How to Develop & Manage a Nation State CNO with Integrated Intelligence Operations

body if you ain't negate you're late let's roll it's broken other button I'm hitting the green button oh there we go see somebody put me in charge that was dangerous all right so a bit about my background heavy DOD heavy counter Intel m-i-f-i-c-i ports of the US government for God 18 years I feel old um I've worked with almost every intelligence agency that exists in the U.S most that you know of someone that you don't know exists a lot of fun there um I've worked a lot with Intel campaigns FBI or afosi I helped build the March Center so that's where all the intelligence agencies aggregate their data for depending on um to help Tear Down the Sky uh Sky 7

for uh the NSA build up Fort Meade for the new headquarters location I worked all across nuclear systems I was a security lead for Savannah Riverside nuclear that's where the nuclear bombs are manufactured for the U.S government as well as most most of our European partners I've seen as a lot of feedback I can hear me it's weird um I've done a lot of campaigns outside of work had a lot of fun doing that with um doing Nation state-based attacks against foreign assets um I've successfully smoked the Chinese the Russians and the North Koreans so far the Iranians are on my next list that's going to be fun um they've made some interesting decisions lately so response incoming

and inbound so we're talking about CNO CNO CNE they're used interchangeably I don't agree with it because one says exploitation one says operations realistically they're the same thing and they all have three things in common that are very very important what is your purpose what is your implementation and what is your capability it doesn't matter if you have the best hacking tools in existence and the most badass infrastructure ever if you have no purpose you are lost you will never be able to get anywhere or do anything just like with any of the other characteristics if you have the greatest Mission since sliced bread and your Betty White is your boss that's awesome and you have the best exploits ever if

your infrastructure can't handle the throughput and you can only pop one box a day it doesn't matter you're dead in the water so how do you declare purpose you have to know what you're there for whether it's for military purposes for kinetic or non-kinetic reasons why am I here what am I doing am I spying on people am I creating a long-term presence a short-term presence am I looking for a particular individual or asset what am I hunting for or am I here to put Warheads on foreheads and I'm looking for somebody for a very simple itk model identify Target divide by zero so coming into weapon systems you have to understand what your system is because

you have to know what you're building what are you building it for what are you targeting systems that are built for something like a land-based material is not the same as something built for something on the water you're going to have a very bad time if you build a system to Target airplanes and you try to use it against ships so there's a classification model that I came up with that I've been teaching I find it highly effective cyber Land Air space and sea the class system just like with characters everyone's good at something and they suck at everything else now when you're looking at the classification of a tool that gets you into a very different model now you're

having to actually assess your tool what can it do how well can it do it what is it built for what stage is it at where are we headed so you've got concept code defunct code you've got nuisance code malicious code and malicious destructive non-lethal malicious destructive lethal and then you've got a series of class classifications of systems that are tiered on the subsystem level before them so you've got systems with multiple fives and systems of multiple six with large scale capabilities for collaboration and Integrations so this is when you're talking about weapon systems that can talk from my government to your government and we're collectively targeting the annihilation of a foreign entity or institution or

maybe even country and so we're talking about the full-scale annihilation because we may have a weapon system that's capable of targeting all of your Waste Management systems but we also want to knock out your ability to provide water and so the UK may have a weapon system designed for wiping out the water systems but they don't have exploits for anything else we combine those through collaborative efforts collaborative coordinated attacks and boom no more Moscow so when you start looking at things like these levels of systems you start integrating these you're going to start to find certain things certain characteristics developments of certain tools for profiling will have certain characteristics certain capabilities certain capacities certain methodologies

you can start to use those to do everything from profile to code to profiling to developer and so we'll skip over these because they're relatively basic and we'll talk about those later but realistically the effort that you want to capture from that is that each one of them up to level six and seven you're going to relatively see either within your standard commercial space or you're going to see within a very limited space of professional operators typically up to three and four and maybe even some cases five so you start to see more dangerous tools that can be extremely dangerous if leveraged with the right people I and I liken it to you know Anakin with the lightsaber you give

a rookie a lightsaber you have a really cool lighter you give Anakin a lightsaber you've got the world's greatest abortion clinic so run it with you may so when you start talking about implementations you start talking about constructs start talking about constructs you have to understand what you have in play what is the design what is the data what is the outcome that you want how are you developing it how are you building it how are you managing that team you have a team you're building something incredibly elaborate either that or you're working with someone psychotic like me that's done a crazy career and has worked on everything so you want to understand what you're looking at you have to

