Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
1:10
Okay , today on Cyber Work , Mark Toussaint of
1:12
OpsWatt joins me to talk about his work
1:14
in securing operational technology and , specifically
1:17
, about his role as product manager
1:19
. This is an under-discussed role within
1:21
security and requires great technical expertise
1:23
, intercommunication skills and
1:25
the ability to carry out long-term campaigns on
1:27
a product from , as he puts it , initial
1:30
brainstorming scribblings on a cocktail napkin
1:32
, through the creation , creation of the product and all the way
1:34
to its eventual retirement . Learn what
1:36
it takes to connect security engineering solutions
1:38
, experts , project management and more in the role
1:40
of security project manager , and how
1:42
OT security connects fast , flexible
1:45
IT and cybersecurity with systems
1:47
that , as Mark put it , might be put in place
1:49
and unmodified for 15 or 20 years . It's
1:51
not too hard to connect these worlds , but it does take
1:53
a very specific skill set and you'll find
1:55
out about that today on Cyber Work . Hello
2:03
and welcome to this week's episode of the Cyber Work
2:05
with InfoSec podcast . Each week , we
2:07
talk with a different industry thought leader about cybersecurity
2:10
trends , the way those trends affect the work of InfoSec
2:12
professionals , while offering tips for breaking
2:14
in or moving up the ladder in the cybersecurity
2:17
industry . My guest today , marc
2:19
Toussaint , is a senior product manager
2:21
at OpsWatt . Marc joined OpsWatt in
2:23
2023 , bringing him a strong
2:26
cybersecurity background and a proven history
2:28
of providing comprehensive cybersecurity solutions to
2:30
a wide range of critical infrastructure
2:32
industries . With 30 plus years of experience
2:35
at high tech and B2B companies ranging
2:37
from startups to large multinationals , he is now focused
2:39
on accelerating the launch and market
2:42
acceptance of the NetWall product line for OpsWatt
2:44
. Prior to joining OpsWatt , mark held senior
2:47
product management roles at Owl Cyber
2:49
Defense , bell Howell and Pitney Bowes . He's
2:52
based in Connecticut . Mark holds a BS
2:54
in plastics engineering from the University of Massachusetts
2:56
and an MBA from the University of New
2:58
Haven . So , mark , thank you so much for joining
3:00
me today and welcome to CyberWork . Thanks
3:03
, chris . Thank you for having me . Okay , I
3:05
realize I usually ask beforehand
3:07
, tucson , is that the correct pronunciation of your
3:10
name ? Yes , okay , and OpsWad is how you
3:12
about it ? Okay , I thought
3:14
as much . Just wanted to make sure . Okay
3:16
, to help our listeners get a better sense of your
3:18
background , we always like to sort of dig
3:20
into where you got interested in this stuff
3:23
first . So what was your earliest interest in computers
3:25
and tech and security ? Was there like a
3:27
moment , you know , when you were a kid
3:29
or a teen or in college or whatever , that really
3:31
got you excited about it ?
3:33
It really happened after college . You know , I came out
3:35
of school with a degree in plastics engineering
3:37
but I was hired by a company
3:39
that wrote software for the plastics
3:42
industry and over
3:44
time I just gravitated
3:46
towards the software side of the business
3:48
and
3:53
at that time a lot of manufacturing was being shipped overseas . So reading the tea
3:55
leaves , you know it made a lot of sense
3:57
to move on to the high tech
4:00
side of you know opportunities
4:02
out there . So that was really sort of the
4:04
starting point of , you know
4:06
, getting involved in technology .
4:08
Now , once you sort of got
4:11
it's hooks in you like that , did you study
4:14
formally like in school , did you self-teach
4:16
yourself , did you get books , did you just kind of ask
4:18
around Like what , how did you sort of feed the obsession
4:20
?
4:21
Pretty much just learned . You know trial
4:23
and error on the job .
