What if your career path took an unexpected turn into the fast-paced world of cybersecurity? Join us for an insightful conversation with Fayon, a senior cybersecurity advisor, who pivots from mathematics and mechanical engineering to become a cornerstone of breach response and risk advisory. Hear how her role as a breach assistant at an insurance company became the gateway to a successful cybersecurity career, and discover the unique challenges and rewards of navigating this dynamic field.
We bring you personal stories of career transitions, from fields as diverse as mathematics and criminal justice, to the evolving landscape of cybersecurity. Fayon shares her experiences working in both reactive breach response and proactive risk advisory, shedding light on the importance of continuous learning and adaptability. This episode also tackles misconceptions about introversion in the professional world and highlights the perpetual need to stay ahead in the ever-changing cybersecurity industry.
Dive into the unique challenges faced by Black women in cybersecurity as Fayon candidly discusses her experiences with imposter syndrome and the lack of representation. We also delve into the critical role of cybersecurity insurance, comparing it to auto insurance claims management, and emphasize why even small businesses need comprehensive security measures. From conducting incident response plan reviews to leveraging threat intelligence, this episode is packed with valuable insights for anyone interested in the intricate world of cybersecurity.
Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today
Speaker 1: How's it going, Fayon ?
00:00:02
It's really great to finally get you on the podcast.
00:00:04
I think that we've been probably working towards this
00:00:07
thing since probably the end of 2023 is when I got the email
00:00:13
initially, but I'm glad that we're finally able to get
00:00:16
together.
00:00:18
Speaker 2: Yeah, thanks.
00:00:18
Thanks for having me, jay.
00:00:19
I'm happy to be here, happy to be here.
00:00:21
Speaker 1: Yeah, absolutely, you know, I start everyone off with
00:00:25
telling their background.
00:00:26
The reason why I do that, you know, is because there's a
00:00:37
portion of my audience that are trying to get into cybersecurity
00:00:39
or they're trying to get into IT, and maybe they even went to
00:00:40
college in something that wasn't IT related and they're in a
00:00:42
career path that they don't like right now, you know, and
00:00:44
they're trying to make a switch Right.
00:00:46
And I have found that it was always very helpful for me, when
00:00:51
I was trying to make that jump into it and into security myself
00:00:54
, to hear someone with a similar experience or a similar
00:00:57
background, um, you know, and and they were able to pull it
00:01:01
off.
00:01:01
And so then it's kind of like in your subconscious, like, well
00:01:03
, if they can do it, maybe I can do it Right.
00:01:06
So, you know, how did you?
00:01:07
How did you get into IT?
00:01:08
How did you get into security?
00:01:10
You know, was there something earlier on in your life that
00:01:13
kind of sparked that interest?
00:01:16
Speaker 2: Yes, I think, like most people that I know, I got
00:01:21
into the cybersecurity space.
00:01:23
A very I kind of just fell into it, I would say.
00:01:27
So my background is I have my undergraduate in mathematics.
00:01:31
In undergrad I do a dual degree program, so it's a 3.3, well,
00:01:35
at the time it was a 3.2.
00:01:36
So I had to have a bachelor's in math and then I transferred
00:01:41
to a partner school to get engineering degree.
00:01:45
I thought I was going to be a mechanical engineer, so that's
00:01:49
the second major I did.
00:01:51
I went into mechanical engineer .
00:01:53
It turns out I didn't like it.
00:01:55
My dad was pushing me to do electrical engineering.
00:01:58
I was like I don't want to be like you, because my dad's also.
00:02:02
He's a computer scientist, a computer engineer.
00:02:04
I was like I don't want to be like you, I dad's also, he's a
00:02:04
computer scientist, a computer engineer.
00:02:05
I was like I don't want to be like you, I want to create my
00:02:07
own path.
00:02:08
And so, while I was going to school, my sorority sister.
00:02:12
She's like hey, do you want to work at this company?
00:02:14
And so I applied and I got a position to be a breach
00:02:19
assistant and in that role I worked with a breach team.
00:02:24
So this is that insurance company and I work with.
00:02:30
Attorneys are individuals with attorney background, legal
00:02:34
background, so they, you know they're coming from the cyber
00:02:36
data privacy space and I also work with the technical folks,
00:02:41
um so with like their cisp and stuff, and I was just a free
00:02:44
assistant at the time.
00:02:45
So I get to see a different lens of it.
00:02:47
Where at that time I didn't know much about cybersecurity, I
00:02:51
would say I thought it was, you know, a stereotype like a guy
00:02:56
behind a computer hacking people every day.
00:02:58
So it was a different exposure.
00:03:00
It was insurance.
00:03:01
It was more on the reactive side, so it was the breach
00:03:04
response team.
00:03:05
So when an organization would be impacted by a cyber incident,
00:03:10
the team they would be sort of like an on-demand breach
00:03:13
consultants, so they would get on a call with them and sort of
00:03:17
they're dealing with a crisis, so they would potentially just
00:03:19
help them walk through what that would look like, so getting all
00:03:22
the necessary vendors they need to sort of mitigate that.
00:03:25
So that was my first time in that space and I've been there
00:03:30
ever since.
00:03:30
That was 2017, six years.
00:03:35
Speaker 1: Okay.
00:03:37
Speaker 2: So I've been there since I am since left that
00:03:39
company and I'm now with Corbis where I do, instead of the
00:03:42
reactive, I do a bit more proactive work.
00:03:45
So, with the risk advisory team and our team is, it will
00:03:51
provide resources to our policyholders to prevent the
00:03:56
severity and likelihood of a cyber incident.
00:03:58
So, being that, I've seen like, okay, what it's like on the
00:04:01
back end of you know, a big organization after they've been
00:04:05
impacted by a cyber incident.
00:04:06
Now I'm like, okay, let's figure out how to avoid that
00:04:10
from happening.
00:04:10
So we offer a ton of services.
00:04:13
So I've been there since.
00:04:15
That's how it started.
00:04:16
I honestly thought I was going to be a mechanical engineer, but
00:04:19
now I'm a cybersecurity advisor .
00:04:21
I've been with Corvus since 2022.
00:04:25
I'm now a senior cybersecurity advisor.
00:04:26
So I've definitely advanced in my role over the time and even
00:04:31
at my prior company, I started as a breach assistant I
00:04:35
expressed interest in like this is kind of cool, I want to learn
00:04:39
more, and so, on that team when there was a position at Open.
00:04:44
And so, you know, on that team when there was a position at
00:04:48
open, that was my opportunity to step into more of the breach
00:04:50
response role to help these organizations when they have a
00:04:52
cyber incident.
