Privacy Please

Ep. 24 - James McQuiggan - Security Awareness Advocate at KnowBe4

July 01, 2020 Cameron Ivey Season 1 Episode 24
Privacy Please
Ep. 24 - James McQuiggan - Security Awareness Advocate at KnowBe4
Privacy Please +
Help us continue making great content for listeners everywhere.
Starting at $3/month
Support
Show Notes Transcript

This week's episode of Privacy Please, Cam and Gabe have a serious, yet facetious back and forth with the man, the myth, the legend, Mr. James McQuiggan. We discuss his story and how he started out in working behind the scenes for theater, his journey to becoming an Advocate in Security, his spirit animal, and why Dr. Who is everything! Please enjoy and join us for this very funny and informative episode on iTunes, Spotify or where you get your podcasts!

 https://www.linkedin.com/in/jmcquiggan/

Support the show
WEBVTT

1
00:00:01.920 --> 00:00:03.510
Cameron Ivey: We are live. Okay.

2
00:00:04.110 --> 00:00:05.970
Cameron Ivey: Awesome. Alright.

3
00:00:08.429 --> 00:00:18.870
Cameron Ivey: Alright ladies and gentlemen. Welcome to privacy, please. I am your host Cameron IV and with me as always is Gabe gums and today we have a very special guest on his name is James maclagan

4
00:00:19.530 --> 00:00:26.610
Cameron Ivey: He is a security awareness advocate for know before and James. Thank you so much for coming on, man, this is, this is going to be awesome.

5
00:00:27.060 --> 00:00:30.600
James McQuiggan: Oh, I'm thrilled to be here. I've been looking forward to this all week is gonna be a lot of fun.

6
00:00:31.230 --> 00:00:33.570
Cameron Ivey: Great. So I guess to start things off.

7
00:00:34.770 --> 00:00:45.630
Cameron Ivey: Or did you just tell the listeners a little bit about yourself. You know where you came from, how you became security awareness advocate and you know where you're looking to head into

8
00:00:46.440 --> 00:01:01.380
James McQuiggan: Sure. So wow, where I came from. I've had the distinct pleasure of being born in England raised in Canada and now living in the US for the last 30 years so

9
00:01:02.640 --> 00:01:12.750
James McQuiggan: But my start into security into computers goes all the way back to high school was in high school, and there were two things I really enjoyed doing the most

10
00:01:13.530 --> 00:01:28.140
James McQuiggan: One was working in computers and programming them and doing all that fun stuff. The other one was theater where I was in the technical aspects of it. Exactly. Being a performer on stage. I loved all the technical the lighting all the sound.

11
00:01:29.340 --> 00:01:34.980
James McQuiggan: And then when I left high school. It's like, all right, computers or theater. So I went theater.

12
00:01:35.760 --> 00:01:54.780
James McQuiggan: And I followed a followed my education doing several years of college and university and then work professionally here in Orlando, with the Orlando opera company. So I did it for about six years and got to the point my life where you know the money socks.

13
00:01:56.670 --> 00:02:12.030
James McQuiggan: The, the lifestyle was fun. I really enjoyed it a lot of life skills. But then it was like now I gotta, I gotta you know for family and life and what I want. So I got back into computers and that was the late 90s and eight plus certification and working at a help desk.

14
00:02:13.290 --> 00:02:22.710
James McQuiggan: One of the things that I do now is I'm a college professor Valencia college here in town. And one of the things that I tell all my students is

15
00:02:23.130 --> 00:02:37.920
James McQuiggan: You know when you first start working out in it, you have to work out desk for a variety of reasons you, it gives you communication skills. It gives you troubleshooting skills you're typing skills improved tremendously.

16
00:02:39.540 --> 00:02:54.330
James McQuiggan: And it gives you that that environment of getting in with a company, but I started out as a help desk work did that did that for about three years. And then I got hired by a little German company here in town called Siemens, and I worked

17
00:02:55.350 --> 00:03:00.900
James McQuiggan: In their part of the business. But we had a I started working with a database and doing database management.

18
00:03:01.350 --> 00:03:14.160
James McQuiggan: And then I got into another group by the year later. And that was dealing with a monitoring system that was installed at power plants and I basically went from working on the application to doing installations to

19
00:03:15.900 --> 00:03:29.160
James McQuiggan: Then working with networking and the networking aspect was a lot of fun because then again the network security taught myself how to configure routers and firewalls. That was back in the day of pics P IX firewalls, so

20
00:03:30.240 --> 00:03:36.330
James McQuiggan: That was, that was when I I I broke my teeth on was configuring those and then learn the Cisco iOS.

21
00:03:37.740 --> 00:03:38.400
James McQuiggan: And then

22
00:03:39.420 --> 00:03:52.860
James McQuiggan: One of the things in the electricity industry that was very interesting was a thing called NERC sip, which was a set of regulations for power plants transmission facilities that they had to follow by law or would be

23
00:03:54.150 --> 00:04:02.520
James McQuiggan: fined and these were our customers. And so they would come to us and say, hey, are you guys nerds of compliant and my boss friend domain goes, Are we next up compliant.

24
00:04:03.060 --> 00:04:17.970
James McQuiggan: So that took me down the road of compliance and even more security eventually got my CSP 2008 and then I worked for our corporate security office and discovered where my true passion was with security and that was security awareness.

25
00:04:19.500 --> 00:04:35.610
James McQuiggan: Coordinated our information security advisory team and was basically communicating monthly to the business all the different departments and talking about security once a month, had a meeting with all of them. There was, we had a couple hundred of them, and that was great.

26
00:04:36.780 --> 00:04:37.800
James McQuiggan: And then once it

27
00:04:39.270 --> 00:04:52.290
James McQuiggan: got the call from the CEO of our wind division that said, hey, we're having to deal with all this stuff, you know that stuff right like yeah so over the weekend. I went for about three years. And then last summer.

28
00:04:53.430 --> 00:05:08.040
James McQuiggan: I had the opportunity to meet with some folks from know before and by October I was one of their employees as a security awareness advocate and basically with them. It's all about promoting security, security awareness.

29
00:05:09.390 --> 00:05:13.770
James McQuiggan: Going to conferences, giving presentations writing media responses.

30
00:05:14.970 --> 00:05:21.120
James McQuiggan: Blogs white papers. Yeah. And I absolutely love it. You know, people talk about the dream job.

31
00:05:21.750 --> 00:05:30.660
James McQuiggan: Yeah, that's that's right there. It's a lot of fun. I really enjoy the opportunity to be able to talk to people, whether it's through podcasts, whether now with coven

32
00:05:31.410 --> 00:05:48.930
James McQuiggan: It's all been through the lens for the last several months. Starting to get the itch wanting to get back out on the road. But I think 2020 is a wash for for coven for all the presentations this year. This year DEF CON was really cancelled. So

33
00:05:50.850 --> 00:06:03.420
James McQuiggan: Well, yeah. So it's been it's been a fun ride learned a lot from the theater and now just glad to be part of it's interesting meeting. Lots of great people and and learning lots of cool stuff.

34
00:06:04.860 --> 00:06:12.180
G3: Awesome. Well, speaking of meeting. Lots of great people I met this great person on the show James I don't know when we meet for five years ago.

35
00:06:12.420 --> 00:06:20.610
G3: Yeah, so something along those lines and and we met in the local security you know arena in in

36
00:06:21.630 --> 00:06:26.430
G3: In in the Florida area, if you would. Central Florida, which

37
00:06:27.750 --> 00:06:35.070
G3: You are. You're heavily embedded in. So tell us a little bit about some of the other security work that you do in and around the community. I think folks would be interested in hearing about that.

38
00:06:35.130 --> 00:06:36.030
James McQuiggan: Wow. Yeah.

39
00:06:37.290 --> 00:06:48.930
James McQuiggan: So when I got my CSP. I had heard about is to say, and I'd heard about. I knew about it square, but they didn't have any chapters. So I went along to localize as a chapter

40
00:06:49.740 --> 00:06:58.020
James McQuiggan: And got involved with them and became their vice president and then I remember getting a phone call was like March. It was the first year I had been doing it.

41
00:06:58.530 --> 00:07:08.760
James McQuiggan: And the current president said all right I'm moving to Alaska, you're in charge. I'm like, Okay, how do you run a chapter, you know, I'd only seen him do it for a few months at a few meetings.

