Erin Murtha 0:00
Just because the way that we have evolved in software and how those integrates into our networks is completely changed the attack surface for cybersecurity.
Anne Bibb 0:13
Welcome back to Unexpected Journey. And today we are joined by Erin Murtha. Welcome, Erin.
Erin Murtha 0:19
Hi. Thank you for having me.
Anne Bibb 0:21
Thank you for joining us. So, Aaron, you have with you’re in cybersecurity, and to, in today’s world, that’s kind of a really important area to be in. And I’ll be completely honest, 10 years ago, 15 years ago, somebody would have said cybersecurity to me, and I’d have been like, what is that? Why is it important?
Why, why? Why were what? So you’re the CEO of a cybersecurity company. How did you get here? How did you even get into this field?
Erin Murtha 1:05
Yes. And I will have to say 10-15 years ago, I may have been in the same boat as you. Oh, thank you. Think there, there are more certainly more people in that camp. And then you might think, and how I got into cybersecurity is actually I fell into it, you could believe that. I was recruited by IBM when I was in graduate school, studying international commerce and policy, so nothing in the technical space whatsoever. But when IBM, you know, says they want to have a conversation, and you’re graduating, you’re definitely like, I will. Absolutely, I’m absolutely on board with that. So I had a series of interviews with them and case interviews, and it was a pretty intense process. But at the end, they said that I was very analytically minded, which has helped me in my professional career, not so much in my personal life. And I should be doing business business intelligence. So I started at IBM, in their IP vi department and got into technology, which is just sort of crazy. And in retrospect, so
Anne Bibb 2:23
you say it’s helped you in your, in your business career, but not in your personal life? How has like I, that hits me to the core.
Like, what, you know, my husband and I are polar opposites. Absolutely polar opposites. I’m incredibly OCD. He sent me this video yesterday. And I, I almost had a panic attack. It was and he was joking. When he sent it to me. He said, This is how I live my life. And it was somebody that had a box that they were putting little toys into, and there was every we as kids, we all had this right. You had there was a square hole for the square. There was a round hole for the round. There was an arch for the arch. Like every, everything had its own space. Right, right, right. But this person that was doing the video, put everything into the square hole.
I seriously started hyperventilating. And he’s like, No, it totally makes sense to me. Like everything. Everything goes into squirrel and I’m like, oh my God make the dog correctly.
Erin Murtha 3:47
That resonates that resonates.
Anne Bibb 3:50
So I’m like, I was gonna say is this what you mean?
Erin Murtha 3:54
That’s exactly what I mean. It’s just overthinking some things or analyzing things that don’t need to be analyzed, or at least not to the extent in which you’re doing it. So it professionally, it’s great because the product is you know, as close to perfect as you can get it but you know, as we know, your personalized perfect is not like I
Anne Bibb 4:17
found my tribe and Aaron.
Erin Murtha 4:24
Yes, yes, you have.
Anne Bibb 4:28
So you, you are with you had this conversation with IBM you, you’ve discovered that you were a very analytical person. And and then you’ve moved on to
Erin Murtha 4:39
Yes. And then I just got into tech and I worked for Homeland Security for almost 15 years. My friend in New York who’s working for cybersecurity company often SEC said, hey, you know, you should have a conversation with my CEO. We probably have a need here. And I did that I was impressed with the company still impressed with the company. And here I am today. So I really did just fall into it. And so I don’t consider myself a cybersecurity expert by any means. But certainly having being in the industry for as long as I have. And the amount of projects that we have done successfully certainly has been interesting, and I love talking about it. And I just love cybersecurity, just generally, which I 10 years ago would never have thought I would be saying,
Anne Bibb 5:36
well, I think that’s interesting, because we talked about how 15 years ago, it wasn’t, you know, we were both both of us were like, Whoa, what is that? But even now,
it’s involving, like, the whole cybersecurity thing. So I’m curious, as someone who was previously with Homeland Security, and is now with a cybersecurity company, and has you’ve seen so much, like, how have you seen this industry evolve over the years,
Erin Murtha 6:11
I would say where we are today has been almost an about face from where we were 1015 years ago. And the reason for that is because software used to be developed and released on an annual basis. And that’s why many organizations do penetration tests annually. Okay, as the end of the year, let’s make sure that all of our network stuff, everything’s connected, okay? configured, all right, like, we’ve got everything down, Pat. But now a lot of things that were intertwined with a lot of software that we have integrated into our networks are being updated on a daily basis. I mean, there’s software that’s released with, you know, bug fixes, or enhancements or features, you know, twice a day now. So if anything goes wrong, or if something’s not configured, right, or if there’s not a patch there, I mean, that can really, you know, impact your entire network. So, just because the way that we have evolved in software, and how those integrates into our networks, is completely changed the attack surface for cybersecurity, so, and the way we develop software and the way that we configure our networks, and the amount of tools that now exists, and where we store them in the cloud. So there have been a number of factors that contribute to not even been able really to recognize cybersecurity 10 years ago, to where cybersecurity is today.
