Brett is a cyber security expert that introduces us to some of the threats facing small businesses owners and individuals today. Check this episode out for a preliminary discussion on understanding things such as the dark web, and how easy or long it could take a computer algorithm to guess your perfect password.
Follow Brett on LInkedin for his weekly insights on Cybersecurity. https://ca.linkedin.com/in/brett-gallant-97805726
#cyber #cybersecurity #afternoonpint #cyberinsurance #password #darkweb #
Kimia Nejat of Kimia Nejat Realty
Follow Afternoon Pint on Youtube Facebook Instagram & TikTok support Canadian made media!
Support our Show by Joining the Afternoon Pint Fan Club! https://www.buzzsprout.com/2224014/supporters/new
Want an Afternoon Pint T-Shirt? Yes you do! Go here! https://www.teepublic.com/user/afternoon-pint
#afternoonpint #canada #entrepreneur #arts #business #culture #beer #craftbeer #interviews #authors #actors #comedians #comedy #directors #realitytv #politics #politicians #music #rap #rock #hiphop #country #pop #afternoonpint #canada #food #popular #movies #events #life #canadalife #madeincanada
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:19):
Cheers Cyber Brent Cyber.
Speaker 3 (00:21):
Brent, I don't know, I thought it was going to be way
more clever.
That was it, way more clever.
Speaker 1 (00:27):
Pretty much the whole extent of it.
Did it go any further?
Speaker 2 (00:29):
than that.
Oh, I'm all about spinning aweb man.
Speaker 1 (00:31):
Yeah.
Speaker 2 (00:32):
I guess maybe it was the web and cyber.
Yeah, maybe it's the web, Idon't know.
Speaker 3 (00:35):
Maybe it's secretly more clever than I thought it
would be, but it's not.
Speaker 1 (00:40):
Okay, all right, well , anyway so you're a
cybersecurity expert?
Speaker 3 (00:43):
No, problem.
Speaker 1 (00:44):
And you've been at it for a minute right.
Speaker 2 (01:05):
Yes, more than a minute.
I've been in the industry forover 25 years and I pivoted our
organization a little over fouryears ago hard to security,
first, because what's going on?
Things have changed and cyberattacks are way up and the one
thing I really try to speak withpeople is what's your plan?
Because it's not a matter of if, it's a matter of when
something's going to happen.
We have to be thinking aboutthat when Spider-Man is spinning
those webs you never know.
Speaker 1 (01:24):
You never know when you could be the next Nowadays.
I mean and tell me if I'm wronghere it used to be cyber
insurance.
Was you thought it wassomething that the big guys had
to look out for?
Right, the big companies is whothe hackers are after, but it's
not really the case anymore.
Is that correct?
Speaker 2 (01:39):
Oh, they don't care.
Yeah, they don't care.
They're going after everybodyand it's just a numbers game and
the whole landscape of what'sgoing on today, the whole cyber
crime landscape has becomecommoditized.
So if you've heard about thedark web, that's where hackers
(02:00):
are putting information, how tobe a hacker, and it's not just
the people in Russia and Chinayou have to worry about.
It could be your kid indowntown Halifax that went on
the dark web, or even anotherpart of the country.
Speaker 1 (02:14):
I can start right there if you don't mind, and
first I get into that.
So we'll come back to dark webin a moment, but we are at Great
Roads Brewing.
Speaker 2 (02:20):
We are at Great Roads .
Speaker 1 (02:21):
Brewing Matt.
I'm drinking the Cobblequid.
Copper, right you are.
Speaker 3 (02:25):
And it's fantastic.
I'm drinking the cider, yeah,and if you're a or not a cider,
I mean a seltzer.
If you're a seltzer fan, yes.
Speaker 1 (02:33):
Yeah, yeah, awesome Cool, so back, so dark web yeah.
I don't either actually, Ireally don't.
How does that even start?
Speaker 2 (02:48):
Interesting enough, I have tried to avoid even going
there, but one time the onereason why I know how I've
gotten on it before just because, oh, this was about seven years
ago a small non-profitorganization did get hacked and
(03:09):
they wanted to pay the ransom atthe time, which was scary.
What I know now.
I would never even have donethat.
Speaker 1 (03:18):
I wouldn't even allow you remember how much money was
a ransom roundabout.
Speaker 2 (03:21):
Back then it was crazy.
It was cheap.
With what's going on nowadays,it was like two thousand dollars
oh wow.
Speaker 3 (03:28):
Yeah, that was like, these were like beginners.
Speaker 2 (03:29):
Yeah, these were like these were the nice hackers
yeah, even back then.
Yeah, yeah, so uh, so we got onthe dark web to find out some
information, how to get some ofthe information I needed and
then back then we're trying toget uh bitcoin because they
wanted bitcoin.
Speaker 3 (03:45):
Bitcoin because they wanted.
Speaker 2 (03:46):
Bitcoin.
It was a nightmare.
The good news is it didn't payanyways.
But it was back at the timethat the CEO, the executive
director, really wanted to do it, and I said are you sure?
Speaker 1 (04:05):
And are there vigilantes on the dark web?
I mean, since we talked aboutSpider-Man here today, already.
I mean I'm wondering are therepeople there on the dark web
that are actually trying to dogood and stop some of these
cyber criminals?
If that's where everybody'shanging out.
Speaker 2 (04:19):
There's interesting enough.
I don't know an awful lot aboutthat, but what I've done, the
research, is sometimes I'veheard a few stories where a
cyber criminal syndicate hasagreed to pay the partners to
execute some damage and theydidn't get paid.
Then they went after each other.
(04:40):
Oh, wow.
Yeah, it was crazy.
Speaker 3 (04:44):
I guess also to rewind a little bit, just
because there's probably somepeople who are going to be
listening who don't know what isthe difference between the web
and the dark web uh, differencebetween the web and the dark web
.
Speaker 2 (04:55):
Um, I I'd like to explain it just as easy as
layman's terms as possible.
Uh, dark web is, I call it thewild wild west of the internet.
That's the best way of sayingit, and that's where all the
scary things are, where youdon't want to.
(05:15):
You don't really want to visitthere.
Like how to like, not just.
Speaker 1 (05:20):
But like I don't get it, okay, then help me really
explain this Like I'm afour-year-old.
So is it like, instead of a www, is it like a DDD for dark?
I don't understand.
How does somebody get into thedark web?
Speaker 2 (05:31):
There's a special browser you have to download to
get access to it, and then youget tools to that scary digital
kingdom.
Speaker 3 (05:39):
Okay, and it's just all unregulated internet.
Speaker 2 (05:42):
Unregulated, like things you don't even want it,
like how to make bombs, yeah.
Speaker 1 (05:48):
So you can't find how to make a bomb on the regular
internet, though, can't you justfind it?
Speaker 2 (05:52):
on the horse?
I'm sure you could, or is itmore?
Speaker 1 (05:54):
like you know that the IPs are being watched and
then the police are on yourRight.
Speaker 2 (05:57):
It's not monitored.
Speaker 1 (05:58):
Yeah, okay, yeah.
Speaker 3 (06:00):
How do you get to a point where something is
unregulated, because therealways has to be a provider of
internet, and what I mean bythat is whether you have a
company that provides it, butthere's also just cables that
connect and all that stuff youhave to run through it.
Would a hacker?
Would they have I don't knowone of the companies like Rogers
(06:21):
Bell, eastlink, whatever?
Would they have an internetprovided by them and then have
something like a vpn that throwsthem off or oh yeah, is that
how it works, or can they?
get in.
How do they get internet?
Speaker 2 (06:33):
it's like they they can get on, but they cover their
tracks.
They're using vpns and aliasesand hopping around servers so
that they're covering theirtracks, like the, the digital
tracks, the crumbs I've used aVVM before, but all of them have
to pay like the $100 forinternet every month.
Speaker 3 (06:49):
Yeah, that's the case , right?
Speaker 2 (06:50):
And sometimes they're doing it.
We were demoing a productrecently that sometimes it's
happening, like cybercrime ishappening, even at a hotel or an
airport.
There's these little devicesthat you can use and you can
turn on a hotspot that says freeWi-Fi.
(07:12):
Right and then people and wewere demoing this recently at an
event turn it on and thenpeople start they're at this big
live event for the chamber orwhatever, and they click free
Wi-Fi assuming it's the provided, we've free wi-fi.
And as soon as you come, soonas you click to sign in, it
comes up with your gmail sign inand the moment you put your
(07:34):
username and password in, itgoes into the little device and
the hackers on you.
Speaker 1 (07:39):
They have your information yeah, yeah, I've
learned about that.
I mean, I never used wi-fi inairports for that reason or
stuff like that yeah.
Get a better data package, ifyou can Right.
You can be literally thosehotel Wi-Fis when you're
traveling Hotspot or have a VPN.
Yeah, and I mean at home I haveI mean again, I know very little
about this and that's why wehave you here yeah, but I do
(08:02):
have like an aero wi-fi hotspots, like so eastlink set it up in
the house.
It's aero internet or aerowi-fi.
Yeah, and I'm surprised when Ilook up, that it does a certain
amount of scans for viruses andphishing and like every week at
my house I mean that thing is isidentifying, you know,
basically phishing or whateverin my, you know, on our own
(08:23):
internet connection.
And wow, you know, we're notreally using it for a whole lot,
right, like we're using itprimarily for, like, the netflix
and the amazons and the stufflike that, right, the main
social apps.
I don't think anyone around isreally going too far into the
dark web, right no, no, but it'sstill like it's still out there
.
Speaker 2 (08:39):
It's so prevalent on almost everything you look at
well, it's nice that you have adevice like that, because some
of the providers, uh, that I'veseen don't right.
And and I like to explain whenI'm talking about cyber, it's
not just the, the main entrypoint.
It can be what your colleaguedoes remember that tv show, the
(09:00):
weakest link?
Yeah, well, it's just oneperson that can cause so much
damage and and that person thatnormally would not do anything
if they're having a bad day, howmany times have we had a bad
day and we've done something wenormally wouldn't have done
because we're tired, right,we're tired.
Speaker 1 (09:17):
Yep, yeah, yeah, yeah , a little lapse in judgment.
Speaker 3 (09:19):
Yeah, yeah, yeah so who, who, in your opinion?
Who, would you say, is likekind of like the bigger target,
like the big guys who have lotsof technology and, you know,
lots of money equally, but theyhave lots of tech, they have a
staff to combat and all thisstuff?
Or the one person operation, oryou know, like those smaller
operations that may not have theresources, the tech and all
(09:42):
that stuff behind them but don'thave the money to quite be
worth it to attack?
Speaker 2 (09:47):
See, a lot of times we think that the hackers are
targeting a specific niche.
