Microsoft

foreign

[Music]

end up there's still enough into our emergency which I want to show you guys so I don't call the new version we just rub about the uh 3.0 uh it doesn't actually runs now in a different platform and also the Json Json attack so you can use a different format type attacking where you're running new coach and and at the moment how to detect all of the you know the way it's running I'll show you guys basically how how we detected time permits if not just giving it above and I'll show you guys um are we are we running okay so from there let's quickly connect to my reminder

[Music] this is probably the best thing that you can get here that's the first thing you always use in my bag you need to have my cell phone and you need to be in proximity of close to me to get those certificate you know number of verification

[Music] okay so this is Advanced thread protection what I was talking about basically so in Europe if I go to a device in my environment it will see you basically it looks like a water it's supposed to be Warzone because we did something okay um so in a moment we're testing a little uh put a lot of limit coming at the moment and we're doing testing so how to detect all these stuff and stuff but one of them was Jericho okay so I just want to check which one like that so zero cool looking process machine um let me run along the reason when it was here that you got some members from what movie it was Packers yes

okay so it's running back one of them we actually run a hacking device on I'm actually going to show you guys how it detects that the bicycle television device there we go so when you plug it in our system it will instantly tell you that I can divide is running and it's not making a keyboard device or it's meant anything so you can try and run any of the half powerful monsters in our environment you plug it in it will go into the screen it's going to kill it and it's going to say it cannot be run now for you as I get administrator for instance you need to run to that machine up and

because it's a physical device right so physical somebody on a network somewhere in the company it is this so a lot of our competitors sometimes you can't see that because I go on top of windows so that I have API travel we don't have that it's both in operating system so there's a big difference between How We Do detection and behavior detection versus our comparedness and that's probably the only marketing I can tell okay what I know about it but a cool thing is what we've also do is how do we test that whatever you run your organization is action active right are you on the GPO policy or something like that how do you actually know that

um how do you know that you can run it without actually um running a hacking device or you can also really with a company called great Connecticut so I'm a spokesperson of foreign [Music]

GitHub

now the curriculum is broken into two organizations one is that they do at one street hunting housework and I actually thought um there's well you can say it's an attacking place to go but there's a difference dude I mean when I go down to inside so what they did is they've they've run something that you wanted to know about this is your Bible what do you know that is the show

okay

so if you want to run the test you can actually choose what you got from the next Mac or Windows if you click on Windows you will see all these states around it there's this that you can run so the t12118 for instance that is currently you might attack framework that will be there so you can basically run all of these tests in your window in your windows environment now there's something that let's see if you run it there's a code that's running and this is where our great team comes in the microsoft.com okay one of them is not security so when that code is running globally Microsoft don't know that that's a hacker not a hack so it never Act

if you are part of our licensing system okay if you want it here it's Central code up that code goes back into system that says okay it's what I have don't worry about it it's a text so that they just making sure that they don't um they don't act on app let's see if they can actually run out here I lost a lot of um are familiar with the lasagna project

um let's see if the football line over here

there's a whole there's a whole uh there's supposed to be how you run this make sure everything is turned off okay when you when you run Red Canary you can reset for your machine to run you need to run files you have to say exclude directories okay you have to run prerequisites before you run everything up otherwise the fender is going to scream nothing was going to work okay so you have to tell me everything of everything running then turn everything back on again okay certain things is just going to scream doesn't matter if you turn it on or not but it can happen in any variation there's over six thousand okay it's going to screen okay because it has a

bit of a code of that in it okay so let's see if this is the one that oh yeah so let's see if we can look

how much time do I play 30 minutes

and that is the actionable foreign

[Music]

[Music]

