Jan. 26, 2023

#120: Morgan Wright, Chief Security Advisor at SentinelOne

The player is loading ...
The Public Sector Show by TechTables

Morgan Wright, Chief Security Advisor at SentinelOne is an internationally recognized expert on cybersecurity strategy, cyberterrorism, national security, and intelligence, serves as a senior fellow at The Center for Digital Government, chief security advisor for SentinelOne, and the chief technology analyst for Fox News and Fox Business. In addition to 18 years in state and local law enforcement as a state trooper and detective, Morgan has developed solutions in defense, justice and intelligence for the largest technology companies in the world, including Cisco, SAIC, Unisys and Alcatel-Lucent/Bell Labs.

Morgan also discusses his Game of Crimes podcast, which features first-hand accounts from law enforcement professionals involved in major cases. He provides fascinating historical context on cyber conflicts and offers a thought-provoking perspective on emerging threats.

In this episode you'll learn:

  • The critical differences between public and private sector work in cybersecurity
  • How Russia takes the long view of history in cyber warfare and what that means for defense
  • Why human intelligence remains crucial even in an era of advanced technology
  • The concerning implications of deepfake AI and chat GPT for cybersecurity in 2023
  • Why people should never be the first line of defense in cybersecurity
  • How to train employees to recognize social engineering attacks like business email compromise
  • Insights on the SolarWinds hack and lessons for intelligence priorities
  • Why quantity can have a quality all its own in cyber attacks
  • The importance of creative thinking and "hunting" mindset in cybersecurity
  • Book recommendations for understanding military history and strategy


Timestamps

0:00 Intro 
3:12 The Ultimate Meritocracy: 
08:09 K9s4COPs 
19:48 Controlled, Classified, Confidential 
21:25 "One lesson I've learned after investigating crimes: you follow the facts. Too many people want to change the facts to fit their theory. You don't do that. You change your theory to fit the facts." 
29:14 The Fifth Domain 
36:03 Background 
01:38:51 Part II: Cyberspace A History: The Coming Cyberspace Cold War with Russia 
01:49:46 Cyberwarfare and the Strategy of "Low-Intensity Conflict" 
01:59:29 Part III: Cybersecurity Threats Coming up in 2023 
02:01:19 Deep Fake, AI, ChatGPT 
2:22:00 Outro


Full transcript and show notes

Morgan's Guest Page / LinkedIn

Follow the Game of Crimes Podcast - https://gameofcrimespodcast.com/

Subscribe to the Game of Crimes Membership on Patreon! https://www.patreon.com/gameofcrimes

 

***

RECOMMENDED NEXT EPISODES

#173: Doug Ducey, 23rd Governor of Arizona

#168: Morgan Wright and Jamie Grant - Racing to Get Left of Boom: How CXOs Stay Steps Ahead of Nation States Like China and Russia

 

***

WHEN YOU'RE READY

📬 TechTables Newsletter

🎥 Upcoming Events

🤝 Sponsor The Public Sector Show by TechTables - Podcast & Newsletter

***

CONNECT
🤝
Connect on LinkedIn

🐦 Connect on Twitter

🏛️ Follow on LinkedIn Company

📽️ Subscribe on YouTube

***

PARTNERS

Thanks to our friends at SentinelOne for being our 2024 Podcast & Newsletter Partner

SentinelOne: Learn how SentinelOne empowers this state to stay secure or click here: https://assets.sentinelone.com/ghe/sentinelone-empowers

Verizon Frontline: The advanced network that keeps first responders connected when it matters most.

Check out the solutions built for first responders or click here: https://www.verizon.com/business/solutions/public-sector/public-safety/

SAP: Driving digital transformation in cities like Copenhagen. See how they’re making digital strides.

Download the Case Study Now or click here: https://www.sap.com/documents/2021/02/10c410bc-cc7d-0010-87a3-c30de2ffd8ff.html

***

SAY THANKS

💜 Leave a review on Apple Podcasts

🟢 Leave a rating on Spotify

Transcript

Joe Toste [00:00:00]:
You're listening to the public sector show Buy tech Tables, a podcast dedicated to sharing human centric stories from CIO's and technology leaders across the city, county, state and federal agencies. Joining in the conversation and touching the hearts and minds of leaders across technology today, from mission driven leadership to cloud AI to cybersecurity, workforce challenges and more. Never miss insights from peers and vendor partners across the public sector. To make sure you never miss an episode, head over to Techtables.com and drop your email to subscribe. New podcast episodes come out every Tuesday and Thursday, along with weekly behind the mic newsletter. In one of today's podcast podcast sponsors is Techtables plus, an engaging new community where you can have early access to never before released episodes, early access to live event recordings, early access to weekly three interesting learnings, early access to live event ticket purchases, no episode ads and more, plus three extra special bonuses when you sign up today. Bonus number one, access to the CEO show bonus number two, access to the higher ed show and bonus number three, access to the digital show. Join techtables plus today.


Joe Toste [00:01:02]:
As always, thank you for supporting the tech tables network. Today we have Morgan Wright, the chief security advisor at Sentinel one podcast. Co host of the Game of Crimes podcast. Morgan spent 18 years in state local law enforcement as a highly decorated police officer, state trooper, and detective. He solved a lot of cases, interviewed a lot of people, interrogated a bunch of bad guys and suspect girls.


Morgan Wright, Chief Security Advisor, SentinelOne [00:01:35]:
And girls.


Joe Toste [00:01:36]:
And girls. In fact, he was trained by the original members of the FBI's behavioral science unit on serial crime profiling. This led him to training spies and spooks at places like the NSA. Simply, we're going to talk a lot about Morgan's impressive background and resume today. Morgan, welcome to the public sector show by tech tables.


Morgan Wright, Chief Security Advisor, SentinelOne [00:01:59]:
Hey, this is awesome, man. This is a long time coming, so thank you.


Joe Toste [00:02:04]:
This is a long time coming and I'm, I am giddy and I am excited to, to kick this podcast off. But before we begin, today's podcast episode is sponsored by our friends at Sentinel one. Sentinel one redefines cybersecurity by pushing the boundaries of autonomous technology. That's right, right in the background. For those of you on video, Morgan has a Sentinel one logo on his other monitor. With its singularity XDR platform, Sentinel one is the leader in endpoint protection and beyond. Simply put, they stop the bad guys. To learn more, check out Sentinel one.com.


Joe Toste [00:02:36]:
all right, Morgan, did I rep Sentinel one? Well, any changes to my sponsorship pitch?


Morgan Wright, Chief Security Advisor, SentinelOne [00:02:40]:
Well, you'll be receiving a letter of a conditional offer of employment. So we'd like to bring you on board and we have great plans for.


Joe Toste [00:02:46]:
You Joe, that's, that's really funny you say that. I actually was at a dinner in, oh, I think this was Washington DC with this state CISO, Nancy Renasak and it might have been a lunch, I can't remember, dinner, lunch, one of those. And she said, joe, if you didn't run your own thing, I think Sentinel one should hire you. And I was with, I want to say I was with Steve Bell and Brad, that was so funny. I am on my own, but Sentinel one wants to continue to keep sponsoring this awesome content. I will not say no.


Morgan Wright, Chief Security Advisor, SentinelOne [00:03:18]:
You will not say no. Capitalism is great thing, comrade.


Joe Toste [00:03:21]:
Capitalism, yes, we love capitalism. You provide a service, people pay you, and the marketplace decides. And you know, it's kind of funny about the marketplace is some people have forgotten there is a marketplace, but there is a marketplace and whoever provides the best service typically will win, win out. And so that's how we like it.


Morgan Wright, Chief Security Advisor, SentinelOne [00:03:40]:
It's an ultimate meritocracy. I mean you've got to show that you're good at what you do. You've got to bring the right value for the right kind of outcomes that you know, they want. And yeah, again, at the end of the day it's, you know, it's open competition. Look, granted, not everything is full and open because relationships matter, as you find out in this business. Right? So. And that's why we want to build better relationships, higher relationships, deeper relationships. But at the end of the day, if your stuff doesn't work, relationships only carry you so far.


Morgan Wright, Chief Security Advisor, SentinelOne [00:04:07]:
At the end of the day, you still got to provide the outcomes that make your customer, your client, look good, not just yourself.


Joe Toste [00:04:14]:
Yep, that's exactly right. We want, you know, and I think you're right, it's the ultimate meritocracy and incentives matter. I didn't, I mean, I took an econ class in college and you hear about incentives, you hear about, you know, you hear about, you read about in a textbook supply and demand curves. But you really, you know, when I started running this business, it was the ultimate incentives switched. Because if I cannot get sponsors for the podcast, if I can't deliver this, I can't pay rent, I got a wife and two kids. You imagine the incentives on that. You have got to hustle your face off. So when people ask you, how do you work so hard? This is how I got a wife and two kids and I got to pay rent.


