1 00:00:01,100 --> 00:00:04,519 covering the week's top textbooks like 2 00:00:04,519 --> 00:00:04,529 covering the week's top textbooks like 3 00:00:04,529 --> 00:00:07,070 covering the week's top textbooks like Linux bias the Department of Homeland 4 00:00:07,070 --> 00:00:07,080 Linux bias the Department of Homeland 5 00:00:07,080 --> 00:00:08,780 Linux bias the Department of Homeland Security is said on Tuesday that a 6 00:00:08,780 --> 00:00:08,790 Security is said on Tuesday that a 7 00:00:08,790 --> 00:00:12,080 Security is said on Tuesday that a us-based natural gas facility had to 8 00:00:12,080 --> 00:00:12,090 us-based natural gas facility had to 9 00:00:12,090 --> 00:00:14,539 us-based natural gas facility had to shut down operations for two days after 10 00:00:14,539 --> 00:00:14,549 shut down operations for two days after 11 00:00:14,549 --> 00:00:16,460 shut down operations for two days after sustaining a ransomware infection that 12 00:00:16,460 --> 00:00:16,470 sustaining a ransomware infection that 13 00:00:16,470 --> 00:00:18,980 sustaining a ransomware infection that prevented personnel from receiving 14 00:00:18,980 --> 00:00:18,990 prevented personnel from receiving 15 00:00:18,990 --> 00:00:22,340 prevented personnel from receiving crucial real-time operational data from 16 00:00:22,340 --> 00:00:22,350 crucial real-time operational data from 17 00:00:22,350 --> 00:00:25,490 crucial real-time operational data from control and communication equipment the 18 00:00:25,490 --> 00:00:25,500 control and communication equipment the 19 00:00:25,500 --> 00:00:28,370 control and communication equipment the advisory didn't identify the site except 20 00:00:28,370 --> 00:00:28,380 advisory didn't identify the site except 21 00:00:28,380 --> 00:00:30,679 advisory didn't identify the site except to say that it was a natural gas a 22 00:00:30,679 --> 00:00:30,689 to say that it was a natural gas a 23 00:00:30,689 --> 00:00:33,410 to say that it was a natural gas a natural gas compression facility such 24 00:00:33,410 --> 00:00:33,420 natural gas compression facility such 25 00:00:33,420 --> 00:00:36,020 natural gas compression facility such sites typically use turbines motors and 26 00:00:36,020 --> 00:00:36,030 sites typically use turbines motors and 27 00:00:36,030 --> 00:00:38,420 sites typically use turbines motors and engines to compress natural gas so that 28 00:00:38,420 --> 00:00:38,430 engines to compress natural gas so that 29 00:00:38,430 --> 00:00:40,479 engines to compress natural gas so that it can be safely moved through pipelines 30 00:00:40,479 --> 00:00:40,489 it can be safely moved through pipelines 31 00:00:40,489 --> 00:00:43,760 it can be safely moved through pipelines the attack started with a malicious link 32 00:00:43,760 --> 00:00:43,770 the attack started with a malicious link 33 00:00:43,770 --> 00:00:45,410 the attack started with a malicious link in a phishing email that allowed 34 00:00:45,410 --> 00:00:45,420 in a phishing email that allowed 35 00:00:45,420 --> 00:00:47,779 in a phishing email that allowed attackers to pivot from the facility's 36 00:00:47,779 --> 00:00:47,789 attackers to pivot from the facility's 37 00:00:47,789 --> 00:00:50,389 attackers to pivot from the facility's IT network to the facilities ot network 38 00:00:50,389 --> 00:00:50,399 IT network to the facilities ot network 39 00:00:50,399 --> 00:00:53,119 IT network to the facilities ot network which is the operational technology hub 40 00:00:53,119 --> 00:00:53,129 which is the operational technology hub 41 00:00:53,129 --> 00:00:55,970 which is the operational technology hub of servers that control and monitor 42 00:00:55,970 --> 00:00:55,980 of servers that control and monitor 43 00:00:55,980 --> 00:00:59,119 of servers that control and monitor physical processes of the facility with 44 00:00:59,119 --> 00:00:59,129 physical processes of the facility with 45 00:00:59,129 --> 00:01:01,819 physical processes of the facility with that both the IT and ot networks were 46 00:01:01,819 --> 00:01:01,829 that both the IT and ot networks were 47 00:01:01,829 --> 00:01:04,579 that both the IT and ot networks were infected with her and somewhere the 48 00:01:04,579 --> 00:01:04,589 infected with her and somewhere the 49 00:01:04,589 --> 00:01:07,820 infected with her