Dima Kumets of Huntress

[00:00:01] Hello, ladies and gentlemen, it is officially August, August 1st, 2024.

[00:00:10] Summertime is going to be done and behind us, and before we know it, it's just going to be conference after conference after conference all the way until the end of the year.

[00:00:19] And you're going to have no hair left like me because you're going to be pulling it out.

[00:00:22] And like at the end of the day, you know, it'll be Christmas time and we'll be talking about 2025 and like the year will be behind us, believe it or not.

[00:00:29] This is what happens every time. It's like a machine gun time of the year.

[00:00:32] So if you're not on the road doing something in August, obviously vacation time, whatever.

[00:00:37] Cool. Like to enjoy it and, you know, get as much sleep and downtime as you can, because like September, October, November, forget it.

[00:00:47] You know, make a small investment in your energy, you know, caffeine of choice and off we go.

[00:00:54] But anyway, let's do some housekeeping and then we'll get on to the good stuff.

[00:00:57] It's going to be an entertaining edition here of the MSP initiative, MSP talk today.

[00:01:04] So stay tuned. So MSP initiative dot com.

[00:01:08] Here you will find this session is actually being recorded and will be parked here under sessions as well as all of our other sessions.

[00:01:14] We link to our YouTube page or podcatcher.

[00:01:18] So if you're audio, video, you name it, it's all there for everybody to rewind, like, subscribe, download all there for you.

[00:01:26] These are always interesting. Sometimes people leave their cell phone number at the end for some weird reason on these.

[00:01:31] But hey, I digress. MSP community minds.

[00:01:34] This is our third one of these is completely educational event for the community.

[00:01:40] Agendas posted. We have MSPs that are coming to talk on panels where you can literally ask them the questions that you care about and not just I don't know the junk that they always put out in front of you.

[00:01:51] And then we have industry experts doing two hour at a time workshops on various topics with no credit card swiping at the end.

[00:01:59] We actually want you to learn something, not some death by PowerPoint and buy more.

[00:02:04] OK, so come check this out.

[00:02:07] We built this event for the community.

[00:02:09] You know, it's literally, you know, content that you would pay a lot of money to see.

[00:02:15] And we're not charging you anything, but you do need to show up to get, you know, to get it.

[00:02:19] And number two, like you do need to get there. Right.

[00:02:22] You know how flying you are driving you into this place in Denver, September 25th, 26th.

[00:02:26] But I'll tell you what, if you go and look at the profiles of the people that are on here, these are not paid for speakers or vendor speakers veiled as experts.

[00:02:37] They're legitimate people that are in the trench, in the sandbox, who are going to give you information that, quite frankly, it's the stuff that I think matters.

[00:02:46] But I digress. Check it out. Community Minds in Denver.

[00:02:50] Then, I know this is what we're known for.

[00:02:52] There's so many, there's five left of them for the rest of the year. Here we go.

[00:02:56] The MSP community block parties.

[00:02:58] Yes, we know eight years of this.

[00:03:00] Yes, I'm bald, pulled my hair out.

[00:03:02] There's nothing left. But here we go.

[00:03:04] You're going to IT Nation in Australia in August, which is at the end of this month.

[00:03:09] We will be holding our very first MSP community block party in Darling Harbor, right down the street from the Conference Hotel, August 21st.

[00:03:20] Come on out.

[00:03:21] We're going to bring our American flair to things, but in a down-under way.

[00:03:26] I promise it'll be fun.

[00:03:27] You can walk.

[00:03:28] You don't need an Uber or anything, right?

[00:03:30] So please register.

[00:03:32] It's absolutely free.

[00:03:33] IT Nation Australia.

[00:03:34] Then, if you're going to PAX 8 beyond Berlin, first time we're going to Germany.

[00:03:40] I actually just flew out there a few weeks back just to kind of scope out the scene.

[00:03:44] We'll be working with the PAX 8 team again.

[00:03:46] August 14th will be when we're doing this.

[00:03:49] We'll announce the venue shortly.

[00:03:51] As you can imagine, there are a lot of cool options in Berlin.

[00:03:54] Cool city.

[00:03:56] Then, we have DattoCon Miami.

[00:03:59] So, if you're going to South Beach, and this is literally on South Beach at the Fountain Blue, we will be doing our block party at DattoCon on October 29th.

[00:04:10] On premises.

[00:04:12] You don't have to walk down the street this time.

[00:04:14] You're literally in the same building.

[00:04:18] We'll announce this one, but literally on property.

[00:04:22] It's going to be a great time.

[00:04:22] We scope that out as well.

[00:04:25] Then, this is the big one.

[00:04:27] Everybody knows, right?

[00:04:28] First, it was All American Rejects.

[00:04:30] Last year, Better Nezah Sugar Ray Tonic.

[00:04:32] We're going to announce the ban shortly.

[00:04:34] We're in the middle of it right now.

[00:04:36] It's an expensive process, but one that we love, I think.

[00:04:39] We'll be doing the block party at IT Nation in Orlando.

[00:04:44] This will be on the first night of IT Nation after the welcome reception, as always.

[00:04:50] Again, absolutely free for you to register.

[00:04:53] We already had some people vote and give us their opinions on who we should be booking.

[00:04:56] Stay tuned.

[00:04:58] Then, we finally, let's try five of these.

[00:05:02] Close out the year back in Sydney.

[00:05:05] We'll be doing our last block party of the year on November 12th in Sydney.

[00:05:10] For DattoCon Sydney.

[00:05:12] These are all for you.

[00:05:14] Yes, they're absolutely crazy to plan and put on.

[00:05:19] I can't tell you how much time goes into these, but they're absolutely all for you.

[00:05:23] They're absolutely all free for you to join us and attend and enjoy some beverages, food, and entertainment.

[00:05:29] Check out community block parties at MSPinitiative.com.

[00:05:32] Second to last, some community offers.

[00:05:34] If there's deals listed here you can take advantage of, feel free to take advantage of them.

[00:05:38] Lastly, the industry calendar, which goes from now, August 1st, all the way to the end of the year.

[00:05:42] All of the events that I just talked about are listed, as well as everybody else's events and conferences and all the other things that you can do not sitting in your office.

[00:05:51] So, there it all is, MSPinitiative.com.

[00:05:55] It's all out of the way.

[00:05:56] I got it done in like six minutes time.

[00:05:59] And I, you know, long overdue, by the way, I, this particular person is near and dear to my heart.

[00:06:06] And we go way back in the history of the sandbox that we all live in.

[00:06:11] And I brought this shirt out of the, you know, the archive.

[00:06:15] Okay, this is like a classic.

[00:06:17] Okay.

[00:06:18] I was still in the wrapper.

[00:06:19] I literally pulled it out of the plastic.

[00:06:21] Yes.

[00:06:22] I am proud to bring on good friend, Dima, who is currently at Huntress.

[00:06:28] How are you doing today, Dima?

[00:06:29] So glad to be here, George.

[00:06:31] Yep.

[00:06:31] Like you said, we go way back to the general blocky days of...

[00:06:37] It's true.

[00:06:38] It's true.

[00:06:40] I mean, like, yeah, we think about all the things that have happened in like four years, five years time.

[00:06:46] We're going back to like eight, nine, 10, 11, right?

[00:06:49] I call it early days, at least for me.

[00:06:53] And man, time flies.

[00:06:57] Yes, it does.

[00:06:59] And the sandbox has morphed a little bit since then.

[00:07:04] More than just a little bit.

[00:07:05] I think when we were first seeing each other out in the field, when I was back at OpenDNS,

[00:07:11] the big keynote talks were like, the future is recurring revenue and all you can eat IT.

[00:07:19] 100%.

[00:07:21] That was the future, not the present.

[00:07:23] Right?

[00:07:23] I mean, and like now all we're hearing about is like AI and, you know, next gen and whatever.

[00:07:31] And, you know, airplanes not flying because security didn't work that day.

[00:07:35] Right?

[00:07:35] So I ain't like, unfortunate.

