Cybersecurity as a Service with Corey White – Episode 49

Data Leadership Lessons
Data Leadership Lessons
Cybersecurity as a Service with Corey White - Episode 49
/

Watch this episode on YouTube: https://youtu.be/Z9PulBnkCW0

This week we welcome Corey White, the founder of Cyvatar.ai, and an expert in the cybersecurity industry. We have a lively conversation about all things security. We can’t think of a better guest to roll out a significant upgrade to our production processes — we hope you enjoy it!

** Your own professional podcast, as easy as a video call and an email – https://algmin.com **

** Save 20% on your first order at the DATAVERSITY Training Center with promo code “AlgminDL” – https://training.dataversity.net/?utm_source=algmindl_res **

** Data Leadership Lessons home – https://dataleadershiplessons.com **

About Corey White:
Corey is a forward thinker and innovator, but he always puts people first. He founded Cyvatar in 2019 in response to the lack of remediation in the cybersecurity industry; Lots of services exist to help you identify issues, but not necessarily fix them. Cyvatar offers a comprehensive collection of tools to help businesses of all sizes manage their risks. Corey decided to incorporate a SaaS model as a commitment to the ever-changing security needs of companies big and small spanning every industry. As cyber criminals become more stealthy, Corey and Cyvatar are ready to take on every emerging threat.

High profile cyber attacks continue to threaten economies worldwide. From meat packing plants to entire election cycles, it seems no individual or entity is safe. A 25+ year veteran of the security industry, Corey has a deep understanding of the evolving nature of cyber risk. He can offer valuable insights into the current state of affairs as well as the dangers on the horizon. He would love to talk about cyber security as it relates to healthcare, hospitality, gaming, cannabis, and more.

Cyvatar.ai – https://cyvatar.ai/

Episode Transcript

1
00:00:06,458 –> 00:00:10,375
anthony_j_algmin: Welcome to the data Leadership lessons podcast. I’m your host Anthony, ▁j

2
00:00:10,666 –> 00:00:14,291
anthony_j_algmin: Algmin. Data is everywhere in our businesses, and it takes leadership to make

3
00:00:14,375 –> 00:00:17,958
anthony_j_algmin: the most of it. We bring you the people stories and lessons to help you

4
00:00:18,208 –> 00:00:21,583
anthony_j_algmin: become a data leader Today we welcome Corey White. Corey’s a security

5
00:00:21,583 –> 00:00:22,291
anthony_j_algmin: become a data leader Today we welcome Corey White. Corey’s a security

6
00:00:22,666 –> 00:00:26,208
anthony_j_algmin: industry veteran with more than twenty five years of success building and

7
00:00:26,291 –> 00:00:30,208
anthony_j_algmin: implementing security strategies and leading consulting teams. Corey is

8
00:00:30,291 –> 00:00:33,958
anthony_j_algmin: disrupting the modern approach to cybers security, as the founder of

9
00:00:34,041 –> 00:00:38,750
anthony_j_algmin: Cyvatar.ai, providing effortless cybersecurity as a service

10
00:00:38,833 –> 00:00:40,125
anthony_j_algmin: Corey, welcome to the show.

11
00:00:41,125 –> 00:00:43,208
corey_white: thank you. I appreciate you having me.

12
00:00:43,625 –> 00:00:46,583
anthony_j_algmin: So why don’t we start like we do with all of our first time guests? And

13
00:00:46,666 –> 00:00:50,333
anthony_j_algmin: why don’t you just take a minute or two and give us a little bit of your

14
00:00:50,416 –> 00:00:55,375
anthony_j_algmin: background and kind of the story of your career leading up to Y. You

15
00:00:56,125 –> 00:00:57,875
anthony_j_algmin: decided to found the Saatar

16
00:00:58,625 –> 00:00:59,625
anthony_j_algmin: company

17
00:01:00,083 –> 00:01:04,083
corey_white: Yep. Yep. absolutely. so you said something interesting in my intro. You say

18
00:01:04,250 –> 00:01:08,416
corey_white: you know Cory is a successful cyber security, um, your know person industry

19
00:01:08,791 –> 00:01:14,250
corey_white: veteran, Right until at the end of the day I do like being successful, but

20
00:01:14,583 –> 00:01:19,291
corey_white: let’s dive into that If over my twenty five years, if all my clients are still

21
00:01:19,458 –> 00:01:23,625
corey_white: continually getting hacked, the number of attacks and vulneabilities are

22
00:01:23,750 –> 00:01:30,000
corey_white: continually increasing as a cyber security veteran. How successful am I right?

23
00:01:30,583 –> 00:01:35,916
corey_white: If we, you’ve got this big industry and hacks are increasing. I might just be

24
00:01:36,000 –> 00:01:40,666
corey_white: failing and I’ll tell you, Anthony. I hate failing. I. I, just it. Just, it’s

25
00:01:40,791 –> 00:01:44,250
corey_white: not a thing that I enjoy. Most people obviously ain’t feellling, but one of the

26
00:01:44,333 –> 00:01:49,750
corey_white: things that gets to me. So I started this business because the current model

27
00:01:50,250 –> 00:01:56,875
corey_white: for cyber security is not designed for the customer to actually prevent cyber

28
00:01:57,208 –> 00:02:01,541
corey_white: attacks. The industry does not want these attacks to stop happening. Do you

29
00:02:01,708 –> 00:02:03,125
corey_white: believe that you think that’s the case?

30
00:02:05,250 –> 00:02:09,541
anthony_j_algmin: mean, I would assume the industry wants the tax to stop happening, But now

31
00:02:09,625 –> 00:02:12,416
anthony_j_algmin: I don’t know if am assuming correctly or not,

32
00:02:12,958 –> 00:02:17,708
corey_white: Yeah, well, if they’re increasing is a billion dollar industry. I kind of

33
00:02:17,750 –> 00:02:22,250
corey_white: equated to the the drug companies, right. They don’t want you to be healthy.

34
00:02:22,333 –> 00:02:26,000
corey_white: Because if you’re healthy, they don’t sell any drugs. If you stop the sober

35
00:02:26,250 –> 00:02:29,916
corey_white: attacks, We don’t get to make money off of cyber security. an incident

36
00:02:30,166 –> 00:02:34,875
corey_white: response. so let me dive in my background. I’ll explain why this is. You know

37
00:02:34,958 –> 00:02:38,666
corey_white: so important to me to actually tried to solve this and and literally stop

38
00:02:38,875 –> 00:02:42,500
corey_white: failing. right, Uh example, my career would be marked by. Hey, Cory was a sub

39
00:02:42,666 –> 00:02:46,416
corey_white: security veteran. Ba. Everybody kept getting hacked and so he failed. I don’t

40
00:02:46,583 –> 00:02:51,125
corey_white: hope that to be what I’m known for, Uh, I do like being successful in winning.

41
00:02:51,625 –> 00:02:55,375
corey_white: So my background twenty five years, right, Um, started in the mid nineties

42
00:02:55,708 –> 00:03:00,333
corey_white: doing assessments and penetration testing incident response. I was Uh

43
00:03:00,583 –> 00:03:03,208
corey_white: certified. you know everything. Cisco Microsoft C,

44
00:03:03,291 –> 00:03:07,208
corey_white: I, s. P. all that standard stuff, then, in two thousand and four I joined the

45
00:03:07,208 –> 00:03:11,750
corey_white: company called Fostone, based here in Southern California, and Fonstone was

46
00:03:12,000 –> 00:03:14,500
corey_white: known for the hacking exposed book. We

47
00:03:14,708 –> 00:03:20,000
corey_white: tau The The White Hats, the Grey Hats to Goodcide how to actually hack ’cause

48
00:03:20,166 –> 00:03:23,833
corey_white: the mindset was, Once you know how hecks actually happened, then you know how

49
00:03:23,916 –> 00:03:27,291
corey_white: to stop them right. And and I agree with that. It makes sense. You have to know

50
00:03:27,375 –> 00:03:30,791
corey_white: what the hackers are actually doing, so you can stop those attacks so that we

51
00:03:30,875 –> 00:03:34,791
corey_white: educated the world on how to hack and how to do penetration testing and

52
00:03:34,958 –> 00:03:40,000
corey_white: security assessments. And so once we, I ran the team of penetration testers,

53
00:03:40,166 –> 00:03:44,250
corey_white: and I built a global team of incident responders and I did some pretty big

54
00:03:44,416 –> 00:03:48,583
corey_white: incidents over the years, many of them finding anonymous, bying nation states.

55
00:03:48,708 –> 00:03:53,291
corey_white: You know, very large countries, attacking U, United States based companies and

56
00:03:53,458 –> 00:03:57,833
corey_white: exploitating data out. I was the one that called for those incidents, and I did

57
00:03:58,000 –> 00:04:03,458
corey_white: that all the way. until until twenty twelve, when uh, the founder of of my last

58
00:04:03,708 –> 00:04:07,625
corey_white: company, I was at Um silence. Stewardart came to me. Cor, Unless we run the

59
00:04:07,708 –> 00:04:11,625
corey_white: play book, let’s start with services, and then we’ll build Pilot, and let’s try

60
00:04:11,708 –> 00:04:15,375
corey_white: to stop. At this time. let’s try to prevent these attacks. So we built Silence

61
00:04:15,625 –> 00:04:20,250
corey_white: using artificial intelligence with the goal of preventing these attacks. So we

62
00:04:20,500 –> 00:04:25,541
corey_white: did that, but here’s the thing. the whole industry had this concept, Anthony of

63
00:04:25,916 –> 00:04:31,458
corey_white: E. D, r. So that senses for Um, in point, you know, detection and response,

64
00:04:32,333 –> 00:04:38,083
corey_white: so like on your computer. If you have some software, antis, basic software, and

65
00:04:38,583 –> 00:04:43,625
corey_white: if you use traditional anti virus, then that anti virus was created about

66
00:04:43,916 –> 00:04:45,125
corey_white: thirty years ago. John

67
00:04:45,375 –> 00:04:49,458
corey_white: Magaphe and a few of other folks created it. And so if you look at the John

68
00:04:49,625 –> 00:04:54,000
corey_white: Macroph’s videos, you’re like Wow, this guy created, but at the end of the day

69
00:04:54,666 –> 00:04:58,666
corey_white: most companies are using thirty year old technology to stop the attacks For

70
00:04:59,041 –> 00:05:00,666
corey_white: today. How you think that’s going?

71
00:05:02,125 –> 00:05:03,958
anthony_j_algmin: Well, I would imagine not well,

72
00:05:04,791 –> 00:05:09,625
corey_white: Yeah, well, let see that’s the mindset Right. If you have something that was

73
00:05:09,708 –> 00:05:14,083
corey_white: created thirty years ago that can be easily circumvented, then you’re not going

74
00:05:14,166 –> 00:05:15,625
corey_white: to stop these attacks. And

75
00:05:15,750 –> 00:05:20,000
corey_white: so when we talk about E d R, just circling back to that. So detection and

76
00:05:20,250 –> 00:05:24,791
corey_white: response? When? if you’re trying to prevent these cyber attacks, but you

77
00:05:33,625 –> 00:05:34,625
corey_white: I?

