Transcripts

This Week in Enterprise Tech Episode 546 Transcript

Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show.


Lou Maresca (00:00:00):
On this week, enterprise tech, we have Mr. Brian Chey, Mr. Curtis Franklin, back on the show. Human Fallibility, are we the weakest link in an organization? Security? Our panel talks about some possible solutions there. Plus our guest today, Nick Vache, security leader at Talend. He's gonna talk about maintaining agility, data agility, and accelerating your time to compliance, but ensuring security, privacy, and governance, some really hard tasks. You definitely should miss it. Quiet on the set

TWIT intro (00:00:30):
Podcasts you love from people you trust.

Lou Maresca (00:00:42):
This is twit this week in Enterprise Tech, episode 5 46. Record June 2nd, 2023. The chat, G P t Balancing Act. This episode of this weekend, enterprise Deck is brought to you by Duo. Duo protects against breaches with the leading access management suite, providing strong multi-layered defenses to only allow legitimate users in. For any organization concerned about being breached and needs a solution, fast Duo quickly enables strong security and improves user productivity. Visit cs.co/twit today for a free trial and by bit warden, get the password manager that offers a robust and cost effective solution that drastically increases your chances of staying safe online. Get started with a free trial of a teams or enterprise plan, or get started for free across all devices as an individual user at bit warden.com/twit and by Miro. Miro is your team's online workspace to connect, collaborate and create together. Tap into a way to map processes, systems, and plans with the whole team. Get your first three boards for free to start creating your best work yet at miro.com/podcast. Welcome to twit this week in enterprise tech, the show that is dedicated to you, the enterprise professional, the IT pro, and that geek who just wants to know how this world's connected. I'm your host Lewis Maka, your guide through the big world of the enterprise, but I can't gad you by myself. I need to bring in the professionals and the experts, starting with principal analyst. And I'm Dia the man who has the pulse of the enterprise. He's our very own Mr. Kish Franklin. Curtis is great to see you, my friend. How are you?

Curt Franklin (00:02:27):
Hey, it is great to be here, Lou doing well down here in the Sunshine State talking to a lot of people about risk lately and how we're putting numbers to the risk and then what we're doing with those numbers. A lot of fun stuff. Had a piece up on dark reading this week. More stuff for our Omnia subscribers. So it's been a busy week, nothing but acceleration for that. Busyness ahead for the next couple of months. Can't wait to tell people about it Later on

Brian Chee (00:02:59):
Here on quiet.

Lou Maresca (00:03:00):
Looking forward to it, looking forward. Well, welcome back. Well, we also have to welcome back our network geek, Mr. Brian Chi. He's always cooking something up and putting something together. Sheer what's, what's cooking this week?

Brian Chee (00:03:11):
I I'm actually working on a steam punk cover for an equipment rack because it's going into a maker space. But what I need to do is I need, because it's a dusty environment and the dust is coming off a metal shop I'm gonna be running a filter that then will pressurize the F front, which is gonna be a steampunk cover that's magnetically mounted to the front of the rack so it can pressurize the front and force cool air through the equipment so that we don't keep burning up our network. So I'm, I'm ordering, you know, things like paint and little gears and all kinds of stuff to decorate it in the steampunk theme ought to be fun.

Lou Maresca (00:04:00):
Well, it's definitely been a busy week in the enterprise. We definitely should get started. Human fallibility, are we the weakest link in an organization? Security? Well, the defense of counterintelligence and security agency might just have a solution for us. The panel will talk about that solution. Plus our guest today, Nick Viche, security leader at Talend. He is going to talk about maintaining data agility and accelerating your time to compliance. So lots to talk about, lots of information, so definitely stick around. But before we get into all that goodness, we do have to jump in this week's news blips in cybersecurity news. Moscow based firm Kaspersky is dealing with a sophisticated cyber attack that exploited the iPhones without a single click by the user. Now what's more interesting is the attack didn't use to user interaction at all to an infected device demonstrating the craftiness of hackers out there dubbed Operation Triangulation.

(00:04:51):
The exploit used malware to hijack microphone recordings, photos, geolocation, and other data employees iPhones. Now think of it like having a secret agent living inside of your phone, spying on your every move. Now the malware slyly hidden inside iMessage texts was delivered with an invisible payload exploiting iOS vulnerabilities and creating what we call in the industry an advanced persistent threat, a p t. But here's where it gets even more intriguing. This is wasn't just about Kaspersky Russian National Coordination Center for computer incidents claims. This was be was actually part of a wider NSA campaign that infected thousands of iPhones inside diplomatic missions and embassies in Russia and in NATO countries post Soviet nations, Israel and China. The FSB Russians Federal Security Service was accusing Apple of complicity with the NSA in this campaign. And a claim Apple actually firmly denies at this point. Now the triangulation malware parallel to the artful thief that's out there even erases its initial entry point, removing the text messages that start to affect the affection chain that's out there and the name triangulation from the malware's technique of using canvas fingers for your fingerprints to actually analyze the hardware and software.

(00:06:04):
A phone, the phone actually has drawing a metaphorical yellow triangle in the device's memory. Now think of this as an invisible spy silently infiltrating your network, leaving no trace behind. Cuz Frisky's unified monitoring and analysis platform, Kuma was able to detect the anomaly. Several dozen iPhones within the company were infected with this crafty spyware. The big question now is what else will be on Earth's as the cyber drama unfolds?

Curt Franklin (00:06:30):
Okay, so let's first remind ourselves of a couple of basics. Number one, WordPress is the world's most popular and commonly used content management system or cms. Wordpress has a vast ecosystem of plugins, add-ons, and libraries that provide extended functionality. Now, one of the most popular of those plugins is Jet Pat security and speed enhancement package that's been downloaded roughly 5 million times. Got it. So Jet Pack issued an urgent advisory this week saying that a vulnerability in its a p I could allow an attacker to manipulate any of the files existing within the websites file infrastructure and it gets better. This vulnerability has been around since Jet Pack version 2.0, a version that was released in 2012 for those keeping score. Current version of Jet Pack is 12 point 11. Now Jet Pack says that they have never seen evidence that the vulnerability has been exploited in the wild, but they are rushing fixes to their user base in the form of get ready 102 newly patched versions of the software. That's a patch for every version since 2.0. According to the company, they've worked with the wordpress.org security team to get the patched versions into the field and most customers should see their copy of Jet Pack automatically updated real soon. Now, just in case though, check your software logs, if the most recent Jack Pack update was say, 2017, you might want to fire up your manual updating routines and get cracking. Now that the vulnerability is known, it's only a matter of time before threat actors start probing for potential victims.

