1 00:00:00,522 --> 00:00:01,692 Cybersecurity today. 2 00:00:01,692 --> 00:00:05,322 Would like to thank Meter for their support in bringing you This podcast 3 00:00:05,712 --> 00:00:10,872 Meter delivers a complete networking stack, wired, wireless, and cellular 4 00:00:11,022 --> 00:00:16,242 in one integrated solution that's built for performance and scale. 5 00:00:16,512 --> 00:00:21,192 You can find them at meter.com/cst. 6 00:00:22,851 --> 00:00:24,681 Welcome to Cybersecurity Today on the weekend. 7 00:00:24,921 --> 00:00:29,511 We have a great guest for you today and a rare treat in that my friend 8 00:00:29,841 --> 00:00:32,901 David Shipley is actually coming in for this interview as well. 9 00:00:33,321 --> 00:00:36,111 Our guest, though, that you don't know, is Neil Bisson Nil. 10 00:00:36,141 --> 00:00:36,621 Welcome. 11 00:00:37,311 --> 00:00:37,671 Thanks. 12 00:00:37,671 --> 00:00:38,511 Thanks for having me on, guys. 13 00:00:38,511 --> 00:00:39,441 Really excited to be here. 14 00:00:40,221 --> 00:00:42,651 Can you tell us a little bit about yourself, Neil? 15 00:00:42,701 --> 00:00:45,311 just for the audience who doesn't know you, just a little bit of background 16 00:00:45,311 --> 00:00:48,871 and then I'll reveal why that's so important for this discussion. 17 00:00:49,381 --> 00:00:49,741 Great. 18 00:00:49,901 --> 00:00:52,661 yeah, so I am a retired intelligence officer with the Canadian 19 00:00:52,661 --> 00:00:53,771 Security Intelligence Service. 20 00:00:53,771 --> 00:00:59,351 I retired in 2020 and, after I retired, I realized that, there's still a lot of work 21 00:00:59,351 --> 00:01:02,441 to be done when it comes to understanding National Security Intelligence collection 22 00:01:02,441 --> 00:01:04,721 here in Canada and the importance of that. 23 00:01:04,721 --> 00:01:08,281 So I took it upon myself to, start the Global Intelligence Knowledge 24 00:01:08,281 --> 00:01:12,701 Network, which is basically a digitally based company that, gives me an 25 00:01:12,701 --> 00:01:16,871 opportunity to speak to the media about issues relating to everything 26 00:01:16,871 --> 00:01:22,461 from cybersecurity, cyber espionage, to intelligence collection, terrorism, 27 00:01:22,591 --> 00:01:25,681 all that interesting stuff that, we see on the news from time to time. 28 00:01:25,681 --> 00:01:27,871 So I'm, I've been doing that since then. 29 00:01:28,321 --> 00:01:31,571 And, 2023, I, decided to, I wanted to. 30 00:01:31,936 --> 00:01:35,416 See a little bit more about how the cyber side of things is interacting 31 00:01:35,416 --> 00:01:37,156 with, national security intelligence. 32 00:01:37,756 --> 00:01:43,416 And I took a IBM course for, cybersecurity analyst and that got me a little bit 33 00:01:43,416 --> 00:01:46,866 more into understanding what some of the vulnerabilities that we're seeing 34 00:01:46,956 --> 00:01:51,566 on the digital plane as well as on, just our own national security issues. 35 00:01:51,616 --> 00:01:55,246 For those who are wondering what this has to do with cybersecurity, I think you've 36 00:01:55,336 --> 00:01:59,666 started to make that bridge and that there's a lot of work that we talk about 37 00:01:59,696 --> 00:02:02,546 nation states And how they're involved. 38 00:02:02,546 --> 00:02:04,946 And that's one of the things I want to talk to you about today, 39 00:02:05,496 --> 00:02:08,556 this discussion is to give us some sort of perspective on this. 40 00:02:08,556 --> 00:02:12,816 We, and the problem is we get the news, like it comes at us, piece by piece. 41 00:02:13,086 --> 00:02:17,286 And it's really difficult to get a full picture of what's happening. 42 00:02:17,316 --> 00:02:21,416 I think people this news comes at them like out of a fire hose. 43 00:02:21,876 --> 00:02:22,896 Need a little perspective. 44 00:02:22,896 --> 00:02:24,901 So just wanna back up and talk a little bit about that. 45 00:02:25,231 --> 00:02:32,846 Can you talk about your perspective, uh, as, um, as An intelligence 46 00:02:32,846 --> 00:02:35,246 officer and how you see the world. 47 00:02:35,246 --> 00:02:39,126 Can you share that picture with us as to what, when you think 48 00:02:39,126 --> 00:02:42,606 about the world in terms of nation states, what are you thinking about? 49 00:02:43,386 --> 00:02:46,716 Yeah, so I started my, career with the federal government in 50 00:02:46,716 --> 00:02:48,416 the late eighties, early nineties. 51 00:02:48,776 --> 00:02:50,536 And at that time, it was. 52 00:02:51,316 --> 00:02:54,136 Telecommunications and, the internet. 53 00:02:54,136 --> 00:02:55,636 it was just burgeoning back then. 54 00:02:55,686 --> 00:03:01,516 now everyone's life is basically somehow connected to either social media or, the 55 00:03:01,516 --> 00:03:03,826 way that we interact with one another. 56 00:03:03,826 --> 00:03:06,876 The way that we communicate with one another, the way that we, basically 57 00:03:06,876 --> 00:03:08,256 talk about our own interests. 58 00:03:08,766 --> 00:03:10,476 It's all out there, it's all on the internet now. 59 00:03:10,626 --> 00:03:14,516 And that has changed fundamentally the way intelligence organizations 60 00:03:14,546 --> 00:03:19,826 look at collecting information and targeting individuals that they want 61 00:03:19,856 --> 00:03:21,536 to collect further information from. 62 00:03:22,316 --> 00:03:26,126 So one of the big concerns that I think everyone should be aware of is the 63 00:03:26,126 --> 00:03:31,656 fact that the more that you're putting out there, if, foreign intelligence. 64 00:03:32,016 --> 00:03:36,756 State actor or even a non-state actor who's being utilized by a foreign state 65 00:03:37,596 --> 00:03:40,896 is looking to garner that information. 66 00:03:41,076 --> 00:03:44,706 Whether you're working for a tech company, whether you're working for the 67 00:03:44,706 --> 00:03:49,596 military, whether you're working for a government department, all of that stuff 68 00:03:49,596 --> 00:03:54,761 helps them comprise, a plan for how they would approach you, whether it's 69 00:03:54,761 --> 00:03:57,611 digitally or whether it's, face to face. 70 00:03:57,951 --> 00:04:00,771 back in the day when, we're talking a little bit more old school 71 00:04:00,771 --> 00:04:04,211 espionage, we would try to find as much information about an individual, 72 00:04:04,511 --> 00:04:08,661 compile that and then come up with a plausible reason for us to make a meet 73 00:04:08,871 --> 00:04:10,521 or some sort of contact with them. 74 00:04:11,091 --> 00:04:15,501 Nowadays, it's so much easier to do that because as I said, we all live digitally. 75 00:04:15,681 --> 00:04:18,891 It's a lot easier for us to reach out to someone, whether it be with 76 00:04:18,891 --> 00:04:22,141 a business interest, whether it be through, if they're on a dating app. 77 00:04:22,756 --> 00:04:27,016 It's just so much easier to do that than it is logistically to try to 78 00:04:27,016 --> 00:04:28,921 figure out, okay, how am I gonna make a connection with this person? 79 00:04:29,281 --> 00:04:35,336 And what's interesting is, this idea of big data being available, both 80 00:04:35,426 --> 00:04:38,586 what, what we traditionally call open source intelligence, but also if you 81 00:04:38,586 --> 00:04:43,836 look at what China's biggest raids on North American information, whether 82 00:04:43,836 --> 00:04:46,986 it's the Anthem Healthcare breach, you got health information on US 83 00:04:46,986 --> 00:04:50,406 government employees And other things, the Marriot attacks, where they knew 84 00:04:50,406 --> 00:04:54,186 where people were staying, where they were going, and all the other breaches. 85 00:04:54,186 --> 00:04:56,406 All this is being funneled into a data set. 86 00:04:56,446 --> 00:05:00,166 One can imagine analysis because in, in the exposure I've had to 87 00:05:00,166 --> 00:05:03,016 the world that you live in, Neil, like you, you're looking for those 88 00:05:03,016 --> 00:05:06,346 motivational levers when you have that first conversation with somebody, 89 00:05:06,396 --> 00:05:08,236 is this someone that's, ego-driven? 90 00:05:08,746 --> 00:05:09,916 Are they money motivated? 91 00:05:09,946 --> 00:05:12,886 is a little bit of cash gonna help give them, decide to give up 92 00:05:12,886 --> 00:05:15,616 their administrative credentials to a tech company so you can get 93 00:05:15,616 --> 00:05:17,116 that intellectual property out. 94 00:05:17,186 --> 00:05:21,236 are there other motivators which are as old as time itself in terms 95 00:05:21,236 --> 00:05:24,746 of relationships and Russia's been particularly good about using those, 96 00:05:24,966 --> 00:05:27,126 to great effect over multiple decades. 97 00:05:27,891 --> 00:05:32,091 So you take this information, you know a lot about Jim, Neil and David, what 98 00:05:32,091 --> 00:05:36,021 buttons might work, why you would wanna talk to them and pitches you can make. 99 00:05:36,361 --> 00:05:39,811 one could imagine now we've got a spy DPT or two running around in 100 00:05:39,811 --> 00:05:43,641 various intelligent agencies, giving suggestions of how can I flip Neil? 101 00:05:43,951 --> 00:05:45,541 if I, were you trying to flip Neil? 102 00:05:45,541 --> 00:05:48,541 I would talk about the Blue Jays and maybe he's interested in some 103 00:05:48,541 --> 00:05:52,291 tickets for, I know we're after the season, but we're all so cheap. 104 00:05:52,341 --> 00:05:55,221 we'd sell out our country for Blue Jays tickets at one. 105 00:05:55,221 --> 00:05:58,281 Listen, you would be shocked what people will sell out. 106 00:05:58,281 --> 00:06:00,441 people will give up their passwords for a chocolate pie. 107 00:06:00,491 --> 00:06:01,361 that's true. 108 00:06:01,361 --> 00:06:01,381 It's true. 109 00:06:01,381 --> 00:06:01,391 Yeah. 110 00:06:01,441 --> 00:06:01,771 yeah. 111 00:06:01,771 --> 00:06:05,281 not asking Neil to, to spill any tea, although we'd love to have any tea. 112 00:06:05,561 --> 00:06:08,866 but that's just kinda my take on it is this big data problem, whether it's. 113 00:06:09,136 --> 00:06:12,466 It's openly and freely available or just taken? 