Vancord CyberSound

067 - 2022 Security Year in Review

December 20, 2022 Vancord Season 1 Episode 67
Vancord CyberSound
067 - 2022 Security Year in Review
Show Notes Transcript

As we near the end of 2022, the team at Vancord looks back on their security predictions, shares optimism about the future of the cybersecurity and information technology industries, and encourages you to focus on the fundamentals for the upcoming year.

Today, Jason, Steve, and Matt are joined by the President & CEO of Vancord, Michael Grande, as they dive into hot trends they've witnessed in 2022. Tune in for a recap on 5G, issues with Twitter, the evolving financial landscape, and the increased usage of smart home devices.

Michael Grande  00:00

I did mean to hook my clothes dryer up to my phone, but I haven't done it yet.


Jason Pufahl  00:05

Do you have a phone-enabled clothes dryer?


Michael Grande  00:07

I have a Samsung clothes washer and dryer, and it's supposedly, there's a Samsung app that I would hook it up with and I can change cycles, and it's great.


Jason Pufahl  00:21

So that is interesting because what that really assumes is you went through the trouble of putting your wet clothes in the dryer and then promptly walked away because you didn't want to dry them at that minute.


00:33

This is CyberSound. Your simplified and fundamentals-focused source for all things cybersecurity, with your hosts, Jason Pufahl, Steven Maresca and Matt Fusaro.


Jason Pufahl  00:46

Welcome to CyberSound. I'm your host, Jason Pufahl, joined as always by Steve Maresca, Matt Fusaro. Hey, guys.


Steven Maresca  00:53

Hey. 


Matt Fusaro  00:53

Hey, how are you? 


Jason Pufahl  00:54

And we've got the Vancord CEO joining today, Michael Grande. Nice to see you, Mike.


Michael Grande  01:00

Nice to see everyone. Thanks for having me.


Jason Pufahl  01:02

So, this is our 2022 year in review episode, we can look back, maybe discuss a little bit of some of the changes in the industry, talk about some major things that might have happened over the past year, and I think, you know, as everybody's looking forward to, reviewing our predictions that we made last year, and maybe seeing how we did and maybe lend some credibility to to some of the predictions maybe we have in the future for this upcoming year. Right?


Matt Fusaro  01:32

I'd say we're Oracles.


Jason Pufahl  01:33

That's what I think too. So, Mike, I want to start with you actually. So chatting a little bit about, you know, maybe the some of the evolution in our, say technology support space, right, consolidations and changes certainly happened over the over the past year. What are your thoughts there?


Michael Grande  01:55

Yeah, I think there's been one of the main drivers, I think, from an economic perspective was, you know, the prevalence of free or almost free money from an investment perspective. And what we saw, you know, especially, is the larger private equity players, you know, gaining a lot of interest in the MSP and MSSP space. And I think it really came quite to maybe an apogee last year, or over the last year, with a lot of consolidation and some regional names that have been bought out by more national names, some focused entities, you know, either cybersecurity focused or MSP focused, being part of these large roll up strategies. So, you know, a lot of change, I don't know that the activity is still quite at the peak where it may have been at the beginning of the year. But for sure, you know, we're still seeing a lot of these companies, either joining forces, merging, or being acquired. And I think there's, there's some pros and cons to it, for sure, from a service provider perspective, right. So we've been in this industry for over 15 years, we've seen a lot, and we've seen a lot even in this small space of Connecticut in the Northeast, but the access to different markets and the sort of increasing role that remote work plays with a lot of these folks, you could be talking to a support provider, that's, you know, half a world away with some of these larger companies. And generally, they'll be able to provide reasonably good support, but I think from the client experience perspective, you know, it's, there's a difference, it's, there's so much turnover at some of these companies, especially post transaction that clients on the client side, generally, will, you know, experience a little bit of loss of that legacy knowledge that that customer relationship that they've probably grown accustomed to through the years with their service provider. So, you know, some pros and cons for sure. And I think it'll probably continue into the next year or so, as we sort of see some of these efforts to combine and roll up, continue. One of the other areas, and it sort of lends itself to what we've experienced this year, is a desire for, for clients, from clients to see their service providers offer both that Managed Service Provider, MSP, experience, as well as the security expertise. And you know, a lot of our internal changes certainly reflected some of those trends throughout this year.


