Summary Of This Manufacturing eCommerce Success Presentation
Is your manufacturing business taking steps to protect against cybercriminals and remain industry compliant?
If you want to find out ways you can make it harder for cybercriminals to hurt your business and stay compliant with industry requirements, join us for this Manufacturing Ecommerce Success Series where Scott Dawson, President and Co-Founder, Core Business Solutions, Inc., shares how DOD contractors and Small Manufacturers can deploy effective and compliant cybersecurity measures in their businesses.
Scott and the Core Business Solutions team have been developing ISO products and services for over 2 decades. Their experience developing these products and services helps Core Business Solutions clients achieve a 100% certification rate.
Core Business Solutions supports businesses through consulting, training, document creation, and software tools for ISO 9001, ISO 27001, ISO 14001, ISO 13485, ISO 45001, AS9100, CMMI, CMMC and other management system standards.
Core Business Solutions provides a wealth of resources for business about topics around ISO standards compliance and cybersecurity.
B2Btail – Stop Being the Best Kept Secret! Click here for more resources and guides.
Get Your FREE SEO Report
You Have Only One Chance to Make An Outstanding First Webpression https://b2btail.com/webpression/
Stop Being the Best Kept Secret: Manufacturing eCommerce Strategies
Grab these FREE B2Btail Resource Guides to help you on your eCommerce journey
- Dominate Search
- eCommerce Checklist
- Manufacturing Website Call-To-Action Strategies That Work
- 25 Blog Topics for Manufacturers Eager to Start Blogging
Exit Your Way– Helping owners create businesses that make more money today and they can sell or succeed when they want.
Damon on LinkedIn
Presentation Transcription
Damon Pistulka 00:01
All right, everyone, it is Friday. And what does that mean? It means it’s time for the manufacturing ecommerce success show. I can’t speak really well today but I am one of your hosts Damon Pistulka. And that lovely guy right over there. Curt Anderson, co host, brother from another mother. Take it away my friend.
Curt Anderson 00:23
Damon, dude, happy Friday. What? How was your week? Did you have a good week?
Damon Pistulka 00:27
Yes, I did.
Curt Anderson 00:28
I went out at 10 What was it? I have good weeks. You like, sign good
Damon Pistulka 00:34
weeks. I got really the weather was nice this week. And I got to go out walk a few miles almost every day including my other workout. I was just it was just great week for me. Any business is always you know, you get to talk to interesting people. It’s a great week. It’s just
Curt Anderson 00:49
a great gore. What a What a blessed week. It’s just amazing. We’re already in a March and May light and just honored. Privilege is gonna be fun. So excited to introduce my dear friend. It’s got gone. It’s gonna be great. Happy Friday. Scott Dawson. How are you?
Scott Dawson 01:07
I’m great. Good to see both of you. Thrilled to be part of the the show today. It’s exciting.
Curt Anderson 01:14
Absolutely, Scott. So hey, happy Friday. And so Damon I just want to share a little story about my friend Scott. So I had the honor and privilege. Scott and I met in person and this poor guy was stuck next to me at a trade show. Oh, no, it was the Manufacturing Extension Partnership program in Chicago. And I just little member, you know what I’m talking about back in September, I had this little table set up, you know, I got my b2b tail stuff going on. I probably got a banner right down there. And so I’m just standing there. And poor Scott was standing next to me and he had to put up with me the whole week. And I’m telling you what a gracious host he this guy is just a man of integrity. I just my admiration for this guy off the charts. Awesome. Got thank you for being such a gracious partner. And what a great week we had. I want to talk about core business solutions and your entrepreneurial journey and just all sorts of things. But before we go there, I have a question for
Scott Dawson 02:12
you, Scott. All right. Yep.
Curt Anderson 02:15
Young boy growing up and I know you’re in Pennsylvania, but if I’m not mistaken, I think your roots go back to Colorado. Do I have that? From a young little boy growing up in Colorado, Scott Dawson, who was your hero? Who was my hero. Growing up as a little boy in in Colorado.
Scott Dawson 02:34
It was probably a jazz musician. Drummer, more than likely probably Buddy Rich at the time. Wow. So love the love jazz as a as a as a kid in Junior High High School, was the jazz drummer. Made a lot of noise had a lot of fun. So yeah, probably probably one of the one of the jazz drummers of that era.
Curt Anderson 03:03
The jazz man, demon. Dude, we’ve never had that answer. I’ve never
Damon Pistulka 03:08
had that one. And it’s so good because jazz musicians. They just have something about him. It’s just going on. Just going on, you never know
Scott Dawson 03:21
what’s next. That’s the that’s the thrill of jazz, is you make it up as you go, which is just my business. Kurt, you just make it up as you go. If you don’t tell people that’s what you’re doing. You don’t let on but that’s what’s really happening. But you’re really faking it till you make it. Right. That’s really how business
Curt Anderson 03:40
you know, we had a great guest last year she remember the guy she had a PhD and she did her whole thesis around jazz because her dad was such a raving fan. So absolutely love it. And it’s all about improv and like, you know, hey, what’s the clarinet going to do? What’s the drummer doing with a guitar player doing so? Yeah, if you’re a jazz fan, you know i What a great phenomenal answer. So Scott so let’s let’s start here. So you man it dude, great entrepreneur. You have a wonderful track record. We’re going to dig into it. We’re gonna do a deep dive into cybersecurity boy gals here today we’ve got MD at m&r my scene that correctly we got richer today I’m gonna we’re gonna talk about cybersecurity. But Scott before we go there, man, you go off to college. I look you know seminary, but man also like you took a little pivot and he became this great entrepreneur, talking about like post college in like how your entrepreneurial you shared it with me when we were together in Chicago. phenomenal story, just for folks out there that like you know, gee, you know, maybe they’ve got that entrepreneurial bug inside them would share your story.