78
00:05:35,125 –> 00:05:36,125
corey_white: Yeah, you think about

79
00:05:36,125 –> 00:05:41,916
corey_white: your house right if if you have uh, your front door unlocked or even wide open,

80
00:05:42,291 –> 00:05:46,625
corey_white: and then somebody walks in maliciously walks in. That is a detection. you’ll

81
00:05:46,708 –> 00:05:49,916
corey_white: get an alert Um on your. when you your app. Hey, somebody. I just walked into

82
00:05:50,000 –> 00:05:53,250
corey_white: your front house. That’s detection, and the response is up to you the response

83
00:05:53,333 –> 00:05:56,083
corey_white: and get that malicious bad person out of your house that

84
00:05:56,375 –> 00:05:58,375
corey_white: way, Um, e d r.

85
00:05:59,666 –> 00:06:03,250
corey_white: exactly. And so if you google around, you look at the cybers security. The

86
00:06:03,333 –> 00:06:07,500
corey_white: industry you have e d r. you have m d r, managed detection and response. So

87
00:06:07,583 –> 00:06:10,958
corey_white: there are companies that’s going to manage the detection and response. Then you

88
00:06:11,125 –> 00:06:15,583
corey_white: also have ▁ d r. And that’s extended detection or response. So imagine they’re

89
00:06:15,666 –> 00:06:19,041
corey_white: detecting everything in your house with doors windows, everything. None of

90
00:06:19,125 –> 00:06:21,833
corey_white: those things are actually preventing the attack.

91
00:06:24,750 –> 00:06:29,833
anthony_j_algmin: right. so I mean let me askcause. I have to believe. With all of these you

92
00:06:30,250 –> 00:06:33,541
anthony_j_algmin: anti virus softwares, and and other things that have been around forever.

93
00:06:33,916 –> 00:06:37,458
anthony_j_algmin: Are you saying that they don’t actually prevent anything? They’re just

94
00:06:37,750 –> 00:06:42,083
anthony_j_algmin: detecting it and letting you know when there’s problems or they’re not

95
00:06:42,250 –> 00:06:44,791
anthony_j_algmin: actually providing a a layer of of protection.

96
00:06:46,541 –> 00:06:51,416
corey_white: Yeah, so let me explain when I. I work for Macvey for eight and a half years,

97
00:06:52,291 –> 00:06:54,208
corey_white: and thatp, all of Ma

98
00:06:55,875 –> 00:07:01,583
corey_white: tagf. Really, at the time between two thousand four until twenty twelve On

99
00:07:01,833 –> 00:07:05,666
corey_white: methodology. Whenever one of our customers where got called for a very large

100
00:07:05,666 –> 00:07:06,666
corey_white: incident,

101
00:07:06,916 –> 00:07:11,333
corey_white: we would come in. we would find the Maware Once we found the malicious

102
00:07:11,583 –> 00:07:17,083
corey_white: software, then we would give a copy of it. Final can create a hash like dig a

103
00:07:17,166 –> 00:07:18,166
corey_white: signature of it. So

104
00:07:18,625 –> 00:07:22,166
corey_white: has we send it up to the Mo endless? They would create a new Da fileer

105
00:07:22,166 –> 00:07:22,916
corey_white: has we send it up to the Mo endless? They would create a new Da fileer

106
00:07:26,083 –> 00:07:29,625
corey_white: signature file, and then we would get installed on their computers, and then

107
00:07:29,791 –> 00:07:32,333
corey_white: that’s how we would erase the mawar on their

108
00:07:32,375 –> 00:07:32,875
anthony_j_algmin: I see. I see.

109
00:07:32,875 –> 00:07:33,083
corey_white: system, So that’s not actually preventing the attack. That is indent. response.

110
00:07:33,083 –> 00:07:36,625
corey_white: system, So that’s not actually preventing the attack. That is indent. response.

111
00:07:37,208 –> 00:07:40,625
anthony_j_algmin: Yeah. Well, it actually kind of works like we do like we have with

112
00:07:40,875 –> 00:07:46,791
anthony_j_algmin: vaccines and that it gives a recipe to your body. of Hey, when this

113
00:07:46,958 –> 00:07:50,625
anthony_j_algmin: happens, this thing is a bad thing. Do something about that and it kind of

114
00:07:50,958 –> 00:07:55,208
anthony_j_algmin: helps resolve that, but it’s still relying on. like in the case of the

115
00:07:55,291 –> 00:08:00,541
anthony_j_algmin: software, it’s It’s relying on your Um. you know anniverse to to go in and

116
00:08:00,625 –> 00:08:05,583
anthony_j_algmin: delete something that fits that profile versus keeping it from getting in

117
00:08:05,583 –> 00:08:09,833
anthony_j_algmin: in the first place. Like vaccines, Do not prevent you from getting the

118
00:08:09,916 –> 00:08:15,750
anthony_j_algmin: virus into your body. It hopefully will address stopping that virus from

119
00:08:15,833 –> 00:08:19,583
anthony_j_algmin: reproducing and becoming more problematic. But it is not going to put that

120
00:08:19,750 –> 00:08:24,083
anthony_j_algmin: gaating mechanism, which I think is is Your point is is we have the wrong

121
00:08:25,125 –> 00:08:28,958
anthony_j_algmin: approach. Or or maybe I, maybe I’m putting words in your mouth. But like

122
00:08:29,583 –> 00:08:34,875
anthony_j_algmin: do we have the wrong approach, Because we should be stopping these at the

123
00:08:34,958 –> 00:08:38,250
anthony_j_algmin: gate. We should stop them before they get in at all, versus what the

124
00:08:38,625 –> 00:08:42,166
anthony_j_algmin: traditional anviruses have done, whiches respond once they read

125
00:08:43,083 –> 00:08:47,416
corey_white: Yeah, exactly. So, let me explain when what I end up doing with with a bunch of

126
00:08:47,500 –> 00:08:52,708
corey_white: companies right, So running, Um, the penetration testing assessment team, and

127
00:08:52,791 –> 00:08:56,375
corey_white: that’s the equivalent of Uh. I. I use house analogy ’cause everybody has a

128
00:08:56,375 –> 00:08:59,416
corey_white: house or some sort and they gotta relate to it, but that’s equivalent to me

129
00:08:59,500 –> 00:09:03,666
corey_white: coming to your house and saying hi, So antony, uh, you got a bad lock on your

130
00:09:03,750 –> 00:09:06,291
corey_white: front door. I can easily circumvent this and

131
00:09:06,375 –> 00:09:09,750
corey_white: this window, you know, doesn’t close all the ways like a climb in through the

132
00:09:09,833 –> 00:09:14,291
corey_white: window, And then a penetration test is me actually proving it, So say it

133
00:09:14,458 –> 00:09:18,625
corey_white: literally be me and my team coming in late at night and say, See, I got into

134
00:09:18,708 –> 00:09:22,041
corey_white: your house and I went into your bedroom and your master bedroom drawer, ands

135
00:09:22,125 –> 00:09:25,500
corey_white: stlle, all your jeels, See, and then a picture and that’s it. So that’s

136
00:09:25,666 –> 00:09:27,250
corey_white: penetration testing. Okay,

137
00:09:27,666 –> 00:09:31,666
corey_white: and the the thoughtll process around that is all these companies are required

138
00:09:31,833 –> 00:09:35,750
corey_white: to do their yearly penetration task. Once they do that, then I would document.

139
00:09:36,208 –> 00:09:40,375
corey_white: Okay, if you get a proper lock on this, You know this window in this door, And

140
00:09:40,541 –> 00:09:44,541
corey_white: then if you have a motion detector, then you’d be able to see that someone’s

141
00:09:44,791 –> 00:09:48,791
corey_white: walking through at two a M. and that’s not a normal activity. And if you have

142
00:09:48,875 –> 00:09:53,416
corey_white: an alert every time your top drawer in your cabinet opens up, then you’d be

143
00:09:53,500 –> 00:09:56,125
corey_white: able to potentially s detect and stop these attacks

144
00:09:56,458 –> 00:09:58,541
corey_white: right. Well, here’s the thing

145
00:09:59,583 –> 00:10:05,000
corey_white: the onus is on you to know how to install the motion detector to to set up all

146
00:10:05,166 –> 00:10:08,541
corey_white: these pretty tough configurations. but I don’t know about you. Have you ever

147
00:10:08,625 –> 00:10:11,958
corey_white: installed alarm system Uh, in the house right, Yeah,

148
00:10:13,083 –> 00:10:16,791
corey_white: exactly. well, think about it. when we do these penetration testing, they would

149
00:10:16,875 –> 00:10:19,916
corey_white: give detailed recommendations to these companies. Here’s how you stoped this

150
00:10:19,958 –> 00:10:23,666
corey_white: from ever happening. They’ve never done it before. They don’t have the staff.

151
00:10:23,916 –> 00:10:28,208
corey_white: the expertise. In many cases, the folks that make the vulnerability. They’re

152
00:10:28,375 –> 00:10:31,500
corey_white: the ones that. they’re the administrs that made the mistake to begin with. Now

153
00:10:31,500 –> 00:10:34,291
corey_white: we’re telling them how to fix it, They just don’t have the knowledge. There’s a

154
00:10:34,375 –> 00:10:39,583
corey_white: shortage of sub security expertise. So again, it’s a a flaw concept And that’s

155
00:10:39,666 –> 00:10:42,541
corey_white: one example. I’ll give you really quick, another one. Then I want to hear your

156
00:10:42,625 –> 00:10:43,916
corey_white: feedback on it. So

157
00:10:45,166 –> 00:10:48,875
corey_white: penetration testing security assessments allows. the compliance requirements

158
00:10:49,000 –> 00:10:53,666
corey_white: say you have to have a yearly security assessment. Well in twenty twenty one,

159
00:10:54,208 –> 00:10:57,958
corey_white: Most companies, their environments changed almost every single day. New

160
00:10:58,208 –> 00:11:02,875
corey_white: vulneabilities come out every single day. So if you’re using your penetration

161
00:11:03,000 –> 00:11:07,166
corey_white: test and security, the assessment results from last year. it is obsolete,

162
00:11:07,333 –> 00:11:09,000
corey_white: literally, sometimes within hours.

163
00:11:09,916 –> 00:11:14,625
corey_white: So how are you expecting to be secure If your new vulnerabilities come out

164
00:11:14,791 –> 00:11:18,125
corey_white: every day and you’re changing every day. Your environment is dynamic. We,

165
00:11:18,375 –> 00:11:22,458
corey_white: you know Singapore security is about hygiene. We should be doing it on a

166
00:11:22,541 –> 00:11:27,583
corey_white: continuous basis, but we treated like a point in time activity. so it’s like

167
00:11:27,833 –> 00:11:30,875
corey_white: saying Hey, I’m going to buy this amazing Syber security product. That’ is like

168
00:11:30,916 –> 00:11:33,833
corey_white: me saying Hey. I’m will drive down the street to Home Depot and I’m going buy

169
00:11:33,958 –> 00:11:37,916
corey_white: the best a I door lotck, they have. Now bring it home. I put it on my kitchen

170
00:11:37,958 –> 00:11:42,625
corey_white: counter, and I say I secured my house. No, I didn’t. I did wall the doorlock.