understand how you're looking at it Network systems data in that order because it doesn't matter if you have the best systems and the best data if it can't communicate it fails so you have to have the best systems because the systems can't aggregate that data properly store that data properly and structure that data properly you're not going to be able to access your data effectively that's why the order exists you have internal data you have external data and then you have the data structure itself this point here extremely important for your data you have to manage your data and manage it well if you don't structure your data you're in for a [ __ ] ship because you're

going to pull your data and you've got gobbledygook and you're going to get back unknown or unexpected or undiscernable data results and then you're going to have to modify all the stages thereafter just to deal with the mistake you made the stage before architect it well then it will be structured well therefore it can be analyzed well and stored well within libraries so that it may be indexed and mapped effectively so that you can then tie it into the next core component which is development now that I have my infrastructure now that I have my Enterprise my networks are in place my systems are in place my data is designed well it is well structured It

is Well stored It is Well understood and it is well mapped so then I can build custom systems to interface with that starting with the back end your back end will interface with your data structure which runs off the back plane of your design and then with that then you can build your UI most people say well we want to build the user experience first no most users are idiots what you want is a UI that will give them a structure to look at and inside of that structure you can place a nav bar a sidebar a foot bar you can put data fields a b c and d and then the user can test that and then you can

get into tdd and user feedback based development through ux because then you have something that works and then they can easily say well the data structure is great I love the way that it's mapped out I like the current systems but the UI component for this space I don't like put that over here okay cool shift that down here that's a modification for CSS JavaScript SAS not a big deal minor changes rapid development rapid deployment speed of operations CNO is about speed of operations if I have to spend 15 days on the damn Network looking for things to deal with a small issue for a minor UI component it's going to take me forever to get you the tool that you want versus

giving you something and getting immediate direct feedback and driving that immediately forward so we're not going to spend too much time on those but we will spend a lot of time on this those were design questions we just covered this is how you want to start to map out something this is known as the level one DFD data flow diagram this is how things will communicate with one another documentation is typically the most ignored and abused thing in an Enterprise oftentimes neglected to catastrophic results you need to understand what you're touching when you start talking cyber weapons and CNL operations you're not playing with something like a Red Canary anymore you're not playing with a toy you're

playing with something capable of wiping out a country you need to understand what you're putting your hands on and what you're putting your hands around so understanding that with dfds they go from level one to level four and each DFD diagram has a particular purpose this one is level one it shows you how everything connects at a very top level basis it goes from the framework to the postgres system to the async process to a predefined function typically through a micro service to a back-end systems call that it can communicate to the back end systems of various other containers to communicate with other tool systems that can interface pull data back in and inject that into other processes so that you

could do something like an adversarial query from your UI to trigger an API request to launch an attack but you can do that as a collaborative effort as a team of individuals you can also do our bake bath our back based implementations so it's we'll say this cool dude up here has the ability to say you know what I'm going to allow that call but then she says well I'm in compliance and I don't think you should nuke the UK because Turtles well he has the gun but she's got the ammo if you can't Lock and Load you've got a good control system you always want a separation of Duties unless you just absolutely trust the

people you're operating with or you're operating in a private sector environment and you're a very small team there for very good reasons now when you're looking at the external Wan infrastructure you start to look at how do you flow the traffic itself this is where the network component comes in most mistakes are made here where they'll have the forward proxy that routes to internal traffic that routes to the Enterprise infrastructure they fail to implement this stage here it's a critical stage and reasoning why is well what if I don't want a sister agency to have direct access to my forward proxy information what if I don't want them to know how I'm being accessed for my CNO CNE

operations what if I have a vendor partner and I don't want them to know what if I have my data feeding back from all of my C2 systems if I have an edge proxy versus my forward proxy direct I can send it to my Edge proxy and at any time I believe it's compromised I just cut it off nothing gets compromised I just cut it off and I still have my forward proxy which I can change at any time which protects my reverse proxy and everything else that way I can avoid a full system's compromise and all kinds of other cascading failures because of that then we get into the UI how do we make her pretty well you can't

