ACA Intl. – Cybersecurity Collective | Sameer Maini, Jonathan Goldberger, Chanh Nguyen | Ep 196

Adam Parks (00:01.24)

Hello everybody, Adam Parks here with another episode of Receivables Roundtable. Today I'm here with a group of very smart individuals here to talk with us about ACA International's cybersecurity initiatives. How are you gentlemen doing today?

 

Jonathan Goldberger (00:17.058)

Doing great.

 

Sameer Maini (00:18.256)

Doing well Adam. Excited to be here.

 

Chanh  Nguyen (00:18.295)

Very good. Thanks, Adam.

 

Adam Parks (00:20.845)

So excited to have you guys on here. I'm gonna do a quick run through. know normally we like to do backgrounds, but with so many of us on the call today, I'm gonna kind of abbreviate this so we can get to the meat and potatoes of our discussion. But John here has been working with American Business Communications, has been an ACA partner for decades now, and starting on the long distance and phone side of the communications world now very focused on the digital aspects.

 

who then brought in Jonathan with TPX, who's here to talk to us about the cybersecurity side of the world, protecting ourselves from a digital perspective. And then most of you probably are already familiar with Samir. If you have not seen him on stage at a conference, I'm sure you've run across him at ACA or someplace else, but one of the more well -known IT professionals across the space and just someone that I like to go deep nerd with sometimes.

 

because I feel like he's one of the people out there that truly just kind of understands not only the business aspects of the challenges that we face, but is able to translate those into the technical needs that an organization has. And working with State Collection Service now for about three years, Samir.

 

Sameer Maini (01:32.516)

Yeah, it's three years in September. So excited. Yeah. Yeah. Absolutely.

 

Adam Parks (01:35.266)

right, but been around this space for significantly longer. Does that all sound like a pretty good baseline of where we can start our discussion today, gentlemen?

 

Jonathan Goldberger (01:45.998)

It sounds great. By the way, Adam, what's the record for the amount of times the word nerd has been said in two minutes of a podcast?

 

Adam Parks (01:54.835)

I'm going to say I'm probably going be able to get there because I'm a data nerd on top of the technology side.

 

Jonathan Goldberger (01:57.548)

Yeah. There you go. That's great.

 

Sameer Maini (02:00.397)

Okay.

 

Chanh  Nguyen (02:02.529)

Well, I think what's more interesting, Jonathan, is that I've never heard nerd use as a verb before.

 

Jonathan Goldberger (02:07.49)

good point. Four, ding.

 

Adam Parks (02:11.874)

Hey, look, if we're not going to have fun doing it, why are we doing it? Right? I'm perfectly okay with who I am. I am a nerd. I enjoy the data. I enjoy the tech. I enjoy the security aspects of all of this. But you know, just to give our audience some context to our discussion today, can you guys tell me a little bit about what the objective is with this new ACA initiative?

 

Jonathan Goldberger (02:15.072)

Amen, amen.

 

Jonathan Goldberger (02:36.664)

Tim, why you go first?

 

Chanh  Nguyen (02:38.285)

Yeah, thank you. So wanted to provide ACA and it's more importantly, its members thought leadership in this cybersecurity space. Wanted to help members define the what in the landscape, but also the how, right? And bringing together IT professionals and security experts to help identify best practices that can help a small and medium sized agency navigate

 

the regulatory landscape as well as the client requirements.

 

Adam Parks (03:14.34)

And the client requirements are significant, right? And I feel like those things are starting to meld and blend together pretty significantly here. So Jonathan, from your perspective, right? You're coming in from kind of outside of the industry with this cybersecurity expertise. What's your experience been like starting to work with some of these, let's call it mid to small agencies?

 

Jonathan Goldberger (03:35.022)

Well, one of the biggest challenges, many of these folks don't have a cybersecurity practitioner. They might have somebody who's jailbroken an iPhone and you know, voila, now they've become the cybersecurity expert or the IT leader, but, many cases they don't, they don't even have that. And so when you get a, a regulatory that is demanded of you, that is very technical and GLBA safeguards, that's a very technical one where it's very specific. you have to build a second, a cybersecurity program.

