Ivan Paynter National Security Specialist on Why We Need to Pay Attention to Security

Could your business survive the reputational damage of a security breach and the financial impact of the recovery? The number of companies in the country that have been compromised by malware is going to increase exponentially due to the global pandemic, so companies must prepare themselves. In this episode, Max Clark talks with National Cyber Security Specialist, Ivan Paynter, about why security is not, or should not ever be an afterthought. Paynter takes us on a deep dive into what integrated security actually looks like for companies.
Max:

Welcome to the tech deep dive podcast where we let our inner nerd come out and have fun getting into the weeds on all things tech. At Clark Sys, we believe tech should make your life better, searching Google is a waste of time, and the right vendor is often one you haven't heard of before. Hi. I'm Max Clark, and I'm joined by Ivan Painter, our national cybersecurity specialist. Hi, Ivan.

Ivan:

Hey, Max. How are you? Good to talk to you. Good to talk to you too, sir.

Max:

So, Ivan, we talk a lot about security, and we talk about, you know, the impacts of security. And let's start with, like, statistics about this. You know, you you read these stats that say, you know, x percent of companies are gonna have a cybersecurity incident, and, you know, x percent of those are gonna I mean, to what is that stat in today's world?

Ivan:

You know, I couldn't tell you how many companies are going to be compromised because I honestly think that that number shifts depending upon what's going on. And I'll bring that into focus right now. Currently, we have this this pandemic, that's occurring. I think the amount of organizations that are going to be affected by this, not just by the pandemic, but by the amount of malware and and ransomware and and all the other events that we have not yet seen that are coming, you're gonna see that number exponentially increase. So at the end of the day, if if let's say if the number is, 60 to, you know, 75% of companies in the country have been compromised, I I would believe that the remainder might have already been compromised, and nobody is aware of it.

Ivan:

So before the fact that they are not being monitored in in the manner that they should be. So it's a matter of you don't know what you don't know.

Max:

You you know, what's the impact of compromise now for companies? I mean, what's the effect of this? How does it affect them? What's the byproduct of it?

Ivan:

You know, that that brand reputation is so important. And and I know that, you know, we can say that. And a lot of companies have come back from that. We can look at Sony. We can look at Home Depot and Target and the like.

Ivan:

But still, that thought remains there. And sometimes, companies don't reemerge from that type of scenario. So first and foremost, we wanna say, you know, it's going to be brand reputation. It's gonna be damaged, to a degree. People are going to think about spending their money there, not granted.

Ivan:

You know, Facebook gets compromised just about every other day, and and there are tons of people, that are are better using you using it and really don't care one way or the other. I I I find that ridiculous. But at the end of the day, there's also the the financial aspect behind it as well that most people don't see. That the recovery of that data, that's one. The the recovery of the damages that have been done to that reputation is another.

Ivan:

And then they also have to pay for each of the individual's data that has been compromised or divulged. They have to pay some type of protection for them for a year, for their credit. So there's a lot of money that's involved as well. So you have brand reputation and you have, you know, finances that are going on. And then to do business with a large entity that has already been compromised before, you know, for example, if you were trying to do business with Walmart, you have to have certain levels of security and go a lot deeper.

Ivan:

So, what it does, it it creates a great deal of intrepidation for the consumer, for the brand. And then the other side, for the brand, it it's gonna cost them a lot of money. A lot of

Max:

money. So, I mean, really, what we're talking about here is is worst case, you go out of business. Best case, you spend a ton of money, and it's painfully expensive for you.

Ivan:

Yep. Absolutely. Absolutely. And that's why with security, it's so important to get ahead of it. Right?

Ivan:

So, you know, people always think of security after the fact. You know, now we really need to combine security in with everything else. So when you look at SD WAN, when you look at MPLS, when well, even the the local, you know, devices that are going out. You know, you and I had a conversation when I first met you, Max, about, remote desktops. And, you know, that what a wonderful thing to have right now if we if we if everybody had that and that little device, you know, that Chromebook, and and, you know, what a great solution.

Ivan:

We'd all work from home, and there'll be no no problems. Well, a lot of companies won't prepare for it because they didn't see it coming. So, you know, we have to think forward with security, not just wait for it to occur.

