A

This is Rich Stroffolino with the department of no, Bill Harmer, CSO over at Supabase. I gotta ask, what is your priority this week?

B

Surviving rsa. The mania is starting, but yeah, I'm really excited to see some of the new tech that's coming out this year.

A

Do you have all your RSA best practices to avoid con cruft and mental fatigue and all of that stuff? The armor is on. The RSA armor is on. Right?

B

I do. The greatest trick I ever learned was from an old sales guy that said drink gin and tonics because you can drink tonics and lime all night. No one will know the difference.

A

Ah. I think that come. I think the Sting made the similar recommendation for. For when you're with Marks. I don't know what that says about rsa, but Chris Ray Field CTO over at gigaom. I gotta ask, what is your priority this week?

C

So I pre, preemptively, proactively, however you wanna say it, I have avoided all the cruft. I am not going to rsa. I've allowed the. The rest of our team the pleasure of coming home with an illness from. From Cal. I'm still focusing on our AI overlords and how to bend our will to achieve what we need.

A

How best to please our forthcoming digital Jesus. Okay, that sounds about RSA and AI overlords. I like this. I like where our minds are at. Right. All right, producer Steve, let's run that opening. Let's get into the show. From the CISO series, it's Department of Know. Welcome indeed to the Department of Know youw Virtual Monday strategy meeting. Our sponsor for today is Threat Locker, so we'll be talking more about them later in the show. Remember to get involved in our YouTube chat. We broadcast live every Monday at 4pm Eastern. So if you are here, if you are joining us for the first time, say hi. We promise we don't bite that much. And if you haven't joined us yet, set a calendar reminder. Mondays at 4pm Eastern. Or send us email feedbackisoseries.com Just a quick reminder that the opinions expressed in the show are in fact those of our guests, not necessarily those of their employers, friends, family or. Or mortal enemies. Either way, it's. It's just that. Don't worry about it. Anyway, we've got about 30 minutes, so let's dive in here. Our first segment is always our no or no segment. This is where there's so much news out there. We need to get down to brass tacks. Is this Something we need to be knowing more about bringing to our security teams, letting, you know, talking about with our peers. Or is this something that says okay, I got, I got the gist, we're good, don't need to know anything more about that. First up here, font rendering hides malicious AI commands Researchers at LayerX released a proof of concept attack that takes advantage of the fact that LLMs look at structured text rather than full page renders. AI tools scanning the PoC's HTML only to see meaningless unreadable content. However, when a browser renders it, it shows malicious instructions to a user. All the big LLM players found this POC to be out of scope, basically saying social engineering. Shrug. Microsoft did address the finding however. Kind of accepted the bug report and said they were going to be working on that. This just another example though of clever steganography. But I got to ask Chris, for you, do you need to know a little more about this or is it a no thank you for you?

C

This is definitely know a little bit more. This is underscoring how the just the perception, right, of how we are trying to secure AI, that huge umbrella term that we can't get away from saying in every single podcast and webinar. It's effectively illiterate, right? It's just sort of pattern matching and trying to do a really good job guessing with 90% accurate accur see what word comes next or what action should I prescribe. It reads codes and tokens while we read text. Attackers are living in that gap. There's that disconnect, right? There's this whole when I seen this story pop up, I was like, what are we trying to describe here? And there used to be the what you see is what you get model, which we're all familiar with when you buy crazy stuff on the Internet. Well, this is the what you see is not what it sees model. The vulnerability in AI agents is that perception difference. And I think it's new for a lot of people. I haven't really put it into tangible terms until recently and this is kind of how I'm approaching the problem now. So yeah, know a little more, talk about this and understand that this is changing how we need to approach securing some aspects of AI.

A

I love stories like this because it preys on assumptions, right? And it's like, oh, why would an LLM not read this exactly like a browser bill for you. What about you? Do you need to know a little more about this or is it a

B

no thank you for you definitely know more about it, if only for the creativity that's being utilized and to highlight those gaps that, that Chris mentioned. You know, your, your security teams are going to approach things based on their experience and knowledge and they're not going to expect that they're dealing with not only an illiterate endpoint but Quite honestly an 8 year old with a gun. Like it's, it has massive power but it has no context, it has no maturity and it's, it's primary directive is to answer the question to please the user to get you the answer that you want, not necessarily how it gets it as well. So I think absolutely, just keep your teams on their toes and stepping out of their own comfort zone to look at what is possible.

