Listen to learn about how to recognize phishing schemes and malware scams and ways to keep your information safe and protected.
In this episode, Jen Stone (Principal Security Analyst, CISSP, CISA, QSA) sits down with Matt Heffelfinger (Director of SIEM Operations, GSTRT, CyRP (Pepperdine), GRCP, SSAP, ITIL4-F, GISF, PECB)) and Forrest Barth (SOC Analyst, CISSP, CMNO, Security+) to discuss:
Resources
[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.
Hello, and welcome to the Security Slopes podcast. It's a presentation of SecurityMetrics, the company that I work for. And I have been told I need to do this a little bit in more detail before we get started and not just launch right into the topic, which I get really excited about. I'm Jen Stone. I'm a principal security analyst for SecurityMetrics.
We we like to talk about all things data security and, compliance.
Security is where I really enjoy, talking, and the the, people that I have on today are really gonna help us out with the security part of things because they are part of our, threat team.
It's probably the wrong name for them. I think it's actually the security operations center, but they can correct me. I have with me today Forrest Barth and Heff, Matthew, Hefflinger.
And, let's start with, Matt or Heff, I think, is what you go by. I apologize.
No. That's fine.
That's fine. Tell me a little bit about yourself. You and I, even though we work in the same company, we have never met.
Yeah. And and, you know, it's unfortunate because, I think we both get along very well. So what we'll definitely have to take time once we're out of this quarantine and nobody can work from home anymore. We'll definitely have to to catch up closer.
Agreed.
So I am part of the security operations center, and what that means is we handle protecting our merchants and our clients. And, essentially, you were trying to look for bad malicious traffic and notify the other threats. And we have, relatively pretty pretty solid team, and we're we're looking at both the threat intelligence side of things.
And we're we're we're we're finding alerts. We're watching the wire and just trying to alert, on on the bad stuff that's happening out there. And there's a lot of bad stuff right now.
So Okay.
Excellent. So, Forrest, you and I actually know each other fairly well. We have even hung out at Defcon together.
Indeed. Indeed, we have.
I believe that, I'm not sure if you were one of the people when we went to Hash House at Go Go where I tried to stab a colleague with a knife inadvertently.
It was it was not on purpose, but somehow now. You know, one minute, you're cutting your eggs, and the next minute probably wasn't cutting eggs. It's probably it's probably steak, let's be honest. But the next minute, the knife is, like, spinning in the air. It comes right down. So that was good times.
Defcon Sounds like a harrowing experience.
Good times. So tell us about yourself a little bit.
Yeah.
So I, am the, I guess you would say principal security analyst in the security operation center.
Yeah. Like, like, he said, just trying to find badness. So, anytime we start noticing weirdness, it's my job to dig in, triage, figure out whether it's legit or false positive, things like that, and, ultimately, start the wheels in motion for reporting those back to the the poor folks who have to engage in the incident response and clean things up.
So Nice.
Yeah. I've been doing this, about a year and a half now.
Prior to that, was doing, managed security services for firewalls.
Before that, I was involved in our, internal security team at SecurityMetrics for IT.
And prior to that, was in pen testing for about ten years. So I've kinda dabbled a lot here and there.
That's you know, it's the ADD that gets us. Right?
So Oh, yeah.
I I was similarly, shall we call it broad background, but but a lot of my a lot of my background's in IT operations, which is why I think I, I enjoy talking to people who are on the the active side of things so much. And titles are weird. You and I have the same title, but we do very, very different jobs. And, on the day to day, I go out and I review people's systems, and I write up long reports and tell them where where they're good and where they need to tighten up.
So, and and and yet both principal security analysts. So I don't I don't know. It's a a who knows? We're we're out there fighting the fight is all I'm saying.
So today, the reason that we have the two of you on, is because, obviously, COVID nineteen is hitting all of us, but it's it's making itself known in the threat space pretty hard. So, Hef, do you wanna talk a little bit about, the advanced persistent threats that you're seeing that are maybe more related to to this current crisis?
