Mr. Vincent Scott with Defense Cybersecurity Group is talking Cybersecurity in a Industrial 4.0 World

In this week's Industrial Talk Podcast we're talking to Vincent Scott, founder and CEO at Defense Cybersecurity Group about “Having you Cybersecurity act together in an Industry 4.0 World”.  Get the answers to your “Cybersecurity” questions along with Vince's unique insight on the “How” on this Industrial Talk interview!

You can find out more about Vincent and the wonderful team at Defense Cybersecurity Group on how you can up your Cybersecurity game by the links below. Finally, get your exclusive free access to the Industrial Academy and a series on “Why You Need To Podcast” for Greater Success in 2020. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

VINCENT SCOTT'S CONTACT INFORMATION:

Personal LinkedIn: https://www.linkedin.com/in/vincent-scott-cybersecurity/

Company LinkedIn: https://www.linkedin.com/company/defense-cybersecurity-group/

Company Website:  https://www.cybersecgru.com/

PODCAST VIDEO:

THE STRATEGIC REASON “WHY YOU NEED TO PODCAST”:

OTHER GREAT INDUSTRIAL RESOURCES:

CAP Logistics:  https://www.caplogistics.com/

Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html

Industrial Marketing Solutions:  https://industrialtalk.com/industrial-marketing/

Industrial Academy: https://industrialtalk.com/industrial-academy/

Industrial Dojo: https://industrialtalk.com/industrial_dojo/

Safety With Purpose Podcast: https://safetywithpurpose.com/

YOUR INDUSTRIAL DIGITAL TOOLBOX:

LifterLMS: Get One Month Free for $1 – https://lifterlms.com/

Active Campaign: Active Campaign Link

BombBomb: BombBomb Link

Social Jukebox: https://www.socialjukebox.com/

Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader):

Business Beatitude the Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

PODCAST TRANSCRIPT:

SUMMARY KEYWORDS

companies, cybersecurity, cyber, scott, defense, people, industry, controls, tool, homework, dlp, government, vincent, hear, implement, security, offense, industrial, world, understand

00:04

Welcome to the industrial talk podcast with Scott MacKenzie. Scott is a passionate industry professional dedicated to transferring cutting edge industry focused innovations and trends while highlighting the men and women who keep the world moving. So put on your hard hat, grab your work boots, and let's go. Alright, let's go. Thank

00:22

you very much for joining the industrial talk podcast. This platform is dedicated to you, industry hero that I'm pointing at you. In the video, I'm pointing at you. That's right. You are bold, you are brave, you dare greatly. you innovate and you're changing the world. And you're changing people's lives each and every day. And that's why we celebrate you. And you can't come to me and say, Scott, I don't think we should celebrate industry professionals. You can't You can't say that about manufacturing professionals because they're wonderful, though. Everybody in this particular industry. Wonderful, wonderful. Now we're going to be talking about cybersecurity. And you're saying to yourself, Scott, I don't want to talk to cybersecurity, you're gonna have to digital transformation demands that we have this candid conversation, it is super duper important. We cannot, we can't let our guard down. And that's why people like Vinson, Scott. He is the founder of defense cybersecurity group. And you know what he brings to the table? frickin credibility, let's get cracking. Yeah, we've got to have this conversation, we got to have this cybersecurity conversation, there are some things that you can do right now, to help beef up that protection. And if you're going down this road of digital transformation, which you are, because that is already that that, that juggernaut is already headed on down the track, and you're gonna have to either jump aboard, or you're going to be chasing it, and you're never going to catch it. How about that for a word picture? I like that one. And, and Vincent Scott, a man with two first names in his name. He doesn't hold back, he knows his stuff. When it comes to cyber, you go out to his LinkedIn stat garden, which I'll have that at industrial talk.com as you know, and reach out to him. You'll see that. Yeah, he's definitely smarter than me, which is, you know, I mean, I'm not the sharpest tool in the shed, but boy, he is something else. And we're talking about things that you can do right now, today. Absolutely. Without a doubt, and it is a must focus for you. I'm not going to sugarcoat it. You want to go down this digital transformation world you're going to have to be able to up you're a dog gone cyber again. Alright, let's get on with the interview. Vincent Scott. That's VI and CMT last name Scott. Good looking because he's got the Scott last name good looking like me. And he'll have all the information out there. He is an absolute. I mean, I'm just telling you, you're not gonna be disappointed. So enjoy the conversation with Vincent Scott. All right, Vincent, welcome to the industrial talk podcast an absolute honor. I mean, an absolute honor that you have joined this particular platform and is going to share your insights and wisdom in and and everything that is cybersecurity resonated with the listeners, and he's also been in the military. Thank you for your service. How you doing? Vincent?