 

Jonathan Goldberger (04:05.122)

day one, you know, it's, it's really like deer in headlights. I don't know where to start with this. And so it was so important for ACA members to have someone clarify what the heck is this thing? Put it in, in just simple terms, remove the acronyms, remove the technologies and just get it simple so that I can do the business I need to do, make me defensible. And so that

 

Jonathan Goldberger (04:34.69)

was probably the first thing we realized. We needed to make this simple for them and help eliminate all the noise associated with the threat landscape and cybersecurity vendor landscape. And instead, speak in just simple business terms.

 

Adam Parks (04:50.52)

I think that's a massive lift for this industry, right? I feel like the collections industry has always been a little slow to adapt to new technology. But Samir, from your perspective, right, as somebody who is responsible for the technology infrastructure of a, I'm gonna call it a large collection agency, what value are you finding from these discussions, right, for someone who's got a more technical approach?

 

Sameer Maini (05:12.997)

So that's

 

So Adam, if you look at what's happened in our industry, you can lose a client and still be in business. But cybersecurity is the biggest threat to our business. Literally, you could have an event and you could be a decades old agency and get wiped out. We've seen that that's happening in news. So to me, it's an opportunity to share best practices. And selfishly for me, it's to learn what other people are doing.

 

Sameer Maini (05:45.252)

not only share what I'm doing, but I'm not the smartest guy. There are a lot of smart people in our industry and to learn from them and see how we as an industry can get better and protect ourselves. That to me is one of the biggest risks. And it's not just about technical people, right? We were on the ACA San Diego conference. People were talking about insurance. There were things that I learned that I went to RGC and said, hey, have we thought about this? Because there was some conversations about insurance and even

 

Sameer Maini (06:13.26)

know, cybersecurity insurance, where to get it, how to get it, and what to watch out for. So it's, to me, it's all about, you know, making ourselves better, learning from, you know, other folks, because, you know, I'll selfishly say, I don't know all the answers. There are a lot of smart people and, you know, share what very little or what I know.

 

Adam Parks (06:32.312)

I love your approach, right? It's for such a technical person to say, okay, look, there's all these non technical items that I need to start concentrating on within my cybersecurity threat landscape. And whether that be the insurance and understanding how many records I'm controlling or managing and what my risk level really is, which is going to directly drive those cybersecurity premiums, right? The volume of accounts that you're looking to ultimately defend.

 

Sameer Maini (06:55.354)

Yeah. Yeah.

 

Adam Parks (06:59.19)

And how are you managing that data? you taking things offline or is everything staying online? What does that world really look like? And then I think to Jonathan's original point was like, how do you explain this in non -technical terms to those executives that, you know, are struggling to turn on their computer in the morning? Right. There's a you got to be able to speak to a whole a whole breadth of different skill sets simultaneously.

 

Sameer Maini (07:18.276)

Yeah.

 

Adam Parks (07:25.048)

So how have you guys kind of taken an approach to be able to provide value to somebody at Samir's level, but also somebody at that, let me figure out where the on button is level, right? Like how do you speak to both crowds at the same time?

 

Jonathan Goldberger (07:37.9)

That's a great question. It starts with listening. It truly does. Because when I talk to someone, based off of the terms they use, based off of their concerns and what they're trying to achieve the objective, I usually can hear the level of expertise. And based off of hearing the level of expertise, we can then provide the solution that is that outcome.

 

Jonathan Goldberger (08:06.52)

You know, for an organization that, as I mentioned before, you know, doesn't have a practitioner in cybersecurity, their outcome is just make me defensible. Make me defensible. Give me the outline, you know, the roadmap, the, the gosh, if you remember the board game life, Adam, I don't know if you're in my background of age here, but you know, you had this winding road and, for organizations, they need to go through that winding road of regulatory and cybersecurity.

