CyberWire Daily - Rethinking recalls.
Episode Date: June 10, 2024Microsoft makes Recall opt-in. The Senate holds hearings on federal cybersecurity standards. Snowflake’s scrutiny snowballs. New York Times source code is leaked online. Ransomware leads to British ...hospitals' desperate need for blood donors. Cisco Talos finds 15 serious vulnerabilities in PLCs. Sticky Werewolf targets Russia and Belarus. Frontier Communications warns 750,000 customers of a data breach. Chinese nationals get prison time in Zambia for cybercrimes. N2K’s CSO Rick Howard speaks with Danielle Ruderman, Security GTM Leader, AWS about what keeps CISOs up at night. DIY cell towers can land you in hot water. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K’s CSO Rick Howard speaks with Danielle Ruderman, Security GTM Leader, AWS about what keeps CISOs up at night and learnings from AWS CISO Circles. Today, our team is at the AWS re:Inforce this week. Stay tuned for our coverage. Selected Reading Windows won’t take screenshots of everything you do after all — unless you opt in (The Verge) US Senate Committee holds hearing on harmonizing federal cybersecurity standards to address business challenges (Industrial Cyber) What Snowflake isn't saying about its customer data breaches (TechCrunch) New York Times source code stolen using exposed GitHub token (Bleeping Computer) London Hospitals Seek Biologics Backup After Ransomware Hit (GovInfo Security) Cisco Finds 15 Vulnerabilities in AutomationDirect PLCs (SecurityWeek) Sticky Werewolf targets the aviation industry in Russia and Belarus (Security Affairs) Frontier warns 750,000 of a data breach after extortion threats (Bleeping Computer) 22 Chinese Nationals Sentenced to Long Prison Terms in Zambia for Multinational Cybercrimes (SecurityWeek) Two arrested in UK over fake cell tower smishing campaign (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. of you, I was concerned about my data being sold by data brokers. So I decided to try Delete.me.
I have to say, Delete.me is a game changer. Within days of signing up, they started removing my
personal information from hundreds of data brokers. I finally have peace of mind knowing
my data privacy is protected. Delete.me's team does all the work for you with detailed reports
so you know exactly what's been done. Take control of your data and keep your private life Thank you. JoinDeleteMe.com slash N2K and use promo code N2K at checkout.
The only way to get 20% off is to go to JoinDeleteMe.com slash N2K and enter code N2K at checkout.
That's JoinDeleteMe.com slash N2K, code N2K. Microsoft makes recall opt-in.
The Senate holds hearings on federal cybersecurity standards.
Snowflakes scrutiny snowballs.
The New York Times source code is leaked online.
Ransomware leads to British hospitals' desperate need for blood donors.
Cisco Talos finds 15 serious vulnerabilities in PLCs.
Sticky werewolf targets Russia and Belarus.
Frontier Communications warns 750,000 customers of a data breach.
Chinese nationals get prison time in Zambia for cybercrimes. And 2K's CSO Rick Howard speaks with Danielle Ruderman,
security GTM leader at AWS, about what keeps CISOs up at night.
And DIY cell towers can land you in hot water.
It's Monday, June 10th, 2024.
I'm Dave Bittner, and this is your CyberWire Intel Briefing. Thank you for joining us here today.
It is great to have you with us.
Microsoft announced significant changes to its recall feature after receiving criticism from cybersecurity and privacy communities.
Recall, which captures screenshots of users' activity
every five seconds for analysis,
will now be opt-in instead of default
on Copilot Plus-compatible Windows versions.
This change aims to give users more control over their data.
Havan Davaluri, Microsoft's corporate VP for Windows and devices,
stated in a blog post that the setup experience for Copilot Plus PCs will now clearly allow users to choose whether to enable recall.
If not chosen, it will remain off.
Experts have criticized recall as potential spyware, as it could silently store sensitive information like bank logins and passwords.
While this data is stored locally and not uploaded to the cloud, it could still be accessed
by hackers gaining temporary access to the device.
