Cyber Attacks and How To Protect Yourself Online

Subscribe to the Guts And Glory Show

Cyber Attacks and How To Protect Yourself Online

In this episode:
Matthew Connor

Matthew Connor, Founder and CEO of CyberLynx, began his programming career at 12 while working as a coder for his father’s company. His passion led him to develop his own company, which focuses on offering premium IT services — specializing in protecting growing businesses from ransomware. 

CyberLynx, previously known as Your IT Department, continues to provide cybersecurity and professional IT and support services for expanding companies. Matthew is on a mission to assist business leaders in increasing their profitability using cutting-edge technology. He served in the US Army for 17 years as a human intelligence officer and received his bachelor’s in business administration and management from the University of Maryland Global Campus.

apple
spotify
stitcher
googke podcast
tunein
Deezer
iheartradio
radio public
partner-share-lg
partner-share-lg

Here’s a glimpse of what you’ll learn:

  • Matthew Connor shares how he began coding at the age of 12
  • Matthew’s experience transmitting secure intel in the US Army
  • The importance of organizational cybersecurity
  • How law firms can secure their business and sensitive client information
  • Does AI pose a cybersecurity threat?
  • Integrating AI-powered monitoring systems to protect against ransomware
  • Matthew describes the qualities of an efficient IT service provider

In this episode…

When it comes to cybersecurity, many businesses assume that merely installing antivirus software protects against attacks. Instead, cybersecurity entails taking precise actions to safeguard data and other business assets. This is especially critical for law firms that manage confidential client information. How can you remain proactive against ongoing cyber threats?

Coding master Matthew Connor asserts that email encryption is a fundamental first step in securing legal assets. This protects communication and information transfers, mitigating catastrophic damage from potential attacks. Modern encryption requires implementing AI-powered monitoring systems for consistent endpoint detection and response, allowing you to identify hackers and ransomware promptly.

In today’s episode of The Guts and Glory Show, Luis Scott invites Matthew Connor, Founder and CEO of CyberLynx, to address cybersecurity concerns and protective measures. Matthew explains how to protect against ransomware, how to counteract AI-powered cyber attacks, and the qualities of an ideal cybersecurity service provider.

Resources mentioned in this episode:  

Sponsor for this episode…

This episode is brought to you by 8 Figure Firm.

Co-founded by Luis Scott and Seth Bader of Bader Scott Injury Lawyers, 8 Figure Firm helps transform your law firm into a seven-figure or even eight-figure firm.

After their own law firm scaled from $3.5 million to $30 million in annual revenue in just two years, Luis and Seth started 8 Figure Firm to share their strategies and help other law firms achieve exponential growth.

Visit www.8figurefirm.com to receive a consult call and start scaling your business today.

Episode Transcript

Intro 0:00

Are you ready to make it rain? Learn from the best in the biz on how to take your business to the next level. You’re now entering the growth zone on The Guts and Glory Show with your host, Luis Scott.

Luis Scott 0:22

Hey guys, welcome to The Guts and Glory Show a show dedicated to helping you learn just a little more so that you can be bigger and better than you were before. And today, I am so thrilled to have a guest on the show who’s going to be talking about all things cybersecurity, because as you know, that is a big deal today. And so we’re really happy to have an expert on the show, Matt Connor, who is the founder of CyberLynx, a cybersecurity company where he helps companies protect themselves, but he’s also a US Army cybersecurity veteran. So if you’re working for the government, you know, you probably have some top secret clearance. I don’t know, maybe, maybe not. We’re not going to share any of that today. But we are so excited to have Matt on the show. Matt, welcome to the show.

Matthew Connor 1:03

Thanks Luis. Thanks for having me.

Luis Scott 1:05

Absolutely. So I am pumped, because there is so much chatter about cybersecurity, and maybe more than chatter, maybe it’s a lot of fear, especially as it relates to AI. So we’re gonna get into AI, we’re gonna get into cybersecurity. But from my understanding, you started coding when you were 13, or started programming or forgive me, because I don’t even know the technical language. Were you. You were in there on a computer doing something at 13? How did you get into that?

