CyberWire Daily - Pentagon’s cybersecurity roadmap.
Episode Date: March 29, 2024The Pentagon unveils its cybersecurity roadmap. A major Massachusetts health insurer reveals a massive data breach. Hot Topic reports credential stuffing. Cisco warns of password spraying targeting VP...Ns. The FS-ISAC highlights the risk of generative AI to financial institutions. The FEC considers efforts to combat deceptive artificial intelligence. A look at Thread Hijacking attacks. Guests Linda Gray Martin and Britta Glade from RSA Conference join us to discuss what's new and what to look forward to at this year’s big show. Plus my conversation with Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, with insights on their recent Notice of Proposed Rulemaking. And Baltimore’s tragic bridge collapse lays bare the degeneration of X-Twitter. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guests Linda Gray Martin, Senior Vice President for Operations, and Britta Glade, Vice President for Content and Curation, join us to discuss what's new and what to look forward to at RSA Conference 2024. This year’s theme is the Art of Possible. Also joining us is Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, sharing their CIRCIA Notice of Proposed Rulemaking. Selected Reading Pentagon lays out strategy to improve defense industrial base cybersecurity (The Record) Massachusetts Health Insurer Data Breach Impacts 2.8 Million (SecurityWeek) American fast-fashion firm Hot Topic hit by credential stuffing attacks (Security Affairs) Cisco Warns of Password Spraying Attacks Exploiting VPN Services (Cybersecurity News) AI abuse and misinformation campaigns threaten financial institutions (Help Net Security) Federal Elections Commission Considers Regulating AI (BankInfo Security) Thread Hijacking: Phishes That Prey on Your Curiosity (Krebs on Security) The slow death of X-Twitter is measured in disasters like the Baltimore bridge collapse (Vox) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. of you, I was concerned about my data being sold by data brokers. So I decided to try Delete.me.
I have to say, Delete.me is a game changer. Within days of signing up, they started removing my
personal information from hundreds of data brokers. I finally have peace of mind knowing
my data privacy is protected. Delete.me's team does all the work for you with detailed reports
so you know exactly what's been done. Take control of your data and keep your private life Thank you. JoinDeleteMe.com slash N2K and use promo code N2K at checkout.
The only way to get 20% off is to go to JoinDeleteMe.com slash N2K and enter code N2K at checkout.
That's JoinDeleteMe.com slash N2K, code N2K. The Pentagon unveils its cybersecurity roadmap.
A major Massachusetts health insurer reveals a massive data breach.
Hot Topic reports credential stuffing.
Cisco warns of password spraying targeting VPNs.
The FSISAC highlights the risk of generative AI
to financial institutions.
The Federal Elections Committee considers efforts
to combat deceptive artificial intelligence.
A look at threat hijacking attacks.
Our guests, Linda Gray-Martin and Britta Glade
from RSA Conference, join us to discuss what's new and what to look forward to at this year's big show.
Plus, my conversation with Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA,
with insights on their recent notice of proposed rulemaking.
And Baltimore's tragic bridge collapse lays bare the degeneration of ex-Twitter.
It's Friday, March 29th, 2024. I'm Dave Bittner, and this is your CyberWire Intel Briefing. theme. The Pentagon has unveiled its inaugural cybersecurity strategy to help shield its vast defense industrial base from cyber threats. This roadmap, spanning fiscal years 2024 through 27,
aims to bolster cybersecurity and the resilience of the supply chain, which includes hundreds of
thousands of entities working with the Pentagon. It sets out four main goals, such as adopting
best practices and includes objectives like recovery from cyber attacks. The strategy incorporates
the Cybersecurity Maturity Model certification program to enhance standards and ensure compliance
among contractors. This move comes in response to growing concerns over digital vulnerabilities
within the critical infrastructure of the supply chain, underscored by past breaches,
of the supply chain, underscored by past breaches, notably the 2009 hack into an F-35 joint strike fighter contractor by suspected Chinese hackers. With ongoing cyber intrusions, the Pentagon
emphasizes the constant threat from hackers and plans to develop detailed implementation
guidelines for defense industrial-based entities.
