1 00:00:22,720 --> 00:00:26,160 all right thanks for joining us today i 2 00:00:24,240 --> 00:00:26,560 want to welcome nick selby a good friend 3 00:00:26,160 --> 00:00:28,880 who 4 00:00:26,560 --> 00:00:30,000 has spoken at corncon before he's the 5 00:00:28,880 --> 00:00:32,479 chief security officer 6 00:00:30,000 --> 00:00:33,920 at paxos trust company and he's going to 7 00:00:32,479 --> 00:00:37,199 speak today on tech debt 8 00:00:33,920 --> 00:00:38,960 burn down kill it with fire so 9 00:00:37,200 --> 00:00:40,559 i'll stop sharing my screen and you can 10 00:00:38,960 --> 00:00:41,360 share yours if you want nick thanks for 11 00:00:40,559 --> 00:00:43,360 coming 12 00:00:41,360 --> 00:00:45,280 outstanding thanks a lot can you hear me 13 00:00:43,360 --> 00:00:47,440 okay everything everything is good 14 00:00:45,280 --> 00:00:48,320 yup i can hear you excellent i'm going 15 00:00:47,440 --> 00:00:49,919 to see if i can 16 00:00:48,320 --> 00:00:52,000 actually do this since i've never 17 00:00:49,920 --> 00:00:55,280 actually believe it or not done 18 00:00:52,000 --> 00:00:57,199 a um a zoom before 19 00:00:55,280 --> 00:00:59,600 so am i you guys see my screen and 20 00:00:57,199 --> 00:01:02,480 everything's yep your screen looks great 21 00:00:59,600 --> 00:01:03,920 okay hey thanks a lot everybody um so 22 00:01:02,480 --> 00:01:05,039 yeah burning technical debt it's 23 00:01:03,920 --> 00:01:08,400 something that we all have 24 00:01:05,040 --> 00:01:09,280 and um i get asked about it quite a bit 25 00:01:08,400 --> 00:01:12,400 because it's it's a 26 00:01:09,280 --> 00:01:14,320 it's a big focus of mine i will 27 00:01:12,400 --> 00:01:15,920 jump right in and hopefully we'll get 28 00:01:14,320 --> 00:01:19,439 some questions at the end 29 00:01:15,920 --> 00:01:21,360 um i am as john said cso of paxos trust 30 00:01:19,439 --> 00:01:22,798 where 31 00:01:21,360 --> 00:01:24,840 we have something to do with blockchain 32 00:01:22,799 --> 00:01:27,759 um actually we 33 00:01:24,840 --> 00:01:29,600 empower large financial organizations by 34 00:01:27,759 --> 00:01:30,079 providing blockchain infrastructure to 35 00:01:29,600 --> 00:01:33,360 do 36 00:01:30,079 --> 00:01:35,039 really cool things and we also have a um 37 00:01:33,360 --> 00:01:36,799 a couple of the biggest stable coins out 38 00:01:35,040 --> 00:01:40,000 there tied to gold 39 00:01:36,799 --> 00:01:42,240 and uh us dollars right before 40 00:01:40,000 --> 00:01:43,680 paxos i was at the nypd where i was the 41 00:01:42,240 --> 00:01:46,320 director of cyber intelligence 42 00:01:43,680 --> 00:01:47,280 and uh investigations and i also was a 43 00:01:46,320 --> 00:01:48,479 detective in 44 00:01:47,280 --> 00:01:50,640 the middle of the police department in 45 00:01:48,479 --> 00:01:54,079 texas i was also a um 46 00:01:50,640 --> 00:01:57,360 i had a startup in texas um for 47 00:01:54,079 --> 00:01:59,360 for about five years and uh that that 48 00:01:57,360 --> 00:02:00,399 fed some of my knowledge about tech debt 49 00:01:59,360 --> 00:02:02,719 um 50 00:02:00,399 --> 00:02:04,399 from you know the hard way uh but i also 51 00:02:02,719 --> 00:02:06,158 spent about ten years doing 52 00:02:04,399 --> 00:02:08,080 uh incident response so you know if you 53 00:02:06,159 --> 00:02:08,720 saw me something terrible had just 54 00:02:08,080 --> 00:02:10,560 happened 55 00:02:08,720 --> 00:02:13,359 uh and prior to that in 2005 i 56 00:02:10,560 --> 00:02:14,160 established the security practice at 451 57 00:02:13,360 --> 00:02:17,120 research or 58 00:02:14,160 --> 00:02:18,400 451 group which is now 451 research um 59 00:02:17,120 --> 00:02:19,280 my son and i were talking last night 60 00:02:18,400 --> 00:02:21,920 about 61 00:02:19,280 --> 00:02:23,360 tech debt and he was we were sort of 62 00:02:21,920 --> 00:02:23,920 going back and forth about whether this 63 00:02:23,360 --> 00:02:25,520 is a 64 00:02:23,920 --> 00:02:27,599 digital phenomenon whether this is a 65 00:02:25,520 --> 00:02:29,520 phenomenon of the the new 66 00:02:27,599 --> 00:02:31,200 you know cloud world and no it's it's 67 00:02:29,520 --> 00:02:32,800 actually a human phenomenon 68 00:02:31,200 --> 00:02:34,000 and uh we were talking and he just 69 00:02:32,800 --> 00:02:34,800 immediately said oh yeah the great 70 00:02:34,000 --> 00:02:36,800 escape 71 00:02:34,800 --> 00:02:38,480 is is really a good example of that and 72 00:02:36,800 --> 00:02:38,959 we both read the book and seen the movie 73 00:02:38,480 --> 00:02:40,160 and 74 00:02:38,959 --> 00:02:41,840 um while they're different there's 75 00:02:40,160 --> 00:02:43,359 there's a few things that actually are 76 00:02:41,840 --> 00:02:45,200 are the same and he's absolutely right 77 00:02:43,360 --> 00:02:47,040 it's a perfect example of technical debt 78 00:02:45,200 --> 00:02:49,359 and the reason i say that 79 00:02:47,040 --> 00:02:50,079 um you know you probably know that the 80 00:02:49,360 --> 00:02:52,480 basic story 81 00:02:50,080 --> 00:02:53,840 which is a an officer a prisoner camp in 82 00:02:52,480 --> 00:02:55,119 world war ii and there were current 83 00:02:53,840 --> 00:02:57,360 canadians americans 84 00:02:55,120 --> 00:02:58,159 brits and australians uh they were all 85 00:02:57,360 --> 00:03:01,440 officers 86 00:02:58,159 --> 00:03:02,239 mostly aviators they really wanted to 87 00:03:01,440 --> 00:03:04,000 innovate in 88 00:03:02,239 --> 00:03:05,760 in how they did escapes and they wanted 89 00:03:04,000 --> 00:03:08,560 to come up with a new product 90 00:03:05,760 --> 00:03:09,760 to get more people out than ever the 91 00:03:08,560 --> 00:03:11,200 most important thing that they wanted to 92 00:03:09,760 --> 00:03:12,319 do was not actually get the people out 93 00:03:11,200 --> 00:03:13,679 but they wanted to 94 00:03:12,319 --> 00:03:16,159 make the germans use too much of their 95 00:03:13,680 --> 00:03:17,120 resources um burn up all their resources 96 00:03:16,159 --> 00:03:19,599 at home so that 97 00:03:17,120 --> 00:03:21,200 uh their comrades and arms could could 98 00:03:19,599 --> 00:03:22,959 launch uh successful attacks 99 00:03:21,200 --> 00:03:24,798 and the way they thought about this was 100 00:03:22,959 --> 00:03:25,599 they said let's let's build a lot of 101 00:03:24,799 --> 00:03:28,159 tunnels 102 00:03:25,599 --> 00:03:29,839 in a place that the germans put us with 103 00:03:28,159 --> 00:03:31,280 sandy soil so that we couldn't tunnel at 104 00:03:29,840 --> 00:03:32,239 all and boy will that be innovative and 105 00:03:31,280 --> 00:03:34,480 surprising 106 00:03:32,239 --> 00:03:35,920 and so they they began work on three 107 00:03:34,480 --> 00:03:36,959 simultaneous tunnels they called tom 108 00:03:35,920 --> 00:03:38,399 dick and harry there was actually a 109 00:03:36,959 --> 00:03:41,440 fourth called george that they didn't 110 00:03:38,400 --> 00:03:42,720 they didn't end up doing but um 111 00:03:41,440 --> 00:03:45,440 they pushed really hard to get all the 112 00:03:42,720 --> 00:03:46,720 features and the the features were that 113 00:03:45,440 --> 00:03:47,680 you know you had to be able to fit a man 114 00:03:46,720 --> 00:03:49,519 but they had to make some 115 00:03:47,680 --> 00:03:51,280 they had to make a bunch of compromises 116 00:03:49,519 --> 00:03:53,200 as they went they had to make them 117 00:03:51,280 --> 00:03:54,640 uh less deep than they than they wanted 118 00:03:53,200 --> 00:03:56,159 they had to show them up less 119 00:03:54,640 --> 00:03:58,559 less than they wanted and they had to 120 00:03:56,159 --> 00:03:59,840 make them thinner and um 121 00:03:58,560 --> 00:04:01,760 there were more choke points than they 122 00:03:59,840 --> 00:04:02,959 wanted and so they they suffered from 123 00:04:01,760 --> 00:04:03,760 collapse as they suffered from them 124 00:04:02,959 --> 00:04:05,519 getting stuck in 125 00:04:03,760 --> 00:04:07,439 the narrow tunnel and and a bunch of 126 00:04:05,519 --> 00:04:11,040 other challenges but in the end 127 00:04:07,439 --> 00:04:11,760 77 of the expected 250 people managed to 128 00:04:11,040 --> 00:04:14,239 get through 129 00:04:11,760 --> 00:04:15,040 76 actually escaped the 77th actually 130 00:04:14,239 --> 00:04:17,040 surrendered 131 00:04:15,040 --> 00:04:18,159 um there were 600 people who worked on 132 00:04:17,040 --> 00:04:20,959 the thing 133 00:04:18,160 --> 00:04:22,160 so what i'm saying is is that by shoring 134 00:04:20,959 --> 00:04:23,280 up the