Karissa Breen [00:00:12]:
Welcome to KB On the Go. Over the course of the week, I’m coming to you with the updates from the AUKUS Advanced Technology dialogue in collaboration with 2020 Partners. Our first event kicked off at Pier 1 in sunny Sydney before traveling over to the capital of Australia, Canberra, where the Australian Strategic Policy Institute, more commonly known as ASPE, hosted us in their offices. Stay tuned for the inside track from some of the up and coming technology companies, as well as some you already know. KBI Media brings you all of the highlights. But for now, to set the scene, you’ll first be hearing from founding partner, Greg Sim, who will share a little bit more about 2020 Partners and what their vision is all about. Joining me now in person is a founding partner from 2020 Partners, Greg Sims. So, Greg, tell me more about 2020 Partners.

Greg Sim [00:01:09]:
Well, thanks, Carissa. Well, 2020 Partners is a it’s basically a private network of senior security operational people. It was founded well, 2020 is a giveaway in the name, but the people that I was lucky enough to meet over many years being involved in cyber, some of them I got together with at the end of 19, during 2020, and suggested that between us, we knew a lot more people globally, global global allies, obviously, very much AUKUS focused, but other allies as well, other countries, and how we could maybe formulate it more, not formalize it, and there was a reason for that. We took on 1 or 2 different iterations of what the network could look like, but what we’ve ended up with is something very unique. And its uniqueness comes in the fact that the network has has is is autonomous. It’s no commercial connection to any individual or any entity. It’s not even a known for profit. So basically, given that unique side to it, we’re able to collect people that are very senior former people, some very senior current people, because current people generally, current, what I mean is they’re already in either government, federal government, law enforcement, even private sector.

Greg Sim [00:02:22]:
They either have ethics issues or they’re they’re not allowed to be part of any organisation. So this organisation is not an organisation, it’s a it’s just a network of people. So it gives them the ability to be part of the network without giving anybody any conflict. And what does that mean at the end? Well, what it means is that we have a collective power, and I always said from day 1 in starting this network is if we can harness the collective, these types of people and that seniority in a collective entity, then we can do things. We can move the needle. You know, any one individual, doesn’t matter who they are, it’s very difficult to move things. With this network, we can’t.

Karissa Breen [00:03:02]:
So when you say you want people to do things, what do you want people to do?

Greg Sim [00:03:06]:
Well, the the balance of the network is very important. So we have a mixture of people that come from former in intelligence backgrounds, current intelligence backgrounds, government entities, military, private sector, and those types of people, we’ve mixed between those operational people and also those practitioners. So we have a lot of, CSOs, CSOs, CIOs, and and actually will one of our, objectives going forward, in my opinion, will be to attract some global CEOs, because with the the dynamics of the world as we all know and and the extreme polarization that pretty much most countries, have, It’s more important that geo everything from geopolitics to cyber and digital. It’s all it’s all mixed together now, you know, everything is digital. Digital is cyber, so our ability to bring these people together as a collective and to discuss things, you know, and we as you know, Carissa, we don’t do events for the sake of them. We’re not an event company, but it’s a great way to bring these people together who normally might not be able to discuss things. They can just discuss things under a policy level most times, but being able to meet their old friends, new friends, let’s say, and they talk about talk about issues that are really relevant to our allies and our allied countries is very, very important.

Karissa Breen [00:04:30]:
So a couple of other things as well, Greg. Why do you believe this network is needed from your perspective?

Greg Sim [00:04:36]:
Because nothing like it really exists. There’s pockets of it. You know, if you go to, say, Washington, there’s always little pockets of networks and, for different things. Nothing’s really done what we’ve done on more of a global allied scale, you know, meaning that, you know, even under AUKUS, I mean, of course, we’re very much AUKUS focused, but we we have our colleagues in Singapore and Japan, in France, in Germany, and and and about to be in Spain. So I think when you can take different attributes of how people see security and not just operational people, but people, for instance, in geopolitics, then I’d we think that we’ve got a far better grasp on how to move the needle than pretty much any entity because, as I said, most entities are really locally focused. You’ll have them in Australia, of course. Those entities that can do that, but we’re able to kinda call it raising the bar. We really raise the bar on things by the type of people that we have.

Karissa Breen [00:05:34]:
And And that’s interesting because that leads me to my next question. There are these pockets of these things that exist. However, I think in my experience of talking to people in the industry would be these these groups, these other entities that exist, and this is me generally speaking, is that they say, but what’s their affinity to the space? And I think by from what I can gather, 2020 partner network has a very extensive cadre, high caliber, strong pedigree of people, which I think is the difference. Would you agree with that?

Greg Sim [00:06:04]:
Yeah. I I I totally agree. It’s it’s really about the caliber of people because, you know, if you think about when when you have the type of people that we’ve got, and you know quite a few of them now, Carissa, if you can harness that brainpower alone and that experience, I mean, it’s it’s incredible that you can start to think the application of that could be utilized. I mean, if you if you could capture what we have in the network and say an AI engine, can imagine the type of output that you could that you could probably achieve from it, it’d be be quite I mean, it would be incredible. And and, of course, the other thing I’ve not mentioned is it’s also important when you create a network like this that there’s a balance. We can’t have too many one and not enough for the other, and our technology partners, and we call them partners, are very, very important. They they’re great supporters of the network, and, of course, we have our own policy within the network that the technologies that become our partners are those that already that come from within the network. So they’re already known to the network, or the senior people in the network because a lot of the senior people are are advisors on different companies and they see things and, and and and the second one is that they’re already operation or within 1 or more of our allied infrastructures.

Greg Sim [00:07:20]:
So that gives a high level of validation, and I like to use the words validation by association. Because when you have a cadre of people that we have and you have the type of brainpower and and these technologies, it really is a big validation for everybody. It’s self validating. And I kinda like to say that we’re trying to level the playing field, so anyone that comes into one of our gatherings, whether it’s a drinks, etcetera, or event, we want to make sure everyone’s on a level playing field. There’s nobody higher than anybody else. For instance and even even with the technologies, as as you know, we we have a no sell rule. And that’s important, very important, because when you have the practitioners, especially those that consume technology, there’s just there’s an awful lot of technology around. There’s an awful lot of of snake oil in a lot of these technologies.

Greg Sim [00:08:15]:
So for them to they that everybody’s tired of being sold to, everybody’s trying to sell something, but they don’t want to miss out on anything. They want to know if there’s something there that can really help my organization, my government entity, or whether it’s intelligence, whether it’s defensive, offensive. They want to know especially because it comes from within our network, so it has that high level of validation. We’re not discounting anything. We’re not discounting innovation, of course. I’ve always come from an innovative background, but I think that innovation to us needs to reach a certain level before we’re gonna say these and and and so we we do keep that balance for them, and our our technology our technology partners, they enjoy it because they get to be associated in these environments and are able to talk about their subject matter, their expertise, their threat intelligence. And so we’re being asked a lot actually by governments, law enforcement entities to actually help them and and bring together nothing to do with Selim, but been able to come and do briefings for them, for instance. So we’ll take some technologies out there.

Greg Sim [00:09:25]:
Specifically, we’d like more information around an issue, you know, whether it’s, you know, identity, mobility is always a big one. You know, big data transfer or we we we’ve just got such a great reach in to find these great technologies.

Karissa Breen [00:09:43]:
Joining me now in person is Anthony Reynolds, vice president, federal and national security at Bridgeworks. And today, we’re discussing getting mission data to the warfighter or CIO. So, Anthony, thanks for joining, and welcome.

Antony Reynolds [00:09:56]:
Well, thank you for having me.

Karissa Breen [00:09:57]:
Okay. So you say well, so I’m gonna I’m gonna call you Tony now, Now that we’ve done the formal side of things, you say get mission data or data to the warfighter, which is a metaphor for the CIO. That’s my take of what when you say that. But talk me through this. How how do you sort of see this? Because I know you obviously are veterans and maybe that maybe that’s why you’ve used the term war fighter. Curious what what’s going on in your mind?