171
00:11:42,791 –> 00:11:46,208
corey_white: The same thing with sub security products. You buy it. You like we’re good. No,

172
00:11:46,541 –> 00:11:48,708
corey_white: not really. So that’s what’s wrong with the industry.

173
00:11:50,166 –> 00:11:54,416
anthony_j_algmin: oh man, youve youve. You’ve now triggered me, and the because this is not

174
00:11:54,541 –> 00:12:00,416
anthony_j_algmin: even just applicable in house, Uh, you protection and and cyber security.

175
00:12:00,791 –> 00:12:05,666
anthony_j_algmin: But you, you’ve kind of broken down like one of the greatest fallacies of

176
00:12:05,833 –> 00:12:10,541
anthony_j_algmin: consulting across the board. And that is like so much of consultings,

177
00:12:10,708 –> 00:12:15,833
anthony_j_algmin: focused on this idea of tell us what we should do, And then the consultant

178
00:12:16,000 –> 00:12:18,875
anthony_j_algmin: comes in and tells you what you should do. What you cannot do because you

179
00:12:19,041 –> 00:12:22,541
anthony_j_algmin: do not have the expertise to do it, but you have these great ideas of

180
00:12:22,708 –> 00:12:26,083
anthony_j_algmin: things that you still can’t do. But now you know you should have. that

181
00:12:26,250 –> 00:12:30,791
anthony_j_algmin: doesn’t actually accomplish anything of real value. and in in in the cyber

182
00:12:31,041 –> 00:12:34,541
anthony_j_algmin: security standpoint, it’s kind of the the flipide from a lot of consulting

183
00:12:34,625 –> 00:12:37,458
anthony_j_algmin: engagements are thinking about things we can do to improve something right

184
00:12:37,541 –> 00:12:41,041
anthony_j_algmin: where, whereas an on the security, we’ trying to protect what we already

185
00:12:41,208 –> 00:12:46,791
anthony_j_algmin: have, but the same dynamic. Still you have to be able to execute. And it’s

186
00:12:47,041 –> 00:12:48,416
anthony_j_algmin: not just about the idea,

187
00:12:49,458 –> 00:12:55,541
anthony_j_algmin: it’s about the full plan to actually achieve that good idea. And and

188
00:12:55,583 –> 00:12:56,625
anthony_j_algmin: that’s something that is so

189
00:12:58,875 –> 00:13:03,666
anthony_j_algmin: taking rational pragmatic steps for real security. And I’m sure we could

190
00:13:03,916 –> 00:13:06,875
anthony_j_algmin: talk about some of those in the context of this conversation. But just

191
00:13:08,541 –> 00:13:12,250
anthony_j_algmin: organzations already know most of what they should do. focus more on doing

192
00:13:12,500 –> 00:13:17,041
anthony_j_algmin: it Better be cause. Even an imperfect strategy executed reasonably is

193
00:13:17,125 –> 00:13:20,958
anthony_j_algmin: going to be way better than the perfect strategy that you can’ execute at

194
00:13:21,916 –> 00:13:27,333
corey_white: Yeah, yeah, you had too. so check it out. Now you get my apology to the the

195
00:13:27,583 –> 00:13:32,375
corey_white: world right here live. So I’m apologizing for twenty three years of cyber

196
00:13:32,625 –> 00:13:37,500
corey_white: security being a security consulting running consulting organizations is

197
00:13:38,041 –> 00:13:42,375
corey_white: absolutely Anthony, a flawed business model for everything that you just said

198
00:13:42,791 –> 00:13:46,708
corey_white: and I jokingly say I, I’m a Recovering services guy. I’ve gone through the

199
00:13:46,708 –> 00:13:52,208
corey_white: Twelf step program and I’m recovered right. So what really we should be doing

200
00:13:52,625 –> 00:13:58,541
corey_white: is what I’ve created Now. I’ve created a subscription base model to where you

201
00:13:58,708 –> 00:14:02,458
corey_white: subscribe to these our security solutions that you need Because here’s the

202
00:14:02,541 –> 00:14:07,166
corey_white: thing Cyrus security is like hygiene, and I’m gonna give you another grotesque

203
00:14:07,583 –> 00:14:12,208
corey_white: example, But it drives at home, so here’s the deal. If I were to say heythy,

204
00:14:12,291 –> 00:14:15,583
corey_white: I’m glad we’re not liveing face to face because you really run for me, say,

205
00:14:15,833 –> 00:14:21,000
corey_white: hey, I brush my teeth once a year. I did my yearly teethbrushing and that’s

206
00:14:21,250 –> 00:14:25,666
corey_white: that’s consulting. You come in, do yearly assessment or gap analysis and say,

207
00:14:25,916 –> 00:14:30,375
corey_white: here you go. And that’s it. That’s never going to get you secure. It’s never

208
00:14:30,458 –> 00:14:34,708
corey_white: going to have your teeth. you know, fresh and clean. right. So you actually

209
00:14:34,958 –> 00:14:38,958
anthony_j_algmin: Although it would be an appealing strategy for a couple of my children,

210
00:14:39,375 –> 00:14:44,083
anthony_j_algmin: they would be all about signing up for the once a year to hygiene program

211
00:14:44,791 –> 00:14:48,416
anthony_j_algmin: even though it was not actually something that they should do so. But I,

212
00:14:48,791 –> 00:14:52,708
anthony_j_algmin: your example is well taken, man, you’re right, be cause. like a one time

213
00:14:52,958 –> 00:14:55,541
anthony_j_algmin: test is not the kind of preventative care that that you

214
00:14:55,541 –> 00:14:56,541
anthony_j_algmin: really need

215
00:14:57,000 –> 00:15:00,708
corey_white: because I mean you, you take. Um. I was actually on the phone with one of our

216
00:15:00,875 –> 00:15:05,166
corey_white: Um. prospective customers. Now they are a customer and we’re walking through

217
00:15:05,333 –> 00:15:09,750
corey_white: this And and he said something and said, I’m monitoring my logs and I’ve heard

218
00:15:09,833 –> 00:15:16,041
corey_white: the stap before he said. We are actually under attack every three seconds from

219
00:15:16,291 –> 00:15:20,875
corey_white: the Internet. So if you’re sitting on the internet now there’s someone running

220
00:15:21,000 –> 00:15:25,958
corey_white: some scan to see what you’re vulnerable to. So again Back to hygiene, Anthony,

221
00:15:26,125 –> 00:15:30,458
corey_white: If you’re not continually patching for new vulnabilities, you got all these um,

222
00:15:30,625 –> 00:15:34,291
corey_white: all these um, software and applications running your computer. If those aren’t

223
00:15:34,375 –> 00:15:38,875
corey_white: patched, Believe me, there are tools like medalployd and a bunch of automated

224
00:15:39,083 –> 00:15:43,500
corey_white: tools we can scan. You figure out what vulnerabilities do you have? Press a

225
00:15:43,583 –> 00:15:47,416
corey_white: button. Uh, against your particular I P address. Then I have a command prompt

226
00:15:47,666 –> 00:15:53,000
corey_white: on your computer. Okay, it is just that easy. So the hygiene of continuous

227
00:15:53,416 –> 00:15:58,791
corey_white: improvement is how cybers security should be done, but we’re not doing it. so I

228
00:15:58,916 –> 00:16:02,125
corey_white: had to use. I don’t know if you’ve ever heard of Um, first Principal thinking.

229
00:16:02,625 –> 00:16:08,541
corey_white: So if the goal to of a company to actually be secure, if others are in goal and

230
00:16:08,708 –> 00:16:12,791
corey_white: you go. And you, you know, buy a cyber security product. You still helpl the

231
00:16:12,916 –> 00:16:16,875
corey_white: the, The people in process, you, you ’cause people process technology. You

232
00:16:17,000 –> 00:16:19,916
corey_white: bought the technology, but you don’t have the people in process. You’re not

233
00:16:19,916 –> 00:16:24,208
corey_white: going to be secure. Or if I go and get the service Okay? Well then I have the

234
00:16:24,208 –> 00:16:28,458
corey_white: people side the assessment, but I need the processing technology on a

235
00:16:28,541 –> 00:16:34,291
corey_white: continuous basis. Or if I go to uh, m, s, s, p, m, d, r, ▁x d R. And they’re

236
00:16:34,458 –> 00:16:38,541
corey_white: only going to send me any information when an alert on something bad happens,

237
00:16:39,416 –> 00:16:42,208
corey_white: That’s not my outcome. Outcome is to be secure. Or

238
00:16:42,458 –> 00:16:46,791
corey_white: if I go to a value added reseller, So there’s tons of resellers and sober

239
00:16:47,000 –> 00:16:49,958
corey_white: security. You can’t even buy your products directly Most of the time you got.

240
00:16:50,125 –> 00:16:54,208
corey_white: go to this reseller Now the resellers, and this again, just educating everyone

241
00:16:54,625 –> 00:16:59,250
corey_white: resellers. They’re ininvized by margin. How much money can they make selling

242
00:16:59,416 –> 00:17:04,708
corey_white: the product? They are not actually out to get you as a company secure. So if

243
00:17:05,000 –> 00:17:10,625
corey_white: crappy produc dot com, Um gives them forty percent percent margin, guess what

244
00:17:11,250 –> 00:17:14,916
corey_white: they’re going to choose that and say hey Anthony, this product’ Begin to really

245
00:17:15,000 –> 00:17:18,041
corey_white: secure, because I get forty percent marinal. They don’t say that, but the

246
00:17:18,125 –> 00:17:21,000
corey_white: amazing product may only gives them twenty, but that is

247
00:17:21,166 –> 00:17:26,458
corey_white: what’s driving that decision. So again, I’ll go back to my statement. The cyber

248
00:17:26,791 –> 00:17:31,833
corey_white: security industry until we do something that happens on a continuous basis that

249
00:17:32,041 –> 00:17:35,166
corey_white: actually is targeted towards the customer. Getting to an outcome of being

250
00:17:35,416 –> 00:17:37,958
corey_white: secure. We are not trying to stop cyber tax.