infrastructure 135 00:04:22,160 --> 00:04:25,520 even when you have not great 136 00:04:23,280 --> 00:04:26,719 infrastructure you can make things work 137 00:04:25,520 --> 00:04:28,159 if there is technical debt 138 00:04:26,720 --> 00:04:29,919 it's just that they don't work as well 139 00:04:28,160 --> 00:04:31,440 and that they don't work as safely 140 00:04:29,919 --> 00:04:32,960 um if you take a look at some of some of 141 00:04:31,440 --> 00:04:34,479 the stuff that they did to 142 00:04:32,960 --> 00:04:36,000 shore up their infrastructure i mean 143 00:04:34,479 --> 00:04:37,840 they stole everything and that was 144 00:04:36,000 --> 00:04:38,960 actually part of the downfall part of 145 00:04:37,840 --> 00:04:40,159 the ways that they got caught a couple 146 00:04:38,960 --> 00:04:41,758 of times was they were just taking 147 00:04:40,160 --> 00:04:43,680 everything to try to get the 148 00:04:41,759 --> 00:04:45,360 infrastructure to work starting off as 149 00:04:43,680 --> 00:04:47,600 small as they could but building up as 150 00:04:45,360 --> 00:04:50,160 they needed to 151 00:04:47,600 --> 00:04:50,880 so to define tech deck i'm just going to 152 00:04:50,160 --> 00:04:54,400 say that it 153 00:04:50,880 --> 00:04:56,159 is and we're all guilty of this i was 154 00:04:54,400 --> 00:04:59,039 guilty of this as a ceo i 155 00:04:56,160 --> 00:05:00,240 you know i want to make a product and 156 00:04:59,040 --> 00:05:01,600 the first thing i want to do is get it 157 00:05:00,240 --> 00:05:03,520 in customer hands so i need something 158 00:05:01,600 --> 00:05:04,880 that's as close to mvp as possible and 159 00:05:03,520 --> 00:05:06,400 so i just want to get there as fast as i 160 00:05:04,880 --> 00:05:07,440 can and damn the torpedoes full speed 161 00:05:06,400 --> 00:05:08,719 ahead let's just go 162 00:05:07,440 --> 00:05:10,800 and get those features done so we're 163 00:05:08,720 --> 00:05:12,800 going to accept things for now 164 00:05:10,800 --> 00:05:14,080 we're going to accept things or ignore 165 00:05:12,800 --> 00:05:16,080 things and 166 00:05:14,080 --> 00:05:18,479 that is the infrastructural and 167 00:05:16,080 --> 00:05:20,479 configuration or or information security 168 00:05:18,479 --> 00:05:22,479 work that we delay 169 00:05:20,479 --> 00:05:23,758 to let us focus on what we think is 170 00:05:22,479 --> 00:05:25,599 important right to 171 00:05:23,759 --> 00:05:26,960 to get the thing that we're building in 172 00:05:25,600 --> 00:05:28,880 the hands of the people 173 00:05:26,960 --> 00:05:30,159 we want to use it so that we can bring 174 00:05:28,880 --> 00:05:31,360 in money so 175 00:05:30,160 --> 00:05:32,639 our revenue teams are our business 176 00:05:31,360 --> 00:05:33,840 people they're telling us what the 177 00:05:32,639 --> 00:05:36,639 customers want 178 00:05:33,840 --> 00:05:38,320 um and we're just moving ahead as fast 179 00:05:36,639 --> 00:05:39,919 as we can 180 00:05:38,320 --> 00:05:41,360 if you've spent any time in information 181 00:05:39,919 --> 00:05:43,039 security or in 182 00:05:41,360 --> 00:05:44,240 in information technology you know that 183 00:05:43,039 --> 00:05:45,440 nothing is more permanent than a 184 00:05:44,240 --> 00:05:48,479 temporary fix 185 00:05:45,440 --> 00:05:52,080 um and so a lot of these fixes that 186 00:05:48,479 --> 00:05:55,120 a lot of these things that we accept 187 00:05:52,080 --> 00:05:55,840 accumulate and you end up with this huge 188 00:05:55,120 --> 00:05:57,840 backlog 189 00:05:55,840 --> 00:05:59,599 of accumulation of technical debt and 190 00:05:57,840 --> 00:06:01,758 this is aggravated by 191 00:05:59,600 --> 00:06:02,880 the fact and it's just a fact that no 192 00:06:01,759 --> 00:06:03,759 matter how much you love our employees 193 00:06:02,880 --> 00:06:05,360 no matter how much we love our 194 00:06:03,759 --> 00:06:06,960 co-workers people leave people move on 195 00:06:05,360 --> 00:06:09,440 to different things people get fired 196 00:06:06,960 --> 00:06:11,039 uh people get sick and we try to do 197 00:06:09,440 --> 00:06:11,680 knowledge transfer we try to share the 198 00:06:11,039 --> 00:06:14,159 information 199 00:06:11,680 --> 00:06:15,280 that we that we have and no but we're 200 00:06:14,160 --> 00:06:16,479 when i'm doing that 201 00:06:15,280 --> 00:06:17,919 if i'm a developer or if i'm an 202 00:06:16,479 --> 00:06:19,199 application guy or i'm a business guy 203 00:06:17,919 --> 00:06:20,000 i'm talking about the stuff that works 204 00:06:19,199 --> 00:06:22,800 i'm talking about the stuff 205 00:06:20,000 --> 00:06:23,440 that i think is important and a lot of 206 00:06:22,800 --> 00:06:25,199 the 207 00:06:23,440 --> 00:06:27,199 compromises that i might have made along 208 00:06:25,199 --> 00:06:28,560 the way don't get knowledge transferred 209 00:06:27,199 --> 00:06:30,400 so it's very 210 00:06:28,560 --> 00:06:31,840 very common and i would say this all the 211 00:06:30,400 --> 00:06:34,000 time in incident response 212 00:06:31,840 --> 00:06:35,359 that you know i'm dealing with a team 213 00:06:34,000 --> 00:06:37,840 who inherited 214 00:06:35,360 --> 00:06:38,800 uh a group of a bunch of technology from 215 00:06:37,840 --> 00:06:40,638 a team 216 00:06:38,800 --> 00:06:42,000 who's no longer there and they inherited 217 00:06:40,639 --> 00:06:43,520 it from a team was no longer there and 218 00:06:42,000 --> 00:06:44,080 they inherited from teams so you've 219 00:06:43,520 --> 00:06:47,440 actually got 220 00:06:44,080 --> 00:06:49,520 no built-in cultural institutional 221 00:06:47,440 --> 00:06:50,080 knowledge of how your technology got 222 00:06:49,520 --> 00:06:52,400 there 223 00:06:50,080 --> 00:06:54,080 and so people start to just assume 224 00:06:52,400 --> 00:06:54,880 things about the bedrock on which 225 00:06:54,080 --> 00:06:57,120 they're working 226 00:06:54,880 --> 00:06:58,080 and if you don't stir it up and if you 227 00:06:57,120 --> 00:07:00,720 don't look 228 00:06:58,080 --> 00:07:01,359 to see whether those those assumptions 229 00:07:00,720 --> 00:07:04,080 are true 230 00:07:01,360 --> 00:07:05,360 you can get into some real trouble 231 00:07:04,080 --> 00:07:07,120 developers 232 00:07:05,360 --> 00:07:09,120 too and you'd think that developers are 233 00:07:07,120 --> 00:07:10,960 in the best position to 234 00:07:09,120 --> 00:07:13,120 uh to see these things and you know in 235 00:07:10,960 --> 00:07:15,680 some ways they are but the problem is 236 00:07:13,120 --> 00:07:17,280 developers sort of they like to see the 237 00:07:15,680 --> 00:07:18,000 the things that are working and make 238 00:07:17,280 --> 00:07:20,159 them better 239 00:07:18,000 --> 00:07:21,840 um and they're not really interested in 240 00:07:20,160 --> 00:07:23,199 the things that they haven't that they 241 00:07:21,840 --> 00:07:24,638 don't need to worry about because 242 00:07:23,199 --> 00:07:26,319 developers are constantly trying to push 243 00:07:24,639 --> 00:07:27,680 forward they're very creative people 244 00:07:26,319 --> 00:07:29,039 and they want to move forward and it's 245 00:07:27,680 --> 00:07:30,560 it's completely understandable that 246 00:07:29,039 --> 00:07:31,599 that's how they go so like if i think 247 00:07:30,560 --> 00:07:33,680 about 248 00:07:31,599 --> 00:07:34,800 you know and i've said this before in 249 00:07:33,680 --> 00:07:37,440 different places but 250 00:07:34,800 --> 00:07:38,319 you know developers business they're a 251 00:07:37,440 --> 00:07:40,080 lot like 252 00:07:38,319 --> 00:07:41,199 the the traffic cops they just want to 253 00:07:40,080 --> 00:07:42,560 keep things going let's just get 254 00:07:41,199 --> 00:07:44,160 everything going move as fast as you 255 00:07:42,560 --> 00:07:44,720 possibly can let's just get where we're 256 00:07:44,160 --> 00:07:47,280 going 257 00:07:44,720 --> 00:07:49,120 and everything will be okay and security 258 00:07:47,280 --> 00:07:50,080 people are much more like homicide 259 00:07:49,120 --> 00:07:53,199 investigators 260 00:07:50,080 --> 00:07:53,919 whoa let's just slow down and let me 261 00:07:53,199 --> 00:07:57,360 just ask 262 00:07:53,919 --> 00:07:59,280 a few questions now there's a natural 263 00:07:57,360 --> 00:08:00,879 tension that gets built between these 264 00:07:59,280 --> 00:08:02,799 two groups and that's great 265 00:08:00,879 --> 00:08:04,240 that that should be there the the 266 00:08:02,800 --> 00:08:05,039 problem is when one group is too 267 