Episode 41

full
Published on:

24th Jun 2025

Locked Down in One Click: How AI Cyberattacks Are Targeting Today’s Businesses

Imagine this: one email, one click—and your entire business is locked down.

AI-powered cyberattacks aren’t just hitting big corporations anymore. Today, growing companies, contractors, and even small IT teams are being targeted.

This week, we’re joined by Justin Kane, CEO of DoubleCheck Cybersecurity, to discuss the real threats businesses are facing in 2025.

Whether you’re overseeing a new apartment complex, managing a job site, or protecting sensitive client data, you’ll hear practical advice and real-world solutions for your day-to-day operations.

What You’ll Learn

  • The latest AI phishing scams—how they work and why even experienced teams are being fooled
  • Why DIY or outdated security setups can leave your business exposed
  • How to protect your operation—without needing a full IT department or blowing your budget
  • Justin’s experiences with building strong partnerships and the importance of ongoing education

If you’re looking for actionable cybersecurity insights or want to understand how to protect your business from digital risks, this episode is packed with value.

Let’s Connect with K&B Communications!

If you enjoyed this episode, let’s keep the conversation going:

📱 Follow us for insights, tech updates, and behind-the-scenes content:

▶️ Subscribe for exclusive interviews and IT business strategy:

YouTube Channel

💼 Need data cabling or low-voltage solutions?

K&B Communications specializes in network infrastructure, security systems, and fiber optics.

📞 Schedule your consultation today.

Book Your Consultation

About K&B Communications

At K&B Communications, we help you build and protect the systems your business relies on—from low-voltage cabling and network infrastructure to security and VOIP solutions for new construction projects across Las Vegas.

Join the Conversation

Have you ever faced a cybersecurity scare on a job site or in your business? What keeps you up at night when it comes to tech and security?

Share your story or questions with us on social—we’d love to feature your experience or tackle your biggest concerns in a future episode!

Disclaimer

The opinions shared by guests are their own and do not necessarily reflect the views of K&B Communications.

Transcript
Speaker:

man, it's crazy.

2

:

especially on the cybersecurity side, you know, one of the biggest things now is what you

used to know as a phishing email and the telltale signs of misspelled words and poor

3

:

language.

4

:

That's gone now because these hackers can put it into chat GPT and say, make sure this is

great proper English.

5

:

They have some misspellings and things like that, but it's done on purpose now because

what we're seeing is now they're putting a button in the emails that says.

6

:

report phishing email.

7

:

And so you're going to be like, Oh, that's a phishing email.

8

:

Let me go ahead and report it.

9

:

But that button is the bad link and it has you signed into Gmail or Office 365 or whatever

it is.

10

:

Welcome to the Las Vegas IT Podcast.

11

:

Today I have the pleasure of speaking with Justin Kane with DoubleTech Cybersecurity.

12

:

How are you doing today, Justin?

13

:

How are you, Shatoya?

14

:

I'm super excited to get to know you a little bit better and exactly what is it that you

do at Double Check Cyber Security?

15

:

Yeah, absolutely.

16

:

So as you mentioned, Justin Kane, I am the CEO of DoubleCheck Cybersecurity.

17

:

We provide cybersecurity solutions to small and medium businesses anywhere from really

five to 250 employees is where we live.

18

:

I'm from Jacksonville, Florida, sunny Jacksonville.

19

:

It's sunny and 87 today.

20

:

So it's uh really nice and born and raised and never left Jacksonville.

21

:

So here I am.

22

:

It's time to go.

23

:

just kidding.

24

:

know I've never been I'm in I'm in Orlando, Orlando, Florida, but I've been doing research

to go ahead over to Florida because I need to

25

:

It's a great place.

26

:

No, I'm sure Las Vegas is awesome as well, but there's nothing like a warm beach.

27

:

to learn a little bit about your, what you currently, I see you are the CEO of double

check cybersecurity.

28

:

I guess what is your current role with being

29

:

so as any as any small business, obviously wear a lot of hats, but primarily oversee our

team, make sure that we are providing effective solutions and service to our customer

30

:

base.

31

:

We at any given point, obviously we are seeing tons and tons of alerts come through from

our clients of security incidents.

32

:

And so we're obviously trying to be very proactive.

33

:

So, yeah, I oversee that entire team.

34

:

Make sure that we're.

35

:

Also constantly innovating, which is something that we have to do in this industry.

36

:

It is, I like to say, changing by the hour at this point.

37

:

Technology has always changed at a fast pace, but now with the advent of AI and all of

those things, it is just changing so rapidly.

38

:

So making sure that we're staying on top of things that are changing and how they're

changing and make sure that we're using effective solutions and providing the best service

39

:

that we can to our clients.

40

:

Yeah.

41

:

And I know I totally understand with the way that technology is currently going, it's

rapidly changing so fast.

42

:

One of the major topics that we've talked about on this podcast is AI has been a huge

topic.

43

:

But what are some of the ways, Justin, that you're currently staying up to speed when it

comes to technology with it, everlasting of change?

44

:

man, it's crazy.

45

:

especially on the cybersecurity side, we're just, we're just seeing so much activity now

from people that we didn't use to see activity from.

46

:

So, you know, yeah, we used to see a lot of these bigger hackers, bigger organizations and

things happening.

47

:

But now with AI, we're seeing a lot of activity come from younger kids and, you know,

solo, solo actors where they can now use AI and

48

:

get every piece of information that they need to try and attack an organization, maybe not

do the best job at it, but they're still trying.