Joe Toste [00:05:00]:
So there you go, spending your money.


Morgan Wright, Chief Security Advisor, SentinelOne [00:05:02]:
Right now, as we speak, they're at.


Joe Toste [00:05:03]:
Barnes and Noble spending my money, her money, too.


Morgan Wright, Chief Security Advisor, SentinelOne [00:05:07]:
Like my wife says, there's your money or there's our money and my money.


Joe Toste [00:05:10]:
So, yeah, and I hired my wife. She was a college professor. I hired her to come, to come work. So we worked together, which is great. But it is definitely a. It is a fun ride. It is the ultimate meritocracy. I was actually thinking about.


Joe Toste [00:05:25]:
There's a great book by Mark Cuban, how to win at the sport of business. And one of the reasons I like that book so much is Mark Cuban owns the Dallas mavericks. And so he kind of taught. It's a very short book. He didn't really want to write a book, but it was just kind of his lessons early on. And then, you know, one of his famous quotes in that book is the only thing you can control is your own effort at the end of the day. And, I mean, that's it. It's a great reminder to everybody that the only thing you can control is your own effort.


Joe Toste [00:05:53]:
You can't control. If people want to build a relationship with you, you can't control. They want to come on the podcast with you. You can't control anything. Only thing you can control is your own effort.


Morgan Wright, Chief Security Advisor, SentinelOne [00:06:03]:
Quick side story before you go. One of our podcast episodes is Christy Schiller. Christy is. She created the charity called Canines for cops after she saw a story about a Houston law enforcement officer that lost his dog in the line of duty. So. But when. When we had her on the podcast and we're talking, Mark Cuban actually slept on her couch back when he was just working his way up. And when he started creating his first company, she had the chance to get in on it.


Morgan Wright, Chief Security Advisor, SentinelOne [00:06:27]:
She said, no, I'm going to go do this other thing. And she was telling us about that. One of her great regrets is that she didn't get in with Mark Cuban on the ground floor of his company.


Joe Toste [00:06:37]:
Yeah, that's. Those stories are surprisingly, I have, and it is not at all a humble brag story. I've had a couple of my own. I slept in an office early on. One time I slept, I was living in my car, not the last couple years, but before I was married.


Morgan Wright, Chief Security Advisor, SentinelOne [00:06:54]:
And if you don't get enough sponsors, you'll be back to sleeping in your car, right?


Joe Toste [00:06:59]:
I will. If there are not enough sponsors, I will be sleeping in my car. And so please sponsor the tech tables. Tech tables. So Joe does me so I don't have to go sleep in my car. Yeah, I was sleeping in this old, this old mazda I had at the time. It's. And I think, you know, I started, there's a.


Joe Toste [00:07:16]:
This is actually another. I never got off a little bit of a tangent right now, but. So one of the things I'm doing right now with tech tables is I'm actually splitting the podcast apart. I started as one podcast. Now it's more of a network of podcasts because there's a couple of CEO's that I've actually interviewed and I found the CEO's to be so amazingly helpful. And these are like, you know, to me, they're pretty big companies. They're probably the market caps, probably in that 5 billion range, which has been super awesome. Couple that just come right to mind are like Rob Lacoccio at Liveperson and Blakehall at id me.


Joe Toste [00:07:49]:
And they all have similar stories of sleeping on someone's couch. And I'm like, I don't know why it has to start there, but that's just where it starts sometimes. So, Morgan, did you sleep on a couch? Do you have a couch story? No.


Morgan Wright, Chief Security Advisor, SentinelOne [00:08:04]:
Couch? No, no, no. Because I. Well, no, actually, because I started off life as a police officer, then a state trooper, then a detective. So. Yeah, well, I didn't have a couch. We used to joke our. What's black and gold costs 35,000 and sleeps three. It was a Kansas department of transportation truck.


Morgan Wright, Chief Security Advisor, SentinelOne [00:08:18]:
I would say that every now and then when you're working late hours and, you know, you gotta, you might catch a couple of quick winks, you know, a little bit of shut eye, because. But I will tell you, I did sleep in my office when I was a detective. We'd be working homicides or some big cases, might be some robberies, some things that were going on, or we're looking for a suspect. And I remember a couple times leaning back in the chair, up against the wall of the cubicle, part of our cubicle, putting my feet up on a desk and just, you know, catching a little bit of Z's.


Joe Toste [00:08:48]:
Yeah. How about on the road? Right now, you travel quite a bit like myself. Are you ever super exhausted at the airport? You're waiting for your flight. You go from event to event.


Morgan Wright, Chief Security Advisor, SentinelOne [00:08:57]:
I think everybody is. I try and manage that, too, because it's like, man, you got to stay active. I've got a peloton. I write outdoors, you know, so I try and stay active, you know, doing that, but it's like, it's tough, let me tell you. There was a time when I, when I was in previous jobs like at Cisco, I had a global role. Bill Labs, I had a global role. I'd be going to Malaysia and Australia and stuff like that, but I'm not that person anymore. It's like I got to be number rule number one.


Morgan Wright, Chief Security Advisor, SentinelOne [00:09:21]:
My rule for travel, I do not do red eyes, period, ever. No more again.


Joe Toste [00:09:25]:
Yup.


Morgan Wright, Chief Security Advisor, SentinelOne [00:09:25]:
If its not during my regular hours, ill, ill stay the night and ill go the next, ill get up, ill get up early the next morning. But I dont do red eyes because the effect it has at my age and how long it takes to recover from it, you know, significant. So right now its about preserving my health, which preserves my energy so I can do this kind of work. So. Yeah, but there are times, man, I tell you, last year was more travel than I anticipated. I havent been a one k on United since 2012. So I made one k in December on my last trip. And it's like, it's a huge difference flying back.


Morgan Wright, Chief Security Advisor, SentinelOne [00:09:58]:
I can't remember. I was flying back from, I think I was flying back from San Francisco, actually. I was doing, yeah, doing a tour out there and I got to fly on a 787 Dreamliner. I got upgraded to first class. It was like, oh, yeah, that was good.


Joe Toste [00:10:13]:
I love that. That's kind of so I love Delta. It's just, it's my airline. If I can do it, I'm going to fly Delta. And I, my kind of hack is I've got, I can't get to whatever their last one is, diamond or whatever because you've got to spend an insane amount of money. But I've got to, I think it's platinum. So what I do is I just buy a main cabin ticket and then immediately you get upgraded to comfort plus, which is awesome. So, like immediately.


Joe Toste [00:10:39]:
So I get, I always get a comfort plus seat. And then within 20 or I think now it's 48 hours before the flight, if there's a seat, I just get, you get on the list and like half the time I end up in first class and I just bought a main cabin ticket and I'm like, this is awesome. But I found too, like, because, I mean, I don't do red eyes either. It's very difficult and it definitely wrecks me the next day. So I'm gonna stay. Yeah, I'm gonna stay in a hotel. I got a peloton. I don't know what could see if I got a peloton right over here.


Morgan Wright, Chief Security Advisor, SentinelOne [00:11:08]:
Yeah.


Joe Toste [00:11:08]:
I actually started going to the gym also to do this. Like, it's more like group fitness conditioning and mobility. And so I've been lifting weights and just getting stronger. And, like, my body feels great because sitting, I mean, you, like, right now, like, we're sitting and, like, it's. You can't sit all day and not exercise. You'll. You'll just break down at 40 and you won't be able to work. Um, but I had some folks where.


Joe Toste [00:11:33]:
Cause I travel a lot, and. And I. I go to hotels and people go, man, I want this life. And I'm like, you don't.


Morgan Wright, Chief Security Advisor, SentinelOne [00:11:41]:
You know, it's not a badge of. There was a time where I was a one k on united. I was the top tier at Hilton. I was the top tier at Marriott. And, you know, and then you realize, you wake up one morning and you go, where am I at? What am I doing here? Who am I supposed to be seeing? And it's like, you know, so it's like, it was a friend of mine told me, look, death is nature's way of telling you to slow down, you know, and have a life. So, you know, every now and then, you got. It's just like, so for me, it's not. I've done all the travel.


Morgan Wright, Chief Security Advisor, SentinelOne [00:12:07]:
I've been 50 different countries, you know, we'll talk about some of that later. It's like. But people think, oh, God, it's got to be so fun and glorious. Let me tell you what a lot of those trips were. You fly in before Uber and Lyft, and in some of these countries, none of that stuff existed anyway. So you take a taxi to the hotel, you go to sleep because of the times unchanged. You get up, you do your meetings. The next day you go to a restaurant, you have dinner, whatever, go back to the hotel, you know, whatever.


