On this episode of Davood for Thought, our host Davood Ghods talks with Vitaliy Panych, Chief Information Security Officer (CISO) for the California Department of Technology. Appointed in January of 2022, Vitaliy is responsible for the security of one of the largest collections of digital information assets in the country, identifying and mitigating more than 200 malicious activities daily. In recognition of his work, he was recently honored with the 2022 Thomas M. Jarrett State Cybersecurity Leadership Award by the National Association of State Chief Information Officers. Tune in to hear Vitaliy share about how learning to code as a teen inspired a lifelong career in cybersecurity, what's next in the security industry in the public sector, and how Brazilian Jiu Jitsu makes him a better technologist.
00;00;00;00 - 00;00;26;07
Davood Ghods
Hello, everyone. Welcome to Launch Consulting the Davood for Thought Podcast. I'm Davood and I will be your host today. The way I stay up with depressing topics of tech and government today is to tap into the panel of experts I've had the honor of connecting with over the years. Today, I am pleased to have Vitaliy Panych on our podcast.
00;00;26;13 - 00;00;56;17
Davood Ghods
In January of this year, Governor Newsom appointed Vitaliy as the chief information security officer for the California. In this role, he is responsible for the security of the largest collection of digital information assets in the country, experiencing more than 200 million malicious probes daily. Vitaliy and his team continuously monitor more than 140 departments and onboard most of those departments to monitor their own internal networks.
00;00;56;21 - 00;01;25;28
Davood Ghods
His efforts will help expand the California Cybersecurity Integration Center's capabilities to assist more local government agencies throughout California. Vitaliy is shifting the state from point in time reviews to continuous real time scanning of agencies, networks that reduce exposure time to potential threats when vulnerabilities are detected. Vitaliy started his state career in 2003, which, by the way, is when I first met him.
00;01;25;28 - 00;01;53;11
Davood Ghods
And he has held various positions in different departments in the state, such as franchise tax for the California Department of Corrections and Rehabilitation and the Employment Development Department. And now as the chief information security officer for the state of California. Vitaliy, without sharing any more of your background, I want to welcome you to this episode of The Food for Thought and ask you to tell us about yourself. And for someone who doesn't know about your background, please give us a brief overview of what you have done and what you're currently working on. Welcome.
00;01;53;16 - 00;02;16;21
Vitaliy Panych
Perfect. Thank you, Davood. It's an honor and a pleasure to join you guys on the podcast. And a longtime listener looks forward to the conversation. So yeah. Vitaliy Panych, currently the state chief information security Officer.
00;02;16;23 - 00;02;43;24
Vitaliy Panych
I've joined the California Department of Technology as the deputy state chief Information Security officer in early 2019, where my predecessor, Peter Lieber, tapped me on the shoulder, asked me to come join him, will be a great team together, and really kind of help help build, build in that continuity and and really work together. So we kind of keep continuing the good fight and keep standing on the shoulders of giants right there.
00;02;43;24 - 00;03;07;08
Vitaliy Panych
And there are many prior CISOs that were very successful in what they did in number one, building in that succession. And continuity in our workforce is one of our primary goals that we're trying to unveil. But first, on the personal side, obviously I'm originally from Ukraine immigrant family. We've integrated into California with my family, immediate family, about 32 years ago.
00;03;07;10 - 00;03;37;13
Vitaliy Panych
And it's certainly unfortunate what's going on in Ukraine today, but grateful for for my family and my folks that kind of see see the writing on the wall and really look forward to working on establishing a better future for for me and my siblings and and our family. So we've immigrated from from Ukraine 32 years ago. Really. I got interested in security earlier on in my I want to say, high school days, always been kind of a technologist, the geek, the nerd tinkering with i.t quite a bit, as a matter of fact.
00;03;37;14 - 00;04;07;14
Vitaliy Panych
Right. Ran my own hosting web hosting farm back in high school, hosting websites, developing websites and things like that of that nature. And really one time one of my websites got compromised, got defaced early, early on in the days, and I really got hyper observant and hyper hyper obsessed with investigating how it happened, why it happened, how can I fix what I put out as a as a web product out there on the Internet and build in the security controls that should have been there in the first place?
00;04;07;19 - 00;04;29;29
Vitaliy Panych
So I really got my first realization and shock there in the early days. But then as obviously transient transitioned out of high school, got into college computer science major and a political science major at the same time. I know that's a really odd and weird combination, but that's kind of why I got interested in government and specifically doing it in the state.
00;04;30;04 - 00;05;13;09
Vitaliy Panych
Like you mentioned, I've worked for a handful of different departments and agencies, six to be exact, starting from our statewide data center to various tax organizations that you mentioned. The AfDB also worked with Texas and California Department of Corrections and Rehabilitation prior to state service, kind of in the days between high school, college and state service. I was doing a lot of consulting work, casing development programing, infrastructure work for various consultancies around town that specialize in services, heavy I.T. background around, well, well-rounded aspects of it from development to infrastructure, and then officially got into security back when I was at the Franchise Tax Board.
00;05;13;12 - 00;05;55;28
Vitaliy Panych
So I was leading the vulnerability management and the vulnerability assessment team within the FTB to kind of harden our e-commerce systems and test them out and really poke and prod and test the resiliency of the controls that are built in. Now, I'm in a statewide role playing an oversight kind of regulatory role and process. What we do today is we establish then essentially an oversight process where we keep our downstream executive branch entities accountable not only to the security framework, but also to the security controls that are tactical and operational, that are being built in and ingrained into every layer and aspect of it.
00;05;56;00 - 00;06;32;21
Vitaliy Panych
So we we have an oversight lifecycle that test those controls out as well as audits them so that their appropriate policy standards, procedures backed into what departments do when they implement and operate controls. So we'll get into a little bit more about what that process looks like lately. And to date, we've built in an operational arm as well, where we're augmenting and supporting departments with managed security services that that that are provided are out of our security operations center, as well as the Cal Sink, the California Cybersecurity integration Center.
00;06;32;23 - 00;06;59;12
Davood Ghods
So we'll certainly get into more of the nitty gritty and the details about what those teams do today and kind of what they're going to work on. That's very good. Well, thank you for that. For all response about your background. And I've been hearing great things about Cal Secure, about all the efforts that you are undertaking in your team and more power to you to keep us safe.
00;06;59;15 - 00;07;25;04
Davood Ghods
So I decided to stick to all the questions that I've asked all the other guests because I want to get a flavor from different guests on those questions. My next question that I typically ask is what emerging trends are you seeing in your field that we should all be paying more attention to? Yeah, certainly emerging trends and some of some of the things that we are seeing.
00;07;25;06 - 00;07;52;06
Vitaliy Panych
First of all, you first mentioned Cal secure. Cal Secure has been kind of an ever evolving strategy slash roadmap that we're publicizing and outlining to the state departments that we govern. Essentially, it's a it's a roadmap, it's a guide. It's a rough, high level framework of the things that departments ought to be doing and then what we should be doing as a state to kind of centralize a lot of our security controls.
00;07;52;08 - 00;08;16;26
Vitaliy Panych
Really, we cannot be or any one of our agencies or departments cannot be the weakest link. We all kind of work cohesively to do with one another and with each other as far as data exchange integration of technology. But at the end of the day, Cal Secure is kind of the dictionary a roadmap of what the State government and executive branch is doing, where we're going and how we're going to get there.
00;08;16;28 - 00;08;57;00
Vitaliy Panych
It's a taxonomy to really use as a framework of discussion with our finance folks. Obviously, security becomes costly and it may seem like it's a black hole in terms of investment as we're trying to keep up with the threat landscape given our vast and broad attack surface. So it's kind of step by step outlines the basics and what we're doing and how we're doing it so that all of our stakeholders can understand so that we could fund the appropriate priorities at the right time and be able to articulate them and explain them to members of our financial committees, to the legislature, to the governor's office.
00;08;57;04 - 00;09;30;13
Vitaliy Panych
So security really needs to be transparent with one another, not just within a broad governmental bureaucracy, but within any any large enterprise. So I'll keep it at that. Transparency is key, but also as well as with our vendor providers and software suppliers and hardware suppliers and what we need as far as security controls being built. In The second piece of that question, obviously emerging trends, we have a threat Intel Intel group that heavily monitors and observes kind of the threat threat landscape that that's out there.
00;09;30;19 - 00;09;56;16
Vitaliy Panych
We heavily partner with multiple stakeholders, multiple partners at the local levels, at the federal levels, and that is calcified. So Cal, SEC that I mentioned, that's kind of the central coordinating hub of threat intel information collection sharing and sharing of pertinent trends and metrics to the various industry sectors that we deal with as it pertains to state departments.
00;09;56;19 - 00;10;30;29
Vitaliy Panych
Needless to say, ransomware has been a heavy, heavy threat that we're all dealing with and across all of our sectors. As a matter of fact, the ransomware, the instances or incidents around ransomware has increased from last year to this year by a greater percentage than the last five years combined. So ransomware has been a huge emerging trend for a lot of our organizations, and not only ransomware in the fact that it disrupts availability of services that that we provide government services.
00;10;31;01 - 00;11;10;24
Vitaliy Panych
But also ransomware is evolving in attacking our confidentiality and integrity in the security world. We call it kind of those double, triple extortion threats. You know, not only is it the fact that organizations are being targeted and extorted and having their availability disrupted, but now we see threat actors and adversaries, They're not only disrupting availability, but they're also looking at taking data, siphoning off data and exfiltrating sensitive and private information so that that can either, number one, be sold or a victim or a department could be extorted in addition to extorted for further availability.
00;11;10;26 - 00;11;34;21
Vitaliy Panych
So meaning, hey, I'm going to take your data if you don't pay me some crypto, I'm not going to give you your data back, but also I'm going to threaten you to release your data in the public domain. So we see ransomware evolving where we're where it's going to affect availability, not only availability, but your integrity and confidentiality of that sensitive data that we're all aimed at protecting.
00;11;34;27 - 00;12;15;10
Vitaliy Panych
In addition, software supply chain software supply chain attacks, heavy hitter there. We've seen incidents, a lot of the victims that we've seen, 61% of our incidents have been attributed to supply chain attacks, meaning either a business partner such as a downstream local organization or a or a sister department or agency gets breached. And then the software provider such as like, for example, SolarWinds, is a big notable event that we've all had to deal with a supplier of of solar supplier at the scale of SolarWinds got breached impacted which down to downstream impacted a whole slew of organizations around the world, not Niger state agencies.
00;12;15;10 - 00;12;52;28
Vitaliy Panych
So we've seen many, many third party organizations that don't have a lot of transparency built in in terms of how they provide, implement and deliver security as a part of doing business. They get breached and affected, which downstream affects all of their customers or their partners. So that's that's another trend that's going to keep prevailing. Thank you. It was very comprehensive, and I agree with you from a vendors perspective, we see a lot of activity also in organizations asking for assistance, in assessments, in mitigation, etc..
00;12;53;00 - 00;13;18;29
Davood Ghods
I'm glad that there is heightened focus on cyber security. And thanks. You mentioned my next question, Vitaly, is around resilience. Really, I think you would agree that adjusting to the pandemic was challenging for many organizations and now everyone is thinking of what the next major disruption is going to be and how can we better be prepared for it. So resiliency is a big topic of conversation. These are what are some examples of resilience that you're seeing in your business in the past year and what is at least one thing organizations should be doing to improve resilience?
00;13;19;01 - 00;13;58;15
Vitaliy Panych
Yes, number one, resilience, I think he did say is a broad topic. You know, I see resilience as a broad spectrum of things that must be done before and after an incident, and we need to focus and prioritize efforts around various initiatives, some of which we've outlined in Cal Secure that need to be done proactively as well as reactively.
00;13;58;21 - 00;14;24;04
Vitaliy Panych
Over the last year and a half, we've built up Cal SEC. A dedicated incident response team is embedded within within Cal said. What that means is we have dedicated not only threat analysts that day to day and operationally watch out for the trends, but are also able to respond and support potential victims with incident response services. For example, a local or school gets gets compromised.
00;14;24;04 - 00;14;51;17
Vitaliy Panych
Their availability is impacted. Cal SEC is the team that goes out on site, investigates, collects various evidence evidence and works with the victim and being able to set them up to harden their infrastructure, their gaps that were ultimately exploited and then sets them up for success. So we have a dedicated air team and an air practice. We're also looking at enhancing that going forward with additional capacity and additional bandwidth.
00;14;51;19 - 00;15;16;09
Vitaliy Panych
We also partner with the military department, so we have staffing that are embedded within our Cal Tech team that are that are National Guard Guard folks. So if we need to call upon additional resources, we have folks there that can help and step in. So having that air capability that to support the to support potential current or future breaches is is vital and important because we do always hope for the best.
00;15;16;09 - 00;15;40;10
Vitaliy Panych
But we always, always prepare for the worst in kind of establishing those right of boom, reactive capabilities. But also we've done a lot of work in enhancing and evolving our security operations practice. Obviously we have a compliance and auditing and assessment team that goes out and engages departments to poke and prod, to poke and prod them and test their security controls for effectiveness.
00;15;40;10 - 00;16;21;25
Vitaliy Panych
But our security operations center steps in behind that and augmenting operations teams for departments or organizations that don't have security personnel. That's currently a real and a real and imminent imminent problem is we can't hire fast enough. We can't find enough security practitioners and professionals. So we've kind of socially, as a lot of our resources centrally, and we've enabled our security operations center to be embedded within departments that either number one cannot afford it, cannot justify it, or simply or simply are just getting there, just can't keep up with closing some of their gaps and remediating issues that we point out, by the way, from our audits and assessments.
00;16;22;02 - 00;16;57;09
Vitaliy Panych
So we've onboarded almost half of the state agency population as quote unquote our customers or the beneficiaries of our service. We're continuous. We're looking at where working, we socialize additional capabilities that could be offered holistically and unified that are unified throughout the state. So we're building, building and controls. They're focusing on resiliency. We've conducted multiple business resumption and availability, tabletop exercises with a handful of departments, some of our critical agencies and departments, as well as earlier in the year.
00;16;57;09 - 00;17;28;02
Vitaliy Panych
As a matter of fact, four, four or five months ago, we've we've conducted a tabletop exercise with business leaders with quote unquote, what our board is equivalent in state government. That's our cabinet level cabinet level secretaries that lead the main branches of government. So we've conducted a tabletop exercise to really educate them on the resources that are available, educate them on the roles and responsibilities and what each individual agency and then a downstream department ought to be doing.
00;17;28;02 - 00;18;09;15
Vitaliy Panych
As far as that, as far as their plans having, you and accurate and appropriate business impact assessment, a incident response plan specific and appropriate to an individual department, and ensuring that they test test those plans and test recovery to make sure it works instead of having a plan out there sitting sitting on the shelf. So I highly emphasize kind of those exercise exercises, not only at the technician and practitioner level, but bringing in our business leaders, our executives, like I mentioned, our cabinet level secretaries, directors, public relations officials, public information officers, our legal counsels.
00;18;09;15 - 00;18;37;28
Vitaliy Panych
So everybody going forward is a risk based professional and information security professional. So we're arming everybody with the tools that everybody needs to manage risk, not just at the tactical level, but managing business risk. Business risk could be, you know, your reputation, it could be your legal liability risk, but as well as anything that that can hamper in impact your your availability to provide services.
00;18;38;02 - 00;19;14;08
Vitaliy Panych
So we're conducting multiple tabletop exercises. So they're in on a quest to educate everybody, to make everybody a cybersecurity professional up and down throughout the organization.
00;19;14;09 - 00;19;44;08
Davood Ghods
Yes, this is great. We've always been saying security is everyone's responsibility and you are making it happen. That's great. And thank you for providing a thorough response. You know, some folks have been giving me feedback about what a great development tool these podcasts are, and this is great as far as what other organizations can do to become citizens. So thank you. At Launch consulting with Ally, we always talk about how we are going to get the project done, but we also ask ourselves what are we doing? What we are doing? What is your why? In other words, what motivates you in your work?
00;19;44;08 - 00;20;06;23
Vitaliy Panych
Oh yeah. I always have to ask the why and continuously ask yourself at least five times to really figure out what is the actual underlying purpose of of what we're doing. If we don't do that, we're going to become too overly bureaucratic and add in our world security controls that don't make sense. And what I mean by that is our efforts in order to prioritize so that we're fixing and treating and remediating the right gaps at the right times. We are under a real and hard, real realization that everybody will get breached and we're operating that under that assumption.
00;20;06;25 - 00;20;34;02
Vitaliy Panych
But really it's important to prioritize where we're putting in our resources based on the threat landscape that's out there and based on the gaps and vulnerabilities that we continuously track and discover. I always ask myself why? Why are we doing what we do in terms of, you know, should we fix a given issue of vulnerability now or deferred to later, you know, by asking yourself a couple fundamental questions, How much is it going to cost you to fix it, to remediate it?
00;20;34;05 - 00;20;58;06
Vitaliy Panych
You know, whether it's an unpatched web server on the DMZ or a loose or weak contractual clause, you know that legal liability risk that I mentioned. So what is it going to cost you to shore up that gap, that issue, that vulnerability? And then what what is the cost if you don't fix it, if you leave it exposed, kind of try to quantify some of those numbers and metrics to put things in perspective.
00;20;58;06 - 00;21;20;08
Vitaliy Panych
When you're prioritizing hardening and security controls. So those are two questions, but then also mix it or blend it with how likely is it that that issue will get taken advantage of or exploited? There are issues that aren't very likely to get taken advantage of or exploit it. So kind of put that kind of decision logic into your metric process when you're prioritizing issues.
00;21;20;16 - 00;21;44;15
Vitaliy Panych
And then how big, how bad is the damage that would be incurred if that issue does get exploited? You know, there could be an issue that, you know, impacts your availability for 5 minutes versus an issue that that zero day liability for a month where you're unable to provide service, where you're unable to send kids to school, or you're unable to provide online education or issue a benefit.
00;21;44;15 - 00;22;08;09
Vitaliy Panych
And then there are larger scale impacts that we also consider the impact life, life and limb. You know, if our public safety services get get impacted in our hospitals or our law enforcement organizations, the impact could be devastating. So, really, you know, I mentioned or outline a couple of different factors and how we prioritize what we do, but we have to put things into that perspective.
00;22;08;13 - 00;22;28;25
Vitaliy Panych
For me, the why, you know, I'm always kind of a proponent and passionate about protecting individual privacy and civil liberties. You know, as we transact more business online in our daily lives, we increase our digital footprint. You know, we use social media, we conduct online banking, online business, we conduct medical services online from the palm of our hands.
00;22;28;25 - 00;22;48;05
Vitaliy Panych
There's a lot of data flowing around. Data is really, you know, quote unquote, I like to say that data is like the new oil, right? It's data is expensive. It's valuable. So as oil and gas in Austin becomes monetized, then when that data gets spilled, just like an oil spill, it's tough to clean up. It's tough to control.
00;22;48;07 - 00;23;11;14
Vitaliy Panych
So really, I want to emphasize that my my mission or my way is focusing on protecting individual privacy and how that what we do, whether it's tactical, operational or on the compliance side, how it impacts individuals and mitigate those those chances. I've been involved with, you know, many family members that that family members and friends that call me when when they get their identity stolen.
00;23;11;21 - 00;23;33;27
Vitaliy Panych
It's not uncommon today that most folks will have their identity stolen, whether it's from, you know, an application out there on the Internet to an application, a social application that that we use. It's where we are prone to having our data data compromised. And it's not easy to come back from from an identity theft event. So that's that's my kind of personal wise.
00;23;33;27 - 00;23;54;04
Vitaliy Panych
I want to make sure we kind of focus down to the individual, you know, protecting all Californians. But we do protect all Californians through our departments by advocating what we do in terms of our mission and strategy so that departments could be successful. So that's at a broad and high level, at a high level from from what we do.
00;23;54;08 - 00;24;17;15
Davood Ghods
But really going back to protecting individual privacy, that's great privacy and civil liberties for your family and friends and all Californians. That's a large group, Italian. Good luck. More power to the next question is about how to inspire innovation on your team. What do you do to inspire innovation on your team? We always tell our team to look for different ways. The fact that we've done it this way doesn't mean it has to always be done well. So how do you inspire innovation on your team? And you've had different teams and different organizations, So a lot of experience.
00;24;17;15 - 00;24;39;19
Vitaliy Panych
Yeah. I mean, inspiring innovation, you know, we're always selling and promoting security and security measures to be ingrained and built into everything we do.
00;24;39;19 - 00;25;07;28
Vitaliy Panych
And ideally everything we do ought to have a security component. You know, it's commonly known that security is an expectation these days. Security is costly. At the same time, however, you know, how can we work with a department or a product provider application provider to ingrain those security controls, whether it's enhancing how a user logs in authenticates, authorizes themself to how operators monitor their networks?
00;25;08;01 - 00;25;33;12
Vitaliy Panych
You know, we're constantly promoting and championing in that security controls ought to be built in. What's most important to the teams is what role do they play in supporting the mission, whether it's public safety, supporting law enforcement officers to conduct what they conduct in a safe manner, transportation in a building and security control so that transportation is safely provided on our roadways.
00;25;33;15 - 00;26;17;04
Vitaliy Panych
State of California is really a broad and diverse attack surface that impacts individuals downstream. So we really try to emphasize to our security practitioners and our operate operators that, you know, do what you do, but be cognizant and think about what the mission is to what the mission is of an agency or department as it pertains to an individual, because the impacts could be great, whether it's whether we're rehabilitating inmates from, you know, our correctional days, you know, we want to make sure we provide education services within our California Department of Corrections and Rehabilitation safely, securely, so that those education services aren't being abused, but also provided in a safe and secure manner.
00;26;17;07 - 00;26;36;10
Vitaliy Panych
Ultimately, one of the mission that missions of rehabilitation is, you know, we want to be able to enhance our offenders so that ultimately they get out and be productive and successful members of society. I mean, they will be your your neighbors. They will be my neighbors. So I want the folks that get out of that environment to be rehabilitated.
00;26;36;10 - 00;27;05;15
Vitaliy Panych
So really the point is focusing on the mission, whether it's public safety, distributed distribution of benefits to education services. We want to make sure all of the services that support our mission are stable and are provided with privacy protection controls. Well, I just got two more questions from there. Kind of personal. What is something that would surprise people about your background, your interest, the telling, something that not too many people know about you?
00;27;05;19 - 00;27;23;18
Vitaliy Panych
Not too many people know about? I'm a security paranoid security professional. I try to keep that on the on the down low. There's a lot of things I, I like to do to kind of get my mind off. Also the day to day is, yeah, what we do could be stressful sometimes feel like you're being run over by a bus.
00;27;23;19 - 00;27;55;21
Vitaliy Panych
Lots of pressures there, especially when you're dealing with an incident response engagement where you feel like the whole world is crumbling on you. When the whole network is down where you know your services can't be provided, whether they're education or a county camp can't issue property and real estate transaction transactions. When it comes to county clerk recorder's office, we've had multiple incidents that we've dealt with that impact county services where a county is down, they can't conduct anything, anything at all from tax collection to county clerk recording, recording.
00;27;55;21 - 00;28;20;13
Vitaliy Panych
So that's pretty devastating at the local level. Point is, lots of pressure there. But what I guess a lot of folks wouldn't know that I do is maybe hobbies, long time jujitsu, Brazilian jujitsu practitioner. I teach teach jujitsu classes. I practice long time. I mean, a little over 20 years ago. Gracie Jujitsu, Black belt. How that's relevant, that's really keeps me grounded and keeps me personally grounded.
00;28;20;18 - 00;28;37;22
Vitaliy Panych
It's not not only good for your health, but also good for the mind. There's a lot of matches that you go into where where you feel like you are being crumbled. But jujitsu is really good at kind of teaching you on how to be calm under pressure situations while you're while somebody is on your back choking you out.
00;28;37;22 - 00;28;57;11
Vitaliy Panych
MACE trying them, trying to get you to pass out. It teaches you how to kind of be calm, cool and collected and survive what could be a devastating situation. So a longtime jiu jitsu practitioner, I love it. And that's kind of a lifetime lifetime journey, and that's for sure. What it also teaches you that you're always evolving and you're always you're always learning something. Even though you're a black belt, you're a brown belt or whatever belt you are, you're always evolving, you're always sharp, sharpening your tools. So that's something that I do quite a bit in my personal life.
00;28;57;11 - 00;29;18;28
Davood Ghods
There you go. I did another excellent. And the last question, you know, you talked about Cal secured classic work. Can people find information about those things? Where can people find you? And keep tabs on what you're working on and how can people support your work if there's a link for those or if there is a site that you can refer to, please feel free.
00;29;18;28 - 00;29;51;08
Vitaliy Panych
Yeah, certainly there's a few few resources that that I would like to point folks to. Obviously CDS website CDs state that's gov slash security also encourage folks to go on to yes his website and there's a Celtic Celtic link from there there's a lot of resources there to follow me personally.
00;29;51;11 - 00;30;14;03
Vitaliy Panych
Pretty easy to track. Easy to find there. Yes. Look up my link then look me up by name. Twitter. It's Alec PANITCH on Twitter as well as a lot of industry trade publications that we work with from the Tech Wire's state scoops NASCO. We also put on quite a bit of vendor forms or our department CDS provides a lot of vendor forums and various hosted forums.
00;30;14;08 - 00;30;41;20
Vitaliy Panych
Certainly encourage folks to keep track of us there. In October, October 20th, we have the cyber Security Education Summit that's coming up that's hosted, hosted by or sponsored really by by the critical partners that deal with state cybersecurity issues that that is. Oh, yes. CHP in the military department. So it definitely interests to be involved. It goes beyond five years it's been it's been gone gone on for a while. So it's my third or fourth year being personally involved. But yeah, it's been gone on for almost a decade. Very good.
00;30;41;24 - 00;31;17;23
Davood Ghods
Well, thank you so much for joining us today. We each thank you to all the listeners out there for joining us as well. We will see you in the next episode of Food for Thought, where we will shed more light on the human side of that.