Antony Reynolds [00:10:26]:
Well, that’s a striking metaphor, but actually one born out of a real life experience. So I attended, an event called Technet which is Indo Pacific Command event which is held yearly in Honolulu and I was at the in the audience of a panel comprised of the US Department of the Navy. A question that was asked is why is it critical or not flexible to move data to the war fighter within the theater of operations? And the answer, resonated very well with me and, of course, it was a joy to hear because the answer given was from Jane Overslaugh, Rathbun, who is currently the CIO of the US Department of the Navy. Her answer, and I paraphrase, was if we can move data at the lowest level of latency to the war fighter, it will make the difference between winning and losing the war. And went further, and illustrated that potentially could save lives. Now, how do we then apply that to the civilian environment, the nonkinetic soft power environment? But when I speak to CIOs, they do see it as a kind of war because doing more for less these days, they have finite resources. It’s kind of every day is a battle to juggle really and manage that plate spinning. So the benefits for them in moving data faster is that it frees up time.

Antony Reynolds [00:11:55]:
So what they tell me actually very often is that that time saved frees them up to run concurrent projects and get other stuff done as it were. Surprisingly, they don’t talk about cost reduction much. The time seems to be a valuable commodity to them. There are examples where some of our clients have monetized that time saved. An example with CVS Pharmacy, the largest pharmacy retail chain in the United States, and they were able to put a number on it for us, which was something nice we could include in the use case. But more often than not, it is time. So that was really the metaphor.

Karissa Breen [00:12:32]:
So people are more focused on their time rather than cost in reducing their costs produce generally speaking?

Antony Reynolds [00:12:38]:
That’s what I’m hearing and that’s been the experience. And I think it it is because of resources, less resources to to do multiple projects within the enterprise, within the IT shop. Yes. So very valuable to be able to, create more time.

Karissa Breen [00:12:54]:
And would you say as well because, I mean, even the conversations I’m having as well, Tony, everyone’s we met, oh, you know, I’ve gotta reduce costs. I’ve gotta do more with less. And are you still seeing that, or do you think it depends on which company and client and everything like that?

Antony Reynolds [00:13:07]:
It’s a great question. I mean, it’s become nuanced. You know? It is a huge cliche, you know, that that the c suites at the board level are already talking about, you know, perennially talking about, you know, cost reduction and revenue growth. So where’s the next big growth engine? They still talk about those things, but it’s become very nuanced. And that’s because of the, disruption of new technology as well. Going back to the metaphor in the military area, one advantage they see apart from getting that mission critical data to theater, to the battle space, is the fact that by it getting there faster, there is a less of a timeline for bad actors to cause disruption and denial even of their mission. Within the civilian area, I think it’s more reputation. So if I ask, a customer, yeah, I get that it frees up more time.

Antony Reynolds [00:14:00]:
I get you more you get more stuff done. So that’s a performance metric. But what other gains are important to you? Often, it’s reputation. Being seen within their industry as being forward leaning, embracing technology and not denying it, and applying that technology. And I kinda like peacocking and showing off to their competitors in that vertical that and and often a lot of industries are quite tribal. They will look to leadership, those that are innovating and follow, which, of course, is very good, for vendors like us, as well. So I would say reputation is is another one of those gains.

Karissa Breen [00:14:34]:
Okay. So I wanna switch gears slightly and talk about your view on gains of faster data delivery more. Like, what does that what does that mean to you? And then in a broader context. Yeah.

Antony Reynolds [00:14:46]:
We’re all we’re very focused on the customer. So the way I my mindset is always why is it important to the customer and we’ve already talked about reputation. Our customers like to be seen by their peers and by their customers especially as being in a leadership position as being, say, as I said, forward thinking visionaries. So that we’ve talked about that. But there’s another important element and that is data integrity and security. Now it’s comforting for our end users to know that then we’re moving that data, that they don’t have to unencrypt that data. So it means as the vendor, we’re not requiring them to hand us the crypto keys and key material. That’s a level, a very high level of assurance that we’re not examining and seeing that data.

Antony Reynolds [00:15:36]:
Well, that’s transferable to their customers in turn because the customers see that as respecting confidentiality. So in the military space, it’s about secrets and, for example, our signals intelligence customers. But in the nonmilitary environments, it’s about really respecting, in some cases, patient confidentiality, medical records, or indeed complying with, say, GDPR, for example, and getting on the right side of of the regulators. So that’s important. But also as well, an element of cost in that when we move data, we don’t cache and store the data. That represents a saving to our customers, but not a great saving to be fair because the cost of storage has has dramatically been reduced. It’s more that it’s not our necessary repository of data in a place that they can’t control. So that non caching, non storage of the customer data is another level of assurance for them.

Antony Reynolds [00:16:33]:
So to summarize, 0 touch of the data, 0 examination, and 0 storage of the data. And that kind of speaks quite nicely to, what’s trending right now and what’s very topical within zero trust architecture.

Karissa Breen [00:16:48]:
So I wanna maybe if you could provide an example of a private enterprise. Like, how does that sort of look? Because I’m curious then to know and you said before, you you know, you don’t cache it and you don’t store it, but you said before around the transferring of it and then how that’s a little different. So walk me through as an example.

Antony Reynolds [00:17:06]:
Yes. So there are a few enemies of the WAN, as it were. We, caricature it as the, 3 wicked witches, you know, of the WAN, you know, because it’s kind of like rolls off the tunnel if you like. So they are latency, packet loss, and ingress egress, so congestion. And all these things slow up the data transfers. That’s losing packets, so they’re not arriving at the other end, and then all manner of reasons why, there are the effects of latency. Our solution does not eliminate altogether latency, but it it it hugely mitigates them. And because the AI patented technology that we use is automated, self tuning, and self learning, the longer the timeline it has, the the longer the distance, it really is able to get smarter and look at new routes, you know, new tactics and techniques to get the data to the other side.

Antony Reynolds [00:17:57]:
So we do have actually lots of case studies where that has been benchmarked as a an example of the the business benefits we’ve we’ve not really touched on.

Karissa Breen [00:18:07]:
From your perspective, what do you think people don’t get about what you guys do or what do they overlook perhaps?

Antony Reynolds [00:18:12]:
Yeah. So in fact, that is a thing we see. So a lot of the markets see us as as WAN optimization And broadly speaking, you it’s tenuous, but, yes, we sort of are optimizing, but we’re doing we’re going far deeper than optimizing. We’re actually changing the landscape. We’re creating conditions where the data can be moved at ultra fast unprecedented speeds and scale. And, of course, we’ve talked about the security aspects. They know their data is secure, it’s safe, it’s not being stored anywhere, and it’s not being examined. Military often refer to this as fire and forget.

Antony Reynolds [00:18:53]:
They don’t want vendors to know what they’re moving. What are the foundations of good intelligence is need to know, and we absolutely don’t need to know as a vendor.

Karissa Breen [00:19:03]:
So what would you say are some of the misconceptions though that perhaps people still get wrong about when it comes to data? So I’ll give you an example. So when I’m when I’m talking to you, Tony, I’m thinking about, like, data masking, for example. People still don’t know what that is. So is there something that you said before? Yes. Of course. People confuse you with, like, the when in terms of optimizing that. But what would you say that people in terms of the conversations you’re having with your clients that they’re they’re still perhaps, I don’t know, asking more questions around what is it specifically? Because I’m I’m noticing that you you say we’re not doing this or we’re doing that, but is that still the common question that customers are asking you?

Antony Reynolds [00:19:44]:
Customers I in the main are clear, they’re crystal clear what differentiates us from other providers and there are very few in this space, in fact. I’d argue we’re in a league of our own. We did look at becoming part of the, a magic quadrant within the Gartner group, but it it looked as though we’d be the only one in it. So we didn’t see that as a a necessary thing to do. So it would be a very lonely quadrant, a lonely space for us. So I think people understand what distinguishes our technology. The real problem is they don’t believe it. They don’t believe our claims about just how quickly we can move that data and and just how we can improve performance.