Morgan Wright, Chief Security Advisor, SentinelOne [00:12:30]:
It's like you. Very rarely did I get to go out and see stuff now. There were times where I would take some extra days. I took my wife with me on a trip one time when we went to nice, France, because we were meeting at the Cisco offices in Sofia, Antipolis, and we went to, we went to Monte Carlo, we went to St. Tropez. We made a weekend out of it. But, you know, you don't get those. You got to take those chances.


Morgan Wright, Chief Security Advisor, SentinelOne [00:12:50]:
She went with me to the Bahamas on a trip. And so, I mean, we've done that a few times, but most of the time, it's like I'd be going to, you know, Malaysia, Indonesia. It's like, you get down there, you do your work back on a plane. Coming back, you can only do that for so long before it's like, okay, you need rest, you need recuperation, but you need family time, too.


Joe Toste [00:13:09]:
Yeah, you need family time, the night. And one of the things I really like when I was an employee, I think it's really hard when you're an employee for a company because they write the rules for what you can do for travel. And as the business owner, what I love is I just. My wife comes, she'll come with me. So we were talking about the Orlando live podcast tour. She's going to come, and the kids are actually going to come, too, which is great because they're going to go to some theme park also down there. And that, I think, eases the, like, hey, I'm on the road. Family burden piece, which is a ton of fun.


Joe Toste [00:13:42]:
The school year is probably the hardest, especially now we've got a 13 year old and a four year old. And so the 13 year old hasn't really gone on any trips. She's going to come to Orlando. It's just normally too tough during the school. She. I think this time, because there's the theme parks she's going to, she'll take off school. The four year old, you know, they're all about routine. And so when we pull him, he gets all grumpy like the kids do or like adults do.


Joe Toste [00:14:09]:
If you mess up people's routine. Yikes. But they're very excited.


Morgan Wright, Chief Security Advisor, SentinelOne [00:14:12]:
Funny. My cats are the same way, too. Got the same routine with them every morning. And if I'm not around, the wife pays the price.


Joe Toste [00:14:19]:
Oh, no. So the cats are sitting. Now, what are the cats names, by the way? I know they're hanging out next to you right now.


Morgan Wright, Chief Security Advisor, SentinelOne [00:14:25]:
Well, one is here, one is in the front room. But, like, folks watching video, there's one of them right there. That's Fanny. So I have. I've got several places around the house. So that's Fanny. I named her after Phantom of the opera because when we first got him, we picked them up kind of like from a rescue association. So I looked at her, she was like, she's so cute.


Morgan Wright, Chief Security Advisor, SentinelOne [00:14:44]:
And the person says she has a sister. We'd hate to split them up. So we ended up with a two cat deal, but. So her face looks like Phantom of the Opera. It's almost all white, except for some gray on the one side. So I called her Fanny for Phantom of the opera. And I was trying to think of the name for the other one. And my wife is an avid gardener.


Morgan Wright, Chief Security Advisor, SentinelOne [00:14:59]:
She's a master gardener. Got the certification through Virginia tech, you know, and also, I'm walking down our steps, and she grows a lot of roses. And I was looking at. Look at that. The roses, you know, you know, just starting to blossom out. There's a couple rosebuds there. And I said, that's her. And let me tell you what the names absolutely describe.


Morgan Wright, Chief Security Advisor, SentinelOne [00:15:15]:
Rosebud is such a tender little kitty. She has feelings. They get hurt if I'm not in my chair at a certain time at night, if she doesn't sleep with me in a certain position, if they don't get their snacks at the right time, you know, first thing in the morning, if they don't get fit. I tell you what, it was easier raising kids than cats, I think, sometimes.


Joe Toste [00:15:33]:
And there's the quote from Morgan Wright, easier raising kids than cats. You heard it first on the pod. That's awesome. Okay, so I've got some questions about bio. I got some questions about your bio. What's the difference between a spy and a spoon?


Morgan Wright, Chief Security Advisor, SentinelOne [00:15:48]:
You know, not really much. You know, I live in Virginia, so it's really about the same. Now, there are some people, you'll find some people that are covert. In other words, their identity is covert. They do not. They. And, in fact, that's part of what's called diplomatic cover. You work under a covert identity.


Morgan Wright, Chief Security Advisor, SentinelOne [00:16:02]:
So you will be working for the state Department, and you will be the, quote, attache for the Department of agriculture or something like that. But you're actually a CIA case officer, an operations officer. And. But then on the other hand, they've got the people who, what they call non official cover, for example. And they have. They are not a. They're not under any kind of diplomatic cover. If you have diplomatic cover and you get caught, you have a.


Morgan Wright, Chief Security Advisor, SentinelOne [00:16:24]:
You have an out. I used to carry diplomatic passports, so, hey, might keep them for a while, but eventually you got to turn them over and they got to go because you don't want us getting your diplomats. And a lot of people in the intelligence community work under diplomatic cover, but then you get the, you know, so spy spooks, kind of interchangeable. Well, now, here I will tell you, northern Virginia, we are replete with intelligence agencies. I can throw a rock in my neighborhood. I can hit somebody who's on the vice presidential protection detail for the secret Service. I can hit people from the CIA, the NSA. So spies a lot of time with people, you think, operational spooks, maybe folks like at NSA or the National Geospatial Intelligence Agency or, you know, some other stuff.


Morgan Wright, Chief Security Advisor, SentinelOne [00:17:02]:
They do a lot of technical stuff. So kind of. They do spook stuff, but a lot of spies are really the ones out in the field, and then spooks are kind of combination of those and maybe people behind the scenes.


Joe Toste [00:17:13]:
Okay. And who did. Who did you enjoy training more? Was it. Was it the spies or the spooks?


Morgan Wright, Chief Security Advisor, SentinelOne [00:17:19]:
Both. I mean, it was really. Well, quite frankly, a lot of times when you do training, you don't know who, what category they fit into. So, like teaching out at the NSA, we had what they called damage assessment agents. So when there is a release of classified information, the intelligence communities do not have the authority to investigate crimes. That's the province of the FBI. So the FBI, they're counterintelligence folks. In fact, the person who's in charge, permanently assigned out to the CIA in charge of counterintelligence is an FBI agent.


Morgan Wright, Chief Security Advisor, SentinelOne [00:17:46]:
So they are the only people that have the authority to investigate crime. But what these other members do is they assess damage to national security, and that means using polygraphs. You know, they investigate leaks, how those things go. So a lot of the training, especially on the behavioral side, was to teach them the ways to interview and interrogate or, as they say, interview and elicit information from people during the course of their damage assessment investigation. So, you know, you had a combination. But I did end up training FBI, CIA, Fort Meade guys, but at the same time, state, local law enforcement that involved in interviewing people involved in, you know, crimes involving, you know, crimes against people, crimes against, you know, serious crimes like that.


Joe Toste [00:18:25]:
I am not as educated in this area, but I am a little bit curious. So the Supreme Court docs during the roe versus wade that got leaked, is that. Does that count as a national security.


Morgan Wright, Chief Security Advisor, SentinelOne [00:18:38]:
No, it's not classified information. So, technically, under the law, that is not. In fact, they were having a hard time turning it. Turning it into a crime. They're trying to figure out what was the crime. Right. So there's some things about release of government documents without authorization. I mean, there's.


Morgan Wright, Chief Security Advisor, SentinelOne [00:18:52]:
They're kind of stretching it, but, no, that's not a. Because for it to be a crime, there's categorizations in federal law, United States code, and the particular titles. But they tell you that's why there's different markings. Like, there what they call controlled but unclassified. That's basically. It's not classified information, but it's like, that's sensitive. We don't really want to release it. It used to be called for official use only, but controlled but unclassified.


Morgan Wright, Chief Security Advisor, SentinelOne [00:19:13]:
Then they have confidential. So that's the first level, then secret, then top secret, and then above that, you get into categorizations like top secret, sci, sensitive, compartmented information. So, and then you have special access programs and stuff. But as you go up each level, they define what the risk is to the United States if that information were released. So obviously, confidential information, less risky than top secret information. But there's, it's still a, it's still a crime. But the penalties for confidential versus top secret, you know, the court's going to weigh those things. So.


Morgan Wright, Chief Security Advisor, SentinelOne [00:19:45]:
But with the Supreme Court, no, that was a, there's still challenge with trying to find exactly what would the crime be, as much as it was basically a violation of the, the secrecy that goes around, the discuss, the deliberations, you know, in the court.


Joe Toste [00:20:00]:
This is a great insight. And for those of you who are listening right now, you're like, I mean, I basically read the Wall Street Journal, and sometimes I'm like, what are we? Like, the inner workings of this really are. I mean, I just get the 30,000 foot overview level. I'm kind of curious. I got one more. I'm just, because I'm curious. We've got, Trump's got some documents in his mansion in Florida. Biden's got some documents in a trunk in a garage.


Joe Toste [00:20:28]:
Was there a crime committed? Not a crime committed. Does that count as a crime? What are your, I'm just super curious. What are your thoughts on that?


