Remote and roaming users, cloud-based apps, and insecure networks are all leaving the door open to attacks like phishing, ransomware, and malware. With more users, devices, applications, and data to secure than ever before, existing security models are falling short.
In this 40 minute session, Skyline’s Cisco-certified cybersecurity expert, Kenya Thomas, discusses:
• How to start thinking and performing like a security pro
• The state of cybersecurity
• Why SMB’s are targeted and what threats they face
• What can be done to protect businesses like yours
Click here to view/download the slides for this session.
Hello everyone, and thank you for
joining us today for our Cloud
Security Workshop, Zero Trust
Architecture, and Beyond Session.
I'm Jessica Jackson, your moderator.
In today's session, we'll
explore how to start thinking and
performing like a security pro.
We'll also discuss the state of
cybersecurity, why SMBs are targeted,
what threats they face, and most
importantly, what can be done
to protect businesses like your.
I'm happy to introduce our speaker today. Kenya Thomas has over 20 years in networking and cybersecurity. His passion is teaching and training, and for the last six years he has been consulting and training Cisco security teams on how they can leverage Cisco's products to help keep companies and businesses safe. Before I hand the ball over, I just wanna remind everyone that you have the opportunity to ask any questions you might have about the presentation. You could just type your questions into the q and a panel, which you'll find on the right side of your screen. Without further ado, Kenya. Great. Thank you very much Jessica. Much appreciated. I'm gonna share my desktop. I'm gonna tell you guys something that actually just happened to me this week. So, I live in California and this week I actually went to Boston to sit in on a security training for a very big customer. This is a customer who has a number. Probably thousands of retail stores throughout the United States and we were doing a presentation, they were doing presentations on security and then I was doing some presentation on some networking stuff. Here's what's interesting. I saw the other presenters who were really good. This guy was great, he was an engineer, and he was talking about a security product. But I noticed something. It was kind of nice to sort of be in the audience. I noticed that he never really connected what the product was gonna do for that customer. He went into a lot of detail about how the product worked, but he never really kind of connected it back to exactly how that particular product. I was gonna go ahead and actually help keep that particular customer safe. And I sat there the entire time kind of waiting for that piece, and it wasn't really there. And so that got me thinking. I hope that I don't make a similar mistake. So here's what I want you guys to do. I'm gonna be talking to you guys for the next 35 minutes, or. At the end of that, I'm gonna introduce you to a gentleman who can actually help you guys with increasing your security profile. As I'm talking, I want to make sure that you guys put your attention on the following, which is, what is this guy saying that can help me keep my company?
What is it that this guy is saying that's actually gonna be useful for us? And then at the end, I'm gonna show you a kind of a survey you can do to just put us some questions to ask because if you're here, you care about security and if you're here, you also understand that security is a journey. No one, nobody in their right mind would ever say, oh, our network is completely safe. If anybody says that they don't understand how the nature of the threats that are out there are actually working. Okay. So with that in mind and that particular focus, keep your attention on what is this guy saying that's gonna help me keep my network safe. And then as we're moving along, Jessica had mentioned that you guys can type your questions into the q and a. Go ahead and actually type your questions into the chat. If we need to, we can actually unmute you so you can actually, we can actually engage in a dialogue. Okay. With that being. As Jessica mentioned, my name is Kenya Thomas. I've been teaching cybersecurity and networking far, far too long, but I love it because it's fascinating. And this period here is one of the most exciting. There is an ancient Chinese proverb that says, may you live in interesting times. And by golly, these last three plus years have indeed been interesting. We've in the middle of a global pandemic that has actually transformed the very nature of remote work and hybrid work. We're dealing right now with a war in Europe, specifically Ukraine. We've got supply chain challenges. We've got rising costs. We've got a threat landscape that continues to expand small and medium businesses like you guys are scrambling to keep themselves safe and to stay relevant and to thrive in the midst of this uncertainty. Meanwhile, cyber attacks are on the rise. The more I learn about the nature of the threats, the more I realize how much there is to.
But here's what's actually interesting is that for Cisco's customers, this is a period that is really both challenging and an opportunity. Now, here's why I say that. It's the opportunity because the scale and scope of Cisco's investment and security has actually never been greater, and that's an opportunity for you guys as the customer to leverage. That investment in service of your networks. So I'm gonna talk to you guys a little bit about, the cybersecurity challenges and we're gonna talk about a story about an attack on a company called Code For You. Along the way we're gonna talk about the ransomware life cycle. It's really key. Uh, and then I'm gonna get into talking about Umbrella and I'm gonna be talking about Duo, which are. Uh, Cisco security products that help keep customers safe. But remember what I said to you a minute ago, as I'm talking about these, don't let me get too caught up in, Hey, it's got this cool feature, it's got this cool feature. I want you to think about it in terms of is this something that can help keep my business safe? And then at the end, I'm gonna introduce you to a gentleman, uh, Brent Davies. And Brent Davies is all about helping organizations like yours, uh, increase their safety. Okay. This is Jasmine C. Jasmine C is the head of a company called Code For You. Code for You is a contract coding company, and they were recently hit with a ransomware attack. Uh, as a result of the attack, they are reevaluating their entire security infrastructure. Everything top to bottom. They, the code for you actually has three locations. The bulk of their applications are cloud-based. They do a lot of collaboration. They are currently working with a Cisco partner, skyline, which is the same company that I work for and that Brent works for and that Jessica works for. This is Jose Mock. He is a rep with Skyline. His focus is on Cisco's security products, and he's having this meeting with Jessica, with Jasmine. Okay. Here's how the dialogue actually goes, Jasmine, so sorry to hear about your recent ransomware attack. Thank you. We're reevaluating everything based on your experience. We're gonna discuss the ransomware life cycle and how it applies to businesses like. Uh, and then we'll discuss Umbrella and Duo, and she says, you have my interest. Okay.
