Cybersecurity Trends and Truths with Richard Ford

Show Notes

In this episode of the Entropy podcast, host Francis Gorman speaks with Richard Ford, CTO of Integrity 360, about the evolving landscape of cybersecurity. They discuss the growth journey of Integrity 360, the complexities of the cybersecurity channel, and the current threat landscape organizations face. Richard shares insights on the importance of cloud security, Zero Trust architecture, and the trend of consolidation in cybersecurity technologies. They also delve into the implications of AI in cybersecurity and Richard's personal journey with dyslexia, emphasizing the importance of understanding and leveraging unique perspectives in the tech industry.

Takeaways

• Integrity 360 has grown significantly over the years, expanding its footprint in the cybersecurity market.
• The cybersecurity channel involves partnerships between vendors and service providers to deliver effective solutions.
• Organizations must prioritize cloud security to mitigate risks associated with misconfiguration and human error.
• Zero Trust architecture is becoming essential for protecting data and access in organizations.
• Consolidation in the cybersecurity market is a growing trend, impacting technology choices for organizations.
• XDR (Extended Detection Response) is evolving, with both closed and open models available for organizations.
• Generative AI poses risks to organizations, particularly regarding data security and privacy.
• Understanding the fundamentals of cybersecurity is crucial for professionals, especially in the age of AI.
• Dyslexia can be a superpower, allowing individuals to think differently and approach problems uniquely.
• Confidence and the willingness to push beyond comfort zones are key to success in cybersecurity.

Sound Bites

• "It's been quite a long journey for myself."
• "Our role is to be a partner."
• "XDR is now very much where technology sits."
• "Consolidation of technologies is a growing trend."
• "Generative AI is like the new femme fatale."
• "Don't be afraid to do it in the first place."
• "Kids don't know how good they've got it."

Transcript

Francis Gorman (00:10.596)
Hi everyone. Welcome to the Entropy podcast. I'm your host, Francis Gorman. This is episode 12. If you're enjoying our content, I'd really appreciate it if you can like and follow the show wherever it is you get your podcast from. Today I'm joined by Richard Ford, the Chief Technology Officer at Integrity 360. Richard is a true innovator, deeply immersed in the world of cybersecurity, leading critical conversations around protecting businesses and optimizing technology strategies. Known for his insightful perspectives and knack for demystifying complex topics.

Richard brings clarity and vision to the fast-paced digital landscape. It's great to have him here with me today. Richard, how are you keeping?

Richard Ford (00:44.846)
Yeah, very well. Very well. Thank you for having me, Francis. And thank you for that introduction. know, put a piling on the pressure from the very start.

Francis Gorman (00:53.392)
It's always helpful to build a bit of anticipation, Richard. Richard, I'm quite interested in talking about a number of things. Integrity, obviously, quite a large footprint at the moment. And I've grown from a small company into something quite dominant in the market space. What have you learned in terms of the channel that is Integrity with all of the different vendors and that management complexity? Is there any lessons that have come out of that scenario?

Richard Ford (01:24.014)
Yeah, well, I'm in danger of becoming the integrity spokesperson or my integrity spokesperson persona coming on here. But it's been quite a long journey for myself. LinkedIn told me earlier that it was 12 years, four months that I've been with integrity. And I say I've had the pleasure of being with integrity as we've been on that growth journey.

employee number 36 or at least my payroll number was number 36 or something like that when I joined. And now we've grown to being 720 odd employees, branched out from when it was founded in 2005, three people operating out of Percy Place in Dublin and now operating across 12 plus territories. So as an organization has been on a

big growth journey. It's been a big growth journey for myself. I haven't been CTO since that start 12 years ago. And I suppose my experience extends beyond that in terms of operating very much in the channel. And lessons learned across that time or things that insights. mean, definitely be able to keep pace with sort of the changing, we're talking about changing threat landscape.

changing vendor landscape. I mean, as a service provider, our role is, and if we're doing it properly, is to be a partner. And the important part of that partnership is being able to advise and guide, particularly when it comes around to solutions and technologies, where the priorities should be against that threat landscape, but against an organization themselves. But actually spending the time.

to look at technology and not be distracted by hype or classy marketing. Because you're putting your reputation on the line there when you're advising around a technology, a product, a vendor, and make sure they're not a flash in the pan and that they're actually going to deliver upon it. I think I'd say they're kind of the real kind of, I guess,

Richard Ford (03:49.844)
learnings on that journey to a certain extent around the cybersecurity channel. It is a channel model, making sure that from our point of view, make sure that we've got strong partners around us from a vendor perspective and making sure that we're the strong partner that our customer needs. As I said, I'll try to be careful, drop into the integrity spokesperson mode, but I'll try and avoid it.