 

Jonathan Goldberger (08:36.482)

to get to defensibility. so plot it, make it simple on how they can get there and be very specific about how we are gonna lead them and make them defensible as they go through this. Because it's not day one, you are compliant. And you're not gonna be, but you can be defensible.

 

Adam Parks (08:57.818)

Sure.

 

Jonathan Goldberger (09:00.046)

I talk a lot about how I always want to be defensible with my marriage. I got an anniversary coming up. I want to make sure that I've got that gift. Might not be in the house in my hand on the anniversary date, but I've got a printout and I put it in a card and I hand that over and now I'm defensible. The same thing's true with an audit. You want to be defensible to those requirements, the controls. For someone like Samir,

 

Adam Parks (09:16.973)

You

 

Jonathan Goldberger (09:28.588)

So Mir's got understands regulatory has a security program, but there might be specific aspects of the program that needs to be reinforced. might be an objective he has, which for example, might be, I just need that third party, that third party validation. so providing that as well as threat visibility to threat landscape, augmenting his team with what we're seeing throughout our customer base. But it starts with listening, starts with listening to who

 

Jonathan Goldberger (09:58.05)

practitioners are, what they have to say.

 

Chanh  Nguyen (10:01.398)

Yeah, think that Adam, so the other thing that I think to answer your question is that when we had the idea of working with Scott Purcell of ACA to put together this collective, we also understood that there was a wide range of ability and resources. So we tried to create a structure that allowed for participation on all levels, whether you were

 

Adam Parks (10:01.678)

So let me, go ahead.

 

Chanh  Nguyen (10:29.453)

had no knowledge or you are Samir, that you would have a value proposition and a stake in this community. So we're trying to encourage and we have a structure that welcomes all members, right, of any level. And hopefully, as a community, we can raise the awareness and also the knowledge by having a dialogue, really. It's really having a conversation.

 

about this topic on various aspects. Cybersecurity is being one, excuse me, a very vast definition of what makes cybersecurity, right? So insurance comes into play, regulatory comes into play, you name it. That's what we had in mind in terms of creating this structure.

 

Adam Parks (11:17.774)

So as you guys are going through the, it's called the education and discussion process with the ACA members, how much of the time are we spending talking about what's called the technical penetration aspects versus the social engineering threats that exist in the landscape, right? And I'll use an example for those that haven't read it. I was a huge fan of the Kevin Mitnick books. He was the hacker in the 90s. See, Jonathan, we do fall into that same age bracket, right? He was the hacker from the 90s that they locked in solitary confinement because they were concerned that he was going to use a pay

 

Jonathan Goldberger (11:41.816)

Thank

 

Adam Parks (11:47.732)

phone to launch a nuclear warhead. Like it was some of the most ridiculous things you ever heard. But he wrote two books. Well, he actually wrote a bunch of books, but two books that I've kind of focused on, which was the art of penetration, which was how am I going or out of intrusion rather, which is how am I going to physically or how am going to penetrate systems from a technology standpoint. The other one was the I was on social engineering. It was the the art of deception. And it was talking about how to how they're

 

Most of these hacks are happening by tricking somebody into taking an action, clicking on a link, providing a piece of information. So as you guys are going through this kind of like education process, are we looking at kind of both angles of this or is this more focused on the technical aspects?

 

Sameer Maini (12:29.626)

So, I mean, even on our San Diego conference, right? So most of the companies have a decent, I would say, you know, the technology side is relatively locked down. You don't see open ports, know, people are doing, you know, people have a firewall, the ports are locked down. There is, you know, updates happening, things like that. Although you'll be surprised some of the hacks that have happened have been because the computers weren't patched, is separate story altogether. But I think, you know, the biggest threat

 

is your weakest link and your weakest link of people. The social aspect is definitely something that of greater, that to me is a greater risk. I'm more worried about the agent who's going to click on a link that will start a malware or ransomware attack than I am so worried about. I am worried about my firewall, but I feel my firewall, once it's set, we got the ports locked down, we're running monthly penetration tests, we're running vulnerability scans, we're patching our systems. That's manageable.