Brian Chee (00:08:35):
Right? So this article came from ours, Technica, and I love the headline lawyer cited six fake cases made up by chat. G P t judge calls it unprecedented. Wow, a lawyer is in trouble. After admitting he used chat G P T to help write court filings that cited six non-existent cases invented by the artificial intelligence tool lawyer Steven Schwartz of the firm Le Levi Vido Lado and Oberman quote, greatly regrets having utilized generative artificial intelligence to supplement the legal research performed here wi herein and will never do so in the future without absolute verification of its authenticity. Schwartz wrote in an affidavit on May 24th regarding the bogus citations previously submitted to US District Court for the Southern District of New York. Schwartz wrote that quote, the use of generative artificial intelligence has evolved within law firms and that he quote, consulted the artificial intelligence website chat g p t in order to supplement the legal research performed.

(00:09:55):
The citations and opinions in question were provided by chat G P T, which also provided its legal source and assured the reliability of its content. He wrote, Schwartz admitted that he quote, relied on legal opinions provided to him by the source that has revealed itself to be unreliable, and stated that it is his fault for not confirming the sources provided by chat. G p t Schwartz didn't previously consider the possibility that an artificial intelligence tool like chat g p t could provide false information, even though AI chatbot mistakes have been extensively reported by non artificial intelligence, such as the human journalists employed by reputable news organizations. The lawyers' affidavit said that he quote, had never utilized chat g p t as a source for conducting legal research prior to this occurrence, and therefore it was unaware of the possibility that the contents could be false.

(00:10:53):
All right, I'm gonna skip ahead in the article just a little bit to get to the judge's comments. Judge weighs on unprecedented circumstances. The headline to this section, federal Judge Kevin Costello, is considering punishments for Schwartz and his associates in an order on Friday, Costell re scheduled a June 8th hearing at which Schwartz fellow attorney Peter di LoDuca and the law firm must show cause for why they should not be sanctioned. The court is presented with an unprecedented circumstance unquote Costell wrote in a previous order on May 4th. A submission filed by plaintiff's counsel in opposition to a motion to dismiss is replete with citations to non-existent cases. Dot dot six of the submitted cases appear to be bogus judicial decisions with bogus quotes and bogus internal citations. The filings included not only the names of made up cases, but also of series of exhibits with excerpts from bogus decisions.

(00:12:00):
For example, the fake Vassi versus China Southern Airlines opinion cited several precedents that don't exist. Quote, the bogus vassi decision contains internal citations in quotes, which in turn are non-existent according to castell. Five other decisions submitted by plaintiff's counsel contain similar deficiency and it appeared to be fake as well. The five boue cases were called Shabo versus Egypt, air Peterson versus Iran, air Martinez versus Delta Airlines, a state of Durden versus K lm, Royal Dutch Airlines and Miller versus United Airlines. So I'm gonna stop reading. I would strongly, strongly recommend reading this our technical article, especially since it goes on to state that the lawyers claiming that he asked Chad B G P T if the results were a real case in the system answered back in the affirmative when in reality the case was originally filed in New York State Court, but Avianca Airlines had it moved to a federal court.

(00:13:10):
Wow, there's gonna be some interesting things to say that the citation caused a bunch of confusion. Sounds like an understatement with the judge, considering that the lawyer be sanctioned for the use of false and fraudulent notarization is affidavit file. This whole thing is going to stir up all hornets nest in the legal world, especially since chat j p t tool use stated that the material was also found on Lexus Nexus and Westlaw. I will state up front right now, I am paraphrasing some of the article and strongly recommend you read the RS technical article in its entirety because this misleading product of chat K P T could very well become a huge and very real legal case as a result of what sounds like a shortcut.

Lou Maresca (00:13:58):
An international team of researchers from Japan, Australia, and the Netherlands and Italy have re just rewritten the book on data transmission speeds pumping an incredible 1.7 petabytes of data over 67 kilometers stretch of optical fiber. According to this text explorer article, the optical fiber, roughly the thickness of a human hair, has the capacity to handle the equivalent of over 10 million high speed home internet connections running at full tilt. Now here's a fun comparison for you. In 1988, the first trans-atlantic fiber optic cable known as TA eight had a capacity of a mere 20 megabits. Our current champion, the Grace Hopper cable, installed in 2022 boasts 22 terabytes in each of the 16 fiber pairs. That's like going from a bicycle to a Bugatti, yet they're still hitting the gas here now. So what's the magic behind the new record? Well, that's the next gen fiber that's in there.

(00:14:49):
It's designed with 19 each capable of carrying a signal and to this, a 3D laser printed glass chip developed by Macquarie University researchers, which enables low loss access to these 19 light streams while maintaining com compatibility with existing transmission equipment. Now, this translates to less digital processing and less power per bit transmitted, and a tremendous leap in efficiency as well. Now think about it. All of our data centers, cell towers, satellite ground stations, homes, and businesses are connected through these slender tendrils of glass fiber. Those Revolutionary Tech may soon supercharge these connections and meet the ever-growing demands of our digital error without the need for sweeping infrastructure changes Now an optical leap forward. Absolutely. And one, we're excited to actually see the shape, the future of the interconnected world. And we'll stay tuned for Warren. We'll keep an eye on how those innovation develops and its potential applications actually unfold here. Now, I don't know about you Brian, but you might just need to get your chairman of the board back on the horse there and hang some new cable on the fairgrounds pretty soon.

Brian Chee (00:15:52):
One can never tell. Hey, so I thought what I'd do is share a little bit of the research that I did in my previous life at the University of Hawaii. I was on team that got to work with a technology called Ramen spectroscopy, and this is actually an ad I'm gonna be right up front. This is an ad from Edmond Scientific, aka a admin optical about using IR spectroscopy for counterfeit drug detection. The future depends on rapidly detecting harmful chemicals in counterfeit drugs. So it is an ad for a webinar, be right up front. However, ramen spectroscopy, AK remote sensors, all of the Star Trek tricorders, is fast becoming real. I was honored to be part of a project to implement ramen spectroscopy on quadcopter drones that could scan the ocean waters around the Hawaiian Islands to detect dissolved mustard gas weapon compounds slowly leaking from rusting weapons dumped by the US military after the World War.

(00:16:59):
We all also proposed bumper mounted versions to detect IEDs as vehicles drive through contested areas. So yeah, this sure sounds like a Star Trek tricorder, and you would be correct. And in order to set a public precedence, I would propose that we could evacuate the air surrounding luggage or shipments to pull away chemical tags from the contents and run it quickly through troops with the ramen spectroscopy equipment to detect illegal or dangerous compounds in luggage or shipments. The whole point of this blip is to point out that the commercialization of ramen spectroscopy is finally here. And I, for one, expect to see a new industry sprout up from these systems becoming easier to implement. I'm imagining that we might see dedicated processor chips to drive the ramen spectroscopy equipment that could then processors like Arduinos or raspberry pies that could be p become part of shipping containers, warehouses, packages, scanning for shipping, and perhaps maybe even someday refrigerator that can detect if your fruit is going bad.

(00:18:03):
Now I'm gonna show off just a little bit. Here's a picture of me at my old house in Honolulu, and it is, I am holding up a award that I got as part of the team from Nas Libs, which stands for the North American Symposium on laser induced breakdown spectroscopy. By the way, that's a cocoa tree behind me. Anyway, fun project and it finally did quote, get off the ground it, we actually had a laser onshore that would be bouncing off a mirror on the quad copter, hit the water, and then we detect the backscatter using commercial high resolution video cameras.

