August 24th, 2020
In this video, Wes Spencer, Kyle Hansloven, Gary Pica, and special guest Shahzad Mirza from Global Cyber Alliance discuss building sales pipeline through cybersecurity and the initiatives at the Global Cyber Alliance. The conversation delves into the importance of simplifying cybersecurity frameworks for small businesses and eliminating fear-based messaging. The video emphasizes the significance of understanding clients' industries and communicating cybersecurity in relatable terms, while also providing actionable steps for MSPs to enhance their cybersecurity services.<ul><li>The importance of understanding and aligning cybersecurity measures with the specific needs of different industries, such as healthcare and retail, to make the message relatable and actionable.</li><li>The role of nonprofits like Global Cyber Alliance in providing valuable resources and education to small businesses to help them navigate cybersecurity concerns effectively.</li><li>The significance of community and collaboration among MSPs, MSSPs, and cybersecurity professionals to share knowledge, tools, and strategies for better cybersecurity practices.</li></ul>
Guests
Video Transcript
Well, now we're live and recording. I just found out everybody that you can't see the countdown of 5, 4, 3, 2, 1. Only I can see that. Welcome everybody to week 16, joined as always with Wes, Spencer, Kyle, Hans Lovin, Gary Pika, and our special guest today, Shahad Meza from Global Cyber Alliance. Shazad, thanks for joining us. Thanks for having me. Yeah, of course.
Well, today's, uh, topic is gonna be around building sales pipeline through cybersecurity and some of the great stuff you guys are doing at the Global Cyber Alliance. We're gonna kind of roll back around to that, but we've got some great questions and conversation queued up with you, Shaad. Um, just a few quick announcements I'd like to make. Number one, um, other than the fact that we, uh, Kyle was saying, uh, we broke the Crowdcast limit, Kyle, is that what you're clear? Clearly we did.
'cause uh, it's not working now that we hit 2000. You know, a lot of, uh, internal data that we, we typically get. Sounds like it's not populated. Yeah, I can't see who's live. I can't, can't. But it looks like there's a bunch of people that are live, thank goodness. Alright, um, two WIC announcements. Actually, maybe three. Number one, if you're A-C-I-S-S-P, or, uh, at least that works for CISSPs, um, you can get CPE credits now for the cyber call. I posted it up today in the, um, in LinkedIn.
Um, I'm assuming if you submitted for, you know, maybe you have some other type of four letter acronym or something like that after your name and security, very good chance you might get CPEs there as well, especially if you tell 'em they're, that you're getting them at, uh, for, for from ISC squared. Second thing, uh, we talked about this last week. In one week. We already have 400 people in the cyber nation. Uh, I put that in the call to action here.
It's really, uh, really neat to see all the collaboration back and forth, the articles being posted. Um, so, uh, please, uh, join us there. Um, there is, the last thing I'll say is we also, oh no, one other thing. EEC Council content. The, um, the creators of Certified Ethical Hacker have given us a library of free content. It's in a post. Um, you can take a look at that content and then if you wanna, you know, move on into their other types of content, it's at ridiculously low price.
The other thing, September 22nd, we're doing our partis. Is that, is that the right part due? Part due? I prefer part due, part due with Gary and friends. So we're gonna have, I'm just gonna, I'll, I'll post this up there for everybody, but I'll post the URL, um, for building your incident response plan. So we're gonna have Wes, Chris, um, and Mike Beard, the CISO of Marco, and actually putting together the steps and the critical components of, uh, the incident response.
So I have that URL handy. I'll get it and throw it into the chat momentarily so you guys can start to register. These long format things like this are when you can really dive deep more than just a webinar. Yeah, really, Really, we got such good feedback on the first one. Well, yeah, absolutely. Gary, we had, I I wanna say we had Over 600. Yeah. 700. Yeah. So let me just put that in the chat real quick.
While I'm doing that, Shazad, if you wouldn't mind giving us a little bit about your background for the audience and, uh, you know, um, and what you're doing these days. That would be awesome. And then I'm gonna turn it right over to Wes. Uh, alright. URL is in the chat for building your incident response plan right there. Alright, go ahead Shaad. Sure. So, you know, Shazad Zam the director of Global Cyber Global Director of Operations at Global Cyber Alliance. Lot to say.
Um, but I mean, just to give quick background, I mean, I'm actually a bio major, um, who decided, you know, bio wasn't for me, and I went into the tech realm. Um, so, you know, went into doing training for like four years, then joined Symantec, uh, mainly just to show that I actually knew what I was teaching rather than just, you know, being a, like a, a trainer. Um, so I was with Symantec for four years, then made my way to, uh, the Center for Internet Security working with the MSI sac.
So I was partly responsible for the security operations center that was there. Um, so you, those not familiar with multi-state isac, um, they basically provided 24 by seven cybersecurity sport for all state local territories and tribal nations in the us. Um, I can't remember. I, I can't believe I still remember that. Um, so, but you know, after some time, you know, I, you know, think, you know, situations changed.
So I ended up, uh, moving to New Jersey, um, and working for Ernst and Young for two, uh, seven months. Uh, you, You just felt like you wanted to pay more taxes? Yeah, pretty much. I found out after the fact. I'm like, oh my God. Uh, but, um, yeah, I was with them and then, you know, after seven month, uh, global Cyber Alliance came around and said, we're about 5-year-old organization, um, we're pretty much coming, actually, we're starting or ended our fifth year.
Um, and you know, it's basically an organ a, a not-for-profit organization of about 30, 35 people. And really our goal here is, is to just take a look and see, you know, what's out there in terms of cyber risks. So we want to do things like unite global communities, you know, to basically across the globe, right? And to take a look at what are the cyber risks and what can we do to effectively address those cyber risks.
But then the thing that we also want to do alongside with that is to measure that, right? What it are these mechanisms that we're looking to focus on actually effective tools, or are they just complete waste of time? Right? You know, ideally we would like this to be effective, right? Um, but, you know, some of the things that we've been working on, we've found like, oh, after a few months that this is not worthwhile and doesn't make sense.
And we let people know that these are just things or maybe, you know, that it's just something not, not to, to focus on, right? Because the goal is to have concrete solutions. Something like, here it is this, we've tested it, we tried it out, we've measured it, these are the stats behind it, and this is something yet you need to do, don't forget about it.
So we're not gonna be like another organization that's gonna say, you know, we have to implement a firewall, or here's some more advisories and vulnerabilities and things like that. There's plenty of people out there that too, that kind of stuff. Uh, we don't want to be just yet another voice that's lost in that mix. We wanna make sure we stand out and let people know about those things that they might be missing. Got it. Got it.
