1
00:00:00,000 --> 00:00:08,100
Today on our Tech for Business podcast, we're joined by Todd, our COO and CISO, Nate, our

2
00:00:08,100 --> 00:00:14,840
Director of Cybersecurity and V-CISO, and Matthew, our GRC Analyst and V-CISO.

3
00:00:14,840 --> 00:00:22,040
Today we're talking cybersecurity trends of 2024, but I'm actually going to start about

4
00:00:22,040 --> 00:00:23,400
a year ago.

5
00:00:23,400 --> 00:00:27,600
We had this same group on, same conversation for 2023.

6
00:00:27,600 --> 00:00:32,960
So I'm going to throw this first question to Todd and maybe we'll just kind of do a

7
00:00:32,960 --> 00:00:34,960
little round robin.

8
00:00:34,960 --> 00:00:43,720
Was there anything from 2023 that surprised you or maybe something that you thought was

9
00:00:43,720 --> 00:00:48,640
going to come up, but didn't?

10
00:00:48,640 --> 00:00:51,560
I would say probably not.

11
00:00:51,560 --> 00:00:57,560
We were chatting amongst ourselves a little bit earlier today and I know it seems like

12
00:00:57,560 --> 00:01:02,320
you get to put on your prognite, never mind, I won't even try and say it.

13
00:01:02,320 --> 00:01:05,760
Had the ability to look into the future and go, this is what's coming.

14
00:01:05,760 --> 00:01:09,680
But really what we tend to see is more often than not, we see so much stuff and I've said

15
00:01:09,680 --> 00:01:14,080
that on a million podcasts, but because we see so much, we tend to see that starting

16
00:01:14,080 --> 00:01:16,120
to kind of ramp up at the end of a year.

17
00:01:16,120 --> 00:01:19,680
So when we get to this point looking into the future going, this is what we think is

18
00:01:19,680 --> 00:01:20,680
going to happen.

19
00:01:20,680 --> 00:01:23,000
We usually have a fairly good idea of what's coming.

20
00:01:23,000 --> 00:01:27,600
So there wasn't anything in particular that really took me by surprise.

21
00:01:27,600 --> 00:01:32,240
Some of the things that I think I would call more disappointed that they haven't had more

22
00:01:32,240 --> 00:01:36,840
legs and I think this will probably be one of the trends we're hoping for in 2024 is

23
00:01:36,840 --> 00:01:41,600
there's been this longstanding conversation that E-Rate is going to have more coverage

24
00:01:41,600 --> 00:01:45,840
of cybersecurity funding and it really hasn't come to fruition.

25
00:01:45,840 --> 00:01:50,240
And I want to say I don't know why, but it's government-ridden and therefore it's got to

26
00:01:50,240 --> 00:01:51,240
take forever.

27
00:01:51,240 --> 00:01:55,920
They can get on things occasionally, but man, it just usually just tends to be so slow.

28
00:01:55,920 --> 00:02:00,320
And for me, it's a little frustrating because schools in particular really need that kind

29
00:02:00,320 --> 00:02:06,120
of help and they just really can't afford it unless they go out and get special funding

30
00:02:06,120 --> 00:02:09,720
from the public, which is really unfortunate.

31
00:02:09,720 --> 00:02:19,320
Yeah, we're taking a look at the list of things that came through there and I was like, yep,

32
00:02:19,320 --> 00:02:25,600
all of these came to fruition.

33
00:02:25,600 --> 00:02:29,400
I think one of the things that maybe surprised me a little bit is how much of a push there

34
00:02:29,400 --> 00:02:36,560
was to get some of the cybersecurity talent continuing to be fulfilled.

35
00:02:36,560 --> 00:02:42,560
So if you're not familiar with some of the major vendors, there's one called ISC squared.

36
00:02:42,560 --> 00:02:49,280
They are the ones that provide the CISP certification, which is kind of one of the de facto, just

37
00:02:49,280 --> 00:02:52,560
new standards for most security professionals.

38
00:02:52,560 --> 00:02:57,960
And they introduced a initiative to certify one million individuals on that.

39
00:02:57,960 --> 00:03:03,280
So that was really exciting to see last year.

40
00:03:03,280 --> 00:03:09,320
I first saw a little more of a natural attempt to grow that, but they said, come on, get

41
00:03:09,320 --> 00:03:10,320
the certs.

42
00:03:10,320 --> 00:03:14,480
You don't get the full certificate until you get the experience, but they kind of opened

43
00:03:14,480 --> 00:03:19,880
the doors to say, just start taking tests, which is really cool to see.

44
00:03:19,880 --> 00:03:26,120
And then the government did a ton of initiatives as well to continue increasing the cybersecurity

45
00:03:26,120 --> 00:03:27,120
talent.

46
00:03:27,120 --> 00:03:30,400
So yeah, a lot of really cool things on the training front.

47
00:03:30,400 --> 00:03:33,000
What about you, Matthew?

48
00:03:33,000 --> 00:03:39,560
Anything thinking back at 2023 that surprised you because it did or didn't come up?

49
00:03:39,560 --> 00:03:47,400
Well, right at the end of last year, we finally got the new CMMC guidelines out, which was

50
00:03:47,400 --> 00:03:53,080
fun to have that as a nice little Christmas gift for those of us who appreciate it.

51
00:03:53,080 --> 00:03:56,080
There was a lot of...

52
00:03:56,080 --> 00:03:58,080
What a weird gift.

53
00:03:58,080 --> 00:03:59,080
Yeah, that's fine.

54
00:03:59,080 --> 00:04:00,080
That's valid.

55
00:04:00,080 --> 00:04:01,480
Very valid.

56
00:04:01,480 --> 00:04:07,360
At Christmas, just being like, ooh, let me read this policy document.

57
00:04:07,360 --> 00:04:10,360
I always wanted this.

58
00:04:10,360 --> 00:04:18,720
Yeah, I should have wrapped it under the tree and just waited till Christmas day.

59
00:04:18,720 --> 00:04:23,400
So a lot of regulation, a lot of compliance requirements came through like we expected

60
00:04:23,400 --> 00:04:24,800
them to.

61
00:04:24,800 --> 00:04:26,200
Some of them really kicked in.

62
00:04:26,200 --> 00:04:31,240
I think we saw a bigger change, like Nate was saying, not just in terms of the training

63
00:04:31,240 --> 00:04:37,600
that was available, but in people, I want to say coming to the awareness of how critical

64
00:04:37,600 --> 00:04:42,400
it was to be prepared for some of this stuff.

65
00:04:42,400 --> 00:04:47,160
I think we were pretty spot on with the industries that we talked about as being under attack

66
00:04:47,160 --> 00:04:48,480
from our experience.

67
00:04:48,480 --> 00:04:58,520
I know we'll have a bit more on that when the IEEC releases their next round of reports

68
00:04:58,520 --> 00:05:02,200
for what happened in the past year, we'll probably get some deeper insight into that.