Max:

What is dwell time?

Ivan:

It's how long how how how well can I hide from you, and how long can I be in that environment? So truly, it's a game of hide and go seek. When I was about to say, when I'm in your environment, when a bad guy gets into your environment and you can't see him and he is plowing around going from that from that printer, that HP printer that with that SSID that's just sitting there saying, come in because my default user and pass is still in here. And that's a great way to access the network. And then the next thing you know, he's bouncing around that environment because he didn't have to go through a firewall.

Ivan:

That is his dwell time. He is in your environment, and you have not identified him. The bad guy, him or her, the bad guy is moving laterally through your environment, and it's very difficult to see without the correct tools in place because quite often, we don't look, east west. You know? Everybody wants to see what's going through that firewall.

Ivan:

Well, I got news for you. You know, that USB stick that I'm dropping in the parking lot that somebody else dropped in the parking lot, and you pick up and and put in that machine, that's one way. How about about a drone that, you know, your CEO just won, and he took pictures, and now he wants to download that, and he brings it into the office and downloads those pictures off that drone that he just wanted some convention. And guess what piece of code he's gonna download first when he plugs that in mine. And I'm now in his network, and I've gotten past that firewall.

Ivan:

We we have to think about how we're getting in and, you know, what we do beyond that. I don't even remember what the question was at this point. I'm just security.

Max:

There's a stat around dwell time. What is average dwell time today?

Ivan:

Yep. Dwell time started out as approximately almost 9 months in when we really started paying attention to it. So the bad guy was in the environment, almost a full year. I think it's been reduced down now to maybe about 90 days or so that somebody's in. Because there's a lot of pieces that you see exfiltration of data outbound.

Ivan:

So that's going to be an indication. Or if you see communications back to a CNC server, command and control server, that is gonna be an indication. So, there are some modifications that you can see outbound. But dwell time can vary. But, usually, it was about 6 months, and I believe it's probably down to about 3 or 4 right now.

Max:

I mean, when you tell me that somebody can be on a network for 3 or 4 months undetected, I mean, shouldn't people be absolutely terrified of that thought process?

Ivan:

I would be. I mean, you know, I think security people see things a little bit differently. We have a tendency to be extremely paranoid. At the other side of that is, yeah, we should be very concerned about who's in our environment and that accountability. Let's look at it in a different manner.

Ivan:

The visibility that we used to have was purely internal. Right? And we looked at what's behind our our little crunchy shell. 90% of of the companies that I know that are out there are now using Office 365. And they're using a great deal of apps that are that are in space now.

Ivan:

Right? So with that, our environment has has moved to there, out to the cloud beyond. We have to make sure that that is secure as well. So dwell time is extremely important to make sure that you know who is doing what and who is not supposed to be doing what in your environment. It looks like Sally.

Ivan:

It says it's Sally, but that's not Sally.

Max:

So a while ago, you showed me a slide, and it was the different components of a holistic security approach for a company. And I don't think I've seen anything with more logos on it ever. What are the components of a security posture for a business? You know? I mean, let's let's start with the big box.

Max:

Right? They've got a firewall deployed. I mean, when you walk through that model, you know, what are we really talking about for integrated security?

Ivan:

Now, like we talked about before, integrated security is truly a layered approach. Right? So either you start on the outside and you work your way in or you start on the inside and work your way out. So if you start on the outside, yes, you have your firewall, and that's great. That firewall is that hard, punchy shell that really doesn't exist anymore, but it's there.

Ivan:

And then moving forward, if you really wanna build, you should have some type of monitoring device that's sitting there, that's looking at that traffic that's coming into the firewall. What's hitting that firewall? Right? Understanding, are there devices that can be geofenced or that can be, you know, eliminated from hitting your firewall? And then once you egress beyond that, we wanna see what made it through the firewall.

Ivan:

So, let's put a sensor there as well. So now I have sensors looking at your traffic that is coming in or that's hitting firewall that's come into the firewall. So I'm now monitoring that traffic. Right? So I've got some type of traffic monitoring there.