To address security concerns, Microsoft will also introduce measures to better protect
recall data.
Users will need to authenticate via Microsoft Hello
using a PIN or biometric check to enable or access recall.
This data will remain encrypted until the user authenticates.
Despite these changes, privacy issues remain.
Users who enable recall may still be vulnerable to domestic abusers
demanding PINs or legal actions that
compel them to hand over their data. And in full disclosure, we state that Microsoft is a Cyberwire
partner. We need effective regulations on cybersecurity, no question about that. But we
need them to be efficient, adaptable, and coordinated all across different agencies.
Harmonization and harmonizing these guidelines will make our government more efficient, adaptable, and coordinated all across different agencies. Harmonization and harmonizing these guidelines will make our government more efficient, help businesses compete on the global
stage, and ensure that we're addressing cybersecurity threats in the most effective way.
And that's why I'm working on legislation to establish a harmonization committee
at ONCD that would require all agencies and regulators to come
together, talk about cybersecurity regulations, and work on harmonization. That's Senator Gary
Peters, a Michigan Democrat and chair of the Homeland Security and Governmental Affairs
Committee. He held a hearing last Friday to address federal cybersecurity standards and the challenges businesses face in meeting them.
The hearing emphasized the need for Congress to pass legislation
for a cohesive approach to cybersecurity regulations.
Nicholas Leiserson from the Office of the National Cyber Director
and David Hinchman from the Government Accountability Office
discussed the difficulties in harmonizing
these standards and their impact on businesses. Witnesses highlighted the burdens of multiple
cybersecurity standards and the need for streamlined regulations. Senator Peters advocated
for a harmonization committee to coordinate efforts. Lyserson pointed out that the National
Cybersecurity Strategy and National Security
Memorandum prioritize regulatory harmonization. The ONCD is developing a reciprocity framework
for cybersecurity standards to reduce duplication and improve efficiency. Congress's role in
enacting this legislation is crucial for a unified response to cyber threats.
in enacting this legislation is crucial for a unified response to cyber threats.
Cloud provider Snowflake is facing increasing scrutiny following a series of customer data thefts. Initially linked to Ticketmaster's breach, now LendingTree's subsidiary QuoteWizard
also confirmed data was stolen from Snowflake. Snowflake attributed these breaches to customers not using multi-factor authentication,
which it does not enforce by default.
Snowflake acknowledged a former employee's demo account was compromised due to single-factor authentication.
Despite notifying affected customers,
Snowflake has not disclosed the number of impacted clients,
though it has over 9,800 customers.
Critics argue Snowflake should enforce MFA and reset passwords proactively.
The company says they plan to require advanced security controls like MFA in the future, but has not provided a specific timeline.
a specific timeline.
Internal source code and data from the New York Times were leaked on the 4chan message board after being stolen from GitHub repositories in January of this year.
An anonymous user posted a torrent of a 273-gigabyte archive containing the stolen data, which
includes source code, IT documentation, and infrastructure tools. The leak was discovered
by VX Underground and confirmed by The Times to Bleeping Computer. The breach occurred due to
exposed credentials for a third-party code platform. The Times stated there was no unauthorized access
to its internal systems or impact on operations. This incident follows another leak
on 4chan of Disney's internal documents, though it's unclear if the same person is responsible
for both breaches. A ransomware attack on British pathology services vendor Synovus
has disrupted blood matching in multiple London hospitals. The National Health Service urgently seeks O-positive
and O-negative blood donors to address this issue. This June 3 attack has delayed surgeries,
organ transplants, and other procedures, as hospitals cannot match patients' blood types
as usual. In response, the NHS plans to use O-type blood universally for safety.
They aim to fill 13,000 O-type blood donor slots immediately, with 3,400 needed in London.
The attack, linked to Russian-speaking ransomware groups, has been described as a highly impactful cyber incident.
The NHS cybersecurity team is still assessing the full extent of the attack.
