Karissa Breen [00:00:10]:
The 2020 Partners Dialogue sits at the edge of possibility where security meets technological ambition. Anchored by AUKUS and powered by cross sector collaboration, this forum is focused on one question, how do nations stop consuming innovation and start co-creating strategic dominance? The 2020 partners even took place in Australia in Adelaide and Canberra. But stay with me, I’m bringing you all of the insights. I’m Karissa Breen and this is KB on the go. Let’s get into it.
Joining me now is Neha Idnani, Regional Vice President for Eutelsat OneWeb. And today we’re discussing satellites as critical infrastructure that’s powering connectivity and and sovereignty. So Neha, thanks for joining me and welcome.
Neha Idnani [00:01:02]:
Thank you so much Karissa, thanks for having me here. Great to be on.
Karissa Breen [00:01:06]:
I’m really interested in what your business does because it’s unique. There’s not a lot of people out there that sort of really doing it. And I have a thousand one questions for you, but maybe let’s start with There are only two global leo, so lower Earth orbit constellations running today at Utilstar, which you operate one of them. Right. So I want to talk about the significance of that from a sovereignty scale capability perspective. Walk me through it. How does this look in your eyes, Neha?
Neha Idnani [00:01:36]:
Perfect.
Karissa Breen [00:01:37]:
Yeah.
Neha Idnani [00:01:37]:
So LEO as we call it, which is as you rightly said, karisa Low Earth Orbit Satellite Network is a network that delivers essentially high speed, low latency connectivity from space instead of from the ground. So by the sheer nature of how LEO satellite networks are, they’re able to be global and reach every nook and corner of the earth, be it air, be it land or sea. So essentially a global telco you could say from space. You rightly mentioned we at utilsat are one of the two only leos constellations today operating in the globe. And the other differentiation that we have is that we are the only satellite service provider which is both LEO and geo to complement the two technologies that are out there as far as UTILSAT is concerned. Our OneWeb constellation, which is our Leo constellation, we follow a B2B B2G partnership led model working with telcos, enterprises service providers in the specific country. Because you know, we are strongly a believer in the fact that satellite is there to complement terrestrial it is not a replacement for terrestrial. It is a primary service where terrestrial networks are either technically or commercially not viable or a very strong secondary service.
Neha Idnani [00:03:16]:
When terrestrial networks either go down or just having second layer of backup connectivity for terrestrial networks, more and more governments are wanting sovereign secure Resilient networks as extension to terrestrial networks. That is where operators like us come in. We are already a proven LEO system. As I said, we are one of the only two live. We are actively delivering services across the globe, be it for commercial use cases or defense use cases, across land, maritime aviation, across critical national infrastructure. There are a fair few deployments in my home region, which is Asia Pacific as well. And in essence, I mean, if I were to summarize, this is, you know, a lever or a tool for digital transformation and dependable comms and national resilience across geographies through a layer of infrastructure which is complementary to terrestrial infrastructure.
Karissa Breen [00:04:23]:
Yeah, this is really interesting. So I, A few years ago, I’ve interviewed one other gentleman that spoke specifically about leo, geo, et cetera. Do you think that people understand, like, it’s pretty complicated to just randomly get a satellite sort of up in space. Right. So keen to maybe understand that a little bit more. Because when we think of just how things run, and I’ve used this example before, Neho is this. We turn the light switch on, the. The light just works.
Karissa Breen [00:04:52]:
And I don’t think people have an appreciation for the mechanics of how these things sort of operate underneath. So could you sort of talk a little bit more about this? Because I think this is really important and it’s important because it’s linked to critical infrastructure. When something goes down, there’s a massive problem and it’s a big flow on effect.
Neha Idnani [00:05:09]:
Absolutely. I think, Karissa, you hit a very important point. In fact, recently as well, I was in a discussion and something similar came up. You know, Jio Leo Mio, all these terms being thrown around. But the reality is in today’s day and age, all that matters is being connected. All of these technologies are essentially a, you know, a connectivity tool. And the toolkit of connectivity service providers, whether it’s an end customer, an end enterprise or an end government, you hit the nail on the head. What they really care about is staying connected at all times.
Neha Idnani [00:05:50]:
What’s going on in the back end, one doesn’t know, one doesn’t want to know. But the reality is these constellations are very intensive, both from a capital and time standpoint, to actually put up there, as I initially mentioned, right. The sheer nature of how Leo constellations are. You’re talking about hundreds of thousands of satellites that orbit the Earth at a pace that one couldn’t have thought of in the geostationary world. And they’re constantly orbiting the Earth. And therefore the sheer nature makes them global. And that’s why in terms of investment, you’re talking billions of dollars. In terms of time, you’re talking a fair few years to deploy a constellation and then actually enter into a market.
Neha Idnani [00:06:37]:
We’ve realized having built a constellation once, there are multiple layers associated with it, be it putting the, you know, first. When you start off, some of us have been involved in this journey for a fair amount of time. So when we started, you know, we thought, okay, main thing is getting these satellites up there. Then when you start building the ground infrastructure, you realize, oh, the ground infra takes time as well. And then comes the path when you actually start entering markets. This was an uncharted territory, right? Ngsos did not non geostationary orbits operators did not exist. Then we realized regulatory and licensing is something that we had to work from the scratch. There are still some countries that we are working with governments and regulators to open up markets.
Neha Idnani [00:07:24]:
So yes, behind the scenes a lot goes into actually putting up a low Earth orbit constellation up there and actually make it operable to serve the various governments, etc. However, that’s behind the scenes. But when you see actual deployments at scale, the. That’s where the difference comes in from a customer standpoint. Back in the day, I mean, if you had to mobilize an alternative form of technology, you would have to think about a lot of infrastructure being put up, et cetera. But when it comes to low Earth or with tomorrow, you know, God forbid there’s a natural disaster. The sheer ease of deployments of terminals on the low Earth orbit side, or the speed with which you can activate or switch on, as you Karissa said, is fundamentally changed with the size and deployability of our terminals. You’re talking of a few kilograms.
Neha Idnani [00:08:25]:
You can pick up a terminal and deploy it in a region that has been impacted by disasters in a matter of minutes. We are not talking days here, we are talking about minutes. Get a terminal moving, send it to a impacted location and switch on. The second scenario, of course we have, which is what a lot of governments are working with us, is have a LEO terminal deployed as a constant backup. So essentially it’s ready for use when the primary networks fail. So it is basically to summarize an immediate independent alternative path for critical data keeping national systems online when ground infrastructure or some terrestrial comms go down and it can be reestablished very, very quickly. Share with with such a backup infrastructure, always ready to be turned on, as you said.