Lou Maresca (00:18:49):
Well, folks, I would say that does before the blips. Next up we have the bites, but you know, before we get to the bites, we do have to thank a really great sponsor of this weekend enterprise tech. And that's Duo Duo protects against breaches with the leading access management suite. Now, strong multilayer defenses and innovative capabilities only allow legitimate users in and they keep the bad actors out. Now, for any organization concerned about being breached, that needs protection fast duo quickly enables strong security while also improving user productivity. That's usually a hard thing to do. You know, duo prevents unauthorized access with multi-layered defenses and modern capabilities that stop those sophisticated malicious access attempts that are out there and increase authentication requirements in real time. When risk rises, dual enables high productivity by only requiring authentication when needed, enabling a shift and a swift easy and secure access duo provides an all in one solution from Strong M ffa, passwordless single sign-on and trusted endpoint verification duo helps you implement zero trust principles by verifying users and their devices.

(00:20:00):
Start your free trial and sign up today at cs.co/twit. That's CS do co slash twit and we thank DUO for their support of this week in enterprise tech. Well, folks, it is time for the news. By now, the National Guard Airman, Jack Teria, has come under some serious scrutiny for a major security incident leaking classified Pentagon documents on Discord, a popular mentorship platform out there. If you're not familiar with it, this case raises the pressing question about how to maintain trust in the workforce and proactively mitigate insider risk. It's a hard thing to deal with. Now, while many argue Tisha's low ranking role and youthful should not have granted him such access, it's crucial to, to really understand that he was granted a security clearance. Highlighting an integral part of concerns here that the whole concept of trust and much like the famous cases of snow, Edward Snow and Chelsea Manning shares actions are symptomatic of a breakdown of loyalty or ultimately resulting in a breach of trust and potentially serving our adversaries on a silver platter.

(00:21:12):
Some really interesting information. Now to address this issue, government entities are grappling with the conundrum of human foul ability. We all think about this all the time. The defense counterintelligence and security agency, for instance, is implementing a continuous vetting system under the Trusted Workforce 2.0 strategy. The system flags any potential anomalies in real time enabling early risk mitigation that's out there. Now, think about it as 24 7 system diagnostics and threat detection tools on employees rather than a periodic security audit. Now it's a promising step forward. We're actively dealing with insider threats despite this unfortunate timing of this leak. It serves as a stress test for this new strategy and underscores the importance of identifying risk indicators in a timely manner. Now, as it professionals out there, it's a really a stark reminder for us all to really stay vigilant, collaborate, and ensure our systems are equipped to actually handle the complexities of human and organizational terrains.

(00:22:11):
Now, I want to conclude this a little bit, just the fact is obviously it's human nature and we need to continue to strive for continuous improvement here, and our systems and processes need to follow suit. Now, I wanna bring my co-host in now as, as IT professionals out there. We understand the importance of our trusted workforce and the role of the fact that there are NDAs that people sign to maintain, you know, obviously confidentiality, yet incidents like the Pentagon still occurs now cheaper. How can a network architecture be essentially designed in a way you worked with the government before to ensure that even though people have NDAs, we shouldn't necessarily inherently trust them and maybe we have some way to improve this scenario?

Brian Chee (00:22:52):
I I'm going to throw out a soapbox disclaimer right now. The reality is, and and this is not a super big secret, the technology that the military use isn't that different from what you use in the civilian sector. The big difference are the penalties. Now, I'm gonna ask Burke, I'm gonna skip ahead a little bit to that Wikipedia article. The one thing that happens is it's considered treason. And one of the things in my briefing was a warning that there is one set of operational gallows still in the United States, and it's at Fort Leavenworth, Kansas. The walkers, the the people, the father's son that leaked the details of our attack submarine propeller design were being considered to be hung. They didn't, but that penalty was actually on the table. And I think that's one of the big differences that I think this gentleman didn't get was that really heavy handed warning treason can still have a capital punishment applied.

(00:24:16):
It all depends on the case and especially on whether or not o other people's lives were put in danger because of that leak. Now, having said that one of the other things that a lot of civilians don't do that we did in the military was right up front before, as you were being given your credentials and every month thereafter there were you had to acknowledge receipt that all 100% of your activities was in the military are monitored. And this particular person apparently was not paying attention to that. So one, I think there needs to be more use of I used to use Tripwire. Okay, so I'll, I'll throw that and whenever I, I use it for something other than just system files, I would also put it on sensitive material. The other thing a lot of military uses that the civilian world doesn't use is compartmentalization.

(00:25:25):
If you, just because you had say a top secret clearance doesn't mean you're given access to something if you have no need to know. I think civilian world can take a little bit of note of that. If someone doesn't need to know, they shouldn't be given access to it. The Windows file system security, Unix file system security, obviously Noel back in the day, there are ways to apply that and provide, you know, saying, okay, you don't have access, this group only has access and you add groups by need to know. That might be something we could do. So I thi I think I'm gonna get off the soapbox and say there are tools. Tripwire is obviously one of the older ones but it's still available. There's quite a few out there. You really ought to get more realistic about sensitive material, having something like Tripwire, something to tell you when someone's even touched it so that at least you have a better chance of preventing it from, you know, exfiltrating out of your organization. Right, right. Well, obviously organizations, they

Lou Maresca (00:26:42):
Still have NDAs, but Bryant says something interesting com compartmentalization is something that is very useful. It sounds very similar to the concepts of Zero Trust, Curtis, how do we, how do we balance the concept of just information sharing, making sure everyone has the right information, but the concept of the fact that there's a potential security risk associated with any access privileges out there, even if we have these NDAs in place?

Curt Franklin (00:27:07):
Well, I think the, the issue with an NDA is that it has to be honored by the person who signed it. And as Brian pointed out, sometimes the threat of punishment is what's worth is works there, sometimes it doesn't. But there are architectural ways to defend against this. One of the ones, and this is a well known principle, it's called least privilege, least privilege, says that any worker, any member of the this system should have the privilege over systems and the privilege to access data required for their position. And no more. People say, well, well what about the times when you need greater privilege? An example is members of a technical staff who might normally during the course of their day need standard user privilege on their machines and not need to touch other machines, but on occasion they need to go in and have admin privileges on endpoints in order to apply a patch or make a change.

(00:28:23):
There are systems out there that will allow you to essentially check out a greater privilege to use in an instance, you check it out for a period of time, then you check it back in. That means that the privilege is escalated only for the period of time in which work is being done, and you have a clean record of who has used the escalated privilege. So that, that is one architectural sys system that can help. The other is, and again, as Brian pointed out, we have lots of technology tools that are designed to help prevent exfiltration or people stealing data. These run the gamut in complexity and thoroughness, but there are a lot of them out there. I will say that one of the things that g Harb harms our military frequently is the n i h not invented here mindset that too many people have. In other words, if they didn't come up with it, if it's a commercial product, it can't possibly solve their problem when in fact there's every likelihood that it might. So the solutions are there now. We've had a wake up call, it's gonna be fascinating to understand going forward whether the military and related agencies have learned the lesson that has been kind of bitterly taught here.