Morgan Wright, Chief Security Advisor, SentinelOne [00:20:35]:
Well, certainly, look, so I'm very careful, too, because what I tell people, especially when I do a lot of stuff for the media, I do ones and zeros, not rs and ds. But this is actually something my partner on the podcast and I have talked about, by the way, my partner, I just got to pimp him out real quick. If you guys have ever watched narcos and seen the takedown of Pablo Escobar, my partner is Steve Murphy, one of the two DEA agents that brought down Pablo, that they made the series narcos about on Netflix. And, but this is actually one of the questions we did on our Patreon channel. People said, you know, what about that? And I said, look, our position is if you take, if you are in violation of taking classified information, everybody, the penalty ought to apply to everybody the same. Now the law talks about, you know, did they knowingly do it? In other words, you could have an you. That's why you have to do the investigation. So you have to do the investigation to find out.


Morgan Wright, Chief Security Advisor, SentinelOne [00:21:20]:
Was this like one sheet of paper that was in a thousand sheets of paper? But it was in a section that was for personal papers, and somebody inadvertently put it there and it went out the door. You know, that's why you have to do the investigation, to find out. Or was it that you knew you had this stuff or you took it, and once you're in possession of it, you should have given it back. So some people say, well, Trump did this and Biden did this. Look, at the end of the day, the biggest thing is, what's the information? Was it exposed to anybody? What's the damage to the United States? And that's why you have to treat those, quote, as a crime scene, you know, because what you want to do is preserve it, collect the information so that you can go back later and determine how did these documents get here? What was the route they got to. You know, I have questions on what Trump did. I mean, I have questions on what Biden did. You know, just because it's topical right now, it's happening.


Morgan Wright, Chief Security Advisor, SentinelOne [00:22:07]:
My biggest question is, look, Joe, normally when you have people moving papers around, their interns or their low level employees, I am flummoxed as to why high paid attorneys are in there moving boxes of papers around. So you always have to be careful, especially in Washington, when you jump into the middle of a narrative, what the real beginning is. Where did these papers go from the White House? What path did they take to get to the Penn center? Or what path did they take to get to his home? And who handled those things? So, look, there's a lot of questions, and it could be, it's totally inadvertent. I hate, you know, one lesson I've learned after investigating crimes and stuff, you follow the facts. You get, you got to just, you cannot. Too many people want to change the facts to fit their theory. You don't do that. You change your theory to fit the facts.


Morgan Wright, Chief Security Advisor, SentinelOne [00:22:49]:
So for me, I'm very clinical about it. It's almost like when I, when I hurt my knee and I had a orthopedic surgeon come in, he basically took a pin, a clothespin, and jammed it into the heel of my foot. And I screamed and it yelled. It made no difference to him. Pain is a diagnostic tool. He was very clinical about it. So you have to be very clinical about these things. You got to take as much as you.


Morgan Wright, Chief Security Advisor, SentinelOne [00:23:10]:
I know it's not the agents. It's usually the agency. So I know people pile onto the FBI or the secret service or other folks. Look, I've worked with a lot of these folks. It's usually not the agents. It's the agency, it's the politics at the upper levels. But at this point, what you got to do is you've got to, you've just got to follow the facts and go where the facts lead you. Now, by the way, the FBI does not prosecute.


Morgan Wright, Chief Security Advisor, SentinelOne [00:23:28]:
The FBI does not make decisions about prosecuting. That's up to the US attorney. And so at the end of the day, or the special counsel that they've appointed. So at the end of the day, it's up to them. And by the way, here's a fun fact, just so that your folks know, especially if you're at the federal level, you just don't go willy nilly, start investigating stuff. A lot of times you have to have a predicate offense. So you have to have enough information to where you go to the us attorney and you say, look, if we make this case, if we build it, will you prosecute it? Because the last thing you want to do is spend three or four years working on a case to take it in front of an assistant US attorney somewhere and have them go, yeah, we're not interested. What did you guys do this for in the first place? So there's always cooperation with the Department of Justice and the us attorneys as you work on cases, and it's no different here.


Morgan Wright, Chief Security Advisor, SentinelOne [00:24:08]:
So biggest thing is here, Joe, we got to get to the facts. We don't know all the facts yet. And until they come in, you know, if you don't keep an open mind, you close off, then you start, you start with an end in mind, and then you work your investigation towards that and you taint the way you look at information. So you have to stay as objective as you can as you're collecting the facts.


Joe Toste [00:24:29]:
I love this. So this is absolutely fantastic. I'm just going to plug two things. One, if you want more of this, and I didn't even set this up, this is just how went. I just isn't even in the notes I wrote. Go to Morgan's Patreon channel. I think it's the game of crime is Patreon channel.


Morgan Wright, Chief Security Advisor, SentinelOne [00:24:47]:
We have two things. Yeah, gameofcrimespodcast.com, dot, you'll find us all over. You know, we're on any platform, gameofcrimes. And then patreon.com, gameofcrimes, we've got several things that we do, but we go into case of the month, we talk about, we do some fun things, too. We analyze 911 calls. You know, we'll do things. Our monthly bonus video. We analyze movies.


Morgan Wright, Chief Security Advisor, SentinelOne [00:25:04]:
We rate them on the narco meter scale of one to ten kilos, accuracy, authenticity, believability, and in fact, we actually had. So the North Hollywood shootout involved. You know, the. You know, the series of robberies that were going on with the big shootout that was on tv. One of the LAPD guys, Rick Massa, was on our show with us Christmas a year ago last, because we did die hard, the greatest Christmas movie ever made. And he was on there to analyze LAPD tactics. And we both agree there's no. They've.


Morgan Wright, Chief Security Advisor, SentinelOne [00:25:31]:
In all his years on LAPD, he never heard somebody say, maintain your reconnoiter, which is one of the stupidest lines out of that movie.


Joe Toste [00:25:44]:
That is hilarious. Okay, so I'm becoming a Patreon member. This is. This is awesome. I love it. Also on the merch site, they've got this sweet coffee mug. Now, I confess I dropped the ball. I'm very good about normally capturing information in my commitment tracking system and then processing that information.


Joe Toste [00:26:02]:
I meant after I met with Morgan the first time, to order the coffee mug to have on this podcast, and I just dropped it.


Morgan Wright, Chief Security Advisor, SentinelOne [00:26:12]:
Good. No, no, it's. Look, that's actually. This is not about that. Look, I appreciate you bringing that up. Obviously, sentinel one sponsoring this not Game of Crimes podcast, which you can find on any major podcast platform, by the way, if we haven't mentioned that, by the way, we found out, too. We are in the top zero, 5% of all podcasts in the world.


Joe Toste [00:26:29]:
I love that. That's. That's amazing. Tech tape. The tech tables brand is not that big. But I am very proud that if you were to type in public sector into Apple podcasts, it's me, Microsoft and McKinsey are the top three in the public sector.


Morgan Wright, Chief Security Advisor, SentinelOne [00:26:47]:
So you're competing against the big boys. That's way to go.


Joe Toste [00:26:50]:
Yeah, we're competing against the big boys. We like that. And there's a lot of public sector podcast stuff out there. So we are. We're pretty pumped to be. To be there. And hopefully we will. We're going to take that number one.


Joe Toste [00:26:59]:
Take that number one spot, I think just on the pure amount of content that we are, we are trying to push out.


Morgan Wright, Chief Security Advisor, SentinelOne [00:27:05]:
So I'm pretty sure it's not just content. I will tell you, people got to love your content, too. So you have to give them a reason to come back. And that's why with us, like, we do long form, we don't do short form stuff. We do. Everything we do is long form. Many of our interviews are 3 hours or longer. But we've had the people who ran the investigation on the green river killer case, Dave Reichert.


Morgan Wright, Chief Security Advisor, SentinelOne [00:27:21]:
We've had actually the guys. So Vit, Brittany Griner and Victor Boot were just in the news. We had the DEA agent who ran operation relentless to get Victor Boot. So he's been on our podcast. We've had victims of crime, victims of sex trafficking. George Young, who is Pablo Escobar's business partner. We got the last podcast with him. I mean, the capture of El Chapo, I mean, the guy who pulled Saddam Hussein out of the spidey hole.


Morgan Wright, Chief Security Advisor, SentinelOne [00:27:43]:
You know, we've got, I mean, we've got so much great stuff. But the best thing about that, it's like this. They tell their story, we let them tell their story. It's about them. We've got everything. The Breonna Taylor case in Louisville, Kentucky. We have the sergeant who was the first person through the door got shot in the leg. You know, the thing we like about that is that it changes people's perception of what really happened.