Matthew Connor 1:30

Yeah, so my dad designed electronic circuit boards grown up and he started his own own company doing that. And it was just a really small, firm, adjust him. And he eventually joined another company, but at the time, he was doing his own thing. And I was really about 11, or 12, when he brought home my first computer. At first, it was a Vic 20, then a Commodore 64. But the real first computer was an IBM at 88. And when you turn it on it boots into basic, and it came with a manual that, you know, basic, and if you wanted it to do anything, you had to program it. So you know, I been working a few odd jobs. And what I did was I programmed this was by the time the ATM machines came out. So one of the first things I did was I programmed a little ATM machine. So that my brother’s really my my one of my brothers used to borrow money all the time. And so I was, you know, had my little safe and my stuff set up. So he could just go and punch in his code how much he wanted to borrow. And it would print out how much he was borrowing how much he paid back, and he bring it to me. And and so that was my first like, the kind of that’s when my dad realized, hey, wait a second, maybe you can come do some stuff for for the company. So really, I spent my nights and weekends throughout middle school and high school programming for various clients of my dad’s. And yeah, and that’s how I got started.

Luis Scott 2:48

That’s well, so I’ll tell you what I was doing when I was 10. And 12 years old, I was playing the Oregon Trail.

Matthew Connor 2:54

That was awesome. I loved that game

Luis Scott 2:56

that was not coding I was I was playing the Oregon Trail, trying to figure out how I got to Oregon, I had no idea that that was a place I was probably never going to want to go. But But on this game, I was going to Oregon, I think I made it all the way without catching what was the disease malaria cherry was. Wow. So that’s amazing. So that led you into I guess, the military and you were coding there and kind of what was your responsibility in the army,

Matthew Connor 3:23

they did. So actually. So in when I joined the army, I actually joined on the Intel side and I got to they they sent me out to the Defense Language Institute where I learned Spanish and then a few years later, I came back for Mandarin Chinese. And I spent about 10 years all total. But it was really wasn’t until I got out to Tokyo where I really got to use more of the my technology or my you know, know how, in combination with, with Intel. And so it was that was really my first kind of entry into those worlds merging and how technology kind of, you know, works with everything. Obviously, when programming you, you get to a little bit of that, but here was really great, because we had this was right around September 11, we had a real issue with with sharing Intel between, you know, organizations, we got a great story that I don’t think I can share on here. But suffice to say, it was really great to be able to use, you know, technology, Intel and the human, you know, aspect and kind of how organizations can work together to share information. So we came up with some really cool stuff to to you know, do that and do it securely. So that was a lot of fun. And then I got out and I kind of the rest is history.

Luis Scott 4:37

But yeah, figuring out how to make how to figure out how to make money from there on right. That’s right. Yeah. Now it’s interesting because like, I don’t want to bring any fear to people, but this is definitely something that brings a lot of fear to people and without, you know, sharing secrets, obviously. There’s a lot we don’t know that’s happening on online, correct.

Matthew Connor 4:56

Oh, yeah, for sure. And you know, I think when it comes to cybersecurity, the biggest thing, you know, people worry about what they don’t know, right? I mean, because that’s really what fears, you know, where it comes from, if you don’t know something, you’re worried about something, you know, something that you generally don’t know. And when it comes to cybersecurity and, and cyber threats, and all this, you know, a lawyer, you know, for instance, or, you know, a pizza maker, they know the law, they know, pizza, but they don’t know all this, it stuff that can come in, destroy their business. And it’s like, Ah, so I think that the thing that people have to realize is that cybersecurity, it is not a state, it is actually, you know, just a process of securing your digital items. So whether it’s a phone, a computer, literally anything that that’s electronic, that is, you know, that has to be be secured. Because anything that’s electronic, you know, and maybe in some way, shape, or form connects to another device that then connects to the internet can affect your entire organization. So not to go too far down the rabbit hole here. But for instance, in, in hospitals, one of the things they they completely overlooked were the fact that you’d have like these blood pressure monitoring machines that do not connect to the internet, but they then connect to your EMR, your electronic medical record system. And so they were infecting these devices that don’t connect to the internet, but do connect to EMR, they were infecting those before they got or after they got to the you know, to the hospital. And that’s how you get to the entire organization, a big wake up call for for people in like, holy crap, it can happen that, you know, that’s pretty smart. Heck, that’s how we, we, you know, we got the Iranian nuclear reactor, you know, offline was we got got it in production, as the pieces were going over there was already infected, right? So we never even had to go over there. We didn’t have to connect it to the internet. We infected it beforehand. So that’s not classified. That’s like a known story.