114 00:06:12,806 --> 00:06:16,631 yeah, like wholesale B and e Thieves, They're using it to great effect. 115 00:06:17,321 --> 00:06:18,581 I need to take a step back. 116 00:06:18,581 --> 00:06:20,411 You guys are two steps ahead of me. 117 00:06:20,511 --> 00:06:22,371 I used to read Mad Magazine. 118 00:06:22,371 --> 00:06:24,351 I saw Spy versus Spy Comics. 119 00:06:24,651 --> 00:06:28,946 I know that Nations spy on each other, but When did this become a business thing? 120 00:06:30,056 --> 00:06:32,011 Oh, it was always business. 121 00:06:32,081 --> 00:06:36,221 you go back to the great power battles, and trying to achieve 122 00:06:36,221 --> 00:06:37,361 technological advantage. 123 00:06:37,361 --> 00:06:38,171 you can bet. 124 00:06:38,711 --> 00:06:43,301 that Moscow was doing their best to steal every bit of Silicon Valley 125 00:06:43,301 --> 00:06:47,081 insight during the microchip races and things that were happening on that 126 00:06:47,081 --> 00:06:50,921 technology side, whether it was defense or civilian application, other things. 127 00:06:51,041 --> 00:06:54,761 And you look at China, when you have a five year economic plan, you can literally 128 00:06:54,761 --> 00:06:58,811 create a shopping list of all the things you need to have and what priority you 129 00:06:58,811 --> 00:07:00,761 need according to your central planning. 130 00:07:00,801 --> 00:07:03,771 it was always about money over ideology. 131 00:07:03,771 --> 00:07:05,781 'cause it takes money to run ideology. 132 00:07:05,781 --> 00:07:06,871 At least, that's my take. 133 00:07:06,871 --> 00:07:09,451 if you look at it traditionally, technological advancements, 134 00:07:09,551 --> 00:07:13,571 Really were based on military power at one time, right? 135 00:07:13,651 --> 00:07:18,121 everything used to trickle down from the military into private industry. 136 00:07:18,631 --> 00:07:22,166 And then at one point in our history that shifted, Whereas now 137 00:07:22,166 --> 00:07:24,746 private industry had gotten to the point, and I think the internet 138 00:07:24,746 --> 00:07:26,306 was a big catalyst for that, right? 139 00:07:26,306 --> 00:07:29,756 even at that time it was, the idea was, okay, we need a system that we could 140 00:07:29,756 --> 00:07:31,826 easily share ideas and information with. 141 00:07:31,826 --> 00:07:35,516 And even that was almost like from a military perspective, but then it 142 00:07:35,516 --> 00:07:40,076 blossomed and you've got companies like Microsoft and Apple and, Google 143 00:07:40,076 --> 00:07:44,336 and all of these other companies that are amalgamating huge amounts 144 00:07:44,336 --> 00:07:48,746 of information and being used by government departments, by military. 145 00:07:49,106 --> 00:07:51,896 And then that is just basically expanding out and out and the 146 00:07:51,896 --> 00:07:53,186 ripple effect that you're seeing. 147 00:07:53,576 --> 00:07:56,816 So it gets to the point where state and non-state actors realize that, Hey, 148 00:07:56,816 --> 00:08:01,916 listen, if we wanna make some sort of a profit of information or profit of money, 149 00:08:02,216 --> 00:08:04,076 we need to start getting into this first, 150 00:08:04,126 --> 00:08:07,566 How are we, how do we have a military advantage over the rest of the 151 00:08:07,566 --> 00:08:13,746 world, and how can we ensure that our influence continues And all of 152 00:08:13,746 --> 00:08:16,656 those things can be based upon, is it. 153 00:08:17,151 --> 00:08:19,781 What's the next, technological advancement gonna be? 154 00:08:20,081 --> 00:08:21,971 Are people gonna be buying more EVs? 155 00:08:21,971 --> 00:08:25,151 Okay, we'll make E EVs cheaper, but if we steal the information from another 156 00:08:25,151 --> 00:08:28,721 company on how to build those EVs makes it a lot easier for us to do that. 157 00:08:28,751 --> 00:08:32,921 And that's just a simple example, but all of the companies out there right now that 158 00:08:32,921 --> 00:08:37,091 are privatized, even if you look at it from the perspective of space exploration. 159 00:08:37,911 --> 00:08:41,621 You've got SpaceX, you've got, I can't remember off the top of my head what 160 00:08:41,621 --> 00:08:45,011 Bezos is working on, it's project, but it's got a different name now 161 00:08:45,061 --> 00:08:46,801 they're calling it Leo, I think. 162 00:08:46,861 --> 00:08:47,311 I'm not sure. 163 00:08:47,311 --> 00:08:47,726 Oh, okay. 164 00:08:48,341 --> 00:08:51,911 if you look at it from the perspective of, at one time it was military and 165 00:08:51,911 --> 00:08:55,921 state secre, they wanted to get, now our adversaries are realizing that 166 00:08:55,921 --> 00:08:59,781 really if you wanna have an, effect on someone else's economy, if you want 167 00:08:59,781 --> 00:09:01,461 to influence what's happening, yeah. 168 00:09:01,461 --> 00:09:04,671 Politically we want to do certain things and we want to be involved 169 00:09:04,671 --> 00:09:05,811 in the diaspora communities. 170 00:09:05,871 --> 00:09:08,841 But when it comes to the technological advantage, that's 171 00:09:08,841 --> 00:09:09,771 what really helps us out. 172 00:09:09,981 --> 00:09:11,391 And China's a good example of that. 173 00:09:11,441 --> 00:09:13,571 they've always looked at it from the perspective of. 174 00:09:14,176 --> 00:09:15,196 We can build it better. 175 00:09:15,196 --> 00:09:18,906 If we just steal the technology and, reverse engineer it, then we have to worry 176 00:09:18,906 --> 00:09:22,606 about trying to, make a relationship with another government or another company. 177 00:09:22,736 --> 00:09:26,046 and we've seen that and was there a time in Canada, like you've got 178 00:09:26,046 --> 00:09:27,936 the classic Nortel example, right? 179 00:09:27,936 --> 00:09:33,876 Nortel was rated for its best, most innovative technologies, and 180 00:09:33,876 --> 00:09:37,426 those miraculously showed up in, a number of Chinese companies. 181 00:09:37,426 --> 00:09:40,546 Literally the documentation was copy and pasted, and the impact on that. 182 00:09:40,546 --> 00:09:43,816 just recently hydro, just recently, hydro Quebec, same situation, right? 183 00:09:43,816 --> 00:09:43,906 Yeah. 184 00:09:43,906 --> 00:09:47,366 You've got an individual working for Hydro Quebec who is, on trial 185 00:09:47,366 --> 00:09:52,736 at this moment for secrets that he's provided to the Chinese government. 186 00:09:53,426 --> 00:09:56,876 Because Canadians are used to doing, okay, we're gonna fix this 187 00:09:56,876 --> 00:09:58,196 problem, we're gonna figure this out. 188 00:09:58,826 --> 00:10:01,466 And because we have such a huge country and we have to make sure 189 00:10:01,466 --> 00:10:02,876 that IT infrastructure works. 190 00:10:03,266 --> 00:10:07,616 throughout such a large land mass, we have made technological innovations and 191 00:10:07,616 --> 00:10:10,896 exactly what you're saying, like going back to Nortel, we were making some 192 00:10:10,896 --> 00:10:12,696 incredible advancements at that time too. 193 00:10:12,936 --> 00:10:18,856 You go back to the Avro Arrow, we were making advancements in, aerospace, but 194 00:10:19,166 --> 00:10:22,496 another country will come along and say, instead of trying to talk to Canada or 195 00:10:22,496 --> 00:10:26,386 Canadian government or this company, let's just take IP and use it ourselves. 196 00:10:26,666 --> 00:10:28,881 and it's not just rating the private sector like Canada's 197 00:10:28,881 --> 00:10:29,901 National Research Council. 198 00:10:29,901 --> 00:10:32,411 I know this is it feels like now I'm talking about decades 199 00:10:32,411 --> 00:10:33,781 ago, but it was, 10 years ago. 200 00:10:33,831 --> 00:10:37,281 the NRC, which is responsible for funding billions of dollars worth 201 00:10:37,281 --> 00:10:38,751 of research across the country. 202 00:10:38,841 --> 00:10:42,891 Public and private sector research partnerships, had the cookie jar 203 00:10:42,951 --> 00:10:45,201 completely cleaned out by the Chinese. 204 00:10:45,201 --> 00:10:45,261 Yeah. 205 00:10:45,531 --> 00:10:48,861 And afterwards they signed a, we won't hack you agreement. 206 00:10:48,861 --> 00:10:51,081 of course, it's like when I was a kid, I didn't go check the 207 00:10:51,081 --> 00:10:52,431 cookie jarre after I rated it. 208 00:10:52,461 --> 00:10:53,931 'cause mom hadn't made any more cookies. 209 00:10:54,291 --> 00:10:56,481 I promise Mom, I'm not gonna write the cookie jar today. 210 00:10:56,671 --> 00:10:56,941 yeah. 211 00:10:57,001 --> 00:10:57,901 'cause there's no cookies. 212 00:10:58,151 --> 00:10:58,691 They're back. 213 00:10:58,691 --> 00:11:04,136 And what's been interesting is, there was a report from, either CSE or C. So CSC 214 00:11:04,136 --> 00:11:08,996 being Canada's version of the NSA and Cs a's being our combination of C-I-A-F-B-I, 215 00:11:09,456 --> 00:11:13,996 mandate just for American listeners, that talked about that, the increase in 216 00:11:13,996 --> 00:11:17,806 nation chain activity targeting Canada's private sector businesses via cloud 217 00:11:17,806 --> 00:11:21,756 attacks to go and get, 'cause the NRC cookie JRR was getting filled back up. 218 00:11:22,086 --> 00:11:24,666 Maybe it had been locked down a little bit tighter this time, and 219 00:11:24,666 --> 00:11:26,256 so they just moved to the next area. 220 00:11:26,986 --> 00:11:30,111 and this has just been about secrets and intellectual property. 221 00:11:30,141 --> 00:11:32,631 That's not even half of what we're seeing out there now. 222 00:11:33,271 --> 00:11:37,526 Neil, what, from your perspective, because you were an intelligence agent at what 223 00:11:37,526 --> 00:11:41,336 point did you start to think, oh, wait a minute, I'm thinking way more corporately 224 00:11:41,336 --> 00:11:43,496 now than I was maybe government? 