Antony Reynolds [00:20:25]:
And that probably explains why I don’t recall we’ve, Ed, ever got to a point where a customer has committed and we’ve got to the install without a proof of concept. So we have to we generally our model is we cut a an evaluation license and then we encourage the customer to do various learns and move data in a sandbox. And then during that process, we we give them a handrail. We we support them fully. That’s one way we can convince them because we do have use cases and we have many customers. We have a bank, Investec Bank, or a private banking organization who have reported to us. They’ve seen 424% increase in total data transfer. But people are a little incredulous, if not cynical.

Antony Reynolds [00:21:13]:
So that’s really the way that that we prove that we can deliver. Another example would be McAfee that we boarded a while ago. And again, yeah, didn’t didn’t really believe it. Not in a bad way. Just, yeah, they thought actually not embellishing, but overstating. So they embarked upon the their journey of evaluation and were quite astounded with the results. So I think we got them from something like 2 megabytes per second to a 100 megabytes per second on a on a 1 gig circuit. And we were able to identify some other things that they should pay attention to as well during the sort of diagnostic period, the network diagnostic phase of that exercise.

Antony Reynolds [00:21:54]:
And they they committed to us and and and we were very proud to have them as part of our asset and our portfolio because they’re clearly a a leader in the sort of cyberspace. So, again, I think no one was gonna take that for granted. The other thing that’s important to big enterprise into the military, you know, our customers are are always almost certainly in one of those sectors, is the issue of robustness and resilience. And it’s sort of pride from my side. We rarely have issues with availability of systems, and our our capability is within signals intelligence agencies, within big pharma and medical, and and even academia. Doesn’t happen. In fact, we on the McAfee opportunity, we were asked at the 11th hour to, show our our maintenance records. And it’s not something vendors are normally too keen to do, but we’re able to produce that willingly and very quickly because it was a tiny number, which clearly helped to reassure them that we were a big bet.

Antony Reynolds [00:22:54]:
And we are a mature company, but we’re not the scale of some of our customers. But we have the o e OEM customers like IBM who’ve been licensing our product for over 10 years and have continued to work with us. And so that’s important from a business perspective, and it’s a revenue stream, our licensing business. But but we are really interested in acquiring new assets, new customers, because we believe it really really will deliver operational benefits and and high performance for them, which they can then take that to customers as proof points that that they are innovators and embracing game changing technology. One of the quotes, I paraphrase, but we have a verbatim quote from McAfee was that what they believe would take them a year to complete in terms of a data transfer project took them a week and a half. That really is quite a powerful testimonial. Also, the engineer that led that project with us, our point of contact was a storage engineer with limited networking experience. And, again, he’s on record to saying that it took him around 45 minutes to install.

Antony Reynolds [00:24:01]:
So it’s a painless, seamless process as well. All those things are important because they do impact on requirements to manage those projects.

Karissa Breen [00:24:10]:
Because that’s an interesting point and that’s the reason why before when I asked you that question around, like, what is it still missing? Because you you you followed on with that by saying league of your own because obviously it can be a double edged sword when you’re you’re first and you’re trying to do something different. It can also mean people don’t quite understand it and they have some of the pushback. So that’s why I was curious to know. Then I’m also curious to know, Tony, how quickly are you moving this data? So you’re saying it took a year that you could be compressed into 1 week. Like, how how fast is this stuff going here?

Antony Reynolds [00:24:37]:
We generally point customers to our benchmarks. So these are customers who’ve agreed to a use case. And the example I gave you was 424% faster than than their their incumbent supplier. Our most recent wins in terms of transactions with customers have all come from our competitors who were unhappy with performance but never expected to be able to achieve the kind of numbers that that we were achieving. But in in in our world, it it’s normally times faster. So we we believe a mean average is around 10, but but that can be dialed up north very quickly depending on the environment and depending on how many protocols or applications they’re moving across that wide area network.

Karissa Breen [00:25:23]:
So you mentioned the operative word performance. So would you say everything that’s happening in the world and everyone, you know, is doing releases in terms of from a software development point of view, everything that’s need to be we need to get things out faster and faster. So performance, from what I’m hearing from what you’re saying, a very key thing that customers are really interested in, not just nowadays, but just how the world is going as, you know, as your customers and businesses out there, they need to be staying competitive. And that means by having performance. So would you say that’s a key driver for some of your customers?

Antony Reynolds [00:25:54]:
Well, it’s it is for some and not for others. It it’s it’s really like taking a journey. You may not absolutely need to be there in a certain timeline. You may want to go the scenic route. So our customers have to have a requirement. They generally always have to have a requirement. Some that sometimes that requirement is acute or chronic and they’re in a hurry. But, generally, they’ve they’ve they have either a problem or a challenge and the speed is usually a part of that, but there are other variables, other elements that I’ve touched on such as will my data is my data safe in the hands of an independent vendor that is not part of my organization, somebody that that is not entirely trusted because we don’t have an existing relationship with them? And that’s when we point them to our customers and our referenceable use cases, and when we show them how secure those transfers are.

Antony Reynolds [00:26:48]:
And the fact that we do move their data fully encrypted does, as I mentioned earlier, gives them that very high level of assurance that we’re not messing, you know, with their data. And there is the issue of recovery as well and that’s something we we we play very strong on. Customers, yes, performance and when you talk about performance in the context of Bridgeworx and our Port Rocket and WAN Rocket solutions, we are talking about speed and it depends on how important speed is to the organization. I would suggest that often they they have other considerations such as the security and whether the data is safe. And the other thing that we are hearing a lot now is the market is very congested, competitive, and noisy around threat detect, threat protect of cyber attacks. And we don’t pretend to be in that space, but what we can do is help with recovery. And because even if we can’t salvage all of the data after an attack, that’s when speed will become critical because it will be a a force multiplier. We’ll be able to perhaps move critical data to through VPN to a dark place or a place where they want that data to.

Antony Reynolds [00:28:01]:
So I’ve heard this referred to as, you know, cyber first responders, but I’m reliably told that, actually, we’re more of immediate responders because first responders will take a certain amount of time to deploy and to arrive at scene. So that’s something that we’re hearing a lot. So I wouldn’t say it’s a binary thing around performance. A lot of clients are just happy with their current speeds.

Karissa Breen [00:28:25]:
So they’re used to close. In terms of, you said, recovery because a couple of well, I would say recently in terms of my interviews, business continuity is the main thing they’re both talking about. So, okay, give you an example what I mean by that. A warehouse. They just said they operate 24 by 7. They have a ransomware attack. All of a sudden, it’s not just an 8 hour window, like a standard, you know, 9 to 5 business. They’re operating all the time.

Karissa Breen [00:28:50]:
So them not having that continuity because they can’t recover their data fast enough is a huge problem for a business like that.

Antony Reynolds [00:28:57]:
Yeah. That’s exactly that’s that’s where we play very strongly. We play strongly there, and we and we play strongly with big data over long distances. Because I mentioned earlier, you know, we have that extra time for the AI and the parallelization techniques to kick in. An example I’d probably give you there would be around a bank customer that needed to be on the right side of regulations. So in this case, it was GDPR and syncing across platforms using Oracle Golden Gate. And that’s the example where we’re able to get that 400% faster result. But, actually, that was interesting, but really that was just ensuring the customer were not liable.

Antony Reynolds [00:29:38]:
So it was about regulatory risk in that particular case, and that’s something people are talking a lot about right now because the fines can be eye watering, you know, large for those who find themselves, unfortunately, on the wrong side of compliance.

Karissa Breen [00:29:52]:
And Tony, in terms of just really quickly closing comments, final thoughts, what would you like to leave our audience with today in one sentence?

Antony Reynolds [00:29:59]:
I would say that if you don’t believe the headline and you’re cynical about the metrics that we are, advertising, then accept an evaluation, enjoy a temporary license, find out for yourself, go because we don’t dictate to customers, we take customers on the path of self discovery and, we find that our strike rate is is extremely high. In excess of 70% of customers that go on that journey who evaluate either by now or by later.