Anne Bibb 7:53
I kind of get tired of people talking about the pandemic and how it impacted where we are today. But but I’m gonna do it. Because I think it’s really relevant to this specific industry. And I’m curious as to, you know, what you have seen and what you think that did to the cybersecurity industry, like what, let’s talk about remote work, for instance, remote work and employee experience, we saw that specific industry, remote work in it, in and of itself, had a leap forward of about five years in technology in 12 months, and I’m curious, from your viewpoint, how was the cybersecurity industry impacted during the pandemic? And since then,
Erin Murtha 8:53
that’s a it’s it’s an important question. Cybersecurity was kind of, alright, you walk into your office, and now you are logging into your network and everything stays in your office. And then with COVID, and people, you know, working from home, your network now extends from the office to check your email at the grocery store. If you’re at 711, picking up milk and you get a text or you have to access an email, you’re on your network. So now your network is absolutely everywhere. And you can take into consideration IoT. So you’re on your network at home and you know, you have Alexa, let’s say it’s up and running. And you have a bunch of your toothbrush, your refrigerator, all of these things are now plugged into your network. Now go I think that your refrigerator stores any kind of information that you really care that anyone sees. No, probably not. The people can infiltrate your network through your refrigerator, there’s that that thing is a case study of a Las Vegas casino, where hackers were able to access a high ruler database through a temperature gauge in the casinos fish take. So it’s it’s a pretty big deal having to think about everything that is interconnected now. And I think also, also worrying is how medical devices are now being plugged into IoT. People are becoming, I think, less worried about their medical records, or even even their apps in which she can have conversations with a therapist online through an app. I would be very concerned with all of that right now.
Anne Bibb 10:58
Yeah, I know several companies who, while they’re open to and embracing remote work, which it’s no secret I am a fan of. And let me rephrase that I am more a fan of choice. And of allowing people to work where they’re going to be successful, whether that’s remotely or in the office, as long as the proper procedures and care are taken. So that’s that’s what I am an advocate of. So whether that’s hybrid remote, in office, letting the employee have the choice and the ability to work. So that being said, those companies that are allowing that I have, I’ve worked with several that are saying, if you are allowed to work at home, you can not have an Alexa or a Google device in your home office, because we do not want that device recording your work conversations.
Erin Murtha 11:57
Right, right. No, that makes absolute sense. And I think most companies that are allowing remote working, because because I do with you, I mean, where are you going to get the most work done, if I have lots of calls, or I really just need to zone out and get something knocked out. I work better at home because I not there’s there’s nobody distracting me, there’s not a conversation that I’m having nothing comes up, I can just kind of wear myself off from the world in and knock stuff out. So I do think that remote working is beneficial. I think companies are also working hard to make sure that their network stays secure by having policies like that. The variable is people abiding by those policies. It’s a lot of trust putting into employees, customers, that they are actually abiding by the rules. So it’s a lot of technology and humans having to work together to make sure that there are secure,
Anne Bibb 13:02
because it is new. And there are so many things that you know, it’s constantly I think that’s one of the things that just kind of is overwhelming when we’re thinking about how quickly cybersecurity is moving, how quickly the Internet of Things is moving how quickly AI is moving, right. But can you discuss maybe a notable project cybersecurity project or success story, right? Where AACOM sec, played a crucial role in protecting the client’s assets or maybe even mitigating a significant security breach.