251
00:17:39,625 –> 00:17:40,625
anthony_j_algmin: right,

252
00:17:41,208 –> 00:17:42,250
anthony_j_algmin: Yeah, well, I mean

253
00:17:43,291 –> 00:17:46,166
anthony_j_algmin: there’s there’s a lot to unacck there because when you think about

254
00:17:47,291 –> 00:17:52,875
anthony_j_algmin: organizations of any service model you, there’s a lot of

255
00:17:54,333 –> 00:17:58,875
anthony_j_algmin: variations in what the underlying incentives are for those organizations

256
00:17:59,125 –> 00:18:03,041
anthony_j_algmin: to help their customers. And I think your your examples around you,

257
00:18:03,125 –> 00:18:07,750
anthony_j_algmin: knowval resellers and and other you know mechanisms where they’ve created

258
00:18:07,916 –> 00:18:12,500
anthony_j_algmin: an industry. and this is. this is the case in so many technology related

259
00:18:12,625 –> 00:18:15,125
anthony_j_algmin: areas, So this is not unique to uh, cyber security.

260
00:18:16,416 –> 00:18:20,166
anthony_j_algmin: But there are a lot of businesses out there that are not

261
00:18:21,291 –> 00:18:25,458
anthony_j_algmin: in align with their customer needs when it comes to how their business

262
00:18:25,833 –> 00:18:30,250
anthony_j_algmin: actually works. I’m actually astounded. When you. some organizations

263
00:18:30,625 –> 00:18:35,291
anthony_j_algmin: create pricing models to actively discourage the use of their technology,

264
00:18:35,916 –> 00:18:39,458
anthony_j_algmin: and that to me doesn’t make any sense, it. It’s it’s if you have a thing

265
00:18:39,541 –> 00:18:44,416
anthony_j_algmin: that helps a a customer, how can you help the customer the most and then

266
00:18:44,541 –> 00:18:49,833
anthony_j_algmin: capture the right amount of Uh, your revenue, uh to to offset that,

267
00:18:50,166 –> 00:18:54,000
anthony_j_algmin: Certainly you want to make money. But how can it be a growing the pie

268
00:18:55,583 –> 00:19:00,416
anthony_j_algmin: versus a, you know, taking the pie or taking pieces of the pie, most of

269
00:19:00,416 –> 00:19:05,833
anthony_j_algmin: the pie um from from your customers? And so how on you know the cyber

270
00:19:06,083 –> 00:19:10,416
anthony_j_algmin: security side. How does your organization help grow That how do you help

271
00:19:10,541 –> 00:19:14,250
anthony_j_algmin: partner with your organizations, you with your client organizations to

272
00:19:15,750 –> 00:19:19,416
anthony_j_algmin: real security for for them. How does how does cyber security as a service

273
00:19:19,416 –> 00:19:19,833
anthony_j_algmin: real security for for them. How does how does cyber security as a service

274
00:19:19,875 –> 00:19:20,875
anthony_j_algmin: actually work

275
00:19:21,833 –> 00:19:22,833
corey_white: Yeah, um,

276
00:19:23,666 –> 00:19:29,333
corey_white: great question. So what I had to do? Um again, the Recovering services guy,

277
00:19:29,583 –> 00:19:35,958
corey_white: right, I had to forget. I had to purge everything I knew about the business of

278
00:19:35,958 –> 00:19:38,000
corey_white: of cyber security and how we had done it.

279
00:19:39,416 –> 00:19:43,583
corey_white: And and to do that, do a lot of research and look at other business models.

280
00:19:43,750 –> 00:19:47,958
corey_white: Cause, to your point, getting the customer to the outcome is really the goal,

281
00:19:48,458 –> 00:19:52,375
corey_white: And so other business models have figured this out so well

282
00:19:53,416 –> 00:19:56,708
corey_white: that I just had to copy those other business models and I think you would be

283
00:19:56,791 –> 00:20:01,416
corey_white: blown away by the other business models with copy we copied over with copy.

284
00:20:01,666 –> 00:20:07,833
corey_white: Netflix. the copy a b and B. Because again, if you think about and the whole

285
00:20:08,041 –> 00:20:10,916
corey_white: talk about how Netflix save cyber security,

286
00:20:12,625 –> 00:20:16,791
corey_white: So you used Blockbuster video before back in the day, right?

287
00:20:16,791 –> 00:20:18,708
anthony_j_algmin: back in the day? long time ago. Yeah,

288
00:20:19,333 –> 00:20:21,083
corey_white: So why did they go out of business?

289
00:20:24,500 –> 00:20:28,500
anthony_j_algmin: because there is better ways to get movies cause, actually, I mean Netflix

290
00:20:28,708 –> 00:20:33,208
anthony_j_algmin: right, where the D V Ds in the mail kind of kept me from needing to get in

291
00:20:33,208 –> 00:20:35,541
anthony_j_algmin: the car and driving over to the the video store, Right.

292
00:20:36,041 –> 00:20:40,458
corey_white: Y, You have the nail in the head. So what you described is there’ a better

293
00:20:40,916 –> 00:20:45,750
corey_white: business model for you to get to the outcome of being entertained and watching

294
00:20:45,916 –> 00:20:51,833
corey_white: that movie Correct. So um, anybody that knows me life, life is about outcomes

295
00:20:52,208 –> 00:20:56,791
corey_white: Right is okay. It is not about like if I’m a cybers security. Com. Um, if find

296
00:20:56,916 –> 00:21:01,958
corey_white: a company want to have good, Sir security Me, get an an assessment. Then didn’t

297
00:21:02,041 –> 00:21:03,500
corey_white: get me to the outcome of being secure.

298
00:21:04,291 –> 00:21:09,500
corey_white: Okay, me, Yeah, know, that’s just like me saying Hey. I’m go go to Blockbuster.

299
00:21:10,125 –> 00:21:13,416
corey_white: Look at some movies. They’m not going to really buy anything. I’m just gonna

300
00:21:13,583 –> 00:21:17,166
corey_white: leave. I w. the goal was to watch a movie right now. Good one, but I just went

301
00:21:17,333 –> 00:21:21,083
corey_white: there right. You only did one piece of it, or if buying a product like, Hey,

302
00:21:21,333 –> 00:21:25,333
corey_white: I’m gonna go inna buy this movie from this. You know, Ro, the vars. I like

303
00:21:25,333 –> 00:21:28,916
corey_white: Target right, I’m going to buy a movie from Target and bring it home. I’m not

304
00:21:29,000 –> 00:21:34,041
corey_white: gonna watch it. The goal is to get the outcome. The outcome is to how quickly

305
00:21:34,291 –> 00:21:39,333
corey_white: without friction can I get to that outcome? So in cyber security, I had to

306
00:21:39,416 –> 00:21:43,250
corey_white: figure out how can we quickly get to the outcome of being secure.

307
00:21:43,916 –> 00:21:48,875
corey_white: So what Netflix did to Blockbuster, as you just described is they found a

308
00:21:49,000 –> 00:21:53,750
corey_white: better way, a more efficient way for you to get to the outcome of watching that

309
00:21:53,916 –> 00:21:58,291
corey_white: movie Like I got, pick up my phone right now and stream a movie right now. But

310
00:21:58,458 –> 00:22:02,375
corey_white: here’s what people forget when Netflix started in ninety seven. Just like you

311
00:22:02,458 –> 00:22:05,500
corey_white: said, it was the D V Ds being shipped to the house,

312
00:22:06,208 –> 00:22:09,083
corey_white: And what they had to do is they had to look around the corner. They already

313
00:22:09,333 –> 00:22:12,708
corey_white: knew they ▁ultimately want to go to streaming, but they couldn’t do it at nine

314
00:22:12,916 –> 00:22:17,166
corey_white: seven, But that’s whating. We were gonna take it. but today Netflix has content

315
00:22:17,416 –> 00:22:21,916
corey_white: and everything else. But day won. They just had a better business model for you

316
00:22:21,958 –> 00:22:25,000
corey_white: and customer to get to the outcome. That makes sense.

317
00:22:25,750 –> 00:22:26,791
anthony_j_algmin: Oh, yeah, yeah,

318
00:22:27,583 –> 00:22:33,333
corey_white: Yeah, so what we had to do is have a better business model for Um, any sover,

319
00:22:33,666 –> 00:22:39,416
corey_white: secure, um consumer to actually get to being secure. So we ca those companies

320
00:22:39,833 –> 00:22:44,208
corey_white: and the same thing applies to take oba right louber. They didn’t own any cars.

321
00:22:44,291 –> 00:22:49,666
corey_white: They still don’t own any cars. A B and B doesn’t own any hotels, And so Netflix

322
00:22:49,958 –> 00:22:52,375
corey_white: didn’t own any content. Day one. Now

323
00:22:52,500 –> 00:22:56,916
corey_white: now everybody is copying them with their you know Streaming Plus services. So

324
00:23:00,208 –> 00:23:06,208
corey_white: you think about it, Wh, where we have lost sight of, As as I just says, a human

325
00:23:06,375 –> 00:23:12,041
corey_white: race in business is, the customer needs to come first and getting the customer

326
00:23:12,291 –> 00:23:16,791
corey_white: to their outcomes, and needs to come first. So what we had, Sabotir had to do,

327
00:23:17,083 –> 00:23:22,041
corey_white: and this took a flip, and I, I, After doing it twenty twenty three years, I’m

328
00:23:22,125 –> 00:23:26,875
corey_white: like Okay, I. I kind of made enough money off of of failing. Why not try making

329
00:23:27,083 –> 00:23:31,416
corey_white: money off of succeeding? And what that means is I had to flip the model. Like

330
00:23:31,666 –> 00:23:35,750
corey_white: our margin. Our profiability was made off of that one time services engagement,

331
00:23:35,916 –> 00:23:39,958
corey_white: so it had to add in all the margin and prices really really high. Make sure. I

332
00:23:40,041 –> 00:23:43,666
corey_white: mean we made money off of it, or we have to make money off of selling that

333
00:23:43,833 –> 00:23:45,416
corey_white: products right. See price, their price

334
00:23:45,666 –> 00:23:48,625
corey_white: really high, So you have to do that and then you got to pay the Vr on top of

335
00:23:48,625 –> 00:23:51,583
corey_white: that like they gotta take their cut. They’re you know, thirty forty percent

336
00:23:51,833 –> 00:23:55,250
corey_white: cut. So that makes it even more expensive for the consumer and ▁ultimately

337
00:23:55,500 –> 00:24:00,625
corey_white: cyber security becomes cost prohibitive for most companies. So what we did is

338
00:24:01,000 –> 00:24:05,500
corey_white: let’s do this. Let’s make Subber security a subscription. Let’s make it an

339
00:24:05,666 –> 00:24:11,333
corey_white: ongoing activity. service. security is hygiene. But instead of not actually

340
00:24:11,666 –> 00:24:15,083
corey_white: getting them secure, then you think about yourself. We’re both on computers

341
00:24:15,250 –> 00:24:19,250
corey_white: right now. If you’re not continually patching your your your vulnerabilities,

342
00:24:19,500 –> 00:24:23,333
corey_white: Um, ’cause you, you get the pop up. Hey, you need to do the software update.

