[00:00:00] Speaker A: It's that cross leveraging of experience and expertise that we need to harness not only within organizations, but I feel within Australia. We need to look at sharing information from both worlds and identifying where these threats are converging and how best to negate them.
[00:00:21] Speaker B: This is KDCAT as a primary target for ransomware campaigns, security and testing and performance risk and compliance.
[00:00:30] Speaker A: We can actually automate that, take that.
[00:00:32] Speaker B: Data and use it.
Joining me today is Ben Gessia, Team lead APAC Amir from Flashpoint. Today we're talking about the nexus between cybersecurity and physical security. So, Ben, thanks for joining and welcome.
[00:00:47] Speaker A: Carissa. Thank you for having me.
[00:00:49] Speaker B: Okay, so I want to start with your layer of land. Now, you've got a really interesting background, and it's know great to have people like yourself of your caliber on the show. I think the audience really appreciates people with your background and your knowledge. So, yeah, really appreciate you being here. But I want to talk about your lay of the land, the convergence between cybersecurity and the physical security world. So tell me about this. Tell me everything. What are your thoughts? What do you think people are missing? Just everything that comes to mind.
[00:01:18] Speaker A: Yeah, no worries. Obviously, as you mentioned, it's quite such a broad topic. Look, increasingly we're seeing cyber and physical threats. As you mentioned, they're colliding. So there is a convergence and there is overlap. And most attacks on whether it's people, places, infrastructure involve some degree of online communication. Now, whether that is between threat actors themselves or bad actors pretending to be someone else. And it's this sort of communication which is occurring in the online space, which then filters down into the physical, into the physical environment. So look, real world events are often enabled and bolstered by these cyber related activities. And it's, again, as we mentioned, discussion forums, social media, networking, all those sorts of places that they use to plan these attacks, to identify potential targets, new methodologies or ways of actually going out and conducting these activities. Open source channels, including Telegram, anonymous platforms, four Chan, eight Chan, those sorts of things are increasingly becoming popular with cyber and bad actors looking to conduct, well, not only conduct research, but look to identify potential vulnerabilities and how to exploit those. And it's that sort of online or that public communication that we at Flashpoint look to identify, monitor, and then pass on through our security teams and analysts to help investigate and provide early warning and detection, whether it's government elements, private enterprise and the like.
[00:02:48] Speaker B: Okay, so there's a couple of things in there which was interesting. Would you say, from your experience. So we're talking about the nexus or the convergence between cyber and physical security. Do you think a lot of people out there see cyber and then physical in isolation, rather than the nexus between the two, or the intersection between the two?
[00:03:06] Speaker A: Yes. Look, generally, people do sort of see them as two separate spheres, and neither the two shall meet. But it's this ongoing awareness and education piece at both industry and government that we all need to work on together. So educating and giving information on security tips of where these overlaps occur and how they occur can help assist in elevating awareness generally, not only for government agencies, but the public as well. It's this level of familiarity that the public has with using smart devices in everyday life, everything from banking to ordering an Uber to getting food delivered. And it can lead to this sense of apathy around personal security, understanding that they are actually interacting in the cyberspace, and that interaction will flow through to the physical. And I think people need to understand there is that connection between the two and establish a mindset that they wouldn't physically hand someone a bank card and their details without knowing that person intimately, without understanding how that person was going to use it. So why would they do that in the online space?
In everyday life, there are numerous overlaps that I don't think the general public is cognizant of.
[00:04:24] Speaker B: So why do you think, I mean, even look at an organization, okay, look at a bank. I'm an ex bank person myself. So why do you think, though, people don't see the overlap? I mean, it makes sense what you're talking about, but it's like, well, actually, this cyber threat can actually divulge into a physical threat. Why do you think people haven't thought about that before? They're sort of seeing them, like I said before, in isolation. They're not looking at both of them as a unit.
[00:04:50] Speaker A: Yeah, look, firstly, I think the understanding of how these threat actors operate and what they are seeking to target is slowly, increasingly being understood by the general public. However, as we just touched on previously and in the APAC region, there was a certain level of, I guess, misconception around cyber, cybersecurity and the possible vectors that these bad actors can take. This has also been combined with the increased use of the Internet. So Internet of Things, the industry, Internet of Things, and this has led to an explosion between the mesh of physical information and the Internet, and it's this increased cyber physical systems. Everyone is online, and all these potential vulnerabilities that I just don't think people are 100% aware of. I mean, we love things to be easy, right? So seamless for information to flow, so we're not standing in lines, whether it's at the bank or even trying to get your car registered, but it's understanding where that information actually sits. How it could be used is another thing. Medical care, personal records, supply chains, industry, transport, energy systems, all these types of things are online. A person doesn't quite understand, I guess, the breadth of how far the online environment can go and how it can impact someone. We've seen overseas in a number of countries where threat actors have been able to impact power systems, to shut down grids. We've seen here in Australia numerous data breaches occurring. And I guess for a lot of people, it's over there. It's not in their face. They haven't seen the actual physical ramifications of it. But I think here, particularly in Australia, we're slowly starting to increase that awareness and that education piece.