Karissa Breen [00:09:28]:
Okay, this is really interesting. So a couple of things in there would be, you said being connected. So as you’ve Noticed probably nowadays something goes down for even a short amount of time, people already complaining. There’s stuff on Twitter slash X that people are saying online, so it’s even more important. But then also to, to further that point, NEHA would be regulators. So I’m an Australian, I live in the US but regulation in Australia is a lot. And what we’re seeing with critical infrastructure, these things need to be operating all of the time. And you probably would have seen recently, large telecommunications provider, there was an issue, people couldn’t call triple zero, which is the equivalent of nine, one one.
Karissa Breen [00:10:08]:
People unfortunately lost their life to that. And I sit back and I think, well, we’re in 2025. Like this seems quite rudimentary for something like with how we are with technology today, like people are just not going to accept that and they’re moving forward. And then to your point, as you’re the backup, so I sort of see what you’re doing is the generator. So I mean I’ve come from a regional place as to historically growing up, the power would go out, we had a generator, we’d back it up. It may have been like a little window back then in like the 90s, early 2000s, but you had a backup. And so I think that this is what people are going to want more of and a lot more resiliency really needs to come to the forefront.
Neha Idnani [00:10:50]:
Absolutely, absolutely. Well said, Karissa. So a couple of points that you touched upon there. So one, the regulation aspect of it, which is where we take a lot of pride in the way we have shaped our thinking and our go to market and our partnership model. Karissa 1 and also the sheer nature of our network. So I’ll touch on a couple of points there. One, as I mentioned, that we are not a direct to enterprise, direct to consumer or government business, but we partner with local operators. So take for example in Australia we’ll work with a Telstra and an Optis.
Neha Idnani [00:11:34]:
In a United States we work with an ATT and an hns. So one, we get into every market working with the local operator in that market who has the relevant licensing, besides the licensing we need as an NGSO to operate, who has the relevant licenses and understands the relevant requirements, both from a telecoms and a security perspective for every country, number one. Number two, our own infrastructure, which I can of course talk about in a little more detail as well, is built on security. High levels of security, high levels of encryption and it is a fully private network. We are not a best effort Internet solution which really protects the data security the levels of dependability that is required from an enterprise grade network. So besides the security and encryption, we come with very strong SLAs around the reliability of our network, which is not about contention and overselling, but actually having a network which is highly dependable. So that is around the regulatory and security aspects of our network. The second bit you said.
Neha Idnani [00:12:59]:
Absolutely. I mean I can talk about a few instances about the criticality of being a always available backup network. There could be two scenarios. I mean, for example, if I can talk about one of my home markets which is Taiwan, we have deployments which are fully catering to the resilience requirements. So multiple terminals have been deployed by our telco partner Chunghua Telecom to make sure there is a always switched on live backup network. But at the same time that is not the only way of doing it. Take for example where in Myanmar there was a recent disaster and unfortunate earthquake that took place. Within a day the Indian army mobilized, so I’m not even talking in Myanmar.
Neha Idnani [00:13:53]:
Within a day the Indian army under the Prime Minister’s Operation Brahma mobilized our OneWeb terminals from India to Myanmar and were able to set up a mobile medical sort of a mini hospital site. And we were the only and the first form of connectivity that was made available in that disaster impacted region. So that is also the ability that not only to have a fully redundant backup ecosystem ready, but also with the sheer nature of it, of having a global scale, you can actually pick up a small terminal of a few kilograms and port it to another part of the world and have it switched on for such situations. The third point I do want to touch upon is while we are talking about, you know, this critical comms and backup and resilience. So we do still need to remember there are parts of the world where a terrestrial infrastructure still doesn’t make technical or commercial sense. And I’m not just talking about the developing economies, I’m talking about developed economies as well today where the scale does not justify telcos laying fibers of many square kilometers for a few people to be connected. Or take for example aviation flights, connectivity in flight connectivity, maritime naval requirements, air force requirements. These are use cases where satellite is going to be the only form of high speed low latency connectivity that we have available.
Neha Idnani [00:15:43]:
So today networks like ours are able to address both the primary and secondary needs across various use cases be it air, land or sea. We’re able to address use cases that support command and control ISR mission critical activities of defense across the globe.
Karissa Breen [00:16:06]:
And then so NEHA with for example like national security maybe just quickly touch on that, like, what does this sort of mean now as well? Because as you as you’re aware, geopolitical tensions are rising. How does this all link together?
Neha Idnani [00:16:22]:
Absolutely. And that’s where, I mean, we do see ourselves playing a very important role, Karissa. We are a both from a sheer shareholding perspective. We are a fairly neutral organization as far as our shareholding structure goes, as a satellite service provider, which is becoming in this geopolitical world, more and more important, you need a service provider who is fairly dependable and not as impacted by geopolitical preferences. Two, it really boils down to the solution, which is where I mean, I may be repeating myself. It is very important that for such deployments you have a infra, you have a service provider who integrates well into a telco or a nation’s existing architecture, which is where we distinguish ourselves. One, we are a private network. We do not carry our traffic to the Internet.
Neha Idnani [00:17:30]:
So it is a very closed, secure network. Solution number two, we are heavily focused on the enterprise and government use case where dependability on the service, on the service level agreements is very high. So that’s a critical component of our network. And as I said, it’s not only our network. We work with telco. So there is another level of encryption and security that gets added by integrating into telco networks, which is very critical for nation states. The other aspect I do want to touch on is Karissa, when we entered into this space and into these markets, we said we’ll work with every country and customer, understand what their requirements and pain points are. We didn’t say we’ll have a one size fits all, best effort solution which can be bought off the Internet.
Neha Idnani [00:18:29]:
We went in, we are talking to the Koreans, the Taiwanese, the Japanese, the Australians, to really understand how our LEO capability can A, integrate into their architecture, B, solve a problem which is not addressed currently through terrestrials or other forms of communication. And with all of that work, what we’ve been able to do, Karissa, is actually build, if I may say, sovereign capability. We are a global satellite constellation built for regions built for sovereign capability. We’ve also come up with solutions where while you’re using my satellite service from a global constellation, but we are building physical infrastructure in a country for the, say, defense requirements of the country so that physical infrastructure can be owned and operated by the air force, the army, navy of that country. The traffic of that network can be managed fully by these government agencies. We have capabilities which are very critical for critical comms like gps, Masking, GPS obfuscation, anti jamming, all built into our solution. So in essence what I want to leave here with you is that what we’ve done differently is actually made tailor made solutions. Even though it’s a global constellation, we’ve regionalized our solution to these secure comm needs and national critical infrastructure needs.
