Transcription

Speaker 1 (00:02):

Hello everybody. Thank you for joining us. Uh, today our topic is the, um, top three things that you can do to secure your company, but there's a whole lot more on security than just that. And we have, uh, two guests today. Uh, so we have, uh, John Gibson with just right and also Lance Keltner, uh, with uni computers. And, um, well you guys, Hey, Chris. Nice to be here again. Yeah, thank you. So, um, you know, I, I hear a lot on when people talk about, uh, cybersecurity and threats and being hacked and a lot of people think or say that, you know, I'm, I'm a, nobody, I'm just a small little business, um, you know, or maybe you're, you know, size, but why would someone target me? I don't have anything important. Um, you know, why would a hacker spend time to try and get into my systems?

Speaker 1 (01:02):

And, you know, they're there, sometimes people are being targeted, you know, like the, um, like the pipeline, for example. Um, but most of the time they're just looking for the easiest way to get in, uh, to hack with the biggest payoff. You know, they're looking for the quickest way to get something done and get the big money, um, you know, least amount of work. And that's not necessarily targeting people, but just doing open scans and just looking for who they can compromise, the easiest that people that aren't paying attention to security. And so it's real important that, you know, you get at least the standard, um, security protection in place. And so I wanted to talk about that. Um, Lance I'll, you know, I'll let you go first.

Speaker 2 (01:53):

Yeah. That's, we've been seeing that for a while now. Uh, you know, it used to be that you kind of had to be targeted, uh, or you were kind of okay. You know, even not to worry about it too much. Um, but now that's kind of changed, uh, in the past, you know, handful of years, the, the bad guys have turned this into a business and the best way to hit the most amount of people is to use automation. You know, just like the, the best way to do a lot of the stuff that we do is with automation. Um, and so they are, uh, looking for everything all the time and it's automatic 24, 7, 365. It never sleeps. And they're seeing who's the low hanging fruit out there. Who can I get a foothold in, uh, you know, compromise in some way then when they find your network that maybe didn't have the protection it needed, uh, or your computer or whatever, uh, then they phone home and say, Hey, look, I got one, you know, come on and do your business. And that's when they really get to work. And then you have a person actually doing stuff hacking you. Um, and so the key here I believe is to not be that low hanging fruit. And there are several things you have to have in, uh, to not have that be the case.

Speaker 1 (03:03):

Yeah. Uh, I actually have, you know, one example, uh, here recently, um, one of our clients had this, uh, this camera system that was just given to them. It looked like a, almost like a Chinese knockoff security system and no brand dot most of the documentation that we found on the internet was in some other language, but he insisted that, you know, he, he wants this, uh, he wants to use it requires ports open from the internet. So it, you know, major exposion expo, uh, uh, you know what I'm trying to say, um, exposing them to a lot of threats. And so what we, you know, they insisted to do it, we did it, but we did it in a, more of a security best practice way is we isolated it so that if something happens with that, that it's only isolated to that camera itself and not the rest of the network, you know, it, can't the, if say it's compromised, uh, can't get to other computers on the, on the, you know, at the company or their servers or anything like that.

Speaker 1 (04:04):

Um, so we just got a detection, um, yesterday that all of a sudden the camera traffic from, uh, or the internet traffic from that camera increased by five times, it started over, over flooding the firewall. So it was up but dropped out every 15 minutes or so. And it was going to some other country. I don't have it up on my, on my screen right now, but it was some overseas country that the traffic was going to, but, you know, so it may have been hacked, I camera system, but it's still isolated. What was impacted

Speaker 3 (04:43):

That's actually, um, there's something called the [inaudible], which, uh, uh, governs it's, it's a requirement under one of the security standards, especially for anybody that's dealing with the federal government and NDA approved camera systems are required for anybody that works with the government. I'm sorry. I don't remember what that acronym actually stands for, but it's been found that there's several Chinese. A lot of things were manufactured in cam and China and cameras and camera systems are among them. And specifically Chinese companies have been banned for anybody. That's doing government type contracting work because of that, because they're phoning home. So that, that probably is likely what's happening with her. So that's a good example of one of the shadow, it types of threats that we don't even knowingly know we're putting into environments. And, um, so it's really important to have a, a, um, it specialists that's familiar with this type of stuff. So, you know, that's why you have guys like us, right? So you can advise,

Speaker 1 (05:48):

Well, John, what do you think on, um, you know, requirements of, of cyber security?

