Special Guest: Mike Ritzema, Founder & President of i3 Business Solutions
Focus: Real-world cybersecurity breach experiences and prevention strategies for small businesses
Key Guest Insights
Mike Ritzema's Background
- Decades of technology experience (IBM, ERP/DRP software)
- Pivoted to managed technology services during 2007 recession
- Currently manages 4,500+ endpoints across 125+ clients
- Specializes in incident response and breach recovery
Real Breach Case Studies
Case Study 1: The Friday Night Ransomware Attack
Scenario: 300-employee company, 100% server encryption
- Timeline: Friday 6 PM call → Monday morning recovery
- Backup Method: Tape backups stored across the street (air-gapped)
- Challenge: Complex system integration and missing documentation
- Recovery Cost: $250,000 - $500,000
- Emotional Impact: Business owner pacing halls, fearing total business collapse
Case Study 2: The Cloud Backup Breach
Scenario: Company with "perfect" Veeam/Wasabi cloud backup system
- Attack Vector: Hackers accessed Wasabi login credentials
- Impact: Changed email to AOL address, deleted ALL backups
- Recovery: 2-year-old backup found in closet + vendor backup fragments
- Key Lesson: Cloud storage deletion is permanent and irreversible
Top Cybersecurity Priorities
1. Bryan's Priority: Cybersecurity Awareness Training
- Human firewall is the #1 vulnerability
- Implement small, frequent training nuggets
- Include testing and simulated attacks
- Create culture where employees expect to be tested
- Make it educational, not punitive
2. Mario's Priority: Two-Factor Authentication (2FA)
- Simple yet effective barrier against common attacks
- Hackers typically need: email address, password, domain
- 2FA significantly increases attack difficulty
- Extend to two-person authentication for critical changes
3. Mike's Priority: Comprehensive Backup Strategy
- Air-gapped, offline backups are essential
- Don't rely solely on cloud storage
- Implement "reverse backups" (cloud-to-premises)
- Regular testing and documentation required
- Multiple backup methods across different systems
4. Justin's Priority: Documentation & Risk Management
- Develop formal incident response plans (POAM)
- Conduct regular risk assessments
- Identify and address security gaps
- Create culture starting from executive level
- Gamify security training for better engagement
Critical Business Owner Insights
The "We're Covered" Problem
- Most common response when offered security assessments
- Business owners rarely know how to verify their security posture
- IT managers often excel at problem-solving but lack systematic approaches
- Need for process excellence over people excellence
Framework Recommendations
- NIST Framework implemented through CIS Version 8
- 18 control areas with 153 specific safeguards
- Regular third-party assessments essential
Documentation of all security measures and procedures
The Apathy/Complacency Threat
Mike's "Mic Drop" Moment: "The biggest threat in cybersecurity right now is apathy"
- Technology constantly evolves
- Criminals use AI and advanced tools
- Business owners get comfortable with current security
- Need for continuous vigilance and improvement
Practical Action Items
Immediate Steps for Business Owners:
Verify Backup Systems
- Request backup reports from IT staff
- Test restoration procedures
- Ensure air-gapped copies exist
Implement 2FA
- Start with email and banking systems
- Extend to all critical applications
- Consider two-person authentication for sensitive changes
Start Security Training
- Begin with simple awareness programs
- Include executive participation
- Make training engaging and rewarding
Get Professional Assessment
- Third-party security evaluation
- Identify current vulnerabilities
- Develop gap remediation plan
Risk Management Framework:
- Business owners OWN the risk
- IT staff are STEWARDS of the risk
- Regular assessments required
- Accept documented risk levels
- Plan for incident response
Key Warnings
Cloud Security Misconceptions
- "It's in the cloud" ≠ "It's backed up"
- If you can access your data, so can attackers
- Microsoft/Google won't personally recover your data
- Need independent backup strategies
Human Factors
- Employees (including owners) cause data loss
- Malicious insider threats exist
- Accidental deletions require backup recovery
- Documentation prevents recovery delays
Final Recommendations
Bryan: Build Your Support Network
- Have incident response contacts ready
- Partner with other MSPs and security firms
- Create community of mutual support
- Don't face breaches alone
Mario: Implement Systematic Checklists
- Document all security procedures
- Move beyond "mental checklists"
- Ensure consistent execution
- Regular review and updates
Mike: Understand and Own Your Risk
- Accept responsibility as business owner
- Get professional risk assessments
- Make informed decisions about security investments
- Stay vigilant against complacency
Justin: Know Your Blind Spots
- Third-party assessments reveal unknown vulnerabilities
- Hope assessors find something to fix
- Can't protect what you don't know about
- Continuous improvement mindset required
Episode Conclusion
The conversation emphasized that cybersecurity isn't just about technology—it's about culture, processes, and accepting responsibility for risk management. Business owners must move beyond hoping "their IT guy has it covered" to actively understanding and managing their cybersecurity posture.