Whoever you go with for security, you want to go with someone who can keep your business safe. Now, Cisco is an organization that actually does that. But Cisco is by no means the only security company out there that's actually 2,500 different security companies out there. What Cisco brings to the table that'll be of interest to you is that Cisco protects 100%. Of the Fortune 100 companies. Additionally, 80% of the planet's internet traffic flows through Cisco's infrastructure. Why does that matter? In order to be able to protect against threats, you actually have to know what is out there. And Cisco has a threat intelligence organization called Taos, and no one on the planet sees more threats than Cisco Taos, in addition to protecting the Fortune 100. Cisco actually protects 840,000 plus networks now. That's cool. That's actually really good stuff. But let's talk a little bit about the kind of threats that you guys are up actually up against out there. I'm gonna talk about ransomware now. Why ransomware? Because there's a new ransomware attack somewhere on the planet every 10 seconds. And a ransomware. If your company gets hit by a ransomware attack, it can take you guys to your. Simple as that, and that's actually what the bad guys understand. Last in 2021, 1.2 billion was paid by US banks as part of ransomware attacks. Uh, in 2021, there was also an attack where the biggest ransomware attack in history, they demanded 70 million to stop the attack. You keep hearing about hospitals, hospitals are a target rich environment for the bad guys. Couple of months back, you may have heard Uber was hit. The entire Uber internal network was compromised by an 18 year old with just a little bit too much free time on his hands.
Schools and colleges are suffered over $3.5 billion. In damages. If ransomware was a stock, they would be a fantastic investment. The nature of the kind of damages has grown from 325 million to now over 20 billion, and the numbers are only expected to grow.
Let's talk a little bit about how an actual ransomware attack takes place. There's six steps. In the ransomware life cycle and the nature of the ransomware attacks will vary, but these, there's some common denominators. So let's do this. Let's play a game. Let's assume that you and me sit down over coffee and we decide to become cyber criminals because we realize this working for a living thing is for the birds. So we say, you know what? We're gonna risk it. We're gonna become cyber criminals. Now, I can't write code, and maybe you can't write code, but here's the good news. We don't need to, we can actually go on the dark web right now with a credit card or Bitcoin, and we can buy malware. We can actually buy a ransomware kit, like a do-it-yourself ransomware. And in that kit we can also purchase, uh, a list of compromised email addresses. Great. So we've got our malware, we send it out to people, and we penetrate a network. We have got a victim. Great. The malware needs to be good enough to penetrate the firewall, get on the target machine. Then once it's on the target machine, it needs to be able to communicate out to what's called a command and controlled server. These are servers that are maintained by the bad guys that are designed to receive the exfiltrated data and to download more malware. Our malware needs to communicate out to the command and control servers where it's gonna go ahead and actually download encryption keys and download more malware. Then at the same time, the malware will then actually go ahead and scan through the target network and look for stuff to steal. That data will then be exfiltrated off of the customer's network onto our command and control servers. And then once we've stolen everything worth stealing, we'll then go ahead and actually encrypt the hard drive and then we get paid more money. More money, more money. Okay. Let's elaborate on this a little bit here. So in terms of the distribution email still. Email still works. Email is still the primary attack vector. I just got an email yesterday from someone pretending to be a friend of mine from high school. This was absolutely amazing to me. Pretended to be a friend of mine from high school. I'm like, oh, hey Rick, how you been? Rick says, Hey, do you use Amazon? I have an issue right now. Would you be willing to go ahead and go on Amazon and buy me a couple of gift cards and then forward them to me? And I said, Now, because I work in cybersecurity, I realized what was going on, so I decided to play with the guy a little bit. I said, Hey Rick, how have you been? By the way, how is your wife, Samantha? Did she have the twins last month? Now, by the way, the actual Rick is unmarried and consequently doesn't have a wife with twins. The bad guy said, yeah, yeah, yeah, absolutely. Hey, about getting those Amazon gift cards. I said, oh, great, great, great. By the way, hey Rick, what high school do we go to together? Uh, and that's when the guy went away. So email still works, URLs still work, malware documents still work. Or here's what else you can do. We can go ahead and buy a list of compromised login credentials.
The penetration, the malware has gotta be good enough to get through the firewall because all of you guys, I would be willing to bet any amount of money. All of you guys have some type of firewall. Now, hopefully you understand that the firewall is just one component of an overall security approach. Firewalls are critical. Firewalls are part of an overall solution. Security is like happiness. You do not bank on one single thing to make you happy. So the malware's gotta go ahead and get past the firewall, get on the target network, and then it needs to go ahead and communicate out to those command and control servers. Now it does that by making use of something called DNS DNS stands for domain name service. It is fundamental to how all networking works every time you open up a browser and type in amazon.com or google.com or cisco.com or whatever.
DNS actually will go ahead and run it will take that URL and it will find the destination IP address. You need some type of service that's gonna be able to go ahead and block access to dangerous websites.
Then the malware is gonna go ahead and attempt to move laterally through the organization. In networking, we refer to North South as traffic that comes from outside your network to inside your network. If the malware gets in, then it needs to move laterally within the network that's referred to as East West. You'd need some type of protection to be able to identify that because guess what? Malware is getting into your network. The issue is, are you gonna be able to identify it and stop it?
And then the actual encryption of the hard drive and then the demand for the money. Okay, so let's talk about a couple of Cisco tools that can actually kind of help you with this. Now we don't have time to go into the entire Cisco security portfolio. If you guys like what we cover here, let Brent know. And we'll go ahead and do some additional follow ups about some of the other security products, but we're gonna focus in on Umbrella and dual for this particular session. So this is the code for you network. They've got three locations and uh, everything that they do is pretty much cloud-based. They've got 55 contract and remote workers spread around the region. Couple of questions come up if this is the customer's network. First question is this, Hey, the data and resources are in the cloud, but the people are everywhere. How do we make sure they can access it safely? Issue number two, how do we provide firewall type inspection of incoming and outgoing traffic when the users are no longer in a centralized location?
Issue number three, even, even quote unquote, safe websites. Like fortune.com or New York times.com, they may contain links that connect to malware. How do we allow employees to browse safely?
Okay, so it used to be long time ago in the before times I e, before the pandemic. That the data was in the data center, and for some customers, they're actually still doing this. All the data was in the data center. It was at headquarters. The bulk of traffic was internal. Then you had Office 365, then you had Microsoft Azure, then you had Amazon Web Services, uh, Google Docs, et cetera. It no longer was viable to back haul everything to headquarters
for your organizations.
People need to be able to access resources that are in the cloud. How do we make sure they can do that safely? One of the key tools to make that happen is Umbrella.
