The Chris Voss Show - The Chris Voss Show Podcast – Steve Tcherchian, CISSP – Chief Product Officer and CISO of XYPRO Technology Corporation
Episode Date: September 25, 2022Steve Tcherchian, CISSP - Chief Product Officer and CISO of XYPRO Technology Corporation Xypro.com...
Transcript
Discussion (0)
You wanted the best. You've got the best podcast, the hottest podcast in the world.
The Chris Voss Show, the preeminent podcast with guests so smart you may experience serious brain bleed.
The CEOs, authors, thought leaders, visionaries, and motivators.
Get ready, get ready, strap yourself in. Keep your hands, arms, and legs
inside the vehicle at all times, because you're about to go on a monster education rollercoaster
with your brain. Now, here's your host, Chris Voss.
Yeah, who's ready to go on a rollercoaster monster brain ride with the thing? I don't
know. Whatever the guy said at the beginning. Hi, folks.
I'm Chris Voss, your host of The Chris Voss Show for 13 years.
We'll be coming to you live, live with the show.
We certainly appreciate you guys tuning in.
As always, for the show to your family, friends, and relatives, put your arm around them.
Look them in deeply in the eye and say, have you joined the family that loves you but doesn't judge you?
The Chris Voss Show.
The best kind of family there is.
We're still working on making those shirts. Anyway, guys, go to youtube.com
4ChessChrisVoss. You can find everything we're reading or reviewing over there
in our playlist of some of the greatest authors and interviews and CEOs we've had on
the show. You can also go to goodreads.com 4ChessChrisVoss and
all the other places on the interwebs that we are at, especially the LinkedIn
newsletter and the big LinkedIn group of 130,000 people.
Make sure you go follow that over there.
That group just gets growing and growing.
I mean, I think the last count was 122.
It's crazy what goes on over there on the LinkedIn-age, as we like to call it,
or as the kids call it.
The kids don't call it that.
I just make that up as it goes along, but you know that.
Today, we have an amazing gentleman on the show.
He's the Chief Product Officer and chief information security officer.
He's been offered an officer position, but he's the chief information security officer.
What is it going on with the officer thing this morning, Steve?
I don't know, man.
I'm hearing some nervousness in you when you hear the word officer and cop.
That's probably what it is. I'm thinking of all the things that I've done lately,
like leaving the lid off of the jam and different things like that and all the heinous crimes that
I've done. What else did I do that's been a heinous crime lately? I don't know. I'll think
of some later in the show. I'm sure they'll come to me, but I'm clearly worried. We'll get more into what you do and how you do it.
Steve Churchian is on the show with us today. He is the Chief Product Officer and Chief
Information Security Officer for Zypro Technology. He is on the Forbes Technology Council,
the nonstop under 40 executive board and part of the ANSI X9 Security Standards Committee.
With over 20 years in the cybersecurity field, Steve is responsible for strategy and innovation of Zypro's security product line,
as well as overseeing their risk compliance security to ensure the best experience for
customers in the mission-critical computing marketplace. Steve is an engaging and dynamic
speaker. I've watched a few of his videos, actually, who regularly presents on cybersecurity
topics at conferences around the world. And now we've roped him into coming on to the show.
Here he is, Steve. Welcome to the show. How are
you? Great. I'm glad to be here, Chris. I'm looking forward to this one. There you go. There
you go. It's wonderful to have you as well. We're going to be talking about some really
interesting things when it comes to cybersecurity, internet security, and some of the amazing things
that you guys cover with not only your business, but also your knowledge in the world. And it's
crazy what's going on today with all the different cybersecurity hacks, et cetera, et cetera. Give us your.com so people can find you on the
interwebs, please. Yeah. Our website is www.zypro.com. X-Y-P-R-O.com.
There you go. And I just remember one of the other crimes that I recently committed.
I ripped the tag off of Mapris. So you can arrest me now and take me in. Anyway, guys,
so Steve, give us an overview of Zypro and what it does. Sure. So we provide security for the
mission-critical market. That means all of your critical infrastructure, you're talking banking,
retailers, telecom, food services industry, anything that keeps the world going, those
companies are our customers. And we provide the security to protect all of the transactions, all of the data that those companies handle.