00:08:04,240 --> 00:08:06,800 powerful 268 00:08:05,039 --> 00:08:08,719 uh and and usually one group is too 269 00:08:06,800 --> 00:08:10,000 powerful because senior executives are 270 00:08:08,720 --> 00:08:12,000 not recognizing 271 00:08:10,000 --> 00:08:13,599 that you need that balance you need to 272 00:08:12,000 --> 00:08:14,800 be able to have 273 00:08:13,599 --> 00:08:16,878 really good and cordial and 274 00:08:14,800 --> 00:08:18,240 collaborative relationships across both 275 00:08:16,879 --> 00:08:19,360 groups so you don't want the security 276 00:08:18,240 --> 00:08:22,319 guy having too much 277 00:08:19,360 --> 00:08:22,960 input to the extent that they are dr 278 00:08:22,319 --> 00:08:24,240 know 279 00:08:22,960 --> 00:08:26,159 that you know security is where 280 00:08:24,240 --> 00:08:27,520 everything goes to die and they never 281 00:08:26,160 --> 00:08:28,560 want to do anything and they're just no 282 00:08:27,520 --> 00:08:30,159 fun at all 283 00:08:28,560 --> 00:08:31,440 because as soon as you get into that 284 00:08:30,160 --> 00:08:33,680 what will end up happening is your 285 00:08:31,440 --> 00:08:35,679 product 286 00:08:33,679 --> 00:08:37,519 um they'll just start to go around you 287 00:08:35,679 --> 00:08:38,958 and they'll just you'll end up with not 288 00:08:37,519 --> 00:08:40,479 not just technical debt but you'll also 289 00:08:38,958 --> 00:08:41,919 end up with shadow i.t you'll end up 290 00:08:40,479 --> 00:08:44,800 with a whole bunch of other things 291 00:08:41,919 --> 00:08:47,360 that are part and parcel of security 292 00:08:44,800 --> 00:08:50,240 having too much influence or security 293 00:08:47,360 --> 00:08:51,440 uh workers who don't understand what is 294 00:08:50,240 --> 00:08:52,640 trying to be created they don't 295 00:08:51,440 --> 00:08:54,000 understand the business and i know we 296 00:08:52,640 --> 00:08:55,199 always say you know hey we're security 297 00:08:54,000 --> 00:08:57,120 we should we should understand the 298 00:08:55,200 --> 00:09:00,240 business but a lot of us don't 299 00:08:57,120 --> 00:09:02,640 we're just focused on what you can't do 300 00:09:00,240 --> 00:09:04,480 um if you go the other way then the 301 00:09:02,640 --> 00:09:05,839 security guy gets kind of left out 302 00:09:04,480 --> 00:09:07,200 the developers are running the show and 303 00:09:05,839 --> 00:09:08,640 the security guy's just yelling until 304 00:09:07,200 --> 00:09:10,000 he's blue in the face 305 00:09:08,640 --> 00:09:11,760 and if you've got a security person with 306 00:09:10,000 --> 00:09:12,959 integrity they're going to leave and 307 00:09:11,760 --> 00:09:15,200 and you're going to keep going through 308 00:09:12,959 --> 00:09:16,160 people uh until you find somebody who 309 00:09:15,200 --> 00:09:17,200 isn't going to leave and then you're 310 00:09:16,160 --> 00:09:18,480 just going to have somebody who's 311 00:09:17,200 --> 00:09:21,440 basically powerless 312 00:09:18,480 --> 00:09:22,560 and that's not good either so finding 313 00:09:21,440 --> 00:09:24,399 that good balance between 314 00:09:22,560 --> 00:09:26,239 developers business and security is 315 00:09:24,399 --> 00:09:27,040 really important that's got to come from 316 00:09:26,240 --> 00:09:29,440 the top down 317 00:09:27,040 --> 00:09:31,839 it can't be um it can't be something 318 00:09:29,440 --> 00:09:33,120 that is imposed by just the security guy 319 00:09:31,839 --> 00:09:36,320 or mid-level management 320 00:09:33,120 --> 00:09:38,640 um excuse me bottom-up and top down or 321 00:09:36,320 --> 00:09:40,399 it fails ceo has to put his arm around 322 00:09:38,640 --> 00:09:42,720 the security guy and say yes this is 323 00:09:40,399 --> 00:09:45,040 this is what we're doing 324 00:09:42,720 --> 00:09:46,399 i heard this this morning we were 325 00:09:45,040 --> 00:09:48,880 watching a 326 00:09:46,399 --> 00:09:50,000 video interview of this uh he's a guy 327 00:09:48,880 --> 00:09:51,519 who makes tools by hand 328 00:09:50,000 --> 00:09:53,760 and everything and he had on carolyn 329 00:09:51,519 --> 00:09:54,640 baker who writes a bunch of books and 330 00:09:53,760 --> 00:09:56,160 and this 331 00:09:54,640 --> 00:09:58,800 quote about the death of uncertainty and 332 00:09:56,160 --> 00:10:00,959 the trauma in a torrent of trauma 333 00:09:58,800 --> 00:10:02,000 uh something that she was talking about 334 00:10:00,959 --> 00:10:04,079 uh 335 00:10:02,000 --> 00:10:05,200 the pandemic we all felt this when this 336 00:10:04,079 --> 00:10:08,239 happened and and 337 00:10:05,200 --> 00:10:10,640 i know that with technical debt 338 00:10:08,240 --> 00:10:12,160 that can happen too so when you've 339 00:10:10,640 --> 00:10:13,600 accumulated technical debt and you might 340 00:10:12,160 --> 00:10:15,120 not even notice it and everything seems 341 00:10:13,600 --> 00:10:15,360 like it's just humming along and you're 342 00:10:15,120 --> 00:10:16,399 all 343 00:10:15,360 --> 00:10:18,240 you know everything's right down the 344 00:10:16,399 --> 00:10:19,839 middle and all of a sudden you crash 345 00:10:18,240 --> 00:10:22,640 into a tree 346 00:10:19,839 --> 00:10:24,240 that phrase is perfect for the dynamic 347 00:10:22,640 --> 00:10:25,839 that happens in companies because people 348 00:10:24,240 --> 00:10:27,600 just get they really get stunned and 349 00:10:25,839 --> 00:10:28,880 they don't quite know where to go 350 00:10:27,600 --> 00:10:30,160 and they and they have to go back and 351 00:10:28,880 --> 00:10:31,439 start questioning things they've never 352 00:10:30,160 --> 00:10:33,439 actually questioned 353 00:10:31,440 --> 00:10:34,800 everything that they've counted on you 354 00:10:33,440 --> 00:10:36,000 know it's kind of like if your water 355 00:10:34,800 --> 00:10:37,599 gets turned off in your house it's 356 00:10:36,000 --> 00:10:38,720 really a surprise and i don't know if 357 00:10:37,600 --> 00:10:40,720 it's just happened to you but when it 358 00:10:38,720 --> 00:10:41,519 does it's really a shock or the internet 359 00:10:40,720 --> 00:10:44,560 goes out 360 00:10:41,519 --> 00:10:45,440 this stuff has all shifted that is the 361 00:10:44,560 --> 00:10:48,239 moment 362 00:10:45,440 --> 00:10:48,560 where it's really a you know come to 363 00:10:48,240 --> 00:10:50,800 your 364 00:10:48,560 --> 00:10:52,640 your day to hear moment where you 365 00:10:50,800 --> 00:10:54,640 suddenly are 366 00:10:52,640 --> 00:10:56,240 really rethinking everything about the 367 00:10:54,640 --> 00:10:57,920 decisions that you've made and i think 368 00:10:56,240 --> 00:10:58,880 it's pretty clear that you know we're on 369 00:10:57,920 --> 00:11:02,079 zoom right now 370 00:10:58,880 --> 00:11:05,519 we don't um we've seen that zoom 371 00:11:02,079 --> 00:11:06,800 like many many companies um 372 00:11:05,519 --> 00:11:08,640 had a product that they wanted to get 373 00:11:06,800 --> 00:11:10,959 out and what they wanted to do was end 374 00:11:08,640 --> 00:11:12,560 the horror and pain of webex they wanted 375 00:11:10,959 --> 00:11:13,199 to end the horror and pain of other 376 00:11:12,560 --> 00:11:15,680 video 377 00:11:13,200 --> 00:11:16,959 video stuff is terrible i love zoom i 378 00:11:15,680 --> 00:11:17,599 was just talking to my friend ian who i 379 00:11:16,959 --> 00:11:19,279 mentioned later 380 00:11:17,600 --> 00:11:20,880 and he was like i look better on zoom i 381 00:11:19,279 --> 00:11:21,839 sound better on zoom right zoom is 382 00:11:20,880 --> 00:11:24,320 awesome 383 00:11:21,839 --> 00:11:25,200 but they were so interested in getting 384 00:11:24,320 --> 00:11:28,000 all their stuff 385 00:11:25,200 --> 00:11:29,200 out there that they forgot about this 386 00:11:28,000 --> 00:11:31,120 basic 387 00:11:29,200 --> 00:11:32,560 this bedrock this this foundational 388 00:11:31,120 --> 00:11:34,880 stuff and 389 00:11:32,560 --> 00:11:36,160 it cost them dearly as soon as it became 390 00:11:34,880 --> 00:11:38,079 it went from 391 00:11:36,160 --> 00:11:39,760 something that was nice to have to an 392 00:11:38,079 --> 00:11:41,040 absolutely essential resource 393 00:11:39,760 --> 00:11:42,079 and that's when all the security people 394 00:11:41,040 --> 00:11:43,040 started playing with it that's when all 395 00:11:42,079 --> 00:11:44,479 the criminals started playing with it 396 00:11:43,040 --> 00:11:45,920 and suddenly it comes out that there's a 397 00:11:44,480 --> 00:11:47,680 lot of stuff shifting the ground has 398 00:11:45,920 --> 00:11:49,199 shifted underneath zoom's feet 399 00:11:47,680 --> 00:11:51,120 and you know i'll talk about a little 400 00:11:49,200 --> 00:11:52,560 bit about that later 401 00:11:51,120 --> 00:11:55,120 so if i think about a technical debt 402 00:11:52,560 --> 00:11:56,560 life cycle um you have a company that's 403 00:11:55,120 --> 00:11:57,680 got a great idea this is going to be 404 00:11:56,560 --> 00:11:59,680 awesome we're going to get into the 405 00:11:57,680 --> 00:12:01,199 hands of the customers and so you get 406 00:11:59,680 --> 00:12:01,519 something out there that's basically you 407 00:12:01,200 --> 00:12:03,200 know 408 00:12:01,519 --> 00:12:04,800 mvp or something and then there's a 409 00:12:03,200 --> 00:12:05,360 reaction and the customers always say 410 00:12:04,800 --> 00:12:06,479 the same thing 411 00:12:05,360 --> 00:12:09,200 well you know this is pretty good you 412 00:12:06,480 --> 00:12:11,519 know i like it um i get to do a few more 413 00:12:09,200 --> 00:12:12,880 things and when they say that 414 00:12:11,519 --> 00:12:13,920 of course the business is like oh of 415 00:12:12,880 --> 00:12:15,120 course we're going to do a few more 416 00:12:13,920 --> 00:12:16,240 things you know that's absolutely what 417 00:12:15,120 --> 00:12:18,079 we're going to do and so 418 00:12:16,240 --> 00:12:19,440 we start to make more and more of those 419 00:12:18,079 --> 00:12:20,560 compromises because they by the way they 420 00:12:19,440 --> 00:12:21,680 still haven't paid us right they're just 421 00:12:20,560 --> 00:12:22,880 we're just trying to get this in the 422 00:12:21,680 --> 00:12:24,479 hands so that they'll say it's great so 423 00:12:22,880 --> 00:12:26,079 that we can go to our other people 424 00:12:24,480 --> 00:12:27,760 and so like our business people like 425 00:12:26,079 --> 00:12:28,638 this is awesome keep going keep pushing 426 00:12:27,760 --> 00:12:31,519 keep pushing 427 00:12:28,639 --> 00:12:33,279 and then you eventually and absolutely 428 00:12:31,519 --> 00:12:36,320 without fail you'd get to a crash 429 00:12:33,279 --> 00:12:39,120 and wow we we just never thought that 430 00:12:36,320 --> 00:12:40,560 so you know that's that's the definition 431 00:12:39,120 --> 00:12:42,399 of technical debt i hope that uh 432 00:12:40,560 --> 00:12:44,479 everybody is is on the same page 433 00:12:42,399 --> 00:12:45,760 and you probably recognize a lot of the 434 00:12:44,480 --> 00:12:48,240 things about this 435 00:12:45,760 --> 00:12:49,920 um because as i said it's human nature 436 00:12:48,240 --> 00:12:51,600 to to accumulate technical debt 437 00:12:49,920 --> 00:12:53,360 uh it's it's actually not human nature 438 00:12:51,600 --> 00:12:56,480 to not do it it's 439 00:12:53,360 --> 00:12:59,760 actually really difficult to to to 440 00:12:56,480 --> 00:13:00,320 tune our minds to not build technical 441 00:12:59,760 --> 00:13:04,160 debt 442 00:13:00,320 --> 00:13:06,800 um and it it's not just in tech it's in 443 00:13:04,160 --> 00:13:08,000 everything you do so plowing ahead so 444 00:13:06,800 --> 00:13:09,439 what the hell do you do about it that's 445 00:13:08,000 --> 00:13:12,639 that's actually what i read 446 00:13:09,440 --> 00:13:15,360 um and i'm sorry it's boring 447 00:13:12,639 --> 00:13:16,320 this is actually the very boring bit 448 00:13:15,360 --> 00:13:19,200 about 449 00:13:16,320 --> 00:13:20,480 what you have to do because the only way 450 00:13:19,200 --> 00:13:21,279 to deal with tech debt is to look for 451 00:13:20,480 --> 00:13:23,680 tech debt 452 00:13:21,279 --> 00:13:24,800 and if you're not looking for it you're 453 00:13:23,680 --> 00:13:25,839 just not going to find it you're not 454 00:13:24,800 --> 00:13:28,719 going to see it until it 455 00:13:25,839 --> 00:13:30,480 until it finds you so um you need the 456 00:13:28,720 --> 00:13:31,920 smartest people in your organization 457 00:13:30,480 --> 00:13:33,600 the smartest people on your teams you 458 00:13:31,920 --> 00:13:37,120 need to get together and 459 00:13:33,600 --> 00:13:39,360 you have to gain the executive authority 460 00:13:37,120 --> 00:13:41,040 to actually do this and take time out of 461 00:13:39,360 --> 00:13:42,320 all the things that are on your sprint 462 00:13:41,040 --> 00:13:42,959 list all the things that you're supposed 463 00:13:42,320 --> 00:13:44,639 to be doing 464 00:13:42,959 --> 00:13:46,399 and say no we're going to actually spend 465 00:13:44,639 --> 00:13:47,839 some time and we're going to be looking 466 00:13:46,399 --> 00:13:49,519 at this because we need to understand 467 00:13:47,839 --> 00:13:50,160 where we are and just just get a level 468 00:13:49,519 --> 00:13:52,079 set 469 00:13:50,160 --> 00:13:53,680 of what is the reality in our 470 00:13:52,079 --> 00:13:55,519 organization how 471 00:13:53,680 --> 00:13:57,519 good are we how bad are we what are the 472 00:13:55,519 --> 00:13:59,199 deltas between how good we think we are 473 00:13:57,519 --> 00:14:00,720 and how bad we actually are 474 00:13:59,199 --> 00:14:02,319 or how good we think we are and how 475 00:14:00,720 --> 00:14:03,760 great we actually are whatever it is you 476 00:14:02,320 --> 00:14:07,120 need to know what that is 477 00:14:03,760 --> 00:14:10,000 um i like to go across the different 478 00:14:07,120 --> 00:14:10,959 um teams and find maybe some you know 479 00:14:10,000 --> 00:14:12,639 there's some obvious people like 480 00:14:10,959 --> 00:14:13,760 engineering managers security managers 481 00:14:12,639 --> 00:14:15,519 people like that but there's also some 482 00:14:13,760 --> 00:14:16,959 non-obvious people in in almost every 483 00:14:15,519 --> 00:14:18,399 company in almost every group 484 00:14:16,959 --> 00:14:19,439 there's a guy who everybody goes to 485 00:14:18,399 --> 00:14:20,560 because he knows where their bodies are 486 00:14:19,440 --> 00:14:23,519 very there's a guy 487 00:14:20,560 --> 00:14:25,439 or or a woman who knows where all the 488 00:14:23,519 --> 00:14:28,399 decisions that have been made over time 489 00:14:25,440 --> 00:14:30,000 they're the person people seek out when 490 00:14:28,399 --> 00:14:31,680 they need to fix something 491 00:14:30,000 --> 00:14:33,600 personal like they just bought a new 492 00:14:31,680 --> 00:14:34,880 watch that is really complicated and 493 00:14:33,600 --> 00:14:36,399 they'll go to this person right that's 494 00:14:34,880 --> 00:14:37,199 the person you want helping you find 495 00:14:36,399 --> 00:14:39,440 tech debt 496 00:14:37,199 --> 00:14:40,880 um you want the person who actually 497 00:14:39,440 --> 00:14:42,160 thinks that this stuff is cool not 498 00:14:40,880 --> 00:14:43,279 because it's security or not because 499 00:14:42,160 --> 00:14:44,399 it's development but because it's 500 00:14:43,279 --> 00:14:47,120 interesting 501 00:14:44,399 --> 00:14:48,160 get down that's really important in the 502 00:14:47,120 --> 00:14:49,519 beginning 503 00:14:48,160 --> 00:14:51,360 you're looking for low hanging fruit 504 00:14:49,519 --> 00:14:53,839 you've got to start somewhere um 505 00:14:51,360 --> 00:14:54,800 you know when you're eating an elephant 506 00:14:53,839 --> 00:14:57,040 you should just 507 00:14:54,800 --> 00:14:58,240 start with the first bite um start with 508 00:14:57,040 --> 00:14:59,599 the low-hanging fruit 509 00:14:58,240 --> 00:15:01,600 look at the scans that you have of 510 00:14:59,600 --> 00:15:03,120 things that are public get scans of 511 00:15:01,600 --> 00:15:04,720 things that are public this should not 512 00:15:03,120 --> 00:15:05,760 cost you any money you should be able to 513 00:15:04,720 --> 00:15:08,160 find this 514 00:15:05,760 --> 00:15:09,120 actually at almost no cost right but 515 00:15:08,160 --> 00:15:10,959 take a look at 516 00:15:09,120 --> 00:15:13,760 what's showing up like are you actually 517 00:15:10,959 --> 00:15:15,599 allowing stuff to go out uh using ssl 518 00:15:13,760 --> 00:15:17,279 version three i mean i hope it's not 519 00:15:15,600 --> 00:15:19,120 this any older than that 520 00:15:17,279 --> 00:15:20,399 um are you still a tls one like just 521 00:15:19,120 --> 00:15:22,079 find out make a catalog 522 00:15:20,399 --> 00:15:23,360 show what it is that's facing forward 523 00:15:22,079 --> 00:15:24,560 and this is how they talk and this is 524 00:15:23,360 --> 00:15:27,120 what they do 525 00:15:24,560 --> 00:15:28,399 do this absolutely everywhere um what do 526 00:15:27,120 --> 00:15:30,160 all your