1 00:00:06,100 --> 00:00:08,600 Do you know who has access to what this is? 2 00:00:08,600 --> 00:00:10,600 The identity at the center podcast? 3 00:00:10,900 --> 00:00:13,900 If you're looking for identity and access management talk 4 00:00:13,900 --> 00:00:31,300 you've come to the right place and now on to the show, Welcome 5 00:00:31,300 --> 00:00:33,300 to the identity at the center podcasts. 6 00:00:33,400 --> 00:00:36,000 I'm Jeff and that's Jim here I am. 7 00:00:36,000 --> 00:00:37,800 There you are, that's where you are. 8 00:00:38,000 --> 00:00:41,800 You're there. Today was day, one of the 9 00:00:41,800 --> 00:00:45,400 cooping, ercole consumer identity World Conference, 10 00:00:45,800 --> 00:00:48,200 that's a mouthful. Yeah, good job pronounciations 11 00:00:48,200 --> 00:00:51,600 whooping whooping, her coming up, injure, which I've said 12 00:00:51,600 --> 00:00:55,600 before coming herself but yeah, whooping her as I learned today. 13 00:00:56,100 --> 00:00:57,700 So already a successful conference. 14 00:00:57,900 --> 00:01:01,600 Yes, right, learn something. We can we can now correctly. 15 00:01:01,600 --> 00:01:05,400 Say, the sponsors name. My attitude is generally, I want 16 00:01:05,400 --> 00:01:08,600 to learn something new every day once I do, I shuffle. 17 00:01:08,600 --> 00:01:10,300 Yeah, so we learn that pretty early. 18 00:01:10,300 --> 00:01:11,700 So yeah, that makes a lot of sense. 19 00:01:12,700 --> 00:01:16,700 Today was a day of workshops and there was a few different things 20 00:01:16,700 --> 00:01:19,900 that were talked about. There was a presentation by ID 21 00:01:19,900 --> 00:01:22,600 Pro around identity, access management or kind of like an 22 00:01:22,600 --> 00:01:24,300 intro. I am but that's another good 23 00:01:24,300 --> 00:01:25,600 topics in there. Yeah. 24 00:01:25,700 --> 00:01:27,700 Yeah. You know, when I saw two topic 25 00:01:27,700 --> 00:01:31,300 on the agenda, I thought okay I've been in the industry for 15 26 00:01:31,300 --> 00:01:35,600 years. Probably skip this one but it 27 00:01:35,600 --> 00:01:39,900 was a single track day. So I sat in the session was 28 00:01:40,300 --> 00:01:45,700 Sarah and Ian and they're both really brilliant people and I 29 00:01:45,700 --> 00:01:48,300 got a lot out of it, you know. I think one of the things 30 00:01:48,300 --> 00:01:53,500 sometimes, when you're so close to something is you don't see 31 00:01:53,700 --> 00:01:55,300 with it. You'll see the first or the 32 00:01:55,300 --> 00:01:57,900 trees. Are basically I think that's the 33 00:01:57,900 --> 00:02:00,700 right amount things that. But basically, what I mean by 34 00:02:00,700 --> 00:02:06,700 that is, you know, they had a slide for example on IDP 35 00:02:06,700 --> 00:02:10,800 Discovery or on Discovery. So it was, you know, somebody is 36 00:02:10,800 --> 00:02:15,800 doing a Federated login, how do you know what IEP to send them 37 00:02:15,800 --> 00:02:19,600 to and they gave a good framework of a, the three 38 00:02:19,600 --> 00:02:22,900 methods. And I think that is really 39 00:02:22,900 --> 00:02:25,000 interesting. So I actually think what I'd 40 00:02:25,000 --> 00:02:28,900 like to do Do is get their slide deck and maybe even have one of 41 00:02:28,900 --> 00:02:31,000 them. Come on the show some time and 42 00:02:31,000 --> 00:02:34,400 really just go through what Ida Pro is all about me. 43 00:02:34,400 --> 00:02:37,300 Pick some of those topics and and kind of dive into them. 44 00:02:37,700 --> 00:02:40,600 Could be therapy and might be getting back from your 45 00:02:40,600 --> 00:02:41,700 hesitation. Yeah. 46 00:02:41,900 --> 00:02:44,600 And since we talked about in the past, I think, as we've kind of 47 00:02:44,600 --> 00:02:49,100 grown into this podcasts, right? And kind of learned how it, how 48 00:02:49,100 --> 00:02:52,700 it works that we can, you know, start to figure out how to, how 49 00:02:52,700 --> 00:02:56,700 to get some some better guests and Were guests from other 50 00:02:56,700 --> 00:02:58,100 things that our guests from the money. 51 00:02:58,100 --> 00:02:58,700 Yeah. But I was wrong. 52 00:02:58,700 --> 00:03:01,100 The were is wrong word but just, you know, more guests different 53 00:03:01,100 --> 00:03:03,800 guests from different areas and their cat top neurosurgeon but I 54 00:03:03,800 --> 00:03:07,000 do pro is a great word. It's only been around for, I 55 00:03:07,000 --> 00:03:08,200 want to say this is the third year. 56 00:03:08,200 --> 00:03:12,700 It started at the Ping Identity conference which became identify 57 00:03:12,700 --> 00:03:17,500 reverse severally identify think it was 2016. 58 00:03:17,500 --> 00:03:21,000 It was in Chicago and so I'm a founding member of the 59 00:03:21,000 --> 00:03:23,300 organization just like, you know, a bunch of other people 60 00:03:23,900 --> 00:03:26,600 and Ice also served last. Last year or this year I should 61 00:03:26,600 --> 00:03:28,600 say on the board nomination committee. 62 00:03:28,600 --> 00:03:30,900 So I do have some relationships there. 63 00:03:30,900 --> 00:03:33,600 That maybe you might be helpful to kind of bring onto the show 64 00:03:33,600 --> 00:03:35,700 and then talk group. Yeah, I think that would be is 65 00:03:35,700 --> 00:03:39,900 it is a good, a good well-run well-managed and kind of 66 00:03:39,900 --> 00:03:43,800 well-executed organization. It feels like they're trying to 67 00:03:44,100 --> 00:03:50,800 make significant Change for the good in the industry. 68 00:03:50,800 --> 00:03:54,000 So one of the things they were talking about is how the help 69 00:03:54,000 --> 00:03:59,200 people get up speed quicker. And I think the way that it was 70 00:03:59,200 --> 00:04:04,900 put was it takes people between five and ten years to really 71 00:04:04,900 --> 00:04:08,500 know the industry and that was based on survey responses and 72 00:04:08,500 --> 00:04:11,700 others people self grading. So, you know, I think you could 73 00:04:11,700 --> 00:04:15,800 look as a out if you if you've been in the industry 15-20 years 74 00:04:15,800 --> 00:04:19,600 like you won't know it. As much as I know for so long. 75 00:04:19,600 --> 00:04:24,600 But this is people greeting themselves and I think the 76 00:04:24,600 --> 00:04:27,300 thought pattern well most of us who get into. 77 00:04:27,300 --> 00:04:31,000 I am start with a single product right before, we're not really 78 00:04:31,400 --> 00:04:35,200 industry experts for, you know, during that period where we're 79 00:04:35,200 --> 00:04:38,800 only working with one product because we get very product 80 00:04:38,800 --> 00:04:42,500 focus and how that product solves a particular problem, 81 00:04:42,500 --> 00:04:44,400 right? Yeah, I remember they went out 82 00:04:44,400 --> 00:04:46,800 so everyone out. So it would definitely was a 83 00:04:46,800 --> 00:04:49,400 poll of ID Chrome. Embers and kind of get that 84 00:04:49,400 --> 00:04:53,100 sense of when to feel when do people feel proficient and it 85 00:04:53,100 --> 00:04:56,200 was that 5 to 10-year Mark. But, you know, even people who 86 00:04:56,200 --> 00:05:00,200 have been in the space for 15-plus years like you and I I 87 00:05:00,200 --> 00:05:02,500 still feel like, there's always something new to learn, right? 