The Role of Lawyers in Cybersecurity Aren't What You Think — Here's Why It Matters

How's it going, Danielle? It's great to get you on the podcast finally. I think that we've been working on this for a while, and it is a mess trying to get both of our schedules to align. It is super complicated and it doesn't get any easier with the holidays.

It sure doesn't, but I am so excited to be here. Thanks for having me.

Yeah, yeah, absolutely. So, Danielle, I tell everyone that, you know, I start off with their background, right? How did you kind of get into the space? What did what did you start out as? I looked at your background very briefly, you know, on LinkedIn. I intentionally try to do no research, right? I don't know anything if you don't tell me it, right? But it looks like you have a very unique background. So what does that look like for you? I start everyone off there because there might be someone with your similar background that's looking to get into this field, looking to do the same thing. And I always found that when I was trying to make that change in my own life, if I just saw someone or heard someone that had the same background, it was like, oh, well, if they did it, maybe I can do it too.

I think that's wonderful. Okay, so there were a couple of things that were pretty unique, strange about me. The first is the daughter of professional musicians. And the reason why that's important is because I pretty much grew up in an orchestra pit and I understood from an early age, and then it was just impressed upon me over and over again how important it is to make an emotional connection as part of your job. And so put that in the back of your head as I continue sort of through my background of what happened. So I I I I had studied music. I was never nearly as talented as my parents. And so I went to law school, as one does when they have no artistic talent that could, you know, possibly sell a ticket. I loved law school. I loved to read. I love, you know, I treated those cases as history and the stories of our history. And when I graduated, I went to a big law firm and I fell in with a team that was taking tech companies public, which was so exciting. My first job after that law firm was to take a company public. And that company was Carbonite. And the interesting thing is, is I know that there are tons of lawyer jokes, probably more than most any profession. I think there's only one other that I can think of that has as many jokes as lawyer jokes. And that's not politically correct to talk about on this podcast. But when I left the law firm and I left New York City, I actually wasn't prepared for how terrified people are of lawyers. And now putting that together with sort of how I grew up, which is it's important to make an emotional connection in life. Relationships matter. How people feel matters. I was really struggling for these two things to fit together. So I get to my first company. We do take it public within the first, my first years of being there. I ended up staying a decade. And I set out on this mission to change how people viewed their attorney. And what I discovered in my first 10 years was that I was able to do that for the people who worked with me at that company. But I had to start all over to build the relationship and build the rapport and build the connection with people who were not part of the company, who did not have time to learn to trust me. And so what I did with that is I wanted to expand the remit of legal. I thought it wasn't enough to just be the company's lawyer. I needed to do something where I was building, enabling, executing, I could accelerate that emotional connection, that relationship building, and that trust. So I did that at my first company, I did it at my second company, and I've been incredibly grateful that there is a team at Commvault that has accepted me to do that at Commvault. And that is the very long, you know, hard-won genesis of chief trust officer.

Hmm. See, that's that's really fascinating. You know, and you I always, you know, read about or hear about different successful people that are all lawyers, right? At a minimum, they went to law school, they passed the bar, they're lawyers. Whether they practiced or not is a different story. But what unique skill sets do you think that you gain in law school that translate so well across every industry, it seems? I mean, there's there's general managers in the MLB that went to law school, you know?

Right. So one of the most important is that you learn how to see two or more sides of a situation, of an argument, of a controversy. And so as an operating executive, oftentimes people show up and they're just making sure that their part works. And it's really hard to see how that might impact another member or another function. But a lawyer has been trained to see how it all has to work together. Or, you know, I in some points I think you sort of empathize with all the stories that we've read and all the cases that we've read. You sort of learn how to empathize with different points of view. I think that makes the lawyer on the team, or at least somebody who's been trained as a lawyer really interesting for leadership roles.