Ivan:

Beyond that, I need to understand what's hitting my servers as well. There are a great deal of logs that are being generated from servers and routers and and and wireless devices and even users' laptops. So let's collect that information as well. Where are we gonna collect that? Well, let's find that SIM that's out there and and put the put information there.

Ivan:

Now that's great. So now I have all these logs in one place, but holy crap. What do I do with all that? So let's let's correlate it together, and let's see if we can identify whatever we can from all this information. Because you wanna talk about alarm paralysis, it's there.

Ivan:

Now so you have your SIM, and you have some type of monitoring going on. Let's go a little bit deeper with that monitoring going on, and let's take that SIM information and add something called IDS. And you know what that is saying, MaxL, IDS and IPS. So when you have your intrusion detection system, we have a device that has a signature that is based upon what it already knows. Right?

Ivan:

So this is a standard. I've seen this come in. It's hitting the wall. Wait a minute. I'm also seeing signatures from my SIM that's telling me this shouldn't be happening.

Ivan:

So now we're getting correlation going on. So now I have that monitor that's sitting on the inside and outside of the firewall. I've got my SIM collecting all this information, and I'm I'm correlating them together. Now let's look at the the the true problem. And and like I've said to you before, the problem truly is between the keyboard and the chair.

Ivan:

Right? So we wanna make sure that we understand what the user is doing, 1. And then 2, making sure that the user has training, which would be part of that overarching component as well. But I wanna put something on that device. So I wanna make sure that device is protected.

Ivan:

Antivirus is great. Absolutely. Next gen is better. We talk about an EDR. I wanna know if that device not only is it is it getting malware, but is it extruding information that we should be aware of?

Ivan:

If my laptop is sitting at Starbucks and it is sending out a half a terabyte worth of data to oh, let's go pick on Hong Kong today. Right? Don't you think I would wanna know about that? It it doesn't look like malware, but we're losing a lot of data, and this is company data. So, you know, that's something else that you need to have.

Ivan:

So that that gives you an EDR component. Right? So now let's tie that EDR component into that monitoring, into that IDS, into all the other apparatuses that you have, and let's put that to a single pane of glass. Right? And let's call that a sock because now you have somebody that's monitoring everything that's going on with your environment.

Ivan:

And that's not everything. Oh, I just said a really bad word. Everything. Anytime somebody says, we're monitoring everything, run. Because you're not.

Ivan:

The other thing that I you know, I'm a real stickler about because I know how if I was a hacker, how I would come in. And I'm gonna come in by sitting in your parking lot and finding that that printer or finding that one device or, frankly, through Bluetooth. There's a lot of software defined radios that are out there. So there's a lot of ways to get into an environment. So I wanna know what that lateral traffic looks like with your environment too.

Ivan:

And what that means is, you know, it's not going outside of the Internet but is contained there within and it's moving around. That adds to your dwell time and everything else. And then just might be extruding just a single byte of data going back to the command and control center. Somebody may not see that. So if you take all of those individual components together, right, that's going to give you a very logical view of what's going on within your environment.

Ivan:

And then lastly, the one last thing that we'll probably layer on top of that is that IP fix or that NetFlow data and to understand really what is standard within your environment and what is obtuse. And then once we have all that together, I think we have a really good understanding of what is occurring. But we have to also make sure that we know, it's not just signature based. We need to look at that behavioral aspect as well. Now the last part about this is no human's gonna be able to ingest and understand all this data.

Ivan:

So we have to bring in some type of understanding. You wanna call it machine learning? I'm all in with machine learning. If you wanna call it AI, but okay. I'll accept that as well.

Ivan:

You know, the reason why I'm I'm I'm a little iffy on AI, I think you already know this, Max, is because you had to teach it something already. It didn't learn by itself. If it learned by itself and it it that's AI. And and alright. I'll I'll let it go because I'm very passionate about that.

Max:

So when I started in IT a long time ago, the ratio was roughly 60 employees per IT person. Sure. Today, I'm seeing ratios of, like, 120 to 150 to 1 IT person. So, I mean, two questions. Right?