Karissa Breen [00:30:38]:
Joining me now in person is Malcolm Purcell, VP APAC at 5cast. And today, we’re discussing leveraging OSINT to address national security challenges. So, Malcolm, thanks for joining and welcome.

Malcolm Purcell [00:30:48]:
Thanks. Yeah. Good to be here.

Karissa Breen [00:30:50]:
Okay. So let’s start perhaps there. What is your view on how OSINT can address and ultimately reduce national security challenges? How how do you see it?

Malcolm Purcell [00:30:58]:
Yeah. Well, maybe sort of starting at the start in terms of what what we actually sort of define OSINT as, the open source intelligence. It’s really that process of collecting and analyzing publicly available information usually to meet an intelligence requirement, some sort of intelligence mission. And at 5cast, that’s really what we specialise in is we have a a number of software tools that enable agencies to do that. And one of the big, applications, of course, is in that national security domain. You know, ocent has been around as a a thing for years, really. But what we’re talking about, I think, today and and, you know, a lot of the interest now is very much the digital age and and particularly things like social media platforms, where you have that, you know, that paradox of there’s more information than ever before available to you at your fingertips, but finding the information you actually want is kind of harder than ever just because of the the sheer volume. So I think it was actually mentioned the other day by one of the the guest speakers that, you know, it’s not looking for the needle in the haystack.

Malcolm Purcell [00:32:00]:
It’s you’ve got a you’ve got a haystack full of needles, which is the one that you are you want. And so that’s where we come into it, and particularly from a national security perspective. It’s trying to find that that thing that is actually of interest amongst the the the huge amount of noise that’s available to you digitally.

Karissa Breen [00:32:16]:
Yeah. That’s interesting. And I think because, like you said, there’s so many different, you know, x and LinkedIn and there’s so many different platforms now to be able to aggregate all that information. So would you say that and look, especially if I just focus on x or Twitter, the amount of information or disinformation or whatever’s on there in terms of propaganda that you would probably read and consume. What is worrying people at the moment in terms of national security? Because, I mean, there’s a lot of very out there views on either side that we’ve seen, because now people have our own voices. Back in the day, you didn’t have the platform to be able to leverage that. So now I think with that creates problems for people to perhaps push an agenda, whether it’s true or not, is another story. But what are you sort of seeing from your perspective on then this threat if I were to zoom out to national security?

Malcolm Purcell [00:33:08]:
Yeah. I think there’s a couple of things there. And and, like, you know, if you’re talking about something like x, obviously, there’s a huge volume that comes through there every day. And it is sort of well known that there are many state actors on on there as well, who are, you know, either pushing an agenda or or trying to craft a narrative. I think one of the challenges well, there’s a couple, but one of one of the challenges is some some of the new generative AI technology that’s helping create some of those narratives and make it easier than in the past to develop that messaging and develop it at scale and then push it out. And I guess, I think it allows a little bit of experimentation, which perhaps in the past was still possible, but would have taken longer and would have been more involved to do. Now with that technology, you can, in the same way that for legitimate purposes, people can use this, you can sort of fail fast, decide that that hasn’t really worked, that hasn’t hit a nerve, put something else out and see if that gets amplified throughout the throughout that sort of network. So I think those technologies, obviously things like deep fakes are very interesting there with, again, that technology is getting better all the time.

Malcolm Purcell [00:34:15]:
There’s been some sort of quite, you know, notorious examples of that. I think back, you know, 2 years ago with, you know, that Russian invasion of of Ukraine in 2022, and, you know, fake video appeared of Zelensky, yeah, ordering his soldiers to lay down their arms. Now, it obviously didn’t really work. It wasn’t really picked up as intended, but those things are getting better, more sophisticated, and and the ability, particularly on social media, is is just that is is the ability to amplify. So in in a way that’s never been possible before and get that sort of information to a much wider audience quickly.

Karissa Breen [00:34:49]:
Okay. So this is interesting because, again, you raised, like, Deep Lake. So, I mean, a lot of the conversations I’m having with people is there is a concern obviously around that, and now every day it’s getting better. So it will be hard to discern. Is that really what Malcolm said or is that what he said? Because it looked like you it sounds like something you would say. You said something quite nuanced, so it does sound like you. So then how are you guys approaching that from an I know some perspective because it’s like you’ve got all this information already, but then it’s like now you even have to filter even more to say, well, if it’s fabricated or not. How does that look in your eyes?

Malcolm Purcell [00:35:20]:
Yeah. It and it’s hard, I think, because you’re right. It is getting better all the time. I I I think there’s a number of it’s a combination of between, we would like to call, technology and tradecraft, where the technology can take you so far. You can perhaps try and understand, and that account that’s putting out that information, you know, what sort of connections does that account have? When was it created? You know, some indicators around, you know, that perhaps the, the likelihood of that account being a bot or a fake account, that’s been created for one purpose and one person own only, and that’s to essentially regurgitate that propaganda. So there’s that that can help you from a a technology standpoint, but really a lot of it, I think, does still come down to, you know, good intelligence analysts looking at the information, making judgments, and informed opinion because they know the context well. You know, as a company, we are an OSINT company, but we’re a technology company, first and foremost. We don’t provide services.

Malcolm Purcell [00:36:14]:
So we’re providing our technology to government agencies, to leading private sector organizations who who need and are trying to use this information for good. The other thing I’d say, I think, Carissa, is there’s a lot of commonality in terms of some of this stuff between the things that state actors might be trying to put out around mis or disinformation, and the the same technologies are being used and exploited for scams online, romance scams. The same sort of tools, technology, ideas are being tested and adjusted in in other fields, and they can be adapted and used there as well.

Karissa Breen [00:36:50]:
So there’s a guy interviewed a while ago, and he spoke a lot around the Twitter bots, and then how obviously and this was going back to the previous US election, how they were leveraged to drive information warfare. But everything that’s been happening, in terms of and I’m probably more concerned for the younger generation that they’ve just known technology. So perhaps what they read online or what, you know, comes from chat g p t, what’s getting pulled from, you know, large language models that exist out there on the Internet. And the example that I use is people that have, the flat earth theory. So if you’ve got some people that are out there creating sites like like ours in terms of media and putting this information out there and you said like, you know, is it flat or is it round? You might have that if it’s that it’s flat because there’s people out there that believe that as well as people that are on X that are pushing this agenda. So what are you sort of seeing then on that front? You mentioned before that obviously the state actors out there that are pushing specific agendas or anything like that you you can sort of share in terms of that insight? Because I mean, a couple of other people I’ve spoken to in terms of the bots that they had millions and millions of these bots telling the story. And so when you’re seeing millions and millions of accounts saying one thing, you start to then believe it though.

Malcolm Purcell [00:38:03]:
It’s reinforcing it. Yeah. And I think that’s that’s that’s largely the point with some of those. I think I’d say as well, and not to defend sort of x or or otherwise, but the more mainstream social media platforms do have, you know, typically content moderation teams. They actually have a fair bit of time and effort that they put in to that because, you know, it’s a it’s a big business and it and it makes money and and and they they need to, you know, particularly Meta, you know, who actually, you know, disable and ban, you know, I I forgot the statistics, but it’s thousands and thousands of accounts every single day that they are taking down deplatforming because they they’ve contravened those sort of guidelines. The problem is though, you know, the world of social media in particular is very diverse. And there are a number of platforms which are, you know, unashamedly, essentially unregulated and and and promote themselves as, look, you know, come here. We’re all about 100% free speech.

Malcolm Purcell [00:39:00]:
Whatever you want, wherever you want. And they’re they’re so they’re putting out messages on those more fringe and niche platforms to be fair, but, you know, some of them are growing and growing in popularity. The other thing I would say is there’s also platforms which are very targeted towards a certain diaspora. So some of the Chinese platforms like like WeChat and Weibo, that they are primarily used by the Chinese diaspora. So, for example, in the US election, you know, articles, narratives can be placed on those platforms that feed straight into a certain demographic group in a way that perhaps other platforms don’t. So it allows a level of targeting there as well.