[00:06:44] Speaker B: Okay, so maybe I want to go forwards and I'm going to go back a step just because it makes sense with where we're at this interview. Can you give me an example on how a cyber threat could potentially lead into a physical threat? Like, it has to be relatively. What's the word I'm looking for now? It has to be something that people can relate to. That's why I'm curious to understand, because that's going to drive that awareness. Because what I also find a lot of these cyber people is like, oh, let's give an example of something, some high level theory that's never going to exist. Right?
[00:07:15] Speaker A: Yeah, of course. Look, at Flashpoint, we've been involved in a number of instances where a threat actor has been conducting research online.
And in this particular case, now, I can't go into in depth detail because it's before the courts at the moment, but this threat actor was online posting about attacking a place of worship. In that they were also talking about how they were conduct, what sort of weapons and methodologies they wanted to use. And this was all occurring in that cyber, in that online space. And it was in these forums. They were talking to other nefarious actors about the procurement of items to go out and to conduct this attack. And the flashpoint analysts were able to identify this chatter, to monitor and to help queue law enforcement so they could go out and arrest this person in the physical space before the attack actually occurred. So, hopefully, in answer to your question, it's those sorts of things that we look to try and identify that are occurring in that online space, but that will have a physical ramification for people.
[00:08:24] Speaker B: Yeah, no, that's excellent. And I think it just blows my mind that, one, people would do that. Two, they're communicating. These types of forums, I'm assuming, was this open source forum.
[00:08:34] Speaker A: Yes, look, it was all open source forums. As we touched on earlier in the interview. A lot of these anonymous type forums are used by threat actors seeking to garner information, whether it's like we said, talking about curing weapons or items. And it's these sorts of things that occurring in the online space, but that have real world physical impacts.
[00:08:59] Speaker B: Would you say from some of the data that you're looking at with your analysts that this is increasing or is it staying the same? Is it decreasing? What are your sort of insights on that front?
[00:09:10] Speaker A: Look, I think it has always been there. I think there has always been a level of nefarious activity occurring, whether it is on the everyday internet that Mar and Pa hop onto, or whether it is on the deep and dark web and in these more anonymous forums. I think in terms of the level that's occurring, it really depends on what is occurring within the geopolitical sphere as well, which is also another can be quite confusing and scary topic at the same time. At Flashpoint, obviously, we queue to identify potential global, whether it's domestic or international political issues, and how supporters of these issues on any side can really look to try and whether it's conduct a protest or a demonstration or something more nefarious. So it's really, I think, just the interconnectivity that we're witnessing, we're seeing that really amplified online.
[00:10:10] Speaker B: So with that example that you use, which is a real example, is that the part that when you're going and you're talking to organization, for example, is that what rattles them a little bit? Do they not think that this is a thing or it's not as apparent as on enough awareness, et cetera, et cetera, et cetera. I'm just sort of curious what people's levers are to be like. Oh, okay, well, maybe I need to start paying attention to it because doesn't sort of sound like much, but if it's something that someone talking about procuring the weapons, how they're going to do it, et cetera, can sort of snowball, which then leads into the actual attack physically taking place.
[00:10:42] Speaker A: Yeah, look, two pronged answer for this. Sorry. It depends on who we're talking to and what I guess their goals are. Obviously with government and law enforcement, they are pretty well versed in how these threats or ideals can actually manifest to impact the real world. But those, I guess, more private enterprise, private organizations, it's the education piece and highlighting these vulnerabilities that can actually, as you said, ratle them. They may not have been aware that such threats were out there, particularly if we're talking about executive protection or risks to supply chains, which we also help defend. It's identifying how this chatter like this noise out in the cyberverse can actually manifest into something that can impact a business, whether it's the bottom dollar, critical infrastructure or their employees.