Sure. So first of all, for all of everyone out there, there's a lot of empathy from the SecurityMetrics side of the house.
It's not easy to navigate the space. I mean, you think about you're trying to keep your business up and operational, and at the same time, you're dealing with some crazy nasty bad guys. And some of these threat actors, we don't know what their motivations are, but we know they're trying to do some bad things.
If you look at what's happening in this space, there it's just I think there's over five hundred thousand email messages, phishing messages that have been tracked right now through vendors like Proofpoint and some of these other threat intelligence vendors out there. There's over three hundred thousand malicious URLs.
And we'll talk more about some of this craziness, but and these are URLs that the bad guys registered back in February to try to get people to click on. And then there's something like two hundred thousand malicious attachments right now, Jen, that are just floating around out there. And that's just what we know about, with all of these with coronavirus themes, and it's a tough time. And there's there's no doubt about it.
And and for folks like Forrest and myself that are on the front lines of this battle, trying to find some of these threats and figure out what's going on and the motivation and then notifying our merchants and our clients, it's it's exhausting. I have to tell you folks. We're, we're we're absolutely tired. We've got big bags underneath our eyes trying to trying to figure it all out.
So what are you doing to to not get too stressed during these, during these times?
Boy, you know, and I I tell you, it's a work life balance, folks. I've spent my family is really big into gardening, and we're really big into we have we have a ranch in West Texas.
Oh, nice.
So we have a little small scale orchard.
And I know you do some gardening too.
But yeah. But I don't have a ranch. I mean, I have a chicken chicken ranch. I and they're so cute. They're this big, and one of them is flying.
Oh, that's the best. Yeah. We I my family has a we have a small scale orchard and a small scale vineyard in West Texas.
And, you know, we're at the farmer's markets on the weekend. Well, we were at the farmer's markets before they all got shut down. But we got this little ranch that we have going, and, you know, we're just trying to make a go of things. And that's that's what it comes down to.
When I when I'm not here at work, it's about disconnecting from the computer. It's about spending time with the family, and and that's really what we've been games. A lot of board games. I don't know about you all, but the board games have been very helpful.
Nice. No. I I want to kill people when I play board games. It's not it's not pretty. I have been banned from family board games.
Apparently, I got a little bit competitive, and I don't know how to dial it back. It's a failing. I get it. But, yeah, I cannot do the board games. But, Forrest, what are what are you doing?
Generally avoiding board games. I've, lost friendships over settlers of Gatine, so that is now off the table.
So you feel me?
Primarily, we've been, video games. Animal Crossing has been a big one.
Also been, we have a a seven year old, and so I've I've been trying to teach her things like, redstone engineering in Minecraft, and she set up her first automated bee farm. So that was a a pretty big accomplishment for her. And then, yeah, Animal Crossing has been her her new big thing.
Getting her set up with her cousins so that she can, you know, voice or video chat with them while while playing and, you know, get she's a very social kid, so being isolated like this has been really hard. So, yeah, it's it's a a a good avenue to kind of dip her toes in the pool and and kind of get her going in the the virtual world because that was very much a a large part of my childhood.
So I I feel, a lot of nostalgia and also see a lot of the a lot of the benefits, problem solving and, planning, and and she's really taking off with it.
So it's been great.
Nice. And I think it's important to talk about some of the things that we do to relax because one of the reasons why we're seeing, successful attacks happen is because when you have let's talk about phishing. A phishing attack is successful because it preys on people's, stresses. Right? You see something come in and and it is it elicits, an emotional reaction, and you wanna click, and then, that lets the bad guys in. So, Hef, do you wanna speak to that a little bit?
Yeah. You know? And that's the that's the thing, Jen. It's the sensationalizing of the news right now. It's either sensationalizing the topic with a phishing email to get you to click on it or spreading misinformation.