343
00:24:23,583 –> 00:24:27,750
corey_white: Like some of those include exploitable vulnabilities. Uh,

344
00:24:27,958 –> 00:24:32,875
corey_white: and so bad people can scan your computer and exploit those vulnerabilities get

345
00:24:33,083 –> 00:24:37,166
corey_white: access to your confidential, you know data, which is a bad thing. but that

346
00:24:37,333 –> 00:24:41,500
corey_white: happened that needs happen to continue basis not once a year. So we built this

347
00:24:41,666 –> 00:24:45,666
corey_white: a solution that’s on a continuous basis. Now, The other thing that you think

348
00:24:45,833 –> 00:24:50,458
corey_white: about from cyber tax perspective we talked about inpt security, Inpt security,

349
00:24:51,958 –> 00:24:56,125
corey_white: Um, the thirty year old technology number one, it would ran somewhere. Rans,

350
00:24:56,291 –> 00:25:00,375
corey_white: who were started out as just maw. Let’s be clear. Ran

351
00:25:00,625 –> 00:25:06,458
corey_white: somewhere to today is a hack first, meaning they’re hacking into you first, And

352
00:25:06,625 –> 00:25:10,625
corey_white: so once they hike into you then they’re gonna go and they’re goingnna disable

353
00:25:10,791 –> 00:25:14,125
corey_white: your backups. They’re going to get admin control. They, actually, I’ve seen

354
00:25:14,291 –> 00:25:17,416
corey_white: them where they will actually look at your Cyrus security insurance policy if

355
00:25:17,500 –> 00:25:20,791
corey_white: you have one, and figure how much it is and that’s how much a ranom is. Go to

356
00:25:20,875 –> 00:25:25,250
corey_white: be okay. I’ve seen them. I’ve done incidents where they’ve looked in the bank

357
00:25:25,583 –> 00:25:29,250
corey_white: accounts and look at it. Don’t verify how much money you have. I hear the no

358
00:25:29,583 –> 00:25:33,250
corey_white: less than five person company get a fifty thousand dollar ransom. Usually, it’s

359
00:25:33,333 –> 00:25:36,541
corey_white: like you know five or ten thousand dollars is really small. Something they can

360
00:25:36,541 –> 00:25:37,541
corey_white: quickly. just pay those

361
00:25:37,666 –> 00:25:40,708
corey_white: a fifty thousand dollar ransom. I’ll say, I guarantee you’ve already been

362
00:25:40,791 –> 00:25:44,041
corey_white: hockeding. We do the forensics and that company have been hacked in a few weeks

363
00:25:44,208 –> 00:25:47,083
corey_white: ahead of time. We could see them looking at their files. They knew how much

364
00:25:47,416 –> 00:25:48,416
corey_white: money money they had, so

365
00:25:48,458 –> 00:25:53,083
corey_white: it is a business for these hackers, so they’re hacking in and making sure that

366
00:25:53,250 –> 00:25:56,041
corey_white: they’re going to get paid the last thing they do, which is interesting. If you

367
00:25:56,208 –> 00:26:00,375
corey_white: have backups, they’re gonna have disable them. Okay, so they’re hacking in, and

368
00:26:00,375 –> 00:26:04,625
corey_white: the last thing they do is they’ll drop uh the rand somewhere Maware, and back

369
00:26:04,791 –> 00:26:09,500
corey_white: to your anti vis. if you’ve got the old legacy anti virus’s detect and respond.

370
00:26:09,958 –> 00:26:15,083
corey_white: So if I’ve created some brand new ransomwar mawor, that is gonna bypass that

371
00:26:15,250 –> 00:26:18,875
corey_white: old signature based technology is gonna execute and you won’t

372
00:26:18,916 –> 00:26:23,166
corey_white: be able to stop it. But there’s new new versions of of anti virus that uses

373
00:26:23,333 –> 00:26:27,916
corey_white: artificial intelligence that actually can detect it and stop it, And so you can

374
00:26:28,041 –> 00:26:31,833
corey_white: use those. But here’s the other thing, Anthony, That just completely blows my

375
00:26:31,916 –> 00:26:36,291
corey_white: mind. Most of the people that have those new artificial intelligence based um,

376
00:26:36,458 –> 00:26:42,125
corey_white: anti virus software. They don’t en it to block. That’s just like saying. Hey, I

377
00:26:42,375 –> 00:26:47,166
corey_white: got a lock on my door at home on our front door, but I don’t lock it okay

378
00:26:48,375 –> 00:26:51,750
corey_white: because I don’t like it ’cause I might not be able to get out fast enough or

379
00:26:51,916 –> 00:26:56,291
corey_white: something. That’s what tastes you. So Th you, it’s all these barriers to

380
00:26:56,458 –> 00:27:00,875
corey_white: actually being secure. So what we do here at Savotar is we make sure you always

381
00:27:01,000 –> 00:27:05,583
corey_white: are patached on a continuous basis. Um, because we actually make money back to

382
00:27:05,666 –> 00:27:09,500
corey_white: how we make money. we make money off of you. Being secure, we

383
00:27:09,666 –> 00:27:14,375
corey_white: make money off of nothing happening, so our pricecing is very similar to all

384
00:27:14,458 –> 00:27:18,291
corey_white: these subscription services. It’s fix be based on a number of employees. Once

385
00:27:18,375 –> 00:27:22,125
corey_white: we know another employees, he, You’re paying a fixed fee for us to bring in the

386
00:27:22,291 –> 00:27:27,250
corey_white: software. Do the services get you fully locked down ninety days or less and

387
00:27:27,333 –> 00:27:31,500
corey_white: then maintain that after those ninety days. Um, you’re locked down. That’s when

388
00:27:31,583 –> 00:27:35,916
corey_white: we start making our money Okay and guess what, the profits are actually higher,

389
00:27:36,208 –> 00:27:40,125
corey_white: Because it’s not as much work. But if we never locked you down and we just

390
00:27:40,125 –> 00:27:43,416
corey_white: continly got a bunch of alerts and a lot of noise. whatever we’d been working,

391
00:27:43,583 –> 00:27:45,916
corey_white: a lot of T, a lot of outwards right. and we k,

392
00:27:45,916 –> 00:27:49,250
corey_white: lock you down So there’s not as much work to do. That’s the beauty of customer

393
00:27:49,500 –> 00:27:52,916
corey_white: lifetime value. That happens in subscriptions. The last thing I, they would

394
00:27:53,000 –> 00:27:56,916
corey_white: choose this, so you’ll just finish that point, customer lifetime value. How

395
00:27:57,083 –> 00:28:00,875
corey_white: much do you pay for your you know monthly Netflix description.

396
00:28:02,333 –> 00:28:05,208
anthony_j_algmin: think it’s nineteen bucks now. Something like that. It’s too much.

397
00:28:05,916 –> 00:28:10,708
corey_white: Yeah, you must. On the Luc version. I heard they pay ten. I think I’ll pay

398
00:28:10,791 –> 00:28:11,791
corey_white: fifteen. Uh,

399
00:28:12,375 –> 00:28:16,125
corey_white: but in the end of the day, if you buy a brand new movie, just go buy a movie

400
00:28:16,458 –> 00:28:19,333
corey_white: even when you download it from streaming. How much does it cost?

401
00:28:20,625 –> 00:28:23,416
anthony_j_algmin: Oh, it’s still got to be twenty twenty five bucks. now. I think yeah,

402
00:28:23,416 –> 00:28:26,875
corey_white: Yeah, it’s like twenty bucks Right. And so you think about the business model,

403
00:28:27,083 –> 00:28:30,291
corey_white: Like how does Netflix make money? They gotta whole this content. All these

404
00:28:30,458 –> 00:28:34,708
corey_white: movies. But you buy one movie costs more than one month of of what you’ be

405
00:28:34,791 –> 00:28:39,000
corey_white: paying. So how does that work Is customer lifetime value?

406
00:28:39,666 –> 00:28:44,708
corey_white: Right? And so that’s how we’re able to price it cheaper. There’s no v margin

407
00:28:44,875 –> 00:28:48,791
corey_white: built into our pricing, So it’s cheaper is more affordable. So way have

408
00:28:48,875 –> 00:28:52,916
corey_white: customers. There are small businesses all the way to global enterprises that

409
00:28:53,416 –> 00:28:57,416
corey_white: customers, Because again we make money off of their subscription business

410
00:28:57,625 –> 00:28:58,625
corey_white: model. Same thing

411
00:28:58,708 –> 00:29:03,000
corey_white: with you know, Spotify music and all that Right again, you you go. you know,

412
00:29:03,333 –> 00:29:07,958
corey_white: buy a new, you know, album or cassette or like. I’m dating myself. They call

413
00:29:08,125 –> 00:29:12,791
corey_white: Mos more whatever. So it’s It’s more expensive than what you pay a month to get

414
00:29:12,916 –> 00:29:16,125
corey_white: access to everything. So same thing with cyber security.

415
00:29:16,958 –> 00:29:22,416
anthony_j_algmin: Well, and it is interesting because the the potential uh, downside is kind

416
00:29:22,500 –> 00:29:25,458
anthony_j_algmin: of a function of of how big your organization is. How many employees

417
00:29:25,666 –> 00:29:28,625
anthony_j_algmin: that’s there’s. There’s an element of risk on the employee side because I

418
00:29:28,708 –> 00:29:32,791
anthony_j_algmin: know that. Um. you know, the the people side of this is where the biggest

419
00:29:32,958 –> 00:29:37,041
anthony_j_algmin: points of failure can often be. And and some of that challenges is, I’m

420
00:29:37,125 –> 00:29:40,000
anthony_j_algmin: sure, uh, something that you have to deal with as well. But what I think

421
00:29:40,166 –> 00:29:43,458
anthony_j_algmin: about you coming in and to your point locking things down.

422
00:29:44,625 –> 00:29:48,791
anthony_j_algmin: That’s where the work is going to be more in larger organizations, But

423
00:29:48,791 –> 00:29:52,166
anthony_j_algmin: it’s not going to be linearly more. If a, if an organization with a

424
00:29:52,250 –> 00:29:56,083
anthony_j_algmin: hundred people, when you move to a thousand people or ten thousand people,

425
00:29:56,250 –> 00:29:59,833
anthony_j_algmin: it’s not going to be a hundred times greater difficulty for you, it’s

426
00:30:00,000 –> 00:30:03,125
anthony_j_algmin: going to be five times greater or ten times greater. But it’s it’s It’s

427
00:30:03,208 –> 00:30:06,791
anthony_j_algmin: not going to go up in a pure uh, linear fashion, So it makes sense though,

428
00:30:06,875 –> 00:30:11,458
anthony_j_algmin: if you can do the work up front, lock them down so the risk is much lower.