 

What is unpredictable is even though, believe it or not, we send out phishing emails, right? To train people, hey, what not to click. And like today is a perfect day. We have a class of eight people who clicked on links, which they shouldn't be, which we generated like for phishing attacks, we simulated a phishing attack and they clicked on it and they're going to be again reminded, hey, do not click on this link if it's not coming from a domain or the basic stuff, right?

 

Sameer Maini (13:54.256)

If somebody's offering you $500 Amazon card or you see an email that comes from, it looks like it's coming from HR, but the email address is not stcol .com. It's Gmail. We're going to go through this with those eight people again. it, it still happens even though we do this on a monthly basis. Everybody knows we're simulating these attacks, but still people click on it. That's what keeps me up. Because that is.

 

Adam Parks (14:20.342)

I can I can imagine that keeps you awake at night right? Because it is the threat of the physical people and their behaviors that ultimately are going to look at Sony right? Like that's a perfect example. We'll, you know, look at kind of how it's really just tricking somebody on the phone or all the people that are sending bank wires to the wrong locations. I mean, how in the last five days, I've probably gotten five different emails with fake invoices from various organizations that I don't actually do business with.

 

Sameer Maini (14:26.063)

Yes.

 

Yeah.

 

Adam Parks (14:48.11)

But I can imagine if you get your uniforms from Cintas that you probably are also getting these phishing emails and they may be more effective.

 

Sameer Maini (14:56.396)

one of the, you know, this is my previous life. We had recently made an acquisition and we put it out on LinkedIn and our director of finance, she got spare fished, you know. So an email came from our CEO saying, total top secret. We're looking at another acquisition, you know, not to be discussed even with the CFO, you know, I'm sitting with the, like, you know, because we put out who the private equity buyers were or what have you.

 

Sameer Maini (15:23.066)

Like they basically gleaned through LinkedIn, drafted an email with so much relevant content. And here, know, a director of finance is about to make a transfer because he thinks, or, you know, they got an email from our CEO not to be shared with super secret, right? So these guys are getting way smarter. It's unbelievable. So that's my biggest concern is social engineering.

 

Jonathan Goldberger (15:46.957)

You know.

 

Chanh  Nguyen (15:47.285)

And I think the other thing is that it's coming through different mediums, right? It's not just email too, right? Now texting, right? Along the same lines, right? Again, based on social engineering, they understand your makeup and they send content that's relevant, but they come at you in different mediums. And so it's not just email, right? It's any and all mediums are fair game now. And that's...

 

Adam Parks (15:47.406)

Fair enough.

 

Sameer Maini (15:52.452)

Yeah.

 

Sameer Maini (15:57.315)

Huh?

 

Sameer Maini (16:01.274)

Yep.

 

Chanh  Nguyen (16:15.721)

you keep getting bombarded, you might slip, right? You might forget. And that's what they're banking on, right? So it's, again, it's these types of items and issues that we want to have a dialogue about and, again, promote and share these concerns.

 

Jonathan Goldberger (16:32.59)

You know, Adam, the one last thing on this that I think is so important for people to realize, too often we just go, listen, users are stupid, right? Stupid's going to happen, users are stupid. But it happens to everyone. And the reason it happens to everyone is, well, it's multiple reasons. First, what's the easiest thing to do if I'm an attacker? It's to send an email to a million people. Like, I click one button and it goes to a million. I click one button and it could go just to 10, but it's just one button that I got to click.