Neha Idnani [00:20:11]:
So essentially not a one size fits all. This is my network and this is what I do. But actually understanding how do we customize our network and our LEO solution to cater to the needs of the nation state. And one last point, it’s really interesting which is something which is often overlooked. One, as I said, we are built on the pillar of security across, be it our infrastructure, be it cybersecurity, be it people. I mean we pride ourselves to high levels of encryptions between site to site, link to link, et cetera. But even the sheer nature of LEO constellation, if you think about it and the technology behind it, a user terminal of ours, which is what is used by the end customer to connect to the satellites, does not speak to a satellite for more than two minutes. Each of our satellite has about 16 beams in it cursor.
Neha Idnani [00:21:12]:
So each beam the UT is not talking to for more than 11 seconds. And if you break that down, each of these beams operates on a different frequency. So it is so difficult to jam or intercept a network like this. You know, I’m giving some of these examples just to show the sheer nature of a network like this built with further bells and whistles, the way we’ve done it is so built to suit for these critical infra critical comms need for governments in situations where security encryption sovereignty is very, very important, particularly in the geopolitical world of today, as you pointed out.
Karissa Breen [00:21:56]:
Joining me now is James Tennant, partner and head of JPAC at BOKA Capital. And today we’re discussing building the future of force and what this actually looks like. So James, thanks for joining me and welcome.
James Tennant [00:22:08]:
Thanks kb. Looking forward to it.
Neha Idnani [00:22:10]:
Thanks.
Karissa Breen [00:22:10]:
Okay, so James, you know, we’re friends, buddies, whatever you want to call it. You’re obviously jumping around the globe at the moment. You’re doing a lot of great stuff. So let’s maybe start with maybe your view across the hubs. You are going around now I know at the moment you’re in Abu Dhabi, but you switch between Sydney, London, the us you’re obviously now in the uae. But I’m really keen to maybe get your view on the geopolitical investment vibe. You know, what are you sort of picking up globally? What’s on your mind? When I ask you that question, sure.
James Tennant [00:22:41]:
So I think just for a bit of phrasing, I mean, I am a partner with Bocker when I look after sort of the Southern hemisphere, so that mostly includes Australia, Japan and now the Middle east, which I’ll dive into a bit later on. Bocker itself focuses on NATO and Aukus. But I’ll give you, I’ll give you a few insights into what I’m seeing probably around Orcas and then, you know, a few other ones as well. So even those three financial hubs, you can feel that capital has become geopolitical again. And, and it’s not just financial. I mean, if you look at London, post Ukraine, post Brexit, you sit in meetings now where people are talking about economic security as like a normal category or thematic for private equity or infrastructure funds. Washington and New York, they’ve formalized this with something called the Office of Strategic Capital. And it’s really incredible what they’ve done actually.
James Tennant [00:23:26]:
So around 2022 or maybe even early 2023, they built this thing called the OSC of strategic capital. And it was to help bring private capital into 31 different defense and dual use technology categories. It’s really spurred on a lot of domestic manufacturing. It’s a loan program and I think they had like over 200 applicants and roughly like $9 billion of demand come through that. That’s really unique for the us. The UK and Australia are starting to get there, but not just not, not quite yet. I would say that New York in particular is starting to see the capital markets more of the battle space now. So it’s not just, you know, numbers going up and down.
James Tennant [00:24:02]:
They’re really seeing it as something as part of their strategic competition, especially in the region. So Sydney’s waking up late, but it’s waking up fast. I would say Australia sort of follows that as well. Orcas has forced Australia to think more like a system, but we’re heavily skewed towards submarines. Some of the things we are doing is we’ve now stood up something called the Advanced Strategic Capabilities Accelerator. And that’s starting to help companies that are in sort of TRL 6 level. And TRL is technical readiness level. It’s between 1 and 9, 9 being fully commercial, 1 being kind of a blank piece of paper.
James Tennant [00:24:33]:
And they’re helping those companies that are sort of in that valley of death so that, you know, past the early stage, they’ve got something proven and now they’re starting to build. So we’re starting to have a bit more of a deep Patient tech aligned capital stack that you know, can handle sort of the 10 year defense timelines. I would say that London is starting to think differently as well. I mean even yesterday I think we saw a $500 million program to try and get AI stuff up and running. They’ve now had a venture capitalist run that as well, which I think is super, super interesting. And then in other regions, sort of outside of Walkers, you can look at Japan, you can look at uae. UAE has been really forward leaning. They’ve started something called edge, which is sort of a defense program, defense entity that’s spun out of the government and they’re acquiring fast, they’re building fast.
James Tennant [00:25:19]:
I think, you know uae, you had to take your hats off to them. They are doing some really, really amazing stuff. Japan obviously has been quite an insular country, but they’re starting to change things as well. So even from a policy level they are doing some really amazing stuff. They’re now allowing for international companies to sort of thrive within the region and they started to export defense technology as well. So I mean really answering your question, there’s a lot going on, there’s a huge vibe, there’s a huge buzz about all five countries. And I think that’s really built off the back of, you know, you can see Israel and Palestine, you can see Europe, Ukraine and Russia. But now the world’s sort of woken up, things are starting to move quicker again.
Karissa Breen [00:25:55]:
Okay, so the part that I really want to know about as well, so online obviously I’m a media, we’re seeing a lot of like, you know, the Sam Altman’s and friends, they’re obviously talking a lot about investment into AI. So would you say that equally the same amount of money is being invested into military defense, et cetera, as it is with artificial intelligence or where do you sort of think that that sits?
James Tennant [00:26:16]:
They’re a bit commingled to be honest. If the question is direct, as is AI getting more funding than defense? The short answer is probably yes, especially when it’s within defense capability. Obviously defense budgets are ginormous, but AI is really the big buzz at the moment. And just trying to think of some of the programs. I mean the UAE has their Stargate program in conjunction with the US. I mean you could see things like SoftBank have put in hundreds of billions into a program like that. Governments are starting to put sovereign capital into those programs. When it comes to defense capability, especially the more nascent stuff or the earlier stage stuff, they just don’t get that sort of money.
James Tennant [00:26:55]:
And the reason being is that they’re not, I guess, sophisticated or exquisite enough to be able to spend that type of money on it. So I’d say that it’ll continue to grow, but AI really is the word du jour at the moment.