[00:07:37] And then like, and then I think Microsoft had another outage, like two in two weeks or three weeks.

[00:07:42] And then they're like, oh yeah, we had a security event.

[00:07:44] It's like, man, like things have, some things have stayed the same.

[00:07:49] A lot of things have changed.

[00:07:51] The business of the sandbox has definitely changed since the early days for sure.

[00:07:57] But the industry has definitely grown.

[00:08:00] Right?

[00:08:00] Like there's more people doing this now than there was back then.

[00:08:04] Yeah, big time.

[00:08:05] A lot more people doing it.

[00:08:06] A lot more investors who are aware of what an MSP is.

[00:08:11] And if we go back to the early days of OpenDNS,

[00:08:16] trying to explain to our investors whom we were serving with the MSPs,

[00:08:21] like, oh yeah, so like, are you working with AT&T?

[00:08:24] They're a big MSP.

[00:08:26] Verizon, we're like, no, no, no, no, no.

[00:08:29] Let's redo this whole definition of whom we're talking about.

[00:08:36] And now we're having investors in venture capital who gets the space and who's asking,

[00:08:43] okay, well, what are you doing to get more into the ecosystem?

[00:08:46] It is a completely different world for the MSP side,

[00:08:50] for startups who no longer have to educate the VCs and the investors as to whom

[00:08:57] these magical service providers that serve all these small businesses in an efficient and effective manner.

[00:09:05] Right?

[00:09:06] They're like, no, small businesses go to Best Buy and they call Geek Squad.

[00:09:09] Nuh-uh.

[00:09:10] Right?

[00:09:10] That was the conversation in 2014, 2015.

[00:09:15] But yes, we're in a very different world than security,

[00:09:18] completely different universe.

[00:09:20] I think back then, one of the huge inflection points for OpenDNS is a researcher,

[00:09:29] her name was Ping.

[00:09:30] She built out this domain generation algorithm that would block, you know,

[00:09:36] computer-generated domains that weren't human.

[00:09:40] So if it was like F7VVXYZ.net,

[00:09:44] like no human would register that for SEO reasons or anything, right?

[00:09:49] And then our friend Ethan Tancredi, who at the time was at my Sherpa,

[00:09:55] which is Greg Burr's MSP, sends a message going,

[00:09:59] hey, Dima, your logging is broken because it says this one endpoint is getting 2,000 DNS requests

[00:10:07] blocked over a four-hour period.

[00:10:11] And that was because it was the first time we'd encountered CryptoLocker.

[00:10:15] Wow.

[00:10:16] And that was CryptoLocker trying to get encryption keys.

[00:10:19] And we did the like call up, like unplug that computer, shut it down.

[00:10:25] Absolutely.

[00:10:26] Like this is a huge deal.

[00:10:28] And at the same time, the enterprise-focused security people went like,

[00:10:32] ransomware?

[00:10:33] No, that's like, you know, malware Monday.

[00:10:36] It's routine.

[00:10:37] Everybody has backups.

[00:10:39] Nobody's going to care about this.

[00:10:41] Security industry is all about advanced persistent threats

[00:10:44] that dwell on endpoints and servers for 45 days undetected.

[00:10:49] I'm like, no, guys.

[00:10:51] Ransomware is going to F the industry up.

[00:10:54] And yet here we are.

[00:10:56] You're right.

[00:10:57] It did.

[00:10:58] It's an entire like black enterprise basically of the underground where

[00:11:04] basically they're like a fortune company.

[00:11:07] Yeah.

[00:11:08] Yeah.

[00:11:09] And up until recently, you know, the Russian law was as long as you don't

[00:11:14] target Russians and you don't target infrastructure, you can do this in the

[00:11:20] open with impunity because Russia doesn't have laws that protect foreign

[00:11:24] businesses.

[00:11:25] That's not their jurisdiction.

[00:11:26] Huh?

[00:11:28] Yeah.

[00:11:29] And, you know, after all of that, I think we're now at another interesting

[00:11:35] inflection point with what lapsus did.

[00:11:38] Remember that?

[00:11:39] So lapsus is this group of British teenagers.

[00:11:43] Oh, OK.

[00:11:44] Yeah.

[00:11:44] Keep going.

[00:11:46] Yeah.

[00:11:46] They went low tech old school and they did voice call phishing, trying to get

[00:11:54] credentials.

[00:11:54] They succeeded in getting some Brazilian telcos and exfiltrating data.

[00:12:01] And then they started posting like just straight up.

[00:12:04] We will pay employees of these companies.

[00:12:09] Like I forget if it was like $5,000 or $20,000 a month for access to their

[00:12:14] VPNs.

[00:12:14] We don't need anything else.

[00:12:15] We don't need to do anything.

[00:12:16] Just give me your VPN credentials.

[00:12:19] Wow.

[00:12:19] And these like group of small group of British teens got Samsung, Rockstar Games, Microsoft,

[00:12:29] NVIDIA.

[00:12:30] Like companies whose security budget is probably bigger than your company and my company's

[00:12:36] revenue combined.

[00:12:37] Oh, yeah.

[00:12:38] Yeah.

[00:12:41] So, yeah, we're in a very, very different world now where it's no longer just us nerds

[00:12:47] that talk about security, but it impacts every day.

[00:12:50] Well, I mean, the last couple of sessions have been obviously like we all know what happened

[00:12:56] two weeks ago.

[00:12:56] Yeah.

[00:12:57] You woke up and I was traveling during it.

[00:13:00] I was in Dublin going back to London, trying to go back to the States.

[00:13:05] And I mean, like household name, right?

[00:13:09] Like, yeah, like billions of dollars of airtime, right?

[00:13:12] And not in a good way.

[00:13:14] Right.

[00:13:15] So.

[00:13:16] No.

[00:13:17] And man, do I feel for those folks.

[00:13:21] I took a break between OpenDNS and Hunters to work at a content delivery network called

[00:13:27] Fastly, where I thought, I know it'll be fun streaming video.

[00:13:30] It'll be totally different.

[00:13:32] And it was fun to learn all the different ways that that video gets delivered and to,

[00:13:37] you know, be in the war room for a couple of Super Bowls, even though I'm not a sports

[00:13:41] ball guy.

[00:13:43] Still pretty cool.

[00:13:44] Yeah.

[00:13:45] We know, George.

[00:13:47] We know.

[00:13:49] But, but yeah, one, one little mistake and we had a cascading global outage.

[00:13:56] And then all of a sudden people realized, oh, the images on amazon.com run on this little

[00:14:04] company called Fastly and Disney streaming plus wasn't working and all of these different

[00:14:11] things.

[00:14:11] It is, it is the worst experience in the world.

[00:14:14] And, you know, it can happen to anybody and I really feel for them and we do everything

[00:14:20] we can to prevent them.

[00:14:21] But software, software has bugs and you're never, you're never immune.

[00:14:28] Yeah.

[00:14:29] I mean, I just don't like, I say it every time I'm going to say it again, you know, on this

[00:14:34] call, but on the session.

[00:14:37] When Microsoft goes down, people just shrug, right?

[00:14:39] When Amazon goes down, people shrug.

[00:14:41] And it's like, well, you know, they're the big guy.

[00:14:43] What are you going to do?

[00:14:44] It's like the electricity going out.

[00:14:45] And it's like, when it's anybody else's name, different story, you know, like, you know,

[00:14:50] the world is ending.

[00:14:51] Right.

[00:14:51] I mean, but in this time, a company who probably, I think was not a household name was so embedded

[00:15:01] into large, you know, companies, deployments, government schools, the stock market, blah,

[00:15:06] blah, blah.

[00:15:08] And like, for everything to trickle down in like a two hour window globally, it was just,

[00:15:13] I don't think like, you know, it was reported the largest IT outage of all time may very

[00:15:17] well be the case.

[00:15:19] Yeah.

[00:15:19] The joke was, well, Y2K came just 24 years later.

[00:15:23] You know, like, and then, and then the people that came behind it, they're like, well, you

[00:15:30] know, Apple, you know, locks their kernel down and systems lock their kernel down.

