The Cybersecurity Bridge

Ali Waezzadah, iCOUNTER

SiliconANGLE

Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.

0:00 | 39:18

Ali Waezzadah from iCOUNTER joins theCUBE host Jon Oltsik for anotrher episode of The Cybersecurity Bridge

SPEAKER_01

Hello, everyone, and welcome to another wonderful episode of my podcast, The Cybersecurity Bridge. I'm John Oltick, analyst in residence at theCUBE Research Cybersecurity Community Activist. And if you haven't uh watched my podcast, I don't, you know, hello, is there anybody in there to quote uh Pink Floyd? Each episode of the podcast, we talk about uh cybersecurity, obviously, and we talk about the present of an area of cybersecurity, we talk about the future, and we talk about the cybersecurity bridge, which is how we get from the present to the future. So this week's guest or this episode's guest is Ali Wazada, who is the CEO of iCounter.

SPEAKER_00

Ali, welcome. Thank you, Ja, good to be here. Um by the way, the CISO. I wish I was the CEO. Oh, my mistake.

SPEAKER_01

No worries, no worries. And uh Ali, can you give our audience just a little bit about your background? Because you've done it all. Appreciate it.

SPEAKER_00

Good to be here. Thanks for the invitation. Um I I mean, believe it or not, I I was a pre-med student. And about six months into the program, program, I said this is not for me. And uh uh I tech was always uh uh an area that I was always passionate about. I I did uh right after uh high school, I used I used to work at a place that fixed laptops, so I just got into it immediately. And the majority of the first part of my career was um just most just like most other cybersecurity professionals, it was in system management, building networks. So uh, and for the first years, that's what I did and late 90s, early 2000s, when cybersecurity became uh was becoming more prominent and becoming its own discipline, I just I just dove right into it and uh from uh one position of uh building cybersecurity to the next one. And I tend to find myself in places where there was neither neither a cybersecurity program or it was just at the beginning, or it just needed massive transformation. So across the multiple CISO roles over the past two decades, that's where I focused on is either it's been building or transforming. And uh being in that area is is is is been what my career has been all about.

SPEAKER_01

That's great. And we'll get into it a little bit more, but in the meantime, are you ready to play cybersecurity trivia? All right, let's do it. All right. I tried to find one, I I always tailor the questions to my guests, and this one uh I had my staff of hundreds uh working on all week. So I'm gonna read a little bit of it. But in uh in early 2024, Microsoft and Open AI produced a report and it looked at what uh adversaries, especially state-sponsored adversaries, were doing at the time with LLM. LLMs. So I'm gonna read now. So were these state-sponsored actors using LLMs too, A, for authoring fully autonomous cell file replicating polymorphic malware payloads that dynamically evaded EDR systems? So that's A. B. Automating the execution of real-time hands-on keyboards post-exploitation lateral movement inside targeted networks. Boy, this is a mouthful. C, accelerating pre-attack reconnaissance, translating technical operational documents, and refining social engineering lures. Or D directly generating novel zero-day exploits for unpatched enterprise software vulnerabilities. Please don't ask me to read those again. No.

SPEAKER_00

Um, I think that um over the past few years they've been doing all of them, but in 2024, I will want to go back. That reconnaissance was probably at a point where everything starts. So I want to go with the reconnaissance one. So that's C. C.

SPEAKER_01

And you are correct, sir. So good start. So you're right, and it makes sense. And there's yeah, they're obviously still doing that um extensively now. And um, and why not? You automate a part of the attack process. So with that, let's move on. And so I always start with a very general question, but in your mind, in your experience, what's the state of cybersecurity today?