Karissa Breen [00:39:37]:
Here’s where I think it’s gonna get interesting. I mean, I interviewed someone a couple of months ago, head of global research, and I was like, so what do we do? The short answer was nothing other than trying to manually look at content to then say, well, it looks fake. But then again, the thing that probably maybe concerns me is do people have do they have enough attention span to really dissect that? Because like you said before, you’ve got analysts that this is their job. This is their profession. They have that ability. The average person that they don’t. So do you think it’s gonna get into this if we just focus on social media, do you think it’s gonna get to a point where I don’t know. So it feels like delusional in a sense of is it like we’re gonna feel like you have to look at everything to assess whether it’s fake or real? And even if something’s real, you gotta think it’s fake.

Karissa Breen [00:40:20]:
Like, does that feel exhausting then?

Malcolm Purcell [00:40:23]:
Yeah. Yeah. I think it is interesting. I mean, it’s I think in some ways, the perspective is propaganda has been around for a very, very long time. Yes. If you think about it, what’s changed is, yeah, that as you were saying, the pace, the the the ability for things to be, you know, put out there and then quickly amplified by others. That that type of thing has changed in the digital world. I I’m not sure if there’s a a sort of a solution.

Malcolm Purcell [00:40:47]:
I think one of the one of the solutions in some ways, for you mentioned I think before some of the young people, is they actually are very much, you know, digital natives. They’re digitally savvy and they’re much more aware of how perhaps some of that data can be manipulated or that the messages they’re receiving are in some way manipulated. And then again, this stuff doesn’t necessarily need to be nefarious state actor stuff. This can just be advertising. So I think it’s a lot of it is about educating people and making sure that they know that not everyone thing you’re seeing on x or on, you know, Facebook is could be real. It could be a scam. It could be fake. It could be disinformation.

Malcolm Purcell [00:41:24]:
I’m not sure there’s a one button kill that post or or type thing that’s available really to do that. Over time, maybe the technology will will will improve to get to that point, but it’s a bit of an arms race, I think, because the innovation is constantly there to to get around some of those measures.

Karissa Breen [00:41:41]:
And then I know we’ve sort of we probably already touched on it, but in terms of sort of is there any other emerging issues that you sort of identified as well alongside of what we’ve already discussed in terms of, you know, mis or disinformation that you’re sort of seeing from your point of view?

Malcolm Purcell [00:41:53]:
Oh, look, there’s there’s things that are choppy and changing all the time. I think some of the stuff around the use of and we talked a bit more about sort of deepfakes, but just even the use of imagery online. A lot of our customers are very interested in is the ability to detect symbols or or or phraseology online, which is used by specific groups. So some of the far right groups that use specific phraseology, which you or I, if we were just looking at that on a post, may not mean anything to us. We we look at it and just say they’re talking about a number of numbers, but if you actually understand the implications of what’s being said, it’s actually it’s actually, you know, quite significantly far right extremist communication that’s going on. So what’s important is the ability to, at scale, be able to detect that, identify it, and bring it to the attention of an analyst for something to do something about it. And whether that’s, you know, in in a law enforcement context or in a in a sort of a broader government context. But you need to be able to find that information in the first place in order to be able to take action at it.

Malcolm Purcell [00:42:55]:
So I think there’s more and more work going on around that in terms of being able to detect quotes that might be made, and understanding where that quote is coming from. Is it coming from a, a manifesto somewhere? Well, that might change your opinion on the post or the account that’s posting it, compared to just if you see it and you say, oh, in isolation, that doesn’t really mean anything. So I think there’s more and more work going on there.

Karissa Breen [00:43:20]:
So I wanna sort of slightly switch gears and I want you to walk me through, perhaps, the value of leveraging unclassified, open source data alongside of classified data. What does this mean for people who are not familiar perhaps?

Malcolm Purcell [00:43:34]:
It’s not necessarily new, but even I think the US DOD put out a report earlier this earlier this year actually, talking about that, you know, particularly open source data is probably needs to be start to be considered the the sort of the intelligence resource of first resort. And I think there’s a number of reasons for that. 1, some of the other the other intelligence disciplines, humanists, again, some of those are becoming more difficult and and expensive. And frankly, there’s a huge amount of value within the open source domain. There’s a bunch of statistics floating around, people talk about that, that 80% of that information is available. And classified holdings is available sort of in the open source market in in one way or another. As we talked about at the start of this discussion, a lot of the real challenge though is, okay, well, we know it’s out there. How do we how do we get it at scale in an obfuscated, secure way and bring that back so we can then make sense of it? Because just saying you’re gonna go and collect everything off the Internet is just not possible.

Malcolm Purcell [00:44:33]:
So there’s that challenge. But I think increasingly, and it’s not just certainly national security, I think broader government agencies, public sector agencies are realising that there is a treasure trove of information within the open source realm, and understanding how you can leverage that, either for a security mission or a law enforcement requirement, is really, really important. You know, the classic is, you know, some of the, you know, connections between individuals who who may be claiming that they have no association, and you’re able to reach back through years years of open source data and find maybe a a photo or a communication between the 2 of them online, even from accounts that may have been long forgotten or or deleted. And you can then find that connection, that nexus that can maybe take you to the next stage of an investigation. So I think, you know, open source can do those things in a way that some of the other data sources perhaps can’t, and it so currently can be complementary to those.

Karissa Breen [00:45:30]:
I’m aware that people use OSINT for when they’re hiring in, like, executive senior roles. What I’ve been told is that some of the stuff that comes back is quite interesting, and therefore, they may forego hiring that specific person. So from your perspective and maybe this is I’ve got a security background as a little different and I’m in media. So it kind of feels like I’m what I’m saying is counterintuitive, but I’ve been just unaware of what they’re putting out there and they think it can’t be found. And then perhaps leverage against them to not hire a job because maybe 20 years ago, they thought the earth was flat and that went against the values of the company that were hiring that person. So what’s with that? Are people just not thinking and just assuming that people aren’t conducting this type of this OSINT sort of reconnaissance on them?

Malcolm Purcell [00:46:17]:
That’s a really interesting question. I think part of it goes, frankly, Chrissa, to the pervasive nature of social media today that it’s it’s sort of with us in our daily lives. It’s with you when you’re, you know, sitting in in in a taxi on the way to the airport and you’re scrolling through LinkedIn and maybe creating a post. I mean, it’s it’s it’s impacted so many people, and and we spend I don’t know the statistics, but the huge amount of time online now. It’s quite easy to forget about that stuff or or to know, not remember that you engaged with someone here or perhaps you’d you’d posted about something that you thought you hadn’t. So I think there’s there’s that element to it. It’s just the simply nature is so much of people’s lives is lived online now that it be has become a real treasure trove of of information. So, yeah, I I think it’s kinda hard to get away from.

Malcolm Purcell [00:47:05]:
In terms of the you’re sort of talking about it there about sort of recruitment, I, you know, I’d call it sort of more more broader, sort of those due diligence applications. And we have customers, and there are people interested in all sorts of things, people who might be involved in large, m and a transactions, for example, in a bank, and understanding, well, who is that counterparty that we’re engaging with? You know, what are the potential risks? Who are the company directors there. So yeah. And and obviously there’s been some very high profile things in the media, but people have been recruited, then it’s come out later, you know, usually from a very smart investigative journalist who’s gone and done some of that open source research and found out things that perhaps that that have been regretted by the the organization in bringing that person on. So, yeah, I think it’s it’s got some really interesting applications there.

Karissa Breen [00:47:53]:
One of the things is and I I’m not, like, leveraging in terms of the scale and the depth and breadth that you guys are doing, obviously. But sometimes when I’m in my job, I’m curious and I go and look online and I find interesting things, whether it’s looking at someone’s Pinterest to see what type of pins they’re pinning. And I think it’s like I have this little, you know, digital footprint on someone, and that’s just me doing it manually. So it’s quite interesting if you guys can then do that at scale to see what comes back.