And yes, they are.
Speaker 3 (10:00):
Because there's spear phishing and all that stuff.
Speaker 2 (10:02):
But a lot of times they're just casting a wide net
out into the digital frontierand whoever clicks on it, they
own you.
I have an example of a man, asmall business, that lost
$30,000 because he fell victimto a scam.
What happened?
(10:24):
Because he fell victim to ascam?
To what?
What happened?
It was a.
He got this conversation thatcame up.
He clicked on something hey,time to invest in bit mining
Bitcoin.
You can double your investment.
He got on the phone and theperson was really convincing.
He knew a little bit about hisinvestments and then he actually
(10:48):
had him invest $20,000.
And then he called again a weeklater hey, we have another
opportunity for $10,000.
When I found out about it, Iwas speaking with his daughter.
I said tell him to stop.
And when he tried to get themoney removed, he had to pay
(11:10):
$10,000 to get access to it.
Speaker 1 (11:14):
So it was gone, it's gone.
Speaker 2 (11:16):
Nothing, that's a man .
Speaker 1 (11:18):
So you just wired a stranger 30K.
But I mean, the technologiesare there now AI.
Speaker 2 (11:23):
You can impersonate someone.
That's right.
Speaker 1 (11:25):
You can sound so knowledgeable over the phone,
deep fake technology right Likeyou could really.
And how hard is it to have aconversation with somebody and
believe they're genuine?
Speaker 2 (11:34):
Oh, very easy.
Yeah, ai is the new trend.
Speaker 1 (11:40):
And like social engineering I mean that word, I
think, is underutilized, becauseit's now exponential how social
engineering was 10 years ago.
I remember when I was at a jobI had before I was in the
insurance business, I got anemail one time and it was just a
very generic spam one and itwas like we've seen you, mr
(12:00):
Tobin, doing things in front ofyour computer.
Yeah, yeah yeah, and I was likewhoa For a second of your
computer.
And.
Speaker 3 (12:04):
I was like whoa and I'm like wait a second, this is
my work computer.
I want to do nothing in frontof this computer and then I
wised up to the fact right.
Speaker 1 (12:14):
I was like there's no way.
I've never done nothing infront of this computer.
What am I worried about Then?
It did not become an issue whenI thought about it for a second
, but this was where it was thatmoment of anxiety that moment
of that
Speaker 2 (12:26):
moment when you're vulnerable and then you, and
then you may do something in afew minutes where you do
something, and then, if you walkaway and you think about it
half an hour or 10 minutes later, yeah, wait, yeah it doesn't,
but now it's like the movieinception.
Speaker 1 (12:40):
so say that was a mild layer that I got through
very quickly.
I mean, today it's almost likeyou and I could have a total
conversation, even when weintroduced you and talked about
you coming on to this podcast.
I could have just done layersof deception by researching you
and knowing who you were andthen realized that I would say,
oh geez, brett, yeah, just wireme $1,000 and we'll see you
(13:03):
there.
And the next thing you know,you got hoaxed.
Speaker 2 (13:06):
Oh yeah, and that's happening even on smaller scales
.
I mean, we all hear aboutpeople being taken advantage
with Facebook Marketplace.
Yeah yeah, pay me the $100 fordeposit and then you go to the
place to pick it up.
Oh yeah.
Speaker 1 (13:24):
Nothing yeah.
Speaker 2 (13:25):
It's just not.
Yeah, it's crazy.
Speaker 3 (13:28):
Yeah, nobody gets my money before I get the stuff.
Yeah, that's smart yeah 100%.
Speaker 2 (13:32):
You always have to question everything, if there's
anything that we can learn fromdrug dealers.
Speaker 3 (13:39):
Make sure that the money's there before you get the
stuff.
Speaker 2 (13:42):
I want to see the goods before I give you the
money.
That's right.
Speaker 3 (13:46):
Yeah, so okay.
So for yourself, maybe you canexplain to people like what
exactly is that you do and howyou help people.
Speaker 2 (13:56):
So we really believe and this is our mantra security
first and, like I was sayingrecently, you can't prescribe
without a diagnosis.
You know you don't go to adoctor and they just say I got a
headache.
Speaker 1 (14:14):
Sorry not to interrupt, but do they come to
see you when there's a problemor do you help with preventive
measures?
Speaker 2 (14:21):
Both but, generally, I have a conversation with a
business owner and say, hey, weneed to talk, let's have a
conversation.
Sometimes they come to us andwe say, look, let's look at
what's going on here from abusiness perspective, because
(14:42):
look what happened like pharmacyorganizations that we support.
Look what happened in WesternCanada Abundant Drugs was down.
Speaker 3 (14:50):
And even.
Speaker 2 (14:50):
Sobeys was down.
Okay, so it all starts with usdoing a cybersecurity risk
assessment and we do thatengagement.
We put some tools on thecomputers, we test and see if
there's any vulnerabilities inthe systems.
We check the dark web, we phishtheir staff and we check for
(15:13):
just the overall health andintegrity of the network.
How old are your computers?
Are they patched?
Speaker 1 (15:23):
Updates being done on a regular basis.
That's huge with corporate,because the corporate computers
are usually behind even yourhome computer.
Speaker 2 (15:30):
How secure are they?
I don't want to get tootechnical, but are you allowing
everybody is at the wild west onyour network?
Are you allowing everything torun?
Are your backups securedoff-site?
Because when you get hit thefirst thing, what do you think
the hackers are going to go for?
They're going to delete yourbackups, and then we check to
(15:51):
see if your Office 365 or GoogleWorkspace is actually being
backed up, because a lot oftimes we think, oh, it's in the
cloud, we're okay, but no, it'snot.
We need to have a layered, amulti-layered approach to cyber
is the best way.
It's the only way so would you.
So you would encourage peoplelike businesses to have, uh, not
(16:14):
just update like backup in thecloud, but also backup on a hard
drive uh, if you're doingbackup on a hard drive, the
reality is, if you're going todo that, you want to have an
encrypted hard drive.
I can't tell you how many timesI've heard of somebody losing a
hard drive.
And you've had your digitalkingdom and somebody can just
(16:36):
come into your office and takethat drive and get at everything
.
Speaker 1 (16:39):
Yeah, and that's another cybersecurity, a more
physical thing but, it's stillcybersecurity 100%.
Speaker 2 (16:45):
Yeah, it's all related.
Speaker 3 (16:46):
What's the best way to back things up, Like if it's
just in the cloud.
But what's another way to backthings up outside of backup on
hard drive, backup on cloud?
What's another way of doing it?
Speaker 2 (16:54):
Well, if it's emails, if you want to get really
simple, for a second email ifthere's 10 or 20 emails that you
want to really keep.
Have another email that youforward that email to.
Oh, okay, that's just a basic,but make sure the non-negotiable
today that everybody needs tobe aware of two-factor
(17:17):
authentication on your email.
Speaker 1 (17:19):
Yes, yeah, I do that on everything.
Some people are not.
It's a pain in the ass, it's apain but, it's a nice pain in
the ass.
Speaker 3 (17:26):
Yeah.
What's worse is what couldhappen if you don't have it
Right.
Speaker 2 (17:29):
Right, well, and we know we have.
We put tools on our clientsthat we know when somebody's
trying to get in, and so we havea client in northern Canada,
and when we first brought themon board, we saw that there was
over 20 times a minute thatsomebody was trying to get into
the mayor's email.
(17:50):
Oh, whoa interesting, yeah,yeah.
So what we did is we put theother layers on conditional
access.
Don't let anybody in fromoutside of Canada.
Speaker 1 (17:59):
Get two-factor authentication on yeah, and you
guys provide software and stufflike that to help people along
as well as practical kind ofpreventative measures.
Is that kind of right?
Speaker 2 (18:11):
Yeah, yeah, we put the tools in and we manage it
for the client and we providehelp desk services.
So if you're a manager andsometimes people are trying to
do things themselves, fix issues, we take care of the help desk.
The printer's not working,manage the cyber.
If you need to get your Sage 50updated, we help do that and
(18:36):
the nature of one of our toolsthat we use actually the clients
have to raise a ticket with usto allow the update to go in,
because we have this specialtool that blocks any updates
from being installed in thefirst place, like third-party
software, because sometimesthese need to be tested and
managed.
Speaker 1 (18:57):
Right.
So yeah, your QuickTime orwhatever it could be on your
desktop trying to do an update,you prevent that.
Speaker 2 (19:03):
Yeah Well, quicktime generally goes through, but Sage
50, for example, some of thesesoftware vendors we actually
make a window and allow that.
Speaker 3 (19:12):
That's smart, yeah.
So I mean, like obviously thishas changed over the last like
10, 20, 30, whatever years.
Cybersecurity and everythingwhat kind of inspired you to get
into like this type of stuff?
Like did you, you know, becauseyou said you've been doing for
25 years?
I think is what you said.
So I mean we're talking likeyou would have got in if you
(19:33):
know this would have been.
Was it?
Was it?
Uh, y2k that got you inspired,because we're 25 years ago was
like that kind of thing.
Speaker 2 (19:40):
So my journey, my journey in a nutshell.
I was uh, I was working for agreat company, a construction
fabrication company, as their ITperson.
Speaker 3 (19:49):
Okay.
Speaker 2 (19:49):
And regional leader in construction fabrication,
great company Set the foundationfor me.
I saw elements of it back then,but when I started my company
in 2010, I started seeing, okay,we need to do a little bit more
.
I started seeing, okay, we needto do a little bit more.
But when I really looked deeper, a number of years four or five
years ago I joined a network ofcybersecurity professionals
(20:12):
worldwide and we meet every dayI actually have a meeting today,
mastermind and we talk cyber.
Oh cool and I was on a call lastnight talking about cyber at 9
pm, so you live this stuff everysingle day.
Speaker 1 (20:28):
We do, but you have to because it really catches up
every single day, right?
Speaker 2 (20:32):
So we're constantly improving our skill set, but
also knowing okay, what's thenext threat.
Right and so that's why I didit.
I seen that what we were doingwas not enough, that what we
were doing was not enough, andwhen you see an antivirus on a
server and something comes onand you thought you had the best
protection and thevulnerability, just looked at
(20:57):
that.
Speaker 3 (20:58):
Ha ha ha, spider-man boom and it just encrypt the
hard drive.
Speaker 2 (21:02):
So, what we need now is these other layers, and so I
was saying at a recentconference a security operations
center is one of the things weuse which augments our team.
We had an organization in NewBrunswick that had an attack on
their production line and itencrypted the production line,
shut it down.
(21:22):
We were able to clean that up.
That's when we came in and westarted implementing the
elements of cyber.
