Matt Covington (14:42)

Yeah, absolutely. So for me it's felt like a high school reunion, bumping into so old colleagues, getting to see what everyone's up to. And so it's, it's always an incredible pleasure to be here for that reason. Just build your networks, reconnect with people. Everyone's talking about AI, obviously, agentic AI more specifically. And so the buzz here is the buzz everywhere. But it seems like there are a lot of folks about, everyone's really interested. You know, the, the exhibit floor seemed like it was heaving anytime you went down there. We have had some excellent meetings here with partners, with prospects and with customers. So no, overall, it's been a great week.

Dave Bittner (15:21)

Well, I mean, let's touch on the hot topic, which as you mentioned is AI and more specifically agentic AI. Does that cross paths at all with the work you and your colleagues at Blackcloak do?

Matt Covington (15:32)

Yeah, it's really interesting. So I think one of the things that we do. So I'll sort of get into a little bit of one of our core use cases. And so fundamentally our value proposition for our members is we will help you to reduce your digital footprint to be as small as possible. Given it will never be zero. There will always be some trace. We can remove data from data broker sites, you know, images of your house from the street view on Google Maps. And so we do a lot of work around this. And obviously in doing that work, we're interacting with web content all the time. And so having an AI agent that's able to understand the context of the kind of page it's looking at and to reason around the page to say, yes, I understand that this is an input field for first name, last name, location, and this is an opt out button which can be the same thing as a removal button. And so I think for us there's a lot of promise in the idea that we can be much more efficient in how we are collecting data from these pages, how we're submitting opt out requests on a member's behalf. And so yes, in short, I think there's definitely an application here for the work that we're engaged in and it's quite exciting to see how far and how fast things are traveling.

Dave Bittner (16:46)

Well, I mean, speaking to the types of services and products that you all provide, in conversations with folks coming to the conference from all over the world, I have spoken to multiple international travelers who've said that there is increased scrutiny at the borders and we're kind of in this place right now, now Where I think people are figuring out how far things are going to go and how much is this a new reality or a transitional thing, but that plays into the types of things that you are all are helping with as well?

Matt Covington (17:22)

Yeah, I think so. I mean, one of the services we provide, again, you know, there are lots of things you can do with automation. There are many things you can't. And so one of the concierge services we provide is just advice on how to safely configure social media. And a lot of times we'll give briefings to families about safe use of social media, what's appropriate to do and what it isn't appropriate to do. And so again, that sense of how I should be using social media in a safe way would inherently, I think make it much less of a risk if you were in one of those scenarios where suddenly you have somebody looking over your device. In other cases, as I said, when we have folks traveling overseas, a lot of times the best recommendation is take a burner phone, right? Take a phone, do what you need to do, install the apps you need. When you come back, you can wipe it.

Dave Bittner (18:10)

That's a really interesting insight, I think, about the family, right, Because I imagine, you know, a teenage child, you know, mom is a high powered executive somewhere, the kids didn't sign up for this. You know, maybe the spouse knew what they were getting into. But so there's kind of a nurturing aspect to it as well as part of that bubble you try to put around the whole family 100%.

Matt Covington (18:39)

And I think that is the hardest thing, I think, for a lot of executives is to have to acknowledge that you are part of the brand, right? If you're a top executive at a financial services organization, particularly if you're public, particularly if you are a figure of noteworthy figure who is in the news, you know, that that does make you part of the corporate attack surface. And so a lot of times when we're talking to grizzled, you know, CISOs will talk in those terms and say, you know, you can't just think about attack surface in terms of IP ranges, right? You have to think about the people and their families as well. And so I think really the founding principle of Black cloak was to be able to, it's almost have your cake and eat it too, right? Because we are able to extend security protections to the home. We have a range of privacy and security features for the executive, for their spouse, for adult children, teenagers living in the home. But by the same token, it is not automatic that that Information gets shared back. And so let's say, for example, that an executive's information gets breached for a site they're a member of and they don't necessarily want their CISO to know all of their social activities, all of their hobbies. And so through Blackcloak, they're able to come directly to us as that sort of trusted intermediary to work on those issues without having to necessarily have all of the details of their home life, their children's home life, their spouse's home life, common knowledge for the IT team in the office. And so in some respects, our SOC team acts as an extension of the ciso. So when there's an issue with a family device, they can call us rather than calling the ciso and we'll take care of that in a discrete way without necessarily again, having to pass all of that data back up the chain to the company.

Dave Bittner (20:29)

Interesting. I never really thought about reputational protection flowing to the company itself.

Matt Covington (20:38)

Yes, it's really interesting. Right. Again, there's that two way street. I mean, obviously for as I said, the individual is part of the brand, but also actions of the individual can in some cases reflect negatively on the brand as well. So there's a really, the dynamic between the personal and the business. It is not a clean line, as much as we would like to believe that it is. It's a gray area. And the reality is that we may write a policy that says we will respect privacy, we will separate these things. An attacker doesn't care. Right. And in fact, if I'm looking at targeting an individual, right. Am I going to try and target a corporate resource that is probably going to be very well defended with enterprise grade security, or am I going to try and sneak in the back door? Right. I'm going to find, I can go to a data broker site and I'm going to find an email address or a phone number or a social media account and I can target my attack that way. And so again, that's sort of the role the black cloak plays, is expanding that secure perimeter outside the four walls of the organization.

Dave Bittner (21:38)

The other thing that strikes me is it's in a similar way, perhaps at a different scale to how we think of the cyber realm. Crosses into the physical world with things like CRIT infrastructure, with keeping the lights on and the trains running and the airplanes flying and that sort of thing. But the work that you all do also crosses over into the physical world. Protection of people beyond just their zeros and ones.