[00:15:36] And why is Microsoft?

[00:15:37] And then it was like, well, you know, ask the EU.

[00:15:39] There was a thing about it.

[00:15:40] And then like, all of a sudden there was all this finger pointing and I'm just like, you

[00:15:45] know, like for big companies, like I think Delta came out.

[00:15:48] I saw an article.

[00:15:49] It was like $550 million in loss.

[00:15:52] And I was just like $550 million.

[00:15:54] That's one company, a big company, very big company, but one company.

[00:15:59] I was like, they got tens of thousands of companies that were using the software.

[00:16:03] Right.

[00:16:06] So, and, you know, I'm going to say, I'll kind of end my thought here, but, you know,

[00:16:11] to all the mega companies who have the resources to remediate and the big IT departments and

[00:16:15] the recent personnel and, you know, distributed across multiple places.

[00:16:19] Awesome.

[00:16:19] But for MSPs who definitely do not run with the same horsepower, like some of the internal

[00:16:25] IT of these companies.

[00:16:28] If you were in the middle of dealing with all of this, this is like another, it's like

[00:16:31] almost another COVID all over again overnight.

[00:16:33] You know, like, you know, like it's like this, a mountain going uphill.

[00:16:37] And, you know, I mean, the fact that you were able to get through it, kudos to everyone

[00:16:43] who, you know, got that job done.

[00:16:45] I mean, you all deserve something more than me patting you on the back on a podcast, but

[00:16:50] there it is.

[00:16:51] Or a $10 Uber eats car.

[00:16:54] Yeah, exactly.

[00:16:55] Which, you know, doesn't even really go very far.

[00:16:58] No.

[00:16:59] No, I hear you.

[00:17:01] I think some of the interesting things to me, finding out exactly who uses BitLocker and

[00:17:07] who doesn't.

[00:17:08] Oh, I think a lot of people use BitLocker, right?

[00:17:12] Like it's...

[00:17:12] Oh, yeah.

[00:17:13] No, I mean, because that was the big slowdown in terms of bringing machines back.

[00:17:18] Otherwise, it's like safe mode, delete a file, and you're off to the races.

[00:17:24] And seeing that Delta actually uses BitLocker on their terminals kind of makes me feel better

[00:17:29] about the universe as a whole, that at the very least...

[00:17:34] What about all the discount airlines that didn't use any of this?

[00:17:37] I mean, like, you know, like, I didn't...

[00:17:39] Everybody's joking, but I think Southwest was like their one system runs on like Windows

[00:17:43] 3.1 and Windows 95, like something like that.

[00:17:45] And I was just like, if it's not broken, don't fix it.

[00:17:49] I mean, like...

[00:17:50] Yeah, that's true.

[00:17:54] And man, I hope they're paying Microsoft for whatever extended security protection the

[00:18:00] federal government is paying for as well.

[00:18:02] I mean, that's kind of a thing.

[00:18:04] End of life for operating systems typically means that there's some...

[00:18:09] Also, a government entity that cannot switch over quickly, and they end up funding the

[00:18:14] continued security patches and stuff.

[00:18:17] So...

[00:18:17] Can you still security patch Windows 3.1?

[00:18:20] Oh, I don't know about 3.1.

[00:18:22] I think...

[00:18:23] Not a lot.

[00:18:24] I mean, like...

[00:18:26] Just like...

[00:18:26] But I can imagine Southwest who had an outage last year, right?

[00:18:31] Oh, yeah.

[00:18:31] Not small.

[00:18:32] And then the rest of the airline industry is like, what are you doing?

[00:18:34] And then now fast forward, they're sitting here saying, what's up, guys?

[00:18:38] How you doing?

[00:18:40] And like, by the way, not just them, right?

[00:18:42] All the budget lines, right?

[00:18:44] You know, think like Spirit, Frontier, all these guys are like, yeah, we didn't invest

[00:18:48] in the top of the line software.

[00:18:50] We figured we'd be okay.

[00:18:51] I mean, like, I know I'm joking about it, but like, this is kind of a conversation, is

[00:18:58] it not?

[00:18:59] You're right.

[00:19:00] This is a conversation.

[00:19:01] This is probably a conversation that is maybe counterproductive for the industry of like,

[00:19:11] I'm sure there have been other issues with every security product.

[00:19:16] And having said that, like, you're not wrong from a business perspective.

[00:19:20] There's definitely a lot of people who are, who think they're, they're sitting pretty

[00:19:24] now.

[00:19:26] And also fair number of ambulance chasers.

[00:19:30] But this is the world that we live in.

[00:19:32] And yeah, talk about how many domains came out after that, right?

[00:19:36] You know, I think how many domains got spun up after that whole thing, right?

[00:19:40] Like a billion.

[00:19:43] No, and a lot of bad actors trying to take advantage of the situation.

[00:19:46] That's for sure.

[00:19:47] No question.

[00:19:48] Well, I mean, listen, this is one of those times back to the MSP experience, right?

[00:19:54] Like, you worked really hard, probably over a long period of time to convince your customers

[00:19:59] that they needed to invest in this category.

[00:20:01] And you decided to bring the Yankees, right?

[00:20:04] The biggest guy, the biggest brand, the Cowboys, right?

[00:20:06] Like the guy everybody's going to hear, you know, is at the top of the quadrant, right?

[00:20:11] And you showed up and you're like, we're going here.

[00:20:13] You know, we're going to get the best.

[00:20:14] And it kind of backfired a little bit.

[00:20:17] And the business conversation that comes behind that is probably not great, but.

[00:20:22] No.

[00:20:24] No.

[00:20:25] And my hope is that people don't just have a knee-jerk reaction.

[00:20:31] Like, look, we compete with CrowdStrike.

[00:20:34] Like, we win deals, we lose deals, et cetera.

[00:20:38] But, you know, this is not the thing that I want to win on.

[00:20:43] I want to win on, yeah, you're getting a managed service as opposed to an enterprise thing that

[00:20:48] requires you to have a SOC.

[00:20:50] That's where I'd rather go.

[00:20:53] And, you know, I don't know if you remember.

[00:20:57] Well, of course you remember because you're George.

[00:21:00] But when McAfee labeled part of Windows as malicious.

[00:21:04] That's right.

[00:21:05] That's right.

[00:21:07] Well, I just feel like it didn't hit the headlines like this did, though.

[00:21:11] Right.

[00:21:12] That's true.

[00:21:13] It was like it was out there, but like it wasn't as wide ranging as what this was.

[00:21:18] And so, like, for us, we knew about it.

[00:21:21] But, like, the average every day, like I would, my father, who couldn't, barely knows how to

[00:21:26] make the, you know, his cell phone work properly on a day, shouldn't, like he wouldn't have

[00:21:30] known that story, but he knows this one.

[00:21:34] Yeah, and I think that speaks to a couple of things.

[00:21:36] One is having, I think back in those days, there was the question of, do you do daily

[00:21:45] updates to your antivirus?

[00:21:47] And our cybersecurity hygiene was worse rather than where we are now, where things are constantly

[00:21:54] being updated and happening on the fly.

[00:21:57] And we're learning the hard way that that also means a reduction in safety and buffer time

[00:22:04] for defects.

[00:22:06] I want to take this back to a conversation that was, we're constantly having when I did my

[00:22:10] little, called the walkabout in video streaming.

[00:22:14] So when you're watching streaming video, the player will download three segments of video

[00:22:21] into the buffer.

[00:22:22] Okay.

[00:22:22] And let me rewind.

[00:22:24] So the, the kind of best practice from Apple is to have eight second chunks of video.

[00:22:33] These can either be bite ranges within a large file, or most commonly, they'd be broken up

[00:22:38] into eight second fragments of video with a playlist straight up from Winamp, using that

[00:22:44] same format to play them through.

[00:22:46] Winamp.

[00:22:47] Oh man, you're going to be back.

[00:22:49] Go ahead, keep going, keep going.

[00:22:49] Really whips the llama's ass, right?