Point32 Health, Massachusetts' second-largest health insurer, has revealed that in April 2023,
they experienced a ransomware attack compromising the personal data of over 2.8 million people.
Detected on April 17, the breach targeted systems of the Harvard Pilgrim Healthcare brand, affecting members,
accounts, brokers, and providers from March 28th through April 17th of 2023. The leaked data includes sensitive information like social security numbers, medical histories, and financial details.
Despite the breach, there's no reported misuse of the stolen information.
Despite the breach, there's no reported misuse of the stolen information.
Initially reporting just over 2.5 million people affected,
Point32 Health has updated this number to 2.86 million and is offering free credit monitoring and identity protection services.
Formed in 2021 by merging with Tufts Health Plan,
Point32 Health also operates in Connecticut, Maine, and New Hampshire.
Hot Topic, a U.S. fast fashion retailer focused on counterculture clothing and licensed music,
reported credential stuffing attacks on its website and mobile app on November 18th and 19th
and November 25th of last year. The attacks used valid credentials from an unknown third party
to access Hot Topic Rewards accounts, aiming for account takeover and data theft. The company,
unable to confirm if the logins were unauthorized or legitimate, noticed use of customer account
credentials during the attack period. Potentially accessed data includes names, email addresses,
phone numbers, birth dates, mailing addresses, order history, and the last four digits of payment
card numbers for those with saved cards. Following the incident, Hot Topic strengthened its
cybersecurity measures and advised customers to change their passwords. Cisco has issued a warning about ongoing password spraying attacks targeting VPN services, including Cisco's own products and other third-party VPNs.
Password spraying is a tactic used by hackers to gain unauthorized access to multiple accounts by attempting common passwords across various user accounts.
common passwords across various user accounts.
This method is particularly effective against VPN services,
which provide remote access to internal networks,
making them prime targets for unauthorized entry.
Successful attacks can lead to access to sensitive information and further compromise within an organization's network.
The attacks have been noted to potentially cause
denial-of-service-like conditions
and are part of reconnaissance efforts.
Cisco recommends several protective measures such as enabling logging, securing VPN profiles, leveraging TCP shun, and using certificate-based authentication for remote access VPNs.
VPNs. The cybersecurity community recognizes that adversarial use of generative AI poses significant risks, particularly in crafting sophisticated phishing attacks. However,
more advanced threats include the potential for malware creation and the manipulation of large
language models used in generative AI training, leading to data exfiltration or injection of false data.
Experts from the FSISAC warn that such compromised outputs could seriously impact
financial institutions, risking legal, reputational, or operational fallout.
Additionally, the data sources for LLM training may inadvertently include sensitive or biased information,
threatening the trust financial firms hold with regulators and clients.
As cyber threats evolve, notably with the rise in DDoS attacks targeting the financial sector,
the industry has to adapt quickly. This includes addressing vulnerabilities from
zero-day exploits in the supply chain and preparing for the impact of quantum computing on cryptography. The FSISAC stresses the importance of global information
sharing, proactive cyber hygiene, and robust incident response strategies to maintain sector
integrity and trust amid these emerging challenges. The Federal Elections Commission is considering
leading efforts to combat deceptive artificial intelligence, including deepfakes, in political advertisements.
This follows a public petition and extensive feedback signaling potential amendments to its regulations to address deliberately misleading AI campaign ads.
ads. The FEC's current remit, focused on campaign finance, was highlighted by Commissioner Dara Lindenbaum, who noted the agency's narrow jurisdiction might limit its regulatory power
unless expanded by Congress. The push for regulation comes amidst concerns over AI's
unregulated status in the U.S. and the potential for its misuse in elections, underscored by incidents
like fake robocalls in New Hampshire's presidential primary. With bipartisan discussions underway,
there's momentum for changes that could significantly impact how AI is used in
federal campaigns, indicating a growing consensus on the need for oversight in this area.