just slap lipstick on her uis don't work that way you've got core functionality core functionality is based on your purpose what does it do what is it supposed to do what is it supposed to do well then based on that you will immediately know should I make it a web application or on a standard mobile application should I make it for Android or iOS well I don't know who do I trust more I definitely wouldn't say these people because they actively monitor your device you want to see an O operation on a mobile device iOS you watch your damn mind you're gonna do anything put on an Android personally I'd say Blackberry but nobody uses that

then on the website you're almost always going to be Services based can anybody tell me why no takers Cabots It's gotta be somebody take a guess why would you always run Services only Services based wow you want to run Services based specifically because of the fact that when you're looking at large-scale operations you need large scale throughput you can have large-scale throughput of services on monolithic applications however if all your services are on one monolithic application you're going to experience a failure what happens if they compromise that one service they've compromised everything the entire thing is popped if they pop one internal service you could chop off that arm everything else is still contained you can have various services

I can run a service that's external to my proxy I can have that as a data access service to where I have a sister agency who I do want to share data with I can run that service as an aggregate service of all of my data operations but not give them access to any of my ttps or even my internal Enterprise I can share data without sharing technology very important then you can get into the services question do we want to run monolithic or micro and that comes through throughput and that's based on purpose if I build a tool That's Heavy for Recon well what am I reconing am I reconing a very small group

of extremely radical individuals well then I don't need a huge system I'm not going to need a Kafka level scalable operation I could do that just fine with some postgres databases but what if I want to monitor multiple groups of unknown sizes we start talking in intelligence agencies microservices is a good way to go now micro Services could mean a lot of things that could mean running literally Services code that could just be a python function floating in Oblivion on what they say is a serverless environment which is a Linux box that's been stripped now it's never such thing as a purely serverless environment you could have a micro service which is a container that runs a very particular

flask application that does a very particular thing you could have that running a full-in a full on API back-end or that API service communicates to another application or another service or web services or portals period you can have an entire different UI that interacts with the data completely differently you can segregate the data on not only the user permissions level but the actual data model itself you can take the data and carve that data up and say based on this data point for this data model I want that model for these fields available to these operators but not the other data fields to the other operators you're segregating your data itself and not just the access it's not just oh well

I'm admin I have access to everything no you're an admin the only thing you can see is infrastructure now when we get past the campaigns we start talking about the Intel everything about CNO and CNE is driven by Intel that gets down to what is hacking versus what is intelligence because operations and operationally they are not the same they do not function the same the skill sets are not the same if you've ever met somebody in a hacking conference which is 100 of the population somebody that's a red team operator is not on par with somebody who does social engineering professionally they have a very different tool set tool Suite he's like I do there's a handful of people that are

incredibly good Joe gray is one of them he scares the [ __ ] out of me and he's an awesome dude but there are very few and far between that I've met that have the skill sets to cross both lanes and when they do they're typically monsters now when you're looking at Intel you have to be able to segregate that Intel because Intel is not created equal open source data feeds are not the same as having direct access to Department of Labor in the DMV but then you've also got other systems where we're looking at things for data when you're looking at the data and the data structure itself you're looking at data versus data flow

because it's one thing if I can make a database call it's another thing if I'm receiving real-time data from another agency another institution an RSS feed something on an XML format that's being fed to me or through a Json through a rest API or some other API portal call like Fast API when I'm receiving data feeds in real time I have to respond to those differently because breakage is very real your network can go down for a second and that one second is measured in milliseconds to computer system is measured in nanoseconds to a CPU and so that one could be megabytes of data megabytes of data just gone megabytes doesn't sound like a lot Until

you realize that text-based data streams are in the bytes level you could have lost an entire operational capacity an entire new OU that you completely missed one blip that's it and so you have to respond differently that's when you start to design differently very important that's when you start to look at how do I cache my incoming data how did I certify that my data feed coming in is accurate am I replicating across data structures from point A to point B does their database match my database how do we sync up databases without giving you access to all the database how do I do a partial table comparison how do I compare just my one table to your one table without

comparing the entire database that's when you start to get into the really intricate levels of data management and data operations which becomes very important very quickly now when you start looking at intelligence you have to understand the types of intelligence because some intelligence is very passive it doesn't require a response some intelligence is hyper active which means if you don't make a split second decision somebody will die they are going to die when you start talking about that in type intelligence you're looking at counterintelligence Military Intelligence typically most Austin data doesn't carry that cost burden so you have to have a weighted approach to your intelligence analysis what do you give priority how do you give priority