88 00:05:02,500 --> 00:05:05,300 Technology is always changing. I think there's Core Concepts, 89 00:05:05,300 --> 00:05:07,100 right? That maybe now we take for 90 00:05:07,100 --> 00:05:10,200 granted right there. Are people who don't have that 91 00:05:10,200 --> 00:05:12,300 experience, right? We have Morgan on a few weeks 92 00:05:12,300 --> 00:05:15,900 ago, you know, she's relatively new to the I am space. 93 00:05:16,200 --> 00:05:19,400 You know, it's people like that. That, how do we groom the Next 94 00:05:19,400 --> 00:05:21,000 Generation? I know that was a topic that 95 00:05:21,000 --> 00:05:25,300 actually, you know, someone wrote in looking for us to talk 96 00:05:25,300 --> 00:05:28,900 about, I think, in some point in the future, once we get through 97 00:05:28,900 --> 00:05:32,000 this, little travel still work on, it would be a good idea to 98 00:05:32,008 --> 00:05:34,400 kind of, get those folks back into room and really kind of 99 00:05:34,400 --> 00:05:36,900 talk about. How do we get, how do we get 100 00:05:36,900 --> 00:05:39,800 the, you know, folks who don't have as much experience with? 101 00:05:39,800 --> 00:05:43,500 I am. Snag them in college and see no 102 00:05:43,500 --> 00:05:46,100 other areas, you know, younger folks are people who are just 103 00:05:46,100 --> 00:05:49,100 looking to make a change. And And try to, you know, help 104 00:05:49,100 --> 00:05:50,500 them along their path. Yeah. 105 00:05:50,500 --> 00:05:52,900 Totally Ida pro has this project, they're working on 106 00:05:52,900 --> 00:05:56,900 called the body of knowledge which is essentially the intent 107 00:05:56,900 --> 00:06:00,200 is to be kind of a, you know, a training manual for I am. 108 00:06:00,800 --> 00:06:02,600 Yeah. You know it was interesting. 109 00:06:02,600 --> 00:06:07,100 Was it was meant to be kind of I think the way Sarah was putting 110 00:06:07,100 --> 00:06:10,600 it was. It's like so first off. 111 00:06:10,600 --> 00:06:13,800 I'm PMP. So that's project management 112 00:06:13,800 --> 00:06:16,900 professional. That's the group that PMI that 113 00:06:17,100 --> 00:06:19,700 built the pain. My project management body of 114 00:06:19,700 --> 00:06:22,100 knowledge. So I actually had to know it 115 00:06:22,100 --> 00:06:28,000 like down to the job until at one point and what she was 116 00:06:28,000 --> 00:06:31,400 saying was that they want to create a body of knowledge but 117 00:06:31,400 --> 00:06:34,100 they don't want it to dictate best practices. 118 00:06:34,400 --> 00:06:36,800 And my thought was, well, the pin bog definitely. 119 00:06:36,900 --> 00:06:41,600 So this is the best practice. It is not a agnostic from that 120 00:06:41,600 --> 00:06:47,400 sense, but I do think that And I am it's a little dangerous to 121 00:06:47,700 --> 00:06:51,100 you know try to say this is the best practice I think him. 122 00:06:51,500 --> 00:06:54,000 Similarly different people have different perspectives on what 123 00:06:54,000 --> 00:06:55,600 the best practices. Well they change. 124 00:06:55,600 --> 00:06:58,500 So I mean they can change relatively quickly if you think 125 00:06:58,500 --> 00:07:01,500 about it like what was that? Like two years ago SMS is fine. 126 00:07:01,600 --> 00:07:04,900 Maybe three years ago but SMS is fine for a one-time password. 127 00:07:05,000 --> 00:07:08,400 Now it's not even recommended by nist standards and no think 128 00:07:08,400 --> 00:07:11,600 historically nist has moved as quickly maybe as you know the 129 00:07:11,600 --> 00:07:15,800 industry but even nests you know it is Saying, yeah, we're 130 00:07:15,800 --> 00:07:20,300 deprecating that and it's no longer considered a secure form 131 00:07:20,700 --> 00:07:24,300 for authentication, right? That being said, if you're only 132 00:07:24,300 --> 00:07:27,600 using an ID and a password, and the only option you have 133 00:07:27,608 --> 00:07:33,200 available is to use some sort of SMS, you know, OTP, then it's 134 00:07:33,200 --> 00:07:35,200 probably better that. It's nothing at all, rather than 135 00:07:35,200 --> 00:07:37,100 nothing, right? But yeah, things move so 136 00:07:37,100 --> 00:07:38,500 quickly. That I don't know if you want to 137 00:07:38,500 --> 00:07:43,500 set a best practice today for without having to have several 138 00:07:43,500 --> 00:07:48,100 pages of This is a point in time, you know exactly. 139 00:07:48,100 --> 00:07:50,700 You're going to have to just I mean no matter what you do 140 00:07:50,700 --> 00:07:53,200 you're going to have to update. That's the one thing about 141 00:07:53,500 --> 00:07:55,400 identity management is pretty cool. 142 00:07:55,400 --> 00:07:59,800 Since I first got into industry, the first conference I went to 143 00:07:59,800 --> 00:08:04,600 was called digital ID world, and it was like, I think, you know, 144 00:08:04,600 --> 00:08:12,100 was there because Rob he's been around for a long time but, you 145 00:08:12,100 --> 00:08:15,600 know, it was like they talked about I am The standpoint of 146 00:08:15,600 --> 00:08:19,300 like, what is the father, who what is the identity? 147 00:08:20,400 --> 00:08:23,400 And it was really quite loved that about. 148 00:08:23,400 --> 00:08:26,500 I was like, you know, I never really thought about what is an 149 00:08:26,500 --> 00:08:29,300 identity mean to the philosophical discussion 150 00:08:29,300 --> 00:08:34,200 philosophical discussion about it and, you know, there's so 151 00:08:34,200 --> 00:08:41,000 many different Industries where they've kind of disappeared as 152 00:08:41,000 --> 00:08:46,100 industry and they've just become like could you imagine A CRM or 153 00:08:46,100 --> 00:08:51,900 Erp industry event? I don't think those exist. 154 00:08:51,900 --> 00:08:54,700 I think they're all focused on their one product and they're 155 00:08:54,700 --> 00:08:57,600 all product Focus now. So it's a very, you know, 156 00:08:57,800 --> 00:09:04,400 Salesforce or sap or, you know, one of those guys or maybe like 157 00:09:04,400 --> 00:09:08,000 Microsoft or something, but, you know, I didn't imagine still has 158 00:09:08,000 --> 00:09:10,100 vendor agnostic conferences. Yeah. 159 00:09:10,200 --> 00:09:11,700 Which is that? Yes, I think it's great. 160 00:09:11,800 --> 00:09:17,200 There's so many So many products out there, you know, sometimes I 161 00:09:17,200 --> 00:09:19,000 fundamentally, I feel like fundamentally. 162 00:09:19,000 --> 00:09:22,900 They do pretty much the same thing, they helped me understand 163 00:09:22,900 --> 00:09:27,100 who has access to what, and if that is appropriate at its basic 164 00:09:27,100 --> 00:09:29,800 level, that's pretty much all I am is right, that is different 165 00:09:29,800 --> 00:09:31,700 things right there. Could be, you know around yes, 166 00:09:31,700 --> 00:09:34,400 education site operation side, you know, wherever he may be. 167 00:09:34,900 --> 00:09:37,600 But there's so many still good conferences. 