And you know, I would say that, and I, and I'm gonna start to transition here to West with some questions for your shazad, but one of the things that you guys do, I think really well is focus on SMB. We're gonna at some point here talking about the fact that you guys have had over a hundred thousand go through the bootcamp. You've been responsible for most of those bootcamps. And so, um, you know, that's that.
I don't want that to get lost here because that's the core focus of the folks on this call, the MSPs and MSPs, uh, focusing on that SM b space. Um, so Wes with that, yeah, I'm gonna turn it over to you, but kind of tee up here. You know, we talk a lot on the cyber call about common language. We talk a lot about, you know, the FUD approach and what the results are, that in fact, you and Gary and David did a great, uh, presentation, uh, in the cyber trifecta on that.
So, you know, people, um, I think, uh, with cybersecurity, and Phil was on your CEO talking about feeling competent right? To, to do something versus here's a stack of papers after our assessment. And you know, now you, you know, here's all the things wrong. So, you know, with that, Wes, you know, you've spent, um, a few years doing this, as we all know. Um, let me, let me get your thoughts on that and kind of hand it over to you. So I'll just jump right in.
So Andrew, you know, one of the things we, like you said, we talk about a lot and shaza, I'm so glad you're here with us today. I want to tee us off in this, this comment about how we sell and message cybersecurity and the FUD that surrounds it. You know, like I, I don't know how many people would agree with this in the chat, but I'm watching in the chat, I want to get a I agree or I disagree, and it is okay to disagree. Uh, you know how much of US security FUD is in our DNA, right?
Whether you're a vendor like me, you're a practitioner, you guys see the same thing, like just by default. The normal kneejerk is, is using fud, you know, fear, uncertainty and doubt. Do you agree or disagree? I wanna see that in the chat as we jump in. And shaad, the reason that we're so glad you're here is because of what you guys are doing.
Phil and team, and you and the whole global cyber alliance is really important to all of us because MSPs are a little bit more unique than any other industry in that they're not just practicing cybersecurity themselves, they're also having to message it to all of their clients. And that's a unique responsibility and a challenge that I think we see.
And yeah, the fuds are rolling in a new Crowdcast would take a minute for it to, to jump in, but there it all is, you know, you know, here's the trick question, right? That's right. That's right. So I have a thought exercise for everybody here, and you don't have to do this now, but you can gimme some honest feedback. Go back and look at your LinkedIn post history.
Go look at the news sources you read and just do a FUD check on yourself and say, what's my level of FUD producing and, and FUD sharing and all that. And it's okay, right? I mean, there's times when we do all of that. I don't know how many of you guys follow Matt, um, hopper is how I say it in LinkedIn, but every day he has like a really funny post about security and, and one of these things we need to bring Matt on, 'cause I see him right now in the chat.
So today's was about a six headed shark in this, in the, the, the sci-fi channel. And it was hilarious. Matt, if you're in, would you post your link to LinkedIn? Because I just love the freshness out of that, right? And I'm gonna post an article. So this is something that David Spark says who runs the, the ciso, um, vendor security relations podcast. And you know, one of the things they talk about a lot in that group is this challenge of selling fud, right?
And, and what David says here, I think is really good. You can just read this later, but, you know, Shazad, my question for you is I think sometimes we become cyber ambulance chasers and we're no better than like the dial pound law on the phone that you hear and see all the time. You know, dial pound security, Morgan and Morgan. Yes. And my question is, I know you guys are attuned to that as well.
My opener for you, Shazad, is what do you guys think about all of that and how are you guys addressing that to distill it in a simple way? Yeah, I, I, yeah, I completely agree that there's a lot of fud out there that, you know, I mean, and some of that fud, I mean, to be honest with you, some of the, even the technical people don't always understand all this fight, and there's all this jargon that's out there sometimes.
It's just that, you know, and especially I can only imagine how the small businesses have to deal with this. I mean, like you said, I mean, you guys know the best being MSPs, you deal with them directly. You know, the small businesses I've talked to, it's like as soon as you start saying like this four letter acronym or a four letter acronym, eyes are glazed over, they stop listening. They're like, whatever, just do it. You know? But they don't know what you're doing right? At that point.
So this is what something that here, and this is why like, you know, I enjoy being part of Global Cyber Alliance, is that we're trying to eliminate that fud, you know, I mean, it's not an easy thing necessarily to do, but we want to get rid of most of that jargon and that technical terminology and make it somewhat easier to understand what's, what's out there and what's going on, right? You know, 'cause you have your NIST guidelines, right? nist, cf, CSF. Okay, what does that mean?
You know, what, you know, CIS controls, uh, I mean, I'm taking the ones that, you know, that we've been using a lot, um, like the Australian mitigation strategy. And even if you do, once you tell them that and they go Google it, you know, they'll see the first link and they'll be like, okay, I still don't understand what this means, you know, but it's, it's either they, they'll, you know, okay, okay, CS, you know, this is what it's translates to.
But then you look at, okay, 1, 2, 3, 4, you know, probably by two or three they're probably, okay, I am done with this. I don't understand it. I don't get it. I don't know what they're looking. It's just more and more technical jargon that's going on out there. And especially for small businesses to try to understand those things just makes it even more difficult, you know? So what we like, so at Global Cyber Alliance, that's what we wanted to do.
We wanted to say, okay, well great, there's all these guidelines and standards that are out there. Majority of people that are actually like small business especially, just don't get it. They don't understand it's not their fault. You know, you know, it's, these are like technical people and high level people that are trying to say that this is what small businesses need to do. Um, and not always asking the small businesses what they need to do or within that full understanding.
So, you know, that's why we created that our, our, like our cybersecurity toolkit, uh, for small businesses. We wanted to say, okay, let's take the top five or top seven of these different standards, put 'em into easy to understand toolboxes, right? You know, update your defense.
It's a little bit easier to understand rather than saying like, you know, make sure you go do X, Y, Z, you know, make sure you're point of following these security policies and here's another 10 standards and guidelines that you have to need read and follow just to do update your defense. We decided, okay, well let's do update your defense. And that means, okay, you need to patch your system. This is what's patched. This is how it's built into your system.
User free tool if you can, if you don't necessarily have to buy something, you know, but at least now they have the awareness, okay, these are the kinds of things to look for, you know, and if those things don't necessarily meet their needs, at least they have that starting point, right? And that's the goal. Get started. We get that understanding and then move to something that where, okay, maybe you do have to purchase it.
You have to move to something that your organization's at a point or at a size where you need to have greater level of control, right? And this is where groups like you, like MSPs come into play, right? They can come to you to do those and say, okay, well, I, I mean, that's great. I had one laptop to do my antivirus and I installed my antivirus, but now I have 20, how do I manage 20 machines without having to go into every single machine and doing this? Right? You know?