49

:

And it's obviously keeping us on our toes.

50

:

honestly, our systems that we utilize keep us up to date pretty quickly because we're

seeing a bunch of alerts and seeing new ways and new methods that people are trying to get

51

:

into our companies and our clients.

52

:

So we're having to combat those new things.

53

:

MFA and 2FA used to be the answer to everything and now it's not.

54

:

having to come up with new methods and really train our clients on the new ways that

they're being targeted on their side.

55

:

so having to keep not only us keep up to date, but also keep our customers up to date as

well, because they are the weakest link in a lot of this.

56

:

so making sure that they understand and know what's going on as quickly as we can and as

much as they can retain is a big challenge as well.

57

:

So just trying to stay up to date and keep things moving.

58

:

I got so many different questions came to mind when you were speaking.

59

:

No, it is so important.

60

:

What are some of the experiences that you've seen just with AI and some stories you

possibly share with us when it comes to this cyber security attacks?

61

:

Yeah, you know, one of the biggest things now is what you used to know as a phishing

email, you know, just that classic phishing email and the telltale signs of, you know,

62

:

misspelled words and poor language.

63

:

That's gone now because they, you know, these hackers can put it into chat, chat, GPT and

say, make sure this is great, proper English and there's no misspellings.

64

:

And, know, and it has this great hook to get people, you know, to click on, on whatever

they're trying to get them to click on.

65

:

So.

66

:

That's one of the biggest things, honestly, it's like we're just seeing now these perfect

emails come through that you used to be like, that's a phishing email.

67

:

And now we're seeing it's so much harder to detect.

68

:

And not only that, but we're seeing new methods.

69

:

One of the newest things that we've seen is one of the stories I'd like to tell is ah

we're now seeing phishing emails come through that actually do have those telltale signs.

70

:

They have some misspellings and things like that, but it's done on purpose now.

71

:

because what we're seeing is now they're putting a button in the emails that says report

phishing email.

72

:

And so you're going to be like, oh, that's a phishing email.

73

:

Let me go ahead and report it.

74

:

But that button is the bad link.

75

:

And it has you sign into Gmail or Office 365 or whatever it is, thinking that you're

reporting this bad email to your system and you're actually providing them with

76

:

credentials right there.

77

:

AI is allowing some of these really

78

:

sophisticated level of phishing techniques.

79

:

And that's just the small scale end.

80

:

On the higher scale end, we're seeing things like the now automated, what am I trying to

say, automated techniques of trying to bypass systems and automated systems out there that

81

:

are just now constantly hammering our client systems, trying to get in.

82

:

And it's all AI based.

83

:

It's all AI automated, where now you don't have someone sitting behind the keyboard trying

to...

84

:

do XYZ, now they've built this automated system, likely building it with AI.

85

:

And now the AI is just sitting there trying to get past some of these walls that we've put

in place.

86

:

So it's happening at a much faster rate than we have seen in the past, than what human

used to be able to do.

87

:

Now AI is helping them do it.

88

:

So we are having to fight AI with AI at this point to keep up with the demand.

89

:

And then when it comes to, you know, being protected, I'm guessing that's something that

you could possibly help our audience with.

90

:

Yeah, 100%.

91

:

You know, like I mentioned, we're doing a lot with AI to combat the AI that we're seeing,

things that integrate with email platforms like Gmail or not Gmail, but Google Workspace

92

:

and Office 365 that are using AI inside of those technologies to not only keep up with

what's happening, but also learn along the way, you know, self-learning systems that are

93

:

seeing some of these techniques, especially across a broad spectrum of clients.

94

:

ah where now we have these systems that are integrated and if it's seeing something

happening over here on one client, we can correlate that to other clients and other

95

:

systems as well so that they learn and they get much more knowledge and are able to

respond much quicker.

96

:

We're also doing the same thing on the computer side, the workstation side, using AI

solutions, not typical antivirus back in the day that just says, this is a known bad file,

97

:

let's block that.

98

:

You know, now we're using AI to say, what does Shatoya's computer normally do on XYZ day?

99

:

What does it normally do?

100

:

Well, today it's doing something different.

101

:

It may not be bad, but it's just different.

102

:

And so our AI is watching those things, saying, this is something we may need to look at.

103

:

This is potentially a bad situation that's happening.

104

:

There's some characteristics that somebody may be in this computer doing something.

105

:

or maybe in another computer that's trying to attack your computer or whatever it is.

106

:

So we're trying to use AI to combat a lot of those things as it's happening.

107

:

And then also, like I mentioned earlier on is training employees, training staff.

108

:

This is what's happening.

109

:

You know, not only the classic techniques that we've seen over the years, but hey, this is

something that we've seen.

110

:

Like this is something that happened last week.

111

:

This is something you really need to be aware of because it's happening fast.

112

:

You know, where

113

:

We may have not seen, we may see a technique over here and it may take a month or two to

see that same technique used on another client.

114

:

Now we're just seeing this iterating so fast and something that happened over here last

week or yesterday, we're seeing it happen over here so much quicker.

115

:

So really, really making sure that our clients and our staff are up to date and know

what's happening as fast as possible.

116

:

So yeah, we do all of that.

117

:

We built a solution to try and make that as easily easy and as scalable as possible, not

only for our clients, but also the partners we work with.

118

:

work with a lot of IT departments, a lot of MSPs as well.