domains look like 527 00:15:28,399 --> 00:15:31,600 how many domains do you have who holds 528 00:15:30,160 --> 00:15:33,199 your domains where do you 529 00:15:31,600 --> 00:15:34,800 uh you know where do you register them 530 00:15:33,199 --> 00:15:36,479 and who has the registry of domains and 531 00:15:34,800 --> 00:15:37,439 who's making sure that that those things 532 00:15:36,480 --> 00:15:39,360 are all done 533 00:15:37,440 --> 00:15:41,759 uh correctly are you spending too much 534 00:15:39,360 --> 00:15:43,279 money there is that is that tech debt uh 535 00:15:41,759 --> 00:15:44,560 just just the simple way right some of 536 00:15:43,279 --> 00:15:45,279 them at godaddy and some of them are at 537 00:15:44,560 --> 00:15:47,279 google 538 00:15:45,279 --> 00:15:48,880 or do you actually have a plan so figure 539 00:15:47,279 --> 00:15:50,720 that out and write that down 540 00:15:48,880 --> 00:15:52,000 what do i p intelligence firms think 541 00:15:50,720 --> 00:15:53,759 about you how do you look to the 542 00:15:52,000 --> 00:15:56,240 security community do you show up 543 00:15:53,759 --> 00:15:57,839 in uh in threat feeds do you show up in 544 00:15:56,240 --> 00:15:59,839 different places right this is 545 00:15:57,839 --> 00:16:01,279 really really low hanging fruit and it's 546 00:15:59,839 --> 00:16:02,720 just the first way to go this will take 547 00:16:01,279 --> 00:16:05,759 you some time 548 00:16:02,720 --> 00:16:07,360 to to get to now 549 00:16:05,759 --> 00:16:09,759 the best thing to do is take a look at 550 00:16:07,360 --> 00:16:12,880 the work that you've already done 551 00:16:09,759 --> 00:16:14,399 um strictly in security right so you've 552 00:16:12,880 --> 00:16:15,279 probably done external pinterest you've 553 00:16:14,399 --> 00:16:17,759 probably done 554 00:16:15,279 --> 00:16:18,959 maybe even some internal pen tests go 555 00:16:17,759 --> 00:16:20,320 back and take a look at all the pen 556 00:16:18,959 --> 00:16:21,040 tests you can find over the last couple 557 00:16:20,320 --> 00:16:24,079 of years 558 00:16:21,040 --> 00:16:27,120 and start to look not just 559 00:16:24,079 --> 00:16:28,239 at um do the same things keep coming up 560 00:16:27,120 --> 00:16:30,000 in pen tests that's 561 00:16:28,240 --> 00:16:31,360 you know obviously something to think 562 00:16:30,000 --> 00:16:34,639 about 563 00:16:31,360 --> 00:16:36,079 but when you get the findings 564 00:16:34,639 --> 00:16:37,839 have you made tickets for each one of 565 00:16:36,079 --> 00:16:38,800 those those findings and have you 566 00:16:37,839 --> 00:16:40,800 actually 567 00:16:38,800 --> 00:16:43,040 remediated all those tickets and if not 568 00:16:40,800 --> 00:16:45,599 why not and you know are they still open 569 00:16:43,040 --> 00:16:46,639 um did did you declare ticket bankruptcy 570 00:16:45,600 --> 00:16:47,839 and you just got rid of it because it 571 00:16:46,639 --> 00:16:49,920 was too hard 572 00:16:47,839 --> 00:16:51,199 that's by the way if you had to declare 573 00:16:49,920 --> 00:16:54,479 a ticket bankruptcy 574 00:16:51,199 --> 00:16:55,920 that is an absolutely like first rate 575 00:16:54,480 --> 00:16:57,920 indicator that you've got 576 00:16:55,920 --> 00:16:59,279 more tech more tech debt than you can 577 00:16:57,920 --> 00:17:01,040 handle um if 578 00:16:59,279 --> 00:17:03,199 you start to see across a number of 579 00:17:01,040 --> 00:17:06,000 different projects that that 580 00:17:03,199 --> 00:17:06,240 new things get abandoned because they 581 00:17:06,000 --> 00:17:07,520 are 582 00:17:06,240 --> 00:17:10,160 really hard because there's all these 583 00:17:07,520 --> 00:17:10,799 blockers fantastic indicator that you've 584 00:17:10,160 --> 00:17:12,720 got 585 00:17:10,799 --> 00:17:13,918 that is blocking your way and you're 586 00:17:12,720 --> 00:17:16,799 gonna have to deal with it 587 00:17:13,919 --> 00:17:18,799 um what do the findings are what they 588 00:17:16,799 --> 00:17:20,400 tell you about the kinds of bugs 589 00:17:18,799 --> 00:17:21,679 that testers continually service they 590 00:17:20,400 --> 00:17:22,959 might be a little bit different but if 591 00:17:21,679 --> 00:17:24,480 they're all of the same 592 00:17:22,959 --> 00:17:26,480 ilk and just to make it really simple 593 00:17:24,480 --> 00:17:28,559 you know if it's cross-site scripting 594 00:17:26,480 --> 00:17:30,559 why is that why does that keep on happen 595 00:17:28,559 --> 00:17:31,520 um and that can go back to a bunch of 596 00:17:30,559 --> 00:17:32,080 different things like testing and 597 00:17:31,520 --> 00:17:33,760 training 598 00:17:32,080 --> 00:17:35,199 it can go back and and by the way if 599 00:17:33,760 --> 00:17:37,840 you're getting back into that and you're 600 00:17:35,200 --> 00:17:39,120 starting to look into code repos then 601 00:17:37,840 --> 00:17:41,120 all these things will end up with 602 00:17:39,120 --> 00:17:42,239 different rabbit holes you know the the 603 00:17:41,120 --> 00:17:44,080 next thing that i wanted 604 00:17:42,240 --> 00:17:45,600 that i'll probably want to dig into and 605 00:17:44,080 --> 00:17:46,320 these things will just pop out at you 606 00:17:45,600 --> 00:17:47,678 right is 607 00:17:46,320 --> 00:17:49,280 well if i'm not looking at my code and 608 00:17:47,679 --> 00:17:50,799 i'm not testing my code am i burying 609 00:17:49,280 --> 00:17:53,440 static credentials in my code 610 00:17:50,799 --> 00:17:55,440 um ask the question uh if you're not 611 00:17:53,440 --> 00:17:57,120 looking for it github is 612 00:17:55,440 --> 00:17:58,720 giving us a bunch of help but a lot of 613 00:17:57,120 --> 00:18:01,840 times you'll find things in there 614 00:17:58,720 --> 00:18:03,760 um and you know 615 00:18:01,840 --> 00:18:05,360 tech debt be gets tech debt so the first 616 00:18:03,760 --> 00:18:06,480 thing you really want to do is find out 617 00:18:05,360 --> 00:18:07,840 what you got and then just keep 618 00:18:06,480 --> 00:18:08,960 following the holes until you're at the 619 00:18:07,840 --> 00:18:10,879 end 620 00:18:08,960 --> 00:18:12,240 it's the same thing with vulnerability 621 00:18:10,880 --> 00:18:14,799 scans right um 622 00:18:12,240 --> 00:18:15,760 look for the patterns they will pop out 623 00:18:14,799 --> 00:18:18,000 um 624 00:18:15,760 --> 00:18:19,679 and and it isn't i don't want to get you 625 00:18:18,000 --> 00:18:21,360 know wrapped around the axle about the 626 00:18:19,679 --> 00:18:21,600 fact you know you've got 1900 criticals 627 00:18:21,360 --> 00:18:23,280 and 628 00:18:21,600 --> 00:18:24,639 they're high and critical and it's 629 00:18:23,280 --> 00:18:26,639 really terrible 630 00:18:24,640 --> 00:18:28,000 i'm actually more interested in whether 631 00:18:26,640 --> 00:18:28,720 you understand whether your people 632 00:18:28,000 --> 00:18:30,720 understand 633 00:18:28,720 --> 00:18:32,000 why you haven't patched because if you 634 00:18:30,720 --> 00:18:32,559 if there is a process where you've just 635 00:18:32,000 --> 00:18:33,600 said okay 636 00:18:32,559 --> 00:18:35,120 you know those are critical but they're 637 00:18:33,600 --> 00:18:37,039 actually just like that that's 638 00:18:35,120 --> 00:18:39,439 not anything that we really care about 639 00:18:37,039 --> 00:18:40,640 um you know tenable thinks it's critical 640 00:18:39,440 --> 00:18:42,960 but we don't think it's critical because 641 00:18:40,640 --> 00:18:45,360 of x y and z that's totally fine that's 642 00:18:42,960 --> 00:18:46,880 that's really good actually um but if 643 00:18:45,360 --> 00:18:47,840 you have accepted it because it hurts 644 00:18:46,880 --> 00:18:49,520 your head 645 00:18:47,840 --> 00:18:51,199 to think about all the different tickets 646 00:18:49,520 --> 00:18:54,240 that you would have to fill 647 00:18:51,200 --> 00:18:55,679 and and answer and and get done and all 648 00:18:54,240 --> 00:18:56,080 the sprints that it would take just to 649 00:18:55,679 --> 00:18:57,760 stop 650 00:18:56,080 --> 00:18:59,439 blocking the thing that's that's 651 00:18:57,760 --> 00:19:02,400 preventing you from 652 00:18:59,440 --> 00:19:03,280 um from from patching those systems 653 00:19:02,400 --> 00:19:05,520 that's 654 00:19:03,280 --> 00:19:06,799 huge in terms of finding technique it's 655 00:19:05,520 --> 00:19:08,000 just not okay right if you're 656 00:19:06,799 --> 00:19:11,840 if you can't write it all up in one 657 00:19:08,000 --> 00:19:11,840 ticket that's a big problem 658 00:19:13,200 --> 00:19:16,480 once you've done that the next step is 659 00:19:15,520 --> 00:19:19,600 to look at 660 00:19:16,480 --> 00:19:22,000 the processes of logging 661 00:19:19,600 --> 00:19:24,959 and disaster recovery your questions 662 00:19:22,000 --> 00:19:27,039 here are really just over and over 663 00:19:24,960 --> 00:19:28,240 can i can i do what i think what's the 664 00:19:27,039 --> 00:19:29,840 difference between what i think i can do 665 00:19:28,240 --> 00:19:32,000 and what i can actually do 666 00:19:29,840 --> 00:19:33,439 and why and and you just have to keep 667 00:19:32,000 --> 00:19:35,600 asking those questions 668 00:19:33,440 --> 00:19:36,880 um the very first thing to do is find 669 00:19:35,600 --> 00:19:37,678 out what you promise other people that 670 00:19:36,880 --> 00:19:40,080 you do 671 00:19:37,679 --> 00:19:42,160 and it's it's never you know it's never 672 00:19:40,080 --> 00:19:43,280 fun but 673 00:19:42,160 --> 00:19:44,559 sit down with the business sit down with 674 00:19:43,280 --> 00:19:45,360 legal sit down take a look at what 675 00:19:44,559 --> 00:19:47,520 you've said you do 676 00:19:45,360 --> 00:19:49,039 um maybe maybe you've promised people 677 00:19:47,520 --> 00:19:49,918 something or even worse you've attested 678 00:19:49,039 --> 00:19:52,559 to something 679 00:19:49,919 --> 00:19:54,000 um and just have a good understanding as 680 00:19:52,559 --> 00:19:56,160 you go in and look at this 681 00:19:54,000 --> 00:19:57,120 about what your promises have been and 682 00:19:56,160 --> 00:19:58,960 then 683 00:19:57,120 --> 00:20:00,159 the questions that you're asking are am 684 00:19:58,960 --> 00:20:03,440 i am i logging when i 685 00:20:00,160 --> 00:20:05,039 think i'm logged i'm really sure um 686 00:20:03,440 --> 00:20:06,480 the best way to do this is through use 687 00:20:05,039 --> 00:20:08,080 cases and 688 00:20:06,480 --> 00:20:10,320 you know i it doesn't matter what you do 689 00:20:08,080 --> 00:20:13,280 for a living you know if you if you have 690 00:20:10,320 --> 00:20:14,720 a an ecommerce site then it's all right 691 00:20:13,280 --> 00:20:17,120 uh customer comes on 692 00:20:14,720 --> 00:20:18,400 they sign in they browse they pick three 693 00:20:17,120 --> 00:20:19,039 items they put them in their shopping 694 00:20:18,400 --> 00:20:22,000 cart 695 00:20:19,039 --> 00:20:24,400 they pay their credit card comes back as 696 00:20:22,000 --> 00:20:27,360 not good they put in another credit card 697 00:20:24,400 --> 00:20:27,840 they pay it's successful we send out the 698 00:20:27,360 --> 00:20:30,000 email 699 00:20:27,840 --> 00:20:31,039 okay show me the logs for that entire 700 00:20:30,000 --> 00:20:33,600 experience what 701 00:20:31,039 --> 00:20:34,320 is missing from that entire experience 702 00:20:33,600 --> 00:20:35,678 and 703 00:20:34,320 --> 00:20:37,439 it's fine whatever it is is missing is 704 00:20:35,679 --> 00:20:38,720 missing you just have to know it um 705 00:20:37,440 --> 00:20:39,679 and and you know if you're if you're in 706 00:20:38,720 --> 00:20:41,440 a bank obviously it's going to be 707 00:20:39,679 --> 00:20:43,520 different every business is different 708 00:20:41,440 --> 00:20:44,480 but what you want to do is find real use 709 00:20:43,520 --> 00:20:46,480 cases that are 710 00:20:44,480 --> 00:20:47,679 simple just dead simple like this is 711 00:20:46,480 --> 00:20:50,400 what we do 712 00:20:47,679 --> 00:20:51,120 every day and run through and see if you 713 00:20:50,400 --> 00:20:53,679 can 714 00:20:51,120 --> 00:20:54,639 find that process in your logs and find 715 00:20:53,679 --> 00:20:55,919 the black holes there's going to be 716 00:20:54,640 --> 00:20:56,400 black holes there's always black holes 717 00:20:55,919 --> 00:20:57,840 but just 718 00:20:56,400 --> 00:21:00,000 find out what they are identify them and 719 00:20:57,840 --> 00:21:02,320 then think about what you want to do 720 00:21:00,000 --> 00:21:03,679 um you know are you looking at dns are 721 00:21:02,320 --> 00:21:05,039 you looking at off logs for everything 722 00:21:03,679 --> 00:21:06,720 can you do it for certain dates and 723 00:21:05,039 --> 00:21:07,760 times if not why not those are the 724 00:21:06,720 --> 00:21:11,200 questions 725 00:21:07,760 --> 00:21:13,280 um however long you're retaining logs 726 00:21:11,200 --> 00:21:14,559 it's not really the retention period 727 00:21:13,280 --> 00:21:16,399 is not really that important unless 728 00:21:14,559 --> 00:21:18,000 you're regulated if you're regulated are 729 00:21:16,400 --> 00:21:20,080 you really doing it for 730 00:21:18,000 --> 00:21:21,280 all of them but give yourself realistic 731 00:21:20,080 --> 00:21:23,439 use cases um 732 00:21:21,280 --> 00:21:25,440 you know if you keep 30 days and sort of 733 00:21:23,440 --> 00:21:27,520 live stuff go back 27 days and see if 734 00:21:25,440 --> 00:21:29,760 you can actually do what i just said 735 00:21:27,520 --> 00:21:31,039 and if not find out why but figure out 736 00:21:29,760 --> 00:21:31,760 what's what's the delta between your 737 00:21:31,039 --> 00:21:34,879 expectation 738 00:21:31,760 --> 00:21:34,879 and the on the ground truth 739 00:21:35,200 --> 00:21:40,240 failover tests are really telling 740 00:21:39,039 --> 00:21:42,240 those are the ones that everybody hates 741 00:21:40,240 --> 00:21:44,480 to do because they're hard and they're 742 00:21:42,240 --> 00:21:45,600 they're terrible and things can go wrong 743 00:21:44,480 --> 00:21:48,640 and it's 744 00:21:45,600 --> 00:21:50,320 you know it's awful but um think you 745 00:21:48,640 --> 00:21:52,720 want to look at failover tests 746 00:21:50,320 --> 00:21:53,360 less being about compliance or your 747 00:21:52,720 --> 00:21:55,039 annual 748 00:21:53,360 --> 00:21:56,559 attestation that you've done and more 749 00:21:55,039 --> 00:21:58,158 about 750 00:21:56,559 --> 00:21:59,840 right you know if you get hit by 751 00:21:58,159 --> 00:22:02,000 ransomware tomorrow what would happen 752 00:21:59,840 --> 00:22:03,760 and what would you what's the situation 753 00:22:02,000 --> 00:22:07,280 that you'd be in and why and start to 754 00:22:03,760 --> 00:22:08,320 to catalog why and the issues of your 755 00:22:07,280 --> 00:22:11,120 last dr 756 00:22:08,320 --> 00:22:12,320 failover test are this is a gold mine 757 00:22:11,120 --> 00:22:13,840 and this is it's a 758 00:22:12,320 --> 00:22:15,918 deep and rich gold mine and this is 759 00:22:13,840 --> 00:22:19,280 going to give you months of work 760 00:22:15,919 --> 00:22:20,400 to try to figure out what is going on 761 00:22:19,280 --> 00:22:21,840 and why it isn't 762 00:22:20,400 --> 00:22:23,679 where you think it should be because it 763 00:22:21,840 --> 00:22:25,120 almost never is um i was just talking to 764 00:22:23,679 --> 00:22:26,320 my friend ian he's at simpress and he 765 00:22:25,120 --> 00:22:26,799 was telling me that reed hastings would 766 00:22:26,320 --> 00:22:29,678 go 767 00:22:26,799 --> 00:22:30,240 through the data centers um you know 768 00:22:29,679 --> 00:22:32,559 watching 769 00:22:30,240 --> 00:22:34,320 netflix on a mobile phone and like just 770 00:22:32,559 --> 00:22:35,200 yanking out arbitrary cables to see what 771 00:22:34,320 --> 00:22:37,280 happens and 772 00:22:35,200 --> 00:22:39,039 i don't care if it's true it's a great 773 00:22:37,280 --> 00:22:42,240 story it's not where any of us 774 00:22:39,039 --> 00:22:44,158 are um but it's a tremendously fantastic 775 00:22:42,240 --> 00:22:45,600 place to be in terms of resilience 776 00:22:44,159 --> 00:22:46,720 and if you can get there with resilience 777 00:22:45,600 --> 00:22:48,080 or if you can think about that's where 778 00:22:46,720 --> 00:22:49,039 you want to get with resilience those 779 00:22:48,080 --> 00:22:50,879 questions i just 780 00:22:49,039 --> 00:22:52,080 just put out there right that's that's 781 00:22:50,880 --> 00:22:54,000 how you get there 782 00:22:52,080 --> 00:22:55,760 you never take anything for granted and 783 00:22:54,000 --> 00:22:58,799 you always understand 784 00:22:55,760 --> 00:23:01,520 the reality of where you are and that's 785 00:22:58,799 --> 00:23:01,520 really critical 786 00:23:02,080 --> 00:23:05,120 when the customer sends you the 787 00:23:03,600 --> 00:23:06,158 spreadsheet because their procurement 788 00:23:05,120 --> 00:23:08,080 weasels have 789 00:23:06,159 --> 00:23:09,520 decided that they don't understand what 790 00:23:08,080 --> 