69
00:05:02,200 --> 00:05:07,920
But just all around, I feel like everyone's increasing their awareness and trying to find

70
00:05:07,920 --> 00:05:12,600
new ways to do things and better ways to do things than what they were doing before.

71
00:05:12,600 --> 00:05:19,560
Very excited about the past keys becoming more common across systems, as well as one

72
00:05:19,560 --> 00:05:26,920
thing that we saw was insurance companies requiring more and more things that we used

73
00:05:26,920 --> 00:05:32,880
to think of as add-ons or organizations thought of as add-ons that we would always try and

74
00:05:32,880 --> 00:05:40,080
require as being required just to even renew your cybersecurity insurance, which is great.

75
00:05:40,080 --> 00:05:44,800
I love seeing that there's that push from elsewhere rather than just us being like,

76
00:05:44,800 --> 00:05:46,240
hey, here's all the cool things.

77
00:05:46,240 --> 00:05:47,240
Here's the things that will help.

78
00:05:47,240 --> 00:05:52,400
And then I feel like the insurance companies getting on board helps with that as well.

79
00:05:52,400 --> 00:05:57,840
Sure, so I was talking in 2024.

80
00:05:57,840 --> 00:06:03,600
So when we talk about cybersecurity, sometimes it can be really scary, but it can also be

81
00:06:03,600 --> 00:06:04,600
really exciting.

82
00:06:04,600 --> 00:06:08,280
So maybe Matthew will stick with you.

83
00:06:08,280 --> 00:06:13,960
What is the good, bad, and the ugly coming for 2024 trends?

84
00:06:13,960 --> 00:06:14,960
Wow.

85
00:06:14,960 --> 00:06:19,200
Which one to pick first?

86
00:06:19,200 --> 00:06:24,280
Well, I'll go with one of the things that I'm thinking about the most at the moment,

87
00:06:24,280 --> 00:06:27,960
which is how attacks are coming in.

88
00:06:27,960 --> 00:06:33,120
Generally, we've always talked about the types of attacks that are occurring, phishing attacks,

89
00:06:33,120 --> 00:06:38,680
attacks for people, and we've got very specific terms for the type of phishing attack that's

90
00:06:38,680 --> 00:06:39,680
coming in.

91
00:06:39,680 --> 00:06:44,480
Wailing means that they're going for director levels.

92
00:06:44,480 --> 00:06:47,800
There's comments like that where we break down deeper what these are.

93
00:06:47,800 --> 00:06:50,280
And I think we're going to see a lot more of those.

94
00:06:50,280 --> 00:06:55,760
There's been a lot of reports recently of people using AI to craft these emails.

95
00:06:55,760 --> 00:07:01,040
And suddenly, you don't need to really know as much about maybe the person you were looking

96
00:07:01,040 --> 00:07:04,720
into because there's a chance AI has already got some of their information.

97
00:07:04,720 --> 00:07:09,400
So you can just say, hey, write this type of email for this type of person.

98
00:07:09,400 --> 00:07:17,680
And on some of the less regulated AI systems may actually do that for you.

99
00:07:17,680 --> 00:07:23,160
So, obviously, being more aware is going to come from that.

100
00:07:23,160 --> 00:07:27,680
I think additional training is going to come from that.

101
00:07:27,680 --> 00:07:33,400
On top of that, there seems to be a real twist to put Internet of Things in literally everything

102
00:07:33,400 --> 00:07:35,560
they can get their hands on.

103
00:07:35,560 --> 00:07:40,360
So more network security requirements and just being aware of how much of the stuff

104
00:07:40,360 --> 00:07:47,160
that you have in your office or at home is connecting to the Internet directly and maybe

105
00:07:47,160 --> 00:07:55,680
getting information it doesn't need or shouldn't use.

106
00:07:55,680 --> 00:07:58,280
I know you want to jump in, Nate.

107
00:07:58,280 --> 00:08:01,200
You got your list.

108
00:08:01,200 --> 00:08:06,720
We were just joking yesterday about there's smart wrenches that are being discovered with

109
00:08:06,720 --> 00:08:07,720
vulnerabilities.

110
00:08:07,720 --> 00:08:08,720
There you go.

111
00:08:08,720 --> 00:08:09,720
You could have jumped in.

112
00:08:09,720 --> 00:08:13,520
I was being patient here.

113
00:08:13,520 --> 00:08:19,040
But as Matthew was saying, is that everything is becoming so interconnected.

114
00:08:19,040 --> 00:08:21,440
And IoT is one of those things that we always knew.

115
00:08:21,440 --> 00:08:22,600
You have the smart speaker.

116
00:08:22,600 --> 00:08:25,280
You have whatever it is, smart TVs.

117
00:08:25,280 --> 00:08:30,640
But now getting down to the wrenches that you're using can be exploited to overtorque

118
00:08:30,640 --> 00:08:33,760
or undertorque, miscellaneous stuff like that.

119
00:08:33,760 --> 00:08:37,120
There's a lot of business value that could be used for tools like that.

120
00:08:37,120 --> 00:08:45,440
I won't get into the big internal discussion that we had about that, but they are heavily

121
00:08:45,440 --> 00:08:49,560
continuing to move down that smart path, which means there's software, which means there's

122
00:08:49,560 --> 00:08:51,680
potentially vulnerabilities.

123
00:08:51,680 --> 00:08:54,560
Yeah, just kind of expanding on that briefly.

124
00:08:54,560 --> 00:08:59,000
One of the larger threats on there is, Nate highlighted it extremely well, but one of

125
00:08:59,000 --> 00:09:03,640
the other ones that's on there is if you don't do network segmentation, that could be a launching

126
00:09:03,640 --> 00:09:06,600
point into a network, which is very concerning.

127
00:09:06,600 --> 00:09:08,920
So, just kind of wanted to highlight that.

128
00:09:08,920 --> 00:09:14,160
I think the IoT of the world is getting extremely proliferating.

129
00:09:14,160 --> 00:09:15,560
People aren't even paying attention to it.

130
00:09:15,560 --> 00:09:17,680
They're just like, it needs to be connected.

131
00:09:17,680 --> 00:09:18,680
Let's go.

132
00:09:18,680 --> 00:09:19,680
Giddy up.

133
00:09:19,680 --> 00:09:25,000
There is business reasons for it, which is fantastic, but it still needs to be secured.

134
00:09:25,000 --> 00:09:30,000
So, jumping back to the comment that got us here is the good, bad, and the ugly.

135
00:09:30,000 --> 00:09:32,040
And I think Matthew started it out with a bang.

136
00:09:32,040 --> 00:09:33,720
I was going to go on AI, right?

137
00:09:33,720 --> 00:09:39,480
I mean, it was the big topic of 23 in general, but if you look at it, it does all three of

138
00:09:39,480 --> 00:09:42,000
those things in a nutshell.

139
00:09:42,000 --> 00:09:45,360
It's fantastic of what it's going to mean for defenders.

140
00:09:45,360 --> 00:09:49,640
It's terrifying for what it's going to be for 10 defenders at the same point.