 

Jonathan Goldberger (17:01.71)

versus if I'm gonna try to attack a network and actually go and grab the informational analysis and try to get access, go through the ports, find a vulnerability, penetrate through, find it. That takes so much more time. Listen, I'd much rather, much rather send an email, get on my PlayStation, play some NCAA 25 football that I haven't played in a long time because it hasn't been out, than have to spend the time to focus on an attack. The second thing is,

 

Jonathan Goldberger (17:31.434)

And these emails are getting good. listen, the one I always talk about is Chick -fil -A. There's a perfect Chick -fil -A fish out there. it's not fit, Chick -fil -A is not selling fish everybody. So just relax on that. No, there's a Chick -fil -A fish out there where it's talking about their new, I think it's the summer strawberry lemonade tea or whatever. And get your free one. Well, geez, I'm a Chick -fil -A one subscriber. I would think many people are.

 

Jonathan Goldberger (17:59.756)

I love Chick -fil -A. So that sucker comes in, I'm at work, I've got my Outlook open, I also have my Gmail open. I'm like, yeah, I want my free sweet tea. I click the button. I go to a authentication page for Chick -fil -A one. By the way, I've got a quote due or I've got a presentation I'm supposed to be getting done. I might've had a fight with my dog. Who knows what's going on? But my vigilance, my vigilance has lowered and that's all it takes.

 

Because I then authenticate, it says, wrong password, points me to the right Chick -fil -A one page. When I then authenticate, get in, I can't find where that thing is. I go, well, it must be in my account somewhere, and I keep on going on my day. Meanwhile, they have my user ID and password. Now, could that be the same user ID and password that I use for my Gmail, for my bank, for anything else? Sure. Could it be the same one I use for work? Possibly. LinkedIn? Yep. Facebook? Probably. You know, that's the problem.

 

Jonathan Goldberger (18:57.666)

and it all stemmed from an email that looked so authentic, I love Chick -fil -A, you love Chick -fil -A, and I'm a little bit distracted. So it's easy. That's the real point of it.

 

Adam Parks (19:10.116)

And that's because they're not using a password management tool to use unique identified passwords for each and every attempt to log into anything. I mean, I call me ultra paranoid. But like, I mean, I, without a password manager, I would never be able to get into anything ever again, because I've and how many times have we seen, right? And I'm pretty sure that's what happened with the Sony hack is they got one piece, or they got one use of a password, and they used it across

 

Jonathan Goldberger (19:13.282)

Yes.

 

Jonathan Goldberger (19:20.619)

Absolutely.

 

Adam Parks (19:39.094)

all of the different penetration points. And now that we live so much in the cloud, because there was a time where everybody accessed their email only through specific divorce, through specific ports. Now we're in a position where everything is cloud based. So those same authentications. And if you're not looking at it, or if you're not even doing the simple things like putting a HTTP blocker in your Chrome browser, like as we were logging into this thing,

 

Sameer Maini (19:50.703)

Yep.

 

Adam Parks (20:05.38)

to do this meeting. You're like, gotta go turn off these 25 different extensions so that all of my functionality will work while we're recording through a browser. Man, I got nothing but respect for that, right? I go through the same thing. I have to use a different browser that's specifically set up for these purposes because we are as humans going to make mistakes. And if I don't have an HTTP blocker in there and it's gonna show me pages that don't have the secure S at the end,

 

Well then I might miss something as I'm going through the speed of my normal day. And I consider myself to be kind of a nerd, right? Like throw the word in there one more time there. But like I feel like that's one of those challenges that we face as an industry. You start stacking on the availability of the cloud. You start stacking on all of these other things. If you're not.

 

Jonathan Goldberger (20:43.8)

Yeah.

 

Adam Parks (20:55.78)

putting some tools in place to at least give you a base level of protection. It's easy to make a mistake no matter who you are.

 

Jonathan Goldberger (21:02.446)

Right, right. You know, one of the things I always talk about is, is as an average, the average user has four or five passwords and they have that, that's the average number four or five and they are similar. So, you know, and it's like, all right, this year, my password is, you know, Washington capitals 24. It's got to change next year. You know what I'm going to change it to Washington capitals 25. Exactly. You know, like, woohoo, I'm getting secure. But one of the things that shocks people.