SPEAKER_00

What we are seeing today is we are at this what I call a very transformational point where obviously the the tech is, I mean, putting the getting away from the the economics and some of the cliches around AI, putting that aside, what we're happening is that we are at the cusp of a very what I call generational transformation, how cybersecurity work research and operation is going to be uh taking place and changing. And everyone's talking about uh the you know the models, and we just talked about the question you had, uh, and the tools and and the technologies, and how do we leverage it, how do we identify the security work, and how uh this is going to basically revolutionize uh how the overall the cybersecurity discipline across all these practices, right? But I've been also seeing how is this actually impacting the team and the people that are doing this, right? And I think what I'm see we're seeing today is that there isn't a struggle in the um you know, doesn't really matter the size of the organization that you have, whether you're you know the big behemoth is or somewhere in between, that the teams are still trying to adjust and learn what really it means for them uh when faced with all this evolution on the business side, on the tech side, and how does security actually not necessarily align itself but leverage it and adjust itself? I think that is what's happening, what what what one of the things I've been noticing and I've been paying attention to is that um that the team aspect of the structure of it, how where do we invest on the people side? And uh and even if you can agentify everything uh and and this the AI promise around security gets to do everything, there's still going to be a people component and team component. And how is that gonna uh going to be um addressed? Because at the end of the day, there is there is budgets, there is constraints, there is um other risk that organizations have to address. And if the teams continue to operate and are structured the way they were five years ago, the way they were even three years ago, it's gonna be a challenging uh roadmap for them. So that that's how I see where we are. And I think that's the people and the what I call the human aspect of this evolution is not getting the attention it's it needs to get because everyone's talking about the tools and uh and and what's happening on on all things being identified in the near future.

SPEAKER_01

Isn't that the truth? I mean, yeah, that we're we're in love with the technology, we always have been, and it's uh it's a little bit sad. But let me dig into that a little bit. So when you think about the human element, is it uh the skills aren't keeping up? Is it that that uh we just don't have as much of a staff or as as big as a staff as we need, or is that we've got the skills and we've got the staff, but we're not keeping up with the human workflows and processes, or is it all three?

SPEAKER_00

Yeah, I think that's a good question. I think if you look at if you if you simplify the security role uh um roles within your relation, I mean you can simple, I mean you can slice and dice it many ways depending on the size, but it's really you have three layers, you know, three components. One is the specialists, right? It's the ones that basically do the technical work or the what up, whether it's on the GRC side, on the compliance side, or on the architecture. And you have your what I call your middle management, where it's you know your managers and directors that are orchestrating the work, and you have your your executives that are doing the executive work, right? And what's been happening is that over the past, you know, if you look at 10 years, uh, give or take, you know, few years, is that a lot of people are uh like myself and you, we grew up out of building network and infrastructure. We saw what what it was to build things, right? They're coming out of uh these programs with theoretical knowledge, but it when they they come to the workplace, um, if you ask them what is your job, what is your role as a cybersecurity professional, they tend to just give you the uh the theoretical answer, and it really lacks the connection to what are they doing in your organization, right? So I think, and that over the past 10 years has and these people have gone promoted and gone to the next level. And so basically, that being able to put a put a broader context in the role, and now you have AI in the middle of all this, it's been a challenge for them to understand how do they need to position themselves for what's next. And that's I think no matter where you are, whether you're you're a pure technical analyst or you're a manager executive, that uh that what I call maybe perhaps uh uh uh lack of experience in that uh area is gonna make it is has is making it challenging, no matter which uh uh part of the organization that you're working in.

SPEAKER_01

Yes, and and we'll dig into that as we move forward. But I want to shift gears a little bit. Um you've been the CISO, not the CEO, that was my mistake, the CISO at uh at large organizations like Frontier Communications. And so uh you've had to manage uh a very large and dynamic attack surface. And I'm wondering the average company, is the attack surface getting too overwhelming or are we approaching attack surface management incorrectly where we we could probably do a much better job if we made some changes?

SPEAKER_00

The attack surface is um uh uh is increasing. I mean, I think if you if you look at it from um the angle of the third party, right? The uh uh or the vendors, your your partners, right? I think naturally by extension, I mean the enterprises don't uh operate in in basically what are called closed environments anymore, right? They're operating across uh you know various clouds, various partners across the globe. And that you know just naturally extends the attack surface, right? And I think what but at the same time, um what it doesn't mean you have to address and pay attention to empty things. I think this is what the challenge is with in general with in a cybersecurity professional over the past uh I would say decade has been is uh and which AI is making that more challenging, is has been that if I used I used to get, I'm just using it as an example, if I used to get about a million alert, million events that correlated to about a hundred things that somebody had to look at, and then 10 things, sorry, uh to a hundred things that made needed attention, and 10 things that really needed in some human uh to to look at, that thing has now exploded to a billion events and a thousand things you have to look at. So I think you have to be able to focus, uh look at where the organization tolerances, what the what the risk uh landscape it operates in, and really focus on what matters the most, because you can no longer fix every single high vulnerability, you can't fix every single blurb that goes on on the right. So you have to be able to create this method and methodology that focuses you on what matters the most instead of saying, well, this is policy, this is something that somebody said I have to do and I have to do that, right? And that's where the energy has to go. Because otherwise, if if you need to, if you want to do everything, then you're gonna end up doing nothing, right? So I think that's I think it what what what how we manage so that when I was at Frontier Communication, being communication provided across millions of customers, we want even that big of a team compared to other organizations. So we sat down and said, what is it the things that we need to focus uh on on a daily basis and put our efforts and investment around that area? There are things that that needed attention, but we had to put them aside because if we had we we prefer to do five things well instead of doing 10 things average.