141
00:09:49,640 --> 00:09:54,000
So, there's a lot there that's fantastic.

142
00:09:54,000 --> 00:09:59,000
Matthew kind of got into the comment as well about generative AI that's regulated versus

143
00:09:59,000 --> 00:10:00,000
what's not.

144
00:10:00,000 --> 00:10:03,880
You may have already noticed this if you're in the SMB market, which is small, medium-sized

145
00:10:03,880 --> 00:10:10,560
business, but Microsoft's co-pilot has been released to Enterprise, and they keep saying

146
00:10:10,560 --> 00:10:13,200
it's coming for the SMB market, but it hasn't been released.

147
00:10:13,200 --> 00:10:15,720
So, just to kind of say what it's coming is, you can get it.

148
00:10:15,720 --> 00:10:19,480
You just need to buy 300 licenses, which is pretty much outside the realm for most people

149
00:10:19,480 --> 00:10:22,160
at $9,000 per month.

150
00:10:22,160 --> 00:10:26,880
So, the biggest hang-up on it has been the compliance, right?

151
00:10:26,880 --> 00:10:30,960
The Enterprise is getting their hands on it, they're going, this thing has got its hooks

152
00:10:30,960 --> 00:10:34,800
in damn near everything, and that is very concerning.

153
00:10:34,800 --> 00:10:38,040
And so, the fact that you're not seeing it heavily rolled out, we're at the beginning

154
00:10:38,040 --> 00:10:41,440
of 24, I probably should put a minor time stamp on it.

155
00:10:41,440 --> 00:10:45,000
So, the reason why you haven't seen it generally released is because of this, is there's all

156
00:10:45,000 --> 00:10:49,080
this compliance and concern behind it of, what exactly am I doing?

157
00:10:49,080 --> 00:10:50,400
How do I keep my data safe?

158
00:10:50,400 --> 00:10:51,800
Is this more than I want to?

159
00:10:51,800 --> 00:10:56,160
Do I have the ability to stop portions of it, so on and so forth?

160
00:10:56,160 --> 00:11:01,880
Really, the big thing that I'd see coming up in 24 is AI, and we will see a significant

161
00:11:01,880 --> 00:11:08,400
impact on how that has a role to play in the phishing simulations, as Matthew already said.

162
00:11:08,400 --> 00:11:13,760
And really, what that means on the defensive side is there will be a lot of stuff that's

163
00:11:13,760 --> 00:11:18,200
going to have to come in place of what are the mitigating controls that we put in place

164
00:11:18,200 --> 00:11:22,640
to make sure that we are protecting ourselves, our customers, and so forth.

165
00:11:22,640 --> 00:11:27,080
Yeah, and this is one of the things that I just wanted to touch on as well a little

166
00:11:27,080 --> 00:11:31,200
bit is with the introduction of some of this generative AI.

167
00:11:31,200 --> 00:11:34,000
So for example, Microsoft Co-Pilot, right?

168
00:11:34,000 --> 00:11:36,600
Most organizations are using Office 365.

169
00:11:36,600 --> 00:11:40,600
The way that Microsoft is going to handle those permissions is the content that that

170
00:11:40,600 --> 00:11:46,920
user has access to, it's going to be able to interact or retrieve that data to generate

171
00:11:46,920 --> 00:11:47,920
new stuff.

172
00:11:47,920 --> 00:11:54,160
So, for ASISO or other security executives at these organizations, let's say about two

173
00:11:54,160 --> 00:12:00,880
or three years ago, you were focused heavily on infrastructure and hardening that.

174
00:12:00,880 --> 00:12:04,800
Then you moved into more of that identity and access management as your core focus,

175
00:12:04,800 --> 00:12:10,560
as everything started moving to the cloud and the application sprawl started to continue.

176
00:12:10,560 --> 00:12:17,000
And now what we're going to see is security executives focusing heavily on data classification

177
00:12:17,000 --> 00:12:23,360
and data segmentation and access control of the internal data.

178
00:12:23,360 --> 00:12:29,560
Because these tools, let's say you have board reports and your share point is too open,

179
00:12:29,560 --> 00:12:35,760
are you wanting to allow your intern to use AI, have it automatically query your meeting

180
00:12:35,760 --> 00:12:39,880
minutes and generate a report of everything that the business is doing, right?

181
00:12:39,880 --> 00:12:46,440
Is that data classification is going to become exponentially more important as AI is introduced

182
00:12:46,440 --> 00:12:48,680
into the businesses?

183
00:12:48,680 --> 00:12:55,520
So, I think across the board with that, we've seen a lot of changes.

184
00:12:55,520 --> 00:13:01,920
At the start of last year, there was executive orders that came through these requirements

185
00:13:01,920 --> 00:13:10,840
for greater awareness, like I mentioned, but also more thorough ownership from organizations

186
00:13:10,840 --> 00:13:13,320
of what's occurred.

187
00:13:13,320 --> 00:13:21,840
One of the things that took me by surprise, but in a good way, was the reaction most recently

188
00:13:21,840 --> 00:13:28,040
to the SolarWinds hack and what's happening with their team.

189
00:13:28,040 --> 00:13:34,200
There seems to be a lot of real consequences if people are being intentionally negligent

190
00:13:34,200 --> 00:13:40,120
or potentially not acting in the best interest of the organization.

191
00:13:40,120 --> 00:13:43,480
There are some consequences coming from that.

192
00:13:43,480 --> 00:13:47,680
And it's great to see that it's been kind of a shift from that.

193
00:13:47,680 --> 00:13:54,440
We see it in the compliance side within CMMC, where right now within NIST 800, the person

194
00:13:54,440 --> 00:14:01,160
who needs to attest to everything that was done can not be anyone in the organization,

195
00:14:01,160 --> 00:14:02,720
but it doesn't have to be leadership.

196
00:14:02,720 --> 00:14:06,360
CMMC, it has to be someone from the leadership team.

197
00:14:06,360 --> 00:14:12,600
And that change alone requires that that sign-off is happening with the awareness of the leadership

198
00:14:12,600 --> 00:14:15,640
team or the board of directors or whoever it is.

199
00:14:15,640 --> 00:14:22,800
So seeing that that ownership and responsibility really be put where I think it should be put,

200
00:14:22,800 --> 00:14:24,920
it has been nice to see across the board.

201
00:14:24,920 --> 00:14:32,400
Yeah, as a senior security leader, the way Matthew just covered mildly terrifies me.

202
00:14:32,400 --> 00:14:36,400
I was in the same thing.

203
00:14:36,400 --> 00:14:39,760
My name is now going to have to be written on there somewhere.

204
00:14:39,760 --> 00:14:45,240
Yeah, unfortunately, for what it's worth, I think the individual thought he was being

205
00:14:45,240 --> 00:14:52,400
probably clever on how he phrased things, but it was not done in the best light for

206
00:14:52,400 --> 00:14:53,400
everybody, right?