And and those two things, when you there's you know, bad guys love to prey on these crisises, and it's always gonna be like this. It's a shame, but it's always gonna be like this. But what really kinda breaks your heart is, you know, you have a lot of folks out out there that are just not aware that the sensationalizing of the topics around COVID or spreading this misinformation or preying on people that are trying to you know, if you're trying to buy a a n ninety five mask, you know, they they have these fake websites that'll get you to click on it. And before you know it, you know, your information's out there, and there's no getting it back. So it's it's tough because you wanna in your home life, you wanna give that sense of normalcy, and you wanna prepare and and think about getting things back to normal, and and and it's just tough because of all of the the the craziness with the phishing emails. And I think that's a good point to start on is the the nuttiness of the phishing.
And and it's just it's not letting up in any in any sense of the way, in any sense of imagination.
Right. People want to know.
I think, Forrest, there's a, we all want to know where coronavirus is, and there's a a map, a an an infected map, I think, out there. Have you seen that one?
Yeah. So that one, at least the one I'm thinking of was, just a a social engineering Trojan download, run this executable for coronavirus map, and, yeah, just, pretty pretty nasty stuff where it's, like, you know, pretty much the the only reliable sources that I've I've seen from apps have been the the Johns Hopkins, and then there's another one that I've been, doing over curl in a in a terminal. So that's that's probably most most normies out there aren't gonna be No. Getting hit with that one.
But Just go to the Johns Hopkins site and find the map there because you're right.
So here's the thing is that it see we all wanna know where it is. And so we're gonna go find a map. Right? And and like you guys were saying, if there's a download to to keep us apprised with a map kind of real time, some of us are gonna say, hey.
That sounds like a great idea, but it's not because there's bad code in that. And so instead if you and this is the truth for a lot of these phishing things. If it sounds good and you wanna find out more about it, then, go to the source. Search it out and find it from the source, not from something that's coming in unsolicited to your email.
And and, Jen, you know, that's a great point too because there's so there's a craving for information. All of us have this just anytime you're in a crisis situation, you just are so hungry for information.
The challenge is there's a lot of negative information out there. And then when you when you stack that with all of the cyber threats preying on that negativity, boy, it just becomes, a much, much tougher place to try to survive.
I I read some kind of statistic that, eighty percent of the current threat landscape is made up of coronavirus themed events, emails, phishing emails, malware, trojans, any kind of thing related to coronavirus. That's basically the threat landscape right now, which if you know that, that's that's kind of the awareness piece. That's, like, half the battle. If you know that the eighty percent of the landscape is based on these coronavirus themes, then if you can try to avoid that in your business life and your personal life, as much as possible, you might be able to kinda survive this, this cyber war that we're experiencing right now.
Right. And and, on the flip side, we have some positive news coming in that everybody's excited about, and that's also being leveraged in order to get us to click on things.
Help me out here a little bit.
Forrest, I think there's a been seeing a lot of stuff, regarding stimulus. So everybody's gonna get in check.
Yeah.
Yeah. You know, so they they find that as a great opportunity.
Oh, you need, you know, to follow these instructions in order to receive your stimulus or be qualified for it. You know, click this link, go here, do this thing, download this word document. Boom. You know, they've got malicious macro in there and your own.
So, yeah, a lot of people preying on, the the relief efforts that that the government's trying to roll out and get people to to, you know, get back on their feet. So it's it's pretty skeezy, you know, kicking people when they're when they're down. It's, no shame. No shame at all.
Yeah. And businesses really they really need to be careful of some of these stimulus relief bills that are floating around right now. And it's not just in the United States. It's in in the UK as well.
The some of these funds, businesses can apply for up to ten million dollars or I mean, I think that was some statistic that I heard where part of this relief package is if you if your business needs money, you can apply for some relief funds. And you think about that. Well, the the bad guys know that. They're not gonna they're not they're gonna go after where they can get the easiest kind of attack vector.
And if they know that your business is going to potentially apply for some of these funds, they're gonna try to to fish you for it and try to to get that money.