[Music] it's going to take everything and then but it's just too much to actually go through all the work you're going to get what has happened so you want to run them one give them a day see how it looks in the sock run the next one and the next one and the next one and so you go make sure you've got a clear view of what you what you want to test because like I said you can either test you can either taste it to see it on functionality it's only for other things you can see even action breaks into my system and then you also want to see cbes and stuff like that so while let's

assuming on the back end of our system we actually want to see detections so if you go to our looks so much different ones the probability that your that's your recommendations are people yeah so you want to see in your environment what is all the updates that you need to do in your moment so you've got to replace for instance first of all materials going back you will see virtualbox Firefox so that point system under that's the most weaknesses in my environment if I actually Pickering it that's going to tell me what is the device exposed installed and what is the associated cves for the uh for that the most when it's running okay so you

really want to go deeper in to make sure whatever you're running because when you run the testing you can run it against it you just got you don't check what it is it's going to tell you what it what is the actual effect that it's got foreign

if you're not a bad option what is your licensing fee for your yeah you also apply something as a hacker what does that feed for you give it about three people what do you think what is how much how much will it cost to be a hacker right here excuse me normal like that kind of cloud fishing Suites that they do to be like five minutes about 500 a month and that's only just literally okay someone else ten thousand you know because they need to run all those machines at the same time 35 to 120 grams yeah that's one that's what I need to do a lot of so what do I do love hanging

fruits like ransomware and stuff get cashing pay for my license for next year um if you actually go via my Professional Services but um because educational purposes right um

but I really wanted to um it's a super hacking program um

that's what I said I like that type of thinking I'm curious right now that I could find out that on my answers let's see if there's some governments that program's about three thousand dollars a month you're right however it's it's extremely effective okay the codes of these guys will run are not generated every little code you want is newly generated it runs in the back end it's super super clear on how it does it and it bypasses a lot of security stuff if you're logging them online if you're not running the right stuff in your environment I could almost guarantee you it's gonna fast okay um

okay so um so I'm running to make sure that you don't run it okay so it's different there um so yeah we run all of those type of steps okay from a regularly perspective on that energy if this will work out uh you can run a lot of testing and making sure you're acting environment at home with your own machines on your own stuff don't run this in a company because it won't open up games okay uh there we go

okay so I run I run a video subscribed okay so the program I was wanting to run those couplings

you can go play with it it's very cool so lasagna project will for instance go and this is a talk we had a few weeks ago um it will grab anything in your browser and it will actually all the passwords that that's cached okay from not age

what's the difference

credential manager you will see all of these on the time there is no I don't know what you call it there's no LinkedIn or anything up here you still know that you can get the LinkedIn password you know you know that if you logged it okay I'm going to change my LinkedIn password okay so I want to show you actually if you go in over here and you just go is I'm not going to throw my name so let's try let's try something something oh yeah okay let's do this something I'm a musician so let's go to a place where maybe you guys don't conversation software um

show you a quick a quick and easy trick that you can grab basically any password or get interested in about just particular secret injection let's see if the dog's name

for just you can do LinkedIn we won't tell them

because in your credential manager you've got two keys that's such a good credentials and this is the energy credential that you will connect with which is the artist application and you can't actually get the password see you can't pick the password but if you go to your windows credentials it's a show but click show it's going to do an artist's technician and then let's turn it down unless I force it to do it in the face so if you are a web programmer or anything like that I since I will say also to do and I think you can do that because it won't inject it in here that key will be injected to the DPM

processor or you can deliver a class of VPN you're going to get that right into the deep end processor and because it's in the deep end nobody has ever had to keep you in you guys know how long tickling has been available since nobody really utilize it we import the Ukrainian version of it and we have a division uh 1.48 so uh anything that doesn't it you can process a basically a fraction if it goes into the cloud as well so you need to have the different process that you need to have to talk to you to get your key [Music] um

so we want to see that password so if you go into any system so your I want to suggest that your mom drops away from a machine unless you're coming basically what you can do is you can actually just go to the system in the browser go down to the key [Music] and [Music] so okay what's up in the browser you look very confused everything is Cash especially when you're in this browser that I'm using over here okay so the lasagna project was specifically designed for them so once you're on the lasagna project it will go and get every little thing out of your browser and I will give it to you now if you want to go and check if