They say we provide security for what's called an HPE nonstop platform.
It's essentially a mainframe system.
And most people have never heard of this, but I guarantee you almost everybody interacts with a nonstop server at least a dozen times a day.
Pull your credit card or pull your wallet out and look at all the logos on your credit cards.
Every one of those logos are our own customer. And every one of those customers depend on us
to keep their customer data safe. And that's really a big thing these days. How big is the numbers when it comes to hacks?
And, I mean, is there even a number you can put on it?
Because it seems like every day there's something going on.
Yeah, the numbers just keep increasing every day.
So I can flash all kinds of statistics in front of you.
But by tomorrow, all of those will be obsolete.
That's true.
Immensely increased.
People watch our videos 10 years from now, so they'll be like, those numbers are really old.
They do that to me all the time.
When we review products, we can't even put prices on stuff because they'll be like, that's not $300 anymore 10 years from now.
It's funny.
So you guys do a number of things with your company.
You kind of alluded to some of your main customers, but for those who might be in the audience thinking,
is Zypro the company that I should be talking to and using?
What are some of the people out there that would be the best customers that should be looking up and talking to you?
Yeah, banks are our largest customer base.
So, financial services industries, like I said, think of any large bank in the United States and Canada and globally.
Those are our customers.
Retailers, if you go to, without naming names,
if you go to a hardware store with an orange logo on it on the weekend for a project or a woodworking project and swipe your credit card at that store,
you know, our customer.
If you go to a convenience store that has a little red dot as a logo, those are our customers.
There you go.
Well, I think I know which one that was.
And I actually have a credit card with them.
So it's good to know that that's secure.
I always have to go through a separate portal to get to that one.
And yeah, it's really important.
So what are some things you're seeing or trends you're seeing out in the market right now?
Yeah, the biggest fear with everybody right now is ransomware.
And it's not just in the business world.
Consumers or regular users can be affected by ransomware as well.
Oftentimes, though, when I hear about ransomware and I talk to people on the street or friends,
I go, well, I don't have anything that a hacker would want.
So I'm not worried about ransomware. Well, that's not really it. It's if they can lock you out of
your data and hold it for ransom and even squeeze $500 out of you, they've accomplished what they're
looking for. So everybody is a potential victim for ransomware and we're making it easier and
easier for them with all the information we're
giving away on social media, on Facebook, on Instagram, on, I've got stories about LinkedIn
and how that's being used against us. But ransomware is really the one that everybody
from top to bottom business to regular user needs to watch out for.
And there's, you know, a lot of times we don't even hear about it. Like they'll just
pay the payola to the ransomware.
It's like hospitals and different things.
Like, you know, after you'll find out that they paid out the ransom,
millions and millions of dollars are going out the door sometimes for stuff like this.
Yeah, for a company, it's a real reputation hit.
It's also embarrassing to know that you get hit by ransomware and then you had no choice.
You had no recourse but to pay the ransom. Yeah. It can affect your customer's reputation that you
have with your customers about whether or not you're secure. It makes me angry. I forget what
it's called, but it's some free service that tells you when your password's been out there
in the public. And it used to be really infrequently that I would get an email saying,
oh, your password and login have been found on some site, and here you go.
This is what it is.
It used to be really infrequent.
Now it happens so often.
But it does make me and affect my consumer reputation, my protection,
my security of going, I can't trust these guys anymore.
And so it has a major effect on that for the business, not only for an embarrassing effect.
Yeah, absolutely. And those lists, those password lists that you're talking about,
those were probably compromised years and years ago and just kind of circulating around the dark
web. And they change hands, they go from hacker to hacker to potential wannabe hacker. And different people find different ways or clever ways to be able to utilize that against you. For example, Yahoo got breached back in 2014, 2013, whenever it was. And their entire user database plus passwords are floating around the dark web. Even now, they're still floating around the dark web. So you might get an email
saying, I've got inappropriate pictures of you. And unless you pay a ransom, I'm going to send
out to all of your business contacts. And then they'll qualify that by saying, by the way,
here's your password. But unbeknownst to the user that's receiving it, the only reason they have their account and password is because a company like Yahoo or somebody else got compromised years and years ago.
