In this compelling episode of the MFGMonkey Podcast, we explore the critical realm of data security and the evolving landscape of AI and cybersecurity with renowned expert A-Jay Orr. As technology advances, safeguarding data becomes increasingly vital. A-Jay shares his insights on the future of AI in cybersecurity, offering strategies to protect sensitive information in an ever-connected world. Whether you’re a tech professional or simply interested in the future of digital security, this episode provides valuable perspectives and actionable advice to navigate the complexities of data protection.
How to Get in Touch with A-Jay Orr
If you’re interested in learning more about Simple Plan IT or connecting with A-Jay Orr, you can reach him via the Simple Plan IT website:
- Website: https://www.simpleplanit.com/
- Cyber Guarantee: Cyber Guarantee
- https://www.ajayorr.com/
If you have any questions, comments, or topics you’d like to hear about in future episodes, please let us know. Subscribe today and help fabricate the future!
Contact us at:
Securing Data and the Future of AI and Cybersecurity with A-Jay Orr
In this conversation, Dustin and AJ discuss the increasing cybersecurity threats and data breaches that have occurred this year. They highlight the importance of training employees to recognize and respond to potential cyber-attacks. They also explore the role of AI in cybercrime and the challenges businesses face in securing their data. The conversation touches on the need for strong passwords, the potential for biometric authentication, and the rise of load theft in the transportation industry. The conversation explores the impact of AI and technology on society, with a focus on deepfakes, cybercrime, and the changing workforce. It highlights the potential dangers of AI-generated videos and the difficulty in distinguishing between real and fake content. The conversation also delves into the role of technology in bridging gaps and improving communication but acknowledges the risks associated with cybercrime and the need for cybersecurity measures. The discussion touches on the shift towards automation and the importance of skilled trades in the manufacturing industry. It concludes with a discussion on the future of AI, cybersecurity, and the role of insurance in mitigating risks.
AJ, how are you doing, buddy?
Good, how about yourself my man?
I have no complaints. I think I only got three hours of sleep last night and I can see it on my face looking into the camera. So, I literally didn’t fall asleep until 4 am. I just couldn’t shut my mind off. So, I’m operating a little thin today.
Some days it’s hard to turn your brain off. I’ve been there myself.
Absolutely. But for our listeners, AJ, he’s turned into one of my good buddies and he’s the CEO of Simple Plan IT and a cybersecurity expert. And we were just talking yesterday, probably through just texting or whatever. And I’m like, let’s jump on and do an episode on cybersecurity again, with all the chaos that’s going on.
Yeah, there’s definitely a lot going on in the world. You know, it’s interesting. I talk to people all the time and this year, I mean, now that we’re one, this year’s has flown by, I can’t believe how fast this year has gone by.
Yeah, no doubt.
We’re already knocking on the door of September. But this year we’ve seen such a dramatic increase in the amount of massive data breaches. Look at everything that’s been in the news so far this year from AT&T to Ticketmaster, and CrowdStrike, although that wasn’t a cyber incident per se, but it did have huge ramifications, which we can touch on. And then we’ve got the City of Columbus that got breached. So, all these massive cyber-attacks and data breaches that are taking place and happening this year. And the number of zero-day attacks which we can kind of talk about as well as far as what that looks like and what that means. But it’s interesting times that I think we find ourselves in. And I’m very curious to see how businesses respond to these seemingly increasing attacks.
Yeah. And I just got an email today that I had to read. I don’t know a dozen times and I’m looking at the email address and it just, for some reason, I had a bad gut feeling about the email and it was from a legit email address, even though I couldn’t find the person on LinkedIn. And then I did click on a link, and it took me to a website and then eventually it wanted me to sign into my Outlook 365 and that was the point that I’m like, okay, this there’s no way this is real.
Well, and that’s the thing, when we look at what we’re dealing with now is that criminals have gotten so creative in the way in which they were, one, that they’re attacking, but then two, when you look at all the technology resources that they have at their disposal, just like we do, it’s very easy for them to create these seemingly real emails that look legit. Unless you’re really taking the time, like you just said, following your gut and like, something doesn’t seem quite right.
So, there might be something wrong here. If you’re not taking that second glance at things, it’s very easy to just look at something black, that’s legit. Click on something next thing you find yourself in a world of hurt.
Yeah. Well, and I think it’s ever important to train your people because they are so good at that. Like you said, you really have to pay attention. If your people aren’t trained to red flag an email or are not followed all the way through. They’re getting unbelievable information from you. All your customer lists, able to send out emails, and acting like you to change your remit. And it’s a scary thing.
Well, and when you think about it, this is what I tell people all the time. I had somebody ask me a few weeks back, hey, do you think that we’ll ever get ahead of the criminals in this game? I told them, absolutely not. There’s no way.
I agree.
One is because criminals are treating it like a business. I mean, there’s big money being made in cyber-criminal activity. But more importantly, when you really look at it from a business standpoint, they only have one objective. They just have to attack.
And when you think about it. If you only have one thing to worry about throughout your day, throughout your daily business, work, life, and career. If you only have one thing to focus on, you’d be phenomenal at it.
Right.
But as a business leader and business owners, there are a million different things that we have to deal with and have to worry about. We have to keep systems up and running. We have to be creative and innovative in the market space so that we are outpacing our competitors.
We have to deal with workflow or workforce, whatever those challenges may bring. Good, bad, and indifferent workforces bring challenges that we have to deal with. We have to keep the systems running. We have to go out and keep customers happy. We have to go out and acquire new customers. Criminals have one objective and that is just to attack.
Yep.
And they don’t have fires to put out. They don’t have people to worry about keeping happy. It is how can I get into a system, how can I attack, and how can I monetize. And once again if I only had one thing to worry about, I would be phenomenal at it.
Yeah.
And so that’s one of the biggest reasons why I think that we’re always going to be playing behind and always going be playing catch-up when it comes to dealing with cyber criminals.
How big of a role do you feel the new AI plays in with cyber criminals and how much better they are?
I think when it comes to AI, there are a couple of things that we have to look at. One, the tool itself, once again, emails have gotten harder to spot and discern against. Well, now they’ve got a tool that writes perfect English for them.
So that becomes a lot easier. But I even get messages where you can tell that they’re just super lazy when it comes to using Chat GPT because they just copy and paste it into the body of the email.