Max:

I mean, is security something that, you know, as a business leader, I could expect my existing IT staff to be able to go out and and, you know, buy boxes from vendors and buy subscription software and buy tools and integrate all this and and use it? Or am I looking at, I need to go out and hire people to manage security for our company? And can, you know, can I find these people? And what does this actually look like? I mean, what are what are companies facing with this in the real world?

Max:

And what's reasonable to expect and to achieve?

Ivan:

You know, quite often, I I believe a lot of organizations believe, well, we're we're we're an SMB or or we're entry level. We're we're a small guy. Nobody wants our information. Nobody wants our data. The IT guys can handle it.

Ivan:

And and depending upon the size of the organization, they might be able to. But they also have to think about who they're doing business with as well. Quite often, some of the industries right now will require you to have somebody monitoring and managing your your environment. Can it be done in house? Sure.

Ivan:

I hope you got a really good bank book, and you take care of your people. And good luck finding qualified security people. And when I say qualified, let let's put some years behind them and maybe give them a couple certifications. And then, you know, once you get them, good luck keeping them because you have to train them continuously, and then somebody else is gonna be knocking on their door. So that being the case, it's you've gotta be able to make sure that you you keep them there.

Ivan:

So to to hire a security person, there might be a few out there, but the ones that really understand all the different devices, the ones that can truly go through, SIM and understand, the deeper dive into what's going on in the recesses of hunting for a bad guy within all of that massive amount of information that you've collected on your SIM or you've collected on your routers, and not having it be a thought at 4:30 in the afternoon after he's patched a half a dozen machines, you know, the last hour and and he's had to troubleshoot the CEO's device and all these other things he's done. Now you want him to look at some logs and to see if there's any bad guys out there. I think, really, the focus has to be on some type of managed service or or some environment where, you you know, those alarms are going to somebody who's really just paying attention to that. Just focus upon that. Look.

Ivan:

In my view, organizations should be running their business. Right? I'm not out here to to create a widget. What I'm out here to do is secure an environment. And to that widget creator, if you wanna become a security entity, god bless and good luck.

Ivan:

My advice would be absolutely let's move towards managed service, and let's understand that you're not gonna be able to hire the people that you need. And they already have them. And they the folks that they have have the experience that you want. And you no longer have to worry about your security needs. And on top of which, you've now hired a staff that you have 247, 365.

Ivan:

They don't get sick. They don't go on vacation, and they're there anytime you need them. And if you have them correctly installed, they can handle an an event at your location without waking you up at 3 o'clock in the morning on Christmas Eve. So, you know, those are some of the things that we really need to think about. I I always go for the, you know, the the massive drama, but at the end of the day, these things have happened.

Ivan:

You know just as well as I do. If we're not paying attention to it, the bad guys know when we're on holiday. They know that corporate is here right now and that we're suffering through it. Look. They know that those checks are are just in the mail as we speak.

Ivan:

And the amount of malware or websites that are gonna be out there right now to track that check or track anything else that's there, are phenomenal and it's no longer that email from Nigeria, wanting to give you, you know, a half a $1,000,000 or so. These are very well crafted, events that are going on.

Max:

Hi. I'm Max Clark, and you're listening to the Tech Deep Dive podcast. At ClarkSIS, we believe tech should make your life better, searching Google is a waste of time, and the right vendor is often one you haven't heard of before. With thousands of negotiated contracts, Clarkesys has helped hundreds of businesses source and implement the right tech at the right price. You're looking for a new vendor and wanna have peace of mind knowing you've made the right decision?

Max:

Visitus@clarksys.com to schedule an intro call. So you mentioned earlier, you know, companies requiring their vendors to have security. And I'm sure to take on them specifically, but Target had a very public breach a few years ago, and that breach was tracked to their HVAC contractor, if I remember correctly. And, you know, I would imagine that HVAC contractor at that point didn't think that they needed to have security for any reason. But can you talk about this and really how that affects the threat landscape for a company and what we're talking about?

Ivan:

I think that HVAC contractor didn't know what security was at the time or or even that he had to worry about it. Simply for the fact if you want to do business with large organization or even smaller organizations of that manner and especially if they're publicly held or if they are in areas that have compliances like California or New York. Actually, it's 43 states of the union now have formal compliances. These things are a necessity to do business with them. So you have to show your due diligence that you have some type of security measurement in place.