Speaker 3 (05:54):

Yeah. One thing I think about security is, is the same, no matter what you're talking about. So if, you know, if most people can visualize what security looks like, if they're talking about their home, right? Because you have doors and you have windows and you have locks with those, those doors and windows, you may even have like a wall or a fence. Um, other parts of security you might put in your home would be things like an alarm system, motion, detectors, sensors, so that if a door opens or a glass breaks, that it, uh, you know, you hear something, you get an alarm, right. Or maybe you have a dog and the dog barks. Um, you might also have some aspects of, um, like the alarm system calls the police after 60 seconds. If nobody puts in the code, or maybe you have a gun and you take care of it yourself, or that dog, your killer Chihuahua, you know, each the person trying to get in.

Speaker 3 (06:45):

Um, and you know, you might also have, you know, like, um, crime watcher on neighborhood watch type programs that help with that, or what I just did there is identified all the different elements that are part of security for our home. And, uh, if you were to categorize them, they actually break down into three things. There's protection elements, like the doors, windows locks, um, and the wall or a fence, uh, there's detection, elements like your sensors and motion detectors and alarm system, and maybe the dog. And then you've got the response elements, which are killer 12 while eating the bad guy. Um, the gun you taking care of yourself, the police responding, and most, all of us will fall on our insurance if somebody were to get in. So those are protection detection response. Those are three primary elements of security, no matter what type of security you're talking about, you must have those things in place.

Speaker 3 (07:35):

Now there's some interesting statistics around this. When we look at businesses across the United States, a company called Gartner research group did a study of all it spend. And when they looked at, uh, the S the spend for security alone, uh, they found that 91% of security spend across all types of businesses in the United States was focused on, uh, the protection part of security only. Now, when you come, you know, when you put that against some of the statistics wall street journal did a interview of the department of defense and FBI, and they found that the average amount of time that a business has malware that's bad software on their computer or network, without them knowing about it is over six months. And the average amount of time before a company even realizes they've been breached is usually over a year. I think it was like 408 days.

Speaker 3 (08:29):

And that number changes year to year, but it's close to a year typically. And the way they find out is because there's a news story on TV or a press release, or a magazine article. And then everybody starts to hear about it and talking about it. And I know everybody's heard of these breaches. We just had one recently, the colonial pipeline right now, just to kind of give you an idea of security. They spent over $200 million on their it yet. They still were breached. So, you know, it, it, it's not how much money you throw at a thing. And, uh, when, when you look at that number of 91% of spend for it, as it pertains to security on protection only they've missed completely detection and response. And again, this is where the greatest need is I think is that we need to have ways to mitigate our risks that are associated with this, because anybody can be hacked anybody, many of us, um, you know, I'm sure you guys both saw Kevin Mitnick, you know, he, he does live presentations where he'll have somebody volunteer, volunteer, give me some information, I'll show you how quick I can hack your personally identifiable information, right?

Speaker 3 (09:38):

So it's, anybody can be hacked. So where we need to focus really comes down to, you know, where should we be putting the money? And the other thing is, is that if you have any weakness in your security, are you really secure?

Speaker 1 (09:51):

Okay, Brian and talking about Kevin knickknack again, I mean, he has the, uh, you know, he has a company and doing audits and checks and everything for companies on security, and he has a 100% success rate if they will let him use social engineering. So, you know, it's kind of a good example that if, even if you do get targeted, um, that yeah, the chances of you getting through that and being okay or not being hacked is very, very slim.

Speaker 3 (10:22):

Yeah. So yeah, it, the importance comes down to how quickly do detect that, that breach and how quickly do you respond to it? So I think that's where, you know, companies like ours, where we have a focus on the total security package is so vitally important because, you know, I, I can go into any business and I can ask them one question, there's three questions. I'll ask them if there's one, I think that's the most important. And how comfortable are you in your ability to detect and respond to a cyber attack on your business? And we have a flyer that we, um, we sent everybody, right? It talks about, you know, this says 15 ways to protect your business, but, you know, that's just to kind of give you a checklist to go through of some things you can do to try to protect yourself.

