Welcome to another episode of Tech Unhinged, where technology meets human. I’m your host Rabia Javeed and today we are joined by Jason Kaufman, a solutions architect at Teleros with deep expertise in cyber security and cloud solutions. Jason has a track record of helping businesses navigate complex technological challenges and defend against evolving digital threats. He brings a wealth of experience to our conversation. Jason, welcome to the show. Thank you for having me. It’s a it’s a pleasure to be here. Well, Jason, uh we’ll start off a bit candid. So, you know, you’ve had a quite interesting career journey. What initially sparked your interest in cyber security and how did you get into this field? Yeah. Um so, so yeah, I started in the the communication space as as you saw from my my bio uh designing, you know, contact centers and unified communications deployment, anything that had a voice piece of it. But then also there was a a networking component because we you know we got into SDWAN firewalling there was an on-site PBX had to be on the edge of the network. So I was dealing with a lot of CCIEs and telling them that hey I had a device that’s sit in front of yours which you can imagine from a somebody that owns the network that’s like a big no no. So you know you have to get in a lot of these network design conversations. So we’re getting network security and then um kind of morphed into running the operations of a desktop as a service organization running you know Citrix VDI based in Azure uh which got into more of the cyber security on protecting risk and uh you know the identity platforms and all that stuff. Um so I had a you know a decent background for holistically when you look between the eight domains of the CISSP exam you know things that fall under cyber security. Um, so I already had like a a background there and I really like solving puzzles and being in the new role at Toyaris, you know, we we consult with many different customers from, you know, small mom and pop shops to Fortune50 companies and they all have specific needs and saw the same trend across many of them which is, you know, cyber security was their biggest fear and that was the biggest problem that they were looking to solve. So inherently my natural problem solving you know ways I actually I determined hey you know this is something I you know I want to get more into and since I already had kind of a background that spread across a lot of the things uh I just wanted to expand into that and that’s what led me into getting my CISSP CI7 and CCSP so I can actually you know have further in-depth conversations and help those people you know have that peace of mind on hey let’s protect you let’s mitigate a lot of these threats let’s get you to know about them for one and you know go from there. So, uh, long answer on why cyber security. It’s just that everlasting puzzle that keeps changing consistently. And I know we’re going to talk about AI here and how that affects that shortly. Um, so it’s always exciting. It’s always something new. It’s always some something that somebody needs, but it’s ultimately helping people tremendously because it’s the one thing on, hey, cyber security, if you don’t protect yourself, I’ve actually seen it with companies here in my little town of Venice, Florida, you could actually go out of business uh if you don’t protect yourself because you can get locked out of your data. you know, your data can get leaked. You know, there’s many different threats out there. Um, but I like to try to help people from having that happen to them. Pretty impressive, Jason. Uh, moving to our next question. You see that AI is transforming cyber security at an incredible pace. From your perspective, what are the biggest shifts that you’ve seen, how AI is both attacking and defending these systems today? Yeah, a lot of it is around the speed that at which AI works. the human can’t keep up with how fast the machine can go. So from from a threat perspective, think about, hey, now you have the people that are enabled to go, you know, breach or hack a network from externally to where they can type in a human response and say, hey, go go go try to hack this network. And then this this system that was trained on every single piece of of what a a breach, you know, to to get to a breach happens, you know, they’re going to check out vulnerabilities through the the CVES. uh they’re going to check out all this different information, going to do uh reconnaissance of this company on this person’s behalf, which usually is a pretty time-sensitive and, you know, time inclusive thing. It’s going to do all of this instantaneously, and then it’s going to go try to breach this network automatically without this person actually lifting a finger. So, it’s finding all these vulnerabilities. It’s it’s proving escalation. It’s it’s breaching these networks, and then it gives a report on, hey, this is what we found. this is how you can uh you know use this in the future sense whether it’s selling it to somebody else as a third party or you’re using it to to further escalate and get information from this company but it’s effectively autonomously doing all this stuff on behalf of a person. So now you don’t have to be that advanced persistent threat that that hacker that has all this knowledge on networking and you know command line stuff. You don’t have to have all that all that experience. Now you just need to use human human uh you know language and tell the system to physically do it. Uh another thing as well is fishing. Uh so now you know before when you get like a fishing email there would be some markers of it that were easily discern like hey this doesn’t make sense grammatically or this is something completely you know generic that makes no sense to me. Now, they’re actually using these tools to go find information specifically pertaining to the person