03:28

another beautiful day here in Oklahoma? It is it is it is getting cold here. Right. It's gotta be Yeah, it's been pretty chilly. But it's actually pretty day out.

03:38

Yeah, down here. As I as I turn my head if you watch out on the video, yeah, it's a good day there too. It's Louisiana. It could be 75 degrees tomorrow, but I take it as it comes. Alright, for the listeners out there. Now. We're gonna be talking a little bit about cybersecurity. We're going to talk a little bit about the strategies associated with it. This is an important conversation and I will quote a famous individual right now. Right now I'm gonna quote him. Truth. We don't want to know, you know, who said that? That's right. Vinson, Scott. How you doing? Let's get, give us a little background. Give us a little background on that.

04:10

Sure. But as you said, my name is Vince Scott. I am a retired US Navy cryptologist and information warfare officer. I actually retired 10 years ago, I've been working in government contracting and commercial industry. For that last 10 years. I've done a lot of different kinds of things and a lot of different industries. But really all focused on cybersecurity, really my active duty time, all about offense. I like to say I used to play offense and now I coach defense. Once I retired, went to Oklahoma State and really began to get into the the cyber defense gain in in looking at how we were doing against defending against advanced attacks, and then took that through the last 10 years. I've been gaining experience and, and really had my feet in the trenches of our ongoing cyber war to defend American companies.

05:12

Outside of the fact that you mentioned cryptologist, I want to say that that's dead sexy, just dead sexy,

05:22

that you may be the first person to say that because I get a lot of cryptologist. That sounds technical, it sounds like somebody who lives in a room with no windows and doesn't talk to girls very often.

05:33

It's probably true. However, it's still dead sexy, man, I gotta tell you, I think that that is. Now this is interesting, because one of the things that nobody wants to talk about as your thing, nobody wants to talk cyber security, it is a big, big challenge out there. And and when you start talking about playing defense versus offense, and all and everything in between, this is what bothers me. We all can just play defense, but it never stops. The offense keeps on coming at you. It just keeps changing, it looks different. It might go this way. That way, whatever it is, and you've got to be on your A game all the time. And I want to play offense sometimes dammit.

06:10

Yes, there are a lot of laws against playing offense. That's a that's there's some significant constraints there. However, I think active defense is something that companies can approach. I like to talk about, cybersecurity is something you do. It's not something we have. All too often we think about it as a thing that I have. I've checked the block, I had a seat. Well, a director in the finance organization of a fortune 50 company will get me and say, Now when is the investment in cybersecurity going to be overseen? Dan, I'm like, I'm sorry to tell you that that day is not coming. Right? It's not going to be over. Unfortunately, based on the kinds of attacks that we've got going on in industry in America today, every company is under threat. A lot of people like to talk about those companies who've been hacked, and those that don't know it yet. Every company is at risk. And I think we all have to be raising our level of play in order to better defend our companies and our critical infrastructure.

07:19

So in the case of the pandemic, you know, we've been hit by the two finger COVID death punch back in 2020 2021 different folks. Let's make it a good year. Now, with that. What are the stats that you're seeing from a cyber security perspective back when I mean, we're all at home, we've just changed, things are different. It's hard to it's just a whole different world. But what do you see in in the world of cyber?