Erin Murtha 13:39
Absolutely. authentique is a is a small company, we definitely do friendship up our weight, though. One of our clients is one of the top five organizations in the world as far as size is concerned. So I mean, 10s of 1000s of employees, we had six weeks to breach this, this company, and three of our guys was able to do it, they were able to do that. So that is a huge success, which, again, speaks to the people that work at Aqua sack. But that was that was probably the largest part and being able to tell this company, hey, look, here are three use cases. We were able to breach using each and every one of them. And this is what you need to do to be able to fix that issue. That was that was big. That was three people. So that was that was probably one of our largest successes. And then of course we do a lot of physical testing too, which is always fun. Yeah, traverse rivers. We have gone through forests to get to we that insurance of a company and resume have to break in that way. So there’s been a lot of fun stuff. On the other side, too.
Anne Bibb 14:55
I envision in my mind that Like the shows the televisions, movies, the like, we’re there. You’re the good hackers, right? Like, you’re the good people that are actually what do they call like the What was her name Patricia Arquette, right? Like where she was on the show and they were actually trying to physically break in to show people where things are bad is that what y’all are doing is you’re actually really breaking in to show people where the gaps in the system are.
Erin Murtha 15:33
Exactly, that’s exactly what we’re doing. So we’ll have a company come to,
Anne Bibb 15:37
gosh, can I get your autograph? I feel like I’m talking to Patricia. Right now.
Erin Murtha 15:44
But, and to be clear, that’s certainly not me doing all the technical stuff. But yes, now we have our ethical hackers, our security engineers, they will talk to the company will have a good understanding of what they do, what is a bad day look like for them, and what kind of resources that they they need to protect. Another unique thing about our team is that we understand the business context. So we will, we will have their system and we will say, hey, this needs to be fixed. This is how we did it. This is why we thought about doing it. But also, this is what you need to do to fix it. And this is either a critical finding that we had or not so critical. The business context comes in, because we might be able to, let’s say access a file folder that they wanted protected. And anyone would say, hey, look, you wanted this protected, we were able to hack into it, this is critical, you need to fix it. But it’s in that file folder. It’s the cafeteria lunch menu for that week, you probably don’t want to get all of your resources working on other security things off what they’re doing, to come fix this. So that business context is applied, hey, at some point, you’ve got to, you’ve got to make sure that this is okay. But also, it’s the lunch menu. So make sure that you’re able to take your resources off this at some point, but it is not a rush.
Anne Bibb 17:22
But what’s interesting is you you mentioned it’s not just about ethical hacking, you have some fun things also, which is about physical as well, trying to protect physical assets as well. How does that fit into the cyber security realm?
Erin Murtha 17:43
Well, so for example, I guess it’s more of a broader security in that context, but you are able to get into people’s offices, we have been able to get into people’s computers in their offices while they’re not there. So you can be connected and being very safe on a network. But if you didn’t lock your office, or if you didn’t, for example, if you did not log out of your computer, when you left your desk or lock your computer, when you leave your desk, somebody can easily access that and figure out how to get into it. So they are intertwined.
Anne Bibb 18:25
Okay, I get it, I get it. And again, I go back to how many times have we seen these movies where people like even Fast and the Furious, the lady on Fast and Furious where she’s like the the ethical hacker, right? And she’s the one that’s constantly trying to use her computer to get into a building of some sort. Or, you know, it’s it’s amazing to think that there really are companies out there that do this.
Erin Murtha 18:55
Absolutely. I mean, if you’ve ever served in a hotel where you’re able to electronically enter your room with a keycard. We’ve had those. There are lots of apartments that I’ve seen now, here in New York City where I love where people can get into the departments using a key code, a key code. Companies have that. So it is interesting, where we’re getting to and I I wonder what it will take for those sorts of physical breaches to say Niki, this is not the best. The best way to doing this. I know in our office, in our office building in our headquarters here in New York City, they do have electronic key parts and we had them installed actual physical lock to get into our offices because they’re just too easy to have.