SPEAKER_01

Yeah, and what you're getting at to me is sort of the intersection of cybersecurity and cyber resilience. And from your experience, are are organizations understanding that, are business executives understanding that trans transition?

SPEAKER_00

I think that is it depends on the industry. Uh, and one of the um and I think the cybersecurity team has some responsibility for that. I remember a conversation with um uh someone that one name that he was frustrated because the business um uh what he wanted to get down from a cybersecurity perspective just wasn't get and done. So he would say that the business that it doesn't get it, right? I would turn around and say that the business gets need doesn't know what it needs to do. They don't need to know cybersecurity, right? Business is not this objective, this mission, is the job us of us as professionals to be able to uh bring them to the place that they need to be uh to manage this particular risk as a part of their business, right? So I think that there are they getting better? Yes. I think they are getting better at understanding. I mean, most of the executives that we work, I mean, I reported to the board on a regular basis. When we came to them with the language that they understood and what they needed to do, um they got it, right? And I think it's just a responsibility that we have, whether you're at a CSO or an executive or other management level, you have to put the work to bring the business uh happy happily along with you instead of kicking them along with you. I think that's the important piece. And those who are doing it are um the business is their partner and they are working on the combination of resilience as well as uh the protection itself.

SPEAKER_01

Yeah, I'm seeing the same thing. I it it's a leading edge kind of companies are doing it now, but I think it it pulls along some of the laggards over time. But speaking of transitions, let's transition to the future of cybersecurity. And I want to dig into some a concept um uh or a vision that you have of the third wave of cybersecurity. Can you define that and just talk about what that looks like over the next couple of years?

SPEAKER_00

Well, we're looking what we're seeing is um uh uh seguing off uh uh in the previous segment is that a lot is happening. There's um and adversaries are taking advantage of AI very um uh in in in many ways, you know, from as reconnaissance all the way to uh I think you if you remember the anthropic um attack, I think was last year, where basically they use the anthropic model to not only do the orchestration and the uh the scanning, but also the all the next steps along the way. So what we're seeing in the third wave is that instead of just looking at intelligence as a way to know what is happening, is using it to actually counter the attack uh as close to real time as possible. You know, we've all dealt with dealt with intelligence, uh, or even if even if it's coming from a third party, or if it's coming from your own, by the time you learn something has happened and then it's ingested, and somebody look, that window, whether it's half a day, two days, three days, is now plenty of time for something major to take place. So the what we're seeing as the third wave is that you know, even if it doesn't, I mean, we we we want to get to real time, but basically shorten that narrow so that basically counter the threat as it's discovered through intelligence, uh uh by using, you know, this is where the agentic conversation comes in, is to basically counter that attack real time instead of waiting for it to take place uh because you found out too late. So that's what we're we're when we talk about third wave, is basically countering the attack real time, whether it's coming from a third party or this is coming from a partner, whether it's coming just because an adversary is talking about it in the in the in in some dark web place and is preparing to uh to uh to to conduct an attack and or surveillance, we're saying to counter that before it even takes place.

SPEAKER_01

So let me push you on that. So when you say counter it before it takes place, does that mean dynamically building detection rules? Does that mean dynamically red testing your environment? Uh does it mean um segmenting your network? What what does dynamically kind of left of boom cybersecurity look like?

