>> 3, 2, 1.

♪ >> THIS IS RTP THIS IS RTP 180.

>> GOOD EVENING, LADIES AND GENTLEMEN, AND WELCOME TO THE BEAUTIFUL FRONTIER, ON THE CAMPUS OF RESEARCH TRIANGLE PARK FOR RTP 180.

HOW'S EVERYBODY OUT THERE DOING THIS EVENING?

AWESOME.

IT'S HALLOWEEN I WAS BEGINNING TO WORRY THAT YOU ARE ALL DEAD, THAT'S GOOD.

EXCELLENT NOW QUICK SHOW OF HANDS HOW MANY PEOPLE HAVE NEVER BEEN TO A 180 BEFORE NEVER BEEN TO RTP 180?

AWESOME.

WE'VE GOT A FEW THERE COUPLE THERE ALSO THAT WILL WELCOME THANK YOU VERY MUCH BY ANOTHER SHOW OF HANDS, HOW MANY PEOPLE ARE SEEING RTP 180 FOR THE VERY FIRST TIME TONIGHT.

MOST OF THE SAME PEOPLE AWESOME HOW MANY PEOPLE NEVER ANSWER QUESTIONS INVOLVE RAISING YOUR HANDS.

THAT'S CALLED A PARADOX - JUST BROKE THE UNIVERSE, NICE JOB PAL!

THAT NEVER GETS OLD.

NOW MY NAME WADE MINTER, I WILL BE YOUR HOST FOR RTD 180 PRESENTED BY OUR FRIENDS AT RTI INTERNATIONAL.

OUR TOPIC THIS MONTH IS CYBER SECURITY.

SAY OO!

SAY AH!

IT WORKED AWESOME NOW THE WAY THIS WORKS IS WE'LL HAVE 5 SPEAKERS UP HERE FOR WHOM YOU'LL SEE IN PERSON THEY WILL SPEAK FOR ABOUT 5 MINUTES ON THE TOPIC OF THEIR CHOOSING RELATED TO CYBERSECURITY WHICH POINT WE'LL HAVE 5 MINUTES OF Q AND A FROM YOU OUR AUDIENCE BE THINKING OF THOSE QUESTIONS BECAUSE OTHERWISE IT'S 5 MINUTES OF AWKWARD SILENCE AND I GET ENOUGH OF THAT AT HOME.

IF YOU'D LIKE TO CONNECT WITH US AND I WISH I WAS GETTING IF YOU'D LIKE TO CONNECT WITH US SOCIALLY PLEASE DO SO USE THE HASHTAG RTP 180 YOU CAN TWEET US FRONTIER RTP COME FIND US ON FACEBOOK LIVE ARE ALSO BROADCASTING LIVE.

THANKS TO OUR FRIENDS AT PBS IN SEE TELL YOUR FRIENDS TO TUNE IN.

NOW NORMALLY IF YOU'RE HERE IN AN AVERAGE, YOU WOULD SEE SOMETHING THAT LOOKS A LOT LIKE THIS IF YOU ARE SITTING IN THE REGION'S ONLY FREE PAUSE FOR DRAMATIC EFFECT.

CO-WORKING FACILITY.

THAT'S RIGHT IF YOU ARE IN THE HARD OR AT LEAST THE DEW ON A NUMBER OF RESEARCH TRIANGLE PARK YOU CAN STOP BY AND CO WORK HERE FOR FREE.

THERE'S ALSO LOTS OF FUN ACTIVITIES OUTSIDE THERE'S YOGA THERE'S FOOD TRUCK RODEO'S THERE'S THE BUCS SHARD RIGHT ACROSS THE STREET PLEASE STOP BY AND TAKE ADVANTAGE OF THESE FACILITIES YOU WON'T REGRET IT.

NOW WE DO THE OUT OF OFFICE HAPPY HOUR ON THE FIRST SECOND AND 4TH THURSDAYS, THE 3RD THURSDAYS.

NOW WE DON'T DO IT HERE.

BUT IF YOU'D LIKE TO STOP BY AROUND 5.30 4 OUT OF OFFICE, THERE IS A FUN EVENT THAT YOU CAN SWING BY AND CAP OFF A NICE THURSDAY.

NOW THE TOPIC HERE IS CYBER SECURITY, I WOULD LIKE TO NOTE ONE THING HERE WHICH WILL BECOME FAIRLY OBVIOUS FOR THOSE OF YOU WHO ARE PAYING ATTENTION.

WE DO NOT HAVE ANY WOMENS SPEAKING AT THIS PANEL WHICH IS A SHAME HAS ARE LOTS OF WOMEN IN THE AREA DOING AMAZING STUFF IN CYBERSECURITY AND TECH IN GENERAL WE DO HAVE A WOMAN OWN COMPANY REPRESENTED HERE TODAY, BUT FOR ALL THE WOMEN IN THE AUDIENCE ARE DOING COOL STUFF IN TECH OR THE WOMEN IN THE AUDIENCE WHO ARE WATCHING US LIVE IF YOU HAVE IDEAS FOR THINGS THAT YOU WOULD LIKE TO TALK ABOUT PLEASE REACH OUT TO US HERE AT THE FRONTIER RONAN AT RTP .ORG WILL BE YOUR CONTACT, WE'D LOVE TO HAVE YOU ON A FUTURE EDITION OF OUR TP 180.

BUT NOW IT IS TIME FOR OUR FIRST SPEAKER OF THE EVENING, HE JOINED MCNC IN 2013 AND CURRENTLY SERVES AS THE VICE PRESIDENT OF SECURITY INITIATIVES AND THE CHIEF INFORMATION SECURITY OFFICER.

PLEASE WELCOME OUR FIRST SPEAKER CHRIS BEAL.

>> CYBERSECURITY WHEN I SAY THAT WORD YOU'RE PROBABLY GETTING A PICTURE POPPING UP IN YOUR MIND AND I'M WILLING TO BET THAT THAT PICTURE LOOKS SOMETHING LIKE ONE OF THESE.

I SEE SOME HEADS NODDING HERE SOME LAUGHS.

I WANT TO GIVE YOU A DIFFERENT PICTURE, A DIFFERENT WAY TO THINK ABOUT CYBER SECURITY WHEN YOU LEAVE HERE TONIGHT.

AND IN THE FUTURE WHEN YOU HEAR THAT WORD I WANT A DIFFERENT PICTURE POPPING UP IN YOUR MIND.

BUT BEFORE WE CAN DO THAT WE NEED TO GO BACK IN TIME.

WAY BACK.

>> BC.

>> BEFORE COVID ALL RIGHT YOU'RE READY, LET'S GO.

WHAT DO YOU THINK ABOUT WHEN YOU SEE THIS PICTURE RIGHT HERE.

ABOUT THIS HUMAN HEALTH.

SO THERE ARE A SET OF BASIC PRACTICES THAT WE FOLLOW IN ORDER TO TRY TO GET HEALTHY AND STAY HEALTHY.

THESE ARE BASIC THINGS.

ANYONE CAN DO.

AND MOST PEOPLE SHOULD DO THINGS LIKE WASHING OUR HANDS EXERCISE GETTING ADEQUATE SLEEP BRUSHING OUR TEETH, CLEANING THE ENVIRONMENT AROUND US GOING TO THE DOCTOR FOR REGULAR IMMUNIZATIONS CHECKUPS.

WE HAVE ALL KINDS OF THINGS THAT WE MEASURE AND MONITOR AND KEEP TRACK OF IN ORDER TO KNOW OUR STATUS WITH REGARD TO OUR HEALTH.

NONE OF THESE THINGS UP HERE ARE TAILORED TO A SPECIFIC HEALTH CONDITION.

THEY'RE ALL GENERAL BASIC THINGS DOING THESE THINGS DOES NOT GUARANTEE THAT WE WILL NEVER GET SICK MOST PEOPLE DON'T REASONABLY HAVE THAT EXPECTATION.

WE CALL THESE THINGS HYGIENE SO PRACTICING GOOD HYGIENE DOES 2 VERY IMPORTANT THINGS FOR US FIRST OF ALL IT DECREASES THE LIKELIHOOD THAT WE WILL GET SICK.

IT DOESN'T ELIMINATE THE RISK.

BUT IT MAKES IT LESS LIKELY THAT WE WILL GET SICK.

AND THE OTHER REALLY IMPORTANT THING IT DOES IS IT REDUCES THE IMPACT.

INEVITABLY WHEN WE DO GET SICK, IT'S NOT AS BIG A DEAL IS NOT A CATASTROPHE.

SO PRACTICING GOOD HYGIENE MAKES A STRONG.

IT MAKES US RESILIENT.

IT MAKES US HEALTHY.

CYBERSECURITY IS THE SAME WAY.

THERE ARE A SET OF BASIC PRACTICES THAT WE CAN FOLLOW IN CYBERSECURITY TO GET CYBER SECURE AND STAY CYBER SECURE.

NOW.

I DON'T HAVE TIME IN MY 5 MINUTES HERE TO GO INTO REALLY ANY LEVEL OF DEPTH ABOUT THESE THINGS BUT PERHAPS SOME OF OUR OTHER SPEAKERS WILL TOUCH ON SOME OF THESE AND YOU CAN ASK ABOUT HIM DURING THE Q AND A BUT THIS BASIC SET OF THINGS ARE THINGS LIKE INSTALLING SECURITY UPDATES.

LOOKING ACROSS OUR ENVIRONMENTS FOR VULNERABILITIES THE SAME THINGS THAT THE ATTACKERS ARE LOOKING FOR AND FIXING THEM BEFORE THE ATTACKERS CAN EXPLOIT THEM.

LIMITING OUR USE OF ADMINISTRATOR RIGHTS TRAINING AND EDUCATING OUR END USERS USING MULTI-FACTOR AUTHENTICATION BACKING UP IMPORTANT DATA SO THAT INEVITABLY WHEN WE DO HAVE A COMPROMISE WE HAVE THAT DATA TO GO BACK TO NONE OF THESE THINGS ARE TAILORED TO A SPECIFIC CYBERTHREAT THESE ARE ALL BASIC THINGS THAT ANYONE CAN DO AND EVERYONE SHOULD DO.

SO LET'S GO BACK TO OUR HYGIENE AND ACTUALLY I WANT TO HIT ON ONE.

IMPORTANT POINT.

JUST BECAUSE ONE OF THESE THINGS AS BASIC DOESN'T MEAN IT'S EASY TO DO.

RIGHT IT'S EASY FOR ME TO SAY, O WELL YOU SHOULD JUST EAT WELL OR YOU SHOULD JUST GET GOOD SLEEP.