Francis Gorman (04:12.462)
and I'll...

Francis Gorman (04:19.619)
You're grand. And I think, think, Rich, when we talk about the channel, some people may not understand what that means. Can you bring to life for me when we say the channel, what that actually, are all the mechanisms that make up the channel in this sense?

Richard Ford (04:33.613)
Yeah, so I mean, a lot of it's sale channel or the cybersecurity channel and really kind of feeds from, know, there's a multitude of vendors, know, industry vendors out there that are creating technologies. And obviously they're looking to sell those technologies or those products as far wide as possible. And, you know, their challenge is how they can scale. So

They can only through direct selling, for them to expand their sales, they're to have to expand their own sales teams, which is challenge to scale up. But they rely upon partners to be able to deliver. So that very much being the channel. And those partners can be built through distribution as well that's acting on their behalf to allow them to scale right into providers like ourselves that can then

provide the services, provide the technology, provide the guidance to organizations. So there is a channel that we sit very much a part of, and we are the sort of closest part of that towards an organization, as I say, acting as their advisors to get the very best out of the technologies they're getting, but also.

getting the very best out of the support and everything else that needs to go with it.

Francis Gorman (06:02.061)
And it is quite a market at the moment with security vendors in particular and quite an aggressive market as well in terms of everyone is trying to get a slice of a pie that is only so big. What do you see as kind of the predominant capabilities organizations are looking for in the current threat landscape?

Richard Ford (06:21.281)
Well, John, just in terms of technology capabilities that people are looking for or partner kind of requirements.

Francis Gorman (06:33.999)
Bored, actually.

Richard Ford (06:35.565)
Yeah, so I mean, you know, things that people, know, hot topics currently, you know, there's definitely cloud security and cloud security technologies that are a must. know, think Gartner had a staff and it's from a couple of years ago, but by the end of this year, that 99 % of all cloud security breaches will have a root cause in

misconfiguration or human error. It's an area where the myriad of configuration options is well beyond human comprehension. So that's something that can only be resolved with a tool that can operate, understand all of those configuration options. Particularly when those changes are being made to identify actually that was not a great change or we've left something completely wide open.

So that's definitely an and a requirement that organizations very much have at the moment. Zero Trust, I think, has been an industry buzzword and a hype word from a couple of years ago or a few years ago. That's really, a Zero Trust architecture, is very much becoming the norm that organizations are looking to dive into. And actually, there's no one.

technology, it's how do we join all those technologies together to allow us to enable a zero trust methodology to be able to protect our access, protect our data and everything else. And now it's impossible to have this conversation without talking about AI and people desperately trying to, from a vendor perspective, make sure that they're on the vendor AI hype cycle and taking advantage of that.

which particularly if you look at the different forms of AI, whether it's agentic or whether it's generative AI that's being wrapped into technologies, very quickly, got to look at actually, is that of massive benefit? Particularly, I can give a very good example of chat GPT that when I was...

Richard Ford (08:59.373)
creating an image off the back of a bit of a trend for creating a doll of yourself and which I don't know if it's whether that came across your social media or not but just in a group chat a friend of mine did one so I took it and asked chat GPT to make some modifications of it and actually one of the things I asked for was against its policies.

all part of a little in-joke. And then I asked a few more questions and then funnily enough, it actually generated an image with what I asked for, ignoring its own rules and controls. So I think there's definitely some learnings there that the organizations need to bear in mind, particularly as they're looking at technologies that have quickly thrown in these capabilities. So I think, you

There are some of the requirements. think we've got an ever-growing requirement to be able to defend ourselves. So detection response capabilities, I think that's an area that's developing very quickly. In terms of that joining up, another buzzword and acronym, XDR, something that definitely was purely buzzword and there was no substance behind it is now very much where technology sits, joining it together and joining the dots.

Definitely the growing trend is consolidation, whether that's consolidation of technologies, obviously vendors are buying each other to gain market share and capability. As you said, there's a very crowded marketplace. I forget the organization that releases the view of all the vendors. will come to me and I'll come back to it.

Thousands of vendors there offering solutions and products across so many different spaces. As I said, one of our jobs and one of the things that we see is those falling by the wayside. We saw Scurio as a threat intelligence platform, go out of business, end of mid last year, leaving customers in the lurch. There was another one.