So they're gonna need those. That, that, that's the level of guidance. Now. They're gonna need that help, and they're need to get to that point. Um, you know, and that's what we want to try to do, get that awareness out there, get the, and try to get that education out there as well. And, you know, and this is where, you know, I want, I'm glad that I'm part, you know, meeting with this group because you guys, your feedback from you guys is gonna be like, valuable, right?
This is like, you know, 'cause you deal with a small businesses, you know better, you know, we're a small group and we only know so much in terms of who to deal with. Um, so I'm glad that I met this group and I'm glad I'm being getting the chance to talk to you all about this. Yeah. So you've had, uh, over a hundred thousand SMBs have used the, your first version of that toolkit, right?
So basically what you're saying is this is how they're educating themselves of taking something that's complex and your ways of educating those SMBs. Yeah. Yeah. 'cause what we did was we like, um, you know, we, we actually did some in person one as well, and that's where we got a lot of the feedback. We would sit there, we'll go through each of the toolboxes, explain to 'em what it meant, why it's there, why it's important.
But in, you know, in layman terms, like easy to understand, not to point, you know, to, well, NIST guideline 3.1, 0.2 0.3, this is what you're doing here now. Here, now we just say, okay, we need to install an antivirus. This is why an anti antivirus is important, and this is how it's protecting you. Right? Yeah. I was talking to an MSP, uh, last week, and they, you know, they really are big on thud, but they're, they're having some struggles both with their customers and with new customers.
And, you know, I said, well, show me some of the stuff. He's got like two or three different scans that he does and this whole big thing. And I'm like, listen, if you're in a meeting with someone with this right off the bat, you're talking to the wrong person, by definition. Like, you Literally failing at communicating what Wes mentioned Earlier. Like Yeah. 'cause you're not talking to techies, right?
You're talking just like, probably like C level people, people who are like, you know, they could be, uh, I don't know, the, the dim gym teacher outta school, right? Or it could, or it could be the guy who knows Excel and the law firm and say, Hey, you're the computer guy now. Well, Gary, you talk to, to your point Gary, like you, how you mentioned you were the first VCIO in your business. You used to come in with a stack of stuff and start talking to owners and, You know. Yeah, absolutely.
Listen, and, and if you think about it, um, I, what I asked this MSP is, so tell me, gimme one example. Look, tell me one customer you talked to, and I said, well, tell me about their business. Tell me who you met with. You know, what are some of the issues they deal with? Like, tell me what do you know about them? And he knew I said, no, don't, I don't wanna know about their technology. I I wanna know about their business.
And that's kind of where that gap was to say, listen, you gotta, before you start running more tools and more analysis, that's good for you to know where they are. But if you don't understand their business, all they care about is how is all that impacting it? And then if there's a value gap there and a risk, how much will it cost me to close it? It's, it sounds so simplistic, but you have to start, you know, I, you know, Wes, you and I talk a lot about this.
You have to start there, then only go down to as much detail as you need to support that. Yeah. Very, Very, very good point. And I agree with that. I mean, it's in a way to say, you're kind of educating them right, too, in terms of what you're doing and why you're doing it, rather than just kind of saying, you know, I'm, we are gonna do these things for it, uh, for you. Don't worry about it. Just here's, you know, just make sure you, you know, put the money here. Um, yeah.
But we've seen that like, that, that's why we, like, on our end, we, that's why we do that education component of it. Yeah, We did boot camps, right? Yeah. We did boot camps and stuff like that. How About that? Like the effectiveness of a bootcamp? Yeah. Now you have online stuff and then you do these bootcamps. Like what do you see as the effectiveness of the bootcamps? We see, we see a big effect on that because then people become more appreciative of it.
They're like, okay, now we understand what we're doing and what we're asking for and what, you know, what's there, rather than, you know, just like, okay, we know these things need to get done, but we don't get the why aspect of it. Like, why am I doing this? Why is it, why do I have to do this? Right. You know? And it gives them that opportunity to ask questions back and forth, right? Because they know that at this point, we're not, we're just doing this to teach you.
We're not trying to give you something or sell you something at this point. We're just trying to tell you, this is what you need to know. But just give them enough to know, to know what to look for. You know, we're not gonna go deep diving in the woods and be like a SP course, right? Where we're just gonna go, okay, okay, this is a, you know, AV 1 0 1, now get ready for two, you know, 2 0 1, 3 0 1, 4 0 1, 5 0 1. No.
I mean, that's, if they really wanna get into that aspect of it, they have all those other opportunities, and that's their choice. But then they can have this opportunity be, you know, and also that gives us the engagement opportunity as well, right? They give us a chance to take a look at our, like a, like our toolkit, for example, and then come back to us and say, look, but I don't, you know, so somebody's, you know, so and so told me I need this, but I don't see anything on your toolkit.
Or it's like, how come this isn't on your toolkit and you have this on your toolkit? So they have someone to have that engagement and have that conversation with to, you know, to get that feedback and know that, you know, we're not gonna come back to you and say, no, look, you need to, you know, you need to buy this product over this product. Or probably the pro edition and, or, you know, probably the enterprise edition or things like that.
So they give like an essence, essence, like free advice. Um, and if you don't mind, I mean, one thing if I could kind of promote this out there too, that since we have a lot of MSPs here, um, so we have a community forum, uh, which all of you're welcome to join, it's free to use. Um, we have a lot of, we have people come in and ask these types of questions. And it would be great if these MSPs can come in and you can an help answer some of those questions, right?
It just, the only request we ask is don't sell anything. Just answer the question. Uh, and the forum, I'll, I'll put, I'll post it on, don't Worry, they're MSPs. That's one thing they don't do is sell I, I'll, I'll post it on the, on the, on the, uh, on the forum, but it's community.global cyber alliance.org. Uh, feel free to register.
You know, put it, you know, and feel free to participate in any of the things that you have in there to respond to people, answer the questions that people are posting. Ask a question, Gary. But, but just real quick, if I could interject with you and Shazad, um, you know, uh, again, I gotta spend five years of my life with you, Gary, learning a ton, building your lists, um, building your sales engine.
And, you know, I thought, hey, you know, Shaza gets sometimes 15, 1600 people into these boot camps now. Um, I mean, do you have any thoughts whether it has to do, you know, using, you know, centers of influence like LinkedIn or things like that nature where you could take, you know, the free toolkit that these guys are providing the Global Cyber Alliance is providing and become that industry thought leader or community thought leader. And so that, I always just love your take on that. Yeah.