ALL RIGHT THAT CAN BE A HARD THING TO DO AND IN THE CYBER WORLD, YOU KNOW THESE THINGS CAN BE CHALLENGING IT'S EASY TO SAY WE'LL JUST INSTALL YOUR SECURITY UPDATES THAT CAN BE A HARD THING TO DO GIVEN YOUR ENVIRONMENT SO I WANT TO MAKE SURE YOU UNDERSTAND THAT JUST BECAUSE THESE THINGS ARE BASIC DOESN'T MEAN THAT THEY'RE SIMPLE OR EASY, BUT THEY ARE REALLY IMPORTANT AND EVERYONE SHOULD BE DOING THAT.

SO IF WE GO BACK TO OR ARE HYGIENE ANALOGY HERE.

REMEMBER EARLIER ON US AND WE'RE GOING GO BACK IN TIME TO BC.

IN 2019 A NEW THREAT TO OUR HEALTH EMERGED COVID-19 SO WE HAD TO EVOLVE OUR BASIC PRACTICES.

ALL RIGHT WE HAD TO INVENT NEW THINGS IN ORDER TO KEEP US SAFE THINGS LIKE DISTANCING, OR WEARING A MASK WE HAD TO COME UP WITH NEW TESTS TO HELP DETECT THE PRESENCE OF THIS THREAT.

AND THEN WE GOT THESE AMAZING NEW VACCINES THAT FOLKS SHOULD GET IN ORDER TO KEEP THEMSELVES HEALTHY.

RIGHT WE HAD TO CHANGE OUR BASIC PRACTICES.

NONE OF THE OTHER ONES WENT AWAY BUT WE HAD TO GET NEW IT'S THE SAME WAY THE CYBERSECURITY WORLD NEW THREATS EMERGE.

AND WE HAVE TO EVOLVE IN ORDER TO KEEP UP WITH THOSE THREATS.

SO BEING CYBER SECURE IS NOT ABOUT NEXT GEN.

I HIGH TECH WHATEVER THOSE THINGS ARE IMPORTANT TOOLS AND THEY CAN HELP US BUT THAT'S NOT WHAT CYBERSECURITY IS REALLY ABOUT CYBERSECURITY BEING CYRUS SECURE IS ABOUT DOING THE BASIC THINGS WELL OVER AND OVER AGAIN.

AND DOING THOSE BASIC THINGS WILL DECREASE OUR LIKELIHOOD OF A SECURITY INCIDENT AND DECREASE THE IMPACT OF THE INEVITABLE INCIDENT WHEN IT DOES OCCUR.

SO I WANT YOU WHEN YOU HEAR CYBERSECURITY I WANT YOU TO THINK HUMAN HEALTH.

AND HOW YOU CAN PRACTICE CYBERSECURITY SAFELY.

>> DON'T GO RIGHT AWAY, IT'S TIME FOR AUDIENCE QNA THAT'S RIGHT YOU'RE KEPT UP HERE FOR ANOTHER 5 MINUTES, ACCORDING TO MY CONTRACT.

LADIES AND GENTLEMAN EVERYONE WHO GIVES US A QUESTION DURING AUDIENCE Q AND A WILL RECEIVE A GIFT CARD.

2.13 WEST HERE AT THE BOX YARD.

SO YOU GET TO GO HOME WITH SOME CASH IN YOUR POCKET ALREADY WE'VE GOT SOME I WANT TO CASH IN THE ROCKET.

THAT'S AWESOME.

OUR FIRST QUESTION WILL BE COMING TO YOU RIGHT FROM BACK HERE NEAR THE BACK ROW.

>> HI, I'M I WAS WONDERING IF YOU ARE AWARE OF ANY THREATS ON THE HORIZON AND YOU HAVE THESE BASIC.

I WAS A BASE, THESE RECOMMENDATIONS FOR SECURITY ARE YOU SEEING ANYTHING THAT WE AS DIGITAL UNIVERSITY SHOULD BE PAYING ATTENTION TO A SHOULD KEEP AN EYE ON AS IT COMES TO WORDPRESS PLUG-INS ALL THOSE DIFFERENT STUFF THAT WE'RE USING THANKS.

>> YES, SO THE EMERGING THREATS THAT ARE COMING WATER THINGS PEOPLE NEED TO BE PAYING ATTENTION TO IN THEIR DAY-TO-DAY LIVES.

THE THREAT LANDSCAPE.

>> ABSOLUTELY CHANGES ALL THE TIME THERE ARE CONSTANTLY NEW VULNERABILITIES THAT APPEAR.

SOME OF THEM ARE MUNDANE SOME OF THEM ARE PRETTY ESOTERIC BUT WHAT I WOULD WANT EVERYONE HERE TO UNDERSTAND IS THAT THE BEST THING THAT MOST FOLKS CAN DO TO PROTECT THEMSELVES IS FOLLOW THESE BASIC THINGS MAKE SURE YOU'RE INSTALLING YOUR SECURITY UPDATES.

IF THE NEW WORDPRESS VULNERABILITY IS ANNOUNCED RIGHT YOU'RE ON TOP OF INSTALLING THE PATCH FOR THAT RIGHT.

IMPLEMENT MULTI-FACTOR AUTHENTICATION SO THAT WHEN THE NEXT TYPE OF PHISHING ATTACK IS DEPLOYED.

YOU KNOW YOU'RE PROTECTED AGAINST THAT BECAUSE YOU'VE ALREADY TURNED ON HIM FACE THOSE BASIC THINGS FOR FOLKS IN THE AUDIENCE WHO ARE NOT CYBERSECURITY PROS WHO ARE HAVING TO REALLY PAY ATTENTION TO THOSE DETAILS.

THIS IS THE STUFF THAT THE BASIC THINGS THAT I WOULD ENCOURAGE EVERYONE TO WORK ON.

>> ALL RIGHT, WE'VE GOT ANOTHER QUESTION FROM HERE IN THE BACK APOLOGIZE FOR ONLY HAVING ONE MIKE SOMEONE HACKED INTO OUR MICROPHONES I THINK YEAH, MIAMI SUCH PRIME ACTUALLY A VOLUNTEER WITH THE NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION WHICH IS UNDER THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY.

THEY ACTUALLY HAD A CONFERENCE YESTERDAY WITH THE SISTER WHICH IS A CYBER INFRASTRUCTURE SECURITY AGENCY ABOUT CYBER HYGIENE AND THIS IS A VERY VERY IMPORTANT PROBLEM ONE OF THE THINGS I KEEP SEEING NOT ADDRESSED IS WHAT DO WE DO WITH ALL THESE DEVICES WHEN WE'RE DONE WITH THEM.

YOU CAN'T THROW THESE THINGS THE WAY THEY'VE GOT ALL KINDS OF INFORMATION.

ANY HAVE YOU SEEN ANYBODY TALKING ABOUT DISPOSAL OF THE DEVICES.

THAT'S REALLY THE QUESTION IS FOR OUR DEVICES THAT ARE BEING TAKEN AWAY RECYCLE GIVEN AWAY WHAT'S THE BEST WAY TO KEEP THEM SECURE.

>> SO THAT IS AN EXCELLENT QUESTION AND I WILL READILY ADMIT THAT I AM NOT AN EXPERT IN THIS AREA, SO PERHAPS SOME OF THE OTHER FOLKS WHO ARE SPEAKING HERE TONIGHT MIGHT HAVE MORE EXPERTISE THAN I BUT GENERALLY SPEAKING FOR MOBILE DEVICES.

BOTH IOS AND ANDROID THERE ARE ESTABLISHED MECHANISMS THAT ARE PROCEDURES THAT YOU SHOULD FOLLOW TO MAKE SURE HERE'S WHAT YOU DO TO SECURELY GET ALL YOUR DATA OFF OF THAT DEVICE BEFORE YOU ARE GOING TO SELL IT OR DISPOSE OF IT.

SO THOSE ARE GENERALLY WELL DOCUMENTED SO I WOULD ENCOURAGE FOLLOWING THOSE PROCEDURES AND THEN I'VE ALSO ALWAYS BEEN TAUGHT THROUGHOUT MY 20 PLUS YEAR CAREER.

IF YOU HAVE SOMETHING THAT YOU ARE REALLY WORRIED ABOUT DATA RECOVERY ON YOU NEED TO PHYSICALLY DESTROY IT.

ALL RIGHT SO THAT'S SOMETIMES PROBLEMATIC.

FROM AN ENVIRONMENTAL STANDPOINT, SO YOU HAVE TO WEIGH WHICH RISK YOUR MORE CONCERNED ABOUT BUT CERTAINLY FROM THE STANDPOINT OF HARD DRIVES AND LAPTOPS IF YOU ARE TRULY CONCERNED ABOUT DATA RECOVERY ON THAT PHYSICAL DESTRUCTION OF THAT DEVICE IS IS REALLY THE THE BEST OPTION FOR YOU, BUT AGAIN, I'M I'M NOT AN EXPERT IN THAT AREA.

>> IT'S GOOD TO KNOW THAT MY KIDS ARE CYBER SECURITY EXPERT BECAUSE THEY RUINED EVERY TECHNOLOGY THING THEY TOUCH ALSO WE'VE GOT ANOTHER QUESTION OVER HERE FROM THE PARTY COUCH.

>> DO YOU HAVE ANY TIPS FOR MOTIVATING LESS TECH SAVVY PEOPLE HEARD LIKE INSTILLING HYGIENE SKILLS.

>> AND SOME WAYS YOU CAN TAKE THE SOMEWHAT RETICENT FOLKS IN YOUR LIVES AND CONVINCE THEM TO PRACTICE GOOD HYGIENE OR IF YOU CAN CONVINCE ME HOW TO GET MY WIFE TO DO THIS FOR UPDATES.

>> SO I WILL BE HONEST.

THE THE MOST EFFECTIVE METAPHOR I HAVE FOUND AND THIS IS WHY TALKED ABOUT THIS TONIGHT IS THIS ANALOGY OF HEALTH.

MOST PEOPLE CAN RELATE TO THAT AND THEY UNDERSTAND THERE ARE THINGS I NEED TO DO TO TRY TO STAY HEALTHY AND BEING ABLE TO CREATE THAT METAPHOR FOR THEM THAT IS THE SAME WAY IN THE DIGITAL WORLD AND HERE ARE THOSE BASIC THINGS.

THAT'S THE START SO JUST LIKE IT'S IT'S DIFFICULT.

IT'S ONE THING TO TELL SOMEONE YOU NEED TO BE BETTER YOU NEED TO EXERCISE GETTING THEM TO ACTUALLY DO THAT CAN BE CHALLENGING.

SO IT CAN BE THE SAME WAY THE DIGITAL WORLD, BUT I THINK JUST THE START OF HERE ARE THINGS YOU NEED TO BE CONCERNED ABOUT.

I THINK IS A GOOD WAY TO BEGIN THE CONVERSATION.

>> ALL RIGHT ANY OTHER QUESTIONS ABOUT CYBERSECURITY AND GOOD DIGITAL HYGIENE TO PROTECT YOU AND YOUR LOVED ONES ALRIGHT WE'LL GET OUR LAST QUESTION BACK HERE IN THE BACK.