And when you copy and paste straight out of chat GPT, it puts the brackets on it. And so, they don’t even take the time to erase the brackets. So that’s how lazy they are with it.
Right.
AI is a great tool that has allowed them to do things better. So now they’re more skilled criminals.
One of the things that I’m afraid of, especially as we get into the thralls of this election cycle, what is a fake video looks like. They’re already cloning voices, the video technology is phenomenal, and it’s only getting better.
Yeah.
And so those are the challenges that I see when it comes to the average everyday person where security isn’t top of mind for them. It becomes very easy for a criminal to put some subjective content in front of them and trick and fool them.
Yeah. I saw a video yesterday or the day before it was like a spoof video of Kamala Harris and Trump walking down the beach holding hands. And it was unbelievably good.
Yeah.
I mean, you really had to pay attention. You know, it’s never going to happen, but if you’re looking at the video, it is scary how good that video is.
Right.
And I think the other concern or at least the other challenge that we have when it comes to AI. Think about the businesses that are trying to use AI, especially in the supply chain. So manufacturing, logistics, and warehousing.
They’re trying to implement AI technology in order to crunch data so that they can make faster, smarter, better decisions.
But the challenge that we have, or at least the thing that we need to make sure that we’re cognizant of as we’re moving forward in this direction, is to make sure that data integrity and data security becomes a premium. Because with any AI solution, it’s only as good as the data that you feed into it. So, if I corrupt my data or somebody corrupts my data, then the outputs that are going to come out are all going to be crap. And so, if we don’t have the right measures in place to actually protect the sanctity of your data to make sure that that is clean, then you’re not going be able to trust the AI models that you’re putting in place.
Yeah.
And so that’s one of the other caveats that when we talk to business leaders about the use of AI and implementing AI solutions within their organizations beyond the chat GPTs or the creative stuff. Those are things that they have to consider and make sure that they’re taking care of and making sure that they know how to protect the sanctity of the data that they’re feeding into their AI model.
Yeah. To go down this path, it’s such an interesting conversation and topic to me. One of my good buddies just came up and stayed last night and he and his cousin went to Cedar Point today. His name is Brooks Canavesi. He is a CXO at a company called Problem Solutions and they write AI programs for the warehousing and trucking industry where some of these trucking companies are filling thousands of calls a day. And they have the top 10 questions that they have. And now instead of a human answering the question, they have an AI robot that’s answering the question about where the truck is at and what it’s doing. You can get any answer. And when I was talking to him, I really didn’t think about the cybersecurity issue of that, that you could also build something else that’s probing into that and then they’re stealing or stealing freight. We had probably two years ago, we had somebody ship us an entire truckload of tape. Hundreds of thousands of dollars of tape. And Ashley just felt weird about it and started digging into it. And this entire truckload was intercepted, paid us to receive it. And then he was shipping it somewhere else. And the guy just stole a whole truckload of freight. And this was two years ago.
Wow.
And he did it so well that we nearly didn’t catch it. Luckily, Ashley caught it and was able to get in contact with the company that shipped all this tape. They sent a truck in and picked it up and they got all their products back. But it was like wow, I never even thought about somebody stealing a whole truckload of freight. And they just did it on the internet. Nobody knows who the guy is.
Well, and I think that’s the challenge that as business leaders in this whole supply chain industry, we have to be cognizant. Because we’re leaning on more technology now because of the workforce shortage.
Sure. Yeah.
We just don’t have people. People aren’t going into this thing, into this industry. And I talk to people all across the country, businesses of all sizes. And they’re also the same thing. AJ, if we can just get people to show up.
Yeah.
Like 80 to 90 % of the value they say is people just showing up and once they get there, they hopefully get them to do some work. And I’m like, that’s the barrier to entry now.
Yeah.
Then where we come from a workforce standpoint. But nonetheless, we’re leaning on more technology. So, look at all the advancements that have been made in robotics.
I’m talking to a group right now that is putting in automated forklifts. And what does that look like for their environment and all the different changes that they’re making? So, all the technology that we’re putting in from robotics to automation to Iot devices and warehouse management systems and being able to track all these different things.
Yeah.
All this new technology, I tell people all the time over and over and over again, if it touches the network, it’s a point of vulnerability.
Yeah.
So, you have to be able to account for how we are going to secure that. Because even all the way back, I think it was like 2017, there was a casino that got hacked through their smart fish tank. They had a fish tank on their network to regulate the pH balance and the temperature of those expensive saltwater tanks. I had no idea how expensive they were.
But there was a vulnerability in that piece of hardware that a criminal was able to break into, leverage, jump over to the network, and then steal their high roller Information.
Wow.
And so once again who would think about putting security around a fish tank?
Sure.
I know that on the surface I wouldn’t.
No.
But now that I know this is the world that I live in.
Yeah.
If it touches the network, then it could create a back door into your system which then that’s all the criminal needs is a small crack to get in, and then they can wreak havoc.
Yep. How many tiny little systems do you have in your office that you never think about? Even a ring doorbell, an automatic gate opener, or a refrigerator that’s Wi-Fi. In any of that, I would think would be a potential breach.
Yeah, I mean, so it’s not even just all of those things. There’s your network equipment. So, your firewall, there are updates for it. And if you don’t put those updates in place, those create vulnerabilities in your access points, your computers, your servers. And then like I said, any of these other pieces of technology and even these cloud applications have created backdoors into networks and systems. So, when people ask me, what’s the approach to cybersecurity or how do we approach it? I tell them, look, this idea of building an impenetrable fortress no longer exists. It’s not possible. Because there are too many different ways that a criminal can get into your network, let alone tricking somebody into doing something or having somebody nefarious on the inside because we’re seeing an uptick in insider threats as well.
Sure.
Where you’ve got somebody on the payroll that is disgruntled employees secretly stealing intellectual property or because of this society that we’re in where we like to share everything online. They put their hardships online and I’m struggling with this. I need help with these medical bills and all these challenges.
And then criminals are actually watching those things.
Wow.
And recruiting these people said, hey, I’ll give you $5,000 to help go ease your pains and everything else. All I need you to do is in the office, go in and click on this, or plug in this USB drive.
And we’re starting to see those things. So how do we start to defend ourselves against those attacks as well?
Wow.