168 00:09:37,600 --> 00:09:41,100 Like you said that you can see the, you know, compare and 169 00:09:41,100 --> 00:09:44,500 contrast the different solutions because each one has an area 170 00:09:44,500 --> 00:09:48,300 think that they're really good at we're other specialized maybe 171 00:09:48,300 --> 00:09:53,400 in, you know, another area of I am or even just down to, you 172 00:09:53,400 --> 00:09:56,400 know, I'll call like simple things like IGA then he governs 173 00:09:56,400 --> 00:10:00,800 Administration doing just the basics of Plumbing of 174 00:10:00,800 --> 00:10:03,300 provisioning accounts be provisioning accounts. 175 00:10:03,500 --> 00:10:06,900 Yeah, you know, certifications sale Point does it this way? 176 00:10:06,900 --> 00:10:08,600 Saving? It does it this way, Oracle does 177 00:10:08,600 --> 00:10:11,500 it another way. They all have different 178 00:10:11,500 --> 00:10:15,600 strengths that they liked him. Yeah, I asked the question and 179 00:10:15,600 --> 00:10:19,100 it wasn't like in order to stump these guys because I'm really 180 00:10:19,100 --> 00:10:23,000 interested to see if they had an answer. 181 00:10:23,000 --> 00:10:26,500 But you know it's like we talked about Samuel to and we talked 182 00:10:26,500 --> 00:10:31,100 about oauth 2 and open ID connect and I asked question 183 00:10:31,100 --> 00:10:36,000 what what's next and Puma was mentioned, that's definitely one 184 00:10:36,000 --> 00:10:39,500 that it has people's interests and their future. 185 00:10:39,900 --> 00:10:42,700 Dietary things. But it's a little bit hard. 186 00:10:43,300 --> 00:10:45,900 I think hard question to answer because I don't think there's 187 00:10:45,900 --> 00:10:50,600 anything emergent that's like. Finally, the next you see, 188 00:10:50,700 --> 00:10:53,400 here's the thing. I don't know what it is, but I 189 00:10:53,400 --> 00:10:56,600 can tell you that 10 15 years down the road soon, be something 190 00:10:56,600 --> 00:10:58,200 else. That's kind of feel like about 191 00:10:58,200 --> 00:11:01,400 actor-director right somewhere? Someone is out of replaced, 192 00:11:01,400 --> 00:11:04,000 active directory, right? We just don't know it yet. 193 00:11:04,300 --> 00:11:07,000 That's right. He's kind of same way that what 194 00:11:07,000 --> 00:11:10,100 no vowel, you know, all of a sudden was gone and you're 195 00:11:10,100 --> 00:11:12,800 really replaces Novella essentially, right? 196 00:11:12,900 --> 00:11:14,900 Yeah. So something's out there and 197 00:11:14,900 --> 00:11:16,400 replace it. I'm curious to see how the 198 00:11:16,400 --> 00:11:19,500 blockchain plays into this. I think there's some sessions 199 00:11:19,500 --> 00:11:22,300 and next couple days. Yeah, around that decentralized 200 00:11:22,300 --> 00:11:24,800 identity. Sarah did have, you know, 201 00:11:24,800 --> 00:11:29,300 interesting, use case around Puma, you may wear. 202 00:11:29,300 --> 00:11:31,200 It was kind of like a point-to-point identification, 203 00:11:31,300 --> 00:11:33,600 which I think is interesting because in the age of privacy, 204 00:11:34,300 --> 00:11:37,400 you don't necessarily need need to know someone's birth date or 205 00:11:37,400 --> 00:11:40,100 you just need to know you know are they old enough to do what 206 00:11:40,100 --> 00:11:43,700 they're trying to do? Is it by a Beer by whatever 207 00:11:43,900 --> 00:11:46,400 where they need to be 21 or maybe devote right? 208 00:11:46,500 --> 00:11:48,800 You don't really need all that information. 209 00:11:48,800 --> 00:11:52,300 Just Yes or no. Basically, it's a binary. 210 00:11:52,300 --> 00:11:55,300 So then you start having the idea of like an identity 211 00:11:55,300 --> 00:11:58,200 provider being government agency, and things like that. 212 00:11:58,200 --> 00:12:02,000 Which, you know, that idea has been getting further else's 213 00:12:02,000 --> 00:12:06,900 digital ID 1, I can see ya nationally and, you know, I 214 00:12:06,900 --> 00:12:10,900 don't know, it's like as much as it seems to make sense and never 215 00:12:10,900 --> 00:12:13,000 really, actually seems never happen. 216 00:12:13,000 --> 00:12:16,400 I think part of it is, you know, I'm not an anti-government 217 00:12:16,400 --> 00:12:18,700 person. But, you know, I think the 218 00:12:18,708 --> 00:12:22,800 government moves, Too slow to keep up with the pace of 219 00:12:22,800 --> 00:12:26,500 technology for consumers. Yeah, isn't it? 220 00:12:26,500 --> 00:12:29,200 I think it's Estonia. They've gone to an all-digital 221 00:12:29,800 --> 00:12:32,800 identification. I don't know enough about speak 222 00:12:32,800 --> 00:12:34,000 intelligently. So I'm going to stop right 223 00:12:34,000 --> 00:12:35,200 there. All right, but I'm pretty sure 224 00:12:35,200 --> 00:12:40,400 it's a Stony a little bit more, but, I'm pretty sure it's a 225 00:12:40,400 --> 00:12:43,800 Stony of that has gone to like an all digital identity. 226 00:12:43,800 --> 00:12:48,300 Do all their voting online. I'm not sure how secure it is, 227 00:12:48,300 --> 00:12:51,800 but you know that, Could be something that becomes a case. 228 00:12:51,800 --> 00:12:55,100 Study of, here's what works and here's what doesn't work, 229 00:12:55,100 --> 00:12:59,100 because like anything else, technology people processes Etc, 230 00:12:59,100 --> 00:13:03,800 will continue to evolve mature etcetera based on the needs of 231 00:13:04,100 --> 00:13:06,500 humans. Yeah, until the robots take 232 00:13:06,500 --> 00:13:08,800 over. So one last thing I want to do 233 00:13:08,800 --> 00:13:12,000 is mention I was talking about that Discovery. 234 00:13:12,300 --> 00:13:14,800 I went back and looked at the slide because it's a picture of 235 00:13:14,800 --> 00:13:17,500 it. So the three forms were first 236 00:13:17,500 --> 00:13:20,600 one they called NASCAR. I thought was a really cool 237 00:13:20,600 --> 00:13:23,100 name. So the NASCAR was the login 238 00:13:23,100 --> 00:13:26,500 screen with all the little witches or icons. 239 00:13:26,700 --> 00:13:32,500 Also got they're like yeah sponsored by Google or Yahoo 240 00:13:32,600 --> 00:13:36,100 Plankton laughing. Yeah. 241 00:13:37,000 --> 00:13:38,200 So I thought that was pretty cool. 242 00:13:38,200 --> 00:13:41,000 That was method. Number one is so this is IDP 243 00:13:41,000 --> 00:13:45,200 Discovery, that's it. One must NASCAR method to was 244 00:13:46,500 --> 00:13:51,100 what they call IDP discovery which was you Put in your domain 245 00:13:51,100 --> 00:13:55,300 or you hit a drop down, select your domain and then the third 246 00:13:55,300 --> 00:13:58,400 was user base, which is where I say this is probably the most 247 00:13:58,400 --> 00:14:03,000 common you type in an email address type style user name and 248 00:14:03,000 --> 00:14:06,300 it truncates off you know at yeah. 249 00:14:06,300 --> 00:14:09,000 Whatever is the environment clean and then we'll send you 250 00:14:09,000 --> 00:14:11,900 back to the room. That's interesting. 