Speaker 1 (21:30):
Were you able to figure out where those folks
were from?
Speaker 2 (21:32):
No, but I know how they came in.
I'm quite confident they camein through the vendor's third
party tool.
This is why we have to checkour vendors Interesting.
Speaker 1 (21:43):
This is awesome to know.
Speaker 2 (21:44):
TeamViewer.
The vendor used TeamViewer andthey had their aspect secured,
but they didn't do the extraelement of blocking it just so
that they could do it.
So somehow the hacker gotaccess to the ID and the
password and they got in Wow andthey encrypted it.
Now we put the elements ofcyber in after that cleaned it
up and we put it on everything.
Speaker 1 (22:08):
And that ID and that password.
It's so simple to say.
But think about this.
Go back to the story of thehuman being that went home that
weekend, uses the same passwordfor their Netflix had their
things shared and then they goto work that week later and they
use that same password and theyjust connect.
Oh dude, this guy works fromhere and he works with this big
company, and they just copypaste and they can find out all
(22:30):
that by researching you onfacebook and linkedin, where you
work so right I.
Speaker 3 (22:34):
I don't know if I shared this before or whatever,
but my passwords that I use now.
Did I ever tell you what I dowith this, matt?
Speaker 1 (22:40):
conrad one, two, three, yeah, everything he does.
Yeah, no, you know what you?
Speaker 3 (22:44):
you know, I decided to do like you know, we, you
know we're in insurance and weare in cyber insurance and we
have to face some things, andyou hear some crazy horror
stories, which we'll get to in aminute, yeah, um.
So now what I do is every timeI need to do an update, and what
I've been doing this whole yearis, uh, I've been putting in a
lyric from song, from a songthat I heard on the radio that
(23:07):
morning.
Tell them, it's a terrible idea.
Speaker 1 (23:09):
Yeah.
Speaker 3 (23:09):
It's not because it can be so random.
Speaker 2 (23:13):
I want you today to go to the website, use a
passphrase and put one of thosepasswords in that you use and
see how long it lasts.
Speaker 3 (23:21):
Okay, okay, yeah.
Speaker 2 (23:22):
What I recommend whenever you can.
Speaker 1 (23:24):
What if you go into the website?
You've got a site where you cansee how shitty your passwords
are.
Yeah, okay, but we train people, you guys have that.
Speaker 2 (23:30):
No, there's a website that we use as part of our
onboarding.
We recommend a passwordmanagement tool.
Speaker 1 (23:35):
Yeah, yeah, yeah Okay .
Speaker 2 (23:36):
A keeper is one we like, but we train people with
the password management tool touse a passphrase four letter,
four words, and when you usefour words like everybody loves
spider-man dancing, that's a 600century password to hack.
Okay, okay.
But if you use a password likewhat do you mean?
Speaker 1 (23:58):
600 century password, you mean, because it's so long,
yeah, so long with the spacesand everything it would take 600
years to figure it like acomputer because of the length
of it, and the audience wouldtake it.
Speaker 3 (24:08):
But here's the thing, though if you do that, though,
but if I like, if I'm sittingthere and, like you know, matt's
driving, I gotta understand ifI put, like you know, uh, you
know my favorite song, orsomething like that, if I was
like metallic girl yeah, orwhatever like.
If I put like metallica 1985because it's like a favorite
band of mine and my.
That's different.
But if I'm driving in on and Ihear on the radio and I hear
(24:28):
like a taylor swift song, I willsometimes and I don't, I don't
like taylor swift, right, I likeher music, okay, but I I might
use that and I might.
I'm you know, I don't know, Ican't even think of a taylor
swift song, but it's shaking off2400 baby exclamation.
Speaker 2 (24:44):
yeah, guess how fast that Guess how fast that
password would be.
How fast?
That would probably be hackedwithin two hours, really, yeah.
Speaker 3 (24:52):
Even though, like for me, like no one would ever
guess that.
For me, though, because it'snot a song.
But what if they're on yourcomputer already and they've
seen you putting the keystrokes.
Speaker 1 (25:02):
What if you?
Speaker 2 (25:02):
have like a phrase.
Speaker 1 (25:04):
Can't.
They do that anyway, though,but you mix it with capital,
lower letters and symbols.
So if you say like I don't know, just like say okay, so drop it
, like it's hot.
But you go capital D, thenlowercase r, then a zero for the
o, then a p, then a three, andthen you kind of redefine the
language like a serial killer.
(25:24):
That might get you to two weeksto three weeks.
Speaker 3 (25:28):
That would get you better.
So why would like danceSpider-Man?
Speaker 1 (25:31):
Boogie.
Whatever, don't use thatpassword.
Why would that be better,though it's better because, it's
super long, super long spaces.
Speaker 3 (25:38):
Yeah, I know, but that's what I'm saying, though.
When I do a song, so like Iwould go on there and I would do
like Whitney Houston's, I Wantto Dance with Somebody.
Yep, isn't that a long password, though, put?
Speaker 2 (25:49):
some spaces in it and it'd be even better.
Speaker 3 (25:50):
Yeah, yeah, because no joke, that was a password of
mine for like three months.
I heard Whitney Houston onthere and I was I want to dance
with somebody.
Speaker 1 (25:57):
I know I used his Netflix.
It's like I want to dance withsomebody.
That was my password.
We were talking about it.
Speaker 2 (26:06):
What's your favorite song?
Right my head, yeah exactly,but like that's.
Speaker 3 (26:09):
The thing is, like I would sit there and I like like
the person who can sit there andhack in and sit there and go
like matt's gonna like matt'spasswords.
I want to dance with somebodyexclamation mark.
Speaker 1 (26:18):
But you gotta think of it less as like a person and
more of a computer that can justdo this right like.
But it can, yeah, but if itdoes that.
Speaker 3 (26:26):
What's the difference if I use a a song lyric versus
random whatever's?
It's going to guess it anyway,yeah time, right I?
I don't know this brett, butlike my thought behind it is
this I thought it was a goodidea if I used a word.
Speaker 1 (26:41):
Words are easy.
It would be easier for uh anykind of predictive algorithm to
predict yes, right then thenlike a broken word.
So if I said droid, the wordyou know, shout out to Star Wars
right and said spelled the worddroid peep poop as opposed to
putting a zero one in the middleof droid Right Right.
That would be harder to detect.
Speaker 2 (27:03):
I want to dance with somebody.
Yes, five days.
Speaker 3 (27:05):
Five days Yep.
Speaker 1 (27:07):
Oh okay, put Five days.
Yeah, oh okay, put it in there.
Yeah, I want to dance withsomebody.
What's the name of this?
Speaker 2 (27:10):
website.
Can you say it in a wayUseapassphrasecom?
Speaker 3 (27:15):
Useapassphrase.
I'm totally checking that out.
I am going to like seriously.
Speaker 1 (27:18):
That'll be a good drinking game.
I'm like.
Speaker 2 (27:19):
I got a 28-day password.
Speaker 3 (27:22):
Seriously, it's the first three pages.
You'll never guess it.
Leviticus 17, verse 20.
I'm gonna try that later.
That's cool that's a reallycool thing yeah, okay, so yeah
anyone listening.
Definitely do that, becausethat's a, that's a whole lot of
fun.
Speaker 1 (27:42):
So we're actually getting a shorter time, man,
yeah, can we?
Speaker 3 (27:46):
like I like, maybe give like one like crazy horror
story, that story that you havefor cybersecurity, and then
we'll get into our 10 questions.
Speaker 2 (27:54):
Sure, Okay so, this happened recently, so on average
, hackers can be in your networkfor 120 days.
Speaker 3 (28:04):
Okay so remember that Okay.
Speaker 2 (28:06):
Whoa, okay.
So I was at the gym and I wasworking out and I got a message
from a client a former clientneed help.
I called the person and youcould sense it in them.
Something happened.
So I said look, I'm going tocome and see you.
(28:27):
They were five minutes away, soI came up.
What happened?
So the person had received aphone call and it was Gosha Bank
and they said hey, I have theowner on the phone and we're
talking about this deal.
This deal and this deal had allthe details.
(28:49):
Okay, knew everything.
All we need is the key fob sowe can get into the bank.
Okay, wow, okay.
$400,000 later, woo, okay.
By the time they realized itwas the next day, called the
bank.
The bank was able to recover200 000 um, and I don't know
(29:16):
about you, but most businessesdon't have that much money to
lose no, that's, the banks do,but no, not not regular business
and and and why I'm doing this.
A lot of people you know, forthe businesses I support, some
of the people are living fromtwo paychecks from going
homeless, right, okay, so theygot two hundred thousand dollars
(29:39):
back.
That was the horror story, themost recent horror story, and
what I advise them to do withthis organization is going
forward.
If you're going to do anythingfinancial, have a code word
between each other, okay, anddon't do anything unless you see
(30:00):
each other eyeballed.
Speaker 1 (30:01):
Like a safe word.
A safe word, bluffy kitty.
Speaker 3 (30:07):
Like soft kitty.
Speaker 2 (30:09):
But that's the best piece of advice.
Uh, if anybody all of you getthat safe word, uh in your
organization that's that one youtake, because with ai now I
used to say eyeball to eyeball,but now with deep fake right.
Yeah, that's right so take thatto heart everybody, please.
Yeah, that's great advice.
Speaker 3 (30:29):
Yeah, the um, yeah, yeah I think that's really good
advice, especially because Iknow some companies or some
people, entrepreneurs and thingslike that.
They'll think, oh, you knowwhat, that's not going to happen
to me, that happens to theother guys.
Or they might think, oh, Ican't afford cyber insurance, I
can't afford a cyber expertinsurance, I can't afford a
(30:53):
cyber expert.
But in the end, if it happensto you, you wish you could have
afforded that, because even ifit costs you $1,000, $2,000 or
something like that to havecyber insurance, to have a cyber
specialist, $200,000 is Welland what's happening, the trend
that's happening.
Speaker 2 (31:07):
Your vendors are going to start coming at you and
saying what are you doing tomanage your cyber?
That's right.
And if you don't and you guysare in insurance, so you know if
you did apply for cyberinsurance and you're not doing
what's necessary, they're goingto deny the claim.
And the insurance industry toget cyber insurance.
(31:30):
Before it used to be twoquestions Do you have antivirus
and backup?
And now we're seeing cyberinsurance.
Speaker 1 (31:36):
Oh gosh, not now.
Speaker 2 (31:38):
No, sometimes one vendor from one year.
They went from three pages to11 for getting cyber insurance
100%.
Speaker 1 (31:45):
Yeah, so that's the reality Way more understood now
and the risk is way higher.
Yes, right, so protecting therisk is way higher.
Speaker 2 (31:50):
Yes, right.