07:45

Yeah, well, I think it's opened up new attack vulnerabilities, that new attack surface potentially for a lot of companies, by having so many people work from home. In a lot of ways, though, I don't think that's a huge change. Because most companies had some work from home going on already. And if you didn't have your remote work, environment secured, then then that had already been a problem. And maybe you have more people working remotely more often. But I don't think that's really the the huge change that so many people like to make it out to be just from, from my perspective. I think that the the big The game is fundamentally the same. And that, as you said, Scott, they are continuously trying to attack us attack us, they are knocking on the door every day, in different ways and looking to find different ways in order to penetrate your organization. And, you know, collect, disrupt, destroy your information and your information systems.

08:55

I will never ever understand that mindset. I will never understand I just don't understand the passion to destroy. Just, I don't I don't understand, or there's probably dollars associated with it. But I just I'll just never understand it.

09:11

Yeah, I think some some of the people, as we talked about a little bit before the podcast started are fundamentally evil, right? as an organization, who hacks a vaccine developer, in order to leak those documents modified to undermine confidence in the global vaccine creation. To me, I look at that and go that that's just evil. How could you possibly do such a thing? Now from I will say that all offense is way more fun than defense. Right? Because if you're on offense, you can run 100 plays and if you score on only one, you're a hero. Yeah, it's true. If you're on defense and you run 100 plays and you you stop the the attack on 99 but fail on one, you're a zero right? You failed to meet standards. What the heck? Why didn't you let this happen? Right? And so spot

10:05

on spot on.

10:07

Defense is a world filled with opportunities to fail. And all offense is a world filled with opportunities to succeed. Right, which is more fun. Oh, that's true.

10:18

That's true. I, I can't argue about that you're absolutely correct about it. Now, this is where I, you know, I see the resources, let's say I'm a big company, I've got resources, I got my big company hat on, I got the resources, and I keep on just sort of investing, I got the cash, I got everything, right. And I'm, I know that there's, there's some vulnerabilities, me personally have a passion for, let's say, smaller companies, because I don't think they they're at a disadvantage they just are. And if I look at it from a whole pie perspective, big companies represent maybe a smaller percentage, smaller companies, mid sized companies fill out that pie. And so for me being nefarious and a nasty person and evil, I'm gonna go after that particular portfolio and see what I can do and then be able to sort of penetrate there, I don't have the the ability to be able to do that.

11:11

Yeah, that that's a significant challenge. Right? And, and, and how does a small company better defend itself? And I honestly think that cloud really does offer better protection for small companies, if use smartly. So there, there's a lot of conversation and security world about cloud based applications and things that go on versus on premises where I can control this myself. And I think I see this more in the medium sized space where they they bought a server rack, and they put some stuff up, etc. I would actually encourage those companies to leverage cloud because Google's gonna spend hundreds of millions of dollars on defense, right? Yeah, you're not. And and so to the extent that you can find ways to to leverage those capabilities, the better off you're going to be. I love that. The second thing I think you should do is you got to do what you can do. Right? You're you're not going to be able to have, you know, the US Navy's cyber defensive operations, Legion. Protecting your small business, right? You're Europe, your five person company, and you're not hiring five more people just to do your cyber defense. Not happening.

12:30

Because why on it? Because you made a gap.

12:34

Yeah, right. I can't do this. I love it, I hear you. But that just ain't happening, man. But what you can do, or the basics and, and do the basics well, and one of the things I like to talk about is fundamental blocking and tackling in cyber. So no NFL coach ever went to the podium and said, Man, we we lost the game based on the double trick, reverse play. What do they always say? I didn't control the line of scrimmage. We didn't tackle in the open field, and we fumbled the ball.

13:08

You know, we failed in our fundamentals, just like

13:10

we failed in our fundamentals every time or almost every time. Right. And so I think in cyber A lot of times, and this is a particular disease that can happen in medium and larger companies. Oh, it's about the newest and coolest thing. No, no, it's not. fundamentals.