207
00:14:53,400 --> 00:14:57,400
He may have been trying to protect the company, but he wasn't doing what was really, really

208
00:14:57,400 --> 00:14:58,800
right, if you will.

209
00:14:58,800 --> 00:15:01,880
But that being aside, it is interesting.

210
00:15:01,880 --> 00:15:06,600
One of the big takeaways that I kind of feel like is coming down the pipe here, and it

211
00:15:06,600 --> 00:15:10,400
has a lot to do with what we were just talking about, whether it gets into segmentation with

212
00:15:10,400 --> 00:15:14,520
your IoT devices and so forth, is I think this is going to be a big trend, and it has

213
00:15:14,520 --> 00:15:15,520
to start somewhere.

214
00:15:15,520 --> 00:15:17,720
It has to start sometime.

215
00:15:17,720 --> 00:15:21,040
What better place than never mind.

216
00:15:21,040 --> 00:15:23,280
Maybe some people will get that one.

217
00:15:23,280 --> 00:15:28,360
Anyways, we're almost to the point where, to me, I'm looking at, and I say that I'm thinking

218
00:15:28,360 --> 00:15:33,560
the world has to change, and I'll attribute this very similar to the transition to endpoint

219
00:15:33,560 --> 00:15:35,520
detection and response.

220
00:15:35,520 --> 00:15:39,160
Nationwide globally, I think the adoption of EDR is still quite low.

221
00:15:39,160 --> 00:15:43,600
For us and our customers, it's extremely high because we believe so strongly in it, but

222
00:15:43,600 --> 00:15:47,280
the next trend for me is it's very complicated.

223
00:15:47,280 --> 00:15:48,280
It's zero trust.

224
00:15:48,280 --> 00:15:52,440
We're at a point now where enough stuff has moved to the cloud for various reasons, and

225
00:15:52,440 --> 00:15:54,840
a lot of them are very strong business reasons, right?

226
00:15:54,840 --> 00:15:59,960
I get to reduce the amount of equipment I have on place, I can apply updates on the fly.

227
00:15:59,960 --> 00:16:00,960
Cloud is fantastic.

228
00:16:00,960 --> 00:16:06,320
However, as you continue to go down that path, you have to find new interesting ways to start

229
00:16:06,320 --> 00:16:09,120
to protect that and your individuals.

230
00:16:09,120 --> 00:16:15,480
In addition to that cloud migration, we still have the remote world, and again, how do I

231
00:16:15,480 --> 00:16:17,480
protect everything?

232
00:16:17,480 --> 00:16:22,480
It's to the point, in my opinion, that the potential re-wrenching of the architecture

233
00:16:22,480 --> 00:16:29,000
infrastructure of IT needs to be reconsidered, and that is going to be, if you're doing it,

234
00:16:29,000 --> 00:16:31,240
zero trust is the way forward.

235
00:16:31,240 --> 00:16:34,600
I think you're really going to start to see that get real legs this year.

236
00:16:34,600 --> 00:16:38,480
I know in a lot of instances, some of that is starting to happen.

237
00:16:38,480 --> 00:16:43,440
I read an article a couple of weeks ago that said 80 plus percent of organizations have

238
00:16:43,440 --> 00:16:48,400
started the zero trust journey, and I was like, there's no way that number is correct.

239
00:16:48,400 --> 00:16:52,760
When I looked in it, basically, the big thing in it was people have been implementing MFA,

240
00:16:52,760 --> 00:16:53,760
which is fantastic.

241
00:16:53,760 --> 00:16:55,080
It's a great first start.

242
00:16:55,080 --> 00:16:58,000
But it's not really, we're adopting zero trust.

243
00:16:58,000 --> 00:17:01,640
It's more like I have to protect myself, and I've got this tool in place.

244
00:17:01,640 --> 00:17:02,800
It is part of the journey.

245
00:17:02,800 --> 00:17:06,960
It's just not a massive chunk of the process.

246
00:17:06,960 --> 00:17:11,160
I thought you were going to say that they had had a demo with a zero trust company, which,

247
00:17:11,160 --> 00:17:13,440
I mean, that's beginning the journey, right?

248
00:17:13,440 --> 00:17:15,280
That is the beginning.

249
00:17:15,280 --> 00:17:16,280
That's fair.

250
00:17:16,280 --> 00:17:25,040
I know what you're talking about, and no surprise, they sell zero trust solutions.

251
00:17:25,040 --> 00:17:28,720
Just from the infrastructure side of things, just to continue on to what Todd was talking

252
00:17:28,720 --> 00:17:29,720
about.

253
00:17:29,720 --> 00:17:35,120
So CIT, we have an internal incident response team that helps customers with critical security

254
00:17:35,120 --> 00:17:37,760
incidents.

255
00:17:37,760 --> 00:17:41,480
With the implementation of things like EDR, application, whitelisting, privilege access,

256
00:17:41,480 --> 00:17:47,000
management, we have seen a massive, massive decrease of security incidents.

257
00:17:47,000 --> 00:17:53,280
However, we still get called quite frequently from other companies saying, we need assistance,

258
00:17:53,280 --> 00:17:56,000
we've got ransomware or whatever it is, right?

259
00:17:56,000 --> 00:18:04,360
And in the past, it used to be someone clicking on an email, it originates from there, and

260
00:18:04,360 --> 00:18:07,360
then it kind of moves across the rest of the network.

261
00:18:07,360 --> 00:18:11,760
One of the biggest things that we saw in 2023, because so many companies are implementing

262
00:18:11,760 --> 00:18:19,960
those security tools, is coming in through the VPN, because unfortunately, it's either

263
00:18:19,960 --> 00:18:25,800
companies that don't have a multi-factor on the VPN, or the user is still susceptible

264
00:18:25,800 --> 00:18:31,080
to that, but then there's no protections across the network for monitoring and segmenting

265
00:18:31,080 --> 00:18:33,600
that traffic if it is malicious.

266
00:18:33,600 --> 00:18:41,040
And so we've seen VPN after VPN, after VPN initiated compromises on the network.

267
00:18:41,040 --> 00:18:45,760
And so one of the big things for CIT is, and this is getting more than zero trust mentality,

268
00:18:45,760 --> 00:18:48,640
is get rid of the VPNs.

269
00:18:48,640 --> 00:18:55,000
It's one of those things that have been around for 25 years, so you would think, what is

270
00:18:55,000 --> 00:18:56,560
the alternative to that?

271
00:18:56,560 --> 00:19:01,560
There's ways that you can still allow that remote access, but close up the hole on the

272
00:19:01,560 --> 00:19:02,800
firewall.

273
00:19:02,800 --> 00:19:06,000
So it cannot be scanned.

274
00:19:06,000 --> 00:19:10,880
And so this is kind of the introduction of something called SASE.

275
00:19:10,880 --> 00:19:16,280
But it's one of the things that CIT does place a lot of importance on, is getting rid of

276
00:19:16,280 --> 00:19:23,480
those VPNs, because it's just a hole in the network that just is open for just brute force

277
00:19:23,480 --> 00:19:28,040
activity or someone to prod around and try and find their way in.

