Ransomware, The Dark Web and You: Protecting You and Your Business From Online Threats – Webinar Replay

Good morning, everybody. And thank you very much for participating in today's webinar, as many of you know, this month of Cybersecurity Awareness Month, and as the name suggests, awareness is essential for protecting yourself, your family, in your business from threats and bad actors online. The FBI reported last year that nearly 800,000 reports of cybercrime with a total loss of exceeding $4 billion Yes, $4 billion. We've seen we've all seen reports of data breaches in the news ransomware attacks. The reality of is this problem is not going away anytime soon. Unfortunately, our goal this morning is to help you understand some of the most common threats. Discuss how the threat landscape is changing, and suggest some of the ways you can reduce the risk of being a victim. We're joined today by a group of experts in Cybersecurity Information Security in fraud. I'm thrilled. Absolutely thrilled to be joined by a wonderful panel today. Tucker Bailey, Managing Director and cybersecurity Practice Lead at McKinsey and Company, nyan Patel, Vice President Product Management Deposits century and cyber open solutions at Pfizer, in Warren Jones. Warren is the US head of fraud risk management at Santander, a wonderful panel, I'm really excited to talk to the team about the topics that we've outlined. So let's get going. I think we're going to start off with a poll question for the audience to kick things off. So if you don't mind, which of the following threats concern you the most is business, email compromised? Ransomware, identity theft, payment fraud, third party data breaches, these are all scary things and all important topics, but we really want to get you engaged right off the bat and get a sense of what your thoughts are. We're going to give you a couple seconds to post your answer. Oh, okay. So identity theft that 54.9% and ransomware at 25.5%. It very interesting, from my perspective, only gives let me get let me give the opportunity for the panel to react to this Tucker 50 54.9%. Does that resonate with you? You know, it does when you think about as individuals, I think this is where cybersecurity is most meaningful to many people, right? It's recognize the proliferation of our information that is out in the public or semi public domain. And combined with your commercials for identity protection services, and all that kind of stuff. I think this is where it feels most applicable to us as individuals. I think there's a question of, you know, where's the most impact on an enterprise side, but certainly as individuals, this is, I think, where where it hits home for folks. Identity theft, it's it's near and dear to us as individuals, it can also impact our business and our organizations. Because if we're an owner of an entity, we work for an entity often, our own compromised information can be targeted can be used to target account takeover and some sorts of cyber fraud attempts against an organization. Identity theft, it can lead to various forms of, you know, business, email compromised payment fraud. So, these these threats are, are kind of one in the same here and the impact that they can have on us. You know, one thing that we can do to to make sure were protecting ourselves from identity theft is you know, check your credit reports annually. Make sure you're signing up for notifications from the Bureau's if you're not planning on obtaining credit or making large purchases, and then your future you can put, you know, a temporary freeze on and remove that now, with just a PIN number. It's very simple to do. So. There's certainly a lot of resources and tools available to us to protect ourselves as individuals and in the organizations we work for. And nine Warren made a good point about they're interrelated, right so identity theft related to payment fraud. I would imagine Well, some comments on that, too. Yeah, I mean, this really does resonate, I think with identity theft. It's it's especially for the things that we do right for to protect our customers and whatnot. Identity theft is one of the toughest things to trace back to figure out that it was really illegitimate. And right, and that's why this resonates that everyone said that voted that as the highest thing, because you can't then call up your bank or your credit card company and say, hey, it wasn't me. Well, how do I know? Right? And so that's very difficult. As Tucker said, once you have somebody whose identity, it's your key, right? Then you can any of these other things can happen from it. So I think a smart audience out there, right, saying identity theft, because that really is the thing that's toughest to track going backwards, right? Yeah. And then I'll pick up on this a little bit is, you know, identity theft. We've got some good questions already coming in about social engineering. Right. So which also ties to beat business email compromised? So. So these are these are really important concerns. Do we see additional current concerns outside of this as well? I'll open that up to you guys. Yeah, yeah, you know, device compromise. And, you know, using sophisticated forms of account takeover, like porting fraud and sim swap on on a mobile phone. Often, again, identity theft is the root of that compromised consumer information that can be used to bypass