Lou Maresca (00:30:08):
Agreed, agreed. Well, you know, I think one thing we should definitely touch on before we move on here is the whole concept of, I would say continuous vetting. Obviously, you know, a lot of organizations, they tend to give permissions to people and then they don't necessarily audit those permissions going forward. I think that's a, an interesting aspect. I would also say a lot of organizations are moving to places where they can utilize advanced threat protection. They can utilize ways of, of retention and auditing of who accesses documents and when. And I think all of these things in place will help reduce the threat if not be able to detect early on. So I think there's, there's lots of things in play here that can help with things. The key here is you gotta start implementing 'em, so they'll start, start looking into it people. Well, folks that does it for the bites.

(00:30:51):
Next up we have the guest drops of knowledge on the TWIT Riot. But before we get to the guest, we do have to thank another great sponsor of this week in Enterprise Tech and that's the amazing bit. Warden Bid Warden is the only open source cross-platform password manager that can be used at home, at work, or even on the go. And it's trusted by millions. Even our very own Steve Gibson has switched over and that, I'll tell you, that's in a testament to bit Warren when Steve does that, I I can tell you I've switched over as on with Bit Warden. All the data in your vault is end to end encrypted, not just your passwords. Protect your data and privacy with bit worn by adding security to your passwords with strong randomly generated passwords for each account. Go further with the username generator. It's a great tool.

(00:31:32):
Create unique usernames for each account, or even use any of the five integrated email alias services as well. Bit worn is open source, which is awesome with all the code available on GitHub for anyone to view. That means you don't have to trust their word. You can see what, how it's completely secure. Right there, right there in the code. On top of being public to the world. Bit Worn also has professional third party audits performed every year and the re results are actually published on their website. This is an open source security that you can actually trust. Bit Worn has launched a new bit Worn Secrets Manager currently in beta. It's an end-to-end encrypted solution that allows teams of developers to consensually secure, manage and deploy sensitive secrets like API keys and machine credentials. Secrets Manager keeps those sensitive developer secrets out of the source code and it eliminates the risk of them being exposed to the public bit.

(00:32:25):
Warden needs developers to actually help test out the new Secrets manager and provide feedback. So definitely check that out at Learn More at bit warn.com/secrets beta. Share private data securely with coworkers across departments or even entire company with a fully customizable and adaptive plans that are out there. Bit Warren's teams org organization option is just $3 a month per user while their enterprise organization plan is just $5 a month per user and individuals can actually use the basic free account for an unlimited number of passwords, upgrade any time to a premium account for less than a dollar a month, or bring the whole family with the family organization option, which I actually use for my whole family here. Actually give up to six users premium features for only $3 and 33 cents a month. At twit, we are fans of password managers. Bit Warner is the only open source cross platform password manager that can be used at home on the go or at work. And it's trusted by millions of individuals, teams, and organizations worldwide. Get started with a free trial of a teams or enterprise plan or get started for free across all devices as an individual user at Bit warren.com/twitch. That's bit warren.com/twit and we thank Bit Warden their support of this weekend Enterprise Tech. Well folks, it's my favorite part of this show where we get to get, to get, bring a guest to actually drop some knowledge on the twi. Right? Today we have Nick Viche, he's security leader at Talent. Welcome to the show, Nick.

Speaker 5 (00:34:01):
Thanks. My pleasure to be here. Thanks for having me.

Lou Maresca (00:34:05):
Now, our audience, they're all over the spectrum when it comes to experiences whether they're entry level people who are just starting in the industry, who are just learning about it all the way up to the CTOs, the CISOs out there. In fact, I just talked to a CISO last week about the show and they love to hear people's journey through tech and how they got to where they got. Can you maybe take us through a, a short journey through tech and what brought you to talent?

Speaker 5 (00:34:26):
Yeah, a quick, quick version of the, the career story was starting com engineering. And I was doing computer networks with the New York Stock Exchange and I started there about four months before nine 11. So that was an interesting bcp experience along with everything else. But then started volunteering time, doing pen testing with the pen testing team, and then started getting the security journey and then started doing you know, change companies and learned bug sweeping and all kinds of fun stuff that had nothing to do with security, but all part of it. And so I've been a CISO a few times over. I've been a consultant, I've been a cio and now I'm at Talend and you know, part of the security leading security organization. And you know, my, my passion there is around you know, data integration I think is a really important thing. We, it's a constant struggle from a security perspective. And then the data analytics side me will tell the story and I think, you know, talent kind of fit into that picture really well. And I'm also a French citizen and a native French speaker, and there are a lot of talent historically has been been a French company, so I get to speak French at work.

Lou Maresca (00:35:31):
Fantastic, fantastic. Well, I I wanna jump into what you were saying. Obviously data privacy compliance is sometimes a mystify mystified thing for organizations, especially when it comes to the integration between enterprise and consumer. I know that a lot of times there's, you know, unequality where con consumers actually have specific concerns about compliance and things like that and they don't really understand what needs to happen to be, to be able to address things correctly, be able to kind of navigate the complexity there. What, what's something that organizations can do to help navigate all of that?

Speaker 5 (00:36:04):
I mean, I think the first step is really understanding what you have <laugh>, and that's really the, the biggest struggle, right? You know, the developers and product managers and whatnot might end up creating new features and products and, and and you might start having data that you never intended on having in the first place. Being able to know where it is is the other one and being able to have that visibility and that understanding, and then that's what lets you then understand what is it that we need to put into place in order to be able to manage that properly. And now you've got that exploding, you know, all of the four letter acronyms coming outta like Ds, p, M and everything else to try to manage some of that storytelling around what do I have? Where is it? Who's accessing it? How's it getting from point A to point B? But if you can't, you don't have the knowledge management side and you don't have the observability side, you'll never be able to manage a problem on a, on the whole, you'll play playing whack, whack-a-mole for the rest of your life,

Lou Maresca (00:36:56):
<Laugh>. That's right. It, it's interesting because obviously in the eu, GDPR is one of those four letter acronyms that we always worry about because it's, it's supposed to try to protect consumers and users data. Inherently it's a user has to try not to like really care about it, but if somebody really cares about the data and wants it removed, they can ask for that to happen. But most of the time, most consumers, most users, they, they lack really the knowledge and the skill to really understand how to secure their data or even set up secure profiles or whatnot. What are some of the ways you can maybe see organizations moving in a particular direction to help consumers with that?

Speaker 5 (00:37:33):
I mean, it's really challenging. You know, obviously without the regulations, the economics were not the driver to help companies be altruistic <laugh>. You know, it's not a profit center to introduce more things to to try to help the end user. It's more about making money. I mean the regulations themselves fundamentally, I mean, if you look at gdpr, you look at C C P A and, and all the other ones that are popping up all over the place they're fundamentally about consent and right to be forgotten, right? And, you know, being able to know what someone knows about you I think how the data's handled at that point and the security of that data, I mean, it, it's super challenging all over the place, right? I mean, we keep seeing it day in, day out of, you know, data on the loose and getting leaked everywhere.