Antony Reynolds [00:48:17]:
Yeah. I think that’s part

Malcolm Purcell [00:48:18]:
of the real value of OSINT is exactly what you’re trying to do, you know, individually is but how do you scale that? If you’re a law enforcement agency and you’re looking at an organised crime group of 100 of individuals, how do you scale that where you can you can legitimately look at not just 100 of individuals, but some of their associates, all their different accounts. When when you start thinking about it, it becomes an enormous challenge. You could have a a room of, you know, people hunched over laptops, and you still probably wouldn’t be able to do it all. The full time job, the amount of posts, the amount of volume, communication, you do need some technologies that can help you make sense of that, and and make sense of the noise, and get to the stuff that you’re really focused on. That’s honestly a continual challenge for us. As I mentioned before, you know, the the mainstream accounts are actually, in some ways, not necessarily the the huge problem. It’s some of these niche accounts. And when we speak to some of our customers, often they they’re not even aware of the oh, do you even know that Carissa has another account on some of these platforms? And unless you know that and you’re aware of it, you obviously can’t do anything about it.

Malcolm Purcell [00:49:25]:
So it it’s finding that information, discovering it in the first place, which is often the most important thing.

Karissa Breen [00:49:30]:
So where do you think we go from here? So obviously now with everything that’s happening, more things are online. You got, you know, AI and Gen AI is now coming into the the fold with deepfakes. Like, it’s it’s gonna get more complex. It’s gonna be harder to discern fake and real and fabricated. And what how do you sort of see this sort of, you know, unfolding as we sort of traverse into this AI era now and this AI world that we’ve created? I mean, it’s a double edged sword, but keen to hear some of your insights.

Malcolm Purcell [00:49:59]:
Well, I was gonna actually say that. I think one of the guests here yesterday talked exactly about that, about that, you know, is it a threat or is it an opportunity? And I think at the moment, you know, you can certainly say it’s both. I can say from the 5 cast company perspective, we are starting to use some of the generative AI technology to assist with some of the work we’re doing. So have an element that we call adjudicative factors in in part of our technology, which actually lets an analyst, without reading perhaps an entire post or or a series of posts, it will actually provide a summary, of what that post is saying and what it might mean. So it could it could look through and read and say, well, this this post is expressing views that are, you know, expressing hatred of the government. They’re they’re talking about violence. You know, one of the reasons they’re saying this is because of x or y. So it’s the GNAI which is helping, in some ways, summarise and give a against the level of criteria that the analysts have inputted, what those things are and whether they rise to a threshold for the that they could be concerned about.

Malcolm Purcell [00:51:04]:
And the whole reason of that is just the ability to do that quickly. You know, you might have a 1,000 accounts you’re looking at, and and using that technology, you can narrow it down to a couple of dozen that require further investigation by an analyst. And, of course, they can adjust that risk aperture themselves as an organization. So we are using some of that today and, you know, in a in a sort of a an early sense. So I think it is yeah. The Gen AI can be can be an aid, it can be help it can be quite helpful there. And we’ve some of the people we’ve put that in front of recently have actually said, yeah, this can this can help. This can help my team because we’re overwhelmed with what we have to do today.

Malcolm Purcell [00:51:44]:
This can help, you know, at least direct onto the highest priority issues. It’s not saying that there’s others that you don’t want to get to, but at least if you can attend to the things which are most important first, that’s probably the best use of your resources.

Antony Reynolds [00:51:56]:
So the

Karissa Breen [00:51:56]:
last sort of question I’d like to close with today is you’re making something around, you know, potential sort of hatred of the government, so which could be deemed as a national security threat. So how do you where’s the equilibrium between people saying, well, that was free speech there, Balchem? I know there’s a lot of this whole free speech, and and that’s why x slash Twitter made a real resurgence to go through this. It’s the free speech. Like, where is that line though between when someone’s borderlining on a potential national security threat?

Malcolm Purcell [00:52:26]:
Yeah. And and so I think it’s a really important sort of distinction to make. I mean, as a company, there’s I don’t think it’s our role. It’s certainly not our role to be, an arbiter of what is what is mis or disinformation. There are other agencies, government organizations who are perhaps better placed to to make those calls rather than a sort of a privately held technology company. What I think is is helpful though is the ability to at least understand where that information is, so analysts can then make that decision and and look at it. Yeah. I think it’s a it’s a it’s a challenge.

Malcolm Purcell [00:52:58]:
Right? And and particularly in a democratic society, it should be something that’s debated and discussed because, you know, no one really owns the space. And people should have a right to express themselves. I think, you know, the example I was using before around things like generative AI, that is some of this work we’re doing for people who are going through processes. Maybe it’s a security clearance or being vetted for a certain role, where there are certain, you know, quite rightly, expectations around someone’s conduct or background that the organization employing them wants to know. So there’s some legitimate needs there, not just something that you’re throwing over a blanket over the the broader population and saying, well, do they adhere to a certain narrative or a certain political point of view? That’s not something that we’re involved in.

Karissa Breen [00:53:45]:
Joining me now in person is Jeff Lindholm, chief revenue officer at Lookout Technologies. And today, we’re discussing the mobile edge where the bad guys are focused. So, Jeff, thanks for joining, and welcome.

Jeff Lindholm [00:53:56]:
Thank you. Thank you for having me.

Karissa Breen [00:53:58]:
Okay. So, Jeff, over the last few days, you have spoken in the sessions that we’re at around the mobile edge. But from your perspective, you’re talking from a bad guy. This is what they focus on. So tell me a little bit more. Do you think that people forget about the edge?

Jeff Lindholm [00:54:15]:
Well, I so so the edge has many components to it, and we’re very much focused on the mobile edge and kind of specifically the most prolific mobile devices, which are Android and iOS devices with your phones and your pad tablets and and so forth. And I don’t think that it was ever forgotten about, but in terms of an area of the network environment to be concerned about, the mobile edge is certainly a critical one. And it may be that it’s not necessarily front and center on security leaders’ radar is because when the internet got built, you know, the infrastructure was already there. The, you know, the computers were there. And so all that infrastructure became integrated into the mandate of security. So everything got hardened and locked down and, and that was all good. The, you know, and there were certainly cellular phones, but they were really voice devices. So they were kind of outside the domain of security because they really weren’t generating any data and they weren’t really connecting to the Internet or connecting to the enterprise.

Jeff Lindholm [00:55:17]:
So there was probably about a a good 10 year stint where mobile devices weren’t really part weren’t part of the mobile or weren’t part of the edge itself. And that happened very quickly in terms of the adoption of mobile phones has exploded. And all of a sudden, you know, organizations have this massive access environment that’s connecting to the enterprise and really wasn’t well foreseen by the security organizations as as something to be integrated into that security process. I’m not saying that it’s something that’s forgotten about or it’s not something that’s on the minds of security people, but there I do see kind of variability in how seriously security organizations think about the mobile edge as something to, in essence, protect the the enterprise from. Because when security for mobile devices began, it was really about putting security software on the phones to protect the consumer. That me, the operator of the phone, making sure they’re trying to help me from getting hacked in my bank or whatever, my my sort of personal life. But over the last few years, what’s really happened is the mobile devices have be have been been weaponized as the way in to the enterprise to get access to data, to exfiltrate data that can turn into a whole bunch of horrible things, including ransomware, for example. And if you think about how important that is or how how core that is from a bad guy strategy perspective, just think about when people try to fish you.

Jeff Lindholm [00:56:49]:
Probably the last time on your laptop someone tried to fish you was some time ago. That’s really not where they go now. But, you know, the last time I tried to get fished was like yesterday on my phone. Right? So the the bad guys have figured out that’s the soft underbelly access place to get to to get in there. And so kind of what happens is, you know, these these phishing attempts, they get they basically try to fool you into giving up information. It can be your private information and bad things can happen there. But oftentimes it can be trying to get into the corporate data and environment. So you’re presented with something that looks very legitimate as a as a gateway or a portal into your enterprise, could be an Okta interface, could be any kind of, you know, authentication interface.