Speaker 1 (31:51):
So protecting yourself first is number one.
Speaker 2 (31:53):
Oh yeah, and if you're casual about this, you
become a casualty.
Speaker 1 (31:57):
Yeah, and even at your home.
Like you know, this is a showabout.
We talk about business a lot,but in your own home, right?
Don't be too casual about yourNetflix password.
Speaker 3 (32:04):
Don't be too casual about the 20-year-old Gmail,
Because that has your creditcard information Gmail password
right.
Speaker 2 (32:08):
Two-factor authentication on your banking
at home.
Guys, everything you do now hasso much information, so much
more than you even know thosecookies.
Speaker 1 (32:15):
they mean a lot right .
They're not just deliciouslittle morsels, but Brett back
to you.
If people follow you onLinkedIn, you do a webinar like
almost every Thursday.
Is that correct?
Speaker 2 (32:27):
We're launching.
We're going to be launchingagain we Thursday, Is that
correct?
We're launching.
We're going to be launchingagain.
We've been just putting ourbest content out.
Sure, I'm not only just talkingabout cyber, I'm just talking
about things that are on myheart.
Speaker 1 (32:38):
Yeah, for sure yeah, and I took some time to follow
you on LinkedIn and I mean it'spretty interesting right.
I mean you know, Cyber SweetestChef.
Speaker 2 (32:44):
Did you see that?
I saw this.
You did a Cyrus.
Speaker 1 (32:47):
Rice chef one day.
We actually.
I've included some of that intomy 10 questions here because
you know I went on the dark weband researched you a bit there.
But anyway.
So, without any ado, let's kickoff these questions here, and
Matt, you want to do the firstone.
Speaker 3 (33:02):
All right, I'll do the first one.
All right, so we know you're abig Star Trek fan, so if you
could spend an afternoon withSpock and you planned the day
together, what would you do?
Speaker 2 (33:14):
I take him off into the woods to Peabody Lake.
We go canoeing and fishing.
All right, that would be prettylogical.
Speaker 3 (33:21):
No mind meld or anything that would be the day
Spock found emotion.
Speaker 1 (33:28):
He'd be like this, is beautiful, that'd be great yeah
.
There you go.
All right, that's a good answer.
Okay, question two.
Okay, question two.
Speaker 3 (33:37):
It is your last meal you're gonna die the next day.
Sorry, uh, what would?
Speaker 2 (33:40):
you order like a last meal I would, or I would love
to have my mother's hamburgergoulash.
Speaker 1 (33:49):
Oh, okay, yeah.
Speaker 2 (33:49):
Amazing yeah.
Speaker 1 (33:50):
Good answer yeah, all right.
Speaker 2 (33:52):
Question number three yeah, of course.
Speaker 3 (33:56):
Question number three On your LinkedIn profile, you
pride yourself on being a scoutleader, yep.
So what's the number one lessonyou wish you could teach to all
the youth growing up if youcould?
Speaker 2 (34:06):
Be prepared and just be the best version of yourself
and treat people with kindness.
Be a better person, be, I tellkids.
You have so much potential youdon't know how much you're
capable of and just pushyourself a little bit and grow,
because you can do it.
Yeah, awesome.
Speaker 1 (34:28):
Okay, Scenario Yep A hacker gets your password vault.
Hacker gets into your passwordvault, now having access to all
your social media accounts, andthey are posting terrible things
, asking your colleagues formoney and are damaging your
character.
What's your next step?
Speaker 2 (34:47):
Can I call a friend?
No.
Next step is because I hadtwo-factor authentication on and
I had my recovery.
I immediately get in and try toreset my password, reset my 2FA
and check and see if I can seewho those guys contacted and I
(35:10):
would call them.
Speaker 3 (35:11):
Okay, I would call them.
Speaker 2 (35:13):
I don't want them to have any damage.
Speaker 3 (35:15):
And before we ask the next questions, I got a little
bit of a side question for thisone.
You see that often where peoplesay, oh, I got hacked on
Facebook and whatever, and thenthey send messages to people
that you know and everything.
Yeah, I like to waste thosepeople's time Me too.
Okay, so is there?
Speaker 1 (35:29):
I like to waste those people's time me too so okay.
Speaker 3 (35:30):
So is there any threat to me like doing that,
because?
Speaker 1 (35:32):
like no, okay, good what does it get pissed off at
you because you wasted theirtime?
Speaker 3 (35:35):
no, but like I had one person who was like heckling
the hacker click, click thislink and, like you can like
apply for like ninety thousanddollars for funding or whatever,
and it's non repayable, blah,blah.
And I would say to these peopleit's like great, you know what,
I know what I'll do, that yousend me 20 grand and then when I
get mine on here.
Speaker 2 (35:52):
I'll give you 40 grand.
You'll double your money.
Speaker 3 (35:55):
And then they're like no, no, no, Just click on the
link and you'll get it all.
I'm like yeah, yeah, yeah, butyou send me 20 grand now.
Speaker 2 (36:11):
And I'll talk to them , for like to do so.
Wasting their time is not a badthing.
It's a nice pleasure sometimes.
Speaker 3 (36:15):
I agree, All right.
Question number five.
So who would you like to seewin the next federal election?
Speaker 2 (36:23):
Oh, I learned a long time ago from David Foley, who I
have a lot of respect for.
Speaker 3 (36:29):
Dave Foley, who I have, a lot of respect for.
Speaker 2 (36:30):
Dave Foley.
All right, he owned aconvenience store and he said
Brett, I learned a long time agonever to talk about politics.
Speaker 1 (36:36):
Take a sip of your drink, my friend, yeah you can
take a sip.
Speaker 3 (36:38):
You know what he goes , I learned that.
Speaker 2 (36:41):
but you know what I believe there's a need for
change and every now and thenit's time, it's time, need for
change and every now and then,you know it's time, it's time
for a change.
Speaker 3 (36:53):
That's fair.
That's fair, I do feel it's 10years.
People get stale yeah.
Speaker 1 (36:57):
Okay.
Next question If you had a rapname, like you were a rapper,
okay, came out tomorrow.
You had a name, what would your?
Speaker 2 (37:04):
rap name be DJ Jazzy Brett, the Hitman Guadalupe.
Speaker 1 (37:12):
It's not a password.
His rap name is as long as hispassword Okay, dj Jazzy Skilt
Master.
Speaker 3 (37:20):
Oh, I like that.
Dj Jazzy Skilt Master,fantastic, all right.
Speaker 1 (37:24):
All right yeah.
Speaker 3 (37:25):
Okay, question number seven.
So what is your or a favorite,or your favorite band or artist?
Speaker 2 (37:34):
you know, jeff daniels.
Oh, okay, you know, did you theactor?
Speaker 3 (37:41):
yeah, yeah, of course I.
He's a country singer orsomething, isn't he?
Speaker 2 (37:44):
I download.
I heard him play on kellyclarkson, yeah, and I downloaded
everything on spotify and mywife and I the music like I I.
We drove through denver ofcolorado, my wife and I, this
summer.
Yeah, and I had that on myplaylist.
I listened to that twice and Ilistened to might listen to a
bit on uh when I'm driving.
Speaker 3 (38:04):
It's great oh, it's great funny too, that's good.
Speaker 2 (38:08):
Question number eight Me yeah, if you could travel to
any time, past, present orfuture.
Where would you go and why1955.
?
Speaker 3 (38:21):
Marty, don't do it.
Speaker 1 (38:24):
That's a great answer .
Speaker 3 (38:25):
That's a great answer .
Actually.
That's great.
Speaker 1 (38:27):
You're knocking these out of the park, by the way.
Speaker 3 (38:29):
All right.
Question number nine, mr Kids.
Why do you have a clipboardcutout Of the Pope in your home?
Speaker 1 (38:39):
You have a cardboard cutout Of the Pope in your home.
Speaker 2 (38:41):
There's three things in my office.
Speaker 3 (38:44):
Behind me.
Speaker 2 (38:45):
Spock was put in my cart Seven times by my son and
then I finally decided to buy it.
And then I said Spock was putin my cart seven times by my son
and then I finally decided tobuy it.
And then I said Spock needs afriend.
So I decided I'd get the twinpowers, spock and the Pope.
And then another thing rightbehind me is I have an airplane,
a model airplane from Mike.
(39:05):
Mike was one of my greatesttechs and he passed away over
six years ago and he alwayswanted to be a pilot.
Speaker 1 (39:16):
And.
Speaker 2 (39:16):
I keep that playing and I think about Mike all the
time and I'm so grateful forMike Cool.
Speaker 1 (39:23):
Awesome, mike was great.
That's nice, that's awesome.
Last question you really kindof answered this in question
three about the scout leaders,and I respected your answer.
So you talked a little bitabout kindness and that's
actually the number one answeron this show for this question.
But maybe you can give anotherversion of that answer.
So what is one thing everyonein the world can do to make it a
(39:46):
better place?
Like one thing everybody can doto make the world a better
place.
Speaker 2 (39:51):
I really think and I've had so many instances of
this reach out to somebody aloved one or even somebody you
know and have a conversation andjust do it today and say how
are you doing?
I was thinking about you and Iappreciate you so much, who you
are and what you do.
You bring so much value.
(40:11):
People need to hear that more.
I've done that a few times andI'm trying to do it more often
and the effect that it has onthe person but not only on the
person, but on yourself how youfeel.
Yeah, yeah, oh, my goodness.
Speaker 3 (40:24):
It's the greatest.
It's a beautiful answer.
Yeah, you know what I reallylike that.
Because you know what I reallylike that?
Because I heard a quote acouple years ago.
It said all the nice things yousay about somebody at their
funeral.
We should be saying that ontheir birthdays.
Speaker 2 (40:37):
Yes, right To tell them.
And what you notice, there's aman that I buy placemat ads from
and I decided I just starteddoing this randomly and I
messaged him.
I sent him an email.
I said you know, james, Ireally appreciate what you do.
You're always looking out forus.
You do do so many great thingsand your heart's in it, and I
appreciate what you do.
(40:58):
Two days later he sent me backa message.
He said, brett, you don'trealize how much you've been
used by God.
I was feeling this a little bitof worthlessness and all that.
And you sent me this beautifulmessage and I felt so great that
I impacted his life, lifted hisspirit.
Speaker 3 (41:20):
And I said what was true.
Speaker 2 (41:22):
And I felt good because I knew it was
appreciated and made adifference in his day.
Speaker 1 (41:25):
So many people nasty this and they're transactional
and you just went back andshared some love to somebody.
Speaker 2 (41:31):
Yeah, it made so much difference, man, let's all do
that, you know Well, cheers toyou, brett.