225 00:11:43,496 --> 00:11:45,056 Or did that actually happen? 226 00:11:45,726 --> 00:11:48,576 for me the shift was like when I was working as an intelligence 227 00:11:48,576 --> 00:11:52,206 officer, Canadian Security Intelligence Service focuses on 228 00:11:52,266 --> 00:11:53,976 national security threats to Canada. 229 00:11:54,006 --> 00:11:56,226 So that breaks down into basically four components. 230 00:11:56,226 --> 00:12:01,776 You're looking at terrorism, espionage, foreign interference, and sabotage. 231 00:12:02,466 --> 00:12:07,056 So we were looking at nation states or actors, whether they be groups or 232 00:12:07,056 --> 00:12:10,566 individuals like, terrorist groups and individuals that are affiliated 233 00:12:10,566 --> 00:12:11,856 to these terrorist organizations. 234 00:12:12,336 --> 00:12:16,246 What are their threats to Canada and what are they doing to try to, cause 235 00:12:16,336 --> 00:12:21,176 problems for, Canada threatening our, our livelihood, re-reading our lives? 236 00:12:22,136 --> 00:12:25,166 Now what we were looking at from that perspective at that time was, 237 00:12:25,196 --> 00:12:26,846 okay, what about the corporations? 238 00:12:27,056 --> 00:12:28,616 How are they being infiltrated? 239 00:12:28,886 --> 00:12:32,336 Because there's always that understanding that, private industry 240 00:12:32,336 --> 00:12:35,986 has to, be responsible for themselves and are they being targeted? 241 00:12:36,036 --> 00:12:37,896 If you don't look at it, you don't see it. 242 00:12:38,256 --> 00:12:42,546 So when you're focused on, like I said, those poor categories, you're not looking 243 00:12:42,546 --> 00:12:47,956 at it from a private industry perspective, but take a look at the microbiology lab 244 00:12:47,956 --> 00:12:52,466 in Winnipeg, and the information that was stolen from there, like what we have to 245 00:12:52,556 --> 00:12:55,866 get to the point that, Canadians in the Canadian government understands, is that 246 00:12:56,826 --> 00:12:59,796 what's happening in the corporate and private industry world, what's happening 247 00:12:59,796 --> 00:13:06,096 with research and development is just as important as a terrorist entity trying 248 00:13:06,096 --> 00:13:08,166 to, perpetrate an attack in Canada. 249 00:13:08,196 --> 00:13:09,396 Why is it just as important? 250 00:13:09,396 --> 00:13:13,446 Because if you're dealing with a foreign state that is willing 251 00:13:13,446 --> 00:13:14,946 to use a biological weapon. 252 00:13:15,756 --> 00:13:19,806 Then if the information is being stolen from Canada and used against another 253 00:13:19,806 --> 00:13:24,756 country or used to make the next superbug, what are we gonna do about that? 254 00:13:25,366 --> 00:13:28,896 And the private industries are really the linchpin. 255 00:13:28,946 --> 00:13:32,486 they're that, almost like that more vulnerable, soft target now. 256 00:13:32,881 --> 00:13:36,486 and the reason the areas where, you know, when I think about the 257 00:13:36,486 --> 00:13:39,606 future, right now, we are leaders still in artificial intelligence. 258 00:13:39,636 --> 00:13:44,086 We've got some great AI companies, we've got leaders in quantum, the development 259 00:13:44,086 --> 00:13:48,006 of quantum computing plus, leaders in trying to develop host quantum, 260 00:13:48,076 --> 00:13:51,886 secure cryptographic communications and, great examples of that happening 261 00:13:51,886 --> 00:13:54,641 with the Canadian telecommunications companies like TELUS and others. 262 00:13:54,861 --> 00:13:57,591 so we've got lots of cookies that are Oh yeah. 263 00:13:57,591 --> 00:13:58,011 Stealing. 264 00:13:58,891 --> 00:14:00,811 and our show covers both the US and Canada. 265 00:14:00,871 --> 00:14:01,951 There's a huge amount that's there. 266 00:14:01,951 --> 00:14:05,461 But I wanna just back, I just wanna extract it just a little more because 267 00:14:05,671 --> 00:14:08,961 when we started introducing you, you said, oh, and I took a cybersecurity course. 268 00:14:09,011 --> 00:14:14,681 And I'm not being critical, but it, made my heart go, 'cause I went, what? 269 00:14:14,681 --> 00:14:16,751 Wasn't that something you always had to take? 270 00:14:17,181 --> 00:14:21,941 If our security operation is not studying cybersecurity It's it's like 271 00:14:21,941 --> 00:14:24,861 sending the police out and saying that thing on your, in your holster. 272 00:14:25,566 --> 00:14:28,356 You could take when you retire, you can study that. 273 00:14:28,961 --> 00:14:32,646 for me, man, it's because I'm a cyber, I'm a I'm an industrial guy. 274 00:14:32,856 --> 00:14:36,076 Yeah, I hear you From a, from, from that perspective, I can 275 00:14:36,076 --> 00:14:37,006 see why you're saying that. 276 00:14:37,006 --> 00:14:41,176 But if you look at kind of the mandate of each one of our organizations, David, 277 00:14:41,176 --> 00:14:44,566 you had mentioned, the communication security adoption of Canada CSE. 278 00:14:45,196 --> 00:14:50,436 They are more focused on what's happening in relationships to, communications 279 00:14:50,496 --> 00:14:54,756 and intercepting those communications and trying to understand what that 280 00:14:54,756 --> 00:14:56,376 means through those interceptions. 281 00:14:56,376 --> 00:14:59,556 Because it's not just the interception of the communication, it's also 282 00:14:59,556 --> 00:15:03,886 the technology that's being used to infiltrate, Canadian telecommunications. 283 00:15:03,936 --> 00:15:08,286 And where our adversaries and our enemies are trying to get that information from. 284 00:15:08,676 --> 00:15:12,996 Now, as an intelligence officer, my job was to be more of a face-to-face, 285 00:15:13,306 --> 00:15:16,576 having the conversation, making the contact, and then getting the 286 00:15:16,576 --> 00:15:18,886 individual, let's say he works in cyber. 287 00:15:19,906 --> 00:15:22,996 Getting that individual comfortable enough to say, Hey, listen, whatever 288 00:15:22,996 --> 00:15:26,206 group organization you're working for, you realize that they're probably doing things 289 00:15:26,206 --> 00:15:28,396 that are not advantageous to Canada. 290 00:15:28,886 --> 00:15:30,716 we'd really like you to help us out on this. 291 00:15:30,716 --> 00:15:32,726 How can we talk about making this work? 292 00:15:32,996 --> 00:15:38,396 So on one side we're CSC, you've got them understanding the metadata and trying to 293 00:15:38,396 --> 00:15:40,616 get the information from that perspective. 294 00:15:40,916 --> 00:15:46,006 But my job, my role as an intelligence officer was to, basically get the 295 00:15:46,006 --> 00:15:50,296 individual on board to become a human source so that not only do we have the 296 00:15:50,296 --> 00:15:54,736 information, but now I may actually have some opportunity to task and direct this 297 00:15:54,766 --> 00:15:57,016 individual to provide more or do more. 298 00:15:58,216 --> 00:15:59,866 So the crossover of those skills. 299 00:15:59,866 --> 00:16:00,826 And that's equally important. 300 00:16:00,826 --> 00:16:03,326 and by the way, if you're listening to this, we're bringing you back 301 00:16:03,326 --> 00:16:07,706 for an entire show on how to use those, the things that you 302 00:16:07,706 --> 00:16:09,486 learn, as an intelligence officer. 303 00:16:09,536 --> 00:16:12,186 And how you can use those for, social engineering. 304 00:16:12,526 --> 00:16:13,516 But I wanna focus on this. 305 00:16:13,756 --> 00:16:17,356 So can we back up just another piece and for the audience that's out there 306 00:16:17,406 --> 00:16:23,166 who are the players that are out there and what are they doing right now? 307 00:16:23,166 --> 00:16:25,886 start with who the players are, because I think they affect 308 00:16:26,036 --> 00:16:28,346 both the US and Canada directly. 309 00:16:28,646 --> 00:16:29,576 I hear about. 310 00:16:29,996 --> 00:16:30,746 North Korea. 311 00:16:30,746 --> 00:16:32,726 I hear about Russia, I hear about China. 312 00:16:33,116 --> 00:16:34,706 I'm not sure which one's more important. 313 00:16:34,706 --> 00:16:38,371 I'm not sure who's doing what, who are the players in cybersecurity 314 00:16:38,641 --> 00:16:42,031 attacking, or at least that are threatening cybersecurity right now? 315 00:16:42,271 --> 00:16:46,301 Yeah, so the big players, as they would be in intelligence are China, 316 00:16:46,391 --> 00:16:49,031 Russia, Iran, and North Korea. 317 00:16:49,781 --> 00:16:56,441 And they've all shown a capacity to infiltrate and to extract information 318 00:16:56,531 --> 00:16:59,006 or use information for their own means. 319 00:16:59,291 --> 00:17:02,381 So the interesting thing is if you look at China, China is trying to 320 00:17:02,381 --> 00:17:06,491 grab as much information as they can about every individual, in North 321 00:17:06,491 --> 00:17:08,771 America and in the western world. 322 00:17:08,831 --> 00:17:10,961 The Equifax attack by Stone Panda. 323 00:17:11,726 --> 00:17:17,486 That took 145 million individuals information, and now basically the Chinese 324 00:17:17,486 --> 00:17:21,776 government has that and they're probably churning it through, hundreds of different 325 00:17:21,776 --> 00:17:25,676 databases to try to get a profile of every individual that they possibly can. 326 00:17:25,676 --> 00:17:27,776 they may be interested in what they're doing in five or 10 or 15. 327 00:17:27,776 --> 00:17:32,006 Same as TikTok by grabbing as much information on 10, 12, 13, 14 year 328 00:17:32,006 --> 00:17:36,326 olds in the next 5, 6, 7, 8, 10 years, when they've actually got it into 329 00:17:36,326 --> 00:17:39,806 the working world, they can use that information and hopefully they've 330 00:17:39,806 --> 00:17:42,896 been continuing to monitor what these individuals went up to, and it makes 331 00:17:42,896 --> 00:17:47,306 it easier for them to reach out to them either digitally or have some sort of 332 00:17:47,306 --> 00:17:49,466 contact with them and get information. 