White Shark: security as a service in an ocean filled with threats – an interview with Laszlo Borsy

Paul: Hi everyone! Welcome to the 14th episode of "under CTRL". My name is Paul Bartlett, and on today's show is Laszlo Borsy, who is the Vice President of Business Development at White Shark. White Shark is a security-as-a-service provider that provides 24/7 endpoint protection. We will discuss why their groundbreaking security-as-a-service business model is a win-win situation for all types of enterprises. Hello Laszlo, welcome to the show!

Laszlo: Thank you very much! Welcome everyone!

Paul: It's good to have you here. And like I say, I'm really excited today to be able to have somebody in the studio with me, rather than on a Zoom call. So it's certainly a different experience here. So what we'd like to talk to you today is about the security aspect of things. And I'm going to hand it over to Laszlo, to talk about the company that he represents, and a little bit about himself. So, Laszlo, take it away!

Laszlo: Thank you! So... my background, you know, initially I started working in the security space in the United States when I was seventeen years old. I started at a company called Search Software America. And we were, with our systems, were doing financial fraud detection for large organizations, because we were using a dramatically more interesting search algorithms, than just text by text, exact matches for searches. And the- in the financial fraud detection, it was very important, because many people were just changing their data just slightly, so that they could appear as a different person. And the- they were using it for identity theft and other tricks. So even large banks and the FBI and the CIA were using our software systems for fraud detection. Then I was graduated from universities in the U.S. and worked for in the first line, the quieter state-of-the-art technology company, such as Banyan Systems, a state-of-the-art network operating system manufacturer, then Sun Microsystems, and later for the largest internet service provider in America, called America Online. So I ventured into the business world later and moved back into Europe. And that's where I met Sándor Fehér, who is the founder of White Hat, the IT security system services. And he told me about- he's found experience of White Hat and I- you know, even during our initial conversation, it really attracted my attention. And we ended up establishing a business relationship, and a work relationship together. So a few words about White Hat itself: You know, it's formed from the core members of a Hungarian national security agency. And they decided to quit their government posts, and founded the White Hat. The- about seven people. And initially, they were focusing on pre- and post-incident services, which they were very successful at, because that's what they were doing on an ongoing basis in their past.

Paul: Okay. That was interesting, to understand why they kind of saw a gap in the market. Is that why they- that they quit? And they decided to go with a new startup? And- because these are coming from pretty respectable organizations, right? So...

Laszlo: Definitely.

Paul: Yeah.

Laszlo: Definitely. Yes, they saw a market window, which later, after I joined, I shared the same identical vision. In fact, the IT security space is, I would say, in its infancy currently.

Paul: Right. Okay, so there was this kind of gap that everybody collectively recognized and said, "Okay, we can serve that need there. Let's go out. Let's form a company." Which is what you've done. And go from there.

Laszlo: That is correct. So once I joined, I, together with Sándor, I saw the need that, you know, attaining customers only on an incident-by-incident basis makes our business model very, very difficult. So we thought of the need to provide ongoing managed security services as well, so that we start having our customers realize for an ongoing need for a protection of their data assets and their values inside the- their corporate environment.

Paul: I see. So when you say "the customers", what do those customers look like for you? When- are we talking about small- small or medium enterprises? Are we talking enterprise-scale? Or is it a broad spectrum of customers that you're- you've started to deal with?

Laszlo: We started to deal with large multinational companies. This is given, because the business cycles and the current space is not very educated about IT security. So the business cycles are long, the space is not very transparent, even from a pricing perspective, and- and the services offered in the market are not commoditized. So, you know, first the potential customers need to understand what it is that they would be getting. Even for an incident response case, they have to evaluate very carefully what it is that they would be receiving as a fixed free post-incident service. And it makes this very difficult. So this is why we decided to move forward and focus and dedicate some of our capital to developing White Shark, which is a managed- ongoing managed security service.