So, there are so many challenges when it comes to cybersecurity and the way in which criminals are evolving their tactics, but not only just the evolution of their tactics, they’re becoming way more financially impactful to these businesses. I was reading a report the other day where they were saying that truckload of load debt was up 430 % through the end of last year up until now. And these are an increase in targeted cyber high-tech attacks. But they said during that same time period that the cost or the value of these loads has increased by almost $180,000.00 per load. I’m like, how does a business sustain that? There’s so much risk and vulnerability that as 3PLs and logistics and warehousing companies that you’re assuming here. I mean, you lose one load and what does that cost you?
Especially if it was your fault that a criminal was able to access a system or hack your network or something along those lines. And so those are the challenges and threats that I think as business leaders, we definitely need to be cognizant of and start looking at cybersecurity as something that your IT department does and really start looking at. How do we manage our digital risk? Because this risk goes way beyond just the IT department.
Sure. Are there some basic blocking and tackling things that companies can do just every day?
Yeah, so the basic blocking and tackling would be making sure that you’ve got firewalls in place. Making sure that you’ve got multi-factor authentication turned on where it makes sense. Making sure that you’re educating your staff and keeping security top of mind. I’d say that’ll solve or at least help most organizations. Those that are starting to get into advanced steps where you’ve got a lot of smart technology, tracking your trucks. You’ve got smart technology that is doing a lot of automation within your warehouse. This is where you start to get into, you should probably look and talk to a dedicated security team. Because the faster you can detect something, the faster you can respond and hopefully minimize damage. And so, for those that are expanding into incorporating a lot more technology and this smart technology as they move forward in this push for industry 4.0 adoption throughout the United States. If you’re not having a dedicated security team, you’ve probably got some serious gaps. And then just understand, what does an hour of downtime cost me? So that you can actually start putting hard numbers to the budget when it comes to managing your digital risk because if you understand what’s at risk and what you could possibly lose, then what you’re investing in should be equal to protecting those assets.
Yeah, I remember when we very first started working with you, one of the simple things that you can do is just your password. And so many people make the mistake of making it their daughter’s birthday or their wife’s birthday or husband’s birthday or something really easy. And what did you tell us about just your password? You had a pretty simple rule.
In regards to sorry, you were breaking up on me there.
Yeah, just made a password. I think what you told me was, create like a story out of, you know, I drove racing in. Hashtag San Diego or something and made it kind of a sequence where nobody knows, it’s going to be next to impossible to guess that.
Yeah, because then so when it comes to your passwords, the rule of thumb is the longer the better. So, the longer that password is, the harder it is going to be, one for somebody to guess, but then two is going to be harder to brute force into it. And it used to be, hey, let’s make this thing as super complex as we possibly can. And what we found is that one, computers are very good at crunching random characters and everything else like that. While having some complexity in there is important. But the longer the password, the better.
Yeah.
And so, to that point, creating those passphrases instead of passwords.
Yeah, passphrases. That’s what you called it.
Like you were just mentioning there.
Yeah.
Yeah, I forgot that is a very easy one that people can actually start to use. When you start talking about just the basics, blocking and tackling the password policies. I would also encourage you because now we’re in a state where I think about how many different logins you have and how many different passwords you have to manage and maintain.
Yeah.
There’s always some one that you can remember. I’m a big fan of passwords. Password managers. Whether that’s a one-pass or a last pass, although they’ve all had some challenges when comes to security. Nonetheless, the encryption that they have on their side to protect those passwords makes it a lot easier to then, I have one super complex password that I have to remember, and then the rest of them are stored in this military-grade encrypted environment where heaven forbid you forget your password because it’s almost like trying to break into Fort Knox for them to get them to help you out and unlock it because you have to almost give a DNA sample to verify who you are in order for that to happen. But when you think about all the passwords that we remember, one of the biggest challenges, one of the other challenges or easy ways that criminals get in is that all these data breaches happen and what’s exposed? Your email and your password or something like that. Well, then they just take those same credentials and try them in all the places that they possibly can because being creatures of habits and so many passwords we have to remember, we reuse the same password in different places.
Yeah.
And that’s another gap that we have to make sure that we’re accounting for when it comes to just having good personal password hygiene.
How close do you think we are to getting away from passwords completely? Your phone scans your face to log into it now. And it seems like so many apps if you log in, it’s scanning your face. I would think that would have to be the most secure thing. Retina scan or things scanning a finger, you could get around that pretty easily. It’s hard to steal someone’s eyes, I would think.
Yeah, biometrics aren’t new.
Sure.
They’re becoming more prevalent in the market space. But I think the challenge when it comes to biometrics is just the fact of how many people are actually putting the systems in place to adopt it. So, it’s really market adoption. What does it look like and what does it take? There are a bunch of different technologies that are in the works right now to get away from passwords. And even to reduce the amount of passwords. So, from a business standpoint, you’ve got a single sign-on where your administrator has a password that used to log in with. And then based upon that authentication it’ll automatically authenticate you to your approved apps within the organization and so trying to cut down on some of that password fatigue. But you know with that said how far out are we with the way technology moves, Dustin? It could be within the next five years we get to a point where we’re no longer using passwords. Or it could be another decade or two. So, it could just depend on the market and also the end users, how comfortable are people getting away from that password? Think of how long it took us to really get comfortable with the cloud.
Right. Yeah.
Cloud technology was around and it was ready to go, but the market wasn’t ready for it. People were like, I’d like to have my server here. All my information is here. And now people are like, just throw it anywhere. I don’t need a server anymore. And so, when you look at just market adoption, I think that’s going to play a big part in it as well.
Right. Yeah. And it is about a lot about people’s comfortability with change and people don’t like change. I was trying to look. There’s a post that you made. And we kind of touch base on it just the transportation firms, high-tech scammers, and how much that skyrocketed. I think earlier you said something like 430%. What are the top things that these companies are doing?
Yeah, from load theft.
Is it stealing freight?
Yeah, it’s stealing freight.
Is it the whole truckload? Or is it on more of a micro level?
Yeah, so the article that somebody shared with me was talking about just load theft. And so, it was actually stealing freight. And the way in which they were the examples that they highlighted in the article was how criminals were creating fictitious companies, bidding on these loads, and winning the bids. And then once they won it, they would just go pick up the load because they were authorized to do so. But then the load would never get delivered. And then when they tried to follow up with, the company and the contacts, poof, everything was gone.