Here's what Umbrella is. Okay? Now I. Don't let me get guilty of doing that thing that I saw the other guy do, which is I just get into the meat of how the cool product works without telling you how it protects you. Here is how Umbrella will protect you. Umbrella will go out, it will identify websites that are dangerous. It will utilize all of the information gained from Cisco and from the Umbrella cloud. It will identify websites that are potentially dangerous, websites that are being utilized as part of malware campaigns, websites that are being used, part of phishing campaigns, websites that are being utilized as part of C2 stands for Command and control Callbacks. It will block that access. So that if one of your employees clicks on a dangerous URL, Umbrella will block. DNS is fundamental. When you connected to your home network, your office network, your Starbucks network, when you connected, you got an IP address, you got a subnet mask, you got the location of the nearest router, whether it's your home router or another router. And then you also, if you didn't have one, you got pointed to a DNS server. What DNS does is when you type amazon.com, the network needs to know what that IP address is. So it does what's called a DNS Lookup domain name, service lookup. This is how all networking works. Every time when you click on an icon on your phone, DNS is running. When you stream a movie, DNS is running. What Umbrella does is Umbrella goes out. Onto the internet identifies the websites that are dangerous, and then you use Umbrella as your DNS so that when you click on that URL, it doesn't take you there because it knows it's dangerous. Also, if malware is on your network and it attempts to make use of DNS to contact those command and control servers, Umbrella blocks it. That's what Umbrella.
Now Cisco Umbrella goes even beyond that. It's got some other features that have been layered into it as part of the cloud level protection. I'm gonna touch on a couple of those. I don't want to get into a, and here's another cool feature, but there's a lot of cool features, so I'm gonna just touch on a couple of 'em. Here's one of them. Umbrella has an option where in addition to the DNS level protection, we can go ahead and have. You connect up to what's called an S W G stands for a secure web gateway or secure internet gateway. This is where all of your web browsing will flow through. All your web browsing will flow through this, and inside of that Umbrella cloud, you've got a firewall, so you get cloud level firewall protection. This means that wherever your people. Their web traffic will flow through a firewall, and that particular firewall has visibility up to the application level. So instead of just a physical firewall at the perimeter, your guys get a firewall every time they go ahead and do web browsing.
Another cool feature, If I'm a bad guy, my objective is to penetrate your network and steal valuable information. Information like social security numbers, credit card numbers, medical record numbers. Umbrella has built into it something called data loss prevention specific algorithms that are designed to scan data that is leaving the network. To see if it is anything that comes under that category, credit card information, medical record numbers, account numbers, et cetera, and block that. So discover and block that type of transmission of sensitive data.
Another cool feature to help protect you guys, something called RBI. RBI is a cool feature, stands for remote browser isolation. The Internet's a dangerous place. You can go to a legitimate website. Let's say you go to a website and that website attempts to actually download malware to your machine. So now you're at risk. Hopefully you have some type of endpoint protection. If you don't, we wanna make sure you're talking to Brent Davies about the Cisco Secure endpoint. Well, here's what remote browser isolation does. It creates an air gap between you and the browser. Now, I don't want to go feature feature, but it's kind of cool. Literally what happens is you will connect up to the Umbrella cloud, and then from the Umbrella cloud, you'll open up the webpage so that if there's malware on the webpage, it cannot infect your machine. You can still do all your browsing, you can still click. You don't even notice any delay. But if there's something dangerous on there, it's not gonna affect your machine. And then the last feature I want to tell you about, Hey, you go to Dropbox, you go to Google, uh, you go to, was it, uh, Cisco Box, the other one, those cloud storages. There could be malware there. So Umbrella has built-in cloud malware detection. Okay, I don't want to go ahead and those Umbrella actually has even more features than that. But what I need you guys to understand is exactly how Umbrella layers the protection to help keep you guys safe. So let's go back to this code for you. Network. The data and resources are in the cloud, that people are everywhere. How do we access it safely? Answer Umbrella with the cloud level.
How do we provide firewall type inspection of income and ongoing traffic when the users are no longer centralized answer Umbrella with its cloud delivered firewall? Even safe websites may contain links that connect to malware. How do we allow employees to browse with confidence? Answer Umbrella with remote browser isolation. Okay. You got four different tiers of entry with Umbrella. You're interested in those. Talk to Brent. He'll break it down for you. He'll help you figure out which ones are actually most appropriate for you if you have DNS level protection. Cool.
Even if you have it, you still want to actually have the conversation about what Umbrella can actually offer because nobody sees more than Cisco. Okay, lemme talk to you about another product here. Cisco. Okay, so we talked about the code for you network. All right, here's a question for you. I get the username and password of one of your employees, and I attempt to log into your network right now today. Am I successful? All right, here's another issue. I'm an employee of your organization. My laptop's running an outdated operating system. My laptop has known vulnerabilities cuz I don't like the update. Am I able to access corporate resource?
How about this? I'm a hacker. I'm a bad guy. I have penetrated your network. Oops. I'm now attempting to access your most sensitive application. What multiple layers or protection do you have in place to stop me?
The network perimeter is wherever the network is being accessed from wherever you guys are right now. That is the network perimeter of your organization, wherever you guys go and access the network from the perimeter expands to there, and you gotta make sure that the network is safe no matter where people are accessing it from.
The attacks continue to increase. Now there's a company called Colonial Pipeline. This was actually one of the largest. Infrastructure attacks in history. Remember that ransomware life cycle? Take a look at how these guys got hit. All right. Prior to May 6th, an Eastern European hacker group got into the network. Remember what I said? Penetrated the network. They moved laterally and they exfiltrated hundreds of gigabytes of data, hundreds of gigabytes of data. Then after they had stolen everything that was useful, they then encrypted the servers that manage the gas pipeline for the Eastern United States. They launched their ransomware attack, colonial Pipeline. They had no choice. They paid 4.4 million in ransom F b I got back a lot of it later on, but they had no choice. They had to get that network back up and. So they paid the 4.4 million in ransom. F b I confirmed that it was the dark side ransomware group out of Russia who was responsible for this? Uh, May 10th, May 12th, everybody on the East Coast freaked out. Everybody was running outta gas cause they didn't know what was gonna happen next. Um, fortunately on May 12th, colonial Pipeline resorted operations, now largest cyber attack on an oil infrastructure target. In the history of the United States, cost was in the tens of millions of dollars. Here's the interesting thing. The source of the breach was a single compromised password. Specifically Bloomberg News said the following, the hack that took down the largest fuel pipeline in the US and led to shortages across the East coast was the result of a single compromised password. Hackers gain entry into the networks on April 29th through a VPN account. The account was no longer in use at the time of the attack, but could still be used to access colonial's network. The VPN account, which has since been deactivated, did not use, wait for it, multifactor authentication.
The bad guys have only gotta be right one time and they can take the network down.
Okay, so DUO is part of what we call a Zero Trust. Zero Trust is an overall framework. It actually means a number of things. It's not a single product by any means, but Duo says, Hey, who are you?