Cisco's Talos unit found 15 vulnerabilities in Automation Direct's productivity series PLCs,
classified as high or critical severity. These flaws can enable remote code execution or denial
of service attacks, risking costly industrial disruptions.
Although typically not exposed to the internet, about 50 of these devices might be online,
as shown by a Shodan search. Automation Direct released updates and recommendations to address
these issues. CISA informed organizations of these vulnerabilities in late May.
CISA informed organizations of these vulnerabilities in late May.
Researchers from Morphosec observed the threat actor Sticky Werewolf targeting entities in Russia and Belarus,
including public organizations, a pharmaceutical company, and a microbiology research institute.
Initially detected in April of 2023, Sticky Werewolf recently targeted the aviation industry with emails supposedly from A.O. OKB Kristall's deputy director.
In this campaign, they used phishing emails with archive attachments containing LNK files pointing to a WebDAV server.
Once executed, these files run a batch script, leading to an auto-IT script that injects the final payload. The malware used includes Radamanthi's Stealer and OzoneRat,
facilitating espionage and data exfiltration. Although the group's origin is uncertain,
there are possible links to pro-Ukrainian cyber espionage activities.
there are possible links to pro-Ukrainian cyber espionage activities.
Frontier Communications is warning 750,000 customers of a data breach following an April cyber attack by the Ransomhub ransomware group.
The breach exposed personal information, including full names and social security numbers,
but not financial information.
The company has informed regulatory
authorities and implemented additional security measures. Affected customers are advised to enroll
in free credit monitoring and identity theft services provided by Kroll. Ransom Hub has
threatened to leak five gigabytes of stolen data if Frontier does not respond by June 14th.
if Frontier does not respond by June 14th.
A Zambian court sentenced 22 Chinese nationals to prison terms ranging from 7 to 11 years for cybercrimes,
including internet fraud and online scams targeting Zambians
and individuals from Singapore, Peru, and the UAE.
They were also fined between $1,500 and $3,000. A Cameroonian
was similarly sentenced. The group was part of a 77-member syndicate arrested in April for a
sophisticated internet fraud scheme. Authorities seized over 13,000 SIM cards, firearms, and ammunition from the Chinese-run Golden Top Support Services
in Lusaka. Syndicate employed unsuspected Zambians to conduct deceptive conversations
using various platforms.
Coming up after the break, N2K's CSO Rick Howard speaks with Danielle Ruderman,
security GTM leader at AWS, about what keeps CISOs up at night.
Stay with us. Transat presents a couple trying to beat the winter blues.
We could try hot yoga.
Too sweaty.
We could go skating.
Too icy.
We could book a vacation.
Like somewhere hot.
Yeah, with pools.
And a spa.
And endless snacks.
Yes!
Yes!
Yes!
With savings of up to 40% on Transat South packages,
it's easy to say, so long to winter.
Visit Transat.com or contact your Marlin travel professional for details.
Conditions apply.
Air Transat. Travel moves us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility
is critical for security,
but when it comes to our GRC programs,
we rely on point-in-time checks.
But get this.
More than 8,000 companies
like Atlassian and Quora
have continuous visibility
into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection
across 30 frameworks,
like SOC 2 and ISO 27001.
They also centralize key workflows
like policies, access reviews, and reporting,
and helps you get security questionnaires done
five times faster with AI.
Now that's a new way to GRC. Get $1,000 off Vanta when you go to
vanta.com slash cyber. That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk. In fact,
over one-third of new members discover they've already been breached. Protect your executives and their families 24-7, 365, with Black Cloak. Learn more at blackcloak.io.
N2K's CSO Rick Howard speaks with Danielle Ruderman, security GTM leader at AWS, about what keeps CISOs up at night.
For those that don't know, N2K CyberWire is an Amazon Web Services media partner. And in June 2024, Jen Iben, the CyberWire's executive producer, and I traveled to the city of brotherly love,
the birthplace of the American Declaration of Independence and the U.S. Constitution,
and the home of the Philly cheesesteak, the Eagles, and Rocky Balboa.