42
00:07:09.570 --> 00:07:18.120
James McQuiggan: And long ball he took off and I got dropped into the deep end and very good, very much got active with the ISIS. A international folks and

43
00:07:18.660 --> 00:07:28.800
James McQuiggan: In 2014 we have the conference here in Orlando, the big, huge, it is to say one and that just opened up the door to meeting a more people and getting involved with them.

44
00:07:30.930 --> 00:07:36.990
James McQuiggan: But then also, at the same time with i c squared, they have there is c squared Foundation. And one of the things that came out of it.

45
00:07:37.410 --> 00:07:45.900
James McQuiggan: That I really, really enjoyed was there, safe and secure online program and that was geared to kids middle school fifth grade fourth grade.

46
00:07:46.530 --> 00:07:54.090
James McQuiggan: And one of the cool things was is My wife's a school teacher and she taught fifth grade Social Studies at

47
00:07:54.630 --> 00:08:02.250
James McQuiggan: The school like 10 minutes from here and I said, so I got this cool program. I'd love to come teach your class about it. He's like, You're gone down.

48
00:08:02.640 --> 00:08:07.590
James McQuiggan: So I not only did her fifth grade class, but the other five fifth grade classes they had there as well.

49
00:08:08.010 --> 00:08:14.460
James McQuiggan: I did it. That year, and for three more years after that I did it. Middle school I was doing into churches of doing it at other schools.

50
00:08:15.360 --> 00:08:24.690
James McQuiggan: Have kind of like a little circuit going here in Central Florida going and talking to the students about online safety everything from your phones, you know, this was

51
00:08:25.140 --> 00:08:34.320
James McQuiggan: When I started doing it, you know, kids were having computers, maybe mom and dad's laptop, there weren't these things they didn't have the smartphones.

52
00:08:35.430 --> 00:08:42.210
James McQuiggan: They were just coming out with having, you know, becoming more and more popular but kids were starting to get them. And by the time

53
00:08:43.620 --> 00:08:50.130
James McQuiggan: After about five years pretty well. Every kid had a smartphone. When I was going to do these presentations. So it was no longer talking about Facebook.

54
00:08:50.520 --> 00:08:59.040
James McQuiggan: It was talking about what you post on Instagram and knowing that if you post it, and you're not securing your profile that anybody can come find it.

55
00:08:59.520 --> 00:09:09.090
James McQuiggan: And when I said anybody. I knew I got to the kids because it was always the kids in the back and their eyes were wide and they were like, anybody can see this, you know, so

56
00:09:09.690 --> 00:09:20.220
James McQuiggan: They got thinking, oh, you know, just because I'm you know I'm allowing my trying. It's all my friends, but not realizing that if their account was in private everybody could see it. And so that was that was key.

57
00:09:21.150 --> 00:09:26.760
James McQuiggan: When I did those presentations and then I've been actively involved with ice squared.

58
00:09:27.900 --> 00:09:38.610
James McQuiggan: For the last several years with their chapter I run the Central Florida. CHAPTER I did the ice as a one for about three and a half years. And now for the last three and a half years. I've done the ice squared one

59
00:09:39.690 --> 00:09:47.190
James McQuiggan: Last year, the chapter got chapter, we were recognized is the chapter for North America, which was fantastic.

60
00:09:47.580 --> 00:09:49.650
James McQuiggan: And say,

61
00:09:49.980 --> 00:09:51.510
Cameron Ivey: Congratulations. Yeah.

62
00:09:52.740 --> 00:10:05.070
James McQuiggan: I owe it to the Members, I owe it to the board, but it was great. And so now, and of course with Kobe that's put that to a grinding halt. I've known some other chapters and started up virtual meetings, but

63
00:10:06.270 --> 00:10:14.190
James McQuiggan: For me it's all about the networking. It's all about meeting people and having conversations and you can't do that really on zoom meetings or on

64
00:10:15.270 --> 00:10:28.590
James McQuiggan: You know what other platforms you have, it's just, it's difficult. So we're kind of in limbo right now trying to figure out what we're going to do, but I do miss the face to face interactions and but yeah between is c squared.

65
00:10:29.700 --> 00:10:36.660
James McQuiggan: I've been involved. I was involved with the info sec World Conference as well for the last several years, of course, you and I both presented there this week game, which was great.

66
00:10:36.990 --> 00:10:37.170
Yeah.

67
00:10:38.190 --> 00:10:43.230
James McQuiggan: I was like, one of the first ones up on Monday morning. It's like what their am right after the keynote.

68
00:10:44.460 --> 00:10:50.850
James McQuiggan: So I had a good turnout. I was happy to see it and yeah so and hopefully next year we'll be all face to face at

69
00:10:52.080 --> 00:10:52.890
James McQuiggan: Back here in Orlando.

70
00:10:53.220 --> 00:11:02.790
G3: And that'd be great. That'd be great. So your story about talking to the kids about, you know, being secure online it this show is called privacy.

71
00:11:03.330 --> 00:11:09.450
G3: Privacy, please. It's very much privacy oriented that story is very much rooted in the heart of privacy, however.

72
00:11:10.440 --> 00:11:18.420
G3: You can't have privacy without security, you can have security without privacy but not vice versa. Right. And we talked a lot on this show about

73
00:11:18.780 --> 00:11:23.760
G3: You know, cyber St. Louis and private security and privacy risks and how at the center of that is data security.

74
00:11:24.330 --> 00:11:35.760
G3: But a lot of our shows today to really focus, kind of on the privacy risk. We've dabbled a bit in the cyber security risk. But one of the reasons having you on today is really exciting for us is we really want to dig into more of the cyber security risk side of it.

75
00:11:36.030 --> 00:11:36.660
G3: Because again,

76
00:11:36.840 --> 00:11:40.230
G3: You know, without cybersecurity, one cannot achieve privacy.

77
00:11:40.920 --> 00:11:50.310
G3: And and subsequently on this show a lot. We talked about the human factor I think on our last two or three shows. We've talked a lot about you know how people play a part in

78
00:11:50.730 --> 00:12:03.930
G3: In the overall larger space of cyber security and privacy risk aka data security. And so I'd love to hear your thoughts on how the human factor that plays into the security side of world because

79
00:12:04.620 --> 00:12:13.350
G3: Again, I can't say it enough, there is no privacy without security there just isn't I can have security without privacy but not vice versa. Sure.

80
00:12:13.440 --> 00:12:25.140
James McQuiggan: Yeah, no, I agree. But yeah, with regards to, you know, the human factor in cyber security. It's a key thing, you know, a lot of the time, and I'm guilty of this back in my days of working in a help desk.

81
00:12:26.070 --> 00:12:33.360
James McQuiggan: We'd have somebody call up going I can find the any key say okay you know my cup holders broken and it was the old CD ROM tray. Right.

82
00:12:33.960 --> 00:12:34.230
G3: Right.

83
00:12:34.650 --> 00:12:46.470
James McQuiggan: The jokes of yesteryear. But I remember being there going oh my god. These people are so stupid. They don't even know how to use a computer. People need to have driver's license. They got a car, people should get a computer license to use a computer.

84
00:12:49.050 --> 00:12:55.050
James McQuiggan: And I'm guilty of it you know the ID 20 years if you spell that out, you'll get it or

85
00:12:55.290 --> 00:12:55.890
James McQuiggan: Bad, you know,

86
00:12:55.920 --> 00:12:58.050
James McQuiggan: Yeah, just between keyboard and chair.

87
00:12:59.130 --> 00:13:00.390
G3: I always get like every day.

88
00:13:01.200 --> 00:13:13.860
James McQuiggan: Yeah. Um, but one of the things is, and I you know I touched upon it, you know, people should get a licensed on how to use a computer, but I think that's a lot of the big problem that's out there when it comes to the human factor and cyber security is

89
00:13:14.910 --> 00:13:24.570
James McQuiggan: They just don't know. Or they know and they don't care. And when they know and they don't care, then you're getting into human nature, you're looking at culture.

90
00:13:26.010 --> 00:13:33.270
James McQuiggan: And you know, it's not a bad thing because if you think about it, you're driving down the road in your car and your, your zip and down I for whatever

91
00:13:34.050 --> 00:13:47.130
James McQuiggan: Speed limit 70 miles an hour. Yeah, I know it's 70 but I'm doing at I got somewhere to be. You know, I know the rule is 70 miles an hour. I don't do I care must not because I'm doing it because I got somewhere to be.