4:24
Okay thanks , yeah
4:26
, so we had a past and
4:28
frequent guest , susan Morrow , who started out in chemical
4:30
engineering , and she said she enjoyed the
4:33
process of securing her specimens in
4:37
the network more than she enjoyed actually doing
4:39
the work , and so that's how she knew she was a person
4:41
for security . So it sounds similar for
4:43
you as well . So , yeah
4:45
, so I usually will look through a person's
4:47
LinkedIn profile to get a sense of their
4:50
sort of career trajectory , and yours is fascinating
4:52
and varied , but also it's pretty focused , because that you've
4:55
had several product manager roles at
4:57
companies known for their technical products
4:59
, like Bell Howell and Pitney Bowes , while also
5:01
always frontlining the security component
5:04
in each one . So can you tell us about your career evolution
5:06
and what you learned at each stage of
5:08
your journey , maybe a couple of transformational
5:11
moments or projects , and what
5:13
those gave you as far as skills
5:15
or qualifications ?
5:17
In terms of transformational moments . I mean , at one
5:20
point I evolved into a sales
5:22
role and did that for a couple
5:24
of years and I really wasn't that
5:26
happy . I didn't like cold
5:28
calling and just some of the aspects of
5:30
the role weren't
5:32
for me and kind of came to the conclusion
5:35
that I needed to figure out . You know where
5:37
to next and you
5:40
know I came across
5:42
a book called what Color is my Parachute ? Oh
5:45
yeah , you know it really helped you
5:47
focus on what skills you're
5:49
good at and ultimately you know the skills
5:51
that you're good at . You're most likely going to like
5:53
what you do if you are able to find
5:55
a role . So in that time period
5:57
I did a lot of work with the automotive industry
6:00
and Ford , gm , and really
6:02
what I enjoyed most about it was working
6:04
with them to help them define
6:07
you know what they needed in products
6:09
, and that , you know , sort of led
6:12
into my first product manager
6:14
role , where that was just an area
6:16
that you know I really gravitated
6:18
to because it really it took a combination
6:21
of technical and sales skills
6:23
to be successful in that role .
6:25
Yeah , well , that's , that's that was . That goes nicely
6:27
into my next question here , because a
6:29
lot of our listeners sort of get
6:32
a sense of what kind of work they want to do
6:34
in cybersecurity by hearing what people do in
6:36
cybersecurity . So I was going to ask if you
6:38
could talk me through your average day as a senior
6:41
product manager at OpsWatt . Are there
6:43
certain things that you do every week ? Are there certain
6:45
tasks that are common ? And yeah
6:47
, and talk a little more about the sort of cross
6:50
point between the sales
6:52
of it and the technical expertise of it .
6:54
Yeah , I mean an average day like , for instance
6:56
, this morning I came online and I
6:58
had three requests for support
7:01
one in Turkey , one in the Middle East
7:03
, one in one of them in
7:05
Taiwan . So typically
7:07
, you know , I would address technical questions
7:09
or commercial questions that our solutions
7:12
engineers around the world have , or commercial
7:14
questions that our solutions engineers around the world have . You
7:17
know I may later on today meet with the
7:19
marketing department to review
7:21
, you know what
7:25
efforts around my product lines are ongoing and what we want to do next . That will be followed
7:28
by a customer call supporting , you
7:30
know , sales activity . Other
7:36
days , you know will be more , you know , focused around . If I have writing to do
7:38
, maybe I have to write product requirement
7:40
documents and things like that . I'll block out
7:42
time , but it's really , you
7:44
know , a varied role and you know every
7:46
day is a little bit different , but you
7:49
know supporting the sales organization
7:51
and then you know , looking , engaging
7:53
with customers to understand . You know , looking , engaging with customers to understand , you know
7:55
what their needs are and
7:57
how the market is evolving . Part
7:59
of that you know . For instance , today
8:02
I'm arranging meetings for subject
8:04
matter experts in a different vertical market
8:07
that we don't address today to try
8:09
to understand how might we
8:11
, you know , move
8:13
OpsWap products into a new vertical
8:15
market segment ? And you
8:18
mentioned on the role . It's a unique
8:20
role and one of the challenges of product management
8:22
that makes it a hard thing
8:24
to do is that most product managers
8:26
are individual contributors , so
8:28
nobody works for you . Yet
8:31
you rely on all the functional
8:33
disciplines within an organization to
8:35
be successful , and you
8:37
know you have to have credibility and you have to be able
8:40
to be very collaborative
8:42
to get to where you need to be
8:44
from in terms of the goals of your product line
8:47
. So that's something that's unique
8:49
about the role .