you've been hired okay this is a pretty cool place to go um you can go to a place called um I need to make sure because otherwise it's Microsoft scissors and my close my machine

but sometimes if you run it in a description machine and then I need to send a little email address

so if you're actually going to do that and you type in um is it you can actually run the Wi-Fi hack the decryption of TeamViewer whatever you want to run you can run this in an environment that's actually checked if you're just if a Defender is going to pick it up or your security platform the community is going to detect it and stop it from the execution okay so the thing is one should run all of these things you can go back to recover to back to your company or really work or whatever you do it's hey you've done these steps we um we are protected against us but be very clear of what you want to test and

how you want this okay so um there's over 200 tests that you can run over here once it is once it says contributing a text like this is not being bold yet you could say anticipate credentials and contributing tests so what what what uh regularly does as I open it up to the public so anybody wants coaches and then they review it to check it out they taste it and making sure it's not doing something that should not do because believe I don't mark okay I can say this so there's a company the renders let the machines open and just let it run on the servers and stuff like that hackers hacked assistant and oh we have

we have the machines running and our company because they knew it's they're going to test right so because it was running on the system and I knew it was going to test I thought it was the security guards just doing this organization and then rather information be careful further others so what are we doing is if we do if we run into the virtual machine we kill the virtual machine and it becomes concern as well the virtual machine because if you're an active virtual machine and you want to run it on another machine what it's going to ask for Ms magnet it's going to ask for the deep clean process of you because once you enable

the typical processor key it injects that now I don't know if you guys know this but I only happened to beat us none of the competitors there okay I said what you do is you right click on it go to settings and other security enable trusted platform module okay now let's inject it into the key and into this machine if any hacker or any company or when somebody leaves the organization fences and they X foreign

the system that's another way of doing it I found this is much more effective to do it because it's not bind to this machine here comes the problem if you run it on servers making sure that your server have a TPM processor okay in the new servers have have been so difficult if it's on premise if it's in the cloud and you write anything in Azure make sure from Azure security you turn on at the average security okay you just have to say NFL and Azure security it will not expect the panel because it's a global account password you do it okay so assuming the enabler is we're just going to say sorry I don't

care who you are broadcast make sure that is if you run Global accountant anybody has access so what hackers do now is is that by doing testing we just put RDP Happening Here um can I do okay that's okay yes okay um this is very effective okay so if you if you if you run this um this way of the uh

um did you want to run it there's a certain One You're Gonna Miss This video but there's there's a certain one that you want to learn which is called um

which is called it's it's

exactly

actually there is only one confusion because it's not until half three days until uh so it's finished yeah

okay so uh give me the booth if you want to check more stuff up because the the RDP happening that we live here is really effective if you don't do injection into your um like I said you actually put it again you can actually use it but it does is it jumps in it it makes you to think that the certifications if there's a command the the remote use the wrong thing anything goes well I get it in clear protection not good forces and you can utilize and use everything but the gentleman is up here um yeah

thank you [Applause] um [Music]

thank you

we're already I sure will be awesome this is an easy room right now I know one of them already he's my boss you're out of here okay

yeah it couldn't it couldn't hurt me it's gonna leave it here

are you staying for participation whatever's needed um yeah exactly yeah is it jungle it's a lips right are you running this no no no James come James comes in is tending it he hasn't given us any instructions and we should get you instructions to manage it yourself okay I think it's streaming right now so that's good so you might have to keep the chicken with the shape the most because it goes to sleep you're gonna get locked out okay right okay perfect so he's got it set up so we just come here and move the mouse once in a while yep and so um he will present once he shares his screens they'll show up across here and

you can click on it so that it shows up in the Stream and it'll show up side by side on the street okay right okay cool um it's up to the speaker whether or not he's going to monitor chat right so yes if you could facilitate in this room please I gotta run in like an hour for a call but um yeah no worries absolutely right um

is

I don't I don't know I don't know let's see yeah let's see if we can turn it off and save ourselves oh there we go [Music] perfect [Music]

