Ever wondered what it takes to stay one step ahead of cybercriminals? This episode, featuring cybersecurity expert Chris Hale, promises to unravel the complexities of safeguarding digital fortresses while sharing invaluable lessons from the frontlines. Chris’s journey from a help desk technician to the founder of his own cybersecurity firm is nothing short of inspiring. His early interest in computers, paired with a dual major in Exercise Sport Science and Computer Information Systems, laid the foundation for a career that would see him tackling email viruses at Sports Authority and defending against sophisticated malware and ransomware attacks.
The conversation shifts to the high-stakes world of incident response teams, where Chris recounts a harrowing ransomware incident caused by the absence of two-factor authentication on a global admin account. The relentless effort required to handle such crises, including long hours and meticulous post-mortem analyses, underscores the critical role of managed service providers (MSPs) and managed security service providers (MSSPs) in maintaining robust security practices and compliance. Chris’s firsthand experiences highlight the importance of hands-on training and continuous learning, offering listeners a realistic glimpse into the demands and rewards of a career in cybersecurity.
We also navigate the evolving threat landscape, discussing the necessity of quarterly audits, penetration testing, and consistent security practices across global enterprises. Chris shares insights into the importance of continuous cybersecurity training for all organizational levels, using tools like Breach Secure Now to keep security awareness sharp. The episode wraps up with a discussion on the recent CrowdStrike update debacle and the challenges of choosing reliable Endpoint Detection and Response (EDR) solutions. Through Chris’s expert lens, listeners gain a comprehensive understanding of the current issues and best practices in cybersecurity, making this episode a must-listen for anyone invested in protecting their digital assets.
Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today
Speaker 1: How's it going, Chris ?
00:00:00
It's great to finally get you on the podcast.
00:00:03
You know, I think we've been planning this thing for a while,
00:00:05
but I'm very excited for our conversation.
00:00:07
Speaker 2: Yeah, me too.
00:00:08
It's been a few months.
00:00:09
We've been going back and forth and finally getting on here.
00:00:11
It's been really good.
00:00:13
Speaker 1: Yeah, yeah, absolutely so.
00:00:15
Chris.
00:00:15
You know, I start everyone off with telling their background,
00:00:19
right, what made you want to get into IT, what made you want to
00:00:22
get into cybersecurity?
00:00:23
And the reason why I start everyone off there is because
00:00:27
there's a portion of my audience that might be trying to get
00:00:29
into IT or security for the very first time.
00:00:31
Right, and hearing everyone's background, maybe it lines up
00:00:35
with someone else's and they can say, oh, you know what, if he
00:00:39
did it, maybe I can do it too.
00:00:40
So where did you get your?
00:00:42
Speaker 2: start.
00:00:43
What was that like?
00:00:43
I was really into computers as a kid.
00:00:45
I mean, I was around back when the old text like texas
00:00:49
instrument machines were out there trying to trying to uh
00:00:52
code stuff in to make a little guy dance on on the screen when
00:00:55
I was a young kid and then college kind of got into.
00:00:58
I was an exercise sport science major and then also a computer
00:01:03
information systems major, so I was a double major, got on with
00:01:06
used to be guard brothers, became sports authority in their
00:01:09
help desk.
00:01:10
Starting off the beginning, did some AS400 work for them, moved
00:01:13
into a network engineer and then started with some managed
00:01:18
services providers, kind of learning all the different types
00:01:21
of technology out there.
00:01:22
After working about six years of that, I started my own
00:01:25
company and the security piece kind of just came into because
00:01:29
our clients really needed it and we were kind of we started in
00:01:32
2010 and security was important, but not to the level it is now
00:01:36
and we just, I mean, as time went on, it was a necessity to
00:01:39
learn and get into it, really understand it, to keep up with
00:01:42
the needs and actually a lot of the the threads that were out
00:01:45
there.
00:01:45
So yeah, yeah.
00:01:48
Speaker 1: It's.
00:01:48
It's interesting, you know, because the the one thing, that
00:01:54
kind of that, I pick out right when, when you were just
00:01:57
describing your background, is that curiosity, right it's.
00:02:02
It's kind of that that.
00:02:03
It's like that hunger that can never be, you know, fully fed
00:02:08
right.
00:02:09
It's an interesting part of our dynamic in cybersecurity where,
00:02:14
like the successful people that stay in cybersecurity for long
00:02:18
term, you know they're very curious, they really want to
00:02:21
understand how something works, what makes it tick right, and I
00:02:27
feel like that's a critical piece for anyone to get into
00:02:31
cybersecurity.
00:02:31
Would you agree with that?
00:02:33
Or maybe there's other pieces.
00:02:35
Speaker 2: No, I think you definitely have to be curious.
00:02:37
You've got to be curious, you got to be up for a challenge and
00:02:41
you've got to really want to do a lot of research and a lot of
00:02:45
looking into things, investigation, all the pieces
00:02:48
that go with that and I think I think it lends coming from
00:02:52
straight it and security kind of lead into each other, because
00:02:55
back in the day, uh, having to look up what would cause an
00:02:58
issue, you didn't understand what was going on.
00:03:00
Speaker 1: I think that's led into the security piece, where
00:03:02
you start to understand the different pieces of trade, craft
00:03:05
and different things that uh, the malicious actors are doing
00:03:08
and the things that they're they're using out there to make
00:03:10
things work in their favor against the average user, the
00:03:16
average company yeah, when you were, when you were in it and
00:03:20
kind of going down that security path right, kind of leaning
00:03:24
towards it, was there ever an event or breach or something of
00:03:32
that nature that really kind of, I guess, sparked your interest
00:03:34
or kind of opened up your mind to it?
00:03:35
I'll give you an example from my own right.
00:03:37
So when I was trying to get into security and I was on help
00:03:41
desk, I started reading about the complexity of Stuxnet and
00:03:45
how Stuxnet was able to, you know, wait for the perfect time
00:03:52
and then it would strike and make it look like nothing ever
00:03:55
happened and then, you know, basically get rid of itself
00:03:58
throughout the network.
00:03:58
Right, that, that complexity, that kind of logic behind it, is
00:04:04
really what sparked my interest in security.
00:04:06
Like, oh wait, if that's possible, then it's basically
00:04:11
endless possibilities, right?
00:04:13
So how do you stay on top of that?
00:04:14
And the curiosity part kind of played into that.
00:04:17
Was there anything that kind of sparked your interest or desire
00:04:19
in that way, your interest or desire in that way?