and somewhere the attack knocked out crucial control and 50 00:01:07,820 --> 00:01:07,830 attack knocked out crucial control and 51 00:01:07,830 --> 00:01:10,130 attack knocked out crucial control and communications gear that on-site 52 00:01:10,130 --> 00:01:10,140 communications gear that on-site 53 00:01:10,140 --> 00:01:12,710 communications gear that on-site employees depend on to monitor the 54 00:01:12,710 --> 00:01:12,720 employees depend on to monitor the 55 00:01:12,720 --> 00:01:16,460 employees depend on to monitor the physical processes the infection didn't 56 00:01:16,460 --> 00:01:16,470 physical processes the infection didn't 57 00:01:16,470 --> 00:01:20,060 physical processes the infection didn't spread to program a programmable logic 58 00:01:20,060 --> 00:01:20,070 spread to program a programmable logic 59 00:01:20,070 --> 00:01:22,160 spread to program a programmable logic controllers which actually control 60 00:01:22,160 --> 00:01:22,170 controllers which actually control 61 00:01:22,170 --> 00:01:24,200 controllers which actually control compression equipment and it didn't 62 00:01:24,200 --> 00:01:24,210 compression equipment and it didn't 63 00:01:24,210 --> 00:01:26,210 compression equipment and it didn't cause the facility to lose control of 64 00:01:26,210 --> 00:01:26,220 cause the facility to lose control of 65 00:01:26,220 --> 00:01:29,270 cause the facility to lose control of operations the adviser explicitly said 66 00:01:29,270 --> 00:01:29,280 operations the adviser explicitly said 67 00:01:29,280 --> 00:01:32,330 operations the adviser explicitly said that quote at no time did the threat 68 00:01:32,330 --> 00:01:32,340 that quote at no time did the threat 69 00:01:32,340 --> 00:01:34,910 that quote at no time did the threat actor obtain the ability to control or 70 00:01:34,910 --> 00:01:34,920 actor obtain the ability to control or 71 00:01:34,920 --> 00:01:40,490 actor obtain the ability to control or manipulate operations end quote okay so 72 00:01:40,490 --> 00:01:40,500 manipulate operations end quote okay so 73 00:01:40,500 --> 00:01:43,280 manipulate operations end quote okay so even though they weren't able to control 74 00:01:43,280 --> 00:01:43,290 even though they weren't able to control 75 00:01:43,290 --> 00:01:46,730 even though they weren't able to control operations it's still really scary I I 76 00:01:46,730 --> 00:01:46,740 operations it's still really scary I I 77 00:01:46,740 --> 00:01:48,830 operations it's still really scary I I have to kind of bite my tongue on that 78 00:01:48,830 --> 00:01:48,840 have to kind of bite my tongue on that 79 00:01:48,840 --> 00:01:51,230 have to kind of bite my tongue on that statement because it kind of feels like 80 00:01:51,230 --> 00:01:51,240 statement because it kind of feels like 81 00:01:51,240 --> 00:01:54,230 statement because it kind of feels like one of those where there oh well they 82 00:01:54,230 --> 00:01:54,240 one of those where there oh well they 83 00:01:54,240 --> 00:01:55,789 one of those where there oh well they didn't they weren't actually able to 84 00:01:55,789 --> 00:01:55,799 didn't they weren't actually able to 85 00:01:55,799 --> 00:01:58,330 didn't they weren't actually able to take control well they really were yeah 86 00:01:58,330 --> 00:01:58,340 take control well they really were yeah 87 00:01:58,340 --> 00:02:01,340 take control well they really were yeah work yeah maybe they didn't take control 88 00:02:01,340 --> 00:02:01,350 work yeah maybe they didn't take control 89 00:02:01,350 --> 00:02:04,520 work yeah maybe they didn't take control and blow something up sure but they had 90 00:02:04,520 --> 00:02:04,530 and blow something up sure but they had 91 00:02:04,530 --> 00:02:08,150 and blow something up sure but they had control mm-hmm so it's kind of like I 92 00:02:08,150 --> 00:02:08,160 control mm-hmm so it's kind of like I 93 00:02:08,160 --> 00:02:10,779 control mm-hmm so it's kind of like I don't know if I like that statement 94 00:02:10,779 --> 00:02:10,789 don't know if I like that statement 95 00:02:10,789 --> 00:02:14,890 don't know if I like that statement and ransomware is we can be really 96 00:02:14,890 --> 00:02:14,900 and ransomware is we can be really 97 00:02:14,900 --> 00:02:17,259 and ransomware is we can be really complacent