SBJ logo

YOUR BUSINESS AUTHORITY

Springfield, MO

Log in Subscribe

From left: Andy Whaley, Kevin Waterland and Chelsey Bode
Heather Mosley | SBJ
From left: Andy Whaley, Kevin Waterland and Chelsey Bode

CEO Roundtable: Technology

Posted online

Springfield Business Journal Executive Editor Christine Temple discusses the technology industry with managed service provider executives Chelsey Bode, CEO of Pearson-Kelly Technology; Kevin Waterland, general manager and co-owner of Pitt Technology Group LLC; and Andy Whaley, chief growth officer at JMark Business Solutions Inc.

Christine Temple: Cyberattacks are not a matter of if, but when. What should companies be doing now to prepare for that inevitable unfortunate event?
Chelsey Bode: You have to have a game plan for when it occurs. It’s kind of like learning the rules to a game and trying to show up to game day without ever practicing. Incident response plans are what a company should be very familiar with. In our opinion, it’s not just about what you have on paper; it’s about making sure that the leadership and executive team are all on the same page for what needs to happen and that is also communicated to the entire workforce. Then you practice it, at a minimum of one time a year because you’re going to start seeing gaps.
Andy Whaley: We recommend leadership teams do a roundtable exercise, just to think through what it would look like if you get noticed at 10 p.m. on a Friday night. Just like Chelsey was saying, what’s the game plan? How can you “roundtable” that scenario and know exactly what your strategy is? What’s your first phone call?
Kevin Waterland: One thing I would add to that is finding a cybersecurity vendor that specializes in cybersecurity and engaging them to help them create your incident response plan, so that some of those key technical pieces are done quickly and you know about them ahead of time. One thing that gets left out a lot of times is if you just “checkbox” what the insurance company tells you to do and create a cybersecurity incident response plan, you leave out some of the more technical aspects of it. We need to make sure that we remove the internet connection; we need to make sure we’re doing the following things with the software. The security company oftentimes will have the expertise to be able to lead you through that.
Temple: When this kind of drill happens, where does the IT company come in? Are you guys the first call?
Waterland: I would say third. You call the insurance company, your attorney and then me.
Bode: Insurance is a big part of it. When you’re protecting yourself, it’s becoming harder and harder, and insurance companies aren’t tolerating some of the subpar performances of companies that they used to. A lot of companies are finding themselves where they aren’t buttoned up enough to even qualify for insurance or get renewed for cyber insurance. But having that insurance and knowing how it works and when to contact them – sometimes you can actually kick yourself out of being covered by contacting them at the wrong time. To your question, it’s a little different for every company. Do you have legal counsel that’s aware of what their role and responsibility is? Do they understand how you anticipate utilizing them? What does the coverage look like?
Whaley: Cyber renewals are not as easy as they were one or two years ago. It is absolutely worth the time to go through that with a fine-tooth comb and find out all the little things that maybe weren’t there two years ago in the paperwork.
Temple: What are some of the things that are tripping people up with coverage?
Waterland: Surprisingly, we still run into customers who don’t have two-factor authentication. Everything that is going to need to be secured needs to be behind two-factor authentication. We’re finding that a lot of people are surprised by that.
Bode: Sometimes they don’t understand and they just want things to be easy and operable and they don’t understand the implications of looking at things from a security landscape as well as an operational landscape and having those two really marry each other, if you will. Why I see companies not getting qualified is because they would go through and check a lot of boxes, because of the lack of education, most of which weren’t ever working with a managed service provider. They were maybe doing it internally. Well, the insurance company would say, “Cool, here’s your coverage.” And they lost their shirts in the last couple of years. So, now they’re saying, “Cool, you checked all the boxes. Now where’s your backup? Prove it. You say that you have these policies; show us how they are being enforced.” I think having to show their work is really what’s tripping a lot of these organizations up.
Temple: How many of your clients have had an attack in the last year?
Waterland: I don’t think we have a client that hasn’t seen some type of cybersecurity event at some point in the past. But the magnitude of those vary, quite a bit. We’ve had customers who’ve seen really bad days, almost business-ending events, because of cybersecurity. Then we’ve had customers that have had a virus. Those are not really that big of a deal.
Temple: Are those nearly business-ending events becoming more common?
Waterland: I think that it happened in a different way 10 years ago than it happens now. It’s probably about the same as far as the quantity of these events happening, but I will say, early COVID, we saw a major spike, just across the board with every customer. We also saw a lot of news coming out of different places where vendors like us were being attacked and then our infrastructure being leveraged to attack our customers.
Whaley: It was around this time two years ago that it almost seemed like a doubled amount of attempts from a cyber standpoint.
Temple: It’s a vulnerable time for a lot of businesses.
Whaley: It is. Then we introduced this whole thing called hybrid workspace and work from home. So, you start creating these events where you have employees with computers tied to the network on their home networks or all these scenarios where there’s no established security policies for it. Then you open yourself up to a lot of vulnerability that companies had just not experienced before.
Bode: It also becomes difficult to quantify the actual number because publicly traded companies have to report it. Regulated verticals have to report certain things, but most of the private companies don’t want people to know and they don’t have to report it. We are seeing a bigger push for regulation in different verticals that aren’t necessarily as regulated today. A lot of times it’s sad because small- to medium-size businesses think that they’re going to be able to run from it and it’s not going to affect them, because they’re not hearing about it from their peers for a reason. It’s also a bigger financial hit when you’re small to medium size, and that makes it more challenging to quantify. I think that the national statistic was that it was more than two times in 2021 what we saw pre-COVID.