333 00:17:50,381 --> 00:17:53,321 Now when you look, so this are just movies that people are actually 334 00:17:53,321 --> 00:17:56,771 studying people 10 years in advance of when they make the approach. 335 00:17:57,191 --> 00:18:00,071 you can say a lot of horrible things about authoritarian regime, but the 336 00:18:00,071 --> 00:18:03,311 one thing that you've gotta give them credit for is that they can make 337 00:18:03,311 --> 00:18:07,571 decisions for what's going to happen over the next 5, 10, 15, 20 years. 338 00:18:07,571 --> 00:18:10,901 They're not concerned about what the next government coming in is gonna do because 339 00:18:10,901 --> 00:18:12,371 there is no other government coming in. 340 00:18:12,581 --> 00:18:16,691 They're not worried about, reaching out to their constituency to find 341 00:18:16,691 --> 00:18:18,041 out what the issues are for them. 342 00:18:18,386 --> 00:18:21,206 It's their decisions that are being made, right? 343 00:18:21,236 --> 00:18:24,476 The decisions of that authoritarian regime is, listen, we're gonna make 344 00:18:24,476 --> 00:18:29,456 sure that we infiltrate influence and do what we want to the rest of 345 00:18:29,456 --> 00:18:31,376 the world in the next 15 or 20 years. 346 00:18:31,376 --> 00:18:34,586 And if that means we have to overtake their critical infrastructure, if 347 00:18:34,586 --> 00:18:37,466 that means that we have to steal all their ip, if that means we have 348 00:18:37,466 --> 00:18:40,196 to get into their own political systems, we're going to do that. 349 00:18:40,796 --> 00:18:42,266 And that's what their priority is. 350 00:18:42,686 --> 00:18:46,106 So you've got that from China, and then you're looking at Russia who's looking 351 00:18:46,106 --> 00:18:47,966 at it from a military perspective, right? 352 00:18:48,026 --> 00:18:49,886 they're still involved in the conflict in Ukraine. 353 00:18:50,576 --> 00:18:53,006 They're looking at, okay, what's happening in Europe? 354 00:18:53,066 --> 00:18:54,536 What's happening in North America? 355 00:18:54,536 --> 00:18:57,566 How can we ensure that they don't get the idea that they 356 00:18:57,566 --> 00:18:59,336 want to continue to help Ukraine? 357 00:18:59,336 --> 00:19:00,056 Or how can we. 358 00:19:00,686 --> 00:19:04,186 Cause some sort of, disruption within their system. 359 00:19:04,186 --> 00:19:06,496 So they question their own government and we've seen a lot 360 00:19:06,496 --> 00:19:07,816 of sabotage attacks happening. 361 00:19:07,816 --> 00:19:12,356 But those sabotage attacks are, being coordinated with individuals 362 00:19:12,356 --> 00:19:15,566 that are working in the cyber world to find out, okay, where 363 00:19:15,566 --> 00:19:18,216 are the, supply chain, weaknesses? 364 00:19:18,426 --> 00:19:20,496 How can we overcome these weaknesses? 365 00:19:20,896 --> 00:19:22,276 you've got China, you've got Russia. 366 00:19:22,276 --> 00:19:25,456 Iran is always concerned about their dissidents and they're concerned 367 00:19:25,456 --> 00:19:26,986 about their own nuclear program. 368 00:19:27,436 --> 00:19:30,886 So they're gonna try to infiltrate anything that deals with defense. 369 00:19:31,096 --> 00:19:33,916 They're gonna try to get ahold of information from IP from. 370 00:19:34,681 --> 00:19:38,651 We talked about, rocket companies like, space exploration, and now you, you 371 00:19:38,651 --> 00:19:42,441 mentioned it yourself, David, Canada is really getting big into AI and 372 00:19:42,441 --> 00:19:44,181 we're trying to push that envelope. 373 00:19:44,871 --> 00:19:48,951 Iran would be looking at Canadian companies that are startups and 374 00:19:48,951 --> 00:19:51,471 the aerospace industry and being like, okay, we want to get in there. 375 00:19:51,471 --> 00:19:52,461 We want to find out what they're doing. 376 00:19:53,076 --> 00:19:55,816 So and it's interesting because the service speaking of startups, 377 00:19:56,056 --> 00:19:59,896 so CSIS had a great alert out to Canadian startups, and this would 378 00:19:59,896 --> 00:20:01,216 apply to American startups as well. 379 00:20:01,216 --> 00:20:03,936 It's hey, these contests where they invite you to China? 380 00:20:04,086 --> 00:20:05,076 Maybe not such a good idea. 381 00:20:05,766 --> 00:20:05,976 Yeah. 382 00:20:06,031 --> 00:20:08,851 for these potential investments, which you're gonna disclose all 383 00:20:08,851 --> 00:20:11,491 of your deepest secrets and where you're at, and potentially Get 384 00:20:11,491 --> 00:20:12,661 money and investment this way. 385 00:20:12,661 --> 00:20:12,721 Yeah. 386 00:20:13,051 --> 00:20:16,906 Which is, interesting that they decided to go loud as part of that it, it is 387 00:20:16,906 --> 00:20:21,796 worth noting, Jim, the George, was it the, the guy behind Game US owns, George. 388 00:20:23,671 --> 00:20:24,631 You're on your own buddy. 389 00:20:24,871 --> 00:20:25,231 Yeah. 390 00:20:25,231 --> 00:20:25,681 Sorry. 391 00:20:25,801 --> 00:20:26,071 Yeah. 392 00:20:26,371 --> 00:20:29,271 George R. Martin, has this famous quote that no one's the 393 00:20:29,271 --> 00:20:30,441 villain in their own story. 394 00:20:30,491 --> 00:20:35,021 and for us, the absence of cyber digital evil is, Russia, China, 395 00:20:35,071 --> 00:20:37,531 North Korea, sometimes Iran. 396 00:20:37,921 --> 00:20:39,811 but we do it, we pioneered it. 397 00:20:39,841 --> 00:20:45,331 The United States started this by tapping Cisco routers back in 398 00:20:45,331 --> 00:20:47,401 the day, being shipped to Moscow. 399 00:20:47,456 --> 00:20:50,311 the whole reason we're so wired about Huawei networking gears. 400 00:20:50,316 --> 00:20:51,856 'cause we did it first. 401 00:20:51,916 --> 00:20:55,291 Now they may be doing it more and better than us, but But, we. 402 00:20:56,356 --> 00:20:59,521 I had a chance to meet members of the intelligence committee from the United 403 00:20:59,521 --> 00:21:03,796 States, and remember that awkward moment when Snowden leaks were happening and 404 00:21:03,796 --> 00:21:05,676 there was the, one guy was sent out. 405 00:21:05,676 --> 00:21:06,306 I just met him. 406 00:21:06,306 --> 00:21:10,676 He was the official apology tour for the CIA, going to, Angela 407 00:21:10,676 --> 00:21:14,346 Merkel and others saying, we're really sorry we spied on your phone. 408 00:21:14,506 --> 00:21:16,036 because allies do it to each other. 409 00:21:16,036 --> 00:21:19,386 Israel spies on everybody, for their own national interests. 410 00:21:19,676 --> 00:21:24,026 what's interesting sometimes for me is the countries we never hear about. 411 00:21:24,056 --> 00:21:26,056 I had some really interesting conversations back when, 412 00:21:26,056 --> 00:21:29,446 particularly Canada was having a very tense time with India. 413 00:21:29,446 --> 00:21:32,266 we made a series of geopolitical choices to get in a fight. 414 00:21:33,166 --> 00:21:35,986 Hilariously have our Prime Ministers plane break down after we start the 415 00:21:35,986 --> 00:21:38,056 fight in India, which was super awkward. 416 00:21:38,486 --> 00:21:40,076 there's no red carpet. 417 00:21:40,116 --> 00:21:42,996 can we get some spare parts, for but where I'm going with this is 418 00:21:43,026 --> 00:21:44,376 we don't talk enough about India. 419 00:21:44,806 --> 00:21:48,616 everyone I read on the intelligence assessments on India's cyber capabilities, 420 00:21:48,616 --> 00:21:49,996 they're very condescending and I'm like, 421 00:21:49,996 --> 00:21:50,476 Wait a second. 422 00:21:50,566 --> 00:21:54,586 This country has more engineers than some countries have populations. 423 00:21:55,106 --> 00:21:57,596 and they're incredibly hardworking and incredibly smart. 424 00:21:57,596 --> 00:22:04,106 And I think you're being incredibly dumb to ignore, India's potential into 21st 425 00:22:04,106 --> 00:22:05,426 century in building up these capacities. 426 00:22:05,426 --> 00:22:09,656 So yes, a lot of their attention is spent on Pakistan as two nuclear armed countries 427 00:22:10,226 --> 00:22:14,096 that like to spark off, would spend their time, but that don't mean they can't. 428 00:22:14,326 --> 00:22:15,701 and when we were getting tents in Canada. 429 00:22:16,891 --> 00:22:19,561 We have a lot of offshore software development in India. 430 00:22:20,101 --> 00:22:22,831 And so one of the goals for Indian intelligence, like Neil was saying, 431 00:22:22,831 --> 00:22:27,671 would be develop assets inside their own, companies that may potentially want to put 432 00:22:27,671 --> 00:22:31,861 code back doors, other things, these are This is a form of power projection now. 433 00:22:31,961 --> 00:22:34,147 we talk about the players, it's everybody. 434 00:22:34,147 --> 00:22:37,987 And, Canada, we got caught in Snowden hacking Brazil's phone. 435 00:22:37,987 --> 00:22:39,637 So during trade negotiations. 436 00:22:39,637 --> 00:22:40,027 Awkward. 437 00:22:40,127 --> 00:22:43,877 and I was very proud of our spies 'cause we're really good at, we had a really good 438 00:22:43,877 --> 00:22:45,527 track record of hacking mobile devices. 439 00:22:45,917 --> 00:22:46,277 Cool stuff. 440 00:22:46,277 --> 00:22:47,792 but we had our hand on the cookie jar too. 441 00:22:47,792 --> 00:22:52,082 As much as I will China for stealing our stuff, we do it to others. 442 00:22:52,592 --> 00:22:52,862 Yeah. 443 00:22:53,742 --> 00:22:55,362 so we've got these companies. 444 00:22:55,692 --> 00:23:01,902 And now, my sense is it's gone beyond information and I first encountered 445 00:23:01,902 --> 00:23:06,102 this as a telco consultant way back, and I was an African, I was meeting 446 00:23:06,102 --> 00:23:10,102 guys from Huawei and realizing, who Huawei is, building the telephone 447 00:23:10,102 --> 00:23:13,012 infrastructure for the world right now. 448 00:23:13,132 --> 00:23:14,722 And David, you talk about Nortel. 