Anne Bibb 19:48
There are so many people in the world well in the world, at least in the United States that are using those app based front door locks now Yes versus Yes. I mean.
Erin Murtha 20:07
Yeah, no, that is exactly what I’m saying I think IoT Internet of Things is going to become a bigger challenge. And for lots of reasons, one, I mean, now with cars, not with IoT that are built into cars, I think there was a carjacking or somebody posted yesterday, a carjacking that happened and believe in China, because they just, they just drove the car away, they were able to hack into the car, and then trying to get away. And the fact of the matter is on your network, you’ve got all of these things connected. So you’ve got your car, like I said, car toothbrush, refrigerator, Alexa, you have all of this data that maybe you don’t share with your refrigerator, figure. But that guys will be able to use that to get into your network and access everything else. And if you’re working from home, you’re using your network for a lot more than the thing you probably realize.
Anne Bibb 21:06
So tying this into it. So we’ve talked about your kind of the employee experience, but tying this over to a customer experience. How can and I’m, I’m reaching here, right, like really reaching all of these IoT things, because what they’re what they’re trying to do is make people’s lives easier, right? We want you to be able to turn your lights off without having to get up, we want you to be able to, you know, control and make a smart house, right. But in doing that, it seems like there is an innate risk that has been created. So from a customer experience, how can they alleviate or what can be done, to be able to continue to have a good customer experience? Make it easy for people, but reduce that risk from a cybersecurity standpoint?
Erin Murtha 22:15
It’s a good question. And, and really, you know, like with everything, there are pros and cons to everything. You might recall last year, the White House had a I think it was its first ever cybersecurity Summit. And they were addressing these kinds of questions. How do you let the customer know what the associated risks are? To their very convenient, you know, new clap on clap off and the lights come on? They come up my
Anne Bibb 22:47
god, we’re dating ourselves, Aaron.
Erin Murtha 22:52
example? Example. But how do you know what those risks are? Unless you’re really like know, tuned into this stuff, and who’s tuned in to all the stuff not not everybody is buying this stuff is you know, and Ethan Egan regulators don’t understand. I mean, you probably saw them Mark Zuckerberg questioning, you know, from Congress, and their lack of understanding was just so obvious. And there really is a lot of understanding, because one, cybersecurity changes on a daily basis, it seems like so you might think you get a grasp of it one day, and the next day, it looks different. And then also just your everyday consumers. They’re buying something that, you know, like a security camera maybe. And they’re not understanding fully what those risks are, that are involved. So at this White House summit, they came up with a bunch of different ideas, some checks that companies should go through compliance wise, to make sure that everything is secure. But there’s also an ER believe it’s going to be rolled out this year, there’s going to be a labeling system. And that’s going to provide customers information on possible security threats, and what those devices that they bring into their homes, what those risks are. So it’s going to be interesting, you know, the, the, the attendees at this summit or Google, the CEO of Amazon, IBM, big company, tech executives that are making big, lofty decisions on what is safe and what companies need to do to ensure their customers are safe. Pros and Cons again, because these are large companies with big budgets. So what does it mean for medium sized companies and smaller size companies that don’t have the same resources or a security program? Or they can say, Alright, these are things I know I have to look for. And now I’ve got all these compliance checks. I’ve got to do what I thought one resource. So what do I have them do? Check off all the boxes, or work continue to work on this stuff where we know we have threats. So, Joe, I am going to be curious that everything that comes out of what that summit was simply because there was no representation, or very little representation of smaller to medium sized companies and what their budgets and resources actually look like.
Anne Bibb 25:33
Okay, well, I do want to get into some leadership and cybersecurity questions. But before we do that, it’s time for a little this or that so that people can get to know Erin a little bit. And I know you’ve watched the show, and I know that you. So just a reminder for those who have not seen the show yet. I’m going to ask Erin. Two words or phrases. She’s going to give me what works for her. We’ll both answer and we’ll talk about why. So first question, pancakes
Erin Murtha 26:08
or waffles, waffles, that’s easy. Water syrup. And it’s you can use you know, they’re malted, they’re a little bit malted.
