The dangers of ransomware and ways to mitigate the risk

Transcript

Full transcript page · Interactive episode

============================================================
TRANSCRIPTION WITH SPEAKERS
============================================================

[00:00] SPEAKER_03: Welcome to Canada's Podcast.
[00:05] SPEAKER_03: I am Phil Bliss and welcome to Canada's Podcast.
[00:09] SPEAKER_03: Today we thought we'd do something different.
[00:11] SPEAKER_03: You know, ransomware we've all heard about, and it's become a massive problem for everyone.
[00:17] SPEAKER_03: So thought we would do a special feature on ransomware in business,
[00:21] SPEAKER_03: the dangers and how to mitigate it.
[00:24] SPEAKER_03: It's a very difficult, complex subject.
[00:26] SPEAKER_03: But not surprising, in the past five years, there's been a renewed focus on how to overcome that.
[00:34] SPEAKER_03: The cost and the price is probably cost them billions of dollars.
[00:38] SPEAKER_03: And allows you know, secrets to see power.
[00:43] SPEAKER_03: So today we're going to talk to Ed Dubrovsky, the CEO of Managing Partner at Cypher.
[00:49] SPEAKER_03: Ed has tremendous knowledge.
[00:53] SPEAKER_03: He's been in the cybersecurity business for almost 30 years.
[00:57] SPEAKER_03: And his really his name has become synonymous with information security.
[01:03] SPEAKER_03: So Ed, welcome to Canada's Podcast.
[01:05] SPEAKER_03: Nice to see you.
[01:07] SPEAKER_03: Nice to see you. Thank you for having me.
[01:09] SPEAKER_03: It's a complex subject.
[01:11] SPEAKER_03: I'm sure most of the people that are listening, viewing this, you know,
[01:16] SPEAKER_03: it's something we all worry about.
[01:19] SPEAKER_03: So, you know, what we're doing today is really to discuss the highs and lows of cybersecurity,
[01:25] SPEAKER_03: and how enterprise is large or small can minimize the risks, you know,
[01:33] SPEAKER_03: surrounding the sort of the ransomware issue that, you know, just as we were saying before we came on air, you know,
[01:40] SPEAKER_03: there is like exploding again, which is it's never really gone away.
[01:45] SPEAKER_03: But what you were saying is it's very big.
[01:48] SPEAKER_03: But before we get going, why don't you give us a three to five minute history of Ed, you know,
[01:55] SPEAKER_03: and your kind of life to date way you're at in the cybersecurity world.
[02:01] SPEAKER_03: Now everybody knows who you are.
[02:03] SPEAKER_03: And it I think it'd be useful so that they can they can understand the value of some things that you say.
[02:11] SPEAKER_02: Certainly. Thank you. Thank you.
[02:13] SPEAKER_02: So, you know, three to five is definitely difficult to summarize for somebody like myself who likes to talk.
[02:23] SPEAKER_02: But, you know, I've been in the industry for about three decades now.
[02:29] SPEAKER_02: I've done anything from the hands on to running businesses in this industry.
[02:36] SPEAKER_02: And I got to tell you first and foremost, you know, many people say they're the passionate about cyber.
[02:44] SPEAKER_02: I'm more passionate about making an impact, right?
[02:48] SPEAKER_02: So, and what I mean by that is I found this field back in, I think, first in 1995.
[02:57] SPEAKER_02: When I was still running my very first kind of consulting company building PCs and all of a sudden I fell into this.
[03:05] SPEAKER_02: You know, oh, this is a firewall and we have to install it.
[03:09] SPEAKER_02: What does it do and why?
[03:12] SPEAKER_02: And all of a sudden the dots started connecting because I think the first incident, cyber incident that I actually had to handle was back in 1996.
[03:23] SPEAKER_02: Right. It was a bit of a, you know, what I would consider some kids were trying to attack this company because it had some server open on the then.
[03:35] SPEAKER_02: Internet, it's not the same as today's internet by any means.
[03:41] SPEAKER_02: But, you know, these kids were looking for basically some storage space to put in some some pirated software, right?
[03:49] SPEAKER_02: And this company was running under this space, which was very expensive back then.
[03:54] SPEAKER_02: And they didn't understand what's going on. The internet was very slow running over still modems and things like that, right?