Ivan:

You have a SIM in place. You you have certain and you you literally have to show this. Almost every organization I know that I deal with or any financial organization at a minimum has to have a penetration test, has to have an assessment of their infrastructure and their organization to show, demonstrate to whomever they're attempting to do business with that they are paying attention to, that they're doing their due diligence to move forward. So so it's almost a requirement that as you move forward, you're you know, you want to grow your environment or you wanna grow your business, the requirement is going to be some type of managed service.

Max:

But but is that, you know, security by checkbox? You know? Do you have a SIEM? Yes. I do check.

Max:

Do you have endpoint detection? Yes. I do check. Do I have this? Yes.

Max:

I mean, is that actually giving us a better security posture, or is that just I've I've filled out the boxes and checked the form?

Ivan:

No. I I I wanna play devil's advocate because I'd just rather shoot from the hip and be honest about it. Sometimes, it is that way. Quite often, it's not. And some of the the c cells, especially, understand that, you you know, this is not necessarily a checkbox.

Ivan:

We're we're doing this to ensure that we can continue to do business even during, you know, some type of of of incident. Right? Via, malware or ransomware or whatever it is. The other side of that is there are some organizations that feel that they gotta just check those boxes because it's a requirement. I have absolutely seen that.

Ivan:

I think at the end of the day, the larger percentage are those that truly get cybersecurity because they might have been compromised in the past or they have seen enough people in their vertical that have been compromised. Let's let's look at just the local municipalities themselves. Not not to pick on the South, but, you know, Texas was compromised at 28 different municipalities in one day. Yes, it was an MSP that got hit, but it was still 20, 28 or 27 municipalities. Baltimore paid 1,500,000 or no, they paid a half a 1000000.

Ivan:

Atlanta paid 1,500,000 Lake cities you know? So it's become evident that we know that municipalities don't have it. So or don't have a security. So let let's just start hitting them, and that's what's occurring. If you see this and you can just look in your industry, if you make widgets, your partner to the left or your partner to the right just got hit.

Ivan:

Guess who's up next. Right? They don't really care who you are. They just wanna make money. And I say they, I want the bad guys.

Ivan:

So, it's a requirement. Yeah. It better be. And if you're not paying attention to it, you're gonna get hit. And most likely, probably already are compromised.

Ivan:

You just don't know.

Max:

So we see lots of news about companies being hacked and data being leaked. And, are we being desensitized to this? Oh, you know, so and so just was breached, and all my credit card data just got leaked out. And, you know, it I mean, are we seeing something where this is turning into a like, oh, this happens to everybody, whatever. We don't need to worry about it?

Ivan:

I think for the for the media, it's publicized so often. But they don't even talk about it anymore, especially now. But to a degree, it's become desensitized now. But when you really start talking to the the CISOs and the ones that understand that, their job is on the line, 1. 2, their their brand reputation is also on the line.

Ivan:

They are going to pay attention to it. So it might become desensitized to some of the the general public or or some of the some people that just don't think it's that big of a deal, or they don't have anything to offer. Nobody wants my little tiny widget over. Nobody wants the secret sauce from my barbecue. Right?

Ivan:

They just don't want it. But at the end of the day, there's more data there. So, you know, are you collecting credit cards? Or or, you know, what other information do you have? So it's a great question, and and I think the answer is both.

Ivan:

But the ones that get it and the ones that know what's going to happen and that are diligent enough to move forward are absolutely going to have, a managed service.

Max:

We haven't talked about this yet, but we see phone systems and voicemails as a threat vector for companies. And people crack these systems all the time. Now what happens after some you know I mean, like, okay, whatever. You broke into my voicemail. What's the worst that can happen?

Max:

I mean, what is the worst that can happen if somebody breaks into your voicemail because you're using a PIN that says 1234 on

Ivan:

it. Oh, if I can get into that one, what else can I get into? Right? So, where else can I move within that environment? And then can I utilize that particular voicemail to move forward up the chain?