92
00:13:48.360 --> 00:13:56.700
James McQuiggan: You, you're an employee in an organization and you're getting these emails. It's like, here's another one of these test phishing emails delete delete delete.

93
00:13:57.720 --> 00:14:10.050
James McQuiggan: Or I don't care. I'm going to click on everything. And I've met those people. And so a lot of it comes down to, you know, within your organization, having a policy that reinforces

94
00:14:11.070 --> 00:14:14.190
James McQuiggan: Those type of assessments, when you're doing that, like for example with fishing.

95
00:14:15.270 --> 00:14:21.690
James McQuiggan: Your policies is what dictates how people to behave or the organization or technology is supposed to be behave

96
00:14:22.830 --> 00:14:28.140
James McQuiggan: Relating back to your principles relating back to your vision, your mission statement for your company.

97
00:14:28.920 --> 00:14:39.240
James McQuiggan: And if you're an organization that has a lot of intellectual property has a lot of very sensitive PII information PCI credit card information, so forth.

98
00:14:40.110 --> 00:14:49.050
James McQuiggan: And you have employees that are continually clicking the links and filling these assessments. Well, they're not abiding by the rules of the organization.

99
00:14:49.800 --> 00:15:06.720
James McQuiggan: You know, we all make mistakes, you know, and just company somebody clicks on a link, you don't fire them if it's there seven time in two months. Well, okay. Hopefully there's been conversations. Hopefully there's been ways to work with them additional training discussions.

100
00:15:07.770 --> 00:15:14.400
James McQuiggan: And so forth, versus just, you know, walking them out the door because you know they can't they can't recognize efficient link.

101
00:15:14.700 --> 00:15:23.310
James McQuiggan: But essentially, it comes down to. Are they a good fit for the organization and you know I'd also like to think back to coming out of Siemens were

102
00:15:23.910 --> 00:15:27.960
James McQuiggan: Working in power plants and wind farms. It's all about health and safety.

103
00:15:28.380 --> 00:15:41.310
James McQuiggan: It's all about, you know, when you go up climbing up a tower. You've got the harness on your last off your, you know, your you don't have anything in your pockets can fall out, you know, and if anything happens, that there's an almost an accident.

104
00:15:43.050 --> 00:15:47.610
James McQuiggan: You then you know you have to then go through the report and everything else the same thing with cyber security.

105
00:15:48.030 --> 00:15:57.750
James McQuiggan: You know, we almost need that like zero days and I've talked about it before where you almost need that zero x number of days since our last cyber security incident, you know,

106
00:15:58.500 --> 00:16:12.300
James McQuiggan: Or x number of days and somebody clicked on a fishing link, you know, if you have that. And then everybody is a as a community is in their culture of the organization come together and you know strive to make sure that they don't have those problems.

107
00:16:13.710 --> 00:16:24.810
James McQuiggan: And, you know, if you can work the human layer, you know, that takes care of a lot of the problems because when you think about what what causes these data breaches, what is the root cause of those data breaches.

108
00:16:26.430 --> 00:16:33.270
James McQuiggan: Where you know you look at ransomware well that get, how does it get in, it gets in either because you've got RDP open on your external firewall.

109
00:16:34.740 --> 00:16:47.220
James McQuiggan: You've got or you've got somebody that's clicking links or you've got somebody or you've got unpatched or in configured equipment that's sitting on your perimeter. But a lot of the time it's because somebody gets an email.

110
00:16:48.600 --> 00:16:58.020
James McQuiggan: They react to it they click on the link. They open at attachment, in essence, it opens it up to the bad guys. I always like to use the, the notion of, you know, if you're at home.

111
00:16:58.800 --> 00:17:03.270
James McQuiggan: You're living in a neighborhood and you start hearing about a rash of burglaries going on.

112
00:17:03.750 --> 00:17:14.310
James McQuiggan: Well, then you're going to take the proper steps to make sure that your home is protected, you're gonna make sure that security systems on you've got your monitoring turned on. You got motion sensor lights, maybe bars on the windows. Hopefully not.

113
00:17:15.270 --> 00:17:23.220
James McQuiggan: You might even have that beware of dog sign in the front window which if you have three cats. Nobody knows. You've got a dog unless

114
00:17:23.550 --> 00:17:24.570
Cameron Ivey: They can be vicious

115
00:17:24.810 --> 00:17:25.860
James McQuiggan: It could be vicious cats. Yeah.

116
00:17:26.400 --> 00:17:26.610
Cameron Ivey: Hey,

117
00:17:26.700 --> 00:17:28.020
Cameron Ivey: Cats have no regrets.

118
00:17:28.740 --> 00:17:29.280
Cameron Ivey: I'm just gonna say

119
00:17:32.130 --> 00:17:34.050
G3: We did talk about how cats want to kill

120
00:17:35.550 --> 00:17:36.780
G3: I see that as a cat lover.

121
00:17:38.010 --> 00:17:40.860
James McQuiggan: Yeah, but the minute somebody walks into my house, my cats take off so

122
00:17:42.300 --> 00:17:45.630
James McQuiggan: Unless you're touching their food bowl or their little rocks. Yeah, forget it. Yeah.

123
00:17:46.380 --> 00:17:57.510
James McQuiggan: And then they might be your friend. But I have a beware of dog sign and on my friend window. And when you ring my doorbell. You hear barking dogs. Granted it freaks. The cats out every single time, but

124
00:17:58.380 --> 00:18:05.760
James McQuiggan: I had, I had somebody stopped by my house drop something off and they knew we didn't have dogs and they're like, I didn't know you had a dog. I said,

125
00:18:06.480 --> 00:18:15.810
James McQuiggan: I don't, I said, but it makes you think I do. So when it comes to, you know, trying to break into my own you know there's you thinking there's a dog there. So you're kind of getting away from it.

126
00:18:16.350 --> 00:18:23.310
James McQuiggan: Same thing goes with, you know, in an organization, you know, and this is kind of like the more security people

127
00:18:23.730 --> 00:18:40.530
James McQuiggan: In the leadership positions. If you know organizations are getting broken into and data being stolen. What are you doing for your home, your organization to make sure that doesn't happen a lot of that does come down to the human to the human behaviors, the culture in the organization.

128
00:18:41.850 --> 00:18:52.980
James McQuiggan: We heard gave you probably heard it as well. The, the keynote for Monday for info sec room Jamil and he was talking about within speedy know spirit.

129
00:18:54.330 --> 00:18:54.600
G3: Yeah.

130
00:18:55.170 --> 00:19:05.220
James McQuiggan: Basically culture is a part of one of the four pillars for their company for security is all about human culture and the different things that they do. And I was just like, yes.

131
00:19:05.580 --> 00:19:14.610
James McQuiggan: You know, that's kind of like, you know, I look at security awareness programs or security programs in general, you know, and you've got your ad hoc you've got one that you've got something going on.

132
00:19:15.000 --> 00:19:28.080
James McQuiggan: And then when you've gotten an automated assessment program and you're doing training and people are going through it. That's like phase three phase four is now when you start everybody's doing it without thinking it's all automated on the human level. And it's a part of that culture.

133
00:19:29.160 --> 00:19:30.660
James McQuiggan: So, yeah.

134
00:19:32.160 --> 00:19:34.650
Cameron Ivey: So I have a question.

135
00:19:37.230 --> 00:19:39.540
Cameron Ivey: If you. I don't know if you want to put this in.

136
00:19:40.830 --> 00:19:56.940
Cameron Ivey: It for your company or for just in general, if you were, I guess we can put yourself in the seat of maybe some of the companies that you try to educate around security or maybe some of the schools are you teaching if they had an extra X amount of budget.

137
00:19:58.110 --> 00:20:03.300
Cameron Ivey: How would you spend it, and why or how would you tell them to spend it when it comes to security.

138
00:20:06.090 --> 00:20:15.840
James McQuiggan: Good question, how to spend it on security. So for everything that you're going to do in your organization, you're going to have your procedures, you're going to have your technology and you're going to have your people.

139
00:20:16.980 --> 00:20:25.230
James McQuiggan: And, you know, first of all, I'm going to, I'm going to look at, okay, where where's our weakest link. Where are the problems that we've got the organization.