13:29

I have a hard time with that. I love the news. The fun.

13:32

Yeah, no,

13:32

I hate Oh, racket by that little shiny object.

13:37

Oh, I've heard about this on, on, on, you know, the news. This is the greatest newest thing. So. So one of the things that happens for you said something key earlier, those big companies they've got it all? Yes, they do. But I will tell you that the it that they have the cyber security tools and and things they've purchased, that they think are buying them security aren't in the vast majority of cases, not 50%, I'm talking 85 or 95%. My experience is is that most security tools are only optimized at 5% of their full capability. 95% of their capability is left sitting on the table.

14:22

What do you mean they buy these tools? And they just don't implement it?

14:26

That's right. They don't configure it. They don't implement it. And they don't understand Yeah, what is my corresponding manpower requirement to actually realize the the results of this tool. And so they throw it on the the existing headcount and say, here's another tool, here's another tool. Here's another tool, and that existing headcount gets gets full up. And then those tools are there. They report to the board of directors. Look at all the great stuff we got and that's this is awesome. My Favorite one of these is data loss prevention DLP, it's a tool that's in the marketplace, you hear a lot about it. The vast majority of DLP implementations are worthless. I mean, literally at fortune 500 company, I've gone in and seen a DLP implementation, that was only looking the only keywords they were looking for were cussing. So if you said, an inappropriate word, yeah, in your email, it would pick that up. But then the results and alerts for that were going to a file that no one ever looked at. There was no person to look at that file and actually track that stuff down. On their slide that goes up to the board of directors and says how we do when they go DLP, we got that running check, we're we're preventing the loss of data from our company. No, you're not, you're not ruining anything. But you've certainly spent money on a tool. And so I really like the fundamental blocking and tackling approach, don't add a new tool unless you really can realize the value add and the ROI for that and understand what that is, and, and be able to look at those things in some kind of fashion and really evaluate what am I getting out of this.

16:20

So here here, here's some, some insights. First off, listeners, we got a couple of things right here, let's consider cloud protection, look into that that's important, as well do what you can do. And I think what I'm hearing Vincent talk or he's talking about basic blocking, and tackling a doable, a doable thing to try, right. I mean, you're just out there. But here's one of the complaints. So I get this. First off, I get, hey, we're deploying a cybersecurity stuff, right. And, and, and granted, you're never gonna have any ROI, Dan's gonna be off forever, right? It's gonna try and you're always gonna be playing defense. And so that stinks. The second thing that I always hear is, people, the end user who's trying to do work, right, is constantly being interrupted by whatever cyber tools that are being deployed, and they're getting frustrated, and they're getting pissed off, because I can't do my job, there's a fine balance between continuity of business, protection of business in a way, and it's like, that's, those are the two ends of that, you know, you got to find that fine, you know, that bank gotta

17:35

find that balance point. And too many security guys, gals, people want to, in my view, often implement security procedures that have high user impact and low return from a real security perspective. And, and that's a place where,

17:56

you know,

17:57

that's part of the leadership management executive team's job is to say, you know, I hear you on that, but no, we're not going to do that. Let's find something that we can do that can reduce our risk and not have that kind of impact on our users. I think those things are out there. And but as you said, we got to balance that you do and you have to

18:17

win again, you have to be engaged, you can't just say, hey, look at us, we just deployed this particular tool, it's out there and never never visited again, right. It's a strategy, you got to get out there, you got to be engaged, and you got to look at it and be able to continue to sort of balance it. And recognize just embrace the fact that you're going to be playing defense, and you're going to have to do it. And you're going to have to, I love the cloud solution, you're absolutely spot on when we're talking about sending something and it's only going to get better. It's only gonna get stronger. It's a you know, it's going to be the Steve Austin of where you store your stuff. It's a better deal. So those are, those are cool solutions. I

18:52

like it. Yeah, so things like Microsoft's has a number of office 365, etc, their security options for that are only getting better and better. And taking advantage of those things that are out there. And the big investment that a company like Microsoft can make that you can't make and leverage and that is really important for small and medium sized business. I'm

19:13

telling you, that's the silver lining, my friend. I like that. I like that a lot. Let's let's shift gears a little bit. Let's talk a little bit about I'm a small to mid sized company and I do a lot of government type work. What do we what are we What are you seeing out there from my interaction with the government from a cyber perspective?