authentication with a mobile network provider, or a telco utility company, to then take over a device to then take over an account with your financial institution. So it's all interrelated, it comes back to making sure you're taking the onus and the responsibility to secure your own information. Do you gentlemen, do you believe that the pandemic has altered the cyber security landscape? Do you think these types of threats are more pronounced out now or less pronounced because of the pandemic? Shawn, I can jump in there, I think one of the things that we're seeing is that the pandemic has really increased the surface area that attackers can target. So as more work has been pushed to remote environments, you're seeing a proliferation of endpoints, sometimes outside of company VPN is they just struggle to get work out the door when people couldn't come in the office, especially in the early days. But I think kind of the proliferation of new targets. The other thing we're seeing is attackers are adapting their techniques to take advantage of some of the lack of information or disinformation or misinformation. So phishing campaigns, for example, have taken on the tone. Hey, here's the latest COVID information, click here for the latest updates. And it's since they're in a whole new category of users that maybe haven't been exposed to that, because they haven't been kind of in that work from home environment. So they were seeing an expansion of the surface area and an adaptation of tactics from some of the attackers. Yeah, and I would say that the behaviors, right, all of our behaviors have changed in a permanent way. For sure. And to Tucker's point, I don't know that the criminals have developed new ways to defraud all of us, right. But they're certainly using what what COVID has brought upon us to their benefit to kind of expand within their channels, right, that they're doing. So for instance, you know, I think in late spring, early summer, last year, the FBI put out a warning around mobile banking apps acting as a, a large way for malware to be dropped onto all of our, you know, laptops or phones, or whatever the case may be. And that has increased significantly, in fact, it within our customer base at Pfizer, I do executive briefings quite frequently in that small community banks especially, what we saw is that around 50 to 60%, of every group that I went to, had some sort of unauthorized mobile banking app out there, that that was on a not an authorized means non Apple, non Google. So you get an email, say, hey, go get this mobile banking app, it's on a store that you don't recognize. And that's very easy to get confused. Any one of us could get confused about that as well. And in five seconds, you have malware, right? And then from there comes all the other categories that you talked about previously. And so we have seen that those things have been taking off right, you know, pre pandemic, and now they've exploded upon the ways and the return on investment for criminals. And that's a theme throughout all of this is, is they don't need a lot of this to be successful. for them to make money, which is what this is all about, right? What do we do at Santanu? To prevent that? Because that's a that is really pronounced in very insightful. Nyan what do we do at Santander to help the word that type of? How do you describe it? Deception? Yeah, it's a great question. It starts with deterrence. It's making sure that we have an educated workforce who can know what a red flag looks like, who makes sure that we're taking care when a customer is calling in or a potential fraudsters calling in trying to take over an account, knowing what to look for. It's having an educated consumer and educated client, who is making sure that if they don't trust the source of where they're being contacted, hang up the phone, don't respond to the text, contact your bank, where the bank is not going to ask you to provide past codes, credentials, install applications on your device to then remote into your device. We have, you know, privacy sites, security sites online, that's public that we, you know, refresh periodically, to make sure we're presenting to our customers, merging trends, ways that they can protect themselves. We did a scam awareness email this quarter, to our clients, because we've noticed an increase in scam, authorized push payment fraud, where again, going back to stolen consumer information, fraudsters are contacting customers, impersonating them, impersonating a bank and Agent impersonating another utility company or a merchant that the client uses to then get information over the phone take over their account. So we're putting a lot of information out to our customers to make sure that they're aware of when the bank will contact them and when they will not. And then from deterrence, it goes into, you know, prevention, making sure that you have the right contact data on file to authenticate a payment be notified if something unusual is happening, make sure you have a token to release a payment. And you're using that if it's available to you by your financial institution, making sure you're signing up for positive pay if you have checks, ACH positive pay, if you use transactional banking. So there's a lot of tools that you know, fraud controls that we make available to our clients as well. Yeah, I'm just gonna I'm gonna jump in real quick. This