>> I DON'T HAVE A QUESTION PER SE, BUT I JUST WONDERED ON TO THAT THE GENTLEMAN SO POINT ABOUT DISPOSAL OF AND THE CHRONIC MEDIA.

SO THAT IS A CONCEPT WHICH I GOT THAT HAS GARNERED LESS SUPPLY CHAIN.

SO WHAT YOU DO IS YOU FIND PEOPLE WHO ARE ENGAGED IN TO A SUPPLY CHAIN AND YOU CAN THEN GIVE YOUR ELECTRONIC ITEMS DEN AND BE ABLE TO MAKE SURE THAT IT IS DISPOSED OFTEN SANITIZED IN THE MOST APPROPRIATE WAY.

AND THIS ALSO HELPS IN TERMS OF MAKING SURE THAT YOUR FORMS AND OTHER ITEMS GOING TO LAND THE IN YOU KNOW LANDFILLS AND OTHER PLACES SO THAT YOU'RE ALSO BEING ENVIRONMENTALLY FRIENDLY BY MAKING SURE THAT YOU GIVE YOUR ITEMS TO SUPPLY CHAIN MANAGEMENT ORGANIZATION I THINK THAT OUT A COUPLE OF THEM IN THE R D P I MAY BE A LOT OF BEING WORKED UP PERHAPS SHOW UP SOME INFORMATION THANK YOU.

>> GREAT RIVER SUPPLY CHAIN LOGISTICS.

I GUESS THERE'S REALLY TO HOLD AN ANSWER THAT, BUT IF THERE WAS ONE THING YOU COULD LEAVE IS SOMEONE TO TAKE AWAY THAT THEY COULD DO DIRECTLY WHEN THEY GET HOME TO IMPROVE THEIR SECURITY HYGIENE WHAT WOULD THAT BE ONE THING THAT EVERYONE CAN DO.

>> IS INSTALL SECURITY UPDATES.

ALL RIGHT SO EVERY DEVICE YOU HAVE WHETHER IT'S YOUR LAPTOP, YOUR IPAD YOUR PHONE.

THOSE THINGS ARE CONSTANTLY TELLING YOU HEY, THERE'S AN UPDATE THAT NEEDS TO BE INSTALLED AND A LOT OF PEOPLE IGNORE THOSE AND SAY I'LL DO THAT LATER, THAT'S THE ONE THING THAT'S EASY TO DO YOU CAN GO RIGHT NOW AND INSTALL THOSE SECURITY UPDATES AND THAT'S WHAT I WOULD ENCOURAGE YOU TO DO.

>> ALL RIGHT, LIZ HUMAN BIG HAND FOR CHRIS BIEHL AND TO THE POINT ABOUT RIVER SUPPLY CHAIN LOGISTICS COMPANY.

THERE'S ONE I WOULD RECOMMEND HERE IN RTP THE CRANDON INSTITUTE THEY ARE RIGHT DOWN THE ROAD AND THEY WILL TAKE YOUR OLD COMPUTERS LAPTOPS TABLETS MONITORS THAT SORT OF THING WIPE REFURBISH AND DONATE THEM TO LOCAL SCHOOLS, I'VE DONE THAT WITH A LOT OF PERSONAL AND BUSINESS TECHNOLOGY.

CHECK THEM OUT THE CRAMMED INSTITUTE HERE IN RTP AND UP NEXT.

WE'VE GOT A CYBERSECURITY PRACTITIONER AND FOUNDER WITH 20 PLUS YEARS EXPERIENCE, HE'S CURRENTLY BUILDING A CLOUD NATIVE SOFTWARE PLATFORM AT JUPITER ONE.

PLEASE WELCOME TO STAGE ERKANG ZHENG.

>> GOOD EVENING, EVERYONE.

I WAS HERE 4 YEARS AGO.

AND A LOT HAS CHANGED IN 4 YEARS, INCLUDING THE STAGE.

WHAT'S UP WITH THE UNDER 3 QUARTERS OF IT WILL HAVE TO DO THAT.

WELL I DON'T KNOW WHAT TO DO WITH THIS NOW.

SO LAST TIME I WAS HERE I TALKED ABOUT THE STATE OF CYBERSECURITY BEING A CYBER PANDEMIC AND TO CLARIFY IT HAS NOTHING TO DO WITH THE PANDEMIC THAT WE'RE IN RIGHT NOW I HAVE NOTHING TO DO WITH THAT.

HOWEVER I THINK THERE'S A LOT THAT WE CAN LEARN FROM WHAT CHRIS TALKED ABOUT AND SO WHAT COVID-19 AND THIS PANDEMIC THAT WORRYING IS TEACHING US.

SO I FUNDAMENTALLY BELIEVE FRIES DONE THERE'S A LOT OF THINGS THAT WE CAN DO AS AS CHRIS MENTIONED JUST NOW THAT WE HAVE TO DO THE BASICS.

WELL WE HAVE TO DO THE SECURITY HYGIENE AND DO THAT WELL AS SCALE.

BUT IN ADDITION TO THAT.

I WANT US TO THINK A LITTLE BIT ABOUT WHAT.

>> SECURITY TEAM SECURITY ORGANIZATIONS AND SECURITY PROFESSIONALS NEED TO THINK ABOUT A NEED TO DO TO WIN THIS PANDEMIC TO DECIDE OR PANDEMIC.

NOW LET'S THINK ABOUT WHAT WE'RE DOING TO WIN OUR AGAINST THIS PHYSICAL PANDEMIC THAT WE'RE IN RIGHT NOW.

SO THERE'S THERE'S YOU KNOW THERE'S RESEARCH THAT WE'RE DOING TO DEVELOP VACCINES STARTS RESEARCH THAT WE'RE DOING TO COME UP WITH ANTIVIRAL DRUGS AND SO ON SO FORCE.

NOW HOW DO WE DO THAT THE WAY I LOOK AT CYBER SECURITY IS IN TERMS OF WELLNESS AND I FUNDAMENTALLY BELIEVE THAT THE FUTURE OFF CYBER SECURITY RELIES ON THE PRACTITIONERS BEING MORE LIKE DOCTORS AND WELLNESS COACHES.

IN THE DIGITAL WORLD.

RATHER THAN THE POLICE.

WELL WE HAVE SEEN SO MUCH WERE YOU IF YOU WANT TO PROJECT THAT IN THE WATER YOU GO TALK TO THE SECURITY GUYS.

AND WE'VE BEEN FOR THE LONGEST TIME BEING THE POLICED OFTEN THE BLOCKERS OF THE BUSINESS MOVING FORWARD BECAUSE OF ALL THE COACH O'S THAT WE TEND TO PUT IN PLACE FOR THE SAKE OF CYBERSECURITY I THINK WE HAVE TO CHANGE THE MINDSET.

THIS IS A COACH CHANGE.

THIS IS A MINDSET CHANGE AND THE RESULT OF THAT WILL BE THAT WE WILL ENCOURAGE AND INCENTIVIZE EVERYONE IN THE ORGANIZATION TO PARTICIPATE IN SECURITY RATHER THAN TO FIND WAYS TO CIRCUMVENT IT.

WHAT DO WE DO AS CYBERSECURITY PRACTICE PER PRACTITIONERS.

WHAT CAN WE DO TO IMPROVE AND GET BACK TO THE FOUNDATIONS AND GET BACK TO THE BASICS OF CYBERSECURITY AND FINDING THE ROOT CAUSES OF SOLVING THIS PANDEMIC NOW LET'S LOOK AT THIS.

DO THEY LOOK SIMILAR, I FIND STRIKING SIMILARITIES BETWEEN WHAT A HUMAN BODY LOOKS LIKE AND WHAT A DIGITAL ORGANIZATION WOULD LOOK LIKE.

SO 20 YEARS AGO REZA WITH STARTED DOWN THIS PATH OF DOING DNA SEQUENCING FOR FOR HUMAN GENOME AND IN ORDER TO UNDERSTAND OURSELVES BETTER.

AND THAT IS HOW WE WERE ABLE TO COME UP WITH A VACCINE.

SO QUICKLY TO COUNTER INTO WIND ABOUT DOING THAT IN DEPEND IQ AND THIS SIMILARLY WE HAVE TO HAVE THIS TYPE OF UNDERSTANDING IN CYBER IN DIGITAL OPERATIONS AS WELL.

NOW I'M NOT JUST TALKING ABOUT A DEVICE.

HENRI PHYSICAL, HOW WHERE OR SOMETHING WITH AN IP ADDRESS THAT'S HANGING OUT THERE IN THE NETWORK.

THERE ARE SO MANY OF THESE SAW FOR DEFYING GRANULAR ELEMENTS THAT ARE IN PARK FOOD THAT THAT ARE PART OF THE OPERATIONS IN CYBER IN IN THAT IN THE DIGITAL SENSE THAT WE WOULD WE DO NOT HAVE A GOOD UNDERSTANDING ABOUT.

I THINK UNDERSTANDING THE CYBER SETS IT'S ALMOST LIKE DOING A DNA SEQUENCING FOR THAT THE SHUTTLE COMPANY FOR THE 2 OPERATIONS.

SO THINK ABOUT A STOCK USER THINK ABOUT A CODE REPOSITORY THINK ABOUT A PULL REQUEST THAT THE ENGINEER MAKE TO MAKE CHANGES TO THE COAT AND THINK ABOUT HOW THAT CODE IS TO POINT TO AND THEN BAR AND THEN NOW BECOMES AN OPERA CAKE JEN THAT PERFORM SOME FUNCTION.

IN THE CLOUD OR IN THE DATA CENTER SOMEWHERE.

NOW ALL OF THOSE ARE NOT JUST VERY GRANULAR INDIVIDUAL ELEMENTS IN DIGITAL OPERATIONS, BUT THEY ARE HIGHLY CONNECTED.

JUST LIKE EVERY SINGLE CELL IN THE HUMAN BODY.

SO WHAT DOES THAT MEAN HOW DO WE ADDRESS ALL OF THESE CHALLENGES AND GET DOWN TO THE REAL CAUSES OF THE CYBER PANDEMIC I'LL DRAW SOME PARALLEL AGAIN TO HOW WE MANAGE HEALTH RIGHT SO A LOT OF THESE ARE VERY BASIC THINGS.

I WOULD HIGHLIGHT.

ONE SPECIFIC ASPECT WHICH IS AGAIN UNDERSTANDING OURSELVES WHAT DO I MEAN BY THAT WHAT DATA ARE WE TALKING ABOUT TO UNDERSTAND OURSELVES.

NOW THIS BRINGS TO MY NEXT POINT WHICH IS THE COMPLEXITY.

I THINK I HEARD A RAINING AND I'M GOING TO PRETEND I DIDN'T HEAR THAT HAPPENED TO ME 4 YEARS AGO AS WELL.

AND ORGANIZATIONAL LEVEL.