[00:11:34] Speaker B: So I was in a meeting yesterday with this company that I know, long story short, we're talking sort of about the geopolitical stuff and what these guys are doing to solve that gap in terms of manufacturing stuff here in Australia versus China, for example. Right. And so I was like talking about the geopolitical side of things. They're like, yeah, I just kind of think, KB, people don't want to lift open that trap door to see what's sort of in it. So before, when you're saying about like, you might rattle people a little bit, do you think, how do we go about on the education front? Obviously, we don't want to scare people, this whole fud thing that people at times lead with in the security world, but how do we go about just saying this is the reality of what could happen on an education front without scaring the life out of some of these people? I'm just curious to see your thoughts, because sometimes we just need to say it how it is.
[00:12:23] Speaker A: Yeah, look, I tend to agree, and I think with the flashpoint, the analysts and I guess the expertise that we bring behind it with what we're trying to push out into the intelligence space.
It's a measured report on what is occurring. It is identifying the risks, the threats, where they sit and letting customers know where they are. This enables or empowers a customer to then address it as they see fit. But it is, as you said, within industry, there is always the bottom line up front. There is the sky is falling type message that can come out. But what we're looking to do is just tell it through the facts and the data and to highlight those. Once a person or an organization is educated on what they're facing, that gives them the power and the ability to pivot against this sort of threat and can really sort of look to negate, I guess, that shock factor of what they are potentially facing.
[00:13:29] Speaker B: So it's going back to the example you used before. The person on the forum saying they're going to do all these things. I'm curious to know, why would someone come out and say, were they genuinely that naive, thinking they would never get caught? Or they just factually unaware of how the internet works and there's people like what you guys do that exist out there that are looking to get these types of people? I'm just curious to know what the mindset was.
[00:13:52] Speaker A: Look, as I mentioned, it's before the court, so I won't go into huge detail about it. But when it comes to, I guess, seeking, when they're looking to seek expert advice from other threat actors, that's when they look to sort of engage in these sorts of forums. So, look, I wouldn't really want to comment on that too much further.
[00:14:13] Speaker B: What about just more generally, though, general stuff that you've seen from your sort of point of view?
[00:14:19] Speaker A: Look, generally, threat actors can be quite out there, especially when it comes to breached data, forums, personal details, scams, fraud, all those sorts of things. And particularly on the deep and dark web. I guess there is that sense for them that they are untouchable, that it's an online environment, and that even for them, they will not have a physical threat in terms of law enforcement coming and knocking on the door. So they can be quite forward and quite out there in some of their interactions. So it can be a mindset thing with some of these threat actors that they are untouchable, that nothing is going to occur to them.
[00:15:01] Speaker B: So I've spoken to many people about this at length on their show. So I'll give you an example. I'm keen to hear your thoughts or your view on it. So I spoke to a guy in the UK, he's ex law enforcement, sort of just said the whole interview was around what happens when people get caught, for example, what you're talking about. But then I'm like, well, it's pretty hard at times. It depends on how good people are covering their tracks, making sure that they can't be found out in terms of law enforcement knocking on their door, saying, hey, we know what you've been up to. But then the other points that came up were around, well, depends where you commit the crime. How does that work?
If there's no treaty in place with Australia, for example, you're sort of exempt, and then if you are caught, it's hard to sort of say or prosecute you against certain crimes that you've committed, et cetera. It's where it gets really interesting. And basically the be all end of it was, well, 2% of people actually get caught in the end. And I'm like, 2%. He's like, it could even be less than that. I'm like, that's almost like a road for people to say, well, I'm going to go down it because it's very unlikely I'm going to get caught. And if I am caught, some of the penalties are minimal because it's hard to sort of prosecute people against all of the things. Do you have any thoughts on that?
[00:16:21] Speaker A: Look, it wouldn't surprise me if it's a low number that actually end up being arrested or charged or whatever, but within our organization, what we're looking to do is to empower business, private enterprise, government agencies to negate that threat. Look, as you said, the threat is always out there and they potentially may not run into law enforcement. But if we identify what has been breached, what information they have, it enables the client to really turn around and to try and gain some control back, as you mentioned in the previous interview, I guess because the rate of interdiction is potentially quite low. I don't actually know the figures myself, so I won't comment too much on it. But what does happen is we're able to identify what has been leaked and what the threat actors are talking about, whether it's scams, looking to use person stolen credit card details, car registrations, all those sorts of things. If the person or the organization knows about it, they can then react, change these details, cancel cards, put other protective measures in place, which then goes back and negates that threat actor's ability to get online and to please stolen details.