[04:02] SPEAKER_02: And I came into help. And, you know, I helped them figure it out what, you know, what was being exposed and so on.
[04:10] SPEAKER_02: So the problem, the client was very thankful.
[04:14] SPEAKER_02: And this is where I kind of realized that we might have a problem on our hands as a society because there's going to be more kind of push to go on to the internet.
[04:26] SPEAKER_02: And as more and more companies are going out and connecting to the internet, there's going to be this risk of whether it's from kids and then, you know, to now we're seeing professional criminals, what we call cyber criminals impacting companies all over the place.
[04:45] SPEAKER_02: And I saw that opportunity in a way to really help, right? And I always had that image of of being the emergency room for cyber, right?
[04:57] SPEAKER_02: And this kind of moved me from one company to the next to teaching at York University, the next generations of cyber security professionals and really building businesses around helping companies.
[05:14] SPEAKER_02: Because really helping companies is also helping people, maybe indirectly, maybe directly depends on how you look at it.
[05:22] SPEAKER_02: But it's really important, I think, to understand that it is all about really down below, it's all about helping people recover from devastating attack like criminals, right?
[05:37] SPEAKER_02: So this is why I'm kind of in this business doing what I do, likely around just middle of 2015 around then, this is when I started really getting exposed to more of the larger ransomware type of attacks.
[05:56] SPEAKER_02: And one of the things that I started doing is really negotiating with cyber criminals on behalf of organizations to try and reach some sort of a settlement where, you know, they locked a company completely, the company is going to go bankrupt if they're not able, in some cases, to get back to business.
[06:17] SPEAKER_02: And you have no other choice but to actually discuss this situation and negotiate with these criminals, sometimes language barriers, geography, time zone differences, age differences, right?
[06:33] SPEAKER_02: Because sometimes you deal with kids, sometimes you deal with more season, criminals and so on and so forth. And that really exposed me to a completely different field where I'm negotiating with these crooks, right?
[06:47] SPEAKER_02: And trying to get to settle, to help my clients, right, cover from these type of attacks, but it also gave me a very interesting perspective on both the criminals, their motivations, as well as the impact that these type of attacks can have on companies and their employees, as well as their clients, right?
[07:14] SPEAKER_02: So I'm here to basically try and share some of these in a few minutes.
[07:21] SPEAKER_03: You know, you called ransomware a kind of a digital epidemic, which is from that discussion.
[07:31] SPEAKER_03: But tell us where it's at today.
[07:35] SPEAKER_03: You know, I mean, you know, we've got another epidemic and it's moving around.
[07:41] SPEAKER_03: So tell us where it was today kind of thing.
[07:45] SPEAKER_02: Yeah, so I think, I mean, the media is doing a pretty good job trying to highlight certain cases.
[07:52] SPEAKER_02: But I think we're missing the true kind of cohesive understanding on the impact that this type of crime, cyber crime, has on society overall, right?
[08:07] SPEAKER_02: If you see what the FBI, I think they released a couple of months ago, their estimate of impact, we're talking about two and a half trillion trillion with the T, not billions anymore, of potential impact of cyber crime.
[08:27] SPEAKER_02: And I, to be honest, I forget if it was US only or worldwide, but I can tell you that just a number of cases we handle, probably from an impact perspective, we're talking at tens of billions.
[08:43] SPEAKER_02: And you know, my company is just literally just a grain of sand in the big, big ocean, right, that type of thing.
[08:55] SPEAKER_02: You know, many sites, many information sources, they do not have the full visibility of what is happening from a cyber crime perspective.
[09:08] SPEAKER_02: Right. And unfortunately, I'm seeing like a few thousand cases a year, that's all there, they're reporting on, it's not, it's not true, it cannot be true.
[09:19] SPEAKER_02: Right. So it's, it's a massive impact worldwide that I am in my opinion, this is what we're suffering, suffering through.
[09:31] SPEAKER_03: Now, how many, how many ransomware tax have you mediated, you think?
[09:36] SPEAKER_02: So under my belt, just from a negotiation perspective, over the past roughly seven years, I have over 4,000 cases.
[09:47] SPEAKER_02: Wow. That's terrific.
[09:49] SPEAKER_02: Yeah. And again, I'm just a grain of sand in the sea of crime, right, that we're likely experiencing, because a lot of companies make the decision to keep things under wraps, they don't want the publicity, they don't want to tell people that they've suffered through many of them try to resolve the situation on their own.