00:23:11,280 you have and they send you the million 791 00:23:09,520 --> 00:23:13,360 questions spreadsheet from hell 792 00:23:11,280 --> 00:23:15,440 it's a good thing it's a better thing if 793 00:23:13,360 --> 00:23:17,439 you do this yourself 794 00:23:15,440 --> 00:23:19,120 and so if you haven't gone to vsa the 795 00:23:17,440 --> 00:23:20,880 vendor security alliance and downloaded 796 00:23:19,120 --> 00:23:22,879 their i think it's like 100 questions 797 00:23:20,880 --> 00:23:24,480 they have a full and a core i think the 798 00:23:22,880 --> 00:23:25,600 core is like 80 questions in full maybe 799 00:23:24,480 --> 00:23:27,440 120 questions 800 00:23:25,600 --> 00:23:29,039 it's all the questions that anybody who 801 00:23:27,440 --> 00:23:30,320 wants to deal with third party risk is 802 00:23:29,039 --> 00:23:32,559 going to be asking 803 00:23:30,320 --> 00:23:34,240 and they're very very straightforward 804 00:23:32,559 --> 00:23:35,840 and most of the answers are binary do 805 00:23:34,240 --> 00:23:36,320 you do this yes or no do you do this yes 806 00:23:35,840 --> 00:23:37,678 or no 807 00:23:36,320 --> 00:23:40,720 if you don't do it are there any 808 00:23:37,679 --> 00:23:43,039 compensated controls if so list them 809 00:23:40,720 --> 00:23:44,880 going through that and taking the time 810 00:23:43,039 --> 00:23:47,120 to do it it should it should 811 00:23:44,880 --> 00:23:48,880 the fastest i've seen it is six hours uh 812 00:23:47,120 --> 00:23:50,158 the longest i've seen or 813 00:23:48,880 --> 00:23:52,400 normally what i get is like it takes 814 00:23:50,159 --> 00:23:54,880 people about a week to go through this 815 00:23:52,400 --> 00:23:56,159 these questions are because they're 816 00:23:54,880 --> 00:23:57,440 critical importance to your customers 817 00:23:56,159 --> 00:23:58,000 they're they're of critical importance 818 00:23:57,440 --> 00:24:00,000 to you 819 00:23:58,000 --> 00:24:01,039 it's a really great reality check it's 820 00:24:00,000 --> 00:24:04,159 also really good 821 00:24:01,039 --> 00:24:05,760 to have it on hand to give to business 822 00:24:04,159 --> 00:24:07,360 development people sales people 823 00:24:05,760 --> 00:24:09,120 and say the first time you have a 824 00:24:07,360 --> 00:24:11,439 meeting with your customer and 825 00:24:09,120 --> 00:24:13,678 it looks like they're asking you for a 826 00:24:11,440 --> 00:24:15,520 trial or it might go to contract 827 00:24:13,679 --> 00:24:16,799 give them this give them our spreadsheet 828 00:24:15,520 --> 00:24:19,279 give them our 829 00:24:16,799 --> 00:24:20,960 documentation about our security let let 830 00:24:19,279 --> 00:24:22,400 their procurement weasel see that we 831 00:24:20,960 --> 00:24:23,679 actually care about this 832 00:24:22,400 --> 00:24:24,880 and now they're going to look at you a 833 00:24:23,679 --> 00:24:26,159 little bit differently and they're not 834 00:24:24,880 --> 00:24:29,039 going to feel like they have to 835 00:24:26,159 --> 00:24:29,600 you know eke everything out from you um 836 00:24:29,039 --> 00:24:31,360 so 837 00:24:29,600 --> 00:24:32,959 there's there's no real prize that's 838 00:24:31,360 --> 00:24:34,158 that's about as much of a prize as that 839 00:24:32,960 --> 00:24:35,279 you'll get for filling in those 840 00:24:34,159 --> 00:24:37,120 spreadsheets 841 00:24:35,279 --> 00:24:38,880 there's a huge penalty for being wrong 842 00:24:37,120 --> 00:24:39,678 right because that question that i asked 843 00:24:38,880 --> 00:24:42,799 about 844 00:24:39,679 --> 00:24:44,559 ssl or tls that's going to be in there 845 00:24:42,799 --> 00:24:45,918 and and so answering that spreadsheet 846 00:24:44,559 --> 00:24:46,480 will give you a lot of the answers and 847 00:24:45,919 --> 00:24:50,080 it's just 848 00:24:46,480 --> 00:24:50,080 fantastic for finding tech debt 849 00:24:51,440 --> 00:24:54,559 just doing the steps that i've said and 850 00:24:53,200 --> 00:24:56,000 you know i only have half an hour so 851 00:24:54,559 --> 00:24:58,240 just doing those steps will take 852 00:24:56,000 --> 00:24:59,840 most people four to six months to 853 00:24:58,240 --> 00:25:01,039 actually flesh those out if you've never 854 00:24:59,840 --> 00:25:02,879 done this before 855 00:25:01,039 --> 00:25:04,640 um i know that many of these might seem 856 00:25:02,880 --> 00:25:05,679 obvious and if you're in a sophisticated 857 00:25:04,640 --> 00:25:07,039 organization 858 00:25:05,679 --> 00:25:09,520 you know you've probably done a lot of 859 00:25:07,039 --> 00:25:11,200 these things um i have been in 860 00:25:09,520 --> 00:25:12,320 very large organizations that haven't 861 00:25:11,200 --> 00:25:13,520 done this i've been in very small 862 00:25:12,320 --> 00:25:16,080 organizations and have right 863 00:25:13,520 --> 00:25:18,000 um when i've gone into incident response 864 00:25:16,080 --> 00:25:20,158 uh over the years 865 00:25:18,000 --> 00:25:21,600 almost every single incident response 866 00:25:20,159 --> 00:25:24,640 i've ever done was 867 00:25:21,600 --> 00:25:26,959 a a byproduct of of some 868 00:25:24,640 --> 00:25:28,000 kind of tech debt that i just that would 869 00:25:26,960 --> 00:25:29,760 have been called by 870 00:25:28,000 --> 00:25:31,279 those things and again it goes from very 871 00:25:29,760 --> 00:25:31,840 very large companies to very small 872 00:25:31,279 --> 00:25:33,360 companies 873 00:25:31,840 --> 00:25:35,039 it doesn't make a difference it's this 874 00:25:33,360 --> 00:25:36,080 stuff is hard so people don't like doing 875 00:25:35,039 --> 00:25:38,240 it 876 00:25:36,080 --> 00:25:39,600 um i want to touch a little bit on cloud 877 00:25:38,240 --> 00:25:41,360 configuration because 878 00:25:39,600 --> 00:25:43,439 um it's a vague concept everybody's 879 00:25:41,360 --> 00:25:44,799 multi-cloud i don't know what your cloud 880 00:25:43,440 --> 00:25:45,520 is some people do lift and shift some 881 00:25:44,799 --> 00:25:48,000 people are 882 00:25:45,520 --> 00:25:49,360 completely infrastructure as code we are 883 00:25:48,000 --> 00:25:50,960 wherever you are in there 884 00:25:49,360 --> 00:25:52,959 um you're still probably going to have 885 00:25:50,960 --> 00:25:55,840 some technical debt 886 00:25:52,960 --> 00:25:56,640 um the most important question just just 887 00:25:55,840 --> 00:25:59,678 from a 888 00:25:56,640 --> 00:26:01,039 a theoretical perspective is how are 889 00:25:59,679 --> 00:26:02,240 your whatever it is that you're running 890 00:26:01,039 --> 00:26:03,760 how are they configured 891 00:26:02,240 --> 00:26:05,360 uh and are you doing it against a 892 00:26:03,760 --> 00:26:07,120 baseline and 893 00:26:05,360 --> 00:26:09,199 what's the reality on the ground so 894 00:26:07,120 --> 00:26:12,399 however many you have 895 00:26:09,200 --> 00:26:13,120 um and is it meeting the expectations of 896 00:26:12,400 --> 00:26:15,440 your baseline 897 00:26:13,120 --> 00:26:16,799 and you and if you haven't done this 898 00:26:15,440 --> 00:26:18,320 first thing monday go out and get either 899 00:26:16,799 --> 00:26:19,200 scout suite which is free or cloud 900 00:26:18,320 --> 00:26:21,360 conformity which 901 00:26:19,200 --> 00:26:23,120 got bought by train micro uh get the i 902 00:26:21,360 --> 00:26:24,959 think they have a free trial 903 00:26:23,120 --> 00:26:26,719 run it just run it and it will dump it 904 00:26:24,960 --> 00:26:28,480 out really really fast it is the most 905 00:26:26,720 --> 00:26:30,080 eye-opening breathtaking thing you'll 906 00:26:28,480 --> 00:26:32,000 ever see because it'll show you any 907 00:26:30,080 --> 00:26:33,678 everything in your cloud environment 908 00:26:32,000 --> 00:26:35,039 and how it's configured and it'll be set 909 00:26:33,679 --> 00:26:35,440 it'll it'll sit there and tell you you 910 00:26:35,039 --> 00:26:37,600 know 911 00:26:35,440 --> 00:26:39,200 41 of your snapshots are not encrypted 912 00:26:37,600 --> 00:26:40,719 and you know a bunch of your instances 913 00:26:39,200 --> 00:26:41,840 are not encrypted and they're sending 914 00:26:40,720 --> 00:26:42,720 things out or your firewalls are 915 00:26:41,840 --> 00:26:45,279 misconfigured 916 00:26:42,720 --> 00:26:46,720 whatever it is you'll get a list and uh 917 00:26:45,279 --> 00:26:48,559 with cloud conformity it's actually done 918 00:26:46,720 --> 00:26:50,880 in low medium and high and critical 919 00:26:48,559 --> 00:26:52,720 which is really really nice um so that's 920 00:26:50,880 --> 