is a really interesting question about US banks and foreign banks. As far as protecting customers. That was insightful question. In the US, just for our audience on the the United States regulatory environment is debatably, the strictest environment on the planet. And having worked in experienced other regulators across the globe, this is something that US banks are fully focused on and were examined to so from Federal Reserve Bank, the Office of calm control, the FDIC, the OCC, the CFPB, the state regulators, this is an area of focus for, for all those regulators in the US banks. And there's a consumer amount of thought and resources poured into protecting our customers, because we don't have customers that trust us, we won't have customers. So I think Warren, thank you very much for that. That outline, but I just wanted to pick up on a question that was coming in right now. You know, now let me let me move the conversation to you a little bit. Let's talk about ransomware a little bit, it's always in the news. Can you explain what ransomware is? Yeah, sure. At a very high level without getting into the nitty gritty, right, it's just it's malicious software, that that gets on to your you know, your network, your devices, your your laptops, workstations, servers, whatever the case may be point of sale transactions, whatever the case may be, right. And, and it's used to lock up or deny access to the information that's on it, which is obviously important to all of us, right? And so they use the fact that it's important to you to then extract most of the time dollars, right, the hot money, right? So for for payment, very small times it's politically motivated, but I think for for most of our purposes, it's about money. And the thing about it is that it can render your operation completely useless. Whether you have two workstations to take on payments or your you know, a C level at an enterprise, you might have 1000s of devices and servers and things of that nature. Very quickly. It can run Your entire operation, kind of just in pause, and you cannot then service your community, whoever your community is. And those things get in. Very commonly, Verizon does a global breach report. And then they'll tell you over the last few years, from 90 to 93 94%, of malware, ransomware is coming through email. So everyone identify business, email, compromise, etc. But, but it all starts with that, and Warren said, some some really key things there. But I just say if something seems off, it's off, hang up the phone, don't click on the email. If somebody if somebody needs you, they'll get back to you. Right, one way or another. I think it's really been robbed. Ransomware just really quickly, Shawn around with Fiserv, we service banks and credit unions in the US and around the world, but mostly in the US. And what we're seeing certainly in the community banking space, which affects all of us, right, we're seeing ransomware, very prevalent, we've seen a lot of our clients be shut down, due to ransomware, due to not having the in some of the things that Tucker and Warren mentioned, you know, kind of proactive measures in place. And really, it's all about, we only have so much money all of us together, it's about spending that money in the most efficient way possible, for the things that you're being attacked on the most right. And so so it's really important. And we'll get to some of that a little bit later on, I think as well. Yeah, Tucker, I'm gonna bring you into the conversation here. Because there's a lot of conversation about the rise of cybercrime, and not even had a good point is like, he's talking about ransomware, and extracting money from a company that basically says, Hey, I've locked up your critical services, pay me and I'll unlock them. By the way, they're criminals. And they don't always stay true to their work. Let's just say that they don't always unlock after you pay, they'll say pay me again. But from your view, Tucker, because you've got a really unique position at McKinsey is you see it just as nine does, do you see a big landscape? Can you give us a sense of who's behind the rise of cybercrime? And it can you segment that a little bit? Because there's a lot of talk about nation states versus criminals versus some really smart kid in his mom's basement, who's disgruntled and breaking in? And, you know, there's all these kinds of things, and you frame that a little bit for us? Sure, I'd offer I think there were four primary reasons that you see cyber activity. One is kind of a version of nation state conflicts, so you know, activities below the level of warfare, espionage, you know, etc. So that that is clearly one. And I will say the private sector gets pulled into that particular components of the defense, industrial base, critical national infrastructure, etc. Right. I think, you know, there are state actors that are actively targeting private sector institutions to gain a strategic foothold for kind of interstate conflict type purposes. The second is intellectual property that so this this link sensitive plans, could be stealing customer information, by and large, it's stealing your trade secrets, market moving information that can be monetized, you know, after the fact, or for nation states or foreign corporations to gain a competitive advantage or in their perception level, the playing field. So identities that does