[10:15] SPEAKER_02: Okay. So it never comes to a professional like me or companies that like cypher that I run and so on.
[10:26] SPEAKER_02: So my, my gut is telling me that we're literally from the media exposure, we're looking at the tip of the iceberg where the majority of the, you know, the bulk of crime that we're actually experiencing as a society is significantly significant.
[10:46] SPEAKER_03: Well, I mean, why are the, why are ransomware tax happening so often? Is it political, is it economic, gives it, what, why is it happening so much?
[10:57] SPEAKER_02: Well, if you think about it, we've become an internet society. That means that many people are born today with a computer in their diaper away, you know, like, you get born, you're born.
[11:13] SPEAKER_02: And there's like a screen above you instead of those toys that we used to have, right? And everybody's used to iPads. Like, I got to tell you, my kids are roughly in their 20s now, early 20s.
[11:28] SPEAKER_02: And as a technology professional, they still would come to me and they go, oh, look, I don't understand why you're doing it this way on your phone.
[11:39] SPEAKER_02: You can do it this way and they show me a new thing, right? In a way of a feature. For them, it's second nature. For me, I still have to learn it.
[11:49] SPEAKER_02: Although I'm a very technically savvy individual, but the young generation, they're literally been connected at the hip from day one to these technologies, right?
[12:01] SPEAKER_02: So for them, many of them opportunities in cyber crime, depending on geographies, can also become a very easy way to earn a living with very little risk, if you think about it, right?
[12:20] SPEAKER_02: And very little chance of anybody coming in and shooting them, you know, it's not your typical crime of going in, trying to rob a convenience store.
[12:30] SPEAKER_02: You're sitting behind a screen at home, potentially, right, attacking companies. And we've actually seen a couple of, a couple of high profile arrest in the last couple of months, I would say here in Canada, right?
[12:47] SPEAKER_02: Where in Montreal, a network worker operator was caught with like, I forget, 30 million, 40 million worth of cryptocurrency, as well as a few Lamborghini's and then whatever other sport cars he was buying.
[13:03] SPEAKER_02: And then another one right here in, I think, Burlington, just a couple of weeks ago was caught. Same thing with like millions of dollars of payouts that they got.
[13:18] SPEAKER_03: Right. Talk millions of dollars. I mean, what is the current, you know, average ransom payment? I mean, I'm sure now everything's millions, but I mean, it's just an interesting to get an idea.
[13:32] SPEAKER_02: Yeah. So you see, it's interesting to talk about averages. I have a little bit of an issue and I'll tell you why because, you know, an average really amalgamates really large companies with very small companies to come up with some sort of an average statistic, right?
[13:51] SPEAKER_02: The reality is that typical ransom amounts today are anywhere from one to 10% of annual revenues or perceived annual revenues. Right. So many threat actors today when they come in, they try and ascertain your financial situation, they would look for bank statements.
[14:13] SPEAKER_02: If you're a public company, that's easy. They go in, they look at financial statements. So I can tell you that right now we're dealing with one case where the ransom demand is north of $100 million.
[14:27] SPEAKER_02: Right. We see very, very typically multi-million dollar demands for smaller companies. We see anything from still about 50,000 to about a quarter of a million is fairly typical.
[14:42] SPEAKER_02: But you know, if you average it all together, you might come up with a number of maybe five, six hundred K average.
[14:50] SPEAKER_03: What about those underlying costs that we don't hear about? I mean, what you're close out? What's that kind of cost?
[15:02] SPEAKER_02: The cost can be really, really significant depending on the impact and depending on how prepared the organization was for an impact.
[15:11] SPEAKER_02: What do I mean by that? So depending on your industry, first of all, you might have very sensitive data.
[15:19] SPEAKER_02: If you're a defense contractor, as you can imagine, you probably have some diagrams that an intellectual property may change the balance of power sometimes in certain regions.
[15:32] SPEAKER_02: If you're a health provider, you might have health information about a lot of individuals that won the integrity is very important.
[15:43] SPEAKER_02: But number two, that information if it goes public can lead to lawsuits and maybe even impact to these individuals.
[15:54] SPEAKER_02: So it's a very serious matter as well. And so on and so forth.
