In this exclusive interview with CanadianSME Small Business Magazine, Alex Plotkin, Founder and CEO of Cyberwall Inc., delves into his extensive journey in the cybersecurity landscape and his commitment to protecting small and medium-sized businesses from the growing threat of cybercrime. With over 25 years of experience in technology leadership, including pioneering efforts in the payment card industry and leading a cybersecurity revolution, Alex shares invaluable insights into how businesses can safeguard their most valuable assets—data, employees, and clients. From his start in the early 2000s to founding Cyberwall Inc. in 2016, Alex’s expertise has made him a trusted advisor to corporate boards and C-level executives across various industries. In this interview, Alex discusses his approach to simplifying complex cybersecurity issues, bridging the gap between technical and business leaders, and how Cyberwall Inc. continues to evolve in a rapidly changing digital landscape. He also offers practical advice for small and medium-sized businesses looking to navigate the complexities of cybersecurity and privacy challenges.
Mr. Alex Plotkin is the Founder and CEO of Cyberwall Inc., a SOC 2 Type II certified cybersecurity managed and consulting services provider in Canada and the USA. He has over 25 years of experience in technology leadership, having held various roles, including founding technology start-ups and leading the technology revolution in large corporations.
Alex has been fighting cybercrime since the early 2000s, when he was responsible for cybersecurity in the payment card industry.
In 2016, Mr. Plotkin founded Cyberwall Inc., a cybersecurity services provider specialising in small and medium business cyber protection. Such a unique experience allows him to provide advice and insight to a wide audience, like start-up founders, as well as the board of directors, by guiding them on various cybersecurity and privacy-related subjects.
Mr. Plotkin possesses a Master of Science (MSc.) in Technology Management from the Polytechnic School of NY University and a Certificate from the Entrepreneurship Development Program at Schulich School of Business – York University, as well as several technical certifications, including Certified Information Systems Security Professional – CISSP (ISC2) – the highest cybersecurity certification.
Cyberwall focuses on defending against the rising tide of cybercrime. Can you explain how your solutions specifically address the unique challenges faced by small and medium-sized businesses?
Cyberwall’s services are explicitly centered on protecting small and medium-sized businesses (SMBs). The big enterprises and SMBs have a very different cybersecurity challenges.
Here is a just a few unique Challenges for SMBs:
- Limited IT resources and cybersecurity expertise
- Budget constraints
- Lack of awareness or understanding of cyber threats
- Increasing regulatory compliance requirements
- High risk of business disruption or closure following a cyberattack
Cyberwall team has a deep understanding of the unique technology constraints faced by small and medium-sized businesses. That’s why we’ve developed a risk-based approach specifically tailored to SMBs.
By leveraging the NIST Risk Management framework, we are able to identify each client specific risk gaps and risk tolerance levels. Our solutions are aligned with the Defense in Depth strategy, ensuring layered protection focused on the areas of highest risk.
We prioritize cost-effective, advanced tools and technologies that meet the evolving needs of SMBs—without the complexity or cost of enterprise-level systems. Our approach is never one-size-fits-all; it’s purpose-built to match the vulnerabilities, constraints, and business realities of smaller organizations.
With easy-to-implement, comprehensive security measures, we enable SMBs to reduce cyber risk, maintain business continuity, and focus confidently on growth and innovation.
With statistics showing that 43% of cyber attacks target SMBs and that many companies struggle to detect breaches, what proactive measures does Cyberwall recommend to enhance cybersecurity for these businesses?
Our approach is Risk-based Defense in Depth. We start by assessing client’s risk followed by implementing cybersecurity defenses where they are required the most.
There is no 100% security but based on the analysis of the previous attacks we can say that there is no business that doesn’t require advanced email security or browser protection. So many data breaches and ransomware attacks could be prevented by implementing Multi-Factor Authentication (MFA) everywhere.
Old antivirus doesn’t provide proper protection, more and more SMBs moving to the 24×7 Managed Detection and Response services based on advanced EDR solutions.