Speaker 3 (11:05):

But what about the other two pieces detection and response? And that's where it's really important, right? How confident are these business owners in their ability to detect and respond? And if they say anything other than, wow, I'm, I'm, you know, I'm not sure they're probably not being completely honest because realistically, unless they're truly monitoring 24 7, you know, for those detection type elements to come through and then do something about it quickly, they're missing out. And the other thing is happening is evident every single day of the, of the week and every single week of the year, you know, companies are being breached. And you know, that same article I mentioned about the wall street journal. They said that every business in the United States has been preached to this point. So it's not, if it's it's when, if it hasn't happened and it's happened, it's happened.

Speaker 1 (11:55):

Yeah. And that, that document you, you referenced, um, everyone should have gotten a copy of that, but if there's anyone watching that hasn't feel free to, uh, to reach out to us and we'll be happy to, uh, to send you one, um, phone number would be (406) 414-0532, um, or sales@wolfguardit.com. Um, but yeah, no, those are great points. I love the, uh, the house, um, kind of painting that picture. You know, you're not just locking your front door, there's a lot of other entry points and, and layers, uh, you know, to get through, um, that or that you should have to try and get through before.

Speaker 3 (12:36):

Another interesting thing about that is, think about taking any one of those things away and how confident is somebody in their security at that point? Do you take the locks off the door? Are they secure? If you take the motion detection or sensors off the alarm system, are they still, um, you know, secure, if you don't have a dog, you know, that you were counting on because you don't have a, um, an alarm system, you know, how do you know if somebody's been in, if you're not there, you know, let's say the whole family goes on vacation. So it's really, I think it's incumbent on us as individuals, but also for our businesses to have a complete security package. And if you don't, you don't, you know, 99% secure is 100% on secure. There's a guy in our channel that likes to say that. And I think that's completely true.

Speaker 1 (13:28):

Yeah. Yeah. Yeah. And, uh, Lance, what do you think? I, I, I don't know what, when we go and do onboardings almost all the time, they have a firewall and antivirus and they're like, yeah. You know, I think we're good. Um, but there's so much more to that.

Speaker 2 (13:45):

I absolutely. And, and to John's point there, um, you know, they, they think they're tackling the package, but they're tackling like 5% of step one. Right. So, um, I have, you know, as you were saying that, you know, so much of the spend is on the prevention side, but not the detected detection and response. I have never been into it in all my years of doing this 20 plus years. I've never been into a business once that does anything more than part of step one, that's it at any size that I've ever been into? Um, you know, even, even, I mean now, you know, larger enterprise, you know, the, you know, they're, they're getting it right, because they're all getting hit all the time, but when you get at anything smaller than that, so, you know, tiny business, small, medium, and even large, medium it's, they might be spending a ton of money on the prevention.

Speaker 2 (14:38):

You know, they've got, they got all this stuff, but, but they don't know if someone's in, they don't know the dwell time of an attacker on the network. They have no clue and they have nothing in place to tell them that either, um, they don't have, uh, they generally won't have a security center watching stuff in the background to make sure that, Hey, you know what, that looks weird. What's up with that. You know, that's not normal. We need to take a look at that. Right. They don't have any of that. Um, and so, you know, really, you know, w when, when I started doing things in a fashion that the three of us do, um, that really became important very quickly when we discovered that, and this is, this has been, you know, a handful of years now, since it's really became important, but it's, it's not just about protection.

Speaker 2 (15:22):

That's literally just part of the equation, because at the end of the day, if you get, you get straight up targeted and they want in, it's like, if someone really wants to steal your car, they're going to get the thing, you know, unless you are in the car with the gun and the dog, the killer Chihuahua, you're not going to stop them. They're going to get it right. If you get targeted as a business, they will figure out a way in, but what you bought once they do, what are your steps to get them out ASAP before it really causes a problem. And then, you know, being able to discover how they did and shore that up really quickly. So that, that, that way can't happen again. Um, yeah. Yeah, I think absolutely.