Luis Scott 6:55

So I was like, That sounded very, that’s not a very top secret. But okay, yeah,

Matthew Connor 6:59

I saw the look on your face was like, No, we’re not going to jail. Not for that. So in any event, so I think, you know, people just have to realize that it’s this process of securing their stuff. And there are ways of doing it. And it comes with education, but it’s something you keep doing, it’s not something you can just buy one and be done. It’s something you got to go through. And, and but you can get there, but I’m glad you

Luis Scott 7:21

you said that. And you kind of explained that, because that’s what I used to think I used to think cybersecurity, um, secure, you know, I got my anti virus software, check, I don’t have to worry about anything, but it’s absolutely, you know, securing every part of the process in which someone could enter your computer. In this case, they don’t even have to do it online. Or they could just infect something that you connect, right. So somebody sends you a USB, they tell you or one of those little, I don’t know if that’s called a USB, but one of those memory cards, when they tell you this is going to be the pictures that you you bought from this photographer, it’s actually a scam, you plug it in, boom, next thing, you know, they have all your information. And so, again, I don’t want to bring any fear to anyone. But it’s something definitely to be be aware of in terms of law firms, because, as you know, this show is not really about law firms. But I do like to interject, because a lot of my audience are law firm owners who follow me and who listened to my content. And so this probably applies to any business. But in terms of law firms, what can and should they be doing to secure not only their business, but also the files of the clients, and many, probably 1000s of clients that they service that have social security numbers, and dates of birth and really private information. What what can and should they be doing?

Matthew Connor 8:39

Well, I think first and foremost, going back to that whole, it’s a process, I think the the best thing to do given that, you know, they’re good at law is get somebody who’s good at cybersecurity, to do their, you know, to do their bit for you. Because the reason it’s a process, you know, isn’t because it’s a lot of stuff is because the threat landscape is constantly changing. So you want somebody who’s whose day job, they are not some kid who you know, works does this in the evening or not somebody, their their day job is doing this for people, you know, just like them all day, every day. And they’re they’re hyper aware of the threats that are imposed, you know, that are that are possible for them. And so they keep them up to date. So I’d say the first thing to do is get good help. There’s plenty of it out there. It’s a lot more affordable than people think. But but you know, definitely bite the bullet and do it before it becomes a problem. You know, waiting until you have an issue is not the right thing. But let’s say that you do that. I mean, on top of that, you know, or aside from that, you know that things like you know, encrypting email. It’s a huge one. I think, you know, law firms should be sending all their email out, you know, encrypted, and wow, that Oh, really? Oh 100% 100% And I’d say less than what 1% probably do. I don’t think we send

Intro 9:57

anything encrypted. This show has been brought to you by 8 Figure Firm Consulting at 8 Figure Firm we help law firms turn into law businesses. Stop wasting your time with gurus who’ve never built a successful business at eight-figure firm will show you how to unleash the power of your law firm for personal and financial freedom. For more information, go to 8figurefirm.com. Welcome back to The Guts and Glory Show with your host, Luis Scott.