I THINK WE WANT TO ENABLE A MUCH MORE COLLABORATIVE WAY ALSO ADDRESSING CYBERSECURITY WE JUST RELEASED A BOOK AND DOES MY BOOK PROMOTION WAS SO SO CHECK OUT A BOOK.

NOW WHAT I WANT TO HIGHLIGHT HERE IS THAT DATA AND THE COMPLEXITY THAT RESIDES IN THETA AND HERE WE HAVE A 5 BY 5 MATRIX TO TALK ABOUT THAT DATA THAT WE HAVE OUT THERE AND WHAT WE DO ABOUT THAT DATA NOW I WOULD WANT TO SIMPLIFY THIS EVEN FOR GO TO SAY THERE ARE REALLY ONLY 2 CATEGORIES OF DATA THE MILDER IN SECURITY OPERATIONS AND THAT'S THAT THEY THAT THE PROVIDES STRUCTURAL AWARENESS AND THAT THEY THAT THE PROVIDES CONTEXTUAL AWARENESS THINK ABOUT FAR FIGHTERS IF YOUR HOUSE GETS ON FIRE AND EAST SITUATION AWARENESS IS TELLING YOU HEY, THERE SMOKE, AND THERE'S PEOPLE SCREAMING AND THE HOUSE IS ON FIRE GOOGLE PUT UP THAT FIGHT BUT WHAT THE FAR FIGHTER OR SO WANTS TO KNOW IS IF THE BUILDING IS UP TO COAT, WHAT IS THE BLUEPRINT WAS IT WHAT IS THE WEAKEST POINT.

WHAT IS THE BLAST RADIUS AND ALL THOSE THINGS IS AGAIN THOSE CHEW TYPE OF DATA THAT MATTERS.

THE STRUCTURAL WARN US THE SITUATIONAL AWARENESS AND THAT DATA IS WHAT ENABLES US TO REALLY TRULY UNDERSTAND OURSELVES AS A DIGITAL ORGANIZATION TO PROVIDE THE COMPETE CONTACTS AND VISIBILITY TO THE OPERATIONS THAT WE RUN EVERY DAY.

NOW WITH THAT THAT'S IT AND I'LL CLOSE WITH A LITTLE BIT OF A PROMOTION TO 2 TO ONE OF MY COMPANY AND THAT'S WHAT WE DO IS TO HELP PEOPLE UNDERSTAND THEMSELVES START DIGITAL OPERATIONS.

QUESTIONS.

>> ALL RIGHT, LET'S DO WITH THE ECHO SHOW WE'VE GOT HANDS UP EVERYWHERE THAT'S WHAT I LIKE TO SEE.

SO WE'LL START OVER HERE.

AND THEN WE'LL COME BACK THERE MAKE THE CIRCUIT.

THANK YOU FOR YOUR PRESENTATION.

>> ONE QUICK QUESTION IS WHY ARE SOME OF THE TIPS THAT YOU WILL GET TO THE AVERAGE USER.

WE'LL GET SICK OR RIGHT AND WE'LL GO TO THE DOCTOR.

SO WHAT HAPPENS WHEN WE GET IN FACT WHAT HAPPENS WHEN WE GET ATTACKED, WE GET BUYERS OR SOMETHING WHERE SOME OF THE THINGS THAT WE CAN DO TO PRE TO TAKE CARE OF IT THANK YOU.

>> ALL RIGHT SO SOMETHING BAD HAS HAPPENED WHAT ARE SOME TIPS WE CAN DO TO TAKE CARE OF IT.

>> WELL THAT THE PENS THAT COME THE CONSULTANT OF ME IS THIS TELLING YOU THAT THE DEFENSE NOW I I THINK THE BEST THAT YOU CAN DO IS TO UNDERSTAND THE CAUSE OF THAT.

HOW THE TREATMENT WILL INTERACT WITH YOU ON YOUR INDIVIDUAL LEVEL.

RIGHT SO SO MEDICAL PROFESSIONS PROFESSIONALS ARE DOING RESEARCH BEING INDIVIDUALIZED SPECIALTY TREATMENT RIGHT SO IF SOMEBODY GETS SICK WITH CANCER FOR EXAMPLE RIGHT SO ONE DRUG AND ONE COCKTAIL MAY WORK AND MAY NOT WORK AND THE REASON FOR THAT IS UNNECESSARY BECAUSE OF JUST BECAUSE OF THE DROUGHT, BUT IT'S BECAUSE OFF THE THAT DNA OFF THAT INDIVIDUAL BODY.

RIGHT SO I THINK THAT'S PART OF WHAT I'M PROMOTING AND PROPOSING HERE IS FOR US TO TRULY UNDERSTAND IF THAT TREATMENT WILL WORK FOR YOU IF YOU GET SICK IN THE IN THE DIGITAL SENSE.

AND SIMILARLY FROM THE PROACTIVE STANDPOINT AS WELL.

YOU KNOW WE CAN GO OFF OUT THERE AND GO TO COSTCO AND BUY ALL THOSE VITAMINS AND SUPPLEMENTS ON THE SHELF AND ARE YOU GOING TO TAKE EVERY SINGLE ONE OF THOSE.

OF COURSE, NOT NOW IF YOU TRULY UNDERSTAND WHAT YOU ARE IN THE WEAKNESSES ARE AND YOU CAN BE A LOT MORE FOCUSED IN BOTH REACTING IN PREVENTING DOT.

>> ALL RIGHT.

ANOTHER QUESTION HERE IN THE BACK CENTER AISLE COMING YOUR WAY.

YEAH, THANK YOU.

JUST A QUICK TO LIVE NATION THOUGH THIS IS A PRETTY GOOD DAY INTERESTING TOPIC.

SO BEFORE I MAKE ENOUGH TO PANDEMIC WITH RESPECT TO THE SIDE BUT THEY ATTACKS I'VE BEEN IN THE END AND PICKS ALREADY KNOW IS IT BECOMING MORE ARTISAN BECOMING BECAUSE PEOPLE HAVE STARTED WORKING FROM HOME.

I NOTICED THAT KIDS HAVE BEEN WORKING FROM HOME RIGHT HOW DOES THE TREND OF THAT IN ANALYTICS TO SUPPORT YOU KNOW.

>> ALL RIGHT.

THE QUESTION IS WE'VE MOVED INTO A NEW WORLD OF TECHNOLOGY POST-PANDEMIC PEOPLE CHANGE THEIR LIVES DOES THAT ALTER THE THREAT PROFILE.

>> IT DOES THAT IT DOES ABSOLUTELY IT INCREASES THE TALK SURFACE AND EVERY SINGLE ORGANIZATION OUT THERE BECAUSE OF THE PANDEMIC IS ACCELERATING THEIR DIGITAL TRANSFORMATION, EVERYWHERE, GUNNAS ASIAN IS BECOMING A TECHNOLOGY ORGANIZATION, WHETHER YOU LIKE IT OR NOT BECAUSE WE HAVE TO SUPPORT THIS REMOTE WORKFORCE AND BECAUSE OF THAT WE HAVE TO WE HAVE A LOT MORE ELEMENTS THAT WE HAVE TO WORRY ABOUT RIGHT BECAUSE PEOPLE ARE WITH EVERY WORD TECHNOLOGY IS IS EVERYWHERE AND AGAIN REST SO THAT'S ANOTHER REASON FOR US TO FOCUS ON UNDERSTANDING THE BASICS DOING THE BASICS AND UNDERSTANDING OURSELVES.

>> ALL RIGHT, WE'VE GOT TIME FOR ONE MORE QUESTION ONE MORE QUESTION COMING HERE STAGE LEFT.

>> I HAVE YOU WORKING ON YOU KNOW THE SECRECY SO I KNOW WHAT THEY'RE TALKING ABOUT I KNOW SOME GREEK NICE MY MY MY MY HEART BEATS MICE GENOME SEQUENCING I HAVE A DEVICE A COMPUTER AT HOME HOPE CAN.

YEAH, I'M TO EXERCISE THAT THE GROUND HAS PROGRAM AND THAT THE HOW CAN I MAKE MY DEFIES TOOK THE YOUNG SOME.

WELL HIS PROGRAM MAKING THEM ARE STRONG AND THEY WILL BE SAID FOR SECURE.

SOME OF THEM.

>> SO THE MAN WORKS IN GENOMES HE'S GOT A SUBJECT MARRIAGE.

BUT HE'S BUT HE DOESN'T QUITE KNOW HOW TO MAKE HIS TOME TECHNOLOGY SECURE WHAT WOULD YOU SUGGEST.

>> SO A LOT OF WHAT I WAS DISCUSSING WAS MORE TORTS ORGANIZATIONS FOR A DIGITAL TEAMS.

BUT THAT TO ADDRESS YOUR QUESTIONS SO INDIVIDUALLY WHAT CAN WE DO.

CHRIS PREVIOUSLY MENTIONED ABOUT KEEPING UP WITH THE SECURITY UPDATES AND I WILL GIVE YOU ONE MORE TIP WHICH IS USE MFA MULTI-FACTOR AUTHENTICATION ANYWHERE POSSIBLE.

OKAY, SO PASSWORDS I FEEL LIKE PASSWORDS WERE LIKE IF ALL THE DISKS OF TECHNOLOGY.

IT BEING SO ANTIQUATED AND IT NEVER DIE.

SO WE SHOULD NEVER GOING FORWARD JUST RELY ON PASSWORDS TO PROTECT YOUR DIGITAL LIFE INDIVIDUALLY ANYMORE SO USE AND THAT THEY MONDAY 5 4TH INDICATION EVERYWHERE YOU CAN.

>> LAZIO AND BIG HAND FOR RETURNING.

SPEAKER OR COME JUDY.

>> WE'VE HAD SOME GREAT QUESTIONS HERE AUDIENCE KEEP THEM UP WE LOVE IT WHEN WE GET TO Q AND A FROM YOU OUR AUDIENCE AND YOU GET A SPECIAL PRIZE TO TAKE HOME IF YOU GIVE A QUESTION.

BUT IS NOW TIME FOR OUR 3RD SPEAKER OF THE EVENING, HE'S THE MANAGER OF INFORMATION TECHNOLOGY SERVICES AT IEM OVERSEEING THEIR TECHNICAL ASSISTANCE CENTER AND IT SYSTEMS.

PLEASE WELCOME TO THE STAGE MARK FERENCE.

>> THANK YOU EVERYONE.

>> SO MY NAME IS MARK FERENCE I AM THE IT MANAGER OF IEM.

A BIT ABOUT MYSELF, I'VE BEEN IN IT FOR ABOUT 25 YEARS.

I'VE BEEN WITH IEM FOR ROUGHLY 8 YEARS SEEN GROWTH FROM 250 TO ABOUT 800, 900 USERS RIGHT NOW.

WE ARE ACTIVELY GROWING AS A COMPANY.

A LITTLE BIT ABOUT THE COMPANY, WE ARE THE LARGEST WOMAN A MINORITY OWNED CRISIS MANAGEMENT FIRM IN THE UNITED STATES YOU CAN SEE BY THE NUMBERS THAT WE ARE.