[00:22:54] But you, you, so you're, you're about to stream as a sports game.

[00:22:58] You've got people who are worried about, you know, the people that, who are, who are streaming

[00:23:03] it versus watching on cable where the streamers are falling behind.

[00:23:06] So you have a choice.

[00:23:07] You can have those eight second chunks, which means the player waits for 24 seconds before

[00:23:13] starting to play or before, well, 24 seconds of a live event have to have happened for that

[00:23:19] video to exist.

[00:23:20] Right.

[00:23:21] Or you can change it to two second segments and only be six seconds behind live, which is

[00:23:28] a lot better for the not hearing your neighbors cheer or scream, you know, that whole effect.

[00:23:34] Uh, but then if there's a little network blip or that file doesn't get written quite as

[00:23:39] quickly, then they see the dreaded wheel of rebuffering.

[00:23:44] So for it's the same thing where like, okay, except the difference is you're frustrated when

[00:23:51] you're looking at the rebuffering screen versus you're unprotected when definitions don't end

[00:23:58] up on the end point.

[00:24:00] Um, that's a great analogy by the way, because I think everybody has experienced this somewhere.

[00:24:05] Right.

[00:24:06] Uh, I don't think I've ever had it put that way, but I know exactly what you're saying.

[00:24:10] Um, we've all, we've all seen this, right.

[00:24:13] And like, what's going on?

[00:24:17] Um, especially Jen, who watches all her Bravo shows while she's on the road on her tablet.

[00:24:22] And like, I couldn't imagine her having my Bravo iPad is what I call it.

[00:24:27] Yeah.

[00:24:27] I couldn't imagine Jen waiting for the circle.

[00:24:29] Like she would get frustrated.

[00:24:32] Um, but yeah, when you're on the road and you're on one of those mobile hotspots on,

[00:24:39] you know, on Amtrak or whatever form of transportation, um, that's the, that's a debate.

[00:24:45] And, and that's the kind of thing that business decisions have to be made that have real world

[00:24:52] consequences.

[00:24:53] Um, whether that's the fragility of software or the fragility of a live streaming experience

[00:24:59] and getting the, the dread rebuffer.

[00:25:02] Yeah.

[00:25:03] I mean, so like, let's, let's go here then.

[00:25:06] So you have people like you who like grew up through this security conversation.

[00:25:11] Right.

[00:25:12] And like, good on you for that, because I don't know if I could have gotten anywhere near

[00:25:16] you did.

[00:25:17] I think I would have just like said, all right, this isn't for me.

[00:25:19] I need to go do something else.

[00:25:20] I'm going to try a different career.

[00:25:22] And then you have the, the business people who are like, Hey, we're in the business of

[00:25:25] actually making money.

[00:25:26] Right.

[00:25:27] Like where's the middle of that conversation?

[00:25:30] Because, you know, I feel like it's becoming blurred.

[00:25:35] Right.

[00:25:35] To the point where like, how do we find the middle?

[00:25:40] Uh, yeah, I think, I think that's, that's a big, big question.

[00:25:45] And that's where that whole, uh, risk management and governance conversation come into play.

[00:25:53] Uh, for some folks, they don't really have that much of a choice.

[00:25:56] They've got FTC safeguards.

[00:25:58] They've got, uh, you know, controls for financial healthcare, et cetera, regulation that has at

[00:26:06] least a baseline, which thank goodness were there as opposed to anything goes.

[00:26:12] Um, and then beyond that, there's the question of, well, what, what happens if there's downtown?

[00:26:19] What happens if there's data access?

[00:26:21] Um, and you also have very different conversations when you're dealing with more sensitive customers,

[00:26:31] for example, like if you are a law firm that has clients that demand confidentiality, because

[00:26:39] you're literally, you know, doing the, that, that might cover the microphone conversation with them.

[00:26:44] Uh, versus like, if you are a candy manufacturer and seller, it's maybe not that sensitive.

[00:26:52] I think there needs to be that conversation.

[00:26:55] Um, and it's, it's also one of those things where the industry, like, like you said, has

[00:27:02] matured a ton from somebody explaining to the businesses that my security is a, and I've

[00:27:08] heard this so many times to tell me through this.

[00:27:10] It's a five layer dip.

[00:27:12] It's a seven layer burrito.

[00:27:15] The, the multiple layers and add a Mexican food.

[00:27:19] And, and that was the pitch in 2016, 2017 to now we follow the NIST framework or CIS controls.

[00:27:29] And we're going to get you to CIS controls level one.

[00:27:34] I'm grateful that we're past the time of the, the dips in the burrito analogies and onto the,

[00:27:41] this is what standards are.

[00:27:43] You don't think Chipotle and Moe's got a little salty that we're not invoking their, you know,

[00:27:48] their, their whole business every time we talk.

[00:27:50] Okay.

[00:27:51] Okay.

[00:27:51] All right.

[00:27:51] Um, no, I, I, I would think the problem Dima is, um, to the business decision maker,

[00:27:59] check signer, whatever title you want to put against it, who understands technology is

[00:28:05] required to keep the ball rolling and the lights on, but you know, it doesn't necessarily

[00:28:09] believe like, Hey, our, you know, like, let's get back to the business of what we do.

[00:28:16] Um, this type of thing really hampers their mentality, right?

[00:28:20] Like you chip away, you chip away, you chip away.

[00:28:22] You finally get them to understand they need to invest so that they're not in the headline

[00:28:25] and then end up in the headline anyway.

[00:28:26] Right.

[00:28:27] So like, you know, it just definitely almost like you, you, you, you finally got to the

[00:28:33] top of the mountain, you got dragged back down halfway and now you got to work back up.

[00:28:36] You know what I mean?

[00:28:37] So like, I feel like, you know, the next six, eight, 12, I mean, like, listen, crowd

[00:28:41] strikes is going to take, it's going to take a year.

[00:28:42] I think years.

[00:28:44] All right.

[00:28:44] I think that was not small.

[00:28:46] And like, I'm not saying you're going to go out of business by any means, but in my opinion,

[00:28:50] I think this is something that takes a long time to build the PR bubble back up of feeling

[00:28:56] good.

[00:28:56] That being said, um, the reverb effect downstream where we all are, you know, existing in the

[00:29:03] bubble, uh, is a lot more work has to go into, well, what are we doing?

[00:29:08] You know, and why do we keep doing it?

[00:29:11] And should we continue spending money here versus concentrating on continuity and keeping

[00:29:15] everything running?

[00:29:17] And I think that that's, you know, going to be a much more aggressive debate.

[00:29:21] Um, and I feel, and like the MSPs that are in the middle of the conversation and wherever

[00:29:26] they're at with their end customers, um, you know, who have been having this compliance

[00:29:31] conversation, Dima, right.

[00:29:32] It's like, Hey, your big customers now coming to you saying in order for them to keep using

[00:29:36] you, they have to force their thing down on you.

[00:29:39] So like, what are you going to do?

[00:29:40] Do you just not do business with them anymore?

[00:29:42] And then you come back and it's like, well, does it, if they can't get it, what's the point?

[00:29:46] And then like, you have this at, you know, you know, yin and yang.

[00:29:50] So, um, I, I think we're at this, I think the conversation has been, I'm not going to say

[00:29:57] a hundred percent reset back to where we were in 16, 17.

[00:30:00] No, but there is that conversation being had.

[00:30:04] I agree that conversation is being had of what's the right amount.

[00:30:07] Um, I think the other things that are going to be highlighted are the question of, well,

[00:30:15] if you are my IT service provider and something like this happens with something in the stack,

[00:30:21] how quickly can you get me back up and running and having like, you know, put it, how quickly

[00:30:28] can you get those bit locker keys back in and then all of those things.

[00:30:32] I think there's an opportunity for the partners to talk about, okay, these, but having full disc

[00:30:38] encryption is important because it's regulated versus it might, it gives you, expose you to

[00:30:43] risk if you don't do it, but you have faster restore times.

[00:30:47] I'm guessing that's going to be a new conversation that nobody was expecting to have in 2024.