251 00:14:12,000 --> 00:14:16,400 Yeah. So anyway, more to come on. 252 00:14:16,400 --> 00:14:22,800 That probably the other part of the, the afternoon was focused 253 00:14:22,800 --> 00:14:28,300 on a workshop around how to manage through a data breach and 254 00:14:28,300 --> 00:14:32,600 this was truly a workshop. So when I saw it on the agenda 255 00:14:32,600 --> 00:14:36,300 didn't really distinguish, okay? Workshop means there's going to 256 00:14:36,300 --> 00:14:40,200 be a lot of participation by folks in the audience. 257 00:14:40,200 --> 00:14:44,400 So it wasn't just watching a bunch of And some actually 258 00:14:44,400 --> 00:14:47,500 thought that was good, really kept it from being too boring at 259 00:14:47,500 --> 00:14:51,700 least for me. But the case you guys were 260 00:14:52,100 --> 00:14:55,700 Richard Hill and John Tolbert, I thought it was a really good 261 00:14:55,700 --> 00:15:01,300 session. I think that the big message was 262 00:15:01,400 --> 00:15:04,300 what was in session. So what was it about? 263 00:15:04,300 --> 00:15:08,600 It was handling your identity breachers, a customer. 264 00:15:13,700 --> 00:15:18,700 They went through the workshop was kind of, a lot of, here's 265 00:15:18,700 --> 00:15:22,200 kind of the problem. One of the problems is, if you 266 00:15:22,200 --> 00:15:26,400 look at handling your breach, there's how you can prevent it, 267 00:15:26,700 --> 00:15:32,900 how you can detect it and how you can respond, most of the 268 00:15:33,300 --> 00:15:37,000 investment that at least. So they did a survey of 269 00:15:37,500 --> 00:15:41,300 companies in the UK and like ninety percent of those 270 00:15:41,300 --> 00:15:48,300 companies have invested. And prevention 55% had done some 271 00:15:48,300 --> 00:15:50,300 level of investment in detection. 272 00:15:50,600 --> 00:15:54,300 Only 13% invested in response. Yeah. 273 00:15:54,300 --> 00:15:57,800 So in other words the planning for the response, the problem is 274 00:15:57,800 --> 00:16:03,100 like the Dave reaches I think occurred are currently 50 275 00:16:03,100 --> 00:16:05,400 percent of companies or something like that. 276 00:16:05,400 --> 00:16:07,400 I mean it's a really high percentage, I don't know who 277 00:16:07,400 --> 00:16:10,900 said it, but if there's the old adage of either, you've been 278 00:16:11,000 --> 00:16:14,400 either, you've been hacked. Or you don't know yet, right? 279 00:16:14,400 --> 00:16:16,200 Exactly. And then what they're also 280 00:16:16,200 --> 00:16:20,200 saying was like, you know, Common, there's coming patterns 281 00:16:20,200 --> 00:16:24,500 that there that they found in their survey, there's a survey 282 00:16:24,500 --> 00:16:28,600 by the Hanuman institute. There's one by IBM, and a lot of 283 00:16:28,608 --> 00:16:33,100 the numbers are the same and one of the the shocking statistics 284 00:16:33,100 --> 00:16:37,200 is it takes about a half a year on average to even detect that 285 00:16:37,200 --> 00:16:39,400 you've been hacked. This is why I'm such a big fan 286 00:16:39,400 --> 00:16:41,400 of things like machine learning and AI. 287 00:16:41,600 --> 00:16:44,500 Yah is How You Gonna Catch? There's no way, you know, that 288 00:16:44,500 --> 00:16:50,200 it makes sense to staff. Dozens hundreds of analysts just 289 00:16:50,200 --> 00:16:52,900 to try and pour over logs and you know whatever maybe he. 290 00:16:52,900 --> 00:16:56,000 So I think that's I think that's what you're seeing now is the 291 00:16:56,000 --> 00:17:00,300 kind of the Leading Edge of. I am is a lot of this focus on 292 00:17:00,300 --> 00:17:02,700 machine learning. Hey, I see a product like 293 00:17:02,900 --> 00:17:05,300 exiting for example, right? We're doing that kind of looks 294 00:17:05,300 --> 00:17:10,000 long and it was getting into it well especially when a lot of 295 00:17:10,000 --> 00:17:14,300 these data breaches. Start with a phishing attack. 296 00:17:14,500 --> 00:17:17,900 Other words, you're getting somebody credentials one way or 297 00:17:17,900 --> 00:17:21,599 the other and then you start accident, if you're a hacker you 298 00:17:21,599 --> 00:17:25,800 start accessing the network in a way that would be normal all the 299 00:17:25,800 --> 00:17:27,900 day I do. And in that case, whose you say, 300 00:17:27,900 --> 00:17:31,500 okay, while you're accessing the network, in a way that's normal, 301 00:17:31,800 --> 00:17:33,900 we're accessing it from China, right? 302 00:17:33,900 --> 00:17:38,000 Or you're accessing it from the VPN in your on the network at 303 00:17:38,000 --> 00:17:40,100 the same time, right? Into different avoid that 304 00:17:40,100 --> 00:17:42,500 doesn't make sense right? Or you're you know trying to 305 00:17:42,700 --> 00:17:45,100 Access different things that you normally don't try to access, 306 00:17:45,200 --> 00:17:46,400 right? Right. 307 00:17:46,400 --> 00:17:50,700 And then exactly so search kicking off a weird pattern and 308 00:17:50,700 --> 00:17:53,000 it requires somebody to go look into it further. 309 00:17:53,400 --> 00:17:59,700 But I think that was that's the thing is that so many of these 310 00:17:59,700 --> 00:18:04,400 cases happen and then organizations don't have a plan 311 00:18:04,400 --> 00:18:08,800 to deal with data breach and then one occurs and there. 312 00:18:09,800 --> 00:18:13,500 They're trying to fight a battle without a plan, right? 313 00:18:13,500 --> 00:18:17,400 So things start moving very quickly on you when I thought 314 00:18:17,400 --> 00:18:21,100 was interesting about that part where the vast majority of the 315 00:18:21,100 --> 00:18:26,100 spend was on the prevention side and very minimal spend on 316 00:18:26,300 --> 00:18:29,200 response. I think you see that today in 317 00:18:29,200 --> 00:18:32,000 some of the responses, you see, if the companies where frankly, 318 00:18:32,000 --> 00:18:34,500 their trash responses, they're not good, right? 319 00:18:34,500 --> 00:18:38,300 They just do a terrible job and every once in a while, I'll see 320 00:18:38,300 --> 00:18:40,500 a company, I'm trying things. Off the top of my head I can 321 00:18:40,500 --> 00:18:43,200 think of was like okay they actually I think they did a good 322 00:18:43,200 --> 00:18:45,200 job. Yes they got hacked that's bad. 323 00:18:45,200 --> 00:18:47,400 But at least they're responsible bit better. 324 00:18:47,800 --> 00:18:49,400 And if there was some interesting conversation to room 325 00:18:49,400 --> 00:18:54,200 around, why do we think the response spend is so small? 326 00:18:54,200 --> 00:18:58,400 In comparison to prevention detection mitigation, those 327 00:18:58,400 --> 00:19:01,900 sorts of things and I don't member who said in the room, but 328 00:19:01,900 --> 00:19:03,000 I was kind of thinking see anything. 329 00:19:03,000 --> 00:19:06,500 It's if you're spending, but this is just a perception thing, 330 00:19:06,500 --> 00:19:08,700 right? If you're spending a lot of 331 00:19:08,700 --> 00:19:12,100 money. On recovery or response. 