Karissa Breen [00:27:07]:
So the other thing that I’m really interested to know, James, is when you’re talking to these founders or people that have built a little bit of a capability that makes sense and they’re scaling across orcas, what do you sort of look for though? Like yes, tech is one thing, what they’re doing with government is another thing, or governments for that, that point of view. But then also what about the capability of the founder? Right. So it’s like sometimes you can get really great tech, but the founder, the founder sucks. So how does that sort of sit with you in terms of what that you’re looking for as a company who invests capital into these businesses? How do you sort of see that playing out?
James Tennant [00:27:42]:
So from a Bocker Capital perspective, I mean we’re a growth equity fund, which is slightly different to say a venture capital fund. Venture capital is looking at very early stage technology starting to grow, starting to find its feet. Early stage founders, maybe they haven’t built something before, maybe they have growth equity starts to look at companies that have revenue, they’re starting to get into EBITDA generation. So we have a bit of a different lens when we’re talking to founders, if you will, because technically or typically I should say they are more, I suppose further along the line of the business journey than, you know, early stage founders. And that means that they have contracts, they’ve got government relationships, they’ve got a large amount of staff that they’re managing probably over a few years. And so that’s the way that we think about making investments. And you know, we’re not looking for those 10x100x type returns, we’re looking for anywhere to 4 to 8x. We want to help those companies land and expand at different jurisdictions, including Japan, the uae, Australia, uk, us.
James Tennant [00:28:39]:
So we, we have a very different lens, which I quite enjoy because I think when you’re looking at venture style investing really does come down to the founder. I mean one controversial thing I’ll say is not all defense technology is good technology and so therefore doesn’t deserve to be funded. However, the ones that do have something new and novel and interesting that you know, the forces can use, then it really was going to come down to is the founder, the person that I’m happy to give my money to and be the Financial steward of that money because really once they take it on, they have, they are beholden to the investors. And so, you know, I would always recommend that early stage founders don’t take money on early if they don’t need to because it changes the dynamics of your business for sure.
Karissa Breen [00:29:21]:
Okay, so you said doesn’t deserve to be funded. So what sort of defense tech we talking about? Are you just saying there’s anyone out there that thinks they’ve got a bit of something, maybe they’ve got a little bit of clients, maybe, maybe it’s across August, et cetera. But what do you sort of mean by that? A little bit more?
James Tennant [00:29:36]:
I mean, I suppose what I’m trying to say is not all ideas are good ideas. And you know, it takes some time to figure out whether or not it’s good. Do you have to find product market fit? Does the end customer actually want the thing that you’re buying? I mean, sometimes the answer is no, and it’s a hard pill to swallow, but you have to figure that out fast and quick and move on. I think you see a lot of people cry out, especially when it comes to defense funding from the government, saying, oh, there needs to be more programs, there needs to be more grants, there needs to be more support for founders. But my personal opinion, it’s probably not the opinion of the firm or any other person I’m associated with, is that not all ideas are good ideas?
Karissa Breen [00:30:10]:
Yeah, I think that’s fair and that’s a good point because I’m often hearing people that are coming up to me saying, oh, there’s another funding or for these government programs, et cetera, can’t get in there. So maybe you’re just saying the tech just isn’t good enough and nobody wants it. And that happens. Right, because people build tech products all the time that people don’t want. So what do you sort of think now for Australia being traditionally more reserve market, would you say? And I know you touched on this earlier before James, do you think they’re sort of getting out of this phase of being reserved because they got to move now, people’s backs are against the wall, geopolitical tension is rising. We can’t sort of sit on the fence anymore. From a defense perspective?
James Tennant [00:30:49]:
Yes, I would say that’s the case and there’s a few examples I would point to in Australia. So we had some early stage programs called the Next Generation Technology Fund, the Defence Innovation Hub, and they really spent quite a lot of money on very early stage technology without knowing that it had A capability manager at the end within Defence or within government to take that on. It’s now moved to this ASKA program, like I mentioned before. And the interesting thing about that is that no technology will get funded through them unless it has a dedicated capability manager that knows that the force will end up using it. So I think that shows very quickly that we’re sort of getting out of the early stage stuff and started to get more into the will the capability actually land in the hands of the war fighter? The other thing you can point at is a huge amount of funding has gone to things like Anduril. They’ve done a great job getting money from Navy and from government as a whole for their Ghost Shark program. And they’re even building large exquisite platforms within Sydney now. So you can see that the stuff is starting to move further up the curve.
James Tennant [00:31:47]:
And I’m not sure if that’s from a geopolitical standpoint and Angela’s a very big US company. Maybe it’s a posturing there or if it’s from the need that, you know, there are geopolitical tensions throughout the world, Ukraine, Russia being one of them. I think things actually need to get in the hands of the warfighter quicker and therefore the early stage nascent stuff is probably going to lose some funding because of it.
Karissa Breen [00:32:08]:
And then what would you say? Because obviously you’re speaking to these people out there more than more than I am. What do you think is really overhyped? Or what’s the thing that your sort of eyes glows over when you hear the same sort of thing like, oh, I’ve got this thing that I’m building or I’ve started doing this or at this stage. Now, is there anything that stands out for you?
James Tennant [00:32:24]:
I think people, when they use they overuse buzzwords. Right. So AI has been around for a long time. It’s been around in many different ways. It’s been from self updating spreadsheets to machine learning to big data. Now AI seems to be the one getting down to the bottom of do they actually have something new and novel or are they just rewrapping other products to get to an end? That sort of delineation is quite important.
Simon Hodgkinson [00:32:48]:
Important.
James Tennant [00:32:49]:
There’s other massive buzzwords as well. Quantum is one of them. But there is some very legitimate reasons to have quantum technology as well, especially when it comes to position, navigation and timing, which means not using GPS to be able to find your way around the world for planes and boats and whatever. But there’s a lot of overhyped Quantum. It’s a very hard thing to sell. It’s a very hard thing to sell commercially. And so there’s a lot of people trying to do stuff. But is it commercially viable? Unsure.
Karissa Breen [00:33:15]:
So then what about some of these businesses that you are talking to, whether they’re in Australia, in the Orcas region, or even to zoom out five eyes sort of countries as well? How do they scale? So just so they started in Australia, how do they scale within those regions, would you say? And what’s sort of holding them back?