Right.
So so if we look at, some of these, phishing emails, some of the, the as you were saying earlier, the coronavirus themed domain names, One of the things that I hear from just regular folks out there trying to live their lives, trying to make good decisions is, well, I got this, and I just thought I'd click on it to find out if it was legit or not.
Can you describe what the problem is with clicking on a link in an unsolicited email just to find out?
It's, I mean, granted the the number of, like, zero days or things like that that are gonna pop up in a in a a browser, like, drive by download, you used to see that a lot more common, you know, five, six, seven years ago. Now nowadays, not so much. Now it's more social engineering mixed with, you know, the URL. So you click a click a URL, and then, it'll it'll take you to a very legit looking, Google sign in page or, you know, depending if it's if it's being targeted toward a specific organization like a Microsoft login or you know, a lot of these attacks are kind of tailored for, the the technologies that are being used by your organization.
So, and a lot of these these, logins will will actually transparently pass the the credentials through and, do a session hand off. So, you know, see people sign in, and then suddenly they're, you know, in their Google account, they're like, well, this didn't really take me where I thought it was supposed to, but now they have your credentials or, you know, things like that. Or, you click a link and it, you know, then takes you to download a file, which, you know, they can then use to exploit, vulnerable software. So there's, for instance, like, a malicious PDF or, some flaw in, your your Office software or something along those lines or or, macros where it will then act as a a second stage loader where it then goes down and pulls down some, some malicious code to then execute and open up a shell, and now they've got your box.
Yeah. You know what? You got super nerdy on us there. Sorry.
That's I know.
I love that about you. I love that about you, but I need to explain a couple things to some of the because we have promised that we will try and demystify things for people who maybe are not security professionals or aren't even IT people. So let's just just kind of walk backwards a little bit to one of the things you said, which was, there's not a lot of zero days out there anymore. And here's what that means.
So a zero day is where there isn't a patch available for your system or for whatever is being exploited. Usually, an operating system. Like, if you have Windows ten and you have a zero day, then there's no patch available yet, and you're vulnerable to to getting attacked because, Microsoft hasn't come out yet with a with a patch for that zero day. Right?
In general, would you say that's right?
Yeah. Yeah.
But that also assumes that you're not going to hit by get hit by malware because you have patched your systems. So that kinda gets us all into what is the organization doing to protect its regular users from, getting hit by some of these things. Patching is pretty important. Do you wanna speak to to patching a little bit?
Oh, yeah. I I would say in the vast majority of, internal vulnerability assessments that I'm doing for organizations, I see time and again, a lot of places aren't installing updates for their software. Some places are still running, you know, Windows seven. I've even seen server two thousand three, being run-in some environments, and it makes me wanna pull my hair out. But Yep.
You and me both.
You know? So legacy systems are are usually pretty hard to to get rid of. So the the biggest thing is just maintaining, regular, installation schedule for those updates as they come out. That that takes care of, I would say, eighty percent of the the updates that I see.
Or, sorry. Not updates. The eighty percent of the vulnerability.
Flip the script on that as well. And I'd say the other percentage of the, the the other part of the puzzle is awareness. And every organization out there, including your personal life too, it they have to just be aware of what's going on. And awareness is is that that the other half of that battle. I'll give you a perfect example.
My mom calls me the other day. My mom says, I got this email from The Who. And I said, the band. She says, no. No. The, the the the World Health Organization, and they told me that my neighbors tested positive for coronavirus.
I I don't know what to do about it. And I and I said, mom, calm down. There's there's nothing to be aware of. Tell me the URL.
Tell me the email address that came back. And she told it to me. I said, yeah. That's definitely a phishing campaign, a phishing scam.
And I had to explain to her exactly that your your neighbors are probably not positive for coronavirus.
However, I'm not a hundred percent sure, but I could tell you that this email is definitely not something you, you need to be too concerned about. But that's the kind of the the crumbiness of all of this is if you're not aware and your employees are not aware of what's going on out there, at at the very least, making sure that they know that these types of phishing campaigns are happening, that the bad guys are preying on this situation.