Is your network access device safe? And. I'm gonna make sure you have access to what you need to have access to and nothing else. That's what duo's about Duo is about. Hey, we want to go ahead and have trusted users who are on trusted devices, who are able to access only those applications that they need to have access to. Now, the scope of Cisco dual, just so you're not, in case you're wondering, well, are we the first ones to try this? Duo is currently doing 900 million authentications per month, and I think right now it actually might be up to a billion. 37 billion devices are being protected with over 436,000 unique applications. DUO is an MFA solution, but it's far more than an MFA solution. But as an MFA solution, customers love it cuz it's so easy to work with. It will. All types of multifactor authentication, wearables, phone calls, biometrics, those little U s B devices that you have to plug into the laptop to get 'em to work, supports 'em all. You install DU on the network. You are, uh, NIST compliant, DEA compliant, HIPAA compliant. Every major, uh, security protocol is met with du. In terms of a zero trust access solution. But this is the story I like most. So Facebook internal, or excuse me, I guess it's now called Meta. I apologize, it's hard for me to keep track. Uh, Facebook slash Meta the internal users, these are the developers, they decided to go with the duo solution and they started with just 300 people.
It was so successful that they actually expanded to over 10,000 users, and now even more Duo is about, is the device I am on, is it compliant? What's the posture of that device?
We hear a lot about like what's sexy is what's called a zero day attack. These are attacks that have never been seen before. But if I'm a bad guy, I don't gotta do. I can just go ahead and actually make use of known vulnerabilities. The vast majority of attacks are actually making use of vulnerabilities that have actually been known for over a year. Vulnerabilities that are actually on laptops that are being utilized to access your network. Duo's gonna go ahead and give you the ability to go ahead and say, Hey, before these devices are allowed to access my network, they have to have this criteria Additionally, Duo will work with pretty much every application. So some people will have like Microsoft mfa and Microsoft MA is very good for Microsoft, but Duo literally will work with pretty much any corporate application, proprietary apps, Microsoft Cloud services, UNIX devices, web applications, VPNs, et cetera. And what Duo is gonna do, And I apologize if I'm going too deep into the product details. I do get kind of excited about this. Here's how it protects you. It protects you by making sure that only the people who are supposed to be on your network, are on your network. Duo's gonna actually go ahead and actually monitor the access. Now, duo by itself is not enough for your security needs, but it does add an additional layer of protection to your overall security. So I get the username and password of one of your employees, and I attempt to log into your network. Am I successful? Nope, not with Duo.
I'm an employee of your organization. My laptop is running an outdated operating system with known vulnerabilities, am I able to access corporate resources? You guys already know where I'm going. Not with DUO posture.
I'm a hacker and I have penetrated your network. I'm now attempting to access your most sensitive applications. What controls are on place to help me or to stop me?
Do all with application visibility.
If we got your interest with this, talk to Brent. Let's set you up for a free 30 day trial of dual, because once you start using it, you start seeing the benefits of it. And there's different tiers of access with dual, but I'm not gonna be able to go into that here.
Okay.
Remember my ransomware life cycle? Cisco is specifically designed to address all of these needs. Some of the ones that we can talk about here is Cisco Tao's, Cisco's threat detection organization. They actually work behind the scenes to not only protect Cisco, but to protect the entire internet. So you purchase any Cisco security products, you're getting the benefits of Taos, and here's a little secret, even if you don't purchase any Cisco security products, Taos is actually out there keeping the internet safe in terms of penetration and infection. DUO is there to actually make sure that only the people who are supposed to be on your network get access to the network and that communication out to that command and control.
Umbrella puts a stop to that. Muhammad says, we use Duo and we love it. Mohamed, I think that you might be one of my favorite individuals for the day now, in terms of being able to stop the file search and the encryption and the ransomware demands. There's other components that we have that make that available, but we don't have time to go into those. Here's what I want you to do. Hopefully I was able to do what I set out to do, which is share with you and get you thinking about your own. Right now, Jessica's gonna post into the chat a cybersecurity checklist, a link for a cybersecurity checklist. Look at that. Start thinking about your own company's protection. Now, I promised you I was gonna introduce you to somebody who could actually help take this to the next level for you. I'm gonna go ahead and stop sharing for a moment. Brent, if you can go ahead and actually just talk a little bit about what you, who you are and what you do, I think they'll benefit from that.
Beautiful. Thank you there, Kenya. So everybody, again, thank you for joining the presentation. Kenya is, is very special. Um, I call 'em a distinguished engineer within our organization. And we have a number of, uh, folks here at, at Skyline that would be happy to help you on your security journey. Um, we love our partnership with with Cisco. And again, I want to thank you all for, for joining this presentation. Um, in conjunction with Cisco. We can do a, uh, health check, security blueprint, health check, so to. with anybody that wants to know, like, where do you stand on a risk scale? And maybe we can help you create, uh, a one year, two year, three year journey on how to get to where you need to be to give you all the safe and security essential practices in place. Uh, I will reach out again to everybody. Uh, why Skyline? Well, we're one of the 1% I would call it a very unique value. Added partner that can be a part of your business. Strategies been around for 30 years plus, and amongst those years we've been receiving Cisco Partner Awards, Cisco Education Awards, and I'm very confident that our abilities across the table can help you with your successful business practices and. Again, I thank everybody for attending and look forward to reaching out down the road. Fantastic. Okay. Um, I tell you, kin was asking about the slide presentation. Will that be available? I'll make you a deal. If you guys fill out for everybody who fills out the cybersecurity checklist, we will make sure we get you guys the actual deck. Okay? Um, and here's what now, once again, I want to make sure I'm driving this point home. I'm gonna tell you a secret. This is Brent gonna hate me for this . It doesn't matter to me who you go to for your security needs. What matters to me is that you are thinking about how to keep your organizations safe. That is what we care about. That is what matters. Okay? With that in mind, we're gonna open it up for any questions that you guys actually may have. So do we have any questions? Uh, Jessica, do we actually have any questions from anyone at this point?
Can you hear me? Yeah. Got you loud and clear Now, um, let's see.
We have one that came in. If a customer wanted to get started with Umbrella, how long, uh, would that take? This is what's so great about Umbrella, literally about, hmm, five minutes. Because all we'd have to do is actually go in for the most basic Umbrella. We can go in and we change the company-wide DNS, and then they start getting protected right away. And then if they decide to go with the Umbrella, secure internet gateway, uh, then that's the next phase. But we can literally go ahead and actually get them protected within a matter of minutes.