James Tennant [00:33:30]:
Okay, so when a company is looking to expand into other regions, firstly they’ll have a few signals that will tell them to do so. There may be a buy demand signal. Maybe they’ve sold to the US government. Now the UK government wants it to. That’s a very valid reason for wanting to go somewhere. Equally, they’re going to have to consider their own balance sheet and if it’s something viable for them to do. A lot of these companies keep reinvesting for growth domestically, but do they have enough money to do that internationally? And that’s something that the founder has to weigh up. I would suggest, and this is my free advice, is find good advisors that can help you in that region and land and expand efficiently, capitally, efficiently as well, and also make introductions to the relevant people.
James Tennant [00:34:09]:
I mean, I see a lot of UK and US companies wanting to land and expand in Australia. And one of the big things they don’t know is they have to go onto defense panels to be able to sell their product to the Department of Defense at any sort of meaningful scale. And so they think they’re going to come here and they start, you know, pounding the pavements and paying for, you know, ex major generals or ex intel people on their boards. But fundamentally or from, from the bottom up, they haven’t done the regulatory hurdles to be able to facilitate that. So having a partner, I mean, I know KPMG is a pretty good one that we’ve used in the past, and there’s a bunch of sort of people around that can help. But finding the right ones that can help you navigate that minefield is very important. And there’s obviously different regulatory hurdles in each country, you know, and they’re actually quite significantly different too.
Karissa Breen [00:34:54]:
And then just to build on that a little bit more. So if you’re coming from Australia looking to get into the U.S. or the U.K. for example, would it be the best option to look for a local partner so someone locally in the UK that gets it, gets the game as someone that’s Equally gets the game here in the us. Would that be your advice?
James Tennant [00:35:10]:
I think so. I mean, equally, it’s going to be horses for courses, right? So not every company is going to need that. They may be able to bypass, you know, the procurement rules, but because it’s a sole source tender or, you know, something like that. But I would say typically, let’s call it 80% of the time, you would need someone to help you go through that. In the US has something called FedRamp. Japan, you have to have a local partner that works with you. The UAE, until recently you had to have a 51% Emirati that was on your board or had 51% of the company. These are all very different to each other.
James Tennant [00:35:40]:
There’s not one single playbook per country. Each one requires a different sort of hurdle. So local partners to be able to partner with, to navigate that is going to be super important.
Karissa Breen [00:35:50]:
And then so James, looking forward, like when you think about Australia in the next sort of decade, in terms of orcas, deep tech capability, defence, national security, how do you sort of feel about it? And what I mean by that is, are you optimistic? Are you cautious? Are you both?
James Tennant [00:36:04]:
It’s a good question and one that you obviously have to be careful with. But let’s, let’s look at it from like what’s holding Australian defence tech back? And I would firstly say it’s not a talent gap. I think there’s plenty of great talent in Australia. We have good university programs. There’s a bunch of defence money that has gone into university grants as well to help with getting very early stage technology off the ground in that sort of deep tech region. Isr, cyber sensing, electronic warfare. So from a, from an Australian standpoint, it’s definitely not a talent thing. I would say that the choke point is really around capital doctrine and institutional plumbing.
James Tennant [00:36:40]:
So what that means is, you know, you look at the osc, the Office of Strategic Capital, they’re giving out tons of tons of money in a debt sense to dual use technology. And while we have these new programs, like I mentioned before, ASKA National Reconstruction Fund’s another one. It just doesn’t quite seem to have got there yet. And credit to them, they’ve only stood up recently. So it’s very hard to wrap them over the knuckles for it because it’s very early and they’re still finding their feet. But comparatively to the UK and the us that capital support just isn’t there, especially in the early stage. We rely heavily on grants, pilots and traditional vc, which I think is Structurally mismatched for long term defence sales cycles. So what that means is a VC needs to get in and get out.
James Tennant [00:37:23]:
But defense sales cycles are very long. There may be a 10 year contract with a company and by that contract finishing the VC from like a structural point is going to have to get out of the investment. It’s very tough for Aussie companies to get up the curve quickly. But you know, there is that adage that if you can make it in Australia, you can make it anywhere. So I feel optimistic in that sense too.
Karissa Breen [00:37:44]:
And then lastly, what do you sort of think moving forward? Like what do you think’s on the agenda for 2026 or what is sort of stuff that’s coming up, you know, onto proverbial debt. So what are the things that you’re sort of looking down the barrel at?
James Tennant [00:37:54]:
I’m super interested in this sort of concept of economic statecraft, financial warfare. Economic warfare and I think other countries are starting to look at it a lot. So how do we bring sort of fintech and the financial system to Julius? Technology, defense technology. And just for context, I’m super biased, I’m doing my PhD in this subject, but that’s something that I’m really interested in. So the merger of financial warfare and defense, so I’m not talking about things like sanctions and swift access anymore. I think we’re moving into an environment where credit ratings, capital flows, collateral rules, export finance, even data localization I think is super, super interesting. So I’m like hyper vigilant in that space for any capability that’s sort of addressing it. I think you can see other countries are starting to wake up to that too.
James Tennant [00:38:42]:
I mean Japan has that economic security law that puts supply chains and infrastructure critical tech under a security lens. The UAE has shown how sovereign wealth funds and industry policy, defense tech can now be in a single machine and sort of project outwards into India, Brazil, Europe and now North America. And I’m kind of hinting towards the AI data localization stuff on that, especially that project Stargate. So heading into a decade where the capital stack is as much as a weapon as sort of for structure, that stuff is really, really interesting there.
Karissa Breen [00:39:15]:
Joining me back on the show is Simon Hodgkinson, strategic advisor at Semperis. And today we’re discussing that cyber risk does in fact not take holidays. So Simon, welcome back.
Simon Hodgkinson [00:39:25]:
Thanks kb, it’s always a pleasure. Lovely to talk to you.
Karissa Breen [00:39:28]:
Okay, so Simon, Today we’re discussing Cenbrus 2025 holiday ransom report. So last year I did speak with One of your guys, Jerry Sillers, who came on the show to talk about some of the insights of that report. So maybe I’m keen to get your view on where the stats sort of sit this year. And we’re going to sort of compare them from last year and it’s good to get your insight. So I’m going to start with the first stat we’ve got here, which is 52% of attacks in Anz occurred during weekends or holidays. At the moment I’m in the US Living here and it’s Thanksgiving. So that’s, you know, that’s an example of a holiday. But one of the interesting things here is it says this stat is down from 2024, which saw 69% of attacks occur on weekends or holidays.
Karissa Breen [00:40:13]:
Talk me through this. What’s coming up for you?