SPEAKER_00

So I think if you uh maybe I'll just give a simple example. So if you think about um if you looked at the latest, I think Verizon DVI report this, you know, credential leaks and third parties are still the biggest attack factor for for um most enterprises, right? So the way we're looking at it is that credentials leak, right? Uh you've given credentials to your partners or to your vendors to do work on um on your environment. And and again, it could be other things. Credentials is one example, is that by the time you learn that that's taken place, right? And you start changing passwords or authentication, whatever you need to do to counter that, that could be days, sometimes weeks, right? What we're saying is that we can discover that and basically through even just reporting. So for example, reporting to your third part that you have credentials leaks, do X, Y, and Z to basically close that loop, right? And we also notify the client itself that we found credentials, we've taken actions, now uh they've they've done the corrective work, you have nothing to worry about, we're just reporting it to you, right? So that's basically using that credential leak as a very simple example, but there could be other things. So basically taking the remediation action upon discovery and detection to do the work instead of waiting for certain processes to take place, uh, for that remediation to take place, and you have lost two hours, two days or weeks of time where that credential is being used. I think, I think, you know, what it was it Kevin, uh just was it Kevin or even Karim who mentioned that adversaries don't really attack places, they log in. Uh so that is one way if you can counter that uh at real time, then you basically uh avoid a whole bunch of edicts from that credential being uh used and escalated and pivoted in inside the environment.

SPEAKER_01

I absolutely get it. And um you're what you're suggesting is using threat intelligence to climb the pyramid of pain and then proactively addressing that. Um but uh again, I'll dig into that. Um threat intelligence analysts are rare, especially good ones. A lot of them have military or government intelligence backgrounds. So give me a little bit more color on what you're doing there. So are you are you monitoring the deep and dark web? Do you understand or you know, you you follow the miter attack framework? Um give me some more color there.

SPEAKER_00

Yeah, we have we have uh you know one of the things that I noticed when I joined here is the caliber of people that are coming from the industry. For example, we just um um hired our head of intelligence, Maggie, um, who comes from not only our back, you know, not only she was she was our recorded future, but she comes from uh uh uh you know CIA, where she operated uh camera threat and intelligence, right? We have hired people from uh Secret Service. These are people who have become uh linguists, right, across different languages, you know, whether it's Chinese, Farsi, and everything in between, who are we're not only monitoring what's open, but we also enter closed environments where adversaries are talking uh in whether it's chat rooms or private conversation, we are in those places, not only in open uh uh intelligence places, but also in places that are closed, uh and gathering those intelligence that you cannot capture by just scouring dark dark web. So that's we're we're combining the closed intelligence and the open intelligence to give a much more viable uh so because you don't want to have intelligence that's just noise, right? We we're we're increasing the validity and the action, the uh uh the way you can action it by bringing those two two together uh to basically enrich and make that intelligence much more valuable and much more actionable so you can't take an agentic approach into it and do it real-time um remediation uh using the information got it with the with all that personnel I don't want to get on your bad side so I make sure make sure I'm keep minding my P's and Q's here.

SPEAKER_01

But um one other another thing that you emphasize is third party risk management. And uh I I was I met with a cybersecurity professional probably blocks away from where you're sitting right now in New York City and they were concerned really with fourth party threaten uh threat management. So who my my partners are partnering with and if they get breached and my data is out on the dark web, how do I find that? How do I proactively manage around that? So give me your your sense of uh third party risk management and even as it extends to the fourth and fifth parties.

SPEAKER_00

I mean it's you look at third parties could be anywhere from your your vendors uh your partners and whoever you're collaborating with and uh and and we all we all you know whether they support your infrastructure whether you you they're processing credit and a uh payment for you whether they're um anything that um uh basically is nowadays you know you third parties are part of critical operations i mean that's based any cloud providers basically your your your critical uh third party and so I think that what we're what's also happening is is your third parties are using providers as well right and I think if you look at some of the contracts that's uh um uh uh that we have seen or what they call it all these contracts have to and this this data security addendum right that talks about how you um if you happen to uh uh if data is involved or it's part of cripple operation the question asks is uh what uh do you have the fourth party uh that basically that that comes into conversation how basically they are giving the responsibility on us to make sure that whoever we use is also complying with what we're asking you if you're planning to use them. So that is um very uh uh live and it's going to get more and this is why I think when the third party aspect becomes more important because that responsibility of fourth party is also becomes a part of the conversation as well. So so I think this is where um the the the landscape of the third party become is is will continue to become more critical uh because of uh I mean we've seen many examples I'm sure you've read all the examples back as back as you know you know I know target feels like a long time ago but as even recent a third party continues to be uh a a a viable place uh uh for actors to to do reconnaissance and gain and so that combine that with third party using third parties I think that will continue to become and uh um I mean we saw it in most places that I was at CISO that we were asked how are you m how are you ensuring that if we're sharing data and if you're using providers, how are they protecting that and basically putting that responsibility on us to comply to make sure that they're complying with their standards. So I think it'll continue and um I think the AI concept is is going to make that even worse because the whole concept of who's using our data to train et cetera et cetera that also comes into the conversation which makes the third party or fourth party even more challenging going forward.