the Secretary of IP that the the second, the third, and this gets to kind of the perspective of the hacker in the parents basement is more kind of anarchic type behavior, or vandalism, that kind of stuff. I think, in the early days that those were a lot of the attacks that you saw people taking down sites because they could and gaining some cred in the hacker community. I think the industry, if you will, has professionalized quite a bit since then. So yes, you still see that, but the reality is, is that's not the primary threat these days. And the fourth one is the one we've been talking about, which is cyber enabled fraud. Right. So traditional fraudsters trying to gain financial advantage through alternate means. And that's what I think we're seeing driving a lot of the uptick along with kind of the nation state, we don't see a lot of nations, they may be day to day and financial service, but it's they're the one that we see quite a bit is is kind of financial crime. And that goes back to the Willie Sutton rule. Right? Why do you rob banks, that's where the money is right? And cyber has presented a very effective means of doing that. And ransomware is the latest way that the fraudsters are monetizing that capability. So instead of going in and doing account takeovers and siphoning money out, which gets very difficult to scale, they're now targeting corporations with ransomware. And the thing about ransomware is it's kind of the great equalizer right? Every company now is subject to ransomware whether you have customer records that can be used for account takeover or not. So that I think is the main reason we're seeing this uptake is because of the availability. So as companies are getting smarter on ransomware, you're seeing the attackers evolve their, their techniques, right. So there's, we're going to lock up your data, pay us money, and will give you the keys to encrypt it. And As Sean mentioned, right, there's varying levels of credibility, right on our mark fees, which are the trustworthy hackers, and which are the ones that, you know, may re victimize you. Another trend we're starting to see is not just locking up company's data, but actually extorting them as well, which is pay us once to give us the keys to unlock your data, pay us twice to keep us from dumping it on the dark web or in an open web form where others can see it. And you know, they're limited only by their creativity. So, you know, a lot of our customers, our clients are starting to think through what's the next way, right. So beyond ransomware, what's coming next, and concerns about how they might use disinformation misinformation, to to monetize some of their capabilities. But But let me pause there. Yeah. I mean, it begs the question, I mean, we all want to just bunker up and not ever do anything online again, right? I mean, it's it sounds that way. So Warren, can you address that? I mean, what are we are we safe and transacting online? Yes, we're safe and transacting online, it's, again about being educated. If something seems too good to be true, it might be if you're not too, or it is, if you're not aware of the source, the destination of the funds, where you're sending money to hang up, contact your bank, don't send that payment. It goes back to, you know, being educated and, and having the right deterrence capabilities in place to know what is good versus what is bad. Where we have new authorized push payment, account takeover trends that are picking up in across the industry, using compromised digital banking credentials, using compromised consumer information, to then take over an account online, get a push notification or a one time passcode sent to the consumer and deceiving the consumer to release the payment. We're seeing banks defenses, challenge the online banking access from an unrecognized device, challenge a payment to a new beneficiary or a new source. Yet customers are still releasing the payment, they're still pushing the button to gain access to online banking. So you know, when a bank's defenses or a merchants defenses are picking up something unusual, it's still up to us, as a consumer, to make sure that were on guard, we know what is what is good versus unusual. And if we don't trust it, don't release it. So we're safe. But we actually do have a lot of accountability ourselves, to make sure where we're doing the right things online. Matt, it's interesting, because it's almost as a convergence between in your professional life performing functions as a treasurer, Assistant Treasurer, whatever the case is, and all the controls that you need to have in place, right. So do I have multi factor authentication, you know, five years, 1015 years ago, no one knew what that was. Right. So now people professionally know exactly what that is. But in your in your personal life, you should ask the why multifactor authentication, right. So. So it's, it's to me, it's an interesting observation, because the cyber crimes are now everywhere. They're in everybody's lives. They're in social media, they're on your kids on gaming sites, right? They're on their Xbox, and they're getting compromised. It's it's not just your bank account, in this this convergence of just understanding of how to protect yourself in the population, our customers, our retail customers, and then just in general, like my mom whose ad, right I mean, we've got to educate people