Now the owner of cybersecurity-focused IT services company Cyber Security Hawaii, Don Mangiarelli traces his interest in computers back to 1981, when his father brought home an early-model IBM PC as a Christmas gift.
But owning a personal computer was a novelty in those days, and the family had trouble setting it up.
“I walk in the door one day and my dad and my sister threw the manual at me,” he recalled with a laugh, “and they were like, ‘you make it work.’”
And within just a few minutes, he did exactly that.
“I read the manual and I read how to do some basic programming, and I was like, ‘OK, this makes sense,’” he said. “… It made me feel really good that I had this superpower.”
Mangiarelli has been using that “superpower” ever since, first on a freelance basis fixing people’s computers as a side gig while he worked in construction. Later, he went on to hold IT positions at two local companies — Servco and The Shidler Group.
He launched Cyber Security Hawaii in 2011. A full-service IT company, Cyber Security Hawaii offers risk assessment, security monitoring, systems management and more. In recent years, Mangiarelli said the company’s focus has shifted more toward cybersecurity. That pivot, he said, was in response to the rise of remote work — which he said can make companies more vulnerable to threats — and cybercrime becoming increasingly organized.
How do you help clients safeguard their businesses against cyberattacks? The first step is educating people about the threat. Most companies don’t perceive a real threat until after they’ve suffered a cyberattack and suffered some sort of financial setback because of it. … So I’m on this mission to educate business owners about the dangers that exist and how to protect themselves.
… Even with cybersecurity, you still can’t prevent all cyberattacks. The whole purpose of IT services and cybersecurity is to be prepared for the attack and be able to recover quickly and be back up and running business-wise as quickly as possible.
Can you share an example of the types of activities that might be the riskiest in terms of cybersecurity? I guess the riskiest would be when folks receive an email and they don’t verify who it came from and they click on the attachment or the link in there. That’s the riskiest behavior you can have, is trusting everything that comes in. We try to teach our customers that you should assume that everything you get comes from a hacker.
What has been your approach to growing your business and finding clients? Most of the large companies that we service come through managed service providers on a national level. [For example, our client] State Farm goes to a national-level managed service provider, and then we contract [the company’s] Hawaii [offices] from them.
[As for] contacting companies here in Hawaii, the best way for me to be able to do that is through large gatherings. I can educate companies and owners as to what’s happening and why they need to protect themselves. If they go with me, that’s great, but the real bottom line is that everybody becomes aware because there are just so many companies that have no idea how bad it is. So, my mission really is to educate.
[I go to] networking events and speak at conferences. A lot of it is networking — talking to people, letting them know what we do so that if they run across people who are looking for our types of services, they can refer them. Word of mouth is really valuable here.
Why did you want to focus more on cybersecurity? The landscape really changed with the pandemic and everybody working from home. When everybody was working in an office, there was only one place that the attackers had to attack, only one network, because everybody was there together. Now you spread everybody out and you had IT departments having to protect this spread-out attack surface. … That created a situation for companies where they had to manage all of that. And it created an opportunity for the criminal elements out there to be able to attack those things because they were not as protected as they once were. … Then you had criminal organizations that got involved in the cyberattacks. In 2021, 2022 is when you started seeing all of this stuff escalate, and now it's really organized. Now you have these criminal organizations that have lots and lots of money that are pouring that money into cybercriminal activities.
What is one thing you wish businesses knew about cybersecurity? The biggest thing I wish they knew about cybersecurity is that it can be a competitive edge. If there was a mass of cyberattacks, companies that have their customers’ data encrypted and protected, even if that data gets stolen, it becomes useless to the attacker because they can’t read it. It’s the difference of sending a letter out to your customers saying, “hey, we suffered a cyberattack and your data was taken and you’re going to want to monitor your bank accounts” and being able to send out a letter that says, “hey, we were hit with a cyberattack, but here’s what we did to protect your data.” The FBI reported last year, here in Hawaii alone, cyberattacks cost businesses and residents [nearly $52 million], though the FBI notes that only about one-third of cyberattacks are ever reported, so that number is likely much higher. … While there is an upfront cost to [cybersecurity measures] and a lot of businesses don’t see the value in that, the value is in reducing your liability, reducing your insurance costs and reducing other costs that are related to a cyberattack.
Cyber Security Hawaii
Don Mangiarelli, owner and general manager
Address: 98-027 Hekaha St., Suite 34, Aiea, HI 96701
Phone: 808-377-6300
Website: cybersecurehawaii.com
Book an appointment: strategy.cybersecurehawaii.com