Service lines
Temple: Where have you increased services in recent years? What are customers needing more assistance with?
Waterland: I think across the board, anything related to technology. It used to be you’ll have a new building being built by your general contractor; they’d come in, they’d build it and they’d hire out your electrical contractor and an electrical contractor would hire out your low-voltage person. And that was kind of done outside of the IT realm. We’re finding that we are involved from step one now. They’ve got to plan where to put the TVs and how to get the technology in place for that. They’re starting to consider it as one of the top priorities now.
Bode: I’d imagine video conferencing is super hot for y’all. Because of just the need for it to work. There’s more hybrid meetings taking place where you’ve got three virtual and 10 in person. We don’t do audio/visual; we’ll do remedial type of conference rooms, but sometimes I get jealous that we don’t play in that arena with some of the change that’s coming. For us, we’d love to have a more robust security offering. We have security analysts on staff and a couple chief information security officers. It’s a very specialized, high-level certification that most companies in this market cannot afford to have on staff. Aligning with a company like one of ours, they get access to a more specialized, deeper bench, if you will, than what they sometimes would have the luxury to have on staff. Unfortunately, the East and West coasts kind of understand things a little bit faster than us. While the need is there, it’s not necessarily something that we’re getting to be as strong in as what we would like. So right now, we’re selling a lot of security tools and kind of these little ad hoc best practices, policy writing, trying to focus on things that are going to help them crawl and then hopefully walk – and hopefully we get to have that running conversation at some point.
Whaley: Besides our fully managed service product, we have been working to continue to mature our security product for clients. We also do have an audio/visual system that we make available for clients, but we don’t sell that to the public. As you can imagine with hybrid meetings and sending people home, we had a lot of clients week one saying, “We don’t have anyone in the office except a few people, and we need to figure out how to do this whole thing well.” There was a lot of focus around how do we help you figure out, from a security standpoint, what that means for you. How can we help you with video conferencing? What kind of systems do you need in place for the skeleton crew that’s actually in the office to be able to look at a monitor [and] have the video camera, have the audio that actually works? How do you create a seamless experience for the clients in all those different scenarios?