(00:38:21):
I mean, I'm pretty sure every version of my been out there at least 10, 15, 20, 50 times. And so you just end up introducing kind of the protections around your identity. Things like, you know, freezing your credit and things like that, that when someone mis handles your data in some way, shape or form, you have those layers of protection. I think that's really what folks need to get educated about. The other danger too is just the, you know, there are law firms and whatnot that are so many predatory as it relates to this and opportunistic, I mean, we saw this when C C P A went into effect of just like d dossing organizations with legal requests for takedowns and people who literally want their data removed just for the sake of causing pain to an organization. You know, so there's there's a sides of abuse to this too that become you know, really challenging as well. You,

Lou Maresca (00:39:11):
You actually, you bring up a good point because I, I did say that, that the generation of data sometimes is happening so fast that organizations don't know necessarily how to manage it correctly. They, they don't know, they end up taking data and backing it up somewhere. They end up, you know, moving it insecurely around. And they, they compromise security and the integrity of the data by doing that because you just can't handle that amount of data coming in. And then, like you said, people come and ask, can you delete that data? And then they have no idea what to do with that. What's, what's a, what's a way obviously that there's, there's like obviously 1,000,001 ways to do this, but what's a good way for an organization to start handling that flood of data and, and, and actually be able to manage it in a way where they're not doing things insecurely?

Speaker 5 (00:39:52):
I, I think there's, you know, a big fan of the book, good to Great and, you know, the hedgehog concept and focus on what you're great at. And most organizations are not great at managing data. And so find the partners that are great at managing data and use those things to your advantage. Cuz it's, if it's not core to your business, you probably shouldn't be doing it in the first place. So I think for me it's really, and, and Talend obviously has a lot of data integration, data catalog and, and whatnot capabilities. And not that I'm saying go use Talend, but there are companies that specialize very specifically in understanding what data you have, where it's going, it's providence, you know, who has access to it, where, you know how it's being used, et cetera. And I think just making sure that that's part of your toolkit as an organization to handle the questions around what data do you have, data sovereignty questions of where is it living you know, and all of those things is really the biggest thing. And then the side piece to that is really just make sure that you have good privacy council that really keeps an eye on what is going on out there. It's constantly changing where you're doing business and making sure that you're anticipating those needs.

Lou Maresca (00:41:03):
And what about, what about the concept of a data governance? Because obviously maintaining data governance is a, it's a hard challenge. And then of course, organizations are trying to leverage the potential of generated AI and they're trying to consider many different data sources and diverse sources out there, and they're having high levels of volume of data coming in and, and how do they, how do they go and maintain that going forward?

Speaker 5 (00:41:25):
I mean, I think this is why you're seeing everything pop all these new companies popping up all over the place, right? This is an explosion of data. It was really bad before and now it's getting even worse <laugh> if, if that was even possible. And so it's really, you know, I think it's about helping the business understand the risks that exist and then helping by having the right tool set in place and the right visibility, you can automate a lot of this stuff, right? And so that level of investment and not having to go play, you know, whack-a-mole and, and right. You know, just trying your best you know, is, is really where it's at. I think everything that we do in this, in this industry and, and for organizations is about automation and speeding things up. Just because the data sets aren't gonna get smaller, right? And the complexity isn't gonna get less. So how do we find ways of getting rid of those artisanal cuckoo clocks and, you know, manual inventions and whatnot and move to things that are a little bit more automated that can scale, that can handle the future problems, not just the problems we face today.

Lou Maresca (00:42:25):
Right? So let's, let's get a little bit into, into town. Cause obviously we, the whole concept of generative AI that we've talked about it heavily, it actually is heavily use using data to, to maintain its functionality, especially in terms of patterns and, and other things, different relationships and structures that are out there. What is Talend's data fabric platform offering here that can help with some of these things that we've already talked about?

Speaker 5 (00:42:47):
Yeah, I mean, I think on the generative AI side, I mean, where we see value is really in that, you know, accelerating time to usefulness, right? So there's, there's the side that, that Brian was talking about before of, you know, doing shortcuts to try to generate legal arguments, but the side that's actually really interesting is how do you enable, how do you democratize access to, or an ability to implement and, and implement with speed. And I think that's really where, you know, organizations like Talend and, and and whatnot are looking at generative AI to accelerate time to value for their products. And I think there's a lot of, a lot of potential there without it being something that we have to be worried about. Data sovereignty and everything else, and sensitive data getting out. It's like, no, I just want this thing to talk to this thing and write the code that does that, and then you can validate in a test harness and make sure that it actually does what you expected it to do. So I think that's where a lot of the generative AI is kind of coming in into this, into this market. You know, I think it is just being aware, depending on how you're going to use generative AI is just making sure that you can trust what it's giving you if you're gonna go use it verbatim, <laugh> just kind of scary sometimes, right? Right, right.

Lou Maresca (00:44:01):
Are you wanna bring my coast back in? But before we do, we do have to thank one more great sponsor of this week in enterprise tech and we'll go ahead and do that right now. That is Miro. Quick question. Are you and your team still going from tab to tab and the browser out there, or tool to tool losing brilliant ideas and important information along the way? Well, with Miro, that doesn't need to happen anymore. Miro is the collaborative visual platform that brings all of your great work together, no matter where you are, whether you're working from home or in a hybrid workplace, everything comes together in one workspace online. Now, at a first glance, it might just seem like this is just a simple digital whiteboard, but Miros capabilities run way beyond that. In fact, it's a visual collaboration tool packed with features for the whole entire team to build on each other's ideas and build a future now shorten time to launch to your customers, get what they need faster.

(00:44:52):
Now with Mural, you, you only need one tool. See your vision come to life planning, researching, brainstorming, designing and feedback cycles. It can all live on a mural board and across all the teams that you have as well. And faster input means faster outcomes as well. In fact, mural users report the tool increasing project delivery speed by 29% view and share that big picture overview in a cinch when everyone has a voice and everyone can tap into a single source of truth, your team remains engaged, invested, and most importantly, happy cut out any confusion on who needs to do what. By mapping out processes, rules, and timelines, you can do that with several templates that they have there, including Miros Swim Lane Diagram. Strategic planning becomes easier when it's visual and accessible, tap into a way to map processes, systems, and plans with the whole team.