Great. Okay. All right, great. Thank you all for being with us here. Uh, once again in the chat, you should actually see that secure, that cybersecurity checklist. Brent has also been nice enough to actually go ahead and post his information there. Start thinking about your own security. Because, uh, you know, I hate to be like that guy, but the bad guys are thinking about your security all the time. Okay. All right. With that being said, we want to thank you very much for your time. We really do appreciate you guys being here. Please feel free to go ahead and actually reach out to Brent or reach out to Jose and then let's go ahead and keep the conversation going.
Thank you all very much. Thank.
I'm happy to introduce our speaker today. Kenya Thomas has over 20 years in networking and cybersecurity. His passion is teaching and training, and for the last six years he has been consulting and training Cisco security teams on how they can leverage Cisco's products to help keep companies and businesses safe. Before I hand the ball over, I just wanna remind everyone that you have the opportunity to ask any questions you might have about the presentation. You could just type your questions into the q and a panel, which you'll find on the right side of your screen. Without further ado, Kenya. Great. Thank you very much Jessica. Much appreciated. I'm gonna share my desktop. I'm gonna tell you guys something that actually just happened to me this week. So, I live in California and this week I actually went to Boston to sit in on a security training for a very big customer. This is a customer who has a number. Probably thousands of retail stores throughout the United States and we were doing a presentation, they were doing presentations on security and then I was doing some presentation on some networking stuff. Here's what's interesting. I saw the other presenters who were really good. This guy was great, he was an engineer, and he was talking about a security product. But I noticed something. It was kind of nice to sort of be in the audience. I noticed that he never really connected what the product was gonna do for that customer. He went into a lot of detail about how the product worked, but he never really kind of connected it back to exactly how that particular product. I was gonna go ahead and actually help keep that particular customer safe. And I sat there the entire time kind of waiting for that piece, and it wasn't really there. And so that got me thinking. I hope that I don't make a similar mistake. So here's what I want you guys to do. I'm gonna be talking to you guys for the next 35 minutes, or. At the end of that, I'm gonna introduce you to a gentleman who can actually help you guys with increasing your security profile. As I'm talking, I want to make sure that you guys put your attention on the following, which is, what is this guy saying that can help me keep my company?
What is it that this guy is saying that's actually gonna be useful for us? And then at the end, I'm gonna show you a kind of a survey you can do to just put us some questions to ask because if you're here, you care about security and if you're here, you also understand that security is a journey. No one, nobody in their right mind would ever say, oh, our network is completely safe. If anybody says that they don't understand how the nature of the threats that are out there are actually working. Okay. So with that in mind and that particular focus, keep your attention on what is this guy saying that's gonna help me keep my network safe. And then as we're moving along, Jessica had mentioned that you guys can type your questions into the q and a. Go ahead and actually type your questions into the chat. If we need to, we can actually unmute you so you can actually, we can actually engage in a dialogue. Okay. With that being. As Jessica mentioned, my name is Kenya Thomas. I've been teaching cybersecurity and networking far, far too long, but I love it because it's fascinating. And this period here is one of the most exciting. There is an ancient Chinese proverb that says, may you live in interesting times. And by golly, these last three plus years have indeed been interesting. We've in the middle of a global pandemic that has actually transformed the very nature of remote work and hybrid work. We're dealing right now with a war in Europe, specifically Ukraine. We've got supply chain challenges. We've got rising costs. We've got a threat landscape that continues to expand small and medium businesses like you guys are scrambling to keep themselves safe and to stay relevant and to thrive in the midst of this uncertainty. Meanwhile, cyber attacks are on the rise. The more I learn about the nature of the threats, the more I realize how much there is to.
But here's what's actually interesting is that for Cisco's customers, this is a period that is really both challenging and an opportunity. Now, here's why I say that. It's the opportunity because the scale and scope of Cisco's investment and security has actually never been greater, and that's an opportunity for you guys as the customer to leverage. That investment in service of your networks. So I'm gonna talk to you guys a little bit about, the cybersecurity challenges and we're gonna talk about a story about an attack on a company called Code For You. Along the way we're gonna talk about the ransomware life cycle. It's really key. Uh, and then I'm gonna get into talking about Umbrella and I'm gonna be talking about Duo, which are. Uh, Cisco security products that help keep customers safe. But remember what I said to you a minute ago, as I'm talking about these, don't let me get too caught up in, Hey, it's got this cool feature, it's got this cool feature. I want you to think about it in terms of is this something that can help keep my business safe? And then at the end, I'm gonna introduce you to a gentleman, uh, Brent Davies. And Brent Davies is all about helping organizations like yours, uh, increase their safety. Okay. This is Jasmine C. Jasmine C is the head of a company called Code For You. Code for You is a contract coding company, and they were recently hit with a ransomware attack. Uh, as a result of the attack, they are reevaluating their entire security infrastructure. Everything top to bottom. They, the code for you actually has three locations. The bulk of their applications are cloud-based. They do a lot of collaboration. They are currently working with a Cisco partner, skyline, which is the same company that I work for and that Brent works for and that Jessica works for. This is Jose Mock. He is a rep with Skyline. His focus is on Cisco's security products, and he's having this meeting with Jessica, with Jasmine. Okay. Here's how the dialogue actually goes, Jasmine, so sorry to hear about your recent ransomware attack. Thank you. We're reevaluating everything based on your experience. We're gonna discuss the ransomware life cycle and how it applies to businesses like. Uh, and then we'll discuss Umbrella and Duo, and she says, you have my interest. Okay.
Whoever you go with for security, you want to go with someone who can keep your business safe. Now, Cisco is an organization that actually does that. But Cisco is by no means the only security company out there that's actually 2,500 different security companies out there. What Cisco brings to the table that'll be of interest to you is that Cisco protects 100%. Of the Fortune 100 companies. Additionally, 80% of the planet's internet traffic flows through Cisco's infrastructure. Why does that matter? In order to be able to protect against threats, you actually have to know what is out there. And Cisco has a threat intelligence organization called Taos, and no one on the planet sees more threats than Cisco Taos, in addition to protecting the Fortune 100. Cisco actually protects 840,000 plus networks now. That's cool. That's actually really good stuff. But let's talk a little bit about the kind of threats that you guys are up actually up against out there. I'm gonna talk about ransomware now. Why ransomware? Because there's a new ransomware attack somewhere on the planet every 10 seconds. And a ransomware. If your company gets hit by a ransomware attack, it can take you guys to your. Simple as that, and that's actually what the bad guys understand. Last in 2021, 1.2 billion was paid by US banks as part of ransomware attacks. Uh, in 2021, there was also an attack where the biggest ransomware attack in history, they demanded 70 million to stop the attack. You keep hearing about hospitals, hospitals are a target rich environment for the bad guys. Couple of months back, you may have heard Uber was hit. The entire Uber internal network was compromised by an 18 year old with just a little bit too much free time on his hands.