[00:17:39] Speaker B: Do you think, I mean, forget about government or law enforcement or any sort of intel agency, but just like the private sector, do you think that they sort of forget around the overlap between cyber and physical? A little bit.
[00:17:51] Speaker A: I think going back maybe 18 months, two years ago, I think within Australia particularly, there was, I guess, a level of misunderstanding that if information was breached, well, then potentially there was going to be no real world physical impact. However, I think as we as a nation have seen over the last couple of years, with the number of large scale data breaches that we've had, it's this swathe of information that's out there that has cascaded like it started with one major breach, and now we've had quite a few in a row where we just keep seeing to have these things. And it is impacting people in the real world sense. People are having to go out, cancel credit cards, change details, ensure their own personal safety, because their information is out there and is being used and sold by threat actors to conduct scams, steal identities, those sorts of things. So I think the awareness is increasing within private industry. But I think to your point, yes, there was, I guess, a level of, I don't want to say unawareness, but a level of it won't happen to us, but it has certainly happened to Australia.
[00:19:07] Speaker B: Yeah. The other thing is as well, when I was in the bank, I was in the security space and then there was the physical security team. Obviously we're a bank, but they very rarely, if at all, we had any overlap with them, so we wouldn't really know what those guys got up to. Right.
After talking to you already, it's very obvious that there needs to be this more convergence on more alignment. So what would be your sort of sentiments on getting that alignment? Because it makes sense. Right, even to the example you gave before, even to, as you're speaking, what's coming up in my mind from a financial services point of view, especially if you're in a bank, for example, again, with all of the high profile breaches, people losing their identity, et cetera, stolen credit cards, there's lots of examples, but it still feels that there is this big gap between the two. So do you have any recommendations on that sort of alignment to sort of sing and harmony to one another?
[00:20:06] Speaker A: Yeah, look, in previous lifetimes, before I had gray hair, look, there was obviously the silo of information or the silo of capabilities that, as you mentioned, the physical threat guys, you wouldn't know they existed or that you talked to them. Within Flashpoint, our teams cross pollinated, for lack of a better term. So we share information, we're always talking to one another and we have experts from across the range, so physical, cyber breached, credentials, all those sorts of things. And we're following through and developing threat models, so we're sharing ideas, threat profiles, all those sorts of things that can help really form a holistic picture. So we're drawing information from numerous sources. So to go back to your example, the physical security guys in your bank, I doubt they would have ever come and had a chat to you about what you're seeing and how this could potentially even be extrapolated to a real world threat. Whereas we are now looking for that. It's that cross leveraging of experience and expertise that we need to harness not only within organizations, but I feel within Australia, we need to look at really sharing information from both worlds and identifying where these threats are converging and how best to negate them.
[00:21:31] Speaker B: No, you're absolutely right. And that's the part that I'm really interested in because I worked for Westfield about eleven years ago, and then that was obviously more on the physical side of it and that was an eye opener. And then going more into the cyber side of it. Yeah, no, not at all. There was no one coming down talking to me about what was going on in their world. But then even hearing you now, it's like, okay, I can see where the dots are connecting and that. Yeah, I don't hear much of this in the people that I speak to around that conversion. So I guess this is really important for people to understand. But do you also think as well, that physical, like, I don't know, if I go out and punch someone, you can physically see that I've hit someone. Not that I would make an impact, but cyber stuff, you can't really see it. So maybe it's like that whole theory of out of sight, out of mind. You can't really see necessarily, data getting exfiltrated or something like that, necessarily. But you can go and see, like, I don't know, someone's. The whole building is on fire. Do you think there's a bit of that out of sight, out of mind mentality in here?
[00:22:35] Speaker A: Look, I think particularly within the Australian context, yes, you're quite right. Out of sight, out of mind. I don't have that visceral image in front of me. So therefore, potentially, I'm not understanding the threat profile that I'm actually facing. But with that, we are looking to educate and to develop these products that can show what is occurring online. And this is particularly through the platform and dragging in the data and showing where this activity is occurring and where it's pointed and what it's looking to do. But it is definitely a work in progress. I think over the last two years, like we talked about before, the awareness of these breaches and cybercrime was quite low. It has skyrocketed over the last two years. But really honing in and giving these examples to people and understanding how these things can impact them is something that will continue for.
[00:23:34] Speaker B: Okay, so you said you got a platform and you're showing some people the stuff. Like some examples. What are the examples?