and say it's just the 98 00:02:17,259 --> 00:02:17,269 complacent and say it's just the 99 00:02:17,269 --> 00:02:20,170 complacent and say it's just the encryption of my files no they had to 100 00:02:20,170 --> 00:02:20,180 encryption of my files no they had to 101 00:02:20,180 --> 00:02:22,599 encryption of my files no they had to get that in somehow and how did they get 102 00:02:22,599 --> 00:02:22,609 get that in somehow and how did they get 103 00:02:22,609 --> 00:02:25,390 get that in somehow and how did they get that in in this case an email file right 104 00:02:25,390 --> 00:02:25,400 that in in this case an email file right 105 00:02:25,400 --> 00:02:28,270 that in in this case an email file right so that email file contained ransomware 106 00:02:28,270 --> 00:02:28,280 so that email file contained ransomware 107 00:02:28,280 --> 00:02:31,809 so that email file contained ransomware which encrypted our files okay what else 108 00:02:31,809 --> 00:02:31,819 which encrypted our files okay what else 109 00:02:31,819 --> 00:02:34,899 which encrypted our files okay what else did it do what else could it have done 110 00:02:34,899 --> 00:02:34,909 did it do what else could it have done 111 00:02:34,909 --> 00:02:36,789 did it do what else could it have done mm-hmm could it have installed a 112 00:02:36,789 --> 00:02:36,799 mm-hmm could it have installed a 113 00:02:36,799 --> 00:02:38,619 mm-hmm could it have installed a gigabyte motherboard driver that is 114 00:02:38,619 --> 00:02:38,629 gigabyte motherboard driver that is 115 00:02:38,629 --> 00:02:41,229 gigabyte motherboard driver that is exploitable right that has like a 116 00:02:41,229 --> 00:02:41,239 exploitable right that has like a 117 00:02:41,239 --> 00:02:43,479 exploitable right that has like a backdoor in it that allows them into our 118 00:02:43,479 --> 00:02:43,489 backdoor in it that allows them into our 119 00:02:43,489 --> 00:02:46,390 backdoor in it that allows them into our network and into our ot network and then 120 00:02:46,390 --> 00:02:46,400 network and into our ot network and then 121 00:02:46,400 --> 00:02:51,250 network and into our ot network and then into our actual controllers you don't 122 00:02:51,250 --> 00:02:51,260 into our actual controllers you don't 123 00:02:51,260 --> 00:02:53,379 into our actual controllers you don't really know like that's really 124 00:02:53,379 --> 00:02:53,389 really know like that's really 125 00:02:53,389 --> 00:02:56,199 really know like that's really complacent to state unless you've got 126 00:02:56,199 --> 00:02:56,209 complacent to state unless you've got 127 00:02:56,209 --> 00:02:57,759 complacent to state unless you've got data to back it unless you can 128 00:02:57,759 --> 00:02:57,769 data to back it unless you can 129 00:02:57,769 --> 00:03:01,569 data to back it unless you can legitimately say this was strictly this 130 00:03:01,569 --> 00:03:01,579 legitimately say this was strictly this 131 00:03:01,579 --> 00:03:03,699 legitimately say this was strictly this infection we found the infiltration 132 00:03:03,699 --> 00:03:03,709 infection we found the infiltration 133 00:03:03,709 --> 00:03:06,399 infection we found the infiltration point we've locked it down we've blocked 134 00:03:06,399 --> 00:03:06,409 point we've locked it down we've blocked 135 00:03:06,409 --> 00:03:08,409 point we've locked it down we've blocked every instance but I've had computers 136 00:03:08,409 --> 00:03:08,419 every instance but I've had computers 137 00:03:08,419 --> 00:03:09,759 every instance but I've had computers come in for service where they say oh I 138 00:03:09,759 --> 00:03:09,769 come in for service where they say oh I 139 00:03:09,769 --> 00:03:11,949 come in for service where they say oh I I accidentally fell for a phishing scam 140 00:03:11,949 --> 00:03:11,959 I accidentally fell for a phishing scam 141 00:03:11,959 --> 00:03:14,619 I accidentally fell for a phishing scam and they install the they started 142 00:03:14,619 --> 00:03:14,629 and they install the they started 143 00:03:14,629 --> 00:03:16,509 and they install the they started controlling my computer yep yeah and 144 00:03:16,509 --> 00:03:16,519 controlling my computer yep yeah and 145 00:03:16,519 --> 00:03:19,689 controlling my computer yep yeah and then we found after is so