Wow.
And so once again, they’re getting sophisticated with the way in which they’re doing things. Even to the point where they’re cloning or pretending to be a legit company. So, they’re creating a fictitious website that mimics a legitimate company and bidding on things or trying to do this. They call man-in-the-middle attacks where they get into the middle of those communications and then they’re able to manipulate the conversation, change things up, and then steal these loads. And so, there are a bunch of different ways in which criminals are using technology because we rely on it for so many different things. From warehouse management and inventory, to the management of these loads and shipments. And so, the more that we lean on technology and rely on technology for these different things, the more susceptible we become to these various types of hybrid attacks where it’s technology-based, but it’s also socially engineered. And so, this is the evolution of things.
Yeah, and it’s the scary part. Even if you talk to somebody on the phone, I mean, anymore, you don’t know if it’s a real person or a bot. And it’s just so damn good.
That’s even scarier when we talk about the voice cloning abilities and technologies. So going back to the kind of AI and what it’s doing and how it’s fitting into the market space. If you look at our website, there are videos all over our website. All of those videos are 100% AI. From the voiceover that is not a real person, it is an AI voice robot doing the voiceover. AI created the scripts, or we used AI tools to help create the scripts and then we pumped it into an AI generator, and it generated the video content to go along with it. And then did the voiceover and then added music behind it. And so, it’s phenomenal what you can do with these tools but it’s also terrifying because anybody can use them. I mean, they’re out there in the open market and there are new AI tools that are hitting the market every single day. And so those are the things that concern me.
Yeah.
Realistically, just as a human being, not just as a cyber security professional, but it’s just as a human being, it’s like, how are we teaching people to discern what is good information and what is bad information?
Yeah.
Just because you saw it one place to your point with the video about Kamala Harris. Just because you saw the video in one place, and it looked legit does not mean it’s actually real.
Right.
And so, I think that’s what’s going be very interesting as society continues to move forward with this technology because it’s not, you can’t put it back in the bottle, the genie’s out and so, and it’s only going to continue to get better.
Yeah, and it is concerning that you could see something on TV, or on the internet and think it’s a real video of what they’re backing, what their policy is, whether you agree with it or not. And you don’t know if it’s that person. Joe Rogan talks about on his podcast where he’s like, guys, there are videos out there of me backing a product and it’s not even me. It’s an AI-generated Joe Rogan talking about how you know this widget is the best widget and how you should buy it, and people legitimately think it’s Joe Rogan advertising it. It’s just so crazy.
Yeah, I think not too long ago, Tom Hanks had a similar issue where he had to put out a retraction, not so much a retraction, but more like a public service, and hey, there’s this video out there of me supporting this product. And he’s like, that’s not me. I didn’t do that. I don’t support that product. But because there’s so much content out there about these individuals, it’s very easy to get the sample size that you need in order to clone them and create your own video, making them look and say whatever you want them to look and say.
Yeah. It’s kind of sad. And we’re talking, we’re really bashing on it. But there are also so many really good things about AI. And it’s just a really interesting time of how you differentiate the good from the bad and the good that seems good or the bad that looks good.
Well to me, Dustin, it’s kind of, like I’ve said before, it’s the gift and the curse of technology. For all the things that we have technology now available for us to do great and wonderful things. I mean, let’s be real. This conversation that we’re having right now is because of technology. Before we would have to schedule and find time to get together in the same room.
Yeah.
And now we’re able to do this and really essentially spin it up in 24 hours to make this thing happen.
Yeah.
Whereas before the technology just wasn’t there and we couldn’t have done it. I mean, this would have been weeks in advance that we would have had to schedule something like this out and put it together.
Absolutely. Yeah.
And so, this technology is great in helping us to bridge gaps, get access to real-time information, to make smarter, wiser decisions, to look at multiple different aspects that we couldn’t look at before. But criminals have access to the exact same tools.
Yeah.
And so, for all the good that we want to use it for, criminals are also able to use it to do evil and nefarious things. It’s become a thing where it’s become to a point where it’s just so profitable for them that there’s no way it’s going to slow down. I was on a panel earlier this year I think it was back in March or April anyway, but I was on a panel with an FBI agent, and he was telling me how North Korea funds a lot of their military efforts and endeavors through the money that they make through cybercriminal exploits.
That doesn’t surprise me at all. I didn’t think about that. But that does not surprise me.
So, think about their nuclear program. There was an article that came out a couple of weeks ago that I was reading. I should probably put something out on it, but it was talking about there was a woman in Arizona who ultimately ended up getting arrested because she was running a laptop farm out of her apartment and what she had done was that she had a bunch of laptops in her apartment, all plugged in, and turned on. And people from North Korea were actually logging into those machines. She had it set up so that they could log into them. And they were actually running remote work jobs through those laptops. So looked like they were in the US over in Arizona and they were working these jobs. She had like 30 machines or something like that where they were logged in. But long story short, reading the article, they said that they were able to make $250,000 just by going back into their nuclear program to help fund their nuclear program over in North Korea. And it’s just like, that is where we’re at. A decade ago, you’d have never heard that story, but now here it is. And I don’t know how much she was getting paid to do that, but once again, think of the mindset of the person who actually set that up. How do you get to a point where you compromise your values and you’re like, you’re going to give me X amount of dollars and all I got to do is have these laptops plugged into power in my apartment and just keep them on and you do everything else?
Yeah.
Cool. Sign me up. Like how do you get to that point?
Yeah.
Like I just don’t understand that.
Yeah, well, and I mean, criminals, and even people on drugs, whatever. They get to a point where somebody who’s addicted to heroin, who’s not sober is not a good person. But when they’re addicted, and they don’t have any money, they steal grandma’s diamond to go sell it and pawn it and buy more drugs.
It’s true.
So, I think it’s a lot with just desperation and people, quote-unquote, find an easy way to make money. And when they’re three months behind on rent, then somebody offers them right quadruple of whatever they’ve made in their life, they do anything people ask them to do.
But that’s the world that we live in.
Yeah, yeah.
Once again, more technology.
Pretty, pretty wild.