Listen, any, our job right now is to be of value. We, we wanna be more valuable, not less valuable to our customers, but also prospects. Let's just talk about prospects for a second. So anytime we can give them more resources or any way, it's one thing if we tell them something, it's a different thing If they discover it, right? They believe half of what we tell them, but they believe a hundred percent, right? Of, of what they, they uncover, right?
And so in general, leading people, and you know, if you can get people, whether it's a bootcamp or, or, or, or use of this from a prospect standpoint, it's a great thing to follow up on. So, uh, yeah. And, and again, we wanna put security in, in the context. One of the things as MSPs, you know, that we do, so we wanna make sure we're keeping it in contact.
And it's a great, great way to uncover, to say, look, we found, you know, we we're talking about these things around security and it's a really big deal right now, but usually when I see gaps here, I already know there's gaps in other things we're gonna get to. In other words, we wanna show them some things. 'cause it's a great wedge in security, they understand. But at the same time, Andrew, we want them to know that that's the tip of the iceberg that most of lives.
So when it comes to productivity, when it comes to backup and disaster recovery, like, we can go on and on to say that this is a process problem, right? And a resource and process issue. And we're gonna uncover those other things. So we want to, that's what I call extrapolation. So we want to use little things that they can understand and then extrapolate it into something that's bigger so that they feel like that there's this value gap. Sure. Does that make sense? Yeah. Makes a ton of sense.
Makes a ton of sense. Kyle, I wanna turn it to you a little bit here. You've been patient. Yeah, I appreciate, I was just getting ready to jump on in, uh, Shaza. Huge thanks brother for joining us. Um, I took a handful of notes while you were chatting. One, I had no clue that you are all, were reaching stuff like a hundred thousand SMBs. That's pretty awesome.
Um, other stuff that I took note is you kind of hit nail on the head with no need to go all the way down into the little itty bitty details of stuff like nist when you could give it to 'em simple of like, implement X, Y, Z. Uh, so huge kudos on that. I'm curious, we, we've had a handful of folks, whether from CIS, global Cyber Alliance has been on here before. I'm just curious in like all the different controls that you outlined in your bootcamp, why did you choose the ones you do?
Did you start with something like your background at CIS and chose implementation group one, which are the small businesses? Or did you just learn this through enough time at Symantec? I'm curious how, how you chose that. So We, so what we wanted to do when we did this was we, we wanted to look at something global, right? Um, and so we did, yes.
So we started off with CIS because we had close relationships with CIS, um, you know, so myself and about three or four other folks on the, the team, um, we're all part of CIS. So we knew we had a good understanding behind that. But, you know, we also, when we looked at CI IS, we thought that was also one of the more easier ones to somewhat understand than some of the, the, those other ones that are out there. So that's why we chose that.
But then we said, okay, you know what, we can't just focus on cis. 'cause even though yes, CIS is somewhat globally accepted, not everyone in the EU or the UK knew about CIS, you know, so that's where we ended up going with like the NCSC um, uh, strategy. And we went with the Australian Mitigation strategy. Um, and we chose to us, 'cause it was more global and they had the, the top seven, yeah, the top five or seven of each one. Imagine A lot of overlap. Yeah.
There was a lot of overlap between that. So we figured since those top five overlap so much, let's just focus on those, right? And then, you know, CISS, you know, if you just follow the top five of our, our of our, of our controls, it was 85% of your cyber risk will be reduced, you know, and then Australia kind of said the same amount of thing, the UK said the same amount of things.
So we said, look, let's stick with those top five seven and let's go with those, but let's make 'em try to categorize 'em into even simpler if we can. So If the audience can't tell part of this conversation, we, we've taken your feedback. If everybody wants to know where to start, and you hear Shazad literally saying these top five overlapping things, obviously pulling into some of gcas both bootcamp. And I guess, you know, the broader thing is we kind of look at the, the guidance, right?
And I, when I think of guidance, I think of you've got the extremes of like your missed 850 threes that are, you know, crazy, you know, kind of on the opposite end of the spectrum of where you're at, to the point where you guys have kind of progressed the conversation into like, hey, let, let's start and baby chunk the, to bite this off of. Um, and is the goal to kind of get you in line with eventually a framework or what, what's the overall goal so our audience can take that Away?
No, we're not. We, we don't, we don't wanna start another framework or another standard or anything like that. We do. We, we, I mean, because that's us adding to the fund, right? Yeah. You know, and so there's enough of it already. We don't, we don't wanna add more to it. So we're just sticking with the ones that we have. I mean, we're just gonna keep, we may add a few more here and there based on what's going on in the world.
Um, you know, in terms of the side, the latest cyber risks, you know, like with covid, you know, happening, we may make some adjustments around those lines, but yeah, we're not looking to start another, necessarily another framework or yet another standard. Um, I mean, we'll just point to the standards if people really wanna learn those and see how they connect with ours or Oh, cool.
So for somebody that's like on that journey there, you know, say whether it's, you know, insert framework here, Yeah's kind of, it's kind of hidden on our site. We have a standard section. It actually has a mapping on there, on the site. There's a mapping that shows here's our toolbox and then here's, um, here's CIS, the UK and Australia. Um, our new version will have NIST CSF on there.
Um, even though there's not that many from the NIST side, No, it's, that's pretty For you guys, like the MSPs who want to know those kinds of things. We have that not being laid out Now. Uh, they've done the work for you is where I'm getting at the audience.
So, uh, it sounds like take advantage of some of this stuff We try, you know, and that's why we appreciate any feedback that you might have, because I know we're missing a few things that we're looking to slowly add to it, but we're getting, we're getting there. So, Shazad Oh, go ahead, Kyle. I, Wes I was gonna say, you and I have done more than one presentation about FUD and communication. I was, I was curious if, uh, I, I haven't gotta see any of the toolkits yet.
I usually get a chance to jump in, but I heard there's some, you know, some hotness or something on its way, so I haven't gotta, uh, take a peek. With that said, Wes, uh, I'm curious, are you, you equally concerned about some of this, uh, geek speak versus what's actionable or what, what do you think?
Yeah, You know, I was, before we get to that, I was thinking, uh, man, you guys had such an, an opportunity shazad to like, you know, have the one ring, you know, with one, with one framework to bind them, right? I'm a huge lo the rings nerd. Sorry, it slips out. I can't help it. Um, but, you know, okay, let's pivot just a little bit. It's surprising, and I wouldn't, can you believe it, one of those books or a lot of 'em have been written by Tolkien over there? Yes. I I, I hate to say it.
Uh, but, but I can't get around it. So one thing I do want to pivot to a little bit, Shazad is, so it's, I love what you guys are doing around sort of simplifying and distilling multiple frameworks together. And this gets into what you see in the chat over here, a little bit of like, where do I start and what do I begin on and how do I get that going? And obviously for regulated industries, it's a no brainer, right?