uh on social media or anything that they posted to make it sound like them. Or if they’re trying to, you know, trying to act like they’re somebody else, they’re going to find how that person speaks. And they’re writing those emails and those text messages exactly exactly pertaining to that use case. And they’re doing this all very easily because they could tell these systems, hey, go find out top 400 people from this company, you know, make me make me an email for each one of them and then spit it out automatically and send this automatically on my behalf. So fishing is is massive right now because it’s much harder to to detect uh what’s a fishing email and what isn’t. So the threats are evolving tremendously and and it’s you know everybody knows from the cyber security space it’s easier to hack a human than it is a network because all the thing you know the common term of human error. Um it’s much easier to do it that way from the defense side is allowing us to react much quicker to when a an alert or anomaly comes in to where you’re having those automated playbooks. You know generally when you heard the term like sore or something like that something that’s like automation orchestration all that stuff. Now that’s adapting to where it has another machine learning perspective behind it to where it’s going to it’s recognizing more and more things rather than just a specific playbook to a specific alert and anomaly. Now it’s you using a lot of like human thinking and reasoning to figure out hey this is the way that we should you know um you know mitigate and remediate this threat. And then the other part is enablement. um seen a lot of requests for this to where uh if you’ve heard like co you know Microsoft’s copilot for Sentinel stuff like that to where now it has a large language model built into the SIM tool to where an alert anomaly comes in it does that playbook automation to where it automatically remediates or contains the threat uh if it can it gives you a spit out on hey we’ve tracked it based on correlation all these alerts back to here’s the steps that we’ve already performed here’s your next five steps that you should try so what that does it enables that new employee that you know fresh out of college or not as experienced as somebody that’s like a 7 to 10 year, you know, sock analyst. It allows them to be hyper effective at their job and, you know, it allows for, you know, quicker training, quicker, you know, quicker in the game there. Uh, so there’s a lot of things that AI is changing from the from the uh from the threat to the defense side. You know what’s more alarming is that it’s so difficult to now differentiate between how a human talks and then how AI talks because you know I probably talk the same way and AI is doing the same. So who is me and who’s not me right? And one one time I did this thing where I wrote something myself and I asked AI if it’s AI plagiarized and it was like yeah it is written by me and then I was like no it’s written by me. Um like like my wife’s also in uh you know in nursing school still. So uh one thing she has to do whenever she turns in a report or an essay or something like that is it takes it through turn it in and the first thing it does is checks it for AI and she’s like I’ve written this entirely without using any AI but it still gives a 90% feedback score on 90% chance this was written by AI. So I mean really the question is how effective is this at knowing who is it written by machine or a human? Yeah. No that’s absolutely true. Um you know coming to my next question Jason um there have been alarming statistics that in 2025 a sign a sign significant 70% of companies are likely to be targeted uh by cyber threats. How do you think businesses are preparing for this increasingly dangerous landscape? So unfortunately I think most of them are not. Um from a lot of the conversations that we’re having a lot of them are I I don’t want to say like they’re accepting the risk u because it then they then they know hey this is what our exposure is. we we know how much you know how much the you know this could potentially cost us from impact um but we’re accepting that and we’re willing to make this payout. We’re willing to you know deal with the consequences. Unfortunately, we’re seeing a lot of people ignore it. Uh there there is still an increase on people that are accepting that hey you know we are a potential target even though we’re small in size. We don’t have you know our data isn’t super important but it does have they do have data of companies that are larger. And the assumption is from a from an from a threat actor is um you know these larger companies have are paying all this money for defense you know governments enterprises in the in the fortune 1000 space like they all have funding and budgets in order to do all this defense and depth. So they they have advanced firewall techniques they have endpoint techniques they’re monitoring all this 24 by7 whether it’s internally through a sock or an MDR provider or something like that. But these smaller companies generally don’t have the budget for that. They’re generally running lean and mean when it comes to profitability. they may have eight to, you know, 10 users, you know, maybe even smaller, but they still have third-party access to these larger companies data, uh, because they’re using their their, um, they’re using their applications, they’re they’re sharing data somehow through an API call or something like that. So, we’re seeing we’re seeing even though it is an increase on how many people are recognizing that they still are a um, you know, a target, it’s still not as many that we that we want to see. We’re trying to tell that story on, hey, there’s some things you could do that are very cost effective that severely limit, you know, the risk that you have. But I think in 2025, we’re going to see either companies