Anne Bibb 26:18
So I also went for waffles. But mainly because I haven’t had one in forever. So I’m a celiac. I am gluten free. And my husband makes me wonderful gluten free pancakes all the time. But I cannot tell you the last time that I had a great gluten free Well, actually, that’s not that’s not true. I can’t tell you the last time I had a great gluten free waffle. I was in San Antonio. And there was this little shop there’s this little bakery that was a gluten free only restaurant and bakery. They went out of business. But they I remember my mom and I having this great gluten free waffle down there. But of course they’re out of business now. This was like 10 years ago. So it’s been a while since I’ve had a good gluten free waffle. So you guys watching if you have no have a good gluten free waffle place. I am all ears lead me now.
Erin Murtha 27:25
So am I I would like to be in on that too. Yes. Delicious.
Anne Bibb 27:30
Aaron and I could go and meet up for waffles. There you go. All right. Let’s see morning person or night person.
Erin Murtha 27:41
I’m a night person. I’m a night person. I would love to be a morning person. When I get up early in the morning and I get stuff done. I feel so accomplished. And when I am up late at night, you know, I don’t know what it is. I don’t know why I don’t always like some reasonable hours go to bed, but I’ll find something else to do or something to Google Online. So I am definitely a night person but love to be a morning person.
Anne Bibb 28:10
See this one is interesting for me because I’ve always been more of a night person. But as I’ve gotten older I don’t know why like I’m naturally just starting to wake up earlier. Is this like an old person thing? I don’t know. Like my husband makes fun of me because like I want to stay up like I physically my brain wants to not go to sleep. But I could not stay up anymore. Like by 10 o’clock
Erin Murtha 28:50
I think you’re lucky I think you were lucky that you’re able to go to sleep early.
Anne Bibb 28:55
Unable Aaron I like can’t i It’s narcoleptic.
And then I want to sleep late because I’m tired. Like 715 in the morning. I’m like why am I here? So maybe maybe if I just go on vacation or something? I don’t
Erin Murtha 29:22
Oh, yes. Yes.
Anne Bibb 29:29
stay up all night and kind of person were like I wouldn’t go to sleep until two or three in the morning. That’s how I used to be.
Erin Murtha 29:37
Yeah, yeah. I don’t know what you need to me to and I even if I’m up really late I somehow I’m also just waking up early anyway regardless which well,
Anne Bibb 29:51
and it’s it’s always like 15 minutes before my alarm goes off to which then makes me mad and like I have 15 more minutes Yes, yes. Okay, let’s see here, Summer, or spring?
Erin Murtha 30:11
Oh, that’s a good question. I love I’m from South Carolina. So I do love the warm weather. So, but but spring is nice because everything’s blooming and it’s not so hot and humid. So I’m gonna go with spring. I’m gonna go with spring.
Anne Bibb 30:28
I too went with spring because I am from Texas and summer is like, death. So you know, it’s just I was telling somebody earlier I said, when you when you can walk outside, and your glasses immediately fogged over. It’s, it’s not fun. It is not. Because you’re now walking along. You’re you’re now outside. And not only are you hot and sweaty, but you can’t see. So So and then somebody I heard somebody telling another person the other day that you know what, it’s only June. This is just the preheat. This isn’t even the heat. Yeah. Pass on my summer. Now. All right. Last question. Sweet. Or savory?
Erin Murtha 31:31
Sweet. I have a very big sweet tooth. i Yes, definitely sweet. No question. Hands down.