okay they 146 00:03:19,689 --> 00:03:19,699 then we found after is so okay they 147 00:03:19,699 --> 00:03:21,159 then we found after is so okay they thought they were safe but then we found 148 00:03:21,159 --> 00:03:21,169 thought they were safe but then we found 149 00:03:21,169 --> 00:03:22,930 thought they were safe but then we found that there was like back-end software 150 00:03:22,930 --> 00:03:22,940 that there was like back-end software 151 00:03:22,940 --> 00:03:27,879 that there was like back-end software that was running as as services in the 152 00:03:27,879 --> 00:03:27,889 that was running as as services in the 153 00:03:27,889 --> 00:03:30,009 that was running as as services in the background there was no uninstaller for 154 00:03:30,009 --> 00:03:30,019 background there was no uninstaller for 155 00:03:30,019 --> 00:03:31,719 background there was no uninstaller for it it was just a service running on the 156 00:03:31,719 --> 00:03:31,729 it it was just a service running on the 157 00:03:31,729 --> 00:03:33,460 it it was just a service running on the computer that allowed them to remote in 158 00:03:33,460 --> 00:03:33,470 computer that allowed them to remote in 159 00:03:33,470 --> 00:03:35,649 computer that allowed them to remote in at any time and take control of the 160 00:03:35,649 --> 00:03:35,659 at any time and take control of the 161 00:03:35,659 --> 00:03:37,270 at any time and take control of the computer which they're only gonna do it 162 00:03:37,270 --> 00:03:37,280 computer which they're only gonna do it 163 00:03:37,280 --> 00:03:38,619 computer which they're only gonna do it two o'clock in the morning while you're 164 00:03:38,619 --> 00:03:38,629 two o'clock in the morning while you're 165 00:03:38,629 --> 00:03:40,599 two o'clock in the morning while you're sleeping sorry so you don't know what's 166 00:03:40,599 --> 00:03:40,609 sleeping sorry so you don't know what's 167 00:03:40,609 --> 00:03:43,199 sleeping sorry so you don't know what's happening how many people would notice 168 00:03:43,199 --> 00:03:43,209 happening how many people would notice 169 00:03:43,209 --> 00:03:47,319 happening how many people would notice now can you just as a precaution 170 00:03:47,319 --> 00:03:47,329 now can you just as a precaution 171 00:03:47,329 --> 00:03:49,569 now can you just as a precaution I mean I'm not saying that this is the 172 00:03:49,569 --> 00:03:49,579 I mean I'm not saying that this is the 173 00:03:49,579 --> 00:03:51,069 I mean I'm not saying that this is the answer just turn your computer off at 174 00:03:51,069 --> 00:03:51,079 answer just turn your computer off at 175 00:03:51,079 --> 00:03:53,979 answer just turn your computer off at night would that be that in a in a home 176 00:03:53,979 --> 00:03:53,989 night would that be that in a in a home 177 00:03:53,989 --> 00:03:56,770 night would that be that in a in a home environment oh but not environment when 178 00:03:56,770 --> 00:03:56,780 environment oh but not environment when 179 00:03:56,780 --> 00:03:59,280 environment oh but not environment when it's controlling the flow of propane 180 00:03:59,280 --> 00:03:59,290 it's controlling the flow of propane 181 00:03:59,290 --> 00:04:01,990 it's controlling the flow of propane yeah you'd probably want to leave it 182 00:04:01,990 --> 00:04:02,000 yeah you'd probably want to leave it 183 00:04:02,000 --> 00:04:03,759 yeah you'd probably want to leave it running yeah yeah it's just sad that 184 00:04:03,759 --> 00:04:03,769 running yeah yeah it's just sad that 185 00:04:03,769 --> 00:04:06,039 running yeah yeah it's just sad that this is still becoming a regular story 186 00:04:06,039 --> 00:04:06,049 this is still becoming a regular story 187 00:04:06,049 --> 00:04:10,030 this is still becoming a regular story every single week oh that's like come on 188 00:04:10,030 --> 00:04:10,040 every single week oh that's like come on 189 00:04:10,040 --> 00:04:12,369 every single week oh that's like come on how many times do we have to hear this 190 00:04:12,369 --> 00:04:12,379 how many times do we have to hear this 191 00:04:12,379 --> 00:04:14,170 how many times do we have to hear this before we go hey the world finally got 192 00:04:14,170 --> 00:04:14,180 before we go hey the world finally got 193 00:04:14,180 --> 00:04:16,599 before