Why this Millersville company sees the new Buy Maryland Cybersecurity Tax Credit as a tool for growth

After working with local companies on their tech needs for 35 years, Summit Business Technologies CEO Mike Cohn has seen some change.

“As the use of tech in businesses has evolved, our company has grown and evolved to provide those services along the way,” Cohn said.

In the last couple of years, the exec said, the focus shifted from getting that technology set up and ensuring it’s working to cybersecurity. So, the Millersville-based company now offers tools for protection from threats as a managed security services provider.

Summit’s 28-person team was certified and trained in cybersecurity within the last two years, and it’s offering those services to firms in manufacturing, small business and nonprofits ranging in size from 20 to 200 employees. Those small and medium-sized firms are are at risk of being attacked, but often don’t have in-house teams focused on security like a corporation.

While the company offers plenty of technology to keep systems safe, Cohn said Summit also wants to empower the people working at the companies to be able to avoid attacks. Attackers seeking a way into a system are looking for vulnerable spots, and breaking into a network right through an unsuspecting employee clicking an innocent-looking link or opening the wrong email can be easier than breaking through the set of systems. Data on breach causes backs him up.

“We do a lot of security awareness training,” Cohn said. “We even built a product that deploys that training over a long period of time and a low tolerance level.”

Mike Cohn. (Courtesy photo)

Called Phishgoggles Security Awareness Service, Summit offers cybersecurity training that’s rolled out in modules that take minutes to complete over a period of months. The ongoing cycle aims to make the best practices for keeping data safe a habit, Cohn said. For an initial test of ability to recognize a suspicious email, there’s also a Phishgoggles quiz.

The company also has a new tool to get buy-in from the companies themselves. Summit recently became a certified seller under the Buy Maryland Cybersecurity Tax Credit. The incentive allows Maryland companies can recoup 50 percent for the purchase of cybersecurity technologies and services from a local company that is certified. In other words, companies only have to pay half as much.

“We thought it was a big help not only for us, but for these small businesses. It’s like a sale,” Cohn said.

Summit is the 12th company to become a certified seller since the tax credit took effect in the fall, and more applications are currently in the review process, according to the Maryland Department of Commerce. It’s designed to make the cybersecurity tools more affordable for small businesses, and help the state’s cybersecurity industry. Under the measure passed in the 2018 legislative session, the Maryland-based companies who receive the tax credit are required to make less than $5 million and have fewer 50 employees.

The bill was backed by the Cybersecurity Association of Maryland, Inc. (CAMI). According to CEO Stacey Smith, it was the first of its kind in the country at the time it was passed.

“For it to be something to say ‘buy local’ and as a business you’re going to benefit from that, and you’re going to be more cyber secure than before — it’s a double win,” Smith said.

Smith said CAMI would like more of its members to become qualified sellers. The program was introduced toward the end of 2018, after details were worked out. And there’s education taking place about what’s available, and who can participate. To become a seller, companies have to submit documents including a business plan, and they must be certified yearly. A bill being proposed during this year’s state legislative session would open up the tax credit to businesses with more than 50 employees.

“Now that the details are figured out I expect we’ll see more companies apply for it as a seller, and we’ll keep our push to let the business community know that it’s a tool for them to be more cyber secure,” Smith said.