[00:30:53] Um, and simultaneously, uh, we do have a more tech savvy population of business leaders,

[00:31:02] uh, where at the very least they were not the, the baby boomers who had to learn about computers

[00:31:08] in, uh, in the workforce.

[00:31:11] Uh, and we do have a bit more of a, of an importance of, of technology and everything we do.

[00:31:19] It's no longer did somebody, did somebody use a typewriter and have their legal secretary

[00:31:26] literally type stuff up versus everything is going in.

[00:31:30] Are you still seeing it?

[00:31:32] I want you to go talk to the airlines and I want you to ask them why their DR strategy

[00:31:37] in the middle of all of this, I, I literally saw it.

[00:31:41] Okay.

[00:31:43] Hand writing boarding passes on like printer paper that they have.

[00:31:48] Like no, you know, Hey, they had a nice form.

[00:31:51] It was carbon copy, you know, a little old school, but still works.

[00:31:54] No, no, no, no, no.

[00:31:56] Handwriting boarding passes on just loose on like loose leaf paper, basically.

[00:31:59] Mm-hmm.

[00:32:01] Yeah.

[00:32:02] Um, that should have been tabletopped a lot better.

[00:32:06] You're, you're absolutely right.

[00:32:07] And again, another opportunity for that business continuity, disaster recovery, incident management

[00:32:13] from the IT side, uh, for MSPs to say, Hey, let's talk through what happens if, uh, insert

[00:32:22] your dentist office central tool, uh, that is analogous to the CDK global outage.

[00:32:28] Right.

[00:32:29] Which, which I feel like, well, it's funny.

[00:32:31] We heard about CDK for three or four weeks and you almost forgot that it happened after

[00:32:35] all of this.

[00:32:36] Right.

[00:32:36] Like, yeah, like you're like, Oh, that's right.

[00:32:38] Every car dealership in America basically stopped for three weeks.

[00:32:42] Um, they're like, well, how often do you need to go buy a car?

[00:32:45] I was like, Oh no, it wasn't just buying cars.

[00:32:46] It was servicing your car or getting parts for your car.

[00:32:49] Like it was a little bit bigger than you thought.

[00:32:51] Um, that was big.

[00:32:54] That was actually very big for that.

[00:32:55] And it was, you know, if anything, it's a similar thing happened in our industry not

[00:32:59] long ago.

[00:33:00] Very, very much paralleled and echoed exactly what happened there.

[00:33:04] Uh, I think this most recent incident is a little bit different capacity, but, uh, cause

[00:33:09] it was multi-industry, but, um, man.

[00:33:12] I, all right.

[00:33:14] So let's zoom like August 1st, 2024.

[00:33:19] If you were sitting in an MSP, right.

[00:33:22] They brought you in.

[00:33:23] Hey, Mr.

[00:33:24] Security consultant.

[00:33:26] What should, what should we lean in with now?

[00:33:28] Given all of that, given the current events and everything we just talked about, how should

[00:33:32] we position this properly?

[00:33:36] Uh, what do you need to position this properly?

[00:33:39] Like, like, like, you answer.

[00:33:41] Security focus.

[00:33:42] You know, this is still the right way.

[00:33:45] You know, are we selling the right thing?

[00:33:47] Are we bundling the right solution?

[00:33:48] Do we have to be a little bit more transparent with what we're putting out there as part of

[00:33:52] this stack?

[00:33:53] Like, yeah, that whole conversation.

[00:33:58] You know, I haven't given that as much thought as I would, would like to, um, I've been more

[00:34:05] focused on, on building my functionality and stuff because it's been a crazy busy, uh, time

[00:34:11] right now preparing for all the Q4 build outs and so on and so forth.

[00:34:16] Uh, but you know, kind of first thoughts.

[00:34:20] Yeah.

[00:34:21] Yes.

[00:34:22] You do have to have the risk management conversation.

[00:34:25] And I think the, uh, the, the conversation really needs to lead with, okay, we are going

[00:34:32] to make sure that you have all the layers in place to, you know, get, get as many phishing

[00:34:41] emails out of your inbox as possible.

[00:34:43] Have a managed EDR solutions.

[00:34:45] That's 24 seven.

[00:34:47] And it's keeping an eye on all the, the potential malicious processes, et cetera.

[00:34:53] Uh, have the training I'm biased because that's what I do these days, but have the training

[00:35:00] for the humans not to fall for stuff.

[00:35:02] Um, and then beyond that, this seems like table stakes, like you have to have fishing

[00:35:08] resistant MFA.

[00:35:09] Um, and then talk about, well, what do we do from the disaster recovery perspective as

[00:35:18] part of the security conversation?

[00:35:20] Cause the two are forever tied together now.

[00:35:23] Um, whether it's from ransom or recovery or now from the, the recovery from a bad software

[00:35:31] update.

[00:35:32] Um, these are all the conversations.

[00:35:34] And I think, uh, there's a real opportunity for MSPs to say, okay, we are selling with

[00:35:41] SLAs as different SLAs in terms of pricing.

[00:35:44] Uh, you need to think about, can your business operate with paper boarding passes?

[00:35:51] Uh, and if you're not an airline, but you are a, uh, an oncology clinic, can you treat

[00:36:00] cancer patients with pen and paper, right?

[00:36:05] That's, that's just as valid and, or car dealership, you know, do you have a way to look

[00:36:12] up, uh, or, or do we need to restore some data for you in a way so they can look up the

[00:36:17] service history of a vehicle?

[00:36:19] I mean, to be honest with you, that's, that's, that's a, that's a key takeaway from this session,

[00:36:23] which we're about to go into this stuff, the good stuff.

[00:36:25] But I think SLAs have been just a drive by conversation for a lot of people, but if you're

[00:36:34] selling towards, Hey, your costs with us is going to be based on your tolerance for how

[00:36:39] long it'll take for restoration.

[00:36:40] I think very few MSPs talk that way.

[00:36:45] I've, I've spoken to a lot who do and who have SLAs on, on recovery, on, you know, putting

[00:36:52] something in a virtual machine so that data can be accessed without full recovery, um,

[00:36:57] as well as just to get response SLAs.

[00:37:00] Um, and I just think like, you know, now that it's a lot more visible, right?

[00:37:04] Like, could you imagine your bronze, gold, silver, or your level of plan are based on your tolerance

[00:37:11] for how fast we can restore you from a, from a DRC?

[00:37:14] I, I, very few people start with that or lean in.

[00:37:18] Mm-hmm.

[00:37:20] Uh, agreed.

[00:37:21] And, and yeah, I think, I assume that this is going to be a place that a lot of the, the

[00:37:27] smart MSPs are going to be leaning into because it is very much topical now.

[00:37:32] Um, and again, um, a lot of clients are going to say, yeah, I'm fine.

[00:37:36] I can, I can put people on the airplane with pen and paper.

[00:37:41] Um, and it can, I can survive that for 24, 48, 72 hours.

[00:37:46] Uh, and others were like, no, I, I can't do the, uh, the cancer treatments without access

[00:37:53] to all of the data in all of my systems.

[00:37:57] Yeah.

[00:37:58] That's a big one.

[00:37:59] All right.

[00:37:59] So let's talk about what you're doing today because by the way, the video thing was really

[00:38:03] intriguing because we all have every service I feel like on the planet.

[00:38:08] Uh, actually I was just watching the new Batman Cape Crusader on Amazon prime this morning and

[00:38:13] I was like, Oh, this is actually pretty good.

[00:38:14] I like this.

[00:38:15] And I was like, but it was on the streaming app.

[00:38:16] Cause that's how they get it.

[00:38:18] Um, so you're at Huntress.

[00:38:21] Let's talk for a couple of seconds for anyone.

[00:38:24] That's not living, you know, in common days with underneath a rock, maybe never heard

[00:38:29] of this company, you know, give us a little bit about the company and we'll talk about what

[00:38:33] your thing at Huntress is.

[00:38:36] Yeah.