One more example for you.
Debit cards. Right? I just saw an email the other day, a phishing email from these these cyber threats.
Antibacterial debit cards. Have you ever heard of such a thing?
Sounds legit.
Yeah. It definitely sounds legit. I'm thinking antibacterial. They're wiping they're taking their Clorox wipes, and they're wiping these bacterial, these how do you sell, like, a debit card that's antibacterial?
But, I mean, they're the banks Yeah. I get an email from Wells Fargo or Bank of America or any of these banks, Chase, out there that they're now giving me an antibacterial debit card. Thank you. But it's not a legit email. So that's the that's the that's the the battle we're up against.
And and you made a good point about, the awareness.
I a lot of us are in IT, and and we struggle with helping our okay.
My mom is almost eighty, and she emailed me the other day, I I guess it was a couple months ago. She was out in Lebanon doing some humanitarian things, and she emails me and says, hey. I don't know what to do because I've got unwanted porn coming up on my machine.
And I'm like, as opposed to the wanted porn? I did not say that to my mother, but that was what I thought in my head. Right?
And and so she describes the the problem. And what had happened was she had gotten duped through a phishing email into downloading support software onto her machine that that gave her, problems on a regular basis that had to get fixed by the support team. So she had a subscription that she was paying because she felt like they were doing a good thing. Right?
And they're just stringing her along with, oh, and this month, this is the porn that you get. And this month, this is the the slowdowns that you get. Like, these are the the things. And so, as organizations, we can do that a lot of security awareness to help our, employees.
But as employees, when we get that information, it's I think it's worth sharing with people who are not part of the the digital generation. Forrest, you cracked me up when you said, yeah. This is how I grew up. And I thought, yeah.
You know what my first game was?
Pong on an Apple two e. I that's so I am barely on the cusp of feeling like I kind of grew up with it because that was high school for me. Right? And And so if you think about the people who are not super comfortable with, how computers work and and the interconnectivity of the of of all of these things, there what are some things that we can tell them that are easy?
Forrest, do you have older people in your life that you're or or less technical people in your life that you're able to do some secured awareness with?
Yeah. Yeah. I the perfect example, I had a a partner, back in the day who had just gotten a brand new, like, three thousand some odd dollar, MacBook Pro, that was basically just a glorified iTunes and Facebook machine. And within two weeks, she had, gotten, taken to a website that was, you know, one of those malvertising, basically.
There's something wrong with your machine generating system pop ups. And, you know, she called it up, and, within, you know, an hour, they had charged three hundred dollars and had installed a, you know, remote access tool on the machine. And I I come home from work at the time when I was in pen test and, yeah, absolutely infuriated at the the people that that would do this, and it's they just they prey on on people's, a lot people have a a natural inclination to trust. And, you know, when when they're told something is wrong, you know, they're inclined to believe it, particularly if it comes to something that they're not familiar with, especially the more technical you can make it look, the the more overwhelmed somebody will feel and, you know, that sets in a sense of panic.
And so, usually, when it comes to those kinds of things, I've I've just informed my family, you know, if something comes up and you're not sure what it is, don't touch anything. Just call me immediately, and, you know, we can we can walk through it and, you know, come at it with a a level clear head and make sure that that you know, whether or not something's legit. And if it is legit, then I can come over and you can make me dinner.
Sounds like a good trade. And it again, it comes back to that that concept that if there's something on your machine or in your email that that brings up that anxiety, that's a really good indication that somebody is trying to make you do something that you would not normally do because you don't think the same way when you're in an anxiety situation as you do when you're calm and and dealing with things that you understand.
Hef, what about passwords? Talk to me about how we can help our, people with passwords and and what effect that can have on our security.
Sure. So, you know, for everyone out there, you have, you know, multiple passwords. Right? And and the challenge is you tend to like to share your password.