we go hey the world finally got it and it always seems to be the big 194 00:04:16,599 --> 00:04:16,609 it and it always seems to be the big 195 00:04:16,609 --> 00:04:18,699 it and it always seems to be the big companies or the government's that are 196 00:04:18,699 --> 00:04:18,709 companies or the government's that are 197 00:04:18,709 --> 00:04:20,500 companies or the government's that are getting hit by it it's like then 198 00:04:20,500 --> 00:04:20,510 getting hit by it it's like then 199 00:04:20,510 --> 00:04:21,490 getting hit by it it's like then directed those are the ones that make 200 00:04:21,490 --> 00:04:21,500 directed those are the ones that make 201 00:04:21,500 --> 00:04:24,129 directed those are the ones that make the news true but still 202 00:04:24,129 --> 00:04:24,139 the news true but still 203 00:04:24,139 --> 00:04:29,350 the news true but still like here a bigger target and I think 204 00:04:29,350 --> 00:04:29,360 like here a bigger target and I think 205 00:04:29,360 --> 00:04:32,830 like here a bigger target and I think Jeff and maybe we can you know maybe 206 00:04:32,830 --> 00:04:32,840 Jeff and maybe we can you know maybe 207 00:04:32,840 --> 00:04:34,360 Jeff and maybe we can you know maybe this is a discussion to be had in the 208 00:04:34,360 --> 00:04:34,370 this is a discussion to be had in the 209 00:04:34,370 --> 00:04:35,290 this is a discussion to be had in the comments below 210 00:04:35,290 --> 00:04:35,300 comments below 211 00:04:35,300 --> 00:04:39,360 comments below but I think that these big targets and 212 00:04:39,360 --> 00:04:39,370 but I think that these big targets and 213 00:04:39,370 --> 00:04:41,559 but I think that these big targets and forgive me if you're in the IT 214 00:04:41,559 --> 00:04:41,569 forgive me if you're in the IT 215 00:04:41,569 --> 00:04:44,409 forgive me if you're in the IT departments in these companies forgive 216 00:04:44,409 --> 00:04:44,419 departments in these companies forgive 217 00:04:44,419 --> 00:04:46,959 departments in these companies forgive me I don't mean this as a jab but it's a 218 00:04:46,959 --> 00:04:46,969 me I don't mean this as a jab but it's a 219 00:04:46,969 --> 00:04:50,140 me I don't mean this as a jab but it's a it's a truth it's a sad truth that we 220 00:04:50,140 --> 00:04:50,150 it's a truth it's a sad truth that we 221 00:04:50,150 --> 00:04:54,550 it's a truth it's a sad truth that we were educated 10 15 20 years ago ok and 222 00:04:54,550 --> 00:04:54,560 were educated 10 15 20 years ago ok and 223 00:04:54,560 --> 00:04:57,249 were educated 10 15 20 years ago ok and we've been in the industry for that long 224 00:04:57,249 --> 00:04:57,259 we've been in the industry for that long 225 00:04:57,259 --> 00:04:58,920 we've been in the industry for that long and and some of us in the IT department 226 00:04:58,920 --> 00:04:58,930 and and some of us in the IT department 227 00:04:58,930 --> 00:05:01,809 and and some of us in the IT department not myself of course but some of us are 228 00:05:01,809 --> 00:05:01,819 not myself of course but some of us are 229 00:05:01,819 --> 00:05:05,459 not myself of course but some of us are on the verge of retirement and that's 230 00:05:05,459 --> 00:05:05,469 on the verge of retirement and that's 231 00:05:05,469 --> 00:05:09,909 on the verge of retirement and that's again not a jab I entirely respect what 232 00:05:09,909 --> 00:05:09,919 again not a jab I entirely respect what 233 00:05:09,919 --> 00:05:16,230 again not a jab I entirely respect what you do however malware has evolved right 234 00:05:16,230 --> 00:05:16,240 you do however malware has evolved right 235 00:05:16,240 --> 00:05:20,110 you do however malware has evolved right significantly significantly what we're 236 00:05:20,110 --> 00:05:20,120 significantly significantly what we're 237 00:05:20,120 --> 00:05:23,140 significantly significantly what we're encountering now is not natus we're not 238 00:05:23,140 --> 00:05:23,150 encountering now is not natus we're not 239 00:05:23,150 --> 00:05:25,629 encountering now is not natus we're not dealing with PSVs we're not dealing when 240 00:05:25,629 --> 00:05:25,639 dealing with PSVs we're not dealing when 241 00:05:25,639 --> 00:05:27,519 dealing with PSVs we're not dealing when was the last time you ever