[00:38:37] So, uh, Huntress is a fully managed security platform.

[00:38:42] The company started off with, um, couple of government bad-asses who, uh, were on the

[00:38:49] offensive side and realized that, well, the first thing we do when we bust the

[00:38:54] into a place that, you know, we were tasked to is find a way to get ourselves back in.

[00:39:01] Cause if we lose that, that first initial foothold, you know, I don't want to start

[00:39:06] from scratch.

[00:39:07] Um, and they became, uh, well, they started off with trying to call small businesses directly

[00:39:16] and going like, Hey, can we help you in your environment just as a learning experience?

[00:39:20] And got the, no, we don't even have an IT department.

[00:39:23] We've got MSPs who do this for us.

[00:39:26] Um, and that's when I got to know them, uh, when they were first starting to approach MSPs

[00:39:31] and really building this additional layer.

[00:39:33] Now that product has evolved into a full featured EDR, uh, that is managed by 24 seven sock.

[00:39:40] And that's the core of what Huntress does.

[00:39:43] Uh, but when I got there, uh, about two and a half, uh, gosh, almost three years ago, um,

[00:39:51] my first task was like find the next big thing and calling all the, I think I, between

[00:39:59] Becky and Tracy, they got me like 30 MSP calls set up for within the course of one week or

[00:40:05] maybe two weeks.

[00:40:06] It's pretty great.

[00:40:08] Um, the, the question turned to EDR is great, but my customers are getting business email

[00:40:14] compromise events happening like smaller MSP once a quarter, larger MSPs every four to

[00:40:23] six weeks.

[00:40:24] Some customer has a business email compromise event, which is where, uh, kicked off.

[00:40:29] The Microsoft 365 identity threat detection response, ITDR product.

[00:40:34] Um, and then the company pivoted, not pivoted.

[00:40:38] The company expanded to going, how do we protect humans?

[00:40:41] Uh, we were using this pretty cool security awareness training product called curricula in

[00:40:47] house, which was literally the first time that, um, I did security awareness training where

[00:40:53] I didn't feel like I was insulted and that the people who wrote it knew less than I did.

[00:40:59] Um, and like from there, we're like, you know, we should, we should merge with them.

[00:41:04] We should buy them and make this into an MSP friendly product.

[00:41:09] And that's what I've been doing for the past, uh, almost two years now.

[00:41:14] Wow.

[00:41:14] I tell you what, I've actually seen your stuff.

[00:41:17] We use it here.

[00:41:18] Thank you, by the way.

[00:41:19] Awesome.

[00:41:21] And, um, I've actually referenced some of the, like the, the, the sessions, right.

[00:41:27] Cause like, you know, it comes to like the, you know, you know, we do it every month,

[00:41:31] right.

[00:41:31] The new thing comes out, you know, it's not, it's like 15 minutes, right.

[00:41:34] It's not a big deal.

[00:41:35] You watch it, you know, you click, click, click, take some, you know, multiple choice

[00:41:39] usually.

[00:41:39] And I was the one, the one with MFC, which is like, you know, the chicken recipe.

[00:41:44] I was like, this is awesome.

[00:41:46] Like this was well, well, well done.

[00:41:49] And I've, I've referenced this now multiple times and people are like, well, by the way,

[00:41:53] what is that?

[00:41:53] I was like, oh yeah, you need to go check this out.

[00:41:55] This is what we're using.

[00:41:56] That's awesome.

[00:41:57] But like, it's so consumable that even like a non-technical person, think like a salesperson,

[00:42:03] think like a, you know, like a non-techie could watch to be like, oh yeah, I get it.

[00:42:08] Like, you know.

[00:42:09] Yeah.

[00:42:11] Yeah.

[00:42:11] So like for, for those who are not in the curriculum universe.

[00:42:15] So what you're talking about there is the generative AI episode where it's the, we're, we're trying

[00:42:23] to teach people that if you just use the consumer chat bot, you know, chat, GPT, bar, wherever

[00:42:29] it is, and start entering company secrets into it, those might get learned from and be given

[00:42:37] out in the second or the next version of that bot.

[00:42:41] And, you know, one of the things that's, that's great is I get to be on the, here's what we

[00:42:47] need to express from the security side and get sort of story ideas of like, does this sound

[00:42:53] legit and believable?

[00:42:55] But there's this whole creative team where they then, you know, go away in, in their

[00:43:01] corner and come back with what if we did KFC, but instead of KFC, it was the majors fried

[00:43:07] chicken.

[00:43:09] And somebody put the secret herbs and spices and, and, and asked for a different variation

[00:43:14] on it.

[00:43:16] Um, and yeah, it was so timely because I watch, um, the food that built America.

[00:43:22] It's actually a history channel.

[00:43:25] Okay.

[00:43:25] So good.

[00:43:26] Cause like, uh, I ate so much junk food growing up.

[00:43:29] Like you, you know, I'm probably not far from current time, but I digress.

[00:43:35] Um, and I, I remember watching the Colonel Sanders episode and like, it went through the

[00:43:41] whole story and like how he started the company and how he sold the recipe and then ended up

[00:43:47] selling the company.

[00:43:47] And then they kept retaining him as the spokesperson.

[00:43:49] And then like, like I was going through the whole thing and then like, and then I watched

[00:43:53] this and all the, that's actually not far off.

[00:43:55] Right.

[00:43:55] The secret recipe.

[00:43:56] And I was like, I see what's happening here, but like, it was perfect because this is all

[00:44:01] the rage.

[00:44:01] Funny enough that AI, right.

[00:44:03] This word AI, like, which I really feel it was like two minutes ago is machine learning.

[00:44:07] And then all of a sudden, like they just changed the name overnight.

[00:44:10] Fine.

[00:44:11] Um, but like, I feel like, you know, I've seen things pass through my mailbox where like,

[00:44:17] oh yeah.

[00:44:18] Um, the person didn't know that their information was being processed by this backend, you know,

[00:44:24] and like all of a sudden, and, and like, well, like they didn't consent.

[00:44:27] And then there's a privacy thing.

[00:44:29] And then I was like, oh yeah, that's a problem.

[00:44:33] And like this whole thing tied it together for me.

[00:44:37] Yeah.

[00:44:38] I totally hear you.

[00:44:39] Yeah.

[00:44:39] And it's one of these things where, um, as security person, you, you start off with healthy

[00:44:47] suspicion, uh, as, as a lay person whose job it is, is to answer emails quickly and efficiently

[00:44:55] and effectively.

[00:44:57] Yeah.

[00:44:58] Yeah.

[00:44:58] They'll copy and paste something with confidential information and ask for, how do I respond to

[00:45:03] it this way?

[00:45:04] This is where, uh, you know, we, we have an unfair advantage to, to, to other, uh, security

[00:45:11] awareness training vendors where we have in-house SOC and in-house response services.

[00:45:18] So we bring those folks in and do the, let's talk about what scares us as to what small businesses

[00:45:25] that are handling our data could be doing.

[00:45:28] Um, and where we also have the benefit of taking that information to creative people who

[00:45:34] think about, oh, let's do a KFC thing and plant lots of little dad jokes, basically just

[00:45:42] to bait people talking about it at the office, the same way that you are.

[00:45:45] And to create a sense of FOMO for the people who haven't done their damn training.

[00:45:51] Um, cause they don't get the joke.

[00:45:53] That is very deliberate.

[00:45:55] Oh, true.

[00:45:55] There's another one though.

[00:45:57] Like, uh, there was like a school trip to like the TV studios and that the dude like ran

[00:46:04] to the bathroom, left the door open to the control room.

[00:46:07] The kid like wanders in, ends up locking him out of the entire system.

[00:46:11] Um, he puts on like his favorite show that's on every channel, like across all networks.

[00:46:16] And the guy can literally has to like restore the entire system, takes every channel down.

[00:46:21] I was like, ah, I was like, so the can't, the question is even on your home office computer,

[00:46:28] so you should lock your computer before you walk away.

[00:46:31] Like it was one of the questions in the thing.