we set the screen timeouts to never yeah that's beautiful

that dongle stays here that's our secret dongle um foreign

[Music] I'm getting there floating through trying to give you extra pressure though just lean over the back room yeah [Laughter]

we could try um this worked um for the last speaker for some reason does USBC um

[Music]

well there you go excellent all right all right okay [Music]

but what I was going to do is talk to you guys around the dark protection and uh [Music] in 2020 it's uh kind of scary how much uh stuff that businesses

so has everyone knows security breaches uh a big and huge stupid system a really big one from one of my life in Australia massive I suppose people's uh details including mine so they bank accounts credit cards passports driver's license is data breach and it's been quite interesting because it's been in the news for the last month which is uh unheard of for uh Australia to talk about Security in that kind of way so so data is is obviously uh it keeps the council in most organizations so your reputation what you hold on your customers what what patterns all those type of things are key and in your business and how are you guys do a good operate so obviously having

that exposed to the bad guys or having a diet exposes and critical as our brand so with the world has changed a lot around the machine some of us change the way data moves throughout the organization

and uh and obviously if you're still with us so what what uh you need to do in that to put out a picture plant is obviously understand how your data goes to your organization understand what your data is and then start the process of classifying to start an approach yourself data protection is it's a it's a process it's a business it's a business tool this it might run it and manage it and keep the bikes on but it is uh fundamentally driven through your business and reverse applications components so part of a successful diet protection plan is going off the top 50 business units understanding they'll typically say all of our data is important and you'll say well here's a

big fat dollar sign that uh you need to start going in a bit more rationalizing your data kind of flow through organization what data is and then obviously supports the processes and control from the high today is not just about technology it's also around how you manage about how you basically delivered on how you purchase one of the biggest things you can do as an organization is Project data so your data has a life cycle of whatever it may be five years two years depending on audit applies requirements and you should be approaching that data once it's on

exposure of something better does happen and also you don't need companies don't need internet data so there's certain things that they need from a regulatory and police point of view but getting rid of data is just as important particularly so typically how uh so I've done a number of Erp projects over the years and uh when you go to having success with the LPS accessible so data protection plan is you need to Discover it and it's obviously military or classify it protective is normally the last step and that's obviously an enforcement module where where as your data goes in and out by our email or whatever mechanism is supposed to be the discovery phase is normally a scary

thing for a lot of organizations because they don't understand where the data sits or how their data actually flows through the organization that they might understand that it sits on this file sheet but it might be three applications that can directly suck out that data out of that file share and then and then upload it or make reports out of it or it goes into another database so that that's where I spent a lot of my time is helpful organizations understand what the data actually is and then imagery so classifying your data so that it's very linked on a lot of companies uh because it can be time consuming and it can be large but there's a number of

a number of tools and TX out here to make data retrieve classification a lot similar you don't necessarily have to move you don't necessarily have to use technology but that obviously helps and there's a number of Technologies from a lot of questions that will make that easy uh the other the other part of that is once you've so how I normally recommend doing a class period uh project is right in the ground and say as of today all about all of our leadership data is X and all of our new data is why and then you basically put in put in your file shares or you put in new practitioners and that kind of stuff so you start and

stuff fresh and as they access the old data you force them through technology to classify to update it to put mechanisms in place and data protection is not just the lp it's obviously encryption it's rights and management it's a quality temperature it's all of those different Technologies and to have a successful successful program to deal with those type of things too HQ then the last part of it is obviously once you know what your data is detecting so having tools that go off and do an imagery or something back into some kind of DLP tool where you can start to understand and classify

sorry so uh most most data most out of the classification projects and those type of things are coming from a league of compliance some kind of regulatory um is also the other side of that is is brand loss so if you look a lot of these companies that have had data exposures uh it's cost them millions and millions of dollars in for educational damage as well as sometimes civil damages so for example in office in Australia they're actually being forced to pay for people's driver's license and passports so that's unheard of them shows that have happened in poor several years you see uh in the end how much that costs cost of this and that's also cost them a