saw a bsv and 242 00:05:27,519 --> 00:05:27,529 was the last time you ever saw a bsv and 243 00:05:27,529 --> 00:05:29,439 was the last time you ever saw a bsv and if you know what a bsv is then you're 244 00:05:29,439 --> 00:05:29,449 if you know what a bsv is then you're 245 00:05:29,449 --> 00:05:33,579 if you know what a bsv is then you're you're this I'm speaking to you it's not 246 00:05:33,579 --> 00:05:33,589 you're this I'm speaking to you it's not 247 00:05:33,589 --> 00:05:34,929 you're this I'm speaking to you it's not about those anymore 248 00:05:34,929 --> 00:05:34,939 about those anymore 249 00:05:34,939 --> 00:05:38,140 about those anymore no now it's the evolution back in 2017 250 00:05:38,140 --> 00:05:38,150 no now it's the evolution back in 2017 251 00:05:38,150 --> 00:05:40,149 no now it's the evolution back in 2017 when wanna cry dropped and we started 252 00:05:40,149 --> 00:05:40,159 when wanna cry dropped and we started 253 00:05:40,159 --> 00:05:42,790 when wanna cry dropped and we started seeing ransomware infiltrating networks 254 00:05:42,790 --> 00:05:42,800 seeing ransomware infiltrating networks 255 00:05:42,800 --> 00:05:44,829 seeing ransomware infiltrating networks and we started seeing RDP attacks and 256 00:05:44,829 --> 00:05:44,839 and we started seeing RDP attacks and 257 00:05:44,839 --> 00:05:48,249 and we started seeing RDP attacks and and eternal blue being exploited and and 258 00:05:48,249 --> 00:05:48,259 and eternal blue being exploited and and 259 00:05:48,259 --> 00:05:51,329 and eternal blue being exploited and and all of these kinds of things that's when 260 00:05:51,329 --> 00:05:51,339 all of these kinds of things that's when 261 00:05:51,339 --> 00:05:53,920 all of these kinds of things that's when the cybersecurity industry woke up and 262 00:05:53,920 --> 00:05:53,930 the cybersecurity industry woke up and 263 00:05:53,930 --> 00:05:55,209 the cybersecurity industry woke up and said okay we need to re-educate 264 00:05:55,209 --> 00:05:55,219 said okay we need to re-educate 265 00:05:55,219 --> 00:05:57,790 said okay we need to re-educate ourselves and if we haven't since then 266 00:05:57,790 --> 00:05:57,800 ourselves and if we haven't since then 267 00:05:57,800 --> 00:05:59,350 ourselves and if we haven't since then and if we're still thinking in that old 268 00:05:59,350 --> 00:05:59,360 and if we're still thinking in that old 269 00:05:59,360 --> 00:06:02,219 and if we're still thinking in that old mindset where viruses as is our threat 270 00:06:02,219 --> 00:06:02,229 mindset where viruses as is our threat 271 00:06:02,229 --> 00:06:04,929 mindset where viruses as is our threat I'm sorry to say that viruses are not 272 00:06:04,929 --> 00:06:04,939 I'm sorry to say that viruses are not 273 00:06:04,939 --> 00:06:07,059 I'm sorry to say that viruses are not our threat when was the last time we 274 00:06:07,059 --> 00:06:07,069 our threat when was the last time we 275 00:06:07,069 --> 00:06:09,700 our threat when was the last time we ever heard of a virus infiltration it 276 00:06:09,700 --> 00:06:09,710 ever heard of a virus infiltration it 277 00:06:09,710 --> 00:06:11,469 ever heard of a virus infiltration it truly has been a long time but they'll 278 00:06:11,469 --> 00:06:11,479 truly has been a long time but they'll 279 00:06:11,479 --> 00:06:13,809 truly has been a long time but they'll still go I don't want viruses it's like 280 00:06:13,809 --> 00:06:13,819 still go I don't want viruses it's like 281 00:06:13,819 --> 00:06:15,249 still go I don't want viruses it's like yeah if that's your biggest concern 282 00:06:15,249 --> 00:06:15,259 yeah if that's your biggest concern 283 00:06:15,259 --> 00:06:16,209 yeah if that's your biggest concern antivirus 284 00:06:16,209 --> 00:06:16,219 antivirus 285 00:06:16,219 --> 00:06:18,879 antivirus I'm safe yeah when was the last time you 286 00:06:18,879 --> 00:06:18,889 I'm safe yeah when was the last time you 287 00:06:18,889 --> 00:06:21,790 I'm safe yeah when was the last time you heard of a fire I haven't got a virus 288 00:06:21,790 --> 00:06:21,800 heard of a fire I haven't got a virus 289 00:06:21,800 --> 00:06:23,649 heard of a fire I haven't got a virus infection because I have antivirus no 290 00:06:23,649 --> 00:06:23,659 infection because I have