278
00:19:28,040 --> 00:19:29,040
I think we...

279
00:19:29,040 --> 00:19:30,800
Well, what it's worth, I'm sorry, Matthew, I was real briefly.

280
00:19:30,800 --> 00:19:35,440
I think it's kind of ironic that a couple years ago, we're like, get VPN and get VPN,

281
00:19:35,440 --> 00:19:38,160
get VPN, and now we're saying get rid of it.

282
00:19:38,160 --> 00:19:40,160
But it was, right?

283
00:19:40,160 --> 00:19:44,360
The world changes, unfortunately, especially in the world of cybersecurity is at least

284
00:19:44,360 --> 00:19:45,600
your data was encrypted.

285
00:19:45,600 --> 00:19:47,400
At least you had a secure connection.

286
00:19:47,400 --> 00:19:52,760
At least you had, well, unfortunately, at least really isn't all that much anymore.

287
00:19:52,760 --> 00:19:56,200
Not surprising, there's also something out there called zero trust network access, which

288
00:19:56,200 --> 00:19:57,200
is ZTNA.

289
00:19:57,200 --> 00:20:01,120
I'm sure you'll start seeing that in 24 significantly as well.

290
00:20:01,120 --> 00:20:06,760
But if you're using VPN, you already know that it stinks, right?

291
00:20:06,760 --> 00:20:09,480
Your employees struggle with it constantly.

292
00:20:09,480 --> 00:20:13,360
We do a lot of work with our customers, and it's one of the things that we find that they

293
00:20:13,360 --> 00:20:16,720
need the most amount of support on is the VPNs.

294
00:20:16,720 --> 00:20:18,440
And I thought, let's go ahead, Matthew.

295
00:20:18,440 --> 00:20:23,000
I was going to say, I believe we've done a podcast on zero trust, right?

296
00:20:23,000 --> 00:20:24,000
Yeah.

297
00:20:24,000 --> 00:20:27,560
We've gone through a lot.

298
00:20:27,560 --> 00:20:29,480
We've talked about it a lot, and I just wanted to make sure.

299
00:20:29,480 --> 00:20:35,680
Because there is a lot of things that it does that basically it covers a lot of these bases.

300
00:20:35,680 --> 00:20:36,680
It does work.

301
00:20:36,680 --> 00:20:42,080
It does cover by working similarly to a VPN at a workstation level.

302
00:20:42,080 --> 00:20:48,320
It does bypass, therefore, any of the security flaws that come from VPNs from being on the

303
00:20:48,320 --> 00:20:50,240
same network.

304
00:20:50,240 --> 00:20:54,720
I was having conversation with a customer just the other day about the fact that I have a

305
00:20:54,720 --> 00:20:58,840
segmented network at home for all of my Internet of Things stuff.

306
00:20:58,840 --> 00:21:03,840
And I know that may seem like a little bit of overkill for a lot of people, but I just

307
00:21:03,840 --> 00:21:08,240
don't need any of that stuff running on the same network as the one I use for everything

308
00:21:08,240 --> 00:21:09,240
else I do.

309
00:21:09,240 --> 00:21:15,680
I mean, the streaming stuff I do doesn't need to be on the same subnet as my cameras do.

310
00:21:15,680 --> 00:21:18,760
That doesn't make any sense to me.

311
00:21:18,760 --> 00:21:28,920
So this segmentation, ZeroTrust covers a lot of these things that we talk about as

312
00:21:28,920 --> 00:21:30,360
changes that are upcoming.

313
00:21:30,360 --> 00:21:35,080
We're covering a lot of those specific ones by talking about ZeroTrust because it is

314
00:21:35,080 --> 00:21:42,200
designed to include things like the software access secure edge and things like that, which

315
00:21:42,200 --> 00:21:47,760
make it helpful for us to just use this single term to define it all.

316
00:21:47,760 --> 00:21:52,560
We aren't saying it's a catchall in the same way that when we said VPNs a couple of years

317
00:21:52,560 --> 00:21:57,720
ago and they were a fantastic solution at the time, that's changed.

318
00:21:57,720 --> 00:22:02,360
And ZeroTrust right now is the solution that is a pivot because if we're pivoting, the

319
00:22:02,360 --> 00:22:05,880
bad guys have to pivot too.

320
00:22:05,880 --> 00:22:06,880
And that's part of it.

321
00:22:06,880 --> 00:22:10,040
If we're always moving, they also have to be always moving.

322
00:22:10,040 --> 00:22:13,280
I don't have to be, but they sure want to.

323
00:22:13,280 --> 00:22:14,280
They should be.

324
00:22:14,280 --> 00:22:15,280
I mean, yeah.

325
00:22:15,280 --> 00:22:26,040
I mean, look, as part of my certifications that I've got, they gave me a copy of Windows

326
00:22:26,040 --> 00:22:30,240
Server 2003 and said, use this for all your testing because everything that you've been

327
00:22:30,240 --> 00:22:36,000
taught can be done on this server.

328
00:22:36,000 --> 00:22:42,240
And I just remember thinking back when this happened, I was like, I know people who still

329
00:22:42,240 --> 00:22:46,960
use this server in their day-to-day business, and it is the one that I'm being taught how

330
00:22:46,960 --> 00:22:51,600
to do everything on because it all works.

331
00:22:51,600 --> 00:22:56,640
The quicker you pivot, upgrade, change, move to new things, get stuff that is different.

332
00:22:56,640 --> 00:23:00,280
The people who've been doing the same thing the whole time can't anymore.

333
00:23:00,280 --> 00:23:03,720
They have to find new ways to get around it as well.

334
00:23:03,720 --> 00:23:09,920
And that's just, as a change, a thing that I'm hoping comes through here is that, is

335
00:23:09,920 --> 00:23:15,200
people realizing that it's not about trying to force them off a thing they love or trying

336
00:23:15,200 --> 00:23:18,880
to make them move to a thing that maybe someone else likes more.

337
00:23:18,880 --> 00:23:27,320
There is specific benefits to making a change that are far beyond just its new and cool.

338
00:23:27,320 --> 00:23:31,440
Its new and cool is a benefit.

339
00:23:31,440 --> 00:23:38,120
Just to continue on about threat actors having to change tactics as the industry changes,

340
00:23:38,120 --> 00:23:41,000
we have actually seen this quite a bit.

341
00:23:41,000 --> 00:23:43,360
Again, I'm just going to focus on ransomware.

342
00:23:43,360 --> 00:23:47,720
There's plenty of other threat types out there or attack types out there.

343
00:23:47,720 --> 00:23:54,360
But in the past, you used to just encrypt the data and say, give me money to be able

344
00:23:54,360 --> 00:23:55,920
to decrypt that data.

345
00:23:55,920 --> 00:24:00,600
Then it changed to once everyone had solid backups, well, then they would pull the data,

346
00:24:00,600 --> 00:24:04,640
then encrypt it and extort you for the data itself.