429
00:30:11,583 –> 00:30:15,750
anthony_j_algmin: and then you get the ongoing uh services. What I like about this kind of

430
00:30:15,750 –> 00:30:19,541
anthony_j_algmin: going back to that earlier point that I made is you are in alignment with

431
00:30:19,666 –> 00:30:24,416
anthony_j_algmin: the customers needs. you are your. Your business model is in puure. Like

432
00:30:24,541 –> 00:30:30,541
anthony_j_algmin: the incentives are exactly Aig. which is great because you are interested

433
00:30:30,791 –> 00:30:34,625
anthony_j_algmin: in actually providing what the customer is paying you for. It is not

434
00:30:34,875 –> 00:30:38,416
anthony_j_algmin: something where you are actively trying to make sure that there’s enough

435
00:30:39,208 –> 00:30:43,750
anthony_j_algmin: problems that they keep coming back to you. Like not a few consultants out

436
00:30:43,833 –> 00:30:48,000
anthony_j_algmin: there. Do you know if if everything’s good, most consultants don’t have

437
00:30:48,166 –> 00:30:51,583
anthony_j_algmin: enough work in their minds? Whereas you’re saying hey, let us make sure

438
00:30:52,333 –> 00:30:56,708
anthony_j_algmin: this flank is covered. You don’t have the internal skills to do this most

439
00:30:56,875 –> 00:31:00,791
anthony_j_algmin: of the time anyway, client organization. let us take this on. for you, use

440
00:31:00,958 –> 00:31:06,083
anthony_j_algmin: your energies and your your team skills on on other areas. Um, I think

441
00:31:06,250 –> 00:31:10,083
anthony_j_algmin: that makes a lot of sense conceptually where I’m really interested in when

442
00:31:10,166 –> 00:31:13,833
anthony_j_algmin: I put on my technology hat. I’m like, how the heck do you do this Because

443
00:31:13,916 –> 00:31:16,500
anthony_j_algmin: you spent a good amount of time at the beginning of this conversation

444
00:31:17,291 –> 00:31:20,625
anthony_j_algmin: terrifying me, and I’ll speak on behalf the audience, terrifying the whole

445
00:31:20,791 –> 00:31:25,291
anthony_j_algmin: audience as well, Because we know these things. we know these challenges

446
00:31:25,458 –> 00:31:28,416
anthony_j_algmin: we hear about ransom. where we hear about all of these hacks all the time.

447
00:31:28,500 –> 00:31:31,750
anthony_j_algmin: I’m sure there’s many of us out there that have had to deal with these

448
00:31:31,916 –> 00:31:36,500
anthony_j_algmin: situations and they’re not pleasant, so we’re very scared. What you’re

449
00:31:36,625 –> 00:31:41,291
anthony_j_algmin: saying almost sounds like. How can like I get how I can watch a movie from

450
00:31:41,458 –> 00:31:42,541
anthony_j_algmin: the internet At this point

451
00:31:42,708 –> 00:31:46,250
anthony_j_algmin: Like that’s pretty easy. I understand that conceptually how you can keep

452
00:31:46,416 –> 00:31:49,833
anthony_j_algmin: all these bad things from happening to my organization? Help me understand

453
00:31:50,083 –> 00:31:54,416
anthony_j_algmin: what you actually do to to make that possible. Can I still have a business

454
00:31:54,791 –> 00:31:58,958
anthony_j_algmin: where my company still has a a web page and that we can still do things I

455
00:31:59,125 –> 00:32:04,000
anthony_j_algmin: have to imagine we do. How do how do you let us continue to work while

456
00:32:04,250 –> 00:32:06,958
anthony_j_algmin: actually protecting us and and locking things down. Can you talk about

457
00:32:06,958 –> 00:32:07,958
anthony_j_algmin: some of those techniques?

458
00:32:08,458 –> 00:32:13,833
corey_white: Yeah, yeah, so, um, technology come a long way, And so when I first started

459
00:32:14,125 –> 00:32:17,958
corey_white: doing, I actually have done remediation. I remember. I was doing it as far back

460
00:32:19,583 –> 00:32:23,416
corey_white: in in like nineteen ninety nine. So and I remember, I was on like a year long

461
00:32:23,583 –> 00:32:27,958
corey_white: remediation project when September Eleventh happened and the Do bus was

462
00:32:28,125 –> 00:32:32,458
corey_white: happening and people were losing jobs. I, I’m just remating after. As with

463
00:32:32,625 –> 00:32:37,416
corey_white: idea. So I just got a cruise way through that, but remediation used to be

464
00:32:37,916 –> 00:32:43,833
corey_white: really hard. Anthony. Um. it was a lot of roadblocks Um that existed, but here

465
00:32:43,916 –> 00:32:49,000
corey_white: we are today. a few things have changed, Um. Most software is is cloud

466
00:32:49,333 –> 00:32:50,333
corey_white: manageable, so

467
00:32:50,916 –> 00:32:56,041
corey_white: I don’t have to deploy my teens on site to go and rack and stack servers, or

468
00:32:56,125 –> 00:32:57,333
corey_white: anymore, right, which

469
00:32:57,958 –> 00:33:01,666
corey_white: we. we have the cloud. So literally, all we got to do is get software onto

470
00:33:01,833 –> 00:33:05,666
corey_white: these systems or literally they log into cloud based systems and then we’re

471
00:33:05,916 –> 00:33:11,833
corey_white: able to manage that so that’s gotten a lot easier. The other thing is is a p.

472
00:33:11,916 –> 00:33:16,541
corey_white: i’ um application programming interfaces. Basically what that allows with A

473
00:33:16,791 –> 00:33:21,750
corey_white: with a a security product. We can pull data from that S of security product via

474
00:33:21,916 –> 00:33:26,916
corey_white: the the A P. I, and then feed that to our platform, and so all the day they’re

475
00:33:27,000 –> 00:33:30,375
corey_white: from your I. T. assets. All the day they are from from your. you know,

476
00:33:30,541 –> 00:33:34,791
corey_white: vulnebility scans all the data from your patching. We can correlate all that

477
00:33:35,000 –> 00:33:40,541
corey_white: into one central platform. So imagine this anony If if there’s a Um, brand new

478
00:33:40,875 –> 00:33:45,000
corey_white: vulnebility, say Microsoft vulnebility, that could be exported on your your

479
00:33:45,250 –> 00:33:49,166
corey_white: system right now, Um, And and you’re you’re like, Oh crap. I guess I got to

480
00:33:49,250 –> 00:33:52,916
corey_white: install. I install the update and get myself patch so I won’t be attacked, And

481
00:33:52,916 –> 00:33:55,916
corey_white: that’s how a subcreed people think we’re all freaking out. Let’s get this

482
00:33:55,958 –> 00:33:59,958
corey_white: patchant all, and then everybody else in the business is like. No, We’ll have

483
00:34:00,125 –> 00:34:04,625
corey_white: time for that. So it’s this continuous battle. But um, with with this

484
00:34:04,875 –> 00:34:09,000
corey_white: construct, and what we have within our platform is that we’re scanning you for

485
00:34:09,000 –> 00:34:10,625
corey_white: vneabilities every day, and I

486
00:34:11,625 –> 00:34:16,833
corey_white: with the solar win, tack, um, or vulneability. When that came out one of our

487
00:34:19,958 –> 00:34:24,208
corey_white: customers, Um, they, They actually didn’t know that one of the I, T you, um,

488
00:34:24,458 –> 00:34:28,375
corey_white: you know individuals had actually installed the social Arizona systems, So when

489
00:34:28,375 –> 00:34:29,208
corey_white: we did their

490
00:34:29,208 –> 00:34:33,250
corey_white: daily scan we’re scaning them every four or four hours again serious hygiene,

491
00:34:33,333 –> 00:34:36,875
corey_white: continually scanning to see new vulneabilities. By then we have already fixed

492
00:34:36,916 –> 00:34:39,958
corey_white: all their vulnabilities, all the criticals and high. They were in a clean

493
00:34:40,125 –> 00:34:44,708
corey_white: remediated state because we get every single constsal process we go through

494
00:34:44,916 –> 00:34:49,958
corey_white: called Icarm, and we patented as our our process for every customer we install

495
00:34:50,375 –> 00:34:55,916
corey_white: configure assess, remedate the results from those assessments and maintain so

496
00:34:56,291 –> 00:35:00,125
corey_white: again. Back to your brush your teeth right, you know, getting your teeth. Oh

497
00:35:00,375 –> 00:35:04,541
corey_white: cavity fixed. And and that’s their remediation and getting it all fixed up. And

498
00:35:04,625 –> 00:35:07,833
corey_white: then the maintenance is the continuous brushing and flocing on a continuous

499
00:35:07,958 –> 00:35:11,500
corey_white: basis. so that’s that’s what we’re doing for every one of our customers. So we

500
00:35:11,666 –> 00:35:15,833
corey_white: did to scan in the morning. We saw. Oh wow, you have solar winds. It’s a

501
00:35:15,833 –> 00:35:20,708
corey_white: critical avordaability that that cant be exploited immediately. So uh, we saw

502
00:35:20,875 –> 00:35:24,875
corey_white: it and we actually got them patched and remed. They actually on install it

503
00:35:25,000 –> 00:35:29,166
corey_white: within then six hours, until we scanned there every four hours, so we saw him

504
00:35:29,250 –> 00:35:31,083
corey_white: within six hours. It was fixed. So

505
00:35:31,333 –> 00:35:36,541
corey_white: what we tryed for our customers in their dashboards is time to remediate. Okay,

506
00:35:36,916 –> 00:35:40,625
corey_white: and that’s all the matters. The outcome is getting remediated. and again all

507
00:35:40,875 –> 00:35:44,916
corey_white: this data are coming together in an a p. I. and back to the example of you

508
00:35:45,166 –> 00:35:49,833
corey_white: having a Microsoft vneability on your system. If you were to log in if you were

509
00:35:49,958 –> 00:35:54,125
corey_white: one of our members, and we use members, not customers. And so if you’re one of

510
00:35:54,208 –> 00:35:58,375
corey_white: our members, then you build a log into our platform and see Hey, I have a

511
00:35:58,458 –> 00:36:03,333
corey_white: newcertical vulneability, And you already say Cory. I, I do my podcasting every

512
00:36:03,833 –> 00:36:07,958
corey_white: you know, Wednesday night and it, and at ten p M. so we can’t patch then, but

513
00:36:07,958 –> 00:36:11,750
corey_white: Thursdays’m good. you’ll see critical vulneability. Oh, this is scheduled to be

514
00:36:11,833 –> 00:36:16,375
corey_white: patch Thursday night, you know, at a p. M, whatever window that you choose, and

515
00:36:16,541 –> 00:36:18,916
corey_white: so you know that’s gonna be fixed, And then you

516
00:36:19,083 –> 00:36:23,833
corey_white: also will have the option of it’s just critical. fix it now, right, Um, and

517
00:36:23,916 –> 00:36:26,791
corey_white: we’ll ask our customers. Hey, this is cruolk, ’cause you wants to fix it now,

518
00:36:26,875 –> 00:36:29,958
corey_white: or if not, it schedule to be fixed Thursday night, and for most companies

519
00:36:30,291 –> 00:36:34,791
corey_white: they’re okay with that, but that’s a continuous process. So my answer to you is

520
00:36:35,083 –> 00:36:39,666
corey_white: you know, ten years ago five years ago we could not automate what I sad. The

521
00:36:39,833 –> 00:36:43,583
corey_white: scannings automated, the patching’s automated. You’re able to look and see.