lot of reputational damage in in saying that is there a number of other isps in Australia which are in the same boat who are madly panicking and rushing around spending a lot of money to try and fix up the whole that was obvious which consists in some of the other isps um and I'm actually lots of intellectual property is key so if your data it's exposed or your competitor is exposed by their situation where it was too much to supermarket companies they were do uh marketing and uh liquid campaigns so one company uh directly had access to what I had the ability to see the other partners or the other customers uh flying campaigns so if they were selling

noodles for three dollars they grew up there at the same time yeah

it's not just protecting your data so that it's uh

project where it was a engineering company they fixed a big caterpillar caterpillar machines and part of what they did was take a little bit of a service book with all of the various components that needed fixing and the rough times and costs of what it would cost to do those Services um here the employees started emailing them directly out to the ambassadors and their customers to come and say well I've got 20 grand and it says so in reality they were being worked awful they were being uh uh over the build it was just with different circumstances when you change the entire minimum of nowhere so what they use their data protection plan was to actually remove they they

let those schemats go out but they remove the equation timing that was related to them so that was uh that was their use case of the lp in the end the customers actually really enjoy that because it was they still got what they needed to see but they weren't exposing how much it costs were and then illegal fights and those companies so it's just a obviously a quick graph on uh basically the cost of data of data exposures and the industry from those companies that have been so the typical data breaches that we're seeing these days are running into millions of dollars of cost to a customer and it doesn't matter if you're a small or a

good customer it basically cost is to say because obviously there's the time and their remediation so if you have to get an entire service to try and help you in that time to think they will be expensive um like most organization uh these days is the lack of resources it's a local schools so having your data protection in place and having some kind of way of management that is key to uh stopping the bad guys

so um obviously data there's various types of data in the organization and how it moves so obviously there's stuff like USB keys and those type of things there's data small where a user's work going it's our spreadsheet we need to safety to their C drive technically they might be allowed to do that but then you've also just created your data exposure of data registry because now it provides a bit more basic designs into places uh and then he uses tidying those things up so you need you need obviously tools and Technology scripts to go off finders that are either in the tools don't even remove that data from where it was located sleep would it works especially okay or

if it is allowed on on a U.S 15 they encrypt it will put the right to the insurance on it so that's only these select users are allowed to edit it open it cut and paste it print it whatever it may be you've got the other side of obviously the rest of that is around um there's threats as well so uh obviously racing where malware all those type of things it's all around uh stealing your dice so depth that actually to actually have a good organizations these days

that we'll be seeing a lot of Christians and then obviously being being forced to buy your data back from uh today guys is always entertainment as well and the number of companies that I have seen do that it's quite scary and whether they're big or small but I've seen a number of police departments which I hate is millions of dollars and that is brought with that as well because you're obviously relying on a is a trust factor that is

infiltration again um I mean obviously Cloud so cloud cloud is is along the way to the journey some some of the hybrid type stuff so understanding that's your your data can live across multiple clouds multiple environments you might have I've seen a number of organizations where HR has quite often bought a tool for a particular for a particular project never tell it heavy metal security it's even security finds out about it one day through Channel I see various other mechanisms in they even have to go off to off the HR and see what is this what is it doing why is that data up there we're in Coals in place so it's the school of data across Cloud implications

and managing that is pretty huge so you need correct and you obviously need that to be able to control that uh as it flows and obviously if you don't find that though it's really key so this is pretty much um how I would do a difficult data classification before a startup data without framework so it's obviously classifying with that so it's working with the organizations the business units understanding how they how they classify the data what they classified the data x a lot of the times they'll just say we don't have questions if you're working with them to come up with classifications then to then tag them back into their data in the next data that is obviously once

you've got classifications is going through the discovery event so this is normally when you're using tools to go off scan progress Cloud applications hard drives