332 00:19:13,100 --> 00:19:15,600 Isn't that self-defeating because the whole point of you 333 00:19:15,600 --> 00:19:19,400 spending money on prevention and detection, all those sort of 334 00:19:19,400 --> 00:19:21,300 things is that you don't get to the response. 335 00:19:22,200 --> 00:19:25,800 So what are you saying to your CEO and say, hey I need, you 336 00:19:25,800 --> 00:19:30,300 know, a million dollars for prevention and detection and 337 00:19:30,300 --> 00:19:32,700 another million dollars for response. 338 00:19:32,900 --> 00:19:34,900 Or what do you mean, why am I spending million dollars on 339 00:19:34,900 --> 00:19:37,100 prevention if you're telling me that's already going to fail? 340 00:19:37,100 --> 00:19:40,100 So I think it's an issue given the dynamic that, you know, 341 00:19:40,100 --> 00:19:44,300 cisos and cios other folks. He's likable have to balance 342 00:19:44,300 --> 00:19:47,700 that, you know that. Yes, we're going to do 343 00:19:47,708 --> 00:19:50,100 everything we can to stop the breach, but we know that 344 00:19:50,100 --> 00:19:53,900 inevitably something could happen and we need to prepare 345 00:19:53,900 --> 00:19:56,100 for it as well. Yeah, the Challenger would have 346 00:19:56,100 --> 00:20:00,400 on that would be, it should not cost you a million dollars. 347 00:20:00,400 --> 00:20:02,800 So, I was responsible, I was using easy numbers for my 348 00:20:02,800 --> 00:20:08,100 citizenship in some companies. Maybe it would, because I think 349 00:20:08,100 --> 00:20:12,300 that parallel, and it is like a disaster. 350 00:20:12,400 --> 00:20:16,300 Every plan, you know, yes, you go into your Datacenter gu built 351 00:20:16,300 --> 00:20:20,800 on a redundancy and Geographic redundancy and things like that. 352 00:20:20,900 --> 00:20:25,700 That doesn't mean you couldn't fall prey to a disaster, right? 353 00:20:25,800 --> 00:20:30,100 And every companies deserve for her, reflect it and the disaster 354 00:20:30,100 --> 00:20:33,900 recovery. Plan could say, well, you know, 355 00:20:33,900 --> 00:20:36,800 we have a hot side over here. So we should never be down. 356 00:20:37,000 --> 00:20:41,200 And the response plan like this for a data breach probably 357 00:20:41,700 --> 00:20:44,300 probably know. Oh like you know no matter what 358 00:20:44,300 --> 00:20:47,900 we're covered, right? But at least give a plan to say 359 00:20:48,700 --> 00:20:50,700 when we find out Something's Happened. 360 00:20:51,200 --> 00:20:55,400 This is the team that's going to run with it and those folks are 361 00:20:55,400 --> 00:20:58,400 prepared know their role. Yeah, I think that was, I think 362 00:20:58,400 --> 00:21:02,400 one of these you spoke about was ownership, very who owns this. 363 00:21:02,400 --> 00:21:05,000 And I think people kind of thinking around the room because 364 00:21:05,000 --> 00:21:07,500 it can't see, faces was kind of like, uh, that's a good 365 00:21:07,500 --> 00:21:08,500 question. Who owns this? 366 00:21:10,500 --> 00:21:15,400 Yeah, so so the way they approach the workshop the KCI is 367 00:21:15,400 --> 00:21:21,000 was they set up a fictitious example I guess they said it was 368 00:21:21,000 --> 00:21:24,800 based on something that really happened but regardless you can 369 00:21:24,800 --> 00:21:28,200 see how this could really happen and they dribbled a little bit 370 00:21:28,200 --> 00:21:31,200 of information as the hack was playing out. 371 00:21:31,200 --> 00:21:35,800 So you were in the shoes of a new security analysts have been 372 00:21:35,800 --> 00:21:39,700 with the company for a week and, you know, so slide one was like 373 00:21:39,800 --> 00:21:44,800 Like you start hearing about some issues where the helped us 374 00:21:44,800 --> 00:21:48,300 who's getting slammed with all these questions about their 375 00:21:48,300 --> 00:21:53,000 accounts and then you saw a social media post that some 376 00:21:53,000 --> 00:21:56,000 accounts have been posted to the dark web, you're starting to 377 00:21:56,000 --> 00:21:59,400 become aware of it and that's one where the reporter. 378 00:21:59,800 --> 00:22:03,400 Then the final step to the reporter calls you I reporter 379 00:22:03,400 --> 00:22:08,300 calls you from some online media site. 380 00:22:08,300 --> 00:22:13,000 And as you You know about this episode. 381 00:22:13,000 --> 00:22:14,600 I think that's where things got really interesting. 382 00:22:14,600 --> 00:22:16,100 Their room, great. Yeah. 383 00:22:17,300 --> 00:22:22,200 My perspective was, you know, phones Curiosity Company. 384 00:22:22,800 --> 00:22:27,700 My role is not to talk to Media right now agreed that otherwise 385 00:22:27,700 --> 00:22:29,400 would have media training employee. 386 00:22:29,500 --> 00:22:32,100 Yeah, exactly. But, you know, and the point I 387 00:22:32,108 --> 00:22:35,900 was making was, you know, answering that question, even 388 00:22:35,900 --> 00:22:39,200 just say, like, no, I don't know that I'll have somebody get back 389 00:22:39,200 --> 00:22:41,400 to you. That could be a headline, like 390 00:22:41,400 --> 00:22:43,500 security analyst, doesn't your this company. 391 00:22:43,500 --> 00:22:46,200 As even know that they stay number of ways. 392 00:22:46,200 --> 00:22:48,000 I think he has fun A number of ways. 393 00:22:48,000 --> 00:22:52,800 I'm just looking for a headline. I think I'll take away on that 394 00:22:52,800 --> 00:22:56,100 part though. Was that from a training 395 00:22:56,100 --> 00:23:01,300 perspective, making sure the organization knows who to send 396 00:23:01,300 --> 00:23:03,700 media inquiries to one of the companies I work for. 397 00:23:03,700 --> 00:23:07,100 That was part of our training was if you receive requests from 398 00:23:07,100 --> 00:23:11,500 the media for, you know, send them to this person or this 399 00:23:11,500 --> 00:23:13,000 department, or phone number, whatever it was. 400 00:23:13,000 --> 00:23:15,500 And we had to actually do that every year rice, you know, it 401 00:23:15,500 --> 00:23:16,900 was because it, you know, people change it. 402 00:23:17,000 --> 00:23:19,100 And procedures, whatever. But it was something that was 403 00:23:19,100 --> 00:23:23,100 actually accounted for from a organizational level, somebody 404 00:23:23,100 --> 00:23:26,800 made that statement. I think because, you know, from 405 00:23:26,800 --> 00:23:29,900 that perspective, the data breaches not much different than 406 00:23:30,400 --> 00:23:32,500 any other type of accident that could tap. 407 00:23:32,500 --> 00:23:37,000 So if your you had a factory and the factory caught fire and they 408 00:23:37,500 --> 00:23:40,200 somebody found your number or they were just kind of word 409 00:23:40,200 --> 00:23:46,300 island of corporate phone number, you know, block they got 410 00:23:46,300 --> 00:23:48,800 you. I want to know about the fire, 411 00:23:49,300 --> 00:23:52,400 you know, you'd have to know, don't say anything is not your 412 00:23:52,400 --> 00:23:55,200 job, right? Send them to that corporate 413 00:23:55,200 --> 00:24:03,200 phone number. So, even if you had a plan, if 414 