You like to share your password both at work and at home, and that's where the trouble starts to kinda take over is where you have the same password that you're using to log on to the network at work, and then you're doing the same password at home. And that can obviously create a huge challenge. So I mean oh, and I I think a lot of us always hear about password safety, password security, password this, password that. We're kinda it's kinda beat into a lot of us.
Well, you know, at the end of the day, humans are the are the firewall. You you are the firewall at your house. You're the firewall at work.
Yeah. There's all these technical things in place to protect, But if you are not cognizant and aware of, you know, using very long passwords and and using a combination of lowercase and uppercase and numbers and symbols and all that other jazz, then you can create a real bad breach in your life.
My recommendation to everyone out there is to kinda take it at heart and put forth a little bit more of an effort if you're not doing so to come up with a little bit more long password.
And, you know, a a perfect example of this, there's a lot of ways that a data breach can happen in your personal life and your professional life. And you think about you you got a a friend, maybe you had a neighbor, and the neighbor is, unemployed and they asked to save money. They said, hey, can I can I borrow can I use access on your your network? And you're thinking nothing of it.
Yeah, no problem. I'll share my my Internet network with you. You've been a good neighbor and everything. Well, you share that password onto your network, and the next thing you know is you you're not secure at your home, and they the neighbor potentially starts snooping around and looking at your files.
That's a perfect, way for for that to happen. But, yeah, there's a lot of different use cases out there or of ways that a data breach can happen in your personal life and professional life simply because you didn't use two factor authentication where you had you have two devices, you have your phone, and when you log in, the login sends a code to your phone, and you gotta then go back and put that code in.
And it's a hassle. Right? I mean, people really don't people don't like two factor or the we're also calling it multifactor. I don't know when that happened, but, you know, both both of those things are talking about basically the same thing.
But but people don't like it because it slows them down. But Yeah. Yeah. If it slows them down, what does it do into the the malicious actors?
Right. And that's that's the thing. Yeah.
It's really but also it's not just slowing them, the malicious actors down. The the what we've seen is that having two fact multifactor, applied, it it makes a real difference in, the protection of an account.
Yeah.
And, you know, if I can make a a point.
Yeah. I just wanna go back to the the passwords.
One thing that I found has been a vast improvement in my life has been leveraging the use of a password manager.
It vastly simplifies my my login process for everything in in my my personal life, my work life, everything. It's it's been wonderful. So now I don't have to you know, because I had, you know, my super secure password that a lot of places didn't like because it was too long or it they didn't like certain symbols that I was using in it. So every site had their special little rules that my passwords had to conform to. And so it was like, if I have my super secure password, but it's different for this site, now I have to remember, you know, x number of variations of that same password, and it just becomes cumbersome. And, eventually, it got to the point where it was just like, you know what?
I am now using the reset password as my password. So everything is just going back to my my inbox. So once I started leveraging a password manager with a browser extension that just ties into that directly, I no longer need to remember, you know, a dozen different passwords. I just have my one long super strong password, passphrase rather.
And then from there, everything else just unlocks automatically. And I don't have to keep, you know, mental notes of, okay. Well, this one does it this way, but that one does it that way. It's lot it's a vastly better user experience that's much more secure.
There's there's no, it's it's not permutable as far as guessing. So if somebody were to, you know, figure out or my password would go were to get breached by some insecure site, you know, somebody can't then turn around and try and password spray and use that across other sites or figure out variations thereof.
Right. So It's all over the Internet.
Is it Johnny twelve?
Is it Johnny thirteen? Is it Johnny fourteen? Right? So if they if they knew one of your, passwords, just, as you said, permutable, taking and modifying it a little bit, It's so easy to access that way. But like you, I I held out for just a ridiculously long time. But about a year ago, I got a password manager, and it has changed my life. Love it.
It really is. It's night and day difference. I love it. Now it's now I only need to know one super secure password, and we're good to go from there.