00:04:23
Speaker 2: I think some of the big things it was the early days
00:04:30
of the different type of of male viruses or whatnot, where
00:04:32
they were sitting up mask mailers and things like that,
00:04:35
and I believe we had like one of those happen with sports
00:04:37
authority where we had to be deeply involved figuring exactly
00:04:40
what happened, how we were getting it, because they were
00:04:42
getting blacklisted all over the place, and that kind of started
00:04:44
me going a little bit down the security path, because it
00:04:47
actually was.
00:04:48
It was more that I was tasked with figuring out what was going
00:04:50
on and how to get that situation and then later on, as
00:04:53
we went further down, got more into the malwares and the
00:04:56
ransomwares that came along afterwards and we've had some
00:04:59
really interesting, crazy uh situations we've had with
00:05:03
clients that have really been, while the time, very stressful
00:05:07
but very uh illuminating and very uh.
00:05:10
I mean, to be absolutely honest , it's interesting and kind of
00:05:13
fun to go through those things.
00:05:14
It's super stressful, but once you get out of it and everything
00:05:17
like that, I mean it's really really kind of fun doing the
00:05:21
investigation piece and shutting down the channels that they're
00:05:23
using to get in and those kind of things.
00:05:24
So I think it was really just the process of dealing with the
00:05:28
first small issue that came out really sparked me in wanting to
00:05:33
get into the bigger ones.
00:05:37
Speaker 1: Yeah, that is.
00:05:38
It's really interesting.
00:05:40
You know, I try to always, when people are asking me if they
00:05:45
should get into cybersecurity or what it's like, you know, I
00:05:49
almost kind of try to talk them out of it, right, because if I
00:05:52
can talk you out of it in just a conversation, then when you get
00:05:56
into an incident or you know a major investigation like that,
00:06:01
right, you're going to be convinced pretty quickly like,
00:06:03
hey, this isn't for me, this is not what I wanted, or anything
00:06:04
like that.
00:06:04
Right, you're going to be convinced pretty quickly like
00:06:05
hey, this isn't for me, this is not what I wanted, or anything
00:06:08
like that.
00:06:08
So I try to save people the time in the front end, right?
00:06:13
What kind of advice do you give to people that are trying to
00:06:16
get started in security in IT if this is the path that they want
00:06:21
to go?
00:06:22
Speaker 2: down.
00:06:22
You got to be willing to work some long nights and weekends
00:06:25
for sure.
00:06:25
I mean that's one of the pieces I don't think people understand
00:06:28
.
00:06:28
I know we've had employees that have come on not understanding
00:06:32
on-call and the pieces that you have to go into, the different
00:06:35
work that has to be done after hours.
00:06:36
When you start talking about cybersecurity incidents, you can
00:06:39
be all hands on deck for a few weeks straight across.
00:06:42
So you've got to be willing to sacrifice some free time and
00:06:46
things like that and you've got to have a hunger to learn.
00:06:48
Those are the big pieces.
00:06:50
I mean, we had an incident a couple of years ago where we had
00:06:54
one of our major clients that got hit.
00:06:57
They had a South American company.
00:07:00
Well, they have a South American branch and they had a
00:07:03
South American MSP working with them that didn't 2FA their
00:07:08
global admin account into their 365.
00:07:10
And they got in and they were able to push out ransomware to
00:07:17
all the machines and it was just a huge, huge mess.
00:07:22
But it took us solidly for all hands on deck, including the
00:07:28
majority of their IT department.
00:07:30
Three weeks we were working.
00:07:31
Weekends we were working I think my group was sleeping
00:07:35
three-hour shifts where we were sitting for three hours, then
00:07:38
swap out and then going through everything and getting to the
00:07:40
point where meetings were just so messed up I mean, they were
00:07:43
using Intune to push out stuff all over the place and so it was
00:07:47
a massive, massive issue and we were lucky that we were able to
00:07:51
to catch it when we did and we had some things already put out
00:07:54
there that that stopped some of the news from being pushed out
00:07:57
and things like that.
00:07:58
But it definitely was a huge issue and I think one of the
00:08:02
things you got to be willing to do is sacrifice some time.
00:08:04
I mean, you can't just walk away from an issue like that and
00:08:07
be like well, I worked eight hours, so I'm going home, so
00:08:11
yeah, yeah, that's a really good point and I feel like it's
00:08:15
different.
00:08:17
Speaker 1: Time requirements are different depending on the
00:08:19
domain in security, right?
00:08:21
Like incident response.
00:08:22
If you're on an incident response team and you're working
00:08:25
for an incident response based company, I mean you can just
00:08:29
expect, you know weekends are going to be destroyed, birthdays
00:08:33
, holidays, things like that, right, but you're not going to
00:08:37
cut your teeth in security at a better place.
00:08:40
So there's a trade-off, right?
00:08:42
Like you know when you're younger, that's probably the
00:08:44
best place.
00:08:45
Like you know when you're when you're younger, that's probably
00:08:46
the best place that you can possibly be, because when you
00:08:49
leave there, you're going to have so much experience, you'll
00:08:53
be able to see so many different things and you'll have touched
00:08:56
so many different environments that you know that experience
00:08:59
will pay off.
00:09:00
It'll be worth its weight in gold, I guess yeah, 100 trial by
00:09:04
fire.
00:09:05
Speaker 2: I think that goes for it as a bolt.
00:09:07
I think that's one of the pieces you got to be willing to
00:09:09
do is put yourself out in the unknown and go out and learn
00:09:13
through experience versus, uh, I mean, you can read every book
00:09:17
there is out there, but until you actually put yourself in
00:09:20
that situation and deal with the things, you're not going to
00:09:22
learn it the same way.
00:09:23
I mean, I I cut my teeth 100% on massive server outages or
00:09:29
cybersecurity attacks that, like going into it you're like, oh
00:09:32
crap, I don't know enough to deal with this, and then by the
00:09:34
end of it you've learned quite a bit.
00:09:37
Speaker 1: Do you have a process for because it sounds like
00:09:40
you're drinking from the fire hose quite a bit.
00:09:41
Do you have a process like an after action report, almost like
00:09:51
something like the military does right after a mission,
00:09:52
where you kind of sit down and digest what happened?
00:09:53
Speaker 2: and everything like that.
00:09:54
We always do a post-mortem after everything we do.
00:09:55
We do post-mortems after almost everything.
00:09:57
We do it after onboardings, do it after incidents, we do it
00:10:01
after any kind of major failure out there so that we can look at
00:10:04
it and see what we could do better.
00:10:05
Um, we can, we can change our documentation to adapt to maybe
00:10:09
some of the places there were holes, those kind of things.
00:10:11
So, yeah, we always do it post post-mortem on everything.
00:10:16
Speaker 1: So I guess we're kind of dancing around it a bit,
00:10:18
right.