00:24:03,200 --> 00:24:06,000 you had a plan around how to do a data breaches, it should 415 00:24:06,600 --> 00:24:09,400 include having them call that number because I think they 416 00:24:09,400 --> 00:24:14,200 would know how to say no comment you know, I'll return your call 417 00:24:14,200 --> 00:24:17,300 later or something like that. They would know how to Surely 418 00:24:17,300 --> 00:24:19,400 get all kinds of offbeat calls all the time. 419 00:24:19,600 --> 00:24:20,700 Yeah. That's when you see her it, when 420 00:24:20,700 --> 00:24:23,400 you read like a news article you know reached out to so-and-so 421 00:24:24,000 --> 00:24:27,500 have not heard back or you know did not provide a comment, 422 00:24:27,600 --> 00:24:29,800 right, right? Which is probably okay at that 423 00:24:29,800 --> 00:24:32,000 early stage, right? You're probably still 424 00:24:32,000 --> 00:24:34,100 fact-finding and trying to figure out what the heck is 425 00:24:34,100 --> 00:24:35,900 going on. You know. 426 00:24:36,600 --> 00:24:39,100 You would hope that the organization would be aware of 427 00:24:39,100 --> 00:24:40,400 things before it gets the outside. 428 00:24:40,400 --> 00:24:43,400 But this is the real world and it doesn't always happen, right? 429 00:24:43,500 --> 00:24:46,500 So I can't. So at that point, we're kind of 430 00:24:46,500 --> 00:24:48,700 at the point. Or with so you're starting to 431 00:24:48,700 --> 00:24:51,100 become aware. You were starting to think, okay 432 00:24:51,100 --> 00:24:54,900 there's something I need to look into but before you re believe 433 00:24:55,100 --> 00:25:00,700 even the look into it, you get this media call then advances 434 00:25:00,700 --> 00:25:03,900 into you start having more information come your way. 435 00:25:04,100 --> 00:25:07,500 I think the real key is if you have a plan you know who to get 436 00:25:07,500 --> 00:25:13,200 involved and you start things going, it's kind of fast forward 437 00:25:13,300 --> 00:25:15,100 because I even though it was a great session. 438 00:25:15,300 --> 00:25:19,800 What I wanted to talk about was There were two example videos 439 00:25:19,800 --> 00:25:23,400 that we watched her kind of News interviews. 440 00:25:23,600 --> 00:25:27,500 The first one was with the British Airways when they got 441 00:25:27,800 --> 00:25:32,600 breached and it was two weeks after they hadn't come out and 442 00:25:32,600 --> 00:25:34,200 made a public statement that point. 443 00:25:34,200 --> 00:25:37,800 So they had this guy home kind of a talking head because that's 444 00:25:38,600 --> 00:25:40,800 the other. So many Talking Heads on news 445 00:25:40,800 --> 00:25:43,300 channels and sports channels these days. 446 00:25:43,700 --> 00:25:48,700 And he's just saying, you know, Thing after another and it was, 447 00:25:48,800 --> 00:25:50,600 they lost control of the situation. 448 00:25:50,600 --> 00:25:53,500 They didn't get out and proactively communicate. 449 00:25:53,500 --> 00:25:56,200 About British Airways. Yeah, pretty sure ways. 450 00:25:56,300 --> 00:25:59,000 And, you know, and they lost the opportunity to kind of 451 00:25:59,000 --> 00:26:03,200 formulate, the message and let customers know that they'll be 452 00:26:03,200 --> 00:26:05,900 made whole and they'll be taken care of in that. 453 00:26:06,200 --> 00:26:08,800 Not only that, that their planes are safe, right? 454 00:26:08,800 --> 00:26:13,100 This had nothing to do with the operation of their planes 455 00:26:13,100 --> 00:26:16,100 because I think with an airline okay, even if you got my credit 456 00:26:16,100 --> 00:26:18,500 card number five, Fine. I don't want to be on a plane 457 00:26:18,500 --> 00:26:20,300 that crashed. Well, it's interesting because 458 00:26:20,300 --> 00:26:23,000 look at what happened recently, the 737 Max, right? 459 00:26:23,100 --> 00:26:25,400 A grounder that worldwide because of the software issue, 460 00:26:25,600 --> 00:26:27,900 software issue young. So now we're starting to let me 461 00:26:27,900 --> 00:26:30,200 on board. The lines between it's not just 462 00:26:30,300 --> 00:26:33,700 payment and billing software issues can happen anywhere from 463 00:26:33,700 --> 00:26:35,000 playing. You certainly don't want to 464 00:26:35,008 --> 00:26:39,000 happen in the air for sure. So you have to be able to steer 465 00:26:39,000 --> 00:26:41,500 the message where you need to go, obviously they want to 466 00:26:41,500 --> 00:26:46,300 mislead people, right? But controlling the narrative, 467 00:26:46,300 --> 00:26:48,300 which You know, is all over the place. 468 00:26:48,300 --> 00:26:51,800 Politics, Etc Sports, whatever it may be is a key part of 469 00:26:51,800 --> 00:26:53,700 making sure that it goes stories. 470 00:26:53,700 --> 00:26:55,300 Go the direction, you're looking some gum. 471 00:26:55,400 --> 00:26:59,000 Yeah, exactly. The other video we watched was 472 00:26:59,000 --> 00:27:03,600 the CEO of talk talk. And this interesting, the room, 473 00:27:03,600 --> 00:27:07,600 a lot of people had an opinion on whether or not the CEO did a 474 00:27:07,600 --> 00:27:09,600 good job. No, I watched the video. 475 00:27:09,600 --> 00:27:12,300 I thought the CEO did a good job in that. 476 00:27:12,500 --> 00:27:14,200 I felt like she was being honest. 477 00:27:14,200 --> 00:27:16,800 Yeah, she was not trying to cover anything. 478 00:27:16,900 --> 00:27:21,800 Yup, there was an attack journalism from style, but I 479 00:27:21,800 --> 00:27:24,900 also could see the point, some of the other people were making, 480 00:27:24,900 --> 00:27:29,400 which was she look like, she had slept in 48 hours, probably 481 00:27:29,400 --> 00:27:33,600 hadn't Hughes hanging your head. Her body language was pretty 482 00:27:33,600 --> 00:27:36,800 weak and then there's attack journalist, just like peppering 483 00:27:36,800 --> 00:27:40,300 her with questions and rather than Prosecuting instead of 484 00:27:40,300 --> 00:27:42,900 interview Prosecuting, right? She wasn't letting your finisher 485 00:27:42,900 --> 00:27:45,200 answers, the answers for never good enough. 486 00:27:45,600 --> 00:27:48,800 And it's like, you, The people who handle that the best 487 00:27:49,200 --> 00:27:52,300 basically put the reporter in their place and say, one 488 00:27:52,300 --> 00:27:55,400 question at a time, you know, let me finish answering. 489 00:27:57,000 --> 00:28:02,500 So, Anyway, we should try to find those videos and app to the 490 00:28:02,500 --> 00:28:04,900 show notes. I think that, you know, I know 491 00:28:04,900 --> 00:28:07,100 we're kind of jumping all over because we don't want the show 492 00:28:07,100 --> 00:28:13,100 to go on for ever, in the day. But one of the other interesting 493 00:28:13,100 --> 00:28:16,900 conversations was around when to get law enforcement involved, I 494 00:28:16,900 --> 00:28:19,000 am. And there was a FBI special 495 00:28:19,000 --> 00:28:21,700 agent in the room as well. There was an FBI special agent 496 00:28:21,700 --> 00:28:24,900 or no, and I've had we found him. 497 00:28:25,100 --> 00:28:28,100 Yes, I thought that was pretty cool. 498 00:28:29,700 --> 00:28:35,600 You know, depending on the industry or in depending on what 499 00:28:35,600 --> 00:28:41,100 the potential risks of the, of the reach, our main we were 500 00:28:41,100 --> 00:28:46,300 looking at a I think we're led to believe that this particular 501 00:28:46,400 --> 00:28:51,700 company wasn't in the in the business doing anything that 502 00:28:52,200 --> 00:28:56,000 would threaten the lives and safety of people therapies, like 503 00:28:56,000 --> 00:28:58,300 an e-commerce type scenario. I think really right. 