A

All right, next up here, SaaS apps enable massive breaches. A new report shows shadow AI embedded in SaaS apps are driving a huge surge in breaches with a 490% increase in attacks and an 80% increase involving sensitive data. I'm sorry, 80% of those are involving sensitive data. This is done through stolen OAuth tokens, always a popular item there. The report points to the 2025 Salesloft drift breach which impacted more than 700 companies as a model for how a single SaaS compromise can spread widely. Large scale breaches like Salesloft are haunting us. Just as expert warned would be the knock on effect of that bill for you. Is this know a little more for your team or is it a no thank you?

B

Know a little more because it shows the absolute lacking in basics. Right. I don't care if it's an AI, if it's a SaaS app, if it's some new widget on the front end, if you're having OAuth tokens stolen, you've got a fundamental problem in your stack and in your protection. So I think good for them for highlighting it but I don't think there's anything new in this but it is showing that we are missing the basic fundamentals. Probably trying to chase the new AI or the new tool.

A

Chris, what about for you? I always, I always think about these reports as does this report help me help the rest of the business better understand this issue? Like here are a bunch of big scary numbers. I know this, I know we need to be doing better at the basics, but does this help? Do these kind of reports, I guess help get buy in for you? Is, is that an attraction to you when looking at these kind of reports?

C

Yeah, to an extent it does. I mean these reports are still too technical really to kind of point at and say See, this is why here understand it's not just me saying it, shouting from the mountaintop. Right? But what it does make me think about is the proliferation of AI, even in approved applications. SaaS, apps, whatever the case may be. I mean, how many times have we received an email that you're subscribed to your SaaS provider? Whatever it is, it could be something silly, it could be something professional, enterprise Y. It's like, hey, we've launched this new AI powered feature. Go check it out. Is that new AI powered feature also approved for use in your enterprise though we don't know because shadow AI is. It's harder to track than shadow it because it's invisible. It could be buried within an approved app. We don't know that. So there's these things and then like we were just Talking about the OAuth token theft is the holy grail for 2026 attackers. Because hey, guess what? All those MFA initiatives that we've worked hard on for the past few years, they don't really matter when it comes to OAuth.

A

Yeah, I mean we went from 8 year old with a gun to I guess 8 year old with your house keys and credit card and an active hatred of you. I don't, I don't know what like, like it's, it gets. Okay, we got.

B

Isn't that a regular 8 year old?

A

I have an 8 year old in the house. I will make no comment. Next up here, critical Microsoft SharePoint flaw now exploited in attacks. Oh look, another SharePoint flaw. Pop the bubble. I don't know. This one enables threat actors without privileges to achieve remote code execution on unpatched servers. Many organizations rely on end of support versions of SharePoint or at least stretching them out as long as they'll go, which is not receive required patches. If you deal with these kinds of companies, does this make this story a no? A little more or a no? Thank you? For you, Chris, I'm going to say no thank you.

C

I mean this is kind of beating the same drum, right? You need to have an environment that you can patch. So using end to support software is no good to begin with. I think everyone agrees and there's going to be no arguments there.

A

You know they do. I mean, there's no argument except that it still persists, right?

C

It still persists. I mean, there's some business justification there somewhere. I hope that's the rationale for making this still happen. The, the only takeaway from this is, you know, these, these deserialization vulnerabilities that allow for Arbitrary remote code execution with low complexity. Air quotes around that, that's never good. That's something to be very mindful of. But you know, like I was going to say, pointing to C says Kev, it's sort of like the ultimate I told you so. But it doesn't do you any good if you can't patch it. What are you going to do? You know, apply some vendors? Virtual patching or wallet off air gap it SharePoint. There's really few options.

A

Bill, are you in the same boat here? Is this no. A little more or no thank you for you?

B

Yeah, it's, you know, it's no, thank you. I don't use SharePoint. I'm not connected with it. It's not in my world. But you know, as the guy that 20 years ago in my career paid Microsoft a couple million bucks to support an end of life operating system for two years so I could get off it, I get why it can happen. But when you look at the dates on these things. 07, 1013 like 13 year old version. Nah, like, I mean you're just, you're not. There is no business justification for that. You should have been doing your due diligence knowing that this is end of life.

A

Yeah. You're not kicking the can down the road or whatever metaphor that is. That's just. Yeah, pure.