19:32

Yeah, absolutely. Thanks. That's a great question, Scott. The Department of Defense is changing the game and cybersecurity for the defense industrial base in the way they're doing that is by inserting accountability into the process. So the Department of Defense came out with standards based around NIST 801 71 in 2015, and said you've got three years to implement this, by one January 2018. All companies that were For the Department of Defense, or tiered subcontractors that work for the Department of Defense, that have sensitive unclassified information, we're supposed to be compliant with this standard. But it was a 100% Trust, no verify architecture, in what the D od has rightly come to the realization of is that no one was doing it. And now God has done two things to really start driving compliance and accountability across the defense industrial base. The first thing is they put out two new rules 30 November, that essentially say, turn your homework in, and tell us how you've done against these standards that we put out previously. defar 7012, for those who are tracking on that, tell us how you're doing against those 110 controls that if you're a defense contractor, you're supposed to be doing I don't care how you're doing, per se, just tell us honestly how you're doing. And tell us when you think you're going to be completely implemented with this, even though we know you were supposed to be completely independent minded one January 2018. As long as you tell us you've got a plan, you're good. Now, that's an interesting accountability point. Because companies are now having a look at this, assess where they're at, and tell the D od where they're at. The second thing that they have done is they have developed a new standard that incorporates the old 171 stuff completely. And they put out a new five level Maturity Model, standard for all of the defense industrial base and said, We are going to be implementing this over the next five years. Starting this year, we've got the first 15 contracts are going to come out that require this. So not very many, but but it's coming in in order to win work in that new framework, you're going to have to have an independent third party assessment of your compliance to the new standard.

22:02

Come on man, I, you know, as a business owner, right? Maybe you'd be a business owner, man, that is like, worse than that. It's,

22:14

it's,

22:15

it's like, Who the hell do I get a handle on this? understand it? How do I succeed? How long will it take me? What how much money? will it cost me? It's just goes on and on? And where do I where's my first step outside of reading the document and saying I gotta do it?

22:33

Oh, yeah, really? Well, so I really think your first step is the D o D has said in that that first part where I said, turn your homework in, that they will not awarding new contract and option or an extension to anyone, or something that flows down to the sub contracts. So you can find yourself a second or third tier sub, don't really think of yourself as a god company and be impacted by this. You got to get your homework turned in. If you haven't done anything, you need to do something you need to get, you need to look at that standard. And you need to turn your homework in. And if you don't know how to do that, hire somebody to help you do it and get that done. Because that could potentially impact what you have in your pipeline. Now, there's some caveats where you don't always have to turn your homework and blah, blah, blah. I'm a company owner, I'm not taking that risk on what's in my pipeline, I'm getting my homework done. And I'm going to make sure it's turned in so that when it comes up, I'm good. And I'm not gonna lose out on my next million dollar deal that I've spent, because it's government and it takes it forever, the last two and a half years working on and get down to that point, and then have the contracting officer say, Well, you know, you didn't have your homework turned in. So I went to the next qualified bidder. Don't let that happen to you, please. Right. So So step one, get your homework turned in. There are some caveats. There are some times where you may want to hold off on turning your homework and depending on how, where you stand and what's in the pipeline, and all that talk to an expert to get some advice, right? Because this is probably bureaucratic thing.

24:06

Yeah, I'll make I'll even simplify it. Okay, if you're doing work with the government, you gotta find an expert. How's that? Just Yeah, I don't even try to do it on yourself on your own, because you're not gonna,

24:19

well, experts cost money though. And I understand that, hey, if I'm a two person shop, I may want to try and do it myself. And you can write this is the homework is called a basic self assessment, the documentation on what it means etc. But you got to invest your own time, then to go figure all this stuff out and get your homework turned in accurately to the government.