00:10:19
Why don't you tell us you know what, what the company is, you
00:10:23
know what you guys specialize in and everything like that, and
00:10:25
we'll go from?
00:10:26
Speaker 2: there.
00:10:27
So we are a managed service provider.
00:10:29
We do IT and base level cybersecurity for small to
00:10:34
medium businesses.
00:10:36
We actually work with a couple of primary MSSPs, which is just
00:10:43
the security providers themselves.
00:10:45
So we have some companies that work with them that do some of
00:10:48
the larger stuff.
00:10:49
But we can do the stuff they can do.
00:10:51
We're just not specialized in it the way that they are.
00:10:53
I mean, that's all they do.
00:10:54
We do also just the normal IT stuff.
00:10:58
We do consulting, business planning through technology,
00:11:03
those kinds of things.
00:11:03
We do a lot of stuff for the construction industry right now.
00:11:07
But one of the big pieces we are largely involved in is
00:11:12
compliance, cybersecurity documentation, compliance
00:11:14
documentation.
00:11:15
We help a lot of companies get their SOC 2 and do their SOC 2
00:11:19
audits.
00:11:19
We do a lot of audit situations .
00:11:20
The big piece that we do work with a lot of people on what we
00:11:25
do with our third party vendors is like PCI things like that
00:11:28
things.
00:11:28
We're going to need a little bit bigger, little better tools
00:11:32
and a little bit more education.
00:11:34
On the PCI compliance piece of it.
00:11:36
It's a little bit more difficult.
00:11:37
There's a lot of pieces to it, but we go and we do instant
00:11:40
response for all of our clients.
00:11:42
We've done some instant response outside of that, if we
00:11:44
have to go outside and work with the third parties but we don't
00:11:47
always have to do that A lot of times we're able to handle it
00:11:49
ourselves.
00:11:51
Speaker 1: Yeah, you know from from what you were saying
00:11:54
previously.
00:11:55
Right, with that MSSP not enabling 2FA on the global admin
00:11:59
, that's a pretty egregious security violation, right?
00:12:04
How do you keep the MSSPs in check if you're a customer?
00:12:11
And then, if you're a third party like yourself, how do you
00:12:15
handle that?
00:12:15
Because there's a lot of companies out there institution
00:12:26
and they had an MSSP that, to be quite honest, I hated, hated
00:12:28
every experience I ever had with them.
00:12:29
I did not want to get on the call with them ever and God
00:12:30
forbid I escalate something to them.
00:12:32
You know, it's just a terrible experience overall, right, but
00:12:39
my biggest issue was how do we know that they're doing what
00:12:42
they're claiming that they're doing and that they're actually
00:12:44
making our environment?
00:12:45
You know more secure that they're doing what they're
00:12:46
claiming that they're doing and that they're actually making our
00:12:47
environment.
00:12:47
You know more secure that they're actually doing their job
00:12:48
.
00:12:48
We have no way of checking that .
00:12:50
Um, how do you, how do you keep them in check and ensure that
00:12:54
they're not, you know, creating more security holes or gaps in
00:12:59
your environment?
00:12:59
Um, we do audits.
00:13:01
Speaker 2: So we do quarterly audits on everything and we we
00:13:04
have a we have a pen testing tool that we use ourselves, that
00:13:07
we go out do a full audit.
00:13:08
We do an audit of the 365.
00:13:10
In fact, that global admin had been caught that week, that it
00:13:14
wasn't MFA and we had brought it up in our security meeting and
00:13:17
that was one of the things that they were going to go back and
00:13:19
make sure it was set.
00:13:20
They'd already gotten in by that point.
00:13:23
When you look at it, I think one of the big issues,
00:13:26
especially when we start talking about holes in security, is a
00:13:29
good hacker is going to get into your environment and stay there
00:13:32
for a long time before they really do anything that you're
00:13:34
going to really detect directly.
00:13:37
I mean, they're not going to kick off ransomware day one.
00:13:39
Well, they might.
00:13:39
A bad one will, but a good one's going to be out there for
00:13:42
a while.
00:13:42
They'd been in for at least two weeks by that point and then,
00:13:49
once they figured out that we knew they were there, that's
00:13:51
when they started to kick everything off.
00:13:52
So I think the auditing is the real good way that we do that.
00:13:56
We try to do quarterly.
00:13:57
Sometimes it depends on the client.
00:13:58
If we have to, we'll do more that client.
00:14:00
For a year we did monthly auditing after the attack to
00:14:04
make sure everything was set the way it was supposed to be.
00:14:06
The good thing about using somebody else like a third party
00:14:09
is you're not checking your own work.
00:14:11
Somebody else is checking your work and you're checking their
00:14:13
work a lot of the times.
00:14:14
So we're doing audits on our own.
00:14:16
Also on the outside, we're making sure that everything fits
00:14:18
within what our standards are, and so that helps a lot within
00:14:23
that.
00:14:23
But so far we've had very few problems with anything.
00:14:26
Any MSSP that we've ever worked with.
00:14:28
This one was not within our control.
00:14:30
It just happened to be that their South American group
00:14:33
weren't using them.
00:14:34
Speaker 1: Yeah, it's always interesting how global companies
00:14:37
kind of dice up their IT departments and figure all that
00:14:42
out.
00:14:43
I feel like there's no right way to handle it necessarily.
00:14:48
But all of the ways that I've seen are like they're fairly
00:14:53
poor, right, like you always try to go with, like the lowest
00:14:56
bidder, because you'd have this insane you know bill right at
00:15:00
the end of every month if you don't go with the lowest bidder.
00:15:03
But then when you go with the lowest bidder, you're going with
00:15:06
a local company typically, and if it's a local company in a, in
00:15:10
a, you know, I guess, a lower standard country, right, you're
00:15:15
not getting the best talent, you're not.
00:15:16
You're not, um, getting the best, the best security or the
00:15:20
best resources and whatnot, and so it's, it's a, it's a
00:15:24
double-edged sword almost yeah, I think there's a lot of uh, a
00:15:27
lot of that mindset comes from a lot of these other countries.
00:15:29
Speaker 2: You pay a lot less for your licensing, you pay a
00:15:31
lot less for everything, so then when you pay for your services,
00:15:35
you pay a lot less too, and and it just all correlates together
00:15:37
.
00:15:37
I think, yeah, that's one of the big mistakes they made.
00:15:41
I mean, after that attack that that particular company was,
00:15:46
when we first started with them, they were like their network
00:15:49
was a mess, everything was a mess.
00:15:51
So we basically got them up to a really secure point and we'd
00:15:55
gotten Intune rolled into them to be able to roll everything
00:15:58
out and do all the pieces that needed to be done.