Richard Ford (11:25.037)
you know, it's just escaped me here was that that went under relatively recently and now just pointing all of their customers to what was a competitor, just to allow them to move off it. So yeah, there are challenges there. But we see a lot of consolidation in the market, as I say, for a myriad of reasons. And, you know, on the one hand, that consolidation hopefully makes things easier.

in terms of who we're looking at, but also creates challenges for organizations. Some of those challenges will be that the technologies that they're operating have been acquired, being consolidated, being dropped. Obviously, anything that's acquired by Google is in danger of disappearing off the face of the Earth. I think there's an entire website, I think, killed by Google, that lists all of the technologies they've bought or developed that they've just dropped.

So, you know, we do see that changing considerably.

Francis Gorman (12:27.707)
And I think one of the, one of the problems I see myself in terms of consolidation of the platforms is the operational models and the ownership problems. You know, you've got something that now does 10 core capabilities that would have been in separate teams in potentially separate areas of your organization between security and IT or other. And now they're all in a singular platform that you need to interact with. You touched on XDR, Extended Detection Response there, Rich and...

You guys have a front row seat to a lot of these deployments in terms of the strategic intent versus the reality of what lands. you have any observations, maybe the good, the bad and ugly of XTR deployments as they've been rolled out, gone well or not so well in some cases?

Richard Ford (13:15.453)
Yeah, I suppose, I it's probably best to start with a definition or of XDR beyond extended detection response and look at the different forms of XDR. And really, they kind of fit into two camps of closed or native XDR, which is a single technology that is going to deliver each one of the XDR pillars. And you can even argue what

which ones are the XDR pillars, but at a basic level, it's endpoints, it's network, and it's logs, you would have traditionally used a scene platform for. And then you can expand out to identity and out to cloud. And then you have OpenXDR. So OpenXDR being very much a framework that you can stitch together different and have that choice between vendors that you'll be able to pull together.

either through one platform or whether it's through a service on top or as I say, pull into a platform that you're operating to be able to give you that full coverage. And actually, in terms of the good, bad and ugly, I think it's actually a journey that the industry has been on from the very start of when that term was flying around and it was a buzz, it was a tick box.

And even where elements of capability were added to a product. So as an example, an EDR product that's then being extended out and adding in a data data lake or log storage capability, you know, always ticking that box. But actually, if we look under the hood, the detection isn't across the variety of features and capabilities.

And the ability to search across them isn't entirely unified. And that's kind in the development that we've seen over the last number of years as each one of those vendors, whether they're coming from a scene background or scene position and adding in wider detection response capabilities, or whether they've come from the endpoints space and are expanding out to add in that sort of, yeah.

Richard Ford (15:41.41)
data lake capability, or even from the network side, we're actually seeing that they're now coming together to be a solution that actually can stand on its own two feet. Now, it probably needs a few little bits around the edge to join up all of the dots. We're actually seeing that particularly across some of the leading vendors, that they're in a position where you can now say, well, I need to have multiple vendors?

Now, the flip side of that is what happened in July last year, where people that had all eggs in one basket felt a little bit of pain from the CrowdStrike incident. But they are few and far between sort of mass outages. can't think of any mass outages. I can think of breaches of security organizations, which generally, on the whole, have been through third parties.

We could then spend ages talking about supply chain challenges, because I think that is one of the biggest risks to organizations. But I think we are getting to that point where we can entrust the majority of our security controls in one place. And the advantage of that is you've got a single dashboard to be able to view absolutely everything. And the more telemetry that you can pull together and the more that you're able to push out single policies, then the better.

So I think just go back to your comment about, and actually it's a problem that we see on our side of as a service provider and the personas that we would deal with. It's definitely changed over time. We've seen firewalls being a security product that is now that some time ago moved into being really that's the network team's responsibility rather than security, because it's just access and it's networks.

But we've seen that that has changed. And we see that, as you said, the teams that are looking after platforms as they consolidate is very much changing. So I think we need to change in line with that and have a much broader skill set or look at how we can bring those teams together and definitely remove any silos. Because I think that is going to be one of the largest challenges.

Richard Ford (17:58.35)
If you look at our favorite thing in cybersecurity, or at least the analysts that drive most of these, is acronyms. And actually, all of these acronyms that we're looking at, sorry, when I say we're looking at, all of the main acronyms that we're using right now, XDR, which is Extended Detection Response, pulling in all of those individual niche capabilities.

around detection response all together into one. We've got CNAP, which is cloud native application protection platforms, pulling in what were huge from the cloud infrastructure all the way down to the SAS, DAS, DevOps lifecycle shift left all into one platform that is just all of your cloud security controls. We see it with SASI, so the network side.