antivirus no 291 00:06:23,659 --> 00:06:25,689 infection because I have antivirus no I'm just saying that's that's an 292 00:06:25,689 --> 00:06:25,699 I'm just saying that's that's an 293 00:06:25,699 --> 00:06:27,730 I'm just saying that's that's an old-school way of thinking and it's a 294 00:06:27,730 --> 00:06:27,740 old-school way of thinking and it's a 295 00:06:27,740 --> 00:06:30,189 old-school way of thinking and it's a dangerous way of thinking because that's 296 00:06:30,189 --> 00:06:30,199 dangerous way of thinking because that's 297 00:06:30,199 --> 00:06:33,279 dangerous way of thinking because that's that's how these big industries are 298 00:06:33,279 --> 00:06:33,289 that's how these big industries are 299 00:06:33,289 --> 00:06:35,350 that's how these big industries are getting hit because we've got that 300 00:06:35,350 --> 00:06:35,360 getting hit because we've got that 301 00:06:35,360 --> 00:06:37,159 getting hit because we've got that old-school thinking and we're 302 00:06:37,159 --> 00:06:37,169 old-school thinking and we're 303 00:06:37,169 --> 00:06:38,930 old-school thinking and we're adequately educating and protecting 304 00:06:38,930 --> 00:06:38,940 adequately educating and protecting 305 00:06:38,940 --> 00:06:40,850 adequately educating and protecting ourselves and it comes down you know it 306 00:06:40,850 --> 00:06:40,860 ourselves and it comes down you know it 307 00:06:40,860 --> 00:06:42,520 ourselves and it comes down you know it comes down to the c-suite as well 308 00:06:42,520 --> 00:06:42,530 comes down to the c-suite as well 309 00:06:42,530 --> 00:06:45,200 comes down to the c-suite as well educating our staff and making sure that 310 00:06:45,200 --> 00:06:45,210 educating our staff and making sure that 311 00:06:45,210 --> 00:06:46,520 educating our staff and making sure that there are cybersecurity professionals 312 00:06:46,520 --> 00:06:46,530 there are cybersecurity professionals 313 00:06:46,530 --> 00:06:49,360 there are cybersecurity professionals that are brought in as consultants and 314 00:06:49,360 --> 00:06:49,370 that are brought in as consultants and 315 00:06:49,370 --> 00:06:52,370 that are brought in as consultants and DLP's put in place to be able to protect 316 00:06:52,370 --> 00:06:52,380 DLP's put in place to be able to protect 317 00:06:52,380 --> 00:06:54,830 DLP's put in place to be able to protect our networks from today's threats not 318 00:06:54,830 --> 00:06:54,840 our networks from today's threats not 319 00:06:54,840 --> 00:06:57,320 our networks from today's threats not yes not yesterday is not 1999 threats 320 00:06:57,320 --> 00:06:57,330 yes not yesterday is not 1999 threats 321 00:06:57,330 --> 00:06:59,629 yes not yesterday is not 1999 threats now I know we have to get to the next 322 00:06:59,629 --> 00:06:59,639 now I know we have to get to the next 323 00:06:59,639 --> 00:07:02,870 now I know we have to get to the next story but as part of this a budgetary 324 00:07:02,870 --> 00:07:02,880 story but as part of this a budgetary 325 00:07:02,880 --> 00:07:04,850 story but as part of this a budgetary component sure like they're looking at 326 00:07:04,850 --> 00:07:04,860 component sure like they're looking at 327 00:07:04,860 --> 00:07:06,439 component sure like they're looking at it go ahead we can only put in one 328 00:07:06,439 --> 00:07:06,449 it go ahead we can only put in one 329 00:07:06,449 --> 00:07:07,939 it go ahead we can only put in one percent total budget for cybersecurity 330 00:07:07,939 --> 00:07:07,949 percent total budget for cybersecurity 331 00:07:07,949 --> 00:07:10,040 percent total budget for cybersecurity when really they should be looking at 10 332 00:07:10,040 --> 00:07:10,050 when really they should be looking at 10 333 00:07:10,050 --> 00:07:12,469 when really they should be looking at 10 percent like not that there's a defined 334 00:07:12,469 --> 00:07:12,479 percent like not that there's a defined 335 00:07:12,479 --> 00:07:14,870 percent like not that there's a defined number but like the way that things grow 336 00:07:14,870 --> 00:07:14,880 number but like the way that things grow 337 00:07:14,880 --> 00:07:16,580 number but like the way that things grow it's like you have to grow with the 338 00:07:16,580 --> 00:07:16,590 it's like you have to grow with