>> ACTIVELY INVOLVED.

WE A LOT OF OUR CUSTOMERS ARE DEPARTMENT OF DEFENSE FEMA HUD.

QUITE A FEW LOCAL AND STATE GOVERNMENT FACILITIES WE'VE BEEN IN BUSINESS FOR 35, 36 YEARS SUPPLIER OF TECHNOLOGY TO EACH ONE OF THESE AREAS.

SO WHAT IS THE CYBERSECURITY CYBERSECURITY MATURITY MODEL CERTIFICATION.

WELL.

SO IT'S BASICALLY A SOMETHING THAT THE DOD HAS COME UP TO ADDRESS LIMITATIONS IN MISSED 800.

ONE 71.

I'M GOING TO USE MY NOSE BECAUSE THERE'S A LOT OF ACRONYMS HERE.

WHAT THE SECURITY MODEL IS THIS BASICALLY 5 DIFFERENT LEVELS OF HYGIENE THAT ARE USED TO ADDRESS YOUR ENVIRONMENT AND MAKE SURE YOUR CYBER POSTURE IS WHERE IT NEEDS TO BE.

SO FOR THESE PRACTICES FOR THE CEMENT TO CERTIFICATION.

IT'S BASICALLY GOING TO COVER FEDERAL CONTRACT INFORMATION IN THAT ROLE ON CLASSIFIED INFORMATION SO BY 2025 ALL FEDERAL CONTRACTORS WILL NEED TO HAVE THIS CERTIFICATION ORDER TO BID ON.

CONTRACTS.

SO SOME OF THE CHALLENGES WE'VE SEEN OVER THE YEARS HAVE BEEN USER ADOPTION SO WITH EVERYTHING ELSE OUR USER ADOPTION.

YOU KNOW WE HAD TO IMPLEMENT QUITE A FEW DIFFERENT.

APPLICATIONS TO THE USER'S YOU KNOW MULTI-FACTOR AUTHENTICATION EMAIL SECURITY EURO BLOC CYBER TRAINING AS WELL AS CYBER EMAIL CAMPAIGN SNOW.

AS EVERYBODY KNOWS WHO'S IN I T A USER ADOPTION IS ONE OF THE BIGGEST CHALLENGES WE HAVE YOU KNOW FOR THE MULTI-FACTOR AUTHENTICATION THAT BECAME QUITE A BIG DEAL FOR SOMEBODY TO CLICK ON THERE.

THEIR DEVICE WHEN TRYING TO LOG IN ANOTHER THING THEY HAD ISSUES WITH WERE THE E-MAIL SECURITY SO WE HAD A LOT OF LINKS THAT WOULD COME INTO OUR SYSTEM FROM A LOT OF OUR CLIENTS AND THESE LINKS FOR THEM THROUGH AND INTO OUR SANDBOX WHICH WOULD THEN BLOCK THEM AND OUR USERS WOULD COMPLAIN ABOUT SOMETHING LIKE THAT YOU KNOW WE HAVE TO IMPLEMENT CYBERSECURITY TRAINING SO WE WENT WITH KEVIN MITNICK TRAINING AREA AND WE WERE ABLE TO PUSH THAT OUT TO OUR USERS AND REQUIREMENT IS TO HAVE THEM TRAINED ONCE OR TWICE A YEAR IN ORDER TO MEET CERTIFICATION LEVELS.

WE IMPLEMENTED A SECURITY OPERATION CENTER SO WE HAD 2 INDIVIDUALS THAT ONE POINT THAT WE'RE MANAGING THE ENTIRE SYSTEM AND THAT BECAME OVERWHELMING SO WE HAD TO IMPLEMENT THE SECURITY OPERATION CENTER.

SO WE CAN MANAGE ALL OF THE LOGS AND FILES AND EVERYTHING ANOTHER CHALLENGE FOR THE CMC SEE MCC BOARD POLICY CHANGES, THESE CHANGES RAPIDLY COMING ACROSS, YOU KNOW THEY WOULD CHANGE THEIR BOARD MEMBERS WHICH WOULD THEN CHANGE THE THE POLICIES THAT WE HAD TO ADHERE TO AND IT'S BECOME A HUGE CHALLENGE INTERNAL POLICY SO ONE POINT WE HAD 24 POLICIES AND WE HAD TO I THINK 35 POLICIES TO IT AND THEN WE WOULD HAVE TO MAKE SURE THAT ALL OF THOSE POLICIES WERE HERE TOO.

ANY QUESTIONS THAT'S IT.

>> TIME FOR QUESTIONS ABOUT REGULATION POLICIES AND HOW THE GOVERNMENT'S DEALING WITH CYBERSECURITY GOT QUESTION RIGHT HERE AT THE RED GENERAL PUBLIC MASK ON.

>> I'M INTERESTED IN SOMETHING YOU SAID ABOUT FEDERAL CONTRACTS AND PEOPLE HAVING TO BE CERTIFIED IN ORDER TO BUILD ON FEDERAL CONTRACTS BY THE YEAR 2025, I THINK IT WAS A.

>> IT'S DISAPPOINTING TO SMALL BUSINESSES BILLS, LARGE BUSINESSES THOSE WITH DOING THAT THE DOD AND NATIONAL SECURITY ARE ARE SAYS IS IT BECAUSE OF THE ELECTRONIC CONTRACTED BIDDING PROCESS WHAT IS BEHIND THIS.

AND HOW DO THEY DO IT.

>> SO A NEW POLICY COMING INTO EFFECT IN 2025 WHO DOES IT APPLY TO AND HOW WILL IT BE IMPLEMENTED.

>> GOOD QUESTION SO IT APPLIES TO ANY ENTITY THAT WANTS TO BID ON WORK FOR THE FEDERAL GOVERNMENT DOT.

SO IF YOU ARE APPLYING FOR A SPECIFIC PROJECT THEY WILL ASSIGN A SPECIFIC LEVEL TO THAT TO THAT CONTRACT AND YOU HAVE TO MEET THAT LEVEL IN ORDER TO BE ABLE TO AT LEAST BIT ON THAT CONTRACT, THEN IT WOULD GO THROUGH THE NORMAL CONTRACTING SYSTEM AND YOU WOULD EITHER WIN OR LOSE.

ALL RIGHT OTHER QUESTIONS COOL, WE'VE GOT ONE OVER HERE AND THEN WE'LL COME OVER HERE TO THE GREAT JACKET.

SO WITH THE NUMBER OF THREATS THAT SEEM TO COME ABOUT EVERY DAY.

WE'RE ALL WAITING TO 2025 TO OR WAS THE FEDERAL GOVERNMENT WAITING TO 2025 TO IMPLEMENT THIS HEAT AND MY HEAD, YOU DO YOU THINK YOU WOULD TRYING TO IMPLEMENT IT SOONER.

SO I'M JUST KIND OF CURIOUS THAT'S 4 YEARS FROM NOW ON AND THE NUMBER OF THREATS ARE ARE COMPOUNDING BY THE DAY WHAT WAS IT TAKING SO LONG TO IMPLEMENT.

>> ALSO THERE'S A PHASE-IN PERIOD OVER SEVERAL YEARS.

WHY DO THAT INSTEAD OF MORE IMMEDIATE ACTION.

SO.

>> AND LIKE I SAID THEY'VE HAD A LOT OF TURNOVER ON THE BOARD AND I THINK IT'S A IT'S JUST A MATTER OF THEM SOLIDIFYING THE SOLUTION AND THEN PUSHING OUT THE THE CERTIFICATIONS TO THEIR VENDORS BEFORE THEY COME TO US, I KNOW A LOT OF A LOT OF US CONTRACTORS RIGHT NOW WE'RE IN THE PROCESS OF OF MAKING SURE WE'RE AT THAT POINT NO I THINK THEY'RE JUST GIVING EVERYBODY TIME TO GET CAUGHT UP AND TO GET THEIR SYSTEMS WHERE THEY NEED TO BE.

>> ALL RIGHT GOT A QUESTION HERE IN THE CENTER AISLE.

>> I'VE ONLY SEEN CMC MENTIONED IN RELATION TO GOV CLOUD SPECIFICALLY AMAZON'S GOT CLOUD, I KNOW THAT GOOGLE HAS GOT THEIR OWN GOT CLOUD AS WELL SO 2 PART QUESTION.

IF I'M A SMALL TO MEDIUM SIZE BUSINESS AND I ADOPT AMAZON'S GOV CLOUD GOVERNOR GOOGLE'S VERSION OF THE GOT CLOUD I IMMEDIATELY COMPLIANT.

I'M ANDY HAVE A PREFERENCE ON WHICH ONE YOU THINK IS AHEAD RIGHT NOW IS THAT THE AMAZON GOT CLOUD OF THE GOOGLE VERSION OF IT.

>> ALL RIGHT SO FOR BUSINESSES WHO ARE ADOPTING EXISTING PUBLIC CLOUDS.

DO THEY HEARD THAT CERTIFICATION IS THEIR SUPERIOR OPTION IF YOU WANT TO BE AS COMPLIANT.

>> THERE'S NO ACTUAL REQUIREMENT TO BE IN A GOLF CLUB, THERE IS A CERTAIN ASPECTS OF THE CERTIFICATION WHERE YOU NEED TO HAVE DATA STORED IN IN THE GULF CLOUDS RIGHT NOW.

WE USE AMAZON AND WE'VE GOT A LITTLE BIT WITH A AS YOUR.

>> ALL RIGHT, WE'VE GOT ONE COMING HERE STAGE RIGHT.

OUR POLICIES LIKE THIS BEING IMPLEMENTED IN ANY OTHER COUNTRIES WERE JUST UNITED STATES AND IF SO WHAT ARE THEIR TIMETABLES.

>> THE QUESTION IS IS IT AN INTERNATIONAL OPERATION TO ADOPT THE STANDARDS AND IF SO WHAT DOES IT LOOK LIKE IN OTHER COUNTRIES.

>> ALTERNATELY I WOULD HOPE EVERY COUNTRY OR DEATH OR ADOPTING THESE, BUT RIGHT NOW IT'S JUST THE FEDERAL GOVERNMENT THE DEPARTMENT OF DEFENSE THAT ARE ADOPTING THESE.

>> ALL RIGHT, WE HAVE A QUESTION.

STRAIGHT BACK HERE.

THAT YOU THIS IS A TV AGAINST YOU.

HEY, >> I'M JUST CURIOUS WHEN YOU TALK ABOUT ENTITIES THAT HAVE TO APPLY FOR THIS, WHAT IS THE DIVIDING LINE BETWEEN HOW MUCH AN ENTITY HAS TO DO WITH THEM SELF VERSUS HOW MUCH THEY CAN OUTSOURCE IT, YOU KNOW TO SOMEONE ELSE TO HELP THEM GET THROUGH ALL THIS.