504 00:28:58,700 --> 00:29:01,800 It's an e-commerce area but it didn't seem like as e-commerce 505 00:29:01,800 --> 00:29:04,800 like Gun Company, right? They weren't selling guns, 506 00:29:04,800 --> 00:29:08,500 firing line or anything but, you know, imagine a scenario where 507 00:29:08,600 --> 00:29:14,100 your client is selling guns or public safety's involved in some 508 00:29:14,100 --> 00:29:16,100 way. I think you need to be much 509 00:29:16,100 --> 00:29:19,500 quicker in terms of contacting law enforcement before you even 510 00:29:19,500 --> 00:29:22,500 had the full picture. Yeah, if your something where 511 00:29:22,600 --> 00:29:27,500 lies aren't threatened, maybe take your time to try to, you 512 00:29:27,500 --> 00:29:31,000 know, you don't want to Um, did love law, enforcement 513 00:29:31,000 --> 00:29:34,100 involvement, find out that actually learnt for each and 514 00:29:34,300 --> 00:29:36,200 this is all a big mistake, right? 515 00:29:36,600 --> 00:29:41,100 I think the FBI is going to have a presentation on Friday in a 516 00:29:41,100 --> 00:29:43,800 couple days. So we'll see if it's worth if 517 00:29:43,800 --> 00:29:47,500 it's worth talking about that point but he certainly didn't 518 00:29:47,500 --> 00:29:51,900 want to spoil or, you know, steal his own Thunder ahead of 519 00:29:51,900 --> 00:29:55,300 that. What did you think of the show? 520 00:29:55,700 --> 00:29:58,200 The show the, the conference overall, because I have 521 00:29:58,200 --> 00:29:58,900 opinions. Ins? 522 00:29:59,800 --> 00:30:05,400 I'll let you go first. Well, is very small, I like the 523 00:30:05,400 --> 00:30:09,600 style of today and I don't think the style of today is going to 524 00:30:09,600 --> 00:30:13,400 carry forward the way the conference Hall is that I 525 00:30:13,400 --> 00:30:14,700 shouldn't even call a conference Hall. 526 00:30:14,900 --> 00:30:19,300 It's a floor on a hotel, but there's another conference going 527 00:30:19,300 --> 00:30:24,200 on in the room next to ours. So tomorrow it will be split 528 00:30:24,200 --> 00:30:27,700 across those two rooms. There may be more people so I 529 00:30:27,700 --> 00:30:32,700 think too Kind of make my call now would be premature, right? 530 00:30:32,700 --> 00:30:37,300 It's definitely a hot, take a hot date, but I'm having fun 531 00:30:37,600 --> 00:30:42,900 and, you know, I met a guy named Dirk wolf healed from cognitum 532 00:30:42,900 --> 00:30:46,400 software. He's a GDP, our expert. 533 00:30:46,700 --> 00:30:50,400 And one thing I didn't realize is that there are companies 534 00:30:50,400 --> 00:30:55,600 already paying fines gdpr. British Airways was one right. 535 00:30:55,600 --> 00:30:57,500 There's a and it's not an insignificant amount. 536 00:30:57,500 --> 00:31:00,200 It's based on a bleeder Gross profit or something like that. 537 00:31:00,200 --> 00:31:03,700 Exactly. Year, 25 percent of your gross 538 00:31:04,000 --> 00:31:07,200 revenue deficit Olivia. Yes, if you're 100 billion 539 00:31:07,200 --> 00:31:09,800 dollar company, could be five billion dollars. 540 00:31:09,800 --> 00:31:12,800 Yeah, that's nothing to sneeze that. 541 00:31:12,800 --> 00:31:16,600 So, yeah. So anyway, he was showing me 542 00:31:16,600 --> 00:31:21,000 some data that's publicly available and, you know, there 543 00:31:21,000 --> 00:31:24,800 are some large US companies being fined for their 544 00:31:24,800 --> 00:31:28,700 activities, in countries, in Europe. 545 00:31:29,000 --> 00:31:33,100 And I know Google was just a news recently because they won a 546 00:31:33,100 --> 00:31:36,400 lawsuit against gdpr. Okay? 547 00:31:37,300 --> 00:31:39,600 The it's around the right to be forgotten. 548 00:31:40,000 --> 00:31:44,800 Part of GDP are. And what gdpr was arguing, was 549 00:31:44,800 --> 00:31:50,600 that if someone makes a request to be forgotten, Google or the 550 00:31:50,600 --> 00:31:53,000 search engine would have to remove it from all of their 551 00:31:53,000 --> 00:31:55,900 product, from all of their search engines, meaning even 552 00:31:56,000 --> 00:31:59,500 searches, and search engines in different regions, not Located 553 00:31:59,500 --> 00:32:03,500 in European country and Google one. 554 00:32:03,700 --> 00:32:04,900 I'm sure he'll get a peel Google. 555 00:32:04,900 --> 00:32:08,800 One by saying, are they won? The ruling from the judge. 556 00:32:08,800 --> 00:32:10,300 Was that? No, that's not correct. 557 00:32:10,300 --> 00:32:15,700 They only have to remove it from the, you know, the member areas 558 00:32:15,700 --> 00:32:17,700 of the EU that are falling under gdpr. 559 00:32:17,700 --> 00:32:21,000 So America is not covered under that you know, other other 560 00:32:21,000 --> 00:32:22,400 areas. So I think that was a real 561 00:32:22,400 --> 00:32:26,600 interesting ruling how that's going to kind of move things 562 00:32:26,600 --> 00:32:29,900 forward because theoretically, Lee, you know, if you're in, 563 00:32:29,900 --> 00:32:32,800 let's say France, all you have to do is just change it to the 564 00:32:32,800 --> 00:32:35,200 US version and you be able to still find whatever it is, 565 00:32:35,200 --> 00:32:37,900 you're looking for versus. If you're in France version of 566 00:32:37,900 --> 00:32:40,600 Google, for example, the results weren't show up. 567 00:32:41,400 --> 00:32:46,300 I want to give Dirk Werner on our podcast because we get asked 568 00:32:46,300 --> 00:32:49,100 by customers all the time about, Judy PR. 569 00:32:49,500 --> 00:32:56,700 And now companies are receiving, real finds remain real money and 570 00:32:56,900 --> 00:33:00,700 this guy knows a lot about. So I'd like Get him on and share 571 00:33:00,700 --> 00:33:02,500 some of this information with Arliss. 572 00:33:04,200 --> 00:33:07,300 So I'm going to agree and say I thought was it's a very small 573 00:33:07,300 --> 00:33:10,800 conference. The format of the conference is 574 00:33:10,800 --> 00:33:12,900 three days. Today was really kind of 575 00:33:12,900 --> 00:33:16,100 Workshop, so it's even though it's day one of the concrete, 576 00:33:16,100 --> 00:33:17,300 that's really more, like Day Zero. 577 00:33:18,100 --> 00:33:22,300 So I'm curious to see how things ramp up the next two days 578 00:33:22,300 --> 00:33:25,400 because then becomes more of a conference type thing where 579 00:33:25,400 --> 00:33:27,200 those different sessions. But it's still relatively small. 