B

Oh, you put it in an air cannon and launched it like you

A

CCL in our chat is sending love to anyone that has to administer sharepoints and sharepoint is a beast. Good luck to anyone administering it. All right, last up here. Law enforcement seizes botnet infrastructure agencies in the U.S. germany and Canada helped bring down four major botnets used with the Isuru Kimwolf Jaxkid, a Mossad botnet to deliver DDoS attacks. These are all variant offshoots of the iconic, infamous whatever Mirai botnet. They all built these botnets on IoT device, pretty standard stuff using cameras, routers, DVRs, which evidently still are online. Isuru and Kim Wolf had recently combined for a record setting multi terabit attack against Cloudflare. Just one example of the activity that these guys have been up to. We all have IoT devices somewhere. So does this become a no, a little more or a no thank you for you Bill, I think I put

B

it down as a no.

A

Ish.

B

I'd like to know a little bit more only because I do appreciate law enforcement finalizing the things that we see. The reports get put in, you notify about and sometimes you just never hear back if anything happened from the threat until you shared. So they actually did take it. They worked together. This shows global law enforcement getting together. Whenever you've got a multi terabit attack against Cloudflare, the entire Internet suffers. You feel it across the board. So, yeah, I'm just. If anything, maybe it's just, to me, it's a feel good story in the morning to know that something good came out of it.

A

All right, Chris, what about, you know, a little more on this or no, thank you?

C

Yeah, I'm going to say no, thank you. You know, this is like when I mow my lawn and I'm going somewhere with this. So follow me here. I mow my lawn and it looks really good. You know, neighbors drive by and they're like, boy, that, that lawn looks good.

A

He.

C

That's hard work paying off right there. Guess what? You come by next week and it looks like I did nothing at all. And that's exactly what this is. Good job. We see some botnet infrastructure, but next week it's going to be back up and running. So it's a no, thank you.

A

Yeah, as you were saying that I was thinking, okay, we took down the C2 servers, but there's still a ton of exposed Iot hardware out there that someone else can just figure out how to bring that on. I see producer Steve has some thoughts on this. Steve, jump in here. Let us know what's on your mind with this.

C

Yes, I'm very concerned. I have a robotic lawnmower and I'm

A

now thinking about it being an Iot device.

C

So I'm not sure whether I want to use it.

B

Oh, it is.

C

Oh, it's worse now. It's an OT security problem. You got this bladed robot running around your yard that could be remotely controlled. I'm sorry, man.

A

And battery operated. So if even the mains go out, you know, you got backup power for your. For your botnet. This is the ideal I target for it. Actually, now I'm. Thank you, Steve. I'm even more terrified by the story.

C

I shall. I shall face palm now.

A

All right. While producer Steve is facepalming, I have to spend a few moments to thank our sponsor for today. And that is Threat Locker. Many security strategies still assume everything is allowed until proven. Malicious attackers understand that model well. That's why more organizations are rethinking endpoint security, shifting from detection first tools to control first approaches that reduce attack surface before an incident occurs. Learn more what Threat Locker can do for you@threatlocker.com. all right, here, this is kind of A tenor of story that we're going to be covering probably a lot in the. We've covered it a couple of times before already. We're going to be covering probably some more, but just the effect of ongoing conflicts on cyber crimes. We've got two stories here. One is a report from Akamai that found that cybercrime activity has surged 245% since the start of the war in Iran, with botnet scanning, credential harvesting and reconnaissance targeting banks and critical businesses. Only about 14% of source IPs originate from Iran, with many attacks routed through proxy infrastructure in Russia and China used by hacktivist groups. Kind of the usual suspects there. But according to cisa, the US has not seen an increase in Iranian cyber activity despite recent military strikes, describing the threat landscapes as steady. I don't know if I like that. While warning other actors remain active. Clearly there will be all types of clicking stories, especially in a time of war. But I'm curious, Chris, from your perspective, what is a CISO to make of this in terms of, you know, prioritizing scarce resources? We have, we've seen, certainly with Ukraine and Russia, that, you know, hot, hot wars have very active and ongoing cyber components to them. I'm curious, like, how are you contextualizing reports like this?