24:37

Let me ask you this. Why Why all of a sudden the government is interested in making sure that these contractors are buttoned down pretty according to some sort of cybersecurity level what what happened.

24:48

I don't think it's all of a sudden. I'm sure we've all heard of solar winds now. Right? That's a that's a great example of a broad hack across industry and government that has happened but there's there There's been years of things that have gone on, right, we had a contractor who had NSA offensive tools on his laptop. And those all got stolen, right. And those underlie some of the biggest vulnerabilities and breaches that have happened in the last five years, right? We've had contractors with very, very sensitive government unclassified information relative to weapons programs. I mean, have you looked at, you know, the new Chinese Joint Strike Fighter versus ours?

25:39

looks the same.

25:41

They look like they came out of the same factory. Right? Yeah, there's, there's clearly that's not the only one, right, there's a number of weapon systems that clearly, you know, we've adjusted what the work that was already done and paid for by the US Department of Defense and built that into the our foreign adversaries, weapons and capabilities, right. So this is clearly been known for a while the department has its own problems, they need to do better themselves, on how they defend themselves and hold on to their unclassified information, particularly. But this is now the point in which we have said, Alright, in order to get this done, and the reasons that you stated about, it's hard, it's expensive. It's the last thing I want. As a business owner, it's the truth, I don't want to know, because that's gonna cost me money. And really, it's not gonna make my product any better. Any virus never made my laptop faster and made my user happier. Right? Never. You know, no happy it just never made. It may be lightweight. If you talk to an industry vendor, but in it, it's it's never zero. Right. So so that. And there's a flip side of that argument with antivirus, I would argue, well, if you don't do antivirus at all, guess what, that that laptop over the course of six months may become almost unusable, because it's got so much crap on it, right? And how do you measure the value to your end user who doesn't realize this? Right? They just realized that when McAfee runs, it slows me down. And they don't realize that McAfee running is preventing all this other stuff that would slow them down more measuring that that missed. degradation is really hard for people to do and people to accept mentally, right? I just get that security stuff out of the way. And let's just go do do our job. Yeah, let's do more more cool stuff. So so for back to the dip company saying first thing get your homework turned in? Yeah. Second thing is the new model, the cmmc cybersecurity Maturity Model certification. cmmc is the abbreviation that everybody uses for this has five levels. Five is the highest and most expensive. And the D o d anticipates very few companies. This is going to be Boeing and Lockheed Martin have level five and level one is the lowest. And level one only has 17 controls in it. So the idea here is the department wants to make a model where small and medium sized businesses actually have a lower bar to cross than they would have under implementing all 110 controls of 171 17 better than 110. Right. So whether or not but there's some what kind of information you had drives what level you need to be at. So I think the second thing you need to do is look at CMC and say, am I a level 1am? i a level 3am? i a four or five? What do I need to buy? Right? You know, based on the contracts I have, and my interaction with my clients and how sensitive I think the information I have from them is everybody is going to have to be at least level one. What do D Cisco has said is that if you mow the lawn at an EOD facility is a fifth tier subcontractor, you're gonna have to be level one. Right? So you're gonna have to do the 17 controls, you're going to have to be able to prove that you've done the 17 controls. And you're going to have to get somebody in to assess you that you have done the 17 controls and vote and

29:26

say they're good. My ears and my nose are bleeding right now.

29:31

Yeah, I know that it's a heavy burden for small business, small and medium sized business. It's just one more thing in the government contracting space. That is massively bureaucratic already, that you have to do now.

