Anthony (3:05)
I- I kind of know... I knew what he meant there.
James (03:09)
Fishing attacks and ransomware?
Anthony (03:12)
Uh, that, that wasn't the major play, you know? You know, about- you know, two decades ago, the major play two decades ago was identity, right? I didn't need access management, you know. Making sure, [those who had] access to the system [were] authorized to access it and if they wouldn't authorize the access, it was revoked.
James (03:32)
That's, that's so- that's a big topic we talked about throughout today but that's an enterprise-grade tool back then that most, I think the SMB of mid-marketspace don't even know it's readily accessible at their fingertips, even through their 365 tenant.
Anthony (03:45)
Oh yeah, oh yeah. You know, definitely. You look at Azure, you look at 365, you know they have their own solutions. When it comes to SMB's - I'll tell you what, Microsoft has
done a pretty good job on entry-level for SMB's into the IT space and the security space.
James (04:05)
Yeah, this is coming from a Linux guy. I don't think any Linux guy has ever complimented Microsoft, that's huge.
Anthony (04:09)
Well, the thing is Microsoft has, you know, they've adopted Linux right? You can roll Linux up and, these are cloud, and you can run it as a Linux instance within the cloud. You know, so I, I think Microsoft over time they embrace the open-source community, and actually, when you look at some of their systems now a lot of their documentation a lot of tech-net, a lot of information is kind of mirrored after the open-source community.
James (04:39)
Well for 12 years at least, maybe 15 years, I would have to imagine you've got to dig pretty hard to find the actual materials to educate yourself on that topic but it seems like the last two years we have just had every cyber security thing thrown our way and I'm sure it's going to continue to grow that way, right? Let's hit a couple of those terms. A lot of the people listening, they may not go read the- the white papers on- on what these different topics are but they've heard in the news just here recently stuff around crypto, around blockchain. We got critical industries defined during COVID so now we have critical infrastructures that are being attacked. Ransomware's now, ransomware is a service that's already evolved into Killwear. That's amazing! What- what- what sort of thing should we be expecting to hear about as this year ends and next year begins?
Anthony (05:26)
I think part of it, you know, when you think of SMB's and you think of the tactics and, you know, trying to keep the busiiness running- part of the focus should be, and enterprises have adopted this, at the enterprise level but, you know AI and machine learning, right. It's going to be huge, you know, for the future. I- I think it's becoming so economical now, that not only can enterprise afford this but you know you have SMB's that can afford it and you got consumer populations that can afford it and you have some individuals that, you know, they run their- their lawn sprinkler system, you know, using some form of AI.
James (06:08)
Or, they have a nest in their house controlling their thermostat.
Anthony (06:11)
Exactly. So, software-defined, you know. Before we used to get this big iron, you know. You go to the data center, you would see all these racks and big iron out there right? Now, you know with AI, ML, everything's becoming software-defined, right?
James (06:25)
It's really interesting that you bring it up that way too because it's- it's- it's every time a buzzword comes up. It's because enterprise seems to have adopted it, but most the SMB in mid-market space then gives it the Heisman. They put a stiff arm up and say 'not for us, too expensive' right? You said it's economical now, so now you can start reaching out the products that have AI embedded in them right? It's gotten to the point you don't have to buy an AI tool, you buy a tool that's powered by something with AI or machine learning.
Anthony (06:52)
Exactly.
James (06:53)
All right so, you've used a term with us in here at Centre while doing some trainings around offensive security. Explain what that means in comparison to- to what we're used to.
Anthony (07:04)
Well, offensive security, you know, essentially; At the end of the day, you know, we protect systems, processes, and people against bad guys. That's what we do. So, offensive security essentially is- see a threat, you not only contain that threat - which we do today - but you can deploy some offensive measures or, we call countermeasures, to counter that threat. But the-the deal is, you have to be careful now, right? So, you know, there's certain laws out there you have to be careful you don't want to go into an offensive measure and you've got the wrong target, right? And also, London you know if you look at the-the laws of the United States, you know, you really can't do that today, right?
James (07:47)
Right, those wells are changing quick.
Anthony (07:49)
Oh yeah, yeah, yeah. They're changing quick. I mean, if you look at the United States- they're doing some offensive capabilities, you know? Okay, look at the three-letter agencies. CIA, the FBI, they're deploying countermeasures to countries that are violating the laws but, what you can do, you know - at least within SMB space, right? - you can work within your own perimeter, right? You know, we got this theory that things are becoming perimeter lists, right? So you have to be careful with that too but you can detect, deploy, prevent, and you can deploy countermeasures within your own organization.
James (08:22)
Our sales team has been pushing EDR for a while now.
Anthony (08:26)
Yeah, yeah EDR is huge man. That's you know almost circumventing AV solutions right? EDR is a huge solution and it's, it's helping save many organizations from ransomware.
James (08:38)
Yeah, we had- we had a great success story just recently where an oil and gas company was breached the week after we implemented EDR and we caught it, isolated it to a single system, okay and we snuffed it and that- that CIO was able to walk right into the executive room's board and say like 'Look what we just did here". That's a great way to look at it. You know, you mentioned economical- EDR is about the cheapest for the impact you get that I've ever seen in IT.
Anthony (09:05)
The value proposition you know, and IT- you always have to worry about performance right? Sure. But the value proposition is, these are low footprint, small footprint, you know, small resource consumption, and they sit on the endpoint of the server right? So they can protect it, not only detect, right? A lot of folks get kind of confused - detect and prevent- but, SMB's can prevent you know, like you mentioned, the containment.
James (09:30)
With tools like that, yeah. They jump on board with what Centre offers, they also get the program of the
SOC, where you have eyes on the screen that you can't afford to bring in-house. Exactly. A lot of really cool programs out there, to make sure that that's available and economical to all businesses out there.
Anthony (09:46)
Exactly. It's a low, you know, entry into the market for 80 yards. It's perfect for SMB's today.
James (09:55)
You've mentioned another topic to me before, that I think it's a neat term that I'd love to share with the group. What is that acronym you used before- VRA's? That's a virtual RA?
Anthony (10:03)
No.
James (10:05)
What is a VRA?
Anthony (10:07)
All right so, VRA is Vendor Risk Assessments, right? So ideally, um you always have someone trying to sell you something, right. You always have sales folks, right? Like-
James (10:16)
Like me!
Anthony (10:17)
Right. Okay, all right, fair enough, right? That you don't really want to go out there and purchase the bright new shiny toy without vetting it out, right? So Vendor Risk Assessments- this can, you know, enterprises have been using it for years but SMB's, even local government use it as well. They assess and make sure the capabilities, the form, fit, or function of that toolset meets the needs of the organization rather than just go out and buy something. So that's really the goal with the VRA and then you could successfully manage risk within the organization and you can vet out the actual vendor toolset as well.
James (10:55)
So it was, it was a year ago, this time, everyone got the news on the Solarwinds breach. The- the term that was new to us at that time was 'supply chain attack'. A little sidebar; I've got- I've got a bone to pick with the media, with the supply chain shortages we've had. It seems like they've merged supply chain attack for a virus and supply chain issues somehow together but the supply chain attack, if everyone recalls, is when you download the patch from a trusted source and it turns out, it's the gateway into the- the bad actor into your environment right? And when you say 'VRA' and you're looking at your vendors, every single vendor you open your environment up to is potentially a risk for that, right?
Anthony (11:38)
Right, exactly.