A discussion with Dean Mechlowitz, Co-founder of TEKRiSQ responsible for Technology Operations, about the main challenges organizations face with cybersecurity threats, the benefits of the NordLayer Partner Program, and what perspectives are anticipated for different industries.
Highlights
About the company: TEKRiSQ is a cybersecurity team of up to 10 people aiding small- and medium-sized businesses (SMBs) in the US and Canada and focusing on enhancing cyber resilience against digital threats since 2021.
Business case: the MSP tackles the challenges SMBs face in cybersecurity, addressing the lack of internal IT expertise and the misconception of being too insignificant to be targeted.
NordLayer adoption: a partner utilizes NordLayer’s simple and efficient remote network access solutions to enhance cybersecurity for clients without overwhelming them.
Benefits of NordLayer Partner Program: the program offers MSPs like TEKRiSQ user-friendly solutions, a centralized management portal, and reporting capabilities, emphasizing ease of use for end-users.
Future projections. Future cybersecurity challenges will center around remote work risks, the protection of personal data, and the need for basic security measures like multi-factor authentication.
About the company
TEKRiSQ is a team of cybersecurity professionals helping SMBs build cyber resilience against digital threats. Operating as a managed service provider (MSP) in the US and Canada, a team of up to 10 people ensures that their clients transform into fully cyber-insurable companies.
Established in 2021, TEKRiSQ was founded on strong fundamentals of experience and expertise in modern cybersecurity and technology. The company has been advising everyone from small teams to big global players, gaining unique insights into the industry and how SMBs navigate the changing security landscape.
Dean Mechlowitz, Co-founder of TEKRiSQ responsible for Technology Operations, discusses the company’s approach to building cybersecurity culture and technology stack for SMBs, and how NordLayer’s secure remote access solution contributes to their mission.
Business case: bringing in the cyber expertise so clients don’t have to move a finger
According to TEKRiSQ, companies often struggle not due to industry-specific challenges but because of their mindset when it comes to adopting security measures. Small and medium enterprises are convinced that their insignificance will protect them from potential risks.
“Usually, companies with fewer than 200 employees are basically sitting ducks. They believe “I’m too small, and all my data is in the cloud, so I am not at risk,” but truly, they just have no idea how to understand it.”
SMBs who don’t typically have internal IT departments or Chief Information Officers end up outsourcing specialists and services. Without the right knowledge, it’s challenging to determine cyber risks applicable to their businesses and keep up with technological changes. 
The lack of expertise makes organization decision-makers immobile and hesitant in taking action because the only thought they have in their minds is, “What do I do?” However, some service providers jump into the multibillion-dollar MSP market with no actual experience in cybersecurity.
“Many MSPs are not cyber experts and fail to introduce basic security measures like multi-factor authentication to their clients, or they aren’t familiar with the latest security issues.”
Qualified MSPs often play a crucial role in guiding organizations lost in the subject. They are responsible not only for bringing knowledge and expertise but also for making sure the clients are aware of the risks. Our speaker Dean highlights that clients tend not to know or simply don’t care about the importance of business cybersecurity.
Guiding the unaware and the naive with a pragmatic approach
TEKRiSQ’s strategy is to use cyber insurance channels to get clients’ attention to security needs.
Business owners and managers, just like any other person, are looking for a quick and painless solution to their problem—and insurance, at first glance, seems like an easy way out. However, businesses must comply with insurance requirements that usually include the incorporation of network and data security policies.
“People think “I’ve never been attacked before. Therefore, I’m never going to be attacked,” which is incorrect.”
Then, the ignorant, unaware, or careless mindset faces a reality check after hearing three control questions from a TEKRiSQ representative:
If all your data was exposed and published on the dark web, would that be a problem for your business?
If all your data was inaccessible for three or four weeks, would that be a problem for your business?
If your computers were shut down for a month or two, would that be a problem for your business?
According to Dean, everybody uses computers, and everybody has data that’s really sensitive, so the answer is, “Of course, it’d be a problem,” and it doesn’t matter what business you’re in.
“Companies have remote workforces, which is almost everybody today. A lot of companies have consultants sitting all over the country using their own computers. That’s problematic, right? Many people travel to airports and hotels—that’s problematic, too.”
So there are certain businesses that have bigger risks, and some have smaller ones, but it’s the MSPs’ task to identify and mitigate them for the client if they lack internal resources to do it independently.
Close collaboration with insurance providers allows TEKRiSQ to be at full speed with what’s required by the insurer. Many MSPs are unaware of such nuances and cannot offer clients the right solutions.