8:50
Yeah , that was what I was going to say is hearing
8:53
that you're working with , like , client success and you're also
8:55
working with the engineers
8:57
. You're very much the sort of conduit
8:59
in terms of the problems , the solutions
9:02
, but also seeing the big picture . So you're juggling
9:04
a lot at the same time , aren't you Exactly
9:06
? Yeah , yeah . So
9:10
today's topic we've been talking a lot about
9:12
operational technology , industrial
9:14
control , manufacturing , the last couple of episodes
9:17
here , and so , thanks to a few all-time inquiries
9:19
and a lot of great introductions , this
9:22
is going to be the focus of this month of CyberWorks
9:24
episodes . So I wanted to talk to you about
9:27
the OT side of things . Can you get our listeners
9:29
up to speed on the current challenges we
9:31
face in a set of increasingly connected operational
9:33
technology environments ?
9:34
on the current challenges , we face in a set of increasingly connected operational technology environments
9:37
. Yeah , I mean , you know I don't think it's any secret that critical infrastructure
9:39
has been , you know , a central target
9:41
for bad actors out there to hack . And
9:43
it's critical because if you , you know
9:46
, if you are breached , there
9:48
are , you know , power outages
9:50
, there can be safety
9:52
issues , you know people can be harmed
9:54
if equipment , you know , doesn't do
9:57
what it's supposed to do . So there's
9:59
also financial risks that , if
10:01
you know , associated with getting hacked . So
10:04
you know it's important that
10:06
we can secure the OT environment
10:08
and protect , you know , inbound threats
10:10
and you know there's any number of technologies
10:12
out there that really you know provide
10:14
sort of a defense in depth approach
10:18
to securing these OT assets
10:20
.
10:21
Yeah , so yeah , I've had a bunch
10:23
of great guests on the show talk about industrial control
10:25
and infrastructure , and many of them
10:27
went straight to the OT challenges , especially Emily Miller
10:29
and Leslie Carhart and Teresa Lanowitz
10:31
, so I know a bit about the issues around the
10:33
sort of delicate balancing act . The sort of delicate balancing act
10:35
of sort of harnessing modern
10:38
network and cloud network security practices to connected
10:40
networks of machines that aren't necessarily
10:42
built to those same flexible specifications
10:44
for things like firmware vulnerability , patching
10:47
and so forth . So in your work so far , what
10:49
have you found are the most effective strategies
10:52
for securing OT systems ? And I
10:54
know it's probably varied from industry to industry , but especially
10:56
as things like IoT take formerly static
10:59
pieces of machinery and chain them together in patchwork
11:01
ways .
11:02
You know in terms of the challenges , I mean a lot of
11:04
the . A lot of the OT systems that
11:06
are utilized , you know , to generate power
11:09
or refine oil and gas have
11:12
been in place for 20 years . They're old
11:14
and they were not designed
11:16
with security in mind . So
11:19
there's a couple things in
11:21
my role with the NetWall product line
11:23
. We enforce unidirectional
11:25
data flow so we can get data out
11:27
of the OT environment to IT
11:30
to do things like predictive
11:32
maintenance , analytics
11:34
and so forth . But
11:40
we need to deploy these types of technologies so that we can get data out but nothing
11:43
can get in . There's also threats
11:46
by portable media bringing in
11:48
USB sticks , so we
11:50
need to have multi-scanning
11:52
technologies and deep content
11:54
inspection to ensure that you
11:57
know if a vendor comes in with you
11:59
know some new firmware that
12:01
they're not infecting your you know
12:04
your OT network . So there's any number
12:06
of technologies . We
12:08
work with customers a lot to help them with
12:10
network segmentation and
12:13
things like that . So there's
12:15
a range of you know , analytical
12:18
and network-based tools out there
12:20
that you know . Really , as
12:22
I mentioned before , it's not any
12:24
one single technology , it's a defense
12:27
in depth .