Paul: So let's talk about the gap. Okay? When you- we said- or you saw a gap, what gap did you see? Because we would assume that most large organizations have their own security teams, if not, it's outsourced - and they're pretty well protected. However, what we've seen over the years is that the likes of big organizations, like British Airways and various other organizations, have been hacked. So what part of the services do you provide? And maybe you can give me some examples with customer stories of what the problem was or- that they suffered from, and how you came into the picture to either prevent it or support, you know, the instant response.

Laszlo: Absolutely. So as you mentioned, only and even large organizations can afford proper, professional personnel that can size up and understand their IT security requirements. And even those large security- large organizations and enterprises that are protected via these professionals and software systems that they harness, they also get from time to time penetrated. So I will talk a little bit more about our vision and our, you know, focus in our product, and what we think is our unique selling point in our ongoing managed security services. But let me first, as you touched upon, let me talk about a couple of case studies, what we, you know, came about and what we sold for a couple of large organizations, enterprises, in the corporate world. So first, you know, in the early development phase of the company, we encountered a large pharmaceutical company that got penetrated and in a very sensitive time period, when they were actually establishing a key business relationship with a partner. And they immediately saw the need that they have to filter out, if in fact, this penetration and this incident was caused by this interested potential business partner, or it came completely from a different, completely irrelevant and independent source. So in this case, to be able to isolate different parts of their network and different parts of their systems, we even had to harness, you know, for quick movement, you know, between their eleven sites in different countries, we have to- we had to harness a helicopter, so that we can move between their sites, you know, to quickly and dynamically make sure that all those isolations are perfect and impenetrable.

Paul: Right. Okay. A helicopter to move between sites.

Laszlo: That's right.

Paul: That's a pretty good use ca- use story. So... yeah. So I mean- you considered that you had to move between these different sites, so you're talking about on-premises threats, are you? Or... in these large organizations or what kind of instance are we talking about?

Laszlo: We had to make sure that, you know, even physical access...

Paul: Right.

Laszlo:...is only granted, you know, to the proper access levels, and so in those isolations, we- sometimes it requires - even in today's state-of-the-art digital world, it requires that we have physical presence in rare cases, such as in that case.

Paul: Right. I see. So when we think about security threats, so- there is also a physical element there as well, where sometimes that's overlooked, when we think about security, of course, where- I mean, I'm personally using swipe cards to get into the building, so we're talking about that kind of level of security, where you're using key cards to get into buildings and (inconclusive).

Laszlo: That's correct. Yeah.

Paul: Right, okay. Okay. So that's very interesting. And what other ones have you experienced with regards to some of the instances that you- that you've had to adjust-

Laszlo: So another interesting case: We had one large actor in the Central European, Western European energy sector.

Paul: Right.

Laszlo: And they encountered a- an incident where, you know, certain parts of their system, which is used to, you know, control and manage energy distribution, they became vulnerable. And we had to use our techniques of our incident response IR team to make sure that we completely isolate them from these adversaries and remove them from their systems.

Paul: Right. Okay. And is that top secret information, how you do that? Or can you give me a little bit more deeper explanation? In this like: What is it that you actually have to do to isolate them to protect them? What kind of steps and processes do you have to go through to do that, to make sure that they're safe?

Laszlo: Yeah, on a conceptual level, absolutely. I mean, initially, you know, we have to go layer by layer...

Paul: Right.

Laszlo: ...and analyze their systems. And we have to isolate the different system parts and see if there's a- they don't have the ability for any lateral movement inside their systems and network. And we have to make sure that there's no persistence that is established on multiple levels, so that even if you fixed, simply put, you know, one hole in the system, that they cannot exploit another.

Paul: Yeah.