 

Sameer Maini (21:14.308)

Yeah.

 

Sameer Maini (21:25.52)

25.

 

Adam Parks (21:27.425)

you

 

Jonathan Goldberger (21:31.854)

Shocks people as I say, I've had a manager since 2012. And I tell folks, I don't care what password manager you use. Just use a password manager. Perfectly, in a perfect world, don't use your Chrome browser for password management. that's, I'm not going to be choosy here. But I say, I ask people, I've been using a password manager since 2012. How many accounts do you think are in my password

 

Jonathan Goldberger (21:58.254)

And people guess, they go, 40, 60, over 1 ,200.

 

Adam Parks (21:58.468)

my God. I would say 250.

 

Sameer Maini (22:03.152)

12 hundred. Okay.

 

Adam Parks (22:04.13)

Wow. Jesus.

 

Jonathan Goldberger (22:05.358)

And here's why. Since 2012, I've worked for four different companies.

 

Adam Parks (22:11.895)

Okay.

 

Sameer Maini (22:12.397)

Okay.

 

Jonathan Goldberger (22:13.614)

Since 2012, I've had, I've bought, I've got kids, so I bought four cars. Since 2012, I've had,

 

five different healthcare providers because of changing. know, there's, with each car, you got Sirius, you got your, you know, finance, you got your, yeah, I mean, you know, every time my kid plays a sport, I've got a new account. Every time they change schools, I got, they're all in college. I've got those, those different accounts. You have so many accounts. We don't realize how many accounts we have. And that's what the attackers love.

 

Adam Parks (22:36.078)

The dealer.

 

Adam Parks (22:42.18)

and

 

Jonathan Goldberger (22:55.539)

Love is that.

 

Adam Parks (22:56.836)

Fair statement. Fair statement. Look, it's, I got moved over to a password manager. And I want to say it was probably about 2012. had a Twitter account that got like somebody was attempt didn't even get hacked. If somebody was attempting to access it, they got far enough to send me a two factor and I went, my god, I better go learn about password management tools and then spent the remainder of the next two days changing every password. And I still go through and look at my evaluation of my current passwords on let's call it a

 

orderly basis to make sure that we're updating nothing's getting too old and then monitoring the dark web to see what else might pop up. But I think the point here from an ACA membership perspective is that this is an opportunity for members to get together and have these discussions. There's some really simple things that executives, IT professionals and others across your organizations can be doing to secure your network to secure your business and to secure their personal lives to be quite frank.

 

And so this is that location and opportunity for everyone to come together, have these types of discussions and learn from each other. Because Jonathan, like, feel like we just I feel like we have to have a webinar about some of this at some point, because there's so many different aspects. And we could go so deep down the rabbit hole when it comes to how executives can be protecting themselves. I mean, how many how many people watching this right now don't have a VPN and are going to go connect to the local Marriott?

 

hotel the next time that they're staying, they're not understanding that it could just be a pineapple sitting in somebody's room, and I don't mean the fruit. So these types of conversations, I think, are where it really starts to get interesting and where our industry, I feel like has a weak point. And I love that you guys are coming together to facilitate these discussions across the various skill sets that exist within the ACA membership.

 

Jonathan Goldberger (24:52.472)

That's one of the keys of the collective is certainly everything that Samir and Chanev said is absolutely true. But also people can't hire the practitioners. They're so costly for majority of the ACA members. So how could they organically grow some of this knowledge? Well, this is the idea. The idea is that through the collective, you know, take your latest hire, take someone who's just out of school, take someone who says, hey, I've been doing this for

 

Jonathan Goldberger (25:22.382)

20 years and for whatever reason, think cybersecurity is interesting and be active in the collective and they can learn. We've talked about what type of vulnerability scanners you could go and use just in a free manner that are open source that you can try out to understand how vulnerabilities occur, how they're taken advantage of. We've talked through about just what a gap assessment is and what a control is and how a control is an objective, not a word for word requirement.