580 00:33:27,200 --> 00:33:30,500 I think from my account today, there were less than 30 people 581 00:33:30,600 --> 00:33:34,100 there today, which is a very small number, you know, for a 582 00:33:34,100 --> 00:33:36,100 concern, you know, and identity world. 583 00:33:37,100 --> 00:33:38,600 Now I believe this is a new conference. 584 00:33:38,800 --> 00:33:40,300 It's the u.s. I think it's only been around 585 00:33:40,300 --> 00:33:44,500 for here that could be wrong on that and I felt like today was 586 00:33:44,500 --> 00:33:47,700 really good. It could have been a webinar for 587 00:33:47,700 --> 00:33:51,300 sure but by being in the room and being able to have 588 00:33:51,300 --> 00:33:53,500 interactions with all the other attendees and there was a pretty 589 00:33:53,500 --> 00:33:57,100 good mix from different people of, you know, other Consultants. 590 00:33:57,100 --> 00:34:00,100 But you know companies and you know some fairly big companies 591 00:34:00,100 --> 00:34:04,000 as well that we're having the conversation of the room it was 592 00:34:04,200 --> 00:34:06,100 I think that's the part that Rose like okay. 593 00:34:06,900 --> 00:34:09,100 This was a good thing to be here for. 594 00:34:09,600 --> 00:34:12,100 I just hope that the next couple days, get a little bit bigger, 595 00:34:13,600 --> 00:34:17,699 but I think the content itself is hopefully going to live up to 596 00:34:17,900 --> 00:34:20,699 Billy's my expectations because I think that there's a there's 597 00:34:20,699 --> 00:34:23,400 something here and it kind of strikes me as you know. 598 00:34:23,400 --> 00:34:25,699 It's a relatively new seems like they'll regret. 599 00:34:25,699 --> 00:34:29,500 So relatively new show. It's for my European based 600 00:34:29,500 --> 00:34:32,199 company think it's Cooper. Miracle is in Germany. 601 00:34:32,300 --> 00:34:34,100 I think is really really Munich Germany, right? 602 00:34:34,400 --> 00:34:37,800 Where they're based out of. So They're much bigger. 603 00:34:37,800 --> 00:34:42,300 I think I'm you know the across the Atlantic I think we need to 604 00:34:42,300 --> 00:34:45,900 go and that fighting Weenie Roast acts that evaluation. 605 00:34:47,199 --> 00:34:52,199 Now my favorite thing of the conference today was what the 606 00:34:52,199 --> 00:34:57,400 food food was really good but specifically one item of food. 607 00:34:59,600 --> 00:35:03,200 I guess the brownies brownies brownies were actually really 608 00:35:03,200 --> 00:35:05,000 good but and I'm a chocolate guy. 609 00:35:05,000 --> 00:35:07,200 So I definitely would have gotten that but no, it was 610 00:35:07,200 --> 00:35:10,000 potato chips. Oh yeah, they were. 611 00:35:11,100 --> 00:35:14,200 Unexpectedly good, you were Dynamite. 612 00:35:14,300 --> 00:35:19,300 Yeah, I'm gonna consider the day one a success just based on 613 00:35:19,500 --> 00:35:23,000 learning how to pronounce whooping your coal and the 614 00:35:23,000 --> 00:35:28,000 quality of the potato chips. Yeah, here's my problem is that 615 00:35:28,300 --> 00:35:32,300 I eat like 6,000 calories a day when I go to conferences, like 616 00:35:32,300 --> 00:35:35,400 this food is too good. That's not something that 617 00:35:35,400 --> 00:35:38,200 normally happens, though. Usually we're eating better 618 00:35:38,200 --> 00:35:39,600 outside of the conference, right? 619 00:35:39,800 --> 00:35:42,200 But yeah. In Previous podcasts to talked 620 00:35:42,200 --> 00:35:45,200 about Oracle World. They remember their lunch was 621 00:35:45,300 --> 00:35:49,000 gotten a long line behind a couple hundred people and picked 622 00:35:49,000 --> 00:35:52,800 up a bag lunch. And then you went and tried to 623 00:35:52,808 --> 00:35:56,800 find somewhere to sit and eat it Force networking with other 624 00:35:56,800 --> 00:36:00,100 people or several. Yeah, I know Gartner does that 625 00:36:00,100 --> 00:36:01,900 not to pick up Carter but like the other tables. 626 00:36:01,900 --> 00:36:02,700 Right. Right. 627 00:36:02,700 --> 00:36:04,800 Birds of a feather, I think is what they call it. 628 00:36:04,800 --> 00:36:07,900 And, you know, it's kind of cool people to see right in your own 629 00:36:07,900 --> 00:36:11,200 like, you know, sometimes awkward small talk for people 630 00:36:11,200 --> 00:36:14,300 who don't really want because social part of another's that do 631 00:36:14,300 --> 00:36:17,400 and you see faces that, you know, so it's good and bad. 632 00:36:17,400 --> 00:36:21,300 But yeah, it definitely wasn't your typical comprises of hers 633 00:36:21,300 --> 00:36:24,900 to people like the quiet people. One of the like exam like yeah, 634 00:36:24,900 --> 00:36:26,300 these are good. Potato chips. 635 00:36:26,300 --> 00:36:32,700 Aren't they? You should try ones, but I think 636 00:36:32,700 --> 00:36:35,200 I think as far as day one goes into the first successful, I'm 637 00:36:35,200 --> 00:36:36,800 curious to see what happens next couple days. 638 00:36:36,800 --> 00:36:39,200 So I think our plan is to record. 639 00:36:39,400 --> 00:36:42,500 Another one or two more of these, just to kind of cover it 640 00:36:42,500 --> 00:36:45,700 up. But yeah, I'm I am cautiously 641 00:36:45,700 --> 00:36:48,200 optimistic. We'll see where it goes from 642 00:36:48,200 --> 00:36:49,300 here. Yeah. 643 00:36:49,300 --> 00:36:52,000 I mean, depending on how it goes, we might just want to do 644 00:36:52,300 --> 00:36:55,700 daily updates and then tag him to the end of this podcast. 645 00:36:55,700 --> 00:36:59,200 You can kind of see like either the evolution of opinion. 646 00:36:59,200 --> 00:37:00,300 Right. Maybe it's a go. 647 00:37:00,300 --> 00:37:06,500 Yeah it's a is you know it's going to be like for like three 648 00:37:06,500 --> 00:37:11,300 months. Yeah. 649 00:37:11,900 --> 00:37:14,200 Who knows maybe the potato chips tomorrow and I'll be good and 650 00:37:14,200 --> 00:37:15,800 you know I'm going to give him a sailing reading. 651 00:37:17,900 --> 00:37:21,200 All right. Well, I think that's probably it 652 00:37:21,200 --> 00:37:25,300 for today. Yeah, man, and we'll wrap it 653 00:37:25,300 --> 00:37:28,400 there. You've got questions, comments 654 00:37:28,900 --> 00:37:36,700 concerns accolades, send them over to if you're also suffering 655 00:37:36,700 --> 00:37:40,600 from Seattle allergies, Seattle allergies and It's like full 656 00:37:40,600 --> 00:37:45,000 here and fall everywhere. Not about who you are not Lana, 657 00:37:45,100 --> 00:37:48,600 it's not it's set in Chicago, for is still in the 90s every 658 00:37:48,600 --> 00:37:53,400 day, I like that. Yeah, so if you've got 659 00:37:53,400 --> 00:37:57,100 questions, comments concerns, send them to questions at 660 00:37:57,100 --> 00:38:01,500 identity at the center.com and we'll be talking to you in the 661 00:38:01,508 --> 00:38:07,700 next one. You've been listening to the 662 00:38:07,700 --> 00:38:11,800 identity at the center podcast Taxes all episodes visit 663 00:38:11,800 --> 00:38:11,800 identity at the center.com. Taxes all episodes visit 664 00:38:11,800 --> 00:38:13,500 identity at the center.com.