But it hurts people out.
I mean, you see a message like that and you're not any more aware.
You go, oh, my gosh.
You know, I actually got an email that someone had inappropriate photos of me and my face and really ugly and disproportionate positions.
But it was Facebook just letting me know that my profile pictures were ugly.
So that was that.
Yeah.
You know, I remember years ago, this is back when texting was just very first starting out.
But I had a, I had a girlfriend who was breaking up with with me send me a picture saying, you'll never see these again.
And I remember thinking in my head, this is like something that can really go bad in so many different ways.
And there are people that are using, you know, texting to share pictures.
There was the thing there where I remember when Mark Zuckerberg had tape over his webcam and the world was kind of shocked and
they're like, wait, webcam's a thing. You know, we found out the FBI, I think from Edward Snowden,
you know, could hack into your webcam. And, and, you know, I, I feel sorry for any FBI agent who
might've been watching me walk around naked around my home. Good luck with that. Your eyes are burned out of your head, but no, it's crazy. All the different things that
are going on nowadays. You recently wrote about the Uber hack you talked about on LinkedIn and
different things. Talk to us about that. Cause that was, that was quite huge. Yeah. Really
interesting. The way that one played out. And when people think hacking, they think of, of somebody
in a hoodie sitting in front of 20 computer screens with all kinds of source code running up and down their screen, you know, doing some really sophisticated stuff.
And that's not what happened here.
It's the attacker, allegedly a teenager, by the way, got in touch with an Uber employee and pretended to be a coworker and got him to disclose logging credentials over WhatsApp to their VPN, to their virtual
private network, basically allowing them to log onto their network remotely.
So this employee thought he was talking to another employee, but instead he was talking
to this teenage hacker and was able to get the login into the VPN.
Once he got into the VPN, that's when the fun started.
You get into the VPN and you're scanning around.
You're trying to live off the land and see what you can find.
And he found a network share.
And this is where it gets really, it just blows my mind that this is still happening in 2022.
So he found a network share with a file in it that had in clear text, administrator username and password to their enterprise password vault.
Your enterprise password vault is your space.
It's the entire tease to the submarine.
So logs into the vault and there are all the credentials of everything that Uber has access to, including the break glass account, meaning the accounts that the cybersecurity teams would use to take this guy out, basically to lock him up.
Those accounts were already compromised because he had unfettered access to the vault and even posted screenshots of what he had access to.
Damn, that is crazy.
Note to self, change the password that I use on my internet from the luggage password,
one, two, three, four.
Yeah, password one, two, three is not a password.
That's a Spaceballs joke that we can do a callback on.
So, you know, this is crazy.
And, you know, these companies, they do this.
I mean, I've had to change my password so many times.
I keep having to, like, add on stuff.
Like, it went from
one two three four to one two three five one two three five six i'm just kidding it's it's it's
worthless that actually is forcing you to change your password and add complexity to it is that is
a useless activity you know one of the i'm sorry i was gonna say you're gonna trade off convenience
for security because the harder and harder you make the password, the more likely it is that you're going to write it down or save it on a file on your desktop called password.txt for a hacker to find.
Yeah, most definitely.
Most definitely.
It's crazy some of the things you do.
So give us some, how long have you guys been in business?
How long, what are some of the tips or traits that you guys do, some key benefits of your guys' system?
Yeah, so the company itself has been in business since 1983.
Actually, it was founded about 40 years ago on a dining room table in Simi Valley, California.
And the business has continued to thrive, and we're still headquartered in Simi Valley,
although we've moved away from dining room and have much larger offices now in a global presence.
But like I said, we're trying to keep our customer base, who's the most critical infrastructure when it comes to the global economy that there is.