[00:46:33] And I was like, you know, I bet you a lot of people don't even think about that.

[00:46:37] Uh, they don't.

[00:46:39] And, um, I think we all see Matt Lee's posts on LinkedIn with the unlocked computers, uh,

[00:46:46] that, that he finds out in the wild and, um, it, it happens.

[00:46:51] And right now, uh, we're actually working on a new episode, which is specifically around

[00:46:59] like safety while traveling and working remotely.

[00:47:03] Uh, and big one for this industry.

[00:47:05] Let's be honest.

[00:47:06] Right.

[00:47:07] Right.

[00:47:08] So it's everything from shoulder surfing to, uh, has, you know, having somebody with a

[00:47:15] pineapple that's creating fake SSIDs that are capturing stuff.

[00:47:19] Uh, these things are, are all the real things that we see in the real world, but.

[00:47:25] You know, you're, you're repeating the stories back to me rather than the factoids, uh, which

[00:47:33] is also there by design because humans are evolved to tell stories.

[00:47:39] Right.

[00:47:39] Uh, and we're evolved to remember stories.

[00:47:42] If, if, you know, a caveman tells another caveman, Hey, there's, uh, a crocodile in that

[00:47:49] swamp.

[00:47:50] Don't go around it.

[00:47:51] Don't walk through it.

[00:47:52] Don't walk through it.

[00:47:52] The ones that remember that story survive and have a offspring.

[00:47:56] The ones that don't become alligator chow.

[00:47:59] And we have a little part of our brain called the hippocampus, which ties together, uh, characters

[00:48:07] and actions and consequences or events afterwards on a timeline.

[00:48:12] And like, you can, you can watch that light up in an MRI as somebody's recalling a story.

[00:48:19] It's really fascinating.

[00:48:21] Um, but the relevance of that is that is what we do.

[00:48:25] We put together these stories so that people remember the toucan man TV studio thing when

[00:48:32] they're thinking about, should I walk away from my computer unlocked?

[00:48:35] Hopefully, uh, or the majors fried chicken, uh, giving away the secret spicy recipe or the,

[00:48:46] uh, the episode for social engineering where, um, you know, somebody gets an email in the

[00:48:52] middle of the day of, we need your last four of your credit card and all of this information.

[00:48:58] And it's actually DD, the malicious hacker trying to get all the information that customer support

[00:49:04] will need from them.

[00:49:06] And you know what?

[00:49:07] I'll tell you what our people and, you know, even the people who'd hate to do these things

[00:49:12] and you have to run after, they actually do them because like, they're not, you know, like

[00:49:17] it's like, it's usually funny.

[00:49:19] Right.

[00:49:19] Or like, it's something where it's like, ah, God, you know, so like, I think too dry is

[00:49:25] like, they just don't want, they feel like it's a chore.

[00:49:27] They don't want to, but like actually entertaining.

[00:49:29] They're like, okay, cool.

[00:49:30] Let's, let's see what today's like, you almost kind of look forward to the next funny one.

[00:49:34] Right.

[00:49:34] So, but I, I, I have absolutely referenced some of these videos and I was just like,

[00:49:40] oh dude, this is great.

[00:49:41] Like, especially for like, I was actually talking about AI recently and, you know, in a larger

[00:49:47] context.

[00:49:47] And I was like, listen, I'm all for bleeding edge.

[00:49:49] I'm all for building things.

[00:49:51] We know that, you know, technology is always ahead of everything else.

[00:49:55] You know, legislation, regulation, compliance comes away after fine, fine, fine.

[00:49:58] I was like, but we can be a little bit smarter about not putting extra risk.

[00:50:06] You know what I mean?

[00:50:06] Like, so like I, so I sat back and I'm like, Hey, when they said they just connected open

[00:50:10] AI and chat GPT to the RMM to like build scripts for you, maybe that wasn't a great idea.

[00:50:18] Right.

[00:50:19] Like, like, cause you know, some level one person's going to do that and just press go.

[00:50:24] Nobody checked anything.

[00:50:25] Bad thing.

[00:50:26] Something bad happened.

[00:50:27] Right.

[00:50:27] Or, Hey, I'm going to start pumping like in my industry, I'm going to start pumping messaging

[00:50:33] and call recordings into the open AI.

[00:50:36] Oh, because it's going to do sentiment and it's going to tell me what happened.

[00:50:40] Summarize.

[00:50:40] And I was like, but where did that information go?

[00:50:44] You sent it there.

[00:50:46] And is that private?

[00:50:49] Like you start to actually zoom backwards from these questions and you're like, Hey, we

[00:50:54] should probably think about not doing that.

[00:50:58] And they're, and then they're like, well, Hey, yeah, you can pay to like, have like a non-public

[00:51:03] version so that you can.

[00:51:05] And I was like, okay, but like, they don't stipulate that when they just allow you to put

[00:51:09] in the API key and just go.

[00:51:11] Right.

[00:51:11] So like, you need to understand the difference.

[00:51:13] You gotta be mindful.

[00:51:14] Yeah.

[00:51:15] And so.

[00:51:16] Yeah.

[00:51:17] These are the things that like, I step back and I'm like, I love technology.

[00:51:20] I, if I didn't, I wouldn't be in this business at all.

[00:51:22] I think a lot of people in our industry are the blinking light, cool toy, you know, new

[00:51:27] thing every day people, but risk back to risk.

[00:51:32] Right.

[00:51:32] Like taking reasonable things and, and not making them unreasonable things.

[00:51:37] I think that's the best way for me to say.

[00:51:40] Big time.

[00:51:41] And, um, you know, glad to, I'm glad to be part of that conversation.

[00:51:46] I think some of the interesting things, um, whether it's training or, uh, uh, EDR or email

[00:51:55] filtering or whatever it is.

[00:51:56] Uh, I think some of the interesting things that we're seeing as a macro is business to

[00:52:03] business organizations of all sizes, all of a sudden, or it's not really all of a sudden

[00:52:08] have evolved to ask questions about the security practices of somebody who they're going to have

[00:52:14] as a supplier or as an integration partner.

[00:52:19] Um, you know, the conversations of, should I have your, uh, muffler on, you know, as, as

[00:52:29] a part of my car, like all those supply chain risks, et cetera, those are now part of every

[00:52:35] day and not just for the nerds to talk about to each other.

[00:52:40] Um, and I'm really hopeful that as an industry, we're continuing to evolve, uh, and certain

[00:52:59] how is my business going to strengthen itself, harden itself, make it so that, uh, we are

[00:53:06] not one of the statistics.

[00:53:07] We are one of the stories of, Hey, you know, we had all of this stuff lobbed at us and our

[00:53:15] people caught it right away and totally didn't send the wire transfer to a business email

[00:53:22] compromise event, uh, or, you know, the, the gift cards don't get purchased.

[00:53:29] It was funny.

[00:53:30] I was on a, we were at, uh, Fort Lauderdale.

[00:53:33] I was on a boat.

[00:53:34] Why is it, why is it, why is there always boats in Fort Lauderdale?

[00:53:36] Okay.

[00:53:37] And somebody was like, yeah, I had just hired someone and they got spoofed by the gift card

[00:53:42] thing.

[00:53:43] And I just shut off their account.

[00:53:44] And I was like, Oh yeah.

[00:53:45] So what happened?

[00:53:46] He's like, I told the owner, I was like, yeah, you can, if you still want to pay them,

[00:53:49] you can.

[00:53:49] He's like, but I'm not giving them access to them anymore.

[00:53:51] I don't trust.

[00:53:58] You're, you're not that, you know, you're really new on the job and you got hit with

[00:54:01] that.

[00:54:01] Then you're in trouble already.

[00:54:03] And I was like, okay, I understand where you're coming from.

[00:54:06] Yeah, it's rough.

[00:54:07] Um, and I, I, and again, I talked to a friend of mine, a former colleague who's now the North

[00:54:15] American regional CISO of a bank.

[00:54:18] Okay.

[00:54:18] Not just a question of, do they have a CISO?