Matthew Connor 10:35

100%, up encrypted. Now, you know, some will will misunderstand what encrypted email is in that there’ll be like No, no Microsoft or Google says that my email is encrypted, your email is encrypted from the time that it goes from Microsoft to wherever it goes. But that that just means that in transit, if somebody somehow on the internet in between Microsoft and let’s say it’s going to a Google, you know, account catches that they won’t be able to read it. Fine. Okay. But that’s not the important part, you want to make sure that it’s when you send something with with, you know, personally identifying or confidential information and and most all of your your communication with a client should be that you know, something, you know, even the fact that you’re having this communication is something that should be protected. And you know, so you want to make sure that it gets to that recipient, and it’s only that recipient, who who reads it. And that’s where encryption comes in, it’s not hard to do, you can set it up so that every email you send out goes out there. And if they don’t have if they’re not set up to, you know, to send email, encrypted email back, that’s okay, too, because modern encryption for email, super easy to do, so that all of your email goes out. And when they get it, they’re like, Oh, this is indeed meet, they can read it. And if their their mail carrier doesn’t participate, they just simply click on a secure link. It takes them, they prove who they are. And they see that and now you’ve got it without going through some big expense of hey, look, we’ve got to have this secure communication portal fine. And their providers who do that, and that for some people, that’s a really smart way of of, you know, storing documents and communicating with with their clients. But I think a much easier way to do it is simply set up your law firm to where all of your emails going out encrypted boom, marvelous. I mean, it just, it’s, then then God forbid anything does happen, you know, to your, you know, one of the things that I think everybody that the reality is, when something bad happens, you’re going to be they’re going to check to see where you taking standard or, you know, reasonable measures, they call it to secure your, your, their the private information, the confidential information, your network, were you taking reasonable measures? And if, on top of all the other things, your you all of your communications encrypted, you’re gonna get it Oh, yeah, a check plus there, for sure. You guys were taking it serious. And it wasn’t like you had to spend any, any actual money to do it. You just added that to the things that your Microsoft account is doing for you, assuming you’re at Microsoft.

Luis Scott 13:04

Now, I’ve always thought about encryption as requiring a password. If you’re sending everything encrypted, does that mean that you have to set up passwords for all these individual documents? Or how does that work?

Matthew Connor 13:14

So there’s, there’s a variety of ways that they can that encryption can work. And the reason I mentioned Microsoft is, they’ve got a really great way of going about it, to where they handle everything for you. Basically, it used to be that one organization would have to have their public and private keys, and it would be managed, and they you could only send encrypted email to another organization where you had their their public key, they had their private key and you shared this information. Now you can, okay, that’s a big hassle. Right? That is just that’s not easy to do. So it didn’t catch on. So Well, then. Now there are plenty of good providers where they manage all of that for you. And you simply say, Hey, I’m sending this, this email to Luis, at this address, boom, all of that is handled for them. They get it and they’re like, yep, that’s indeed date him golden, he can view this this message. So it used to be harder. Now there’s some really, really good solutions. Is it just built right in? 

Luis Scott 14:14

Right, is encryption a reasonable measure? Or is that above and beyond? 

Matthew Connor 14:19

Oh, I think it’s, it depends. If you’re sending you know, what they call PII personally identifying information or confidential information. I believe that is standard, you should be securing that. Does that mean that everybody is no, I’d say a, you know, a huge, you know, the majority of people are not properly doing that. And I think that’s, I think that’s a no, no, right? Especially when it’s not like it’s going to cost you a bunch of money or make it even even difficult. It’s just gonna make you look very squared away, that you’re taking the time and the consideration to safeguard your clients information and their communication. So I think it’s especially for a law firm, that should be considered standard. Well,

Luis Scott 15:04

that’s a that’s a huge shift in the way I know law firms work. I mean, I don’t I don’t think I know any law firm that sends us anything encrypted. In my experience with with encryption is generally like the bank, the bank will send you something encrypted, but you got to go to a portal seems super inconvenient, you gotta have an account and all that stuff. And so, but if there’s a tool to do it more efficiently, then obviously that would be that would be a route that you could take as it relates to encryption. Now, let’s talk about AI. Because AI is doing things that no human could do in the amount of time that it’s doing. And my biggest fear is that you can set an AI system up to where it could just constantly be looking for ways to penetrate your your business. Is that a real possibility? And if so, what’s the timeline on that being a real possibility?