Anne Bibb 31:41
Easy. This is another one that I like, I would love to put them together because sweet and savory like petal corn, you know. Skin gonna go well together. But let’s be honest, this face didn’t get this round. By just going by savory. I too have a sweet, sweet tooth. So I also went with sweet plus, I don’t know what it is about. The whole gluten free. All of the gluten free things. If you go out there and you start looking for recipes. They’re all bakery stuff. Like, here’s a gluten free cookie. Here’s a gluten free cake. Here’s like, Can we do a gluten free main dish that’s healthy for you? Or can we do it. But of course, if you find a gluten free cookie, you have to make it because it looks fantastic. Everybody’s like trying to show you how to make all of these gluten free sweets. Because those are the hard things to figure out how to make that are gluten free. Wonderful. That’s great. I want to figure out how to make a gluten free dinner. We figured that out. Because I now know how to eat and make all of the gluten free sweets that you guys have shown me.
It sounds like we’re very light on a lot of things. And I love that. Yeah, yeah. Well, thank you for playing this or that. Now let’s go back into the world of cybersecurity. And I’d love to talk to you a little bit about some of the challenges that you’ve had leading in this space and how you’ve overcome them. So you’ve you’ve kind of stepped into a leadership role at Arkham. Sec. How, and, you know, you’re in the CEO role, right?
Erin Murtha 33:47
So right.
Anne Bibb 33:49
You’re not You’re not out there going through the rivers and breaking into the buildings. You’re not doing all that, but you are leading quite an interesting team. How, talk to us about how it is leading these, this team of interesting and incredibly smart individuals that can basically, you know, roll the world.
Erin Murtha 34:12
Right? Yes, well, I’ll have to say the biggest challenge has been helping grow the company from becoming a medium sized company from a small company. When I first started, it was 10 or 12. Like, you know, hackers, kind of just doing their thing, and then being brilliant at it. But, you know, obviously your company, so things need to be organized and there has to be process and, you know, you have to submit time off. So, you know, there had to be a lot of this building of things. That’s not technical related. And so, that has been a challenge in that you are building something from nothing, you know, as We’ve gotten bigger, I’ve realized it’s, it’s easier to take something and make it better, or realize that this thing won’t scale in the future. But when you’re small, and you don’t know what’s gonna work, you’re gonna make mistakes, you’re gonna fail at things, and you’re gonna just have to be creative, because you’re probably also being frugal. And you’re probably also, you know, having to wear 10 different hats, and your employees are also wearing 10 different hats. So going from a small startup, to a medium sized company has certainly been one of the most challenging, and also most rewarding things as a leader in an organization, but in also a cybersecurity organization. And it’s also learning cybersecurity and keeping up and, you know, meeting others in cybersecurity and learning their perspectives and kind of figuring out and understanding their why and their, their approaches to things that might be different to yours. I think. I think learning is actually one of the key components to, for anyone in being successful in their careers that I found anyway.
Anne Bibb 36:19
So how do you do that, you know, when you’re in the midst of more than doubling the size of a company, and taking a team that is so smart, that they don’t want to take time off and trying to put all of these policies and procedures in place, right, and doing everything that a CEO does. How do you stay on top of the current trends and the challenges of the cybersecurity industry?
Erin Murtha 36:49
Well, we have a wide range of customers. So they all have very unique problems, and their approaches, their problems or their fixes to those problems that are very wide ranging. So we have to be on top of, okay, this is this is what’s going on, this is a trend that we’re seeing, regardless of your company size. And your approach is going to be different, because you have different resources, and you have different budgets, and you’re not going to be pushing different tools feel like every other day, there’s a different tool, and this is the silver bullet, this is going to fix it. And that’s just not the case. And in sometimes the more tools you have, there’s going to be an issue because something’s not going to be configured or something’s not going to be patched. So we have no other choice, really, but through our project, or customers and hearing there needs to know what the evolving threat landscape is. So that’s how we do it. And again, it just comes down to our people, you know, they are, they are brilliant, they’re passionate about what they do. They they all like wearing different hats and understanding different components of the business, which is, you know, not a job requirement. Um, so it really comes down to their creativity, they’re reaching out, noticing these trends, understanding these trends, conversation conversations that we have with other people in cybersecurity, whether those are our customers, or colleagues, or just our business, you know, knowing people just from, you know, business conferences and meetings, and that sort of thing. Again, I have to stress learning, you know, this is this is an industry where you have to have some humility, not everybody knows everything, you have to approach things as what can I learn from this person? And I think that’s where the successes
Anne Bibb 38:52
are. We think that in this industry, if you stop learning, then you stop, like growing, are you at that that’s the point, right? That you actually become obsolete, because this particular industry is ever changing. It’s almost living with how much it’s changing
Erin Murtha 39:14
apps. That is, that is exactly it is like a living thing. It is always changing. How your organization operates might be changing. You might be downsizing, you might be hiring, or you might need different integrations within your network because you’re taking a different approach in your business. There are so many different variables to how organizations need to be secure or how they secure themselves that if you don’t take a step back and listen to what your customers are trying to achieve, or what they’re trying to avoid, or what they’re trying to protect and how they’re trying to do that. Then Yeah, absolutely. To your point, you’ll become obsolete. Like, you really have to listen and understand, you know, what your customers need? And then on the other side of that, you know, what’s going on in, you know, how are how is data moving from networks? What are the trends that are that are going on and understanding it and then doing something about it?