[15:59] SPEAKER_02: So you know, that could be various type of impacts on organizations as a result of these cyber attacks and the impact could be all over the place in terms of costs.
[16:18] SPEAKER_02: If it's a very large organization, if you think about it, let's say you have a thousand small, let's say medium size organization, a thousand employees, each employee has a computer.
[16:32] SPEAKER_02: The bad guys come in and they lock all these computers.
[16:36] SPEAKER_02: That's not even touched the fact that they probably stole a lot of data as of yet, but a thousand computers that got locked in order to unlock them and rebuild them to a safe, safe situation.
[16:49] SPEAKER_02: You're probably looking at about a couple of hours per system. So you take this, you have a thousand systems, a couple of hours, you look at 2000 hours, multiply this by market rates anywhere, the large companies charge about 600 US an hour, you charge a lot less.
[17:10] SPEAKER_02: But if you think about this 2000 times 600, we're looking at what 1.2 million.
[17:17] SPEAKER_02: Right. So even if the ransom demand is about $500,000, right, you're looking at another 1.2 million just to rebuild, but hold on, you need to investigate.
[17:31] SPEAKER_02: You need to potentially deal with PR issues. You need to potentially pay a lawyer. There may be some subsequent litigation against your company because you fail to protect the data.
[17:47] SPEAKER_02: Right. It could be a class action also. I think the last large ones we heard were like $180 million and payouts and things like that.
[17:57] SPEAKER_02: So we're talking about a very, very significant cost to being successfully attacked in any type of scenario, whether it's a ransomware or any other type of an attack, you're probably looking at multi, multi million dollars.
[18:16] SPEAKER_02: And I'm not even talking about, you know, government, penalties and so on.
[18:21] SPEAKER_00: The file flex for Windows zero trust data access solution unifies the data access and governance of data storage across multiple domain environments using the zero trust data architecture that prevents ransomware intruders go to file flex.com to learn more.
[18:40] SPEAKER_03: But most of us ensure ourselves in business against things like liability and various other things can we ensure ourselves for ransomware?
[18:50] SPEAKER_02: You know, a few years back, getting a cyber insurance was really easy.
[18:58] SPEAKER_02: Okay. For the price of a cup of coffee, you could get a really good cyber insurance policy. And you know what? It really, really does help to have a cyber insurance policy.
[19:13] SPEAKER_02: However, the industry has gone through a lot of cost. There are a lot of attacks and cyber carriers cyber insurance carriers have paid a lot of money.
[19:27] SPEAKER_02: When we're talking about these, you know, billions of dollars, all of those majority of those came from cyber insurance carriers.
[19:36] SPEAKER_02: Okay. So as you can imagine, as they're, they're bleeding a lot of dollars, they have to charge back and increase policies.
[19:47] SPEAKER_02: But they also gotten a lot better at saying to companies, I don't want your business. You're too risky. You're not doing enough.
[19:56] SPEAKER_02: You're not protecting yourself. Why would I take this risk for any amount of money? Because I know for a fact, because it's like I said, a digital pandemic, you're going to get attacked, probably successfully attacked.
[20:12] SPEAKER_02: And then I have to pay, right? So it doesn't make sense. So what's happening in the market is that insurance carriers are either getting out of the business completely or they're increasing pricing, pricing,
[20:24] SPEAKER_02: 10 fold at least. And in many cases, they're just declining coverage. You got attacked. It's very likely that your carrier is not going to renew next year.
[20:35] SPEAKER_02: So you're just not worth it, right? Unfortunately.
[20:39] SPEAKER_03: So if technology, so let's technology scores in the problem, let's try and find, you know, let's look at solutions. I mean, you know, we're, you know, looking around, we've all heard about zero trust as a solution.
[20:52] SPEAKER_03: And there are kind of various options of that, you know, zero trust network applications data, you know, the companies need what the companies need?
[21:05] SPEAKER_03: Do they need all of those? What do they need?
[21:10] SPEAKER_02: So if you think about it, companies really need to protect themselves.
[21:15] SPEAKER_02: But in order to protect yourself, you need to understand what you risk and what you're trying to protect from.
[21:22] SPEAKER_02: Many companies are just on a, sometimes they go on a shopping spree, they buy stuff.
[21:28] SPEAKER_02: And they think that by buying stuff and maybe even installing stuff, they're going to be a lot more secure.