the 339 00:07:16,590 --> 00:07:18,650 it's like you have to grow with the threats and if that means allocating 340 00:07:18,650 --> 00:07:18,660 threats and if that means allocating 341 00:07:18,660 --> 00:07:19,879 threats and if that means allocating more of your budget to more 342 00:07:19,879 --> 00:07:19,889 more of your budget to more 343 00:07:19,889 --> 00:07:21,379 more of your budget to more cybersecurity to protect your 344 00:07:21,379 --> 00:07:21,389 cybersecurity to protect your 345 00:07:21,389 --> 00:07:26,420 cybersecurity to protect your investments and your industry whatever 346 00:07:26,420 --> 00:07:26,430 investments and your industry whatever 347 00:07:26,430 --> 00:07:30,290 investments and your industry whatever you're doing you gotta just the budget 348 00:07:30,290 --> 00:07:30,300 you're doing you gotta just the budget 349 00:07:30,300 --> 00:07:31,610 you're doing you gotta just the budget accordingly you can't just stick in that 350 00:07:31,610 --> 00:07:31,620 accordingly you can't just stick in that 351 00:07:31,620 --> 00:07:32,870 accordingly you can't just stick in that same number be like well we've got our 352 00:07:32,870 --> 00:07:32,880 same number be like well we've got our 353 00:07:32,880 --> 00:07:34,580 same number be like well we've got our subscriptions we updated that and oh 354 00:07:34,580 --> 00:07:34,590 subscriptions we updated that and oh 355 00:07:34,590 --> 00:07:36,350 subscriptions we updated that and oh we've got an old computer we got to 356 00:07:36,350 --> 00:07:36,360 we've got an old computer we got to 357 00:07:36,360 --> 00:07:37,610 we've got an old computer we got to replace so that's our budget it's like 358 00:07:37,610 --> 00:07:37,620 replace so that's our budget it's like 359 00:07:37,620 --> 00:07:39,920 replace so that's our budget it's like yes I think it's exactly the same 360 00:07:39,920 --> 00:07:39,930 yes I think it's exactly the same 361 00:07:39,930 --> 00:07:41,839 yes I think it's exactly the same mindset though Jeff it's yes that word I 362 00:07:41,839 --> 00:07:41,849 mindset though Jeff it's yes that word I 363 00:07:41,849 --> 00:07:44,300 mindset though Jeff it's yes that word I use complacent we've become complacent 364 00:07:44,300 --> 00:07:44,310 use complacent we've become complacent 365 00:07:44,310 --> 00:07:46,990 use complacent we've become complacent because we're so used to the old way 366 00:07:46,990 --> 00:07:47,000 because we're so used to the old way 367 00:07:47,000 --> 00:07:49,400 because we're so used to the old way when things change we have to change 368 00:07:49,400 --> 00:07:49,410 when things change we have to change 369 00:07:49,410 --> 00:07:49,850 when things change we have to change with it 370 00:07:49,850 --> 00:07:49,860 with it 371 00:07:49,860 --> 00:07:53,210 with it plain and simple otherwise you're gonna 372 00:07:53,210 --> 00:07:53,220 plain and simple otherwise you're gonna 373 00:07:53,220 --> 00:07:56,930 plain and simple otherwise you're gonna be we're all under attack sorry we are 374 00:07:56,930 --> 00:07:56,940 be we're all under attack sorry we are 375 00:07:56,940 --> 00:07:58,879 be we're all under attack sorry we are all under attack are you going to be 376 00:07:58,879 --> 00:07:58,889 all under attack are you going to be 377 00:07:58,889 --> 00:08:01,040 all under attack are you going to be susceptible to the attack right are you 378 00:08:01,040 --> 00:08:01,050 susceptible to the attack right are you 379 00:08:01,050 --> 00:08:03,649 susceptible to the attack right are you gonna fall victim or are you gonna be a 380 00:08:03,649 --> 00:08:03,659 gonna fall victim or are you gonna be a 381 00:08:03,659 --> 00:08:05,500 gonna fall victim or are you gonna be a brick wall that they can't penetrate 382 00:08:05,500 --> 00:08:05,510 brick wall that they can't penetrate 383 00:08:05,510 --> 00:08:09,409 brick wall that they can't penetrate we're all under attack this is 2020 do 384 00:08:09,409 --> 00:08:09,419 we're all under attack this is 2020 do 385 00:08:09,419 --> 00:08:11,230 we're all under attack this is 2020 do you remember the books when we were kids 386 00:08:11,230 --> 00:08:11,240 you remember the books when we were kids 387 00:08:11,240 --> 00:08:15,650 you remember the books when we were kids 2020 is the future hello