29:45

For me,

29:45

I think this one is really needed. I think there's a lot of bureaucracy in the DLC space that is low to zero value, add. It's just unfortunate Bs and we honestly have kind of trained ourselves to try and avoid as much of the unfortunate bs as possible, right, you know, we are doing oj simpson moves on the field to try and get away from these requirements wherever possible. In this particular case, because I think cyber is so important because we are clearly being hacked. So often, I think we really need to take a look at this and go, Okay, what do I need to do to do these 17 controls? If I'm level one, and they're not exceptionally hard, but they do need to be done? Right? I need to have any virus on all my endpoints. That's a requirement. That is

30:40

a basic you should I mean,

30:42

yeah, right. No, that's, that's one of the level one requirements. Right, right. I need to know what all the assets are on my network. I gotta have a list. I gotta know, that's not easy. Because we don't need it. But we need to do that. Because I How do I know that I have antivirus on everything if I don't have a list of what everything is, right?

31:03

Because I, when I would travel and get on a property and I find their their network, and they didn't have any real way of I would get on their network, I would buy a foreign endpoint on their network, and nobody really knew about it, but I just surfing

31:20

the net, you can plug in, right? A lot of companies have gotten better by having guest networks. And that's become more common, but there certainly was a day and and a lot of companies wireless harder than wired. I think a lot of companies have gaps in the in the Jackson their wall, where you can walk into the conference room that's outside the wire, and jack into their network and sit there and you know, be on the network, right? There's certainly opportunities to do that. So yeah, so I think the 17 controls are pretty basic, they are they're absolutely in the fundamentals category, but you're gonna have to do them, you're gonna have to do like asset management, right, I have to do, I'm gonna have to show that I know, and I have a process for that, that takes work that can take time that's going to take documentation. So those things are going to be important. And particularly as a small and medium sized business, I think you probably want to help making sure that you're doing that, right. Alright, listeners,

32:19

we're gonna have to wrap this up. Unfortunately, we can keep on going and going, here's a couple of things that I want you to make sure that you remember, first off, if you're a business, just a business, you don't have to be God, you don't have to have a government contract, just a business alone, you better have your cybersecurity at least some strategy behind that, yes, it might be painful. But the other option, there are people that are looking for you, and then they can cause you a lot of pain and agony. So at least something like Vincent, that's a good contact to know, if you're in the government space. Someone like Vincent, it's a good person to know whether you like it or not, whether you're, you're enjoying the flavor of what we're talking about, I can't I can't help you with that. It is a reality. And it is never ever, ever going to stop. It's never. So you get to either embrace it, or stick your head in the sand and not. I wouldn't want you to do that. But right now, God got it. contacted. That's it. That's the easiest solution for me. There.

33:22

I appreciate you, Scott. Thank you much.

33:24

Thank you. All right, listeners. We're gonna wrap it up on the other side. That means all of the contact information for Vincent. That means all of the information that you need to know to get your Cyber Security Act in gear. I feel like I'm preaching. But anyway, do not go away. We will be right back.

33:42

You're listening to the industrial talk Podcast Network.

33:51

with Vincent Scott. Absolute knows what he is talking about when it comes to cybersecurity. Now, he's got a website called cyber sec, cyber sec, Gru, so you get it, you get the cyber security guru in that domain name. It'll be out there at the industrial talk.com. Remember, the company's name is defense cyber security group, you will not be disappointed go out to his LinkedIn stat card, reach out to him. He's active out there. He's got some insights. And I'm telling you right now you take advantage of that jet. Because he's not going to let you down and you need a man industry for Dotto. It's all out there. All right. We're building a platform. We're building the platform again, to continue to celebrate you, industry professionals, industries, heroes, industries that are changing lives and changing the world. Go out to industrial talk.com get everything you can. It's an open book, have a grand old time. Thank you again, hanging out with people who are bold and brave and daring greatly. And I'm telling you right now your world will change. Thank you very much. We're going to be back with another great interview shortly.

About the author, Scott

I am Scott MacKenzie, husband, father, and passionate industry educator. From humble beginnings as a lathing contractor and certified journeyman/lineman to an Undergraduate and Master’s Degree in Business Administration, I have applied every aspect of my education and training to lead and influence. I believe in serving and adding value wherever I am called.

Leave a Comment





This site uses Akismet to reduce spam. Learn how your comment data is processed.