Scott Dawson 04:47
Yeah, glad glad to do it, Kurt and you know, how life has twists and turns along the way. And, you know, Who’d a thunk that any of us were doing what we’re doing today, you know, as a kid, you know? I wanted to be a jazz drummer. That was my thing. And, and not doing jazz drumming, but I sure do enjoy it. But I had graduated college with a Religious Studies degree, heading into seminary to go be a Baptist minister. There’s not a whole lot else you can do in the industry with a Religious Studies degree and a seminary degree, right?
Curt Anderson 05:26
narrows it down a little bit,
Scott Dawson 05:27
you’re pretty much you’re pretty much on a track. Yeah. And my wife and I, we we finished Seminary in Colorado, first church, we were we were assigned to was in Mountain View, California. So packed up the kids headed to California. And really enjoyed Northern California, the Bay Area is just a fantastic place to live. And I spent a few years in ministry as the as the second pastor on staff. So I was like the associate pastor. And as small business Baptist churches go, the attendance kind of goes up and down over the years. And then one of the down troughs, they said, came to me and said, Well, Scott, we’re gonna have to, we’re gonna have to let you go, that we can’t keep you on. And, and it was a deacons meeting, if I recall when they told me this. And I said, well, thank you for, you know, the opportunity. And walked out of the meeting and had no concept of what I was going to do next. I mean, felt called to what I was doing felt like there was a purpose to my life, and that, that, that the next step was already there for me. But after the meeting, one of the deacons came by and said, Scott, well, if you need work, let me know. And a good friend of mine, and I said, well, thanks for the offer. I appreciate it. But you know, God has been going in this other direction. He said, Well, Scott, I have faith too. But if you need work, let me know. So it was like down to earth? Yeah. Amanda, the man of the earth here. Very practical. And I had put him off. And then three weeks later, when the paychecks weren’t coming in, yeah, I called him back and said, What were you saying about work? You know, and, and here was my job interview guys. He said, he asked me, Well, how much do you need to make, to you know, to feed the family? And I said, Well, you know, like, 12 bucks an hour would probably do it. He said, Well, I have one job that pays 12 bucks an hour. Do you want it? Well, yeah, of course, if he pays 12 bucks an hour, why wouldn’t I want it? What is it? He said production supervisor and electronics manufacturing company? He could have been talking about African missions for all I knew. Yeah. Yeah. Because I had no relate. I had no concept. I had no experience nothing. So my last Sunday at the church, director of the choir for the last time, taught Sunday school, hugs and kisses. Monday morning, in the middle of this manufacturing shop. As this short Chinese gal was teaching me how to crimp wires in the electronics process, and she didn’t speak much English, I don’t speak any Chinese. So, but she was yelling at me most of the time. So I figured I was doing it wrong. Whatever it is, she was showing me how to do it wasn’t going very well. So they kind of started me at the bottom and work my way up and this and that and eventually got interested in quality management and training, which was more suited to my skill set. And, you know, still looking to, to get back into ministry, but I got interested in manufacturing. And, and found it fascinating and found it challenging. And recognize that I could, you know, I could let that be a vocation and still have avocation on the side of church work and such. So stuck with manufacturing. For many years, that company was then bought out by a Pennsylvania company. They you know, so my choice was, you know, stay with with the subsidiary at that point would have been the subsidiary, right. Or they said, Would you like to come work at corporate and do some of the training and quality work that you’ve done with all of our facilities? And they said, well, heck, corporate? Yeah. Moving up here. And I had to ask, Where are you guys located? Well, we’re in Pennsylvania. had never been to Pennsylvania didn’t know anything about Pennsylvania. Yeah. But I knew there were two football teams. So it had to be Pittsburgh or Philly. Right. So I asked him Which one are you in? Pittsburgh or Philly? Well, we’re not in Pittsburgh or failure. We’re in Lewisburg. I’ve never heard of Lewisburg. Well, we are really here. Turns out, it’s in the middle of the state, out in the country, small town, small college town. And we checked it out. We loved it. It moved out here. Move the family. So our kids were in middle school, which is a hard time to move kids. Yeah. Across the country. From the Bay Area, where every every language in the world is spoken. Every food in the world is eaten. Okay, to Central Pennsylvania, where there’s like, three last names. And our kids were like, Whoa, what planet did we just land in? So we got here, started a new job, enjoyed it. And then they went out of business. This was at this back when the back in the y2k Telecom crash. Yeah, internet timeframe. So 99 2000, they lost their whole business. And so we were in the middle of Pennsylvania with no job, no job prospects. And so we put our house on the market that day. But so did all the other professionals from the same company. And in this little town, you know, real estate doesn’t move too quick. So we were here, we were routed, and I got a couple of consulting gigs with some people, I bet, one in New Jersey, one in Texas, started commuting to New Jersey and Texas for this work. Sort of like the work from a consulting point of view, the travel, you know, the commute really sucked. The work was great. But that Christmas, my older brother and I were sitting on my mother’s kitchen table, and I was in a bad mood. Because I had lost my job and tried to figure things out and all this. And so I was grumbling about corporate America, and how terrible every boss in the world is, and that they are just a bunch of idiots, whoever they are. Right? You know, they really screwed it up. They messed it up. And and then my brother was working at a large corporate job engineering job. And he didn’t like his work, either. And they were there, too. They were screwing up his life, too. So we were two brothers grumbling. And we said, why don’t we do something together? We could do it better than they do. So what would we do? I don’t know how to take, you know, former Baptist minister, turn Quality Manager, turned consultant with an aerospace engineer who wants to be a programmer? How do you mash that into something that two brothers could do? And so we had this idea that we could, we could automate all the paperwork for quality management, ISO 9000 Bond primarily, which was what I’ve learned in California. And it just Daymond I don’t know, you had some experience with ISO and the binders of paper that was part of it back then. And I said, if we could put all that paper on the computer, it will make it easy for people. And we could, it will sell like hotcakes. And we could sit on the beach like Bill Gates. Because