SO HOW MUCH CAN A COMPANY CONCEIVABLY DO ON THEIR OWN AND HOW MUCH OF THE NEED TO BRING IN OUTSIDE EXPERTISE.

WELL INITIALLY WE.

>> INITIALLY WE HAD TO BRING IN AN OUTSIDE VENDOR THAT CAME IN AND WENT THROUGH.

AND WE LOOKED AT A GAP ANALYSIS ON WHAT WE HAD COMPARED TO WHAT WOULD BE NEEDED FOR THE REQUIREMENTS.

ONCE WE HAD THAT VENDOR IN PLACE WE WOULD BASICALLY WORK TOGETHER TO FIGURE OUT WHERE THAT THOSE GAPS WERE IN WORK TO IMPLEMENT THE SOFTWARE.

>> ALL RIGHT AND LAST QUESTION NUMBER THE BACK HERE.

SO ALL THIS IN A CHOIR MONTHS TYPICALLY SPAWN OPPORTUNITIES FOR IN THIS TO GO ON BECOME CERTIFYING AGENCY ARE HELPING THE CERTIFICATIONS HOW DO YOU SEE THIS MARKET WATERING FAR CONSULT ENDS OUR VENDORS THAT CAN ACTUALLY MOVE PEOPLE TO SEE A MODEL OF THE SECURITY MODEL.

I DO SEE ANY OF AND AS WE CAN YOU NAME SOME NAMES THAT PEOPLE ARE ALREADY DOING THIS.

WHAT IS THE OPPORTUNITY FOR THE WHOLE ECOSYSTEM FOR PEOPLE TO PLAY IN THAT HAVE BEEN COMPANIES GET TO THE FIGHT.

>> SO THE QUESTION IS THIS IS A NEW ERA THERE ANY NEW REGULATIONS THAT MIGHT SPAWN INNOVATION IS ANYONE OUT THERE DOING IT NOW.

AND WHAT OPPORTUNITIES DO YOU SEE FOR COMPANIES TO HELP PEOPLE WITH THIS.

>> WELL THERE ARE THERE ARE QUITE A FEW THAT HAVE BEEN CERTIFIED ALREADY I THINK THIS IS A HUGE OPPORTUNITY FOR LOCAL COMPANIES THAT ARE WILLING TO GET INTO SOMETHING LIKE THIS, I KNOW IT TAKES A LOT ON THEIR SIDE TO BE CERTIFIED.

SO I THINK IT'S A GREAT OPPORTUNITY FOR A LOT OF LOCAL COMPANIES THAT ARE WILLING TO PUT FORTH THE EFFORT TO HAVE TO REALIZE AGAIN THIS IS THE FEDERAL GOVERNMENT THEY'RE DEALING WITH SO IT'S GOING TO BE A LOT OF RED TAPE A LOT OF STRUGGLE JUST TO GET TO THAT PROCESS.

>> ALL RIGHT LIZ HUMAN BIG HAND FOR MARC AND IT'S LATER IN OUR NEXT SPEAKER HAS 25 PLUS YEARS A DIVERSE EXPERIENCES COMING TO US FROM CONNECT CAUSE.

UNFORTUNATELY, A SCHEDULING CONFLICT PREVENTED HIM FROM BEING HERE TONIGHT BUT BECAUSE WE'RE ALL TECHNOLOGY PEOPLE HE DID RECORD HIS TALK SO PLEASE TURN YOUR EYES TO THE SCREEN FOR THIS TALK BY PAUL BENDER.

>> GOOD AFTERNOON.

MY NAME IS PAUL BENDER, I AM THE CHIEF TECHNOLOGY OFFICER THAT CONNECT CAUSE.

SINCE I'M UNABLE TO PRESENT IN PERSON TODAY I RECORDED MY PRESENTATION OF PHISHING AND THE HUMAN FIREWALL.

LET'S START WITH THE BASICS.

WHAT IS FOR SURE.

FIRST AS A FORM SOCIAL ENGINEERING.

OFTEN CARRIED OUT BY NEFARIOUS INDIVIDUALS OR GROUPS VERY OFTEN REFERRED TO AS HACKERS THEIR INTENTION IS TO TAKE YOUR MONEY PERFORM SOME TYPE OF CORPORATE ESPIONAGE OR THEY CAN EVEN BE JUST A DISGRUNTLED EMPLOYEE WITH A GRUDGE TO DO SOME DAMAGE FOR EXACT SOME KIND OF REVENGE VERY OFTEN AN EMAIL OR ATTACK, ALTHOUGH IT'S IMPORTANT TO NOTE THAT IT'S NOT JUST A GAY MALE THAT IS USED AS A METHOD OF ATTACK.

SENT TO LARGE NUMBERS OF USERS ARE POWER USERS INDIVIDUAL YEARS TARGETED SOMETIMES SUCH AS YOU KNOW FALLS OR CEO'S AND THEY'RE ATTEMPTING TO FISH OR SOLICIT THAT IS SENSITIVE INFORMATION BY POSING AS A REPUTABLE SOURCE, A TRUSTWORTHY SOURCE.

LET'S TAKE A LOOK AT HOW PHISHING WORKS FIRST OF ALL THE METHODS.

OFTEN PHONE.

OBVIOUSLY EMAIL SNAIL MAIL.

AND DIRECT CONTACT.

BUT REMEMBER THAT THE MOST SUCCESSFUL ATTACKS ARE OFTEN A COMBINATION OF ALL THE ABOVE.

HACKERS OFTEN SOMEBODY WHO IS FAMILIAR OR YOU NOW.

AND ATTACKS OR STRATEGICALLY PLANNED AND EXECUTED VERY SELDOM OR THEY READ THERE'S SOME VERY COMMON TECHNIQUES THAT HAVE SOME VERY INTERESTING NAMES.

A COUPLE OF THE MORE IMPORTANT ONES FOR THE ONES THAT ARE THAT STAND OUT ARE SPEAR PHISHING AND WHALING WHEREBY SPECIFIC INDIVIDUALS SUCH AS CFO AND CEO IS HEART HEART.

LET'S TAKE A LOOK AT A PRETTY SIMPLE EXAMPLE.

EVEN THAT LOOKS LIKE IT SHOULD BE TRUSTWORTHY COMING FROM A TRUSTWORTHY SOURCE SUCH AS MICROSOFT EXPECTS LEE, ESPECIALLY FOR THE FIRM ORGANIZATION THAT IS USING SAY OFFICE 3.65 EMAIL, A TRUSTED SOURCE.

IT SENT AN EMAIL SO LETTING USERS TO CLICK HERE WITH SOME IMPORTANT URGENT MESSAGE WHEN USERS TO THEY'RE DIRECTED TO A SITE IN WHICH THAT LOOKS EERILY LIKE THE MICROSOFT SIGNED EACH ONCE USERS ARE THERE.

THEY THEN CAPTURED THE E-MAIL ADDRESS AND OFTEN THE PASSWORD THAT USER WHICH THEN ALLOWS THEM TO PERFORM FURTHER ACTS.

SOME KEY PHISHING STATISTICS.

AND THEN A 67% INCREASE IN SECURITY BREACHES OVER THE PAST 5 YEARS, ACCORDING TO THE FBI.

CYBER CRIMINALS HAVE STOLEN MORE THAN 12 BILLION FROM COMPANIES OVER THAT 5 YEAR SPAN.

THAT'S AN ATTACK OCCURRING AN AVERAGE OF EVERY 39 SECONDS 90 PLUS PERCENT OF THE SUCCESSFUL DATA BREACHES STARTED WITH A SPEAR PHISHING ATTACKS.

ON THE DAILY SIDE.

156 MILLION PHISHING EMAILS.

16 MILLION OF THEM MAKE THEM THROUGH MAKE IT THROUGH COMPANY E-MAIL FILTERS ABOUT HALF OF THOSE ACTUALLY GET OPEN BY RECIPIENTS ROUGHLY 80,000 PEOPLE PER DAY AND THE VICT VICTIMS OF PHISHING ATTACKS.

SO HOW DO WE DEFEND OURSELVES AGAINST THE PHISHING AND TIRES.

THE HUMAN FIRE LAW.

IT'S IMPORTANT REMEMBER THAT THERE IS NO SINGLE SILVER BULLET SOLUTION TO ADDRESSING PHISHING OR CYBER CRIMINALS AND BACKING IN GENERAL.

AT MINIMAL WE HAVE TO ACCEPT REALITY THAT EVERYBODY IS A TARGET.

NO MATTER YOUR SIZE OR YOU'RE AT EVERY COMPANY IS A TARGET.

ON THE TECHNICAL SIDE, IT'S IMPORTANT TO USE A REPUTABLE EMAIL PROVIDER HUGE A CLOUDY MORE PROVIDER LIKE OFFICERS, 65 OR GOOGLE WORKSPACE AS WELL AS A COMPREHENSIVE SPAM FILTERING SERVICE THAT THEY COME WITH ONE OF THOSE CUP CLOUD PROVIDERS FOR BE PROVIDED BY ANOTHER 3RD PARTY ALSO USING MULTI-FACTOR AUTHENTICATION THE KEY TO REAL KEY IS BUILDING AWARENESS BY BUILDING WHAT WE CALL THE HUMAN FIRE ALL TRAIN YOURSELF AND YOUR STAFF TO IDENTIFY PHISHING BY PARTNERING WITH THE CYBER SECURITY AWARENESS ENGAGEMENT SYSTEM SUCH AS SNOW BEFORE.

ONE THAT TECHNOLOGY SCORE WEBER BUILDING THAT MOST IMPORTANT OF LAYERS CALLED THE HUMAN FIREWALL IS SIMPLE AND EFFICIENT BY PARTNERING WITH THE SECURITY AWARENESS TRAINING ONLINE PARKER.

FOR EXAMPLE, WE'LL PROVIDE BASELINE PHISHING TEST SAID FISH ACTUAL PHISHING EMAILS TO USERS.

AND LIKE THOSE RESULTS AND NOTIFY THE USERS WHY WE'RE DOING THIS WITH THE BENEFITS ARE.

SCHEDULE ONLINE VIDEO TRAINING THAT LAST ROOM 15 TO 45 MINUTES.

AND THEN REPEAT THAT MONTHLY OR QUARTERLY TO ENSURE THAT YOU GIVE YOURSELF THE BEST CHANCE OF IMPROVEMENT AND LEARNING THAT YOU'VE ACTUALLY BUILT A HUMAN FIREBALL.

I WANT TO THANK EVERYBODY FOR YOUR TIME AND FOR ALLOWING ME TO PRESENT YOUR REMOTELY PLEASE FEEL FREE TO REACH OUT TO ME THE INFORMATION PROVIDED HERE WITH ANY QUESTIONS OR COMMENTS YOU HAVE HAVE A GREAT DAY.

>> THERE'S NO CURE AND YOU CAN TEXT THEM IF YOU'VE GOT QUESTIONS I DON'T NOW AND LAZIO AS NOW TIME FOR OUR FINAL SPEAKER OF THE EVENING.