Jason Pufahl  04:45

Yeah, in a lot of ways, I think the consolidation that we've seen does validate some of the choices we've made to offer both infrastructure and security services. And, you know, I think originally we went into this thinking clients would like to see more of a separation, but it's pretty clear that clients are really looking for vendors that can provide the sort of the broad spectrum of capabilities, because I think, we're in a position to do now, which is great.


Matt Fusaro  05:07

Yeah, I mean, 2021 into 2022, Cyber Liability Insurance pushed a lot of that, right? Because these clients are coming to people like us and saying, hey, you know, I know you do infrastructure, but I need all these things for my liability policy now.


Steven Maresca  05:23

Right. And it's been helpful, honestly, as that being the impetus for us to educate. The customers, the prospects, and current is well alike, it's, I don't know, I think we've all move forward together is the main message there. 


Matt Fusaro  05:37

Yeah, agreed.


Jason Pufahl  05:38

The, so, the other thing, I think, certainly we experienced over the last year, maybe the last 24 months, has been the supply chain issues. And in many ways, getting the equipment to, to fulfill some of the work that we've been asked to do by our clients, right Mike?


Michael Grande  05:57

Yeah, if this was a segment on the pain points of the last year or plus or, you know, COVID struggles that continue sort of, you know, from an industry perspective, it's certainly a long haul symptom, which is this reliance on chips for so many aspects of what we do from cars, of course, computer equipment, network switching equipment. And really, the reliance on a lot of things coming out of Asia that unfortunately, weren't, aren't being fulfilled in a timely manner. And the lack of manufacturing here in the United States, for sure. And from a network perspective, infrastructure side, so many projects have either been delayed, or put off, or in some cases canceled because of of estimated shipping dates on some of this equipment. And it causes issues for both the client side, of course, and of course, for the service providers. So, you know, we're still seeing it across a lot of our client base of schools, public entities, private commercial businesses, making really key decisions on upgrades that are probably past due, and what they'd like to accomplish simply because of procurement issues and supply chain. So, you know, it's a challenge that probably will last well into 23, and potentially beyond. Hopefully, some of these new efforts by manufacturers will speed up some of this backlog, but definitely a pain point.


Matt Fusaro  07:38

Yeah, I mean, we may even be looking at a railway strike in a week or two, right? That could have another effect on things coming out of the west coast that we have to get over to the east coast for some of our clients.


Jason Pufahl  07:49

Right.


Michael Grande  07:50

And I was talking to someone in a completely different industry, more on sort of the natural organics and different types of materials that they resell, and they were talking about the fluctuation of shipping costs, and how it's just, now you're talking about, we had these huge over the road delays from shipping ports, I remember in October of last year, we were flying out from Anaheim, back to the East Coast, and looking at into Long Beach Harbor, you saw, you know, hundreds of ships sitting there waiting to be unloaded, then they didn't have enough drivers, right? And then, they had enough drivers and the ports released a lot of that and shipping container costs went from $21,000 for container back down to $7,000, or whatever it might be. And now we're seeing this potential railroad strike. And so I think, you know, it's as soon as one thing gets sort of solved or pushed in the right direction, something else potentially may break. So, it's a lot of uncertainty out there.


Jason Pufahl  08:55

So looking back then at maybe our predictions from last year, I mean I think we did okay. You know, certainly, we talked a little bit about say Log4j, and some of the other attacks on libraries or commonly used software. I think we've seen more of that.


Steven Maresca  09:17

I'd say, you know, to some degree that has been true, less than I expected, candidly, and I think that's tied to some of the other trends that we'll talk about in a minute, but definitely was attention placed upon OpenSSL, Apache Techs Commons, Java, you know, some of the more common underpinnings of systems and, you know, newsworthy exploits that were not quite as impactful as Log4j last year, or Log4Shell if that's what you prefer as the term. But yeah, I mean, I think that stood up.


Matt Fusaro  09:52

Yeah, Exchange woes.


Steven Maresca  09:53

Yeah, absolutely.


Jason Pufahl  09:54

Yeah, that's perennial. I think we talked a bit about 5G as a, I don't love the word, but maybe a potentially disruptive technology or one that really had an impact. I don't know. From the consumer space, I think a strong argument can be made that it hasn't done too much to change people's lives. Maybe there's been some other academic things that came out of it.