consensus on the need for oversight in this area. Krebs on Security takes a look at thread hijacking attacks, where hackers compromise an email account to insert malicious links or
attachments into ongoing conversations. In a notable case, LancasterOnline.com's Brett Schultes
was targeted with phishing emails posing as Adam Kedan, a subject of his reporting with a
contentious history. The emails, simulating legitimate correspondence with attachments,
led to a fake Microsoft Office 365 login page designed to capture credentials. Schultes,
recognizing the threat, alerted his IT team, avoiding compromise. This incident, part of a broader
pattern for such cyber attacks, underscores the sophistication of phishing tactics that bypass
traditional warning signs by embedding malicious links or files in seemingly innocuous email
threads. Cybersecurity experts stress the importance of vigilance, advising against
clicking unsolicited links or attachments,
and verifying authenticity
through direct access to websites or services.
Coming up after the break,
Linda Gray-Martin and Britta Glade from RSA Conference
join us to discuss what's new and
what to look forward to at this year's big show. Plus my conversation with Eric Goldstein,
Executive Assistant Director for Cybersecurity at CISA. Stay with us.
Transat presents a couple trying to beat the winter blues.
We could try hot yoga.
Too sweaty.
We could go skating.
Too icy.
We could book a vacation.
Like somewhere hot.
Yeah, with pools.
And a spa.
And endless snacks.
Yes!
Yes!
Yes!
With savings of up to 40% on Transat South packages,
it's easy to say, so long to winter.
Visit Transat.com or contact your Marlin travel professional for details.
Conditions apply.
Air Transat. Travel moves us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security, but when
it comes to our GRC programs, we rely on point-in-time checks. But get this, more than 8,000
companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's
the gist. Vanta brings automation to evidence collection across 30 frameworks,
like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.
Because when executives are
compromised at home, your company is at risk. In fact, over one-third of new members discover
they've already been breached. Protect your executives and their families 24-7, 365,
with Black Cloak. Learn more at blackcloak.io.
Linda Gray-Martin is Senior Vice President for Operations at RSA Conference,
and Britta Glade is Vice President for Content and Curation at RSA Conference.
I recently caught up with them to discuss what's new and what to look forward to at RSA Conference 2024.
This year's theme is the art of the possible.
So this year's theme is the art of possible.
And it's really all about embracing the power of community.
That's honestly at its very heart.
By doing that, we can collectively embrace new ideas, expand our human network, and take the next great leap forward.
It's all about working together, you know,
and to thread the needle with last year's theme,
which was stronger together, you know,
embracing the power of this community,
which is incredibly special and incredibly strong,
it makes the impossible seem more possible.
So that's really what it's all about in a nutshell.
I don't know if you have anything to add, Britta.
Britta, the art of the possible sounds aspirational to me in a good way.
I mean, what does this say about where we find ourselves right now
as a cybersecurity community?
You bet.
I love how you're phrasing that, Dave,
because I think it does mean something
to everyone. It's a term that we've all used in our regular vernacular, everyday life. But as we
introspectively look at it as an industry, and we're right, gosh, early days, I was going to
say right on the edge, but we're in to AI. That alone, look at all of the changes that that's triggering. Look at the
opportunities it's triggering, the different conversations that are happening because of it.
That being one angle of the art of the possible with how we're looking at our industry,
how we engage, how we use technology, how we set up our teams, how we support one another.
It really is an exciting, important time for the cybersecurity community.
Well, let's dig into some of the content that folks can expect from this year's conference.
What sort of special things do you all have on the agenda?
Everything is special on the agenda, Dave. We have over 600 speakers who have put so much work into creating really educational, really engaging, really impactful sessions.
Those speakers as part of our track sessions, as part of learning labs, which are those interactive sessions that give people an opportunity to work with each other and work against projects.
We have Birds of a Feather.
We have our sandbox,
which is always popular, hands-on engagement. And then a very exciting keynote stage program,
which I'll let Linda touch on some of those highlights.
Linda?