C

I guess, yeah, this is tricky. It's perfectly normal. If you're reading this and saying, I have very conflicting opinions, I don't know where to land on this. I'm trying to use the data available to me to make a good choice here and guide my organization. You know, Akamai is looking at the weather, the noise and the volume, the raw data, while CISA is looking at the war, the targeted strikes, the outcomes of, like, Handala. And they're both right. There's not a wrong answer here. You know, we, we know raw data, the logs like Akamai, and then the finished intelligent assessments, that's the, the impact assessments, that's the warnings we're getting. They will tell completely different stories because they're looking at two very different data sets. So that's, that's normal. I just want to kind of get that out of the way. If you feel conflicted, you feel confused, and if you feel lost, hey, most other people, when they see Akamai and CISA with conflicting reports, that's a very understandable position to take. The other side of this is we know banks, fintech, they're almost always going to be the first targets for a geopolitical stress test. Right? Not only are they where the Money is at. But they're how the modern world operates. And anything you can do to cast shade on their reliability, on their integrity, on their availability, go through that whole CIA triad, anything you can do there as a hacktivist group or I'll even say as a terrorism linked organization, you're going to achieve your outcomes even if you're unsuccessful. That's. That's why they do what they do. And this, you know, in, in my head as we're talking through this, I'm thinking this kind of links back to that botnet story that I just said no, thank you on. I'm still no, thank you on that. That's like, okay, I'll read the headline and that's good enough. Like I need to know that. But that, that kind of tells me this is what Akamai is seeing. They're seeing this botnet activity, they're seeing the raw data logs. And so they're coming to their own conclusion. As far as actionable advice for your, you know, the executive leadership, audience that may be watching or maybe even somebody that's further down in the stack and you want to influence up, you know, I would look at it and put it in the context of your organization. What are the, the actual consequences here? Are there any consequences? Are there any risks? Or is this one of those where the risks go super deep into a narrow sector of the industry or whatever the case may be, the organization, the global markets, and it just completely bypasses you. Both of those are possible. So this is one of those where you have to contextualize it, understand it and view it from your lens, otherwise it won't do you any good.

A

Bill, what about for you? I mean, contextualizing threat intel always seems like a good idea. And Chris, thank you for helping kind of separate out those two different signals and the priorities. Right. And that those are not at cross purposes. They are, they are completely kind of disparate signals there. So I appreciate that. But Bill, what about for you? Like, where's your mind at with this?

B

It's, it's interesting because I hate it when it comes to bringing up the, the political aspect of this. But you also have to look at the fact that CESA has been gutted. They're down 1100 people this year. The, the leadership has been gutted and I hate going here, but do I trust information coming out of the government, especially about a war that they started that is now saying, well, there's no effect from it, like, we're not seeing this. Akamai, like Chris said, they see the raw data, the raw logs, and I would suspect that possibly in this report where they're saying CISA is saying nothing new and Akamai saying higher in finance. I'd like to see. Did, did we see a swing? Did, did Akamai see a shift of. It's dropped over here. They're now going after the finance because they need to finance the war or they want to cripple the financial infrastructure of the US to stop, to put pressure on them to stop the war. There's, I think there's other pieces that come in behind this. But yeah, when I, when I read it, my instant, my instant peace was the regret of really good people getting shoved out of the CISO roles and, and what that means for the future of this country.

A

Yeah, the, just the indeterminacy of that. Right. It gives you pause, right. When just the fact that CISA's leadership has like literally like the head of CESA, they've just, you know, confirmed somebody after over a year. Right. Of interim leadership, which means more turnover even as they have reduced steps. So it's like all, all of that. Yes. Is it makes it more indeterminate. Right. It adds a, A, A question mark. Right. Where you would ideally not like that. Bill. I love that though. That kind of. Yeah. I want to see. It's been steady. But has like the, the, the standard deviation of activity. Right. Is has that been affected? Even though if the average, you know, kind of remains the same there. But yes, definitely something that we want to. Obviously we will, we will keep monitoring as we have relevant developments. The other thing I think of is also this makes me question of this is a sophisticated actor.

B

Right.

A

I mean it's a nation state actor. Right. There could be more long game implications here as well. Right. That we're, that these, you know, this increased activity might be showing like more intent to try and go after. Right. Not just necessarily a media game. I don't know how that jives with all the geopolitical context. It is a hot war. So you would think they would also, you know, want, you know, quick results or something like that. But it is, it is. That is be above my pay grade, as they say. But it is, it is interesting to see these signals and obviously as we see more of them, we will try and figure out what they mean for security teams kind of sticking with the government beat here. Our next story here. Energy department to release first cyber strategy. Another week, another federal cyber strategy the U.S. department of Energy will soon release. Easier for me to say soon. Release a strategic plan for how it intends to protect the energy grid from cyber attacks. This will supplement the recently released national Cybersecurity Strategy and rely heavily on public private partnerships, which was a major theme of the National Cyber Strategy as well. Again, for CISOs trying to build stability in their cybersecurity plans. Do these numerous and, you know, seemingly changing federal strategies help kind of provide some guideposts? Is this a lack of clarity? Bill? You know, we were just talking about CISA over here. When we see this coming from the Department of Energy, I'm curious, what is your reaction on this?