[00:54:21] He's our regional CISO.

[00:54:24] Right.

[00:54:25] Every, every region has their own CISO.

[00:54:28] Uh, and we have the resources where if somebody falls for something, uh, to literally send

[00:54:35] a human being over to their desk and say like, Hey buddy, let's do some in-person coaching.

[00:54:40] Uh, I'm going to spend an hour with you and I'll come back and we'll, we'll do all this

[00:54:45] stuff.

[00:54:46] Uh, I don't think, uh, small businesses or even mid-sized businesses have the resources

[00:54:52] of number one, the humans to send over there.

[00:54:55] Number two, the time.

[00:54:56] Number three, that human has probably got 50 more important things they have to do because

[00:55:02] they're probably the one person at, at the SP or at the, um, at the small business who's

[00:55:08] qualified to even have that coaching conversation.

[00:55:11] That's so like, I mean, that's, by the way, that's amazing.

[00:55:14] The fact that that's even a thing.

[00:55:16] I mean, that's, I mean, as a bank, I can imagine that that's not a small, small thing.

[00:55:20] Uh, but yeah, I mean, MSPs surely don't have the capability to do that because they would

[00:55:26] be doing that all day long.

[00:55:27] I think.

[00:55:28] Indeed.

[00:55:29] And that's the other part of, of what we've been cooking up.

[00:55:32] Um, I'm guessing you haven't clicked on any of our simulated fishing, but when you do,

[00:55:37] you literally get a, I don't, I don't cheat.

[00:55:40] You look at the backend.

[00:55:41] I haven't.

[00:55:42] I haven't.

[00:55:43] That's good.

[00:55:43] That's a good question.

[00:55:44] No, like I, I, I, you know, there were a couple of ones where I was like half paying

[00:55:48] attention and I was like, Oh, I didn't, I didn't read the question.

[00:55:51] Right.

[00:55:51] I need to go back and do it, but I have not clicked on any of the fishing.

[00:55:54] So that's good.

[00:55:55] Good.

[00:55:56] Good.

[00:55:56] Cause when you do, uh, it does take you through a, you know, a virtual coaching session.

[00:56:01] And I think that's kind of what we, we have to get to as an industry, not just like a,

[00:56:08] Hey, you've been caught.

[00:56:09] Here's some one size fits all, but get as close to that customized coaching experience

[00:56:14] talking through, well, like look at the sender email.

[00:56:19] Is that Microsoft?

[00:56:20] Is that open AI?

[00:56:21] Is that Amazon?

[00:56:23] No.

[00:56:24] Like you're all the red flags should be going off.

[00:56:27] Uh, see the sense of urgency here.

[00:56:29] I saw one the other day where it was, um, it looked perfect.

[00:56:34] It looked exactly like DocuSign, but it was like, Oh, thing off.

[00:56:38] And I was like, dude, they literally copied the HTML to the T, but then you looked at the

[00:56:44] source and you're like, well, hold on, let me check it out.

[00:56:45] Let me go to a DocuSign that I know is legit.

[00:56:47] And I was like, ah, here it is.

[00:56:50] And then he got really clever with it.

[00:56:52] Yeah.

[00:56:54] Uh, yeah, we, and, and by the way, DocuSigns and especially around, uh,

[00:56:59] real estate transaction, that's a giant area of, of, uh, vulnerability and, uh, an, an action

[00:57:08] that cyber criminals love to take.

[00:57:10] So that, that was in direct response to seeing some of those stats come through.

[00:57:14] And honestly, uh, if, if a learner is suspicious of everything in their inbox and looks at it,

[00:57:22] if it's just a little bit imperfect, I think that's the job well done that we strive for.

[00:57:29] Um, and if, if they do get compromised, having as much of that coaching experience as possible,

[00:57:35] so they would do it again.

[00:57:36] And so they don't have to get fired and maybe just learn from, uh, from simulated mistakes.

[00:57:44] Now that's the other half.

[00:57:46] A hundred percent.

[00:57:48] Dima, we could, I could talk to you for like,

[00:57:50] just like me and you can go, go forever.

[00:57:53] Um, where do people find out more information about Huntress, but also specifically this part

[00:58:00] of Huntress, right?

[00:58:01] The security simulation, the, the e-learning part of it, where do they go?

[00:58:07] So if you go to huntress.com under platform, you'll see the security awareness training.

[00:58:13] Uh, we do offer 21 day full feature trials.

[00:58:17] So you can run that some made efficient campaigns against, uh, yes, employees or customers.

[00:58:23] And also we give this away to MSPs through a program we called neighborhood watch to use

[00:58:29] for their own employees.

[00:58:31] Uh, no, like you don't have to pay anything.

[00:58:35] You can literally just use this to keep your employees safe.

[00:58:38] I think the only thing you have to do is to show that you yourself have checked out a couple

[00:58:42] of episodes.

[00:58:43] Um, and, and that's about it.

[00:58:45] So I encourage everybody to check it out.

[00:58:48] And, um, you know, like you said, we could talk for hours on end and we have.

[00:58:54] Um, but, uh, in, in the meantime, um, you know, until I see you again in the field, been a

[00:59:01] huge pleasure talking to you, George, and, um, always treasure these conversations.

[00:59:07] A hundred percent Dima.

[00:59:08] I'm sure we will be seeing each other in September and October and November.

[00:59:13] It all goes down.

[00:59:14] Uh, guys, um, if you have one of these, this, this is like, you should keep it safe, put

[00:59:21] it in the vault because you can't find them anymore.

[00:59:23] Um, no, not on eBay.

[00:59:24] I promise.

[00:59:25] Um, so number one, um, thank you.

[00:59:28] Thank you.

[00:59:29] Thank you for jumping on today.

[00:59:30] And you know what?

[00:59:31] Uh, truly, truly, truly love some of the people in the sandbox.

[00:59:35] You're absolutely on that list.

[00:59:37] You know, you, you know, hard to find people who are just, you know, I want to help.

[00:59:43] Right.

[00:59:44] And just technology is our tool to do that, that you, you definitely like live that.

[00:59:48] So, um, thank you for your contribution to the sandbox and continued contribution.

[00:59:53] I think that everybody, you know, working towards that idea benefits, uh, in the long

[00:59:58] run guys, this session was recorded.

[01:00:01] You go back and rewind.

[01:00:02] I'm like, I probably do more sessions with Dima.

[01:00:04] I promise that they'll just get funnier, but go check out the, like I, I use it.

[01:00:09] I literally have done these.

[01:00:11] I still do them.

[01:00:12] They come every month.

[01:00:13] Go check it out.

[01:00:14] You will absolutely find, you know, I think them very entertaining.

[01:00:17] Uh, this whole, you know, the way that they've built it is fair and it looks great, uh, by

[01:00:22] the way.

[01:00:22] So it doesn't look cheesy.

[01:00:24] Uh, so go check it out.

[01:00:25] Huntress.com go to the security awareness, by the way, the fact that you've given it away,

[01:00:28] like do figure out what this neighborhood watching is sign up.

[01:00:31] It sounds like it's free.

[01:00:32] Uh, that's a good price.

[01:00:34] Um, but this session was recorded.

[01:00:35] You'll find out on MSB initiative.com under sessions and, uh, please come back and definitely

[01:00:41] we want to see you out in the road.

[01:00:42] Right.

[01:00:42] So when we said September, October, November, no joke, like a third of the industry events

[01:00:47] are happening in that 90 days.

[01:00:48] So you're going to see that the good people at Hunter's on the road.

[01:00:51] I promise.

[01:00:52] I saw their event schedule.

[01:00:53] It's crazy.

[01:00:54] Uh, and hopefully if any of the ones that I mentioned earlier in this, uh, are in your

[01:00:58] to-do list, come, come, come by, sign up.

[01:01:00] It's all free.

[01:01:01] Thank you very much, my friend.

[01:01:03] Keep in touch.

[01:01:04] Thank you.

[01:01:05] Take care.

[01:01:06] Yeah.

[01:01:06] Bye.