00:16:00
The irony of that whole situation is they hadn't rolled
00:16:03
out Intune to South America, so only their American sites got
00:16:07
hit by the attack because that's when they had Intune.
00:16:09
But that's what the, the hackers, use, and the other
00:16:12
piece that that comes along with once you're attacked is now
00:16:15
they're always a target, they're constantly attacked all the
00:16:18
time, so they have to be extra secure yeah, I, I feel like that
00:16:23
is.
00:16:24
Speaker 1: That's something that a lot of companies you know
00:16:27
misunderstand.
00:16:28
Almost right.
00:16:29
Once you get hit, once you know you're, you're that that target
00:16:33
is kind of increased on you, because now they know, hey, we
00:16:37
got, we got a ransom word and we got this amount of money out of
00:16:40
them before I bet we could do it again, you know, when they
00:16:44
come back six, seven, eight months later and they're doing
00:16:46
it again.
00:16:47
So if you don't, if you don't just patch the holes that they
00:16:51
use to exploit to get in, you know, and you have to do a
00:16:54
significant amount more on top of it, right, because now you
00:16:58
are the directed target.
00:17:00
Speaker 2: And then you add in the piece that they got.
00:17:02
If they got in and were in for any period of time, they've
00:17:06
gained intelligence.
00:17:06
They know who is who.
00:17:08
They know the email addresses.
00:17:09
I mean.
00:17:11
They can use much simpler attacks.
00:17:13
They can do spear phishing really super easily because
00:17:17
they're able to get in there.
00:17:18
They can do brute force attacks on passwords.
00:17:20
They can buy a password list and find that particular user is
00:17:25
on another account and then you figure out what their password
00:17:29
is there.
00:17:29
There's all sorts of these pieces that flow there that we
00:17:31
deal with and have dealt with for the last two years.
00:17:34
We're shutting down 365 accounts and PCs.
00:17:39
We work for a while there pretty much every week.
00:17:43
Speaker 1: What does the threat landscape look like?
00:17:45
Just for the cloud?
00:17:48
Overall?
00:17:49
Right, Because it seems like more and more of IT is moving to
00:17:50
the cloud overall.
00:17:51
Right, Because it seems like more and more of IT is moving to
00:17:53
the cloud, but that really it increases the threat landscape
00:17:57
in a lot of different areas.
00:17:58
Right, we touched on one where an MSSP didn't configure the
00:18:03
global admin account correctly.
00:18:04
I mean, for a cloud security expert, you know, like myself,
00:18:08
right?
00:18:08
I mean that's the first thing I'm looking at when I go into
00:18:12
any environment, that's literally the very first thing
00:18:15
I'm looking at.
00:18:16
But for them, they didn't know it, they didn't act on it, right
00:18:21
?
00:18:21
So what does that threat landscape look like now?
00:18:25
Speaker 2: I think it's pretty high.
00:18:26
I mean it's a pretty nutty landscape, but I think there's a
00:18:28
lot of good tools like a SASE environment, things that you can
00:18:31
put over the top of your cloud environment that allow you a lot
00:18:36
more security and allows you to do things like network zero
00:18:40
trust and a lot of pieces where you're breaking things down that
00:18:43
you're mitigating the access the user has, therefore
00:18:47
mitigating the access that the attacker would have, doing that
00:18:51
through different types of technologies that you can put
00:18:56
over the top of your cloud environments, and I think that's
00:18:58
a big one that's helping out a ton, and it, I mean the great
00:19:02
thing about cloud is it allows you to work from anywhere,
00:19:05
allows people to do all sorts of things.
00:19:07
Companies can don't have to have people just from the same
00:19:10
state.
00:19:10
They can have them all over the world.
00:19:11
You just have to have the things to protect it.
00:19:14
And I think they're just easier to attack if you don't put in
00:19:19
the right buffers and fun things , if you aren't putting in the
00:19:21
right technologies and the right well, it's technologies, it's
00:19:24
policies and processes and education.
00:19:26
Education is the biggest piece.
00:19:28
You're not educating your employees what a phishing email
00:19:31
looks like or not to put out a code or not doing anything like
00:19:34
that, then that's your first point of failure.
00:19:38
That's the low-hanging fruit.
00:19:40
So you could have all the technology in the world and
00:19:43
somebody goes out there and puts out the wrong thing or allows
00:19:45
somebody in, you're going to have some problems.
00:19:47
I mean, some of these things like SASE will prevent that, but
00:19:50
there's pieces that you could definitely get in.
00:19:52
That's why, on one side, you mitigate their access to just
00:19:56
the things they need.
00:19:57
They need access to these folders, this printer, this, so
00:20:01
that you can't get that lateral spread going across your network
00:20:03
and your cloud.
00:20:05
But we just had a client and it wasn't a direct cyber attack,
00:20:09
but they had a client they had.
00:20:10
It wasn't a direct cyber attack , but they had a client.
00:20:12
They had a vendor that was attacked.
00:20:14
They got banking information for them, called their financial
00:20:17
manager and he gave away their passcode into their bank and
00:20:22
they drained their bank accounts .
00:20:23
And that was just a couple weeks ago, so it wasn't like the
00:20:27
most technical attack in the world, but yep, did that.
00:20:30
So I mean wow, yeah.
00:20:34
Speaker 1: Yeah, I've seen it where, uh, you know, the
00:20:38
attackers will target, like, the executive's assistant or
00:20:42
something like that, and really do a good job of impersonating
00:20:46
the executive and have them, you know, transfer a certain amount
00:20:49
of money.
00:20:50
It's uh, it's frustrating, right.
00:20:52
And with that, you know, like you said, the training becomes
00:20:56
critical.
00:20:57
The training becomes, you know, really the backbone of
00:21:01
everything that you're doing.
00:21:02
Have you found a good training platform or a good you know
00:21:09
certification path to go down that provides, you know, the
00:21:11
right amount of training, the right, a good you know
00:21:12
certification path to go down that provides you know, the
00:21:13
right amount of training, the right amount of you know
00:21:15
background that these that these people in these roles need?
00:21:19
Speaker 2: Um, there's a couple of different ones.
00:21:20
I mean, there's the ones that we use just for employees as a
00:21:23
whole, that are that go across the board, which I think are the
00:21:25
more likely ones to have a problem, like Breach Secure now,
00:21:28
and then I can't remember what the other one was that we use
00:21:30
off the top of my head.
00:21:31
I think there's some decent stuff.
00:21:35
You can go out there to train some of the higher-ups.