[00:23:41] Speaker A: Yeah, of course. Look, this is a wide spectrum of threat profiles and threat actors. So it's everything from breached card credentials through to breached emails, through to social media posts and everything in between. And so what we look to do is identify this information and harness it, clean it, put it all together and then give it to the customer in an easily sort of digestible format, as you're well aware. Look, the cyber domain is infinite. There is so much going on out there, and it's hard to identify a threat with so much noise going on. And so the analysts and using the platform, what we're really looking to do is to harness this information, draw it in, and identify what threats your business organization, government department, whatever, facing within the near future.
[00:24:34] Speaker B: So you said before social media posts, what specific about a social media post would deem sort of worrying from your point of view?
[00:24:42] Speaker A: Look, and this is where we start to look at, starting to bring in that physical threat environment. And it's the lexicon, the language, how the person is talking online and what they're talking about. Obviously, there is a whole range of individuals who use the Internet, some of which are just using it for what it was, I guess, initially designed to do. Keep in contact, speak to loved ones, show off on your latest holiday over to Greece. However, what we're looking at is the wording, the way people are interacting and how they're conducting themselves online. So, look, when it comes to social media specifically, so identifying the networks, who is talking to who, what they're talking about, and how that could actually be extrapolated to a real world incident, much like the potential attack on the place of worship. That example that I gave earlier, that's the sort of stuff that we're looking to identify and to give to the customers.
[00:25:42] Speaker B: Okay, so here's an example. I'm Carissa Breen. I'm going for a job, quite a senior job. You guys roll up, do some reconnaissance on me. I'm a weirdo. On social media, you find some stuff, you send it back to the client, potentially, you don't get the job. Is that the type of stuff that people can expect as well to sort of see? Because, I mean, look, I have a pseudonym, sort of social media prep. I'm not to the same sort of degree you guys are going here, but there's certain things that I'm curious to look at. How people are interacting, who they're following, what they're doing. There are some very strange cats that are on the Internet. Was that sort of an example of where social media could be used against someone if they're going for a job.
[00:26:21] Speaker A: For example, look, in terms of, I guess, executive protection, force protection, and then obviously critical infrastructure protection, companies are more and more interested in what is occurring in that online space. And so identifying any potential threat that could evolve into being an insider threat, being a bad actor, from internal sources, using information from multiple sources. So not only social media, you'd be looking to identify other activities outside of your normal Facebook Twitter type activities, to build a holistic picture of that threat profile.
[00:27:01] Speaker B: So you said other sources. What are the other sources that you would sort of put into the mix, sort of adjacent to social media?
[00:27:09] Speaker A: Look, it would be, again, the online chat rooms within deep and dark web forums, those sort of more nefarious places that are of concern, particularly for big business, government agencies and those type of things, to identify the activities outside of that normal social media presence that people have online.
[00:27:34] Speaker B: So has there ever been an instance, Ben, where in your experience, that you've conducted some of this recon and you've taken it back to the client, and they've just sort of said, oh, this person potentially could be an insider threat, their potential risk? Have you seen much of that happening over your time, or not really? Or is this more of an emerging thing that people are starting to conduct on senior executives, for example?
[00:27:57] Speaker A: Look, I have not seen it personally, so I wouldn't look to comment on it. What we look to do is to give the readily available information to the client in a format that they can digest and look at, and then the call is up to them. However, in terms of executive protection, that is something that we're starting to see more and more of. So what we'll do is identify where an executive is going to travel to, and we will conduct a threat assessment on the destination, on their travel routes, and identify potential physical threats, whether they be geopolitical, whether there has been a severe weather alert, but then also whether that person has been mentioned in these forums, and whether there is someone looking to potentially conduct a protest against them, or even worse. So we are starting to see that executive side of things increase. Concurrently, we're also seeing an increase in protection to supply chains. So identifying those vulnerable points within the physical space and then backtracking those into the cyber environment and identifying those people or threats who are potentially talking about it or looking to reach out and impact them.
[00:29:15] Speaker B: Sorry, just to press on a little bit more. Just so I'm clear, when you say supply chain, if they're talking about them, can you sort of elaborate on a little bit more? Like what specifically? Just so I get a clear picture?