that’s, that’s what you do. You put it’s what you do. And then it takes off and you go on because they’re on the beach. It’s great. I’m still trying to get to the beach, has still still trying to get there. But we we Mike started working in the evenings, weekends on what is now our core platform is our software platform. And I started showing it to the few customers that I had, and they gave us some feedback, we kind of worked it, we gave it away for free at the beginning. And then it turned into a what we call a services led software company. Services lead meaning that we work as a consultant with the client. And then as we do they get familiar with our software. And when we’re done that, you know, hopefully they sign up to use the software and some more consulting and things like that. So it’s it’s a great business to be in. Because we’re in central Pennsylvania, we also had to figure out how do we do the consulting without the travel. Because travel is basically evil. I mean, it’s just an evil part of life. Unless you’re doing it for fun, but work, work travel, not so much fun. So we started to figure out, you know, first we were doing some consulting over the telephone. And then I think we heard about this thing called WebEx and we started doing some video things I’m just started trying to figure out how do we reach people in a different way, using technology to bring our experience and bringing this the help we can bring to people who need the help. And then by doing it that way, it’s less expensive, because you don’t have all the travel time and all that. And so we really carved out this niche, where, you know, where we provide more of a service and online service, coaching approach type of thing, and not a full consulting engagements. So we kind of position ourselves as an alternative to hiring a consultant, even though we are consultants. So over the years, this is what 23 years later got ourselves into other, you know, avenues of or other aspects of compliance, because customers asked us, can you help in this area, that area. And so now, we have 60 employees in the company, at this point, continue to grow, and continue to a lot of customers stay with us for years and years, they find it very helpful, both the software and the extra help consulting and such. But we ended up with, you know, a good pool of customers that trust us to help them stay certified. And there’s a lot of companies that still need that, that help to get through these compliance and certification requirements. Because they’re sometimes they’re their companies are in jeopardy. Sometimes they’ve got to land this big contract, or they’ve got to save a contract, and they got to get this certification. Out. Let me filter what I’m gonna say this blankety blank certification that they gotta get done. That’s the preacher and me won’t let me like say much more than that. Right. And, but it’s, you know, we feel like we’re making a difference in people’s lives in a different way than my career started, but we’re still reaching and teaching people and, and helping them be successful in life and learn some things along the way and try to create a business where it’s very family friendly, and we believe in our employees and love them to death and just enjoying John, what we’re doing. So there you go, that brings you up to date. Well, thanks.
Curt Anderson 17:31
Right. So number. All right. So first off, thank you guys. And so if you’re just joining us, we’re here with Scott Dawson, founder of core business solutions. And Scott, we’re gonna do a deep dive into cybersecurity, you are helping manufacturers all over before we sight into that I feel compelled to have to hit on this. So Damon, we talked a lot about search strategies, e commerce, what have you, Scott, you’d shared with me prior when you got things kicked off. So you and your brother, absolutely. I love that story. Just sit around mom’s kitchen in Christmas, and you’re just commiserating on how awful everything is, so and so forth. And just like randomly, hey, let’s start a business.
Scott Dawson 18:13
Remember, we were complaining about them? Yeah, yeah. We’re now them. Yes. You’re
Curt Anderson 18:20
all sorry. It goes full circle. And for the record, I think we’re just very thankful to Scott, we won’t go into details. But he’s, he’s dealing with some health issues right now. And so he’s kind of kicked back. And we’re trying to get him in a comfortable position. So Scott, thank you for being here with us today. But share, you know, when the company again, so a Baptist minister turned, you know, quality control guy and electronics manufacturer turned entrepreneur. Not I don’t hear anything about sales and that whole track record, right. You shared with me when we were together in Chicago, that you sort of open up the door, you started figuring out search really early, early 2000s. Very early. Hit on that on like, you know, I find that so admirable what you did with keywords and getting traffic to your website for a minute.
Scott Dawson 19:08
Yeah, I mean, that’s the central way we get connected with our customers. And earn in those early days. Mike was not only trying to figure out not only building the software platform, but I also said, you know, well, he, we both realized we had to have more than the two customers I have. And we didn’t know how to do that. Yeah. So he started doing some research and such. And he came to me one day early on, this has had to be in 2000. And he said, Well, there’s this new thing out called Google Google. And I said, What in the world are you talking about Google? He said, Oh, yeah, this is the this is going to be the future of the world. It’s all going to be here. And I said First of all, it’s a silly name. I’m just on record. It’ll never, it’ll never last because the name is so bad. And you go to their page, it’s a big white screen with a box in the middle. So how this isn’t impressive? I mean, who did this? I could do that a white box in the middle of a screen. Yeah. He said, Well, type type something in the box. And then this list came up. And I didn’t know what his list of it was just a list of a list of what these different topics and things and, and, and Mike said, Well, we’re going to be on the list. And then people will find us. And they’ll call and we’ll help them. It’ll be great. And I said, I really don’t understand how this works. But if you think it’s going to work, let’s start working on it. He said, Well, first, we need a website. Okay, well, let’s do one of those. So we cobbled together a website, it wasn’t impressive at all. And then Mike started to figure out how to get us on the list and all the tricks, you know, the tricks that you have to go through keywords and such. And the phone started ringing, which was nice, and and then, as the phone was ringing, people would call and say, Hey, I see you do something with ISO 9001. I said, Yeah, we saw a software that helps you with ISO 9001. And it helps keep you certified and keeps your documents in such. And they said, Well, we’re not quite there yet. We need somebody to help us with ISO 9001. And my response was, this is like one of those paradigm shift things in your head, right? I said, Well, you probably want to call a consultant to help you get prepared and