Internet of things
Temple: With the internet of things is, do you have a good explanation for this type of connectivity? And how can businesses harness it for efficiency?
Waterland: My definition of the internet of things is kind of fluid. I think it’s used as a marketing term a lot of times, set to capture a lot of things. We used to have cloud-managed devices, which used to be the big trend. Everything had to be on the cloud. Then those devices started communicating, rather than going through the internet to the cloud, and started communicating locally, as well, to save some bandwidth. That to me is the best delineation point between internet of things and cloud-managed devices. If you’re communicating locally on the network, too, and gathering data and creating a kind of inter-network inside of your company, that is the internet of things for me. It’s primarily used for data collection. A great example I’ve seen used very successfully is monitoring for environmental changes. I’ve worked with several large clients that have warehouses, and it used to be that they would quite literally have someone walk around and check the temperature. Then eventually it migrated to a communication-like radio frequency for these sensors to communicate back to somebody, who could then manually write down the temperature and they could send that report off. It’s to the point now where every one of those sensors can communicate to each other. You can put them anywhere in the building; they’ll automatically report back through the internet to a centralized dashboard.
Bode: For me, it’s considered a concept – when you think about your smart refrigerator and your Ring doorbell that integrates back. My kids can see somebody ringing the doorbell from our refrigerator and talk to them. You’re alerted when the laundry is done, as opposed to manually going over and checking to see because you heard a buzzer. It’s taking all of that data and automating that information so that you can work more efficiently and have some of the data points to look for trends. It’s really just the same thing just moved over to the business world. However, if not rolled out and implemented and understood, the implications on the security aspect – it goes back to our first conversation – you can also get yourself into hot water pretty fast with opening yourself up to vulnerabilities.
Temple: Because everything that’s connected to the internet is a way for someone to get in.
Bode: Right. Pathways.
Temple: Do you have those strategic conversations on what makes sense for business efficiencies as it relates to technology?
Bode: Certainly, our goal is to have that strategic conversation because we find that the clients that work with us best value technology. They want to have a roadmap in place, and they’re willing to be educated in some areas that they haven’t been before. When you’re not using a managed service provider, it’s kind of like ... going to a personal injury attorney and telling them that you need help with your divorce. It doesn’t work like that. When we don’t have those strategic conversations so that we can point to their business objectives, then it is looked at as just a cost center.
Whaley: On the internet of things, I just think of how devices connect to the internet, how they talk. There’s a lot of verticals that we work with, like manufacturing for instance. They have a lot of their robots on the manufacturing floor, those cutting devices. They’re all connected. There are so many more strategic conversations that can be had in regards to how they’re efficiently using all of those devices that are communicating through the internet. We do have, whether it’s health care, manufacturing or other verticals, those strategic conversations. But then after that, how can you innovate?
Bode: Set business goals, too. Maybe you’re 64, and your dream is to retire and sell at 65. You probably are going to want a fat bottom line and not be spending money on new tech. There’s a strategy to that. If you’re looking to acquire five new companies in the next year, we need to be having that conversation so that they can be methodical early. The more that we have that intel, it just continues to make that strategic conversation that much stronger.
Waterland: We certainly sit down and plan with our customers their IT budgets, the technology budgets. I think the most common way we could engage on these things is a customer will have an idea, an efficiency that they want to accomplish a project, and they’ll come to us and say, “We want to be able to see the temperature in every single one of our sites, 24/7, anytime we want on a cloud dashboard.” Then, of course, we would work with them to come up with that. A lot of times just making them aware that this technology exists is enough that it’ll start gear-spinning a little bit and they can kind of come up with some of the ideas. We also have an in-house software development team. We can connect some of those things together that are not normally connected.