Speaker 3 (16:04):

Th there's several things that Lance hit on here. And if you look at the number one attack vector over 90, it's like 90 something percent. I can't remember the exact number, but it's over 90% of all the attacks completely bypass a firewall and antivirus that's phishing attacks they account for still over 90%. So in other words, the firewall and antivirus are certainly a component of security, but protection only. And that's, I mean, 20 years ago, that was enough, but not, not anymore. Absolutely not because phishing is the biggest, easiest, cheapest way for these guys to get in. And, um, yeah, it it's, you have to have, uh, detection and response elements in place. So if you don't have true 24 7 monitoring, there's a, there's a lot of it companies out there, that'll say, yeah, we do 24 7 monitoring. Um, really. And how many of you are there? And, you know, it's easy to get, um, you know, to the truth of that. They they're doing best effort and they're con they're not constantly watching it. So you do need a security operations center. That's monitoring 24 7. So a lot of great stuff. Is there

Speaker 2 (17:12):

Something else to really keep in mind here is as more, and this is especially true since COVID, but bef even before then companies are moving at lightning speed, the cloud first, you know, data is not, and I'm not speaking for everybody, but for a lot of especially small business, but even into medium, their data is not totally residing on hardware that they have in the office servers, desktops. It is in the cloud and maybe some of it is synced to their, their computer, their tablet, their phone. But most of it, isn't, it's just it's cloud first. So the antivirus that you have on your computer, it can't protect against anything. That's hitting that cloud first stuff. Cause it's not on your machine, the firewall, you have it in your office. It can't, it can't help with the cloud-first stuff cause it's in your office. So you have to have, and this is, this is one small piece of the puzzle, but it's a piece that almost everybody has ignored until recently.

Speaker 2 (18:10):

And it's something that, that all of us here provide, but you have to have protection for those cloud-first elements where it is not handled by the antivirus anti-malware software on the computer or the server. Um, it, it's a whole separate piece that also has to be in place with a security operations center watching it, because that is now, if you target someone's cloud repository and you, and you infect that with stuff, guess what? You just got a free ride to all their employees. And if that stuff is being shared out, like for instance, Microsoft SharePoint is a great way to share resources with other businesses that you work with. Maybe your vendors, maybe your client base. Well, if that gets attacked, now you're sharing out stuff that's already compromised. Well, now you just inadvertently compromised your client base. Right? And so you have to have stuff that that's part of the puzzle there that protects against that, but then also is watching it, which is part of that detection. And then of course remediation, if something were to happen, you got to know something's there to be able to remediate it.

Speaker 1 (19:14):

Yeah, for sure. Well, we're coming up, uh, um, on 20 minutes here. So I wanted to kind of, um, on the end, ask you guys a question and, you know, feel free to talk on a couple of minutes on it. Um, but, uh, what would you consider to be the top three things that you would suggest for a company, um, you know, help protect themselves? And we've talked about a lot of different pieces here, and then of course there's a lot more security everyone should have, but just, uh, Lance, I'll let you go first. You know, what would you consider to be the, the, the top three things? It could be any number.

Speaker 2 (19:52):

So I will, I will slightly cheat and say that, um, you fix the top three by working with somebody who covers all of it. Um, and so I would call that the top one, but we'll just for a second. We'll say that for whatever reason, that's off the table, and then that's not possible. The top three for me are going to be, uh, making sure that both for a physical standpoint, your computers or servers, and for email based threats, that you have protection in place across the board. And that comprises more than one more than one solution to get that done. There's no one solution that will do all of that. It's usually several things you have to put together. Um, number two is you got to have something that tells you when things are out of the ordinary and that is not antivirus software.

Speaker 2 (20:42):

It doesn't, it doesn't do that generally. Um, but you have to have different things in, uh, which, which the three of us all do that for our client base that will, we'll say, this is there's none normal. Something's going on here. You need to look at it. Um, and then number three is you really need user education, um, email based threats. So fishing, what John was talking about, spear fishing, when it's all internal, a lot of that can be dealt with before. It becomes a problem by users being wary and cautious. Uh, we had a prospect of ours that got fished for ACH transactions going to, and from a construction company, doing a job for them. And they shelled out 300 K to the wrong bank account because nobody bothered to pick up the phone to ask a construction company. Hey, did you mean to change the bank account three times on this, which would have solved the whole thing? I mean, just pick up the phone and make a call real simple that costs any money, just pick up a phone and call, but nobody did. And that, that is straight down. Thankfully it wasn't my client. So it wasn't, you know, I hope it becomes my client so I can educate them, but, uh, you know, it was, it was very simple and it could have been changed, but because that education wasn't in place, they didn't stop thinking.

Speaker 1 (21:58):

Yeah, that's great. John, uh, what, what would you say to be the, uh, the top three things?