Matt Fusaro  10:18

Yeah. I mean, as far as changing people's lag, I think that, you know, maybe you saw some faster cell service. But I mean, I'm not sure that I'm a consumer, and you're seeing much benefit from it just yet. Steve, you were talking about research a little bit before we got on here.


Steven Maresca  10:32

Yeah, I think some of what we were predicting was sort of a blossoming of potential attacks against new equipment. I would say that some of that is occurring. I mean, you know, Blackhat, 22, and DEF CON 30 definitely had some 5G related research, you know, API's across multiple mobile carriers, vulnerabilities everywhere. Information revealing issues regarding SIM cards, billing information, purchasing, and that sort of thing, but nothing deeply related to 5G itself. I still think that's coming. But it didn't really come to the forefront this year.


Matt Fusaro  11:18

We did, we did see which I don't think we predicted as part of our what we talked about last year, but we saw a lot of VPN endpoints being exploited this year, we dealt with a few incidents due to it. So that was definitely a target for people.


Jason Pufahl  11:32

Yeah, that seemed to be a really common sort of attack surface that people leverage this year. But on that note, and I don't think, I don't actually think we called this out, was a really a real downturn in sort of the ransomware activity. And then we we certainly had fewer incidents, certainly peers in our space that I've spoken to say, you know, say the same thing. I certainly don't want to convey that there hasn't been ransomware attacks. Obviously, there have been right, but fewer than than previous years, I think there's probably a couple of contributing factors to that. And obviously, the war is one of them, right? Right now, I'm not seeing any reason to believe that we're going to see a dramatic uptick in the upcoming year.


Matt Fusaro  12:16

I'd be cautious about that. I know the Emotet system is back online with newer versions. So that's something to watch out for. They were always a precursor to ransomware. I think, I think as the Ukrainian war progresses, or comes to an end, who knows what it's going to be the next few months, but I think at this point, it's starting to kind of kick up again, we're seeing a lot more intelligence from our partners. Possible botnets getting back online, so.


Steven Maresca  12:46

I think what we predicted was, you know, increasing rates of very specific types of ransomware and extortion attacks, that prediction held true, double and triple extortion being far more common than they were in the year prior. But the overall, you know, gross rate of incidents in that regard dropped and part of distraction, part of crypto prices collapsing. You know, lots of other components influence that aside from simply geopolitical distractions.


Jason Pufahl  13:13

But actually, that's a really good point, of course, is the volatility of the crypto market, I'm sure has had a huge impact on this, right, so that's just one of those other factors.


Matt Fusaro  13:22

Yeah, I mean, especially with a lot of exchanges actually collapsing, it's very possible some of these groups lost a lot of their own money.


Jason Pufahl  13:29

I don't know if anybody wants to spend a second on Twitter, or any any of the social media activity that occurred as a result of that. I mean, it's certainly newsworthy, we didn't predict it. We might have chatted about it in one of the podcasts here in the past, but an argument can be that Twitter's not heading in the right direction right now.


Steven Maresca  13:58

Well, you can, you can only lose 75 to 80% of all of your technical staff and have so much success, I suppose. Whether it survives without a major outage, over the next couple of weeks, remains to be seen. Most of the former Twitter staff that is vocal definitely predicts something on the horizon. I don't know, it's a platform that has been uniquely related to trust and social discourse. And I think that's eroded. That's the main comment I have to say, I suggest.


Michael Grande  14:40

You know, not to sort of look forward to thinking, or I guess prognosticating about what what Elon's desired end was, but you know, I can't imagine someone investing so much into a, into a vehicle such as Twitter without having some sort of an end game, it just his initial three or four weeks have basically thrown the traditional management book out the window of you know, walk in, assess, listen, that doesn't seem like there was any of that. So I'm very interested to know, and maybe this won't come out for quite a while, but what sort of the intent was behind ultimately the, you know, the decisions that were made in the first month or so of his ownership. It just, it's a head scratcher from my perspective.


Steven Maresca  15:43

I mean, I have a poorly informed theory from,


Jason Pufahl  15:47

 Those are the best kind. Let's hear it.


Steven Maresca  15:50

Just from reading what everyone else is that, frankly, he was trying to avoid any sort of criminal implications for gaming prices when he was not necessarily serious about purchasing, and then just doubled down to say, no, really, I was serious, honest, honest, and is trying to do damage control at this point. That's it.


Matt Fusaro  16:11

Yeah. I mean, it's a big undertaking to be in charge of any of these types of systems at this point. So you know, Twitter, Meta, you name it, right? They're being looked at now, as you may as well call them news sources, because that's how people are treating them.