449 00:23:14,902 --> 00:23:19,672 So we know, and I think most of us are aware that Huawei devices are 450 00:23:20,122 --> 00:23:24,202 intricately meshed into most of the telecommunications networks. 451 00:23:24,412 --> 00:23:27,412 I think a lot of people think they've been pulled outta the Western networks. 452 00:23:27,712 --> 00:23:29,242 Germany would disagree. 453 00:23:29,462 --> 00:23:32,192 and many other countries as well still have these devices. 454 00:23:32,492 --> 00:23:36,392 But those are, that's one place of where they, we've infiltrated. 455 00:23:36,392 --> 00:23:40,622 But I've heard stories of, and I don't know how true they are, 456 00:23:40,682 --> 00:23:42,272 but you get the news on them. 457 00:23:42,572 --> 00:23:45,362 Oh, I think I have an idea of how true they're, but that. 458 00:23:46,022 --> 00:23:49,432 Most of the infrastructure, the critical infrastructure that 459 00:23:49,432 --> 00:23:51,142 we have has been infiltrated. 460 00:23:51,382 --> 00:23:56,182 how deep are these intelligence agencies in our corporate and our 461 00:23:56,182 --> 00:23:56,902 physical structures right now? 462 00:23:58,757 --> 00:24:03,177 it's the, the worst kept secret out there, that cozy bear and stone 463 00:24:03,177 --> 00:24:07,887 panda and salt typhoon, and all of these other APT's are actually 464 00:24:07,887 --> 00:24:11,877 working on behalf of the government, but they're working as contractors. 465 00:24:12,147 --> 00:24:15,237 So a lot of these governments, the Russian government doesn't care if 466 00:24:15,237 --> 00:24:19,497 they're stealing Bitcoin or if they're involved in ransomware or some of these 467 00:24:19,497 --> 00:24:22,347 other things, as long as they're getting them the information that they want. 468 00:24:22,347 --> 00:24:25,587 And really it's, a symbiotic relationship because. 469 00:24:26,427 --> 00:24:32,157 These foreign governments are not going to start looking into the actions of these 470 00:24:32,487 --> 00:24:36,297 hacking group because they're essentially working on their behalf as well. 471 00:24:36,297 --> 00:24:41,057 So you've got that happening now, you take that in consideration with how 472 00:24:41,057 --> 00:24:45,587 far they're going to go into critical infrastructure and then provide the 473 00:24:45,587 --> 00:24:49,297 information back to their foreign state countries that they're working for. 474 00:24:50,177 --> 00:24:55,997 we all know that sometimes it can be years before a company or a 475 00:24:56,027 --> 00:24:59,207 department or an organization even knows they've been infiltrated. 476 00:25:00,137 --> 00:25:03,287 And the unfortunate thing is at that point in time, it's too late. 477 00:25:03,477 --> 00:25:06,267 if something decides to happen, if they wanna probe and find out, 478 00:25:06,267 --> 00:25:09,987 okay, we're gonna shut down part of Southwestern Ontario's electrical 479 00:25:09,987 --> 00:25:13,017 grid for the next four, eight hours, just to see if it works. 480 00:25:13,537 --> 00:25:16,667 look at Russia and what they were doing to Estonia with their financial. 481 00:25:16,717 --> 00:25:18,737 you could, if you went to Estonia and you tried to get 482 00:25:18,737 --> 00:25:20,027 money out of a bank, forget it. 483 00:25:20,032 --> 00:25:20,807 It wasn't gonna happen. 484 00:25:21,017 --> 00:25:24,827 And they were just doing that essentially just to mess with them to say, Hey, 485 00:25:24,827 --> 00:25:28,007 listen, when we want to, we'll shut your lights off when we want to. 486 00:25:28,007 --> 00:25:29,777 We'll shut your water off when we want to. 487 00:25:29,777 --> 00:25:32,027 We'll shut your money off and what are you gonna do about that? 488 00:25:32,397 --> 00:25:35,127 we haven't gotten to that point yet because we're still dealing with 489 00:25:35,127 --> 00:25:38,307 the issue of, okay, at what point does it become a military attack? 490 00:25:38,817 --> 00:25:42,177 At what point do you involve yourselves in shutting off? 491 00:25:42,177 --> 00:25:43,407 And how do we attribute it to you? 492 00:25:43,407 --> 00:25:47,727 Because if you've got Salt, typhoon or some other organization that's a 493 00:25:47,727 --> 00:25:51,197 hacking group and the government, of China says, they don't work for us. 494 00:25:51,197 --> 00:25:52,337 We don't know what you're talking about. 495 00:25:52,387 --> 00:25:56,707 at what point do we, we have to connect the dots and basically make 496 00:25:56,707 --> 00:25:58,457 the argument to say, guess what? 497 00:25:58,457 --> 00:26:01,397 You are funding Stone Panda. 498 00:26:01,397 --> 00:26:04,487 You are funding salt Typhoon, and we're gonna do something about this. 499 00:26:05,072 --> 00:26:05,282 Yeah. 500 00:26:05,282 --> 00:26:09,332 And what's interesting here, so I spent the weekend, I watched, the new Netflix, 501 00:26:09,412 --> 00:26:13,812 Kate Bigelow movie, house of Dynamite, which is talking about the modern kind 502 00:26:13,812 --> 00:26:18,012 of nuclear era we're in and runs you through a very uncomfortable situation 503 00:26:18,012 --> 00:26:21,452 of a, a nuclear strike on the United States and all the things that people 504 00:26:21,452 --> 00:26:22,712 are trying to struggle and deal with. 505 00:26:23,172 --> 00:26:27,406 And one of the interesting points about that movie is they missed who fired it. 506 00:26:27,586 --> 00:26:30,916 The satellite didn't show where the myth, they only caught it once the 507 00:26:30,916 --> 00:26:33,406 missile was on the upwards trajectory. 508 00:26:33,456 --> 00:26:35,166 And so they had no attribution. 509 00:26:35,816 --> 00:26:41,216 and that causes significant issues as you try and with us, that's cyber. 510 00:26:42,146 --> 00:26:48,926 You have no idea who launched the, massive crippling attack on the West coast. 511 00:26:48,956 --> 00:26:50,066 you have suspicions. 512 00:26:50,516 --> 00:26:53,916 And, and you gotta remember too, is that depending on the country, 513 00:26:54,246 --> 00:26:58,056 their policy response is not necessarily to respond proportionally. 514 00:26:58,366 --> 00:27:01,396 you look at the US playbook, is that a significant enough cyber 515 00:27:01,396 --> 00:27:05,386 event could response result in a kinetic response or higher? 516 00:27:05,386 --> 00:27:09,806 and Israel, set the tone for this with, one of its raids on, Hamas. 517 00:27:09,866 --> 00:27:14,026 before the most recent war, they, they took out a floor, one of the buildings. 518 00:27:14,821 --> 00:27:19,461 Where Hamas software devs had built a really clever spying, app. 519 00:27:19,761 --> 00:27:23,391 It was made as a soccer app and it was targeting IDF soldiers. 520 00:27:23,391 --> 00:27:26,271 And what happens when they installed this soccer app, it was ping in all 521 00:27:26,271 --> 00:27:27,651 their troop deployments and locations. 522 00:27:27,731 --> 00:27:28,511 brilliant. 523 00:27:28,901 --> 00:27:29,171 Great. 524 00:27:29,291 --> 00:27:32,111 Like you gotta give them points for operational audacity. 525 00:27:32,161 --> 00:27:36,451 But the response to that particular intrusion was, we're gonna wipe 526 00:27:36,451 --> 00:27:39,321 out this whole team that's that this is where it gets messy. 527 00:27:39,661 --> 00:27:43,221 but you, to your question, like how deep is China in anything that's 528 00:27:43,221 --> 00:27:46,731 critical infrastructure and has a Cisco router has had a bad time? 529 00:27:47,391 --> 00:27:50,981 In the last couple of years, because our infrastructure is fundamentally insecure. 530 00:27:51,311 --> 00:27:54,101 The motivations aren't there to properly lock it down. 531 00:27:54,491 --> 00:27:59,021 And, our intelligence agencies up until the last few years in Canada were a 532 00:27:59,021 --> 00:28:03,071 little bit tied in terms of how much cooperation they could actually do. 533 00:28:03,381 --> 00:28:07,251 CSE could engage through the cyber center if there was voluntary interest. 534 00:28:07,251 --> 00:28:09,921 They wanted to engage proactively, let us know what was happening. 535 00:28:09,921 --> 00:28:10,581 They would get involved. 536 00:28:10,941 --> 00:28:15,161 CSIS really had its hands tied until the changes, as result of all the foreign 537 00:28:15,161 --> 00:28:16,931 interference and spying stuff in Canada. 538 00:28:16,931 --> 00:28:20,461 We had some major legislative changes, and I was witness to, CSIS 539 00:28:20,491 --> 00:28:23,431 stepping up and doing some really great work with the private sector. 540 00:28:23,431 --> 00:28:26,491 So we're starting to see those linkages happen. 541 00:28:26,671 --> 00:28:29,511 and I don't believe it's just a cynical check the box. 542 00:28:29,511 --> 00:28:31,671 We could say we've consulted with the private sector. 543 00:28:31,771 --> 00:28:36,091 there's been some decent non-classified conversations, but it's bad out there. 544 00:28:36,161 --> 00:28:37,121 and the challenge is that. 545 00:28:37,876 --> 00:28:42,476 Canada, we lack the legislative tools to force critical infrastructure 546 00:28:42,746 --> 00:28:45,386 and particularly things like energy transmission where we almost had a 547 00:28:45,386 --> 00:28:50,186 pipeline go kaboom on orders from the GRU because a bunch of script 548 00:28:50,186 --> 00:28:53,011 kitties got in and said, hey, do you want us to try and make this go? 549 00:28:53,281 --> 00:28:56,551 And then just a couple weeks ago in Canada, we had an alert from our 550 00:28:56,551 --> 00:29:00,001 intelligence agencies that four different critical infrastructure, everything 551 00:29:00,001 --> 00:29:04,241 from water treatment to a grain silo plant, which I did not realize how 552 00:29:04,241 --> 00:29:06,011 dangerous grain silo plants can be. 553 00:29:06,011 --> 00:29:07,691 But those things can go boom too. 554 00:29:08,061 --> 00:29:10,371 that people were in there messing with the controls. 555 00:29:10,471 --> 00:29:15,511 and they were described as, but back to Neil's point sweetest 556 00:29:15,511 --> 00:29:20,251 words in any kind of nation states toolkits, plausible deniability. 