522
00:36:43,916 –> 00:36:48,708
corey_white: Hey, we are continually fixed. and then as relates to the inpot protection

523
00:36:49,916 –> 00:36:54,625
corey_white: again, we have solutions that are set to automatically Um. detect Malictia

524
00:36:54,791 –> 00:36:59,500
corey_white: software Maware using a I, and we’re having configured to block, so the only

525
00:36:59,666 –> 00:37:03,500
corey_white: thing you’re going to see is the alert Somebody tried to d ransomwar one of

526
00:37:03,500 –> 00:37:06,708
corey_white: your systems and it was blocked. Um, At that point you can throw them and go

527
00:37:06,708 –> 00:37:09,666
corey_white: back to sleep when them send the blocking alerts Like, just know what’s

528
00:37:09,750 –> 00:37:13,000
corey_white: happening. Uh, we can see that as happening, but we know what’s happening, so

529
00:37:13,083 –> 00:37:18,375
corey_white: that’s what’s changed. Most people are operating Uh with a legacy cyber

530
00:37:18,625 –> 00:37:22,791
corey_white: security mindset So I literally, Anthony had to forget everything that I knew

531
00:37:22,916 –> 00:37:27,958
corey_white: Comp, cybers security, and start over. And and that’s how we got to worry at.

532
00:37:33,125 –> 00:37:37,833
anthony_j_algmin: I imagine just like we could manage most of our unpromiises environments

533
00:37:38,000 –> 00:37:43,125
anthony_j_algmin: using similar, Um. two cloud types of of orchestations I’m sure you can

534
00:37:43,208 –> 00:37:47,375
anthony_j_algmin: work with hybrid environments, and and existing on premsed Stata centers,

535
00:37:47,416 –> 00:37:48,416
anthony_j_algmin: and and things like that

536
00:37:48,791 –> 00:37:51,375
anthony_j_algmin: as well using the same kinds of tools at this point, right,

537
00:37:51,750 –> 00:37:56,208
corey_white: yeahep. They work with youre cloud on pram either way either way, but the other

538
00:37:56,375 –> 00:38:00,375
corey_white: thing, which is I think is really changed Things is you take. you know, you

539
00:38:00,375 –> 00:38:05,833
corey_white: know covet right. So you have remote systems. So with the agent and everything

540
00:38:06,125 –> 00:38:09,958
corey_white: reporting up to our cloud management system then doesn’t matter where you are,

541
00:38:10,041 –> 00:38:14,125
corey_white: You could be anywhere in the world, but we can still manage and secure you. So

542
00:38:14,375 –> 00:38:18,125
corey_white: that’s that’s the other thing that’s changed, and most companies they they.

543
00:38:18,541 –> 00:38:22,375
corey_white: they’ve used their in your own prim systems. and now all of a sudden they had

544
00:38:22,458 –> 00:38:26,458
corey_white: to be forced to have remote systems and now and many of them move into the

545
00:38:26,458 –> 00:38:30,125
corey_white: cloud. So you lially when you had one thing to secure, you know, Five, ten

546
00:38:30,208 –> 00:38:34,458
corey_white: years ago, now you’ve got the onprim, you’ve got remote systems. you’ve got

547
00:38:34,541 –> 00:38:38,291
corey_white: your cloud systems, you’ve gottacure all of them, and I hear from many people

548
00:38:38,541 –> 00:38:41,250
corey_white: that being a C. I, s so Cy. you know,

549
00:38:42,375 –> 00:38:47,250
corey_white: security leader in any organization is one of the most stressful Um jobs you

550
00:38:47,375 –> 00:38:48,375
corey_white: can have, because

551
00:38:48,375 –> 00:38:49,375
corey_white: again,

552
00:38:50,208 –> 00:38:55,750
corey_white: one of my friends, he so, and he calls it Cheapk G officer, Because anything

553
00:38:56,041 –> 00:38:59,833
corey_white: that goes wrong is his fault. But yet he is responsible for security of

554
00:38:59,916 –> 00:39:04,458
corey_white: everything, even though people say no if it goes wrong. it’s him. Not a fun

555
00:39:04,791 –> 00:39:09,208
anthony_j_algmin: uh. Well, I think about leadership a lot in in building teams and managing

556
00:39:09,375 –> 00:39:13,750
anthony_j_algmin: teams, and and one of the key tenants of that is when you delegate worker

557
00:39:14,000 –> 00:39:19,125
anthony_j_algmin: or you, you want to balance empowerment and accountability. Any time you

558
00:39:19,291 –> 00:39:23,041
anthony_j_algmin: hand off responsibility, right you want. You want somebody to have certain

559
00:39:23,291 –> 00:39:26,333
anthony_j_algmin: things that they arere accountable for, but you have to give them an

560
00:39:26,541 –> 00:39:32,000
anthony_j_algmin: opportunity to deliver what they’re accountable for. C. Sos are my number

561
00:39:32,333 –> 00:39:37,375
anthony_j_algmin: one example of people who are not given the empowerment to do their jobs,

562
00:39:37,541 –> 00:39:40,541
anthony_j_algmin: but are given the full accountability of all the things that they’re not

563
00:39:40,625 –> 00:39:43,916
anthony_j_algmin: empowered to do. And it’s and it’s a terrible. And this is why it’s so

564
00:39:43,916 –> 00:39:47,916
anthony_j_algmin: stressful. is that they can’t do what they know is necessary and I’m

565
00:39:48,166 –> 00:39:52,250
anthony_j_algmin: hopeful that you know with offerings like what you’re doing with Cbar,

566
00:39:52,541 –> 00:39:56,625
anthony_j_algmin: like Cos, might have a shot now that you might be able to help them,

567
00:39:57,125 –> 00:40:00,333
anthony_j_algmin: because they still don’t have. Just because you have a co doesn’t mean you

568
00:40:00,416 –> 00:40:05,583
anthony_j_algmin: have an organization full of people who can self secure all of the things

569
00:40:05,833 –> 00:40:10,416
anthony_j_algmin: in your organization. Um, it’s it’s a. It’s a tough. It’s a tough thing to

570
00:40:10,500 –> 00:40:12,500
anthony_j_algmin: do when you try to roll it. roll it yourself.

571
00:40:13,750 –> 00:40:19,666
corey_white: Yeah, we have C shows that Um have come to us and have Ba, ten, twelve

572
00:40:19,958 –> 00:40:24,916
corey_white: solutions from us. Becauses to deal ath, me, check it out. if they will go out.

573
00:40:25,166 –> 00:40:28,791
corey_white: And if they want to do that themselves, they would have to hire four the five

574
00:40:29,750 –> 00:40:32,750
corey_white: and that that alone will cost more than choosing our solutions

575
00:40:32,750 –> 00:40:37,125
corey_white: right. And so that that’s just not the most efficient way to do it. The is. if

576
00:40:39,250 –> 00:40:43,000
corey_white: I want to get a new, you know Cybrus security solution, I have to do the proof

577
00:40:43,250 –> 00:40:47,250
corey_white: of concept. There are over four thousand Cybrus security companies out there,

578
00:40:47,416 –> 00:40:50,708
corey_white: so you got to test all these products and figure out which one’s work, which

579
00:40:50,875 –> 00:40:54,916
corey_white: ones don’t work. And luckily, myself and my team. we know what works and

580
00:40:55,166 –> 00:40:59,166
corey_white: there’s a lot of them that again, Just getting something to send you a log and

581
00:40:59,250 –> 00:41:03,250
corey_white: alert That does not actually get you out. Come a being secure, but there’s so

582
00:41:03,250 –> 00:41:06,791
corey_white: many products out there, they’ll just tell you what’s wrong. Let’s just like me

583
00:41:07,083 –> 00:41:11,500
corey_white: like, hey, I, I don’t have the a vaccine that’s going to fix it. I just asked

584
00:41:11,750 –> 00:41:14,458
corey_white: something’. Going to tell me it’s wrong like I don’t. I don’t wa to know that

585
00:41:14,458 –> 00:41:18,375
corey_white: it’s something bad. I just want to block it and stop it from happening. So with

586
00:41:18,625 –> 00:41:23,583
corey_white: us again, the deconstruction of the you know traditional Cyrus security model,

587
00:41:23,916 –> 00:41:27,583
corey_white: But you’re not buying individual products. You know, we’re not reselling that

588
00:41:27,666 –> 00:41:32,208
corey_white: we don’t sell products by itself. we don’t sell services by the itself. We sold

589
00:41:32,541 –> 00:41:36,916
corey_white: solutions, and those solutions are tied to an outcome that could be measured in

590
00:41:37,083 –> 00:41:41,750
corey_white: ninety days or less, and you don’t have to hire outside people. You literally

591
00:41:41,916 –> 00:41:46,208
corey_white: can console us any time. And it was. it was one of the scariest things I had to

592
00:41:46,291 –> 00:41:49,833
corey_white: do, Anthony. I was looking at all these subscription models. They help counsel

593
00:41:49,958 –> 00:41:53,666
corey_white: any time like I can pull my for a Accountsel, Netflix right now, But to our

594
00:41:53,916 –> 00:41:59,250
corey_white: point is that customer first, they are providing value to customers and you’re

595
00:41:59,333 –> 00:42:03,416
corey_white: not goingnna countil. As long as you, you get that value. Same thing here we.

596
00:42:03,750 –> 00:42:08,916
corey_white: we launched Um, our platform back in December of last year, And and we’ve been

597
00:42:09,000 –> 00:42:13,916
corey_white: growing like crazy over fifty customers, Uh during that time period And guess

598
00:42:14,125 –> 00:42:16,291
corey_white: what, not one cancellation. They

599
00:42:16,541 –> 00:42:20,875
corey_white: have the option. It’s then the contract they can cocel, but we know there’s

600
00:42:20,916 –> 00:42:25,333
corey_white: nowhere out there They can get more value faster than us. period.