119

:

We provide the security backbone to many MSPs so that they don't have to keep up as much

as we do on the security side.

120

:

They can focus what they're really good at, you know, and handling the IT side of the

house and those types of things where we

121

:

and our team handle the security side and provide that security arm for them and monitor

all those security alerts and tools and everything.

122

:

So it's crazy.

123

:

If you don't love it, it is not something to get into, I'll tell you that.

124

:

But if you do love it, it's the industry to be in.

125

:

And if you like learning, jump into cybersecurity.

126

:

Yeah, well it is crazy with IT on how or you know with cyber security on how many

directions that you can go which is so awesome.

127

:

You know one of the things that you did talk about was training employees.

128

:

Is that something that you guys offer or?

129

:

Yeah, absolutely.

130

:

So, and there's a wide depth to that, but we do a lot of security training.

131

:

And then we also do, obviously there's a lot of cross between what I would call the IT

world and security world.

132

:

And so we do cross boundaries there a little bit as well and help our clients with some of

those technical needs as well.

133

:

absolutely provide the training on and it's ongoing training.

134

:

It's not a one-time thing.

135

:

You know, it's not a.

136

:

Okay, hey, you're a new employee.

137

:

Here's some training.

138

:

It's a, hey, last week you learned this, this week you're going to learn this, you know,

with some fully automated system that help our clients and our clients' employees keep up

139

:

with that demand.

140

:

And are these trainings on a recording or is this something that you guys or your teams

currently doing?

141

:

Yeah, a little bit of both.

142

:

So we do have recorded, you know, pre-recorded trainings that we send out really quick

videos, two minutes, maybe three minute long videos with some automated quizzes at the end

143

:

to make sure that those employees are retaining the information that they're being

presented, which is super important.

144

:

And those systems all feed back into our central system as well that say, hey, ah

145

:

Jane may need some extra training.

146

:

Not only did she fail the quizzes, but we're also seeing that she clicked on a phishing

campaign that we sent out as well.

147

:

So Jane may need a little extra attention, a little extra training.

148

:

She's what we would consider a high risk employee that could really damage the

organization.

149

:

So we may need to spend some extra time.

150

:

And then we do also do our own personal trainings as well, especially if we're seeing

something new come out that we.

151

:

maybe haven't had time to record or something like that.

152

:

We'll do a one-off training with our clients on maybe some special topics that we're

seeing or need to get that information out there quickly.

153

:

And then, because you said that it was just a chain that you mentioned, she clicked on

something.

154

:

is the service or the software that you guys are offering, does it show exactly what your

employees are clicking on?

155

:

Yeah, absolutely.

156

:

So two different sides of the house, right?

157

:

So one is our proactive phishing simulations where we are actually sending phishing emails

out, trying to get your employees to click on them, trying to lure them into it.

158

:

They're harmless from us, but it does report back and say, hey, Jane clicked on this email

campaign or this phishing campaign that we sent out.

159

:

And maybe we sent out an Office 365 campaign that tried to get her to log in or some of

the banking campaigns or some of the payroll.

160

:

campaigns that we've seen out there.

161

:

And then also on the live side, the production side, if Jane is clicking on emails that

our system deems potentially dangerous or potential phishing campaigns, we're going to get

162

:

those alerts as well and say, hey, Jane clicked on XYZ email and it presented a bad

webpage to her.

163

:

Hopefully our system blocked it, which is the entire intent behind it.

164

:

If our system didn't catch the email coming through in the first place with the bad links

in it, hopefully once she clicked on it, one of our other systems would have actually

165

:

caught the opening of that bad link with web filtering and things like that.

166

:

So there's multiple layers to make sure that we're trying to capture those bad instances

as they happen and hopefully before they happen is the goal.

167

:

Understood.

168

:

And then when it comes to your client that you serve, I mean, our audience theories on

who's listening, but is there a particular audience or particular client or industry that

169

:

you're looking to serve?

170

:

Sure.

171

:

So unlike a lot of the what I would consider the IT side of the house that focus on a

specific industry or maybe a couple industries, we really are open to any industry.

172

:

We do specialize on the legal side of the house, also some real estate as well, just

because we have a ton of knowledge in that area.

173

:

our solutions are built for any business anywhere.

174

:

um We are not just a regional provider.

175

:

We are national to the United States and also Canada.

176

:

And really we fall in that five to 250 employee range is where we live.

177

:

You know, we love, you know, the five to 75 employee is really where we find a lot of

growth in our business.

178

:

Typically because they haven't had that IT growth, they may not have that in-house IT

expertise.

179

:

Or if they do, they have an in-house IT person that...

180

:

maybe doesn't have the breadth of knowledge, especially on the security side, just because

of how quickly it's changing.

181

:

So we can really step in and help, you know, at that level and provide the, you know, the,

that CISO level expertise, and then also provide all the tools and experience and

182

:

knowledge that we have to those organizations.

183

:

So it's really where we find that sweet spot.

184

:

And then like I mentioned before, we also partner with a lot of IT shops, a lot of MSP

businesses as well to help.

185

:

them provide that level of expertise to their clients as well.

186

:

Understood.

187

:

And then your guys's current services, are they, I'm guessing you can help people all over

the US.

188

:

Yeah, correct.

189

:

Yeah.

190

:

So we can help anyone pretty much anywhere in the U.S.

191

:

We actually prefer clients that aren't necessarily regional to us, but we have clients

actually we have a client in in Nevada that we absolutely love.

