal direction.

Hi, I’m Rachel Brenke

Rachel Brenke

I hope you are enjoying the Business Bites Podcast.

The goal is to grow your business in 10 minutes an episode.

Don’t put off business education due to lack of time.


Get my free legal biz checklist

Are you listen to the podcast?

Binge Listen To The Business Bites Podcast