start investing in that. We’re seeing that that uptick now. They’re starting to invest. They’re starting to hear the stories. They’re starting to see their friends companies that actually get breached. What happens to them? You know, three generations of of accounting firms, they’re going out of business because they, you know, they got breached and they couldn’t get their data back. Stuff like that. We’re starting to see people dip their toes into just even doing like a backup disco, you know, disaster recovery scenario. Dipping their toes in cyber security maturity without, you know, doing the frameworks, you know, the gap analysis, all that stuff. Um, so long answer to your question. Uh, I think I think we’re seeing an improvement there. Uh but we’re also going to see people still that I don’t think there’s going to be any decreasing in you know the the news of saying hey this company got breached they got breached through this whether it’s an IoT device or it’s a third party of a smaller company that didn’t protect the data like they should. I think we’re going to continue to see that and ransomware is still going to be a problem just because it’s so easy to be a threat actor on like ransomware as a service and that type of stuff where you don’t need to have all that inherent intelligence and experience of breaching systems. You could do it on the piggybacking of somebody else. Oh yeah. Yeah. Um you know when you talk about that a lot of companies are still not accepting the cyber threat. Um by that do you mean that they’ve still not put themselves at the advent of the AI or you know is it something that they just want to ignore? And I think it’s more the the latter. They want they’re ignoring it because they you know they see it as just another expense. um you know just something of line item that came up out of nowhere. they didn’t prepare for it and they’re they don’t um assume that they’re a target because they’re they’re so whatever they want to classify themselves small their data is not important that whatever whatever their you know reasoning is they’re they’re just ignoring the fact that there is a threat out threat out there and they’re not understanding the fact on how AI and machine learning is allowing these threats to expand so much that the threat landscape now is massive to where these threat actors don’t really care how large a company is. They’re going out and searching for vulnerabilities anywhere out in the internet and they get in those systems. You know, the average dwell time still is around, you know, 200 days to where they’re just sitting there learning, you know, how much and how much final impact is this data that I’m holding, you know, hostage right here or can hold hostage, you know, how much can I ask for in Bitcoin or whatever to this company in order to get this back. So, they’re they don’t really care what it is. They’re going out and finding out and then they’re figuring out, hey, we can charge this much because this is what this data is worth to them, the size of the company. So yeah yeah you know I think once they fall in fall down into that puddle only then they realize that you know what security measures that they should have taken in the first place. Um Jason I I’ve seen that you’ve been very vocal about shadow AI and about the risks of unsanctioned AI tools. From your perspective how serious is this challenge? It’s very serious. Um I mean mark market architecture and you know news is pushing all this stuff like chat GPT, Google Gemini, Antropic, Perplexity. There’s many different foundational models out there that it’s easy to go find on a on a search on any search engine. So once people get the word of this like hey I can make my life a lot easier by putting an input and it does this whole print out for me or I can put in this data you know whatever that input is putting in data to get something back that helps me out tremendously. people are inherently going to do this just from you know just human interest and you know you know they you know making themselves more efficient and doing their job on their behalf. So the one thing that we’re seeing from a shadow AI is people are signing up and using these tools and the problem is they don’t understand the impact of putting company data in these tools to get a printout that’s much more effective to them. doing something generic and just saying hey go search for this for you know public internet find me find me a print out on what you’re finding here that stuff is uh you know relatively insignificant to you know the company from a risk perspective but when you start taking data of that company hey generate me a financial report based on these metrics of our you know of our findings that we had over the previous four or five quarters and give me a trajectory of where we’re going to be in the next two years that I can present to our board and the system will do that because it it it recognizes, hey, I have data being inputed me, I have an objective that I need to give this type of export and then do that printout. But what that user doesn’t know is every time you put data into that LLM, that large language model, it is using it to train further responses. So let’s say you know you’re you’re a financial, you’re in the accounting team of a company or an HR team and you’re putting in information that’s confidential and you’re getting that print out that you’re like, “Hey, this is great. This does everything I want it to.” Now a threat actor can go in and ask for information based on your company if they they’re maybe doing some reconnaissance on it and now it’s being spit out with that information that it was trained on which was confidential information. So now that thread actor has internal information that they can use to either go fish or they can you know find out if you’re using specific applications. Heck we’ve even seen