certified, then you call us back. And we’ll get you set up on the software. Because we’re not, I don’t want to travel the rest of my life. And every consulting gig I had, which was to I had to be on an airplane or to travel hotel, all this. So I’m thinking Addison a way to live. So we’ll just do the software side and, and said, Go sit on the beach, and it’ll be great. And so after a number of these calls, it dawned on me that unless we were the one helping them get the certification, there was no way they were going to call us back. Yeah, nobody would call us back. So I started to talk more about consulting and took some projects that ended up being travel. And maybe a year later, I was quoting one of these engagements, which was like, ungodly price, you know, price in this, you know, 15 $20,000 or something. And they said, well, we don’t have 15 $20,000, is there any way you can help us? At a lower price? Because we really like you. We want to work with you. We like the software idea make sense to us. We just can’t afford this 15 $20,000? And I said, Well, there’s a lot of cost for travel and hotels and stuff in there and said, Well, could you just help me over the phone? And I thought about that. And I said, I suppose Can we meet every Thursday? And then what we what would you charge for that? And I’m thinking, I don’t know? How about 5000 bucks? Okay, we’ll do that. So we started helping people over the phone, and then kind of spice it up over the years. But majority of our customers are somewhere in the continental US, we really don’t care where, because we’re going to be on meetings and working remotely for the most part. Now some of them want us to still come out, you know, to give them a hug or whatever, but help with an audit, whatever that is. Yeah, so we’ll do some travel. But for the most part, we work remotely. And it’s we kind of had to follow our nose through this uncharted territory of, you know, online, this and online that. And then of course, paid ads paid search kind of came out, maybe a year later. And Mike said, Well, we can get on the list better. It’d be better getting on the list at the top. We just have to pay for it. And so well, how much do they want? Wow, it’s like 11 cents per click or something. Yeah. And I said, Well, I got 30 bucks, I can put up if you have 30 bucks. So I started like that. Let’s put 60 bucks up there and see what happens. It’s not like that now, Kurt. No, but it was it was like that. It was like seven cents. 11 cents. You could bid on things like this. Yeah. Yeah. So we’ve written the river in the Google train for a lot of years and Uh, but, you know, we’ve, we’ve just, it’s a way for us to connect with people, when they are asking a question, how do I find help? And when people, you know, in this day and age, they go do their research? What does that mean? google.com For the most part, and they ask a question, or they’re looking for something. And honestly, if you’re not showing up on that first page, you’re not showing up. And now of course, you can scroll forever on the first page, but they changed it, but that people don’t scroll forever, you got to be at the top. And you got to, you got to meet them where they are, you know, they’re, they’re somewhere in the decision making process somewhere. And we don’t want the people who are saying, gee, what is certification? What is ISO? You know, I’m not the world’s teacher, I don’t really want to talk to you yet. There’s stuff on our website, that’ll help you out. But if they’re saying, How do I get certified? Or where can I find help? Okay, we want to so we AMR searched strategy around that point in the decision making process. So you can kind of we’ve had to learn, you have to map out the mental journey that your customer goes through, and then decide, at what point are you most helpful. And then you gear your search strategy around where you can be most helpful and, you know, land the deal? Because if you don’t land a deal, then what was the point? So I think that’s search has just been foundational for us. But it was that along with everything was, has been this, you know, let’s figure it out as we go, and no big game plan. You know, I tell my employees, it’s taken us 23 years to get here to figure out what we’re about to do. Not sure what it is, but we’ll figure it out together. Let’s go. You know, if it weren’t our business plan, that’s basically it. Right?
Curt Anderson 26:58
You know, Peter Drucker calls it the accidental entrepreneur, if I’m not mistaken. You and Mike, like truly define what I, what a great story that is to like
Scott Dawson 27:09
to get a resume out again and work for them. Right? Just so that was always the motivation. You just write does, you know, they were a bunch of idiots, whoever they were,
Curt Anderson 27:20
was most most entrepreneurs are just flat out unemployable. Right? That’s right. Yeah. Business Owner, they just flat out unemployable. So Scott, let’s do this. Let’s dig in. So you’re helping save the world make it a better place with ISO 9000. Quality? Let’s I know everybody wants to hear about cyber slided. How did you guys graduate? How did you transition? And I’m, you know, sir, you Mike did a great job listening to the customer. But talk about cyber and then let’s take a deep dive there.
Scott Dawson 27:49
Yeah. So we got into cyber from customers asking, we do a lot of work in the aerospace industry, and government contracting. And we have customers who we’ve helped with various things. And then the question of, you know, the new cyber regulations coming out from the Department of Defense. They’ve asked, Can you help? And I’ve learned Kurt to stop saying, Well, you probably want to call a consultant for that. You know, I’ve stopped saying that thing. I’m thankful. Yeah, exactly. Yeah. So I’ve just learned, well, let me let me see how we might be able to help you. We’ve been in technology for 20 years, we’ve been, you know, running running online, online software for that many years. So, you know, we we started to investigate, we ended up we’ve, you know, since hired, you know, security experts and stuff we have a team that does does that now, but at first it was well want to read this together and figure it out together. And customers, if you’re open with them, and they trust you, they’re they’re willing to let you help, you know, yeah. Don’t pretend to be somebody you’re not. Yeah, that doesn’t help. But yeah, we started to help with I mean, the Defense Department has this really big problem, which is a national problem, which is our our secrets are being stolen every day, all day long. By overseas, you know, nations that would like to do harm to the country. And not all information from the Department of Defense is in a classified program. So we’ve all heard classified unclassified, well, if you’re in a classified program, which is the real top secret stuff, that stuff is locked down, I mean, it’s locked down tight. So cyber security is already you know, a given in those contracts you don’t to do that. The rest of the purchases in the in the in the contracts from the Department of Defense are unclassified. They’re there. They’re not they don’t have that type of a control. It’d be unreasonable. Want to try to control every exchange with the Department