Laszlo: So... in these cases, it's always very important to- that- to mathematically make a complete quick assessment of the customer's network and environments, and what components it has, what kind of different versions of the systems, what- each level of patches they install or didn't install. So, you know, this goes into more- deeper into understanding security in today's world. So many people think of IT security people as those geniuses with the very thick glasses that, you know, sit in front of their computers. But in fact, you never have the time, you know, at the time an incident happens on an atomic level, to try to solve the puzzle of one small component of a system. So it's more about being able to understand the tools available to you and available, you know, at the highest development level, to assess where these penetrations came from. You know, often we share- you know, we're members of several different communities in the IT security world, where we share information and patterns of attacks. So when we see these patterns between each other, then we right away- we can recognize, "This is the pattern that these attackers use, so this must be that." So that we start using the tools immediately available to us to fix these issues. So actually, it's not the geniuses with the thick glasses that, you know, have lots of time to fix a puzzle, it's really security experts with very deep connections in the world that actually can quickly bring solutions about.

Paul: Right. And- that's pretty interesting, that there's a community of good guys out there, and a community of bad guys. So you've got a big network, as you mentioned, where you share insights with each other, to try and solve security issues?

Laszlo: Certainly. So we are members of all the influential networks of security experts and the companies that act in the security world.

Paul: Fantastic. It's good to know we got some good guys out there, like yourselves, addressing these security issues. 'Cause we see lots of security incidents, and I think there's a lot more security incidents on the rise. Certainly, in more recent times. And I think we'll come onto that a little bit later, of c- what the current situation is. I wanted to ask you about the- basically, what is the biggest issue out there today? What's the biggest threat that you're seeing right now?

Laszlo: The biggest single threat that we identified lately, especially during this COVID epidemic, is the available penetration techniques that are out there for mobile devices.

Paul: Right. Okay. Can you tell me a bit more about the mobile device? 'Cause that's- everyone's got one, right? So everyone is using mobile devices, and certainly within the work environment as well, so what's the threats there? Is it- are they more vulnerable than, let's say, your laptop?

Laszlo: Certainly, because they're naturally connected, in more ways than the people that are using them realize, to the corporate environment. And so our managed security services' architecture is what we call a "mobile first" strategy. That we're checking vulnerabilities and potential penetration holes inside the- you know, the mobile devices that are used to- for the workforce, to do certain tasks. But at the same time, you know, you know, you asked earlier, "What do we see and what is the uniqueness? What do we see as a market window for our IT security services and our White Shark service product?" So- and I also mentioned earlier that during these few years of development, we realized that, given the business cycles and the difficulty in understanding, you know, a non-transparent security world of "what is the need", we realized we have to simplify this environment. So we created White Shark, which is a homogeneous multi-platform and a transparent managed security service environment. So what do each of these different sexy words mean?

Paul: I wanted to ask you! Break that down for me.

Laszlo: So... so it's "homogeneous", because we're not working in a disconnected service environment that- it- from one service- portal and service area, we can detect all the different threats that can penetrate a customer's network and device portfolio. So it works- and all these sensors that we put on mobile state-of-the-art devices or legacy PCs or macOS-based devices and server-based operating systems, and it all arrives in a homogeneous space, and then we can look at all the different flags and look at, you know, our playbook-based detections, and can react to different alerts that come into that system. So that's why it's homogeneous. In many, many environments, before we created this homogeneous environment, they have to look at several different tools and alerts from several different products, and make a conclusion from that. So that's why it's homogeneous.

Paul: Right.

Laszlo: It's "multi-platform", because we can establish our sensors and monitors into different kinds of operating systems and different hardware platforms. Why is it "transparent"? So transparency comes from multiple different aspects. One, it's transparent because the cost of the different services that we provide, we make it completely transparent. You know, early on, when I started working in the security space, I was the one in the team that did a competitive analysis of what is the competition doing? You know? And are we at the right place at the right time, or not?

Paul: Yeah.

Laszlo: And surprisingly enough, even the main companies sometimes took two, three months to give me a price quote for the different security offerings. And in a small, in a medium business world, that's not- that's just not usable. Because they don't have the time to assess that information, wait for a price quote for two, three months, or even to establish a conversation with the sales team of that competitor of ours. So we made the pricing also completely transparent. Also, on a data level, we are transparent. So, you know, there's this issue of who can be the trustor of the trustees, you know?