[00:29:26] Speaker A: Yeah. So within the supply chain, obviously big business, whether it's high end electronics or production, a number of these items have separate components produced elsewhere, globally. And so within that supply chain, what we're looking to do is identify where there are physical issues that could potentially impact a factory, the transit of these components, those sorts of things that can delay production times, increase costs, and really impact a business's ability, one, to operate, and two, their bottom line. So what we're trying to do is identify whether there are large scale demonstrations, whether there has been a severe weather incident occurring, and whether that will impact a plant's production concurrently. What we also try and do is keep an eye on those geopolitical issues so those things that can impact a workforce and whether they will be showing up to work, whether there's large scale civil unrest, those sorts of things that can impact a company's ability to produce items.
[00:30:29] Speaker B: So where would you say the biggest blind spots are when it comes to the convergence between cyber and physical? So you mentioned awareness education, also moral alignment. I think that this was an important topic to cover, something that I've sort of spoken about, but just bumming up to the same level of fidelity that you sort of shared here today. So I'm just really curious, what is it specifically that people can sort of take away that maybe they haven't considered or they're not thinking about in their business?
[00:31:01] Speaker A: Yeah, of course. Look, I think that the education and the awareness for the individual person is certainly something that we need to work on down here in Australia, but also industry and within the global context. So we need to enable and empower people to take control of their own personal security, to really sort of harness a person's self awareness when they're interacting online. If we can start to build that awareness and empower people to stop the basic sort of scams that you might see, like phishing or smishing or whatever else coming through, that will help start to sort of solidify our online presence. But then also, I think it's just highlighting and educating government and big business that there are these links that, yes, we have started to see that over the last couple of years in Australia, large scale data breaches, and we're starting to see that trickle effect now into the physical space, but also understanding that these are real world impacts that we need to look at them, we need to highlight, we need to educate across the board to really increase the awareness. And as you said, address these blind spots where, when I first started in intelligence, way back when you were right, there was minimal talk about the convergence between the cyberspace and the physical environment. But now it's something, as we're moving through the Fourth Industrial Revolution, it's something that we're going to see more and more, and it's something that we need.
[00:32:37] Speaker B: To get across, so just quickly as well. I'm curious to know ex Intel. I've seen a lot of ex intel people. Is there anything you sort of learned from working in that field that you can sort of share with our audience because people love this type of stuff. Is there anything that sort of comes to mind in terms of any skill sets or characteristics that you've learned from that background?
[00:33:00] Speaker A: I think within the intelligence profession, we need to be able to share the information, share our experiences. So we don't have the same situation that you went through in the banks or that I've been through previously, that we have a capability and a function that is sitting across numerous threat profiles. I think it's that increasing the awareness and the sharing between us as professionals is going to do us a favor as opposed to everyone seeking to, I guess, build their own capability or their own little sandcastle. So it's the ability to share information and to be willing to learn, I think, is also something that we need to look at. I started off purely squarely within the physical realm.
I was a soldier. And what is this weird cyber thing? But over time, learning and developing within that professional sphere is something that we all need to do.
[00:34:02] Speaker B: Would you say with your background you can start when you're talking to someone or even if you're out just walking around? Like people that act suspicious, is there anything that they look dodgy or there's something off about them, like, whatever it is, is there anything specific that illuminates potential threat is not the right word, but something's off with them. Is there anything that sort of comes to mind?
[00:34:22] Speaker A: Bad actors? Oh, look, I think anyone sort of listening in or anyone who's had experiences previously would, I guess, with them have the 6th sense or that ability that something is not quite right, this person is, for one reason or another, making the hairs stand up on the back of my neck. But it's mentioning that where you need to carry that sort of sense with you when you're interacting online. So if you get the email or the message or the random phone call out of the blue, that is unexpected, out of place, out of the ordinary that you need to start to, I guess, look after yourself a little bit.
[00:34:59] Speaker B: So is there any sort of closing comments or final thoughts you'd like for the about audience with today?
[00:35:04] Speaker A: Well, first of all, thank you very much for having me on the show. Really appreciate it. And then secondly, I think it would be for the listeners look to share the information and their experiences across the board. It's that wealth of knowledge that we have within this kind of profession that can really, if we join together and really look to harness that experience, we can really look to counter these sorts of threats that we're facing within the cyber and the physical world.
[00:35:41] Speaker C: This is KBcast, the voice of cyber.
[00:35:45] Speaker B: Thanks for tuning in. For more industry leading news and thought provoking articles, visit KBI Media to get access today.
[00:35:53] Speaker C: This episode is brought to you by Mercksec, your smarter route to security talent Mercksec's executive search has helped enterprise organizations find the right people from around the world since 2012. Their on demand Talent acquisition team helps startups and midsize businesses scale faster and more efficiently. FInd out
[email protected] today.