well that's based on purpose if your purpose is counterintelligence you may have to make the Split Second decision of let an asset die that's a hard call to make can you imagine that sitting in a command Operation Center of some kind sitting somewhere halfway across God's green earth no you can flip a switch in a second and turn somebody into space dust but in doing so you compromise a mission so you have to let a known asset die so that you can maintain access and persistence these are some of the hard challenges that you have to make that you have to address that you have to overcome when you're operating at these capacities you're not playing games

anymore now you're dealing in human lives now the multiple types of business intelligence well that crosses an interesting threshold because we are at a time space of going kinetic and we are going to rock the boat some people have already been approved for hacking back some countries some organizations some states are still considering it but very quickly this type of intelligence is going to be applying these types of intelligence to then be able to respond to other forms of intelligence at least from in the U.S perspective some other countries are considering it some other countries are not it really depends on what you're doing where you're at what is the business prerogative what is the

business assessment what is the risk tolerance and more importantly what is the cost if you're looking to accept the liability for instance of erasing a human life if your company takes an average of a three to eight percent hit to its stock market price and you're worth 400 billion dollars cost of a human life is going to be between somewhere between 2 and 10 million shake that tree all day but then what's the legal ramifications well it depends what country are they in do you think the U.S is ever going to honor a Russian murder extradition order these are questions we have to ask they're ethical questions they're legal questions moral questions they're hard questions to answer we

don't know it depends on the institutions these are some of the examples some of these things look like trending data pieces for business we could be seeing Google hacks of 15 year old in England five years from now 10 years from now landscape is evolving quickly we're seeing certain data sets in cyber is another good one here this one I pulled directly off of one of the companies that I'm actively analyzing this belongs to Wagner or PMC Wagner group and this is one of their recruitment ads which is paying a tanker about thirty two hundred dollars a month if you want to go to war in Ukraine good luck with that Abrams and then these are some hybrids this is

what it looks like when you have an integration of hybrid data this was when the Ukrainian I.T Army hacked the PMC Wagner site when you integrate things like humanet analyzing the users military int an operational capacity to knock out the recruiting capabilities and then encounter intelligence because they are actively analyzing one of their major competitors PMC Wagner who is actively campaigning to recruit staff members to go directly to war in the Ukraine and then they took the bodies of all the dead Russians that they'd killed recently hack their website and put some new graphics on there help with recruiting now when you start talking Intel Intel is very important you have to understand your data you have to master your data

you need to understand what is its value I created a model for that you've got four very big components my personal favorites Fidelity how much do you trust the data it doesn't matter where it came from if you don't trust it you've got to have integrity which means it's always going to be on point even if it's information you don't want to hear nobody wants to hear about layoffs but if you tell people about layoffs 100 of the time when you say there's either going to be layoffs they're not going to be layoffs you're far more likely to trust the source especially if they've always told you the truth that's why Google is facing a crisis currently

quality if the data isn't structured well if the information isn't structured well if it leaves out key details key components the data is low quality which means it's not viable it's not trustworthy because it's not viable not because you don't trust the source you can't act on data that's incomplete at least not to a good event not to a good outcome and then age if I tell you there was a warship in the Cayman Islands in 1942 fantastic no one gives a [ __ ] if I tell you there's six Russian carriers outside right now well holy [ __ ] let's go take some pictures like that's that's age hell yeah let's go see maybe with those smokes

now data structure versus data modeling they are not the same this is a mistake that a lot of people make and it personally frustrates the [ __ ] out of me as somebody who has to clean up the mess and the reason why I say that is when you come up behind somebody who has structured the data versus someone who has modeled the data the data is modeled if it is modeled incorrectly it doesn't matter if my data systems are built well because your data is not formed properly if I use an elastic system something that everybody in here is probably relatively familiar with or Oracle or postgres a database and I have data tables and you're injecting user data

into my cars table it's going to be really interesting when I pull up Mr Toyota because his last name is Prius that's going to be a fun time now when you start looking at these things and you start analyzing the data a data structure you start looking at data keys and key value pairs you start to assess these things and you're looking at them from a perspective of what kind of data fields all right well now we're getting into the data structure itself structure model this is how I have modeled it my site key value pair Fidelity score Integrity score quality score age score who did it come from country of origin user base Target system acquisition period what is