on exactly what you're talking about Warren is if it seems too good to be true, it is right. It's you have to be vigilant you have to be you have to question everything in trust you what you need to do is trust but verify. Exactly, exactly. It's interesting. So I'm going to I'm going to pivot a little bit you know, nine, I'm going to go to the one of the I would say one of the misunderstood or spooky kind of topics is it's Halloween. So it's obviously October Awareness Month, but what's the dark web and how does it exist? In what's out there? Yeah, great question. I'm sure Tucker has some great insights as well on that. It sounds like he's, he's floating around in there understanding all the mysteries of the dark web, but but essentially right and, and, you know, we talk about to, to our clients and to our associates, everybody, you, I think you said it, the melding of your personal lives and your work lives to be secure, it's very, very important. The security you bring to work as it should be the same security bring home personally, and so on and so forth. We look at kind of, you know, the, the outer ring of attack services that Tucker talked about earlier on, right as the internet, and then anything that's accessible through the internet, or you type in www dot, whatever. And things are accessible, your online banking sites, etc. And then within the internet, there's a subset that deep and dark web are so slightly to two different things. But really, just to boil it down it, you just need another set of software in order to access the deep and dark web, right. And so it's just, it's just a subset of the internet. But you need software in order to access it different software, not Google. Right, some different software, but within there, and I'm sure Tucker will add a little bit more detail to that. But within there, what we're seeing, I like to call it, the Silicon Valley cybercrime, right, that's where all the good ideas are taking place. That's where new ideas are being hatched. That's where our customers and clients and their account data, if it has been breached, and has been exfiltrated is being traded for it's being sold there, for what purpose for account fraud, right, so that people can then you know, take out money from people's accounts, and then so on, and so forth. So it's an entire marketplace. And the other thing I'll say is, that's where ransomware as a service, it's done. So now criminals really have a really efficient way from a monetary perspective to go and commit their crimes. Right, because they have a community behind them as an entire community. And, and I think one of the things that we see, especially within our client bases, we are trying to create always a community around defending ourselves, because the criminals have a community around proliferating, you know, malicious software, and ransomware and account fraud and all those kinds of things. So, so, so that So in short, Shawn, you know, the deep and dark web, that's where that's where a lot of the criminal behavior, and the criminal community comes up with their ideas, uses your data figures out the best way to monetize what's out there and available. So, so Tucker, I'm gonna throw this over to you. So you know, we often get you know, if you have a credit watch, or you have a service that's looking in, you know, kind of tracking you on be, you know, on behalf of you in the dark web, because none of us could go into the dark web, right? You know, if you get notified of, Hey, your informations on the dark web. Any thoughts like what, what should we do? Yeah, Shawn, great, great question. I think that picks up on a couple of questions in the chat as well, you know, is nine mentioned that the dark web, just a portion of the internet that's kind of invisible to, you know, most legitimate users of the internet, right? It sits behind several layers of obfuscation. And so, as a result, there's a bit of a cat and mouse game of okay, we know that the criminals operate in the dark web, they're sharing compromise, PII customer account information that you monetize, often sharing toolkits, etc. So there's a whole industry that sprung up of, you know, for lack of a better term, good guys, right? That are trying to infiltrate the dark web and see, hey, what's going on in there, what potential exploits are being sold, what customer data is out there available for sale, they then package that up, and, you know, push that out to threat intelligence providers, financial service firms, etc, to say, Hey, your account and here's account information associated with your domain that's for sale on the dark web. Similarly, for some of the identity protection organizations, password managers and other I don't know if any of you use, for example, Google password manager, but they will say, hey, you know, a couple of your passwords that are in your password manager have been associated with, you know, dark websites, and you're the most logical response when you get those rights and you trust your Password Manager, which you have a good one you should is to change that password. The second thing, which is a bit more of a basic hygiene is just don't reuse your passwords, right? So have dedicated passwords for individual sites, because what these fraudsters will do is, you know, if they see a password associated with one of your accounts for sale on the dark web, they'll