557 00:29:20,551 --> 00:29:23,131 And that gets us back to our house of dynamite problem. 558 00:29:23,896 --> 00:29:28,596 We had, someone from, one of the US groups that works with smaller 559 00:29:28,596 --> 00:29:34,026 organizations all around in terms of their water plants and things like that. 560 00:29:34,296 --> 00:29:40,536 And these, according to them, the attacks were just constant and that most 561 00:29:40,536 --> 00:29:42,576 of these plants could be controlled. 562 00:29:42,576 --> 00:29:44,686 And when you think about it, we don't think about these 563 00:29:44,686 --> 00:29:45,946 dangers, grain elevators. 564 00:29:45,946 --> 00:29:47,206 I grew up near a grain elevator. 565 00:29:47,686 --> 00:29:49,696 a huge explosion waiting to happen. 566 00:29:50,236 --> 00:29:51,586 If the ventilation goes down. 567 00:29:51,586 --> 00:29:51,646 Yeah. 568 00:29:52,026 --> 00:29:55,656 if you look at water treatment plants, these are all automated. 569 00:29:55,956 --> 00:30:00,306 They release chemicals into the water that we get 15 minutes later. 570 00:30:00,696 --> 00:30:02,076 Most of our major cities. 571 00:30:02,406 --> 00:30:07,176 And if those were ever played with in a way you could do serious damage. 572 00:30:07,226 --> 00:30:11,576 and we saw that in one small town in Ontario, the water treatment 573 00:30:11,576 --> 00:30:17,176 plant stops working and a lot of the population gets sick very quickly. 574 00:30:17,696 --> 00:30:19,580 Nevermind the chemicals that they could dump in. 575 00:30:20,090 --> 00:30:25,400 so we're fundamentally weak in our infrastructure, if I'm hearing 576 00:30:25,400 --> 00:30:28,730 you correctly, we're fundamentally weak in our corporations. 577 00:30:29,150 --> 00:30:30,530 Every government is playing. 578 00:30:30,530 --> 00:30:31,850 David added another one. 579 00:30:31,850 --> 00:30:34,820 The Israelis, we like to ignore them because they're providing 580 00:30:34,820 --> 00:30:37,130 the spying equipment that our own governments are using on us. 581 00:30:37,180 --> 00:30:39,190 I'll use that, that tired phrase. 582 00:30:39,190 --> 00:30:40,750 Do your own research. 583 00:30:41,300 --> 00:30:45,460 the apple phone spying that governments can use and all of that. 584 00:30:45,700 --> 00:30:47,260 It's all Israeli technology. 585 00:30:47,890 --> 00:30:51,250 And I don't know how much Canada's bought, I know how much the US has 586 00:30:51,250 --> 00:30:55,900 bought because they are, they're now using that effectively for facial 587 00:30:55,900 --> 00:30:59,590 recognition and for spying on people on their phones, whomever they want. 588 00:30:59,990 --> 00:31:02,630 and actually, citizen Lab at the University of Toronto has done some 589 00:31:02,630 --> 00:31:06,710 phenomenal work into the NSO group, the Pegasus Malware and all that fun stuff. 590 00:31:06,710 --> 00:31:08,330 to Jim's point, it's all there. 591 00:31:08,385 --> 00:31:12,385 and you know what I, in terms of the norms, I'm okay with 592 00:31:12,385 --> 00:31:13,855 countries spying on each other. 593 00:31:14,415 --> 00:31:17,865 because in, in some ways, that is a steam release valve. 594 00:31:18,740 --> 00:31:19,730 What are they thinking? 595 00:31:19,820 --> 00:31:20,870 What are they doing? 596 00:31:20,900 --> 00:31:21,650 All right, great. 597 00:31:21,655 --> 00:31:23,635 you're not, you don't feel we're gonna give you the straight answer 598 00:31:23,635 --> 00:31:26,035 and you need to go look behind the sheets and see what's going on. 599 00:31:26,035 --> 00:31:26,425 Fine. 600 00:31:26,755 --> 00:31:28,485 And, protect your intellectual property. 601 00:31:28,485 --> 00:31:30,285 It's your job to put your goalie in front and wave. 602 00:31:30,335 --> 00:31:34,479 What I don't like is this, expansion of the game. 603 00:31:34,539 --> 00:31:38,199 And North Korea doing this the most where they're violating international 604 00:31:38,199 --> 00:31:42,339 norms around espionage and now it's monetization and it's pre-positioning 605 00:31:42,339 --> 00:31:43,869 for infrastructure disruption. 606 00:31:43,869 --> 00:31:48,199 And it's the weaponization of intelligence and turning this, okay, 607 00:31:48,199 --> 00:31:50,359 we got in, we've got persistence. 608 00:31:50,389 --> 00:31:53,389 Okay, now we're gonna potentially be able to sabotage and shut down 609 00:31:53,389 --> 00:31:54,589 critical infrastructure, et cetera. 610 00:31:54,859 --> 00:31:57,709 That's when we're crossing a line now between the Great 611 00:31:57,709 --> 00:32:00,559 game and the House of Dynamite. 612 00:32:00,609 --> 00:32:03,219 I don't know how we have an adult conversation 'cause I don't think 613 00:32:03,219 --> 00:32:06,969 we have functional multilateral international organizations anymore. 614 00:32:07,309 --> 00:32:11,254 guys like we need a Geneva Convention 2.0 that says, No, you're not 615 00:32:11,254 --> 00:32:12,454 allowed to be in a hospital. 616 00:32:12,514 --> 00:32:14,134 You're not allowed to be in a power plant. 617 00:32:14,374 --> 00:32:15,994 You're not allowed to be in a water plant. 618 00:32:16,114 --> 00:32:16,534 Period. 619 00:32:16,534 --> 00:32:17,194 Full stop. 620 00:32:17,194 --> 00:32:21,334 that is a violation of international norms and you're a pariah and 621 00:32:21,334 --> 00:32:24,364 sanctioned and cutoff or whatever the hell we can do short of war. 622 00:32:24,414 --> 00:32:26,874 But we've gotta put some boundaries on this stuff. 623 00:32:27,774 --> 00:32:30,144 I'll just go back to some of the stuff that you guys were talking about. 624 00:32:30,144 --> 00:32:33,534 one of the biggest turning points I think, just in the last 625 00:32:33,954 --> 00:32:36,294 25 years was Stuxnet, right? 626 00:32:36,384 --> 00:32:43,134 You're looking at, state, on state, attack that happened through, cyber technology. 627 00:32:43,239 --> 00:32:47,954 And it was, it goes back to what you were talking about too, is what 628 00:32:47,954 --> 00:32:51,744 are the motivations we talked about, intelligence, getting close to a human 629 00:32:51,744 --> 00:32:55,314 source or recruiting someone because you understand what their motivations are. 630 00:32:55,974 --> 00:32:59,604 And you guys both brought this up, is that if you look at Israel's a 631 00:32:59,604 --> 00:33:01,434 good example, what is motivation? 632 00:33:01,874 --> 00:33:06,554 what is Israel's biggest motivation to ensure that they can maintain what they 633 00:33:06,554 --> 00:33:11,504 have and they are basically surrounded in their minds by enemies on all side, right? 634 00:33:12,164 --> 00:33:15,769 So they're gonna take technology and they're gonna use it against. 635 00:33:16,529 --> 00:33:22,439 Anyone and everyone to try to ensure that they maintain what they have and 636 00:33:22,439 --> 00:33:28,199 that they keep their military capacity capable of the most capable as possible. 637 00:33:28,529 --> 00:33:31,109 So that means that if you're dealing with them and you're a private industry 638 00:33:31,109 --> 00:33:35,849 co company, and you're dealing with a company that's spaced out of Israel, more 639 00:33:35,849 --> 00:33:40,469 than likely anything that they provide to you will somehow have malware on it. 640 00:33:40,469 --> 00:33:44,369 It's gonna infiltrate your system like, this is what we have to do, 641 00:33:44,429 --> 00:33:48,239 this is what we have to do for our companies as well as our governments, 642 00:33:48,299 --> 00:33:49,799 is come to the realization. 643 00:33:50,189 --> 00:33:51,929 You gotta know what the motivations are. 644 00:33:52,079 --> 00:33:54,839 If you're dealing with any company in China, that company is partially 645 00:33:54,839 --> 00:33:56,009 owned by the Chinese government. 646 00:33:56,784 --> 00:33:58,044 you've gotta keep that in mind. 647 00:33:58,704 --> 00:34:02,424 The thing that makes me crazy, and I'm just gonna relate it back to corporate 648 00:34:02,604 --> 00:34:05,994 world work, there's a couple things that make me crazy in this, but one 649 00:34:05,994 --> 00:34:10,704 of them is I've got a whole government that I pay taxes to and there's a bigger 650 00:34:10,704 --> 00:34:14,034 government to the south of me where a lot of people pay a lot of taxes 651 00:34:14,034 --> 00:34:18,594 to, and people tell me, we shouldn't have Huawei equipment or we shouldn't 652 00:34:18,594 --> 00:34:19,914 have this equipment or all this stuff. 653 00:34:20,354 --> 00:34:24,554 Isn't there some lab somewhere where they pull this stuff in and say, Hey, 654 00:34:24,554 --> 00:34:28,934 wait a minute, this stuff that's coming to you from China, from it's always 655 00:34:28,934 --> 00:34:32,834 like we make these announcements on our show that you are supposed to watch for 656 00:34:32,834 --> 00:34:36,944 this and you've got some guy, he's a security officer for a company, maybe 657 00:34:36,944 --> 00:34:41,534 even a mid-sized one, four or five people, or I don't know, a dozen people 658 00:34:41,534 --> 00:34:46,304 were reporting to him or her, and we're supposed to defend you against China. 659 00:34:46,904 --> 00:34:48,344 This is insane. 660 00:34:48,514 --> 00:34:50,044 apocalypse Now, right? 661 00:34:50,044 --> 00:34:54,124 it's like we're all sitting on the beach with Kilgore and it's like surf's up, man. 662 00:34:54,124 --> 00:34:55,344 I love the smell of cyber in the morning. 663 00:34:55,494 --> 00:34:57,124 so let's just be real for a second. 664 00:34:57,154 --> 00:34:58,324 It is insane. 665 00:34:58,774 --> 00:35:03,444 Part of it is, Neil talked about you need to understand motivation, but 666 00:35:03,444 --> 00:35:06,294 the other part understanding what's going on with bureaucracies, you need 667 00:35:06,294 --> 00:35:10,434 to understand what happens when you have a critical lack of imagination. 668 00:35:11,564 --> 00:35:17,054 when people are just so focused on staying in their lane, in their policy directive. 