Hmm. Yeah, it's interesting. So I got my bachelor's in criminal justice, and I had now I never had any intent of going to law school, nor did I. But I I remember towards towards the end of my degree, my roommate, you know, was going to take the L set. He's going to try and be a lawyer. He didn't really take it very serious. I mean, neither did I, right? Like he was planning on going into law enforcement, and so was I at the time, right? But he was like more seriously, I guess, factoring it in as an option, right? Well, if I do good on this test L set, maybe I'll actually take the real thing and maybe I'll go to law school, that sort of thing. And, you know, it was a test L set or a practice L set. It was free, so I figured why not? Right? Like I'm not paying for it. Went in, took it, didn't study at all. I did such a I did such a bad job that essentially they gave me another practice L set for free. They sent me the code, they didn't even send me the score. I literally don't know what that score is to this day. So that's fantastic. But you know, I think one thing that my program did really well was that they put you in that mindset of being able to view a certain situation from multiple angles. And, you know, it was interesting because one semester we had to basically argue our point for or against, you know, in in like paper format, you know, like on a on a rapport, right, that we were putting together. And then the next semester, the the class was taught by a SEC like practicing attorney. And she made us, she assigned, you know, different groups, different cases. You're like, you're, you know, she would assign like you're for it, you're against it, you know, this is what you're doing, right? And then at the end of the semester, you have to present your case, and she's the judge, the class is the jury, right? And you you have, you know, however long it is, like 20 minutes to present your case, because there's a whole bunch of people in this class. And going through that process, though, which was interesting because me and my my partner, who is also my roommate, we were we were trying to prove that someone that was found guilty in real life that he wasn't actually guilty. And that was like the most interesting thing that uh you could possibly do because you have to tell a story, and you're telling that story in a certain way that makes sense, and it's interesting how you're you're getting that mindset buy-in right from the very beginning.

And it forces you to think about it from somebody else's perspective. So that sort of training I use all the time in my work. Say there's a conflict between marketing and product or product and sales. You know, you can sit down with each of them and say, well, here's how this person is viewing it. Where are they wrong here? Okay, let's take it step by step. They're wrong here. Okay. What would their argument be? It's actually one of the things I love most about ChatGPT, by the way. And I have been a reluctant user of all the new AI. I've been a slow follower, is what I would say. Slow follower. But one of the best things I like about ChatGPT and other systems like it is I can say, this is what's happening. What are all the arguments against this? What are the all the arguments for it? And then you can really have like a 360-degree view and try not to become an echo chamber of just the view that you want, but really try to solve a problem and reach consensus or change hearts and minds.

Chief Trust Officer, so I've been hearing about this kind of role a lot more. Why don't we talk about what that is and what's what's the value to the environment? And then I'll tell you maybe my experience from internal working with lawyers and stuff like that.

Uh well, there's a practical side, and then there's what a company hopes it becomes and and what's the value. I'll get to that third practical side is if you have a head lawyer, a chief lawyer, who's doing more than just the legal job, it's very hard to have them show up with general counsel or lawyer or chief lawyer or chief legal, because then it doesn't really make a lot of sense. It doesn't really describe why they're showing up in a cybersecurity perspective or in a corporate development or in a business development. You know, if I were if if if somebody were to say to you, Joe, hey, um, I got the general counsel of yada yada company on the line, that probably communicates something to you that doesn't feel safe or collaborative. And so as as as the company wanted my portfolio to expand into adjacent areas to legal, we needed to find a way to describe it that frankly didn't scare the shit out of people. Right. So that's number one. But number two, that's practical. But the hopeful part of it is that the one unifying concept is that everything, every goal, every project or initiative that is advanced under the chief trust officer or under the trust function is what we call it, has to be in service of strengthening trust with customers, with partners, with employees, with stakeholders. So things get remarkably easy and able to focus when a project or an initiative or something arises, somebody wants you to carry it from A to Z and it says, okay, how is this strengthening trust with customers? How is this strengthening custom uh strengthening trust with stakeholders? And if it's not, it either has to be tweaked so that it is, or it falls off and you're able to focus. And the value that that brings now is there are a lot of times when you know there are balls in the air that are just not caught because there isn't somebody who is just thinking about how do I make sure I'm building trust in this way? I've got bad news to deliver. How do we do this in a what's the best way to do this to build trust or at least not break it? I want to develop a partnership with one of the top, you know, companies investing in AI. Okay, why? How is that good for customers? How is that good for stakeholders? Or did you just want to take part in the hype? You know what I mean? So it's become a really transformational place to ask a remarkably simple question, but to make sure that the initiatives that the company are focused on to achieve their goals are all still in service of the customer, our partners, and our stakeholders, inclusive of our employees.

Hmm. That's interesting. That's a really great way of describing it. And it probably describes the exact opposite of what I've personally experienced internally at companies, right? Like, you know, your first question was if a lawyer shows up on a call or someone calls you and says, Hey, I have XYZ company's lawyer on the phone wanting to talk to you, the very first thing I'm doing is not picking up the phone.

Exactly.

And I'm calling my lawyer and saying, you need to call them now.

Right. Right.

You know, because the one thing that was drilled into me is to never talk to a lawyer without a lawyer present.