Yeah, great. So thank you. So definitely a couple of new things on our keynote stage this year.
a couple of new things on our keynote stage this year. Most notably and very excitingly for us as a company, Hugh Thompson, the Executive Chairman of RSAC, is going to be presenting the
opening keynote on Monday, May 6th. So he's really going to be talking about the importance of
community as well as some trends that have been observed over the years and what we can expect
in the future. So that is definitely new for us. We will also be hearing from some of the industry leaders and
visionaries from our sponsors, as always. You know, some great, great people that are taking
our stage this year. A couple of other exciting new guest speakers to highlight. So Brian Cox,
the experimental physicist, as opposed from the actor in succession, is going to be talking about exploring the universe quantum bit by bit.
So I don't know if you've ever seen him speak, but he's absolutely fascinating and very entertaining.
And the people who have that kind of scientific knowledge really resonate well with our attendees.
So we're excited to welcome him. And then you may have also seen that on the Wednesday, we have Jason Sudeikis,
who is going to be chatting with Hugh on our keynote stage. So we are really thrilled to have
him. As you know, he is an award-winning actor and comedian, and also the creator and writer of Ted Lasso,
which we know has put smiles on the face of millions of people around the world in recent years.
So, yeah, some really exciting guest speakers for us this year.
And I know you've got a host of them as well, Britta, on the South Stage.
We have two separate keynote stages.
So there's opportunities throughout the arc of RSA conference to engage in a south
stage setting. So we have a great AI panel that will be looking at AI safety, super important
topic, as well as another panel that's been put together by IAPP looking at AI governance.
So again, AI very much thematically shows up across all of conference.
You'll probably be hard pressed to find a session
where there's not a mention of AI, right?
And then some super important and interesting sessions
from government folks as well.
It's interesting time with policies being created,
with strategies being announced and such.
And I think our attendees will really benefit from
the perspectives that will be shared by those folks as well.
You know, Linda, going to the main stage that you were talking about there, I think one of the
things that I enjoy is this idea of kind of popping the bubble a little bit, you know, of having folks come in who are from the outside,
but can still offer interesting perspectives that, you know, aren't just in our own little
echo chamber here. You know, someone like Brian Cox, certainly a notable thinker in the world,
to be able to have those perspectives shared and have him tune his talk to his audience,
have those perspectives shared and have him tune his talk to his audience, but also be from an outsider. I think that's really a valuable opportunity for folks who are attending.
Yeah, that's great to hear. And you've absolutely hit the nail on the head. That's exactly
what we're trying to achieve by having some of these notable guest speakers, because there is
a link to what people do. It's in our world,
as it were, but I think you're absolutely right. I think it's good for people to experience
something a little bit different just to make us all think differently and embrace different
perspectives. So yeah, I appreciate you feeling that way because it's exactly what we're trying
to do with the keynote program.
I want to make sure that we touch on the experience for folks who,
for them, perhaps it's their first time at the RSA conference here.
What are the essential tips here for folks to get the most out of their experience if they're a newbie here at the show? We love our first-time attendees at RSA Conference,
and we think very hard about how do we create an experience that's amazing. We talk about
surprise and delight often with our team that's planning this, and there are many surprise and
delight experiences for first-time attendees. Starting Sunday evening. We have a first-timers reception that'll be super fun.
It's held at a place called Spin.
Imagine your parents' basement grown up in the 80s
with that ping pong table and comfy couches
and lots of fun and friends around.
And that is what that experience is.
And those friends are our Loyalty Plus attendees.