669 00:35:17,054 --> 00:35:21,584 So if your policy directive as, CRTC and as, industry, 670 00:35:21,584 --> 00:35:23,534 Canada, and others is cheapest. 671 00:35:24,254 --> 00:35:27,464 Internet costs for Canadians as possible. 672 00:35:27,914 --> 00:35:31,374 Then when telecommunications providers are working and negotiating with the 673 00:35:31,374 --> 00:35:34,974 regulator for, okay, we're gonna, we're gonna buy the cheapest equipment available 674 00:35:35,184 --> 00:35:38,154 that's got the highest quality, which China was turning out with Huawei. 675 00:35:38,454 --> 00:35:41,574 No one cared about the national security implications of that 676 00:35:41,754 --> 00:35:42,894 to the extent they cared. 677 00:35:42,894 --> 00:35:45,564 They set up a little lab and they tried to do some assurance and everything 678 00:35:45,564 --> 00:35:49,184 else, but they just tried to make themselves feel okay about the decision, 679 00:35:49,214 --> 00:35:53,144 like the lack of imagination that we could be in a hostile situation. 680 00:35:53,144 --> 00:35:56,894 Because when we were making those decisions about Huawei, we were trying to 681 00:35:56,894 --> 00:35:58,964 orient more of our trade towards China. 682 00:35:58,994 --> 00:36:02,864 We were doing a great sort of warming of all those things, and then for some 683 00:36:03,314 --> 00:36:09,494 absolutely insane reason, we decided to, to grab the daughter of a senior executive 684 00:36:09,494 --> 00:36:12,314 for China's version of Apple, which okay. 685 00:36:12,949 --> 00:36:16,519 Gotta remind you guys, China's really sensitive about insults for reasons 686 00:36:16,549 --> 00:36:18,499 3000 years of history and other things. 687 00:36:18,709 --> 00:36:22,879 So when you insult the company, that literally means Huawei China forward, 688 00:36:23,179 --> 00:36:26,959 and you throw her in detention in Canada, you're gonna provoke a response. 689 00:36:27,259 --> 00:36:29,749 And so we get into a fight with the world's largest economy 690 00:36:29,749 --> 00:36:32,929 and all of a sudden back into or second largest economy. 691 00:36:33,629 --> 00:36:36,119 Back in our intelligence communities, we're like, oh, maybe it's not such a 692 00:36:36,119 --> 00:36:40,769 good idea that all our telecommunications equipment is now influenced by 693 00:36:40,769 --> 00:36:42,629 someone who's actively hostile to us. 694 00:36:42,879 --> 00:36:45,779 there was that aspect of it, but there's also the aspect of it that all 695 00:36:45,779 --> 00:36:49,589 of our five Eyes partners had come to the realization that using Huawei as 696 00:36:49,589 --> 00:36:54,039 a, backbone infrastructure for your telecommunications is a bad idea. 697 00:36:54,049 --> 00:36:58,759 this is one of those things that, because of the five eyes, if you're gonna go ahead 698 00:36:58,819 --> 00:37:02,759 and put yourself in a position where you become the vulnerable point, then you. 699 00:37:03,199 --> 00:37:04,399 there's gonna be a major issue. 700 00:37:04,449 --> 00:37:07,599 you guys have talked about this on the show time and time again, you have 701 00:37:07,599 --> 00:37:11,429 those individuals that are in place that are talking about security, but 702 00:37:11,429 --> 00:37:16,779 they're always going to be trumped, no pun intended, by those individuals 703 00:37:16,779 --> 00:37:18,489 that are more concerned about profit. 704 00:37:18,549 --> 00:37:23,099 just look at the Canadian government and how we've gone from, okay, India 705 00:37:23,099 --> 00:37:25,319 is, affecting our diaspora community. 706 00:37:25,319 --> 00:37:27,409 There are, assassinations happening. 707 00:37:27,929 --> 00:37:31,199 the Indian government is involved to, oh, the G seven, 708 00:37:31,199 --> 00:37:32,759 I'm going to invite Modi there. 709 00:37:33,149 --> 00:37:37,129 Or, all the issues that we had with the two Michaels, as you mentioned with, the 710 00:37:37,279 --> 00:37:44,299 Huawei situation and how we know that on a regular basis China is trying to influence 711 00:37:44,299 --> 00:37:47,449 and infiltrate, Canadian, cyberspace. 712 00:37:48,059 --> 00:37:50,909 but yet our prime minister still goes there and says, Hey, listen, we want 713 00:37:50,909 --> 00:37:55,319 to turn a corner here because why Economically Canada is looking at itself 714 00:37:55,319 --> 00:37:58,829 saying, what's more important that we make sure that we get more money 715 00:37:59,309 --> 00:38:00,899 and that we start doing more trade? 716 00:38:01,109 --> 00:38:04,019 Or are we more concerned about our national security issues? 717 00:38:04,019 --> 00:38:10,274 So these are always gonna be conflicting if we were to lock out everyone who 718 00:38:10,274 --> 00:38:13,304 spied on us, there would be the G one. 719 00:38:13,904 --> 00:38:14,054 Yeah. 720 00:38:14,424 --> 00:38:18,174 north Korea's internet is perhaps not the model that we're advocating for here. 721 00:38:18,174 --> 00:38:21,749 And again, I would go back and say I'm cool with a certain amount of spying. 722 00:38:22,389 --> 00:38:22,799 I get it. 723 00:38:22,799 --> 00:38:23,309 It's the game. 724 00:38:23,529 --> 00:38:27,089 I am not cool when we cross the line between spying and sabotage. 725 00:38:27,379 --> 00:38:31,069 and the problem is that the wires, the digital infrastructure, the 726 00:38:31,069 --> 00:38:33,289 highway to do this is the same road. 727 00:38:33,659 --> 00:38:35,969 it's a matter of intentionality at that point. 728 00:38:35,969 --> 00:38:37,109 And that's that. 729 00:38:37,139 --> 00:38:38,339 how do you control for that? 730 00:38:38,524 --> 00:38:42,424 the problem with that mindset though, David, is that all intelligence is 731 00:38:42,424 --> 00:38:45,884 for the future purpose of potential sabotage you can't differentiate 732 00:38:45,884 --> 00:38:49,754 between the two because the whole idea of spying on another state, another 733 00:38:49,754 --> 00:38:53,114 individual, is that there may be a point down the road that I need to 734 00:38:53,114 --> 00:38:57,824 take action and I wanna be able to be, have the advantage to take that action. 735 00:38:57,824 --> 00:39:00,944 it's nice to think that, It's okay if we spy on each other as long as we just, 736 00:39:00,944 --> 00:39:05,164 catch these little secrets Really, at the end of the day, it's how do I ensure that 737 00:39:05,164 --> 00:39:10,589 my company, my group, my organization, my country, has the advantage? 738 00:39:12,334 --> 00:39:12,484 Yeah, no. 739 00:39:12,544 --> 00:39:12,784 Yeah. 740 00:39:12,784 --> 00:39:16,519 And we make a big thing about the, the fact that we have elections every four 741 00:39:16,519 --> 00:39:20,269 years and we can't plan, I'd be happy if our government was looking a year out. 742 00:39:20,689 --> 00:39:25,869 honestly, right now I'd be thrilled right now, if we went to that, we have to wrap 743 00:39:25,899 --> 00:39:28,829 unfortunately, because there's only so much I can edit this down, but there's 744 00:39:28,829 --> 00:39:30,269 only so much i, I can do in an hour. 745 00:39:30,479 --> 00:39:32,489 I think we're gonna end up with three episodes, because 746 00:39:32,489 --> 00:39:33,599 I think there's more to this. 747 00:39:33,839 --> 00:39:37,079 But I wanna leave our audience who's listening to this with at 748 00:39:37,079 --> 00:39:40,779 least some ideas of, we've gone into the air and we've talked about 749 00:39:40,839 --> 00:39:41,799 the groups that are out there. 750 00:39:41,799 --> 00:39:43,689 We've talked about some of the threats that are out there. 751 00:39:44,019 --> 00:39:45,609 If I'm a person running. 752 00:39:46,124 --> 00:39:51,584 A cybersecurity area right now, I know one of the things I should be doing, 753 00:39:51,584 --> 00:39:56,774 I should be watching who I'm hiring and as a contractor, because that 754 00:39:56,954 --> 00:40:00,104 I failed to believe that the North Koreans are the only people doing this. 755 00:40:00,104 --> 00:40:02,714 They're making money doing it, but I think everybody's doing it. 756 00:40:02,954 --> 00:40:07,094 And David put a, a great, uh, piece of advice out there for anyone. 757 00:40:07,304 --> 00:40:11,984 And that is if you can have a remote contractor and it's worth that to you and 758 00:40:11,984 --> 00:40:16,814 you have any information worth anything, you might wanna bring them in for their 759 00:40:16,814 --> 00:40:22,184 first week at least to meet with people and work side by side with people. 760 00:40:22,244 --> 00:40:26,654 And if they ask what this key does on the keyboard, you might 761 00:40:26,654 --> 00:40:28,304 not want to continue with them. 762 00:40:28,574 --> 00:40:32,084 Or if they have to make a phone call every time you ask a question, 763 00:40:32,294 --> 00:40:35,534 you might wanna say, maybe this person doesn't have these skills. 764 00:40:35,534 --> 00:40:36,434 And I'm being facetious. 765 00:40:36,644 --> 00:40:37,964 But I'm just saying get to know. 766 00:40:38,014 --> 00:40:40,204 we talk about know your client, know your employee. 767 00:40:41,129 --> 00:40:44,629 What are the other things from a cybersecurity point of view, that 768 00:40:44,719 --> 00:40:49,369 good intelligence thinking would do for us in protecting ourselves? 769 00:40:49,519 --> 00:40:52,219 I think one of the most important things is just paying more attention. 770 00:40:52,229 --> 00:40:55,349 The information that's coming at us is coming at us at a fire hose pace, 771 00:40:55,859 --> 00:40:59,009 and you've got to have individuals within your organization, whether 772 00:40:59,009 --> 00:41:02,729 you're a small, medium, or large corporation that's dealing with ip. 773 00:41:02,729 --> 00:41:07,139 You have to have somebody in there who can take the time to start pulling that apart. 