But one of the best things you can do, whether you're a regular user or a business or one of our customers,
as I say, that's why I was saying passwords are useless in a sense.
Implement two-factor authentication, multi-factor authentication.
That's when you log into a website, put in your username and password, but that website will not allow you to log in without second factor, be it a token or a text coming to
your phone or some other method other than just the password.
That's the best way we have right now to protect against, you know, silly things like this where somebody steals a password and can log in as you and do all kinds of crazy stuff.
Yeah, because once they can get into the system, you know, we saw that in political things back in 2016 where, you know, some, some, you click on, you know, portal.
I get these all the time too, like pay, fake PayPal, PayPal portals, fake Amazon portals.
And, you know, I've even, my mother called me one time and she was like, she was like, hey, the, the, her cable system was sending her an email about logging in.
And, you know, some of it some of it looks just like the website,
looks pretty. And so what are some different products that you guys offer that customers
can take advantage of? I see a number of them on the website. Yeah. So our main focus is business
to business. So we offer, like I said, multi-factor authentication. We offer that to our customers. So
yeah, we're no longer relying on a username and password.
And what you just said is a perfect example.
There's a lot of these going around where you've got a fake UPS site or a fake Bank of America site or fake, you know, name your provider that you use.
So people get tricked into this all the time.
You know, they'll go in, they're put in your username and password, and boom, the hacker can now log into the legitimate website using their credentials as them.
So we provide technology called two-factor authentication or multi-factor authentication now to protect against that.
So even if a password was compromised, it's useless without that second factor. actor. Now, I'm talking about it from a business sense or from our customer sense, but even to people at home, you know, regular users, almost everything that they have should have two-factor
authentication capabilities. You know, think about your iCloud account. You know, I don't
know if you remember years ago where all these celebrities and their nude pictures got hacked
from iCloud. Yeah, that was just a password compromise because they had not turned on two-factor authentication.
Oh.
Yeah.
Yeah.
I love two-factor identification.
It took me a while to get used to it because I was like, this sure is a pain in the butt.
But, man, after you've been hacked and had issues, man, it sure is nice.
Yeah.
It's not worth the gamble.
So turn it on for your banking.
Turn it on for your smart devices.
You know, we've got, we've all got smart switches at home, Nest thermostats, ring cameras, all that
stuff. All those service providers allow you to turn on two-factor authentication. Why not do it?
There you go. You know, it was interesting. I recently got one of my banks, Bank of America,
I think it was, recently sent me an email about, I think it's
pronounced Zelle. And there's like all these ways that they've been using Zelle to basically scam,
where you actually pay money to somebody that you paid yourself. I remember the old days of
Craigslist, you get like, if you're renting a property or something, you'd be like, we're
going to send you a check. Or if you're selling a product, they'd send you a check for more.
But I guess there was something similar that they were doing with Zelle where they were overpaying or something. And I was really surprised that my bank,
not only was willing to admit there was a problem, but sent out a big notice like, hey, if you use
Zelle, there's scams going on. Here's what to watch out for. It really is insane how crazy it
is out there. It's getting clever and clever.
I was, somebody was telling me a story once that they got a, their grandmother got a phone call
saying that there's a flower delivery, but includes a bottle of champagne. So they need
somebody over 18 to sign for it. So delivery man shows up to the house, knocks on the door. Here
he is standing with flowers and a bottle of champagne. And somebody opens the door
and the delivery person says, I need a credit card to validate or verify that the person receiving
this is over 18. So this person pulls out their credit card. The delivery person, quote unquote,
delivery person takes a copy of the credit card, swipes it through their machine, leaves the flower
and off they go. And then unbeknownst to that user, here's $10,000 of illegitimate charges showing
up on their credit card statement.
Wow. That is just crazy. And sometimes, I don't know what credit card companies do,
but I remember one time we had a bunch of checks get stolen and somebody ran up about
$3,000 or $4,000 worth of bad bad checks and stuff and it was just amazing where they could get the checks passed because i'm like i can never get
checks passed there like i would always ask for id like how did you do that and it was crazy but
it was interesting that the banks just kind of were like i asked my bank i'm like you're gonna
go after this person no it's right off so this never by insurance it almost kind of encourages these guys just to keep going you know you see i've seen some of the videos that some of my insurance. It almost kind of encourages these guys just to keep going.