[Music] another key part to this in most organizations so [Music] it's not just having all the tools in place you're not actually training your users in what what data classification what data protection is is a waste of time you have to train them you have you have to get them to understand that this data is important they might pull some data out of a couple of a couple of databases and save it and use it for a for marketing or use it for some kind of some kind of process but in reality they've just created a documents and they've exposing data that was sensitive it's now sitting in it and that C drive for around the USB key so

it's trying to get into things you can also use technology within tools to add zero document forcing them to classify or forcing them to tag it so that it gets them thinking that hey when I'm using this data agency and that's an ongoing process and that and that obviously ties in with fishing campaigns it totally with all that kind of use around emphasis you have to have to trade users and you have to spend the money and then the last part about this is what the secret life of it is the important so a lot of customers will go off and buy all these expensive tools and they're never actually promise it so that's pretty much a waste of time so if

you're going to do a DLC project it enforce it turn it on and make a difference and that is scary and and have some uh basically some unforeseen circumstances and issues when you when you start to enforcing but it's also going to help you understand how your data Africa is in your organization and then obviously you've got the remediation difficult in place when when you do the wrong thing so enforcement can be encryption can be grudson and the basically stopping your music from uploading it to um to Dropbox or one of those other companies or can can be that Albany Council in the city now to Brandon and nhr and obviously that's uh it may be an allowed process but they've

cc'd some other people on that which which then exposes that data where those other users should have seen so it's all around thinking about that data and controlling and then the last part which is uh which is there could be yoga well regarding the investigation part so nearly a investigation team and it's not necessarily the same team that's using and looking after your existing alerts and your existing security tools a lot of the time would be noticing sensitive data which [Music]

so a lot of times I see this giving some helpless that's that's a dumb idea I wouldn't do that because help desks have their place but this is not good and you you you need uh you need business people involved in the investigations so because an I.T person might understand how to do an investigation and find the data but he doesn't understand documents right now and I can look at them and say yeah so you need somebody that understands that you need somebody that said they could give you the context around that I mean it's back to the start so the LP of data protection is a is a lifestyle it's a continuing it's a

continuing example you if I've seen a lot of jumping projects failed just because they stop they do the first part of this and they they never bother to update or they never bothered uh to add in new classifications so your organization who have to continue it's in a bit of a DLP has a as a cost associated with it but also it also has a benefit for Associated as well so you continually into manage your data go through it remediate it classify it move it delete how you'll make a successful you know prescription [Music] um so this is uh a couple new spaces so there's obviously more than more than uh more than these three but these are

the different kind of three use cases we see so Insider threads they can come in uh media performed so I use it inadvertently uh CCN one person on an email a a not happy employee legalization something offer a customer database and then obviously take into their new employee it can be it can be other other ways where where your Insight users are using their data individually causing that issues so for it is is key is key to uh protecting your Insider a threats is key to your successful data program projects uh the next part of that is obviously uh is around your data

but um yeah so we see so that's the inside data threats we've seen in the last couple of years have uh growing substantially just for the fact that a lot more a lot more users have a lot more access to data another part to the European which I've talked about is around ability management so having your users defined and what roles and responsibilities they have in the organization so a user won't start off in one department will move to another department if you don't have the proper IDM and wise management or common solution in place they'll take you the rights for whatever their previous job was to the new job that way basically you've got a data data if you get

because they can access that they don't need any more or should get access to and having a defined user roles and provisioning is three key as well so so data Pharmacy so um a lot of there's a lot more um industry type privacy standards and those type of things so there's missed and there's obviously the Canadian Privacy Act most type of things so a lot of these haven't had teeth for a long time they started getting Wiki as they have smaller closures and it also comes down to the fact that too that Senior Management obviously have a responsibility and uh and uh

hackers all those type of things as as your data in ways your organization is constantly attacked and sometimes breached is stopping that external data export trading whether it's automatically through various tools that are uploaded into your environment or whether it's a it's a strategic data so you've got to be you've got to be aware of those external threats you've obviously got a good protection in place so so basically um we're we're seeing a lot of things uh well we're seeing a lot of issues is visibility so obviously you you put things in place like a lot of organizations have classifications but they don't actually have tools called also expectations of them don't have the ability to actually go over that next