00:04:53
Yeah, so.
00:04:56
Speaker 1: So it sounded like you kind of just dove into the
00:04:58
deep end, right, and I'm sure, sure, along with that comes a
00:05:03
lot of anxiety, right, and like imposter syndrome and things
00:05:10
like that, right, like you know, I've been in cybersecurity for
00:05:14
probably 10 years and when I get a new role, I still have
00:05:18
imposter syndrome to some degree .
00:05:20
I'm like I hired the wrong guy.
00:05:22
Obviously they didn't think that I would be like this or
00:05:25
anything like that.
00:05:26
You know, any day now they're going to tell me I'm gone.
00:05:29
Did you experience any of that and, if so, how did you overcome
00:05:33
it?
00:05:33
Because I'm sure that that's actually pretty.
00:05:35
That's a pretty unique situation, right.
00:05:38
Like, not everyone jumps into the deep end in cybersecurity.
00:05:42
I don't even recommend it, right.
00:05:44
When people are asking me how to get into security, I tell
00:05:47
them to go a different path than that.
00:05:49
So how did you overcome that?
00:05:51
Speaker 2: Yeah, I still suffer from imposter syndrome today,
00:05:54
but I think a large number of it is for me.
00:05:58
To help me overcome this with the leadership on my team at my
00:06:04
prior company.
00:06:05
Training was really really good and I thought I couldn't do it
00:06:10
because I'm not technical enough .
00:06:12
I mean, I know a bit of coding because you know some of my
00:06:16
background and I was an innovationist.
00:06:17
But I started to do my master's while I was doing that role in
00:06:22
computer science, but the focus would be on cybersecurity and so
00:06:27
I have some knowledge of what to expect.
00:06:30
But I'm a very visual, hands-on learner so I needed that.
00:06:34
But I would say most of my peers they were really good with
00:06:38
helping me and training me and I ask a ton of questions.
00:06:42
I'm very inquisitive, so that definitely helps, but I would
00:06:46
say that the key to it is leadership on my team.
00:06:50
But I still, to this day, struggle with imposter syndrome.
00:06:53
I'm like, okay, do I know it?
00:06:57
I get on calls with organization or policy holders
00:07:02
to talk through gaps that they could potentially have in their
00:07:04
security posture.
00:07:05
It's like, okay, I have to brace myself.
00:07:08
It depends on who's on this call.
00:07:10
Sometimes you're getting the very, very technical faults and
00:07:13
sometimes you're getting someone from like risk management.
00:07:15
So it really depends on who you're getting, what that
00:07:18
conversation, how that conversation could could end.
00:07:21
I think most of them are pretty positive, but I still struggle
00:07:24
with with that today.
00:07:25
Um, therapy, it's like definitely a working process for
00:07:29
me yeah, definitely.
00:07:32
Speaker 1: You know what's interesting just being in the
00:07:35
cyber security realm the the amount of people and the
00:07:38
different kinds of people with different backgrounds that
00:07:42
you're encountering on a day-to-day basis.
00:07:44
It's always very important to understand who's on the call and
00:07:49
what their background is, what their role is, what they're
00:07:52
working on.
00:07:52
There's been numerous times where I didn't understand that
00:07:56
earlier out of my career and I approached a problem from a
00:07:59
completely incorrect angle and, you know, almost like burned a
00:08:03
bridge before, like even putting it up.
00:08:06
It's um, it's a.
00:08:08
It's an interesting balance, though, because you know
00:08:10
security tends to touch every department in the company, like
00:08:14
we don't just work with developers or other it people.
00:08:17
We have to work with the legal team and say, no, it needs to be
00:08:21
this way because of this.
00:08:22
And you know we need to work with procurement people and
00:08:26
people that are doing audits and everything under the sun.
00:08:29
It's um, it's an interesting, you know place to be, because
00:08:33
you know not only is security growing and changing every
00:08:36
single day, you know you also need to really be on top of your
00:08:40
communication skills, and I think that that's like a like an
00:08:44
undervalued skill that, as technical people, we don't
00:08:47
always put that emphasis on.
00:08:50
Speaker 2: Yeah, yeah, I agree, I would say like, even with
00:08:54
security I didn't say it's a pretty diverse industry, right?
00:08:59
Like you mentioned, we need to touch on every topic across
00:09:03
every organization.
00:09:04
Organization, like every department, gets to see some
00:09:06
things that security related, and I would say that again, back
00:09:11
to that stereotype of who you would imagine to be in cyber
00:09:14
security, not as someone that looks like me with my background
00:09:18
, where, you know, then you think of someone who's technical
00:09:21
, you don't think that that, um, soft skill is.
00:09:24
They're mostly like computer coding or hacking or doing
00:09:28
something like that, but that's all still.
00:09:30
But a communication piece is definitely something that I
00:09:34
think helped me in in my role.
00:09:37
Uh, categorize myself as an introvert.
00:09:40
I don't know that most people see me as that.
00:09:41
I think.
00:09:43
With that, though, I still try to think through like, okay, how
00:09:46
do I communicate with the different people speaking that
00:09:49
language?
00:09:50
You know, trying to translate something that's very technical
00:09:53
to a very non-technical, depending on my audience.
00:09:58
Speaker 1: Yeah, I mean, I tried to consider myself an introvert
00:10:01
as well, but then here I have this podcast, so I don't think I
00:10:04
can make that claim anymore.
00:10:05
Speaker 2: Yeah, people tell me I don't think you're an
00:10:08
introvert.
00:10:08
I was like I think I am.
00:10:11
Speaker 1: Just to backpedal just a little bit.
00:10:13
You know, you got your degree in mathematics, started to go
00:10:16
down the mechanical engineering route.
00:10:18
You know what was that like?
00:10:20
To do the mental gymnastics to make the pivot in IT, right,
00:10:25
because I'm sure that there must have been something where it's
00:10:29
like, well, that's not really what I've wanted to do, right,
00:10:32
that's not what I set out my goal to be at the end of this
00:10:36
thing.
00:10:36
You know, how did you kind of reconcile that?
00:10:39
I guess you know within yourself.
00:10:41
And the reason why I ask is because it actually took me a
00:10:44
long time to do that myself.
00:10:46
I got my bachelor's in criminal justice, fully expected to go
00:10:49
into federal law enforcement.
00:10:51
I thought this IT thing would be a very temporary thing, just
00:10:54
something to pay the bills until I get into an agency somewhere,
00:10:58
you know, because they take like one to two years to get you
00:11:00
in and I can't be without an income for one to two years when
00:11:05
I have student loans and like it took me a long time.