192

:

you know, regions distance isn't a problem for us.

193

:

A hundred percent of what we do is remote anyways.

194

:

You know, whereas on the IT side of the house, physical touch is important sometimes

because systems go down or things like that.

195

:

Ninety ninety nine point nine percent of what we do can be done remotely.

196

:

And then if not, we do have regional partners in specific areas that we can get that

physical hands on if we have to.

197

:

Awesome.

198

:

thank you for sharing that, We're actually low voltage contractors.

199

:

So a lot of times we work side by side of IT professionals.

200

:

Absolutely.

201

:

And so with the IT professionals that we are working side by side with, would that be a

good potential power partner for you?

202

:

Absolutely.

203

:

So especially, you know, what we would consider the co-managed IT model is really

important for us.

204

:

It actually works so much better because when we have someone inside the organization that

is truly being the champion and working with the owners or working with, you know, the

205

:

higher ups saying, hey, this is what we need to do.

206

:

And really on the daily basis, just kind of continuing to push

207

:

That security mindset, it's so, so important.

208

:

sometimes it can be a challenge when we're doing that, you know, as an outside

perspective.

209

:

So when we really have someone inside that is championing that initiative, it's so much

better.

210

:

And then again, it helps with that hands-on as well, hands-on approach when we have

someone, you know, in-house that's handling those things as well.

211

:

So we love that model.

212

:

It works.

213

:

It absolutely works for us and is a good prospect for us.

214

:

Yeah.

215

:

Awesome.

216

:

Good to know.

217

:

I'm always on the hunt.

218

:

And then Justin, when it comes to one of the things I didn't get to talk about when you

first jumped, you know, hopped on was what drew you to the cybersecurity?

219

:

Because I mean, there's many different directions that you can go with that within as I

mentioned, IT.

220

:

But what drew you to become, you know, get into cybersecurity?

221

:

So I have been in the IT industry for nearly 20 years.

222

:

I started on the IT side as a technician, you know, as low as you can go in the totem

pole.

223

:

Worked my way up through the years, ran internal departments for multiple organizations,

and then stepped into an MSP for about 10 years, ran the MSP and actually owned the MSP as

224

:

well.

225

:

So I have, from technology perspective, I have been across the board.

226

:

I've worked with low voltage for many, many years.

227

:

I've pulled cable as well.

228

:

Not my favorite thing to do by any means.

229

:

You know, so I've worked basically every facet of the technology side.

230

:

Obviously, as technology has evolved over the years and the line between technology and

security kind of blended, I found myself really enjoying the cybersecurity side of things.

231

:

I enjoy it.

232

:

It has so many aspects of what I love on the technology side, especially how

233

:

quickly, it's changing, I love learning new things and playing with new software and new

vendors and learning all these things.

234

:

So it really played well into my skill set.

235

:

So I decided to make the jump and I jumped solely into the cybersecurity side, really

focusing only on that, which is a really important aspect.

236

:

There are many companies out there that are trying to weave both sides of the line, the

tech side and the security side.

237

:

And I can tell you as someone who did it for many, years, it's very difficult.

238

:

And they really are two different skill sets as well, two different mindsets that you have

to have.

239

:

And so it was difficult to manage both sides.

240

:

And I really wanted to focus solely on the cybersecurity.

241

:

So I made the jump, started double checked just about two years ago and have grown

steadily ever since.

242

:

So here we are today and doing it.

243

:

Oh, that's so awesome.

244

:

Yeah.

245

:

My voice I've had for the last two weeks.

246

:

I've had it like I last week, I lost my voice.

247

:

This week, I'm just dealing with a horrible I'm sure you hear it.

248

:

So I do apologize about.

249

:

No, but I just I love those stories.

250

:

You you said you've been in business for two years.

251

:

And I'm sure you've had a lot of up and downs, just like, you know, any business you're

in.

252

:

Do you have any crazy stories of starting your own business or?

253

:

It's never as easy as they say it is.

254

:

Right.

255

:

100%.

256

:

No, I totally, totally agree with that.

257

:

You don't just start a business and people flood to your door.

258

:

That is the biggest thing.

259

:

The best thing I can say is that the partnerships that you build are super, super

important and the relationships that you build are super important.

260

:

Especially if you're trying to go business to business or business to consumer, it's a

difficult path.

261

:

And as you mentioned, there's ups and downs.

262

:

The ups typically seem to always outweigh the downs, which is why we're still here doing

this.

263

:

It's just never as easy as they say it is, you know, and just keep at it.

264

:

That's the biggest thing I can say.

265

:

Just keep pushing, keep going and make those partnerships a priority.

266

:

People like yourself and other industry professionals and really just reaching out and

asking.

267

:

I've gotten so much advice from a lot of industry, especially my industry leaders just by

reaching out and asking, you know.

268

:

this is what I'm doing and what advice do you have?

269

:

So many people are open to providing that, providing that experience and that knowledge

that they've gained.

270

:

And it's so important to learn from others mistakes.

271

:

I totally, totally agree with you.

272

:

And I think people are willing to what I've just learned the recent years is that people

are willing to give you the information, but they're also wanting you to see to actually

273

:

put it into works.

274

:

I'm not sure if you agree with me.

275

:

No, 100%.

276

:

Yeah.

277

:

Yeah, I feel like that's one major thing that's super important is people want to say,

yeah, they'll help you.

278

:

But if they're helping you, you're not actually putting the things into works.