347
00:24:04,640 --> 00:24:10,960
Then we saw a transition to, I'm going to pull the data, encrypt it, and then I'm going

348
00:24:10,960 --> 00:24:16,240
to go bug your customer saying, I know that this company is compromised.

349
00:24:16,240 --> 00:24:19,200
Go tell them to take care of this.

350
00:24:19,200 --> 00:24:22,560
Otherwise, we're going to release your data.

351
00:24:22,560 --> 00:24:27,840
And so there's additional extortion that's happening there.

352
00:24:27,840 --> 00:24:34,080
Just last year, we saw a threat group actually file a SEC complaint against the company after

353
00:24:34,080 --> 00:24:38,360
they compromised on this and they said, hey, by the way, they didn't do the reporting requirements.

354
00:24:38,360 --> 00:24:41,000
And so that's how that all came out.

355
00:24:41,000 --> 00:24:46,240
Now what we're actually seeing, there's just an article I saw, I believe last week, about

356
00:24:46,240 --> 00:24:51,960
a threat actor that compromised a hospital and then they actually were swatting their

357
00:24:51,960 --> 00:24:53,400
patients.

358
00:24:53,400 --> 00:24:57,880
And so if you're not familiar with swatting, you essentially call the police, say, there's

359
00:24:57,880 --> 00:25:02,600
bomb threat, gun threat, whatever it is, and they send the police and the SWAT team to

360
00:25:02,600 --> 00:25:05,000
your house with guns.

361
00:25:05,000 --> 00:25:12,160
And so as companies are further increasing the security controls that they have and better

362
00:25:12,160 --> 00:25:18,520
protecting the environments, threat actors are also getting a little bit desperate and

363
00:25:18,520 --> 00:25:26,160
purely just malicious of these high pressure tactics to still receive that money.

364
00:25:26,160 --> 00:25:29,520
So the more you can do to prevent those, obviously, is the better.

365
00:25:29,520 --> 00:25:33,640
But I thought that was really interesting that now they're resorting over to swatting

366
00:25:33,640 --> 00:25:35,440
as well.

367
00:25:35,440 --> 00:25:37,920
There is a lot of high pressure tactics that are being used.

368
00:25:37,920 --> 00:25:42,160
And we've seen this not just at a business level, but at a personal level, the horror

369
00:25:42,160 --> 00:25:46,400
stories about the things they're doing to try and get what seems like minimal sums from

370
00:25:46,400 --> 00:25:48,840
some people.

371
00:25:48,840 --> 00:25:55,400
When it comes to the business side, we've always known that that fear is a tactic, creating

372
00:25:55,400 --> 00:25:57,500
a sense of urgency is a tactic.

373
00:25:57,500 --> 00:26:04,640
But the way they're doing it now in a lot of these cases is beyond the pale for the

374
00:26:04,640 --> 00:26:06,600
types of things that you would expect.

375
00:26:06,600 --> 00:26:10,520
Swatting anyone is a crazy thing to do.

376
00:26:10,520 --> 00:26:16,640
Putting in the SEC complaint, on the other hand, that seems like they're using capitalism

377
00:26:16,640 --> 00:26:20,240
in a very interesting way.

378
00:26:20,240 --> 00:26:25,880
So we've seen this in other ways, though, right?

379
00:26:25,880 --> 00:26:30,080
To support portals for a lot of ransomware look incredibly professional.

380
00:26:30,080 --> 00:26:33,880
You'd think they came from a Fortune 500 company.

381
00:26:33,880 --> 00:26:38,360
There are things that you can't be prepared for that make them look more and more like

382
00:26:38,360 --> 00:26:43,360
official businesses because they work very similarly to them.

383
00:26:43,360 --> 00:26:47,960
Looking for these high pressure tactics and remembering that someone's saying, hey, I

384
00:26:47,960 --> 00:26:55,720
need you to do this now is oftentimes a tactic, not just for ransomware, but in general.

385
00:26:55,720 --> 00:26:57,960
It's something to be aware of.

386
00:26:57,960 --> 00:27:04,480
I think it's helped me personally remain a lot calmer to have to fight that in response

387
00:27:04,480 --> 00:27:08,520
to a lot of things that come my way of, I'm sure this can wait.

388
00:27:08,520 --> 00:27:15,600
Maybe the 15 minutes it takes for me to take a step back is very helpful in dealing with

389
00:27:15,600 --> 00:27:18,160
that type of tactic.

390
00:27:18,160 --> 00:27:21,080
And I think we'll see more of that in the training that's coming out.

391
00:27:21,080 --> 00:27:29,680
We'll be more of a take a breath if is this really that critical style language?

392
00:27:29,680 --> 00:27:33,200
We're also seeing a lot of...

393
00:27:33,200 --> 00:27:41,280
We talked about it briefly with the IoT stuff, but it's being smart devices now everything,

394
00:27:41,280 --> 00:27:42,280
right?

395
00:27:42,280 --> 00:27:45,520
We're seeing everything be added that way.

396
00:27:45,520 --> 00:27:52,320
It doesn't ransomware and malicious code is not just added on the fly.

397
00:27:52,320 --> 00:27:57,320
Sometimes if anyone's read up on the Stuxnet attack, it can happen slowly over time.

398
00:27:57,320 --> 00:28:03,120
Things with this type of tech in them are vulnerable, not just in every moment they're

399
00:28:03,120 --> 00:28:08,960
connected to the internet, but sometimes there's things that are hibernating.

400
00:28:08,960 --> 00:28:10,200
They have timeframes on them.

401
00:28:10,200 --> 00:28:14,520
They have weight X amount of time before you run this code so that you're not connected

402
00:28:14,520 --> 00:28:17,800
to the network.

403
00:28:17,800 --> 00:28:23,080
I think there's going to be a bigger push not just for data classification, but for within

404
00:28:23,080 --> 00:28:29,400
reason airgapping data, keeping some data disconnected from your regular data in a way

405
00:28:29,400 --> 00:28:31,240
that it wasn't before.

406
00:28:31,240 --> 00:28:36,320
Just because the amount of times if someone gets into one section, even if your data is

407
00:28:36,320 --> 00:28:41,480
tagged, the potential that they'll grab really important data with the less important data

408
00:28:41,480 --> 00:28:48,720
because you haven't segmented them fully is much higher.

409
00:28:48,720 --> 00:28:53,560
One thing I know this is naturally going to do is you're going to go, wow, you're steering

410
00:28:53,560 --> 00:28:54,560
the crap out of me.

411
00:28:54,560 --> 00:28:55,560
What do we do about that?

412
00:28:55,560 --> 00:28:59,080
That'll have to be a follow up meeting on some of the other stuff.

413
00:28:59,080 --> 00:29:00,240
It's fine.

414
00:29:00,240 --> 00:29:02,120
But it's naturally where my mind goes, right?

415
00:29:02,120 --> 00:29:06,160
We start getting into swatting and it's boys out of an escalation.