 

You know, it's the outcome that you seek and focus on the outcome. So it's about learning and building some of that expertise so that you don't have to be just relying on one consultant or reliant on one technology vendor, but instead start to build some of that expertise.

 

Adam Parks (26:12.302)

I love the building of that competence within your own organization, because even if you go out and you hire the best cybersecurity professional out there, you still have the weak point of the CEO, the executive team, clicking links, doing these other things. So I think at least providing some level of education and discussion forum for those types of topics really can create a positive change within an organization itself.

 

And I think that cybersecurity often just gets put into the the Samir bucket, right? Like, this is an IT problem. We're just going to give this to Samir over here. But that's not the reality of it. The reality is that a cyber threat is across your organization and there's nobody who's exempt from.

 

Jonathan Goldberger (26:54.766)

culture.

 

Sameer Maini (26:54.766)

Yeah. In fact, it's a cultural thing. you know what? State, our training team is actively engaged in it. They are the ones that are going to go and do this phishing attack training again. Right. It's our ops team. Because we understand it's not one person's problem. Right. I mean, it's your weakest link. Anybody can click on that email and get a...

 

Adam Parks (27:19.574)

And so for an ACA member who wants to participate in the collective, what's the first step? How do they get engaged?

 

Chanh  Nguyen (27:27.045)

So they send an email to member services of which then they will be verified by ACA as a ACA member. And then from there they will get an invitation email to sign into the LinkedIn group. And it's by invitation, but it is open to anybody and everybody within the ACA community.

 

Adam Parks (27:52.932)

Well, that sounds fantastic. As an ACA member, I'll be going to join myself here. That was part of the reason that I wanted to ask the question, because I do want to get engaged with this and I want to get my team engaged because I feel like this is such an important initiative across our industry. Well, gentlemen, thank you for coming on and having this conversation with me today. I think you guys are working on some really incredible things and I hope that the industry is really listening and taking this opportunity to learn from all of your expertise.

 

Jonathan Goldberger (28:22.99)

It's been great. I will say this industry, just real fast, they're begging for this type of information. They're looking for someone just to help them. And that's part of our responsibility in the cybersecurity vendor landscape is we need to educate, because it affects the fabric of our lives. This is not just a business conversation. This is about societal conversation. If we don't secure the small,

 

Chanh  Nguyen (28:23.373)

Thank you very much for the time.

 

Sameer Maini (28:44.494)

Yep.

 

Adam Parks (28:44.759)

in

 

Jonathan Goldberger (28:51.862)

medium businesses, it affects our day to day.

 

Adam Parks (28:56.504)

I agree it provides us without we need that opportunity to defend ourselves as small and medium sized businesses because the threat doesn't change based on the size of your business. Right. You could be the largest agency in the country or the smallest your threat landscape from the outside remains the same and nobody is too small to be noticed online. There's plenty of scanners and port checkers and all kinds of other tool sets that help these people identify potential targets that are just not paying attention.

 

Sameer Maini (28:56.528)

That's true.

 

Adam Parks (29:24.332)

So if you're an ACA member and you're concerned about your business, I highly suggest getting involved and engaged. You're gonna find me there, because I'm gonna go sign up for this as soon as we jump off this call. But gentlemen, thank you again for coming on today. For those of you that have additional questions you'd like to ask the team here, you can leave those in the comments on LinkedIn and YouTube and we'll be responding to those. Or if you have additional topics you'd like to see us discuss, you can put those in the comments below as well. And hopefully I can get these gentlemen to come back at least one more time to help me continue to create great content for a great industry.

 

But until next time, gentlemen, thank you so much. really do appreciate you all.

 

Sameer Maini (29:57.604)

Thank you, Adam.

 

Jonathan Goldberger (29:57.71)

Thank you.

 

Adam Parks (29:58.818)

And thank you everybody for watching. We'll see you all again soon. Bye everybody.

 

Chanh  Nguyen (29:58.957)

Thank you.