279

:

Like, what's the point of actually helping you?

280

:

And I think that's one of the biggest things that I've learned just the years of being,

you know, being doing what I do.

281

:

I have a what I'll call an industry veteran that actually touches base with me quite

frequently and he'll we'll have a conversation and he'll be like, okay, so you should try

282

:

this.

283

:

And then he'll come back a month later and be like, so what did you do?

284

:

You know, and they definitely want to see that because if you're not putting in the work

and you're not putting in the effort, then why are they going to continue to spend their

285

:

time, you know, especially when they're at a certain level, their time is extremely

valuable.

286

:

So if they're willing to give you the advice and experience, make sure you're using it.

287

:

Yeah, I know.

288

:

Totally agree.

289

:

100%.

290

:

You know, being a business for the last two years, what's one project or accomplishment

you're really proud of?

291

:

Yeah, so, and this is actually very recent.

292

:

So last week I was actually at a couple of different conferences and trade show events.

293

:

So we actually launched a product last week for a specific uh industry that we were

invited to speak at, which is the cell phone repair industry.

294

:

We were asked to come speak there and we launched a product specifically for their

industry, which is really cool.

295

:

And we're actually branching out that product now to other industry verticals as well.

296

:

So where

297

:

Doublecheck was built to really serve the business environment and the business industry.

298

:

What we're also seeing is that so many attacks and breaches are happening because of the

personal side of things, personal cell phones, personal email accounts, and all of the

299

:

personal devices that we actually decided we wanted to try and help combat that on the

personal side or the individual side, however you want to say that, residential side.

300

:

So we created a security product specifically to address security concerns on the

individual side, where we actually provide a secure email address that has our business

301

:

solutions built into it with the AI, the phishing campaigns and all of those things that

we talked about earlier, built into now your own personal secure email account and also

302

:

solutions that help protect your personal devices.

303

:

So things like your cell phone device and things like that.

304

:

you know, with some apps that you download on your cell phone.

305

:

So we're absolutely loving that.

306

:

It's been very successful and then had a large, a very good feedback from that conference.

307

:

About 50 % of the people in the room during our session signed up as partners.

308

:

So that you can't really ask for better than that.

309

:

And so we're really excited about that, especially on the partner side, because it

provides our partners with recurring income.

310

:

all basically recurring automated commissions, what we like to call mailbox money that

comes in for them for basically just helping sell the product.

311

:

It's a really, really cool solution.

312

:

So I'm really excited about that.

313

:

No, that was actually going to be one of my questions actually.

314

:

And I totally forgot to ask you that.

315

:

So thank you.

316

:

So when it comes to the residential side, I'm guessing, or, you know, personal consumers,

I'm guessing the pricing point is cheaper.

317

:

that correct?

318

:

So, yeah, so this solution specifically, it's $29.99 a month.

319

:

Okay.

320

:

You're used to paying for Netflix and Amazon Prime and all of those things.

321

:

Not that we want to add another subscription, but hopefully, obviously our intent is to

help protect the individual, which if you're using gmail.com or Yahoo or Hotmail as your

322

:

email address, you're not getting any of that.

323

:

And unless you've got any, turned on two-factor authentication on your personal email

account,

324

:

There's some really small things that can help protect you.

325

:

So we're building all of that into our solution to make sure that even in your personal

life, that your personal information is protected as well.

326

:

So we tried to make it as cost effective as possible while also providing as much benefit

as possible too on the personal side.

327

:

So we think that it's a decent price point to help protect the individual.

328

:

And yeah, we love it.

329

:

Yeah, it's less than a cup of coffee a day, which is awesome and it's going to protect

your...

330

:

And I'm guessing you said it also offers AI tools, as you said, everything's ever-lasting

changing, changing all the time.

331

:

oh Yeah, many of the solutions that we're providing to our businesses, we're also wrapping

into this same exact solution.

332

:

So, you know, the AI and the security training and the phishing simulations, a lot of

those things we built into this as well.

333

:

not only are you getting, you know, a good email address, but you're getting our

enterprise level solutions down to the individual person, you know, at an affordable cost.

334

:

That's so awesome.

335

:

So good to know.

336

:

we'll have every you share everything with our listeners so they have access to everything

when it comes to the DIY IT.

337

:

Like, when it why do think people personally try to do it themselves?

338

:

that's a great question.

339

:

Mostly because unfortunately there are a few vendors out there and I won't name them, but

there are a few vendors out there that say you can ah and try to make it as easy as

340

:

possible for you to do that.

341

:

But unfortunately, it's just not the right thing to You know, there's so many bells and

whistles that unless you have the knowledge of what you actually need to do, what you need

342

:

to be looking for.

343

:

That's a big one as well.

344

:

You know, yes, you can.

345

:

set up your own email account and do a couple things and maybe even get your own antivirus

solution.

346

:

But unless you deploy them correctly and make sure that all those little switches and

knobs and everything are turned on properly, you're doing yourself a disservice.

347

:

So the DIY model, even I just got off a phone call right before our thing with a

prospective client who's a one person law firm.

348

:

And yeah, she set up her own email, but didn't understand that

349

:

when she set up her own email that she didn't turn on certain things for security.

350

:

And she didn't even have audit logging turned on for her email to see what potentially had

changed or were people trying to log into her account and hack into her account.

351

:

there's a lot of those little things, unless you know and have had the experience that you

just don't have that knowledge.