00:21:37
I think the higher-ups tend to be the more—it's either the
00:21:40
really low-level people or the really high-up people that tend
00:21:43
to be the ones that make the biggest mistakes and tend to be
00:21:45
the ones that let out the most information information.
00:21:52
I think what we just we basically do is we do some
00:21:53
training ourselves and we use some of the tools that are out
00:21:54
there like Breach Secure Now and things like that that go out
00:21:56
and actually send out training videos, send out fake phishing
00:22:00
emails and we can tell who we need to train to and things like
00:22:03
that.
00:22:04
The big piece of it is it's just got to be top of mind awareness
00:22:06
.
00:22:06
It can't be something you just train once and go away with.
00:22:08
You've got to just constantly be pushing this into people's
00:22:11
heads.
00:22:11
I think I just got a phishing email.
00:22:14
While we were on this that popped up that was some sort of
00:22:17
here's a payment via ACH.
00:22:19
I don't know who the company is , so I'm not clicking anything.
00:22:24
So those things pop up all the time and you've just got to
00:22:26
teach people to stay away from them and understand what they
00:22:29
are and the type of problems they can cause yeah, I, I always
00:22:36
uh, have issues, you know, trying to find the right
00:22:39
solution, right that that trains people up and that have you
00:22:43
found a good solution to to do that?
00:22:46
I think just uh, good is relative.
00:22:49
We found ones that definitely help, like I said, like I
00:22:53
mentioned Breach Secure Now earlier, it's good, it's simple.
00:22:57
I think the biggest problem you have training people is they
00:23:00
can't be long-winded training sessions.
00:23:03
Maybe something short that they understand doesn't affect their
00:23:06
productivity, because people aren't going to do them if
00:23:09
they're long and take forever and so they're kind of worthless
00:23:11
.
00:23:11
On that point, um, I think you just have to understand the
00:23:15
human mind and how it works and the attention spans are short.
00:23:18
So I always look for things that are short and to the point
00:23:23
and can get things done, and they're a lot.
00:23:25
Of.
00:23:25
Them are kind of like cartoony videos that are three, four
00:23:28
minutes long and get people through that and then they go
00:23:30
through their little testing piece and then we send out the
00:23:33
phishing tests and see who really listened to it and who
00:23:35
didn't.
00:23:35
Speaker 1: Yeah, I, I know, when I used to, when I used to run
00:23:40
the phishing tests for a company , I would, I would.
00:23:44
I would probably be a little bit unfair, but it's not like
00:23:47
the attackers are going to be, you know, fair with it trying to
00:23:49
say like, oh, we can't send an email about their 401k.
00:23:50
It's not like the attackers are going to be, you know, fair
00:23:51
with it trying to say like, oh, we can't send an email about
00:23:53
their 401k.
00:23:54
It's not going to be.
00:23:55
That's not fair.
00:23:57
You know, to mess with someone's retirement or anything
00:23:59
like that, they're not going to do that.
00:24:01
And I, my boss, would get so many complaints about, you know,
00:24:04
my phishing test, saying like, oh, that was unfair, that wasn't
00:24:07
right for him.
00:24:08
To you, you know, create this phishing test that used my 401k
00:24:12
and everything else like that.
00:24:13
Or talked about my bonus during bonus time.
00:24:16
Um, you know my response was okay, well, are the hackers
00:24:20
gonna count that out?
00:24:21
Right, because if they're looking at us, they know when
00:24:23
the bonus is hit, they know when bonus time comes around.
00:24:27
I mean, you could take a wild guess and say it's the end of
00:24:29
the year and you're probably right.
00:24:30
Are they going to, you know, say that that's unfair.
00:24:33
They don't want that money, they don't want that.
00:24:35
You know, that 20 grand bonus, that 50 grand bonus, right, it's
00:24:39
a, it's a double-edged sword, right, and my, my boss, would
00:24:43
constantly have to, you know, kind of kind of weigh the battle
00:24:47
on either side, right, kind of go back and forth on it.
00:24:50
I guess.
00:24:51
Yeah, I guess I didn't last too long with testing, with doing
00:24:57
the phishing test, but I felt I did a great job.
00:25:00
Speaker 2: Well, I think cybersecurity generally gets a
00:25:02
lot of pushback.
00:25:03
I mean we always walk the line of productivity versus security.
00:25:08
I mean you got to be able to work and be able to do it, but
00:25:10
that's the same idea.
00:25:11
Like you've still got to push the envelope a little bit and
00:25:13
make sure people understand how much these things can be
00:25:16
attacked because you can have.
00:25:17
I mean, we've had clients where the employee was attacked
00:25:22
because they couldn't get all the issue for the company, but
00:25:24
they were able to get the banking, get in and get banking
00:25:27
information on the employer and they've been attacked and had to
00:25:30
do a bunch of things.
00:25:30
So it's in their best interest not to, and especially if you
00:25:36
start talking about people that are working with HIPAA
00:25:37
environments and things like that, they could be held for the
00:25:38
things that go down and they don't really.
00:25:40
I mean people don't understand all those pieces that go into it
00:25:43
.
00:25:43
So, yeah, I think the more brutal you are with your testing
00:25:47
, the better it's going to be in the long run for the users.
00:25:51
Speaker 1: Yeah, it gets them used to seeing you know
00:25:54
questionable things that are asking for a little bit too much
00:25:57
or asking for weird things that they shouldn't be.
00:26:01
You know, you know what's a good path to get into incident
00:26:07
response.
00:26:08
I know we kind of talked about you know the experience side of
00:26:11
it where you go into it fairly early on in your career or
00:26:15
whatnot.
00:26:15
But is there different certifications or different
00:26:17
training that you're looking for to bring someone in?
00:26:19
Uh?
00:26:20
Speaker 2: CISP like uh, there's a couple of, but there's no
00:26:24
real good way to get a full fledged cybersecurity
00:26:28
certification like that.
00:26:30
I mean you can do like NetPlus and those are good places to
00:26:33
start to be on a low-level piece of it, but to get into the
00:26:36
major parts you're going to have to have experience.
00:26:37
I think about the CISP is like five years I think, I don't know
00:26:42
.
00:26:42
It's hard to get into the major incident response pieces of it.
00:26:45
But you start with your NetPlus , you get in with a company
00:26:48
that's willing to put you on maybe an incident response team,
00:26:52
moving up from help desk to something where you're a helper
00:26:56
within that level you're going through and you're involved in
00:26:58
their tabletops.
00:26:59
We do a lot of tabletop exercises with our clients,
00:27:02
which is really helpful and it's good to get some of the lower
00:27:11
level people involved with those so they kind of understand your
00:27:12
documentation and things like that.
00:27:13
But it's really just letting your getting into an it
00:27:14
department and letting your manager know that you're
00:27:15
interested in cyber security.