00:11:15
I mean, like I was in it, I was in security and I was still,
00:11:16
you know, trying to angle myself and get into federal law
00:11:18
enforcement.
00:11:19
Right, that was, that was everything to me.
00:11:22
That was my dream and now, looking back on it, I'm I'm
00:11:25
actually thankful that it didn't work out right, because I I
00:11:28
don't have to put my life on the line every day.
00:11:30
I'm, I'm not worried about you know these, these random, you
00:11:34
know life or death situations.
00:11:36
Um, I get to you know, sit safely in in my house and not go
00:11:41
outside for a week if I don't want to yeah, yeah, I would say
00:11:46
it's just.
00:11:46
Speaker 2: This is the same same same thing for me.
00:11:49
Like I said, I was working part-time while going to school
00:11:53
full-time, and I worked at the bank and I hated working at the
00:11:56
bank because I had to sell and I was like that's not my
00:11:59
personality at all and so when this opportunity opened up, it
00:12:03
was just like, okay, I'll continue to go to school while I
00:12:06
try to make some money to pay bills.
00:12:09
But it just became very interesting and I didn't.
00:12:13
I wouldn't consider myself very technical, so from my, my
00:12:17
approach to it was more of like my gosh, there's this other side
00:12:22
of the world that I don't like to see every day or hear about
00:12:26
all the time.
00:12:26
You're hearing about companies that's getting hacked.
00:12:29
What is ransomware?
00:12:31
At the time, ransomware was like it wasn't as big as it is
00:12:34
today, but you hear about all these things.
00:12:36
Or like in the healthcare space especially, I didn't understand
00:12:39
the different policies and regulations that they have to
00:12:43
abide by, but seeing those like it was to me it was not boring
00:12:48
at all.
00:12:48
So it was like there's never a boring day.
00:12:50
This is so interesting.
00:12:51
You learn something new all the time and then you get to talk
00:12:55
to like people who are experts in the space.
00:12:58
Because, uh, I started off as like a breach assistant before I
00:13:01
became like a breach manager.
00:13:03
I got to sit on the back, sit in the background and listen to,
00:13:07
uh, my colleagues on calls or talk to like forensic vendors or
00:13:11
law firms about what's going on , to understand the, the cyber
00:13:15
landscape.
00:13:16
I was like, okay, this is actually kind of cool and I'm
00:13:21
helping people.
00:13:21
Oh, I don't mind doing this.
00:13:24
And so that's when I made the switch, because I was like, okay
00:13:26
, I could switch and study something else, because, at this
00:13:31
time, like, okay, I will get to learn more of the theoretical
00:13:34
piece while I'm getting the more real life experience of it.
00:13:38
That's that so similar to you.
00:13:39
I was just trying to pick the L's and then here I am, almost
00:13:43
seven years later.
00:13:44
Speaker 1: Yeah, yeah, it's a fascinating field.
00:13:48
One of the first people I mentored, right, he was trying
00:13:51
to get into cybersecurity from being in the networking.
00:13:54
You know, in my opinion, networking is probably like the
00:13:57
worst part of IT.
00:13:58
You know, it's the most boring topic in the world.
00:14:02
I tried to, you know, get my network plus early on in my
00:14:05
career and the only thing that book did for me was put me to
00:14:09
sleep at the at night, you know like, or even at work, like that
00:14:13
was the most embarrassing thing .
00:14:15
It I, I hate networking.
00:14:16
I just hate thinking about it, right, which is weird for a
00:14:19
security professional to to say.
00:14:21
But it's like I don't, I truly do not care what protocol you
00:14:26
know you're using.
00:14:27
Is it encrypted?
00:14:28
If not, we need to talk about it, right, like, that's the
00:14:32
extent that I care about it.
00:14:33
Um, I was talking with him and I was describing what it's like
00:14:38
in cyber security.
00:14:39
He was, he was mostly on board until I got to the point where I
00:14:42
said but you know, you have to be comfortable with always
00:14:46
learning, always something changing and you needing to
00:14:50
learn something new and adapt.
00:14:52
That was the part that you know , really like, stopped it right
00:14:55
there, for it was like, well, I don't think that this is it
00:14:58
because I want to.
00:14:58
I kind of want to just like, get my CCNA and stop there.
00:15:02
You know, I'll be good for the rest of my career.
00:15:05
I don't need to go to school or get certs or anything else like
00:15:08
that and like, well, you know, you're going to stagnate, right?
00:15:12
I later on in my career I met people that had been in that
00:15:16
same exact situation where they they chose to no longer, you
00:15:21
know, longer learn the new stuff .
00:15:22
They chose to no longer learn the new technologies or the
00:15:28
different protocols or reasonings, best practices.
00:15:31
They chose to stop doing all that stuff.
00:15:33
And later on, actually fairly recently, they were laid off and
00:15:39
now they're having trouble finding work because they don't
00:15:42
have those skills.
00:15:43
The skills that they had were for that one company and that
00:15:48
one company.
00:15:48
His manager really liked him because he was a funny guy.
00:15:51
So the manager always did a good job of making sure that
00:15:55
they had that, that role, that kind of workflow for him, so
00:15:59
that he could say to management like, hey, this is the only guy
00:16:02
that does it, he's the only guy that knows how to do it.
00:16:05
Um, you know, god forbid.
00:16:07
The day came when you know someone said, well, can't we do
00:16:10
it another way?
00:16:11
Right, and he didn't have anything to back it up.
00:16:13
And immediately my friend is now, you know, on the job market
00:16:18
.
00:16:18
Um, which is?
00:16:20
It's an interesting time to be on the job market, especially
00:16:24
when you're trying to, like, rebuild your skills.
00:16:26
I, I would not want to be in that situation, that's for sure
00:16:30
yeah, yeah, it's, it's interesting.
00:16:34
Speaker 2: I like well one, I like his honesty, like knowing,
00:16:37
like you know who he is like.
00:16:38
Yeah, I don't think I want to learn anything else, so that is
00:16:43
interesting.
00:16:43
But yeah, the job market it's, it's pretty rough right now.
00:16:48
I know a few people that are trying to get into the, the
00:16:53
cyberspace, and they ask about, like, what should they do?
00:16:56
And you know similar background to to mine, I, you know, I
00:17:00
explained them.
00:17:01
I think most of it is networking.
00:17:03
I think, with cybersecurity, a lot of the roles, sometimes
00:17:07
mostly the non-technical ones.