You, you just have to follow what they say, but you can add in others to support. And you'll even see as regulatory frameworks are now maturing, you're gonna see they do the same thing you guys are doing at GCA is sort of cross mapping over and say, Hey, if you tackle this item here in the cat that applies over here to, you know, the cybersecurity framework, this to this critical security, security control. These are the things we need in our industry that do make it easier.
But one of the questions I have for you is, how do we just turn this, how do we get, um, how do we unify the language when I'm sitting here as an, as a MSP and I'm talking to a business owner or maybe a doctor, right? And he's, he's sitting there helping patients, and I have the opportunity that QBR or whatever that session is where I'm talking to him, or maybe the assessment.
How do I use all of this in a simple way to get somebody like that to understand what we're talking about and why it matters when they themselves are not technical? What advice would you have for us Giza? Um, so one thing that we've seen and learned over the years is to try to see what you can do in terms of talking their own language, right? Um, you know, try to try to make the adjustments to whom you're talking to, so that way they can understand it in their speak. Um, right?
Because like, you know, with small businesses, there's so many different types of small businesses out there, so you need to make sure that they understand, like, say, Hey, look, as a doctor, you know, these are the things that you, you know, that are out there that you have to worry about. You know, you don't, may not go into, you may say things like hipaa, right?
You know, if you know about that, you know, but like other small business, like a retail shop, you may go in a different direction and talk to them and say, Hey, look, you guys deal more with marketing. You know, so there may be more concerns along the lines of how email is being sent and things like spoofing and phishing and of their, of their aspects of it.
Um, you know, and that's one of the things that we're, you know, in terms of the language that's being spoken to them, is to get them to know in their, what their, and what relates to that, you know, what's relevant to their industry in that, in that arena. Um, and that's something that we, that that, that I've seen. Like, you know, like for example, you know, men, you know, DAC was mentioned across here, so I'm assuming a lot of people have a decent understanding of what DA is.
But you know, if you go to somebody in a small business and say, DMAR, there's immediately, well, right. You know, they're, but if you explain to 'em like, Hey, look, you need to put in some level of authentication to prevent people from using your email address, that's a little bit easier to understand.
But then you change the wording a little bit to, so say like for a retail shop, you're gonna say like, look, you guys send out a lot of marketing email, you send a lot of emails with coupons and things like that. But imagine someone doing it in a fraudulent sense. You know, somebody who uses your email address and starts sending out coupons, you know, using your name and giving everyone saying, Hey, you buy one, you get 10 free.
Um, you know, then they're going to maybe say, okay, oh, you know, okay, I do need to do this. So what do I then that's where it can lead to those conversations. What do I need to do? What are some of the things we can, and that's where it get, you know, you're start getting technical a little bit at that point, but at least you get that conversation going, right? Yeah. So one of the things I'm hearing out of you is we do need to be somewhat of a student of our client, right?
We, we, we don't have to be a doctor in and of ourselves, but I need to understand their industry and how it relates to them, right? Or like, I love, you used a catalog example, right?
A print shop or something like being able to turn common cybersecurity examples of, you know, where the risk is, where the vulnerabilities are, which leads to those threats and weaknesses and where the exploitations can happen, but not in a way that we get super technical, but in a way that we're designing security controls to protect your organization so you can continue to do what you want to do. That's what you're saying, right? Yes, Exactly.
And that's a great example, that one there, because you can say, Hey, for this particular business and that example, they make their money based on marketing. They're marketing more than sales oriented. And you can say things like, Hey, so right bad guys know this. So what if the hacker could weaponize your main strength? Yeah. How would that impact your business? Right?
And so that's terms that they can understand again, but Wes, if you didn't ask those questions about your business, you wouldn't know to do that. But that's an awesome example. A ways for, you know, nothing to do with HIPAA or, you know, or, or DOD or any of the other, you know, regulated industries. And try and also try not to go in and scare them right off the bat either. Yeah. Right.
Don't go in and say like, you know, hey, you know, you know, 93% of the small businesses are being attacked by phishing and the other Yeah, no, you know, that's for the security kind like those, uh, you know, those talks and lectures, let them give those stats, you know, but, you know, with you as a selling point, you know, just say, you know, know your customer. It does help. You know, every week we talk about building a culture of security.
And part of building that culture is hey, when you can understand the resources, the organizations, the frameworks, that's a lens by which you view security. But on the other side, through a whole bunch of sources, hopefully the cyber call and cyber nation are some of them that you're educated about what's happening in the landscape. And when you understand both, you understand the landscape and you have a lens by which to view things.
Now all you need from the customer or the prospect is to ask a few questions about their business model. And you have those levers. And part of how you do it without having to, you know, do any fear mongering is just educating, Hey, let me tell you just in the past three or four months how things have changed in threat landscape. You told me some things about your business, you understand why this is risk. You have, you might not have had them. Yeah. Everyone's in the same boat as you.
Let me tell you how we've reacted to it and how we apply it. And so you can start to triangulate those things and all of a sudden you get to the same place as fud, but you do it in a way where your business partners Gary. I, I, I think that's a really good point. It made me think about, you know, you know, the best doctors are often the ones that have just immense amounts of knowledge and education and probably have done more surgeries, et cetera.
But you sit in front of 'em and they're not gonna sit there and tell you everything they know and how great they are and all their accolades. They just, as you said, they start asking you questions about how you're feeling and what, you know, have you tried this or that, or how long has it been going on? And then they start to share stories and start to educate, but they do it in a manner that makes you feel comfortable. Right?
And, and I, I think that's with any profession, like you're, you come back to culture, but it's really about things you've talked about for many years, which is command. Like when you have command over something, you don't have to come out and now, Hey, let me tell you how much I know and scare you. And I think that's maybe a Imma lack of maturity. Is that make, tell me if that makes sense to you.
Yeah, Li listen, uh, again, and I, again, getting to work with so many MSPs, the ones that have gotten these both have matured in both these levers. In other words, their, their MSP is secure. They understand the, the, the, the, the framework. They a lens to view it right on, on that one side. And they're involved in the community. They understand the threats. Yeah. They're, they're able to do just that.
Unlike a doctor who every other time tells me I should drink no coffee, more coffee, less coffee. I'm, listen, IM gonna drink coffee. Okay. I don't have that many great joys in life, man. Coffee. And the doctors can't decide. We know what's going on with cybersecurity. They can't even figure out what's going on with coffee. I'm stealing that Gary from here on out. Oh my gosh. Um, oh, Gary, could you, um, put you on the spot here a little bit, but could you kind of role play a little bit?