the target value you can use a Target value sector inside of your scoring model just for analyzing where you want to put military assets and you can search that by an M or a B can I do millions of dollars in damage or billions of dollars in damage because if I can crash one Reaper drone into one of your battleships and sync it I'm going to spend about four hundred thousand dollars to wipe out something that costs about four billion dollars I will spend that dollar redo every day because that is some serious collateral damage now when you start looking at event sourcings you're starting to look at the separation here you've got artifact Source you've got Event Source

you've got artifact event you can have any number of columns you can have any number of indexes you can have any number of data structures for those including tdma based you can have them in CDMA based because you can segregate them by the cell phones that you're hacking and each one can have a significant identifier such as a uuid or an inei number or a phone number and you're aggregating all that data based on the individual indicator and then you can filter for those you can have aggregated structured layers of tier of tiers of data set to where you can aggregate something as simple as to who has the same applications installed on the same phones inside my elastic system

on this side of the country in the past 46 to 92 hours you can get that specific because if they're operating leveraging the same Communications devices and the same communication mediums and they're operating on the same three or four applications and you can't capture all the information for them and identify them as a Warfighter you can identify them based on the applications that they're sharing in common because if they're sharing three and four and five and six applications those applications are doing the same characteristical behaviors they're doing DNS callouts they're doing IP Communications they're leveraging specific protocols all of these things you can track as metrics and you can correlate those inside of a system any kind of system many types of

systems my personal favorite is Apache spark it is a beautiful system for aggregating all of your wonderful data and to one place and querying it now once you have the data these two pieces get screwed up a lot you normalize first you transform second you have to have a format it doesn't matter if it's 100 columns a thousand columns a million columns and they could all be blank except for the ones that you need and then you can transform that into that normalized data structure and aggregate the data quickly and it looks something like this it could come in as Godly [ __ ] peace is completely missing and then you could say well I don't have two and three

or four and five or one and two but I do have one two three four and five collectively and I can aggregate all that data into a data store capture that data aggregate that data after I've normalized the data and then transform that data into one useful user-friendly viable data set where I can track down and Trace down all the way down to any of those data columns to any of the devices to any of the locations at any point in time any period of time with any application at any given point I can hunt you down and put Warheads to foreheads now data is not created equal it's weighted how do you weight it well we've already

had a pretty good conversation about that what is the purpose the objective how is it relevant what is this waiting score that aggregate number allows you to say well if I've got three different phone calls four different phone calls 5 000 different phone calls like in natural disasters for instance I've Got 5 000 different phone calls about people being hurt well how did I weight that score well which ones were oh I've got a cut to half my arm is missing well what are they gonna be the goals of are we looking for Disaster Recovery preservation of life are we looking at a mixture are we looking at causing the missing arms if we've got fifteen thousand phone

calls and fifteen thousand tips and there's a person that we're looking for well how do we weight that well who did it come from Fidelity score if it came from you know New York Police Department I'm far more likely to trust that versus Granny Smith nothing there's anything wrong with Granny but we need to wait that somehow because we're more likely to capture somebody if we do now this is a waiting score model that I use you can create up anyone that you want it works well for me higher the score more likely it is to be accurate lower the score more likely you are to be turned into space dust now that's how a data flow diagram can

look in any average environment it works very well data sources data byproducts data direct into your Storage storage into processing processing into dedupe you want to de-duplicate the data get rid of it because data is expensive to store it also impacts performance except reject kick into the next pipelines whatever those pipelines are now we're talking about capabilities of personnel we're getting into the personnel infrastructure technology what can it do how can it do it how fast can it push the data if you can't push data well you're screwed especially in real-time operations you have to be able to move and move fast Personnel they have to have skill sets you have to understand your team this is

the most important thing from the talk if you take nothing else go back to your workspace build a skill matrices find out what everybody is what everybody does and most importantly what everybody enjoys doing and what they're good at you'd be amazed to find out the skill sets that you're completely overlooking because you've never built a skill matrices you don't know what you're capable of if you don't know what you're capable of because you never asked that's the number one mistake I found in most teams now vendor capabilities and capacities you're married to the vendor that comes with its own problems your data structure data modeling did ETL you have to be able to move data and then