00:27:17
Get that net plus, security plus done out of the way and then
00:27:21
start working your way through and get the experience, because
00:27:22
the experience is going to be what's key to getting into some
00:27:25
of the major pieces and then becoming like becoming a
00:27:28
security officer for a company that's I.
00:27:32
That's a pretty good job.
00:27:33
It's a little stressful, but if you can manage an incident
00:27:36
response team, it's a pretty good situation.
00:27:39
You're in there making the decisions on how things work.
00:27:41
They're a little bit of a pain in the butt for the IT people
00:27:44
sometimes.
00:27:44
But yeah, I mean, you just got to work your way up there.
00:27:48
I think experience does better than any kind of certification.
00:27:51
If you have a job that allows you to get some experience,
00:27:54
that's the key way to go.
00:27:58
Speaker 1: Yeah, I always approach it from like a
00:28:00
multi-prong approach right, like getting that experience,
00:28:03
getting the certifications, getting the right education
00:28:07
right.
00:28:07
I want to eliminate as many questions in that hiring
00:28:11
manager's mind as possible, you know, with doing everything that
00:28:15
I possibly can to get the right skill set, to get the right
00:28:18
knowledge and whatnot to move up right.
00:28:21
It's just, it's an interesting market right now right, where
00:28:27
I'm hearing from a lot of people that you know it seems like a
00:28:29
lot of companies are posting open roles but no one is really
00:28:33
hiring for them, and so trying to find ways to break down, you
00:28:37
know, those unseen or unspoken barriers I think is always
00:28:41
helpful.
00:28:42
Speaker 2: I think on the other side is the hiring companies.
00:28:44
It's hard to hire somebody security.
00:28:45
I mean we hired last fall we hired a security person, brought
00:28:50
them in and they were terrible.
00:28:52
I mean they were, they had all the certifications, everything,
00:28:56
but they just they like weren't real world, experienced enough
00:29:01
to really to do the things we needed to do.
00:29:03
I mean we had a uh, we had a phishing attack on the executive
00:29:08
team for one of our larger clients and my help desk guys
00:29:14
were 10 times more helpful and 10 times better than he was.
00:29:18
In fact, we got a complaint from the CEO on that guy just
00:29:20
because he didn't know how to handle things and he wouldn't do
00:29:23
the things we needed to do.
00:29:24
He just wouldn't.
00:29:26
He wasn't, wouldn't do like shutting off accounts right when
00:29:31
they needed to be, and he wasn't.
00:29:32
He wasn't super, his customer services skills were really
00:29:35
terrible and he didn't know how to communicate these pieces.
00:29:38
And you're just like holy crap, so we had to get rid of him.
00:29:40
I mean finding somebody that can do the job and knows how to
00:29:44
talk to people, and I mean you can't, can't be a developer and
00:29:48
be a security engineer.
00:29:50
I mean you're gonna have to talk to people you're gonna be
00:29:52
dealing with people in their high stress situations, those
00:29:54
kinds of things.
00:29:55
So I think it's hard to hire in that position too.
00:29:58
It's not like a job where you don't talk to people, that's for
00:30:00
sure.
00:30:02
Speaker 1: Yeah, yeah.
00:30:03
I feel like that's a part of the job that a lot of people
00:30:06
don't realize is a part of it, right, when they're trying to
00:30:10
get into it.
00:30:10
I remember when I was in help desk and being in that stressful
00:30:16
situation where you know the application that you're
00:30:19
providing help desk for is a critical application.
00:30:22
Right, it's a 911 software that overlays your PBX and gives you
00:30:27
enhanced information and whatnot.
00:30:28
And so usually when people are calling you, it's a system down
00:30:34
system degrading situation.
00:30:35
It's already high stress.
00:30:37
Maybe it's the very first call in the morning and maybe it's,
00:30:41
you know, your only call of the day that it just goes all day
00:30:45
long.
00:30:45
Um, and you know they're they're not, they're not happy
00:30:50
most of the time, they're not very kind, most of the time
00:30:53
they're not.
00:30:53
They're not happy most of the time, they're not very kind,
00:30:56
most of the time they're usually yelling at you, inducing that
00:30:57
stress right off the bat.
00:30:58
You know, in a situation where you know you need to be on top
00:31:01
of your game and you just started your day, right, it's
00:31:04
monday morning, you know and uh.
00:31:07
Speaker 2: So either monday morning or friday afternoon was
00:31:09
my memory.
00:31:11
Speaker 1: What was it?
00:31:11
Uh, crowd strike, push that update at like 4 pm on thursday.
00:31:14
Or what was it?
00:31:14
Crowdstrike pushed that update at like 4 pm on Thursday, or
00:31:15
something.
00:31:16
It's like, guys, what are you doing?
00:31:18
We were lucky.
00:31:20
Speaker 2: Only one of our clients had just the CrowdStrike
00:31:24
on them and it was only something like 30 machines.
00:31:26
We were lucky.
00:31:27
I remember my operations manager.
00:31:29
His comment was imagine being in charge of a thousand machines
00:31:33
at this one, because you're going to touch every one of them
00:31:35
.
00:31:36
Speaker 1: Yeah, so yeah yeah, I , I mean there's.
00:31:40
There's airlines out there that are still recovering from it.
00:31:43
Yeah, and the only, the only reason southwest was unscathed
00:31:46
is because they're still on windows 3.1 or something like
00:31:49
that too cheap to buy crowdsourcing.
00:31:52
Speaker 2: It's not the cheapest piece of software yeah, I'm
00:31:54
sure that it.
00:31:55
Speaker 1: Uh, it made a lot of people question if they're going
00:31:58
to have auto updates on.
00:32:00
You know going forward, yeah, because, like you know for for
00:32:04
for a security person to say, yeah, let's have auto updates on
00:32:07
you know, all the time for an edr software that's a big thing
00:32:12
and so you really go through and you put that solution through
00:32:15
its paces, trying to build that confidence.
00:32:18
You know, right off the bat so you can have it on auto update
00:32:21
as quickly as possible.
00:32:23
With other solutions, you know you do other things right when
00:32:26
you kind of have, you know, test groups of systems where the
00:32:30
auto update is turned on and everything else is not.
00:32:33
Well, now, you know, I was even just thinking about this
00:32:37
earlier today for my day job where it's like, man, should we
00:32:41
really even have that thing on Because we have like 600
00:32:46
machines?
00:32:47
in our environment.
00:32:48
What if you know?
00:32:49
What if someone you know has that enabled and the group is
00:32:53
larger than like 2000 machines?
00:32:55
What are we?