Schools and colleges are suffered over $3.5 billion. In damages. If ransomware was a stock, they would be a fantastic investment. The nature of the kind of damages has grown from 325 million to now over 20 billion, and the numbers are only expected to grow.
Let's talk a little bit about how an actual ransomware attack takes place. There's six steps. In the ransomware life cycle and the nature of the ransomware attacks will vary, but these, there's some common denominators. So let's do this. Let's play a game. Let's assume that you and me sit down over coffee and we decide to become cyber criminals because we realize this working for a living thing is for the birds. So we say, you know what? We're gonna risk it. We're gonna become cyber criminals. Now, I can't write code, and maybe you can't write code, but here's the good news. We don't need to, we can actually go on the dark web right now with a credit card or Bitcoin, and we can buy malware. We can actually buy a ransomware kit, like a do-it-yourself ransomware. And in that kit we can also purchase, uh, a list of compromised email addresses. Great. So we've got our malware, we send it out to people, and we penetrate a network. We have got a victim. Great. The malware needs to be good enough to penetrate the firewall, get on the target machine. Then once it's on the target machine, it needs to be able to communicate out to what's called a command and controlled server. These are servers that are maintained by the bad guys that are designed to receive the exfiltrated data and to download more malware. Our malware needs to communicate out to the command and control servers where it's gonna go ahead and actually download encryption keys and download more malware. Then at the same time, the malware will then actually go ahead and scan through the target network and look for stuff to steal. That data will then be exfiltrated off of the customer's network onto our command and control servers. And then once we've stolen everything worth stealing, we'll then go ahead and actually encrypt the hard drive and then we get paid more money. More money, more money. Okay. Let's elaborate on this a little bit here. So in terms of the distribution email still. Email still works. Email is still the primary attack vector. I just got an email yesterday from someone pretending to be a friend of mine from high school. This was absolutely amazing to me. Pretended to be a friend of mine from high school. I'm like, oh, hey Rick, how you been? Rick says, Hey, do you use Amazon? I have an issue right now. Would you be willing to go ahead and go on Amazon and buy me a couple of gift cards and then forward them to me? And I said, Now, because I work in cybersecurity, I realized what was going on, so I decided to play with the guy a little bit. I said, Hey Rick, how have you been? By the way, how is your wife, Samantha? Did she have the twins last month? Now, by the way, the actual Rick is unmarried and consequently doesn't have a wife with twins. The bad guy said, yeah, yeah, yeah, absolutely. Hey, about getting those Amazon gift cards. I said, oh, great, great, great. By the way, hey Rick, what high school do we go to together? Uh, and that's when the guy went away. So email still works, URLs still work, malware documents still work. Or here's what else you can do. We can go ahead and buy a list of compromised login credentials.
The penetration, the malware has gotta be good enough to get through the firewall because all of you guys, I would be willing to bet any amount of money. All of you guys have some type of firewall. Now, hopefully you understand that the firewall is just one component of an overall security approach. Firewalls are critical. Firewalls are part of an overall solution. Security is like happiness. You do not bank on one single thing to make you happy. So the malware's gotta go ahead and get past the firewall, get on the target network, and then it needs to go ahead and communicate out to those command and control servers. Now it does that by making use of something called DNS DNS stands for domain name service. It is fundamental to how all networking works every time you open up a browser and type in amazon.com or google.com or cisco.com or whatever.
DNS actually will go ahead and run it will take that URL and it will find the destination IP address. You need some type of service that's gonna be able to go ahead and block access to dangerous websites.
Then the malware is gonna go ahead and attempt to move laterally through the organization. In networking, we refer to North South as traffic that comes from outside your network to inside your network. If the malware gets in, then it needs to move laterally within the network that's referred to as East West. You'd need some type of protection to be able to identify that because guess what? Malware is getting into your network. The issue is, are you gonna be able to identify it and stop it?
And then the actual encryption of the hard drive and then the demand for the money. Okay, so let's talk about a couple of Cisco tools that can actually kind of help you with this. Now we don't have time to go into the entire Cisco security portfolio. If you guys like what we cover here, let Brent know. And we'll go ahead and do some additional follow ups about some of the other security products, but we're gonna focus in on Umbrella and dual for this particular session. So this is the code for you network. They've got three locations and uh, everything that they do is pretty much cloud-based. They've got 55 contract and remote workers spread around the region. Couple of questions come up if this is the customer's network. First question is this, Hey, the data and resources are in the cloud, but the people are everywhere. How do we make sure they can access it safely? Issue number two, how do we provide firewall type inspection of incoming and outgoing traffic when the users are no longer in a centralized location?
Issue number three, even, even quote unquote, safe websites. Like fortune.com or New York times.com, they may contain links that connect to malware. How do we allow employees to browse safely?
Okay, so it used to be long time ago in the before times I e, before the pandemic. That the data was in the data center, and for some customers, they're actually still doing this. All the data was in the data center. It was at headquarters. The bulk of traffic was internal. Then you had Office 365, then you had Microsoft Azure, then you had Amazon Web Services, uh, Google Docs, et cetera. It no longer was viable to back haul everything to headquarters
for your organizations.
People need to be able to access resources that are in the cloud. How do we make sure they can do that safely? One of the key tools to make that happen is Umbrella.
Here's what Umbrella is. Okay? Now I. Don't let me get guilty of doing that thing that I saw the other guy do, which is I just get into the meat of how the cool product works without telling you how it protects you. Here is how Umbrella will protect you. Umbrella will go out, it will identify websites that are dangerous. It will utilize all of the information gained from Cisco and from the Umbrella cloud. It will identify websites that are potentially dangerous, websites that are being utilized as part of malware campaigns, websites that are being used, part of phishing campaigns, websites that are being utilized as part of C2 stands for Command and control Callbacks. It will block that access. So that if one of your employees clicks on a dangerous URL, Umbrella will block. DNS is fundamental. When you connected to your home network, your office network, your Starbucks network, when you connected, you got an IP address, you got a subnet mask, you got the location of the nearest router, whether it's your home router or another router. And then you also, if you didn't have one, you got pointed to a DNS server. What DNS does is when you type amazon.com, the network needs to know what that IP address is. So it does what's called a DNS Lookup domain name, service lookup. This is how all networking works. Every time when you click on an icon on your phone, DNS is running. When you stream a movie, DNS is running. What Umbrella does is Umbrella goes out. Onto the internet identifies the websites that are dangerous, and then you use Umbrella as your DNS so that when you click on that URL, it doesn't take you there because it knows it's dangerous. Also, if malware is on your network and it attempts to make use of DNS to contact those command and control servers, Umbrella blocks it. That's what Umbrella.