12:28
Yeah , so I mean , like I said , I've
12:30
heard so many different kind of approaches and that's
12:32
one of the things that's so interesting about this is there's so many different
12:34
approaches . But it sounds like yours is very much like
12:37
a very strong sort of perimeter
12:39
wall around the OT . That
12:42
is kind of like a porous wall that only sort of
12:44
allows you know sort of outward
12:47
through your product there . I mean
12:49
, it's a lot different from other things that I've heard where you
12:51
know they're getting very sort of granular in securing
12:53
you know individual processes and so forth . Sure
12:56
, yeah
13:01
, that's interesting . So you mentioned memory sticks and other sort of incoming threats . What are
13:03
some of the most common attack vectors for security compromise across
13:06
industry and connected OT security issues
13:08
? What are the ways that attackers are getting in ?
13:10
Yeah , I mean it could be . You know remote
13:12
access , which
13:14
opens up threat vectors into the OT network
13:17
. It could be , as I mentioned , portable media
13:19
. And in addition
13:21
, you know organizations
13:23
have historically a lot of
13:25
connections out of OT or into
13:27
OT , whether that be for remote
13:30
access , whether it be for vendor support
13:32
, and so often
13:34
you know they have , you know , ports open
13:36
and access into the network that
13:38
they don't even know about . So
13:41
you know we work with customers and try to
13:43
get them to inventory all
13:45
their connections into and out of
13:47
you know , the OT network . I saw
13:49
a presentation once where a company counted
13:52
they had 238 connections into
13:56
and out of OT . Many of them
13:58
were no longer used yet they had open
14:00
ports to the outside world . So
14:03
and then , if you know , if you get in through
14:05
one of those open ports you know we saw
14:07
there was a water treatment plant
14:10
in Pennsylvania where it
14:12
is suspected that they had PLC
14:15
controllers that used the
14:17
default factory passwords , which are
14:19
readily available on the Internet
14:21
. So that combination
14:24
of a threat vector in and then poorly
14:29
configured devices is a recipe
14:31
for disaster .
14:33
Yeah , no , 2023 seemed
14:35
to be the year of asset detection , like it
14:37
was the first time I heard everyone talking about know
14:39
every single connection point in your network
14:41
, because the thing that you , you
14:44
know , had an intern on seven years ago and
14:46
thought was disconnected is not actually disconnected
14:48
and it's still a point of contact .
14:50
That's absolutely correct .
14:51
Yeah , yeah , yeah . So that's going to be a big
14:53
part of this , I think , going
14:56
forward like this , so , yeah
14:58
. So , as I say at the top of the show , mark
15:00
, the goal of CyberWork is to help students and new cybersecurity
15:03
professionals sharpen the skills needed to enter
15:05
the cybersecurity industry , whether
15:07
at a single company like OpsWatt , or as a freelancer
15:09
or consultant for hire , Like
15:23
what are you know and you have like a rank of skills across
15:25
the board because of your need to sort of connect with different departments
15:27
. But what are the most important skills or experiences or trainings or certifications
15:30
or soft skills they need to actively pursue OT security
15:32
work .
15:32
You know a lot of , a lot , of a lot
15:34
of people come into OT from IT
15:37
. It's a much bigger field and
15:40
so you know it can be challenging
15:42
to get into the OT space
15:45
because it's a different set of skills than
15:47
the IT world . But , you
15:49
know , take classes
15:51
, get certification . What I
15:53
can say is that there's a lack
15:55
of candidates in
15:58
the OT arena that really are
16:00
knowledgeable and have experience in OT
16:02
, so that there's , you know
16:04
, there is a great opportunity out there for
16:06
people that have those skills
16:08
. So I think you know there's OpsWAT has
16:10
, you know , basically
16:13
a university that we , you know , make available
16:16
. There are certification programs out
16:18
there . Try to do something
16:20
to get you know the OT on your
16:22
resume . You
16:24
know , and , like I said , there's
16:26
a lot of opportunity in the OT space
16:28
because there's not a lot
16:30
of people that are trained in OT technology , that are trained in
16:33
OT technology .