Simon Hodgkinson [00:40:15]:
Obviously, with these things, it could be a statistical anomaly, but the reality is the whole cyber is a cat and mouse game. So as people maybe adapt their defenses, you know, recognizing the stat from, from last year and they may be, you know, putting more resources into weekend and holiday monitoring that doesn’t necessari people. So it could be that they’re investing in automation to make sure that, you know, 24. 7 that coverage is there and improving it. A lot of people also use things like outsourced managed detection and response providers, so they are able to cover 24. 7 and leverage the scale. So it could be a shift towards more outsourcing of SOC as a result of some of the insights that we provided. And I also think there’s, like I said, it’s a game of cat in the mouse.
Simon Hodgkinson [00:41:10]:
The attackers are going to be constantly shifting their strategy as the defenders improve their controls. I think one of the other stats we’ll get to talk to is just around major corporate events and we’ve seen a dramatic amount of the attacks occur in there. And also the attackers are leveraging tech now as well. So if you’re going to phish somebody going to do business, email compromise using potentially more sophisticated AI and deep fakes, well, you’re going to want to do those attacks when people are around as well. So it could just be sort of that adaption from the attacker’s perspective as well. So hard to be certain on anything other than, I think, you know, you’ve got to think about cyber as this cat and mouse game and both defense and offense will be changing their tactics. I was going to say every year, but pretty much every day.
Karissa Breen [00:42:06]:
Do you think as well just to build on that? Because it’s towards the end of the year, like we’re all human beings, right? Like naturally we get more fatigued, we get tired, kind of get over it a little bit, you know, now the conversations. People have a lot less patience towards this time of the year. So do you think just naturally given human beings that people start to just check out not because they don’t want to, maybe they’re just tired, they haven’t had a holiday or a vacation for the whole year and they’re just exhausted, so it’s not really their fault. But do you think that naturally people’s guards are down this time of the year because they’ve had a big year, right? There’s a lot of stuff going on and, and you know, some people don’t get that luxury to sort of just check out and take vacations because they got to do this type of work as well.
Simon Hodgkinson [00:42:42]:
I absolutely agree with you. And interestingly I’ve been at a conference this week, the orchestra conference. We had a lady called Rachel Vickery talk about physiology, not psychology. A lot of people in the cyber world talk about the psychological impact of the pressure of working in this environment. But actually, you know what I learned this week? In 40 years in tech, we’d never actually talked about the physiology. I saw a lot in me. As you go through an intense, intense year, you get in towards the back end. There’s an awful lot of pressure for lots of organizations that are financial year run, calendar year at this point, so getting budgets together so their focus sometimes is taken away from the more to day to day operational side still with an amount of intense pressure to finish things off by the end of the year.
Simon Hodgkinson [00:43:33]:
And it is genuinely exhausting. And that can lead to, you know, loss of focus on, on things you should be caring about.
Karissa Breen [00:43:40]:
So now Sam, I want to drop into like another stat Here which is 81% of attacks in ANZ occurred after a material corporate event such as a merger, IPO or layoffs. Layoffs. We’ve seen a lot of layoffs actually this year, even recently. Large telecommunications priority in the United states. States later, 30% of their staff. This is actually up from 2024, which we saw 50% of attacks occurring after a material corporate event like we just mentioned. So talk me through that. Obviously, like I said, there’s been a lot more layoffs this year in terms of big tech players out there.
Karissa Breen [00:44:15]:
But does that, what do you think about that 50% in terms of being up from last year?
Simon Hodgkinson [00:44:19]:
It’s really interesting, I would say a couple of things on that when you’re in mergers and acquisitions space in particular, often the cybersecurity element is an afterthought. One of the things that the CISOs, et cetera, need to do is be sat with the business next to the business, making sure that they’re in things like M and A activity from day one. So looking at sort of the strategy, the jurisdiction challenges, maybe actually doing proper due diligence on the companies that you’re buying. Because when you buy those companies, and even if you do minimal integration, it’s still integration, you’re adopting the vulnerabilities that that organization may or may not have. So I think there’s an element around this whole M and A type space that is just about appropriate due diligence that I don’t think most organizations put in. And so, interestingly enough, if you do the appropriate due diligence, you can use that as a negotiation point on the price of the asset that you’re buying. It’ll be minor potentially compared to the total deal, but it certainly might be enough to investment to put the security controls in place for the organization you’ve adopted. So I think you’re adopting a whole bunch of risks that you’re not really aware of.
Simon Hodgkinson [00:45:39]:
And obviously the attackers are fully aware of what’s being adopted. They know that in a material M and A transaction, people are going to want to make sure that they move through that process quickly because there’s going to be sort of financial and reputational risk associated with it. So potentially there’s more encouragement to pay the ransom if those sort of things occur. So, so I think M and A is particularly interesting there on the layoffs. I mean, yeah, you’re absolutely spot on. There’s just across the globe because of sort of economic uncertainty, there is mass layoffs going on. And that clearly increases the insider risk. And I want to be really clear, insider risk can be malicious and non malicious.
Simon Hodgkinson [00:46:22]:
So if you’ve just been told you’re being laid off and you’ve got financial concerns, you’re perhaps not going to be on your A game, right? Your mind’s going to be on something elsewhere. So you’re not necessarily a malicious insider, just the fact that you’re more likely to make human errors, you’re more likely to click on that link, you’re more likely to not follow the business process around business email compromise about validating bank account changes, et cetera. So the attackers know that then hackers know if they. And lots of, certainly for listed companies, it’s very high profile in the press. So the attackers are going to go after that. And the human is often the weakest link. And especially when you’ve got those kind of emotional challenges, of course you have malicious insiders as well. If you’ve got disgruntled employees, you know they’re going to potentially become a risk to your business.
Simon Hodgkinson [00:47:16]:
They could be the ones that try to extort, they could be the ones that try to sell their credentials to bad actors. And if you think about the criminality associated with cyber, like any criminality, even in the physical world, they tend to take the least path of resistance. So if you know people, a whole bunch of people are being laid off a bunch of money to sell, you know, high privilege credentials, then that’s much cheaper way potentially getting into an organization than trying to hack them from the outside. So I think there’s that human element of people become much weaker during that period, much more open to things like bribery and corruption, much more open to make mistakes and not follow the process that they’ve been following forever. So I suspect that’s associated with this increase as well as, like you rightly say, just the volume of layoffs in the, certainly even in the IT and even in the cyber world. KB is, is off the scale this year compared to last few years.