Now Cisco Umbrella goes even beyond that. It's got some other features that have been layered into it as part of the cloud level protection. I'm gonna touch on a couple of those. I don't want to get into a, and here's another cool feature, but there's a lot of cool features, so I'm gonna just touch on a couple of 'em. Here's one of them. Umbrella has an option where in addition to the DNS level protection, we can go ahead and have. You connect up to what's called an S W G stands for a secure web gateway or secure internet gateway. This is where all of your web browsing will flow through. All your web browsing will flow through this, and inside of that Umbrella cloud, you've got a firewall, so you get cloud level firewall protection. This means that wherever your people. Their web traffic will flow through a firewall, and that particular firewall has visibility up to the application level. So instead of just a physical firewall at the perimeter, your guys get a firewall every time they go ahead and do web browsing.
Another cool feature, If I'm a bad guy, my objective is to penetrate your network and steal valuable information. Information like social security numbers, credit card numbers, medical record numbers. Umbrella has built into it something called data loss prevention specific algorithms that are designed to scan data that is leaving the network. To see if it is anything that comes under that category, credit card information, medical record numbers, account numbers, et cetera, and block that. So discover and block that type of transmission of sensitive data.
Another cool feature to help protect you guys, something called RBI. RBI is a cool feature, stands for remote browser isolation. The Internet's a dangerous place. You can go to a legitimate website. Let's say you go to a website and that website attempts to actually download malware to your machine. So now you're at risk. Hopefully you have some type of endpoint protection. If you don't, we wanna make sure you're talking to Brent Davies about the Cisco Secure endpoint. Well, here's what remote browser isolation does. It creates an air gap between you and the browser. Now, I don't want to go feature feature, but it's kind of cool. Literally what happens is you will connect up to the Umbrella cloud, and then from the Umbrella cloud, you'll open up the webpage so that if there's malware on the webpage, it cannot infect your machine. You can still do all your browsing, you can still click. You don't even notice any delay. But if there's something dangerous on there, it's not gonna affect your machine. And then the last feature I want to tell you about, Hey, you go to Dropbox, you go to Google, uh, you go to, was it, uh, Cisco Box, the other one, those cloud storages. There could be malware there. So Umbrella has built-in cloud malware detection. Okay, I don't want to go ahead and those Umbrella actually has even more features than that. But what I need you guys to understand is exactly how Umbrella layers the protection to help keep you guys safe. So let's go back to this code for you. Network. The data and resources are in the cloud, that people are everywhere. How do we access it safely? Answer Umbrella with the cloud level.
How do we provide firewall type inspection of income and ongoing traffic when the users are no longer centralized answer Umbrella with its cloud delivered firewall? Even safe websites may contain links that connect to malware. How do we allow employees to browse with confidence? Answer Umbrella with remote browser isolation. Okay. You got four different tiers of entry with Umbrella. You're interested in those. Talk to Brent. He'll break it down for you. He'll help you figure out which ones are actually most appropriate for you if you have DNS level protection. Cool.
Even if you have it, you still want to actually have the conversation about what Umbrella can actually offer because nobody sees more than Cisco. Okay, lemme talk to you about another product here. Cisco. Okay, so we talked about the code for you network. All right, here's a question for you. I get the username and password of one of your employees, and I attempt to log into your network right now today. Am I successful? All right, here's another issue. I'm an employee of your organization. My laptop's running an outdated operating system. My laptop has known vulnerabilities cuz I don't like the update. Am I able to access corporate resource?
How about this? I'm a hacker. I'm a bad guy. I have penetrated your network. Oops. I'm now attempting to access your most sensitive application. What multiple layers or protection do you have in place to stop me?
The network perimeter is wherever the network is being accessed from wherever you guys are right now. That is the network perimeter of your organization, wherever you guys go and access the network from the perimeter expands to there, and you gotta make sure that the network is safe no matter where people are accessing it from.
The attacks continue to increase. Now there's a company called Colonial Pipeline. This was actually one of the largest. Infrastructure attacks in history. Remember that ransomware life cycle? Take a look at how these guys got hit. All right. Prior to May 6th, an Eastern European hacker group got into the network. Remember what I said? Penetrated the network. They moved laterally and they exfiltrated hundreds of gigabytes of data, hundreds of gigabytes of data. Then after they had stolen everything that was useful, they then encrypted the servers that manage the gas pipeline for the Eastern United States. They launched their ransomware attack, colonial Pipeline. They had no choice. They paid 4.4 million in ransom F b I got back a lot of it later on, but they had no choice. They had to get that network back up and. So they paid the 4.4 million in ransom. F b I confirmed that it was the dark side ransomware group out of Russia who was responsible for this? Uh, May 10th, May 12th, everybody on the East Coast freaked out. Everybody was running outta gas cause they didn't know what was gonna happen next. Um, fortunately on May 12th, colonial Pipeline resorted operations, now largest cyber attack on an oil infrastructure target. In the history of the United States, cost was in the tens of millions of dollars. Here's the interesting thing. The source of the breach was a single compromised password. Specifically Bloomberg News said the following, the hack that took down the largest fuel pipeline in the US and led to shortages across the East coast was the result of a single compromised password. Hackers gain entry into the networks on April 29th through a VPN account. The account was no longer in use at the time of the attack, but could still be used to access colonial's network. The VPN account, which has since been deactivated, did not use, wait for it, multifactor authentication.
The bad guys have only gotta be right one time and they can take the network down.
Okay, so DUO is part of what we call a Zero Trust. Zero Trust is an overall framework. It actually means a number of things. It's not a single product by any means, but Duo says, Hey, who are you?