of Defense in a classified program just not possible to do. So what the, you know, we we saw, I think it was like the F 35, maybe eight years ago, the Chinese came out with a duplicate of that aircraft, within two years of us launching that new weapons system. Okay, not a coincidence. Turns out, they didn’t hack the DoD servers to get this information. They just waited until the DoD started buying the parts and pieces from the defense industry industrial base. And in that procurement, all these drawings started to be sent out to vendors. And all this technical information was sent out to vendors in unclassified contracts. And so though, they would wait until Joe’s machine shop got their drawing to turn apart, and it was pretty easy to go on Joe’s machine shops network, yeah, and then start to piece together the whole system and come out with a competitive war machine to compete with the F 35. And there are a lot of stories like that. So Department of Defense is, is rolling out, cybersecurity requirements for all defense contractors and subcontractors, over 300,000 companies in the US, big list, you know, and as a, as an entrepreneur, you know, you hear 300,000, your ears perk up, like, oh, wow, maybe I don’t pay attention here. But in our point of view is many of those contractors or very small businesses, like the ones we’re normally working with, and they’ll never going to have the wherewithal or the budget, to bring their networks to the level of security, that’s going to be expected. So they’re going to need the help. So it fit it fit our business model, we just have to get get up to speed and get some expertise on the technical aspects of all that. But still have, you know, people helping people, which is what we do. By but it’s, you know, the cybersecurity isn’t just about protecting the Defense Department’s info, I mean, is about that if you’re in the defense industry, you got to protect that information. But you also got to protect your employees information, you’ve got to protect other customer information that’s on your network, you might want to protect your company financial information, just thinking, you know, just thinking out loud here, that’s something else you might want to protect. And, you know, watch the news and find out that how vulnerable everything and everybody is, if you have anything on a computer system, so small businesses don’t have a lot of money to spend, they tend to not have it experts. You know, a lot of times it’s the boss’s nephew, on Saturdays coming into work to make sure outlooks working. Yeah, that’s the IT guy. Yeah, you know. So they need help, and they don’t know where to start. And if you’re in the defense industry, you could lose some big contracts if you don’t get hit with it. So it’s complicated whether or not you’re in the defense industry. It’s it’s a priority. It’s a risk. But it’s hard to say, Hey, I’m gonna spend all this money. It’s, it’s a risk. I understand that. But maybe we’re too small. Maybe we’re gonna get lucky. Maybe we’re not going to be a target. You know, but hope is not a plan. Yeah. I mean, it’s not if that’s your plan, then. Well, I hope nobody loses a finger on my floor tomorrow. Well, you’d never treat safety that way. Right? It never say well, we’re just gonna hope that that that laid over there doesn’t, you know, rip an arm off. Now you’re gonna put the safety guards up and you’re going to do training and you’re going to, you’re going to do the right thing by your employees to protect them. It’s just a different way to look at protection. But the problem was cybersecurity is it’s not visible. It’s invisible. You don’t see it. You know, safety problems in your shop. You see it walk up easy. There’s no there’s a spill on the floor. Somebody’s gonna kill themselves. Somebody clean that up, you know? But if your firewall settings aren’t right maybe the nephew is gonna see it on Saturday. Maybe he’s not. Yeah. But nobody walks by and goes Oh, somebody clean that up. Somebody’s gonna get hurt. Because the boss, the boss, So these companies typically don’t know much about the technology. And now, if you’re in a technical technical company, maybe it’s different. But if you’re in manufacturing, typically, that’s not where you’re IT experts are is running the company. So it’s hard to make it a priority, it’s hard to see the problem. And now it’s gonna be hard to keep defense contracts if you don’t do something about it. So it’s a tough spot. People are in a tough spot right now.
Curt Anderson 35:36
So Scott, what do you seen, as I will say, like some of the most common culprits or, you know, challenges, and I guess, part to that question, what are some of the easiest potential fixes or everyday things that people are just ignoring? Like, is there any little steps that they could be taking to protect themselves? So
Scott Dawson 35:55
number one, number one threat is email. Yep, number one threat. And it’s not like, Hey, I’m in Africa, and I have a fund that has your name on it, click this and contact me and I’ll get you your money. Your few years ago, we get those emails. That’s bogus, right? We all we all recognize that bogus. Well, today, emails are sent to my employees from me, saying, Hey, this is Scott. I just did I didn’t write down that account number from our meeting this morning. Can you send that over, back over to me? Or I forgot, there’s this bill we need to pay. Here’s a link, can you make sure the bill gets paid, and they impersonate me? Yeah. And they know my employees. And they format the emails exactly the way I would format my emails. This is all automated. The the underworld of cyber attackers is big business. It’s not just hackers in the basement anymore. It’s big business. Overseas, there are office buildings, three, four storeys high. Where these cyber criminal organizations sit. They advertise for local engineers to work for them. They have an HR department and an accounting department. They probably have a break room where you can get snacks. And it works like a business. And when they hire engineers, a lot of them out of school, whatever. They don’t tell them what they’re doing. It’s all very compartmentalized. But they they bring deep pocket resources to find the scams that will work. And they’re always coming up with new kinds of scams, like impersonating the boss or whatever. Yeah, but I it’s absolute Kurt. Absolutely. email scams are number one, some of them are obvious, and you got all this junk coming through that way. Some of them, you got to stop and think, as you’re not sure, you know, yeah. So getting your employees up to speed and having good filters and things like that around emails got to be number one.
Curt Anderson 38:18
So we’re gonna talk about the MEP, sir, real quick. And I actually I received an email from one of our mutual friends at an MEP, and I’m sitting, I’m clicking it clicking it. Oh, my God, I don’t know why he sent that and I couldn’t figure it out. You know, I’m like, Hey, dude, I’m like, I got this note from you what’s going on? He was like, oh, yeah, I got spammed somebody. I’m like, I totally bought it. You know? How? I mean? How do we how do we prevent that? Scott? Are there? Are there simple steps? Are there red flags? Like, how can we start? How can we prevent those?