16:34
Yeah , Is
16:39
there sort of a bulk set of skills that people who come to it from IT to OT
16:41
like what are the big things that
16:43
you see are missing in someone's skillset
16:46
when they make that jump ?
16:47
Well , you know , for instance , coming
16:50
from IT , they haven't had hands-on
16:52
experience with PLCs
16:55
and RTUs . The
16:57
protocols that are used
17:00
in industrial control systems are
17:03
very foreign to the IT
17:05
world . So you need
17:07
to learn about what types of hardware
17:10
technologies are there . You need to learn about
17:12
what protocols customers
17:14
use to communicate within
17:16
OT and then from OT to IT
17:19
. So those are some
17:21
of the . You know the things that are different
17:23
. And again , you know
17:25
the IT hardware
17:28
and software world has very frequent
17:30
refreshes and
17:39
you know , in the ot world , as I mentioned , you may build a system
17:41
and install it and get it up running operationally and you and just leave it for
17:43
20 years , 20 years , and that's very different in the it
17:45
world yeah , no , absolutely now
17:47
.
17:47
Um , yeah , that's a . That's a really good
17:49
point . To that end , do you do
17:52
people who are getting into this from it
17:54
or more kind of tech side of
17:56
things need to have any kind of like engineering
17:58
or physics background or anything like that ? Or do
18:01
you just need to know how to do
18:03
the securing rather than how to sort of find
18:05
people ?
18:05
Yeah , I think you know there's people that are in
18:07
the OT from a very wide range of backgrounds
18:10
. They're not all from IT . Many
18:12
of them , you know , come from the engineering side
18:15
of the world . So it's a real
18:17
range of types . But
18:19
you know , many of the control system engineers
18:21
are , you know , came from that engineering world and
18:24
then you know , from the cybersecurity standpoint
18:26
, they have had to sort
18:28
of evolve to develop those
18:30
skills . And likewise , with
18:33
the IT side , you know they've needed to evolve
18:35
to build out those OT
18:37
skills .
18:38
Yeah , yeah , no , that's a really , really great
18:41
point . Now , yeah
18:43
, so like if a listener is coming to this and they're
18:46
thinking this sounds interesting , but they're
18:48
unsure about whether this type of work might be for
18:50
them , can you talk about your favorite
18:52
parts of the work you do ? What are things that keep
18:55
you excited and keep you pushing to do your work
18:57
every day ?
18:58
Well , you know , I like working
19:00
with customers and understanding you know their
19:02
needs , their requirements and as well
19:05
as the market . And
19:07
you know , from a product management standpoint
19:09
, you get to see
19:11
the product lifecycle , literally
19:13
from , you know , scribbling on a bar napkin
19:15
to developing
19:17
that product , launching that product , uh
19:20
, managing it through its life cycle and
19:22
then , you know , bringing the product to end
19:24
of life when it's , you know , no longer
19:26
, no longer useful . So it's
19:29
it's very , you know , unusual
19:31
for you to be able to touch that whole , you
19:33
know , lifespan of a product and
19:37
manage that . So I find that exciting
19:39
. I also , you know , I like
19:41
, you know going
19:44
from , like I said , taking you
19:46
know concepts and ideas and
19:49
you know morphing those into
19:51
a product strategy and then bringing that
19:53
to market . So you know just
19:55
the role I find always very interesting
19:57
and , you know , never
20:00
sort of rubber stamping . Yeah
20:02
, you know , your day doesn't consist
20:04
of that .
20:05
Well , and also because people who are just starting
20:07
their career journeys don't always think of you
20:09
know , can only think of , like the fun , sexy parts of a
20:12
job . What are the things about your job that
20:14
you really have to be okay
20:16
with doing over and over again , that people
20:18
might not think of , like certain reports or
20:20
certain like oh , I gotta do this meeting again
20:22
.