I don’t see it slowing down. Every day I’m hearing about new ways that people are trying to use technology. Think of all the wearables that are starting to come out, where they’re starting to try to weave technology into the clothing itself, to actually monitor vital statistics and everything else like that. I mean cool, sounds really, really cool, especially those that, hey, how do you constantly monitor your heart rate and your blood pressure?
Sure.
Well, if you’ve got something in clothing that can actually do those things. I think there’s a lot of huge benefits to it. But then on the flip side of that, it’s like, all right, if it touches the network and touches the internet, it could be a point of vulnerability. What could somebody do with it? Think about all of these EV vehicles, these charging stations, they’re passing data back and forth.
Yeah.
So, what happens if a charging station gets compromised? Does that allow them to load tracking software onto the car that it’s connected to?
Yeah. In the phone that’s connected to the car.
Does it allow them to turn off the communications because the car sends communications back to the charger saying, hey, my battery level is X.
Sure.
If I turn that off, and the charger no longer knows what your battery level is, or it thinks it’s a lot lower than what it actually is. And it overcharges the battery. Can I make the car explode because of overcharging the battery?
Sure.
These are all kinds of different risks that we now have to start looking at and being cognizant of because of the way in which we’re adopting technology and incorporating it into all aspects of our lives.
Yeah.
This big push that Elon Musk is making with humanoids, cool on one hand, very futuristic sci-fi, but also terrifying on the other end.
And then and they’re pretty cheap.
Because if they get compromised and somebody takes remote control over them, who’s now liable for all of that?
Yeah.
Those are questions that I think we’ll ultimately end up having in the future, unfortunately.
Yeah. Well, I need to think back to Terminator 1, and Terminator 2 days and everyone’s like, this is never going to happen. This is ridiculous. And we’re there. We were just talking, Brooks and I were talking about this last night where Tesla, Elon, and I forget which company it is, but you can buy Humanoid for $16,000. For us, it would pick up a bag that we’ve blended and then put it in a box. All night long, 24 hours a day, plug it in and it’ll work just like a machine. But yeah, to your point, it takes the right person to take over all those bots and then they were in Terminator 2 days.
And from a business perspective, that right there is the reason why businesses are looking at robotics and automation.
Sure.
Because, to your point in what you just said, it can run 24-7.
Yeah.
It doesn’t have to take a break.
Yep.
It’s going to consistently do exactly what I programmed it to do. And it’s reliable. I don’t have to worry about giving it a break. I don’t have to worry about PTO. I don’t have to worry about all those different costs associated with a traditional human workforce.
Sure. Yeah.
Unfortunately. This is where I think it’s very interesting, the whole argument over what is a livable wage and how do we help people make more money. Because, you know, let’s be real, especially in the fast-food industry and the quick-service restaurant space. I think this is where we’re going to start to see a lot more of the disruption. We’ve already started to see it with self-checkout kiosks and things of that nature because there’s only so much that I can charge for a burger and fries. Like if I’m going to McDonald’s, I mean, even think about just in our lifetime, Dustin, how much a number one at McDonald’s has gone up in price.
Sure.
I mean, I think now to get a number one medium-sized fry is going to cost you about 10 bucks.
Oh yeah.
And before it was less than five.
They’re paying people a $2,000 bonus to take an order at McDonald’s. And it’s wild. And then that pushes into, you could go work at McDonald’s and make more money than, say whatever fabrication shop or whatever that’s kind of behind the eight ball and they only want to pay $13 an hour. Like, why would I go work in this facility that might be dirty or might not, I can go to McDonald’s and make $21 an hour and I get a $2,000 bonus. And then these people just jump from job to job taking the bonuses. At some point monetarily, it’s going to make sense to replace order takers with technology. With your list of chicken the other day, it’s a bot asking me what I want to order. And it gets the order perfect and then there’s somebody that hands me my order and they ask the same. Do you want an apple pie with that, it has the same questions that some people have to drive through made they’re like, I’m tired of asking that question. I’ve asked that question 50 times a day. I’m just not asking it anymore. That robot doesn’t care. It’s going to ask that question a million times and it’s not going to get tired of it or repetitive and, it’s pretty wild. I didn’t even really think about the whole chicken thing until right now. I mean, it’s gas stations. I mean, we see it everywhere.
Yeah, the robot doesn’t have bad days.
Yeah.
The robot doesn’t have an attitude, all of those things.
Right. No smoke breaks.
It’s going to deliver it the exact same way every single time. Regardless of what you look like or who you are, it’s just going to deliver.
Yeah. And the positive part of that, I was talking to another one of my buddies who just bought a tube laser and he’s like the challenges. Now these tube laser lights are out, but we still have to have somebody program it and run it and get it set up and make sure that it has enough material to run through the evening or whatever. And he’s like, that’s the bigger challenge is just finding that higher paid somebody that can operate it. And I do think Ohio is doing a really good job with its education. And through joint vocational schools, one of my buddies, we did a podcast a few years ago, runs an engineering and technology course in Springfield. And then come out of school, and they know how to program and they’re a $30 an hour employee coming right out of high school. That individual has no interest in going to college because they’re making more than most college graduates are now. And I know, we get into that.
With no debt.
Yeah, with no debt. And we’re going to see more and more and more of that, I hope as we grow aware that the formal colleges kind of lost their luster and their value. We need hired skilled people who can come out of high school and run these machines. And that’s where the big people need to make that mental lapse where you know there’s going to be less and less grunt work, which is scary too because there I mean it takes all kinds of people and we still need jobs for the folks that are geared to do grunt work.
Well, you talk about what Ohio’s doing and I’m really kind of impressed with the kind of the direction that they’re going. They’re doubling down on bringing manufacturing and those skilled trades back to Ohio.
Yep. Absolutely.
Saying, hey, look, you know, the college degree. Yes, we need those. Don’t get me wrong, but we also need electricians, we need plumbers, we need carpenters, we need these skilled trades. We need the welders out there. And even the welding space, you’ve got robots that are doing welding. Well, we still need somebody, one that can inspect that weld and make sure that the robot continuously does a good job.
Yeah.
Because if it starts to falter, then now we’re talking about the integrity of whatever it’s fabricating being at risk. So, we need somebody that can actually do a quality inspection. But more importantly, if that machine breaks down, we need somebody who can actually have the aptitude to come in and fix that as well. And so that’s where I see this shift being made. There was I think it was Lieutenant Governor Husted who was at an event. I think it might have been last week actually, making an announcement. But he was saying, hey, if you want to talk about made in America, you got to start talking about made in Ohio first.