Speaker 1 (41:35):
Yeah, cheers, I've got to say man, I've really
loved chatting with you.
Speaker 2 (41:38):
Yeah.
Speaker 3 (41:38):
This has been great.
You're awesome, thank you.
Speaker 1 (41:46):
Cheers and I definitely welcome you on
LinkedIn because you have agreat following there and you
put a lot of good info on there,so please do that if you're
listening to the show.
Thank you so much to GreatRoads Brewing for having us here
.
Thank you for listening to ourpodcast, if you're still here
listening.
Yeah, that's it, man.
Speaker 3 (42:03):
Cheers.
Cheers Cyber Brent Cyber.
Speaker 3 (00:21):
Brent, I don't know, I thought it was going to be way
more clever.
That was it, way more clever.
Speaker 1 (00:27):
Pretty much the whole extent of it.
Did it go any further?
Speaker 2 (00:29):
than that.
Oh, I'm all about spinning aweb man.
Speaker 1 (00:31):
Yeah.
Speaker 2 (00:32):
I guess maybe it was the web and cyber.
Yeah, maybe it's the web, Idon't know.
Speaker 3 (00:35):
Maybe it's secretly more clever than I thought it
would be, but it's not.
Speaker 1 (00:40):
Okay, all right, well , anyway so you're a
cybersecurity expert?
Speaker 3 (00:43):
No, problem.
Speaker 1 (00:44):
And you've been at it for a minute right.
Speaker 2 (01:05):
Yes, more than a minute.
I've been in the industry forover 25 years and I pivoted our
organization a little over fouryears ago hard to security,
first, because what's going on?
Things have changed and cyberattacks are way up and the one
thing I really try to speak withpeople is what's your plan?
Because it's not a matter of if, it's a matter of when
something's going to happen.
We have to be thinking aboutthat when Spider-Man is spinning
those webs you never know.
Speaker 1 (01:24):
You never know when you could be the next Nowadays.
I mean and tell me if I'm wronghere it used to be cyber
insurance.
Was you thought it wassomething that the big guys had
to look out for?
Right, the big companies is whothe hackers are after, but it's
not really the case anymore.
Is that correct?
Speaker 2 (01:39):
Oh, they don't care.
Yeah, they don't care.
They're going after everybodyand it's just a numbers game and
the whole landscape of what'sgoing on today, the whole cyber
crime landscape has becomecommoditized.
So if you've heard about thedark web, that's where hackers
(02:00):
are putting information, how tobe a hacker, and it's not just
the people in Russia and Chinayou have to worry about.
It could be your kid indowntown Halifax that went on
the dark web, or even anotherpart of the country.
Speaker 1 (02:14):
I can start right there if you don't mind, and
first I get into that.
So we'll come back to dark webin a moment, but we are at Great
Roads Brewing.
Speaker 2 (02:20):
We are at Great Roads .
Speaker 1 (02:21):
Brewing Matt.
I'm drinking the Cobblequid.
Copper, right you are.
Speaker 3 (02:25):
And it's fantastic.
I'm drinking the cider, yeah,and if you're a or not a cider,
I mean a seltzer.
If you're a seltzer fan, yes.
Speaker 1 (02:33):
Yeah, yeah, awesome Cool, so back, so dark web yeah.
I don't either actually, Ireally don't.
How does that even start?
Speaker 2 (02:48):
Interesting enough, I have tried to avoid even going
there, but one time the onereason why I know how I've
gotten on it before just because, oh, this was about seven years
ago a small non-profitorganization did get hacked and
(03:09):
they wanted to pay the ransom atthe time, which was scary.
What I know now.
I would never even have donethat.
Speaker 1 (03:18):
I wouldn't even allow you remember how much money was
a ransom roundabout.
Speaker 2 (03:21):
Back then it was crazy.
It was cheap.
With what's going on nowadays,it was like two thousand dollars
oh wow.
Speaker 3 (03:28):
Yeah, that was like, these were like beginners.
Speaker 2 (03:29):
Yeah, these were like these were the nice hackers
yeah, even back then.
Yeah, yeah, so uh, so we got onthe dark web to find out some
information, how to get some ofthe information I needed and
then back then we're trying toget uh bitcoin because they
wanted bitcoin.
Speaker 3 (03:45):
Bitcoin because they wanted.
Speaker 2 (03:46):
Bitcoin.
It was a nightmare.
The good news is it didn't payanyways.
But it was back at the timethat the CEO, the executive
director, really wanted to do it, and I said are you sure?
Speaker 1 (04:05):
And are there vigilantes on the dark web?
I mean, since we talked aboutSpider-Man here today, already.
I mean I'm wondering are therepeople there on the dark web
that are actually trying to dogood and stop some of these
cyber criminals?
If that's where everybody'shanging out.
Speaker 2 (04:19):
There's interesting enough.
I don't know an awful lot aboutthat, but what I've done, the
research, is sometimes I'veheard a few stories where a
cyber criminal syndicate hasagreed to pay the partners to
execute some damage and theydidn't get paid.
Then they went after each other.
(04:40):
Oh, wow.
Yeah, it was crazy.
Speaker 3 (04:44):
I guess also to rewind a little bit, just
because there's probably somepeople who are going to be
listening who don't know what isthe difference between the web
and the dark web uh, differencebetween the web and the dark web
.
Speaker 2 (04:55):
Um, I I'd like to explain it just as easy as
layman's terms as possible.
Uh, dark web is, I call it thewild wild west of the internet.
That's the best way of sayingit, and that's where all the
scary things are, where youdon't want to.
(05:15):
You don't really want to visitthere.
Like how to like, not just.
Speaker 1 (05:20):
But like I don't get it, okay, then help me really
explain this Like I'm afour-year-old.
So is it like, instead of a www, is it like a DDD for dark?
I don't understand.
How does somebody get into thedark web?
Speaker 2 (05:31):
There's a special browser you have to download to
get access to it, and then youget tools to that scary digital
kingdom.
Speaker 3 (05:39):
Okay, and it's just all unregulated internet.
Speaker 2 (05:42):
Unregulated, like things you don't even want it,
like how to make bombs, yeah.
Speaker 1 (05:48):
So you can't find how to make a bomb on the regular
internet, though, can't you justfind it?
Speaker 2 (05:52):
on the horse?
I'm sure you could, or is itmore?
Speaker 1 (05:54):
like you know that the IPs are being watched and
then the police are on yourRight.
Speaker 2 (05:57):
It's not monitored.
Speaker 1 (05:58):
Yeah, okay, yeah.
Speaker 3 (06:00):
How do you get to a point where something is
unregulated, because therealways has to be a provider of
internet, and what I mean bythat is whether you have a
company that provides it, butthere's also just cables that
connect and all that stuff youhave to run through it.
Would a hacker?
Would they have I don't knowone of the companies like Rogers
(06:21):
Bell, eastlink, whatever?
Would they have an internetprovided by them and then have
something like a vpn that throwsthem off or oh yeah, is that
how it works, or can they?
get in.
How do they get internet?
Speaker 2 (06:33):
it's like they they can get on, but they cover their
tracks.
They're using vpns and aliasesand hopping around servers so
that they're covering theirtracks, like the, the digital
tracks, the crumbs I've used aVVM before, but all of them have
to pay like the $100 forinternet every month.
Speaker 3 (06:49):
Yeah, that's the case , right?
Speaker 2 (06:50):
And sometimes they're doing it.
We were demoing a productrecently that sometimes it's
happening, like cybercrime ishappening, even at a hotel or an
airport.
There's these little devicesthat you can use and you can
turn on a hotspot that says freeWi-Fi.
(07:12):
Right and then people and wewere demoing this recently at an
event turn it on and thenpeople start they're at this big
live event for the chamber orwhatever, and they click free
Wi-Fi assuming it's the provided, we've free wi-fi.
And as soon as you come, soonas you click to sign in, it
comes up with your gmail sign inand the moment you put your
(07:34):
username and password in, itgoes into the little device and
the hackers on you.
Speaker 1 (07:39):
They have your information yeah, yeah, I've
learned about that.
I mean, I never used wi-fi inairports for that reason or
stuff like that yeah.
Get a better data package, ifyou can Right.
You can be literally thosehotel Wi-Fis when you're
traveling Hotspot or have a VPN.
Yeah, and I mean at home I haveI mean again, I know very little
about this and that's why wehave you here yeah, but I do
(08:02):
have like an aero wi-fi hotspots, like so eastlink set it up in
the house.
It's aero internet or aerowi-fi.
Yeah, and I'm surprised when Ilook up, that it does a certain
amount of scans for viruses andphishing and like every week at
my house I mean that thing is isidentifying, you know,
basically phishing or whateverin my, you know, on our own
(08:23):
internet connection.
And wow, you know, we're notreally using it for a whole lot,
right, like we're using itprimarily for, like, the netflix
and the amazons and the stufflike that, right, the main
social apps.
I don't think anyone around isreally going too far into the
dark web, right no, no, but it'sstill like it's still out there
.
Speaker 2 (08:39):
It's so prevalent on almost everything you look at
well, it's nice that you have adevice like that, because some
of the providers, uh, that I'veseen don't right.
And and I like to explain whenI'm talking about cyber, it's
not just the, the main entrypoint.
It can be what your colleaguedoes remember that tv show, the
(09:00):
weakest link?
Yeah, well, it's just oneperson that can cause so much
damage and and that person thatnormally would not do anything
if they're having a bad day, howmany times have we had a bad
day and we've done something wenormally wouldn't have done
because we're tired, right,we're tired.
Speaker 1 (09:17):
Yep, yeah, yeah, yeah , a little lapse in judgment.
Speaker 3 (09:19):
Yeah, yeah, yeah so who, who, in your opinion?
Who, would you say, is likekind of like the bigger target,
like the big guys who have lotsof technology and, you know,
lots of money equally, but theyhave lots of tech, they have a
staff to combat and all thisstuff?
Or the one person operation, oryou know, like those smaller
operations that may not have theresources, the tech and all
(09:42):
that stuff behind them but don'thave the money to quite be
worth it to attack?
Speaker 2 (09:47):
See, a lot of times we think that the hackers are
targeting a specific niche.
And yes, they are.
Speaker 3 (10:00):
Because there's spear phishing and all that stuff.
Speaker 2 (10:02):
But a lot of times they're just casting a wide net
out into the digital frontierand whoever clicks on it, they
own you.
I have an example of a man, asmall business, that lost
$30,000 because he fell victimto a scam.
What happened?
(10:24):
Because he fell victim to ascam?
To what?
What happened?
It was a.
He got this conversation thatcame up.
He clicked on something hey,time to invest in bit mining
Bitcoin.
You can double your investment.
He got on the phone and theperson was really convincing.