Absolutely. But that's only one type of lawyer.

Yeah.

The litigators.

Yeah.

Most most general counsels of tech companies aren't former litigators. They're corporate attorneys, they're deal makers, they're enablers. And so, I mean, it it was do it's doing everybody a disservice.

Yeah. That's that's interesting. You know, I never thought about it. Like it's it's the same profession, the same title, same license, right? But you've you're fulfilling different roles. And one is to like potentially put you away, and then the other one is to facilitate your success.

Right. Right. I mean, you could say the same thing in the medical field, right? Like if I if if all of a sudden you go in for some tests and you get a call from an oncologist, or you get a call from, you know, um, a holistic medicine doctor, those two things are going to communicate different things. They're both doctors.

Yeah. Yeah, that that's a that's a fascinating point. Talk to me about your thought process around enhancing internal security processes, procedures, technology, and managing, you know, that trust component of it. Right. So, and uh, and I'll give you a very specific example. I'm not gonna mention any company names, I don't want to get sued today. But, you know, I was working for a company and a portion of the security stack was just very bad, right? We had no visibility in the environment based on it, and very dispersed. And so I got on the call with the lawyer, and for some reason, that's the process. I got on the call with a lawyer, and I told her, I said, Hey, look, if we get breached, there's a very small chance that we will know, and there's an even smaller chance that we could stop it or even investigate it because of how this is configured. And if you really want to do it right, I I need a couple hundred thousand dollars to go and get the tool to do it right. And I think it worried her, it it for sure worried her, but at the end of the day, it was you know struck down as something not needed and the risk was accepted, quote unquote, right? How does that happen? Because that doesn't it doesn't instill trust in me now as a technical expert, right? I'm giving you the facts. I operate in black and white facts. Is this enabled or not? Does this exist or not? Right. And when I when I put in the work to go and do that, which happens at a lot of different companies, you know, to prove it to just to get basic tools and it's denied, it doesn't instill a whole lot of trust. It's like, oh, okay, they don't care, which may not be the truth.

Right, right. You know, there's a failure on the part of the person communicating the need and the part of the person who's not receiving it and not making the investments. Let me tell it this way. Did you see the movie Margin Call about the fall of Bear Stern? I love that movie. Do you remember when Jeremy Iron says, tell it to me like I'm five?

Yeah.

Right? If you can't explain it to me like I'm five, I'm not the problem. I love cybersecurity. I love the field. I have loved overseeing it in my current role in the trust office. Why? Because I had diagnosed that the way CISOs talk, the way they budget, the way they communicate their program is highly technical. And the problem is, is it lands on people who just don't understand. And so you end up having two ships passing in the night. You've got the highly technical people who know exactly what has to happen, but they don't communicate it in a way that people are emotionally connected or understand or appreciate. And so they just don't get the investment, and then you just got this going on. Um and and what happened, and the reason why lawyers finally started to get involved is boards of directors were being found liable for not properly providing supervision and oversight to a cybersecurity program, which means what? Which means board of directors need to understand it. And they're not technical experts. So it required a CISO or a cybersecurity organization to translate, to translate really complicated, sophisticated language. Because I don't actually think what's underneath it is complicated or sophisticated, but the language, just like emerging call, was sophisticated to PLA people. And one of the things that lawyers are trained to do is to translate complicated legal topics into practical business advice. So you sort of took that skill with cybersecurity and a whole world opened up by helping turn CISOs into business leaders so they could speak in business terms. And then you have to return to your teams and you have to speak in technical terms. But so helping that translation happen between different stakeholders. Number two, simplify. A cybersecurity program is complicated, but practically it's about for the most part protecting against threats that we all cause ourselves as insiders. Or by not, you know, kind of deploying good enough hygiene, not rotating credentials, passwords that aren't strong enough, clicking on phishing links because you're not trained to recognize that somebody who is trying to get you to call UPS because you have some kind of outstanding bill is like a scam. I know that's a scam immediately. Some people don't. Some people just want to be responsible and do the right thing. So to simplify the program, what are we trying to prevent against here? 80% of the time, the breaches that we've heard about are all preventable. But we had to simplify what was happening with the third-party systems that we were bringing into our companies and how they were being set up and how they were being managed and maintained. Three, communicate. There needs to be a constant communication between the cybersecurity team or office and the rest of the company and the customers and the board. Figure out what that cadence is, but you can't just disappear and go back into your sock with all of your screens and all of your alerts and emerge when there's a problem. We call those people chicken littles, right? You have got to have a constant presence where you are educating people, educating people on how to do their part because every single one of us is a frontline to protect our companies and ourselves. And then make sure that you're staying top of mind because cybersecurity to me is the most important thing that any of us have to work on right now in the world because so much of our critical infrastructure is dependent on cybersecurity and vulnerabilities. So it's a tough job for a CISO. And years ago, I think, you know, the CISO was the highest ranking technical person that came out of IT or product security. And today we demand a lot of our CISOs. They have to be both externally facing and internally facing.