Paul: Right.

Laszlo: That's a- in the security world, that's a very important argument and important concept. So we also make it to our customer, whether it's large, small, medium, SMB, that- how is the data being handled and who is the trustee of the trustors. And so... we are- we created this environment, and now we're well underway, working with Microsoft and this (inconclusive) of technology partners to even further simplify these steps. So that, you know, in an ideal world, we'd like to have a product just like Tresorit has...

Paul: Right.

Laszlo: ...that with one click, it installs everywhere. Whether it's a mobile environment, whether it's a legacy PC or a macOS environment, and with a few steps and a few configuration and accepting the terms and conditions and the charge model, you know, and how is the financial transactions in the system, in the trial model, being handled? Then immediately, can start protecting their environment. Currently, we are the industry leaders in- and we are the easiest to install and we are the easiest to understand what we're doing in the managed security services space. However, we even have a, you know, long way to go.

Paul: Yeah. So you're kind of a disruptor, really, to the existing business model? You've got a completely new business model, where- like us, we're a software-as-a-service, you're more like security-as-a-service, and you've put these things together, these elements, that you use.

Laszlo: In this aspect, IT security-as-a-service has been around.

Paul: Yeah.

Laszlo: But certainly, with all these additional aspects of how we're, you know, comforting and ensuring our customers that their data is protected, and that the trustees don't have access to their data, and how- if they do have access, the trustor of the trustees, in what level and how is it protected. Also, from a pricing perspective that- what are they paying for? So from all these- and the homogeneous environment, so they don't have to worry that two weeks later, somebody will tell them, "Hey, you don't have protection for mobile, so why don't you buy this... buy that... ", and then they get confused, you know, that they have to run multiple environments. So from that aspect, it's definitely a paradigm shift in the space.

Paul: Right. Okay. I wanted- there's one thing that we were talking about earlier, before we started the podcast, which was really interesting for me, and I think we can expand on this is: What are we- what are you guys- or certainly Tresorit as well, what are we protecting from? I mean, we talk about protecting customers' data. And an interesting comment that came up was industrial espionage, or people wanted to take basically your ideas, your IP, whatever it is. Wanted to get in. I mean, we see a lot of ransomware attacks, and we see a lot of publicity around ransomware attacks. It's constantly in the news. Basically, people encrypting files or bringing down your system. But there are other things as well out there that people are not so aware of. Could you give me some information on that?

Laszlo: So... certainly. You know, those are very, you know, James-Bond-type stories.

Paul: Yeah.

Laszlo: This industrial espionage, which we're also able to diffuse and isolate the adversaries on the network and the systems that they're trying to penetrate. You know, we had cases in the electronic (inconclusive) world and in different other spaces, which we managed to secure the environment for that particular industrial player. However, what we'd like to bring to the attention of all the listeners...

Paul: Yeah.

Laszlo:...that just like Tresorit is very useful to protect data and files on an atomic level, you know, even small medium business enterprises are in need for protection on a system, an operating system, and overall enterprise level. And that can be attained in a simple way, so they don't have to spend months and months on understanding the- you know, what they have to pay for, for the need that they're developing.

Paul: Yeah. Okay. So that, for example, if I'm a small legal firm, and I'm holding sensitive denta- data about my customers, my clients, or I'm an accountant, then something- your service is something that we should be considering and looking at?

Laszlo: Absolutely. And you don't have to spend six months understanding how much you're going to have to pay for that.

Paul: Yeah.

Laszlo: But we can quickly, transparently, you know, assess your environment and give you a quick and easy-to-understand way to protect your data. So it's- especially if, you know, legal firms. What you bring up is a perfect example, because they're handling- and they have third-party liability towards their clients, if they leak their sensitive data.

Paul: Right, okay. And are we- 'cause we have, of course, a lot of- probably there are some listeners out there as well that are from legal entities, who probably don't go that far with requiring additional security services.