Speaker 3 (22:06):

Well, I'll, uh, echo what Lance said, there's you need several layers of, um, defense and several there's several layers to security. So, um, when I say these three things, I I'd almost say I'm going to focus on, um, things that are probably easiest to do as well, and not that expensive, uh, if you were to do nothing else. And I, I agree with Lance on the security awareness training is absolutely vital over 80% of, uh, breaches occur because of employees. So that, that human firewall that you can create by getting them trained up is one of the most important things that you can do for your business. And, um, yeah, it it's the, it should be the first line, right? Because as long as everybody's been trained up on the basics and, uh, and we have ways of doing that for our clients, right? I mean, we, I provide that.

Speaker 3 (22:58):

They get weekly, um, security tips, they get monthly newsletter, that's focused strictly on security and they have annual training and they get a certificate for completing the training and everything. And, and we've been gamified a little bit by allowing them to kind of compete with each other. So that security awareness training is absolutely vital. And that's, uh, you know, I kind of like that the human firewall, right, because it does start security starts with everybody and it has to be at everybody's on everybody's mind and, you know, trust, but verify, I guess, is a kind of a cliche, but anytime you get an email that looks a little bit fishy.

Speaker 3 (23:38):

Yeah. Train your employees that pick up the phone and make a call. If you weren't expecting an invoice or a shipping notice, whatever else, a DocuSign, those are the most common ways are coming in. Right. So, uh, next I'd say multifactor authentication or two factor authentication. Most people are familiar with this because if they've got a bank, um, type of account on their phone or something, they have to enter in that text, that the bank sends them on their cell phone, right. Well, two factor or multifactor authentication will prevent a great majority of those breaches that, uh, compromise things like your email address, passwords and all that. So I'd say, you know, you definitely want to have multi-factor that's, that's going to probably, uh, defeat 95 plus percent of the, uh, the breaches that, um, involve credentials. So that's an easy one, and it's kind of hard to put this in one category, cause it actually crosses over, um, this last one here because it is an advanced endpoint solution, but it has detection and it also even checks your cloud stuff.

Speaker 3 (24:42):

And this is a solution that, um, each of us have that we provide, it's a more comprehensive solution, but, um, I think it is important to have a tool that checks every single type of file that's on a computer. Most antiviruses don't do that. It also checks everything online. Um, and that's including fishing, which is again, 91 plus percent is over 90%. I can't remember the exact number over 90% of the attacks are happening through fishing. And, um, you know, when you, when you consider that it was below 50% payout on ransomware ransomware accounts for about 60% of all cyber attacks, when greater than 50% of the companies being ransomed are paying the ransom. Do you think that ransomware is going to stop anytime soon, it's too huge of a payout. And, and not to mention on the dark web, they sell these things for as low as $120 a month.

Speaker 3 (25:41):

Somebody that doesn't even have any hacking experience can basically go into business, you know, uh, their own ransomware turnkey type of business, where all they got to do is plug in their Bitcoin account and then they can change the name of it, whatever clever thing they come up with. And then, you know, attack businesses, the colonial pipeline hack was not done by dark side, who, who wrote the, uh, ransomware that hit them. That was one of their, their clients or customers that purchase that from them. That's why they made that statement when they came out saying, uh, we don't do this. We do this purely for financial reasons. Right. Monetary reasons. So that's, yeah,

Speaker 2 (26:17):

It's

Speaker 3 (26:19):

Our audience. We don't know white labeling means, but yeah, that was basically a hacking group sold that ransomware to somebody that paid them for that business to use it. So that's why dark side came out and said, ah, that wasn't a house, you know? And we, we don't typically go after something that would impact people the package. Yeah. So, so those would be my, my three things. But again, keep in mind, there's several layers to security and if you don't have all of them, remember that sane now 99% secure is 100% unsecured because if there's a will, there will be a way in, and you know, that's the thing you have to concentrate on really truly is quickly detecting it and quickly responding to it, to limit your risk. Otherwise, you know, the longer it's out there, the more cost is going to be to the, the business that

Speaker 1 (27:10):

Gets impacted. And on that document that, sorry, John, on that document that you were referencing, uh, I think one of the points on there is, is a cybersecurity.