You know, you see, I've seen some of the videos that some of these scam centers,
they have in India and stuff and it's just insane. So what are some other products that
you guys offer or resources that you guys offer as I'm looking over your website?
Sure. So we do the multi-factor authentication stuff, but we're heavy in compliance. So in our
industry compliance, especially with banks, regulatory compliance and other compliance frameworks is a necessary part of the job.
So we provide products and services that help our customers simplify their compliance activity.
And then we're big in SAP HANA and Linux space.
So SAP HANA in large organizations is an ERP system.
And we provide,
we've partnered with Hewlett Packard Enterprise
to provide some really, really cool stuff
we're doing there around security
and monitoring and hardening
of those environments.
When I talk about SAP HANA,
almost every company you can think of
has HANA or Linux in their environment,
in their ecosystem. So one of them areANA or Linux in their environment, in their ecosystem.
So every one of them are customers or potential customers of ours.
Wow.
So if you're running a Linux OS or HANA system, which is an SAP system,
you make sure you're compliant.
I mean, that's a big deal for companies.
And, you know, being able to say to your customers and hold their trust is really important.
I mean, Uber, I was just really surprised.
Oh, my God.
That's the edge for a lot of these companies.
Because the very first question most customers ask of their provider is, you know, what's your security?
What do you do in terms of security? And if you can instill that trust in your customer that, don't worry, your personal data, your banking information, your social security numbers, your passport information is secure on our systems, you've got a competitive edge over others that you're competing against.
And I saw a recent discussion you had about zero-day vulnerabilities.
Talk to us about what that is about.
Yeah, that was a great one.
I had an interview recently with Rich DeMuro on KTLA-5.
We were talking about zero-day vulnerabilities being vulnerabilities in either your phone or computer or an application that aren't widely publicized,
that attackers are still taking advantage of because the vendor has not put out a patch to address that vulnerability.
So it's things that might have been there for years, months, whatever. They've been there for a while and the vendor might not have known about it or may have known about it, but not necessarily
put out a fix for that vulnerability. So hackers essentially have free reign and they go ahead and
they exploit it for as long as they can.
That's why it's very, very important to make sure you're updating your phones, your computer, your smart devices.
You know, I've seen phones where you look at the App Store, for example, and you'll see a big logo with 99 plus next to it.
Are you kidding me?
And, you know, the typical response is response is well i don't want to update it
because i don't want to change anything yeah those updates are really important
security things yeah yeah they're not just for new features or not going to change the way you
call grandma it's literally it's patching up security holes that the vendor has noticed
and you know i didn't i didn't i
learned that the hard way with our website years and years and years ago where i wasn't updating
some wordpress plugins yeah i was like yeah we'll get we'll get to that update of the wordpress
plugin and then you know later we're like why is the site offline and you know there was some sort
of exploit that came through the plugins you know we You know, you disable the plug-ins, and then one by one, you got to go through and figure out which one was the one that got compromised.
And sure enough, you know, we had it updated and everything else.
And so, you know, whether it's WordPress sites or websites or any of the different things, there's like a million ways for these guys to get in and ruin your life. One of the articles you had that was up on LinkedIn was talking about HR departments.
And I guess this is the new popular thing to exploit them,
especially with so much hiring that everyone's doing nowadays.
Yeah, all the resumes, you know,
you can easily hide ransomware, a malicious script,
some other way to infiltrate a network
through coming through HR.
Because HR is typically not, they're
not IT professionals, so they might not have security and, you know, best practices at the
top of their mind. They're just volume, volume, volume. I'm getting all these resumes. I've got
to churn through them and I've got to, I've got to hire the best candidates. So it's very easy
to sneak a PDF or a word file that has some malicious code in it that as soon as you open
it up, executes and boom, you know, your system is ransom.
I get that all the time.
Yeah.