Laszlo: Well, they don't even realize the need.

Paul: Exactly. Yeah. I speak to a lot of legal firms, and we sometimes struggle to present our solution to them and why they should be moving to Tresorit for end-to-end encryption services. But certainly, I agree with you that there are other things out there with- we always see, in the press and in the news, it's typically the big organizations that get attacked, because they make great headlines and great stories. But there's thousands of small companies out there that are vulnerable as well, or smaller companies out there that are vulnerable as well. And I'm sure in your experience that you're also helping these smaller companies take protection against.

Laszlo: Absolutely.

Paul: Yeah.

Laszlo: You know, to- even make it more formalized, you know. Our approach and the entry point into the space is in two ways: one is that, you know, simplifying the processes and the steps and the business cycles required that these SMBs and legal firms get protected via our services and products. Number two is using regulatory, especially in the way of insurance, using insurance as a way to incentivize them to acquire protection. Maybe even from a government regulatory perspective, just like GDPR was.

Paul: Right.

Laszlo: Because this way, you know, they can- twofolds, they can lower their premiums on the insurance that they take, and two, the insurance company can assess their risk and assess the premium required to protect, you know, the potential customer.

Paul: Right.

Laszlo: And it's great for the insurance world, because, you know, insurance is a... is what we like the security space to become, a commoditized space. And they are striving and in dire need for additional services that they can offer to their customers. Because, you know, the market is saturated and the- they do not have the ability to easily take away from the other market players. So it's easier for them to grow the market, as opposed to take from another player from the market. And IT security insurance is definitely one service which they- all the people that we talked to in the insurance world, they would love to develop, in a sophisticated way.

Paul: That's interesting. 'Cause I saw this on your web page, and I wanted to come and ask you about the liability insurance, the cybersecurity insurance, because it's something that Tresorit gets asked for frequently. Do we have it? Do we not have it? And I think there are a lot of companies out there, right now, that don't have it. And probably, it hasn't even crossed their mind. Or even, if it's a startup company, but especially in the field of where you're dealing with personal identifiable information, under the GDPR regulations, it's something that should be considered as a must-have, probably. And I suppose, correct me if I'm wrong, but the systems that you decide to use, the systems that you choose, could have an impact on that premium eventually. I mean, maybe it's not so mature yet, but the way things are developing and- around this particular product, that the- your choices that you make with regards to tools and services, will have an impact.

Laszlo: Absolutely. So, you know, I see a perfect metaphor between the health insurance world and the IT insurance world.

Paul: Yeah.

Laszlo: No- you know, for the insurance company, to assess the risk it's taking insuring a patient, first it would like to send the patient to a perfect check-up of all the body parts and all the different aspects of the person's health. And the- this is a, you know, exactly analog to penetration testing on a system or network that the insurance company would like to insure. So it could use security vendors such as us to assess that risk, and then later, it can provide a premium discount if they install our ongoing managed security services, so that it then further reduces their risk in providing insurance for this client.

Paul: And... I mean, a lot more stuff's moving to the cloud now, especially if we look at startups. They're not really procuring anything that's on-premise. They're getting a laptop, they're starting up their- going straight into a cloud service. So... is that something that should also be aware, from that perspective of IT security, choosing the right cloud services, in mind of (inconclusive).

Laszlo: Absolutely. Correct. So IT- you know, cloud-based services add an added level of dimension, you know, in the complexity of IT security.

Paul: Yeah.

Laszlo: And so they have to be separately assessed, of how well they're managing internal security, and then, you know, they have to be assessed when they're actually only used as a particular component of a system or an enterprise of what level of security they're adding to the mix.

Paul: Yeah, yeah. I wanted to go back to something you mentioned, and maybe we can expand on that a little bit, with the risks around mobile. Because we've all got them, and we all take them for granted. We use them every day. We download applications. And of course, there's a lot of data that's being exchanged constantly on them. What's the risk for a business? I think you mentioned to me that particular C-suite can be a target for mobile hacks and mobile devices. So I'd be curious to know where that vulnerability is, and how do you solve it?