Matthew Connor 15:54

100% So AI has already changed. And I’m gonna say AI if sent just since ChatGPT came out at the the the the level that the that’s just called bad actors. Their their professionalism has increased exponentially adjust over this year. It’s absolutely ridiculous years and years ago. Yeah, just think back three years ago, you get the Nigerian prince scams, you get all these ridiculous emails littered with with grammatical and spelling mistakes, and you instantly knew okay, this is this is BS. Right. Right. And so, you know, it was it was kind of a common saying that we’re going to be in trouble when when the bad guys learn how to spell and speak proper English, right? Well, thanks to ChatGPT they spell good, and they write good, right? I mean, every, they’ve got it down. So they get all of that is done very well. And, and so now we’re seeing not only is our eat fine, their emails, good, but they can go to ChatGPT. And they can say, hey, write me some code that will do X, Y, and Z. And, and so what they’re doing is, in many cases, they’ve already used ChatGPT, to circumvent traditional antivirus and anti malware. So we actually made a big shift ourselves. As you know, again, cybersecurity is very dynamic, it’s a process constantly changing. So we were taking a much more old school approach of really locking down our clients. And basically, I used to use the example of the analogy of we bring our clients into the bunker, we would close the bunker door, you’re safe, and you’re I don’t care you, your, you know, users can click on whatever they want go anywhere in the world, you know, and boom, they’re golden. We got them locked down, right? Because they their computers cannot do bad things. Okay, cool. Well, I like it. However, now with the advent of AI on the bad guy side, we’re seeing the you know, such great advancement that we now need AI to fight for us, you know, if AI is going to be used against us, we need it fighting the good fight. So we’ve now switched our our defenses to using AI powered defenses versus your kind of that old school bunker kind of missed the bunker, but it didn’t give me the visibility and access to see everything. So for instance, you see how fast you know, ChatGPT has to come up with like content, you’re like, hey, write me a blog post about it’s like ball and a day. Okay? Pretty, pretty good. But now, what you have to realize is that on your computer, if you just open up, you know, if you were to see everything that’s happening on your computer right now, just as we’re speaking even right, all the processes and all the things that are going through memory, it’s a ton of stuff just constantly running through. So to sift through that and to see oh, this is this is odd. This isn’t normal behavior. So to see that and catch that the way antivirus and anti malware applications, traditional ones work and I guess they’re all traditional, technically, they would have a definition. They say, Hey, if you do this, unless you have a virus, for instance, a virus is only a virus because it has the one unique, you know, trait of a can self replicate just like a you know that an actual biological virus, right? It goes in facts and creates another virus in that cell. The same thing happens on a computer that computer virus, it duplicate yourself. So your antivirus is really just looking for something to do that. And it’s like, Ah, gotcha, boom. It’s pretty easy sifting through all that stuff. Oh, that’s weird. I got it, because I can see that thing. Cool. So you do this through a bunch of things that we know of, and you’re like, okay, cool, but we’re always playing catch up when it comes to that. So in antivirus, they you know, any anti virus can protect you from 100% of the known viruses, but anti malware, we’ve never had an anti malware application that could protect you from 100% of the known malware and we know that there was tons of malware that we’re not even you know, you know, aware of or defending against yet, so that always let After a gap, an unknown gap that was not good. Where AI comes in is now instead of to replace that antivirus and anti malware, AI is now seeing exactly what’s going on the entire time through everything. And it’s like, hey, look, this is not right. This shouldn’t be happening. Doesn’t matter what it is, doesn’t matter if it looks like something, you know, normal, it just it sees that this isn’t normal activity. And they can further analyze it based off of everything we know about viruses, malware, and everything. And and be up to date on Oh, this is this is definitely weird. And stop that immediately, versus just kind of blocking something or saying this is suspicious. I can’t say for certain so it flags it to the to the human to then check and be like, oh, yeah, yeah, no, this is weird, or no, this is fine. This is part of Carbonite backup. So and, you know, so whatever it might be. So to answer your long answer to your question with AI, for sure, we’re, we’re already seeing it happening on you know, that kind of computer level, you know, that it’s so it’s happening, and you really need to be using it in my opinion, I think it’s, it’s a mistake not to be using AI to defend against the AI that’s coming at us. It just doesn’t make any sense to me.

Luis Scott 21:17

What talk to me about because like, sometimes we talk about AI and AI is like a very broad term. What is the actual program? Like, what are we? So I’m a customer, I come in, and I’m like, Hey, I’m very terrified of the AI they’re using against me, I’m clearly susceptible, I have so much data, what is the AI programs slash software that I need to have now on my system to be looking for the unknown malware? Where’s that we currently can’t protect against? Like, what did what do I need?