[21:35] SPEAKER_02: So let's talk about zero trust.
[21:38] SPEAKER_02: I think zero trust is a really important concept.
[21:43] SPEAKER_02: Not so much for the technologies that fall underneath, but because from an educational perspective, it teaches people first and then companies second, what that means in terms of how do we actually protect ourselves, the fundamentals?
[22:04] SPEAKER_02: Zero trust, all it is, is a very old concept, right?
[22:08] SPEAKER_02: Trust but verifying in a way, but also assume that anything is going to bite you, right?
[22:16] SPEAKER_02: So it's all about really, you know, assuming that you are already running in a compromise state and how you're going to respond to it, right?
[22:26] SPEAKER_02: So try to bring it kind of to the real world, right?
[22:31] SPEAKER_02: First of all, what is the ransomware attack?
[22:34] SPEAKER_02: Ransomware attack today is built around a few components.
[22:39] SPEAKER_02: I call them stressors, right? The industry calls it, you know, extortion levels.
[22:47] SPEAKER_02: So you got your single extortion, the bad guy came in, locked all your systems.
[22:52] SPEAKER_02: You need to unlock your systems, one way or another, right?
[22:56] SPEAKER_02: That's one extortion, the second extortion or as the industry calls it double extortion, the bad guy comes in, before he locks your systems, he goes in and he basically rummages around all your files, steals everything they can.
[23:13] SPEAKER_02: Sometimes the tune of terabytes of data terabytes is a lot, it's a lot, right?
[23:20] SPEAKER_02: And they sometimes sit for months in there, copying files from this machine and that machine, copying your financial statement, your intellectual property and so on and so forth.
[23:31] SPEAKER_02: They take all this stuff to their servers and then they lock you.
[23:37] SPEAKER_02: So now they force you to pay because you need to potentially unlock your system, but even if you have a good backup, they are basically holding you hostage because they're going to say, well, you don't pay us, you're going to publish all this information, stop from.
[23:55] SPEAKER_02: Right? And there's a couple other levels of additional extortion, now they're attacking back.
[24:02] SPEAKER_02: If you don't pay the fourth level of extortion now is getting personal, they're going to go after the CEO, his emails, his files, right?
[24:13] SPEAKER_02: And they're going to try and actually impact his personal accounts as well because you may have kept, you know, an excel spreadsheet with all your personal passwords on your work email or work computer.
[24:26] SPEAKER_02: They're going to attack you, they're going to attack your family members wife, kids and so on and so forth and we're starting to see this.
[24:34] SPEAKER_02: So when we talk about zero trust, it's a very white concept. There's many players in this, but I think you can see very clearly that one of the key aspects in ransomware type of attacks or extortion attacks is access to files.
[24:52] SPEAKER_02: Right? It's now the threat actor is able to easily, right?
[25:00] SPEAKER_02: As an administrator or a high privilege account, go in and rummaging all these computers and basically access all these files, just copy them over and steal them.
[25:13] SPEAKER_02: Right? So we need a technology, right, that can basically say, hold on.
[25:21] SPEAKER_02: You got in, we might not be able to stop everything, right?
[25:27] SPEAKER_02: But let's focus on the data theft perspective. We need to lock that. We need to not allow anybody, not just red actors.
[25:36] SPEAKER_02: We have to treat everybody with zero trust and basically manage every access to every file in such an effective way that, you know, only the right people can have access to the right files at the right time in the right amount and and so on and so forth.
[25:58] Speaker UNKNOWN: 
[26:00] SPEAKER_03: That's what we call, you know, micro segmentation, but I think the other key thing that, you know, I've been looking around and I mean, gardener says, you know,
[26:13] SPEAKER_03: Unstructured data is the kind of open door for ransomware. And then it says, you know, 80% of data is unstructured, which is pretty scary.
[26:30] SPEAKER_03: No, no, maybe you can see why there's such a problem with ransomware, you know, I mean, looking at QNX and filefix and there's a, you know, as a data access zero trust data access product, you know, how can it help?
[26:50] SPEAKER_03: I mean, where does it stand and how can it help to provide protection?
[26:56] SPEAKER_02: Right, so there are two types of files, right, you mentioned unstructured, right, and there's structured sometimes, you know, it might help to kind of clarify what that actually being, right, so structured is your database, right, you have a database with maybe some employee information, social insurance numbers, salary and so on and so forth, right.