(00:45:43):
So they not only view it, but have a chance to give feedback as well. If you're feeling meaning fatigue, I know I am Mural users report saving up to 80 hours per user per year just from streamlining conversations of feedback ready to be part of the more than 1 million users who join Miro every month. Get your first three boards for free and start working better together at miro.com/podcast. That's m I r.com/podcast. And we thank Miro for the support of this week and enterprise tech. Well folks, we've been talking with Nick Vache, he's security leader at Talent. We've been talking about data compliance and governance and privacy and I I definitely wanna bring my co-host back in cuz I'm sure they have a lot to say about that. Let's go ahead and throw it to Curtis first. Curtis,

Curt Franklin (00:46:36):
Thanks very much. Nick, I'm, I'm interested because one of the things that we've alluded to is of course that privacy is a huge issue and the issues around all of the large language model, generative ai model building activities is, is only making it more so, so how complicated is it for Talend to allow the various privacy regimes to be met for customers, especially for international customers who may find themselves having to deal with privacy regulations that differ from not only region to region, but country to country and here in the US state to state?

Speaker 5 (00:47:29):
Well, from a privacy perspective as it relates to talents customers and, and talent products. You know, I, I don't think the generative AI is gonna, is really what they're gonna be using to feed data through the platform and, and into their own platforms. So I think the privacy risks there are fairly limited. I mean, I think for organizations as it relates to the generative AI side, it's really around having that right, the right policies in place and the right the right controls in place for managing how LLMs are being used. Whether that's feeding data into them or just querying and how they're making the data available. So, I mean, I think that from a talent perspective, like I said, I think the, the generative AI side is really around usability. It's really around, you know, how do you, how do you accelerate time to value versus you know, I think the privacy risks per se that might be popping up as it relates to the talent product suites.

Curt Franklin (00:48:24):
Alright, so leaving the, the AI aside how important do your customers tell it, tell you that it is to safeguard their customer data, their private information while the data is being stored used and transmitted from place to place? Is this a major issue for you or is this something that you try to deal with while you're doing the major parts of what Talend has to do for customers?

Speaker 5 (00:49:04):
Yeah, and we're, we're blessed in that we're not actually storing the customer data, right? We're facilitating the transfer of data. If you think back to the old, you know, SFTP days of, you know, the old days of FTP where you wanted to send from one FTP server to another FTP server even though you weren't actually wanting the data yourself. You know, there's, it's kind of similar, right? Talend helps build some of those transfer mechanisms. So let's say you have an old as 400 and you need to get your stuff to Snowflake. You can run those jobs within your own environment or within that data sovereignty realm or wherever you need to do it in order to manage the privacy concerns properly. So we have the ability to either run it in the cloud, we have the ability to run it on premise, but we very much do work with our customers about the privacy concerns of the, the work that they're doing.

(00:49:49):
They come to us and ask a lot of questions as well to make sure that we have ways of facilitating and enabling what they want to get done without putting that data at risk in the first place. And I think the other side of it too is just, you know, as you think about kind of some of the, the data catalog capabilities and things like that, the talent has is being able to make sure that companies understand where that data's going, right? You're moving data around. You need to be able to tell the story around where that data came from while, you know, you can answer those regulatory questions as a result of using the products and then unlock a little bit of that complexity that you might be experiencing otherwise.

Curt Franklin (00:50:25):
Well, while, while I've got you here, I've, I need to ask one more question before I turn you over to my partner Brian. I see a bunch of Defcon badges on the wall behind you.

Speaker 5 (00:50:37):
Oh, good. You knew they weren't like track, like Marathon Metals

Curt Franklin (00:50:41):
Or something? No, no. I, I ra I've, I've got different colors, but I've got some of those badges hanging around my office as well. So security is very much an open source activity. We have ethical hackers, we have independent researchers, we have all kinds of people who are willing either to satisfy their curiosity or to get a check to help you figure out where your vulnerabilities and data issues might lie. Are there any things that you are looking forward to hearing about that you're anticipating will be topics of primary discussion at the DEFCON that's coming up in just about eight weeks?

Speaker 5 (00:51:25):
Oh my goodness. I mean, you gotta, you gotta be guaranteed. There's gonna be a lot of generative AI conversation and look at the crazy stuff I just did with, you know, my, my own model or, or making models do the things that they're not supposed to do. And we already see a lot of people tinkering with this stuff. And trying to figure out how to get around things like paywalls and you know, getting it to generate things that it shouldn't be generating because of its own, the ethical programming that's been put into it or the, the guardrails. So I have to imagine there're gonna be a bunch of talks about that. But I think also, I mean, we saw this even, I think it was pre C O V I D, it was pre covid where it was the, you know, AI against ai like AI attacker against AI defender and like that giant competition. We're just gonna see this stuff explode. It's now accessible to anybody, not just massive, you know, university research organizations and whatnot. So I think it's gonna be, I think there's gonna be some really interesting talks around how those, how those things are being abused and other ways of thinking about how to use them.

Brian Chee (00:52:27):
Wow. I'm excited. It's gonna be, it's, yeah. Hey, I, I, I've had many, many games of Spot the Fed at DEFCON <laugh>, funny enough they didn't spot me until almost the end of the show, which is kind of interesting. Anyway, one of the greatest concerns that I've had about generative AI in general is the training factor. There, there has always been cases I've been through lots and lots and lots of war games where one of the components was literally a human spy versus a human spy inserting flaws into systems on purpose by the bad guys. What I'd like you to do is just imagine a little bit, a little bit of crystal ball. What kinds of things should we be looking at, especially as we start using generative AI for security, especially when it starts getting into doing things like pen testing. Do we really trust it?

Speaker 5 (00:53:38):
The really interesting one, and you're saying actually the CrowdStrike just put out their, you know, AI assistant, whatnot, I forget what, what her name is. But they, you know, I think the, the private models I think are the ones that are maybe a little bit, we can protect them a little bit more, right? And protect against pollution to a certain extent. But a malicious actor could in the background pollute that private model with bad information to, let's say you have a generative ai, you know, assistant to help you remediate a an alert and that remediation is actually seeded by a malicious plant that actually goes in like unblocks, all kinds of other things to allow the attacker in, in the first place, which never should have happened. So I mean, I think that there's a lot of really interesting things that you can do from a manipulation perspective there.

(00:54:30):
And I think it's gonna be less about, there's a lot of freaking out right now around people uploading sensitive data to a generative ai and now what happens to that data? And now it's being used for training, but that, you know, fake data could be uploaded just as well and it's all treated with the same level of truthiness. So it doesn't really ma like the, the level of, of risk there actually think is a little bit on the lower side. The, the bigger concern's gonna be with the private models where we have some control is if they get polluted in some way and you expect it to be truth. And now, but you don't even know what to trust anymore. How to validate it.