Matthew Connor 21:47

Got it. So I’m a big fan of Sentinel one, you know, great group they focus on they’re really an enterprise grade, you know, what they call endpoint detection and response, right. So it’s, it’s checking your endpoints for things detecting and responding to them in real time. The challenge with it unlike, like your antivirus, like a Norton or McAfee, a Windows Defender, the antivirus is so simple, that it like anybody can install it be like, Hey, I’m, I’m protected from viruses. But now that we’re at at this high level of, you know, endpoint detection and response with with AI. Now, it’s the problem is, I can’t tell you what to do for the, for the home user, in terms of that somebody will crack that, that that nut, and they’ll have something really great for end users being for home users. But for businesses, it’s so it, it requires some advanced help, to even you know, monitor that and say, Oh, that’s good, that’s bad. So when you’re on that, that edge of protection, you need somebody doing that, and, and that’s fine. That’s all well and good, because the reality is for going back to what you asked earlier, there are several other things that every business should be doing. And one of those is 24/7. monitoring of all your defenses, right and your your devices. So you even though your EDR your endpoint detection and responses is always running. If somebody isn’t there, when the things happen, like you know, everybody’s got asleep at some point, right? So if you don’t have a 24/7 monitoring of your your stuff, then a lot of times you won’t even know that it happened and this is the problem that a lot. The reason we hear about so many of these ransomware things happening is because people fell asleep at the wheel, they were not doing what they needed to do they were not monitoring the organization 24/7 And so these hackers were in there for months beforehand, maneuvering through the networks. That’s ridiculous. Because for a few dollars a month, you can have your your your whole system monitored. 24/7 It’s like you have you know, this great home security system fantastic, right? But if your kids can let if some anybody in the house can open the door and anyone’s gone into like letting in the plumber Oh, like your plumber cool. They let in the plumber and then nobody’s monitoring to say hey, did any let’s say you got a huge house. And they’re not talking to kid doesn’t come and tell you how do you know that was the kid let the plumber in? Who was actually the bad guy who’s now in the house waiting for him to fall asleep and then kills everybody. I mean, that’s a crazy exam. And

Luis Scott 24:27

for all the plumbers out there, we’re not saying that plumbers are the bad guys.

Matthew Connor 24:33

Yeah, no problem is great. We love him.

Luis Scott 24:36

But it’s true. You know what that reminds me of? I don’t know if you saw the movie lean on me, where the prince would go Clark and he’s like, he’s like, I’m gonna put chains on the door. Because if anybody can just let the you know, the criminal end, then our people aren’t safe. So essentially, what you’re doing is you’re you’re not putting chains necessarily but you’re having somebody who’s monitoring this. When I say somebody I’m assuming a human being He is monitoring this system. Are they looking at something? Is that what’s happening? Yeah. So.

Matthew Connor 25:05

So basically, what would they call a sock a security operation center, what would a sock does, is they monitor all of that stuff that’s coming in all that. All that data and information. And they’re looking. So it’s basically kind of what the the EDR is doing. So in the case of your EDR, that stuff will just go and if there’s if something if it that your AI powered EDR sends up an alert, and let’s say it’s two o’clock in the morning, the the sock is going to be on it and be like, Oh, hey, okay, cool. And they’re going to handle that they’re either going to agree with them, or it would let’s say it was something suspicious, that the AI wasn’t 100% Sure, if this would, you know, should be stopped or not? Then the human, you know, the, you know, the, the technician looks at it and says, Oh, yeah, for sure. That’s not right, that shouldn’t even be installed on this computer, or whatever it is. And they can then say, Yes, stop that and terminate it and get, you know, clean things up. Right. So you know, if Yeah, so it is really is just a matter of have, you got to monitor your systems at all times. So that, you know, there are no bad guys in it. Because we’ve just seen it time and time again with this ransomware. And that’s ridiculous. Because it’s all of those those ransom where’s all at, you know, every one of those events were stoppable, maybe they should have been preventable, they shouldn’t have happened in the first place. And they should, and even if it did, it was easily stopped shortly thereafter. And you know, and it would have been easy to kick them out, had they just been monitoring it. And I get it, if you’re, you know, I really feel bad for the really large, large enterprises, the I wouldn’t want that job is basically the same job. But it’s just on a bigger scale, you got things all over the place harder to do. But for the small to medium sized business, this is a solvable problem. This is it’s all preventable. It’s all easy to do. You just got to get the right people in there and putting a few things in place. But then going back to that whole kid analogy, you’ve also got to gotta train people on, you know, the cybersecurity issues. And I don’t think that sitting in an hour long, you know, cybersecurity meeting every year for you know that training is a good way of going about it. So what we do, for instance, for instance, is we send out these cybersecurity shorts, these little videos, it’s a one minute short, goes out once a week, keeps people up to date on the topic, and oh, hey, they learn some stuff. And if nothing else, even if it’s a review of something, it keeps it fresh on people’s minds about oh, these different issues. So this way over the course of the year, they get a an hour or so of of training, but it keeps it kind of Top of Mind and you want people not scared, but at informed and and alert. And I think that’s you that’s how you do that?