Morgan Wright, Chief Security Advisor, SentinelOne [00:28:01]:
So when you get first person narrative, and it's from the people who were there that wrote the book, we probably have 40 books on our webpage from all the episodes we've done, people who have written books about what they've been involved in. So it's just. No, it's really awesome. We, you know, we got great guests and they tell great stories.


Joe Toste [00:28:16]:
Yeah, yeah, I feel. I feel the same way. We've got a great guest on today. I love that. So one last thing about, before we go a lot deeper, is your sister. So you're in your bio. Your sister once accused you of being a spy because you were spending a lot of time in foreign countries like Pakistan, Turkey, Colombia and the Middle east. You said you can't prove it.


Joe Toste [00:28:37]:
So there. Now, is that an effective mantra? You can't prove it. So there, how does that work with your wife, your kids? Like, do you use that on a regular basis or.


Morgan Wright, Chief Security Advisor, SentinelOne [00:28:46]:
Well, so there's an old joke between the law enforcement and the military is they say no waiver, no statement, no polygon. So it meant nothing. Deny everything, make counter accusations. And so it's one of those things is like, look, but again, at the end of the day, it's like, it's not what you believe, it's what you can prove, you know? And it's. That's. That's way it is with law enforcement. It's, what can you prove? I think you did it. Well, can you prove it? Same way in a court of law.


Morgan Wright, Chief Security Advisor, SentinelOne [00:29:06]:
So, no, that's not a mantra. I don't use that with my wife. Well, you can't prove I left the toilet lit up. Well, there's only two of us in the house, and you're a guy, and I'm not, so I don't need to. I mean, it's pretty self evident. So, you know, there's. There's things like that. So, no, I don't use that as a regular mantra.


Morgan Wright, Chief Security Advisor, SentinelOne [00:29:19]:
That was more just gotta have, gotta poke fun at yourself, you know, on these bios on our podcast page, which, by the way, is gameofcrimespodcast.com, if I didn't mention that before.


Joe Toste [00:29:28]:
I love that. Okay, so we've. I've decided to break up this podcast into three sections. So for everyone listening, that was kind of. Kind of the intro piece of it, but I want to dive really into. I'm gonna call. Part one is background on Morgan. So that's gonna cover everything from his kind of early stage police officer, state trooper, detective, will move into kind of that FBI journey, will transition when he moves into the private sector.


Joe Toste [00:29:56]:
We're going to talk about what it means and the priorities of a chief security advisor. As Sentinel one, we're going to. We're going to even talk more about the podcast game of crimes. And then part two, I want to dive into cyberspace a history. The coming cyberspace cold war with Russia. This is based on a presentation that Morgan has given to his private clients. Maybe a couple of keynotes. And if he's okay with it, I don't know.


Joe Toste [00:30:23]:
We'll ask him right now.


Morgan Wright, Chief Security Advisor, SentinelOne [00:30:24]:
Oh, yeah, I give it publicly, so. No, it's based on a war game exercise I did early on called cyber Strike Warfare in the fifth domain. About. I presented this out at the National Defense University to some feds and some other folks, but it's, how would Russia invade Ukraine? And believe it or not, about 85% of it is what they did.


Joe Toste [00:30:43]:
And we're going to talk about that. We're also going to overlay the photos. Morgan shared his slides with me. So kind of on the post production side. What we'll do is if you're watching this on video, you will be able to have the images kind of overlaid on the screen. By the way, inspiration for cyberspace a history came from. My daughter was recently reading Hogwarts a history. And so I saw the book, and I was like, how about cyberspace a history? Fun fact.


Joe Toste [00:31:09]:
And then part three, we're going to wrap up with cybersecurity threats coming up in 2023. It's early on in January, so we've got a long year ahead of us. And love to hear about Morgan's insights on that front on this Martin Luther King junior Monday. All right, let's kick off with part one. With 18 years in state and local law enforcement service, let's dive deeper into your background as a highly decorated police officer, state trooper and detective. How did you get your star and what inspired you to choose that line of work?


Morgan Wright, Chief Security Advisor, SentinelOne [00:31:45]:
I grew up in a military family. My dad, like I said, was World War two in the Vietnam Fett. So I grew up as a military brat. I was born at Fort Riley, Kansas. We moved around the world. I grew up in Iran, went to kindergarten, first and second grade there. I spoke Farsi fluently as a ute back in the day. So, you know, and it was just being around, I think that that culture, that ethos and stuff.


Morgan Wright, Chief Security Advisor, SentinelOne [00:32:04]:
And then I was trying to, but I was. But I had, believe it or not, I had a, one of my talents was music, so I could pick up instruments and learn them very quickly. So I started in the 6th grade, one year behind the other kids, but I caught up and passed them. And I actually ended up with music scholarships to college. I had three different offers, but I was, I said, oh, I'm going to go into music. I'm going to. I wanted to play. Believe it, I'm dating myself.


Morgan Wright, Chief Security Advisor, SentinelOne [00:32:25]:
But back in the day, I wanted to be in the Johnny Carson band because Doc Severson was friends with the music director in Concordia or Clay Center, Kansas. And clay center was in our league school. I grew up in a little town called Chapman, north central Kansas. And we actually got to go hear Doc Severson play, and I got to be a part of that and in the jazz band. So I'm like, I want to go to the, I want to go to Hollywood and play in the Tonight show band. But broke college kid, you know, working at the local stop, and Rob and a state trooper kept coming in, got by the name of Ken Massey, and finally said one night, I said, hey, you want to go out for a ride? I said, yeah, sure. I mean, I always been interested in law enforcement, so I went out for a ride with him. I said, yeah, this is what I want to do.


Morgan Wright, Chief Security Advisor, SentinelOne [00:33:02]:
So it was fun, the uniform, the culture, you know, the stuff. So that's kind of what got me started.


Joe Toste [00:33:08]:
So if Ken didn't walk in and, I don't know, did you have a previous relationship with Ken or.


Morgan Wright, Chief Security Advisor, SentinelOne [00:33:16]:
I was just, I was working the weekends at the stop, and Rob and he would come in and, you know, take a break during a shift or come in, you know, get a snack or something. So that's. I mean, I probably would have gravitated towards something like that, but that just accelerated it further. Actually, if it hadn't been that, I would have been. It hadn't been for a knee injury. I would have been flying helicopters in the army. I was in ROTC, and I had my packet sent to Fort Rucker, Alabama, and a six year old kid hit my knee while I was roller skating at thus end of my flight career.


Joe Toste [00:33:45]:
Ouch. That sounds like it hurts. So, music scholarship. So you're talented. You have this dream. Ken comes in, you hop in the car, you're totally sold out. Love that you serve 18 years. Like, what.


Joe Toste [00:34:02]:
What keeps you motivated to go that long? I mean, I'm sure there were some really hard days. Like maybe talk. Yeah, talk about that for a little bit.


Morgan Wright, Chief Security Advisor, SentinelOne [00:34:11]:
Well, look, it's. Look, I mean, there are some that. There's probably. There were probably more worse days than there were good days, because when you get into doing certain kind of things, it sucks. Working, fatality accidents, giving people the worst news they're ever going to get in their life. Dealing with people who, simply because you have a uniform on, they disrupt, and so they spit at you, they kick, they call you names, they threaten your family. I mean, it's. Look, it just.


Morgan Wright, Chief Security Advisor, SentinelOne [00:34:31]:
That's part of that. Just goes with the job. But I probably would have stayed longer, except for two things. Number one, Kansas did not really have a good retirement system. In other words, your age and years of service had to add up to 80 before you could retire at 55% of what you couldn't afford to live on at 55% of what you couldn't afford to live on in the first place. So it made it difficult. But, I mean. No, but I love the work.


Morgan Wright, Chief Security Advisor, SentinelOne [00:34:51]:
I mean. But the other thing, too, is you've got to. At some point, you go, hey, look, you've got to take the risk. If you want to play on a bigger stage, you got to take some big risks. And somebody explained it to me one time, it's like being a great. It's like being a great shakespearean actor that plays to an empty house every night. It's not fulfilling. I mean, you want to do something bigger.


Morgan Wright, Chief Security Advisor, SentinelOne [00:35:08]:
So the other thing, too, it's. It's. It's a tough business. I lost more friends to suicide than I did in line of duty. Death. And that is it a tough business. They talk. I know they talk a lot about the military.


Morgan Wright, Chief Security Advisor, SentinelOne [00:35:18]:
22 a day. That is a. Just a horrendous. That's an abominable number. But I don't think people realize that we lose three to four times as many to suicide than we do that are killed each year and reported on in the statistics with law enforcement. So not quite the same numbers because, you know, as the military, but it's high. And so I think it's a. It is a tough business and it is a tougher business today to be in than ever.


Joe Toste [00:35:42]:
Yeah, that's. That's really heartbreaking. I didn't actually think about the suicide stats for police officers, but, yeah, it's got to be really hard today, especially with the culture and the environment we're at. Yeah. Just hope they're getting their. The support that they need. Probably not, but I'm hoping it's not.