352

:

So there's a time and a place and even those people that consider themselves techie at

least work with someone that can provide you advice.

353

:

on what to do and what to look for and get those proper systems set up and in place

because it's not like it used to be.

354

:

Let's put it that way.

355

:

The world is not like it used to be where you could just set something up and set it and

forget it.

356

:

That's just not how it works.

357

:

Understood and what some a question came to mind when it comes to was you know, just said

it and forget it You know a lot of things right now are being sold as automations AI but

358

:

like with these connections of automating Does that put you at risk for your current

outlooks?

359

:

Hopefully that question makes sense of what?

360

:

Yeah, I got what you're saying.

361

:

Yes, it absolutely puts you at risk.

362

:

Every single system and every single add-on that you add on to your systems.

363

:

I mean, we use HubSpot for our CRM system and you can integrate with 9 billion things.

364

:

So every single thing that you integrate, especially now with AI and, you know, even

integrating with chat GPT for certain things, you have to really be careful with what

365

:

information is being shared with those third parties.

366

:

I was actually attending a seminar last week that was talking about reviewing terms of

service in terms of conditions for certain platforms that you sign up for and who owns

367

:

certain data that may be shared back and forth.

368

:

It's so important.

369

:

I recommend now if you're signing up for a new system and it's view our terms and

conditions and 99 % of people just click the checkbox and say, okay, uh take that and drop

370

:

it into ChatGPT or into

371

:

you Google Gemini or whatever AI system you're using and ask it to summarize it for you so

that you can understand truly what they are.

372

:

What are these terms and conditions saying?

373

:

And then one of the important things as well is there's a lot of terminology in these

terms and conditions now that say that it can be changed at any point.

374

:

Right.

375

:

So which is great because it can be updated frequently and all these things.

376

:

But it also means that you have to pay attention to what is changing in these terms and

conditions.

377

:

So just be aware of all of that and get more knowledgeable about the systems that you are

signing up for and paying for and where that data is going and who owns that data,

378

:

especially as you start to integrate AI into your business.

379

:

It's critical.

380

:

Yeah, and that's such a great tip.

381

:

I've done that personally for, know, like other things that I've signed or whatever like

that.

382

:

But no, that's so smart.

383

:

There's a lot of times as you said, we're just like click, click, click, So just, just

having an idea exactly what you're signing up for is so, so important.

384

:

Do you have, I mean, I'm guessing you have stories of, it comes to, you know, if someone

didn't hire an IT professional or a cyber person.

385

:

cybersecurity system.

386

:

Do you have any current stories that you would share with us of it going wrong?

387

:

Unfortunately, I do.

388

:

I wish I didn't, but I do.

389

:

A more recent one is we had a client come to us that was a law firm and they were attacked

by ransomware, which most people know what that is at this point.

390

:

And their systems were taken hostage, essentially.

391

:

Not unheard of, but what we are learning now, the new thing that they are doing is they'll

hold you for ransom and say you need to pay five Bitcoin to get your data back or whatever

392

:

it is.

393

:

But what they've started doing now, especially in the law firm, the law industry, is they

have realized that they can actually go through the data that the law firm is holding and

394

:

find out who the opposing counsel is on their cases and say, if you don't pay us this

ransom, we're going to release this data to the opposing counsel, which if you're trying

395

:

to win a a case that could be pretty bad.

396

:

And so what are you going to do?

397

:

You're going to pay the ransom.

398

:

It's crazy because we've talked about up until now, make sure you have backups, make sure

you have backups so that we can restore if you get ransomware.

399

:

But now the conversation is, is well, yeah, we can restore, but they still have that data.

400

:

So before we'd be like, just we'll restore the backups.

401

:

You don't need to pay the ransom.

402

:

You know, we're just going to restore.

403

:

Well, now you may be able to restore, but you may still have to pay that ransom so that

they don't release that information.

404

:

It's, getting a little crazy out there as far as that's concerned.

405

:

And then unfortunately, another scenario that we saw is architecture firm.

406

:

And it was a classic technique where the business owner was actually out of town and the

front desk person received an email from the owner saying, Hey, we need you to do this

407

:

wire transfer for whatever property that they were going to buy.

408

:

Okay.

409

:

Which or whatever job they were working on, which wasn't uncommon.

410

:

And they typically deal in large amounts, you know, to do some of these transactions.

411

:

So the front desk receptionist didn't think anything of it and went ahead and did that

transaction because the owner was out of town.

412

:

luckily the bank actually caught it and said, Hey, something seems kind of strange here.

413

:

You know, whatever the bank account was that they were trying to do the wire transfer to

caught the bank's attention.

414

:

Well, the bank called the person and said, Hey, this seems a little strange.

415

:

And she's like, well, I mean, he asked me to do it.

416

:

You know, it must be fine.

417

:

And they said, well, if you want to do it, we need you to come down to the branch and

authorize the transaction in person, which she did.

418

:

And unfortunately, I was two hundred fifty thousand dollars that was poof gone into thin

air.

419

:

And unfortunately, the bank said, sorry, we can't help you because we tried to stop you

and you authorized it and all of these things.

420

:

So it's is a really bad situation, especially for a small architecture firm that that can

be 100 percent.

421

:

that could just shut you down, obviously.

422

:

That's substantial amount of money.

423

:

So, you know, always verify, always verify in person, pick up the phone and call the

person, say, are you sure you want me to do this?

424

:

And just make sure 100 % that you're doing the right thing.