Anne Bibb 40:22
Yeah. So what do you think are the most significant cybersecurity threats and risks that businesses and individuals need to be aware of in the in the coming years?
Erin Murtha 40:34
I think IoT is a big one, I think we’re really going to have to wrap our heads around that. It’s interesting, I heard recently a case where a AI persona bot was, you know, came across this being this this person at a job interview. And then that person persona was hired, because it’s all remote. So it all happened over video conferencing and that sort of thing. They were hired, and then they were able to infiltrate and attack the system, because it actually wasn’t person. It wasn’t a human, who was actually a i. So these are things that we’ve really thought about before, you know, when you’re interviewing somebody over video conference, how do you know that person’s a person? You know, is that something you considered an interview before, these are all new things that we have to be on top of, we’ve got to educate, you know, our companies or employees on this kind of stuff happening. Again, to your point goes back to learning, you have to know what’s going on so that you can be prepared for it. So IoT, baffling
Anne Bibb 41:48
to me baffling to me that any AI? I mean, if you’re talking about a video conference, like we are on video right now, if it is that good, that somebody thought that they were talking to an actual human being face to face, it is mind blowing to me that we have come to that point.
Erin Murtha 42:12
Right, right. I mean, there are there are even tips and tricks to to identifying non human in a video conference, and I believe it’s just, you know, have them look left or right. And you can see if there’s any pixelation around the image, then you need your your right to question your the validity, you have to have the thing you’re speaking with. So
Anne Bibb 42:41
it’s just now I have fallen victim to not an actual video, like talking to somebody. But I walked in, my husband was playing a video game.
And I said, What movie are you watching? Because it was such an excellent video that I thought that it was people in a movie and he was like, no, no, this is like Call of Duty or something. It wasn’t Call of Duty, but I don’t know it was something. Right, right. But the actual animation was so good that I thought he was watching a movie, but I haven’t yet like I should knock on wood because I’m not perfect. But it’s just like, we’re there. We’re there.
Erin Murtha 43:35
It’s we are we are there and beyond. There was another case where there’s lots of voice impersonations going on now that I heard. Yeah. Okay. Okay. All right. So God,
Anne Bibb 43:49
I actually just read, did you read this article that there’s a warning out of people falling victim to kids calling them their own children calling? Right.
Erin Murtha 44:03
Right, right. Company for some time, saying I’m in danger. I need help. You need to pay ransom. And of course, your mother and you’re hearing her kid saying they’re in trouble. I mean, you just immediately go to Okay, what do I need to do? Where are lying? I’ll do it. I had
Anne Bibb 44:21
to send that to my kids. Because I’m out there. Like I’m a I’m a public figure. My voice is out there. Right. And I had to tell them, I’m like you guys. This is if somebody is calling you saying that they’re me. And they’re not me unless they say so. They all know. Right? Like right to ask. Because they say that. It’s not me. Yeah. Right. Because it would not be difficult for somebody to create a voice me being who I am.