00:17:08
It's very transferable scales from what you're doing, if you
00:17:13
can, if you're a fast learner, that's one, and if you're able
00:17:17
to communicate well, like we just talked about, that's also
00:17:21
key, and just being curious and willing to expand your knowledge
00:17:25
.
00:17:25
But yeah, it is an interesting time to be unemployed.
00:17:32
Speaker 1: Yeah, I feel like one of those key skills that are
00:17:35
often overlooked for security professionals is that
00:17:39
communication effect.
00:17:40
I remember when I was on help desk and maybe it was just the
00:17:45
company that I was at in the business that we were in, right,
00:17:48
but we were dealing with like 911 software that directs calls,
00:17:52
you know, and provides exact location information to the, to
00:17:56
the first responders, and I mean I would get calls sometimes
00:18:01
that were just like hairs on fire.
00:18:03
This thing isn't working, like.
00:18:06
I got to get the whole team on here to figure it out, right.
00:18:11
So I was used to being in like high stress situations and
00:18:14
calming people down, talking them through it, and I, I, I
00:18:17
dealt with like the, the military, the federal government
00:18:20
, right, right, so like they can't do a screen share, they
00:18:23
can't send you logs, right, like you, literally, and they
00:18:27
intentionally do this.
00:18:29
They intentionally put someone that literally doesn't know how
00:18:32
to spell linux on the other end of the call for you to work with
00:18:37
them and that that's not an insult to them in any way.
00:18:40
Right, they, they, actually, they are extremely intelligent
00:18:44
and smart in the one thing that they do for that agency and it
00:18:49
is very intentional for the agency to do that, and it is
00:18:53
also very intentional for them to put them on the phone with
00:18:57
you because they want no liability if something goes
00:19:01
wrong.
00:19:02
They want it to be like well, this vendor doesn't know.
00:19:05
You know that's literally the situation.
00:19:08
I mean you're getting on the on the call with these guys that
00:19:11
you can't, you can't see anything, you can't get sent
00:19:14
anything and you have to walk them through.
00:19:16
You know exactly what to type on the keyboard.
00:19:19
That sort of skill is is now that I'm looking back on it.
00:19:23
It's an extremely valuable skill Like that's.
00:19:25
That's why I tell everyone you know, start in help desk,
00:19:28
because if you get through a stressful environment and help
00:19:32
desk, that's all the communication stuff out of the
00:19:35
way, right there.
00:19:36
Speaker 2: Yeah, yeah, that is.
00:19:38
That is super key.
00:19:39
I would say, like even in my last role at my the prior come
00:19:42
to Nail the Sweat, where I was that on-demand breach consultant
00:19:47
you're getting a call from someone who's like or entire
00:19:51
system is down or company's losing money, what do I do?
00:19:55
So they're in full crisis mode and sometimes they're not happy
00:19:59
in them having to call their insurance carrier and talk to
00:20:02
someone and like answering all these questions, especially if
00:20:06
it's someone who's not technical right, they want you to figure
00:20:09
it out or you know they're upset .
00:20:11
I've had a lot of interesting interactions with you know,
00:20:14
c-suites who are experiencing like a ransomware and how to
00:20:17
handle that experiencing a ransomware and how to handle
00:20:20
that.
00:20:20
And you have to be really calm and patient with most of these
00:20:26
people, because one you have to understand that if you're
00:20:29
dealing with something, they probably never have to
00:20:30
experience the fact that their company is losing a lot of money
00:20:34
.
00:20:34
But if someone's saying, hey, you got to pay me millions to
00:20:37
get yourself back, so yeah, it definitely, definitely a unique
00:20:42
skill set, to say the least.
00:20:45
Speaker 1: Yeah, it's interesting.
00:20:47
When I was on the help desk side of it, I think that my
00:20:53
customers could tell that I was very young, very early on, still
00:20:55
learning things.
00:20:56
I mean, I'm still learning today, but I definitely know a
00:20:59
lot more than I did then, and it was always interesting when you
00:21:05
know you would get the more senior person more senior.
00:21:08
I mean, this always happened with with guys.
00:21:11
You know the more senior guy that knew significantly more you
00:21:15
know than you about everything and you give them advice and
00:21:19
it's like it doesn land.
00:21:22
It doesn't make sense to them because they don't know the
00:21:24
intricacies of your system.
00:21:26
I remember, for instance, I was working with a very large bank.
00:21:31
If I named them, two-thirds of the world would know who they
00:21:35
are and I was working with this person and I said okay, your
00:21:39
database is out of memory.
00:21:40
We have to increase the memory.
00:21:40
It's not a server issue.
00:21:40
Was working with this person and I said okay, you know your,
00:21:42
your database is out of memory.
00:21:42
We have to increase the memory.
00:21:43
It's not a server issue.
00:21:45
You already have the the memory on the server.
00:21:48
We just need to expand the database.
00:21:50
Because it's not, it doesn't know to utilize it right, and so
00:21:54
that's why we're running into all these issues.
00:21:56
And it took probably four hours of convincing them to do it.
00:22:00
And, like guys, I like, I literally like.
00:22:02
This is what it is.
00:22:04
My engineers have confirmed it.
00:22:06
My developers have confirmed it .
00:22:07
You know the people that literally created this
00:22:09
application, confirm that that's what's going on.
00:22:12
You know they got they got very vocal with me, very
00:22:16
unprofessional, and that was frustrating for me.
00:22:20
It was.
00:22:21
It was definitely a learning experience, but like, at the
00:22:24
same time, you know it was a situation where it's like, hey,
00:22:27
like this is what it is.
00:22:28
I don't know how else to explain it to you.
00:22:31
Did you run into situations like that where you know people
00:22:35
kind of like almost give like a second?
00:22:38
Speaker 2: Yeah, all the time I'm a woman, like a section,
00:22:47
yeah, all the time, and I'm a woman, uh, so that's just like
00:22:48
an immediate, you know, um, like it moves me down in terms of
00:22:51
like them, you know, assuming my , my expertise.
00:22:52
And then the next thing would be like I'm a black woman.
00:22:55
We don't see a lot of black women um, in this space.
00:22:58
Uh, in my current role, I'm definitely getting getting on
00:23:01
video calls with these organizations and most times
00:23:04
you're seeing male right, especially if it's the technical
00:23:08
side of the organization that's hopping on these calls to talk
00:23:12
about any recommendations that I could have.
00:23:14
And that's where my imposter syndrome would kick in, right,
00:23:18
it's like, okay, I'm a woman, I'm a Black woman, and then I
00:23:22
have an accent, uh, from jamaica , I was born in jamaica.
00:23:25
Sometimes we can hear it come out.