Brian Chee (00:55:09):
Yeah, well I'll, I'll tell you, I'm, the correlation I'm drawing is the pollution factor in things like open source software in general, you know, where you've had malware slipped in by bad actors, you know, or whatevers, or people with a, you know, a grudge to bear against someone. That's some of the things I'm really worried about, you know, not, not the least of which is, you know, just about everyone I talk to about this kind of stuff keep saying, are we birthing Skynet? You know, <laugh> that comes up, you know, it, it's, it's fiction, but I just saw a story, I'm still not sure I believe it about how they were experimenting with generative AI for target identification on drones. And the drones got upset because it wasn't getting its little cookie reward when it did things right and started picking non-com combative targets That sure sounds like Skynet. So I'd like you, so here's the real question. I'd like you if this is really happening. What are the guardrails that you think the industry needs to put into place? Where should we be car careful

Speaker 5 (00:56:37):
And, and I think you're seeing this. So I think the story that you're referencing, I don't know that it was generative ai. It was AI and AI's trained to win and the AI was basically realizing that the human was preventing it from winning. Cuz the human was able to say, no, don't attack that target. It's okay, but the AI is trained to say, but if I attack the target, I get my cookie. So how do I get rid of the thing that's stopping me from attacking the cookie? And when they were told you can't actually attack the operator, they said, fine, I'll take out the control tower so they can't tell me I can't have my cookie. So it's, you know, so the answer there is really, and you're, you're seeing, you know, Sam Altman went before congress, you know, from open AI and, and and you're seeing this from all the tech leaders basically saying what we need are the right guardrails and the right controls and the right the right swim lanes for these technologies and identifying how do we, you know how do we, how do we define the rules of the game?

(00:57:33):
These are computer programs, right? Now it's, we're totally gonna end up in, you know, some fun eighties movies. But at a certain point it's really about setting the guardrails for these applications of what are you allowed to do and not allowed to do, and defining the rules well, but it takes really smart people to do that. And I think it takes those think tanks in order to define it. And it also takes organizations that are willing to implement the safeguards to actually do it. We go back to the whole privacy thing around, you know, hey, why aren't companies just doing it out of their own goodwill to like help people be more secure with their data? It's like, why are you gonna go and actually put the guardrails out unless there's sig significant international regulation about it. So you know, it, it can do anything. It's all about how we're going to have consistency and controls around what these things are allowed to do in the first place. And I know that sounds like wishful thinking, but that's pretty much, I think, the only option we got.

Brian Chee (00:58:34):
Okay. So I'm gonna ask one more question. So there is part of my briefing, you know, does it sound like I had a little bit of a government background? Yeah. <laugh>.

(00:58:45):
The it was described as the spy versus spy is all about collecting grains of sand. Small little things to the point where mainland Chinese students and researchers and so forth are always, well, almost always debriefed by the MSS when they get home and they give little things, you know, like who's doing what kind of research and, you know, where are you buying from, you know, tiny greens of sand. The problem is you collect grains of sand enough and pretty soon you have your own beach. I consider that along the lines of where AI really could shine. It's that low and slow attack where we start probing and grabbing little bits and pieces. But is AI really gonna be good at that when it really wants its cookie <laugh>?

Speaker 5 (00:59:45):
I, I guess it's how you define the reward system. And I think when you think about the offensive side of that, right? So you, if you've got you collecting the grains of sand, is how do you plant the false grains of sand so that it can actually end up putting the entire picture together, right. You know, what we were talking about earlier. So, you know, the defensive side of that is, is, you know, the misinformation. I think that's the biggest problem from a generative AI perspective, is you don't get to say, Hey, tell me every way that you came up with this thing that you just gave to me. You don't have that data providence, you don't have that traceability like you would with software. We can run it through static code analysis and ssea and das and everything else to try to figure out whether or not it's doing something it's not supposed to. With de generative ai, you're just kind of getting output and it's really challenging to then be able to put that together. So I think there's a huge opportunity for polluting the dataset that's being gathered in the first place.

Brian Chee (01:00:41):
Okay, my last question, <laugh>. I got really excited when I started hearing about a model that was small enough to be put into embedded systems because I, I really wanna see something a little smarter. My Amazon Echo does some really silly things once in a while. I would love to have better models in that, but I stopped hearing about it. Have you heard anything about, are, are these models really gonna start getting to the point where we can see it in embedded systems?

Speaker 5 (01:01:18):
I, I mean, I haven't, I'm not close enough to that problem, I don't think. The thing I struggle with is if they're, is how they, how they link back to each other and how you actually, you know, you don't want these things all learning independently. It's basically like having evolution on islands and ending up with completely different animals and on every island. You know, and trying to figure out how these things maintain some consistency versus de go off, veer off in completely different directions. So those rules of the road, those those and, and, and having a product around that becomes really challenging as well at that point. So I haven't heard anything but I think it'll be really interesting to see if that ends up popping up more and more and, and how they scale this problem.

Brian Chee (01:02:05):
Thank you so much for a very thoughtful answer. There, it's, there's been a lot of fud Yes. Cir circulating around this topic, and that's one of the reasons why I keep asking the crystal ball questions. You know, po poking in that direction. Maybe we can go and, you know, put a little bit of thought in the developer's minds before they go off in the direction of, you know, Skynet <laugh>.

Speaker 5 (01:02:34):
Yeah, and I th I, I think the, to add to that, it's, you know, there's the, okay, let's put up the rails and everything else. And there's the, there's the, how useful is this thing? And then there's the, you know, spy versus spy side of things. And I think we just as much have to be thinking about how do we fight against it and how do we make sure that it, it can't get there. So we have just like defense offense, red team, blue team, like we have to do the same thing with generative ai.

Lou Maresca (01:02:58):
Well, folks, time flies when you're having fun. Lots of great information. Thank you Nick, so much for being here. Really appreciate your time. We're running a low on time, but we do wanna give you a chance to tell the folks at home, maybe the audience where they can get to learn about more about talent, where they can learn more, maybe get started, get in touch, that kind of thing.

Speaker 5 (01:03:13):
Yeah, I mean, if you wanna get in touch with me, find me on LinkedIn. I'm, I'm there, I'm lurking around. And then talend.com and then and click.com and we've got a lot of fun information for for everybody to go through. Talend actually has an open source version so you can play around with it on your own. It's actually a really great recruiting tool as well, but if you want to get into the business of, you know, data pipelines and, and all of that which is huge in the security industry it's a great tool to play around with.

Lou Maresca (01:03:41):
Fantastic. Well folks, you have done it. Again. You've sat another out of the best dang enterprise and IT podcast in the universe, so definitely tune your podcast catcher to tw. I wanna thank everyone who makes this show possible, especially to my amazing cohost. Are there very well, Mr. Curtis Franklin. Curtis, thank you so much for being here. What's going on for you in the coming weeks and where could people find you?