people put inputs to where they’re using like usernames and stuff like that to where now the thread actor knows hey this is what a username looks like for this company. Now I have much more information to go on. and I can try to, you know, do like a password spray or brute force or something like that to this specific application with these usernames. Um, so there’s a lot lot of shadow AI and and the negative impact of of people using these tools without knowing uh you know how much risk they’re inherently using on the internet uh or how much risk they’re using to the company by using these stuff using these tools. So I mean you it’s it’s like every AI model that’s operating this particular way. Yeah. Yeah, because they’re continuously learning and the deep learning model is continuous on learning from the inputs that it gets and the and the outputs and then they also have the human and loop feedback to where you can do like the the thumbs up and the thumbs down like hey this is a good response. So it uses that reward system to train itself to say hey this is a good response. Now it’s it’s not it’s not really smart enough to say hey the the response and the way it was delivered was was very good but it also takes it holistically on the data that was presented was correct. So in order to to mitigate hallucinations which is incorrect responses from the large language model they use the human to tell hey this is good or this is not good. They’re starting to build it out to where the where the the the reasoning model and stuff like that can determine it themselves. But having that human say yes this is a great response further trains that large language model hey this is good content this is correct I need to use this in future uh responses as well so that’s that’s where the the answer is yes you know any input to these to these uh large language models trains it for further responses and that’s the inherent problem with their solutions that’s why people are trying to enable their employees so quickly on something that they can govern and control on which data could lead the system, but then also, you know, train their employees on what an input should look like. Hey, don’t put this type of data in there. Also, here’s something that we’re giving you to where we can control what data is staying internal and then which data can potentially go outside the company. But it performs that data loss prevention, data leakage prevention, that type of stuff on the input because now that’s more important than uh you know just making somebody more efficient. So I’ve seen a lot of CIOS and CISOs in order to get around shadow AI and get in front of it. They enable their teams with something uh to give to give access to to use the tools but then they can control everything about it because it’s within their their own tenant and their own environment. Yeah, I mean you kind you kind of answered my next question as well, you know, which was about uh given the shadow AI um you know AIdriven fishing attacks and deep fakes and all of the threats that they are having. How can companies detect and sort of defend against these evolving threats? There’s a lot of tools that inherently uh you know are looking to protect this type stuff and recognize does something look malicious. Uh so you have like email security tools that not only are detecting from malicious domains or domain lookalikes, they’re looking for the the you know the anomalies there. They’re looking for um something that sounds like uh they’re even looking at uh training themselves on how a normal employee sends an email and then would you know how the interaction happens on day-to-day within some digital channel and then seeing if something looks outside of that and reacting to it. So there there are tools that will recognize certain certain behaviors of a of an AI tool. Um, but ultimately a lot of it comes down to a mature cyber security maturity policy and and uh frameworks and all that stuff and most importantly training employees on what to look for. If something comes in from your CEO, CFO or something like that that is something out of the ordinary that they wouldn’t normally request or it goes to a different a account that you’re not really used to in the system. You know, pick up the phone and call that person or if you’re in the office, go talk to that person physically. use a different communication path rather than what it came in. Um just to validate that this is legitimate. Uh I I mean I’ve had a I had a recent conversation with an eight person uh construction team um that they they had six incidents within three months to where the the accounting executive got a um an email from the the owner of the company that said, “Hey, send this much money here.” And they did it six times without recognizing, hey, this doesn’t, you know, before talking to that person and saying,”Hey, I sent that money on your behalf.” And the person was like, “Whoa, what are you talking about?” It totaled over $500,000. Oh. Over the six six different times. So, like we’re we’re talking like stuff that’s not malicious intent. I mean, you do have somebody that’s sending a malicious email that’s not that’s, you know, not, you know, you know, deep fake and being somebody that’s not the physical person that should be sending that, but the person that’s actually sending the money out of the company is not a malicious actor. it’s just somebody that’s not aware to to detect, hey, this seems out of the ordinary. Let me go verify this. You know, verification is, you know, it’s going to add a little bit of time and stuff. You know, it’s going to negatively affect a little bit of your efficiency, but it’s also going to protect you inherently to where you could have potentially mitigated and prevented $500,000 being sent out from your company if you just asked and validated, hey, is this a legitimate, you