Maybe, you know, Wes, would you mind, you know, being Oh Yes, I will do it. The, uh, you know, one of the things I love, if you guys have never been to, um, schnoz Fest, which is Gary's event, I'm not sure how you're gonna do it this year. Yeah. Hopefully we'll have it again someday. Yeah. You can't in with a mask on Because There's his face. Uh, but one of the really cool things that everybody loved is watching you on stage.
You know, you went from, I think year one there was like, we had like a hundred or so of the people there to like, what, what was the last one? Like 500? Yeah. 500. And it's pretty cool to see you role play what a real sales conversation would look like. And I think, you know, it'd be beneficial for people to understand, you know, now that cyber's on everybody's mind again, how it's not just about that, but it's about the understanding of their business.
So We'll do a, we'll do a Reader's Digest version on this one. Yeah, of course. And maybe one week coming up when we don't have guests, we can do a longer version of it. We'll do some prep with examples. So, uh, so Hey Wes, man, uh, listen, I want to stop out 'cause I haven't seen you, you know, for, for a couple months at first. I know last time I was here you were mentioning, you know, you were going through some stresses with the business that Covid was actually impacting your industry.
How are things going? Yeah. You know, here at, uh, oh, here at Wes' Beard Emporium, uh, you know, we, we have been struggling with that, Gary. One of the things that, uh, we've had happen is like, oh, my guys and and gals are working from home now and, uh, you know, producing a product that we make and the supply chain logistics now from work from home, Gary, that's pretty difficult. Yeah, absolutely. Everything's been changing.
And you know what I, real quick, what I want to do today with you in the time we had is, um, you know, uh, we, we, we worked as hard as we could to get your people, you know, working from home. Yeah, I appreciate that. We noticed it. Yeah. But, but in doing that, we've had, we did it for all of our customers. We've had some time to go back now and kind of go back and review where you were against our security standards. Um, we've done that and have found some gaps.
But the other thing is the same way you've adapted your business model, um, hackers have also adapted their business model to, to be able to go after work from home. I won't give you all the technical details, but, um, really advanced in terms of the different types of attacks we're on top of it. So we've added a couple things to our tool stack. Um, we've made some change in our process. And so, um, we're gonna be upgrading all of our customers, you know, defenses to, to meet these challenges.
I'm guessing the last thing you would need right now, right, is to have a security issue. Yeah, I mean, for sure. As I stroke my beer, oh, you can't see it. Uh, yes. Uh, that certainly is a concern for us. But Gary, I mean our, we're squeezed right now, right? I mean, haven't you been doing these kind of things for a while? I mean, it seems like I, it, it just seems like we we've had this in place for a while now here. Yeah, absolutely.
And you know what, uh, if you would've taken us back, you know, a year ago, I would say I felt really good when we did your alignment on security, I felt really good about where you are. But with the changes we made in your, you know, topology along with the threats that the, that the, the security landscape changing, um, that gap is widened. And I understand that everybody's squeezed like every, all my customers in the same boat. Um, but, but those risks aren't, aren't going away.
And so, you know what it means for you right now, you're spending about $3,000 a month with us. This is gonna be another three, 400 bucks a month. Oh, okay. And I know at a time, right? Alright. When you're, when you have some, you know, other stuff going on. But I don't think that either of us can live with this risk right now. Yeah. Look, you guys have done a really good job for me. I trust you. I mean, I was expecting you, I I I thought you were gonna try to sell me at like 6,000, right?
Yeah. Uh, okay. No, that makes a lot more sense. Gary, look. Yeah. Put something in front of me. I want to take a look at it. Can we just have a conversation so I can understand it at a high level? I don't wanna get into the details of it, but I mean ultimately, uh, you guys are still gonna take care of everything for me, right? Just addressing some of the new things that are happening. Boom. That's it. And so I think that's far enough we got there, Andrew, with it. That's perfect.
You can kind of see how that's going. And one of the main points I wanna make on this is, this is not a Gary issue or my MSP issue. This, this is a reality that exists. Like we're just the messengers. But if I couldn't get we there, I would've gotten much stronger. Like I can't let him, it's my fault. If he can't see that he needs to make investments right now to protect his business. It's not his fault. It's my fault.
And I hear all the time saying, well my customers just don't wanna spend anymore and they don't wanna do this. It's like, no, don't blame your customers. It your job. Right? It's my job to say to you, Andrew, listen, you have this ailment with your knee and if you don't fix it now, you're gonna lose, you're gonna lose a leg. Right? Like, we have to deal with this, you know, uh, we have to deal with this now. I can't let you walk out of this doctor's office. Yeah. And it's great about that.
And Kyle, maybe I'll kind of point this at you a little bit, is um, 'cause I think you're doing a good job at really good job at this. You, you know, Gary, you're not afraid to make people uncomfortable. And again, we talk about the challenger sale, right? And like Kyle, I've seen you a lot of times on the floor of the trade shows where you push back the MSPs and you know, just sit there and take a a no. And, and, and so what, what are your thoughts on that? Lemme just jump on this with Kyle.
Yeah. My answer that Kyle, yeah. I gotta make people uncomfortable. I'm guessing you're deal with them when they're getting breached. They're pretty uncomfortable then It definitely helps you get a heck of a lot more frank when you see it through that end. I was trying my, my fastest to type out some of the stuff that you were doing on the psychology of your call.
I, I highlighted that how you were able to, you know, align yourself with Wes' Emporium, get him on that side, dismiss that customer. But what I dug is, you know, even though Wes was I think more polite than most of our customers, when it comes to a pay increase, I think at the end of the day, the fact that you just ripped the scab off, you talked about it right away, it then becomes like you can level set.
And so on my end, I have partners that are like, look, I'm looking to get your product, but you're gonna have to tell me how to get it for 55 cents. And usually I'm like, Hey, that's great. I'm gonna tell you there's a really cool vendor right at the road. And when you get compromised with that 55 cents, 'cause that's not real security, just like what you're gonna be promising your partners isn't real. I mean, that's hard, that's super hard to be dismissive to somebody.
But I'm also real and they respect it. Even if they might not agree, maybe they don't even have the budget. They will remember the next time they come around that they're quality. So I like that. I like that you're kind of the way that you guys pitched. The first thing I noticed, Gary, is you brought up with the, you know, know what you have or the, you know, know thyself. That's one of those hardest things that a lot of our partners start out with a conversation.
They forget that they have to educate their clients. They don't really know their own business, let alone cybersecurity. That's why it's a good fit. So I dug that piece and I probably, I mean, you know, Shaza on your, on your side of the house, you probably know more about your toolkit than I, there's no doubt you know about it. Um, do you guys cover any of that stuff or how was the toolkit like, felt out to be able to address that situation? Gary just did.