Scott Dawson 38:48
Well, it’s got to be getting employees to be more to scrutinize their emails more than just like, immediately, because we all want to clean up our email, right click, click, click, click a clean, get go through the email quickly. But you got to you got to learn how to stop and think about things. And they’re, you know, certain telltale signs, I guess, to watch for. What we do is we have a, we have a training system, we just it’s somebody services that we bought. And they send out training every month on different ways to protect protect yourself as an employee, and then they have this spam or phishing, or phishing phishing test where they send fake emails. I mean, this is legit, like test, so it’s not a real fake email. It’s a good fake email, if there’s such a thing, but they’ll send out these emails to try to trick our employees to see if they learned or That was in the training last month. And if you click on one of those, then you get this message and said, Hey, that wasn’t legit. Here’s a link to the bonus training that you get to take. Yeah, refresher, because that was, so, which I’ve seen most of the bonus training myself. Because I, you know, sometimes I don’t pay attention. And sometimes I click on things. And I go, Oh, no. And then, you know, we shame everybody in the meetings and whatever, hey, you clicked on it. But it’s changed. It’s changed our point of view on what emails we should be opening which ones we shouldn’t. We’re a little more thoughtful about it. We do a lot of we have we use teams a lot in office. So we have chat. So we’ve, we’ve we’ve taught each ourselves. If in doubt, send a chat message and say, Hey, Damon, did you send me a note on this? And so? And then, oh, yeah, that’s for me. Okay, great. And then we move on. So we’ve learned to double check things and yeah, and that, but I think Kurt, that’s a real kind of real world way to address problems is to provide good training, and then you gotta test, you know, test people to not to catch them. You’re not trying to catch them doing something, but you’re trying to reinforce new habits. So that’s one of many things that you can do a lot of technical things that can be done on the server and such. To help with that.
Damon Pistulka 41:39
But there’s isn’t, Aren’t most of the things that happen are resulting in user?
Scott Dawson 41:45
Oh, yeah. I think it might be a majority. Yeah. But it’s, it’s about it. The hacker doesn’t have to figure out the password to the network if you let them in. Yes. If you if you can, Hey, would you just confirm your username and email? You get this thing? Hey, we updated our whatever. Can you just confirm your username and email? Click here? Username email send. Okay, they didn’t have to think about it. They just use that username, email and login and off you go. So there’s a lot of tricks. It’s all just this, you know, deceptive. It’s, it’s big business. There’s billions, billions it the be billions of dollar industry and in cybercrime. So the cyber criminals work on attacks, new attacks 24/7. How much effort do we put in to protect ourselves? Yeah, boss, bosses nephew on Saturday morning. Okay, who’s gonna win? You just look at level of effort. And, you know, so you’ve got to, you got to recognize that this is a real, genuine business risk. Yeah, that not only could jeopardize the defense contract, but it could put you out of business on a dime. Because if they put a ransomware attack on your computer, they go in and they lock your computer and say, Okay, tell us what you get. Send the the Bitcoin. Oh, I saw a ransomware message. screenshot that not only said, Hey, good morning. It was very friendly. Good morning, we have encrypted your data will restore your day that if you pay the Bitcoin, of whatever the amount was click here, you know, another one looks like here things. If you have any difficulty, here’s our customer support line. So that’ll help you figure out how to pay the Bitcoin. So you can call their call their customer service and get some help on how to get your ransomware Claire
Curt Anderson 44:09
Scott, if you’re going to deal with someone with extortionists they might as well be have great customer. Yes,
Scott Dawson 44:15
exactly. Right. Exactly. Right. I mean, the whole world is about customer service. Right.
Curt Anderson 44:20
Right. Well, even your even your friendly extortionist just
Scott Dawson 44:24
exactly right. Exactly. Right. Yeah.
Curt Anderson 44:27
As a matter of fact, I think I’m going to a program later this month, there’s a manufacturer near where I’m located, and they’re going to go through the case study of how they got attacked. Yeah, shut down. Very important at a Strophic Yeah, Damian, I know we’ve got some great comments here.
Damon Pistulka 44:44
Yeah, we do. We do. And we got we got let’s go back to here. We got Gail Gail is checking in here. And I mean, my mouse is going nuts here. But yeah, Gail is here today. Big business for sure. Yeah, she’s saying one Yeah, using Password things and not using public Wi Fi.
Scott Dawson 45:06
That’s another another one. Yeah, so another one absolutely right public Wi Fi, they can spoof the Wi Fi so that you can go to Joe’s. I don’t know why I’m picking on Joe today, but Joe’s machine shop and now Joe’s coffee shop, you’re in Joe’s coffee shop. And you don’t when there’s a network that says Joe’s public Wi Fi, and you’re looking at it and you click on it, that must be the local Wi Fi for the for the coffee shop, but it’s not it’s SO and SO across the across the room on a on a laptop that has created a hotspot called at Joe’s coffee shop, waiting for other people in the in the shop, to just log into it. And now guess what? They have access? You just just handed over the keys for the kingdom are there?
Curt Anderson 45:53
Scott? How do you how do you defend yourself? So if you’re at an airport, you’re traveling, you’re in public coffee shops movie shop, like how do you protect yourself? Yeah, you
Scott Dawson 46:01
got it, you got to get with your IT group and get a VPN, Virtual Private Network Setup, which is basically a an encrypted path, or connection to either the internet or your or your network or whatever. But your IT folks can set you up with a secure way to log in. When you’re working remotely. Don’t just use the hotel Wi Fi or the airport Wi Fi or the coffee shop Wi Fi? Because you don’t know. Yeah. If there isn’t somebody who’s techno smart, trying to sniff out, you know, people who are going to give away the keys. Right?
Damon Pistulka 46:44
Is it a better step to use your hotspot on your cell phone?
Scott Dawson 46:48
That’s better. Sure. Not great. If because, you know, you know what’s connection? Yeah, it is right. You know, what’s your phone? Because you know the name of it and such? Yeah, yeah, that would be better than Joe’s coffee shop connection. Yeah. Certainly.
Curt Anderson 47:04
Once again, some great comments here. I just before we came in, I was like, so rich. I’m gonna go back to rich a while ago. Rich about heroes, his dad and Stewart Copeland. That’s a great. No. And I saw Whitney was here today with Yeah, right a man Nicole Donnelly, I was on with Nicole earlier today. And again, Gal. miss you dearly. My friend. Great to have you here today. Yeah, guys. Scott Dawson, president of core business solutions. Damon, what do you got? Well, and
Damon Pistulka 47:30
you know, you talked about size of business briefly, Scott. And in we we’ve had in the past few years, three clients, two clients, and myself tried to get hacked in different ways. And these aren’t huge companies, like you said, we’ve had, we’ve had people listen to clients emails with owners for months, and figure out what they do. And when they’re doing offshore transfers of money. They say we moved our business. So we have to change the account. And it is so long and so slow. And so patient, they did not realize it because they didn’t check with the offshore supplier until they wired money. Yeah.