00:23:27
It's like, oh, my gosh, all right, now I have to, you know,
00:23:31
present myself in in a very stern way to make sure, like
00:23:35
what I'm saying it holds some, some value.
00:23:38
You know, we don't see a lot of um women, let alone like
00:23:42
minority women in or women of color in, in the cyber space.
00:23:48
I mean, I think it's changing now.
00:23:51
Like you know, from when I first graduated undergrad they
00:23:56
said it was about 10 percent, uh , women in cybersecurity.
00:23:59
Now we're at about 25% of women in cybersecurity, but only 9%
00:24:06
of that is women of color.
00:24:08
So I'm not getting on calls and I'm not seeing people that look
00:24:11
like me all the time.
00:24:13
So definitely experience that I would say quite a bit,
00:24:18
especially with someone who's very technical, and I'm making a
00:24:22
recommendation of like, hey, you probably need to do this
00:24:27
because your, your attack surface is too large, let's shut
00:24:31
this down, let's, you know, move away from this and
00:24:34
implement this control, and that I get quite a bit of pushback
00:24:38
often.
00:24:39
But you know I have to stay diligent.
00:24:41
I have to stay, you know, like, be firm in these calls and you
00:24:46
know, sometimes it's like I don't know what else I can do,
00:24:49
but I'll still offer you the recommendation and I hope, I
00:24:52
hope, I hope you take my recommendation and because it's
00:24:55
really me, it's for you and your organization, or, essentially,
00:24:59
save money at the end of the day , yeah, it's you know, I, I
00:25:03
don't, I don't understand how people can be like that.
00:25:07
Speaker 1: To be completely honest with you, you know I've
00:25:10
led teams before and I mean I, I led one team where I mean, I
00:25:16
think probably 10 out of 12 on the team were women, and I
00:25:21
encountered stuff like that all the time.
00:25:24
Because we would be so strapped for time I wouldn't be able to
00:25:28
attend every single meeting, you know, to make sure that our
00:25:32
projects are on time and acting with the developer community and
00:25:35
you know whoever you know needed to be on the call right,
00:25:39
and so I would send obviously one of my 12 people to to this
00:25:45
meeting and we would go over the topic of the call.
00:25:49
What, what you need to address?
00:25:50
Here's the most common questions you're probably going
00:25:53
to get.
00:25:53
This is how I would want it, you know, to be answered,
00:25:56
because you know most of the people on the team yeah,
00:25:59
probably almost all of the people on the team were fresh
00:26:02
out of college learning, just like I was at one point in time,
00:26:06
and so I try to make it as less stressful as possible.
00:26:11
I try to eliminate a lot of the unknowns that they may have in
00:26:15
their head to make them feel more comfortable in the call
00:26:18
they're prepared going into it.
00:26:20
Call, you know, like they're prepared going into it.
00:26:25
You know, there was so many times where they would just be
00:26:27
discounted right For for saying the exact right thing.
00:26:29
And they are younger women, you know, and people are just like,
00:26:34
completely just not accepting their opinion.
00:26:37
Right, and there's been countless times when, when I
00:26:41
would have to meet with this person, you know, the, do that,
00:26:45
uh, you know, and like, after a couple times of doing that, the
00:26:49
I think most of the teams you know opened up a little bit more
00:26:52
to the, to the realization that , like this critical, you know,
00:26:57
application is run by a team that's mostly women, right,
00:27:01
right, but they're led by someone that knows what they're
00:27:03
doing.
00:27:04
Like, I feel like they had to, like, understand the situation
00:27:07
just a little bit better and get used to it, which still it's
00:27:11
really dumb.
00:27:12
Right For me from a from an engineering perspective, right,
00:27:15
if someone, if someone says something that I don't
00:27:18
understand on a call or makes a recommendation that I don't
00:27:20
understand, as, as an engineer, I'm working backwards, I'm
00:27:26
trying to say, okay, well, how did they come to that conclusion
00:27:29
?
00:27:29
How does it make sense?
00:27:30
Does it make sense Is?
00:27:31
Am I the dumb one here and I'm not seeing something you know
00:27:35
and I'll ask questions.
00:27:36
But like, like hey, what were you thinking when you, when you
00:27:39
recommended that, when you said that you said that right,
00:27:41
because?
00:27:42
Because I don't know.
00:27:43
I think, as an engineer, it's really important for us to
00:27:47
always have that open mind, because as soon as we no longer
00:27:51
have that open mind, we really hold ourselves back yeah, yeah,
00:27:55
definitely have to be on bias and I really like that.
00:27:58
Speaker 2: um, you advocate for your team.
00:28:00
I think that's super important, especially for, like, women in
00:28:05
the industry.
00:28:05
Like I think, just IT itself is , like you know, the majority is
00:28:10
super male dominated and then we don't see a lot of women,
00:28:13
even though that's changing now.
00:28:14
But I always say, for me, my experience was a little
00:28:17
different.
00:28:17
In both my roles in the space I've had women as leaders and
00:28:23
these were like super strong women.
00:28:25
So that was really good for me, for my experience.
00:28:28
I know that everyone experienced um is is the same.
00:28:32
The other thing is they advocate for me, right.
00:28:35
So my leaders now they, they try to make sure I get the
00:28:38
visibility as a thought leader like I, I know my stuff.
00:28:41
Like I said, I'm a nature person I tend to shy to the
00:28:45
background, but for them they're like yeah, you're smart, you
00:28:49
know your stuff, people need to know that you know your stuff.
00:28:52
And as a woman of color also, people need to see that there's
00:28:55
representation across the board.
00:28:58
So they definitely advocate for me.
00:29:00
So I really appreciate you doing that for your team because
00:29:04
that is super important, like advancing that women of color
00:29:08
and women in the space and also like sort of bridging that gap
00:29:12
yeah, so sometimes I feel like I'm I'm like uh, too defensive.
00:29:17
Speaker 1: It's just like how I was like, brought up, like, like
00:29:21
I will, you know, be very blunt with people, and a lot of
00:29:27
people don't don't appreciate that.
00:29:28
But, you know, at the end of the day it's like I'm sorry, I
00:29:31
just don't care.
00:29:32
Like you, you were wrong in doing this.
00:29:34
I'm going to, I'm going to go to bat for my team because, you
00:29:39
know, I've been in situations where, like, my leads didn't do
00:29:42
that for me, you know, and like I was in the right and I just
00:29:47
needed someone that was more senior than me to say like, hey,
00:29:50
he was right.
00:29:51
And, you know, for whatever reason, for whatever selfish,
00:29:56
you know, self-promoting reasons , they, they decided not to do
00:29:59
that.