Steven Maresca  16:26

Utilities. 


Matt Fusaro  16:27

Yeah, utilities almost. And yeah, I think he's trying to legitimize the platform for that. I just don't know how you do that right now. That's probably the toughest information technology problem to solve is whether information is good and reliable. That's the hardest problem ever to solve, but it's multi-billion dollar deal if you do. I think that's what he's after.


Jason Pufahl  16:55

You know, that harkens back to an earlier podcast where we talked about, you know, understanding technology, being able to read critically, being able to communicate, like, the fact is, I don't know that that's a technology problem will solve, it is an education problem so you can actually identify good quality news, poor quality news, etc.


Steven Maresca  17:13

I think a lot of the perceived deficiencies of platforms like Twitter, when they're not deficiencies related to marketing, or you know, sale of our personal trends, is an expression where platform inefficiencies are actually things that support social discourse, therefore, they're not negatives. But from a purely value based analysis, of course, they're inefficiencies, why would you do that? That human psychology aspect of it, I think, is where, you know, finance, and optimization and efficiency are incompatible with some of the fundamental purposes of the tools for the platforms.


Matt Fusaro  17:54

Yeah, and, you know, for our purposes here for our podcasts, I think a lot of malicious groups feed on unstructured and maybe broken systems, and Twitter seems to have become that for you know, for the time being. So be careful. It's it is a cyber weapon right now, if someone chooses to use it.


Steven Maresca  18:15

You cannot today search for the name of any Chinese city and receive results that are meaningful. At the moment, it's all a firehose of spam at this point. It's just unmoderated garbage, and it's to distract from legitimate content, as an example of that.


Jason Pufahl  18:37

You know, it occurrs to me, and I hadn't thought about this prior to the conversation, Steve, you mentioned double, triple extortion, ransomware events. Do we ever see data disclosures on a platform other than Twitter? I mean, we see that, but largely it feels like Twitter tends to be the place where, you know, when there is a post by some sort of, you know, hacking group, I feel like that's kind of the first place to see it.


Steven Maresca  19:04

The prominence of Twitter is used as a weapon because it really helps in effecting extortion, if there's a likelihood that it will generate a press response or be seen by many eyes. That says visibility. Yeah, I think that's the reason for it. But does that disclosure land elsewhere? Absolutely, yeah.


Jason Pufahl  19:05

Okay. So let's shift a little bit, right, in the spirit of trying to keep this to our normal sort of length of time, shift a little bit into into the prediction space. Steve, I know you had you had one at least relative to Cyber Liability Insurance.


Steven Maresca  19:37

Yeah, I mean, the market's stabilizing, a lot of the players are understanding that they're perhaps a little excessively aggressive in securing commitments from some customers. Now, I think that they were appropriate, broadly. You've heard us talk about the changing landscape in that regard many times, but there's a maturation at this point in terms of dialogue between carriers and brokers and potential customers to get ahead of the problem much earlier in the year prior to renewal, to help provide time for budgeting, for prepping, for corrective actions, it's a much more healthy conversation than it was a year or two years ago. Now all of the proper parties are involved across an organization. Generally speaking, I expect further improvements overall. I also think and this is just echoing some of the things we hear from conversations with brokers and carriers, we'll see return to the market of some of the players that have exited some verticals, because they recognize that either they're, they've overcorrected for potential costs and risk, or they really think that their market needs to have some degree of broader representation, otherwise, they won't have a robust income as they used to. That's what I think we're really looking to see in the next 12 months or so.


Jason Pufahl  21:09

Probably another one, and we've seen some of this in 2022, so far, and I think we'll see it continue, is that tightening of the regulatory landscape, right? We certainly got, sort of, the GLBA has been pushed a bit, but we're gonna see some more activity there. PCI has been updated, continual evolution of CMMC in the Department of Defense space. I think Steve, you said it well before, which was, we're all maturing in this together to some degree, I think cyber insurance has helped drive that a bit. And I think people also recognizing that they've got regulatory requirements that they need to meet, and probably are treating it a little bit more seriously than I feel like they have in the past. And I think we're seeing some of the maturation to some of these anyway,


Steven Maresca  21:54

I think the smaller orgs are really just starting to wake up, you know, the more mature orgs, those that are contractors with bigger industries, saw these things, year and a half, two years ago. The smaller manufacturers that are, you know, secondary, tertiary subcontractors of other firms are really only just starting to catch up. Many of them are too small, so they're not able or even realistically expected to comply with a lot of the regulations that, frankly, will come down the pike. But I think that's what we'll see over the next few months, six months, once rulemaking actually gets a little firmer in the CMMC space. At the very least, we'll have broader understanding of the complexity of the problem.