And and, Jen, you know, this is definitely helpful for the for everyone out there. It's it's about realizing that what the threat actors are trying to do is they're trying to pivot, and they'll they'll try to take your personal life, and then they'll try to get access to your personal life and then pivot into your business life. So being aware of that that your personal life passwords kinda need to be separated out from your business passwords is a very good best practice to be safe out there.
Yep. For sure. For sure. So And, going along oh. No. Go ahead.
I just had one one more point I wanted to make. So, I I find a lot of people, have a difficult time with adjustments. So for instance, my parents, have a very hard time trying to to change how they've normally done things. So in those cases, a password manager was the the barrier to entry was just a little too high for them.
It was I tried to get the concept going, wasn't catching on. It was like, okay. Well, let's do some threat modeling here. What are we really trying to protect against?
We're just trying to make sure randoms on the Internet aren't gonna be able to break in. Okay. Well, randoms on the Internet aren't going to have access to your house. So here is this notebook, and we always give people guff about writing down passwords.
And I don't think that's necessarily appropriate because it depends on what your threat model is. If your threat model isn't, you know, somebody in my home, like, if you're only allowing people that you trust into your home, then you're not worried about them potentially exploiting your accounts. Or if you keep that in a little lockbox even, you know, then somebody needs to be able to get into that lockbox, but then you have your notebook where you have your passwords written down, and you can have strong passwords that you won't necessarily be able to remember but are at least easily accessible for them to be able to use.
Agreed. That's some really good advice, especially since we have looked down on writing down your password. And so it's almost hammered into us that you can't write down your password, but that's with without taking into account what is the actual risk of doing that. So as you say, you're in your home, and you've got it locked up.
The risk of that is so low. And if you really can't manage a password manager and I I've seen it as well. It's very difficult for some people. Writing it down is perfectly fine as long as you take those steps.
So, just final topic here. Just to take it back a little bit to the organization.
When we look at all of the people, the technologies, the processes associated with net network security, there are some organizations that really struggle to to address all of those on their own. Can you speak a little bit about, what managed security services, how how that can be helpful to people?
Yeah. Yeah. Definitely. I I think, managed security is a great approach, just because you're leveraging others' expertise in it. You don't need to be the jack of all trades, you know, running your business and trying to run your network and make sure everything's secure and setting up firewall rules and so on and so forth. You know, manage security, you essentially have that domain expertise where it's like, okay.
I am tapping these people to make sure that, everything is set up how it should be, and they can then monitor and and report back anything that that's going awry. Or, if I ever need to make any changes or, added additional services to my network, they can do so in a secure way. So rather than somebody just punching open, RDP and and allowing remote access open to the Internet, managed security services can be like, you know, that's not a good idea. Let's maybe try and go about it in this different approach. Like, have you guys heard of a VPN?
You know? The things that that can be used to layer security to do you know, get the job done, but also not leave you vulnerable at the end of the day.
It looks like we lost half, and I'm really sad about that because it was really fun. But so we're just gonna wrap up here with Forrest today and say, half thank you so much for for what you offered. We'll we'll make sure that we have a a link to his the blog that he put together for us, in the podcast notes. But before we wrap up, Forrest, is there anything final from you?
Overall, I'd like to say, it's not paranoia if they're actually out to get you.
So having a tinfoil hat in this day and age isn't necessarily a bad thing. If you wanna go back to to Reagan, trust but verify. You know? Make sure that, you're not just blindly accepting what's given to you, you know. Question everything. The truth is out there.
Perfect. Thank you so much for joining us today. And, again, we'll have, plenty of links in the the podcast notes for additional information that you can find out and use to, to meet some of these current threats that we're we're experiencing. Hope you're having a a good week and we'll talk to you again next week. Bye.
Thanks for watching. To watch more episodes of SecurityMetrics podcast, click on the box on the right. If you prefer to listen to this podcast, it's available on all your favorite podcast platforms. See you on the slopes.
.svg)