774 00:41:07,139 --> 00:41:09,929 Because every vulnerability that is discovered in another 775 00:41:09,929 --> 00:41:13,529 company, is a vulnerability that your company itself might face. 776 00:41:14,039 --> 00:41:17,669 And what you want to do is you want to have people that can recognize 777 00:41:17,669 --> 00:41:19,439 that and then they can apply it. 778 00:41:19,469 --> 00:41:24,129 What, like for me, when I do my global intelligence knowledge, weekly wrap up, I 779 00:41:24,129 --> 00:41:28,759 go through, a week's worth of intelligence information that's open and I try to. 780 00:41:29,509 --> 00:41:32,479 Explain this to people that why does this affect your day-to-day? 781 00:41:32,479 --> 00:41:33,679 Why does it affect your career? 782 00:41:33,679 --> 00:41:35,639 Why does it accept your affect, your, safety? 783 00:41:35,639 --> 00:41:37,379 Why does it affect the sovereignty of your country? 784 00:41:38,009 --> 00:41:40,919 Because, states are like businesses. 785 00:41:41,069 --> 00:41:42,149 They have a business plan. 786 00:41:42,419 --> 00:41:43,829 Okay, we're gonna attack this way. 787 00:41:43,829 --> 00:41:45,119 We're gonna infiltrate this way. 788 00:41:45,119 --> 00:41:46,139 We're gonna do it this way. 789 00:41:46,169 --> 00:41:47,519 'cause that's what they're used to. 790 00:41:47,879 --> 00:41:48,809 It's human nature. 791 00:41:49,229 --> 00:41:52,889 And if you can become aware of that, you can build the defenses 792 00:41:52,889 --> 00:41:54,179 you need to counteract it. 793 00:41:55,754 --> 00:41:59,644 I would add from my side, first of all, to what Neil was saying, you 794 00:41:59,644 --> 00:42:03,904 may not believe in DPR K's interest in your business, but they sure do 795 00:42:03,904 --> 00:42:05,704 have an interest in your business. 796 00:42:05,704 --> 00:42:10,534 and no one from Washington or Ottawa is automatically magically waving a 797 00:42:10,684 --> 00:42:14,554 wand protecting you right now from all the nation state threats that exist. 798 00:42:14,584 --> 00:42:15,724 No one's doing that for you. 799 00:42:16,174 --> 00:42:18,484 You have to protect yourself. 800 00:42:18,484 --> 00:42:19,714 we are in a new era. 801 00:42:19,954 --> 00:42:24,274 It's more akin to the feudal era where, you know, those who are powerful 802 00:42:24,274 --> 00:42:26,884 governments, large corporations live in the castles and the rest 803 00:42:26,884 --> 00:42:29,944 of us surfs out in the village, getting rated by the Vikings. 804 00:42:29,974 --> 00:42:32,624 and, you've gotta build up your own defenses. 805 00:42:32,654 --> 00:42:33,734 That being said. 806 00:42:34,214 --> 00:42:38,294 I'm seeing greater willingness and greater interest from our intelligence agencies, 807 00:42:38,294 --> 00:42:40,214 not just in Canada, but also in the us. 808 00:42:40,214 --> 00:42:42,344 You've got, CISA for critical infrastructure. 809 00:42:42,344 --> 00:42:45,464 You've got the FBI, secret Service and others, there are 810 00:42:45,464 --> 00:42:47,144 folks who will pick up the phone. 811 00:42:47,254 --> 00:42:51,574 you see something weird happening in your rural water utility, your, 812 00:42:51,634 --> 00:42:54,304 telecommunications company, your hospital. 813 00:42:54,394 --> 00:42:58,024 There are people who care and want to know about this, and that's the only way 814 00:42:58,024 --> 00:43:02,074 we're gonna get a handle on it, is by people talking about it and sharing it. 815 00:43:02,294 --> 00:43:04,664 you're not bad because you get hacked by the Chinese. 816 00:43:04,664 --> 00:43:09,054 To Jim's point, like good luck offending yourself against a cyber army that's 817 00:43:09,054 --> 00:43:11,664 larger than most countries military. 818 00:43:11,944 --> 00:43:13,864 we gotta get better at working together. 819 00:43:13,894 --> 00:43:16,924 And I think we gotta have these conversations because, just 820 00:43:16,924 --> 00:43:20,074 to bring it all the way back, if you're dealing with cyber. 821 00:43:20,764 --> 00:43:24,574 You don't take the time to think about the motivations of why someone would 822 00:43:24,574 --> 00:43:27,934 attack you and how they're criminal groups, nation states, and others. 823 00:43:28,174 --> 00:43:30,454 You're not defending, you're just reacting. 824 00:43:30,554 --> 00:43:30,914 Great. 825 00:43:30,974 --> 00:43:34,454 and I wanna thank you, Neil, because I think sometimes I think about this when we 826 00:43:34,454 --> 00:43:38,234 put the podcast shows together, trying to get the information out there for people. 827 00:43:38,294 --> 00:43:40,784 And I sometimes wonder if we're admiring the problem. 828 00:43:40,959 --> 00:43:45,599 I honestly do, we talk about these things and I, my hope was that 829 00:43:45,659 --> 00:43:49,019 if it wasn't schadenfreude that this happened to somebody else and 830 00:43:49,019 --> 00:43:53,639 not you, it was this idea that, hey, this is happening out there. 831 00:43:53,879 --> 00:43:55,409 You might wanna start to think about it. 832 00:43:55,409 --> 00:43:56,969 'cause it may start you thinking about. 833 00:43:57,139 --> 00:43:58,759 How you protect yourself better. 834 00:43:58,819 --> 00:44:01,379 And I think that's, our legitimate interest. 835 00:44:01,489 --> 00:44:06,039 we try to also cover specific attacks when they're ones that people might 836 00:44:06,039 --> 00:44:09,429 have gone by them, but I think we all drink through a fire hose. 837 00:44:09,429 --> 00:44:11,319 And I'm gonna do a little bit of a commercial. 838 00:44:11,529 --> 00:44:14,019 Yours is called a Global Intelligence Podcast, Neil. 839 00:44:14,499 --> 00:44:16,479 Yeah, it's a Global Intelligence Weekly wrap up. 840 00:44:16,479 --> 00:44:20,529 So I do it every week, and I take information from around, the world on 841 00:44:20,529 --> 00:44:24,349 headlines because the same way that China's attacking the Philippines is 842 00:44:24,349 --> 00:44:28,099 also the same technique that they're going to try to do for other countries. 843 00:44:28,099 --> 00:44:31,099 So it's trying to get it out there to have people realize that, 844 00:44:32,099 --> 00:44:34,289 intelligence is a global business. 845 00:44:34,359 --> 00:44:38,379 it's good for you to be aware in Canada or in United States or in 846 00:44:38,379 --> 00:44:42,069 Europe, these techniques that are being done by the Russians, by the 847 00:44:42,069 --> 00:44:46,119 Chinese, by the Iranians, they're also happening in your own backyard. 848 00:44:46,119 --> 00:44:49,089 You might not be cognizant of it because it just hasn't hit the news 849 00:44:49,089 --> 00:44:50,689 yet, but you should be aware of it. 850 00:44:51,734 --> 00:44:54,024 So we'll put a link to Neil's, podcast. 851 00:44:54,024 --> 00:44:57,374 if you're listening to this show and you want to just keep up on these things, 852 00:44:57,564 --> 00:44:59,754 it's a really accessible podcast. 853 00:44:59,904 --> 00:45:03,774 And, if you're in the US it's gonna have more of a Canadian focus. 854 00:45:04,074 --> 00:45:06,294 Of course, if you're listening to this show and you're in the US you'd realize 855 00:45:06,294 --> 00:45:07,914 it has a bit of a Canadian focus anyway. 856 00:45:08,334 --> 00:45:13,074 But these are universal themes across, we have listeners across the globe 857 00:45:13,074 --> 00:45:14,634 who come in and tune in because 858 00:45:14,684 --> 00:45:17,894 there are no borders in cybersecurity, unfortunately. 859 00:45:18,494 --> 00:45:19,534 No, there're not, Yeah. 860 00:45:19,924 --> 00:45:20,914 thank you very much. 861 00:45:21,034 --> 00:45:23,594 My guest today has been, David Shipley. 862 00:45:23,594 --> 00:45:24,914 Of course, he is not really a guest. 863 00:45:24,914 --> 00:45:26,474 he'll be back with the news on Monday. 864 00:45:26,694 --> 00:45:30,704 Neil Bisson, who has the Global Intelligence Podcast, and a, and 865 00:45:30,704 --> 00:45:33,644 I'm getting, I'm botching the name, but you know what I'm talking about. 866 00:45:33,644 --> 00:45:36,984 There'll be a link, I call it the Global Intelligence Podcast when I'm watching it. 867 00:45:37,034 --> 00:45:37,424 good enough. 868 00:45:37,664 --> 00:45:39,014 thank you guys, appreciate it. 869 00:45:39,044 --> 00:45:42,324 And, we're on for another episode at least, and we're gonna talk 870 00:45:42,324 --> 00:45:47,264 about some of the things next week that Neil will bring to us as an 871 00:45:47,264 --> 00:45:53,024 intelligence officer and how those things contribute to, our psychological 872 00:45:53,024 --> 00:45:54,854 attacks and social engineering. 873 00:45:55,064 --> 00:45:58,124 And David will be back for that too, who's our resident social 874 00:45:58,244 --> 00:46:00,174 engineering, expert and phishing expert. 875 00:46:00,484 --> 00:46:01,594 so we're looking forward to that. 876 00:46:01,854 --> 00:46:02,814 we'll catch you next week. 877 00:46:02,814 --> 00:46:05,064 And David, you're back on the news on Monday morning. 878 00:46:05,184 --> 00:46:05,754 Thanks guys. 879 00:46:06,714 --> 00:46:07,104 Thanks. 880 00:46:07,569 --> 00:46:07,959 Awesome. 881 00:46:08,568 --> 00:46:11,688 And finally, once again, we'd like to thank Meter for their support 882 00:46:11,688 --> 00:46:13,128 in bringing you this podcast. 883 00:46:13,668 --> 00:46:17,748 , Meter delivers full stack networking infrastructure, wired, wireless, 884 00:46:17,748 --> 00:46:21,888 and cellular to leading enterprises and working with their partners. 885 00:46:22,248 --> 00:46:27,108 Meter designs, deploys and manages everything required to get performant, 886 00:46:27,288 --> 00:46:32,328 reliable and secure connectivity in a space they design the hardware. 887 00:46:32,703 --> 00:46:36,933 The firmware, build the software, manage deployments and run support. 888 00:46:37,477 --> 00:46:41,257 It's a single integrated solution that scales from branch offices, 889 00:46:41,257 --> 00:46:45,007 warehouses, and large campuses, all the way to data centers. 890 00:46:45,367 --> 00:46:50,077 You can book a demo at me.com/cst. 891 00:46:50,287 --> 00:46:56,197 That's METE r.com/cst. 892 00:46:57,187 --> 00:46:58,327 I'm your host, Jim Love. 893 00:46:59,317 --> 00:47:00,157 Thanks for listening.