00:26:53,919 that's something really to do to get a 921 00:26:52,720 --> 00:26:56,320 sense of where you are 922 00:26:53,919 --> 00:26:57,919 in in your cloud configuration find out 923 00:26:56,320 --> 00:27:01,918 that's the most important and then dig 924 00:26:57,919 --> 00:27:04,159 in i will leave you on this 925 00:27:01,919 --> 00:27:06,159 it's this is like new york city it'll be 926 00:27:04,159 --> 00:27:08,640 a nice city when it's done 927 00:27:06,159 --> 00:27:10,799 tech debt is not done you're it's not a 928 00:27:08,640 --> 00:27:13,120 project that you do once and you're done 929 00:27:10,799 --> 00:27:15,440 unless you're really unlucky it's a 930 00:27:13,120 --> 00:27:16,559 process and it absolutely has to be so 931 00:27:15,440 --> 00:27:18,640 there are 932 00:27:16,559 --> 00:27:19,600 literally there's two ways to deal with 933 00:27:18,640 --> 00:27:23,039 it 934 00:27:19,600 --> 00:27:24,000 you do it constantly alongside 935 00:27:23,039 --> 00:27:27,039 development 936 00:27:24,000 --> 00:27:30,240 and collaboratively with all of 937 00:27:27,039 --> 00:27:30,960 of dev or you don't do that and you 938 00:27:30,240 --> 00:27:34,000 accumulate 939 00:27:30,960 --> 00:27:36,080 so much tech debt that you 940 00:27:34,000 --> 00:27:37,039 get to a point where you have to stop 941 00:27:36,080 --> 00:27:40,080 everything 942 00:27:37,039 --> 00:27:41,840 and shut down for a month or two months 943 00:27:40,080 --> 00:27:44,879 or three months 944 00:27:41,840 --> 00:27:47,840 and go back and fix everything and just 945 00:27:44,880 --> 00:27:49,679 refactor everything and then you'll go 946 00:27:47,840 --> 00:27:52,959 and do it constantly as an effort 947 00:27:49,679 --> 00:27:55,679 alongside dev there is no third option 948 00:27:52,960 --> 00:27:57,200 these are your only options so it's and 949 00:27:55,679 --> 00:27:58,480 i will say this like people say well 950 00:27:57,200 --> 00:28:00,080 that's really hard 951 00:27:58,480 --> 00:28:01,840 or that's really expensive or i don't 952 00:28:00,080 --> 00:28:05,918 have the resources to do that 953 00:28:01,840 --> 00:28:08,559 it will never be easier or cheaper 954 00:28:05,919 --> 00:28:09,200 to do this than it is today every day 955 00:28:08,559 --> 00:28:11,200 you wait 956 00:28:09,200 --> 00:28:15,200 it gets harder and more expensive to do 957 00:28:11,200 --> 00:28:15,200 it you should start today 958 00:28:15,520 --> 00:28:18,639 one thing that i'm doing now and we're 959 00:28:17,600 --> 00:28:20,320 just starting this so i can't really 960 00:28:18,640 --> 00:28:21,600 tell you if it's successful i'm really 961 00:28:20,320 --> 00:28:23,760 hopeful that it will be 962 00:28:21,600 --> 00:28:26,158 uh is thinking about embeds and forward 963 00:28:23,760 --> 00:28:27,440 deployment um 964 00:28:26,159 --> 00:28:28,720 what we're doing is getting forward 965 00:28:27,440 --> 00:28:30,000 deployment of developers from every 966 00:28:28,720 --> 00:28:31,600 squad into security 967 00:28:30,000 --> 00:28:33,200 so they will come and they'll come to 968 00:28:31,600 --> 00:28:35,039 our stand-ups and 969 00:28:33,200 --> 00:28:36,720 uh ultimately we'll send our security 970 00:28:35,039 --> 00:28:38,000 engineers into their standups 971 00:28:36,720 --> 00:28:39,919 once a week it's not it's nothing 972 00:28:38,000 --> 00:28:42,399 serious but but what we end up with is 973 00:28:39,919 --> 00:28:44,559 we we start to to get collaboration we 974 00:28:42,399 --> 00:28:46,158 start to get evangelism on both sides 975 00:28:44,559 --> 00:28:48,080 and we start to really get to know some 976 00:28:46,159 --> 00:28:49,760 of the people who are making decisions 977 00:28:48,080 --> 00:28:51,360 um i would i would recommend that you 978 00:28:49,760 --> 00:28:52,559 get people who think it's cool who think 979 00:28:51,360 --> 00:28:53,520 that it's interesting who think that 980 00:28:52,559 --> 00:28:55,279 it's fun if you just 981 00:28:53,520 --> 00:28:56,639 if you force somebody and frog marks 982 00:28:55,279 --> 00:28:57,360 them into our stand up it's not really 983 00:28:56,640 --> 00:28:59,600 going to be very 984 00:28:57,360 --> 00:29:01,520 very productive but there is at least 985 00:28:59,600 --> 00:29:02,240 one person in every squad who's going to 986 00:29:01,520 --> 00:29:03,679 be 987 00:29:02,240 --> 00:29:05,679 uh who's going to think that this is 988 00:29:03,679 --> 00:29:07,919 neato that's the guy you want 989 00:29:05,679 --> 00:29:09,279 um and another thing is embedding we're 990 00:29:07,919 --> 00:29:12,240 making 991 00:29:09,279 --> 00:29:12,960 ssre security site reliability engineer 992 00:29:12,240 --> 00:29:15,279 um 993 00:29:12,960 --> 00:29:17,039 if we think about since i said where 994 00:29:15,279 --> 00:29:18,720 infrastructure is code if we think about 995 00:29:17,039 --> 00:29:20,158 our security not from the standpoint of 996 00:29:18,720 --> 00:29:23,360 guys and hoodies but like 997 00:29:20,159 --> 00:29:24,720 guys in um 998 00:29:23,360 --> 00:29:26,479 guys who are looking for resilience guys 999 00:29:24,720 --> 00:29:28,000 we're looking to make things work then 1000 00:29:26,480 --> 00:29:29,039 it really comes down to security by 1001 00:29:28,000 --> 00:29:30,720 virtue of 1002 00:29:29,039 --> 00:29:32,158 excellent configuration that's really 1003 00:29:30,720 --> 00:29:33,679 what the bottom line is 1004 00:29:32,159 --> 00:29:36,399 and the only way that i think that that 1005 00:29:33,679 --> 00:29:39,520 can really work is if we are 1006 00:29:36,399 --> 00:29:41,120 hand in glove with sre because they're 1007 00:29:39,520 --> 00:29:44,559 they are where the rubber meets the road 1008 00:29:41,120 --> 00:29:46,559 and in some ways so are we so having a 1009 00:29:44,559 --> 00:29:47,279 security site reliability engineer 1010 00:29:46,559 --> 00:29:49,600 somebody who 1011 00:29:47,279 --> 00:29:51,200 who stands up with sre but but is really 1012 00:29:49,600 --> 00:29:52,240 mainly focusing on the parts of our 1013 00:29:51,200 --> 00:29:54,159 infrastructure that are 1014 00:29:52,240 --> 00:29:56,000 directly related to security we're 1015 00:29:54,159 --> 00:29:57,679 thinking that that's going to be a very 1016 00:29:56,000 --> 00:30:00,480 successful role 1017 00:29:57,679 --> 00:30:01,279 i am now uh done with my presentation no 1018 00:30:00,480 --> 00:30:05,039 i'm not 1019 00:30:01,279 --> 00:30:07,039 sorry um i i thought of this because 1020 00:30:05,039 --> 00:30:08,080 you actually when the military did this 1021 00:30:07,039 --> 00:30:10,080 um they 1022 00:30:08,080 --> 00:30:11,199 found that reporters they got better 1023 00:30:10,080 --> 00:30:12,639 reporting 1024 00:30:11,200 --> 00:30:14,559 um because the reporters actually had 1025 00:30:12,640 --> 00:30:15,760 skin in the game now sometimes that that 1026 00:30:14,559 --> 00:30:16,639 meant that the the reporters were 1027 00:30:15,760 --> 00:30:17,919 throwing it in on the side of the 1028 00:30:16,640 --> 00:30:19,039 military they were biased towards the 1029 00:30:17,919 --> 00:30:20,320 military but a lot of times what it 1030 00:30:19,039 --> 00:30:21,760 really meant was that the reporters had 1031 00:30:20,320 --> 00:30:22,559 a better contextual understanding of 1032 00:30:21,760 --> 00:30:23,760 what was happening 1033 00:30:22,559 --> 00:30:25,840 that's what i'm seeking here i think 1034 00:30:23,760 --> 00:30:28,000 it's really really clever 1035 00:30:25,840 --> 00:30:29,039 as a way as a way to work so here's my 1036 00:30:28,000 --> 00:30:31,520 contact information 1037 00:30:29,039 --> 00:30:34,840 and i will be available right now if 1038 00:30:31,520 --> 00:30:36,080 anybody has any questions for me right 1039 00:30:34,840 --> 00:30:37,600 now 1040 00:30:36,080 --> 00:30:41,039 all right does anybody have anything to 1041 00:30:37,600 --> 00:30:41,039 enter into the q a window 1042 00:30:45,039 --> 00:30:48,480 if not feel free to reach out to nick 1043 00:30:47,200 --> 00:30:50,720 with any questions we're going to be 1044 00:30:48,480 --> 00:30:52,559 posting the recordings and the slides 1045 00:30:50,720 --> 00:30:55,760 here in the next couple days 1046 00:30:52,559 --> 00:30:59,120 uh on corncon.tv and 1047 00:30:55,760 --> 00:31:00,640 uh i'll let you go nick i appreciate you 1048 00:30:59,120 --> 00:31:02,080 coming and and giving a great 1049 00:31:00,640 --> 00:31:05,840 presentation today thank you 1050 00:31:02,080 --> 00:31:05,840 thanks very much take care