JMCPA AssistantOnline
Hi — I'm the JMCPA site assistant. I can answer general questions about the firm, point you to the right portal, or help you get started as a new client. What can I help with?
The JMCPA Assistant is informational only. Always confirm tax, legal, or financial decisions with Josh or a qualified team member.
Back to Editorials
Technology Opinion 7 min read

The More You Build, the More Doors You Open

Josh Mauer, CPA
Founder, Josh Mauer CPA LLC

A note on the labor shortage that’s coming, the data risk that comes with it, and why we still build slowly on purpose.

I have a reputation with my clients, and I have made peace with it: I am the one who slows you down. When everyone else is racing to add the newest tool, I am the voice asking what happens to your information when you do. I wear that as a badge now, because this is the fourth technology revolution I have lived through with my eyes open—the personal computer, the internet, the app, and now AI—and every one of them rewarded the people who moved deliberately and punished the people who moved blind.

Let me be brave about what is actually happening, because the headlines are not wrong. Business leaders are pricing in a real, lasting shortage of human labor, and it is mostly demographics, not hype. Korn Ferry’s widely cited Future of Work analysis projects a global shortage of more than 85 million skilled workers by 2030—enough unfilled work to put roughly $8.5 trillion in annual revenue out of reach, with about $1.75 trillion of that in the United States alone. The baby boomers are leaving the workforce faster than younger, trained workers can replace them. That gap is the quiet engine under all the AI noise.

And the money is moving to meet it, fast. Gartner forecasts worldwide AI spending will reach $2.59 trillion in 2026, up 47% in a single year. So when I tell you “what these companies do is shaping our options quickly,” I mean it literally: the decisions being made this year are setting the terms the rest of us will work inside. That is exactly why I want us to make our own decisions carefully rather than be swept along by someone else’s.

Nobody worth working with is trying to fire anyone

I want to be clear about the part the headlines get wrong, even when the numbers are right. The point of all this is not to thin out good teams. With a shortage this size, the real problem most businesses will face is not too many workers—it is too few. The builders I respect are trying to create more capacity for everyone, not less. Even the companies at the frontier of this technology are hiring, because the tools are only as good as the people with the ideas and judgment to aim them. The right way to use AI is to extend your best people, not replace them: let it absorb the rote work so your team can do the work that genuinely needs a human—the judgment, the relationship, the hard call.

The more you build, the more doors you open

Here is the catch, and it is the reason I go slow. Every tool you add, every connector, every “just give it access to your email and files” is another door—not only for you, but for anyone trying to reach your data. Convenience and exposure grow together, and the threats are scaling toward a kind of power that, a few years ago, would have sounded like myth.

The data backs the caution. IBM’s 2025 Cost of a Data Breach Report put the global average breach at $4.44 million; for U.S. companies the average hit an all-time high of $10.22 million. And the AI-specific findings are the ones every business owner should read twice. IBM found that where “shadow AI”—the tools employees adopt without oversight—was heavily used, it added roughly $670,000 to the cost of a breach. And 97% of organizations suffering an AI-related security incident lacked proper access controls on those tools. Read that again: nearly everyone who got hurt through AI had simply never built the controls. So the honest question is not whether AI is impressive. It plainly is. The question is the one I want every client to sit with: are you protecting your information at the level the threat is advancing? If you added the tools but never designed the protection, you have built a bigger house with more unlocked doors.

Architecture before adoption

The fix is not fear. It is architecture. And the adoption is real: a 2025 U.S. Chamber of Commerce survey found that nearly 60% of small businesses now use AI—more than double what it was in 2023. But adoption is racing ahead of governance: IBM found that 63% of organizations either have no AI governance policy or are still developing one. Most are bolting on tools one at a time, with no plan behind any of them. That is a lot of the market driving a faster car with no seatbelt. Before you bolt a powerful tool onto your business, you should be able to answer three plain questions:

  1. 1 What data does it touch?
  2. 2 Who (and what) can see that data?
  3. 3 What happens when something goes wrong?

A well-designed process answers those before the tool is switched on. A rushed one answers them after a breach, which is the most expensive time to learn.

This is not abstract for us. As a CPA firm, we are held to it by law. When a firm handles taxpayer information, the federal Safeguards Rule treats us like a financial institution, the IRS lays out the playbook in Publication 4557, and we are required to maintain a written information security plan—a real document, with a designated person responsible, a risk assessment, vendor oversight, and an incident response plan. We do not treat that as paperwork. We treat it as the standard your information deserves, and we hold our own house to it before we ever ask you to trust us with yours. If you are layering AI into your business, you deserve to think the same way, even if no regulator is making you yet.

Spend like an owner, not like it’s free

There is a second risk that gets less attention than security and can hurt just as fast: cost. AI feels cheap until suddenly it isn’t. It is easy to wake up one month spending thousands across a dozen tools and not be sure any of it has turned into a real return—and you would not be alone. Even among small businesses already using AI, a large share say they still cannot clearly prove the payback. So spend like an owner. Tie each tool to the value it is supposed to create, give it a fair window to prove it, and cut what does not earn its keep. The goal is leverage, not a subscription pile.

So now what

We know this cycle. Every revolution I have lived through swung hard, overshot, rebounded, and came out stronger—and the people who learned the most and built the most carefully came out ahead. So my answer to “now what” is simple, and I may even get it tattooed: lean in. Lean in by solving real problems, by learning more than you ever have, and by building better relationships—because relationships are the one asset no tool can copy and no shortage can automate.

Go slow where it counts. Then go far. That has always been the deal.

For our part, that work is already underway. I am beginning to roll out the tools I have wanted to build for clients for years—assistants that extend my expertise and my reach, so you can plan with me better and more often than a calendar of meetings ever allowed, and at very reasonable cost, because we have learned to leverage these systems instead of being leveraged by them. They are being built the way I am asking you to build: carefully, with your data protected first.

Josh Mauer, CPA

Founder, Josh Mauer CPA LLC · joshmauercpa.com

Layering AI into your business?

Before you bolt on the next tool, it’s worth answering those three questions with someone who’s legally held to the standard. That’s CPA work, and it’s what we do.

Sources: Korn Ferry, Future of Work: The Global Talent Crunch; Gartner worldwide AI spending forecast, 2026; IBM Cost of a Data Breach Report 2025; U.S. Chamber of Commerce, Empowering Small Business, 2025; IRS Publication 4557 and the FTC Safeguards Rule. This article is provided for general informational purposes and does not constitute tax, legal, accounting, or security advice. Josh Mauer CPA LLC is a Kansas-licensed CPA firm.