know, request? Same thing happens with with you know Zoom meetings like this and voice you know voice calls voice biometric detection now is starting to get rampant in the financial industry. So detecting if something sounds like it’s using a voice control or an an accent mitigation technique or something like that. Um systems can tech detect that out and also validate that the person is who they say they are before it even gets to a human. And then you also you have you know what you know and all that stuff you need to validate as well. So there are inherent tools that are helping out a lot of this deep fake stuff uh today and it’s it’s it’s a combination of of continuous innovation on the threat actor side and the continuous innovation on how do we defend against it but ultimately the best path is continuous training to employees to know what to look for and then the defense in depth on you know policies procedures and then a lot of the technical trolls of everything to protect them as well. Yeah, I know this made a lot of sense. Um, this incident was very familiar in one of my previous companies. We had the same thing, you know, where we were receiving emails directly from the CEO asking for money to be sent to a particular account. Getting really good on like even domain spoofing to where if there’s a if there’s an O or something in the in the name of the company part of the domain, they’ll put like a zero there or throw a random S at the end of it to make it look like it’s a plural name. and they react so quick on once they develop this domain and purchase it, uh, the sending the emails and stuff before any domain lookalike tools or anything like that can find it or any services to where it’s it’s making it really hard to to watch because it has the exact same email address besides one letter or one number off or something like that. Sending an email to you directed to you because they did the, you know, the the reconnaissance on your social media and and this person’s social media to see what a normal email would look like from them and, you know, kind of see what the friendship would look like. So they can custom tailor a lot of this stuff can I mean heck if you can get $500,000 off of six emails to somebody that’s really good ROI. Yeah. No, that is. So Jason, while AI is being weaponized for cyber attacks like you know on on a great scale, it’s also strengthening our defenses. What do you think are some of the most promising AIdriven security innovations right now? A lot a lot of it is detecting AI tools themselves. So you know when we’re talking about the shadow AI the first part of any framework in cyber security is knowing what knowing what you have to deal with. So you know they can also they always come in like inspect or you know some other some other synonym of that type of word to where it’s effectively document and know what you have. Um unfortunately shadow AI it’s it’s tough to figure out what employees are using because you don’t have any insight into that besides word of mouth. So like uh I’ve seen a couple different um you know surveys done online and it was at least 40 to 60% of people use AI and don’t tell their IT teams or cyber security teams about it at their company. So now there’s tools to recognize these different URLs and these different uh applications to say hey we recognize this as chat GPT we recognize this as Google Gemini. This device that that is tied to this user is physically using it. And now they’re starting to break open into those packets that are being sent to these tools and seeing actually what the inputs are. So you can see how how you know I don’t say the word malicious, but how unknowingly adding risk to a company this employee is physically you know using these tools for and um so yeah getting visibility into a lot of that is is a big one now that we’re seeing. Another one is the rapid response that we’re talking about earlier. as soon as anomaly comes into either the sim tool or whoever’s you know watching that stuff 24 by7 or whatever tools there you know could be the EDR tool or you know whether you’re using crowd strike defender all that stuff having that automated playbook that start that kicks in and is kind of dynamic depending on what the alert or the anomaly is um seeing a lot of that to where those playbooks are are expanding a lot to where you don’t have to specifically define it it’s reacting based on hey based on this we can go we can go look at hey what’s the CBE what’s the MIT attack framework, what’s all these different reactionary things that need to happen and it’ll do that on the person’s behalf and then it enables the team what to do next. So, we’re seeing a lot of that enablement of the sock teams through automation and uh generative AI plus the detection of a lot of these tools. How can organizations strike the right balance between automation and human expertise in cyber security? I mean, there’s a great question. I mean, I feel like everybody’s assuming automation is going to take over everything. uh because now we’re seeing products out there for like AI sock you know you don’t really need to have a sock team this will do it on your behalf but inherently machine is only as good as the information that it’s trained for so there consistently still needs to be a human in the loop somewhere so even though I think we’re going to see further automation on the lowerhanging fruit the immediate reaction the containment and remediation of known playbooks type stuff and development of those playbooks but I still think we’re going to need the escalation to the human component to where sock analysts uh you can you know you’re going to have the different tiers still to where the the lower the newer sock analysts can can help with the automation stuff and helping build a playbook, help help align and train the systems to know, hey, this is what we should do. This