B

If they could keep the grid up, that would be great. Having lived in Texas and, and watched it collapse repeatedly, I don't know, I think maybe I'm getting a little jaded when it comes to sort of the Department of doing stuff and I tend to take it with a lot of salt. I think, I hope that it's the right plan. I like the partnership with private industry. I think that's critically important and I think if they can get down that route and they can get the politics out of it and address it, that we will be in a better place at the end of it. But I'm kind of a prove it guy, so, you know, I haven't seen a whole hell of a lot coming out that was terribly inspiring so far.

A

So, yeah, yeah, for this to be useful, I feel like I would want something extraordinarily tailored, right. Where I want the stakeholders, like deeply involved. The reason you have that public private partnership, right, is to know like, okay, what's possible, what's the current state? Right. Like what can we move on quickly, what needs longer term investment, like that kind of stuff as opposed to we have a strategy. I mean, that's good. Chris, I'm curious, from your perspective, anything in this stand out to you?

C

It's not so much standing out as much as it's like, I don't know if I like the trajectory here. Kind of like what Bill said, Department of Wild Card, whatever name in there. There's something I like, there's something I don't like. I like that there's sector specific approaches which aims to reduce the one size fits all friction associated with like a national policy. Specific guidance for specific industries is always going to be more actionable. It's always going to be more applicable. It's always going to be just better. Overall. My concern is, is if you have an organization or a supplier or vendor, whatever the case is, and they dabble in more than one of these verticals, they may take a wait and see approach, like, let's see how much overlap there is between these so we don't have to, you know, have separate initiatives for all of these different public private partnerships that are coming out. Or they may say, you know, this is one of those things where we probably already are doing good enough and we can kind of fudge our way through the first audit or whatever the case, whatever they're going to be doing here. It opens up this whole gray area of there's a lot of demands being made because of these partnerships, because of this guidance that's coming out and we're already stretched very thin from an operational perspective. So how is this actually going to come to fruition in reality? I don't like having a question mark to that statement.

A

Yeah, that doesn't leave you with the warm and fuzzies long term. Anytime you're kind of left with that as your kind of takeaway. I'll just up the stakes right here. I've been going super deep and nerdy into researching virtual power plants VPPs recently, which is essentially like this is a whole another thing. This is just rich being weird here just for a second. But essentially it's aggregating like home power usage with home batteries and stuff like that, and then sending that back to the grid and using that as a virtual power plant. And that would be wonderful to combine the Energy Department of Energy cyber strategy with the IoT botnet, because these are all going to be privately held infrastructure in people's houses. I was just thinking how can we combine these, these two stories? Oh, fantastic. Botnets of virtual power plants. It's the way of the future here. Fantastic. Our last story here for today. Virtual Azure Monitor alerts used for callback phishing attacks. This is a classic phishing story, but with a twist. The threat actors behind this scheme are sending standard please pay this bill messages through Azure Monitor. But unlike other phishing campaigns, these messages are not spoofed, but are sent directly by the Microsoft Azure Monitor platform using the legitimate azure no replyicrosoft.com email address. This certainly seems to raise the stake when it comes to, you know, getting people to be vigilant. Hey, only click on things that are verified. This would seem to pass any kind of allow listing you have on here. Chris, I'm curious for you. What does this bring to mind when you see a story like this?

C

It brings to mind a burglar wearing a police uniform, driving a cop car, using a real police megaphone, telling you to open the front door to Your house. You know, there's that whole, does that scenario make sense for the police to show up your house and do that? No. But at the same time we're, you know, our behaviors are such, and we're trained in such a way that if we see all these legitimacy things, all these indications of legitimacy, it kind of, it turns off so many of our cautious approaches to stuff. So that's, that's where my head's at with it. You know, attackers are hijacking the legitimacy of the Microsoft platform. This is going to make traditional phishing training either adapt or become obsolete. Just so we can also expand the scope here a little bit. Because who doesn't want more trouble? This isn't a Microsoft problem. Google still has this problem. I've seen it in practice. If you send an email to a Google group, which then automatically forwards based on a rule, that email will be delivered with a google.com email address. This is expected behavior. This is how they designed it. It bypasses dkim Spiff, it bypasses dmarc. It just comes right through and it's delivered and it looks like it should be. So this isn't necessarily a new problem. It's just a new, very common top level domain that somebody figured out you can do it with.