425

:

And we'll do, especially when you're dealing with wire transfers, it can be very damaging.

426

:

Oh, totally.

427

:

I know we received an email, something similar.

428

:

Not that, for that much, but it looked legit.

429

:

It looks really legit.

430

:

And luckily, you know, of course we were like, this isn't real, but it did look like it

could have been real.

431

:

So thank goodness.

432

:

They're getting so smart because now what they'll do is they'll buy if your domain name is

xyz.com, they'll buy something that's one letter off from your domain name that if you

433

:

receive an email, you're likely not even going to notice it.

434

:

You know, especially like if you have something that has a uh W in your domain name,

they'll buy something with two U's that looks like a W, especially if you're looking at it

435

:

quickly.

436

:

So.

437

:

A lot of our solutions combat that as well at what we call impersonation attempts.

438

:

It's using AI and it's using systems to look at those things so the user, we don't have to

rely on the user to recognize that.

439

:

It's going to recognize it automatically and block those emails.

440

:

Understood.

441

:

it's such an important aspect of a business.

442

:

I totally love that.

443

:

When it comes to tech, know, IT, we talked about earlier, of cybersecurity and IT working

together, can you just kind of share with us kind of like what's the benefit of that?

444

:

Absolutely.

445

:

So, and this is something I like to talk about too.

446

:

I'll kind of weave this all together as far as people wanting to get in to cybersecurity

and work in the cybersecurity field.

447

:

The number one advice I give is that you have to start on the IT side.

448

:

You have to understand what you're protecting, why you're protecting it, and what the

value of that asset is.

449

:

So if you're trying to protect something that you don't understand, you're not going to be

successful.

450

:

that's where, again, I started on the IT side and learning all of that through the years

and understanding computers and data and file shares and servers and network

451

:

infrastructure and firewalls and all these things and understanding the bits and pieces

of, okay, well.

452

:

What are the weak points and what am I trying to protect and what am I trying, you know,

and how am I trying to protect it are so important.

453

:

So back to kind of your original question, they have to go hand in hand.

454

:

They are two separate things, but they are absolutely, you know, come together as one

entity.

455

:

ah You you have to make sure that on the IT side, you're configuring things properly,

that, you know, you're starting with a good baseline.

456

:

you know, working with good information and, you know, making sure that your

infrastructure is secure and making sure that your network switches and your Wi-Fi and

457

:

firewalls and all these things are configured properly.

458

:

And then on the cybersecurity side, making sure that they continue to stay configured

properly and that someone doesn't make the wrong change and viewing all the alerts that

459

:

are coming through and remediating those alerts and all of those things.

460

:

They're one and the same, just two different mindsets.

461

:

So it's really important that you work together and you have an understanding of what one

is doing, what the right hand is doing to the left is so important.

462

:

If somebody on the IT side of the house makes a change to a network switch or to a

firewall and the security side doesn't know and we're not monitoring for that specific

463

:

change, you might as well just be doing nothing.

464

:

you have to communicate extensively what's going on.

465

:

Understood.

466

:

Oh, no, it's great to know that because a lot of people aren't going to the norm.

467

:

I don't want to say the normal, but most people aren't just going to know that.

468

:

I know I had a conversation last week with someone that was on this podcast.

469

:

We talked about like, was more towards websites, know, IT and then marketing, and the

importance of them working together.

470

:

So just to know like the importance of cybersecurity and IT working together.

471

:

I think that's really, really important for someone to know that.

472

:

We are recruiting from the IT field when we are looking for new individuals and new staff,

because like I mentioned, you have to have that knowledge.

473

:

So unfortunately, we have so many schools and programs and systems that are pushing you

straight into cybersecurity because it's the new field and it's great job security.

474

:

But for any of you listening out there, start on the IT side.

475

:

You'll be more successful in the long run.

476

:

Understood.

477

:

And so when it comes to that, what advice would you give someone that's looking to, of

course, in the future, get into cybersecurity, but they're going to get into the IT first?

478

:

Where should they go?

479

:

Is there a particular education?

480

:

Like, what's their first step?

481

:

Yeah, so two things.

482

:

One, focus on the major platforms out there, right?

483

:

Focus on the Office 365s or Microsoft 365.

484

:

Focus on Google Workspace.

485

:

Focus on some of the big vendors that are out there in this space.

486

:

If you can understand the basics and the core of some of those platforms, they're very

relatable and usable in other areas and everything ties together.

487

:

So start with that for sure.

488

:

There are a lot of free trainings that Microsoft offers.

489

:

Google also has their own slew of trainings that they offer as well.

490

:

And so do those.

491

:

There's an entire website from Microsoft that'll help you train, get certifications.

492

:

There's free certifications for Microsoft Azure and the Office 365 suite and all these

things.

493

:

Go do those.

494

:

It's such good information, especially if you're trying to get into the field.

495

:

School is great.

496

:

It teaches you a lot of the backbone of what you need.

497

:

But applying that real technology, do it.

498

:

You can get a free 30 day trial for any Microsoft license.

499

:

Spin one up, spin up your own environment, play with it, break it, and then let the trial

run out and move on.

500

:

But definitely play with it.

501

:

Get your hands on some of these platforms and systems.

502

:

And then the other advice I would give is that most of the vendors out there, especially

on the cybersecurity side of the house, if you're trying to learn and you're trying to get

503

:

knowledge,

504

:

Find vendors in that space that are providing security solutions and reach out to them to

usually to their partner program is the easiest way in.