Luis Scott 27:55

Absolutely. I mean, repetition is the key to keeping people you know, always at top of mind. Now I want to go back to something because you mentioned that this is like for a couple dollars a month. And I just want to be clear. You mean more than a couple that it’s not $2 a month? It’s what what is it actually cost to have this monitoring system? Yeah, that’s a good

Matthew Connor 28:15

point. So it will vary depending on on who you go with. But realistically, you’re looking at, it’s something that should be a, you know, a, let’s say, again, there’s a lot to it, but it’s somewhere in the in the range of A they’ll either do it based off of. And this is where it gets a little tricky. Either they’ll do it based off of endpoints, then you know, and they’re, they’re charging you per endpoint, or they’ll charge you per user, right. So, you know, in a per user situation where it might be your, your laptop, your iPhone, your desk computer, and let’s say your personal computer. So you might have, you know, three or four devices that you use, you know, it for work purposes. In that particular case, you’re still only looking at at, you know, probably, you know, somewhere between five and $10 per user data or that sort of 24/7 plus the AI powered, you know, endpoint detection response. So, for that security, it’s not something where you’re gonna be like, well, we can’t possibly afford that. I mean, at a time, but and a 10 person shop, that’s 100 bucks a month. Of course you can, you know, or you’re not endorsed. Yeah, right. Yeah, that sounds very doable. Yeah, exactly. And the same goes with that, that email encryption, depending on your, let’s just go with that Microsoft, depending on on what version of Microsoft 365 you’re using. It may be it’s probably built right in, and it’s just a matter of setting it up. So it’s, it’s right there. And if it’s not, I think you’re you’re just looking at upgrading to one so that again, varies based off of person to person, but realistically, it’s probably built into your Microsoft 365 account, and you just have to enable that sort of encryption. If not, I think they’ve got a security add on where it’s like $5 a month, it gives you a lot more than just the ability to encrypt. But again, now we’re talking about another few. And sure, it all adds up eventually, yeah, there, there’s a bunch of things that yeah, add up. So things like a password manager, people are horrible with passwords, right? Everybody’s like, oh, they, they don’t they, they reuse the same ones over and over. But this is a major place, you know, point for people to get, you know, for, for accounts and, and devices to get compromised. And it’s so easy with a with a good password manager, we like keeper keepers, a great you know, one there, they’re US based, great group, really inexpensive, but again, you know, you tack on another $3 a month per user. But now, all of your passwords, you don’t ever have to worry about learning a password, it just does it automatically for you drops it in, people think it’s safe to save your beer, man, I’m sorry, there’s, there’s so much information that does Yeah, out here. I you know, but people think it’s safe to just store your password in your browser. But it’s not at all, it’s so easy to to crack, that they’re stored in these really simple hashes. And so if you’re, if somebody gets access to your computer in any way, they’ve got access to all of your saved passwords there. So you want those in a password manager, one, because when it comes time to change it, you’re not going to be like using your standard Password Plus, you know, adding one or an exclamation mark or whatever your your thing is. And the other reason being that when that you know, when people get on the dark web, there are billions and billions of passwords, you know, available for free. So, you know, if people because every time something like Target or want something out, you know, these, these big places get get hacked, and all these passwords get get leaked, and they get put on the dark web. And so the reason this matters, you’re like, So what’d you get access to my target account? I don’t have any credit, you know, I don’t have any financial stuff tied to it. I don’t care about my target information. Okay, maybe you don’t. And maybe that’s true. But perhaps you use that same standard password or some variation thereof. So if I see a list of 20 of your passwords, you know, the bad guys got 20 of your go to passwords and the combination of how you change it. And then they’re like, Okay, now let’s get into their work computer, which we don’t have that here. But let’s try, oh, boom, what do you know, it was one of the mixture of the combination where it was one of these passwords, and now they’ve got access. So it’s so easy to stop all that just by using a password manager. And now you never have to worry about the headache. It fills it in it updates it, it changes that you just have to use your fingerprint to sign in. Remember one password that that’s you know, and that’s it. So,