[27:21] SPEAKER_02: And then you cannot though have all your data always sitting in structured files because you want to hire an employee, you've got to send them a contract, that's an unstructured file, it's not a database, right.
[27:38] SPEAKER_02: And as you can imagine, spreadsheet, word documents, you want to do a PowerPoint presentation, unstructured file, and so on and so forth, right. So majority of data in the world is actually unstructured files.
[27:52] SPEAKER_02: And there's a lot of them for every organization, a lot of it since intellectual property, confidential data and so on is sitting actually these unstructured files.
[28:04] SPEAKER_02: In many cases, unstructured files are actually an extract from a structured file like a database, you get a report out of the database, you save it into a document, that's unstructured file, right. And for a threat actor to come into an environment in order for them to steal a unstructured file, a loose document, for example, it's much easier.
[28:32] SPEAKER_02: Then going into a database because to a database, it's an actual system, they actually have to hack into the system itself, as well as the database. So it's two steps before they actually gain access to the data, right.
[28:48] SPEAKER_02: And every little bit of a delay actually helps, but they go for the low hanging food, they go for the unstructured data, right. So for them, they see all these Excel documents, all these PowerPoints, word documents and so on, PDFs, they come in, they bundle them together, steal them away.
[29:08] SPEAKER_02: So it's easier for them and it's an area of focus in ransomware attacks to steal that type of information, the unstructured files versus structured.
[29:20] SPEAKER_02: Well, that is why falling that is critical.
[29:23] SPEAKER_03: So how does you know, you know, Qnext and final flex, provide the protection and I gather now, Qnext also comes in a Windows plug-in play version.
[29:35] SPEAKER_03: What's the implication of that for small, medium, large enterprises in terms of ransomware protection, if you like.
[29:48] SPEAKER_02: Yeah, so the interesting piece, remember when I said ransomware happens in phases, right.
[29:57] SPEAKER_02: So when the bad guy comes in, right, they've reached your defenses, your firewalls, your, you know, IPS, IBS systems, it's on and so forth, they're already in your systems.
[30:12] SPEAKER_02: They don't go and encrypt all your systems first and then steal data after because, you know, the encryption, the locking of systems is a very noisy activity.
[30:25] SPEAKER_02: All of a sudden, everybody's going to start complaining, I can't access my system, right.
[30:29] SPEAKER_02: And somebody's going to react, cut the internet and then the bad guy never really stole any information.
[30:37] SPEAKER_02: So now they don't, they don't have that double extortion capability, right.
[30:42] SPEAKER_02: So what do they do? They steal information first, right.
[30:47] SPEAKER_02: So before they lock anything, they attempt to steal the information, right.
[30:53] SPEAKER_02: If we can block them at any point in time, right.
[30:59] SPEAKER_02: What happens is it's going to follow their attack potentially completely.
[31:05] SPEAKER_02: So in other words, they go in, they try to touch some files, some instructor files and file flex is really cool because we actually use it as part of our reach response activities at cipher.
[31:20] SPEAKER_02: You can deploy it in a middle of an incident where the bad guys may still be in the environment.
[31:27] SPEAKER_02: Right. You can deploy it and then the bad guys can't really access files anymore, right.
[31:34] SPEAKER_02: That's cool.
[31:34] SPEAKER_02: But it also alerts you, it tells you they trying to access a file and so on and so forth.
[31:42] SPEAKER_02: So you can actually tell where they're residing right now and don't potentially use this for containment.
[31:47] SPEAKER_02: Right. So you can kick them out of the environment while they're trying to copy files.
[31:54] SPEAKER_02: Then I'm talking about in a middle of an incident, not even before.
[31:59] SPEAKER_02: I'm not talking about a pro.
[32:01] SPEAKER_02: Reactive.
[32:01] SPEAKER_02: That's basically right.
[32:03] SPEAKER_03: Right.
[32:05] SPEAKER_02: And then you basically kicked the bad guys out before they then locked anything and potentially you fall them from downloading any more data.
[32:13] SPEAKER_02: That's one thing.
[32:14] SPEAKER_02: It's a proactive technology.
[32:16] SPEAKER_02: You put this in before and the bad guys are going to try and figure out how to move files, touch files and so on.
[32:25] SPEAKER_02: They will generate alerts, right.