Tech talent
Temple: Talent is in short supply, but the tech market is hot. Do you engage with local colleges on talent? And what is driving people into the industry?
Whaley: Just this last week I met a student from (Missouri State University), and she’s getting her degree in interactive technology with a focus on cyber. I literally said, “Thank you. Good for you because this is not going away.” I’m excited that I’ve met some people, a lot of people even lately, who are interested in cybersecurity, and that’s why high school kids want to go into college to study that.
Bode: When it comes to recruiting, we do collaborate with the local universities and want to be present, want to be somebody that they’re thinking of or offer shadowing opportunities so that as they try to figure out which path they want to go down, we hopefully are giving back a little bit in that way. We’ve been burned a little bit by getting people right out of school. Just churning them a little faster than others because you either are wired to work in a managed service provider where you’re getting to work in multiple environments in different businesses and you either love that and you need that excitement and you get bored fast and you want to learn new things and you want to meet new people, or that is the most horrific thing you could ever think of and you want to go internal and you want to work just with Christine all day, every day. It’s a different dance. We kind of look for them to go and maybe have some of these realizations before we try to snag them, if we can. We’re no different than the rest of the world; it’s hard to hire right now. Our cost of living is really great in Springfield. Not only that, but they also know that we’ve got a lot of really talented people, and so you can get your Boston and Silicon Valley firms able to hire our people, save 25% or more on what they’ve historically had to hire at, where it’s doubling what Springfield can pay. It also opens up opportunities for us. I would personally rather hire locals, but if there are some small communities that have talent that we can also capitalize on doing the same thing to a smaller degree.
Whaley: What you just said is one of the biggest threats of 417. We have amazing talent that we’ve had for years and years, and more and more they are getting snagged up by these coastal companies that are able to pay; they’re walking out the door with a 50% increase and all kinds of flexibility and a lot of perks that it’s really hard to compete with. That’s way beyond the managed service provider space.
Waterland: In the software development world, it is absolutely nuts how many people get offered out of college six figure jobs just with very limited experience, even into local offices. They just bring the tech talent to this office, they keep tabs on them there, give them a significant raise and they’re based out of Boston. It’s just hard to compete with those. We’ve partnered with The Geek Foundation locally, which does training for women and minorities and try to bring them into the tech industry. Then we’ve worked with Springfield Tech Council quite a bit and tried to do recruiting efforts. One of our biggest challenges has been when we bring these people in and we train them, they leave. They love working for us. The style of what we do is just different from what an internal IT job is. You’ll find that a lot of these best employees are people who are perfectionists: I’m going to build my network solid; it’s going to be perfectly secure, and it’s going to be exactly the same. And I’m going to manage it every day, and if something breaks, I’m going to fix it. That’s not what we do. We do that for 200 clients at a time. When they go into one environment, it’s slightly different from this environment. You’ll find that 1 out of 5 people love it, and the rest of them do not.
Temple: What’s the earning potential at your firms?
Waterland: It’s all over the map, but, I could go probably $40,000 to $90,000, just in a normal IT job in my industry. That’s a big range, and that’s because it depends on what they do.

Excerpts by Executive Editor Christine Temple, ctemple@sbj.net, and Researcher Karen Bliss, lists@sbj.net.

More from SBJ Daily Update

Flora Farms aims at May opening for Hollister dispensary

Comments

No comments on this story |
Please log in to add your comment

Other stories that may interest you

CEO Roundtable: Homebuilders

CEO Roundtable: Technology

CEO Roundtable: Economic Development

CEO Roundtable: Branding & Marketing

CEO Roundtable: Commercial Construction

CEO Roundtable: Private Education

CEO Roundtable: Financial Advisers

CEO Roundtable: Commercial Real Estate & Development

Advanced search
Editors' Pick
Opinion: The transformation of business  

Guest columnist Donnie Brawner says many entrepreneurs stray from their original business ventures, which is often a recipe for success.

Most Read

Wash U School of Medicine settles lawsuit with Justice Department

Cinemark sued over drink cup size

Report: Caitlin Clark entering $28M deal with Nike

Monday Morning Business Leads: April 22, 2024

'Civil War' stays on top at box office

The Digital Edition from SBJ

2024 Men of the Year

SBJ.net Poll
Does parking availability impact your decision to visit downtown Springfield?

*

View results

© 2024, Springfield Business Journal, Springfield, Missouri. All Rights Reserved.
Powered by Creative Circle Media Solutions
Update cookies preferences