Yep.
And that’s where Ohio’s really trying to position themselves is, hey, we want to be the heartland of where things are made in America. Whatever you need to be made and fabricated, come talk to us here in Ohio because we’re putting all of our eggs in that basket and pushing 100 % forward saying, hey, we’re going to be the state that makes everything here in the Midwest for the country.
Yeah, absolutely.
I have to kind of tip my hat to it because I think if there’s one thing that COVID showed us above and beyond everything else, it was just how fragile our supply chain was. And how dependent we had become on materials and goods from overseas that whenever we couldn’t get those, people lost their minds. I never thought that we would ever see a day in our life where people were fighting over toilet paper. I mean, let’s be real.
Yeah, and it’s scary because a majority of our toilet paper is made in China now. All the big toilet tissue plants moved out of the US, and there are a few still here, but not many I would guess less than 1%. It’ll be interesting to see if we see something that we don’t think about that everyday use something like toilet paper, as all the big mega presses were built in China. And I never really thought about it that way. That was one of my very first big boy jobs, I’ll call it an adult job working in the paper mill. And we had one tissue plant that we called on and I think prior to Oklahoma, that was it.
I forgot that was your background. That’s how you came up with Stu Papermills. I forgot about that.
Yeah, I worked construction went to a school for civil engineering, and ended up getting a job at Pickle and Felt. And they were a wet-in paper maker felt manufacturer. That was my first job in manufacturing.
So let me ask you this, you’ve been in this industry and the whole supply chain industry for essentially your entire career. So how much have you seen technology change and evolve through your career or at least the lifetime of your career?
Unbelievable. So, in my job with them, I ran 12 states throughout the US, and I still drove around using a triple-A trip ticket. And one of the big things I wanted to buy was a GPS and they were, you know, buy a Garmin GPS that went in your car was 1800 bucks or something. And we’re still on a flip phone. Well, is really one of the first phones I ever had was like an old-style bag phone with a cord on it. You know, laptops are obviously different. We carry a portable printer because not every office has a printer. When we did our scanning reports it was unbelievably different. Just as a user not even in somebody in your shoes.
It’s crazy.
Yeah.
A crazy amount of technology that’s changed everything.
Bluetooth wasn’t a thing.
And it’s only going to continue to change.
Yeah.
I think, with all these new advances, this is where AI for me becomes fun because I think it’s AI machine learning. There’s no limit to what we can do. I think we’re just now scratching the surface of it. And so, when your buddy asks, where do I see AI and how is it impacting just the cyber industry? Well, let’s be honest. From the cybersecurity standpoint, we’ve been using AI for years. That’s the way in which we’re able to crunch data and spot anomalies. And see these different things. So, in our security operations center, we use a lot of AI and machine learning tools so that we can detect and respond to things faster because we understand the threat that we face is constantly evolving and there are so many different ways that they can get in and attack. And so, the way in which you manage and mitigate your digital risk is by being able to identify and spot when things have happened or gone wrong as quickly as possible. A lot of people don’t realize the average database breach goes undetected in the United States for almost seven months.
Wow.
If you give a criminal, you give me access to your network for seven months without you knowing, I promise you there’s nothing in your network that I won’t be able to find. And so that’s the challenge that I think we have to face. And this is where I believe once again, cybersecurity shifting from building this impenetrable fortress to this, hey, how do we detect and respond? Rather than prevention is good, and we definitely need to do our best and put best practices in prevention. But we need to put way more focus on detection and response because these threats are coming and these attacks are coming from multiple different vectors. And the faster we can detect it, the faster we can respond to it and minimize the damage and impact. I think that’s going to be the wave of the future.
Yeah.
That, and at the same time, I’m very curious to see how the cyber insurance game goes. These insurance companies let’s look at CrowdStrike, for example. CrowdStrike was not a cyber-attack. It was a bad update that got pushed out through their system that just so happened to basically shut down the Windows operating system on all the machines that it was loaded on that ran the update. So that was a faulty update pushed out through the CrowdStrike system. So, their internal processes for quality assurance, those internal processes failed. And it had a catastrophic impact. The estimated fortune 500 companies were estimated to have lost $5 .4 billion because of that outage. Delta had felt the biggest pain from early on and made the most noise about it. And they’re actually trying to sue because they say that they lost $500 million because of that outage. The question now becomes who’s left holding that back? If they lost $500 million, who would fill that shortfall?
Right?
So, they’re trying to get some of that money back from CrowdStrike saying, you caused this, this is your fault, and you should be held financially responsible for it. CrowdStrike has their terms and conditions in place. I believe that their contract is going to hold, and I don’t see a court overturning the terms and conditions of their contract that state whatever their liability is. But I promise you that the liability is not $500 million. And so, does the insurance company now step in and fill that void? And if so, insurance companies are going to start losing, they’ve already been losing a lot of money. That’s why they’re insurance companies. I believe the insurance industry when it comes to cyber, either, A, they’re going to put their hands all over it the same way they did with automotive. Because think about it, growing up back in the day, I grew up in a day where seat belts were optional.
Right? The car may not even have a seatbelt.
Now, they’ve changed and pushed legislation to where it’s mandatory.
Yeah. Interesting.
It’s funny, I was talking to my wife the other day. She’s like, yeah, whenever I was a kid, I remember sleeping in the back hatch of the station wagon. I was like, yeah, that’s the way we grew up.
Yep, up in the window.
And now you can’t pull down the driveway without having a seatbelt on because your car dings at you and everything else.
Yeah.
But I think all that was pushed and steered by the insurance industry. And I think they’re going have to do the same thing in cyberspace or they’re going to get out of it because they’re losing too much money.
Sure. Yeah, it will be really interesting to see some of these things come to fruition and how much insurance increases. It’s going to increase, there’s no doubt about it when they lose that much money. And it’s just like when we had an opportunity to store lithium-ion batteries, new and used. And the biggest piece of the puzzle for us to figure out was the insurance piece. Nobody knew what to do. And my neighbor actually we’re sitting around the fire having a bourbon. And he’s googling whatever he googled and found a company that is something just gave me, okay, we’re good. So, and that’s what they specialize in this lithium-ion battery storage, but it took us four months to figure that out. But the companies that didn’t know what to do. They were just quoting things that were astronomical. And once we found that niche and found a company that knew how to handle it, it changed everything. So, it took us four months, but we’re insured for lithium-ion battery storage, and we have all the EPA stuff figured out. And insurance is one of the hardest pieces. And if you get cyber-attacked, or you end up getting ransomware and all that stuff, how hard is it going to be for a company to get insurance moving forward?