Curt Franklin (01:04:03):
It's a pleasure to be here, Lou. I'm getting ready for a trip out to Las Vegas, actually two trips to Las Vegas. I'm gonna be heading out meeting with the good folks at Splunk at their conference in mid-July and then I'll be back out there in early August for Black Hat and Defcon. I'll actually be speaking the for a conference just before on the front end of Black Hat, the Omnia Analysts Summit, which is coming up. So preparing a presentation there. In the meantime, I'm doing a lot of writing. I've got something coming up for dark reading this next week on free training software. How far can it take you? Is it a good substitute for the software and programs that you pay for to train you for cybersecurity and have a lot of stuff going on for risk beginning my next big research project, which is going to be drum roll please, cyber insurance and the role it's starting to play in the cybersecurity industry. So lots going on. A good time to stay inside where it's air conditioned, at least until time to go out and run around like a mad man in this Florida

Brian Chee (01:05:20):
Heat

Lou Maresca (01:05:21):
<Laugh> indeed. Thank you Curtis for being here. Well, we also have to thank our very own Mr. Brian. She sheer is always great seeing you as well. Thank you for being here. Can you tell the folks at home what you're doing in the coming weeks? What could people find you and get in touch with you? Well,

Brian Chee (01:05:34):
Infocom is coming up in central Florida and I'm really looking forward to walking around and seeing all kinds of new stuff. I've got a meeting scheduled with the Bright Sign people cuz there's going to be digital signage being slung all over the central Florida fairgrounds. And I also want to go and talk to and see what some of the new things are coming up. Lou asked me about adding touch interfaces to monitors right before the show. And it occurs to me that Infocom is probably gonna have a whole bunch of people with that stuff. So Lou, I'll grab you brochures and you know, cards and stuff, maybe there's some neat stuff. But I will say for the people listening, you can add a reasonably inexpensive frame that goes around a 16 by nine aspect ratio monitor. And you can basically add anywhere between two and 32 points of touch.

(01:06:33):
And I actually bought some of those back at the University of Hawaii so we could add touch for education systems. And interesting enough, that's, I'm doing that for the fairgrounds because gee, I can add a touch interface up to 150 inch television set and the graphic artist for the fairground would very much like me to go and build a life, well bigger than life simulation of a smartphone. So we can put our fairground interface up on that so people can go and look up information on future shows. Anyway, I'm gonna be bragging about that and I'm gonna put a lot of it on Twitter. My Twitter handle is a D V N E T L A B advanced net lab. And I throw all kinds of weird and wacky stuff on that. Additionally, you're more than welcome to throw show ideas and ask questions and so forth. I am Chet, spelled c h e e b e r t twit tv. You're also welcome to throw emails@twttwit.tv and that'll hit all the hosts. Would love to hear from you. Everybody stay safe.

Lou Maresca (01:07:49):
Thank you. Cheaper. It's always great happen to hear. Well folks, we also have to thank you as well. You're the person who drops in each and every week to watch and to listen to our show and get your enterprise and it goodness. So we wanna make it easy for you to listen and catch up on your enterprise at IT News. So go to our show page right now, twit tv slash twi. There you'll find all the amazing back episodes of show notes, co coast information, of course the guest information and of course the links of the stories that we do in the show. But more importantly next to those videos there you'll get the helpful subscribe and download link surpri show by getting your audio version or your video version of your choice. Listen on any one of your devices cause we're on all of your podcast applications or podcasts that are out there.

(01:08:31):
So definitely subscribe and support the show. Also remember you can support the show by getting Club twit as well. It's a members only ad free. Ad free is a big point podcast service with a bonus TWIT plus feed that you can't get anywhere else and it's only $7 a month super cheap. There's a lot of great things that you get. All of our shows obviously are ad free with Club Twit, but one of them is the exclusive access to the members only Discord server. You can chat with hosts, you could chat with producers, lots of separate side discussion channels, lots of amazing ones. There's cooking channels, there's, there's hardware channels plus they also have really great special events in there. So lots of discussions and fun stuff going on at Join Club Twit at twit tv slash club twit. Now, club Twit also offers corporate group plans as well.

(01:09:19):
It's a great way to give your team access to our ad free Tech podcast. That's where your plans start with five members, a discounted rate of $6 each per month and you can add as many seats as you like after that. And this is a great way for your IT department, your developers, your sales team, your tech teams to stay up to date with all access to all of our podcasts that are out there just like regular members. You can join the TWIT Discord server as well and get that TWIT plus bonus feed plus get this, you also have family plans as well also that's $12 a month. You get two seats with that and $6 each for each additional seat after that. And you get all the advantages of the single plan as well. So lots of options there for you Jeff. Definitely joined Club Twit.

(01:09:57):
Tweet that TV slash club twit. Now after you subscribed, you can always impress your friends, your family members, your coworkers with the gift of Twk cuz we have a lot of fun on this show. We talk a lot of about some fun, fun tech topics and I guarantee they will find it fun and interesting as well. So definitely give them the gift there and have them subscribe. Now after you've subscribed, you know what we do this show live 1:30 PM Pacific Fridays. That's right, right here on live dot TWI tv. Go to that website there. You'll find all the streams that we have and you can come see all the behind the scenes. Come see how the pizza's made, all the banter before and after. Lots of fun things that we do here on twi. You can definitely join the livestream there. Of course you going to join the livestream, you gotta join the infamous IRC channels as well.

(01:10:40):
The twit live channels on our RS c server. Just go to IRC twitter tv, your browser there and it will jump you in the Twit live channel. And they have some amazing, amazing characters in there. Always each and every week. You have lots of great discussions. You have Rec on five, we have Gumby, we have Chicken Head, we have, we have we have Adam 20 fours in there. We have Weaver, Mike, all these great people, Eric Tuckman. We, they every, each and every week have lots of great conversations and in fact they have some amazing show titles they gave us this week. So thank you guys for all that. So definitely join that, that di rrc channel as well. Definitely hit me up if you wanna get ahold of me always. I can always hit me up on the Twitter direct message me there lum, that's me.

(01:11:18):
I post my enterprise tidbits. Lots of fun stuff on there. You can hit me up@mastodonlutwi.social show ideas, whatever. Of course also hit me up on LinkedIn, Louis Maas on there. I'm back to head a lot of LinkedIn messages this week, so thank you for that. I really appreciate that. Lots of interesting stuff people are talking about. So thank you for all those messages there as well. If you wanna know what I do during my normal work week, go to developers.microsoft.com/office. There we post all the amazing great, great ways for you to customize your office experience. And if you have Microsoft 365 account right now, open up your Excel and check out the the automation tab. That's right, there's an automation tab in there. Check that out because now you can go and record a macro using our office scripts new, our new office scripts automate and you can actually run it in an A power automate flow unattended without even having Excel open.

(01:12:10):
Lots of cool stuff. Check it out. Lot of fun. Definitely check that out and see how that can work for you. I wanna thank everyone who makes this show possible, especially to Leo and Lisa. They continue to support this week in enterprise tech each and every week and we really couldn't do the show without them. So thank you for all your support over the years. Of course, thank you to all the staff and engineers at twit. And of course I wanna thank Mr. Bryan to one more time cuz he is not our co-host, but he's also the amazing producer of the show as well. He's our Titleist producer and he does all the bookings and the plannings for the show and we really couldn't do this show without him. So thank you Cheever, for all your support. Of course, thank you to our editor for today, Mr. Anthony. He's gonna make us look good after the fact and cut out all of my mistakes. Thank you sir, very much. And of course, thank you Mr. Burke for being our TD today. I appreciate all your support you've make, it made it make it look easy. So thank you for all your help there. And of course, until next time, I'm Lu Esca just reminding you. If you want to know what's going on in the enterprise, just keep twiet
 

All Transcripts posts