Jeff Lindholm [00:57:37]:
And they have varying degrees of authenticness authenticity to them. But sometimes, you know, sometimes they really look like the real deal and sometimes people are busy and there sometimes you’re on high alert. Sometimes you’re tired. Sometimes you’re not, so you can fall for it. But what happens is you go into this and you put in, you know, typical authentication information, username, password. But when you send that, it’s going to bad guy. And then the bad guy can take that information and then communicate back to you and say, give me your, 2 factor authentication token. So you go into your phone, you do that, you enter the number, and they see that as well.

Jeff Lindholm [00:58:14]:
And then they have a a window, a short window while that token is valid to basically take all of those credentials and get into the enterprise. And so once they’re in, then they can move about. Example, if it’s an Okta interface, which aggregates all the apps, now you can get into your Workday HR platform. You can get into your SFDC, you know, ERP system. You can whatever’s on Okta, you now have that bad guy now has access to. So it’s, you know, as I say, it’s just become the weapon of choice for the, for the bad guys. And I think, you know, we call it mobile EDR, mobile endpoint detection and response. And I just think I would urge, you know, security professionals to consider that mobile edge as kind of the the attack vector to a du jour and to really think about whether they’ve hardened the environment in the endpoints themselves and in in the security systems themselves to to really protect themselves.

Karissa Breen [00:59:13]:
So I have a question in terms of what you’re like, just to follow that talk track a bit more. So you said how seriously security sort of divisions are, you know, thinking about the mobile edge. Would you say and there’s a couple of things that’s going on my mind in terms of most people are on their phones all day. They’re not sitting on their laptops. It’s convenient. So I’m just curious that it does from what you’re saying, Jeff, it feels like perhaps that the mobile edge is just being relegated. Why is that?

Jeff Lindholm [00:59:39]:
Well, yeah. Because when you think about when phones first started to explode in terms of their use, again, they weren’t really a big accessor to the, you know, the corporate infrastructure. They were phones. Right? Or they were they they weren’t really seen as sort of integral to the enterprise environment. So it wasn’t like it was relegated to somebody else, but in the early days, it wasn’t the security people that administered those phones on behalf of the company if they did. It was really it was certainly part of the IT organization, but they weren’t security people. They were really device management people. And so if your organization still has put the responsibility for managing those devices in the hands of those operational people and it’s not in the hands of the security people, I think that’s a big vulnerability because because those the device management people, they’re not thinking about security the way security people think about it.

Jeff Lindholm [01:00:32]:
They’re they’re thinking about the operational aspect of the of the device itself. So I do see, you know, security organizations increasingly wanting to take kind of control of that part of the network infrastructure and and harden it and lock it down, but there’s still a lot of organizations that haven’t sort of pulled that whole device management responsibility into the security organization in a in a very centralized way as part of the multilayer security architecture.

Karissa Breen [01:01:02]:
So would you say from how you see the industry at the moment and the customers that you’re speaking to, it’s sort of a problem that sort of crept up on people? You said before, originally, it was like, yeah, but it didn’t have the same functionality. And even if you were to zoom out and look at behavior of how people are operating and most people are sending things on their phone rather than a laptop because they’re on the go, they’re working from anywhere, they’re in airports. It’s just easier. So because of that problem being sort of, you know, now now it’s here, it’s crept up on people. What do you what do you think happens now? What what are you sort of seeing, and how do people sort of overcome this problem?

Jeff Lindholm [01:01:35]:
Well, the first the first thing I say is is sort of recognizing that this is a threat vector that’s become pretty ubiquitous and pretty popular, bad guy. So it’s kind of like anything. Right? Recognition is this first step. Right? And then I would I would urge people to think about as they think about EDR, which is is a very well understood component of a security architecture, But in general terms, it’s really thought of as kind of the the edge of the laptops, the edge of the hosts in the environment. And so the mobile part of that now has to be considered as a peer of those other kinds of edge elements that need to be paid attention to. And so and there’s there are things you can do. Look out in this business. You can deploy software on the mobile devices that much better protects the enterprise from that credential theft and ultimately that data exfiltration.

Jeff Lindholm [01:02:28]:
So we are you know, somebody running the Lookout app on on the device is notified when there’s a phishing attempt, and that phishing attempt gets put into the SMS junk folder. And then you can go look at it, but it’s not in your name folder, and you’re notified of that. So there’s a lot it does to sort of get the these the endpoint user to just stop it in its tracks. Don’t even let it have the opportunity to propagate into the infrastructure. And then the other thing I would say that a lot of security organizations are building out know, more and more advanced what we there’s a there’s a function called SIM, which is a, you know, a platform where security events are kind of held, and and then there’s a there’s an area called SOAR, which is basically the automated response to that to the any threat that might be in there. And I think AI powered SIM and SOAR platforms are gonna become increasingly popular and increasingly utilized. And what’s great about this mobile technology and what what Lookout’s been doing is we have a tremendous amount of threat intelligence as well, and that threat intelligence is really, really critical signaling that would go into that SIM environment, into that SOAR environment so that it’s really organically part of the overall security intelligence platform. And to just to give you an example, we monitor we get telemetry from about a quarter 1,000,000,000 mobile devices, and we monitor about 350,000,000 mobile apps for malware.

Jeff Lindholm [01:04:07]:
So we we can play a large given that the mobile edge is increasingly, you know, a threat horizon and given that we have this intelligence that we can bring into the security operation, we can really integrate the mobile edge as part of a really secure platform and be integrated into this, you know, the the secure security process of of the organization, sort of on par with the other things you’d wanna know about that are signaling into that same SIM environment.

Karissa Breen [01:04:34]:
So you said before mobile is becoming more like its PO in terms of, like, laptops and things like that. So would you say that they’re on equal footing now?

Jeff Lindholm [01:04:43]:
No. I would say that the and from a threat perspective, you know, the mobile device is, as I think, far more dangerous, far more weaponized than than the laptops are.

Karissa Breen [01:04:53]:
I meant in terms of, the companies taking it seriously in terms of, weight. Yeah.

Jeff Lindholm [01:04:58]:
I it depends. I mean, it’s like anything. You know, I think there are a number of organizations in the public and private sector that sort of get it, and they’re you know, they they’ve already made the the the the moves to have global edge security integrated as a core layer in the security platform. But I there’s also you know, I’m surprised, in fact, that I when I talk to a number of of enterprises that they haven’t really crossed that bridge and sort of it’s that that mobile device management and even sort of the security of it is still kind of in the hands of the of the of the mobile platform operations people and not the security people. So, you know, I think one of the things I I like to do is just kind of evangelize this out there to, you know, members of the security organizations to say, you know, if that’s the way you’re doing it, you might wanna rethink that. You might wanna, you know, either partner with the people that are managing those devices more intently or or even sort of bring that into your core security architecture as a core layer of that infrastructure and integrated it to the security process and processes they have.

Karissa Breen [01:06:06]:
So I was trying to focus now on Lookout in terms of I’m curious to understand. So as you know, with how the world’s going, the whole gig economy, people are hiring more contractors, which would probably mean it’s a BYOD. They’re bringing their own phone. So is it just in terms of a process, I’m going to work at X company. I have my own phone. The process would be a download the look at app, which then means that when I if I were to roll off in terms of a contractor, it would just be, okay, I’m going to delete it now. Is that how I know that sounds very like I’ve skimmed over a lot of steps. So how easy it could be for be able to do that? Because I’m sort of looking at it from people all around the world now.

Karissa Breen [01:06:43]:
So how it would be so hard to govern that.

Jeff Lindholm [01:06:46]:
Yeah. That’s that’s a great question. And I think on the one hand so it’s super easy. Like, you you can go on the the Apple Store or Google Store and you can download the app. And, you know, interestingly enough, when we first started the company, our our our customer target were the consumers, not the enterprises. And the value proposition was about protecting the that somebody like me on my phone from getting hacked so that it didn’t get into my personal bank account or, you know, that kind of thing. So it was the value proposition was to me, the consumer, and that was all fine. But what’s happened and then that was, say, 10 years ago.