Yeah. They have to be. I mean, they're they're they're they're wearing so many different hats too, and they have to be able to understand something at a very technical level, and then take, you know, this like word salad that he just got thrown from an engineer that lives in the code and translate that somehow to people that know how to log into their email and that's like it, you know?

It's several layers of translation. You if if have you ever have you ever experienced a breach? I'm sure you have.

I haven't. I've been close.

Okay. When you experience a breach, you spend months going through the anatomy of that breach. And there are lots of different people who have a part of that. You've got developers, you have IT, you have maybe the person who did something who had no idea what they touched, you know. And each of them have a role in explaining sort of the anatomy of it. Every single person there has to be translated into some common language. What a developer explains is happening in the system they created, and the impact that a cybersecurity expert explains is the same thing using totally different language.

Yeah, it's interesting. You know, I I worked for a credit bureau earlier on in my career, and literally, I I think it was just weeks before I started the what was it, the Equifax breach happened. And my manager, my manager had told me that when that happened, essentially everyone went to the bar, the entire security team from CISO down, and the CISO said, What do you need to happen? Right. And the managers and the directors, they all said, like, look, we're presenting you all of these tools and we're getting no budget. We need money. And I guess he called the CEO right there. At the bar, and the CEO said, All right, sign whatever deals you need to, you have a blank check. And literally within seven days, we now had a tech sack that that we needed, right? And the team that I eventually came to lead just like two or three weeks later went from one person to 12 people in six months, which in security that is pretty much unheard of. That's completely unheard of. You know how long that takes to find one person, let alone 12?

Yeah.

Which, you know, it takes a catastrophic event like that to happen because it materializes, you know, the situation to everyone very easily, right? Like you don't have to translate any more of this technical stuff. It's like, you know, hey, you see what happened over there? Well, we have those same holes, like we have those same issues, you know, like it could have been us, you know, and if it was us, I probably wouldn't have survived it.

Right. And, you know, no company is going to be able to outspend bad actor to prevent an attack. It has to be about your ability to be resilient. And your ability to be resilient is also not exclusively dependent on the money that you put into your cybersecurity program. It's also largely dependent on whether or not your workforce is educated, whether or not you have simulated an emergency response, and whether or not you have a you know business continuity plan to make sure that your critical infrastructure to keep your business up and running has sort of a spare tire while you're figuring out what happened.

Yeah. That's a really good point. You know, now I'm on the professional services side of security, which is fantastic. I love it. Like this is where I should have been like five years ago, right? But when I was on the internal side of a very large company, we we were doing a uh like a tabletop exercise, right? So we have lawyers on the call, and you know, like every technical lead in the org is on the call, and there's this hypothetical scenario that AWS is playing out for us. And my my CISO, I reported directly to the CISO and he said, I know you're gonna want to jump in. Hold yourself back and let them bring it to us because the flow is that they're supposed to be able to identify it. We don't have that budget actually to enable us to identify it. So they have to do their job and then they have to alert us. And so I waited. It was like three hours. It was like it was three hours into this exercise, technically week two, right, into this hypothetical scenario. And these people are going in circles, not making any progress, right? And the I guess maybe the blessing and the curse of a security person is that you actually know how to do everyone else's technical job, like database admin, system admin, all that stuff. Like you know it inside and out, but you can't do it and you shouldn't do it, you know, because it's their job for a reason. And I just cut them off and I said, hey guys, you do understand we're at day 15 and security has not been told that we've been breached. Like, you understand that. Because like security is actually the route to get to the lawyers. You guys have to go to us, we determine if it's real, and then we engage the lawyers. And the lawyer didn't even, he wasn't even saying anything on the call, right? Which is very it was interesting for sure. And they like all pause, like, oh, we didn't even know that that was like in our process. Now, fast forward to me doing professional services, you know, in security, you're always thinking of, well, if this happens, what's next? If this happens, what do I do? Right. And every good security person starts out in help desk in some way. And the first thing that you learn in help desk is you have to document everything because when you have an angry customer calling you, they're yelling at you, they're paying for a service, and maybe it's your fault, maybe it's not, right? But something didn't work. And you have to, under stress, maybe it's you know, not that high of stress, but it's still stress. Under stress, you have to figure out what commands to run and everything like that, right? So you document everything so that under that stressful environment, all you have to do is follow step one, then two, then three, whatever it might be, right? And so now from the professional services side, you know, I get to customers and we're going through different scenarios. Like literally earlier today, you know, they were 100% into one availability zone in the cloud. I said, hey guys, like what happens if AWS has another outage like they tend to always do every two years? They said, Oh, we're just, you know, we kind of deal with it, we're hard down. I said, Well, what if that doesn't come back up, you know, and you have to like migrate stuff over? Do you have a plan for that? And they said, no, that's a big problem then, you know.