That's right, the great American city, Philadelphia,
to attend their AWS Reinforce Conference
and talk with senior leaders about the latest developments in securing the Amazon Cloud.
My name is Danielle Ruderman.
I'm a senior manager with the Worldwide Security Specialist Organization,
and I'm at Amazon Web Services, and I've been there for over
seven years.
So, Danielle, we are here today because you're gearing up for the annual AWS Reinforce conference
this year hosted in Philadelphia from 10 to 12 June.
AWS Reinforce is a security-themed conference as opposed to AWS Reinvent, which is a learning
conference hosted for the global cloud computing community.
So what's the purpose of AWS reInforce?
Well, I'm glad you asked about the purpose for AWS reInforce.
So what's interesting is that I was actually on the ground floor
when reInforce was started.
And it's a great story because this really came out of a need
and a desire from the security community.
So that's
where the idea came from. So our partners were very interested in getting together to really
focus on security, identity, and compliance. And our customers are very interested in this. And we
actually had a groundswell of interest before it even became an item at AWS. And then marketing
saw that strong interest and they're like, all right, let's do it. And so we were the second paid conference at AWS, which is pretty exciting.
So you're the brain behind the AWS CISO Circles program. Okay. I love the idea of that. Can you
give us a rundown on what that program is? Absolutely. The AWS CISO Circle program is
actually a really good example of the way Amazon works and how we're always working backwards from the customers.
And so we had a lot of interest from customers and our AWS security teams over the years to try to bring together the CISOs and our customers, bring them together to have these kind of conversations behind closed doors.
And given that signal that we were hearing from the field, I actually wrote a document.
So again, very Amazonian way to approach a challenge
is to write a document, right?
And then I worked with our global executive marketing team.
I worked with AWS security office at the CISO
and we all came together and workshopped this document
and that resulted in our very first CISO circle.
Actually during the pandemic in November of 2020
with Steve Schmidt, who was then the CISO of AWS. So it was all virtual in the beginning, but we
brought together just a mixed group of CISOs, and it was fantastic. And then that grew into what
today is the CISO Circle program, which is in over 20 countries. And I think what's unique about this
program is that it's really a chance for us to bring together our customer CISOs so that they can learn from each other and hear from AWS under NDA and under Chatham House rule, which, as you probably know, means that people can use the information that they hear in the CISO circle just without attribution.
So you're not going to attribute it to a particular company or particular individual.
And so the nice thing about this is that security professionals, I don't think always have that opportunity to really speak candidly. And we've really created
that forum. And our AWS security executives, our service team leaders have been very open and love
coming to these events. Because again, it's that chance to hear really candid feedback and talk
about items like what's really going on in the CISOs world, what's going on with our roadmaps,
and really a chance for us
to share and be better at working together. One of the things you discovered in that work is that
CISOs from different sectors find solutions to common problems. And that aligns quite nicely
with my own thinking that regardless of the size of the organization and regardless of the vertical,
there are some first principle strategies that we all should be pursuing. The tactics we use to pursue those might be different because of our size and our vertical,
but the goals should be the same. Is that what you think about that too? Is that what you mean
by all that? You're absolutely correct. So most of our circles are cross-industry, so it brings
together CISOs from different backgrounds and different experiences. We do have a few that
are industry-specific because there are times when it's helpful to hear from people in your industry.
But for a large part, our CISOs do enjoy coming together and hearing from people with different backgrounds.
Because like you say, the fundamentals in security are the same.
It's just how you apply it in your different environments.
And we've even seen, I talked to a CISO from a pharmaceutical company who said that the best lesson she had was from a CISO from the auto industry who talked to her about how they manage their supply chain and their production line and how they secure it. And she said she was able to take that conversation and apply that to her pharmaceutical work.