SPEAKER_01

Yeah Ali this this is such a lively discussion that we're already up to the cybersecurity bridge part of our podcast. So you are the second guest in a row that's suggesting things need to change pretty radically and we need to transform cybersecurity and I I get it and it's all it all makes a ton of sense to me.

SPEAKER_00

But are the organizations you talk to are they ready to transform or do they need some kind of motivation or even a breach to get them off their you know what's yeah I think the the bigger the organizations and the more what I call hierarchical or very arc I think they have the most challenges and naturally because you're big I mean uh if when when a company's you know 50 60 or 100 billion it's it is they're complex right and uh you know what one of the I remember years ago I was sitting in a board meeting and uh I think it was an IBM uh uh analyst and he said you know gosh 20 years ago I think so that complexity is the enemy of security right and I think that in complex organizations uh security uh people tend to still fall back to what they did that felt comfortable right and and I think that it is that and and and and most security people like you know as long as I do my piece I'm good to go and it moves out to the next department right I think that you know organizations that are well you don't have to be necessarily dictating complex but uh you know they basically are more any organization that's more compliance driven I think security is going to be very hard to change but if you're risk driven if you're risk based and you're looking at um what you need to focus on that matters for the most uh tactically and strategically you're better positioned to be able to um I mean look that we all have compliance that we gotta whether it's SOX or PCI there is that component you have to deal with that but if you are focusing it from a risk-based approach you are better prepared to make these changes but you have to be honest with yourself because you can't deal with every risk. But if you're more compliance driven and I just used to do my part and this process has been there for five, 10 years as long as it I think that becomes challenging.

SPEAKER_01

And I think there's still a lot of that because I've sat in a conversation where they said I asked this conversation that this and I looked at a process and this process had five steps and I asked why the five steps no one could tell me why it's five steps and I said could we do it at three and they said yeah we could so no one asked the question I think this is a problem we have someone needs to be brave enough to ask questions even within the org within the security organization itself uh to move itself past its sort of its um past uh you know foundation basically and that brings up a good question so we talked about how our industry is enamored with technology the next shiny object what you're suggesting is operational execution and so my question is do we have to teach organizations how to improve their operational execution before they can benefit from technologies like iCounter or are they at a a stage of maturity where that will come hand in hand?

SPEAKER_00

Yeah I think it'll come hand in hand it's it's hard to you know one of the things that um I've you know I learned from my uh you know exercising heavily was or more athletic days is that there's no best you know the best day to start your uh exercise and training is today right and if you leave it tomorrow and it's gonna go to next so I think that while you have to look at this uh your foundation it doesn't mean you ignore what is emerging right and I think that goes back into the risk mindset is you still have to work on your foundations and you you never forget that I mean you still have to do social engineering training on all the things that are associated with it. But at the same time um look at I think uh keep an eye on what's emerging and what can help basically make your foundations not only stronger but also make it more efficient and more agile. I think that's the piece that is uh is in uh what I've seen in most organizations that have gone with it was in transformation uh focus is that the the layer of technologies I mean that there was a technology for every single the tool for every single uh basically capability and asking the questions that why do I need that for technologies and maybe I can be more agile maybe I can be more you know efficient I think when you when you think of it that way right because look as as as I mean I I'm a geek at heart as geek we want to play with every single tool out there but I think when you're in the business environment you really have to look at how is this going tool is going to make me more efficient make uh enable the business and be more agile and maybe be more nimble because that's basically what we what I see you know not go into the next section of future security has to be much more agile and nimble to be able to survive what's coming down the road and you've personally issued some cautions about the uh use of AI-based tools or a genetic tools can you elaborate on that what do we have to watch out for as we transition to a new security model I think that if you I sometimes in this in in in this question I used uh um the the the cloud example so if you remember um when you know AWS's were uh uh coming out with the services and uh by the time the security department learned uh they need to start addressing it the business was already a year ahead in in in its deployment right and so then the same thing with BY do before that and so it's basically the you know it's the cat is out of the back and you you know the effort to try to stop it or slow it down is basically an effort that's not is is gonna be food. So I think that the way you know that from a from a security perspective I think you need to look at what is going to uh gonna use it to make you more efficient for to basically improve the secure the the your the security myself but on the business side I think that is where the the challenge is because they're out there doing things that we have no idea right and just discovering what's taking place right um that is the challenge right and when you want to start bringing controls and governance around that that is when you start seeing uh basically challenges and things that will keep you up at night right because you're now what you're gonna what you discover is that is far worse than what you thought right and but at that point again just look at most other times of security you got to find ways to partner and and figure out what is what are the things that you can address now what's what matters most because in if you want to stop it you're basically hindering the business from what it's wanting to do.