Speaker 3 (27:19):

Absolutely. And I almost put that as my number three,

Speaker 1 (27:22):

Right? Yeah. There you go. Yeah. It's, it's one, I think it's overlooked by a lot of, a lot of people,

Speaker 3 (27:29):

Very foundation it's at the bottom of there. Cause it's the very foundation of everything. Um, more and more businesses have cyber insurance that cyber breach insurance. And it is so vital because you have to think, um, I think the average ransomware right now is close to 1.1 million or something like that. It's really super high, used to be pretty low. Well, now it's really up there. W all you got to do is put yourself in that situation. Could you survive that kind of a hit on your business if you don't have cyber breach insurance, can you, right. Can I add,

Speaker 2 (28:01):

Can I add something to that as well? Um, I've noticed here just recently, there's a new phase of ransoming going on. Um, so phase one, and I've kind of numbered on myself, a phase one is they encrypt you. They ransom you and they want money to get your files back. So that's the first one. So let's say you pay it. You don't, you have backups, whatever. Well, phase two was, um, okay, great. We want more money or we're going to release all the data we have on you to the world, right. So, which is extra bad. If you have compliance that you're under, because now you have to report that because now it's out there. Well, I've just discovered here in the last handful of weeks of phase three. So now they have that data. So let's say that you didn't pay them the first time you had the backups, you know, we could, we got it.

Speaker 2 (28:46):

You know, and, and let's say that you did pay him the second time, so they wouldn't release it to the world. And let's just say that they honored that, right? Just for argument's sake. Well, phase three is they have that customer list from that they got from you that data, they're now going to those people who they haven't ransomware, but they have data on, and they say, you have to pay us, or we're going to release your information to the world. So not only are they extorting you, but they're extorting everybody that they got from you that could be your client base, your vendors, your partners, your employees, all of the above government contacts, whatever. And so that's why it's so important to know, not only to protect against this kind of stuff, but to know when it happens to be over remediate it fast before something gets out. Because I mean, you talk about trust loss, nothing does it faster than when your contacts are getting extorted because your security lacking.

Speaker 3 (29:42):

Yeah. Let me add two things to what, uh, Lance just said there in January, Garmin was hacked and they weren't going to pay the ransom because they had backups. And that's when that ugly head, that second phase that Lance mentioned came up, and that is, is that, well, if you don't pay us, we're going to release this data. And they sent them a sample subset of the data that they retracted or that they got off of their, um, their systems. So they ended up paying it. That was a $10 million, um, ransom. So that at that point, that was the largest ransom ever paid. And, um, they got a lot of news for that, but not the kind of news that most businesses

Speaker 2 (30:19):

Want. Another

Speaker 3 (30:21):

Phase that was out there. And I don't know if it's still going around, cause I haven't heard much about it, but there was a period of time there when the, um, the hackers were saying, well, we'll let you off the hook. If you give us some of some, you know, a couple of other people give us their contact information. And, uh, basically if, if you rat out somebody else, uh, you know, we'll let you off the hook, but we're going to ransom, you know, a couple other people. So it's like, gosh, this is just pure evil, you know? And

Speaker 2 (30:50):

It's a lot of trouble with the law comes out, which it will. I was going to say,

Speaker 1 (30:55):

You're not looking at just rain somewhere. Is that point. Yeah. Yeah. Okay. Well, we've come kind of to the end here. So I appreciate both of you going over this. It's a lot of great information and, you know, we try not to preach doom and gloom to everybody. Uh, but you know, w we are here to help you and we want to help you, you know, so you can just reach out to us. Uh, we'll we'll make the conversation very, um, non-technical, you know, we'll make it make sense to you on a business level and kind of just walk you through this, this whole, um, uh, you know, this whole process. Um, so w yeah, we're here for you. We want to go great news

Speaker 3 (31:38):

Part of it, right. That there, there is a way to deal with all this. You just have to have the right things in place, and that's what we all here can help you with,

Speaker 1 (31:47):

Right? Yeah. Um, one last thing I wanted to bring up is that we have, um, uh, an ebook, uh, that we make available to everybody. And this is all, this is, is that when we've onboarded different companies over the years, we continually find different things that are just blatantly not addressed. And they're these critical issues that should be addressed, you know, by your existing it company, new it company, whoever it is. Um, but you can download this, this ebook, and it can be a talking point, uh, for you to talk to your existing it or, or new it for changing, um, to help you, um, you know, just get some of these addressed, but also make sure to reach out and talk to your it about cybersecurity specifically, um, trying to get that protection, um, before it's too late. Yeah. Thank you. Uh, Lanson John, I'll bring the banner off there so everyone can see your names. And thanks. Thanks for joining me and you guys have a good day.

Speaker 2 (32:53):

Thank you. Thanks.