Erin Murtha 45:00
Right. No, I mean, that is good that you did that very smart that you acted on that because you’re absolutely right. It isn’t difficult in there. You know, like customer success. For example, there are lots of prompt systems you call an 800 number. And it’s like, say your name. What is your social security number? You don’t have to Can I just
Anne Bibb 45:19
say like, I’m gonna be mad at you all day long right now that you just said, say your name, because I’m gonna have Beyonce in my head all day now. Hey, my name? Sorry, Sydney, do?
You know, she’s gonna put that in just to spite me now. It’s gonna be the highlight. But no, it’s wild to me that we are not only there from a, from a whole capability standpoint, but there are people that do it
Erin Murtha 45:57
like crazy. Why?
Anne Bibb 46:00
I mean, why are we scamming people like this? It’s just, it blows my mind? Yes.
So we we’ve talked about the evolving landscape. And, you know, one of the things that I have not called out that I do want to make sure everybody knows is that you were actually recognized as one of the top 25 women leaders in cyber cybersecurity.
So, you know, first off, congratulations, that is not a small thing. What do you think are the key qualities and skills that are really necessary to be successful in this industry?
Erin Murtha 46:50
Certainly curiosity. And maybe that ties in a little bit to what we were chatting about earlier. Warning, you know, you have to, you have to be very curious about, what did you find? How did you find that? What does that mean? I’m being very involved. And yeah, I don’t think I can say more than just constantly learn and know what’s out there and have conversations with other people who may have tried something a different way. And why did they do that? I think, I think those are, I think those are key traits and in leadership, that and also making sure that they’re not leaving with ego, you’re making difficult decisions, probably, and they’re not easy decisions. And those are usually the hardest ones. But you know, they’re right in there, right for the organization. And it’s just that laser focus that we talked about before, that you today, you just have to stay on that path, you know, I don’t think I don’t think it matters so much where you are in the boat, so long as your focus is to get across the lake, you know, wherever you need to help. That’s, that’s where you go, you know, I think if we’re not leading by ego, and we’re recognizing that our team is just, you know, brilliant, creative, motivated, and doing 10 different things. When you’re a smaller company, I think if you recognize that, your team, and you’re all on the same page that that you’re gonna, you’re gonna be successful, I think.
Anne Bibb 48:35
So, last question, Aaron, why would somebody reach out to you? And how would they reach out to you?
Erin Murtha 48:45
Well, they my email I think you have, they can’t, they’re welcome.
Anne Bibb 48:50
To put it up on the screen right there. Perfect. And
Erin Murtha 48:54
I’m on LinkedIn. So absolutely reach out anytime. I’m always happy to chat. If you want advice about where you are in your career, or in your studies, I’m more than happy to chat about that. What next steps might look like. I’ve talked to several students actually over the course of a couple of years where they are interested in, they’re passionate about cyber and they really want to try it out. But they are not at the point yet where they would be coming on. It’s even as a junior level and we’ve created internships for those people. And they have been very successful and they’ve learned a lot and they contributed a lot to our company as well. So there is no level or there’s no particular job title needed. Just reach out with any questions or if you just want to chat cipher. I’m always always up for a chat with a
Anne Bibb 49:50
chat cyber. What Aaron, thank you so much for joining the show today. It’s been great chatting with you. It’s always Great catching up with you. And it’s, you know, I, I’m sure we will be on the show again, probably in the next few months. So I look forward to it.
Erin Murtha 50:10
Awesome. Thank you so much for having me. It’s always fun to chat with you
Anne Bibb 50:14
and everybody else. Thank you for tuning in. And we will see you again next week. As we wrap up the episode, we would like to take this time to thank you for joining us this week on unexpected journey. Our guest information will be linked in the episode description, along with a link to our hosts website, and bibb.com and our sponsors websites, remote evolution.com, ethos support.com, and your cohort.co. Please don’t forget to like, subscribe and share on your favorite podcast app and on our YouTube channel so that you never miss an episode and we can continue to bring them to you. Let us know your thoughts on what we discussed in the comment section. And once again, thanks for joining us. We hope to see you again next time on Unexpected Journey.