The folks who've been to RSA
Conference five times or more. So there's great opportunity right at the beginning of the week
to get to know some new people, start some conversations that you'll continue to have
through the week. And then sessions throughout the week that cater to both the first-timers as well as experienced RSA conference veterans,
we would recommend taking a look at the agenda carefully. There's many, many sessions,
over 300 track sessions and many interactive sessions as well. So you're going to need to
think carefully about how you're spending your week. Go in, reserve a seat for sessions that are of
interest to you. That means we're planning on you. If somehow you don't reserve your seat,
don't worry about it. You'll be standing in the standby line. But if there's something that
matters a lot, be sure to build that into your schedule. Wear comfortable shoes, hydrate well,
and don't miss out on the opportunity to have conversations and engage with all of the
amazing people that are part of the community. Yeah, that's perfect, Britta. And then just one
thing I wanted to add is that we are having a Know Before You Go webcast the week before
the conference where we just offer more kind of logistical tips and tricks to people who might
not have been to the conference before and actually several people tend to have. So the team jumps onto that and just shares the knowledge that
we've gleaned over the years. All right. Well, once again, the theme for 2024 is the art of
possible from RSA Conference. We've got Linda Gray-Martin and Britta Glade. Ladies, thank you
so much for joining us.
And it is always my pleasure to welcome back to the show, Eric Goldstein. He is Executive
Assistant Director for Cybersecurity at CISA. Eric, welcome back.
Thanks so much, David. It's great to be back on.
I want to touch today on some recent, well, I guess a call for some rulemaking that you
and your associates have put out.
Absolutely, Dave. You know, as many in the community are well aware, Congress gave CISA the authority last year to establish a new requirement for entities who are critical infrastructure to report their cyber incidents to CISA.
And so for a number of months, we've been hard at work getting input from the community on what exactly this rule should look like. We just recently published what is called the Notice of Proposed Rulemaking for public comment.
And so beginning on April 4th, members of the community will have a chance to offer their views on the rule,
how we define the entities who will be required to report, how we define the incidents that are reportable.
to report, how we define the incidents that are reportable. And our hope is through this process will further benefit from insights from entities across sectors, large and small, to ensure that
the final rule gets us the information that we need to support the community's broader cybersecurity.
Can you take us through what that process looks like behind the scenes? I mean,
how do you all integrate the comments that you get from the interested parties
here? Absolutely. You know, as part of the rulemaking, you know, we are asking some fairly
specific questions for input from the community. Questions like who should be required to report,
what should be reported, what kind of incidents and what details about each incident. And then we review every single comment that comes in
because we're aware that the point of this incident reporting authority
isn't actually at its core to help CISA or to help the government.
It is to help organizations across the country.
It's to help us provide assistance more effectively.
It's to help us share information that can help
organizations defend against the most urgent threats. And it's to help us actually understand
trends in cybersecurity risk that can help us drive adoption of the mitigations that really
work against the risks that we're seeing in the real world. Well, if we capture this point in time
of what it looks like today, what is this reporting process going to look like for folks who would fall under its auspices?
You know, we know today that the vast majority of cyber incidents are simply never reported.
And that creates some really significant gaps, not just for CISA and the government, but really for every organization trying to defend their enterprise. Because if we don't know what adversaries are doing and how they are doing it,
that makes it that much harder to defend against it
and to drive investments in those controls that we know actually work.
And so when this rulemaking goes into effect in 2025,
we're for the first time going to have this rich source of data
that we can then use and share to actually help organizations defend their enterprises that much more effectively.
And I suppose we should say that although this is on a timeline towards 2025, CISA is looking to get information on voluntary reporting of cyber incidents from folks out in the industry today?
That's a great point, Dave.
This authority is no substitute for voluntary reporting,
and that's the case in two key ways.
First of all, even when this rulemaking goes into full effect,
it is not going to cover every organization in the country.
And we still want to make sure
that we are hearing about cyber incidents
affecting any organization voluntarily so that we can offer assistance and share
information more broadly. But also, we know that incident reporting is only the first step.
Incident reporting opens the door to a deeper and richer collaboration to help organizations
detect, evict, recover, and to glean the detailed information that we need to help organizations detect a VIPT recover and to glean the detailed information that we need
to help enterprises defend more effectively.
And so although incident reporting
is going to give us information that we sorely lack today,
we still need that deeper post-incident collaboration
to really drive the change we see.
What do you say to folks who are hesitant about engaging here?
I mean, I can imagine there are folks out in our audience who are thinking,
you know, I'm in the middle of a cyber incident.
The last thing I need is a government agency getting all up in my business.