Scott Dawson 48:14
Yeah. Damn. And and that was probably one of these organized criminal operations. Yep. That, that they, they’ll play the long game, they will honor that. And the other aspect is, is, you know, a small business will say, well, we don’t have anything of great value, we’re just a small business. You know, they can’t really get anything, even if they hacked in, it wouldn’t do me any good. Well, yeah, your data is what they’re after. Because if they can get a hold of your data, they can shut your business down. And then they can hold you hold your ransom. And, and so how valuable is your data? Well, how valuable is missing? a week’s worth of work for your business? Yeah, not being able to ship any products for several weeks, how much you lose them, you know, and it wouldn’t be long before all of a sudden, you’re talking about serious financial problems or your customers leaving because they don’t trust that you’re able to, you know, have secure systems or whatever. It but it can just, it can happen like this.
Curt Anderson 49:24
And I came in from Zeus guy. So Scott did a great live session at the MEP conference in Chicago back in September. And so if that’s new to anybody, the Manufacturing Extension Partnership, and so there’s one in all 50 states, Scott, you do a great amount of work with different MEPs around the country. And I can’t remember if it was your session, maybe I heard it elsewhere, where the thieves are, they’re now getting your financial records and they know exactly what you can afford. So then like, you know, hey, $10 million, and your, you know, a $1 million company. They see that you have a quarter million dollars or they know As your payroll is or they know what the amount is that they’re coming in strategically knowing what you will pay your, that your session.
Scott Dawson 50:08
Yep, well, and currently the other the other piece of that is they are, they’ve automated the whole thing. And they’re using artificial intelligence using HubSpot
Curt Anderson 50:18
for automated,
Scott Dawson 50:20
automated, they’ve automated the research, they’ve automated, the ping the various companies to see which ones are vulnerable, they find the certain vulnerabilities, they they help themselves and they send the messages, they do all of this, and it’s all robotic at this point, it’s all been programmed in. And it’s not like, there’s a mess. I mean, in some cases there are but they don’t, they don’t care how big you are, they’re looking for the volume, they don’t care about the size of the deal. They’re looking for the volume of deals. And, and, and, in fact, the smaller ones are going to be less protected. And they’re going to be in more likely to pay up because they probably don’t have good backups of their data. And so they’ve learned, they profiled, they know who to attack generally. And, you know, you gotta you got to break the mold. You can’t be you know, you can’t stay in in the in the crowd and think you’re safe. Right? And you’ve got, you’ve got to remove yourself from being in the crowd, the crowd of folks that just business as usual. And we we keep our outlook running, you know, the internet’s running. So good. Life is good. So are it is under control? Because I can use my Outlook today. Yeah. Okay. We’ve only done half the job, you know, at that point. And, you know, that’s the problem that government is trying to deal with is that the small businesses and l businesses, but particularly small businesses that they deal with, are, are not aware of this risk. And they’re not investing in protections, or training or such. And, you know, as the government likes to do they, they’re getting out a big stick, and they’re, they’re gonna start swinging it. And, and Poland contracts for people who aren’t secure? Yeah, yeah, that’s where this is heading. Which can, can, can, you know, that not even getting hacked, but just the fact that this, these requirements are coming out, can you know, if you do most of your business with the DOD, and this thing’s coming down the tracks at you, you better figure it out, and you better get, you know, whether or to get in a different line of business, find a different set of customers that don’t require that goodbye, MEPs are in a great spot to help. Because they have these relationships with these companies. And they may not have the depth of cybersecurity experts to help but they can definitely spot the companies that need the help, and connect connect them with resources for business solutions.
Damon Pistulka 53:06
I like Nicole’s comment here, okay, I’m terrified. Well, it’s, it’s, it’s really, you know, as you listen to people like yourself, talk, Scott, that if we Yes, we have a lot of things that we could do. taking the first step, though, and not getting hacked through email by randomly opening something, or, or clicking on something we shouldn’t or not checking if you get a strange email from something from someone would cut the wrist down. So absolutely,
Scott Dawson 53:41
there’s three components to protecting yourself, in my view, one is get raising the awareness of the owner of the company. If you don’t, if the owner of the company doesn’t recognize the urgency, then you’re going to be swimming upstream. And, and so anyone who’s either working in a business, or even a business owner, if you say, I don’t understand this stuff, I recognize maybe I’m terrified if the comment was, I recognize that this but I don’t, I don’t know where to start, but the owners got to not learn all the technical stuff, but you got to learn what the threats are. And and work with someone who, who can help put a game plan together. Not every bit business has to approach this the same way because not every business has their it set up the same way. You know, some are in Google and they do Google Docs and they do Gmail and stuff and that’s where their world is. Well, that’s there’s a threat there are threats. Even there. If in if you’re in the cloud, there’s others who have, you know, like computers in a closet down the hall and the wall where computers are in there, and such but the business owners got to say number one, I’m gonna put my personal tie And into learning what the threats are to my business and getting a game plan together. And until that happens, it’s really hard to make meaningful change. The second is, you got to have a trusted advisor, who understands in depth, cybersecurity. So that’s not your nephew coming in on Saturday. It’s it may not be your your full time it is person that you have on staff, they may or may not understand the deeply the technical threats and, and, and in vulnerabilities of your network. They may know how to keep your network running, they may know how to install updates, they may know how to troubleshoot, but they may not be a cybersecurity, qualified person. Same thing with if you’re using a third party, IT company to manage your computers, a lot of people outsource managing the computers to what’s called an MSP or managed service provider. Okay. So if you have a contract with MSP, what are the what’s the terms of that agreement? What qualifications do they have in this area of cybersecurity, so it’s the business owner getting educated, it’s finding a qualified, trusted adviser. And then there are really 10, I don’t have them at the top of my head occurred, but they’re really kind of the first 10 things any small business would do. You know, make sure you have an up to date firewall, make