Laszlo: So... so... we install, you know, several sensors, about 400+ different sensors that detect, you know, the different actions, both on a device level, and the kernel level that the phone is running of the operating system, and on the application level, you know, the collection of applications that the particular individual is running on that device. And we check different aspects of those applications and the system level as well. For example, you know, many applications leave the clipboard buffer, copy/paste buffer, vulnerable. And then, you know, if you can use the vulnerability of that application to move data in and out of the buffer, then, you know, completely unknowingly, they can be accessing that data and transferring out and having access to vulnerable, sensitive information, as an example. But that, you know, as you can imagine, 400+ sensors, how much information that is collecting from the particular device. And we're even going down to the hardware level now. We're- we partnered with Samsung, and became a developer partner of their Knox environment, which they actually installed hardware features into their phone for security purposes.

Paul: And I suppose my question would be around this is: there's been a lot of news about like Chinese manufacturers and being considered for 5G, various other things, devices... I mean, is there really a concern there, from your perspective? Is there something to be worried about? Or everything is just blown out of proportion. What's your feeling on that?

Laszlo: Absolutely not.

Paul: Alright.

Laszlo: The threat is that all of the manufacturers and creators of software, manufacturers of devices, you know, can put in functionalities and undocumented features into devices, which can, you know, send back information on a backchannel and collect data from the users. And, you know, given the complexity of these products, it's very difficult, you know, given in a time and space and financial assets available, to check how vulnerable these products are. So, you know, Europe and the US is leaning toward just not allowing them at all. So this is what, you know, particularly, you know, the case that we saw in the industry was Huawei.

Paul: Yeah.

Laszlo: That they're completely banned, you know, in different products for electricals, because they realized that they were putting in features which collected data undocumentedly and unknowingly to their users.

Paul: Right.

Laszlo: You know, I can tell you one interesting story that we came across in the company recently, that: We were helping a company which manufactures these entry devices that measure your temperature, your body temperature, and do some biometric checks, you know, during this COVID epidemic, and the device does some verifications. So we were the company to assess the security, given that this inexpensive device came from China, we had to take apart parts of the operating system and look at the- what this device does underneath the hood, outside the applications that are, you know, a company in Hungary was developing, you know, for the utilities on the device itself, for entry- COVID-protected entry into buildings and schools etc. in Hungary. So we realized, after a short while, that in fact, this device that looks so innocent, even though inexpensive, but it was collecting all the information and sending it back to an IP address to China.

Paul: Right. Okay. Yeah, so, I mean, is that- that's a form of espionage, I suppose. Whether it's at a state level or a private level, it doesn't rea- you know, inde- company level. It doesn't matter. That's the point I wanted to try and get to, is that there is- there are methods- these things are just not made up, or it's not, you know, just conspiracy theories. There are actually these things ongoing and happening. Yeah.

Laszlo: In fact, I would say that they're publicizing a lot less cases than they would have, you know, because they're trying to keep this at a manageable diplomatic level.

Paul: Yeah.

Laszlo: But it got blown out of proportion in many cases now. They're doing it, you know, in a blatant way.

Paul: Yeah. Yeah. Okay. Just, I think, what's- you mentioned the COVID situation. And I wanted to touch on that, because it's so relevant now. A lot of people working remotely. What's the challenges around that from an IT security perspective? If you've got an organization, an enterprise. Suddenly it finds all its workers were having to work remotely, or they've enforced that. So what's the challenges around that now?

Laszlo: Absolutely. So with this COVID epidemic, the industry, which was moving toward the zero-trust policy in IT security from a parameter security, it emphasized that effort then. And so the need for such services as White Shark is completely amplified, because they cannot have the ability to make sure that, you know, from remotely, that vulnerabilities don't happen on their network and systems.

Paul: Okay.

Laszlo: That they don't get exposed.

Paul: Yeah. So, I mean, on a typical day, working from home, they are- we're signing in with VPNs, a lot of companies using VPNs right now. What other security measures will we be looking out for? Or should IT security teams be looking out for? When we're working remotely. Or even the employees should be conscious of the fact that they're working remotely. I mean, recently, at Tresorit, we did, I think, some kind of exam or test around the things that we should be doing when we're working remotely from home. So what's your insights on that?

Laszlo: So... you know, in these new environments, or new cases of work environments, where a lot of people are working in so-to-speak "home offices", then many times, you end up mixing in devices into the work environment, which the company did not provide.

Paul: Yeah.

Laszlo: This is so-called the "bring your own device" access model. And this is the access model, which, you know, the type of security services such as White Shark can easily get installed on, and it establishes the sensors required to detect the threats that are potentially there, you know, to access data assets and other assets in an enterprise environment. So it's very important that we can seamlessly install and get installed on even devices outside of the corporate environment. Given that we're in a homogeneous, in a multi-platform environment. And this is quite seamless.

Paul: Right.

Laszlo: You only need the- you know, the user of that device would just need to give one consent that we can install, and after that it's seamless.

Paul: Right. Okay. And so you're basically extending the security bubble beyond the on-premise to these environments, with these homogeneous solution of yours?

Laszlo: Absolutely.

Paul: Okay. I think there's now another thing that I'd like to ask you about, because it's- and I mentioned it before, earlier in the podcast - about these ransomware attacks. Okay? Because I just see so much of it going on. And probably, as you mentioned, there's a lot more going on that we're not even aware of. It's just a few of them get into the news. Especially, it seems to be recently that universities are being targeted. Especially back at home, in the UK. I see that there's a couple of universities that have had breaches. My- one of the companies that I used to work for, British Airways, they've just obviously got fined as well, for having a breach. I mean, is it really a minefield out there right now? Is it that there are just so many attacks that security professionals cannot keep up, and a service like yours can help? Is- what do you see- yeah.

Laszlo: A service like ours can help to prevent such ransomware attacks.

Paul: Yeah.

Laszlo: But, you know, the ransomware attack industry is in such a way that, while there are companies out there that pretend that they can, you know, handle the post-incident and fix data, you know, the solution and the unlock keys available to most of the fresh ransomware attacks are not available to any IT security professional. So the industry works in a way that you have to pay attention to the prevention, because post-incident, you get blackmailed into providing Bitcoin or some kind of financial instrument, and then, instead of unlocking your data, they ask you again to pay in Bitcoin or some kind of other way. So the best way is using a service like White Shark, to actually avoid getting hit by a ransomware attack. Because old ransomware attacks, there are unlock keys for, and there are available methods to unlock your data, but, you know, last- the ones that they created in the last six months to a year, they're usually- there's no solutions for.

Paul: Yeah.

Laszlo: So you get stuck in a blackmail environment.

Paul: Yeah. No, and I think what I saw from this particular case, with the universities... I mean, the systems were offline for a considerable amount of time, which caused a lot of chaos for the students, of course, for the staff as well. By not having some kind of incident plan or recovery plan. I could clearly see from the article that this is the case. And this is what's being reported. Of course, we don't know what the situation is. And we think about these large organizations... but you would probably agree that it's also happening a lot at lower level as well? Okay, so it's not just these-

Laszlo: Absolutely. It's just not being publicized.

Paul: Yeah.

Laszlo: Although we have many cases where, for example, a friend of mine used to be in charge of Nokia in Hungary, his sister in Florida is working in a- the largest dental clinic, and all of their data got, you know, encrypted via ransomware. And they called us too late into that incident, so we established, you know, White Shark for their protection.

Paul: Yeah.