601
00:42:27,375 –> 00:42:30,708
anthony_j_algmin: I think it’s It’s an incredible value proposition that that you are

602
00:42:30,875 –> 00:42:34,541
anthony_j_algmin: offering here, And and I think about this in a number of contexts as a

603
00:42:34,625 –> 00:42:37,666
anthony_j_algmin: recommended to senior leaders. And and when you’re thinking about strategy

604
00:42:37,916 –> 00:42:41,125
anthony_j_algmin: from ach gy perspective, or even from a business perspective, you have to

605
00:42:41,125 –> 00:42:43,750
anthony_j_algmin: think about every organization has to figure out what is it that our

606
00:42:43,750 –> 00:42:46,500
anthony_j_algmin: business really does. What is it that gives our business a competitive

607
00:42:46,541 –> 00:42:50,875
anthony_j_algmin: advantage or differentiates us in our particular industry? Now, I would

608
00:42:51,041 –> 00:42:55,458
anthony_j_algmin: imagine most of the folks listening out there. Cybers security is not a

609
00:42:55,583 –> 00:43:00,000
anthony_j_algmin: thing that is core to your business, Unless you’re like. Maybe you’re the

610
00:43:00,000 –> 00:43:03,208
anthony_j_algmin: Department of Defense. If you’re the Department of Defense, I can

611
00:43:03,541 –> 00:43:07,041
anthony_j_algmin: understand why you would want to do your own cybersec. That makes logical

612
00:43:07,208 –> 00:43:12,958
anthony_j_algmin: sense to me. But if you are a bank, or you are a consulting firm, or you

613
00:43:13,041 –> 00:43:18,083
anthony_j_algmin: are a a academic institution, trying to become also an expert in

614
00:43:18,166 –> 00:43:22,958
anthony_j_algmin: cybersecurity is something that’s probably not core to your fundamental

615
00:43:23,125 –> 00:43:26,083
anthony_j_algmin: business model, So it’s something there. you know. Sabotar is an option.

616
00:43:26,250 –> 00:43:29,208
anthony_j_algmin: I’m sure there’s other options out there. This isn’t purely just to sell

617
00:43:29,375 –> 00:43:31,916
anthony_j_algmin: your particular work, but it’s something to think about for anybody who’s

618
00:43:32,000 –> 00:43:36,958
anthony_j_algmin: out there thinking about where do I want to build Versus by, this is a big

619
00:43:37,291 –> 00:43:41,125
anthony_j_algmin: question across a bunch of different areas in your organization That

620
00:43:41,583 –> 00:43:45,750
anthony_j_algmin: traditionally organizations tend to try to build too much

621
00:43:46,875 –> 00:43:51,916
anthony_j_algmin: and do so less effectively less efficiently than buying from people who

622
00:43:52,083 –> 00:43:55,916
anthony_j_algmin: really know their stuff. And one, ▁qu, I’d be remiss if I didn’t ask you

623
00:43:55,916 –> 00:43:59,541
anthony_j_algmin: one more question before we run out of time. And that is some of the folks

624
00:43:59,583 –> 00:44:02,500
anthony_j_algmin: that are listening or are watching this episode. You know, they’re not

625
00:44:02,541 –> 00:44:04,958
anthony_j_algmin: going to be in a position where they get to make this decision for their

626
00:44:05,041 –> 00:44:09,125
anthony_j_algmin: organizations. But as individuals, all of whom are using technology in

627
00:44:09,125 –> 00:44:13,833
anthony_j_algmin: some capacity or another, We’re all at risk. Is individuals as well do you

628
00:44:14,083 –> 00:44:17,375
anthony_j_algmin: have? from your vantage point in yourre your’re depth in the space. Do you

629
00:44:17,458 –> 00:44:21,208
anthony_j_algmin: have any advice for the individuals out there of things we should be doing

630
00:44:21,458 –> 00:44:25,833
anthony_j_algmin: that we may not be doing to protect our individual cyber security? Are

631
00:44:26,000 –> 00:44:30,500
anthony_j_algmin: there any good practices that may not be Um obvious to to folks that are

632
00:44:30,541 –> 00:44:32,083
anthony_j_algmin: that are watching or listening today?

633
00:44:33,166 –> 00:44:36,708
corey_white: yeah, yeah, there absolutely are. Um, a few things that might toch on just

634
00:44:36,875 –> 00:44:43,083
corey_white: inclosing. Here is the number one thing that we’re bringing to the table is

635
00:44:44,125 –> 00:44:47,583
corey_white: we’ve decided we’re going to lead. you make, take care of the customers first,

636
00:44:48,208 –> 00:44:53,333
corey_white: and we call that just simply leading with love. right, Let let decisions be

637
00:44:53,583 –> 00:44:58,208
corey_white: decided based upon love. Like literally, our C. Our employees come first, then

638
00:44:58,375 –> 00:45:03,166
corey_white: our customers, and we take care of them. I. I don’t want the C solls that have

639
00:45:03,250 –> 00:45:07,666
corey_white: been my friends for years across three companies, and allterly. this is a

640
00:45:07,666 –> 00:45:11,833
corey_white: pivotal moment in in Svator history of talking to, They say so friend of mine.

641
00:45:11,958 –> 00:45:16,916
corey_white: He’s a customer now and and she’s like Cor, You know you could come and do. I

642
00:45:17,083 –> 00:45:21,333
corey_white: yearly fantas say I hadn’t fixed the stuff from last year, but you go little

643
00:45:22,291 –> 00:45:27,958
corey_white: and and and as me, I’m like. Why would I do that again like I? Twenty three

644
00:45:28,125 –> 00:45:32,041
corey_white: years of assessment and penetration testing. And what am my good trusted

645
00:45:32,291 –> 00:45:36,375
corey_white: friends? has not actually fixed. You know it from last year. someone of come

646
00:45:36,541 –> 00:45:39,083
corey_white: do the same thing What you know. The same thing over and over again, definitite

647
00:45:39,166 –> 00:45:42,291
corey_white: of insanity. I try not to be insane most of the time.

648
00:45:43,666 –> 00:45:49,750
corey_white: and so. Back to what a a a regular consumer can do. So it’s really simple

649
00:45:50,291 –> 00:45:55,416
corey_white: multifctor authentication. So you lock it into your bank, Please enable

650
00:45:55,750 –> 00:46:00,541
corey_white: multifor syndication. Well’, get into your email, multifory syndication.

651
00:46:00,916 –> 00:46:05,666
corey_white: Everything that you do, they haven’t built in use multifacctor syndication.

652
00:46:06,125 –> 00:46:10,041
corey_white: Because just let me just just marinate on this. I’m must saying, I’m just

653
00:46:10,125 –> 00:46:11,833
corey_white: goingnna pause for like five seconds.

654
00:46:13,333 –> 00:46:19,250
corey_white: Hackers already have your password. Your password is already hacked.

655
00:46:21,250 –> 00:46:26,458
corey_white: My passwords are already haed. Imagine this. Imagine doing a very large

656
00:46:26,791 –> 00:46:30,875
corey_white: incident and a company that many of us use And this has happened to me multiple

657
00:46:31,000 –> 00:46:35,000
corey_white: times. I never even name one of them. Happen multiple times and you see where

658
00:46:35,083 –> 00:46:39,250
corey_white: they’ve gotten hacked and they all don’t always go public. And you see the

659
00:46:39,333 –> 00:46:43,000
corey_white: passwords and Newsland’s passwords. Confidential information has been

660
00:46:43,166 –> 00:46:48,875
corey_white: exploitated. and then you knowre like damn, okay, They have my password, and so

661
00:46:49,083 –> 00:46:52,375
corey_white: those back in the day when you have like one password, you try to use versions

662
00:46:52,458 –> 00:46:57,000
corey_white: of it and all that stuff. Now I just use a random password or some some uh

663
00:46:57,166 –> 00:46:59,916
corey_white: websites that I really really don’t care about and I just make up a really

664
00:46:59,916 –> 00:47:03,750
corey_white: complicated password long in while all get again. At whatever time I forgot

665
00:47:03,916 –> 00:47:08,208
corey_white: password. If they don’t have multifored indication, Because again, there’s too

666
00:47:08,291 –> 00:47:11,916
corey_white: much us to remember and people that try to use passwords over and again or

667
00:47:11,916 –> 00:47:16,875
corey_white: reuse them. those passwords end up being reused and locked in multiple places.

668
00:47:17,000 –> 00:47:20,791
corey_white: And if the hackers have your password, then you’re going to get compromise. The

669
00:47:20,875 –> 00:47:23,916
corey_white: other thing is that is really important, super easy. When you get the little

670
00:47:24,041 –> 00:47:28,541
corey_white: pop up said Hey, you need to install a patch or a upgrade or whatever. Please

671
00:47:28,875 –> 00:47:33,583
corey_white: do it because in many cases there there’s cyber security vulnabilities and and

672
00:47:33,666 –> 00:47:37,958
corey_white: fixes that are built into those. And if you don’t do it again every three

673
00:47:38,125 –> 00:47:41,750
corey_white: seconds, somebody scan you on the internet and you become vulnerable. And if

674
00:47:41,833 –> 00:47:46,291
corey_white: you’re interesting enough then they may just pop you, and you won’t even know

675
00:47:46,375 –> 00:47:49,333
corey_white: what’s happening on the back end. So I mean those are the simple things. I

676
00:47:49,333 –> 00:47:52,708
corey_white: mean, there are a few few other simple things. Um that I would do. but I mean

677
00:47:52,791 –> 00:47:55,416
corey_white: those are the primary things you really got to do as a conser.

678
00:47:56,416 –> 00:48:00,166
anthony_j_algmin: this has been awesome. Thank you so much for sharing your wisdom with us

679
00:48:00,333 –> 00:48:04,250
anthony_j_algmin: telling us about cyber security service. I feel like I’ve learned so much

680
00:48:04,500 –> 00:48:08,333
anthony_j_algmin: through the short conversation with you, and even though I may not be in a

681
00:48:08,333 –> 00:48:12,000
anthony_j_algmin: position myself to go by cybers security as a service, knowing that it

682
00:48:12,083 –> 00:48:15,208
anthony_j_algmin: exists and I thinking a little bit different. This is what Data leadership

683
00:48:15,375 –> 00:48:18,250
anthony_j_algmin: lessons are all about, so greatry. thank you for spending this time in and

684
00:48:18,333 –> 00:48:19,458
anthony_j_algmin: sharing this with us today,

685
00:48:19,833 –> 00:48:21,583
corey_white: Thank you for having a me’s been an honor. Thank you,

686
00:48:21,583 –> 00:48:22,125
corey_white: Thank you for having a me’s been an honor. Thank you,

687
00:48:23,208 –> 00:48:26,250
anthony_j_algmin: And then thank you all for joining us today. You’ll find more information

688
00:48:26,541 –> 00:48:27,458
anthony_j_algmin: and links in the show Notes. Dive deeper with my book at Data V at Data

689
00:48:27,458 –> 00:48:30,041
anthony_j_algmin: and links in the show Notes. Dive deeper with my book at Data V at Data

690
00:48:30,208 –> 00:48:33,958
anthony_j_algmin: Leadership Book Dot Com and use Promocode Algmman D, ▁l at the Di

691
00:48:34,041 –> 00:48:37,458
anthony_j_algmin: Diversity Online training center for twenty percent Off your first, Just

692
00:48:38,125 –> 00:48:41,458
anthony_j_algmin: remember to follow Data leadership lessons on Youtube or wherever you get

693
00:48:41,625 –> 00:48:45,083
anthony_j_algmin: your podcasts. and if you enjoy the show, please write and review and help

694
00:48:45,208 –> 00:48:49,083
anthony_j_algmin: others find us Stay safe during these unusual times and go make an impact

Scroll to top