505

:

But ask them, say you're a student or you're trying to get into the field and say, do you

have any free certification courses or training courses that I can take for your software?

506

:

99 % of them are going to say, absolutely, let's get you in and get you signed up.

507

:

I can just tell you from my experience, if I am hiring someone.

508

:

and they come in and say, hey, I'm trained in these three platforms that are major

industry vendors out there.

509

:

I'm going be like, absolutely, you're hired, right?

510

:

Because I know you have the knowledge.

511

:

I know you know how to support the systems that we utilize versus some of those more

generic trainings out there, I guess I should say.

512

:

The CompTIA and A +, and SEC +, and all of those are great.

513

:

Whatever the new CompTIA one is for security, those are great.

514

:

And they give you a backbone.

515

:

but also almost every single person coming out of school has those same certifications.

516

:

So differentiate yourself a little bit, get some specialized training and a couple of

special platforms and that'll get you ahead of the game.

517

:

Understood.

518

:

stand out.

519

:

cool.

520

:

Comes to books or podcasts.

521

:

Is there any books or podcasts recommendations that you may have?

522

:

Yeah, I'm to go a little bit different direction on this one because there is a tool,

especially as a business owner, which, I'm sure many of your listeners are, if you're not

523

:

familiar with it and it's called EOS, the entrepreneurial operating system.

524

:

I've got you shaking your head.

525

:

I absolutely love it.

526

:

We run our business on it.

527

:

I've run a couple other businesses on it.

528

:

It's just from a business owner's perspective.

529

:

It's just such a good platform and a good way to run your business to really streamline

things and.

530

:

understand what's happening inside your business, especially if you have five, eight, 10,

you plus employees to make sure that you're all on the same page and, you know, rowing the

531

:

same direction and all those things.

532

:

It's just something I recommend for every business owner to get into and understand.

533

:

Even if you don't implement the entire EOS system, you can pick and choose parts, you

know, to implement and understand and just help you run your business.

534

:

It's something I recommend to everyone.

535

:

Awesome.

536

:

is there a, I've read, I I've read all his books so far.

537

:

Is there one book that you think is particular that you would recommend?

538

:

I'm so glad you asked that because I can't remember it off the top of my head, but it's

it's Gino Wickman.

539

:

He's got I don't know.

540

:

I think he's probably got six or seven books out at this point, but there is one main book

that kind of starts at all and I can't remember right now, but I'm sure we can link it

541

:

after this for everyone that you can read.

542

:

And it really tells the story of EOS and how it works and how it can impact your

organization.

543

:

So I'm sure we can link that to the to the podcast.

544

:

will.

545

:

No, I guess I had to keep you on your toes.

546

:

oh No, get it.

547

:

you know, for listeners are looking to connect with you, how do they do that?

548

:

Yeah, so directly with me, they can hit me up on LinkedIn.

549

:

Obviously, that's the easiest place.

550

:

Or they can visit our website, which is www.doublechecked.com.

551

:

And we've got contact us information all over that.

552

:

ah Or feel free to email me directly, justin.cain at doublecheck.com.

553

:

I'm always happy to answer questions.

554

:

Awesome.

555

:

We'll be sure to put that in the bio.

556

:

And before we go, is there anything else you'd like to share with everyone?

557

:

Oh, stay on your toes.

558

:

Don't click bad links.

559

:

Just don't click links in general.

560

:

It's the easiest thing.

561

:

It's the smallest piece of advice that has the biggest impact.

562

:

Just don't click on the link.

563

:

There's very few things that you actually have to click on a link to view.

564

:

Go directly to a website, call the vendor directly, whatever it is, try and do that.

565

:

It's my biggest piece of advice.

566

:

and turn on two-factor authentication on anything that you can.

567

:

Got it that notification.

568

:

Thank you sometimes, but I know I get it.

569

:

So worth it.

570

:

But Justin today was such a pleasure.

571

:

I really enjoyed our conversation and thank you so much.

572

:

Yeah, thank you, you too.

Next Episode All Episodes Previous Episode

Listen for free

Show artwork for The Las Vegas IT

About the Podcast

The Las Vegas IT
Weekly Insights from IT Experts
Welcome to the Las Vegas IT Podcast, hosted by K&B Communications with our host Shaytoya Marie. Your go-to source for weekly insights and expert advice from top IT professionals in Las Vegas. Each week, we delve into the dynamic world of information technology, exploring the latest trends, challenges, and innovations shaping the industry. Join us as we interview seasoned IT experts who share their knowledge, experiences, and practical tips to help you stay ahead in the ever-evolving IT landscape. Whether you're an IT professional, business owner, or tech enthusiast, our podcast offers valuable perspectives and actionable insights to enhance your understanding and success in the IT world.

About your host

Profile picture for Shaytoya Marie

Shaytoya Marie

Shaytoya Marie, the host of the Las Vegas IT Management Podcast, has been with K&B Communications for almost 10 years. Throughout her time with the company, she has taken on many roles, including sales, marketing, accounting, and recruiting. Shaytoya’s hard work behind the scenes has been essential to the company's success.

Inspired by her diverse experience and dedication, Shaytoya started the Las Vegas IT Management Podcast to share valuable IT insights and connect with local experts. Her passion for technology and helping businesses thrive makes her the perfect host to bring you expert advice and practical tips each week. Tune in to learn from Shaytoya and her network of top IT professionals in the Las Vegas valley.