So all of your access, all of your networks, your SD WANs, your WAN connections, all being pulled down into one. So at the very least, our silos, if we still have them, are getting bigger in terms of what they need to cover. And I suppose that really probably guides us on where do we need skills? Where do we need to develop? It's across those areas. I don't think anybody can have just one pure

If I think back to the very start of my career, when I left university, I decided that networking was the thing for me. Very quickly that moved on to being security, but actually I don't think anybody can have a niche area anymore. We've got to have broad understanding, broad knowledge, probably center of excellence around, for example, detection and response, but we've got to have knowledge across.

how networks work, modern networks, so SASE, how the cloud works, how identity works, how we develop applications to certain extent, and how we operate those. Talking about cloud and cloud environments, mean, the world has changed where we're now operating on Kubernetes pods that have elastic scaling, that we're using serverless functions.

Richard Ford (20:26.285)
which is a massive change to how we had previously operated, even when we were just going through that kind of using Docker images to represent some of our applications. So I think there's a big change. I appreciate that we've gone on a of meandered down a little path there, I think that, sorry, was just the way that we're seeing that convergence, consolidation, that's got to play out in how we.

Francis Gorman (20:42.649)
Don't worry, it's all good stuff.

Richard Ford (20:56.127)
skill ourselves and how we view ourselves as cybersecurity experts and just IT experts across the board.

Francis Gorman (21:06.095)
It's an interesting topic and it's actually come up on this podcast a number of times about the human aspects of the human skills that are in need in cybersecurity. had Chris Dale on one of our earlier episodes and he was talking about, you run this fancy tool and you get root, you get root. But why are you root? Do you actually understand how you've gotten there fundamentally? And it's a gap in terms of knowledge. So when we talk about these broad strokes of

you know, information security professionals have to have a broad stroke of knowledge across certain areas. They also need to understand within those areas, some of the specialties that these tools and technologies bring. And you touched on a couple of things there, Richard, across the use of chat GPT. And we know in organizations that employees are using generative AI, whether it's chat GPT or GROK or any of the several other components that are out there. And I had a really interesting perspective a while ago that

Genitive AI is like the new female fatale. They come in, you tell them all of your secrets and then they disappear with your data. So in terms of human, the human risk element, without even getting into the technology or the expertise required to operate these tools, Genitive AI is, it's like the guy next door, the girl next door. You can just talk to it and it gives you back answers. How much of risk to organizations you think that poses for these capabilities being used outside the boundaries of your trust environment on personal machines, but with

about company information, you know, and a lot of it's the bolster that knowledge set that you may not inherently have because the landscape technology has changed quite rapidly.

Richard Ford (22:42.985)
Yeah, so I I actually heard a professor at one of the, I think it was the cork issue for technology, describe generative AI as the drunk at the end of the bar. And by that, he meant it, you know, can ask any question you like, and it will always have an answer. And it's just, you know, how true that answer actually is. So I think there's, you know,

And I appreciate your questions more towards, you know, the data moving out and our kind of use of it. But I think there's definitely a danger. I can think of a few dangers. One that we're blinded by fact, which is actually fiction, and then changing our views, particularly as you are only going to be fed as good information.

as the data that's being fed into it. I think as great a tool as it is, I think if we just reflect back to what we were just talking about a second ago in terms of having the skills and knowledge that you need to have, I think one of those things that we need is the basic skills and to have gone through the stages to get there so we actually understand as your previous...

participant or panelist was talking about in terms of, you know, being able to show them in their SANS class that they got root, the shiny tools, but not understanding the how is critically important. I don't think I would be able to, you know, to have gone along my career if I didn't have the ability to understand, you know, down to probably the final level of detail that I actually needed to.

and maybe that's just my personality, is I have to know how everything works and can't accept things that are at a superficial high level. But I think what we're gonna see is that, and we will keep seeing it, if AI is being able to cover off a lot of these tasks, then are we gonna become just operators of AI? Even if security context of having a bit of an understanding of security,

Richard Ford (25:11.373)
But how are we going to go through and do the hard yards if they're well and truly being done for us? So I think that just some of the challenges in terms of data leaking. There's definitely a need for ongoing education and looking at controls around the use and particularly where it's personal use. I I've got chat GPT on my phone, which is I've got a personal account that I use from time to time.