Jeff Lindholm [01:07:23]:
What’s happened since then, though, is these mobile devices now have been, as I said before, like weaponized as a way to breach the enterprise. And so and I don’t mean to say that, you know, CSOs are heartless, but, you know, they’re focused on protecting the enterprise. They’re not that focused on protecting my personal bank account with my phone. So part of that has been that that journey to the organizations, the enterprises kind of having the employees put that software on the phone. And there’s kind of 3 models. In the very extreme model, which might be like, say, a, you know, a defense organization, they may be so concerned about security that they’ll issue you a phone, and that phone will only be able to run specific applications, and you won’t be able to download Facebook or Twitter or anything like that. It’s just completely locked down phone. But that’s pretty that’s kind of a corner case.

Jeff Lindholm [01:08:20]:
Most most organizations aren’t going to do that. So then it falls down into sort of 2 camps. 1 is a 1 is a company provided device, and usually and the examples of companies that typically do that are, like, you know, large financial organizations. And and in that case, they’ll they’ll put the software on there. They’ll put a mobile device management piece of software in there so they can quarantine that phone, for example, if they want to from from from the SOC, from the security operations center. They can quarantine an application on that phone if it’s been deemed to have malware in it. So they can be very kind of proactive in that way. And then there’s BYOD, which is what I have.

Jeff Lindholm [01:08:57]:
This is my phone. You know, my my carrier sends me the bill. I pay the bill. But the so in in some ways, the the my company can’t mandate that I put a piece of software on my phone, but I’m happy to do it be for two reasons. One is it helps protect my company, and it helps still helps protect me, you know, from being attacked for my own personal asset. And it and the other I I think the other thing, sometimes people get a bit nervous, like, it’s like big brother is putting this on my phone, and he’s gonna be, like, be able to see, like, what I’m doing on my phone. That’s not the case. I mean, we don’t we don’t we’re not able to report, like, what websites you go to or, you know, or what SMSes you have on your phone, and none of all of that is obfuscated.

Jeff Lindholm [01:09:42]:
It’s it’s it’s it’s not even possible with with the system, but, you know, some some people jump to the conclusion that it’s it’s it’s gonna be an intrusive thing and a privacy thing, but it’s really not. It’s it’s it’s much more helping me identify those phishing attacks, helping me identify those impersonation attacks within the organization. And it’s just sending kind of metadata to the organization so that they’re getting a sense of the security profile of the employees in the company and and and and what devices have possibly been activated as a weapon against the enterprise.

Karissa Breen [01:10:18]:
So going back to the telemetry side of things, you said quarter of a quarter of a 1000000000 devices that you guys are tracking. So people sometimes they approach me and they say, oh, Kaby, I think I might have malware on my phone. There’s no way to really tell. Right? Unless you’re saying in terms of your technology. Because out of the telemetry you’re tracking, how many people would you say they’ve got malware on their phone and don’t know

Antony Reynolds [01:10:40]:
about it? I don’t know what the number is, but it’s

Jeff Lindholm [01:10:40]:
probably a lot. And, obviously, depending on how you know, if if you’re someone that likes to have a lot of apps on their phone, it’s a lot higher than somebody that doesn’t like to have a lot. I actually have people go, you got a lot of apps on your phone. Not not from a security sense. It’s just like the you have to go, like, to scroll through 5 screens to see all the icons of the apps, which they say would drive you crazy.

Karissa Breen [01:11:01]:
So statistically, there’s probably malware. So if you had, like, a 100 apps, there’s probably a high chance you have malware, especially if it’s some dodgy game that was being advertised on Instagram and you download it. There’s a high chance, but you’d never know that.

Jeff Lindholm [01:11:14]:
Well, there are indicators that we actually we actually measure. Right? So, like You’re

Karissa Breen [01:11:18]:
saying just someone without the software.

Jeff Lindholm [01:11:20]:
Oh, yeah. You’re I would chances are if you’ve got a, you know, 100 apps, you know, there’s some malware in there somewhere for sure. And that’s why we monitor these, you know, 100 of millions of apps because we’re cuss we’re saying, is there malware in this app?

Karissa Breen [01:11:32]:
So you’re looking at apps more specifically? Yeah.

Jeff Lindholm [01:11:34]:
We look at 350,000,000 apps, and we look for malware in those apps, like, constantly. Right? So chances are if we’re looking at 350,000,000, we probably got your 100 covered.

Karissa Breen [01:11:45]:
So just I’m curious. Okay. This is really interesting. So I’m curious to know, like, typically speaking and generally, is there any sort of apps that technically have more malware? Is it games? Is it the photos that you can, you know, Photoshop your face and your body? Is it is there anything more specific that stands out perhaps?

Jeff Lindholm [01:12:03]:
You know, certainly things that have large populations of users are gonna be attractive places for people to put malware into. So social media platforms is a good example. Gaming platforms can be a good example.

Karissa Breen [01:12:17]:
So even Instagram and all of those

Jeff Lindholm [01:12:19]:
It’s not that the app themself has malware in it, but those apps are used to do malicious things, and we can watch for that, right, as well. But certainly, a lot of apps have malware embedded in them.

Karissa Breen [01:12:31]:
As soon as you download them.

Jeff Lindholm [01:12:32]:
Yeah. And they and they they look to you like they’re doing what they’re supposed to do, but there’s processes working in the background that are doing doing bad things.

Karissa Breen [01:12:40]:
And what would those things look like in terms of I there’s me. I download an app because I was curious. Now there’s malware. What potentially could be the risk of that for an as an example?

Jeff Lindholm [01:12:51]:
They could have software in there that you think you’re just running this game, but what it’s really doing is it’s capturing all your clicks on your phone, like monitoring what you’re doing on your phone and it’s saving that and potentially sending that somewhere to somebody who wants to see exactly what you’re doing so they can they can target you. So

Karissa Breen [01:13:09]:
So what does, like, iOS Apple Store, what do they say? Can’t hit can’t governance too hard? What would be their response then to this?

Jeff Lindholm [01:13:16]:
And the reason we have to build the this software is because I mean, there’s certainly a lot of security that the the operating system people are always putting. Every time you upgrade, they’re adding they’re making it more more secure. So there’s no there’s no criticism of of that, but but those operating systems are somewhat I mean, they don’t really provide telemetry to the enterprise or the user. They may provide telemetry to them, but not to the enterprise. So that’s why we built this ecosystem around the operating systems that look at all the applications that are running, look at how the phone’s even behaving physically and look and look for, you know, malicious attacks like phishing, but we can even, you know, things like, Hey, you’ve got one app open or 2 apps open and your battery usage is really, really high. Like that shouldn’t be, right? If all I have open is my mail app and my battery’s draining really fast, that kind well, faster than it should. Faster than you know, if I have one app open, you would think your battery should be your battery your power usage should be this, but in fact, it’s that. And why would that be? Because these things in background from the malware are happening on your phone that are using power from the battery.

Karissa Breen [01:14:36]:
In brief.

Jeff Lindholm [01:14:36]:
So we can even set alarms, like, you know, given what’s what’s running and given how fast the battery is being depleted, that’s a signal.

Karissa Breen [01:14:44]:
So, Jeff, in terms of any sort of closing comments or final thoughts, what would you like to leave our audience with today?

Jeff Lindholm [01:14:49]:
Well, I I I go back to what I said. I’d say, you know, if you if if you’re in the security realm and you don’t have your arms around, you know, the mobile edge as a place to build security for and around, you should start to think about it because as as I said, I I think the mobile edge is probably the most popular and growing attack vector for for bad guys, more so than maybe any other edge device. So it’s definitely needs to be paid attention to. If you’re not, I would urge you to do that and figure out how to how to, you know, protect yourself. And I think as a result of all of that attack activity happening on the mobile devices, One of the other values, as I mentioned before, is is the telemetry and the threat intelligence we have, and and our customers consume that threat intelligence. So they’re not only getting the information from the users within their own private community, but they’re actually leveraging sort of all the global telemetry that we’re getting, and they can and now with these sort of advanced platform systems, the sort of the sort of new generation of SIMs, we can feed that data in there to be integrated with the other data and give you a much more robust context as to what’s happening.

Karissa Breen [01:16:03]:
And there you have it. This is KB on the go. Stay tuned for more.