Karissa Breen [00:48:15]:
So I maybe double down the IPO side of things. So obviously when a company iPodOS, like we see the post on LinkedIn, the if you they’re us, they’re from the Nasdaq, they’re ringing the bell, people want to get that media attention. But would you say it’s a double edged sword? And I hate to be saying this because look, I get it, companies are like, well, we don’t want to be too much in the media because then we’re a target. I mean, look, I think the opposite because I’m in media myself and I think if no one knows about you, no one’s going to buy from you anyway. But then obviously that does potentially open up risk. But do you think that the risk is definitely worth it? Because I mean if you’re announcing some of these big sort of things like you want media attention and like, yeah, given that it may open up a potential incident, but do you think it’s worth it or where does your sort of mind go with that question?
Simon Hodgkinson [00:49:00]:
I would come back to regardless of whether you want media or you don’t want media, you should be doing appropriate due diligence through that process. You should have robust integration approaches that don’t necessarily leave you open. Now again, if you Think about a merger and acquisition. Often there’s one side of that that is going to the buyer is more likely to be less disrupted internally than the organization being acquired. So we talked about that insider risk. There’s more likely to be people it’s susceptible to making mistakes on the organization that’s going to be buying it. So I don’t necessarily think it’s linked to the media. The media aspect obviously attracts attention to the adversaries.
Simon Hodgkinson [00:49:49]:
But no, I think, I think ultimately media is good and organizations need that profile. The problem is people aren’t putting enough effort into making sure that the transactions done with the appropriate due diligence.
Karissa Breen [00:50:02]:
So the next stat here, which is interesting, so 85% of ANZ organizations within in house SOC reduce their staffing by 50% or more on weekends and on holidays which of course increasing their vulnerability. This is also up from 2024 which we saw 78% of organizations reduce their staffing by 50 cent or more. So what do you think about all this? Do you think it’s also distributed to people are burnt out, they’ve moved on, we don’t have the right stuff. Hey, we’ve laid off the stuff. Where does those sort of stats sit with you Simon?
Simon Hodgkinson [00:50:39]:
Well, I think you’ve captured it there, to be honest. KB I think across the world at the moment there’s an enormous amount of economic uncertainty which is leading organizations to cut operational costs. So budget constraints, where do you go? You know, potentially you’re laying people off. Potentially, you know, you’re even reducing your third party contracts. So a lot of people use managed outsource MDR providers. Cutting from 24 by 7 to 5 by 8 or whatever it is can dramatically reduce your cost base. So I think there’s a lot of the world’s economic uncertainty is playing out here where people will be cutting things due to operational costs. I think there’s an issue globally around the whole work life balance as well.
Simon Hodgkinson [00:51:26]:
We’re seeing a lot of mental health challenges across the world and organizations rightly are trying to put in place policies and procedures to make sure that people aren’t harmed when they’re at work. And I absolutely agree with that. But the reverse of that is if that means that they’re giving people more time off, that means they got to recruit more people to do the coverage which increases the cost base. So I think there’s an element of people doing the right thing. So the intent is honorable, but the execution potentially leaves them exposed. From that perspective, I also think this technology is moving on you know, in the same way we are seeing the adversaries use technology, AI, et cetera. You know, more and more organizations are now using technology to automate activity. So potentially allowing that automation to give them assurance.
Simon Hodgkinson [00:52:22]:
It could be false assurance, but assurance over those weekends and holiday periods that they’re doing the right monitoring, they’re automatically responding to those events rather than having humans triage and execute the change. So they may be coming an over reliance on sort of technology as well, or an overconfidence on technology during those periods. And if you link the fact that, you know, the adversaries, given the last stat we talked about with holidays and weekends typically target that period, then, you know, you’ve got to have both. You’ve got to, you’ve got to have enough resources is to, to look at the things that the automation is actually generating and take the right action in response. So I think there’s probably a little bit, but all of that that you opened up within there.
Karissa Breen [00:53:09]:
KB so going back to economic uncertainty, do you think, or how do you think 2026 is going to go now? Do you think it’s. It’s going to go back to where. Not back to where it was, but things may get better because with uncertainty it just takes a little bit of time for the dust to settle where people really know their position and they know where they’re going to move next. Or do you think this will sort of go on for another 12 months of uncertainty? People aren’t sure. Or where does your mindset, given you’ve been in this space 40 years, you’ve seen a lot of stuff, you’ve sailed many uncharted water. SIMON so I’m keen to understand what does that look like. Moving on.
Simon Hodgkinson [00:53:45]:
I think we’re going to be in a period of economic uncertainty because of the geopolitical tension. It’s a bit of a roller coaster at the moment. You know, look at Russia, Ukraine, you’re looking at Israel, Iran, you’re looking, you know, you’re looking at tensions in China and Taiwan and certainly in Asia, PAC as well. So I think there’s just increased geopolitical tension out there that’s leading to economic uncertainty. You could argue, you look at things like the stock market, the world is entirely rosy. If you look at the, you know, the fact that a lot of the stock markets are at the highest point in, well, ever. But in reality, for the people on the ground is the cost of living. Crisis globally is enormous.
Simon Hodgkinson [00:54:28]:
And for businesses, you know, we’re seeing in the UK for instance, Some of the interventions through things like the budget, et cetera, are putting more and more pressure on businesses. If you increase the cost of doing business, that means people are likely going to release people or remove vacancies. I can, I have very personal experience, experience of a very good friend who, Rachel Reeves, put the national insurance for businesses up during the last budget, the one before this one. He took 30 vacancies off his company immediately because actually the cost implications meant they couldn’t afford the vacancies. They needed these people in the business. It just meant other people had to pick up their demand. That puts more pressure, it leads to more mistakes. So I think that we’re going to see that economic uncertainty last for a long time because I don’t see any end to the geopolitical uncertainty.
Karissa Breen [00:55:22]:
So when you say long time, do you mean like three years, five years, 10 years? I mean, it’s hard to tell, but I’m just curious, you can speculate on that?
Simon Hodgkinson [00:55:31]:
Well, I think, I certainly think at least three to five years. Even if some of these, these issues that I’ve talked about are resolved, I think it will take, you know, three to five years for actually the, the, the situations to calm down and stability to, to bring back. What will that do for economic stability? I’m not sure you’re looking at now things like artificial intelligence. This year in the UK is the worst year for graduates being able to find jobs because all of the entry level jobs are disappearing. They’re either disappearing because companies can’t afford to employ those junior staff and they’re the ones that in three, five, ten years are going to be the, paying the income tax that’s funding everything else in the country. So I think, you know, you’ve got to look at the whole life cycle of the economy and if we’re not, if we’re not bringing grads and school kids through, they’re the ones that are going to get disgruntled because they’re not going to see any sort of career path, any future. They’re going to be the ones at the really sharp edge of the cost of living crisis. I think all of that is like a cacophony of challenges we have in society at the moment.