20:22
I gotta do this thing you know , I don't
20:24
, I don't know that I I can think of anything
20:26
like that every day . There's a bit of variation
20:29
, okay , uh , all many customers
20:31
are , you know , have different sets of circumstances
20:34
that you need to work with , and
20:36
you know the idea
20:39
that you know you're looking at . You know where
20:41
do we go next with this product , where do we , or
20:43
what products ? You know , are there unmet needs
20:45
in the market where you know
20:47
we can bring a product to market to fulfill that
20:50
need ? So I don't know that . There's
20:52
one aspect of the role that I , you know
20:54
, is sort of drudgery .
20:57
OK , yeah . So when
20:59
, when someone is , you know , done with
21:01
their studies and wants to get into , you
21:04
know , and is in that uncomfortable
21:06
space of like I have no experience , but I need experience
21:08
, like like for for OT
21:11
environments like this , is this something where you
21:13
could like volunteer with like a local
21:15
you know industry ? Like , how do you get
21:17
experience when you're like fresh
21:19
out of school or like a new face
21:21
, like that ?
21:23
Well , I think you know from
21:25
my role , from a product
21:27
management it's often difficult . Most
21:29
product managers don't start off out of
21:31
school as a product manager . They
21:34
come from either the technical side or the
21:38
engineering side and in many
21:40
cases you know from a marketing type
21:42
role . So it's often
21:44
not just a you know you're where
21:46
you want to be immediately . You have to sort
21:48
of plan ahead and
21:50
get yourself in a role that positions
21:53
you to do that . Now , from the
21:55
OT side , I think
21:57
anything you can do for getting
22:01
trained on cybersecurity , getting
22:03
certifications , as I mentioned
22:05
. There's not a lot of these skill sets out
22:08
there , so there is opportunity . So
22:11
from a technical OT perspective
22:14
, I would say try to take
22:16
some classes in cybersecurity or
22:18
get some certifications . There's a lot of
22:20
different approaches that you can
22:22
go to
22:25
get that experience on your resume .
22:28
With regards to there being so many open
22:30
spots and so few sort of available
22:32
candidates . Is this a skills mismatch
22:35
or is there just not enough people interested
22:38
in this type of work ? Do you think Like
22:41
what's the mismatch ?
22:42
I think it's probably a skills mismatch
22:45
that a lot of you know a lot of cybersecurity
22:48
. You know trainees
22:50
came come from the IT side and
22:53
you know , even though , even
22:57
though there's a lot of opportunity in OT , it
22:59
is not as widespread as opportunity
23:01
for IT because there's so
23:03
much more IT effort
23:06
than there is , you know , ot effort .
23:08
So there's a lot of space for people in OT
23:10
, but there's a lot , a lot of space for people in IT is
23:12
what you're saying yeah exactly . Okay , got it
23:14
. So it's a scale of things . Okay , all
23:17
right . So as we wrap up today , mark , I
23:19
wonder if you could tell our listeners the best piece of career
23:21
advice you ever received , whether it was a mentor or a teacher
23:23
or colleague that gave it to you .
23:25
You know I kind of touched on that that
23:28
you know , find out what you really
23:30
like to do and there's a good chance
23:32
that you know . Once
23:39
you find out what you like to do , you'll be good at it . You
23:41
know plan ahead . You won't get to where you want to be right
23:43
away . And you know , in terms of my role , you know you
23:45
need to understand the technology
23:47
. You need to understand , you know
23:50
the skills of the product management role
23:52
in order to be credible
23:54
and successful . So
23:56
, yeah , I think .
23:59
Yeah , know what you want to do with yourself before you start
24:01
doing something .
24:04
It's simple , but it's , you know , it's true
24:06
.
24:06
It's simple , but it's . You know it's true . It's simple , but it's true . Yeah , exactly
24:08
so . Okay , so before we go today , Mark
24:11
, you've talked a little bit about it , but tell us all about OpsWat
24:13
and the work that you do to protect crucial
24:15
infrastructure .