Morgan Wright, Chief Security Advisor, SentinelOne [00:36:01]:
As taboo as it used to be. You didn't used to talk about this. You didn't used to talk about your feelings and ideations and stuff. And now it's like, dude, you need to do it. Because guess what? You affect a lot of other people, your family most of all, you know, your friends that you work with. So, I mean, yeah, it's something that's becoming more recognized and being dealt with. It used to be taboo, but now it's really front and center. In fact, the Department of Justice, through what's called the Criminal Justice Information Services division of the FBI, they now have a voluntary program, but it's to collect statistics because there's far more, I think, attempts and suicides than what we know about.


Morgan Wright, Chief Security Advisor, SentinelOne [00:36:32]:
So it's a voluntary effort right now to find. To report data and find out what's the actual impact.


Joe Toste [00:36:40]:
Was it you? I can't remember.


Morgan Wright, Chief Security Advisor, SentinelOne [00:36:43]:
I know. Admit nothing. Deny everything. Demand proof of pictures. Sorry. It goes back to our mantra. Yeah. Was it you?


Joe Toste [00:36:50]:
I can't remember where I picked this up, but it had to do with when you see a suicide sign that you're more likely to commit suicide if there's like a suicide help sign.


Morgan Wright, Chief Security Advisor, SentinelOne [00:37:03]:
No, that wasn't me.


Joe Toste [00:37:04]:
I was not you. Okay. Yeah, no worries. Because the only reason I was thinking about that was I drove down to San Diego and there was a sign, and on the freeway it said, looking to commit suicide, call this number. And apparently someone told me the opposite is what happened. It happens. So I don't know if that's true or not, but they should probably take that sign down. If the stats on that are the opposite.


Joe Toste [00:37:28]:
Yeah.


Morgan Wright, Chief Security Advisor, SentinelOne [00:37:28]:
Yeah. I would even say from the wording, I wouldn't have phrased it like that. So look, everybody needs help. If you need help, call here, you know, without reinforcing. You want to commit suicide? Yeah, I think I'll do that today. No, you know, it's just I'm not. I've had experience, but I'm not an expert on it. But I know enough to know is that I called out some friends, actually, somebody I used to work with.


Morgan Wright, Chief Security Advisor, SentinelOne [00:37:45]:
I was on the phone with him one day and it's kind of like, I know you've thought about. You've thought about killing yourself, haven't you? The line went silent for 10 seconds. I ended up. It was on his ass. I said, you need to get some help. And he took a three month leave of absence. It was paid, fortunately, because I was at a, I won't say the name of the company, big technology company, but he was able to take some time off and get his head straight. But I called.


Morgan Wright, Chief Security Advisor, SentinelOne [00:38:06]:
I mean, I refused. After. After a couple incidents, I said, I refuse to sit by anymore. If I think that's what you're up to, and I think that's what you're thinking, I'm going to call you out on it and I'm going to force you to deal with it. I'm going to make sure it's uncomfortable, because guess what? You know, it's really uncomfortable is having me go knock on your door as a state trooper or detective to give your family the bad news, which I worked quite a few suicides and had to do that. So I said, you know, I'm being selfish. I'm not. You're not going to do that to me, so I'm going to call you out on it.


Joe Toste [00:38:31]:
Yeah, well, good for you for making the call out, I think. Good. Good for the friend to accept the call out. I'm going back to what you were talking about earlier about the facts. I'm also huge on reality. Too many people, and I coach high school basketball, so I've got deal with kids all the time who don't want to face reality. And reality hits some of these kids. To them, it's pretty harsh when they're sitting on the bench and they're not playing and they're asking and they're their parents getting involved.


Joe Toste [00:39:00]:
Why isn't my son playing? Well, your son had seven turnovers. He's not playing right now, or they think they're better than other kids and, you know, being able to handle reality and then make the adjustments that are required, I think, is kind of a little bit of what we're missing today, but also what makes a mature adult. And it could be easy as going to the doctor. I mean, I went to the doctor and I got diagnosed with some stuff and had to make some adjustments. And, you know, you can kind of tell yourself the own narrative, or you can look at the facts and take.


Morgan Wright, Chief Security Advisor, SentinelOne [00:39:31]:
The world as you find it, not as you wish it was. I mean, you can, there's some sayings about wishes I won't repeat on here, but it's like, yeah, you know, but it's like, but you take the world as you find it. So. And that's why one of the phrases I despise and I do not use, and I penalize people if they use it, called the new normal. There's no such thing as, I mean, don't say new normal because that implies that I'm supposed to accept. Instead, what I look at is what's my reality today? What is it I can do today that I can actually affect? I can actually change? I can't change what's going on in Indonesia or Australia. I can't change what's going on in Italy. I can't, you know, so I don't get, I can, I don't get worked up over the news.


Morgan Wright, Chief Security Advisor, SentinelOne [00:40:05]:
In fact, I've, because of the work I've done over the years and with the news and media organizations, I watch very little, if any of it anymore because you know what? There's nothing I can do about it now. I will read up on some things. If I have to get on the radio or tv and talk about a topic, I'll go do some search, find out, you know. You know, hey, what's current, what's going on? You know, just so I can opine on it. But, yeah, you can get yourself wrapped around stuff you can do absolutely nothing about. Well, you know, I care. Well, I care, too. But why show I care? I have, I have two charities that I donate to on a monthly basis, and anybody else, I get the phone calls.


Morgan Wright, Chief Security Advisor, SentinelOne [00:40:38]:
I'm sorry. This, this is what I care about. This. Don't you care about the folks over here? Yeah, but here's what I care about more, and that's where I don't have, you know, I can do anything. I can donate to anything. I just can't donate to everything. Here's the two things I donate to.


Joe Toste [00:40:52]:
Yeah. And that's, I love that. That's super. That's super important to recognize. Yeah. People only have so much time in the day, and I think realizing, you know, you're. You're not going to be the savior for everyone on the planet, but you can start with what you can control. And so, for me, that's invested in high school kids.


Joe Toste [00:41:16]:
You know, when you coach, you've got van rides. You've got to deal with our kids turning in, homework. There's life issues. Some kids don't have houses. Some kids do. I mean, it is quite a ride. Yeah. Kind of same thing is like, hey, these are the.


Joe Toste [00:41:29]:
These are the organizations I care about most that I'm gonna. I'm gonna donate to. And. And you care, and you're like, hey, I understand. I just. There's only one of me, so. But that's. That's a really great, really great perspective, and glad you.


Joe Toste [00:41:43]:
You're able to. I mean, I'm sure that guy's grateful for you stepping in and making that call to him. As far as, like, hey, I know you're thinking about suicide. Don't do this. So that's a great story. I love that. As you move. So, you talked about two things you said.


Joe Toste [00:41:59]:
One, Kansas has got a horrible retirement package. Based on what you just told me, it sounds like they got to work out their calculus a little bit better get the math on that. Right. So you're not working there. To your 100 and something to get full benefits. But number two, you said bigger stage, which kind of leads us to the FBI.


Morgan Wright, Chief Security Advisor, SentinelOne [00:42:17]:
Now, I did not work for the FBI. So I just want to be clear about. I don't know where you got your information. I did. I deny, deny, deny. You can't prove it. So there.


Joe Toste [00:42:27]:
I. Okay, we got it straight. Morgan did not work for the FBI.


Morgan Wright, Chief Security Advisor, SentinelOne [00:42:32]:
That there's anything wrong with that. And, look, we make fun of the FBI. It's a standard joke on our podcast. We make fun of the FBI. But that's because it's one of those things. We can make fun of them, but if somebody else makes fun of them, then game on. We protect our own. You know, we.


Morgan Wright, Chief Security Advisor, SentinelOne [00:42:46]:
You know, we look out for our own, but. So we can make fun of them. It's like, I can make fun of my family. You can't.


Joe Toste [00:42:51]:
Yeah, yeah, yeah, yeah. That's really funny. Okay, so we are gonna scratch that one off the list. Morgan did not work at the FBI. But.


Morgan Wright, Chief Security Advisor, SentinelOne [00:43:01]:
But I did train them, though.


Joe Toste [00:43:03]:
But you did train them.


Morgan Wright, Chief Security Advisor, SentinelOne [00:43:04]:
I spent a year doing their in service training on Internet investigations when they're first getting involved, and then they were collection of students and other people that I was training when I was teaching interview and interrogation. So I have. I have worked with them in the past.


Joe Toste [00:43:18]:
Yeah, that is. Okay. So trained training. FBI agents love that. At some point you step into the next journey. Right. This is the. You move into the private sector.


Joe Toste [00:43:32]:
Now, was the training for the FBI, was that already private sector work, or.