That's why I say it's critical that security isn't just viewed as an IT problem.
It's an entire company problem.
It's a risk to the company, just like any other risk, just like supply chain risk, just
like a strike, just like, you know, any other business disruption, security should be viewed the same way.
And everybody from the receptionist all the way up to the level on the board should personally take accountability to make sure they're protecting the company.
Yeah, it's crazy.
I get these PDFs sent to me.
Like I said, I just recently got a YouTube takedown thing that keeps being sent to me. I'm sure it's a PDF that I click on. I have issues. Yeah, I've learned I don't click on
anything nowadays. I'm just like, I'm so productive. I'm watching my links. Where is this?
Like if I get an email from my bank, I don't click on anything on the email or PayPal. I go to my
PayPal link or my bank account link directly. I type it in and,
you know, make sure and go. Two-factor identification, of course, is really important.
It's crazy all this stuff. And I can imagine the HR department, you know, like you say,
between all the different resumes they get, PDF hacks, it's crazy stuff. And all you got to do
is click it. Like, and I see that all the time too, on Facebook, like they'll, they'll send them through messenger and they're like,
here, click this thing. Is this you? And you're like, Oh, you're a click. And then all of a sudden
all your friends are getting it. It spreads like wildfire. They have that, or they'll,
they'll hack into a Facebook account because you don't have two factor authentication turned off.
So they'll hack into a friend's Facebook account and start messaging the friends list going, you know, so-and-so is in jail. We need 500 bucks to bail them out. You
know, can you send 500 bucks to this PayPal account? And it's mind blowing how many people
fall for that. That happened to my friend's grandmother. He, she got a call, I think it was
from someone in New York who said that he was in jail and he needed like 12,000 or 18,000. It
was one of the two. My mind's a little fuzzy on it, but it was his 12,000 or 18, one of those two.
And called his 80, 90-year-old grandmother and said, he's in jail. We need this money for bail
to bail him out. You need to wire this money like now. And she could have easily picked up the phone
and called him across town and said, are you in jail?
But she didn't.
And it's really sad that a lot of these older folks seem to take the brunt for this stuff.
And she wired the money.
And it's, you know, gone, gone.
And it's just crazy.
I mean, that's an extraordinary amount of money to lose.
That's one story.
And it probably could be multiplied 500
times a day.
When you look at the farms, the
hacking farms that are in, I believe,
North Korea and stuff,
Russia, different things like that,
I mean, our website just
gets hit constantly.
We have protections and stuff,
firewalls and all that stuff up.
To get the daily security report of all the hits we get around the world,
then they'll give us a list of the countries.
And I'm just like, wow, I didn't know we were that popular.
But evidently we are.
We've seen that go for 13 years, and it just keeps going up and up and crazier.
It seems to have fallen off the tighter we've made our security things,
the less hits we get.
But we're still pretty popular on all the different things that we do. What are some
other things we haven't covered about your company and what you guys do?
So we do a lot, like I said, we do compliance, two-factor authentication. We do a lot of the
back-end security credit card network. So that's all us, safety HANA, Linux. But we also provide security services.
So if our customers need us to come in and do an assessment on their security posture, we do that.
We educate them.
We train them on security best practices.
We're constantly putting out articles and videos and all kinds of awareness campaigns to educate not just our customers,
but the general
public on security best practices and what we're seeing out there and how scary the environment is
actually getting out there. Yeah. Oh, that's good to have. You need training people and
it's great for people that can, you know, have an assessment, like how good is our systems? And,
you know, I know there's these people out there that you can actually pay them to kick your system.
All that sort of crazy stuff.
It's insane how, you know, just one little thing they can get into your system and take it over.
So what's the best way for people to reach out to you, talk to you guys, get some advice, consult, all that sort of good stuff?
Yeah, you can check out our website, Zypro.com, X-Y-P-R-O.com. Follow our LinkedIn, our Twitter, Instagram. We're all over social
media, so we're very active there. We're constantly posting updates, awareness, things that we're
talking about, things that others might not be talking about because it's uncomfortable or we're
seeing things that others aren't. So we're often,
the news that we provide is a little different than the rest of the noise that's out there.