Matt Fusaro  22:47

I'd like to see how that all plays out over the next probably around six to eight months or so, with economic downturn, I think economic downturn is going to change the playing field, especially for smaller business. Over that time period, you know, we were recently working on a deal where the IT director was basically told do whatever it takes to stop a ransomware attack, I don't think that language will be used for a while. Do whatever it takes is costing a lot of money right now. So I think, probably the psychology of businesses and how they budget is going to change quite a bit. We'll see what that means for security budgets. I don't know, maybe they won't change? Who knows, maybe, maybe that priority will still be there, but it's definitely gonna be called into question. So be prepared to show value, I suppose. 


Jason Pufahl  23:37

Yeah, the two don't go hand in hand, right, so we're seeing the maturation in regulations, right. I think people are understanding it. But the fact is, they are expensive, right. And not every not every organization has the budget to do all the work that they need to. But you know, I want to be careful and say, you know, that doesn't mean you don't start. Get your roadmap in place, understand what your sort of sequence of improvements is going to be, budget for it, it might take you a few years.


Steven Maresca  24:06

I think what, you know, bouncing off of that comment, I think we'll we're about to see is a far more nuanced discussion about risk management, what risks are accepted, which are deferred, which are considered just tolerable, right, and that will save money, as well as it demonstrate forethought and a lot of areas that candidly probably don't apply to some businesses at all, which I think is the right approach.


Jason Pufahl  24:37

And I think, Michael, we were chatting a little bit about maybe seeing an increasing sort of increasing available funds coming out of the government or even even just increased government support, perhaps. 


Michael Grande  24:49

Yeah. It certainly seems like there's an evolving trend over the last several years, you know, most likely bringing sort of cyber and IT focus from a policymaker and politician perspective, coming out of the last presidential election, talking about election security, and then the new CISA Director with Jen Easterly, and a lot of what went into these midterms and how, you know, really, it's just a constant reminder every two years, every other year, perhaps, on sort of the efforts that are being made from a governmental level. But I think, you know, it was very interesting last year, I think, May, summertime or so, the White House really led that sort of federal Zero Trust strategy, you know, brought that term really into the forefront. I know, there's a pod that you guys had on Zero Trust, a few months ago, but, you know, just having that conversation in the discourse and having politicians understanding the value, and the importance of some of these measures is really helpful. You know, very interesting to see the FBI Director yesterday talk about sort of offensive cyber operations that were taking place against state and non-state actors, really in a little bit of a change from what we've heard from a lot of these entities in the past, you know, sort of the old good, a good defense is a good offense. So, you know, we'll see what those trends continue to show, obviously, several of the economic acts over the last Congress, you know, is they're designated to put more funds into the hands of businesses and state and local entities to make these improvements and changes. So, you know, obviously, that's a, that's a key development that we'll have to be guiding our clients and other service providers who will be hopefully assisting their clients in those areas, and ensuring that they're taking good advantage of some of those opportunities to shore up their presence and stance and, and sort of make those necessary improvements.


Steven Maresca  27:05

I see a lot of those funding opportunities as sort of a federal recognition that a lot of the requests and mandates put into place upon smaller orgs exceed what they're able to achieve. So to some degree, there's sort of a correction and pressure relief valve for that sort of thing. I expect to see more of it, because of that fact, especially if we do enter, you know, legitimate economic downturn, typical practices in that sort of environment. You know, keeping machine shops open, keeping things up to date, when budgets might otherwise be reassigned is integral to all of that.


Jason Pufahl  27:50

So maybe the last thing, because we chatted about it a tiny bit before, is maybe the continued proliferation of smart home devices. But I want to bring that back to a security perspective, right, because clearly, we're seeing everything under the sun being connected to the internet now. I think either matter, Steve, one of you had mentioned that there's a little bit of movement now from, say, wireless enabled or indirectly internet connected to maybe, utilizing some internal proxies, or Bluetooth or things like that, right?