00:32:56
What are we going to do?
00:32:57
Right, yeah.
00:32:58
Speaker 2: We're probably calling an incident response
00:33:00
company at that point you are with like 600 machines with
00:33:03
that crowd Cause you had to go in and boot that with the
00:33:07
machines into safe mode to get that resituated.
00:33:09
Yeah, so I mean it was.
00:33:12
I mean mean it took my guys on 30 machines.
00:33:15
It took them all day on friday to get that fixed and that's
00:33:20
just.
00:33:20
I mean that's why I'm touching every one of them and sometimes,
00:33:24
like, a lot of these people are remote so you had to call them
00:33:26
and walk them through how to do it oh man that's brutal yeah
00:33:32
because you're not always getting the most technical
00:33:34
person.
00:33:36
Yeah, man, what do you?
00:33:38
Speaker 1: think, what do you?
00:33:39
What do you think is gonna come of this?
00:33:41
You know, because delta already you know so that they're
00:33:44
probably gonna seek.
00:33:45
You know charges or not charges , but you know payment for the
00:33:51
hours spent and whatnot.
00:33:52
Right, what do you think is going to?
00:33:53
Speaker 2: happen with this?
00:33:54
I don't know.
00:33:55
I think it's a.
00:33:56
It's a.
00:33:56
It's a weird situation got to figure out like, what was their
00:33:59
due diligence on?
00:34:00
Like, how bad, how well did they test this update?
00:34:02
Like, are they just pushing out things?
00:34:04
They shouldn't be pushing them?
00:34:05
I think it's going to come down because it's not like.
00:34:07
This hasn't happened with windows before, like microsoft
00:34:09
this used to be a problem with microsoft.
00:34:10
All the time you push out a critical update, next thing you
00:34:14
know servers are blue screening all over the place.
00:34:16
So I think it's going to be interesting to see how that
00:34:19
shakes out in court and see who's who's at fault.
00:34:22
And I mean, they're suing both microsoft and crowdstrike is
00:34:25
what I read yeah, it's.
00:34:27
Speaker 1: You know it's a weird situation because CrowdStrike
00:34:32
is the number one by far EDR on the market, right, so it's like,
00:34:38
okay, who else am I going to go with?
00:34:40
Am I going to go with SentinelOne, like, am I going to
00:34:42
go with?
00:34:43
I mean, at that point I don't even know who else to bring into
00:34:48
the picture, right, because Carbon Black used to be a big
00:34:52
player.
00:34:52
Bring into the picture, right, because carbon black used to be
00:34:56
a big player and ever since they got bought out three, four
00:34:57
times, they haven't really been a player in the space at all.
00:34:59
I mean, you try and google them and it goes to another website,
00:35:02
right, like there, there used to be, you know, cyber reason in
00:35:07
the mix, but that kind of died out fairly quickly, and so you
00:35:12
have all these companies going with a top tier product, right,
00:35:15
like I can tell you for sure we sold it internally as it being
00:35:20
the premier edr solution.
00:35:23
You know, 70 of the companies in the world, like are using this
00:35:28
thing, right, um, a hundred percent of the companies of our
00:35:31
size are using it.
00:35:33
So, like, where do you, where do you go, you?
00:35:36
You kind of you take this outage and then, wherever you go
00:35:40
from here.
00:35:40
It's a downgrade and so now you're dealing with an inferior
00:35:44
product.
00:35:44
So it's like yeah such a.
00:35:47
Speaker 2: It's a headache it is , I mean, but something like
00:35:50
this.
00:35:50
I don't know if you remember the Kaseya breach that wiped out
00:35:54
all the MSPs that they got breached because they were
00:35:58
throwing out updates to the people that were running
00:36:00
non-cloud instances.
00:36:01
They didn't put the right update out, but Kaseya survived
00:36:04
that and I thought they were done for when that went down
00:36:08
Because they got something like I don't know, thousands of
00:36:11
companies ransomwared through that whole thing.
00:36:12
Wow, I mean, they got something like I don't know, thousands of
00:36:13
companies ransomwared through that whole thing.
00:36:14
So, wow, I don't know.
00:36:15
Yeah, you can definitely have a mistake made and still survive
00:36:18
and it's just going to be.
00:36:19
It's going to take a little bit of time to repair, but
00:36:21
CrowdStrike's phenomenal.
00:36:22
They're expensive and that's one of the key parts of why it
00:36:25
was big companies getting hit with it and not small ones, and
00:36:28
I think one of the big issues.
00:36:29
I think that comes down that those people create their entire
00:36:32
security stack through CrowdStrike.
00:36:34
So their SOC is CrowdStrike and everything is CrowdStrike and
00:36:37
then when something like that happens, then they're completely
00:36:40
screwed and if they want to go out and find somebody else,
00:36:43
they've got to replace all those pieces with multiple different
00:36:45
vendors.
00:36:45
So I don't know.
00:36:47
We tend to diversify our stack a little bit just for those
00:36:51
reasons alone.
00:36:51
But I think CrowdSt we tend to diversify our stack a little bit
00:36:52
just for those reasons alone.
00:36:53
But yeah, I think CloudStrike will come out being okay, but
00:36:56
it's going to take a little while of repairing.
00:36:58
We'll see how the court cases get ugly.
00:37:00
That might be what hurts them, because that's going to change
00:37:02
the public perception on things.
00:37:05
Speaker 1: Yeah, yeah, delta's I think it was their CEO was
00:37:08
saying you know, you never hear of Apple having an outage like
00:37:12
this or anything like that.
00:37:12
But at the same time, apple isn't providing the same product
00:37:21
.
00:37:21
You know they're.
00:37:22
They're providing.
00:37:22
They're providing.
00:37:23
You know, end user, customer centric.
00:37:24
You know products that anyone and everyone can can buy right,
00:37:30
and they're.
00:37:30
They're not creating server os's anymore.
00:37:31
They're not creating server OSs anymore.
00:37:34
They're not creating servers.
00:37:36
They used to, but that was like 15 years ago and so it's a
00:37:40
totally different ballgame.
00:37:43
I'm an Apple fanboy, I'll admit it.
00:37:46
I have an Apple phone, laptop.
00:37:50
The only thing that isn't Apple in my house is my desktop,
00:37:53
because I game on it.
00:37:54
When I told Apple that, when I interviewed for them probably a
00:37:59
decade ago, they were like why don't you game on a Mac?
00:38:02
I'm sitting here like guys.
00:38:04
Are you that out of touch that you literally don't realize that
00:38:07
your platform is not for?
00:38:08
Speaker 2: gaming.
00:38:10
Apple has had its problems.