step and look where that data is so uh

um and obviously controlling of that data as well so like I said identity management and what's what's management the user provisioning is very key so you need to have a successful data security Europe companies in many different Technologies and many different uh many different methods as well so having your users uh basically provisioned in a certain way having no new rights that they uh that are needed is key you can have technology in the Sun but if everyone's an administrator on the environment everyone has access because it sits in one bucket on Amazon wherever it might be then you kind of defended your whole purpose around security and obviously you're kind of talk about privacy as well

um that's pretty much me but if you have more questions or stuff we can talk around things does your product actually work this is my this is my old boss so yes um no yes

for my channel but no so yeah so I I like Peter and I've done a number of jewelry what those two of them correct so you've done a number of that approaches together so um where we've had success is taking that that walk like cruel walk one approaches it's not trying to do everything in a big bag taking one chunk so either targeting the HR or finance department getting them up and running with their PLP showing how they how the batteries they're targeting the ellipse part of the organization or then pulling in other people into that approach and then kind of expanded from there so it's it can be scary but if you take a a systematic and uh if they will

call one space to us because your data projects what is it that actually makes customers take the plans um so a lot of a lot of time it is regulation um it is compliance type thing um a lot of the time like customers started just gets too big to the eggs and they need some kind of mechanism of understanding what like how is that or what where their data lives I see a lot of organizations they they just keep thinking about all the heck out of there that skinny adult that's completely irrelevant but they they keep backing up they have encourages of having to delete it so it's DLP is is really a business school it's

really helping you as an organization processing uh protect your diet and then obviously as well and that's it's not we might say geography it's not it's not just technology it's a whole mechanism so it's encryption it's Rights Management the cloud integration is it's managed it's all those type of things that they make up a good uh aside from the responsible but where are you seeing uh success in I guess companies getting interested in data protection

pre-impactorship being on fire yeah I I yeah that's a very good question I've seen I've been involved in other times when uh passenger out that was on fire so a lot of times customers do that they they kind of drinking from the fires when it's all on fire I've seen I'm seeing customers these days as the cloud becomes well as everyone's moving into the cloud it's understanding where everything sits these days and a lot of organizations don't know where the data systems anymore I don't know that if they don't want to sit in this this S3 bucket with his 10 other applications that integrated into that will take that data and move to other other locations or

give other access rights to it or they've manipulated and put out reports and those kinds of things so obviously has that data scores across your organization you need to uh you need to know where it is and add to that too because this is that what I see the most from the cloud perspective is and buckets are often pivoters coming across the country we were just talking about lc29 for any infrastructure is going to have a large every damn thing that happens and part of that's going to be is how you can actually talk about where and what is going on if you don't do it back Angie's question around why is it happening it's just regulations no but

and I have to add that I've heard recently if you want there's more insurance if you want cyber security insurance if you don't aren't doing a you know a b c d they're like no I'm not I'm not sure they'll either not insure you or your premium yeah so the office groups in Australia that's really interesting with the insurance they have the premiums they wouldn't cheap it at the stop but they're insane now but they're at the point where it's unaffordable for organizations so and a lot of exactly who knows that's it is they've lift it to a little too late and uh the world's on fire or there's been a big exposure so there's it I I guess

we'll unfortunately I'm very Australian secret because I spend a bit of a time in it but this Optus Bridge it's been in Parliament like they've talked about it for weeks in half of it which has been very interesting because some of the students never really had any teeth in Australia we don't have the same kind of regulations we don't have the same kind of compliance so um well I guess if you look at U.S US dollar security bed has had two points there's a T400 but if you screw up his jail talking there's there's huge penalties there's obviously losing their jobs most likely so Australia's only just starting to get to that so we have our

up until three four years ago now we didn't even have exposure so if the company was hacked it was it was they nearly had to tell you about that they want to tell you about it was exposed obviously it was really a best interest to tell you that they've been hacked but a lot of the time to do it I'd have done it without them never heard about it so that's uh that reputational loss is is kind of a um yeah sovereign

[Applause] [Music]