140
00:20:26.490 --> 00:20:35.160
James McQuiggan: You know, our emails getting in uncontrollably. Okay, then we do we need to bump up the technology aspects, the email gateways and make those a little more secure.

141
00:20:36.090 --> 00:20:45.450
James McQuiggan: Dear people know how to spot a fishing as a phishing email, you know, do we need to do more security awareness. But for me, a lot of it comes down to is, OK, let's see where we need to spend the money.

142
00:20:47.370 --> 00:20:52.830
James McQuiggan: Because overall when it comes to security awareness programs and at least from from know before

143
00:20:54.510 --> 00:21:04.740
James McQuiggan: I can't speak to other companies, but I know from the know before perspective, it is a lot cheaper to get security awareness training and fishing assessments and that full program.

144
00:21:05.220 --> 00:21:19.890
James McQuiggan: Than it is for a data breach. I mean, you know, the, what was it was from the figures I saw the other day, the average ransom nowadays. And that's just an easy one to pick, but the average ransomware fee is about $114,000 average

145
00:21:20.670 --> 00:21:35.400
James McQuiggan: On average, it's about $760,000 to remediate if you get hit with ransomware I assure you, any security awareness program is going to be worth a 10th of that or less depending on how many employees, you've gotten everything else.

146
00:21:35.430 --> 00:21:35.760
Cameron Ivey: Yeah.

147
00:21:36.540 --> 00:21:50.970
James McQuiggan: If you can, you know, you can educate and get your employees and get the culture that's a part of it, then you're looking at your technology aspects as well and get that, you know, because then you make it less work on the humans.

148
00:21:51.990 --> 00:21:57.720
James McQuiggan: Because you're being it you've got the technology to be able to stop the phishing attacks and but if a phishing attack happens

149
00:21:58.110 --> 00:22:07.650
James McQuiggan: And some malware drops and you want to have that technology to be able to spot it and recover from it. So if you can do. You know, you see it, you detected you recover from it, then that's going to help as well.

150
00:22:09.090 --> 00:22:15.120
James McQuiggan: You know, so I think, honestly, a lot of it comes down to is you know where the weakest links and then addressing them that way.

151
00:22:19.200 --> 00:22:20.580
G3: The answer is

152
00:22:20.910 --> 00:22:21.360
Is

153
00:22:26.790 --> 00:22:28.410
James McQuiggan: An interview. So if you have

154
00:22:28.890 --> 00:22:29.790
James McQuiggan: Dollars, what would you do

155
00:22:30.510 --> 00:22:31.920
Cameron Ivey: Will send you an email will let you know.

156
00:22:32.430 --> 00:22:36.930
G3: About a million dollars, but it is a question that we do ask him to show once in a while the exact opposite.

157
00:22:37.290 --> 00:22:39.090
G3: If you only had $100

158
00:22:39.150 --> 00:22:39.480
Cameron Ivey: Right.

159
00:22:39.660 --> 00:22:41.880
G3: It's been on security, what would you do

160
00:22:43.350 --> 00:22:44.550
G3: And I'll see you in raising

161
00:22:46.860 --> 00:22:52.110
James McQuiggan: Um, I only had $100 to spend on security in general overall

162
00:22:52.410 --> 00:22:53.040
Overall,

163
00:22:55.590 --> 00:22:56.760
Cameron Ivey: About getting creative

164
00:22:58.410 --> 00:22:58.890
James McQuiggan: Yeah.

165
00:23:01.050 --> 00:23:03.270
James McQuiggan: Probably go out and buy an expensive bottle of bourbon cuz

166
00:23:05.670 --> 00:23:06.150
James McQuiggan: I'm

167
00:23:07.980 --> 00:23:15.480
James McQuiggan: Hundred dollars. Well, I think, you know, part of it would be, you know, you can't buy any technology for hundred bucks so

168
00:23:15.660 --> 00:23:17.130
G3: When was maybe, but I don't know.

169
00:23:17.790 --> 00:23:19.710
G3: When Rob, maybe, but who knows that.

170
00:23:21.270 --> 00:23:22.170
James McQuiggan: You pay for winner.

171
00:23:24.900 --> 00:23:27.030
James McQuiggan: Um, I've seen some means on

172
00:23:27.120 --> 00:23:27.360
On

173
00:23:29.670 --> 00:23:32.670
James McQuiggan: Honestly, I think what it may come down to is

174
00:23:34.200 --> 00:23:53.880
James McQuiggan: To be creative. I would probably go out and buy a handful of $10 gift cards for Starbucks or Dunkin Donuts or whatever your coffee place and I would give those out to the first 10 people that I saw or the top or 10 people that exhibit it security culture in the organization.

175
00:23:55.290 --> 00:24:03.750
James McQuiggan: And start there, because I would have to be able to see. Okay. Do we have anybody doing cyber security or having that awareness in the organization.

176
00:24:04.380 --> 00:24:14.460
James McQuiggan: And, you know, preventing tailgaters from walking in the front door. You know, those kind of things and reward them and kind of make them go, Oh, I got I got free coffee because you know

177
00:24:16.170 --> 00:24:23.670
James McQuiggan: For something good that I get, you know, and if that kind of gets word word gets spread around. And it's like, Ooh, there's the carrot instead of the sick, the stick.

178
00:24:24.000 --> 00:24:34.530
James McQuiggan: They're not coming to kill us. Every time we click a link. It's like, oh, we got we did something right we got rewarded you know that would hopefully, kind of, say, All right, where's our culture and where do we need to go and then

179
00:24:35.670 --> 00:24:41.730
James McQuiggan: Go back to upper management and go okay, this is what we got to do. And then hopefully get the million dollars.

180
00:24:42.360 --> 00:24:51.540
G3: Like, you're right. So I like your answer a lot because I really have a strong appreciation for not just security culture but incentive programs around security.

181
00:24:52.050 --> 00:25:03.000
G3: On top of the fact that we are too often seen as the Department of know we're also too often seen as the Department of sticks and not the Department of carrots. So I really do appreciate that.

182
00:25:04.230 --> 00:25:17.460
G3: You know, it does remind me, we, we should, because there's there's some cool people out there doing some really cool things in the security sentence world, we should we should probably have some of them in the show. Shout out to to Masha sit over over at

183
00:25:18.510 --> 00:25:26.610
G3: Over at elvidge security for doing similar things right. Yeah, and no shameless plug. We have absolutely no association through this organization.

184
00:25:27.540 --> 00:25:34.560
G3: But it does bring me to my follow up question, which is, again, back to that human element. How do you through awareness.

185
00:25:36.090 --> 00:25:38.580
G3: Offer more carrots. Right.

186
00:25:39.450 --> 00:25:47.040
James McQuiggan: So a lot of it for me. And this has come from running a chapter, this has come from running as a security awareness program at Siemens

187
00:25:48.060 --> 00:25:49.890
James McQuiggan: One of the things that I did.

188
00:25:51.030 --> 00:25:56.400
James McQuiggan: For the is a so the information security advisors. One of the things that I did was

189
00:25:57.390 --> 00:26:13.530
James McQuiggan: We did an annual event every year. I love going to conferences I love meeting people, you know, learning stuff in, you know, in a room full of people and that kind of stuff. So one of the things that I did running the is a program was we did an annual meeting and we did it Disney

190
00:26:14.640 --> 00:26:26.880
James McQuiggan: One of the cool things was Siemens was a sponsor Disney of what Disney and the golf ball was our, our main sponsorship and behind the golf ball, there's actually a set of meeting rooms.

191
00:26:27.510 --> 00:26:38.520
James McQuiggan: And that was available to us to rent that no charge within the organization. So we were able to go do board meetings, we're able to do whatever events at that at that location.

192
00:26:39.540 --> 00:26:44.490
James McQuiggan: We just had to be there for six hours of the day and order the Disney food and you know that's where the money came in.

193
00:26:45.600 --> 00:26:49.590
James McQuiggan: But that was kind of the reward, just to the is the same. The is a members.

194
00:26:50.610 --> 00:27:00.210
James McQuiggan: That, hey look, you know, and the day was spent doing presentations. I had the FBI come in and do a presentation or I didn't get special speakers and that kind of thing.

195
00:27:00.570 --> 00:27:10.920
James McQuiggan: Because that was kind of the reward for them to say, Okay, look, now you need to go out into your departments and spread the carrot, so to speak. So that was kind of like their reward.

196
00:27:12.480 --> 00:27:22.320
James McQuiggan: But I'm all about wanting to give back to the people that are doing the work. And so with the ice squared. Chapter One of the things we did last year which was really cool.

197
00:27:23.580 --> 00:27:33.630
James McQuiggan: We did an annual meeting everybody got a polo shirt with the logo on it. The chapter logo. Everybody got a challenge coin and I have never seen more people hungry, actually.

198
00:27:35.310 --> 00:27:37.200
James McQuiggan: More people hungry for challenge for

199
00:27:43.560 --> 00:27:46.140
James McQuiggan: My you know shameless plug. But

200
00:27:48.900 --> 00:27:53.790
James McQuiggan: But basically had a challenge going for the chapter for our members.

201
00:27:57.600 --> 00:27:59.790
James McQuiggan: I'm not prepared so I don't have it ready anyway.

202
00:28:00.900 --> 00:28:11.640
James McQuiggan: But more people were excited to get the coin than anything else, because it was like almost like the $5 or a $10 gift card. It's that sense of

203
00:28:12.930 --> 00:28:19.260
James McQuiggan: Belonging, you know, you're, you're a member of the chapter. Here's the coin, you know, educate inspire secure

204
00:28:21.750 --> 00:28:34.560
James McQuiggan: And, you know, and promote that within your organization. And so when they they have that bit. And then they see that every day, then that just kind of adds that reminder to, you know, keep that awareness and keep that culture going

205
00:28:37.290 --> 00:28:40.500
Cameron Ivey: That's interesting. And no worries about the coin. You can find it.

206
00:28:40.800 --> 00:28:42.000
If you want to search for x.

207
00:28:43.080 --> 00:28:54.000
Cameron Ivey: We can we can we can throw it in there. At some point, but so one of my questions for you is, you know, aside from coven because I'm sure everybody's had enough talk about Kobe, but

208
00:28:54.570 --> 00:29:04.230
Cameron Ivey: What do you think the biggest challenge you have with your, your current role right now. How are you, overcoming it and the biggest challenge, you're dealing with right now.

209
00:29:05.310 --> 00:29:16.770
James McQuiggan: Well, I think my biggest challenges is not being able to get out and see see people network, you know, part of what my role is is promotion of security awareness.

210
00:29:17.820 --> 00:29:21.600
James McQuiggan: Of know before you know going out to conferences, giving presentations.

211
00:29:22.890 --> 00:29:38.280
James McQuiggan: So that's been honestly that's been the unfortunate part but I found other ways right now. One of the things I do a lot of throughout the day is media responses, you know, will you know something data breach happens or there's a vulnerability or leak. And so we get

212
00:29:39.810 --> 00:29:45.660
James McQuiggan: Were approached to see if we want to provide any comments on that and you know 250 300 word response.

213
00:29:46.320 --> 00:29:57.840
James McQuiggan: You do a couple of those a day but sometimes you get a couple of the company come across your desk and it takes. Huh. Let me do a little research and so you do a little digging. So that's kind of where the the work has been good in that sense.

214
00:29:59.610 --> 00:30:04.920
James McQuiggan: And then doing webinars podcasts. I've done, I've done several podcasts is here, which has been fun.

215
00:30:06.030 --> 00:30:07.830
James McQuiggan: Yeah, you guys are the best so far so

216
00:30:08.760 --> 00:30:09.240
Thanks.

217
00:30:10.410 --> 00:30:10.920
G3: To everybody

218
00:30:13.350 --> 00:30:19.860
James McQuiggan: Doing podcasts as a lot of fun. And, you know, but doing it with people that you know and you know you you get a chance, just to kind of

219
00:30:20.280 --> 00:30:29.550
James McQuiggan: You know, make it seem like a conversation like you're standing up on stage, having a conversation or you're you're doing hallway call and and having that conversation is just this is being recorded and putting out there.

220
00:30:31.230 --> 00:30:39.870
James McQuiggan: But I've done webinars. I've still done presentations. It's I'm even teaching online as well through you know through these virtual meetings.

221
00:30:40.830 --> 00:30:48.090
James McQuiggan: It's not the same that having that in person connection and I do hope this all goes away soon so we can kind of get back to that. But

222
00:30:48.900 --> 00:30:55.200
James McQuiggan: I'm extremely thankful that the know before is in the position that it is that I'm still able to keep doing this and promote this because

223
00:30:55.890 --> 00:31:09.660
James McQuiggan: There are a lot of people working from home and they're even bigger targets. Now we've seen in the initial spike when it came out in March of all the coven phishing attacks, it's still pretty rapid, it's not as high as it was originally. It's kind of

224
00:31:11.430 --> 00:31:17.190
James McQuiggan: Gone down, but there are still 10s of thousands attacks out of the hundred thousand plus that are going on every day.

225
00:31:18.210 --> 00:31:32.670
James McQuiggan: So it's, it's still prevalent but folks don't need to be vigilant when it comes to you know those covert emails or emails coming in. I know for me and know before we we eat our own dog food. I get fish twice a week.

226
00:31:33.900 --> 00:31:38.250
James McQuiggan: I and It cracks me up because not good. I've been good so far.

227
00:31:39.360 --> 00:31:46.680
James McQuiggan: We've had other folks in our organization get, you know, end up clicking on those fishing links and they CEO was one of them.

228
00:31:47.910 --> 00:31:58.440
James McQuiggan: Were and then you got to go through the training again. So for me it's I get when I go to the training, but it makes me more more vigilant on my email when it comes in, especially my work one so

229
00:31:59.910 --> 00:32:08.220
James McQuiggan: It comes in. It's like, hey, we're doing a policy change and we do a stand up meeting every day, which I think it's fantastic. It's kind of kept the

230
00:32:10.500 --> 00:32:15.060
James McQuiggan: The group together the organization together because we have a daily meeting we hear from the CEO.

231
00:32:16.410 --> 00:32:22.770
James McQuiggan: And that's when they usually let us know if there's new policies or changes coming out. We're going to get an email. So if I get an email that comes in.

232
00:32:23.460 --> 00:32:32.790
James McQuiggan: About a policy change. I'm like, Yeah, we didn't talk about it at the meeting. So I'm going to call fish on that one. But if you're in an organization where they don't have that.

233
00:32:33.240 --> 00:32:47.400
James McQuiggan: And you get an email about your policy change or whatever, check with somebody else. Hey, did you get this email. Did you know about this policy change, you know, rather than going, Oh my gosh, I got to open up this PDF and see what's inside here, open up a Word doc and enable macros.

234
00:32:50.610 --> 00:32:56.760
Cameron Ivey: A just to go back to your knock on wood statement is that a hand carved mahogany over there are weak a rockin

235
00:32:57.330 --> 00:32:59.100
Cameron Ivey: Cheek cheek.

236
00:32:59.340 --> 00:33:00.090
James McQuiggan: Teeth desk.

237
00:33:00.870 --> 00:33:01.320
Okay.

238
00:33:05.280 --> 00:33:06.750
Cameron Ivey: Yeah okay that passes.

239
00:33:07.050 --> 00:33:08.040
Cameron Ivey: I'll let that pass

240
00:33:09.240 --> 00:33:22.500
James McQuiggan: This desk has been in my family, my parents had it before me, I'm 35 oh yeah 35 years and then somebody else said it before, so it's very well worn. It's great. I love it.

241
00:33:23.640 --> 00:33:28.620
James McQuiggan: It's actually sits in the middle of my office man cave in here so

242
00:33:28.980 --> 00:33:31.110
James McQuiggan: It's over to my right, or my all my other

243
00:33:31.590 --> 00:33:32.820
James McQuiggan: My other computers.

244
00:33:32.910 --> 00:33:35.040
Cameron Ivey: So, yeah.

245
00:33:35.790 --> 00:33:37.050
Cameron Ivey: Are you and just to give

246
00:33:37.080 --> 00:33:41.730
Cameron Ivey: Paint everybody a picture in your office that isn't on video.

247
00:33:43.170 --> 00:33:45.120
Cameron Ivey: He's got a wall of

248
00:33:47.010 --> 00:33:50.820
Cameron Ivey: Doctor Who. So you're I think you're pretty big fan is that

249
00:33:50.910 --> 00:33:51.720
Sorry, yeah.

250
00:33:53.040 --> 00:33:55.410
James McQuiggan: I was watching Doctor Who before doctor who was cool.

251
00:33:56.040 --> 00:34:16.380
James McQuiggan: You know, add a big surgeons in 2010 11 with with Matt Smith. That was the doctor but I was watching. It's in the 70s when I was 7890 but I was well yeah I mean, and it's when it came back in 2006

252
00:34:17.820 --> 00:34:24.090
James McQuiggan: My wife and my daughter started watching it and it became a family thing. So every Saturday night when it was on we'd sit and watch it.

253
00:34:24.750 --> 00:34:40.020
James McQuiggan: And though we ended up going to Doctor Who conferences and other you know Comic Con type things and meeting the actors and so a lot of what's behind me is artwork from local artists as well as posters from magazines and stuff like that that I collected and and

254
00:34:42.420 --> 00:34:45.360
James McQuiggan: Pictures with the actors autographs, so yeah.

255
00:34:45.660 --> 00:35:00.840
Cameron Ivey: Awesome. That's really neat. So before I jump into our last segment, have some fun questions. Do you have anything that you want to add that we didn't talk about, I always like to bring this up just. Is there anything that you want to throw out there for anyone in security.

256
00:35:01.920 --> 00:35:04.740
Cameron Ivey: Or that you just want to talk about that we didn't touch on

257
00:35:05.880 --> 00:35:06.600
James McQuiggan: Good question.

258
00:35:09.510 --> 00:35:14.790
James McQuiggan: I think we've covered a lot. I mean, yeah, when we look at, you know, the, the Department of know to try and be

259
00:35:16.110 --> 00:35:32.130
James McQuiggan: You know, more accepting try to work with your organization. You know, when it comes to human nature, you know, you're going to have people like I said, you're gonna have people that are going to know, but don't care, you know. So how do you get them to care a lot. Sometimes that involves nudging

260
00:35:33.330 --> 00:35:43.050
James McQuiggan: There's a in the presentations that I do. And I've got to give it to give the the source to Perry Carpenter, who's our chief security evangelist.

261
00:35:44.280 --> 00:35:55.170
James McQuiggan: Who did a lot of psychology analysis on this and I steal it with pride. His slide that has a picture of a urinal from Germany, and it's got a little fly on it.

262
00:35:56.250 --> 00:36:05.760
James McQuiggan: And what it was is it was a story about a German janitor who every night would would be going into the bathrooms to clean around the urinal stalls and the amount of splash.

263
00:36:06.510 --> 00:36:24.300
James McQuiggan: On the floor was a little excessive. So we decided to paint a little fly in each of the urinals. And lo and behold the splash around the urinals was reduced basically giving people giving them a target you know for going the bathroom.

264
00:36:25.800 --> 00:36:26.160
James McQuiggan: Yeah.

265
00:36:27.690 --> 00:36:35.520
James McQuiggan: All these nudges you know and if you can find that knowledge for your organization. You know, you think about when you're having to come up with a password and we all love doing that.

266
00:36:37.080 --> 00:36:48.060
James McQuiggan: But you're coming up with a password and you've got that little bar that's red and then as the more character you type and you put in the uppercase and lowercase and the numbers and the symbol, it turns green and you're like,

267
00:36:48.510 --> 00:36:53.700
James McQuiggan: Yeah, I got a strong bathroom. Okay, you know, I'm being a little you know exaggerating with

268
00:36:55.110 --> 00:37:06.780
James McQuiggan: Relationship with the expression of what you really get your life. Thank God. That one got taken, but you know if you can find that knowledge. Yeah, it gets them in the security mindset gives them that motivation.

269
00:37:08.370 --> 00:37:12.690
James McQuiggan: To to, you know, secure or follow the security practices.

270
00:37:13.830 --> 00:37:26.760
James McQuiggan: But that's kind of that next step when you yeah you got a security program, you get the money you got the funding you implement it, you start fishing, but okay. Now, how do you get the culture bumped up and that's kind of that knowledge is kind of there for

271
00:37:28.020 --> 00:37:28.470
Cameron Ivey: Well, that

272
00:37:29.610 --> 00:37:32.910
Cameron Ivey: That's interesting. In the urinal thing that's, that's great.

273
00:37:34.230 --> 00:37:39.060
James McQuiggan: I love that story. So I've been to Germany, and I've seen them. And I've seen the flies that are on there and I'm like, oh, look I fly.

274
00:37:41.070 --> 00:37:49.590
G3: I love that because I because I understand why the need to paint it was there and I'm deeply troubled by the by the fact that it's a thing. Yes.

275
00:37:50.850 --> 00:37:54.300
James McQuiggan: When you're when you're training a little boys to go the bathroom, you throw in Cheerios.

276
00:37:56.220 --> 00:37:56.820
Cameron Ivey: So,

277
00:37:57.870 --> 00:37:58.350
James McQuiggan: I wouldn't know.

278
00:38:00.300 --> 00:38:09.780
Cameron Ivey: A more serious question for you. If you could end coronavirus by sacrificing one genre of music, what would it be and why country music.

279
00:38:12.600 --> 00:38:14.070
James McQuiggan: I saw that the other day.

280
00:38:14.250 --> 00:38:15.840
Cameron Ivey: Yes, I had asked you that

281
00:38:15.840 --> 00:38:16.710
James McQuiggan: Oh my god.

282
00:38:17.910 --> 00:38:19.500
James McQuiggan: You know, it's funny, I

283
00:38:20.850 --> 00:38:23.340
James McQuiggan: When I moved down when I moved to Florida.

284
00:38:25.830 --> 00:38:34.290
James McQuiggan: I ended up living in Texas for three years. When I met my wife, and we got and I moved over there to get married. And when I moved out to Texas.

285
00:38:35.610 --> 00:38:37.980
James McQuiggan: I got into Garth Brooks and I got into

286
00:38:39.300 --> 00:38:46.950
James McQuiggan: Listening to him for a few years and then I came back and a friend of mine introduced me to Brad Paisley before Brad Paisley was cool and

287
00:38:48.030 --> 00:38:54.660
James McQuiggan: You know, I got it. I had my country music phase, you know, being in Texas. I had the belt buckle. I had the boots. I never got the hat.

288
00:38:56.400 --> 00:39:13.410
James McQuiggan: But ya know if I could get rid of one genre of music. I love it. Be country music. You would probably want to see. I've never been a big fan. And I'm going to get shot for this, but I've never been a big fan of rap music, but I've come to appreciate it over the years.

289
00:39:13.890 --> 00:39:18.030
James McQuiggan: It's fair, the message and the things that I just never understood it. I think that was just my problem.

290
00:39:18.480 --> 00:39:21.240
G3: Is only one right answer to this question dubstep.

291
00:39:21.510 --> 00:39:22.290
dub sounds

292
00:39:23.670 --> 00:39:26.310
G3: I think it's, I think that's already dying off anyways.

293
00:39:26.880 --> 00:39:29.790
G3: Unless of course there's a country dubstep, in which case

294
00:39:32.100 --> 00:39:33.000
Cameron Ivey: There's the right answer.

295
00:39:33.540 --> 00:39:34.200
James McQuiggan: Yeah, right. Yeah.

296
00:39:34.230 --> 00:39:38.760
Cameron Ivey: I grew up on. I grew up an old school country. So, you know, I can kind of relate

297
00:39:39.570 --> 00:39:43.050
G3: Oh, school yeah 20 or Johnny Cash. What are we talking about here.

298
00:39:43.980 --> 00:39:47.430
Cameron Ivey: Man, I'm probably some artists that you guys have never even heard of, to be honest, for the

299
00:39:48.060 --> 00:39:48.390
And

300
00:39:50.220 --> 00:39:52.920
Cameron Ivey: I don't remember the name, so I'm not even gonna try to throw it out there.

301
00:39:53.100 --> 00:39:57.390
James McQuiggan: P for me growing up. It was the Beatles. It was elton john because my parents.

302
00:39:57.420 --> 00:39:57.840
Cameron Ivey: Yeah.

303
00:39:57.930 --> 00:40:02.700
James McQuiggan: My parents were Liverpool. So yeah, it was that's what a lot of what I grew up on and

304
00:40:02.880 --> 00:40:05.550
Cameron Ivey: Those are good ones. What, what's your spirit animal

305
00:40:07.980 --> 00:40:09.090
James McQuiggan: spirit animal

306
00:40:10.410 --> 00:40:13.770
James McQuiggan: Well, it was a dragon fly on on the Harry Potter world, the other day.

307
00:40:15.270 --> 00:40:15.660
James McQuiggan: But

308
00:40:17.280 --> 00:40:31.860
James McQuiggan: My spirit animal. Good question, never really thought about that. And it was funny because a couple years ago I went on a couple job interviews and I actually, I got prepare or I was looking at interview questions. And that was one of them. I'm like why am somebody

309
00:40:33.510 --> 00:40:41.070
James McQuiggan: Would we want to ask that question, is it just to kind of think about how quickly people can think on their feet and come up with a response for which

310
00:40:41.100 --> 00:40:41.460
Cameron Ivey: Maybe

311
00:40:41.910 --> 00:40:43.080
James McQuiggan: You know, it might be that

312
00:40:43.770 --> 00:40:47.460
Cameron Ivey: Um it to see how they think of themselves, maybe, or I don't know.

313
00:40:48.450 --> 00:40:51.630
James McQuiggan: It's kind of, it's interesting question, but I think a spirit animal

314
00:40:51.780 --> 00:40:53.310
Cameron Ivey: Either that or what's your favorite animal

315
00:40:58.770 --> 00:41:01.230
James McQuiggan: Favorite animal probably

316
00:41:02.280 --> 00:41:04.680
James McQuiggan: Either a lion or a Jaguar.

317
00:41:07.440 --> 00:41:13.980
James McQuiggan: The lion, for several reasons, from the fact that I've always enjoyed the movie The Lion King. I love the music in the Lion King.

318
00:41:14.190 --> 00:41:19.830
James McQuiggan: Not, not the not the elton john music, but the African tribal music

319
00:41:20.070 --> 00:41:21.030
Cameron Ivey: Okay, yeah.

320
00:41:21.540 --> 00:41:22.920
James McQuiggan: I don't know what it was, but it was just

321
00:41:23.460 --> 00:41:24.060
Cameron Ivey: Uplifting

322
00:41:24.180 --> 00:41:29.400
James McQuiggan: It was extremely, extremely coral. It was just like at you're pumped, you know,

323
00:41:30.990 --> 00:41:42.570
James McQuiggan: And I always enjoyed that. But the jaguar was because when I got married. One of the things that I was responsible for was the limousine from to take us from the church to the reception.

324
00:41:43.290 --> 00:41:53.790
James McQuiggan: And when I saw what the cost of it was. I'm like, You gotta be kidding me. This under 350 for 20 minute ride. And I'm like, let's see if I can rent a car. So I rented a Jaguar.

325
00:41:54.990 --> 00:42:03.840
James McQuiggan: And had it for for four or five days and loved riding the Jaguar and of course that set off a whole thing of studying about jaguars the animal, the car and everything.

326
00:42:05.160 --> 00:42:05.850
James McQuiggan: That was probably

327
00:42:05.880 --> 00:42:07.590
Cameron Ivey: That was my mom's dream car.

328
00:42:07.710 --> 00:42:15.450
Cameron Ivey: And I know at the time. Yeah, I know that they've come they've made more affordable models. Nowadays, which is pretty neat, but

329
00:42:15.990 --> 00:42:17.490
James McQuiggan: I always think, Hey, I'm

330
00:42:17.910 --> 00:42:21.240
James McQuiggan: Driving that Jaguar around that week was the second best thing that happened that week.

331
00:42:22.680 --> 00:42:23.850
James McQuiggan: You know, besides getting married.

332
00:42:24.150 --> 00:42:24.510
Yeah.

333
00:42:25.560 --> 00:42:27.360
James McQuiggan: And as much as I would tell my wife.

334
00:42:27.450 --> 00:42:28.470
Cameron Ivey: James. She's not around.

335
00:42:32.340 --> 00:42:32.970
G3: Long as

336
00:42:34.830 --> 00:42:40.770
James McQuiggan: Well, the funny thing. The funny thing was we joke. She would tell me for years that if I ever bought a Jaguar it better come with a shower.

337
00:42:41.550 --> 00:42:47.730
James McQuiggan: That's where I'd be living my garden. So my goal one days is hopefully all in one. But, you know, I'm

338
00:42:47.820 --> 00:42:49.950
Cameron Ivey: A big car or being small shower.

339
00:42:51.030 --> 00:42:51.570
Cameron Ivey: Yeah.

340
00:42:52.860 --> 00:42:58.650
Cameron Ivey: I'm not even gonna ask you this because I already know it. What's your favorite TV show, obviously, Doctor Who, I would imagine.

341
00:42:59.160 --> 00:43:05.610
James McQuiggan: Doctor Who is a big favorite um you know I love watching friends, especially now that it's on back on a

342
00:43:06.120 --> 00:43:07.110
Cameron Ivey: Ustream classic

343
00:43:07.860 --> 00:43:15.690
James McQuiggan: You know, How I Met Your Mother. The comedies, I love, I love TV shows that entertain me but then also challenged the intellect.

344
00:43:16.080 --> 00:43:19.050
James McQuiggan: Yeah, Sherlock that they had on BBC was brilliant.

345
00:43:19.800 --> 00:43:20.460
Cameron Ivey: I was so good.

346
00:43:21.570 --> 00:43:23.430
Cameron Ivey: But they had two brilliant actors too. So

347
00:43:23.460 --> 00:43:30.000
James McQuiggan: Oh yeah, oh yeah, I started watching. I watched the first episode of Perry Mason, the new one that was kind of interesting.

348
00:43:30.030 --> 00:43:32.040
G3: There's a new very basic. Wow. Yeah.

349
00:43:33.060 --> 00:43:36.960
James McQuiggan: But it's completely different. He's a detective in the 30s. It's bizarre.

350
00:43:38.490 --> 00:43:39.210
Cameron Ivey: But is that there's a

351
00:43:39.570 --> 00:43:40.380
Cameron Ivey: Oh, sorry. Go ahead.

352
00:43:40.830 --> 00:43:44.400
James McQuiggan: I was gonna say the one show that is the family favorite though would be jeopardy.

353
00:43:44.730 --> 00:43:45.810
Cameron Ivey: It's our oh yeah

354
00:43:46.020 --> 00:43:47.550
James McQuiggan: The One Show we watch every night, but

355
00:43:47.910 --> 00:43:49.020
Cameron Ivey: I can't watch it with my wife.

356
00:43:50.040 --> 00:43:50.940
Cameron Ivey: Gets every answer right.

357
00:43:51.300 --> 00:43:59.490
James McQuiggan: Well that's it's funny you should say your wife, because with my wife, she gets all the answers because she's been on the show.

358
00:44:00.060 --> 00:44:00.840
Cameron Ivey: Oh, that's awesome.

359
00:44:01.560 --> 00:44:03.600
James McQuiggan: Yeah, it was about eight years ago, she did it.

360
00:44:03.660 --> 00:44:04.410
Cameron Ivey: That's really cool.

361
00:44:04.590 --> 00:44:06.720
James McQuiggan: There and we did a whole family vacation around it.

362
00:44:07.110 --> 00:44:08.160
Cameron Ivey: Jeopardy shameless plug.

363
00:44:09.120 --> 00:44:09.420
Yeah.

364
00:44:10.950 --> 00:44:17.640
G3: Pro Tip. Everyone should have a default answer my default jeopardy answer is Ben Hur I don't know the answer. Go and better every time.

365
00:44:18.690 --> 00:44:20.250
James McQuiggan: And her 42

366
00:44:20.970 --> 00:44:22.350
G3: Yes, also.

367
00:44:23.040 --> 00:44:25.200
Cameron Ivey: I think the correct term is what has been her

368
00:44:25.290 --> 00:44:26.310
G3: What is better, who

369
00:44:29.280 --> 00:44:29.820
Cameron Ivey: Has been her

370
00:44:32.010 --> 00:44:32.910
Cameron Ivey: iPhone or Android

371
00:44:33.900 --> 00:44:36.570
James McQuiggan: Oh hello iPhone. Okay.

372
00:44:36.600 --> 00:44:38.520
Cameron Ivey: Thank you. Thank you. We don't even go into that.