is the next steps and this this was done correctly. And then you have those, you know, veteran stock analysts that can come in and do the stuff that the automation can’t do. So, I think we’re still going to need that higher level expertise, that human component there to where now we’re going to see the fur further hybrid approach to where autonomous is going to take it further and further down the stack, but we still need those human individuals that are hyper competent in order to come in over the top. Um, so I think just like everything else with AI, AI is going to augment and it’s going to help, but I think it’s also going to force humans to become more strategic. So, our cyber security resources are not going anywhere pretty soon. No, no, definitely not. And and if you hear a company tell you otherwise, I would be definitely um I would be hesitant to to put my all all my eggs in that one basket. Jason, compliance and regulations are still catching up with AI advancements and it can be pretty tricky. What legal or ethical concerns should businesses keep in mind? uh a lot of it f like any any type of framework that comes out generally follows the you know the NIS framework and you know they’re they’re mimicking everything from a privacy perspective off stuff like GDPR. So one thing you want to you want to follow is make sure that you know where the data is located and how the data is interacting with these tools and protect the data from leaving the company and also looking at sensitivity labeling and all that stuff. So as long as you like you most companies that that have a a mature cyber security practice already doing that when it comes to emails it’s already they’re already doing it with any type of communication that’s going external where somebody can attach a document or attach information or something like that. They’re already applying these types of tool sets to this. It doesn’t change with AI. Ultimately AI expands that threat because it’s so much faster moving um that you also want to apply those techniques here. So you want to ensure that you’re follow following all privacy policies whether you’re looking at specific state ones. Uh you know you got CCPA California, you got New York, you got you know pretty much every state’s going to come out their own standard but a lot of them have the a lot of the same um you know same components to them and same controls. Uh and if you follow GDPR generally you’re going to be most of the way there. So you want to follow all the stuff that’s known out there so you’re ready for whenever that compliance comes in or that framework requirement comes in. Uh, a lot of it a lot of it’s pretty much the same as what we’ve seen before. It’s just expanding adding the AI as a piece of it. You know, things specifically you want to watch out for. And then if you’re obviously if you’re if you have your own AI application, there’s a lot that needs to go there too. Like generally protecting any type of network or application tooling, you want to do that as well. But most of the time people are using other people’s tools to where they just got to protect the data and the user access to it. You know, given that you talked about how companies at the verge companies are sort of at the verge of all of these threats, I’ve seen this shift in companies with making their own internalized AI models, you know, for their employees where they can sort of ask all the information or get all the information related to the companies. I I think this is also one of the good ways of sort of keeping it central to themselves rather than just putting it out there. 100% agree. And I mean, you’ve seen all these breaches. You know, talking about medical 23 and me is massively in the in the uh, you know, the news right now because of their their breach that they had. Now they’re, you know, filing for bankruptcy and all that stuff. So, you can see a lot of the impact that happens when a breach occurs, you know, especially if you’re holding important information like that. And a lot of people are trying to triangulate health care information to see like, hey, is this person at a risk for, you know, cancer or heart disease and all that stuff based on past history or, you know, there’s a lot of different tools that I’m starting to work with companies on that are trying to develop this stuff and they want to go to market strategy and they’re trying to do all this securely, but inherently they all have the same fear. How do I protect this data to make sure that we don’t have that indirect cost of loss of trust within the marketplace once we start releasing this capability? Um, so we’re seeing a lot there to where people are recogniz especially application developers and the people that are pulling in all this data. They’re starting to recognize, you know, how important it is to control privacy, control the, you know, the the data management and all that stuff. Um, but one thing we’re also seeing with companies is they either coming in asking for like they’re if they’re if they’re in the Microsoft stack, they’re asking obviously for co-pilot. How do we enable co-pilot and and Azure OpenAI within our own tenant and applying all the different necessary controls because everybody knows our back within active directory or enter ID is not going to protect them the way that they think because OpenAI is implemented at the tenant level. So now you need to use data classification with, you know, perview or something like that to make sure you’re attaching sensitivity labeling. You have to get really granular to make sure that you know you’re not crossing organizations as well to where you know you’re still following the path of least privilege to where somebody in accounting is not getting HR data or you know a salesperson isn’t getting information of the CEO and stuff like that. Um so you’re protecting the company from itself