A

Bill, I heard you say the word impossible, so that makes me think you may be thinking along the same lines I am with this. But I'm curious, does this make this impossible as an expectation for employees to, to pass the phishing test here?

B

Well, that's the thing, I think, I think it's proving that this, this intent of teaching people to visually identify forgeries. You might as well be doing this with counterfeit money. Like I couldn't tell a counterfeit bill from a real one. If you handed me one. I might need a light or something. I'd have to even know. And you know, we preached for years this zero trust, but at this point then are you saying I don't trust any channel inside the house? Like the call is literally coming from inside the house. So there is no trust anymore either. So I think it really highlights that we need to be doing closed loop validation on certain things that are based on a risk level. So if it's call and pay this bill and that bill is $22 or even $200, maybe you just pay it because, you know your bills for the month are $14 million and 200 bucks isn't. It isn't worth trying to build all the architecture on it. But if you're, if you're paying out a $22,000 bill, you should have something in play that, that validates these actions because it's just going to get better. Like the old days of mistyped, you know, poor grammar, spelling mistakes was done because they were targeting people that just weren't smart enough to notice it or caring enough. Yeah it was intentional thing. Now they are so clean. Even the ones that come from outside are so clean that maybe you don't happen to notice the URL. If you notice I wear glasses, I can't read my damn screen without them. So. So, you know, smaller fonts, hidden URLs, there's all sorts of stuff and it's going to keep coming and coming and coming. So I think it's really highlighting that yes, the user's the weakest link. The truth is they're the easiest target and we need to be building the systems and the processes so that we take those decisions, the critical decisions, the ones that cannot recover from out of their hands and we put the extra checks in place.

C

I feel like you and producer Steve got together.

A

Yeah, what was that, Chris?

C

I say I feel like you and producer Steve got together on this one. Sounds like something he would say.

A

Sage words of wisdom I can depend on from across the department of no spectrum. Always, always appreciate. Speaking of sage words of wisdom we're going to be before we get out of here, we have to do. We got to get a little advice. We have the brain trust here. Chris and Bill, both of you here. Bill, I got to ask you. Based on our discussions today, a lot of meaty topics I'm going to say not a lot of great feels. I'm not going to lie on this episode. Any piece of advice you can leave our audience with to take away here. Yeah.

B

Push everything you can to pass for pass keys like the, the, the activity that we're seeing and the sophistication that we're seeing on the phishing alerts that will pull your get they'll get you to punch in that number off your Google or your auth whatever. Go to the pass keys if, if anything just do it on your socials, on anything that's public like that. Start moving your companies over I I

A

100 that is wonder if we can all get there. We can just raise that bar just one level kind of instantly. That would be awesome. Chris, what about you? What is a is a sage words of wisdom that you will leave our audience with today?

C

I'll leave you guys with this. So I'm obviously field cto, researcher, analyst I don't get woken up by PagerDuty at 3am anymore. So I will tell you, if I was still in the enterprise and this is my take, I'd say my priority this week is auditing our SaaS apps before they turn into 700 growth opportunities for a hacker's LinkedIn profile.

A

I like that. I like that. That's all I'm going to think of whenever I see a SaaS app. It's a potential growth opportunity is kind of beautiful. I absolutely love that. Thank you so much. Bill Harmer, Sisso over at Supabase and Chris Ray as mentioned, the Field cto over at Gigaom. We will have links to their LinkedIn profiles in the show notes. Both are amazing. Follows you should definitely check them out. Spend some virtual time with their online avatars. It gets weirder the longer I go with this. Just give them a follow. It's worth your time, believe me. Also, a huge thank you to our sponsor for today, Threat Locker. And remember, you can send us feedback anytime. Feedbackisoseries.com we read everything that you send in. We deeply appreciate it and we always take your feedback into account and it's appreciated. Join us again next Monday, 4pm Eastern, for another edition of the Department of no. To get more information on that. To find the YouTube stream and all of that good stuff, go to cisoseries.com and click on our Events tab. That will have all the information on all the fun stuff we have coming up, including on Super Cyber Friday. All of April will be focused on trust. We're calling it Trust Month, so make sure you check that out as well. We have four fantastic live streams are going to be happening every Friday in April, so you want to check that out as well. Thank you so much for joining our Monday standup. I know your time is valuable, so I appreciate you spending it with the CISO series. Have a great week. Stay secure out there. And for all of us here at the CISO series, for myself, for producer Steve, for the big boss man David Spark, here's wishing you and yours to have a super sparkly day. Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines.