Hi, and welcome to Backup Central's restored all podcast

I'm your host w Curtis Preston, aka mr.

Backup, and have with me my confusing mechanical situation, analyst,

Uh, Curtis.

Yes.

We've had quite a few conversations the last few days

or week I should say.

We,

you should give an update for our

listeners on your current saga.

You're like, it might be too.

For anybody that cares.

Right.

So I have a Prius with just shy of 200,000 miles and it started showing

signs of maybe a head gasket, right?

But it's, But, but in a Prius, when the, the signs are really

minor, it's not, or at least in the beginning, the signs are really minor.

It throws an occasional, um, uh, misfire.

Right?

And so we, you know, we work on different things, different possib.

And, and, and I decided that I didn't wanna spend the money on a 200,000

mile car to do the head gasket.

And so I decided to try what was considered to be the best of the sealing

stuff, which happens to be steel seal.

Um, and everything worked out, but, well, it appeared that everything worked.

But now, after that, my cooling system, Is malfunctioning and it's

specifically malfunctioning saying that my water pump isn't working and I'm

getting an actual code that essentially says either the control module or

the wiring to the water pump or the water pump itself is not working.

And, uh, some of you that are anti seal stuff or like, Oh, a seal messed up the

thing, and I don't, I don't know that.

But anyway, it's just, that's, that's where I'm at.

So the car is fine if it's idling, it runs.

Not throwing the error, but the, But the water pump is saying

it's not running properly, right?

I, I think it's, I think it's running somewhat.

Otherwise the car would overheat sooner, but, um,

and just looking at the code, uh, doing some research,

it looks like if it's not running at like 900 rpm, then it throws that code

Yeah.

at least at 900 rpm.

the easy this is, this is another one when

you're a do it yourself mechanic, like I could take it to my guy.

I could take it to my guy, and $500 later we maybe know what's wrong,

Yep.

So for $200 I can replace my water pump.

So what are you gonna do, Curtis?

Did you already order water pump?

I ordered the water pump.

It'll be here

Yeah.

Uh, and it's actually the original, it's a, it's

the, you know, it's the AON water pump.

Yeah.

It's the same exact line.

P T one?

What is that?

Is that the model number?

Oh no, it's, you know, it's, it is, it is the same

company that makes the Prius, um,

Yeah, for Toyota.

It just doesn't have the Toyota stamp on it.

Well, it actually has the Toyota stamp on it, believe it or not.

It has the Toyota stamp on it, but they grind it off when they sell it on Amazon.

Wow.

That is interesting cuz I've heard like when you buy like OE

parts for other companies, right?

You just are missing the stamp.

Like if you buy headlights for your BMW or whatever and you buy like the Bosh

ones, which are the OE ones, right?

You just are missing the uh, BMW badge.

Right?

Or stamp on the part.

But it's interesting that they've actually built the part and then

they spend the labor and the time

to.

I think what it is is they have one line, The

line makes the, the Toyota stamped parts and it's actually die stamped.

Is what?

Is what it is.

And so then, then, and then somebody

Could you imagine being that person being

like, What a waste of a job?

I just sit there.

Yeah.

And it's very clearly manually done.

It's very

Yeah.

you know, there's a guy with a grinder

Well, someone's employed at least, so.

Yeah, I, that's what it is.

I'm all about giving people jobs.

So

So hopefully next podcast we will have an update.

Yeah.

yeah, I decided, by the way, I decided

to give my mechanic some money.

I sent him some money for some verbal advice he'd given me, and I was like,

Dude, thanks for, thanks for helping.

He's been my mechanic for a long time and, and then lately I've

been doing my own stuff, you know?

Anyway.

My constant, my constant companion through it all has been my Prasanna Malaiyandi.

So let's, uh, uh, I'll throw out our disclaimer.

Um, neither Prasanna and I or our mechanics or, uh, know what we're doing.

Uh, we also, are doing this independently.

He works for Zoom.

I work for Druva.

This is not a podcast of either company and the opinions that you hear are ours.

And, uh, be sure to rate us.

Go to your favorite, uh, podcatcher and scroll down to

where they have the rating part.

Click a.

Um, and, uh, you know, and give us, give us five stars, uh, unless you

don't like us, in which case there's really no need to read In which case

I wanna know why are you listening?

Do you just, I wonder, I wonder if there's people who just listen to like

the first five minutes, just wanna see

Prasanna Malaiyandi:

Of us, of us rambling,

Prasanna Malaiyandi:

and

and then they're like, Okay, he's gonna talk about backups.

Now I'm outta here.

Um, wonder if we have this odd, That would be a

I wonder if you can find that stat though,

Lord.

Yeah, I, yeah, I don't think my, I don't think my host gives that, that

stat, but it would be really funny if there's a group of people that

listen for five minutes and they go, Okay, he's talking about tech now.

I'm outta here.

I just wanna know what's going on with Prius or is flooring or, Uh,

like.

Yeah.

I think we've been doing this long enough.

Did we record when I was doing solar, I was trying to do my own solar.

Yeah.

Yep.

We did record cuz I do remember, I think Yep.

Talking about that.

yeah.

Good terms.

Anyway, uh, I

speaking of rating this, speaking of rating, if

we get to 25 ratings, then Curtis will for Christmas, grow a Santa beard.

So he's already started, which is awesome, but for Christmas,

he will grow the Santa beard.

So please go on.

I think it's the Apple Podcast, right site.

This is specifically Apple Podcast.

We're trying to get to, uh, the number of ratings

yeah.

Trying to get to 25 because I really want to see Curtis with the Santa beard.

So please, please, please go give us a, like, give us a rating.

Leave a comment, and let's try to hit the 25 number.

On there, there's a comment on there about me doing the

Santa thing, that would be pretty funny.

like, I'm leaving this comment just so Curtis will do a Santa beard.

Um, All right, well there you go.

Uh, and you know, if you wanna join the party, if you want to come and

talk to us about our topics, right?

Backup, security, uh, privacy, what else should we talk about?

Don't we talk about, Oh, you know, just, well, whatever.

All of those things,

So if you wanna join the podcast, if you wanna join the conversation,

reach out to me, uh, at WC Preston on Twitter, or w Curtis Preston at gmail.

Um, so I thought that, This week we would talk about a trend that's been happening.

I'm seeing it in a, in a couple of different places, and it's this idea

that, So, so, we'll, we'll back up.

There was a trend that cyber attacks were becoming more common, Right?

Especially ransomware attacks.

And then another trend was everybody said, Well, we better get cyber insurance.

We didn't have cyber insurance, but we didn't, you know, it's sort of

like, I don't have flood insurance cuz I live on top of a hill and,

you know, that sort of stuff, right?

Um, even then I, I, I've been watching the news lately and I'm like, I don't

know, you know, maybe I should get it.

Well, it's like the Spectra Logic, right?

Tony Mendoza, right.

When we had a bond talking about when they got hit with ransomware, right?

He's like, Yeah, just a month before the board had bought and

gone and got cyber insurance.

Right?

Yeah.

Yeah, that was, that was really good.

So it's one of those things where it's like, it's really helpful to

have somebody in your corner, even if they're not gonna like, pay you a

million dollars because you got hit.

You know, it's really helpful to have somebody in your corner, so it's certainly

something to think about if you're not, if you don't currently have cyber insurance.

I think it's a solid idea.

What I think was starting to happen, or the insurance companies

felt was starting to happen was that they felt that there were.

, um, certain types of attacks that they couldn't ensure against, or certain types

of payments they couldn't ensure against.

So one of the things I think we saw a little while ago was cyber

companies saying, Listen, we're not gonna pay the ransom, right?

We're, you know, or, or it's a severely limited amount that

they're gonna pay the ransom.

So, We'll help cover damages or whatever, but we're not gonna pay the ransom.

What I'm seeing now and um, there's two articles that we

can talk about the, Go ahead.

Was it that they're not gonna pay the ransom?

Or was there also concerns around paying the damages or the lawsuits or

anything like, Because I think in case of when you get hit with ransomware,

like there's sort of three buckets I look at in terms of cost, right?

One is, Paying the ransom.

Right?

Uh, the second is getting your infrastructure back up and

running, whatever that is.

And then third is paying for any damages that happened because you got hit.

Like this might

be having to deal Yeah.

Loss of business or dealing with lawsuits, Right.

Or other things like that.

So do you know where cyber insurance, when you talk about the cost, were those

like, that they're reducing?

Yeah, I don't, I don't know.

And that wasn't the one, that wasn't the thing I wanted to talk about this

week, but, so I didn't research it.

Okay.

No, no,

that's okay.

but, but I, I am aware that that insurance

companies had been pulling back on.

Coverage of ransomware.

Right.

Um, that, that, that, that they're not doing the same thing

that they were doing before.

Um, you know, and again, it's not across the board, it's not every company,

but, um, that's what we're seeing.

And there's two other, um, restrictions that I thought we'd cover.

And the first, and it was an article that came out, um, just in the last

week, and that was that, um, Lloyds of London is instructing its insurer

groups, uh, globally to exclude the quote is catastrophic state

backed hacks from standalone cyber insurance policy starting next year.

So

Prasanna Malaiyandi:

Which is a lot to unpack.

Prasanna Malaiyandi:

First is this article was dated August 24th because I'm not sure

Prasanna Malaiyandi:

when this, uh, episode will air.

Prasanna Malaiyandi:

Um, it's interesting.

Prasanna Malaiyandi:

Right.

Prasanna Malaiyandi:

The two things that stood out to me was catastrophic,

Mm-hmm.

right?

And the definition of what catastrophic is.

I always worry when people use that word, right?

In terms of what it covers.

And then the second one, and maybe we could discuss this,

is also nation state, right?

Because there are lots.

Yeah, because there are lots of hacking groups that are hard to tell.

Are they sort of state backed or are they independent or what that relationship is.

So maybe we could talk about those two.

Yeah.

And you know, we've talked about, obviously we've covered like ransomware

attacks and, and that there's groups like the CONTI ransomware group

that are huge and there's a lot of feeling that they are state backed.

Right.

Um, that they're, they're certainly state inc encouraged, um, the.

I, I think, you know, this is one of those, like, you know, I am not a lawyer

and I'm not even attempting to be a lawyer and I haven't actually seen the contract,

but I think what they're trying to protect against is like what happened with the

Solar Winds attack, but the solar winds attack, which, um, I believe we, I believe

that we believe that it was a state backed attack that, um, The reason, the

thing with state back to tax, you know, or state, State backed attacks, that's

That's a mouth full

T.

Yeah.

Or nation state attack is that they have essentially an unlimited budget

and so they can do things that perhaps a smaller, smaller hacking group might

not have or might not be able to do.

And.

I think the Solar Winds attack is an example of that because it required

many, many months of, of, you

Careful planning Yep.

and the.

The result, and this is where I'm getting to the result was catastrophic.

It took out, you know, it hacked many, many, many companies and I think the

worry is that there could be worse, even more catastrophic attacks that

make the Solarwinds attack look small.

but instead of calling out nation states

and cat catastrophic, it almost seems better to think about it

in terms of like the impact.

Uh, another example could be like the CAA hack, right?

That affected MSPs, right?

Like how do they quantify that SolarWinds totally makes sense, right?

Or someone going against like a Microsoft or the Okta hack that happened, right?

Because there are so many people who use Okta, right?

It's.

Right.

It's a little fuzzy

right?

In terms of,

I,

Yeah, I know we're interpreting.

Yeah.

Uh, we are interpreting someone else's words.

Uh, I happen to be looking at a Wall Street Journal article.

We're interpreting someone else's words.

We haven't seen the contract.

Um, the, uh, actually, um, let me click on this.

I haven't seen this before, so I actually have a bulletin.

Uh, so this is, I actually have the bulletin from Lloyd's and

I'm looking at it right now.

So while you're pulling that up, one of the things,

So I'm reading a register article from the 24th of August, and one of

the things is that the policies must set out a robust basis on which to

attribute state sponsored attacks.

And the register article, they actually say that attribution is absolutely hard.

Because like we've talked about, saying that a particular group

is responsible for an attack or a nation state with a hundred percent

confidence is really, really difficult.

Or the fact that like these ransomware groups right they're as a service now.

So what does it mean if say there's a nation state sponsoring a ransomware

group that's offering it as a service and some other smaller groups starts

using that exact same package?

So I'm reading the actual memo here.

Okay, so at a minimum, the state backed cyber attack exclusion must exclude

losses arising from a war, whether declared or not, where the policy does

not have a separate war exclusion, exclude losses arising from state

backed cyber attacks that significantly impair the ability of a state to

function or that significantly impair the security capabilities of a state.

So it's a, it's an attack on, on the state.

Gotcha.

So not necess.

So going back to our examples, Kaseya and Solar Winds.

See, but that's where it gets a little fuzzy still, right?

Because.

they're say, they're saying if the United States can't

function, if you're part of, if you're part of a hack that took out the us.

Right.

To what extent though, Right.

Could you claim that like an attack on I know.

I know.

Set out a robust basis by which the parties agree on

how any state by cyber attack will be attributed to one or more states.

Ensure all key terms are clearly defined

Okay?

So they're not saying what you gotta put in there.

They're just saying, Dude, you gotta, you gotta exclude the state backed stuff.

You have to be very clear as to how we're gonna attribute state backed stuff.

Yep.

Um, yeah.

Which I think is gonna be a court challenge for sure.

I could just imagine, cuz this goes into effect in 2023, I believe, right?

End of March, 2023.

Yeah.

So I'm.

saying a phased, A phased attach, but Yeah.

Okay.

Yeah.

So I'm guessing that there will probably be lots of court

challenges in terms of this, right?

So we shall see how Lloyd's handle, I understand what

they're trying to do, right?

Because some of these, like you said, are very costly, right?

It's outside the scope.

It's just like today, most insurance policies don't cover an act of war, right?

And so

yeah.

I can see why they're doing this.

Yeah, I think what they're saying is this is an act of war.

Uh, you know, declared or not, and that we don't, we're not gonna cover it.

Speaking of declared and not declared war, do you wanna talk

about the show that you've been watching?

yeah, I'll talk about this show.

So there's a show on Peacock, I think it's, it was a UK show that was popular

in the UK and now they brought it to the US and it's called The Undeclared War.

And it's, I, I thought it was a pretty good show.

The, there was nothing that really made me, you know, it's, it's a

show about cyber and, and, and other state backed attacks specifically

on Russia or by Russia on the uk.

And they, um, they, they got, I mean, there's, there's some tech stuff where

I was like, I'm not sure if that's, if that does what you're saying it does.

And, um, One thing I'm always interested is when you, when you see, it's, when

they're looking at the code, like, I don't know, is their ability to look

at the code, if there's code that has been compiled, is it possible

to disassemble that and look at it?

Yeah.

It is.

Okay.

All

well it, But it wouldn't end up being code, right?

You would ba

It would,

like you might end, Yeah, it'd be assembly.

Okay.

So that, that part again, that, that was where I, I wasn't sure that that

was possible what they were doing.

But then again, I think what I was looking at was Python , so maybe it

wasn't compiled code cuz it was actually a reference to Python in the, the thing and.

But then they also had her, Sorry, I'm focusing on the techy things that

maybe they got wrong, but, but overall, the, the overall concepts that they

got right where basically it was a, and again, if you don't want to hear,

uh, I'm gonna give some spoilers.

I don't care.

Like, if you don't wanna hear this stuff, then skip ahead in a few minutes.

Um,

About five minutes.

Yeah, about five minutes.

Don't take me that well, man.

I don't know.

Anyway, I can talk.

I know how to talk.

Um, it was a state sponsored, like Russia said, and, and what's interesting about

this show is that they show both sides.

They show what's going on in Russia at the time, you know, and Russia basically

said, We want to provoke the UK to war and we're gonna do a multi-pronged attack.

Um, social engineering, you know, social media engineering, uh, a cyber

attack against their infrastructure and a news attack, essentially.

Fake news

misinformation.

campaign.

Yeah.

Misinformation campaign, right.

Via their own state sponsored news channel.

And, um, you know, it works right?

Ultimately, um, the UK.

Believes that they have no choice.

They believe that they have been, they have been, uh, that, that, that, that

what Russia has done has been an act of war, although it's all been cyber and,

you know, under the covers and everything.

So they respond with a cyber attack and Russia over, you know, uh, exaggerates

the effect of the cyber attack.

It's killing people.

It's killing people in hospitals, et cetera.

And then they actually attack the uk.

Um, it's a.

Too real,

But I was gonna say, yeah.

in 2024.

There's references to current to people that are currently in politics.

The, the actual Prime Minister is a fictional prime Minister.

Uh, they actually said that he ous it, uh, uh, Boris,

Hmm.

um, in, in a bitter contention,

Were they foretelling things?

Yeah.

I think they were, cuz you know, I think it must

have been filmed before he resigned.

But,

Yeah.

um, but overall, the stuff was all just, there was this one

scene that um, really, really, it hit home for me and it was where they were.

Um, there's this, there, there's this new journalist that has

moved from Russia to London.

To be on the Russian sponsored channel, you know, that's in London.

And she gets, sent her very first assignment.

She gets sent to a place, to a date and time and place, and she's

told to put on riot gear, and then a, and then a riot happens.

Right.

You know, right behind her the moment she gets there and

she's like, Did, did, did we?

Did we, um, Uh, arrange for the counter protestors to show up, and

her boss is like, uh, we arrange both sides and she shows how she had,

they have Facebook groups that they started and one is like pro Putin

and one is against Putin, and they

but both controlled.

Yeah.

And they're both controlled by them.

And then they announced a, we're gonna meet in protest at 10:00 AM at Lester

Square, whatever it was, you know?

And they just did it with both groups, not telling them the

other groups are gonna be there.

And so then they show up 10 o'clock with the camera.

Oh look, there's a riot in the middle of London over Russia.

Uh, and that all seemed really like, just a little too real,

It hits.

Does, did it feel when you're watching this, that it's almost as if you're

watching like live news happening in another part of the world?

yeah.

And, and, you know, and then there was this, this moment when the, the

lady's like, Well, well, this is fake news, like what we just did.

She's like, Okay, First off, it happened, right?

We didn't orchestra, you know, we didn't, we didn't.

Hire the people to

come.

Yeah.

these are real people that join our groups.

They, there's a group that thinks Putin's great, and there's a

group that thinks he's bad.

These are all real people.

This is not fake news.

This actually happened.

And then she goes, Lady, it's all fake news.

Our goal is to get it so that everyone thinks everything's a lie.

And then, uh, then the biggest liar wins.

And again, I was like, this is just hitting a little too, too close to home.

But yeah.

But, but the cyber stuff was, was a core element.

And what they had was this multi-pronged cyber attack where they had the,

the one cyber attack that went off and then, The, again, they used

social engineering against it.

There was something about a, a, a library that they did something with

a library and they're like, Well, nobody's gonna look inside the library.

Um, and so the, you know, the new girl, of course, looks inside the library and she

She's like, Ooh.

attack.

And so she's a hero except it turns out there's a third attack and the

third attack was the worst, right?

So they, they get this feeling of euphoria, of like, Oh,

Yeah.

We caught it.

Haha, yay.

We caught it.

There was a third attack that was much, much worse.

And, um, that results in a severing of relationships between the US and the uk.

And the show,

Hmm.

Interesting.

a 75 year information sharing agreement is over.

It's like you are on your own.

So now the UK is on their own at a moment when

When they need, Yeah.

Oh, yeah,

It was pretty, it was pretty good.

You know, overall the tech was pretty good.

You know, there was a moment where like, you know, they, they wanted to give the

girls some busy work and, and they said, I don't know, why don't you just strings it?

Right.

You know, like strings the executable.

And so she's looking through the stuff that she sees.

Um, . And, um, oh, there, there was one little interesting thing that I picked up.

So there was this, in that strings attack, she gets these three words.

Oh yeah.

I remember.

yeah.

And then it turns out there is this thing called what?

Three words.

What number?

Three words.com.

They've divided the entire world into, uh, three meter segments, three

meter squared segments, and you can identify any three meter squared

segment in the world by three words.

and, and it's a fascinating way to do like GPS coordinates and it's a

way to basically say like, I'm in a very, I'm in a big field and you can

meet me at, you know, dog cat goofy.

Right?

And, and that would, that would.

Translate.

2

what, Three words?

Yeah.

Uh, that was, I'd never heard of it.

I was like, I'd done, you know, and I pull it up, I go, Look at that.

They use an actual app and they use the actual app, like the UI

of the actual app in the movie.

I was like, Well, that's pretty cool cuz a lot of times you

see, they don't, they, they.

They just build their own.

right?

Yeah.

Uh, but overall it was, uh, so back to the topic,

Yeah.

I thought it was really, really real.

The idea of state sponsored, you know, attacks is really, really real.

It's happening.

And so I can understand Lloyd's wanting to exclude that stuff.

I do believe it's an undeclared war.

Um, and then, uh, let's move on to the second topic, which is perhaps more.

Relevant to maybe the average company, I don't know.

And that is that there is a, another insurance company, it happens to be

travelers, and they, they were, uh, suing, um, uh, their, so, so that

Travelers is the insurance company.

The other company is called SJ Computers.

They sued in November that travelers owed them far more money than they

were, than they, than they were getting, They were getting a hundred thousand

dollars and that they owed nearly $600,000 in a loss due to a successful,

um, business email Compromise Attack.

And by the way, the attack just sounds horrible.

I don't know if you read through the

Yeah, I did.

It's, this was on the register as well, right?

Um, social engineering.

Can't find it.

well, they basically get, they, they, they hack an, they

get something to hack an account.

They send an email to the CEO to authorize a payment, and

the CEO makes a quick call to.

Their, their company, like they used a real, they they knew a lot.

They used the name of a real client of the company, or I

guess that would be a vendor.

They used the name of a real vendor of the company, but they just changed

Prasanna Malaiyandi:

Change the phone number.

then they, they got them to authorize the, the thing, and

he, he didn't, he, he made a phone call.

It didn't answer.

And so they paid like $600,000 to, uh, this other company.

and what Travelers was saying is, Listen, we have social engineering coverage.

You paid for social engineering coverage.

This is social engineering.

It has a limit of a hundred thousand dollars.

Uh, we're not paying you $600,000.

They sued, they lost.

The court very clearly said, Look, this was so, so they, they

differentiated between a social engineering attack and a cyber attack.

Which is interesting because I had never really considered

that there are different categories, which makes sense now that you think about it,

but that there are different categories of the types of crime and given insurance

companies, they probably have different amounts of coverage, just like your normal

house insurance or car insurance, right?

You have different amounts based on the different types and.

It makes sense.

And I'm guessing that someone probably did not read their contracts clearly

to see what their coverage was.

the story that I read, It looked like they did read the contract.

They, they, and they filed it the way they filed because they did read

their contract , meaning, meaning they wanted it to be covered on the other.

And I, I know I, I, um, there was an insurance deal that I was involved with.

I gotta speak, uh, what's the word?

High level here.

But there was an insurance deal that I was involved with where the insurance

company, Wanted to pay far less that it, it was a company that, that suffered,

um, a disaster recovery situation due to a flood of, uh, the River.

The company actually did a really good job where they had essentially

relocated their IT infrastructure to an alternate, like a, you

know, a, what do we call those?

Like a cola.

Yeah.

Colo.

And they had done it in such a way that there was like almost

no downtime, but by doing it that way.

And they basically, they knew this flood was coming and they.

In advance, and it was essentially miraculous.

The company had done a really great job of protecting their business,

but the coverage that they had, basically it said, We will cover

moving your computers, right?

Like moving them to a high ground and then moving them back.

There is no coverage for business continuation.

Right.

And so they were, they were suing for, it was just like this, where they

were suing for a much bigger amount.

And they're saying, You don't, it's not covered in this,

in this, um, in this thing.

Right.

You know, So when, when insurance companies write insurance, they,

they, you know, they, they write it so they don't have to pay.

Uh,

Or they understand the risks and the

likelihood and all the rest of that and charge you accordingly, right?

Right.

And, uh, and, and you know, just like in this story, the company in my

story, they lost because it was very clear what the difference between

physically moving the computers and moving them the way they did.

Uh, you know, and, and it was literally like this was, this

made this look like peanuts.

It was like, it was millions of dollars.

Uh, and they, they were gonna get, Like 200,000 or something.

It was something really small.

But, um, I, I think that the key here, if we go back to sort of the,

the core element of our podcast is that you should be creating a cyber

defense and a data defense mechanism that you shouldn't have to be reaching

out to your insurance company.

Right.

If you, if you follow and, and I'm gonna go, I still think that the, the episode

that, the episodes that we did with, um,

Snorkel 42,

I still think that his multipronged, these are the things

that you should be doing already.

You know, that approach of, you know, Obviously, obviously monitoring for

bad stuff happening, obviously having, you know, an intrusion detection

system and all of that stuff, but then designing your infrastructure

in such a way that if and when you get an attack, it, it can't spread

Prasanna Malaiyandi:

Blast radius is reduced.

Yeah, it reduces the blast radius and then you need to,

uh, because if you, if a single system got infected and then it's unable to

infect the rest of the data center, that's not that big of a recovery.

Yeah.

Right.

Even if it's the most critical system in your enterprise, that's

still not that big of a recovery

Prasanna Malaiyandi:

Assuming you have backups,

as well, Yes.

Well, any recovery is a bigger recovery if you don't have backups and assuming

you have, And then when we get to the part of the, the disaster, assuming

that you have a disaster recovery system that is a modern day system that

is able to bring your infrastructure.

In a relatively short period of time.

Um,

That you've

tested.

What's that?

That you've

And it's tested.

That is, that is documented and you have tested, and I think

it should be automated, right?

There are, there are companies and yes, Druva is one of those

companies that provides a fully automated disaster recovery system.

We happen to use the cloud that you do, you know, you do a one-time setup upfront.

Then in the case of either testing or declaring a disaster, you literally push

one button and then boom, you fail over to the, to the other data center, right?

Well, it fail over to the cloud.

um, you know, we're not the only company.

In fact, we don't even have the best RTO there.

There are companies that, you know, we, I mean, ours is 15 to 20 minutes.

That's pretty dang good.

But there are companies that do that in, in, you know, one

minute or less than one minute.

Um, and I, I think that.

Um, if that's what you need, then you should go to those companies, right?

But if 15 to 20 minutes it's good enough for you to say no to a

ransomware company, then I would recommend you check out Druva.

Um, I, I think it's the beauty of us running in the cloud, being a full

SaaS service and all of that stuff.

Right?

So I just, I want you, That's, I think the takeaway to get from this

is to not, is to not focus on the.

Two thirds of the podcast of like the details of what these wordings mean

and ah, you know, are we gonna be covered and we're not gonna be covered?

Do it so you don't need to coverage.

Yeah.

Well, I would say do it.

So it's kind of like, as I look at it, like medical insurance sometimes, right?

Where you're looking at it to protect you from catastrophic, Like

something gets out for some reason and your blast radius is no longer

just that one server, but everything.

So it's there just in case you need it, right, to provide you that

coverage or whatever else it is.

But for the most part, you should try to not ever have to use it.

Yeah.

it's more like home insurance than medical insurance.

Actually,

say again,

I would say it's more like home insurance

than medical insurance.

Yeah.

It's more like, yeah, it's more like home insurance.

Prasanna Malaiyandi:

Protect yourself, right?

Prasanna Malaiyandi:

Plan.

Prasanna Malaiyandi:

Protect yourself.

yeah.

That, that's the thing is, is to, is to plan for this.

I think that the main point of cyber insurance would be to

have a person in your corner.

When, uh, Tony from Special Logic talked about what they went through, they had

a company, a cyber specialist in their corner to help them out of the scenario.

That's, um, that's what I like about cyber insurance is to have, if there's a

clause in there that gives you access to

An expert.

that have done this.

Yeah, an expert.

Um, And, um, and then you do need that multi-pronged defense system to protect

from on the front end and to protect it from being able to, you know, to limit

the blast radius and protect it from being able, you know, like the idea of not

using recently used domains and not using domains with these really long names.

And, um, by the way, in the

E dns.

I like that one from, Did you remember the guy?

Yeah.

Yeah.

Yeah.

I like that at a lot the, in the movie, the, the command and control

Uhhuh.

uh, it was a very simple, like, like the, like we're

in, That's all I wanted to say.

That's all I wanted to say.

And the way they did it was a, like on a Facebook page,

which is interesting, Right?

And then they, and then some, and then somebody else is watching

the likes on that Facebook page.

So,

Well, if you think about it, right, most people are browsing

Facebook and these common things, and now you have a domain that's commonly used.

How do you differentiate that traffic?

And yet nobody should be going to Facebook from a server.

Yep.

Right.

So that, yeah, that, that's the kind of stuff that, um, that,

uh, Snorkel 42 talked about.

All right.

Well, thank you very much, uh, Prasanna for, you know, what, what did we do

deciphering the latest news in cyber

insurance

Yeah, I think that seems accurate.

Yeah.

Thanks Curtis, and good luck with the car.

We will have an update next week on the

Yeah.

Well, one way or the other, we will have an

Yeah.

next week.

All right.

Thanks to our listeners, and remember to subscribe so that you can restore it all.