and to say mostly for humorous reasons. And actually just do some recently. mean, it doesn't tell particularly good jokes. So it's not where I'd go for a comedy script, that's for sure. But it's very easy to upload documents to go and ask it to contribute. Whereas you're putting those public documents out there. I had a sit down on a conversation, actually an interview at one of our security first conferences with the CIO of

the largest aviation leasing firm in the world. And they see that as their biggest risk. They will not allow any use of open AI where any data is going to be shared. It has to be completely closed, LMS that they can use. they don't want to the data. This is their biggest risk of the data exiting the organization where people are trying to just take that shortcut, trying to get some assistance.

and submitting their data, as you say, to someone who's going to be quite happy to take it, help you at the time, keep it and walk out. But that is, there's a myriad of risks there.

Francis Gorman (26:49.503)
I don't...

And I do think on that point, Richard around the, did not allow them to use anything outside of what is approved or whatever. That's getting harder with SAS and PAS because all of these third party providers are betting in AI capabilities. And I think I described it recently like the Matroshka effect, the Russian dolls and you unpack them, you you've got.

Richard Ford (26:54.007)
think of.

Richard Ford (27:00.269)
to use the item outside.

Francis Gorman (27:19.385)
You've got SAS provider that has a shared responsibility model with technology provider B and they have a shared responsibility model with chat, GPT or open AI. And that model has been running somewhere else. Like, and by the time you figure out where the data has been extrapolated to, it's gone far beyond your reach, but it's also nested with all of these shared responsibility models that you get with cloud. it's the remit or the front door that you go in from gets smaller as the line.

the line goes down. And I think that's going to be a real problem. And a lot of that is happening through the update of end user license agreements to your employees. It's not even happening at a procurement level. It's just a flick the button switch. you want to you want to summarize this data using our something, something tool? And you go, yes. And boom, it's on. Data's gone.

Richard Ford (28:08.671)
Yeah, yeah, no, indeed. And I think, I mean, yeah, there's definitely elements of understanding and you're not gonna, from a SAS perspective, you're not gonna understand the software bill of materials is underneath, you're not gonna be able to get a view of all of the trust in third parties beyond that. So there has to just be almost explicit trust there. And, yeah, there's...

What is happening to that data? Where is it being shared? How is it being protected? Important questions, particularly from bleed between them. It's great that all of these tools you can now just put natural language in to ask questions of it. What data and how is that data being protected to make sure that you're not getting the answers from somebody else's data?

which has been proven plenty of times over through the abusing chat bots in the right way will spill the company secrets relatively trivially. Obviously that will always be enhancing to protect those, but it's definitely a challenge. like I say, putting it into the hands of the user, whether they're aware or not, rather than it being the

the corporation's decision is definitely a challenge. But I think also part of the challenge is those tools are being used day in, day out in people's lives. I mean, there's no Google search now that goes on without the, probably the answer. If you're asking a question popping up in the Gemini summary, that's giving you the links, the same with Bing, if anybody uses that.

that will give you the summarized data. So it's being used day to day. People are using chat GPT, not just for meme generation and trends around creating a Barbie doll or action figure of yourself. And so there's expectation that will grow that I can do that. I can do that at home. can work so much quicker. I can get these things done. I need to do them at work. And if the answer is no, well, they're going to...

Richard Ford (30:34.445)
figure out how to find the answer to be yes. So, know, our challenge as security professionals is going to be how do we enable them securely to be able to do it so that we don't, you know, in the most frictionless way possible so that they don't look for an alternative path that they can take that's gonna, you know, the policies and restrictions that are being put in place. Now I mentioned on my phone, I've got a chat GPT there.

But we've obviously put all the restrictions in place. So yes, I've got Teams on there. Yes, I've got my email. But if you try and copy anything out, then all you get is you paste in a message that says, your organization does not allow you to copy and paste out of here. So those controls are at least in place there. But as say, people will look at ways to avoid it. So we've got to put the ability in place.

And I think security always comes back to being the enabler. They're not the ones that are going to decide that these are the business tools that we need to have in place. But they have got to be the ones to enable them to be used securely so we don't get shadow IT, we don't get users taking, as I say, slightly different path than the one that they should be allowed to be taking.

Francis Gorman (31:58.96)
And I think it's going to be hard to manage it. We're to see lots of interesting outcomes in 25 and 26 as the realities of what that actually means come to light. Richard, there's one piece I want to touch on, which is the Hoolimant element. you talked about you've had a long tenure before you became CTO in integrity. But I know you're all special about talking about dyslexia. Is that something we can touch on for a minute in terms of your own personal journey?