Steven Maresca  28:24

Yeah. So a new trend over the last year or so, but certainly cresting over the last few months, is the release of platforms that don't have any real explicit dependency upon cloud synchronization, or cloud processing or storage. Because it's a recognition of a lot of those providers that either, you know, internet connections required for the thing to work, which is pretty unreliable in a lot of markets, or concerns about data being, leaving the home, there are differentiating factors to be able to say, hey, you know, all of your data is home, it doesn't go anywhere, it's not being sold. We're selling this platform so that you can use Bluetooth and an app on your phone on an old phone that doesn't need a subscription or a connection to manage your device in this this thing that we have for you. The example that I have in mind is a, like a home automation platform with sensors and curtain opening and, you know, thermostats and things like that. The model for what, eight years, has been everything cloud connected. And that's nice. But a lot of people prefer otherwise now anyway. And if you can manage it all from your phone within your local network, or without a network at all, using Bluetooth, there's major benefit there. And that's the trend I'm starting to pay attention to.


Matt Fusaro  29:48

Yeah, I hope it continues down that path versus more cloud connected things. I mean, we're seeing negative impacts of that. I mean, stuff that happened with cars over this year with subscriptions being required to unlock basic mechanical functions, which is just ridiculous in my opinion. But I mean, it's starting to even spill over into things like power tools, that they have things now where if you don't have a key on, your circular saw doesn't work. Right? It's to prevent against staffed and job sites, I get it, but at the same time, I don't know, do we need that?


Steven Maresca  30:25

This is the John Deere model just delayed by multiple years for the home market. And it will backfire in exactly the same way. It's just everyone needs to catch up to that recognition.


Matt Fusaro  30:38

Right. But that's one step away from my circular saw doesn't go 45 degrees, because I didn't get the subscription.


Jason Pufahl  30:44

It is interesting, though, that the idea that you brought up, Steve, that there's a trend toward accessing your home automation from within your home, only. Well, I say that because it literally just happened to me yesterday, where I have Nest Thermostats, I did not turn the one that was upstairs, down like I do every night. But literally, I was only halfway down my stairs, and I stopped and I thought to myself, should I go back up? Or is it easier just to go right back down and launch my Nest app? And so they've gotten that quick and that easy, that I sometimes now don't even bother with the actual thermostat itself, even even if I'm 15 feet away from it.


Steven Maresca  31:25

And you might even extend that by saying, you know, are you losing something by having only the use or having to use only limited to your house? The truth is, maybe yeah, definitely. Most of the companies that are doing what I suggested are actually also giving you a base station that is cloud aware if you want it to be, but at least they're inverting it so that you have a choice as opposed to you know, being railroaded into something you cannot control.


Jason Pufahl  31:52

Yeah, that's fair. I mean, it we are moving though such that sometimes it's simpler to stay in your chair than it is to get up and walk over your thermostat or turn your oven on right, or maybe in Michael's case, actually turn your dryer on.


Michael Grande  32:08

My alarm's going off right now, I think the whites are done. One of the questions unrelated to the sort of Internet of Things topic, really in the spirit of prediction, and only because we're certainly not a we're not experts in the field of you know, financial modeling and economics. However, it is sort of interesting with the collapse of cryptocurrency and maybe just to pick Bitcoin, pick on Bitcoin, maybe maybe a little around the horn of where we think in a year, one of those currencies will be whichever you whichever you choose.


Jason Pufahl  32:50

So this, I guess I could pick a currency. And I'll do that in a second. What I will say is that the people who invest in crypto, I still think makes up sort of the minority of investors. And there's this prevailing idea that the crypto market has it been like a runaway train, and if you invested within the last couple of years, you're way late. And honestly, I would argue there's a lot of settling that has to happen. And we're still really early on this, you know, none of them really have a value that isn't tied to a fiat currency, until you can get that separation. I mean, I feel like we're at the Infancy still. So, you know, for people who feel like they've missed the boat. My opinion is you probably have not. I, from a currency standpoint, I'll go on a limb, I'm really curious to see what happens with Ripple. Now that some of the FTC issues look like they're probably settling out to some degree, or at least there's some movement there. That's one I've been interested in. It's one, I like the sort of financial space of cryptocurrency and stuff that might ease transactions in other countries. So I'm kind of curious to see what Ripple does, in my opinion, Bitcoin is not as interesting to me, there's a variety of others, but I kind of keep my eye there.