So our message doesn't get lost in the noise. So follow our pages and get educated.
There you go, guys. Reach out to them. Secure your systems, man. There's nothing worse than,
I've had my website taken down and out and almost out by thing. I think about five years into our, the Chris Voss show, a word site, we had the whole site
disappeared and so, so mucked up that we were trying to recover it from the deep database
of WordPress.
And even like GoDaddy's like, I don't think you're getting that back.
And basically it would have been like just a humongous amount of work and years wiped out.
And thankfully, we did recover it.
But we've always been attacked and gone through all sorts of stuff.
The more high profile I've gotten, the more attacks we've gotten.
And there's nothing worse.
It's just nightmarish.
Anytime I log in, we update some plugin or something.
And it's like, all of a sudden.
WordPress has gotten much better where it's much cleaner.
But there's nothing worse than when you see all your work wiped out or you've got to go and rebuild it, refix stuff.
You know, sometimes hacks just take the front end of it down.
But it's just such a nightmare.
And, of course, your business is offline as well, too.
That's why I say, yeah, you've got to back up your data.
So I'm saying it's two-factor authentication,, yeah, you've got to back up your data. So I'm saying two-factor authentication,
but that's not enough
because just back up your data
and ensure there's services out there
for do it for dirt cheap.
It's an annual fee.
Your pictures, your documents,
everything, your entire livelihood
can be backed up.
So even if you get hit
with a ransomware attack
or your website gets compromised
where it seems unrecoverable, two clicks and everything is recovered back from the cloud.
It's worth it.
It does make you sleep at night because there's nothing like spending all day trying to fix a mess.
And you're like, why are we down right now?
And, you know, and your customers are like, the worst part is when your customers email you and they go, hey, man, your website's down and not working.
And you're like, what?
What's going on?
And some plug-in is pulled some crap or some crap.
You're just like, oh, my God.
And it's embarrassing.
And like you mentioned, it's not only embarrassing, but it hurts the reputation of your business as well.
It hurts the reputation.
And the best protection is prevention.
There you go.
So out there, update your devices.
I guarantee you there's people listening right now that have a router at home
that probably they've never touched or updated.
The password to log into the router is probably still username admin,
password admin, or password password.
That's how they get in.
That's very true. that's very true that's very true in fact my i was trying to get a faster
hookup for my nephew and his his dad would not buy faster internet so i actually went into the
admin password thing just so that i could give him a uh what was the dnc or whatever
so he could have a line i think i can't remember what the term is, but you basically gave him a direct line.
But I actually did that and I was like, wow, you didn't change the password for that thing.
Yeah, it's just, it's just crazy.
Note to self, change all my websites from admin password.
Don't do that anymore.
Anyway, Steve, it's been wonderful to have you on the show.
Very insightful.
And people should reach out to you and talk to you again.
Give us the.com once again, so people can find you on the interwebs.
Absolutely.
It's Zypro,
X,
Y,
P,
R,
O.com.
There you go.
And Steve,
thank you very much for coming to the show.
We really appreciate it.
Pleasure's all mine.
It was fun.
There you go.
Guys,
be sure to check out Zypro on the website.
Be sure to,
you know,
really look into this stuff.
Cause like I say,
we,
I get reports every day on the attacks on our site, and it's just insane.
And it's insane the number of countries it comes from.
Like, I'm really popular in China and Russia.
I think Vietnam.
Vietnam.
The show's really popular everywhere.
And I know the podcast is.
We get the international podcast stuff.
But I don't know.
Maybe they're listening.
We should hack that guy.
He sounds hackable.
Anyway, guys, thanks for tuning in.
We really appreciate it.
Go to youtube.com, Forge says Chris Voss.
Hit the bell notification button, note button over there.
Go to goodreads.com, Forge says Chris Voss,
and all the different places we are on the interwebs.
Thanks for tuning in.
Be good to each other.
Stay safe, as always, and we'll see you next time.