Laszlo: For ongoing, you know, future threats. But, for example, that- in that particular case, the unlock keys are not available for that particular ransomware that they got hit with. So they are stuck at the time. Because if they pay then they keep asking them to pay. So I advise to a lot of these small medium enterprises to install protection, install a security service. Otherwise, sooner or later, they're going to get attacked by one of these.

Paul: Yeah. Yeah. It's very much a case of prevention, because it's the typical old mindset - and I know that I, over time, have grown up with that, "It's never going to happen to me. We're too small. Why would it happen to me?" But then suddenly, something does happen, and there's literally only one way out, which is either to pay, or just shut down your systems, and causing a lot of chaos as well. Okay, and I think, as we wrap up- we're going to start wrapping up now. I wanted to get your views around what's the future looking like for White Shark? But, I mean, also from the industry as well. And one question that comes up, which I've been reading a lot about lately, is: Is there a shortage of professionals within the IT security sector? I've been seeing this a lot, that there's a big demand for IT specialists. Is it a skill set that's missing? Or is it just people wanted to come into the industry? What do you see?

Laszlo: There is no shortage of talent and no shortage of people with the proper skill set. And on what I call a- maybe it's only my terminology, an atomic level. So if you ask somebody to- here's that pacemaker, and dissect it and look at how the software is running and what kind of techniques can be used to penetrate it... there's no shortage in that- in the world, in my view and my experience. What there is a shortage of is IT professionals which understand the overall complexities of how to handle this complex environment. When they have to understand different abstraction layers and different system components. So... and- so, you know, when you grow up, what is sexy in your view? When you're in the IT world, it's always how to be a hacker, how to be an attacker. So actually, we have realized over the years that, you know, we have to train people on a- in a- how you defend against these. So we have very sophisticated training courses, and they focus on defensive skills. And we realize that there's many, many good people that we can find with talent, and then we have to train them to attain these defensive skill sets in the IT security world, which- it's in a more comprehensive way that they can diffuse attacks. You know, but the good news is, you know, there is a saying in America that "Garbage in, garbage out." So, here the input is very good. So the people that we put through these courses are very good. So the output is very good as well, usually.

Paul: Right, okay. And what about people that want to come into the sector? Maybe from university or maybe somebody right now, who is looking for a career change, because of what's happening due to the COVID situation, thinks that somewhere like IT security would be, you know, a long and a regressive career. What advice or what do you see- what insight could you give and share with them?

Laszlo: We're having several, you know, different courses and in cooperation with universities, so that they can engage in one of these courses, and in a few month course, they can get, you know, all the tools and the knowledge and know-how to become one of these adverse IT professionals.

Paul: Yeah. Okay. And I think, finally then, just what about the future then, for yourselves, as an organization, and the industry as well? I mean, I think, recently, there's a massive demand out there for your kind of services, as we see. But what do you see going forward?

Laszlo: I definitely see that we're going to have a very high market penetration for White Shark, and in a simplified environment. And maybe even going towards the freemium business model, where in a mobile first freemium business model, that will let people realize their vulnerabilities with a free application on their mobile, and then they can expand that into their corporate environment.

Paul: Okay. Interesting stuff. So it's mainly, again, with the trend that we're seeing and the trend that you're following as well, is mobile, yeah?

Laszlo: Mobile first.

Paul: Yeah, mobile first. Okay, Laszlo, it's been really, really good to talk to you! I think you brought some amazing insights and stories with it, with yourself. I wish you the best of luck with White Shark. I really think it's a service that's- could benefit a lot of organizations. And organizations certainly need to take IT security seriously. Really happy to have had the chance to have you here in the studio in person! And all the best!

Laszlo: Thank you so much for the opportunity! In the name of the White Hat team as well. It's been great!

Paul: No problem. Thanks a lot! Okay, thank you very much.

Laszlo: Thank you!

Paul: Bye, bye! And that is all for today's episode of "under CTRL". You can find links to all our social platforms and to our guest in the episode description. If you like the show, make sure you subscribe and leave a review. Join me again in two weeks' time for the next episode.