there. But then we’re also seeing companies like hey we already have some users using Gemini so they’re used to using Google’s AI tooling. How do we effectively enable it to where we don’t have the investment yet to get to privatize that type of stuff? How do we put in like an application gateway in front of it to where we can protect our users from themselves while also keeping the same tooling that they’re used to in place? So, we’re seeing that type of application enablement to where it comes in over the top of those foundational models. That stuff is super easy. Like there’s stuff there’s, you know, SASbased stuff that’s ready to go for that. Um, so we’re, you know, the idea of where we play is to give them options on different ways to enable their employees for this to protect themselves. And those are probably the two main ways I’ve seen people request it. Either, you know, the Microsoft copilot enablement or the application gateway that allows them to use whatever tool they’re using and then but protect from, you know, automated DLP that patches some form of internal data for a central known point of truth, but then also auditing everything that’s going into this stuff. So, a lot of this stuff’s included with a lot of these platforms, which is cool. at least like the market is is ready for this type of stuff. It’s just education and enabling people to actually do it. Yeah. As long as you know these stakeholders are taking care of the education aspect of it. For for this question, you can think big. Jason, if you had to predict, where do you see AI taking cyber security in the next five years? I think it’s going to continue being a you know the threat actors are going to figure out how they can leverage AI to do something new and u you know try to breach networks in a specific way or breach people you know however they can do it they’re usually the most innovative and then we figure out a way to leverage AI to defend against it. So I think it’s just going to be the neverending battle on you know who’s going to be the leg up you know developing something that’s offensive and then how to defend against it. I think unfortunately we’re going to see the continue iteration and revolving door of that. Um, but I think we’re also going to see an improvement leveraging AI on detection tools of you know trying to be proactive more with certain things you know especially like fishing and all that stuff that’s inherently going to be improved by AI. Um, I think we’re going to see an improvement there as well. I think we’re going to see it further along the lines of the autonomous uh you know the autonomous sock you know having all those playbooks and all that you know secops or whatever they want to call it the soar a lot of people are saying soar is dead it’s just evolved in the sec ops but soar is still a piece of it so we’re going to see a lot of that evolve as the capabilities get get more inherent um to where the automation is going to go farther and farther and more capabilities it’s going to have on reacting to the anomalies that come in but I still don’t see a way for us yet to remove the human in the loop until we have at least some form of AGI or or ASI. Uh something like that to where it’s some, you know, general super intelligent AI that could surpass anything a human can do from a reasoning perspective. I think we’re still going to have there. So long answer of I think we’re going to see a stepladder on each side as one tries to battle the other. Interesting. So Jason, for IT leaders who are working to strengthen their cyber security strategy, what’s one hard-learned lesson from your experience that you’d share as a key advice? Yeah. Uh the biggest one I can say is uh never never get comfortable that you’re completely mitigating and prevented all risks. Um, and also don’t look into point solutions to where I’ve seen many customers all size and shapes come in. They’re like, “Hey, we have enough budget to go out and get this one specific solution for this thing.” Whether it’s we’re going to go get EDR, we’re going to go get email security, we’re going to go do whatever it is. Make sure there’s a framework in place to where you know how everything’s going to work together. And don’t bring in so many different point solutions that your team is now making it unmanageable. uh to where you have so many different platforms you need to go into, so many different alerts from different tool sets that you need to figure out where the actual breach occurs. Um you know, SIM tooling so is only so effective. It’s just another tool in its path. So don’t get so used to having point solutions that fit specific use cases. Find an overall methodology and strategic approach to this. And then also never get comfortable. Um one thing I throw out is one thing I’m seeing a lot more is the whole EDR killer mindset. Um, and the different toolings that come in that surpass that EDR tool that’s on the endpoint, they know how to recognize for CrowdStrike, Sentinel One, Defender, SNET, all those different toolings, and they know how to bypass it and escalate into either the kernel or the drivers, you know, stuff like that to where they can bypass any software software that’s sitting on top of it. So, there’s there’s more sophistication that’s getting into these these threats to where never get comfortable because something’s always evolving. And that’s where I was going in the AI evolving here, here, and here. Um the threats are always evolving so we need to as well. Yeah. Well, great answer. Uh well, Jason, thank you so much for your insights and this incredible conversation that we’ve had. You are very articulate and very well-versed with all the expertise that you have had over years. So, I I really hope that our listeners and viewers would be greatly benefited from this conversation. Thank you so much. Thank you very much for having me.