Luis Scott 32:49

yeah, that’s a big one. Yeah, I could definitely see that. I thought maybe you had seen me write a password, because I’ve just been adding exclamation marks to the exact same password over and over. So I want to ask you one more. One more question. As we kind of finish up here, because it’s been very fascinating. Most of the people that I work with have vendors as it so there is there it is not in house, there. It’s a third party vendor. Is this cybersecurity, something that an IT your local IT shop is, is has the skill set and knowledge to do? Or do you have to hire a company specifically, like yours that that focuses on that? Where do you think most people fall when it comes to that?

Matthew Connor 33:33

So that’s a great question. And I think the reality is, it really varies. So we do both at CyberLynx where we do the you know it and we do cybersecurity. And there are a number that do that that same same thing. A decent if you’re, if you’ve got a decent IT group, like let’s say you do just love them, they’re really good, but they’re not that great on the on the cyber side. That’s okay. Now almost every single one of these, you know, every single cybersecurity company or another it and slash cybersecurity company like like ours will happily do what they call co managed ITC keep yours and let’s just we’ll add, we’ll help you out with the cybersecurity piece right? And get them kind of, you know, provide all those things that they’re they’re missing to kind of fill in the gaps. So if you got a great group, but they’re not, you know, so strong on the cybersecurity, the reality is a great group would have brought all of this to your attention already and said, Hey, look, you should be encrypting your email, you should have this and and if for no other reason, general just to have your back, you know, it’s like I don’t for if for no other reason to protect their reputation to say, hey, look, you’re one of our clients. And I’d really hate it if you got you know, you know if something bad would happen to you so for our out of our own, you know, selfish interests. We want to make sure that you’re really, really secure, but it’s also it’s always to their benefit.

Luis Scott 33:46

That’s a great lesson. They’re a great service provider. We’ll be proactive and we’ll bring it to your attention and not just wait to the last minute. I think that’s a great, great point. So we’ve been talking to Matt Connor, who is the founder of CyberLynx, a cybersecurity company, who’s helping you protect your business today, helping you protect your law firm, and making sure that all these bad guys ChatGPT Ai, all these things are not penetrating your system. And Matt, how can people get in touch with you if they need

Matthew Connor 35:27

cybersecurity help? Sure. Well, you can always find us at cyberlynks.com at cyberlynx.com. I’m Matt@cyberlynks.com. I think that’s probably the easiest way to get you can also find us on LinkedIn. That’s that’s another great way. But our websites pretty great. We’ve got some chat in there. You can you can get to us that way. You can email me, email us. Give us a call. Yeah, we’re available.

Luis Scott 35:54

Awesome. Well, thank you so much. And I appreciate this man, the time flew by. It’s been a great conversation, learning a lot myself. And I know our audience did as well. Thank you for being here. I appreciate it. You’ve been listening to The Guts and Glory Show.

Outro 36:07

You’ve been listening to The Guts and Glory Show for more. And to learn more about Luis hit the website at LuisScottjr.com. For consulting opportunities, hit 8figurefirm.com. That’s the number 8figurefirm.com We hope you’ve enjoyed the show. Make sure to like rate and review and we’ll see you next time on The Guts and Glory Show