You know, when you were talking about tabletop exercises, most, I think every single tabletop exercise I've done over the last 15 years, when you do them with an executive, and sometimes you invite a board of directors in, almost every single one has caved and paid the ransom in the tabletop exercise. Just a table, right? For for those of you who don't know the tabletop exercise listening, it's it's a simulated emergency, so it's not real. But they're so exhausted by the end of this process. And you said it was like a two-week process, you're so exhausted by by not quite understanding what happened and not being able to change some of the facts that by the time you get to the punchline, do we or do we not pay a ransom? Like most people just sort of throw their hands up and they're just like, Yeah, we're gonna pay it. The UK has an initiative to ban ransomware payments, to make it illegal to make ransomware payments for public sector companies. And you know, that's a very interesting way to attack this problem.

I think it's probably the best way to attack the problem, though, to be completely honest with you, because you look at like GDPR, and I was at a company that was impacted by GDPR, and everyone was freaking out and everything. And as the security engineer that's you know, typically the first one to raise their hand and say, hey, we need X, Y, and Z. Like if you want to get this done, it's X, Y, and Z, that's it. Right. As someone that's doing that, and I get told no all the time, constantly. Oh, we have to spend$50 more on that. No, we're not, we're not spending it. We're not buying it. It doesn't matter. To to now be forced to adhere to GDPR and now to be essentially to have a very robust disaster recovery program to avoid the ransomware payment. To a security professional, I mean, that is a walk in the park. Now I get to do real security work. Now I now I get to like actually do stuff, you know, that everyone like talks about. Like now I get to do it, you know?

Yeah, it's right. Can I ask you a question? Um, because I'm struggling with this. I'm curious as to your perspective. How do you think AI is going to change the cybersecurity landscape?

Hmm. So this is the problem. This is the real problem that we're we're facing today, is that there used to be a skill gap, right? There's a very large skill gap in between what a day one, let's say, hacker could do and pull off and whatnot, and what a 10-year vet can do and pull off, right? There's a huge difference. I mean, you look at, you know, really any profession with that kind of experience, like that kind of experience gap, you know, there's going to be a big difference. With AI, takes that that difference and gives that 10 years of experience straight to that day one hacker, and now they're able to get low to medium to even high level hanging fruit in an organization. And typically they won't even know how they got it really. They just know that they got it. Now, I also have had on other threat intel experts that have said, you know, we identify risky behavior, but we don't know if it's resulting in a breach because the attacks are getting so advanced and they're so obscured that we're no longer confident we're able to identify the breach. And so, with you know, AI becoming a bigger player in the space now, they they literally said, we think that we are getting breached by AI, but we can't prove it. We see it in our customers' networks, and we're not really sure. And so these attacks are getting so so advanced, so out of hand, that even the detections that we have and the experienced professionals, yeah, it's not they're working, but they're not working at the level that we need them to. So for a while, it's gonna be a whole lot of you know, the offensive side. I I bet when we can start identifying these attacks like pretty regularly and you know, with high degrees of certainty, we're gonna see all of these corporations just got breached, right? Like all of them at once.

I spent a lot of time thinking about this.

Yeah.

It's a good perspective.

Yeah, it's what was that Netflix? It was like a Netflix movie that came out within the last year with Robert De Niro, I think, where he was like appointed to some It's going on like De Niro. Yeah, and they they figured out that it was a cyber attack that basically took down the power grid. You know, it was a fairly temporary, you know, outage in the power grid, but it took down the entire nation's power grid.

This is a reason to listen to this entire podcast because now we've delivered a movie night for people.