take that password and then try it On every account where you may have a presence without associated email address, and try to get lucky. So if you're not reusing your passwords, but have unique passwords for each side, you'll limit that potential for for spillover. So Shawn, that's, that's the advice that we give people is having any passwords for each individual site, particularly important ones. And to you know, use a password manager or password vault because they subscribe to these threat intelligence services. And when one of your accounts is potentially compromised, either your username, your email address, or your password don't notify you when you get that notification, change that password and any associated accounts immediately. Yeah, that's great advice. Tucker's oftentimes, you see people have one username password for fourth, four or five sites who have that one sites compromise, that person knows who you are, and then who knows, right, they if they get lucky, they can hit 234 of the other sites that you have the same username password on so you know, that's, that's a really good recommendation. More, I'm going to go back to you a little bit in terms of business banking, or retail banking, specific tools and practices they should implement implement to reduce the risks of being scammed. So we talked a lot, we talked a lot of around the edges, a lot of things, but some of the questions that are coming in are really about what should I be doing specifically for my bank application? Yeah, good question. Kind of jumping off what you and Tucker were just discussing with email password changes, and changing your passwords frequently having unique passwords. That's really important for a policy that you should put in place at your own business, make sure that you know, you're changing your own business passwords, having your own employees change their network passwords, their credentials, quite often, we do see, you know, whether it's bots or programs that have password checkers, and if they get one right and you use that password or recycle that password, then you're exposing yourself to ato and other areas. One, another good thing you can do is to make sure you're you're you're only sharing credentials with aggregators, or companies that you trust, having that information. Some entities will actually allow you to manage your devices, make sure you're doing things like reviewing that kicking out devices, who shouldn't have access to your digital accounts. And, you know, keep keep an eye on that quite frequently. Make sure you're training your employees, if you own a small business, if you operate an entity from the top down, have employee fraud awareness training, make sure that they're not, you know, they know not to click an email, hyperlink in an email, because that's how ransomware can get in and infiltrate the entire organization, make sure that employees who are releasing payments have a multi factor tool, like a token, or the ability to get an OTP to release a payment, put in dual approvals on payments. So you're not just trusting a single employee to pay a vendor or an invoice, or be responsible for the billing aspect of your business. So it's a lot about having dual accountability, dual responsibility, dual approval, and taking some of those deterrence measures in your own hands to make sure you have an educated workforce. Yeah, so so I'll broaden it a little bit. This is really for everybody. Right? So we've talked a lot about the scary stuff, right? We've talked a lot about AI. Hopefully, this has been educational. And we've provided some suggestions to the audience. But we know we've talked about a lot of things. With the new threats popping up all the time. Are there particular places, or areas on the internet, where we should go to keep up the keep up to date and how to defend ourselves? Do you guys have suggestions for that? Santander Bank privacy and security hub? Well, there's one right? Well, yeah, I mean, that. I mean, it's, it's a bit of a plug born, but it is true, right? I mean, that if you have a trusted provider, a service provider, or a bank, whatever it is, most of those institutions have sites where you can get specific details on how to protect yourself for at least for financial track transactions. In general, though, what what do you guys what do you guys rely on? I guess is what I'm maybe a better way to frame the question. I go to the Bureau's quite a bit actually. I'm the credit bureaus with some of the FAQs, they have resources they have available for notifications. free credit report calm I think it is or annual credit report.com is where all consumers can go to run a credit report annually for free once a year, get all three major bureaus statements and see if there's any inquiries, disputes, accounts, you don't recognize information that was put on your credit file by a fraudster by an adversary to then take over your credit profile and originate new accounts. So I go to the Bureau's quite often Sean. Sean we do it, we do a few different things depending on what we're looking for. Right. So we, we do the same thing at Fiserv, we we put things out on our website under pfizer.com, forward slash cyber protect where we we put out information regarding what we're seeing out in the industry that would that would impact our clients, consumers, right, which is all of us right out