capabilities comes your technology if you can't push capabilities you can buy them and I promise you you can buy them there's a list now you have to understand your personnel and what level they're at they're not just oh I do python code it's oh well I've written one python script one time 10 years ago versus I'm a core contributor to the Django and python project specifically for backend systems with uis with my Django Geo project I actively contribute it could be argued I'm in the four to five area people who have only ever written one python script ever probably in the tier one now it answers questions how analysts they're juniors they're rookies they can't do much they can click a button so

the monkey is in the sock they hit the button They smash the button they make the thing go bling now Engineers this is where most people live once you've hit senior engineer level you can do most engineering things you can do most things manage most systems operate most capabilities on a localized basis with minimal interaction minimal assistance minimal capabilities minimal vendors you can do the what you can't do the where you don't know why it's there you just know that you run the blue coat you know that it moves the traffic you don't know why you put the blue coat there to modify the behavior of the applications that are five Stacks down because you

just run the blue coat you don't ask questions most people never see tier three truly because they don't understand the where they manage a lot of people at architect level you have to understand a lot of things about the environment and ecosystem most people never reach that now developer you're starting to answer the why question at a more intimate level you know not only where it's at and why it's there but you understand the why it was made why it was put in there why do we rate limit inside of the proxy why did we choose this dll Library versus that dll Library but then you get to the expert level and you can say we did it in this way

specifically because of these performance metrics we didn't just say we're going to go with that dll versus this dll it's when you plug this bad boy into an arm 64 processor with 28 cores 128 gigs of RAM 15 nvme drives running in a RAID 0 across a parallel processing system across a postgres XL database for distributed Data Systems you're going to see a 0.67215 metric Improvement per transaction speed of 4K or less on a 26 to 128 megabyte transaction you're going to see a 1.7 millisecond Improvement those are the levels of details that they can give you and why the in what way very important now last but not least you have to have the skills to pay

the bills networking systems automations you have to have these if you can't do them you are up [ __ ] creek without a paddle there are holes in the boat and the Bears on the coastline and it is dinner time you are done though you will not make it probability of success is negative but nice to haves you've built custom tools you've got red teaming experience penetration testing and operator they are not the same separate the mindset they do not behave the same they do not test the same they do not play the same and I definitely don't play by the scene architecting experience especially for socks Intel operations and Enterprises if you have played with systems you

understand why they work where they work that helps you to do this you can build tools because you understand what to Target how to Target it and what way to Target it what makes it functional what makes it good and what makes it bad because you can beat up the bad all day now the highly desired skill sets are going to make you the three four five hundred thousand dollars are these C C plus plus assembly especially with Intel based processors AMD is Shifting in because they're now a better price point especially for cloud malware development of any kind especially anything that's polymorphic multipartate especially if you can combine the two obfuscation services for detection

avoidance huge huge money right there you can do Advanced apt training for companies and organizations like Forge and other institutions like that with the NSA and other foreign assets like 8200 74455 if you can take that one raise your hand and then you can do things like exploit development this is where a lot of exploit developers specialize I personally don't agree with that mindset but some people do mobile is a hot Market especially for nation state iOS is huge in the states Android is God mode on a global level because there are far more Androids than Apples I'm just saying are your base are belong to me desktop has gone the way of the Wayward side

it's coming back because people are moving towards leveraging computers the size of phones and a lot of desktop applications are making their way over to phones because they now have the computational capacities to handle it application pin testing that's a hit or miss it depends on what you're targeting something's big something small browsers are huge and then last but not least for nation states if they want to cause large-scale destruction ICS scada systems power generation Waste Management water purification water processing anything that does Logistics and transport all those things are huge now build versus Buy do you build it do you buy it it depends what do you want to do um that's a pretty easy question it's

got the pros and it's cons and then you've got your vendors who to shop with you can get pretty much anything you want from these guys for a price any questions

where do you hide oh I'm sorry sir people have tried that we found them in the middle of the desert with a million dollars in cash and a whole 20 plus feet down you can't hide that's not an option

what we got come on people got questions how do you build it how do you hack an iPhone can someone break into this Facebook account come on there's something [Laughter] how do you hack an iPhone you typically Target one of the services running on it anything that can be routed through any of the core Services of the provider are typically a good Target browser um SMS Services email authentication a lot of the iCloud services are targetable um you're gonna have more visibility for development on Android than you are on iOS because they obviously get a lot of things for the protection of the operating system but you can also get Services allow you to replicate an iOS