He knew a little bit about hisinvestments and then he actually
(10:48):
had him invest $20,000.
And then he called again a weeklater hey, we have another
opportunity for $10,000.
When I found out about it, Iwas speaking with his daughter.
I said tell him to stop.
And when he tried to get themoney removed, he had to pay
(11:10):
$10,000 to get access to it.
Speaker 1 (11:14):
So it was gone, it's gone.
Speaker 2 (11:16):
Nothing, that's a man .
Speaker 1 (11:18):
So you just wired a stranger 30K.
But I mean, the technologiesare there now AI.
Speaker 2 (11:23):
You can impersonate someone.
That's right.
Speaker 1 (11:25):
You can sound so knowledgeable over the phone,
deep fake technology right Likeyou could really.
And how hard is it to have aconversation with somebody and
believe they're genuine?
Speaker 2 (11:34):
Oh, very easy.
Yeah, ai is the new trend.
Speaker 1 (11:40):
And like social engineering I mean that word, I
think, is underutilized, becauseit's now exponential how social
engineering was 10 years ago.
I remember when I was at a jobI had before I was in the
insurance business, I got anemail one time and it was just a
very generic spam one and itwas like we've seen you, mr
(12:00):
Tobin, doing things in front ofyour computer.
Yeah, yeah yeah, and I was likewhoa For a second of your
computer.
And.
Speaker 3 (12:04):
I was like whoa and I'm like wait a second, this is
my work computer.
I want to do nothing in frontof this computer and then I
wised up to the fact right.
Speaker 1 (12:14):
I was like there's no way.
I've never done nothing infront of this computer.
What am I worried about Then?
It did not become an issue whenI thought about it for a second
, but this was where it was thatmoment of anxiety that moment
of that
Speaker 2 (12:26):
moment when you're vulnerable and then you, and
then you may do something in afew minutes where you do
something, and then, if you walkaway and you think about it
half an hour or 10 minutes later, yeah, wait, yeah it doesn't,
but now it's like the movieinception.
Speaker 1 (12:40):
so say that was a mild layer that I got through
very quickly.
I mean, today it's almost likeyou and I could have a total
conversation, even when weintroduced you and talked about
you coming on to this podcast.
I could have just done layersof deception by researching you
and knowing who you were andthen realized that I would say,
oh geez, brett, yeah, just wireme $1,000 and we'll see you
(13:03):
there.
And the next thing you know,you got hoaxed.
Speaker 2 (13:06):
Oh yeah, and that's happening even on smaller scales
.
I mean, we all hear aboutpeople being taken advantage
with Facebook Marketplace.
Yeah yeah, pay me the $100 fordeposit and then you go to the
place to pick it up.
Oh yeah.
Speaker 1 (13:24):
Nothing yeah.
Speaker 2 (13:25):
It's just not.
Yeah, it's crazy.
Speaker 3 (13:28):
Yeah, nobody gets my money before I get the stuff.
Yeah, that's smart yeah 100%.
Speaker 2 (13:32):
You always have to question everything, if there's
anything that we can learn fromdrug dealers.
Speaker 3 (13:39):
Make sure that the money's there before you get the
stuff.
Speaker 2 (13:42):
I want to see the goods before I give you the
money.
That's right.
Speaker 3 (13:46):
Yeah, so okay.
So for yourself, maybe you canexplain to people like what
exactly is that you do and howyou help people.
Speaker 2 (13:56):
So we really believe and this is our mantra security
first and, like I was sayingrecently, you can't prescribe
without a diagnosis.
You know you don't go to adoctor and they just say I got a
headache.
Speaker 1 (14:14):
Sorry not to interrupt, but do they come to
see you when there's a problemor do you help with preventive
measures?
Speaker 2 (14:21):
Both but, generally, I have a conversation with a
business owner and say, hey, weneed to talk, let's have a
conversation.
Sometimes they come to us andwe say, look, let's look at
what's going on here from abusiness perspective, because
(14:42):
look what happened like pharmacyorganizations that we support.
Look what happened in WesternCanada Abundant Drugs was down.
Speaker 3 (14:50):
And even.
Speaker 2 (14:50):
Sobeys was down.
Okay, so it all starts with usdoing a cybersecurity risk
assessment and we do thatengagement.
We put some tools on thecomputers, we test and see if
there's any vulnerabilities inthe systems.
We check the dark web, we phishtheir staff and we check for
(15:13):
just the overall health andintegrity of the network.
How old are your computers?
Are they patched?
Speaker 1 (15:23):
Updates being done on a regular basis.
That's huge with corporate,because the corporate computers
are usually behind even yourhome computer.
Speaker 2 (15:30):
How secure are they?
I don't want to get tootechnical, but are you allowing
everybody is at the wild west onyour network?
Are you allowing everything torun?
Are your backups securedoff-site?
Because when you get hit thefirst thing, what do you think
the hackers are going to go for?
They're going to delete yourbackups, and then we check to
(15:51):
see if your Office 365 or GoogleWorkspace is actually being
backed up, because a lot oftimes we think, oh, it's in the
cloud, we're okay, but no, it'snot.
We need to have a layered, amulti-layered approach to cyber
is the best way.
It's the only way so would you.
So you would encourage peoplelike businesses to have, uh, not
(16:14):
just update like backup in thecloud, but also backup on a hard
drive uh, if you're doingbackup on a hard drive, the
reality is, if you're going todo that, you want to have an
encrypted hard drive.
I can't tell you how many timesI've heard of somebody losing a
hard drive.
And you've had your digitalkingdom and somebody can just
(16:36):
come into your office and takethat drive and get at everything
.
Speaker 1 (16:39):
Yeah, and that's another cybersecurity, a more
physical thing but, it's stillcybersecurity 100%.
Speaker 2 (16:45):
Yeah, it's all related.
Speaker 3 (16:46):
What's the best way to back things up, Like if it's
just in the cloud.
But what's another way to backthings up outside of backup on
hard drive, backup on cloud?
What's another way of doing it?
Speaker 2 (16:54):
Well, if it's emails, if you want to get really
simple, for a second email ifthere's 10 or 20 emails that you
want to really keep.
Have another email that youforward that email to.
Oh, okay, that's just a basic,but make sure the non-negotiable
today that everybody needs tobe aware of two-factor
(17:17):
authentication on your email.
Speaker 1 (17:19):
Yes, yeah, I do that on everything.
Some people are not.
It's a pain in the ass, it's apain but, it's a nice pain in
the ass.
Speaker 3 (17:26):
Yeah.
What's worse is what couldhappen if you don't have it
Right.
Speaker 2 (17:29):
Right, well, and we know we have.
We put tools on our clientsthat we know when somebody's
trying to get in, and so we havea client in northern Canada,
and when we first brought themon board, we saw that there was
over 20 times a minute thatsomebody was trying to get into
the mayor's email.
(17:50):
Oh, whoa interesting, yeah,yeah.
So what we did is we put theother layers on conditional
access.
Don't let anybody in fromoutside of Canada.
Speaker 1 (17:59):
Get two-factor authentication on yeah, and you
guys provide software and stufflike that to help people along
as well as practical kind ofpreventative measures.
Is that kind of right?
Speaker 2 (18:11):
Yeah, yeah, we put the tools in and we manage it
for the client and we providehelp desk services.
So if you're a manager andsometimes people are trying to
do things themselves, fix issues, we take care of the help desk.
The printer's not working,manage the cyber.
If you need to get your Sage 50updated, we help do that and
(18:36):
the nature of one of our toolsthat we use actually the clients
have to raise a ticket with usto allow the update to go in,
because we have this specialtool that blocks any updates
from being installed in thefirst place, like third-party
software, because sometimesthese need to be tested and
managed.
Speaker 1 (18:57):
Right.
So yeah, your QuickTime orwhatever it could be on your
desktop trying to do an update,you prevent that.
Speaker 2 (19:03):
Yeah Well, quicktime generally goes through, but Sage
50, for example, some of thesesoftware vendors we actually
make a window and allow that.
Speaker 3 (19:12):
That's smart, yeah.
So I mean, like obviously thishas changed over the last like
10, 20, 30, whatever years.
Cybersecurity and everythingwhat kind of inspired you to get
into like this type of stuff?
Like did you, you know, becauseyou said you've been doing for
25 years?
I think is what you said.
So I mean we're talking likeyou would have got in if you
(19:33):
know this would have been.
Was it?
Was it?
Uh, y2k that got you inspired,because we're 25 years ago was
like that kind of thing.
Speaker 2 (19:40):
So my journey, my journey in a nutshell.
I was uh, I was working for agreat company, a construction
fabrication company, as their ITperson.
Speaker 3 (19:49):
Okay.
Speaker 2 (19:49):
And regional leader in construction fabrication,
great company Set the foundationfor me.
I saw elements of it back then,but when I started my company
in 2010, I started seeing, okay,we need to do a little bit more
.
I started seeing, okay, we needto do a little bit more.
But when I really looked deeper, a number of years four or five
years ago I joined a network ofcybersecurity professionals
(20:12):
worldwide and we meet every dayI actually have a meeting today,
mastermind and we talk cyber.
Oh cool and I was on a call lastnight talking about cyber at 9
pm, so you live this stuff everysingle day.
Speaker 1 (20:28):
We do, but you have to because it really catches up
every single day, right?
Speaker 2 (20:32):
So we're constantly improving our skill set, but
also knowing okay, what's thenext threat.
Right and so that's why I didit.
I seen that what we were doingwas not enough, that what we
were doing was not enough, andwhen you see an antivirus on a
server and something comes onand you thought you had the best
protection and thevulnerability, just looked at
(20:57):
that.
Speaker 3 (20:58):
Ha ha ha, spider-man boom and it just encrypt the
hard drive.
Speaker 2 (21:02):
So, what we need now is these other layers, and so I
was saying at a recentconference a security operations
center is one of the things weuse which augments our team.
We had an organization in NewBrunswick that had an attack on
their production line and itencrypted the production line,
shut it down.
(21:22):
We were able to clean that up.
That's when we came in and westarted implementing the
elements of cyber.
Speaker 1 (21:30):
Were you able to figure out where those folks
were from?
Speaker 2 (21:32):
No, but I know how they came in.
I'm quite confident they camein through the vendor's third
party tool.
This is why we have to checkour vendors Interesting.
Speaker 1 (21:43):
This is awesome to know.
Speaker 2 (21:44):
TeamViewer.
The vendor used TeamViewer andthey had their aspect secured,
but they didn't do the extraelement of blocking it just so
that they could do it.
So somehow the hacker gotaccess to the ID and the
password and they got in Wow andthey encrypted it.