00:38:11
Os X has had tons of problems where they released a new
00:38:13
version and all of a sudden, three quarters of your apps
00:38:15
don't work, and so we run into that.
00:38:18
I mean, anytime we're dealing with any kind of updates on
00:38:21
their operating systems, we always tell our clients like,
00:38:25
hey, wait three to six months, because you go on there and all
00:38:28
of a sudden your QuickBooks isn't working and it's a primary
00:38:30
thing that you're using.
00:38:31
That's not going to work out well for you.
00:38:32
So Apple does have those issues.
00:38:34
It's just not as big of an of an issue.
00:38:37
I mean you can always go back to your previous version and
00:38:40
things like that.
00:38:40
But everybody, everything, has its issues.
00:38:43
But I think, yeah, it was just such a huge hit with CrowdStrike
00:38:48
.
00:38:48
I mean it stranded people, banks were down.
00:38:52
I mean it was pretty nuts.
00:38:53
So I think that's where the big piece comes.
00:38:56
There, I mean, you start talking to like I've never seen
00:38:58
this apple.
00:38:59
Well, apple has its problems.
00:39:00
I mean ios.
00:39:01
There's a reason why you back up your phone before you go to
00:39:03
the next level and I mean there's all these little things
00:39:05
that pop up, I mean, and so they happen.
00:39:08
It just, uh, I think what?
00:39:09
What hurts crowd strike?
00:39:11
Is they forced the?
00:39:12
Speaker 1: update out.
00:39:15
That's a huge thing as well.
00:39:17
You know, like even on my phone it hasn't happened in a while.
00:39:19
But you know, I think it was related directly to like the
00:39:24
Pegasus exploit or the Pegasus malware Right, where Apple was
00:39:28
like you're updating your phone right now and there's no option
00:39:32
to disable it or anything like that.
00:39:34
It makes me nervous, then, because it's like all right,
00:39:37
well, how much testing did you put into this?
00:39:39
If you're forcing it on us?
00:39:43
It kind of sounds like you wrote it three hours ago and
00:39:45
you're like works good on my phone, let's just push it.
00:39:47
Speaker 2: Yeah, exactly, I mean , that's what happens a lot of
00:39:50
times too, and so you never know what other little things it's
00:39:59
going to break.
00:39:59
I mean, I'm doing the beta with ios 18 right now and it was
00:40:00
like, yeah, I might not, I don't know, I'll do it and checking
00:40:02
it out, I always want to see the newest, the latest and the
00:40:03
greatest and play around with it .
00:40:04
So I, uh, right now at work, I run purely on pcs, but I, for
00:40:09
the longest time I was writing, was running a Mac with a
00:40:13
parallel running a VM when applications wouldn't work
00:40:16
within the Mac environment.
00:40:18
So I'm a Mac fan.
00:40:20
I've used a lot of Apple.
00:40:21
My wife works for Apple.
00:40:23
Speaker 1: Do you think companies will rethink their
00:40:26
tech stack after an outage like that?
00:40:29
Will they start maybe looking at Linux a little bit more
00:40:33
seriously or other architectures like Oracle, potentially?
00:40:41
Speaker 2: Even Macs.
00:40:42
None of the Macs got hit by the cross-track issue that same
00:40:47
company I was talking about.
00:40:47
They run half well.
00:40:49
They run about a third Mac and two-thirds PCs because their
00:40:53
developers use Macs.
00:40:54
So none of the Macs can hit.
00:40:57
So that was I mean.
00:40:59
You can see, apple could definitely take advantage of
00:41:01
that and the Fortnite CrowdStrike runs great on Macs.
00:41:04
So one of the big pluses of CrowdStrike is how well it does
00:41:07
on across platforms.
00:41:08
Speaker 1: Yeah, it's going to be interesting to see, I think,
00:41:12
where the court case goes and how effective that is against
00:41:15
CrowdStrike, right, and it'll be interesting to see the changes
00:41:19
that take place in the industry, even from the outcome of that
00:41:24
court case, because I feel like a lot of other.
00:41:26
You know security vendors that are critical pieces of software
00:41:30
in anyone's security stack, pieces of software in anyone's
00:41:34
security stack.
00:41:35
You know, I think it's easy for us to forget where these
00:41:36
applications or where these agents sit on our systems, right
00:41:40
like they're, they're like the most critical part of the system
00:41:44
.
00:41:44
If this thing has issues, your entire system has issues and I
00:41:49
feel like people are kind of just now reawakening to that
00:41:52
that logic.
00:41:53
Speaker 2: Well, I think that comes back to like secure, like
00:41:56
productivity versus security type situation.
00:41:59
I mean you can't overdo it on the security side and have issue
00:42:02
, and that security has issues.
00:42:03
And they say you know you have no productivity, so that's been
00:42:07
a big piece.
00:42:07
We run, we run an application.
00:42:10
It's a zero trust application that just does't.
00:42:13
I mean basically only allows applications that are wireless
00:42:16
to run on the machine.
00:42:17
And with developers we have a ton of problems because there's
00:42:21
all sorts of things that can cause it to flag things and not
00:42:24
allow it to run.
00:42:25
And so we've had that productivity battle all the time
00:42:30
.
00:42:30
There can be a switch.
00:42:30
There could be just a switch within some line of code that
00:42:35
will cause it to freak out and block it.
00:42:37
So, yeah, what were you gonna say?
00:42:39
I would just say it just.
00:42:40
It's that that security versus productivity piece, and that's,
00:42:43
I think, what.
00:42:44
What we saw with ground strike is how deeply it affected
00:42:47
productivity.
00:42:48
I mean it stopped half the world.
00:42:50
I'm in one big shot.
00:42:51
Yeah, yeah, it stopped like half the world.
00:42:53
Speaker 1: I'm in one big shot.
00:42:53
Yeah yeah, it stopped like half the world, excluding, you know,
00:42:57
china and Russia, where it's been probably right, exactly
00:43:02
Well.
00:43:02
Well, chris, you know this has been a great conversation.
00:43:05
Before I let you go, though, how about you tell my audience
00:43:07
where they can find you if they want to reach out and connect,
00:43:10
and where they can find your company?
00:43:16
Speaker 2: You can come to our our it's technologyresponsecom.
00:43:19
Our phone number is 720-420-1589.
00:43:24
Or you can reach out to me, either at info at
00:43:27
technologyresponsecom, or you can email me directly, chris at
00:43:28
technologyresponsecom.
00:43:30
Speaker 1: Awesome.
00:43:30
Well, thanks, chris for coming on.
00:43:32
I appreciate it.
00:43:33
Yeah, absolutely Well, thanks everyone.
00:43:36
I hope you enjoyed this episode .