And she said she never would have thought to do that, to approach an auto CISO, but that meeting and that coming together gave her the
opportunity to have those conversations. And that's what we're seeing. And that's really where the
magic happens, right? When you realize that you can look across industry for ways to help raise
your own security posture. I had one of those things happen to me too. I was going to a dinner
with a bunch of security professionals and the woman in charge of the ESPN technology stack,
professionals in the woman in charge of the ESPN technology stack. Her team was the one that figured out how to do the NFL games. You know, here's where the first down line is, how it's
superimposed on, right? Right. And we were talking to her about, you know, we were all saying, well,
your team must be geniuses. You know, it must be really high-end technical engineers. She goes,
well, no, not really. I have a diverse set of people. And the smartest
person on my team is a Russian literature manager, right? And so I took from that, getting in with
that group of CISOs, right, that I need to readjust who I think could be good for my team. So that's
what you're talking about with these CISO circles, right? Getting different ideas. Definitely. So a
mix of experiences and backgrounds is really
critical to sharing ideas. And I think that's what's really unique is when a problem that you
never considered an answer to, it's right there in the room in front of you. And we've had customers
who have been exchanging emails when they're in the CISO circle together because they're like,
okay, I need to learn from you. I need to take something away from this. And that's what we're
here to do, right?
We're really here to help the customers
who are all using AWS be better together.
So since we're talking about diversity,
while I have you here, okay,
I know that one of your passion projects
is diversity in the workspace,
specifically diversity with women.
And I've been doing this for a long time.
And my peers and I have known about the problem
of building diversified teams for well over a decade.
And it isn't like we haven't tried, but it feels to me like we haven't made a lot of progress here.
And I'm wondering if you have any good news on that front.
Can you point me in the right direction?
Yes.
So I know what we do is we're looking at what are the challenges that we have with hiring more diverse candidates.
And there's a couple things that we've done.
One is to take a look at your job descriptions.
And that's the best advice I have.
Like, read your job description.
Get some diverse folks to read the job description for you and see if there's any words that might be a little off-putting to people from different backgrounds.
I think we found, right, sometimes superlatives, like you put something in there like you want a rock star.
If it feels like a very aggressive word, that might be a little off-putting to some people. So really scrub your job descriptions because that's the first interaction that a
candidate is going to have with your organization. The other thing is to think about calibrating your
interviewers, right? Do you have diverse interviewers? You've got to think about that as
well so the candidate feels comfortable expressing all aspects of themselves. And are they calibrated to interview diverse candidates?
There's two things that I've noticed in the interviews. Number one is sometimes people
from certain countries or sometimes women will use the word we when it's really I did a thing.
And if you don't stop to ask the candidate about that, you can walk away as the interviewer with the impression that the candidate never owned or did anything on their own.
But I always tell interviewers, like, did you ask the question?
Okay, you said we in this case.
What part were you responsible for?
And what part was the rest of the team responsible for?
And sometimes you'll find that they were responsible for all of it, but it felt arrogant for them to say that out loud.
And that's, like I said, cultural or gender. So that's a really important one to think about. One of the things
I hear you saying in the background there is that I think most of us feel like when we're trying to
hire somebody, we're the ones that are trying to find the perfect fit for the team. But what you
were describing, some of those things you recommended for everybody was that you're trying to convince them, the potential employee, to come on board and not put them off. And so you should think
about those kinds of things when you're doing those interviews, going through the interview
process. Right. And think about the kind of questions that you're asking to make sure that
you're thinking about that diversity and the candidate experience. Some of our new questions
from like our Earth's Best Employer, like that's some of our new questions from like our Earth's
best employer, like that's one of our new leadership principles. We specifically ask
questions like, tell us about a time where you've helped someone who had, you know, less authority
or less power than you. Like, what are you doing to lift other people up? And we really want to
look for those things. And that gives people who have that lens and real opportunity to shine.
As we've noted here at N2K Cyber Wire, you can't really
talk about cybersecurity these days without mentioning generative AI. I think it's an actual
law here in Maryland. And of course, the AWS Reinforce Conference is going to have a lot to say
on the subject. That's really been the number one interest from our CISOs around the world.
We do take surveys at all of the events that we do, and starting probably Q2 last year, generative AI popped up as everybody's top concern.