Morgan Wright, Chief Security Advisor, SentinelOne [00:43:37]:
Yeah, no, that. That was. I was actually. Because. Because I was instructing at the International association of Computer Investigative specialists. That was. I was on the board there. We were.


Morgan Wright, Chief Security Advisor, SentinelOne [00:43:46]:
We would train three to four to 500 law enforcement officers from around the world a year at a two week course on the investigation of computer crime, the exploitation of electronic media. So out of that, because I was teaching the Internet portion of that, the FBI was just getting started with that in 99. So one of the people, the unit chief, said, hey, look, we'd like to do an in service training course. So I put one together and went around and did it. Several locations. I mean, just for a year. But. And now, obviously, it's one of the things.


Morgan Wright, Chief Security Advisor, SentinelOne [00:44:12]:
The student far exceeds that, you know, the teacher. So they've gone so far beyond. But you got to get started somewhere. So that's. That's how we got started.


Joe Toste [00:44:22]:
No, that's great. So I interview a lot of public sector folks, and there's some private sector folks, too. How does that differ? What would you say are maybe the two biggest differences between the public sector work and the private sector work?


Morgan Wright, Chief Security Advisor, SentinelOne [00:44:37]:
Well, here's kind of my standard thing when I talk about, especially government. See, in government, you're penalized if you give back money at the end of the year, you've got to spend your budget, because then it goes into your baseline budgeting for the following year. The private sector, you're expected to turn back money. You're expected to save costs and do things. And not that there's not a saving cost, but. So it's almost kind of like the expectation. Hey, look, I can. I can't tell you the number of times in September to where you would get these projects where some agency would have five, six, $7 million left to spend and they'd come up with the project so they could spend that five, six, $7 million.


Morgan Wright, Chief Security Advisor, SentinelOne [00:45:11]:
And that was one of the projects I did in Columbia, plan Columbia, working on the counter narcotics capabilities and intelligence, you know, down there for, believe it or not, the US Marshals service, that was the sponsor, had the money. But. But I think the other thing, though, too, is, I think the biggest. One of the biggest things is the transition, is when you're in public sector, you don't really have to go look for work. A lot of it just comes to you. I mean, if, especially if you're in law enforcement, especially if you're, you know, a CIO or you run and people come to you, citizens company, you have stuff coming to you. But when you make the transition to the private sector, I've seen so many people go to the private sector, hang their shingle up and expect the phone to ring off the hook, and it doesn't do that. So a part of it is the mindset.


Morgan Wright, Chief Security Advisor, SentinelOne [00:45:51]:
There's a lot of people who help the military transition to the civilian sector. This is the mindset. One of our favorite jokes out here in northern Virginia, because you get a lot of these generals and admirals, they retire and they go to work for a defense contractor or something, tank, you know, but we always joke, you know, why is it, why are generals and admirals, you know, always late on their first day of work in the private sector? Because they're waiting on their driver to show up. No more driver. You got to drive yourself to these things. I was joking with a two star retired general, used to be the Army CIO. He's part of the George C. Marshall center that I belong to.


Morgan Wright, Chief Security Advisor, SentinelOne [00:46:25]:
And I was joking with him about that. He said, you know, said, you're not far off. He said, they've got a, you've got a big transition from the expectations of where you used to lead people. You would set directives and things would happen, and then depending on the role you take, you're back to doing it yourself. So I think the mindset in terms of what's the expectations in the private sector versus the public sector, you still want people who are ethical. You still want people who are responsible with their budget, with their money. You still want people who treat people good. You want good leaders.


Morgan Wright, Chief Security Advisor, SentinelOne [00:46:52]:
I hate the word managers because that reminds you, you want to manage something, go manage a, you know, go manage the installation of a pipeline or, you know, I mean, of a physical thing. But to me, you got to have leaders. You got to have people who lead, you know, and understand what it's like to lead in this thing. So I, and I think that's the other thing, too, is understanding the difference between public and private sector. And the other thing, too, is the outcomes are different. You know, what you're expected to do in the private sector is different than what you're expected to do in the public sector in terms of some of the job outcomes. So. And, you know, the other thing, too.


Morgan Wright, Chief Security Advisor, SentinelOne [00:47:23]:
It's, I think, one of the biggest things, too. For me, the difference I see is the transparency and accountability. It's huge in the public sector because it's written into the law. You know, a lot of things you have to be transparent about. But in the private sector, there are some different expectations with things that become public, because then you have to. Your risk is different in the private sector. Then you have to worry about certain risks of litigation and laws. If it's not stated on your ten k before it becomes, you know, if it becomes public, and all of this other stuff with breaches and stuff.


Morgan Wright, Chief Security Advisor, SentinelOne [00:47:51]:
So it's just. But I think the biggest thing to me, it's the mindset. You wake up that next morning, do you have the proper mindset to be in the private sector? Do you understand what it means where you have to, you know, what you eat? I mean, you have to hunt. You know, you got to kill what you eat, so you got to go hunting. It's. No, you're not a farmer anymore, and I'm not. It's not disparaging. I mean, look, there's.


Morgan Wright, Chief Security Advisor, SentinelOne [00:48:09]:
Look, when I was a detective, I didn't really have to go look for work. I mean, we did some self initiated stuff, but I can tell you, 98% of the time, we had more cases than we could handle. I didn't have to worry about it. Now, you'd have task forces and stuff that would do things. But. But, you know, I can tell you, when I started doing private work, it's like, okay, to your point, how am I going to put bread on the table? Hey, look, I can tell you this. Joe Tosti starts to decide, I want to do tech Tables podcast. I'm sure the first day, you didn't have 100 people beating down your door.


Morgan Wright, Chief Security Advisor, SentinelOne [00:48:36]:
Say, Joe, we want to sponsor your podcast. I mean, you have nobody.


Joe Toste [00:48:40]:
Nobody.


Morgan Wright, Chief Security Advisor, SentinelOne [00:48:41]:
So you got to go out, and you got to develop it. You got it. You got to go hunting, you know, and that's it. Can you give that hunting mindset? You know, it's. It's like an animal. Like a cat, really, at. A cat at heart is a lion, right? But my cats are so domesticated now, they still do their hunting activities. They've caught a couple mice for us.


Morgan Wright, Chief Security Advisor, SentinelOne [00:48:59]:
They'll still do. You'll see them play with stuff. That's their hunting activities. But there's a huge. There's a huge difference. And I think, for me, the biggest thing is the mindset, getting the proper mindset to understand what's expected and what you're going to have to do to earn it.


Joe Toste [00:49:13]:
Yeah, yeah, I love that. And there's a guy, you probably heard of him, Dave Ramsey, talks about it a lot. You know, you eat what you kill, and end of the day, that's what's required. So this actually is a fascinating topic for me, and I was kind of curious. What traits do you look for in hiring in folks or even advising when people are making that transition? You talked a little bit about it, but I can say you would probably have the sniff test or the smell test of, like, this person has it in them or they don't have it in them right now. It's going to be a hard transition. What traits do you look for, doctor?


Morgan Wright, Chief Security Advisor, SentinelOne [00:49:52]:
Well, I haven't had to hire anybody for ten years because we'll talk about that. I had to lay off a bunch of people. My last executive position, I've been doing my own thing for the last ten years, but I do have a kind of a litmus test that I use with companies that I advise for. For example, like Sentinel one, or like, when I was working with a couple of companies that worked in the intelligence community, they wanted you on the advisory board. It's really, are our missions aligned? Do we have a common culture? Do we have common characteristics? Do I believe in the same things you do, or do you believe in the same things I do? I can tell you right now, there are certain technology companies. Absolutely no way that I would take a dime from them. Just we are morally polar opposite about what we think about the way we approach things. There are some technologies that come from certain countries that I will absolutely have nothing to do with, period.


Morgan Wright, Chief Security Advisor, SentinelOne [00:50:42]:
Zero. I mean, I got an offer one time to go speak at a conference in China. And so it's. People see, that's the other thing, too, is you got to be careful in the private sector. If you get too hungry and you start dropping your thresholds, well, I won't do this for money. Then it's, well, then I'll do that, but I won't do this for money. But I'll do that, but I won't do this for money. What happens is a lot of time, there are certain countries, China being one of them, that can use the money to do things.


Morgan Wright, Chief Security Advisor, SentinelOne [00:51:11]:
And it's like, so I had company. Tencent said, hey, we'd like you to come speak at our cybersecurity conference. Well, Tencent owns Bytedant, which owns TikTok, and it's like, but I've seen this. I've seen this happen before? And we've seen it play out in Canada with the arrest of the Huawei CFO and then basically took two Canadians and created problems. I'm trying to be tactful about created problems for them to their exit visas. So they basically hijacked them, kept them in the country. And so my thing was, is that, hey, I'm sorry. First of all, I smoked them out because I gave them a really high price.