Close-up on the solution
TEKRiSQ is a unique managed service provider that performs risk assessments in 30 minutes. They also focus on delivering solutions in minutes, not weeks or months. Thus, working with tools that correspond with such objectives is super important.
NordLayer’s onboarding for secure remote network access is about as simple as possible. You put the email into the system, and it sends an activation email. The setup must be super simple so non-tech users can understand it and follow instructions.
“The setup only takes tens of seconds or a minute—it’s pretty simple. It’s for us to find a way to encourage them to consistently use the tool.”
As an MSP, TEKRiSQ must have access to activity reporting to see whether the clients are using the systems. If the activity is low, they must be able to enforce the service, as companies tend to forget to use it after installing the application.
“None of our clients wishes to learn or do anything in terms of managing a solution, so it has to be fully governed by us. They only want not to care about it besides turning the tool off and on.”
Finally, adding extra layers of security, like incorporating dedicated IP into the company’s network protection, is crucial. Whether it’s encrypting connections while working on a public network or adding IP or access control lists for the firewall—the client most likely doesn’t realize the need for such a measure because they don’t know there’s more behind a firewall or generic VPN.
Why join the NordLayer Partner Program?
Our Partner Program provides MSPs with an ecosystem of user-friendly solutions, educational materials, and hands-on support from our experts. The main benefit of NordLayer is in our approach to thinking two steps ahead for our clients and partners.
NordLayer is all about stress-free cybersecurity. Thus, it has to be approachable for the end-user and effective for our partners.
“Unless clients start to care enough to start doing something themselves to protect their business, my only concern is to make it really easy for them—like turning on the app and forgetting about the rest.”
By providing a Service Management Portal, NordLayer gives its partners keys to their organizations’ administration in one place. There they have centralized controls of comprehensive security features and user management.
Interested in collaborating to build a more resilient and aware cybersecurity landscape for businesses and organizations? NordLayer invites Managed Service Providers to seize the opportunity to join our Partner Program.
Thank you, Dean, for sharing your experience with NordLayer in helping your clients overcome network security challenges.
Future projections: threats and challenges to keep an eye on
Experience and daily work in the cybersecurity field help draw some presumptions about what to expect from the industry in the upcoming years. Our story hero, Dean agreed to share his insights on what companies should be cautious about in order to protect their businesses.
Genetic data leak, 23andMe point to credential stuffing
Hackers are selling genetic data stolen from users of the company 23andMe. The company itself says they weren’t breached, although their users’ data was used by what seems to be a single threat actor stealing personal details and genetic data. This data was then published or advertised online. 23andMe suggested that the threat actor(s) gained unauthorized access with “recycled login credentials”, a technique known as credential stuffing.
The logic is simple: Keep trying stolen username/password combinations, and eventually, they’ll work on another site. An easy solution to credential stuffing attacks? You guessed it: Multi-factor authentication (MFA). While 23andMe has offered an MFA feature since 2019, it was not made mandatory for users. With genetic and personal data at stake and up to 7 million users affected by these recent breaches, it might be time for a change in policy.
The Bleach Breach: Clorox revenue and supply chain hit
Clorox, the household cleaning giant, predicts a more than 20% drop in quarterly sales due to a cyberattack (thought to be ransomware) that caused product shortages and operational disruptions. Manufacturing, often kept running by legacy systems and sprawling workforces, suffers more cyberattacks than any other industry.
The Clorox incident is being linked to the same group responsible for the MGM and Caesars Palace hacks, discussed in our previous episode, which occurred around the same time in August 2023. “Scattered Spider” is notorious for using social engineering methods to gain access to internal systems. The Clorox Company’s share price has dropped by over 7 percent in the last month.
Wearable AI: Trendy or just trending?
Tech companies are rushing to secure the lead in wearable AI products. Meta has collaborated with Ray-Ban on a pair of high-tech glasses, enabling wearers to live stream directly from the glasses to Facebook or Instagram and voice activate Meta AI, “an advanced conversational assistant”. Jony Ive, Apple’s legendary former design lead, and OpenAI are reportedly teaming up to design the “iPhone of AI”.
Rewind.ai unveiled a neck-worn pendant that records conversations to your smartphone and creates a searchable database of life moments. Humane, imagining “a world where you can take AI everywhere”, have developed a smart device that resembles a badge or lapel pin.
The common goal here seems to be for technology to rely less on screens, to fade from view, and become all but invisible.
Stay tuned for the next episode of Cyberview.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.
The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.