SPEAKER_01

It doesn't mean it's the right thing to do that what they're doing but you don't want to be the one who basically says you know stop everything until I catch up and that's going to be a challenging thing to think to yes and I and I think when you think about AI um I a lot of organizations are going to get into automation complex complacency where they just default to this technology or automation bias. And so that speaks to the need for that human expertise and it it it adjusts to accommodate AI but it needs to be there.

SPEAKER_00

Is that the way you feel absolutely I mean that's it's it's you have to be able to uh any function that is um in a in a I mean calling it you're supporting the business you have to adjust i think and if you don't um you it's you know as look at the past right you know it's uh it's you're basically going to become irrelevant uh right and uh you know what whether you know from a function perspective somebody else can come and has a better uh approach and and basically again from a professional perspective you have to be able to uh adjust doesn't mean you ignore the fact that things have to be done it one of the things I always tell people that as cybersecurity professional you don't own the risks all you have to do is at least if you do nothing else make sure the risks are visible right and if business decides to accept change or whatever they want that's up to them. But the least you could do is make sure it's visible but if you want to stop it that becomes a you know a what I call a very challenging roadmap and and phase of the career or your career in the organization.

SPEAKER_01

Yes and so I just is real quick because we're almost out of time but you what what I hear iCounter does is sort of a modern version of the MITRE uh model of threat informed defense. And so you understand the threat landscape the threat actor behavior you understand the environment and you can anticipate things and make changes.

SPEAKER_00

Does deception have a role in that real quick it can but I think that you know deception um when you said deception you meant a sense of like how do we uh we are like that the intelligence is being decepted or using deception technology to test if it's working um the latter using deception technology to fool the adversary oh understood I mean there's that that's not what we focus on but it's it's I would say you know for bigger organizations it's something that is part of the arsenal of adversarial emulation right uh but I think that if if you look at most enterprises don't have that type of capability so they want to look at what I if I have a problem and and what that I have to address and from either third party or even when we when we have we can do it first party how do I counter it and how do I counter it fast? I think that's what they're focusing in but deception technology if you can if if you can do it but most what I call larger enterprise could do it but when you come to the mid level it's it's a very you know if they have to spend their dollars it's going to be that's going to be sacrificed for something else. Yes.

SPEAKER_01

Ali if I were a younger man I would start a company called the Deception Cloud but that's uh another story for another time maybe maybe with a cocktail in hand. But uh my last question that I ask every guest give me the one piece of advice you'd give our audience what we're seeing um don't get sucked into the hype of anything.

SPEAKER_00

There's a lot of people telling you here's what's going to happen in the next 12 months. Here's what's going to happen next six months. Yeah I not that I'm throwing shade on anyone but basically you know everyone's trying to capture an audience and be relevant and be at the be basically make enough noise to be able to get above everybody else. And to do that they make these well this prediction so every time you hear here's what's going to happen next 12 months I think so my suggestion is that don't get caught up to in these types of uh uh is this is happening a lot in AI right now I mean you hear from both ends that this is useless and this is going to revolutionize mankind right then everything in between and and bring what this means to security as well is don't get caught up into the hype do your homework stay leveled be patient and along the way find smart people like uh than you you know and a great podcast like this podcast to listen to to be able to uh get yourself grounded uh otherwise you it everything with so much things happening your head will be spinning all the time okay you hear that Forrester Gardner I see don't get caught up in the hype uh well Ali thank you so much and iCounter will be at Black Hat correct correct we'll be at Black Hat uh from uh Monday to Friday um August 3rd to August 9th yeah yeah we'll be there all week great and uh really interesting companies so if you work in an enterprise and you think we need to think about transforming transformative cybersecurity you should go find them but uh Ali thank you for being a guest absolutely thank you Red Biden it was a great conversation I enjoyed and then and I look forward uh to seeing you at Black hat uh in August yes I look forward to that too and for my audience thanks for listening and stay tuned in the next couple of weeks for the next edition of the Cybersecurity Bridge podcast