[32:27] SPEAKER_02: If you have a good monitoring capability integrated that basically file flex is sending all its logs to.
[32:36] SPEAKER_02: You're going to get alerted that somebody is trying to access file.
[32:40] SPEAKER_02: They won't be able to because file flex is very effective at changing, changing how unstructured files are in data is access.
[32:50] Speaker UNKNOWN: 
[32:51] SPEAKER_02: And now your people can react and say, okay, we see something abnormal happening.
[32:56] SPEAKER_02: We're going to block that before any files were stolen before any systems were locked.
[33:04] SPEAKER_02: Right.
[33:04] SPEAKER_02: In essence, you've just solved the problem of ransomware.
[33:08] SPEAKER_02: You haven't solved the problem of the initial attack, right.
[33:12] SPEAKER_02: The initial compromise.
[33:14] SPEAKER_02: But you basically stop these criminals in their tracks.
[33:19] SPEAKER_02: And this is really.
[33:21] SPEAKER_03: If you have it installed earlier, then you do stop a lot of it basically.
[33:29] SPEAKER_02: Right.
[33:29] SPEAKER_02: You got to be proactive and got to be effective.
[33:32] SPEAKER_02: And this is what's really cool about file flex.
[33:35] SPEAKER_02: And I really like that technology is because it's easy to deploy.
[33:40] SPEAKER_02: Care and feeding, which is really critical to any security technology is minimal.
[33:46] SPEAKER_02: Once you do it right, and then you monitor and you obviously still understand the risk landscape.
[33:54] SPEAKER_02: But if you deploy correctly the first time and you minimize exceptions, people who are allowed to bypass.
[34:03] SPEAKER_02: What file flex actually offers, you could change the way data is controlled, managed, accessed, and certainly the risks associated with unstructured data.
[34:16] SPEAKER_02: Very, very dramatically.
[34:18] SPEAKER_03: So what is the biggest thing that companies can do to protect themselves today has become to this kind of conclusion of our session.
[34:28] SPEAKER_02: Yeah.
[34:29] SPEAKER_02: So I mean, as I said, you know, you're going to be proactive.
[34:33] SPEAKER_02: Zero trust is a wonderful concept, but don't fall just for the marketing.
[34:38] SPEAKER_02: You know, you're going to be really, really, really, really understanding what that means, right.
[34:43] SPEAKER_02: It's in the name trust nothing.
[34:46] SPEAKER_02: Right.
[34:47] SPEAKER_02: And you've got to look for technologies and solutions that are effective and they can actually apply to current relevant risks.
[35:00] SPEAKER_02: Ransomware is very relevant.
[35:04] SPEAKER_02: Internal, you know, what I call malicious insiders is very relevant.
[35:09] SPEAKER_02: What is coming to these two technologies, these two risks.
[35:15] SPEAKER_02: What is coming to them is the fact that they try and impact unstructured data.
[35:22] SPEAKER_02: So, you know, the file flexes of the world.
[35:25] SPEAKER_02: Awesome.
[35:26] SPEAKER_02: That is the technology to use to basically foil those two attack types today.
[35:34] SPEAKER_02: Is it going to solve everything?
[35:35] SPEAKER_02: No, it's not going to solve everything, but it's going to stop threat actors from doing the majority of the damage that they try to do today.
[35:47] SPEAKER_02: Are they going to evolve?
[35:48] SPEAKER_02: Probably.
[35:49] SPEAKER_02: How are they going to evolve to be honest?
[35:51] SPEAKER_02: I don't really know because I think that if companies are going to deploy file flex type solutions across the environments and companies.
[36:05] SPEAKER_02: Ransomware might actually die.
[36:07] SPEAKER_03: Well, it's really cool.
[36:08] SPEAKER_03: That's a big one.
[36:10] SPEAKER_03: Really, really, so can I end on a positive note that there are solutions like file flex emerging.
[36:16] SPEAKER_03: Yes.
[36:16] SPEAKER_03: That may make it, you know, at least less, less sort of horrific for businesses and Ransomware.
[36:26] SPEAKER_02: Yeah.
[36:27] Speaker UNKNOWN: 
[36:27] SPEAKER_03: We've reached the end of our time and I really like to thank you for coming on.
[36:32] SPEAKER_03: It's been terrific.
[36:33] SPEAKER_03: Hi, pleasure.