Um, so we don't go that much in, go into that side of the house. Um, because really we, again, this is something that we're just not the experts on. Yep. Um, you know, plus we never really actually focused too much on the resources side and that was a component that we were missing. Um, you know, so if there's guys and resources that, you know, can, you know, provide to us. 'cause we are now adding a resources section in the new version. Um, 'cause we realized I was severely lacking.
Um, but yeah, I mean in terms of like, you know, how to sell how to, those kinds of things. Yeah. We, we didn't really focus too much on those things. What About just the order that he went in of, uh, whether it's inventory or patch management, passwords. I mean all those kind of came into play, but Gary said, Hey look, we'll talk about the technical later. Let me show you the value. Oh, yeah. And that's, those are the things that we do on the toolkit. We actually put an order.
So we say, you know, step one, step two, step three, you know, and step one, know what you have. Exactly. Just like you guys said, you know, then second step, you know this, these are the ones that we recommended to go in the order. Do you have to go in those orders? No. But at least for the first one, know what you have before you could, if you don't know what you have, then you're not gonna be able to do the rest.
Um, but yeah, I mean we, that's what our new, I Would say when I looked at the tool kit, the way that it's laid out, it is a good organized thought process. That's almost what you can be explaining like in that conversation. It takes you through it in that way. Yeah.
And just in case others, others are going to it, you're probably seeing the, so I know the, the group here has access to the, the dev version of it, the development version, but the, if anyone else's listening, and you're probably not seeing those 1, 2, 3, so four steps, but we'll share that. I'll share that with you once we get Yeah. Will you, will you share the that and just share the, it's under NDA, this isn't out yet.
So you guys are getting first glance Shazad, while you put that in there, I am curious, just ballpark, you know, you present to, you know, a ton of people at a time and you're not selling anything that it's not for sale. And again, I want the MSPs to take advantage of this to be thought leaders. Just curious. When you're gut feel, how many people could you have sold? Just because you're there explaining to them, you know, what percentage that, does that make sense?
Like, yeah, No, that makes sense. You Feel comfortable, you're just, here's what we're doing, here's What we're Yeah. I mean, I, I would probably say like, you know, especially with the ones that we did in person. I would say all the attendees, I mean, close to like, you know, a hundred percent. Wow. You know, in person online it's probably a little bit less, maybe probably 50 to 80% I would say would probably, you know, you know, are buying into it.
Um, but that's still, I mean, this is still a pretty good number. I mean, 'cause these, it's this, it's like that light bulb comes on for them in a way. Yeah. And Look, and here's how I look and again, I hope everybody takes advantage of it. Looks at it, creates curates some lunch and learn for your community, uses your list, your centers of influence on LinkedIn. Get a bunch of people to this that, hey, you're here to help your community.
Because guess what, there's a lot of people out there that are gonna go, yeah, I know I could do it, but I'm not a DYI person. Gary, can I talk to you about this after there's gonna be a certain percentage, right? Yeah. And a lot of people that we get on these are those small businesses that they're, they're, yeah, the light bulb goes on, but they just don't have the time to do these things. They don't have, you know, the, the manpower to do it.
So they need a resource to help them do those things. And knowing that these, there's resources out there to do that, that's where it's gonna help them get to where they need to get to. Very good. Hey, in closing things up, Shazad, let's talk Honeypots and ips. And Wes, I'm gonna, maybe I'll let Shazad kind of have his ask of everybody out there, but maybe it could also segue what we've got coming up on the show in a few weeks.
It's not next week, but I'll tell everybody what next week we're looking at. But go ahead, Shazad, talk about a little bit what you're, you're ideally looking for help with from our Audi, from everybody out there and yeah, So if you don't mind, there's, there's two things. So one before that. Um, yeah. So first thing is like, so, um, so we, I mentioned Dmar C so we do have a Dmar C bootcamp coming up in September. Um, I saw one name Robert and I, sorry, the last name Robert Go.
Um, he attended and he is mentioned that it was good. So I mean, if you guys are the perfect group to do this, 'cause we go into the technical aspects of DMARC and doing the implementation, the small businesses don't understand. You do, and you guys have access to the domain. So it's a five week bootcamp, feel free to register. Um, I believe Andrew put it up on the Cyber nation. Um, or it can go to our website and we have links to registration. So please join that. How much does that cost Free?
Great. And then again, right, they can take this content Shazad and create their own and try to help con con continue the message. Yeah. Um, this Another thing you can add to your Arsen, Right? Right. And I don't care. I mean, you can take all the information that we have and do what you want with it. I mean it's, you know, that's for some credit. But, um, yeah.
You know, but if I can even get 20 of you MSPs on there, to me that's probably what, 2000, 20,000 domains that are now protected, you know, so that's benefits. You guys, you know, doesn't do too much for me. It just says, oh, hey, great. I got the world more protected at that point. Right. So, um, then the other, so that's one thing. The other ask is, um, the toolkit as well.
So, you know, if you have any suggestions, please feel free to do those, you know, gimme those, gimme any feedback or participate in the community forum. Um, but then yeah, we are also, we have another project called UM, aid. It has to do with the iot side of the house where we're basically building honeypots and putting up honey nets on different locations around the globe. Um, but one thing being a small, not-for-profit is, is that we need IPS to put these things.
So if MSPs can donate one or two ips to us, we'd be greatly appreciated. Um, you know, definitely help us out and just give us the, I let us know what the IP is. We'll, we will connect it to the honeypot and, uh, this way, what the idea is, is that we collect all the data from this and put it into one location where we have researchers actually taking a look at the data, looking at it. And we're that goal of ultimate goal is to be able to share out, okay, these are the new things.
These are where things that are actually impacting iot devices. You know, not things that, you know, again, you know, here's things that could potentially happen, theoretically can happen, and this is what you have to watch out for, but these are things that are happening. This is what we're seeing, this is where we're seeing it be prepared for it. Um, so that's where we're trying to get to and, and get, get some access to that.
So Will, Will you guys create and Wess, I'm gonna, I'm out of my league, so I'm gonna kind of turn this to you. Will you guys create threat intel from that at all? And Wess, is that the right question here from that information? Um, I, I'll take the first piece of it. I mean, it can be, Andrew, there's so many things you can do with honeypots. I mean, I've, I've been around honeypot since like 2005 or six at the university I was at. We had a couple running that we did some, some, some work on.
And sometimes it's just TTPs and understanding, let me, let me go back. So sometimes it's ignore TTPs. It's sometimes it's all about understanding what bad guys are doing and what they're looking for and what the, the hotness or the flavor of the day is. Mm-Hmm. Especially when you open up something like RDP and I want to say, Hey, where are they connecting in from? What are they trying to do once they're in, you know, it can be things like that.