00:29:59
And so I, like, I've experienced the other end of it,
00:30:01
obviously not as a, not as a woman or anything like that,
00:30:05
right, I'm, I'm a white male.
00:30:06
Like I can't experience, you know, two thirds of what the
00:30:10
issues that you, just, you know, mentioned, right, Just, you
00:30:13
know, I, I've seen the other end of it and I wish more people
00:30:15
would, would, you know, take ownership like that.
00:30:18
Right, because I, I read, I read a Jocko Willink's extreme
00:30:23
ownership book and I think that it's a really good book for
00:30:26
anyone to really learn how to be a leader.
00:30:29
You know, if anything fails on my team, if anything goes right
00:30:33
or wrong, it's all because of me .
00:30:36
And guess what, when it goes right and I'm not the one that
00:30:39
actually did it, the credit doesn't go to me.
00:30:41
It should be directed towards that person.
00:30:42
Even if I'm in the room and my boss's boss gives me the credit,
00:30:47
it's like no, it goes to this person over here, Like they
00:30:52
handled it through and through, you know.
00:30:54
And it's just, it's interesting to see those principles you
00:30:57
know at work, because when I read something, I really try to
00:31:02
consume it and understand it and impact from there.
00:31:06
Is that also true, potentially, with you?
00:31:08
Like?
00:31:09
Have you read different books that have impacted, like how you
00:31:13
address different situations in the workplace?
00:31:16
Speaker 2: So I would say, books .
00:31:19
I am more of a podcaster, so I love to listen to podcasts.
00:31:23
Most of my podcasts with different speakers or different
00:31:28
guests, on these different shows that talk about, you know, like
00:31:32
diversity, equity and inclusion , and what is for women talking
00:31:36
about, like how to handle microaggression.
00:31:38
Um, so those are the.
00:31:40
Those are that's what helped me like, okay, let me see, okay,
00:31:44
how do I handle certain situations?
00:31:47
Speaker 1: and then, um, I lean heavily on, like mentors to help
00:31:50
me with offer, like guidance on how to approach different
00:31:55
situations so to, I guess, to maybe circle back to an extent,
00:32:00
right, let's talk about what a breach analyst is, because I've
00:32:06
actually never heard you know that, that title, that position
00:32:09
or anything like that, right, I don't know the entire insurance
00:32:13
side of the company while it was breached and I never had to
00:32:16
make any of those calls.
00:32:17
So, like what, what is that like?
00:32:21
Speaker 2: yeah.
00:32:21
So, um, for my previous role as a breach, the title which title
00:32:27
versus, like, what you do it in the basis is pretty interesting
00:32:30
.
00:32:30
But, um, it was a breach response manager and in that
00:32:34
role we would insurance company.
00:32:39
So we're, you know, fake.
00:32:41
When you have a, like a auto claim, you call your auto
00:32:47
insurance saying, hey, this is what happened, and they'll
00:32:49
probably recommend I don't know like the auto truck or something
00:32:53
From the commercial side.
00:32:56
It's someone is experiencing a cyber incident.
00:32:58
Most times they don't know how to, you know, mitigate or
00:33:02
remediate.
00:33:02
They reach out to us.
00:33:04
We'll hop on a call with them and say, okay, we ask a few
00:33:07
questions, get to the degree of what they're experiencing.
00:33:11
If we can't offer immediate recommendations, we will do that
00:33:14
.
00:33:14
But we will also recommend third-party services.
00:33:18
So usually let's say ransomware is an example.
00:33:21
If someone's experiencing a ransom, we will offer immediate
00:33:25
recommendations.
00:33:26
And then we'll say, hey, you need to get a forensic firm who,
00:33:31
for those that's listening at this, not familiar with what a
00:33:33
forensic vendor does, is their goal in like an incident like
00:33:37
this is to determine how and what.
00:33:39
So how did something happen and what did this bad actor get to?
00:33:43
And then, for legal counsel, it would be for the legal side of
00:33:48
it, making sure that the work is being done under
00:33:50
attorney-client privilege is being done under attorney-client
00:33:53
privilege, and then also assist with most of the communication
00:33:56
for those highly heavily regulated industry, making sure
00:33:58
that you're dotting your I's and crossing your T's.
00:34:00
So that's our role and we will walk with them through the
00:34:03
entire process.
00:34:04
So that was the core of that role.
00:34:08
With that comes other day-to-days and even today, with
00:34:11
my current role, I talk to policyholders.
00:34:14
Like in insurance, you have to do an application.
00:34:17
With that application, you have to meet certain controls or
00:34:21
requirements.
00:34:22
Those requirements look like do you have like mfa for email?
00:34:26
What's your backup strategy?
00:34:28
Like um.
00:34:29
So if you meet those requirements, you're essentially
00:34:32
a decent risk or a good risk for this insurance company to
00:34:36
run an underwrite.
00:34:38
So my job is to one help the underwriters on the internal
00:34:42
front analyze these responses from application Is this
00:34:46
sufficient enough for us?
00:34:48
And from the external side, if it doesn't meet it, a company
00:34:52
will say hey, I want to talk to a cybersecurity advisor Myself
00:34:57
or one of my colleagues to talk through where is the gap and how
00:35:02
can we close that gap to make sure we have a pretty robust
00:35:05
security posture.
00:35:06
That's the core piece of my role today.
00:35:09
But I do tabletop exercises, which I really enjoy doing those
00:35:15
um and then we do like incident response plan reviews.
00:35:19
We have like an in-house threat intel team and with our company
00:35:25
we have a scan um so we scan the parameter based on domain
00:35:30
and we identify any potential risk that they could have.
00:35:34
So it's really again risk prevention services.
00:35:37
I would say that my current role falls in the bucket of my
00:35:42
previous role.
00:35:42
Breach response services would be like breach coaches I think
00:35:47
that's a more generic term.
00:35:50
Speaker 1: That's really interesting.
00:35:51
You know, I never thought of that from like a, like a breach
00:35:58
perspective, right, going to one singular person and them, you
00:36:03
know, kind of directing everything, right.
00:36:05
I mean, you know we have that with incident managers and
00:36:07
whatnot, right at like larger, at larger firms, you know where.
00:36:12
You know you, if you're the one that's leading the technical
00:36:15
side of it, you just tell that instrument or whatever you want
00:36:18
and it's their job to just deliver it.
00:36:20
You know, which is, I mean it makes a lot of sense, right,
00:36:23
because from a, from an executive perspective or, you
00:36:26
know, an upper management perspective, I want to call one
00:36:29
person and that one person, just , you know, handles the legal
00:36:34
engagement, handles all this other stuff.