All right, AJ, we had a little bit of technical difficulty there and I was rambling on. I forget what I was even rambling on about and we had to restart everything.
It’s okay.
Yeah, we’re back.
It’s kind of like whenever I talk to my wife, she’s just talking and talking. I’m just talking and talking. Next thing I know, we don’t even know what we’re talking about. So yeah, that’s what it was.
Yeah. I know that you’re on a tight timeframe here. So, we have a few more minutes, and offline, we were talking about doing a follow-up with this, with you and Brooks. And I think it would be a lot of fun conversation about his experience with AI very specifically and things that he’s building and seeing on his end. And then your viewpoint about how to protect everything and just you guys collaborating about that. I think it’d be a fun conversation for everyone.
No, I think it’d be good. Because like I said, it’s a very interesting space that’s going to continue to grow and evolve. And I love talking with those that are in the development space on that.
Yeah.
Because it’s not what I did. It’s not my focus. But I love the way that people are finding creative ways to incorporate and use AI in different ways and where it can go. That stuff fascinates me.
Yeah.
So, I’m definitely looking forward to that conversation.
Yeah. We were having trouble. We posted our podcast on our website, and we use it as a blog, and we translate everything in Riverside that we’re recording and it does a great job. Their AI bots translate everything into written format. And then we do go in and touch it up and make things that I say bold or whatever. And the things that you say in a different font, so when you’re reading it on the website it makes sense. And we’re having trouble just getting everything posted. And he’s like, we could write an AI, whatever, and it’ll just post right to your website for you. And you really don’t have to do anything. And it’s so far over my head. And I’m like, what are you talking about? And it was just this morning, three hours of sleep, foggy-eyed, foggy brain. And he’s talking about creating an AI to automatically do something that we’ve talked to many people about doing and they want like $500 an episode and it just doesn’t make sense to me, especially if they’re smart enough to create an AI bot to do it for them. I’m really getting a hose. So that’ll be a fun conversation.
Yeah, I mean, there’s so much that you can do in the AI space right now with this stuff. When you talk about automation and being able to streamline processes and do things more cost-effectively. So, as a small business owner and leader, that’s where I see the biggest advantage when it comes to AI. But it’s also for bigger companies that are starting to invest heavily in AI. I’m curious to see all the different advancements and all the different use cases. I see there was a lot of AI. I don’t know how much of the Olympics you watched to pay attention to. But there were a lot of AI commercials where Google was really pushing their AI tool. I remember that one commercial vividly where it’s a dad talking about his daughter and how she’s a big fan of Sydney McLaughlin and writing her a letter. I looked over at my wife. So, if I wrote a love letter to you using AI, is it still impactful? Well, no, but I guess if I didn’t know that you used AI to do it. I was like, that’s the world that we’re living in right now.
Yeah.
That is exactly what Google was just promoting. If you’ve got an idea, you want to write a fan letter or you want to do this, that, and the other, our tool will help you write it, and it’ll help you find the words that you can’t find yourself.
Yeah.
I guess the question becomes, does that make it less authentic?
Right.
If it’s not my words or I had the idea, but the system gave me the words to voice it. Does it make it less impactful? You as the receiver, you wouldn’t know. So, that’s an interesting question to ponder.
Absolutely. And Brooks and I were also talking this morning about college and even high school students. And just go to chat GDP and say, okay, I need to write a 17-page paper on underwater basket weaving and how I’m going to improve that industry and make it green. And it will write that paper for you. And then my question was, how are professors or teachers even going to know? There’s got to be programs out there, but AI is getting so good that it’s not plagiarizing itself. And how do you detect that?
You’ve got the detection piece. I’ve got little kids. So, this is a question of debate that we have frequently. Is the use of technology and these tools that are out there, should I be teaching them how to use these? Because I am. Because my whole thing is, it’s not going to go anywhere.
Right.
It’s only going to get better. People are only going to start using it more. And to that point, I don’t know what the end results are going to look like.
Yeah.
It’s interesting. I have a friend who does a lot of public speaking and has given numerous TED talks. So, he’s won awards for his speechwriting capabilities. And some of the speeches that he’s written, he’s like, AJ I use chat GPT to write, or at least if nothing else, to start writing my speeches. I don’t lean on it a hundred percent copy and paste it. But what I do is, I’ll start there with the idea. It helps me to flush it out to where I can actually write my speeches in a fraction of the time. And so, his question was, am I getting dumber because I’m leaning on this crutch? I don’t know. I feel like I might be losing some of my mental plasticity, but I don’t know. Do I stop using it? He said because it’s making me way more efficient. The fact that you’re even posing yourself this question tells me that you’re 10 steps ahead of the game, but only time will tell.
Yeah.
So, no different than the internet and how it’s changed. It’s commoditized information. No longer do I think it’s important for people to memorize who the 23rd president was in the United States. Whenever I can say, hey, Siri, who was the 23rd president, it tells me.
Right. Yeah.
Or hey Google, who was the 23rd president, it tells me. So, I don’t have to think about these things anymore. Once again, as we grew up, the education system that we came up with was all built on hard memorization. So, we had to read this stuff over and over and over again and memorize it. And now we’ve got this space in our brain of what is now quote unquote, useless information.
That’s right.
Because now it’s readily available and anybody can ask Google all these different things. Great if you’re doing trivia, I guess there’s bar trivia. I guess if you’re in that circuit, then it makes sense. But I have a lot of what I call useless information stuck in my brain now that my kids are like, why do you know that? Cause I had to learn it.
Sure.
Why didn’t you have Google? No, Google did not exist whenever I was your age, kids.