sure you’re running Microsoft updates appropriately, make sure you’re trying to training your employees, you know, there, make sure they’re good backups that aren’t connected to the internet. So you do a backup and you disconnect, why. So when the ransomware hits, they can’t also get to your backup and lock that up, right? Otherwise, right to have a backup, right? So there’s, you know, you got to say, I’m gonna get myself educated, I’m going to get a trusted advisor that can give me guidance on affordable ways to secure my company, because there are affordable ways and unaffordable ways. Two ways you can do this, right? There are now some things cost money, cost real money, but you can budget for those if you if you plan ahead. And you don’t necessarily have to do the expensive things first. You know, there’s a lot of things that you could do that don’t cost a lot. And, and so it’s boss getting up to speed, getting a trusted adviser and doing an assessment to make sure you’re doing the basics. And, and so I didn’t say anything technical and what I just said. Right, right, is it I think there’s a business decision to be made. Before there’s a technical decision to be made. Some people start with a technical, oh, we got to reroute our firewall into new blah, blah, blah, encryption, something something which I don’t understand all that stuff. I’m not an IT guy, okay. But my view is, businesses don’t change unless the business changes. And the business is going to change because the boss makes it a priority, or the team, right, the leadership team. So you got to get the leadership team. Understanding that he’s this is as bigger risk as safety is in your shop. It’s as big a risk as financial checks and balances. You know, why do we have somebody do our taxes? You know, we may have an accounting person, but we outsource somebody to do the taxes? Well, because we could really screw up our taxes. We really could either overpaid or underpaid or make a make ourselves liable for something. So we want it done. Right? That there’s a check in the balance, right? Why do you have a company attorney that that you call on when a contract comes in that you don’t understand or something comes up? Why do you have these professionals not necessarily on a full time gig, right? But you have you utilize trained professionals for a reason. But you know, the the mindset has to change, and then the technical can follow and then the expense you can budget for. And there are alternatives, there are different ways to do it. The hard way to do it is to call vendors and ask them what to do because they’re gonna say, Well, you gotta buy our thing. I mean, that’s what the vendor can do, right? So you need somebody who’s kind of independent of that to give you guidance, right, which is where MEPs will fit in. Certainly our consultants would fit into that.
Curt Anderson 59:49
Scotland, let’s do this man. What a basic conversation. We met. We were over time. So let’s do this. You have a webinar series that I love for everybody to go to, I dropped it in the chat before we started today. I’m on your on your website right now. And I’m going to grab it again and drop it into the chat here. Scott, can you just talk about you’ve got a great webinar series coming up once a month. Your next one is March 16.
Scott Dawson 1:00:17
Yeah, we’re are diving deep into the Defense Department’s requirements for for what’s called cmmc, certification cmmc, cybersecurity, maturity model certification fancy government word for they’re gonna audit you. Okay, that’s what that means. But it’s how do you get ready for these government audits? In order to keep your defense contract, and we’re every month we’re kind of breaking it down for small businesses to get that, get their awareness. Okay, that’s remember, that’s where we’re starting get your awareness up to speed, we’re really trying to address the non technical owner or manager who’s afraid of this topic. Because it’s confusing. And so we don’t dive deep into the technical. We talk a business first and then we some technical. Anybody can anybody can jump in and, and learn some stuff this this week we’re talking about or this month, I think we can have from from today. We’re talking about the documentation that DOD provides. And they have acronyms and different different types of documents that you might have to be protecting. Is the exciting topic for this month in our webinar series, but important.
Curt Anderson 1:01:40
Awesome. Well, let’s do this guy’s you absolutely you want to check out Scott’s website I’ve dropped in the chat. So again, Scott Dawson, we’re with cord he’s he founder, but his brother Mike great story. If you miss it, you want to go back and replay the core solution. The website is the core solution.com You want to check out he has a cybersecurity link. He has free guides I dropped the free guides before we went live into LinkedIn. You absolutely want to check out this webinar series it’s once a month I think Scott you’re rolling it out every month or next
Scott Dawson 1:02:12
through through November I think
Curt Anderson 1:02:15
through November right? So go to the core solution So Scott, if you didn’t catch us earlier God bless him he’s he’s in a blue today suffering some health challenges. So Scott, thank you for being such a trooper. And what an amazing incredible conversation so Damon any any Scott any parting words, website, connect with you on LinkedIn, any other things that was webinar series, anything else that we want to cover from you.
Scott Dawson 1:02:45
Just leave it with this, Kurt. This is something you can learn. It may not be come the technical guru. But if you’re going to run a business or look out for your business, if you can’t shy away from it, you have to dive in. But you got to get don’t start with a technical start with good business decisions. And then you can then you can guide your organization to make to go down the right path.
Curt Anderson 1:03:14
Can’t be the ostrich with your head. No nose ground. Right. So yeah, well, all right. Well, we’ll wrap up. I know Scott, dude, I I cannot express my thanks my gratitude to you our friendship had the honor of working with you all week in Chicago and we had a great time. Lots of laughs It was just wonderful getting to know you. You’re mad Drew, we’re giving a shout out to your buddy Drew. He three of us just had a lot of laughs Good time working together. Thank you for sharing all your expertise. Next time. We hope you are feeling 100% And Damon he has like a state of the art studio at his office. Nice. We were talking about getting together. I’d love to come down and visit your office and maybe we could do this again. And take another deeper dive. So guys, thank you. Thank you for joining us today. God bless everybody son positive vibes, uh, Scott that he’s so Daymond Take it away, dude.
Damon Pistulka 1:04:06
All right. Well, thanks God for being here today. Thanks, everyone. Thanks Gail and Nicole and Whitney and rich and MD and M Anna. Thanks for being here today and all those that were listening but may not have dropped the comment. We will be back again next week with another great guests on manufacturing ecommerce success. And if you missed it back up, listen to Scott talk about cybersecurity for DOD contractors and manufacturers, because there are a lot of gold nuggets in here. We’re out for now and we’ll be back again next week.
Scott Dawson 1:04:41
Thanks, everybody.