Matt Covington (22:09)

Yeah, that's absolutely the case. And so for example, one of the things we'll typically do, every member gets an individual one on one zoom onboarding call. And we cover things like, you know, property addresses being online. Right. And again, that information from a data broker could end up being very dangerous, Right. If you have, you know, the street address and then potentially there's a Zillow home listing from a couple of years ago that has the property pictures of all the rooms. It's very important that, you know, we take action to get those things removed because there definitely is that sense that the cyber always is a leading indicator in some respects of what's going to happen in the physical world. I mean, in past lives I've worked with security companies who are very much about this, like looking at social media as early indicators for, you know, it starts as an online campaign group of people who are unhappy about, you know, the policy of a given organization. And the next thing you know they're picketing outside the CEO's house or outside their kids school for the school run to try and generate embarrassment. And so again, I think what it comes down to is that what we're able to do, again, no such thing as perfection in this world, but you want to take every effort you can just to remove as much information as you can. And so again, there's always that don't be the fish, right? You don't want to be the easy person to target or attack and you hope that attacker gets frustrated and moves on to an easier target.

Dave Bittner (23:37)

How do you dial in an appropriate amount of respect for the risks without unnecessarily injecting paranoia or fear into the people that you're working with?

Matt Covington (23:52)

That's a great question and it's definitely a journey, right? And I think we like to say that we're perfectly happy to do a crawl walk run with our members. And so the initial call we'll get some of the basic protections in place, but maybe we won't go to the PC or the Mac and install software there. And so it's definitely that sort of very kind of gentle approach. And so we do, when we first have the onboarding call, we will give the member an indication of what's out there, but it's always in the context of what the good news is. We're busy taking care of this for you. And so for example, we'll have representative data to say, look, you know, these email addresses have been in data breaches. We know those data breaches have Social Security numbers. So we might consider as the next thing you can schedule A concierge call and we'll walk you through credit freeze and locks, for example. And so it's always trying to frame the risk in the context of the action. And so it's always that pivot to action. Right. We want all of the information we're putting in front of our members to feel like the solution or the remediation is wrapped into the messaging. It's not the scare tactic of a wall of red alerts with no indication what I'm supposed to do about them. And in fact, in a lot of cases, one of the things we'll do is we actually, you know, so on a home PC we have an enterprise grade EDR solution running on those and if we detect malware, it actually signals back to the SoC. And so they will then proactively reach out and say, hey, just so you know, we've seen this, this is what we're going to do about it. Rather than again having a siren go off and red lights flashing on the PC, which again, could be legitimately terrifying for somebody who isn't well versed in security. And that's one of the, for me joining Blackcloak, joined about a year ago, it is, that's the nuance. Right. We sell to ciso, but our responsibility is ultimately to the member themselves. And it's not a technical audience. You can't use technical language when you talk to them. And Chris Pearson has a great philosophy which is, you know, anytime you put a new feature or a new screen, would mum be able to understand it? Right. Could it, could you show it to your mum? Could she understand what we're saying and what we're recommending to do. And that's never a bad philosophy to have in what we're trying to do.

Dave Bittner (26:07)

Yeah. And coming back to the fact that here we are at RSAC and really a one stop shop for a big high level picture of everything going on in cybersecurity. How do you define your place in the community, in the ecosystem? What is the spot that you all fill?

Matt Covington (26:26)

Yeah, that's a really great question. And so I think what we're doing is we're putting together maybe a little sub slot. Right. And so in talking about Digital Executive Protection, which is how we describe ourselves, obviously one element of that is just simply sales and marketing motion for our products. We also recently put together a document called the Digital Executive Protection Framework, which is really trying to kind of break out all of the different categories and all of the different elements under those categories in almost a NIST like framework just so, again, you can hand it over. And again, not all of these things are necessarily things that Black Cloak protects about, but it's trying to take a holistic community center view of what we believe this space should be. We think it's very important. We're very passionate about digital executive protection as a space and as a category. And so it's sort of an opportunity to go out and talk about this. And that's our little segment. And so again, we're not really we sell to the enterprise, but again, it's really about that relationship with the member, the end user that is so incredibly important for what we do.

Dave Bittner (27:36)

That's Matt Covington, VP of product at Black Cloak. And finally, the federal quiet expansion of data sharing efforts enabled by President Trump's March executive order has sparked growing concerns among privacy advocates, technologists and civil liberties groups. Central to the initiative is Palantir, a data analytics firm now working across multiple federal agencies, including dhs, HHS and the irs, to integrate vast stores of personal data. While the stated goal is to improve efficiency and break down information silos, the move raises serious questions about oversight, transparency and the potential risks of centralizing sensitive information. Palantir's foundry platform can consolidate and analyze complex datasets, making it possible to create detailed profiles of individuals using data originally collected for other purposes. Critics worry this level of integration, if not carefully governed, could erode public trust and expose citizens to unintended consequences. Even some Palantir employees have voiced discomfort with the direction of the company's government work, highlighting the need for ongoing scrutiny and clear limits on how personal data is used. Maybe the real efficiency was the friends personal information we consolidated along the way. Just a thought. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com be sure to check out this weekend's research Saturday and my conversation with John Hammond, principal security researcher at Huntress. We're discussing their research critical gladonet Center Stack and Trio Fox Vulnerability Exploited in the Wild. That's research Saturday. Check it out. N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliott Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here next week. And now a word from our sponsor, Threat Locker. Keeping your system secure shouldn't mean constantly reacting to threats Threat Locker helps you take a different approach by giving you full control over what software can run in your environment. If it's not approved, it doesn't run. Simple as that. It's a way to stop ransomware and other attacks before they start without adding extra complexity to your day. See how ThreatLocker can help you lock down your environment at www.threatlocker.com.