Now we put the elements ofcyber in after that cleaned it
up and we put it on everything.
Speaker 1 (22:08):
And that ID and that password.
It's so simple to say.
But think about this.
Go back to the story of thehuman being that went home that
weekend, uses the same passwordfor their Netflix had their
things shared and then they goto work that week later and they
use that same password and theyjust connect.
Oh dude, this guy works fromhere and he works with this big
company, and they just copypaste and they can find out all
(22:30):
that by researching you onfacebook and linkedin, where you
work so right I.
Speaker 3 (22:34):
I don't know if I shared this before or whatever,
but my passwords that I use now.
Did I ever tell you what I dowith this, matt?
Speaker 1 (22:40):
conrad one, two, three, yeah, everything he does.
Yeah, no, you know what you?
Speaker 3 (22:44):
you know, I decided to do like you know, we, you
know we're in insurance and weare in cyber insurance and we
have to face some things, andyou hear some crazy horror
stories, which we'll get to in aminute, yeah, um.
So now what I do is every timeI need to do an update, and what
I've been doing this whole yearis, uh, I've been putting in a
lyric from song, from a songthat I heard on the radio that
(23:07):
morning.
Tell them, it's a terrible idea.
Speaker 1 (23:09):
Yeah.
Speaker 3 (23:09):
It's not because it can be so random.
Speaker 2 (23:13):
I want you today to go to the website, use a
passphrase and put one of thosepasswords in that you use and
see how long it lasts.
Speaker 3 (23:21):
Okay, okay, yeah.
Speaker 2 (23:22):
What I recommend whenever you can.
Speaker 1 (23:24):
What if you go into the website?
You've got a site where you cansee how shitty your passwords
are.
Yeah, okay, but we train people, you guys have that.
Speaker 2 (23:30):
No, there's a website that we use as part of our
onboarding.
We recommend a passwordmanagement tool.
Speaker 1 (23:35):
Yeah, yeah, yeah Okay .
Speaker 2 (23:36):
A keeper is one we like, but we train people with
the password management tool touse a passphrase four letter,
four words, and when you usefour words like everybody loves
spider-man dancing, that's a 600century password to hack.
Okay, okay.
But if you use a password likewhat do you mean?
Speaker 1 (23:58):
600 century password, you mean, because it's so long,
yeah, so long with the spacesand everything it would take 600
years to figure it like acomputer because of the length
of it, and the audience wouldtake it.
Speaker 3 (24:08):
But here's the thing, though if you do that, though,
but if I like, if I'm sittingthere and, like you know, matt's
driving, I gotta understand ifI put, like you know, uh, you
know my favorite song, orsomething like that, if I was
like metallic girl yeah, orwhatever like.
If I put like metallica 1985because it's like a favorite
band of mine and my.
That's different.
But if I'm driving in on and Ihear on the radio and I hear
(24:28):
like a taylor swift song, I willsometimes and I don't, I don't
like taylor swift, right, I likeher music, okay, but I I might
use that and I might.
I'm you know, I don't know, Ican't even think of a taylor
swift song, but it's shaking off2400 baby exclamation.
Speaker 2 (24:44):
yeah, guess how fast that Guess how fast that
password would be.
How fast?
That would probably be hackedwithin two hours, really, yeah.
Speaker 3 (24:52):
Even though, like for me, like no one would ever
guess that.
For me, though, because it'snot a song.
But what if they're on yourcomputer already and they've
seen you putting the keystrokes.
Speaker 1 (25:02):
What if you?
Speaker 2 (25:02):
have like a phrase.
Speaker 1 (25:04):
Can't.
They do that anyway, though,but you mix it with capital,
lower letters and symbols.
So if you say like I don't know, just like say okay, so drop it
, like it's hot.
But you go capital D, thenlowercase r, then a zero for the
o, then a p, then a three, andthen you kind of redefine the
language like a serial killer.
(25:24):
That might get you to two weeksto three weeks.
Speaker 3 (25:28):
That would get you better.
So why would like danceSpider-Man?
Speaker 1 (25:31):
Boogie.
Whatever, don't use thatpassword.
Why would that be better,though it's better because, it's
super long, super long spaces.
Speaker 3 (25:38):
Yeah, I know, but that's what I'm saying, though.
When I do a song, so like Iwould go on there and I would do
like Whitney Houston's, I Wantto Dance with Somebody.
Yep, isn't that a long password, though, put?
Speaker 2 (25:49):
some spaces in it and it'd be even better.
Speaker 3 (25:50):
Yeah, yeah, because no joke, that was a password of
mine for like three months.
I heard Whitney Houston onthere and I was I want to dance
with somebody.
Speaker 1 (25:57):
I know I used his Netflix.
It's like I want to dance withsomebody.
That was my password.
We were talking about it.
Speaker 2 (26:06):
What's your favorite song?
Right my head, yeah exactly,but like that's.
Speaker 3 (26:09):
The thing is, like I would sit there and I like like
the person who can sit there andhack in and sit there and go
like matt's gonna like matt'spasswords.
I want to dance with somebodyexclamation mark.
Speaker 1 (26:18):
But you gotta think of it less as like a person and
more of a computer that can justdo this right like.
But it can, yeah, but if itdoes that.
Speaker 3 (26:26):
What's the difference if I use a a song lyric versus
random whatever's?
It's going to guess it anyway,yeah time, right I?
I don't know this brett, butlike my thought behind it is
this I thought it was a goodidea if I used a word.
Speaker 1 (26:41):
Words are easy.
It would be easier for uh anykind of predictive algorithm to
predict yes, right then thenlike a broken word.
So if I said droid, the wordyou know, shout out to Star Wars
right and said spelled the worddroid peep poop as opposed to
putting a zero one in the middleof droid Right Right.
That would be harder to detect.
Speaker 2 (27:03):
I want to dance with somebody.
Yes, five days.
Speaker 3 (27:05):
Five days Yep.
Speaker 1 (27:07):
Oh okay, put Five days.
Yeah, oh okay, put it in there.
Yeah, I want to dance withsomebody.
What's the name of this?
Speaker 2 (27:10):
website.
Can you say it in a wayUseapassphrasecom?
Speaker 3 (27:15):
Useapassphrase.
I'm totally checking that out.
I am going to like seriously.
Speaker 1 (27:18):
That'll be a good drinking game.
I'm like.
Speaker 2 (27:19):
I got a 28-day password.
Speaker 3 (27:22):
Seriously, it's the first three pages.
You'll never guess it.
Leviticus 17, verse 20.
I'm gonna try that later.
That's cool that's a reallycool thing yeah, okay, so yeah
anyone listening.
Definitely do that, becausethat's a, that's a whole lot of
fun.
Speaker 1 (27:42):
So we're actually getting a shorter time, man,
yeah, can we?
Speaker 3 (27:46):
like I like, maybe give like one like crazy horror
story, that story that you havefor cybersecurity, and then
we'll get into our 10 questions.
Speaker 2 (27:54):
Sure, Okay so, this happened recently, so on average
, hackers can be in your networkfor 120 days.
Speaker 3 (28:04):
Okay so remember that Okay.
Speaker 2 (28:06):
Whoa, okay.
So I was at the gym and I wasworking out and I got a message
from a client a former clientneed help.
I called the person and youcould sense it in them.
Something happened.
So I said look, I'm going tocome and see you.
(28:27):
They were five minutes away, soI came up.
What happened?
So the person had received aphone call and it was Gosha Bank
and they said hey, I have theowner on the phone and we're
talking about this deal.
This deal and this deal had allthe details.
(28:49):
Okay, knew everything.
All we need is the key fob sowe can get into the bank.
Okay, wow, okay.
$400,000 later, woo, okay.
By the time they realized itwas the next day, called the
bank.
The bank was able to recover200 000 um, and I don't know
(29:16):
about you, but most businessesdon't have that much money to
lose no, that's, the banks do,but no, not not regular business
and and and why I'm doing this.
A lot of people you know, forthe businesses I support, some
of the people are living fromtwo paychecks from going
homeless, right, okay, so theygot two hundred thousand dollars
(29:39):
back.
That was the horror story, themost recent horror story, and
what I advise them to do withthis organization is going
forward.
If you're going to do anythingfinancial, have a code word
between each other, okay, anddon't do anything unless you see
(30:00):
each other eyeballed.
Speaker 1 (30:01):
Like a safe word.
A safe word, bluffy kitty.
Speaker 3 (30:07):
Like soft kitty.
Speaker 2 (30:09):
But that's the best piece of advice.
Uh, if anybody all of you getthat safe word, uh in your
organization that's that one youtake, because with ai now I
used to say eyeball to eyeball,but now with deep fake right.
Yeah, that's right so take thatto heart everybody, please.
Yeah, that's great advice.
Speaker 3 (30:29):
Yeah, the um, yeah, yeah I think that's really good
advice, especially because Iknow some companies or some
people, entrepreneurs and thingslike that.
They'll think, oh, you knowwhat, that's not going to happen
to me, that happens to theother guys.
Or they might think, oh, Ican't afford cyber insurance, I
can't afford a cyber expertinsurance, I can't afford a
(30:53):
cyber expert.
But in the end, if it happensto you, you wish you could have
afforded that, because even ifit costs you $1,000, $2,000 or
something like that to havecyber insurance, to have a cyber
specialist, $200,000 is Welland what's happening, the trend
that's happening.
Speaker 2 (31:07):
Your vendors are going to start coming at you and
saying what are you doing tomanage your cyber?
That's right.
And if you don't and you guysare in insurance, so you know if
you did apply for cyberinsurance and you're not doing
what's necessary, they're goingto deny the claim.
And the insurance industry toget cyber insurance.
(31:30):
Before it used to be twoquestions Do you have antivirus
and backup?
And now we're seeing cyberinsurance.
Speaker 1 (31:36):
Oh gosh, not now.
Speaker 2 (31:38):
No, sometimes one vendor from one year.
They went from three pages to11 for getting cyber insurance
100%.
Speaker 1 (31:45):
Yeah, so that's the reality Way more understood now
and the risk is way higher.
Yes, right, so protecting therisk is way higher.
Speaker 2 (31:50):
Yes, right.
Speaker 1 (31:51):
So protecting yourself first is number one.
Speaker 2 (31:53):
Oh yeah, and if you're casual about this, you
become a casualty.
Speaker 1 (31:57):
Yeah, and even at your home.
Like you know, this is a showabout.
We talk about business a lot,but in your own home, right?
Don't be too casual about yourNetflix password.
Speaker 3 (32:04):
Don't be too casual about the 20-year-old Gmail,
Because that has your creditcard information Gmail password
right.
Speaker 2 (32:08):
Two-factor authentication on your banking
at home.