here. Pfizer, in general, we belong to a bunch of information sharing organizations FSI sack is is one of those right? And, and Tucker mentioned the word threat intelligence, which is this big, big word, right? But, but being piped into what is happening in the world, around new new threats, that are coming in on a daily basis, really important, not individually to look at that data. But the tools that you use to be using that data to protect you is super important. So if you're part of a larger organization, being part of some of that information, sharing and getting the right threat intelligence, to inform you is great. The other thing and I see this in some of the questions out there, you know, we there's a lot of great kind of anti malware, I'll say that anti virus, what's now called next gen antivirus providers out there, I'm not here to shill anybody's but but CrowdStrike and carbon black and Sentinel one and Microsoft defender for endpoint and all of those. They provide great insight as well to their customer base, once you're a customer so, and they do a lot of great cloud based sharing CrowdStrike. The name right comes from sharing crowd of all the malicious activity that's going on out there. And frankly, I think most of us some way or another customer of Microsoft, Microsoft has great resources, because they're collecting signals all the time because of all of their users around threat information. So I think there's various sources, depending on what you're looking for Sean, and Sean all out in one piece. And I think this is true for individuals as well as corporations, you know, on the corporate side that don't overlook basic hygiene, right. So maintaining patch currency and and ensure that all of your critical systems are fully patched. You know, it's it's shocking the number of cyber breaches the result of a known vulnerability that had not been patched in environment. And the other is proliferate the use of multi factor authentication, right, this is often low hanging fruit corporations are doing it more and more for their critical applications. But as individuals, right, going back to your own accounts, many providers now are giving the option and some are mandating use of multi factor authentication, which is beyond username and password, have them send you a text or authenticate, you know, and some other secondary way. I'd encourage everybody to take advantage of those and use multi factor authentication as often as is available. Yeah, that's a great suggestion. Tucker nine and Warren. I'm gonna pivot a little bit. Tucker, I'm going to I'm going to go back to you, right, I'm going to ask you to break open the crystal ball. Right, and basically say, hey, you know, three years from now, what do you think the security landscape is going to look like for corporations? Do you think it's going to get worse? Do you think it's going to get better? Where do you think though, if it's going to get worse, where do you think that the threat vector is going to come from? Or are just generally your thoughts around that? But Thanks, Shawn, we didn't say this is being recorded, right? So we can we can go back three years from now. The pessimistic view of the world says, Hey, there's a lot of innovation happening in attacker space. And the attackers only have to be the lucky one. And as enterprises were defending our networks, we have to be lucky every second of every day. The optimistic view of the world says look as we're getting smarter about security, right, we're figuring out ways to increase the ability of defenders to protect critical information through some of the things we've talked about right? Multifactor authentic Micro segmentation of networks. So if one part is compromised, it doesn't spill over everywhere else. New architectures increasingly as workloads are moving to the cloud, these cloud service providers have incredibly resilient infrastructures, and they have the scale to protect them, defend them in the ways that many enterprises don't if you're using on prem solutions, so as long as you can get smart about the configuration of those cloud buckets, right, those architectures are actually increasingly secure. And then similarly, you know, we're seeing security actually shift from being something that's considered after the fact to something that's considered up front as you're designing new architectures, as you're designing new applications, right security's embedded from day one, to design secure applications, not to try to secure applications after the fact. Right, so I think there is good news here. And I think we are seeing some innovation, things like zero trust networking, where we're just assuming that everything on the network is not trustworthy, and has to authenticate itself. So I think if we play the clock forward five years, you're gonna see the reduction and kind of the day to day, cyber type of exploits that are just taking advantage of poor configurations, poor design that's been bolted on the internet for the last 20 years, as we go to a more thoughtful design. But I do think the motivation and incentives for the attackers are still going to be there. So I think you'll see more and more exquisite exploits that take advantage of kind of unique vulnerabilities. But that's that's my, you know, if I hadn't looked into the crystal ball, Shawn, that's that's kind of how I would see it unfolding.