Ivan:

Maybe I can get to the CEO, And maybe I can run a scam. And we've seen this quite a bit from some very large companies that will send me some gift cards or scratch them offs and send pictures. Some of this is close to heart. We've seen this in a lot of different organizations. So at the end of the day, yeah, that that compromise can move forward.

Ivan:

When we look at, email or or anything of that nature, sometimes the the crafty criminal or or hacker or or freaker, whatever you wanna call them, will be able to hide their footprint by either deleting emails or, you know, reverting a document that they've already read back to unread and then truly covering their tracks while in that environment. And then figuring out who else, they can relate to or while they impersonate that individual, how they can escalate up to maybe that person's boss or another manager within that environment or move laterally there within. So it's a great tool to move forward. It's a great starting place. Once a bad guy's in, they're gonna remain in, and they just move from one one side of the playing field to another.

Ivan:

What we need to do is to be able to identify that, figure out where they came in at, find the infection vector, close the infection vector, and then get rid of the bad guy.

Max:

I think it's important to note also that, you know, the goal of a lot of security compromises relates to financial gains. You know, what does the financial ends mean, and why why was the compromise there? I mean, I I had a customer who had their phone system breached, and it was, you know, organized crime, was using it for long distance nights. You know? Mhmm.

Max:

They ended up with a $40,000 long distance bill after 2 days of usage. You know? It was very financially painful for that company, and they were liable for that that that call traffic. So So,

Ivan:

Max, let let me let me turn the tables, and let me ask you a question. Sure. That's that's something I don't see that often. So, when it comes to, you know, UCaaS or or CCaaS, are you seeing a lot of that in the environment? And and and will managed services also cover something of that nature?

Max:

I don't think you see it as much with the with the big UCaaS providers because they are implementing their own security infrastructure to try to prevent this from happening. The smaller independent UCaaS vendors, absolutely. Because you start talking about a threat vector that's a little bit more, it's a it's a larger footprint. And if you have a provisioning system, that provisioning system, the phone is talking to a provisioning system and giving us MAC address and then downloading configuration. Well, that configuration of the phone download says, what's the username and password in order to send phone calls?

Max:

Right? So if you can find and exploit and send MAC addresses at a provisioning system and figure out one that works, this is a common exploit. Now you have an authenticated account to make phone calls with. And, you know, there's in lots of cases, no limit to how many SIP calls you can make through an endpoint. So depending on how that provider is configured, well, now if you've got that, So now this is a a threat necessarily against that provider.

Max:

The example I gave you, the customer was configuring their own phones because they went out and and and purchased SIP trunking service. And they had credentials to send SIP traffic and did not realize their phones had web servers built into it for, you know, management and usability. It makes a nice little feature to configure. And the web service had a default password, and the phone was directly connected to the Internet. So Nice.

Max:

What happened, somebody found the phone food you know, footprint. They were probably just scanning, just looking for what came back, and they saw it. Then it came back, and, oh, this is the spec phone. And they went and then tried to do, you know, default user and password on the phone. And that and that popped up, and they said, oh, great.

Max:

You know? And and what did they do? They reconfigured the phone to pen traffic through it, and they shoved $40,000 worth of long distance traffic through that phone over 2 days. It was a Friday, Saturday, Sunday. And by the time that was detected, you know, now the customer's, you know, belief was that their service provider should have prevented and blocked this, and that turns into a completely different can of worms.

Max:

But, you know, what what end up happening out of that was that, you know, the contract was very clear. It's what you send to us and we terminate. You're gonna pay us for.

Ivan:

Sure.

Max:

And they had to write a very big check at the end of it.

Ivan:

Wow. So they actually had to pay.

Max:

It was a very expensive lesson.

Ivan:

Yeah. So that that kind of brings us right to, you know, maybe that should have been a managed service as well. They would have, saved a great deal of money there.

Max:

You know, there's there's lots of hindsight. Things. Right? And what I'm looking for and what we talk about, what I'm always very curious when I talk to you is what information can you can we give to people so they're not learning lessons from hindsight or it's not a this won't happen to me kind of thing. You know?