00:36:36
It's like, just send me what I need to be, what I need to sign,
00:36:39
and I'll sign it, you know um that makes a lot of sense.
00:36:42
And then you know, from from the insurance side of it, more
00:36:46
towards your, your current role, you know, I've I've heard
00:36:51
recently that that companies are are kind of they're I guess
00:36:55
they're weighing the insurance recommendations against, like
00:36:59
the cost of deploying those controls versus the cost of the
00:37:04
policy.
00:37:05
You know, because now this is only from what I've heard, right
00:37:09
like I haven't like read articles on or anything like
00:37:12
that, but people were saying that the insurance premiums were
00:37:14
going, you know, so like sky high that it doesn't make sense
00:37:20
to deploy the security recommendations that require you
00:37:24
to get the policy.
00:37:25
Is that something that you've encountered or is that something
00:37:28
that is like kind of made up?
00:37:30
Speaker 2: Yeah, I haven't encountered that, I will say in
00:37:34
comparison to premium, with the cost of, like a claim
00:37:39
significantly different, right?
00:37:42
Um, because I think your third actor is like there is there's
00:37:47
no bias, right?
00:37:48
If there's someone who they can target, they're going to target
00:37:52
them, and insurance premiums varies based on a number of
00:37:56
factors.
00:37:57
So a small mom and pop shop could still get hit with a
00:38:01
ransomware whose ransom demand is $1 million and they probably
00:38:05
want $5 in premium.
00:38:07
So the weight of that and in order to not get a $1 million
00:38:12
ransom demand, is to have the appropriate controls that the
00:38:16
insurance carrier is recommending.
00:38:19
I think I would like for people to think of it like we're hoping
00:38:23
that everyone wins.
00:38:24
It's a win-win scenario.
00:38:26
It's protecting you because it's not just the cost of paying
00:38:31
a ransom demand, it's a lot more that goes into it.
00:38:33
We have to hire people to do the work.
00:38:35
That's legal forensic.
00:38:38
If you have to pay the ransom demand, you need ransom
00:38:41
negotiators and then you have to look at the back end of it.
00:38:44
If you have to notify people, which is super expensive, like I
00:38:48
think of a large firm maybe handles a ton of personal
00:38:52
information, they may have notification obligations under
00:38:55
different state laws, and so they have to send out
00:38:57
notification letters, which can be pretty pricey, and then you
00:39:01
have litigation on the back end after everything is done, so it
00:39:05
can be super expensive.
00:39:08
Speaker 1: Where do you see the insurance industry with
00:39:11
cybersecurity going right?
00:39:12
Do you see it kind of maybe even crossing over into the
00:39:14
private going right?
00:39:14
Do you see it kind of maybe even crossing over into you know
00:39:17
the the private sector, right, where you know me as an
00:39:20
individual can go to a company and get cybersecurity insurance
00:39:24
against, you know, a breach of data or something like that?
00:39:27
Like where, where do you see that going?
00:39:30
I mean, maybe it's my own ignorance, right, I'm not in the
00:39:34
insurance side of it.
00:39:35
I don't deal with anyone on the insurance side of it ever
00:39:40
outside of my podcast, so it sounds like that's a pretty
00:39:44
expansive area.
00:39:46
To me it feels like, okay, this is only going to grow.
00:39:50
Speaker 2: I agree it is definitely only going to grow.
00:39:53
I think cybersecurity awareness itself is growing.
00:39:57
I think that helps with local proprietorship or a small
00:40:01
business become like, okay, maybe I should be doing
00:40:04
something.
00:40:04
And I think I've seen cases where, like the small doctor's
00:40:09
office, like a one person or two people, they are starting to
00:40:13
get at cyber peace.
00:40:14
It could be embedded into another type of insurance and
00:40:18
it's just like an added coverage within that.
00:40:21
So if this happens, then I have these services available and
00:40:25
this coverage.
00:40:26
So I see it growing rapidly actually.
00:40:31
Speaker 1: Yeah, you know, it's one of those things like I
00:40:34
always tell people.
00:40:35
You know, whoever, whoever I'm close with that comes to me for
00:40:38
this sort of advice, right, where we're talking about
00:40:41
insurance coverages and whatnot, I pretty much I always tell
00:40:44
them to go with the more expensive route, right, the the
00:40:48
better solution, that's covering more the reason.
00:40:51
So you know, like I told you before the show, right, my
00:40:55
audience knows I have a one-year-old at home, right?
00:40:57
Well, when she was born, you know, I only got to hold her for
00:41:01
10 minutes and then she was taken from me and she's in the
00:41:03
NICU and now, you know, she's in a life or death situation.
00:41:07
I mean, that was that was by far, by far.
00:41:10
It's not even close.
00:41:11
That's the hardest situation I've ever gone through in my
00:41:13
entire life.
00:41:13
The last thing I ever wanted to think about was insurance
00:41:17
coverage, or is this bag of morphine covered, like?
00:41:21
I did not want to think about that.
00:41:22
I didn't want to do the math.
00:41:23
I couldn't, I, I actually couldn't think about it.
00:41:27
I actually couldn't do the math .
00:41:28
You know, I had people ask me my name and I couldn't tell them
00:41:31
my name.
00:41:31
Um, that's just the amount of stress that I was under.
00:41:35
And when it's when it's literally your worst day, you
00:41:38
know your worst situation.
00:41:40
You want to just be able to make one phone call and be like
00:41:44
hey, handle this.
00:41:45
You know I need to engage the policy, whatever it is Right.
00:41:49
Um, same thing with, like, car insurance.
00:41:52
On my birthday this year, someone decided to side swipe my
00:41:55
Audi and it didn't look that expensive, you know.
00:41:58
I figured, okay, you know, two to $3, this is fine.
00:42:02
You know it was in a.
00:42:03
It was literally parked outside of a of restaurant, you know,
00:42:07
at the back of the parking lot.
00:42:09
No one else was around it.
00:42:11
I came out, no other cars were around it, and someone just side
00:42:14
swiped the car.
00:42:15
You know, take it to the, to the body shop of 15 grand.
00:42:19
Like, okay, well, a lot of appearances would fight me, you
00:42:25
know, on that Right, but I'm taking it to a place that I know
00:42:29
is reputable.
00:42:29
That's going to make the car look, you know, perfect, like it
00:42:33
never even happened, which you know truly to me, like that's
00:42:36
that's what I want.
00:42:37
You know I don't want to drive around in a car that's all
00:42:39
banged up and stuff, and you know it's, it's not, it's not
00:42:42
fun.