HE JOINED THE NORTH CAROLINA DEPARTMENT OF INFORMATION TECHNOLOGY IN 2017 AND PRESENTLY SERVES AS THE INTERIM STATE CHIEF RISK OFFICER PLEASE WELCOME TO THE STAGE WE'RE ALL MAY BE.

>> YOU GUYS JUST YOU KNOW KEEP THE APPLAUSE UP FOR JUST A MOMENT THAT'S ENOUGH.

>> I'M GOING TO ADD A LITTLE BIT OF INTERACTIVITY TO THIS EVERY TIME YOU HEAR ME SAY THE WORD CYBER SECURITY.

I WANT YOU TO SNAP YOUR FINGERS TWICE, BUT LET'S TEST THAT OUT CYBER SECURITY.

THANK YOU VERY MUCH SO I WANT TO TELL YOU ONE THING I WANT START WITH THE DECLARATION.

I AM PASSIONATE ABOUT CYBER SECURITY.

VERY GOOD, YOU ARE PAYING ATTENTION.

YOU PEOPLE AT HOME YOU CAN ALSO DO THIS AS WELL BUT NOT ONLY MY PASSION ABOUT CYBERSECURITY I'M PASSIONATE ABOUT HELPING NORTH CAROLINIANS AND IN MY ROLE IS INTERSTATE CHIEF RISK OFFICER, I HAVE THE UNIQUE OPPORTUNITY TO MERGE THOSE 2 PASSIONS TOGETHER.

WE HAVE WHAT'S CALLED THE NORTH CAROLINA JOINT CYBERSECURITY TASK FORCE VERY NICE.

AND WHAT THAT DOES FOR THE STATE IS IT PROVIDES A UNIQUE CAPABILITY THAT FRANKLY IS A BENCHMARK ACROSS THE 50 STATES IN PROVIDING THE NEEDED SUPPORT TO OUR LOCAL GOVERNMENT COMMUNITIES.

IN THE EVENT THAT THEY ARE IN THE MIDST OF A CYBER SECURITY.

INCIDENT VERY NICE.

SO LET ME BREAK THINGS DOWN FOR YOU AT THE LOCAL GOVERNMENT LEVEL.

I'M PASSIONATE ABOUT CYBER SECURITY.

I'M PASSIONATE ABOUT HELPING NORTH CAROLINIANS WE HAVE A DIGITAL DIVIDE IN NORTH CAROLINA.

AND THAT DIVIDE IS GETTING WIDER BY THE DAY.

IN HELPING THE LOCAL COMMUNITIES WITH CYBERSECURITY INCIDENTS, WE'RE ABLE TO BRING THE CAPABILITY TO BEAR THAT OTHERWISE THEY WOULD NOT BE ABLE TO DO THEMSELVES IN RECOVERING FROM A SIGNIFICANT CYBER SECURITY THE INCIDENT.

SO A LITTLE BIT ABOUT THE JOINT CYBERSECURITY TASK FORCE.

IT IS COMPRISED OF 4 MAIN COMPONENTS, THE FIRST OF WHICH IS THE NORTH CAROLINA DEPARTMENT OF INFORMATION TECHNOLOGY.

MY AGENCY.

THE SECOND IS THE DEPARTMENT OF PUBLIC SAFETY'S DIVISION OF EMERGENCY MANAGEMENT.

WITHIN WHICH THERE IS THE CYBER ELEMENT.

AND THERE'S ALSO A CLOSE.

WE WERE CLOSE.

AND THERE'S THE CYBER ELEMENT AND THERE'S ALSO THE STATE BUREAU OF INVESTIGATION.

THE 3RD ELEMENT IS THE NORTH CAROLINA NATIONAL GUARD CYBERSECURITY RESPONSE FORCE AND FINALLY IS THE NORTH CAROLINA, LOCAL GOVERNMENT INFORMATION SYSTEMS ASSOCIATION ID CYBER STRIKE TEAM.

THOSE 4 ELEMENTS TOGETHER ARE BROUGHT TO BEAR IN A IN A CYBER EVENT, LET ME DESCRIBE WHAT FRAMEWORK IS IN PLACE THAT WE USE IN ORDER TO REACH THOSE LOCAL COMMUNITIES THAT ARE IMPACTED BY A SIGNIFICANT CYBER SECURITY INCIDENT.

VERY NOW YOU GUYS ARE ON THE BALL AND THEN THE LAST SPEAKERS ON THE CABOOSE ON THIS TRAIN, YOU GUYS ARE PAYING ATTENTION.

A BLUE SKY ON A BLUE SKY DAY, A CYBER ATTACK IS ESSENTIALLY A LOCAL COMMUNITIES HURRICANE WE'VE TAKEN THROUGH OUR PARTNERSHIP WITH THE NORTH CAROLINA DIVISION OF EMERGENCY MANAGEMENT AND ALL HAZARDS APPROACH TO CYBER SECURITY INCIDENTS.

USING THAT SAME FRAMEWORK THAT WILL BE BROUGHT TO BEAR IN HURRICANE RELIEF EFFORTS OR NATURAL DISASTERS WE'VE APPLIED THAT SAME LESSON, THOSE SAME LESSONS LEARNED THAT SAME FRAMEWORK AND APPROACHING SIGNIFICANT CYBER SECURITY INCIDENTS.

THE FLAG GOES UP, HEY WE NEED HELP WE'RE IN COUNTY X Y OR Z ONE OF THE 100 COUNTIES IN NORTH CAROLINA.

A CITY IN K THROUGH 12 A COMMUNITY COLLEGE.

THE FLAG GOES THAT WE NEED HELP WITH THE JOINT CYBERSECURITY TASK FORCE WE CAN HAVE BOOTS ON THE GROUND IN THE AFFECTED COMMUNITY.

SOMETIMES BEFORE THE PHONE CALL ASKING FOR ASSISTANCE HAS EVEN CONCLUDED.

WE IMMEDIATELY BEGIN INCIDENT, THREAT HUNTING AND FORENSIC ACTIVITIES.

AND WE HELP WE COME ALONGSIDE THE AFFECTED A GOVERNMENT AGENCY WRAPPING OUR ARMS AROUND THEM NOT IN A LITERAL MANNER BUT COME ALONGSIDE THEM ESPECIALLY FROM OUR NORTH CAROLINA, LOCAL GOVERNMENT INFORMATION SYSTEMS ASSOCIATION PERSPECTIVE AND USING THEM AS A PEER TO PEER TYPE ENGAGEMENT TO SAY WHERE WE'RE FROM THE GOVERNMENT WE'RE HERE TO HELP BUT WE REALLY MEAN IT WE'RE GOING TO HELP YOU GET PAST WHAT HIS AFFECTING YOU RIGHT NOW SHOW OF HANDS IN THE AUDIENCE AND YOU CAN'T DO THIS AT HOME.

I MEAN PEOPLE DROVE ON A NORTH CAROLINA ROAD TO GET HERE TONIGHT.

THAT SHOULD BE ALL OF US, I MEAN TOOK A RIDE SHARING SERVICE TO HEAR TONIGHT.

UBER LYFT WHATEVER THE CASE MAY BE.

HOW MANY PEOPLE HAVE REGISTERED FOR A MARRIAGE LICENSE BOUGHT A HOUSE.

ALL OF THOSE ARE CRITICAL GOVERNMENT SERVICES THAT ARE PROVIDED TO NORTH CAROLINIANS IN THE ABSENCE OF AN OVERARCHING FORCE MULTIPLIER STRUCTURE SUCH AS OUR JOINT CYBERSECURITY TASK FORCE YOU WOULD BE ABLE TO ENGAGE IN THOSE CRITICAL CITIZEN SERVICES TO DRIVE HERE DRIVE ON A ROAD PROVIDED BY A GOVERNMENTAL AGENCY NORTH CAROLINA REGISTER TO VOTE.

DRIVE YOU KNOW REGISTER FOR A DRIVER'S LICENSE ALL THE SERVICES WOULD BE IMPACTED LIFE SAFETY COULD BE POTENTIALLY IMPACTED.

AND WE WOULD BE ALL THE WORSE FOR THE WEAR.

SO I'M VERY PROUD OF OUR JOINT CYBERSECURITY TASK FORCE IS DEFINITELY SERVED THE COMMUNITY WELL SERVED THE STATE WELL.

FOR THAT MATTER IN 2019 WE HAD 10 RANSOMWARE INCIDENTS IN 2020 THE FIRST YEAR OF COVID WE HAD 20 THINGS ARE NOT GETTING ANY EASIER.

THE THREATS ARE BECOMING MORE SOPHISTICATED AND WE NEED TO BRING ALL THE RESOURCES TO BEAR THAT WE CAN TO PROTECT YOUR COMMUNITY.

I AM THAT I AM FROM THE GOVERNMENT.

I'M HERE TO HELP AND SO IS THE JOINT CYBERSECURITY TASK FORCE.

THANK YOU VERY MUCH.

>> ALL RIGHT QUESTIONS ABOUT THE JOINT SERVICE SECURITY TASK FORCE COMING AT YOU FROM ROB MAINE.

ALL RIGHT WE'VE GOT A QUESTION RIGHT HERE AND THEN WE'LL GO BACK OR >> ARE YOU A QUESTION FOR YOU WHAT LEVEL OF COLLABORATION IS THERE BETWEEN THE FEDERAL GOVERNMENT AND STATE GOVERNMENT AS IT RELATES TO CYBER SECURITY.

>> GREAT THE QUESTION IS HOW TO THE STATES AND FEDERAL GOVERNMENT COLLABORATE ON CYBERSECURITY GREAT QUESTION.

THANK YOU FOR ASKING THAT SO WE HAVE OUR CORE.

>> MEMBERS OF OUR JOINT CYBERSECURITY TASK FORCE AS AS I KNEW RATED EARLIER, BUT WE ALSO PARTNER WITH THE DEPARTMENT OF HOMELAND SECURITY'S CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY YOU ARE REMEMBERING GOOD SNAP.

THAT'S AWESOME.

WE PARTNER WITH DHS SAYS AND WE PARTNER WITH OUR FBI COUNTERPARTS SECRET SERVICE WE ALL BRING EVERY CAPABILITY RESOURCE TO BEAR EVEN FOR THE SMALLEST OF COUNTIES IN NORTH CAROLINA, WHICH YOU WOULD THINK WOULD BE THE LOWEST IMPACT TO THE STATE.

WE BRING THAT FULL FORCE OF THE OUR FEDERAL PARTNERS AS WELL AS OUR STATE PARTNERS.

THIS IS THESE COUNTIES AND IF YOU HAVEN'T IF YOU CAN'T TELL BY NOW, I'M VERY PASSIONATE ABOUT DOING THIS.

IT'S A SERVICE IS VITALLY NEEDED FOR THIS STATE AND OTHERS.

THANK YOU FOR THE QUESTION.