Frequent Vulnerability Scans and immediate security patching is not just a regulatory requirement but the real necessity.
When nothing stopped the attack and your systems compromised, you have to initiate an Incident Response plan, which you had to prepare in advance. You should have a backup of your data in a different location, so your backup is not encrypted and lost during the ransomware attack.
Phishing emails are a common entry point for cyber-attacks. How does Cyberwall educate and equip SMBs to recognize and defend against such threats effectively?
The famous saying that the chain as strong as the weakest link, was proven more than once in cybersecurity. No amount of safeguard and controls can fully stop the attack. The user/employee is ultimately the weakest link that clicks on the malicious URL, opens the file with malware.
Although Cyberwall’s Advance email security takes care of 97.9% of email threats. We still need to educate our employees. Cyberwall’s Security Awareness training service is designed to be used in four phases on a continuous basis in monthly or quarterly cycles that cultivates habit among users to remain vigilant from cyber threats and creates cyber secure work culture.
- We start with Baseline Testing
- Then we train users monthly
- We Run Phishing simulation at least quarterly
- Report and analyze the results. Some users need more help than others.
Cyberwall also provides cybersecurity awareness and privacy regulation workshops to the C-Level and Board of Directors, to make sure that they fully understand the regulatory requirements and prepare their companies to withstand cyber threats as part of Enterprise Risk Management.
Can you share a success story where Cyberwall’s intervention significantly mitigated the impact of a cyber-attack on a small or medium-sized business? What were the key factors in that success?
There are things that can sneak up on you, unplanned. A cyberattack is one of them—especially in the middle of the night.
Picture this: You’re overseeing IT operations; things are running smoothly—until your phone rings in the middle of the night. Panic. We have a data breach. Critical systems compromised. Probably Ransomware, and sensitive data potentially stolen. You scramble to contain the damage and reach out to your IT provider.
“Look, I can’t help you right now. You know we work 8 to 5. Let’s talk tomorrow, when everyone is in the office”And just like that, you have a problem—and no solution in sight.That’s exactly what happened to a company that later became our client.
When they couldn’t get help from their so-called security provider, they remembered they had my contact info. They called me in the middle of the night. I picked up, engaged my team, and we started Incident Response… deployed our tools, analyzed the data, quarantined compromised systems, mitigated the breach within hours, and restored their systems (what as possible).
The next day, they followed my suggestions on mitigating the threats and vulnerabilities on their legacy systems — and it worked.
They weren’t convinced it would help. But we guided them on what exactly to do and why it would be effective. They tried it, and the problem was solved.They’ve been with us ever since.
As a leader in cybersecurity, what advice would you give to small and medium-sized businesses looking to strengthen their defenses against cyber threats in 2025?
Although most SMBs don’t believe they are a target for cyberattacks, the data shows differently. The question is not If, but When. About 82% of ransomware attacks in 2024 were against companies with fewer than 1,000 employees. One cyber-attack can put an SME out of business.
As cyber threats grow more advanced, small and medium-sized businesses must take action—no matter the industry or size. Here’s what I would suggest starting with:
1. Make Cybersecurity a Business Priority
Don’t treat it as just an IT issue. Build security into your company culture and decision-making.
2. Protect Your Email – It’s the #1 Way Hackers Get In
Use smart email filters, train employees to spot scams, and require multi-factor authentication.
3. Plan for Ransomware
Back up your data securely and regularly test that you can recover it. Assume attacks will happen.
4. Train Your Team
Most attacks succeed because of human error. Regular, simple training can stop costly mistakes.
5. Partner with the Right Experts
You probably don’t have in-house expert, work with a trusted cybersecurity provider. 24/7 monitoring and support can be a game changer.
6. Think Long-Term
Choose solutions that grow with your business—not just the cheapest option now.
I strongly believe that the more secure each one of us, the more secured we are all. Therefore, anyone is welcome to reach out to me for a complimentary consultation, no strings attached.We will focus on your protection while you focus on growing your business!