Max:

You know? Once once you have an event you know, I've got lots of stories of these. Once you have an event, then you have hindsight, and you'll say, oh, maybe we shouldn't have done it that way. And and that may or may not impact you. You're talking about municipalities, and And this really isn't about the point here.

Max:

I mean, I had a hospital customer who, you know, thought that their security policy and BCDR policies and procedures were appropriate and that they had everything handled. And they had a ransomware attack, and they ended up having to transfer patients

Ivan:

out

Max:

of their hospital to other hospitals. So when you're talking about an event where you're taking and putting people on stretchers and wheeling them down the aisles of your quarters onto ambulances and then driving them to another hospital, I mean, that's a really significantly serious event. And, you know, not only was that massively disruptive to their their their purpose of as a care facility, but the outcome of that, in financial impact that, organization was was devastating.

Ivan:

Sure. And then and then you we also gotta take in consideration, any of the, HIPAA violations that that might have occurred there too and the the fines that might have been levied against that organization.

Max:

It it was a very painful learning lesson is is, is how I'd put it. So, I mean, Ivan, we could we could talk probably for days days days about security. You know, if if somebody's only gonna listen to, you know, a 45 second sound bite from you, like like, what what's important that you'd want them to hear and and and think about?

Ivan:

You know, Max, you and I have both been doing this for a really long time. And the the thing that they've gotta get is that it's going to happen. So let's be prepared for it. Right? I'm watching this virus that that's touching people right now.

Ivan:

And I remember back in the days when we used to do viruses, you know, in the network. And then we would watch it spread throughout different networks and have to find an infection vector. I think we really need to be diligent about what we do and how we do. One of my themes is be careful what you click on. That's actually don't click on stuff when stuff is not the word.

Ivan:

But, you know, it's important that we all pay attention to security. And the thing that I would wanna leave everybody with is plain and simply this, security is not or should not ever be the an afterthought at this point. It should be whatever you want to do and security as part of the initial play, not an afterthought. So we have to make sure that security is there from the beginning no matter if we're architecting a new environment, a cloud environment, phone system. You know, I I know even, t b TV, was it?

Ivan:

Telephone Denial Service, is also something that that is now falling into my belly. But I've never dealt with that because it's always been network security, but this is more and more prevalent. So we all, as individuals, have to be very cognizant of what we do and how we do. And we have to pay attention to security from the beginning and not just as an add on. And rely upon the experts to do their job as people are are going throughout their day doing their job.

Max:

I mean, you you said, you know, telephone denial. I mean, denial of service attacks and ransomware really are denial of resources that the company is Sure. Either own or pay for. Right? And so any resource that you have that you own that you pay for, is there an attack that somebody could take and deny you access to that resource?

Max:

And what would that actually mean to you in terms of your operations on your business?

Ivan:

Right. Well, not being able to utilize what you've already paid for has gotta be a pain in the ass. Right? So, you know, it's like, I've got my server here. I've got my Internet connectivity.

Ivan:

What do you mean I can't get online? You know, I mean, tell the kid to stop playing Fortinet. What is it? Well, it's not that. Right?

Ivan:

Somebody's got a whole bunch of cameras across the street. And and and the kid, you know, 3 blocks down has turned all those cameras into a botnet, and now he's he's DoS ing you or he's DoS ing, you know, your your company. I I think we're we're in for even larger attacks of that if we saw the East Coast 2 or 3 years ago when we had some major DNSs that were DoS. So We've got to pay attention to all of it. Right?

Ivan:

What are we putting online and how are we utilizing it? And let's be intelligent about how we move forward.

Max:

Ivan, thank you very much for your time. It's always a pleasure talking.

Ivan:

Thanks, Matt. We'll talk to you soon.

Max:

Thanks for joining the Tech Deep Dive podcast. At Clarkesys, we believe tech should make your life better, searching Google is a waste of time, and the right vendor is often one you haven't heard of before. We can help you buy the right tech for your business. Visit us at clarksys.com to schedule an intro call.

Creators and Guests

Max Clark
Host
Max Clark
Founder & CEO of ITBroker.com
Ivan Paynter National Security Specialist on Why We Need to Pay Attention to Security
Broadcast by