It can also be just, it can be things like, you know, gaining, uh, intelligence into like IP space. Um, Nathan Fowler is, is a friend of mine and for a while he used to run basically like an IP checking list that had honeypots just to get like reputation data.
But when you're trying to produce things like IPS and domains to produce into threat intelligence, it has such a short shelf life that I find honeypots are much more useful for finding what bad guys are trying to do and what they're looking at and how they're trying to do it. Although certainly you can get threat intel out of them. Got it. And, and can you tell talk a and, and so Shaad quickly, uh, not quickly, I, how do they get in touch with you if they want to help donate an ip?
Um, so they can either email me directly, um, and put my email in the chat window. Um, or if you're on Cyber Nation, I, you can, you know, I think you can direct message me in there as well. Um, yes. You know, so there's, yeah. So there's, you know, you know, email to me directly is fine too. Um, and then what I'll do is basically pass.
I mean, if, if, even if you have questions on that or you wanna learn a little bit more before you donate the, the ip, feel free to email me and I'll direct you to the right people, um, who are working the project and they can explain it to you more. They can show you some of the data, um, that's in there. Um, but again, like we're, our focus is strictly iot. So we have like nest simulators, ring simulators, those kinds of devices are what we're looking at.
Um, in some cases some smart city devices as well. Um, just to help out, you know, cities and governments to know that look, you're, you know, there is an attack going on on cameras, but we're still building it though. We're getting to that point. Very cool. Very cool. Wes, um, in wrapping things up, tell us what, what people can expect with your friend that wrote the book on Honeypots. Yeah, on the 14th, I wanna say. Yeah, he is coming up. We need to confirm that date. Yeah.
Um, so I've got a couple names for you. So Chris Sanders had just popped his name into the chat, is a, uh, friend of mine, actually. We were old classmates together. I've always been friends since, um, and does some really awesome stuff around some research and education. Anyone here been in a Chris Sanders class? Uh, I don't know represent if you have, but he's legit. Um, so anyway, he has agreed to come on the call. You know, one of the things I noticed, Andrew, like, we're at 2046.
This is pretty awesome in terms of attendees, in the old days of me reaching out for people to come on the show, you know, it was crickets. You know, no one's like, I don't know who Cyber Call is now we have 2000, I, we've got some folks lined up that are gonna be really, really good. Now. Chris was gonna come on whether we had 2000 or not, because he's just awesome. Uh, but he's got this book right here. I'm gonna go ahead and put it into, um, the chat here.
So he is literally writing the book about to be produced on Honeypot. He's written a few others like Pack, uh, practical Packet analysis and some others. But yeah, he's gonna be joining us on the call. We're gonna get a lot more technical on that call. Um, but we're gonna talk more about what Chris is doing, how people can get involved with him, um, what deception and honeypot technology can be used for all of that kind of stuff. It should be a great cyber call, really looking forward to it.
Excellent. I didn't wanna say anything Andrew, 'cause it's probably three or four weeks out, but I'm working on a guest Winnie the Pooh who wrote the original book until I confirm it. I didn't want to say anything. You Mean I, I know you and I are gonna talk more offline about eor. Yeah, friend. So, um, I'm glad we need the boos coming. Kyle, do you have any, um, cartoon characters you'd like to bring on in the next few weeks? I mean, uh, Wiley Coyote, I'm sure. Why not?
I mean, at this point good one. Classic. We're we're going downhill quick, right? Yeah, absolutely. All right. Well, um, Shazad, thank you, uh, for an awesome, um, event and, and, and so good to have you on with us. We can, we're excited to continue, uh, you know, anytime we can help the MSPs and, and can commonly help you. Um, that that is awesome. Um, Gary, let me let you start to wrap it up and close it out. We'll go to Kyle and Wess and we'll we'll call it a day. Yeah.
Uh, so what I wanna just want to say today is just the importance that nonprofits play. Uh, right now in all this. I mean, you know, we all are vendors. We have companies and hope, you know, that's why we found this group to come on who really just want to be here to help. But there is just a role and so supporting. I'm so glad that we have these organizations on and we want to help them. We wanna give them support 'cause they do some things uniquely right than, uh, for profit.
And I think when it comes to security, it's, it's really critical. So, uh, you know, great job. Yeah. And then, and then the MSPs get the benefit from awesome wholesale versus retail is, uh, Phyllis like to say. And I think you said the same thing, Kyle. Oh, stoked. Audience members obviously, uh, you know, seem to be pretty good. Chat today was pretty solid all the way around. Um, I think what I'm probably most excited about is just continued group of audiences. Um, different perspectives.
A lot of tools we're bringing here. I, you know, I think the where cyber call continues to stand itself apart is actionable, right? Uh, these are things you can actually say, oh, what do I do next? Here's what you do next, here's your toolkit. Start using. So, um, still excited. Would love to have an episode to have more people in the audience sharing how they're using stuff. Yeah. Yeah. No, that's very, very thank you for bringing that up.
Next week actually, we are gonna have, so I'm gonna be reaching out to everybody who would like to come up. Kyle, thank you for reminding that. Next week we're gonna have a lady by the name of Gina via Con on Gina is, uh, the founder of Mighty Network.
She is the original creator of Ning, NING, if any of you remember that, uh, platform she was with, uh, Andre, um, Andreesen Horowitz, I mean this woman is so to that I want to have her on, bring people on and talk about community can, how do you build community? Um, she's an expert at it. So Wes, how about you in closing? Yeah. You know, I wanna plug what she's doing, um, it with perspective to us get involved in the cyber nation if you haven't already.
I can't say anything more that, uh, Gary and, and Kyle not already said. So, so let's keep the conversations going in the cyber nation. We'd love to see everyone join in. That is the community that we are building just as a, you know, in the interims between our Monday afternoons or mornings for some of you, we can get together and some people have asked some really good questions and gotten great feedback. Look, the sum of all of us is better than a single one of us.
Nobody has all the answers. We say that all the time. So getting in on the cyber nation is a fantastic way for all of us to be involved and continue. So, Gary, that's the big thing I wanted to say. Alright, well with that, really, uh, appreciate every guy, everybody week 16 is in the books. Uh, we will move on to week 17. Everybody have a fantastic week and stay safe. Take care everyone. Bye. Great job everybody.
Related Videos

The Vulnerability Crisis No One is Funding
The Vulnerability Crisis No One is Funding

The Vulnpocalypse Is Here & Your MSP Can Survive It
The Vulnpocalypse Is Here & Your MSP Can Survive It

The CyberCall: The 2026 Verizon DBIR Unpacked with Author Philippe Langlois
The CyberCall: The 2026 Verizon DBIR Unpacked with Author Philippe Langlois