Guys, everything you do now hasso much information, so much
more than you even know thosecookies.
Speaker 1 (32:15):
they mean a lot right .
They're not just deliciouslittle morsels, but Brett back
to you.
If people follow you onLinkedIn, you do a webinar like
almost every Thursday.
Is that correct?
Speaker 2 (32:27):
We're launching.
We're going to be launchingagain we Thursday, Is that
correct?
We're launching.
We're going to be launchingagain.
We've been just putting ourbest content out.
Sure, I'm not only just talkingabout cyber, I'm just talking
about things that are on myheart.
Speaker 1 (32:38):
Yeah, for sure yeah, and I took some time to follow
you on LinkedIn and I mean it'spretty interesting right.
I mean you know, Cyber SweetestChef.
Speaker 2 (32:44):
Did you see that?
I saw this.
You did a Cyrus.
Speaker 1 (32:47):
Rice chef one day.
We actually.
I've included some of that intomy 10 questions here because
you know I went on the dark weband researched you a bit there.
But anyway.
So, without any ado, let's kickoff these questions here, and
Matt, you want to do the firstone.
Speaker 3 (33:02):
All right, I'll do the first one.
All right, so we know you're abig Star Trek fan, so if you
could spend an afternoon withSpock and you planned the day
together, what would you do?
Speaker 2 (33:14):
I take him off into the woods to Peabody Lake.
We go canoeing and fishing.
All right, that would be prettylogical.
Speaker 3 (33:21):
No mind meld or anything that would be the day
Spock found emotion.
Speaker 1 (33:28):
He'd be like this, is beautiful, that'd be great yeah
.
There you go.
All right, that's a good answer.
Okay, question two.
Okay, question two.
Speaker 3 (33:37):
It is your last meal you're gonna die the next day.
Sorry, uh, what would?
Speaker 2 (33:40):
you order like a last meal I would, or I would love
to have my mother's hamburgergoulash.
Speaker 1 (33:49):
Oh, okay, yeah.
Speaker 2 (33:49):
Amazing yeah.
Speaker 1 (33:50):
Good answer yeah, all right.
Speaker 2 (33:52):
Question number three yeah, of course.
Speaker 3 (33:56):
Question number three On your LinkedIn profile, you
pride yourself on being a scoutleader, yep.
So what's the number one lessonyou wish you could teach to all
the youth growing up if youcould?
Speaker 2 (34:06):
Be prepared and just be the best version of yourself
and treat people with kindness.
Be a better person, be, I tellkids.
You have so much potential youdon't know how much you're
capable of and just pushyourself a little bit and grow,
because you can do it.
Yeah, awesome.
Speaker 1 (34:28):
Okay, Scenario Yep A hacker gets your password vault.
Hacker gets into your passwordvault, now having access to all
your social media accounts, andthey are posting terrible things
, asking your colleagues formoney and are damaging your
character.
What's your next step?
Speaker 2 (34:47):
Can I call a friend?
No.
Next step is because I hadtwo-factor authentication on and
I had my recovery.
I immediately get in and try toreset my password, reset my 2FA
and check and see if I can seewho those guys contacted and I
(35:10):
would call them.
Speaker 3 (35:11):
Okay, I would call them.
Speaker 2 (35:13):
I don't want them to have any damage.
Speaker 3 (35:15):
And before we ask the next questions, I got a little
bit of a side question for thisone.
You see that often where peoplesay, oh, I got hacked on
Facebook and whatever, and thenthey send messages to people
that you know and everything.
Yeah, I like to waste thosepeople's time Me too.
Okay, so is there?
Speaker 1 (35:29):
I like to waste those people's time me too so okay.
Speaker 3 (35:30):
So is there any threat to me like doing that,
because?
Speaker 1 (35:32):
like no, okay, good what does it get pissed off at
you because you wasted theirtime?
Speaker 3 (35:35):
no, but like I had one person who was like heckling
the hacker click, click thislink and, like you can like
apply for like ninety thousanddollars for funding or whatever,
and it's non repayable, blah,blah.
And I would say to these peopleit's like great, you know what,
I know what I'll do, that yousend me 20 grand and then when I
get mine on here.
Speaker 2 (35:52):
I'll give you 40 grand.
You'll double your money.
Speaker 3 (35:55):
And then they're like no, no, no, Just click on the
link and you'll get it all.
I'm like yeah, yeah, yeah, butyou send me 20 grand now.
Speaker 2 (36:11):
And I'll talk to them , for like to do so.
Wasting their time is not a badthing.
It's a nice pleasure sometimes.
Speaker 3 (36:15):
I agree, All right.
Question number five.
So who would you like to seewin the next federal election?
Speaker 2 (36:23):
Oh, I learned a long time ago from David Foley, who I
have a lot of respect for.
Speaker 3 (36:29):
Dave Foley, who I have, a lot of respect for.
Speaker 2 (36:30):
Dave Foley.
All right, he owned aconvenience store and he said
Brett, I learned a long time agonever to talk about politics.
Speaker 1 (36:36):
Take a sip of your drink, my friend, yeah you can
take a sip.
Speaker 3 (36:38):
You know what he goes , I learned that.
Speaker 2 (36:41):
but you know what I believe there's a need for
change and every now and thenit's time, it's time, need for
change and every now and then,you know it's time, it's time
for a change.
Speaker 3 (36:53):
That's fair.
That's fair, I do feel it's 10years.
People get stale yeah.
Speaker 1 (36:57):
Okay.
Next question If you had a rapname, like you were a rapper,
okay, came out tomorrow.
You had a name, what would your?
Speaker 2 (37:04):
rap name be DJ Jazzy Brett, the Hitman Guadalupe.
Speaker 1 (37:12):
It's not a password.
His rap name is as long as hispassword Okay, dj Jazzy Skilt
Master.
Speaker 3 (37:20):
Oh, I like that.
Dj Jazzy Skilt Master,fantastic, all right.
Speaker 1 (37:24):
All right yeah.
Speaker 3 (37:25):
Okay, question number seven.
So what is your or a favorite,or your favorite band or artist?
Speaker 2 (37:34):
you know, jeff daniels.
Oh, okay, you know, did you theactor?
Speaker 3 (37:41):
yeah, yeah, of course I.
He's a country singer orsomething, isn't he?
Speaker 2 (37:44):
I download.
I heard him play on kellyclarkson, yeah, and I downloaded
everything on spotify and mywife and I the music like I I.
We drove through denver ofcolorado, my wife and I, this
summer.
Yeah, and I had that on myplaylist.
I listened to that twice and Ilistened to might listen to a
bit on uh when I'm driving.
Speaker 3 (38:04):
It's great oh, it's great funny too, that's good.
Speaker 2 (38:08):
Question number eight Me yeah, if you could travel to
any time, past, present orfuture.
Where would you go and why1955.
?
Speaker 3 (38:21):
Marty, don't do it.
Speaker 1 (38:24):
That's a great answer .
Speaker 3 (38:25):
That's a great answer .
Actually.
That's great.
Speaker 1 (38:27):
You're knocking these out of the park, by the way.
Speaker 3 (38:29):
All right.
Question number nine, mr Kids.
Why do you have a clipboardcutout Of the Pope in your home?
Speaker 1 (38:39):
You have a cardboard cutout Of the Pope in your home.
Speaker 2 (38:41):
There's three things in my office.
Speaker 3 (38:44):
Behind me.
Speaker 2 (38:45):
Spock was put in my cart Seven times by my son and
then I finally decided to buy it.
And then I said Spock was putin my cart seven times by my son
and then I finally decided tobuy it.
And then I said Spock needs afriend.
So I decided I'd get the twinpowers, spock and the Pope.
And then another thing rightbehind me is I have an airplane,
a model airplane from Mike.
(39:05):
Mike was one of my greatesttechs and he passed away over
six years ago and he alwayswanted to be a pilot.
Speaker 1 (39:16):
And.
Speaker 2 (39:16):
I keep that playing and I think about Mike all the
time and I'm so grateful forMike Cool.
Speaker 1 (39:23):
Awesome, mike was great.
That's nice, that's awesome.
Last question you really kindof answered this in question
three about the scout leaders,and I respected your answer.
So you talked a little bitabout kindness and that's
actually the number one answeron this show for this question.
But maybe you can give anotherversion of that answer.
So what is one thing everyonein the world can do to make it a
(39:46):
better place?
Like one thing everybody can doto make the world a better
place.
Speaker 2 (39:51):
I really think and I've had so many instances of
this reach out to somebody aloved one or even somebody you
know and have a conversation andjust do it today and say how
are you doing?
I was thinking about you and Iappreciate you so much, who you
are and what you do.
You bring so much value.
(40:11):
People need to hear that more.
I've done that a few times andI'm trying to do it more often
and the effect that it has onthe person but not only on the
person, but on yourself how youfeel.
Yeah, yeah, oh, my goodness.
Speaker 3 (40:24):
It's the greatest.
It's a beautiful answer.
Yeah, you know what I reallylike that.
Because you know what I reallylike that?
Because I heard a quote acouple years ago.
It said all the nice things yousay about somebody at their
funeral.
We should be saying that ontheir birthdays.
Speaker 2 (40:37):
Yes, right To tell them.
And what you notice, there's aman that I buy placemat ads from
and I decided I just starteddoing this randomly and I
messaged him.
I sent him an email.
I said you know, james, Ireally appreciate what you do.
You're always looking out forus.
You do do so many great thingsand your heart's in it, and I
appreciate what you do.
(40:58):
Two days later he sent me backa message.
He said, brett, you don'trealize how much you've been
used by God.
I was feeling this a little bitof worthlessness and all that.
And you sent me this beautifulmessage and I felt so great that
I impacted his life, lifted hisspirit.
Speaker 3 (41:20):
And I said what was true.
Speaker 2 (41:22):
And I felt good because I knew it was
appreciated and made adifference in his day.
Speaker 1 (41:25):
So many people nasty this and they're transactional
and you just went back andshared some love to somebody.
Speaker 2 (41:31):
Yeah, it made so much difference, man, let's all do
that, you know Well, cheers toyou, brett.
Speaker 1 (41:35):
Yeah, cheers, I've got to say man, I've really
loved chatting with you.
Speaker 2 (41:38):
Yeah.
Speaker 3 (41:38):
This has been great.
You're awesome, thank you.
Speaker 1 (41:46):
Cheers and I definitely welcome you on
LinkedIn because you have agreat following there and you
put a lot of good info on there,so please do that if you're
listening to the show.
Thank you so much to GreatRoads Brewing for having us here
.
Thank you for listening to ourpodcast, if you're still here
listening.
Yeah, that's it, man.
Speaker 3 (42:03):
Cheers.
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com