>> ALL RIGHT WELL GO OVER HERE AND THEN WE'LL COME BACK TO THE MIDDLE.

WHAT'S THE WORST RANSOMWARE INCIDENT YOU HAD TO TACKLE GOOD QUESTION.

WHAT IS THE WORST RANSOMWARE INCIDENT THAT YOU'VE SEEN IN YOUR TIME IT NORTH CAROLINA DEPARTMENT OF INFORMATION TECHNOLOGY.

>> WELL, MY MOST CHALLENGING RANSOMWARE INCIDENT WAS ACTUALLY LEARNING HOW TO PRONOUNCE SODA KNOW COULD BE BUT BEYOND THAT WE HAD A PARTICULAR COUNTY IN FOR THE AND THE INTEREST OF PROTECTING THE COUNTY AND THEIR CONFIDENTIALITY, I'M NOT GOING TO IDENTIFY THEM, BUT ESSENTIALLY ALL COUNTY INFRASTRUCTURE WAS CRIPPLED BY RANSOMWARE AND IT THE MONITOR IN THE INCIDENT RESPONSE.

CYBERSECURITY INCIDENT RESPONSE FEEL NOTHING ARE WE DONE WITH THAT OKAY.

THE MONITOR IS THAT SLOW IS FAST WHEN WE'RE MADE AWARE OF A CYBERSECURITY INCIDENT, NOBODY COULD KNOW MIXES SNAPPED ALL THANK YOU THAT'S A THAT'S A COURTESY SNAPPED AND WHEN WE'RE MADE AWARE OF AN INCIDENT.

OFTEN TIMES THE IMMEDIATE REACTION FIRST THE SHOCK OF THE AFFECTED PARTY.

HOW CAN THIS HAPPEN TO ME WE'VE YOU KNOW INVESTED IN A FIRE WALL AND THEY THINK THAT THAT'S POTENTIALLY A MAGIC PILL OR THAT WOULD KEEP THEM FROM BEING SUBJECT TO RANSOMWARE INCIDENT.

AFTER THEY GET OVER THE SHOCK IN THIS PARTICULAR INSTANCE, WHEN THE COUNTY MANAGER AND THE SENIOR, I T LEADERSHIP FROM THE COUNTY REALIZED.

THE HEY THIS IS THIS IS REAL AND THIS IS AFFECTING LIFE SAFETY.

THIS IS AFFECTING OUR ABILITY TO OPERATE AND SERVE CITIZENS ONCE THEY CAME TO THAT REALIZATION WE SHOW UP ON SITE.

WE HAVE DANA FI, WHAT NEEDS TO HAPPEN FROM INCIDENT WRIST HOUR FROM THREAT HUNTING TO IDENTIFY OTHER AREAS OF INFECTION FROM FORENSICS TO IDENTIFY PATIENTS 0.

SO WE CAN LEARN MORE ABOUT THE ATTACK METHODS.

COME ALONGSIDE THEM IN HELP THEM RESTORE THEIR SERVICES IN A WAY THAT WILL KEEP THEM FROM BEING RE INFECTED.

SO IN THE CASE OF THIS PARTICULAR RANSOMWARE INCIDENT THE COUNTY WAS ESSENTIALLY DOWN FOR 3, 4, WEEKS.

THEY HAD TO RESORT TO IMPLEMENTING THEIR CONTINUITY OF OPERATIONS PLAN AND GO TO MANUAL METHODS OF SERVING CITIZENS AND THAT'S WHAT'S AT STAKE HERE.

YOU DON'T KNOW WHAT GOING TO THE PAPER AND PEN METHOD WILL MEAN TO YOUR ABILITY TO SERVE CITIZENS OR A LOCAL GOVERNMENTS ABILITY TO DO SO WE'VE BECOME SO RELIANT ON TECHNOLOGY THAT FRANKLY, YOU KNOW, OFTENTIMES WE BECOME COMPLACENT IN THE THE DANGERS ASSOCIATED WITH HOW WE CHECK E-MAIL THAT PARTICULAR INSTANCE, APPROXIMATELY 3 TO 4 WEEKS THE COUNTY WAS SEVERELY IMPACTED.

BUT WE CAME BACK WE CAME ALONGSIDE THEM HELP THEM RESTORE THEIR SERVICE AND THEY'RE BETTER FOR IT AND HOPEFULLY HOPEFULLY THEY LEARN FROM PAST MISTAKES.

>> EXCELLENT WE HAVE A QUESTION RIGHT HERE, I BELIEVE AND THEN WE'VE GOT ONE MORE GIFT CARD TO GIVE AWAY KNOW OK WELL THAT'S YOUR LOSS.

HEY, I'M SO.

>> YOUR PRIMARY USERS OR OTHER GOVERNMENT ENTITIES STATE OF NORTH CAROLINA.

I'M CURIOUS ABOUT A SCENARIO OF A PRIVATE ENTERPRISE THAT MIGHT NEED YOUR HELP THAT MAYBE OPERATES PUBLIC KEY INFRASTRUCTURE, THINGS LIKE COLONIAL PIPELINE, I MEAN WHAT IF SOMEBODY CAME TO YOU LIKE THAT AND SAID I COULD USE SOME HELP.

>> SO THERE'S AN OVERLAP BETWEEN PUBLIC ENTITIES PRIVATE ENTITIES DO ALSO HELP CONTRACTORS, VENDORS AND OTHER MEMBERS OF THE PUBLIC.

>> CERTAINLY SO ARE OUR PRIMARY FOCUS IS LIFE SAFETY AND WHATEVER THAT LIGHT WHATEVER THAT ENTAILS WE ALSO HAVE A PARTICULAR FOCUS ON CRITICAL INFRASTRUCTURE AND KEY RESOURCES WHETHER THAT THE GOVERNMENT PROVIDED OR ON THE AND THE PRIVATE SECTOR HOSPITAL.

SO WE DO HAVE A FOCUS THAT EXTENDS BEYOND LOCAL GOVERNMENTS IT'S NOT IN ALL CASES, BUT AGAIN KEEPING CRITICAL INFRASTRUCTURE AT THE FOREFRONT OF THAT OF THAT DISCUSSION.

>> AND OUR LAST QUESTION WILL BE COMING TO YOU FROM OVER HERE.

I WAS SO GLAD YOU MENTIONED HOW YOU READ EMAIL.

MY QUESTION IS CELL PHONES WI-FI FOR YEARS, I'VE BEEN TOLD THAT WI-FI IS NOT SAFE, IT'S INHERENTLY LESS SAFE THEN.

A HARD YOU KNOW NETWORK CONNECTION AT MY HOUSE.

I TRY TO ONLY USE NETWORK CONNECTION.

I I DON'T USE WI-FI FOR BANKING OR ANYTHING THAT IS SENSITIVE IS THAT STILL TRUE I'M ASKING BECAUSE EVERYBODY EVERYBODY IS USING APPS SECURE THINGS IN.

I DON'T KNOW IF I'M EITHER MISSING OUT ORPHAN JUST BEING SAFE OR COULD YOU ADDRESS WI-FI VS NON WI-FI PLEASE.

>> THE QUESTION IS WHY IF I ONCE HAD A REPUTATION OF BEING LESS SECURE IS THAT STILL TRUE TODAY.

YOU CAN TALK ABOUT CYBER SECURITY.

THANK YOU ARE FINISHING UP HERE STRONG.

YOU CAN TALK ABOUT CYBER SECURITY WITHOUT MENTIONING RISK.

AND YOU HAVE TO TAKE A MEASURED APPROACH WITH YOUR OWN RISK ACCEPTANCE, LET'S TALK ABOUT WI-FI FOR SECOND AND CHRIS BIEHL DID A GREAT JOB OF POINTING A SIMPLE HYGIENE STEPS THAT YOU CAN TAKE 2.

YOU INCREASE YOUR OWN PERSONAL CYBER MATURITY, BUT ALSO TO ASSIST IN YOUR DAY-TO-DAY ROLE WHETHER YOU WORK IN A CYBER SECURITY ROLE OR NOT SO WITH REGARD TO WI-FI THERE ARE A NUMBER OF DIFFERENT THINGS THAT YOU CAN DO TO SET UP YOUR MOBILE DEVICE TO KEEP YOU MORE SECURE.

YOU CAN NOT THAT'S LIKE OTTO JOINT UNKNOWN NETWORK.

YOU CAN ALWAYS USE A VPN AND YOU CAN YOU CAN TAKE ADVANTAGE OF EVERY MULTI-FACTOR AUTHENTICATION OPPORTUNITY THAT IS PRESENTED WHETHER BE THE MOBILE AT A WEBSITE WHAT IT WHAT HAVE YOU WI-FI NETWORKS ARE INHERENTLY LESS SECURE.

BUT YOU CAN MITIGATE YOUR RISKS YOU CAN MANAGE YOUR OWN PERSONAL RISK DOWN TO AN ACCEPTABLE LEVEL AND USE IT WITH CONFIDENCE THAT YOU CAN'T USE IT WITHOUT TAKING THE NECESSARY HYGIENE STEPS THAT I THINK THAT'S MY TIME SO THANK YOU VERY MUCH.

>> ALL RIGHT, LET'S ZOOM IN ONE MORE LOOK BIG HAND FOR RAUL MAYBE AS HUMAN THIS CONCLUDES OUR TP 180 PER THIS OCTOBER OF 2 HIGH 5.

THIS OCTOBER OF 2021, YOU WERE RARE HIGH-FIVING EVERYBODY FOR THOSE OF YOU WHO HAVE QUESTIONS THAT WERE NOT ANSWERED.

SOME OF OUR SPEAKERS MAY BE STICKING AROUND AFTERWARDS FEEL FREE TO CATCH UP WITH THEM AND ASK THEM QUESTIONS TO YOUR HEART'S CONTENT NEXT MONTH, WE'RE GOING TO BE PAYING IT FORWARD THAT'S RIGHT IN THE 3RD THURSDAY IN NOVEMBER.

HE HAD 4 WILL BE TALKING ABOUT CHARITY GIVING BACK IN OTHER WAYS YOU CAN MAKE A BETTER WORLD AND THEN ON OCTOBER 26TH RIGHT HERE AT THE FRONT HERE.

ANY COMIC CON IN COSTUME PARTY.

IT WILL BE FAMILY FRIENDLY AND WILL BE CASH PRIZES FOR THE BEST COSPLAY COME OUT 05:00PM TO 08:00PM ON TUESDAY OCTOBER 26TH GET SPOOKY WITH US DRESS UP AND ENJOY A GOOD TIME.

ON BEHALF OF RTP 180 PRESENTED BY RTI INTERNATIONAL, I'VE BEEN YOUR MC WADE MINTER, THANKS FOR COMING OUT.

BEER WILL BE OPENING IN JUST A MINUTE.

THANK YOU AND HAVE A SAFE JOURNEY HOME.

GOOD NIGHT, EVERYBODY.