Simon Hodgkinson [00:56:44]:
If all we’re doing is certainly, if you look at the UK at the moment, the cost of just maintaining all of the state benefits, et cetera, is enormous because we’re not creating those roles for junior people to move into. That continues to add to more and more economic uncertainty and potentially from a societal perspective, a lot More disgruntled people. I’m a bit of a pessimist at the moment, as you can tell, because I don’t see a real obvious break in the cycle.
Karissa Breen [00:57:12]:
Yeah, look, what you’re saying is interesting and it’s just about having these conversations. Maybe there’s something that you’re sharing with insight that someone else can take on board. Right, so that leads me then to my next question around work life balance. So I’m going to read the final stat. So 63% of ANZ organizations said they reduce staffing to provide better work life balance. But there must be sort of a better approach to this because obviously, you know, being vulnerable to cyber attacks shouldn’t be the trade off. Right. For improving work life balance.
Karissa Breen [00:57:46]:
Now this stat, Simon, is a slight increase which is up from 2024, which saw 60% of organizations cite work life balance. So I’m curious to understand like sometimes as well, like you have more anxiety of not being at the job because you’ve got all this work you’ve got to come back to anyway. So how does that sort of, how do you find the balance? Like I get it in one respect but sometimes people go on holidays anyway, they’re stressed because they know that they still got people calling them, emailing them, texting them and they come back and they got to double the work because they’ve been away for a week.
Simon Hodgkinson [00:58:17]:
Yeah, I’m probably the worst person in the world to talk about work life balance. If you went back and asked any of my team that I worked with at BP, you know, I was on 24 by 7. The one thing I was really clear about is I don’t expect anybody else to do that. And we put all the right processes in place to allow people to have an appropriate work life balance. But the reality is, certainly for me, I’ll talk about it personally, was I never switched off because I was always thinking about what’s the next thing that’s going to happen. My brain is very operational, less strategic and far more operational. So, so that, and that is exhausting and I think people have recognized it in cyber now. You know, a lot of people in the cyber world are people who’s incredibly dedicated, they’re unbelievably curious and those two things combined means that it’s really hard to switch off.
Simon Hodgkinson [00:59:12]:
So I can understand why people want to give more work life balance. From a business risk perspective, that makes a lot of sense. You do not want a lot of ill people in your environment. So you should be making sure you look after people. But the, obviously the, the issue then, as I said earlier, is that that means you potentially need to hire more people to do that coverage. And like cyber is just another business risk. For instance, if you’re in safety or operational risk in any way, you’ll have the same challenges. Have you got the right people on whether on for the weekends or have you making sure that your manufacturing plant or your oil rig or what have you is, is operating safely? I’m pretty much sure every one of the health and safety people would say no.
Simon Hodgkinson [01:00:00]:
They’re resource constrained. People have to make real judgments on which is the biggest risk as a business they need to manage. The thing that I think people often forget in most senior places, not the cyber teams or the technology teams and that’s largely because we’ve not done the greatest job of articulating. I think the executive need to understand that this no, you know, the attackers never sleep. You know, they can be coming from anywhere in the world. They’re using highly automated capability and therefore, you know, your defensive action needs to match their offensive action in order to protect the company. So I think we need to do as a community a better job of educating those at the top of the house to say yes, it’s just another business risk. But these are the reasons why you should care about it more than something else.
Simon Hodgkinson [01:00:50]:
And therefore when you’ve only got $1 to to spend, you should potentially be spending it over here, not on something else. So I think again back to the. The intent is absolutely honorable. The worst thing that you want is making your people ill. No organization should be doing that by, by overburden. And so that the intent is honorable. But you know, what this suggests is the execution is perhaps not where it needs to be.
Karissa Breen [01:01:13]:
So then just on that, Simon, going back to your own personal experience, how do you sort of sleep properly at night knowing that you’re going to get the call, you’re going to get someone that’s going to text you and it’s stress. As soon as you open your eyes, you’re stressed. When you’re running a global business like BP of that, you know that level and that caliber. But then also when you go to sleep like you, you just know, okay, I’m going to turn my phone off, I’m going to put it on. Do not disturb this stuff still going on. But like how do you actually go to sleep? Because that’s a really important question because even if you’re sleeping, you’re not sleeping properly, right? And you need that to have to Function properly, make important decisions the next day. So I’m just curious then, because there’s a lot of people that I’m talking to out here in the field that have that problem.
James Tennant [01:01:53]:
Yeah.
Simon Hodgkinson [01:01:53]:
And. And again, I’m the worst person in the world to talk to about it. KV Because I, I didn’t. Even though I’m not in an operational role, the way my mind works is I’m, you know, I’m just wired most of the time. It’s probably too much coffee. I’ll give you a very personal example. We had an insider issue in, in bp. It’s in the public domain because the person was, was ended up in jail in Houston.
Simon Hodgkinson [01:02:16]:
But for those weak, we were dealing with that. An insider is vexingly complicated to find a malicious outsider is difficult, but a malicious insider is really, really tough to find. And BP had an unbelievably good health and safety approach. You know, whenever we were in crisis management, we had really strong rotors in place. You know, we were clear when you were on and when you were off shift. I reckon I slept an hour a night for about four or five weeks, if not longer than that, during that event. Just because, you know, when you, even when you’re off shift, you’re thinking, have we covered every base? Have we done everything we can? It’s a really difficult part of the role of. Given that the breadth and depth of the CISO role and the security function is so broad and so deep now that it’s.
Simon Hodgkinson [01:03:08]:
You’re always thinking about, you know, potentially the next board presentation to get the resources you need to do to fix the problems, you know, of vulnerabilities in your organization, and then five minutes later you’ve got some event happening, some incident happening that you’re needing to respond to, or you’ve got the external auditors coming in and there’s just this. Or your company goes through an M and A activity and you need to make sure you’re doing the right due diligence to the point earlier or they want to enter a new jurisdiction. So you’ve got to work with legal to understand the regulatory regime. Just think about the breadth of the activity that’s going on. You just completely. I was completely wired all the time and never really turned off. And again, on a very personal note, that was damaging to my relationship with my family. You may have physically been at home, but you weren’t mentally at home.
Karissa Breen [01:04:01]:
And there you have it. This is KB on the go. Stay tuned for more.