We think that the opposite is really true.
You know, CISA and our partners are really unique in that our only goal is to help victims
and to help other organizations to not become victims.
And so we are not a regulator,
we are not an enforcement agency,
and far from getting in the business of a victim,
our goal is to figure out where the victim needs help
in their response, in their recovery,
and then glean information that we can share
on an anonymized basis to help other organizations
from being similarly affected.
Our core point here is, you know,
if you are not a victim of a cyber incident today,
you very well may be one tomorrow.
And we all have a shared interest in making sure
that when incidents do occur,
information about them is shared widely and broadly
to limit the reach of our adversaries
and limit their ability to exclude intrusion on other victims.
Well, the notice of proposed rulemaking is available now. It's been up for a few days here
at federalregister.gov. Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA,
thanks so much for joining us.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted
by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total
control, stopping unauthorized applications, securing sensitive data, and ensuring your
organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a feel-good moment into a feel-great moment.
Students, get $100 when you open a no-monthly fee RBC
Advantage Banking account, and we'll give another
$100 to a charity of your choice.
This great perk and more, only at RBC.
Visit rbc.com slash get100
give100. Conditions apply.
Ends January 31st, 2025. Complete offer
eligibility criteria by March 31st,
2025. Choose one of five
eligible charities, up to $500,000 in total contributions.
And finally, the conversation around this week's Baltimore Bridge collapse on ex-Twitter
quickly degenerated into a quagmire of conspiracy theories and misinformation,
highlighting the platform's declining reliability as a source of accurate news.
In the aftermath of the tragedy, the same figures who have historically spread conspiracy theories
about mass shootings and the COVID-19 pandemic used the incident to propagate baseless claims,
pandemic used the incident to propagate baseless claims, including attributing the collapse to DEI policies and launching racist attacks against Baltimore's leadership. The scenario echoed past
remarks by former President Trump, underscoring how swiftly unverified and provocative content
can drown out factual information online. The incident underscored the shifting landscape of social media,
where ex-Twitter, once a hub for real-time news,
has increasingly become a source of misinformation.
With changes under its new ownership and the advent of generative AI tools,
the platform has facilitated the spread of misleading narratives more efficiently than ever.
For Baltimore's residents and journalists, this shift hit close to home,
turning a local disaster into the latest target for online disinformation campaigns.
As the city grappled with the real-world consequences of the bridge collapse,
the discourse on ex-Twitter served as a painful reminder of the platform's role in amplifying harmful misinformation. For those of us on the ground in Baltimore, the focus remained on addressing
the community's needs and looking forward to a time when the current wave of online disinformation
would pass. I have to say that I'm left scratching my head at the number of highly respected and
influential people in InfoSec who are still
using ex-Twitter as their primary social media platform. I get it. You built a following,
and that's hard to walk away from. But at what cost? Why support a platform that has so clearly
lost its utility and lost its way? Anyway, if you need me, I'll be right over here
checking my Mastodon feed.
And that's the Cyber Wire.
For links to all of today's stories,
check out our daily briefing at thecyberwire.com.
Be sure to check out this weekend's Research Saturday
and my conversation with Elad,
a senior security researcher from Psycode. Their research is titled,
Psycode discovers a supply chain vulnerability in Basel. That's Research Saturday. Check it out.
We'd love to know what you think of this podcast. You can email us at cyberwire at n2k.com.
N2K Strategic Workforce Intelligence optimizes the value of
your biggest investment, your people. We make you smarter about your team while making your team
smarter. Learn more at n2k.com. This episode was produced by Liz Stokes. Our mixer is Trey Hester
with original music by Elliot Peltzman. Our executive producers are Jennifer Iben and Brandon Thanks for listening.
We'll see you back here next week. Thank you. needs AI solutions that are not only ambitious, but also practical and adaptable. That's where
Domo's AI and data products platform comes in. With Domo, you can channel AI and data into
innovative uses that deliver measurable impact. Secure AI agents connect, prepare, and automate
your data workflows, helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com.
That's ai.domo.com.