373
00:44:39.480 --> 00:44:43.740
Cameron Ivey: If. If your house was on fire. What two things would you run back and get

374
00:44:45.630 --> 00:44:46.470
Cameron Ivey: I'm throwing them out. Yeah.

375
00:44:48.540 --> 00:44:54.900
James McQuiggan: If I had time and I knew the family was safe. It would be the wedding album in my hard drives my backup partners.

376
00:44:55.800 --> 00:44:57.570
James McQuiggan: You go together, we know

377
00:44:57.600 --> 00:44:57.810
Cameron Ivey: Why

378
00:44:57.960 --> 00:44:59.070
Cameron Ivey: Why, oh, save yourself.

379
00:44:59.370 --> 00:45:02.280
G3: We know James does not trust the cloud to backup the data.

380
00:45:03.300 --> 00:45:08.970
James McQuiggan: Know I have, I have the Cloud, but it can no longer take to download four terabytes of data or 12 or

381
00:45:09.000 --> 00:45:11.100
James McQuiggan: 12 terabytes. It's all my photography pictures.

382
00:45:12.720 --> 00:45:14.490
James McQuiggan: What was the previous question you had

383
00:45:14.520 --> 00:45:15.690
Cameron Ivey: About the iPhone, Android

384
00:45:16.080 --> 00:45:29.310
James McQuiggan: So funny story. When I worked at my last job, there was one of the security guys who is diehard Android, and I was diehard iPhone and every time a vulnerability come out, he'd send me an email every time there was an

385
00:45:29.310 --> 00:45:30.840
James McQuiggan: Android phone, the ability to send me an email.

386
00:45:31.290 --> 00:45:46.680
James McQuiggan: BEST THING EVER. WE HAD THE FBI one of our one of these conferences and I turned to the FBI agents for them. I said, Alright guys, which one's better Android or iPhone and they all looked at me, they looked over my part. My buddy and they look back at me and went iPhone and I

387
00:45:46.890 --> 00:45:47.400
Guess.

388
00:45:48.600 --> 00:45:50.670
G3: I'll tell you, I got blue snark that

389
00:45:51.720 --> 00:45:53.730
G3: at DEF CON couple years ago and

390
00:45:53.820 --> 00:45:58.770
G3: Now I've gone back to iPhone. For that reason, like my inner geek loves the Android

391
00:45:58.860 --> 00:45:59.490
G3: Yes, but

392
00:45:59.970 --> 00:46:04.200
G3: By laying the security side like I can't do it. I just can't do it. No offense. I mean,

393
00:46:04.260 --> 00:46:14.040
James McQuiggan: Yeah, yeah. And the, the Android, they're both great phones, they do what you need to do. There are some people that when I look at it, it's Coke or Pepsi, you know, VHS Betamax

394
00:46:14.280 --> 00:46:14.730
Um,

395
00:46:16.140 --> 00:46:16.500
James McQuiggan: You know,

396
00:46:16.530 --> 00:46:18.570
James McQuiggan: Did Kevin or not, you know,

397
00:46:20.040 --> 00:46:20.640
James McQuiggan: So,

398
00:46:21.360 --> 00:46:26.910
Cameron Ivey: Isn't the iPhone coming out with androids old idea 10 years ago about the live tiles.

399
00:46:27.390 --> 00:46:28.530
James McQuiggan: Yes, yeah.

400
00:46:29.520 --> 00:46:31.020
Cameron Ivey: Yeah, about time. Yeah.

401
00:46:31.140 --> 00:46:41.190
James McQuiggan: I'm for me I'm like yeah i mean i i sit there and go, what are they gonna cut, you know, how can they come up with new ideas every year. And then I like, Oh, that's right. They just look at what Android did and

402
00:46:41.190 --> 00:46:41.370
Cameron Ivey: Then

403
00:46:42.210 --> 00:46:42.570
James McQuiggan: And then they

404
00:46:42.990 --> 00:46:45.540
Cameron Ivey: Yeah, they got so many years to just add one each year.

405
00:46:46.590 --> 00:46:56.490
James McQuiggan: Yeah, I, I'm still waiting for the the capability of double tapping seeing all the apps and hitting one button and closing them all at once. They still don't have that in there.

406
00:46:57.570 --> 00:46:59.220
James McQuiggan: So you got to close on one of the time it's a

407
00:47:00.210 --> 00:47:01.770
Cameron Ivey: Hey, a guy can dream.

408
00:47:02.160 --> 00:47:05.910
G3: And I heard the next version of the iPhone is actually going to lie to make phone calls. Now,

409
00:47:07.380 --> 00:47:08.100
Cameron Ivey: That's the thing. So

410
00:47:09.300 --> 00:47:09.600
I just

411
00:47:10.710 --> 00:47:11.040
Cameron Ivey: Feel

412
00:47:11.280 --> 00:47:11.640
Cameron Ivey: I feel

413
00:47:15.000 --> 00:47:19.320
Cameron Ivey: I feel like the only thing I get every day now is scam likely that's about everything like

414
00:47:19.410 --> 00:47:30.900
James McQuiggan: Am like a good friend of mine, Chris gave me this sticker. So I have that on the on the back on my wife's got 100 kids on her phone to everybody gets a kick out of it, especially when we're taking pictures. They're like,

415
00:47:33.840 --> 00:47:36.540
Cameron Ivey: Well James has been awesome. We really appreciate you coming on.

416
00:47:37.710 --> 00:47:38.730
G3: Really appreciate it.

417
00:47:39.120 --> 00:47:45.030
Cameron Ivey: Yeah. So, is there anywhere that you have people follow you are on social media. Do you like that kind of thing.

418
00:47:45.540 --> 00:47:55.050
James McQuiggan: Yeah, I'm, I'm on Twitter at at James underscore mcquillan i'm sure that'll probably show up in the show notes or I'm on LinkedIn as well.

419
00:47:56.190 --> 00:48:04.080
James McQuiggan: As James maclagan there are two. There are several of us in the world. One of them is my cousin, but he's based in Scotland, so

420
00:48:04.260 --> 00:48:06.900
Cameron Ivey: Oh, nice. You have is a Scottish

421
00:48:07.200 --> 00:48:08.070
James McQuiggan: Yeah yeah

422
00:48:10.260 --> 00:48:13.200
Cameron Ivey: Man, I might need to talk to him, I love, I love the Scottish accent.

423
00:48:13.860 --> 00:48:15.480
Cameron Ivey: Oh, we're gonna try one right now but

424
00:48:16.200 --> 00:48:16.590
If

425
00:48:19.590 --> 00:48:23.250
G3: You have a speaking of Scottish I got from the Highlands right here and

426
00:48:24.210 --> 00:48:24.990
G3: You also have a

427
00:48:25.290 --> 00:48:29.760
G3: Live right now from info sec world so folks should go check that out now.

428
00:48:30.210 --> 00:48:31.140
James McQuiggan: It's on demand. Yeah.

429
00:48:33.240 --> 00:48:34.740
James McQuiggan: Your Cloud talk is good, man.

430
00:48:35.130 --> 00:48:36.120
G3: I appreciate it.

431
00:48:36.240 --> 00:48:37.680
James McQuiggan: I had a plan, while I was working

432
00:48:39.420 --> 00:48:43.530
James McQuiggan: I was kind of the cool thing with the virtual I could actually be working on stuff and look up and listen and

433
00:48:43.530 --> 00:48:55.860
G3: No. Yeah, it was good. I appreciate it. I gotta tell you guys pivoted really really quickly. And that one is better than better than I could have imagined. So it was really awesome, awesome work by the info sec world stuff.

434
00:48:56.040 --> 00:49:00.540
James McQuiggan: All number and all that God. They all did a fantastic job with it, but

435
00:49:00.600 --> 00:49:02.100
James McQuiggan: Let's get in real life next year.

436
00:49:02.460 --> 00:49:03.540
G3: Yes, yeah.

437
00:49:04.500 --> 00:49:04.830
Cameron Ivey: Awesome.

438
00:49:04.950 --> 00:49:09.720
G3: Well, thanks so much for coming on James I really appreciate it. We need and want to have you back.

439
00:49:09.960 --> 00:49:12.060
James McQuiggan: Absolutely. Thank you. Definitely.

440
00:49:12.150 --> 00:49:13.320
Cameron Ivey: Thanks James. Cool.