device that bypasses those protections from certain vendors which null and voids that protection but you've got to have some serious cash to buy that um what's up sorry um you mentioned uh using using skilled Matrix matrices for teams yes now my question is have you ever had or been in a circumstance where that process might have maybe opened a can of worms or backfired in some negative oh yeah people lie all the time people not only line consider a like a case where uh you know someone's role is this but they're very good at XYZ and you say what do you want to do this oh that's fantastic transform over yeah don't waste human capital your people

are your best you're in the greatest asset if they've got skill sets and they're in a specific role I love these these are my favorite where I'll get a staff member like we'll say her because she smiles a lot and she's like I want to learn fibers and she's like an analyst or something over in like billing well fantastic I know that this guy's got all the slice bread on that skill set what I'll do is I'll take her pair her up with him and Bam I've got a partnered pairing program for mental Protege and I'll take her skill sets and level them up to his because he may have an interest in management he may want his

job and we say okay well he's going to retire in five minutes because he looks exhausted and then he's going to take his job and she's already ready to go I don't have to hire out and pay a staffing agency 38 I actually just saved a shitload of money by doing it and that's the easiest cost justification since free money so you just try to balance out the pen yeah absolutely train them up you always want to train up the worst mistake you could ever make not just in CNO and CNN and I wish people would really take this seriously for a moment just level with me if you don't train your people you will

train your people anyways what you'll train them in is you'll train them to leave and that will be the most expensive mistake you'll make because all the money you've poured into them all the way up to that point 86 a year two years three years five years gone if you don't invest in your people somebody else will so you can pay the bill now or you can pay the bill later but you will pay period there is no escaping that that is the reality of our industry especially with the current situation current climate current hyper availability of rolls hyper roll compression all these characteristics have stacked up to the ultimate disaster in terms of Staffing

you are facing an apocalypse if you don't train your people you will be annihilated as a team and I've seen it happen time and time and time again where people have lost five six seven eight members 50 60 70 80 percent of their teams because they refuse to invest in them and trains something as as cost effective as udemy which I personally use is a phenomenal training Source you're talking ten dollars thirty dollars sometimes sometimes a hundred dollars for incredible content 140 150 200 hours of training content with study guides practice guides sample code you can't beat it so make the minor adjustment now or make a major adjustment later what you got oh was that too serial did I hit a nerve

my bad [Laughter] Management's like oh [ __ ] I don't like this guy anymore no other questions oh you gotta hand up you're raising a hand just speak up oh we got a mic oh okay we're we're playing past the mic uh really what a weird question um pretty abstract but could you see it came out in any way should perform a situation where we might become a Target oh absolutely you have some of the biggest banks in the world here they have a small footprint but they have a huge presence if you understand what I'm saying pretty much that yeah very big Target and then that's that's actively one of the reasons why I came here is it's in

the cayman's best interest to build a very big stick because if you have a very big scary stick people will be a lot less likely to play [ __ ] around and find out I'll [ __ ] around and find out oh absolutely hang on so you've got zero and the more you [ __ ] around the more you find out that's relative to capability and it Peaks after you start putting Warheads on foreheads it kind of levels out like you can't do anything more kinetic than deleting somebody's house now whether you actually hit the house while they're in it is completely irrelevant and all you do is send a little love note be like

seized by the Cayman government sends a very clear message you hit our bank that's that's you subtly saying we know you hit our bank we know it was you we used human intelligence cross-collaborated with foreign governments confirmed that it was you and then we turned your house into space dust do you think that person's very likely to hit another bank here again you hit enough people and their houses or the cars or maybe you just send them one of those uh they got that mail order service where it's a big box of [ __ ] it's just like the worst smell ever you just send them one of those because that says we know where you're at we know

you're there we know it was you so here's a little love note about all your [ __ ] you can have your [ __ ] back that will put the fear of God in somebody and I guarantee you that will change a lot of little singing canaries and they'll sing a very different tune they might become white hats a lot faster than they expected I'm just saying does that help with the [ __ ] around and find out try it

organizers ask that we clear the room after this so um thank you very much I think you gave us a lot to think about in a very interesting