24:16
Okay , you know OpsWat's been around
24:18
for 20 years and our focus is on
24:20
securing OT environments
24:22
. So we have a very broad range
24:25
of products that , as I mentioned
24:27
, it's not a single product , it's a defense
24:29
in depth approach . So we have products
24:32
for scanning portable media . We have products
24:34
that enable you to go out
24:36
and discover all of the IoT assets
24:39
. Look at what versions
24:41
of firmware are on those . My
24:43
role is in what we call data diodes
24:45
and unidirectional gateways . My
24:48
role is in what we call data diodes and unidirectional
24:50
gateways and
25:01
it's a hardware-enforced security that assists customers in getting that valuable data out of
25:03
OT to the IT world so that we can do business analytics , predictive maintenance and so
25:05
on . We have industrial firewalls and just
25:07
a whole host . There's been a trend in the industry
25:09
where traditionally
25:12
OT cybersecurity you
25:14
know there was more of a best in breed approach
25:16
where you had many , many vendors
25:18
in your shop and
25:20
now , as the
25:23
industry has matured , it
25:25
seems we're going full circle . So customers
25:27
now are looking to purchase you , to purchase
25:29
as much as they can from a single vendor
25:31
, just for efficiency
25:34
and one
25:36
organization to work with . So that's something
25:38
that we're seeing in evolution
25:40
and OpsWatt is well positioned for
25:42
that because of the breadth of the product
25:45
offering .
25:46
Yeah , yeah , and I was going to say we hear that
25:48
a lot about . If you sort of patch together
25:50
your system from lots of different things , you don't really know
25:52
which ones are the most secure and which aren't
25:54
. So if you're working all from the same vendor like that , I imagine
25:56
that's got to be a bit of personal
25:59
relief as well . Yeah , exactly , yeah
26:01
, so all right .
26:02
Well , one last question for all the marbles here
26:04
If
26:08
our listeners want to learn more about you , mark Toussaint , or Opswot . Where should they
26:10
look online ? Well , opswot , you know Opswotcom . We have
26:13
a real wealth of information . You
26:18
know , we pride ourselves on being thought leaders in the OT space . So there
26:20
are white papers , there are , you know , e-books . There's just a wealth
26:23
of information on
26:28
the Opswot website and you can just Google
26:30
me and see some of the things
26:32
that I've done presentations and
26:34
things like that . There's any
26:36
number of things out there available on the
26:38
web .
26:39
Oh good , so there's actual . You have speaking
26:41
engagements and things that you've done that are recorded . Yes
26:43
, oh cool , all right , well , I will go check
26:45
those out as well and hope our listeners do as well
26:47
. So , mark Tussauds , thank you for joining me today
26:49
. This was a lot of fun , all right . Thanks
26:51
, chris , for having me , and thank you to
26:54
everyone who watches , listens and writes into the podcast
26:56
with feedback . If you have any topics you'd
27:01
like us to cover or guests you'd cosec institutecom slash
27:04
free , where you can get a whole bunch of free and exclusive
27:06
stuff for cyber work listeners . Learn more
27:08
about our new security cyber security awareness
27:10
training series . Work bites , a smartly scripted
27:12
and hilariously acted set of videos in
27:14
which a very strange office staffed by a pirate
27:16
, a zombie , an alien , a fairy princess , a vampire and
27:19
others navigate their way through age old
27:21
struggles of your whether it's not clicking on the
27:23
treasure map someone just emailed you making sure
27:25
your nocturnal vampiric accounting work at the hotel
27:27
is VPN secured or realizing that
27:29
, even if you have a face as recognizable as the office's
27:31
terrifying IT guy Boneslicer , we
27:34
still can't buzz you in without your key card . Anyway
27:36
, go to the site and check that out for the trailer . Infosecinstitutecom
27:39
slash free is still the best place to go for your
27:41
free cybersecurity talent development ebook . Here
27:43
you'll find in-depth training plans and strategies for
27:45
the 12 most common security roles , including
27:47
SOC analyst , pen tester , cloud security engineer
27:50
, information risk analyst , privacy manager , secure
27:52
coder , icf professional and more
27:54
. One more time , that's infosecinstitutecom
27:56
slash free , and the link is in the description
27:59
below . One last time , thank you to Mark
28:01
Toussaint and Opswa , and thank you
28:03
all for watching and listening Until next week
28:05
. This is Chris Senko signing off , saying happy
28:07
learning .
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More