416
00:29:06,160 --> 00:29:12,560
I will say currently it's not something where I say 80% of all attacks have escalated to

417
00:29:12,560 --> 00:29:16,160
swatting at least currently and I'll knock on wood wherever that may be.

418
00:29:16,160 --> 00:29:19,280
But it is something that is out there and it is worthy of being aware of.

419
00:29:19,280 --> 00:29:22,800
But just in general, I mean a lot of the other things, Matthew, I wanted to circle back about

420
00:29:22,800 --> 00:29:26,560
this before we ran out of time too because I do think that this will be a big topic for

421
00:29:26,560 --> 00:29:27,560
this year.

422
00:29:27,560 --> 00:29:32,440
As Matthew mentioned, CMMC is Christmas present at the beginning.

423
00:29:32,440 --> 00:29:37,480
It is, I think it's finally getting ready to go live so they've had a couple of false

424
00:29:37,480 --> 00:29:42,480
starts on it and we see little jumps up where people are like, okay, I have to be compliant.

425
00:29:42,480 --> 00:29:44,120
I need to do that immediately.

426
00:29:44,120 --> 00:29:47,880
Most organizations tend to wait till the last minute and it seems like they've been somewhat

427
00:29:47,880 --> 00:29:51,000
justified but my point here is it's actually coming.

428
00:29:51,000 --> 00:29:53,720
So in 25, it will be in place.

429
00:29:53,720 --> 00:29:57,440
It will be out there and so you will see a lot of organizations.

430
00:29:57,440 --> 00:30:01,720
In case anybody doesn't know what CMMC is, I don't know what the acronym stands for

431
00:30:01,720 --> 00:30:07,440
anymore but it is heavily impacting a lot of manufacturers and anybody that's working

432
00:30:07,440 --> 00:30:13,440
with the Department of Defense and so forth but it will be in place and it is coming and

433
00:30:13,440 --> 00:30:17,040
there have been revisions so we'll have to follow up later this year with what you can

434
00:30:17,040 --> 00:30:20,280
expect in the latest version with another podcast around it.

435
00:30:20,280 --> 00:30:26,400
So if you are under that particular type of regulations, you'll need to be aware of it

436
00:30:26,400 --> 00:30:30,160
and you will need to be compliant and I would guess my rough estimate is going to be at

437
00:30:30,160 --> 00:30:36,800
the beginning of 25 so they'll probably put a drop dead date somewhere at the end of 24.

438
00:30:36,800 --> 00:30:39,840
Cyber security maturity model certification.

439
00:30:39,840 --> 00:30:41,000
Thank you.

440
00:30:41,000 --> 00:30:44,200
It's not, honestly, I do wonder if it's worth memorizing.

441
00:30:44,200 --> 00:30:47,800
I do think CMMC is much better.

442
00:30:47,800 --> 00:30:53,280
I wouldn't bother trying to memorize it anywhere.

443
00:30:53,280 --> 00:30:54,680
I don't want to go into it too deeply.

444
00:30:54,680 --> 00:30:59,240
I will say if you haven't read it, if you are interested in these changes, bring it in

445
00:30:59,240 --> 00:31:05,720
my opinion more in line with where it was originally which is a very good thing in my

446
00:31:05,720 --> 00:31:11,480
opinion and maybe there'll be a podcast of me on my soapbox.

447
00:31:11,480 --> 00:31:20,080
Yeah, quick little tangent but I just wanted to introduce one last prediction.

448
00:31:20,080 --> 00:31:21,520
This is my own personal prediction.

449
00:31:21,520 --> 00:31:26,920
I didn't see it listed on many articles when I was looking for what others have predicted

450
00:31:26,920 --> 00:31:28,600
for 24.

451
00:31:28,600 --> 00:31:33,080
Although we all have to get to work somehow and I know this is called the tech for business

452
00:31:33,080 --> 00:31:37,000
podcast but this is a little more of a personal thing but again we have to get to work in

453
00:31:37,000 --> 00:31:44,200
some way was auto manufacturers are making a massive push right now to introduce electric

454
00:31:44,200 --> 00:31:52,560
cars to everyone and so I foresee a lot of reports coming about vulnerabilities in these

455
00:31:52,560 --> 00:31:53,560
systems.

456
00:31:53,560 --> 00:31:57,160
We've seen it in the past when Tesla first got introduced but unfortunately there's a

457
00:31:57,160 --> 00:32:04,200
mad rush to market right now for all these automotive manufacturers and so my concern

458
00:32:04,200 --> 00:32:10,120
would be that they're prioritizing that push a little more than some of the security and

459
00:32:10,120 --> 00:32:17,280
so just drive safe to work right and just again the nice thing is that there's a lot

460
00:32:17,280 --> 00:32:22,520
of these cars are becoming being deployed with interconnected systems so they can receive

461
00:32:22,520 --> 00:32:25,760
software updates but again if you have an electric car just make sure you're doing your

462
00:32:25,760 --> 00:32:32,120
updates to help mitigate a lot of those vulnerabilities that will likely be discovered.

463
00:32:32,120 --> 00:32:38,040
Hit the tangent alert button has anybody watched or read leave the world behind?

464
00:32:38,040 --> 00:32:44,080
I watched it this last weekend and my cybersecurity mind is just racing through the whole thing

465
00:32:44,080 --> 00:32:48,760
like how would I protect myself but in the movie there is a portion where the Teslas

466
00:32:48,760 --> 00:32:59,440
get attacked and they are being launched self driven so it's not a great movie but I still

467
00:32:59,440 --> 00:33:00,440
liked it so.

468
00:33:00,440 --> 00:33:01,440
I love it.

469
00:33:01,440 --> 00:33:02,440
Tech for business.

470
00:33:02,440 --> 00:33:03,440
Yes.

471
00:33:03,440 --> 00:33:11,080
I'm going to real quick just to kind of wrap it up I'm going to bring it back to businesses

472
00:33:11,080 --> 00:33:15,720
because that's what we're focusing on and you know it's quarter one everyone's in these

473
00:33:15,720 --> 00:33:20,000
meetings they're figuring out what this year with three years with five years looks like

474
00:33:20,000 --> 00:33:26,800
if you had one thing maybe we mentioned it maybe we didn't that you think is missing

475
00:33:26,800 --> 00:33:31,560
from that meeting from that agenda that people that businesses are not thinking about that's

476
00:33:31,560 --> 00:33:33,920
a blind spot for them.

477
00:33:33,920 --> 00:33:36,480
What would that be?

478
00:33:36,480 --> 00:33:41,160
I first want to ask are we sure this isn't the tech for business movie review podcast

479
00:33:41,160 --> 00:33:43,600
because it could be.

480
00:33:43,600 --> 00:33:50,960
I like it we can do an icebreaker next time.