Let me show you this fax machine over here. Yeah, it is interesting. And I do think in a way it makes us smarter. I know for me, something as simple as Grammarly when it came out. I use it for everything. The texts that I send, emails that I write, blog posts that I make, and posts on social media that I make. It’s a crutch of mine, but it also has made me a better writer. And being a better writer, and a better speaker. And I do think something as simple as that helps. And then now, even HubSpot. We use HubSpot, it’s our CRM, you write an email in there and it says, hey, would you like some help with AI to write your email? Even LinkedIn, you make a post on LinkedIn, it comes up and says, hey, here’s a suggestion from AI to improve your post on LinkedIn.
Yeah.
And to your point, we’re not getting away from it. And I feel it does make us better. It’s a tool. It’s just like taking creatine or something to help your body. AG1, are we really efficient without all that stuff? Yeah, even bodies are pretty resilient. But if you can help yourself by taking the right vitamins, then why not? And I think it’s the same thing. I think it’s just a mental vitamin.
I like that analogy actually, by the way. It’s very pertinent here because once again, when you talk about taking supplements and working out, you can take all supplements in the world, but if you don’t put the work in behind it, if you don’t work out, then they’re not going to do anything for you. It’s not like I can take this magic pill and build muscle overnight.
Yeah.
I’m just going to pop this muscle pill and I’m going to wake up and I’m going to be strong in the morning. It doesn’t work that way. You must get into the gym. You must eat right. You must sleep.
Absolutely. Yeah.
So, other things go into it. It is just a tool to help you to enhance your results and help you be more efficient. So, I like that approach. I like that analogy. It makes a lot of sense to me.
Yeah, I don’t know, just writing emails, it’s such a helper. Make sure that you don’t look silly and fat finger something or use a word that doesn’t make sense. That’s something as a kid, I really struggled with. And that was the one thing that I didn’t go to college or finish college until I was 38. And I felt like I did fairly well in life without college. But the one thing that I know that college did for me was all the writing made me a better writer. And it was before all this stuff. And I think if kids are using it properly and they’re having the paper written for them. And Brooks and I talked about this. And this is kind of actually Brooks’s point that I agree with. But if they’re using AI to help them write a paper, but they’re internalizing it, and they can engage and have a conversation about what they learned, then the objective or the goal has been accomplished. Because now the student has internalized that information even though they had helped write it. I don’t think it’s really any different than listening to audible. I mean, people will kind of listen to audible versus sitting down and reading a book. I have seven books sitting here for me to read. And I will probably end up buying them on Audible. Because later today I’m going to drive for four hours. I need a lot of bookends. And in four hours, I’m more productive doing something like this.
Right.
Where I could be sitting down physically reading a book. Now is nice to sit on the back patio and physically read a book. But is the information that you learn any less valuable because you listen to it than reading it? I don’t think so.
No, I would agree with you. And in fact, for me, it plays into the way in which you best learn.
Absolutely.
So, for me, I am an auditory learner.
Yep, me too.
I can listen to it and hear it and pick it up. And it sinks within my brain better than I actually read the words on paper.
Sure. Yeah.
It’s just the way in which I gather and retain information faster and better that way.
Yep. Yeah, me too.
So audible is a lifesaver for me.
Yeah.
I can actually read books and actually listen to them. Hear them and actually digest the information versus if you gave me a book to read in front of me and I’m having to turn pages. I have to reread things over and over and over again before they actually start to sink in because they’re just words on paper for me.
Yeah, I’m the same way.
So, for those people out there that can actually read a book and actually visualize and they read books for entertainment. Like I could never do that.
Yeah, my dad.
That is never something that has ever worked for me. My wife is a big reader.
Yeah.
She’s like, let’s read this book together. Absolutely not. That seems like nothing more than torture and punishment for me. Kind of being hours on a treadmill, like cardio, is a necessary evil for me. I have to do cardio to make sure that my heart stays healthy and everything else. Outside of that, let’s go run a marathon. Absolutely not. I’m not running a marathon. I’m not interested in any part of that.
Yeah.
I kind of view it from that perspective. But I like the analogy of tying technology and the way it’s a tool to the way in which we develop our bodies. I think that’s a very interesting analogy that I’ll actually, we’ll probably start using that one. So, I hope you don’t mind me stealing that.
No problem. I’m going to steal, I’m sure a lot of what you talk about. So that’s what these are about. I’ve always had fun with you and I always just have a good conversation. Talking on a random Wednesday. The goal is for us to learn something and hopefully, our listeners learn something too. So, I know that you had a set amount of time set aside today and we’re coming up on that. As I said, we talked offline about doing a follow-up with Brooks. And I think it’ll be fun getting you two talking about both sides. The security edge of things and the development into things. For the listeners AJ, tell everyone how they can get ahold of you. We’ll also put it in the description, things like that. A little bit about or just a snippet about what your company specializes in, and we’ll make sure that we get all that stuff posted.
Sure, I appreciate that. So SimplePlanIT is the name of the company. We’re a managed security service provider. That’s really what our focus is. And what we’re good at is behavior-based analytics. So being able to see things as they’re happening and stopping threats internally and externally before they have a chance to impact your business. The way we do that is by analyzing and creating a baseline for the way data moves to your network, the way devices behave and operate on your network, and where the users interact on the network. And once we create that baseline, we look for anything that deviates outside the norm as an indicator that something bad is happening. And then we’ve got human beings that are eyes on glass 24/7, 365 that are watching for those anomalies that then instantly respond and mitigate those attacks.
Awesome.
So, if you have any questions whatsoever I would say the best and fastest way to get a hold of me or at least to follow and stay in tune with kind of some of the things and what you’re doing because I’m putting out content all the time in the cybersecurity space and how to manage your digital risk and tech tips. Connect with me and follow me on LinkedIn. That is the platform that I am hands down the most active on. Just because it’s the easiest one for me to dump information and grab information from other resources. LinkedIn, follow me there. And if there’s ever anything that I can do, please don’t hesitate to reach out.
Awesome. We we will stick your email and the details and all that fun stuff. But I really appreciate your time. We talked about doing this yesterday and made it happen today. And I think with all the craziness going on in the cybersecurity world, I think it was definitely appropriate. So, I appreciate you being able to do this so quickly.
No, I appreciate the invite and putting me on. Let’s get this together and look forward to doing it again soon, my friend.
Cool, buddy. Thanks, man. Talk to you soon.
All right, take care.
Yep. Bye.
For more insightful conversations like this, visit MFGMonkey.com. Listen to this episode and many others on Apple Podcasts, Spotify, or your favorite podcast platform.