Matt Fusaro  34:11

Yeah, I agree with you as far as Bitcoin is not that interesting to me. But I think the real reason is you don't you don't want a volatile asset being a currency that's, that is the detriment of a currency is having a volatile asset. So most of it doesn't work right now. I don't know too much about Ripple personally. So maybe that's a good way to go. But yeah, I mean, most of the ideals though, are going to stick I think as you know, we need better transactions, more efficient settling of funds.


Jason Pufahl  34:41

Yeah, stability is critical. 


Matt Fusaro  34:42

Yeah, you can't have it going up and down and be a call the curtains. It's not gonna work. 


Steven Maresca  34:46

Unless you're trying to build the hype and then make money off of the hype, which I think is a substantial reason that some of this stuff gets,


Jason Pufahl  34:52

Yeah and you can invest in the highs and lows right now in crypto, right, and make some money probably. Do you have a thought, Mike?


Michael Grande  34:59

Well, you know, I'll take Aetherium. And I'll sort of expect that the volatility will continue. And I would say that it'll be under 1,000. You know, this time next year, which is not a tremendous drop, but I think with some volatility and some increases throughout the year, you know, I, I don't want to say I'm hedging, but the sort of the strategies of dollar cost averaging, and then looking for markets, where these different types of currency are going to take off, you know, it's interesting. And Twitter, maybe this is a poor source of some of this information, of course, but seeing sort of the promotion, and pumping done by a lot of sort of, you know, made up celebrities and, and gurus of different markets, and then seeing as fast as some folks can get out of it. As soon as the going gets rough, has been pretty interesting. So sort of more of the stable coin interest for me, I'll pick, you know, sub 1,000 for an Aetherium by next year.


Jason Pufahl  36:09

So maybe this is an appropriate time to say, the views expressed on this podcast are of the podcast members only and should not be considered investment advice?


Steven Maresca  36:21

Or legal advice.


Jason Pufahl  36:23

Or any advice?


Matt Fusaro  36:25

Entertainment purposes only.


Michael Grande  36:27

I think we did our disclaimer, no one can claim that they're looking to us to fulfill their hair Jennifer points. We're good there.


Jason Pufahl  36:38

But your, the stablecoin idea is interesting, right? Because there was the USDT tether existed. And actually, I'm not I haven't looked at that in quite a while. So, I'm not sure what the position is there. But that idea of tying a cryptocurrency directly, essentially, to the US dollar and call it a cryptocurrency? I guess it gives a little bit stability, I suppose. But to RAND. Right?


Matt Fusaro  37:00

Yeah. And I believe the Fed was asked to look into a some type of virtual currency of the realm. So we'll see what that ends up being.


Jason Pufahl  37:09

Yeah, we have to be careful not to become a cryptocurrency podcast. There's a lot of good ones out there. So certainly a few, a few predictions. I'll look forward to next year and seeing kind of where we landed on on a couple of these. I think we did alright. Last year, you know, maybe to varying degrees. Any parting words, from you, Michael, at all? Anything you hadn't covered that you wanted to?


Michael Grande  37:36

I think we covered, we covered quite a bit. And I'm looking forward to the next year. I'm optimistic, I think, from some of the things that were discussed, especially Cyber Liability Insurance and trends in the marketplace. Hopefully, from a governmental support perspective, we'll see that continue moving forward. And, you know, businesses and organizations can continue to strengthen their resiliency and focus on as we always like to say, focus on the fundamentals. They're all positive steps, and moving in a positive direction. So, you know, I'm optimistic moving forward.


Jason Pufahl  38:17

It sounds like, maybe there's some activity on your end, Michael, with the law enforcement, so well, maybe we should adjourn until next year, and see where things stand.


Michael Grande  38:29

Good, good idea.


Jason Pufahl  38:33

Anyway, as always, a lot of stuff in this podcast, probably went a little bit over time. We appreciate everybody listening, if anybody has a prediction that they'd like to make and want to let us know, feel free. If you totally disagree with something we said, let us know. If you heard something about crypto, you make your fortunes. We appreciate to know that as well, even though, we're not giving you any advice, right. Alright, and on that note, it's been a pleasure. Thanks, everybody, for listening.


39:03

We'd love to hear your feedback. Feel free to get in touch at Vancord on LinkedIn or on Twitter at Vancordsecurity. And remember, stay vigilant, stay resilient. This has been CyberSound.