Yeah. Yeah, no, it it's a really good movie. I think it might be like a four-part series. But like it was it was really good. And you know, from like the hacker side of my brain, I'm looking at it and I'm like, yeah, it doesn't take that much skill to do that. You know, you'd be surprised. Like, if I was really motivated, very motivated, I am not a hacker, I could pull that off. Like, that's really saying something because I kind of know where to look, I know how to look.

Structure, yeah, absolutely.

You know, I think you're right.

Yeah. We're we're we're playing with borrowed time at this point because I mean, we prove it to other nations. I had someone on previously that was knowledgeable to the insider inside workings of Stuxnet to a degree. And if if you don't know what that is, it's the malware that basically took down Iran's nuclear program in 2014. And he he was knowledgeable to the inner workings of it. And he said, yeah, you know, the initial reason for deploying it was to actually, you know, detract Iran from building a nuclear weapon, right? That's a great thing to do, probably. But the secondary effect was it, of it was that they wanted to show the capabilities that we had, right? And so when it and I I've done a lot of research into it, there's a very specific point in time when the virus began to, you know, kind of communicate out, right? And so it was waiting to be discovered to some degree. And he said, Yeah, that wasn't by mistake. Like we were in there for years, and then we decided, okay, let's just show them, you know, just a very small little tidbit. We think that they'll be able to pick this up. Let's see if they will. Right. And so then it was discovered. And he's like, Yeah, that was a complete show of force without really showing any force.

Yeah. A lot of these nation-state attacks, by the way, you know, wait a while before anyone can take the before they show themselves.

Yeah.

They'll wait, they'll wait forever. I mean, security professionals constantly, you know, raise the alarm like, hey, we're getting a lot of solar panels from China. Like the inner workings, the boards are from China. Are we on good terms with China right now? Have we been? Not really. Is China known for not hacking things when they can hack things? No, they usually hack it when they can, you know, so it's like we're kind of playing with fire right now, guys.

Yep. I do think though, that you mentioned earlier on your wife had said, but like, what do I matter to people? And there is that attitude. And I think it is very much an American attitude. Like, why would anybody care about my shopping list? Why would anybody care about what's in my emails? I think that is distinctly American because many of the Europeans I work with and know don't feel that way at all. I mean, I don't think they think that there's anything so special in their email or the data they create in their life, but they believe it is personal and private to them.

Yeah. Yeah. No, that's very true. And I hear that a lot too. What does it matter if someone, you know, hacks my profile or whatever it is, right? And you gotta, you gotta think, you know, just one example is hey, there's a lot of felons out there that when they get out of prison, they want a new identity. How do they get a new identity? You typically need like a social security number, you know, you need like real information. You can't just make it up because it has to be verified somewhere.

It is a nightmare to recreate it. You know, one of the things we try to educate people on in our company just to help them take care of themselves, lock your credit. Locking, freezing your credit is like locking your front door. Freeze your credit. It doesn't need to be unlocked for anybody to go apply for credit for you. So things like that I think are important when you can as a security professional to educate others.

Yeah, absolutely. Well, Danielle, you know, we're at the top of our time. We're a little bit over, but this has been a fantastic conversation. I really enjoyed having this conversation with you.

Me too, and a fan of yours, too. So I'll be listening and thank you for doing what you do.

Well, thanks. I I really appreciate that. That's it's not the first time someone said that they're a fan, but it's always weird whenever I hear it, that it's like, oh, this person like watches the there's people that watch the podcast.

Sure, sure, it's true.

Well, I I apologize for not being able to like or have enough time to get to Commvault and all the great work that you guys are doing. I've known about you for a couple of years. Yeah, yeah, absolutely. I would love to.

Great.

Well, Danielle, before I let you go, how about you tell my audience, you know, where they could find you and where they could find the company if they wanted to learn more and uh potentially connect with you?

Sure. Thank you. So Calmvault is the name of the company, C-O-M-M-V-A-U-L-T. And we're not a consumer-facing company, we are a B2B company, which means we are providing resilience for the world's largest organizations and world governments. So, in the event of a cyber attack and a company needs to make sure they can stay up and running, or a government needs to make sure they can stay up and running, we help power that. So we do incredibly important work and I'm very proud to be part of the team here. And I look forward to more opportunities to tell your audience about Commvault.

Awesome. Well, we'll definitely have you uh back on. I'm sure we'll start the scheduling and it'll happen in like April at this point. Right.

Happy holidays, yeah.

Happy holidays, likewise. All right. Well, thanks everyone. Thanks for listening. I hope you enjoyed this episode.