Is your network access device safe? And. I'm gonna make sure you have access to what you need to have access to and nothing else. That's what duo's about Duo is about. Hey, we want to go ahead and have trusted users who are on trusted devices, who are able to access only those applications that they need to have access to. Now, the scope of Cisco dual, just so you're not, in case you're wondering, well, are we the first ones to try this? Duo is currently doing 900 million authentications per month, and I think right now it actually might be up to a billion. 37 billion devices are being protected with over 436,000 unique applications. DUO is an MFA solution, but it's far more than an MFA solution. But as an MFA solution, customers love it cuz it's so easy to work with. It will. All types of multifactor authentication, wearables, phone calls, biometrics, those little U s B devices that you have to plug into the laptop to get 'em to work, supports 'em all. You install DU on the network. You are, uh, NIST compliant, DEA compliant, HIPAA compliant. Every major, uh, security protocol is met with du. In terms of a zero trust access solution. But this is the story I like most. So Facebook internal, or excuse me, I guess it's now called Meta. I apologize, it's hard for me to keep track. Uh, Facebook slash Meta the internal users, these are the developers, they decided to go with the duo solution and they started with just 300 people.
It was so successful that they actually expanded to over 10,000 users, and now even more Duo is about, is the device I am on, is it compliant? What's the posture of that device?
We hear a lot about like what's sexy is what's called a zero day attack. These are attacks that have never been seen before. But if I'm a bad guy, I don't gotta do. I can just go ahead and actually make use of known vulnerabilities. The vast majority of attacks are actually making use of vulnerabilities that have actually been known for over a year. Vulnerabilities that are actually on laptops that are being utilized to access your network. Duo's gonna go ahead and give you the ability to go ahead and say, Hey, before these devices are allowed to access my network, they have to have this criteria Additionally, Duo will work with pretty much every application. So some people will have like Microsoft mfa and Microsoft MA is very good for Microsoft, but Duo literally will work with pretty much any corporate application, proprietary apps, Microsoft Cloud services, UNIX devices, web applications, VPNs, et cetera. And what Duo is gonna do, And I apologize if I'm going too deep into the product details. I do get kind of excited about this. Here's how it protects you. It protects you by making sure that only the people who are supposed to be on your network, are on your network. Duo's gonna actually go ahead and actually monitor the access. Now, duo by itself is not enough for your security needs, but it does add an additional layer of protection to your overall security. So I get the username and password of one of your employees, and I attempt to log into your network. Am I successful? Nope, not with Duo.
I'm an employee of your organization. My laptop is running an outdated operating system with known vulnerabilities, am I able to access corporate resources? You guys already know where I'm going. Not with DUO posture.
I'm a hacker and I have penetrated your network. I'm now attempting to access your most sensitive applications. What controls are on place to help me or to stop me?
Do all with application visibility.
If we got your interest with this, talk to Brent. Let's set you up for a free 30 day trial of dual, because once you start using it, you start seeing the benefits of it. And there's different tiers of access with dual, but I'm not gonna be able to go into that here.
Okay.
Remember my ransomware life cycle? Cisco is specifically designed to address all of these needs. Some of the ones that we can talk about here is Cisco Tao's, Cisco's threat detection organization. They actually work behind the scenes to not only protect Cisco, but to protect the entire internet. So you purchase any Cisco security products, you're getting the benefits of Taos, and here's a little secret, even if you don't purchase any Cisco security products, Taos is actually out there keeping the internet safe in terms of penetration and infection. DUO is there to actually make sure that only the people who are supposed to be on your network get access to the network and that communication out to that command and control.
Umbrella puts a stop to that. Muhammad says, we use Duo and we love it. Mohamed, I think that you might be one of my favorite individuals for the day now, in terms of being able to stop the file search and the encryption and the ransomware demands. There's other components that we have that make that available, but we don't have time to go into those. Here's what I want you to do. Hopefully I was able to do what I set out to do, which is share with you and get you thinking about your own. Right now, Jessica's gonna post into the chat a cybersecurity checklist, a link for a cybersecurity checklist. Look at that. Start thinking about your own company's protection. Now, I promised you I was gonna introduce you to somebody who could actually help take this to the next level for you. I'm gonna go ahead and stop sharing for a moment. Brent, if you can go ahead and actually just talk a little bit about what you, who you are and what you do, I think they'll benefit from that.
Beautiful. Thank you there, Kenya. So everybody, again, thank you for joining the presentation. Kenya is, is very special. Um, I call 'em a distinguished engineer within our organization. And we have a number of, uh, folks here at, at Skyline that would be happy to help you on your security journey. Um, we love our partnership with with Cisco. And again, I want to thank you all for, for joining this presentation. Um, in conjunction with Cisco. We can do a, uh, health check, security blueprint, health check, so to. with anybody that wants to know, like, where do you stand on a risk scale? And maybe we can help you create, uh, a one year, two year, three year journey on how to get to where you need to be to give you all the safe and security essential practices in place. Uh, I will reach out again to everybody. Uh, why Skyline? Well, we're one of the 1% I would call it a very unique value. Added partner that can be a part of your business. Strategies been around for 30 years plus, and amongst those years we've been receiving Cisco Partner Awards, Cisco Education Awards, and I'm very confident that our abilities across the table can help you with your successful business practices and. Again, I thank everybody for attending and look forward to reaching out down the road. Fantastic. Okay. Um, I tell you, kin was asking about the slide presentation. Will that be available? I'll make you a deal. If you guys fill out for everybody who fills out the cybersecurity checklist, we will make sure we get you guys the actual deck. Okay? Um, and here's what now, once again, I want to make sure I'm driving this point home. I'm gonna tell you a secret. This is Brent gonna hate me for this . It doesn't matter to me who you go to for your security needs. What matters to me is that you are thinking about how to keep your organizations safe. That is what we care about. That is what matters. Okay? With that in mind, we're gonna open it up for any questions that you guys actually may have. So do we have any questions? Uh, Jessica, do we actually have any questions from anyone at this point?
Can you hear me? Yeah. Got you loud and clear Now, um, let's see.
We have one that came in. If a customer wanted to get started with Umbrella, how long, uh, would that take? This is what's so great about Umbrella, literally about, hmm, five minutes. Because all we'd have to do is actually go in for the most basic Umbrella. We can go in and we change the company-wide DNS, and then they start getting protected right away. And then if they decide to go with the Umbrella, secure internet gateway, uh, then that's the next phase. But we can literally go ahead and actually get them protected within a matter of minutes.
Great. Okay. All right, great. Thank you all for being with us here. Uh, once again in the chat, you should actually see that secure, that cybersecurity checklist. Brent has also been nice enough to actually go ahead and post his information there. Start thinking about your own security. Because, uh, you know, I hate to be like that guy, but the bad guys are thinking about your security all the time. Okay. All right. With that being said, we want to thank you very much for your time. We really do appreciate you guys being here. Please feel free to go ahead and actually reach out to Brent or reach out to Jose and then let's go ahead and keep the conversation going.
Thank you all very much. Thank.