481
00:33:50,960 --> 00:33:56,200
I'll say in my opinion one of the biggest things that's happening is I know a lot of

482
00:33:56,200 --> 00:33:59,760
people are having the conversation and I'm pulled into a lot of conversations where people

483
00:33:59,760 --> 00:34:04,000
are saying we want to do the next thing we want to do we want to make sure we're thinking

484
00:34:04,000 --> 00:34:09,280
about this at the right level and that's a great conversation to have but it's important

485
00:34:09,280 --> 00:34:15,320
to have someone guiding that who can actually guide it and knows where it's coming from

486
00:34:15,320 --> 00:34:21,720
in my opinion the best way to start with that is with a picking a framework and just basing

487
00:34:21,720 --> 00:34:28,640
it on something because they're designed to help you as an organization create a create

488
00:34:28,640 --> 00:34:33,360
a system that works within that framework they give you guidance on everything.

489
00:34:33,360 --> 00:34:39,160
A CISO is definitely a good step making sure you have someone who is taking ownership and

490
00:34:39,160 --> 00:34:43,120
then really the authority on that for the organization if you want to take that next

491
00:34:43,120 --> 00:34:48,360
step be aware that it does have an output to it there is something that you'll need

492
00:34:48,360 --> 00:34:53,760
to get that guidance and I know there are a lot of organizations doing this already

493
00:34:53,760 --> 00:34:57,880
but I've just been a part of three to five conversations in the past two weeks already

494
00:34:57,880 --> 00:35:03,480
of people just saying what do I do next and the answer is you you find something to follow

495
00:35:03,480 --> 00:35:09,160
whether that's a person whether that's a framework you find someone who you trust in this topic

496
00:35:09,160 --> 00:35:13,400
to help guide you in what they know and what they see on a regular basis.

497
00:35:13,400 --> 00:35:18,440
Yeah I know you said one thing but I'm going to do two one is just kind of telling enough

498
00:35:18,440 --> 00:35:23,960
of what Matthew just said there and I can't help myself I'm sorry this is who I am.

499
00:35:23,960 --> 00:35:28,920
This is getting extremely complicated when it comes to cybersecurity insurance where

500
00:35:28,920 --> 00:35:32,200
we've actually worked with some organizations where it's been treated almost like a full

501
00:35:32,200 --> 00:35:36,920
IT audit and the reason why I bring it up is most organizations are not prepared to handle

502
00:35:36,920 --> 00:35:41,560
that type of conversation so if it's not on your agenda you're going to have to find somebody

503
00:35:41,560 --> 00:35:45,120
in my opinion that that can help navigate that and it's very similar to what Matthew

504
00:35:45,120 --> 00:35:48,880
was saying is find a partner that you can work with that'll help you get through those

505
00:35:48,880 --> 00:35:54,200
most companies that we work it's a fairly significant piece they come to us and say can

506
00:35:54,200 --> 00:35:59,040
you help us through this so we're already seeing a massive uptick in it but the one

507
00:35:59,040 --> 00:36:05,680
thing that I wanted to highlight as I mentioned it as Zero Trust is it's time in my opinion

508
00:36:05,680 --> 00:36:11,680
it's time to start to build a plan it seems unwieldy it seems like a massive lift and

509
00:36:11,680 --> 00:36:17,680
it's a lot but it's time to go what am I going to do if I do nothing there is going to be

510
00:36:17,680 --> 00:36:22,440
significant and risk that's going to be increasing for organizations that don't have it on their

511
00:36:22,440 --> 00:36:26,960
plan to move forward you will be replacing portions of your infrastructure it's time

512
00:36:26,960 --> 00:36:31,080
to start planning on if I do that what do I replace it with zero trust is going to be

513
00:36:31,080 --> 00:36:34,920
the answer and again you're going to have to find a partner to help you through that

514
00:36:34,920 --> 00:36:40,720
find was actually very similar to Todd's was I believe it's on the podcast that I was on

515
00:36:40,720 --> 00:36:44,680
with Kyle where we talked about a lot of the zero trust coming off of our tech for business

516
00:36:44,680 --> 00:36:50,680
or tech fair conversations however one of the big things that I think I mentioned on

517
00:36:50,680 --> 00:36:56,720
that one if I remember correctly was small businesses often are operating on a budget

518
00:36:56,720 --> 00:37:01,680
for just an annual basis right how do we get through this next year but kind of what Todd

519
00:37:01,680 --> 00:37:08,720
was saying and kind of coming into with Matthew as well about the VC so is you need a long

520
00:37:08,720 --> 00:37:14,080
term strategy to actually implement those those are often three to five year initiatives

521
00:37:14,080 --> 00:37:19,520
and so if you're only ever budgeting for an annual cycle you're never going to catch up

522
00:37:19,520 --> 00:37:24,000
or put in the proper building blocks to get where you need to go you have to have that

523
00:37:24,000 --> 00:37:33,040
longer term strategy and so my advice for business owners is going to say look a little

524
00:37:33,040 --> 00:37:37,120
bit further out and you know whether or not it's just listening to something like this

525
00:37:37,120 --> 00:37:42,840
of saying how do we get there do we need to work with a partner or not but at a minimum

526
00:37:42,840 --> 00:37:47,080
look at a three year budget cycle for your security initiatives that's what's going to

527
00:37:47,080 --> 00:37:51,680
drive you forward you're just going to get caught in a cyclical pattern if you're only

528
00:37:51,680 --> 00:38:00,320
focusing on annual yeah and those costs should increase because you want to get more secure

529
00:38:00,320 --> 00:38:06,280
over time don't just think this is the amount I'm spending on security and that's it remember

530
00:38:06,280 --> 00:38:11,560
that a the cost change but be the tools change we find things that are more secure and we

531
00:38:11,560 --> 00:38:16,840
find things that are better to keep the organization safe you don't want to have to get to that

532
00:38:16,840 --> 00:38:21,040
point three years from now when this tool that does a lot of this comes out and you

533
00:38:21,040 --> 00:38:26,000
haven't budgeted or prepared for what a shift would be like this is a moving it's a moving

534
00:38:26,000 --> 00:38:32,120
target because it's a moving and changing industry and that's like I said speak to someone

535
00:38:32,120 --> 00:38:36,280
who can help with this because that's almost impossible to plan for if you aren't living

536
00:38:36,280 --> 00:38:42,000
in it every day it's hard to see what these are like or why things become more important

537
00:38:42,000 --> 00:38:44,800
than other things over time.

538
00:38:44,800 --> 00:38:50,360
Somebody who wants policies as a Christmas present yes.

539
00:38:50,360 --> 00:38:54,960
Those are the right people to talk to yes.

540
00:38:54,960 --> 00:39:01,800
Oh my gosh thank you Todd, Nate and Matthew for joining us today if you enjoyed this podcast

541
00:39:01,800 --> 00:39:08,000
please like and subscribe if you have a question a topic a trend you want us to discuss reach

542
00:39:08,000 --> 00:39:16,480
out to us at info at cit-net.com or head out to our website cit-net.com slash adcast and

543
00:39:16,480 --> 00:39:32,520
we'll be back next week with an all new episode.