Richard Ford (32:23.135)
Yeah, no, definitely. I know when we spoke before, you could say that almost is table stakes in the IT and the security world. But dyslexia for me is that superpower of being able to, and probably there's a little bit of ADHD in there as well to have hyper focus and

I get things on it's also the ability to to get distracted as well which seems like a bit of a oxymoron there but it's also I think you know I think you kind of start to think differently and I dare say that's why I want to understand things inside out partly so that I can put them together so it all works completely well in my own head so you know I think I think it's

something that definitely shouldn't ever be seen as a blocker. It definitely hasn't blocked me in any way, shape or form. But I think it's something that I've had to just work through actually. This is just the way that I need to work things and do the extra hard yards to get in that position. And I'd be very keen to guide anybody that is in the same position.

because it's understanding your view of things and being able to utilize that to your advantage easily.

Francis Gorman (34:02.925)
And I think it is it's a prerequisite to working in security. Or something like that. I do remember being in a room where we said we're launching our neurodiversity strategy and I was thinking, well, you're in the right room because, you know, I think we all have a touch of something.

Richard Ford (34:06.994)
Yeah.

Richard Ford (34:16.491)
Yeah.

Richard Ford (34:20.983)
That's it. Couldn't spell anything, but could easily turn an IP address into its hexadecimal version and then into its binary and back again. No problem. So I think it's just the way the brains work being slightly different.

Francis Gorman (34:39.279)
I think so, as my wife says to me after four years of dating, she had enough of me spending wonderfully, wonderfully. And I go, I hope your day is wonderful. said, I hope your day is wonderfully. She had to get on to me. She said, that's how you spell it. I was like, I'm sorry. I still get to give it over there and the context that they're spelled in. But yeah, it's never.

Richard Ford (34:46.005)
You

Richard Ford (34:53.074)
Francis Gorman (35:03.983)
It's never held me back in my career and the same thing. My mind works by deconstruction and reconstruction. I need to take things apart. I'm not a big fan of certification. I'm far more comfortable with spinning up the cloud environment and seeing why the EC2 instance needs to talk to the internet or whatever, getting the database working. So, you know.

Richard Ford (35:23.661)
Yeah, although I find I'm, I was always very good when it came to certification exams and being able to learn things inside out and then go and do them. The problem was then actually just making sure that retained in the brain rather than just for that specific, you know, very specific moment. I talk about the spelling. Most people would have no idea that I'm dyslexic and actually because I can spell, but I can spell because I've had to, you know,

chastise myself when I've got it wrong and just remember exactly how to spell it and then being comfortable with it. I think that's part of it. I mean, as you're aware, do have our security first conferences and there's various conferences I'll go and speak at. I think, and I guess I'm kind of pivoting slightly here, but it's, and it really is around confidence. think, yeah, just.

having the confidence to be confident, to go and do it, fail, fail, fail, fail. And then just make sure that you're getting better each time. think that applies to so many different things. Don't be afraid to do it in the first place, whatever it is, and then push yourself. And I think if I reflect on my career, that's probably the thing I'd reflect on the most, is the desire to push myself well outside of my comfort zone.

and then live with it which can be a scary place sometimes but you just learn from it and move on and then next time you do it it's like water off a duck's back.

Francis Gorman (37:05.935)
It surely is and look, it's never been a barrier to me. So like I would always say to people, don't worry about it. If you're freaking out your kid has dyslexia or ADHD, just find the right path for them to put that, that mental energy into. there'll be, there'll be fine. Send them down to a quarter dojo class or.

Richard Ford (37:21.933)
Yeah, actually that, know, yeah, yeah, yeah, in terms of what I've seen, it's got an education today, you know, compared to, you know, when I was in primary school, secondary school, you know, so much so better understood, so the supports are in there, put in place to help. And, yeah, so I think, yeah.

I was lucky enough, I think, with what I had around me at the time. I think kids don't know what they've got. They don't know how good they've got it, I'd say.

Francis Gorman (37:59.928)
No, we didn't know any better either. was, you don't know what you haven't got. Rich, it's been absolutely fantastic talking to you. I think we're up on time, but it was a pleasure to have you on. Thanks very much for coming on the show.

Richard Ford (38:02.719)
Exactly, yeah.

Richard Ford (38:12.555)
No, brilliant. Thanks for having me and great to talk Francis.

Francis Gorman (38:15.93)
Thank you.