And so this has been a number one talk of a conversation in our CISO circles, primarily
how they can help be that business enabler. How can they help the business use generative AI
to really stand out in the marketplace? So I've seen two versions of that.
One, use generative AI to help configure your system better as opposed to using generative AI
to help your customers do things with your services.
There's a difference between using generative AI
to make you better at running the tools that you have
and then comparing that to maybe the
data that we collect because of the service we provide might be able to help our own customers.
And so are CISOs asking about both of those things? Yes, absolutely. The number one question
AWS is getting from customers is how to implement AI in their business securely. So that's their
biggest concern. They're being asked by the board of directors, hey, what's our AI strategy? And
this is a great opportunity for the CISOs to step up and be the ones who are helping craft that strategy and
really being a true advisor to the business. And then, yes, as you said, the other thing is, hey,
how are we as a business using these AI tools to help secure our own organizations? So there are
multiple lenses on this question. And when we have these conversations in circles, we do clarify,
like, all right, let's take some time and talk specifically about how you're implementing AI for your business.
How are you working with the board of directors?
How are you working with your peer executives?
How are you unblocking AI so that your developers can be more efficient?
And then, okay, now we can shift to some of these other topics, right?
Because otherwise the conversation can go all over the place.
The conference is AWS Reinforce, hosted in Philadelphia this year
from 10 to 12 June.
Danielle, thanks for coming on the show
and telling us about it.
Thank you.
And I really hope anyone listening to this
joins us in Philadelphia.
We are running a CISO Circle that Monday
on June 10th.
We've got a great lineup.
We'll be talking about generative AI and security,
how to talk to your CFO,
doing some other neat exercises.
So hope to see everybody there.
Excellent. Okay. I'm going to be there, so I'm going to put that on my list.
Fantastic. That's our own Rick Howard speaking with Danielle Ruderman from AWS.
Rick and the N2K team are at AWS's Reinforce event happening this week.
Stay tuned later in the week for their reports.
Cyber threats are evolving every second,
and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications,
securing sensitive data, and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant.
And finally, British police nabbed two individuals for operating homemade DIY cell towers used to send phishing texts.
These text message blasters cleverly dodged network anti-smishing controls,
spamming thousands with fake messages posing as banks and other official entities.
British law enforcement authorities noted the increasing cunning of cybercriminals,
reminding everyone that legitimate organizations won't ask for personal information via text.
To counter this, UK networks have a handy scheme, asking users to forward suspicious texts to them for analysis and
potential blocking. Hoyong Joo, age 32, was arrested and faces fraud charges, while another
unnamed individual was arrested in Manchester. Authorities, including Ofcom and the NCSC,
are investigating, but details are sparse due to the sensitive nature
of the tactics involved.
It's suspected that these devices
could be IMSI catchers,
popularly known as stingrays,
sometimes used by law enforcement
for intercepting communications
by spoofing legitimate cell towers.
There's no word on how exactly
the suspects were tracked down,
but being a longtime
admirer of ham radio enthusiasts, part of me hopes that it was an old-fashioned fox hunt.
And that's The Cyber Wire. For links to all of today's stories, check out our daily briefing at thecyberwire.com.
Don't forget to check out the Grumpy Old Geeks podcast, where I contribute to a regular segment on Jason and Brian's show every week.
And find Grumpy Old Geeks, where all the fine podcasts are listed.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. Thank you. N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector,
from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies.
N2K makes it easy for companies to optimize your biggest investment, your people.
We make you smarter about your teams while making your teams smarter.
Learn more at N2K.com.
This episode was produced by Liz Stokes. Our mixer is Trey Hester
with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer
Iben. Our executive editor is Brandon Karpf. Simone Petrella is our president. Peter Kilby
is our publisher. And I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Business needs AI solutions that are not only ambitious, but also practical and adaptable.
That's where Domo's AI and data products platform comes in.
With Domo, you can channel AI and data into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to
your role. Data is hard. Domo is easy. Learn more at ai.domo.com. That's ai.domo.com.