00:42:42
I like, I like that car, you know.
00:42:45
Speaker 2: Yeah.
00:42:45
Speaker 1: And uh, you know, like that's what I want to hear
00:42:55
yes and so it's interesting.
00:42:57
It's interesting where the insurance side of it is going to
00:43:00
go, because maybe, maybe that'll go, or you know, whoever
00:43:03
that's like.
00:43:04
Hey, we also have this cybersecurity insurance for 10
00:43:07
extra dollars a month I see the potential of it, of it growing
00:43:12
there.
00:43:13
Speaker 2: Like I've talked to companies where it's maybe like
00:43:16
four employees that work there, they don't even have a brick and
00:43:19
mortar, everyone's virtually working.
00:43:22
But I think, based on the line of business, they still need to
00:43:27
have these proper cybersecurity best practices in place, just to
00:43:31
protect themselves, just to protect their customers or
00:43:35
clients or whoever they're working with.
00:43:37
Because I think today, data is like gold mine, right, like you
00:43:42
get it it's it's it's really critical information.
00:43:46
So protecting that data piece is super, super important.
00:43:50
Um, yeah, sometimes I'll get on calls and say, well, we don't
00:43:54
have any data, or we don't have this or we don't have it.
00:43:57
I'm like, technically, you do, you have employees.
00:43:59
Yeah, well, that's important information.
00:44:02
You probably want to protect your employee information
00:44:05
because, as we can see in terms of the privacy world, different
00:44:10
states are becoming really, really strict with how companies
00:44:14
or retail providers protect customers or consumer data.
00:44:18
So, yeah, I think there's just a deep grind.
00:44:22
Speaker 1: Yeah, it's funny that you bring up still that logic
00:44:27
kind of like persists in the world where I don't have any
00:44:31
data, what are they going to target me for?
00:44:32
Admittedly, I did not have that great of network security world
00:44:33
where I don't have any data.
00:44:33
You know what are they gonna target me for.
00:44:34
You know, admittedly, I did not have that great of like network
00:44:37
security at my, at my apartment at the time, because it's an
00:44:41
apartment yeah building a house.
00:44:43
Right, I'm gonna have it at the house, there's no need for me to
00:44:45
have it here.
00:44:46
And you know my podcast.
00:44:48
This is very much a free flow podcast, right?
00:44:51
And when russia built up um, you know their, their forces on
00:44:56
the border of ukraine in november of what was it like?
00:45:00
2021 or whatever it might have been, right I, I started saying
00:45:05
like yeah, russia's gonna invade ukraine, like there's there's
00:45:09
no doubt about it in my mind.
00:45:10
This is why they're gonna.
00:45:11
This is why they're going to do it.
00:45:12
This is why I think it all that sort of stuff.
00:45:15
At that time, my content was served in Russia.
00:45:18
I would get a percentage of my overall traffic would come from
00:45:24
Russia, which is fine, there's nothing wrong with that or
00:45:28
anything like that.
00:45:29
As soon as they invaded, the content getslisted in russia and
00:45:34
china and all of their allies.
00:45:36
And not only is it blacklisted, but now I'm getting like very
00:45:40
weird targeted attacks and I'm sitting here like, okay, like I,
00:45:46
it's a nation-state actor, right, so if they want to get in
00:45:49
but out of, you know my own, uh , like self right, I have to at
00:45:54
least make it a little hard.
00:45:55
So it's like, ok, fine, I'll get this whole like tech stack
00:46:00
in here and I don't have any data.
00:46:01
I'm a security person and I'm saying it.
00:46:04
I don't have any data, I don't have anything for them to take,
00:46:07
right.
00:46:08
But at the same time, what about you know, this personal
00:46:15
document that you?
00:46:16
have right that you don't even think that you have anymore, but
00:46:20
you have it and it's there and if they get it they could
00:46:24
potentially steal your identity right Like do you want to take
00:46:27
that risk?
00:46:28
Speaker 2: Yeah, yeah, that's a good point.
00:46:32
Not just like data, but what could they do to your website?
00:46:35
Speaker 1: What could?
00:46:35
Speaker 2: they do to your reputation, which also could
00:46:37
result into some financial loss or businesses.
00:46:39
So it's a really interesting conversation when someone says,
00:46:43
well, we don't have anything to protect or we don't do anything
00:46:47
that would require these controls.
00:46:49
Technically, yes, loss of revenue is never good, so in any
00:46:54
way you want to protect it.
00:46:55
And that's where I would say for companies, how can they?
00:46:59
Speaker 1: you know, be proactive with this is do a bit
00:47:02
of risk assessment, understand what are the risks that you have
00:47:07
and then sort of build your controls around yeah, well, you
00:47:11
know, and we're the top of our time here and I personally I've
00:47:15
I feel like we'd go for another hour or two, you know, but you
00:47:18
know that typically just means I have to have you back on
00:47:20
sometime in the future.
00:47:21
But, um, you know, before I let you go, how about you tell my
00:47:25
audience, you know where they could find you if they wanted to
00:47:27
reach out and connect and where they could find your company if
00:47:29
they wanted to learn more.
00:47:31
Speaker 2: Yeah, so they can connect with me on LinkedIn.
00:47:34
So it's Fayonne Atkinson.
00:47:36
On LinkedIn, I'm not very active.
00:47:38
I have a yearly 24-hour goal to be more active on LinkedIn but
00:47:44
due to this, I will make it a point to get on LinkedIn more
00:47:48
often.
00:47:48
But yeah, I work for Corvus.
00:47:51
It's now a traveler's company.
00:47:54
So cyber insurance for all organization business sizes.
00:47:58
They can always reach out to my team.
00:48:01
We are the risk advisory team at Corvus, so we offer risk
00:48:07
prevention services.
00:48:08
We have a website, so it's corvusinsurancecom.
00:48:11
We have a ton of resources.
00:48:13
We have webinars that we teach about like cybersecurity.
00:48:14
We have front website, so it's CorvusInsurancecom.
00:48:15
We have a ton of resources.
00:48:16
We have webinars that we teach about cybersecurity.
00:48:16
We have front-end data, so it's at CorvusInsurancecom.
00:48:21
Speaker 1: Awesome.
00:48:22
Well, thanks everyone.
00:48:23
I hope you enjoyed listening to this episode or watching it,
00:48:27
whatever platform you're on.
00:48:28
Speaker 2: Thanks.
00:48:29
Thank you for having me, joe, I had a great time.
00:48:32
Speaker 1: Yeah, absolutely, I really enjoyed our conversation.