Morgan Wright, Chief Security Advisor, SentinelOne [00:51:42]:
It's like, you want me to come speak. It's what it is. $50,000, half of it upfront, non refundable. If you decide that you don't want me to come over, you lose it. First class ticket. Here's the hotel I stay in. You know, basically, here's my conditions. Never heard from them again.


Morgan Wright, Chief Security Advisor, SentinelOne [00:51:54]:
But I wasn't. But the thing is, the danger is sometimes when you get to the private sector is as you're looking to build up your business, you got to be careful about the things that you do because it will follow you wherever you go. And so it's. Look, there is one power you have as a private individual, and you do, too, Joe, that a lot of people don't have. You can fire clients. You can fire customers. You can say, I no longer want to work with this company. And I did that.


Morgan Wright, Chief Security Advisor, SentinelOne [00:52:19]:
Believe it. If I told you the name of this company, everybody would know this company. But I fired them as a client because they ignored my advice. They wouldn't do the things I said, here's what you should do. And then it came back to bite them in the butt. And I'm said, I'm sorry, you know, could I have stayed taking a check and money from them? Yeah, but it's like, I can't do that. You know, you got to find. So part of this, are you.


Morgan Wright, Chief Security Advisor, SentinelOne [00:52:39]:
In fact, I will tell you a quick story at Cisco. A lot of people think Cisco, you know, they acquire companies that some companies acquire revenue streams because they're building the revenue. Cisco doesn't acquire for revenue, they acquire for intellectual property. They look at where's the gap in our portfolio or product we acquire for intellectual property. So you don't have to have a lot of revenue to be acquired by Cisco. But the other thing, too, is that there has to be a cultural fit. There are times, I know where they looked at acquiring a company, but it was not a good fit culturally between how they did business and how Cisco did. So the acquisition never happened.


Morgan Wright, Chief Security Advisor, SentinelOne [00:53:10]:
So. Yeah, so, I mean, I think there's a lot of things. The biggest difference I think it goes into the mindset. And don't say that you're willing to do anything, because I've seen some people do that, and then they get caught up in something for money that they later regret. And I'm not talking about anything illegal. I'm just saying it's just, it's just not. There are some things that are not good business to do, so sometimes you have to starve a little bit to get to the right opportunity.


Joe Toste [00:53:33]:
Yeah, no, I love that. I'm actually going through that right now where I'm one of my, one of my clients. I'm just. We're at a crossroad and it's just time to say goodbye. And that, and that happens. And I talk to a lot. I probably actually lose a lot more business than I win. Only on the fact that a lot of marketing teams will end up sponsoring not all of them, but there are a lot of marketing teams that will sponsor tech tables.


Joe Toste [00:54:01]:
But their one requirement is that I hand a list of emails over for everyone who's either attending a live event or coming on the podcast or whatever. I don't do that at all. I know other folks out there do that. They might want to question their practices, but I think that's a terrible way to. To do that. And so I don't. And I'll lose out. But I just think it's like, dude, you shouldn't be handing people's emails over if they're going to come to an event and they're not, like, expressingly, like, good with that.


Joe Toste [00:54:31]:
So your point?


Morgan Wright, Chief Security Advisor, SentinelOne [00:54:32]:
That's the point there. I know that there are things that public at trade shows and stuff. I remember when I was at Cisco running them, like, the people, when they would sign up, they would say, hey, look, you can share or you do cannot share, and if they say, yeah, you can share my email or contact information, yeah, we take that all day long. But I think that's one of the things it's got to be opt in. People have to agree and you cannot without their. In this day and age, too, if you don't have their permission, I think it's bad form to share information unless you have explicit permission from the person attending to say, it's okay to share my information.


Joe Toste [00:55:02]:
Yeah, yeah. And like, in my world, the dynamic between, I mean, vendors oftentimes or almost always, yeah. Are the ones sponsoring. And so if the vendors are very transactional, that's like going back to the missions, align common culture. Like, I'm out trying to build this community and like, do you want to be in the community? This is just a transaction for you. You can just go hire a lobbyist or someone to go get you a sales meeting or something. I'm like, I'm not a lobbyist and not, and I've got some friends who are great lobbyists. But again, going back in the private sector, I run into stuff all the time, probably like yourself, of, hey, you know what? We're just not aligned.


Joe Toste [00:55:45]:
It's probably not a good fit. It's okay.


Morgan Wright, Chief Security Advisor, SentinelOne [00:55:48]:
There's an old thing. It's called the three R's. Relationships equal results, equal revenue. If you're just transactional, then you're a vending machine. That's why I. In fact, I'll tell you one thing. I'll call you out on it. I don't like to use the word vendor, and I'll tell you why.


Morgan Wright, Chief Security Advisor, SentinelOne [00:55:59]:
If you look up the definition of vending, it's nothing about strategy, it's nothing about collecting requirements, and nothing about understanding the problem. The vending machine is, I have three things for sale. If you don't like those three things, well, sucks to be you. Then. If you like these three things, put your money in here, pull your lever, or punch the button, and then you get what I've predefined as the requirements. So I said, people, you got to move away from being a vendor. You got to move away. To me, it's becoming a partner.


Morgan Wright, Chief Security Advisor, SentinelOne [00:56:22]:
I don't like to use all these things. Well, we want to be your trusted partner. Quit using jargon. Hey, look, I just want to be valuable to you. If I can be valuable and we can have a relationship, great. And that's one of my roles, too, is I go out, work with the sales teams, the marketing teams present, meet with customers, meet with potential customers, meet with existing customers. How do we add value? How do we make it valuable for you to continue to do business with us? But if you're transactional, I've seen that before, too. If you're transactional, it's like being at a carnival, you know, hey, next person up.


Morgan Wright, Chief Security Advisor, SentinelOne [00:56:50]:
Next person up. I'll tell you what. Who got the lesson? Starbucks was getting to that point where it's just like, transactional. I quit going into Starbucks for one reason, not a negative against Starbucks, not because of their coffee, but I just. Next customer in line. Next customer in line. It's like, this is like a cattle call, you know? Yeah, bring the next piece of meat up here. Let's get them processed.


Morgan Wright, Chief Security Advisor, SentinelOne [00:57:08]:
And it's like, no, I want to go. So I started going to places, and they've changed. I will tell you this, too. Their personality. They got the message. It's got to be customer oriented. You have to be. It's about their success, not your success.


Morgan Wright, Chief Security Advisor, SentinelOne [00:57:21]:
And my first thing you know, I told my strategy is very clear. When I was working with teams, whether it was at Cisco or burning point or whatever else, I said, you know, for me, what the measure of success is. I want to be their first phone call. I don't care what it's for. Hey, I need tickets to the game. Fine. Or, hey, look, we're thinking about buying a house. Kind of an extreme example, but if you can occupy that space in their mind to where you're the first person they think of, why? Because you add value to them.


Morgan Wright, Chief Security Advisor, SentinelOne [00:57:48]:
Because you're the person I want to call. That's the position I want to be in. I don't want to be one of those things to where I'm competing. There's a great book out there, too, called Red Ocean, blue Ocean. I don't want to be competing in a sea of red with everybody else. I want to do stuff that stands out. And that's why, whether it's the podcast or whether it's sentinel one or whether it's, you know, whatever it else we do, Joe, it's like, if you don't stand out, then you're spending all your energy and your time trying to differentiate yourself. I'm tired of, look, I want to find those things where I can add unique value and do unique things and be in a sea of blue, you know? You know, an ocean of blue rather than an ocean of red.


Joe Toste [00:58:23]:
Yeah, no, that's really great. And, you know, one of. One of. And I'm sure you feel this way, too. Like, I love being creative. Like, I think the, like, the podcast expresses creativity for me. I love the. I do love the live event.


Joe Toste [00:58:38]:
They are an insane amount of work, but I do love the live events, especially making them unique. And I'm always asking questions, like, all right, like, and Jamie and I, my wife, we'll sit down. We'll go, okay, so we're going to this event. We've got, like, you know, what's our theme? How do we not make this boring? What haven't we done? What do people like? What's going to, like, surprise them? And we don't have any limits. And there's no. We don't have to meet with anyone to make a decision. We just sit down, brainstorm, come up with some ideas, and just figure out, hey, how can we create the best experience possible? And the like. I love the creative part, the kind of how I earn a living is this is just the vehicle, which it's.


Joe Toste [00:59:19]:
Which it's gone through, which is the tech tables, is the platform, which is funny. No one wanted to hear me speak before, and so. But now that I have a platform, people want to hear me speak, which is pretty funny. So when you price, it's very similar to you. You're in the game a lot longer than I am. I'm a lot younger. But when you. When you've got the platform.


Joe Toste [00:59:43]:
How do you know you got the platform?


Morgan Wright, Chief Security Advisor, SentinelOne [00:59:44]:
No, how do you know you're a lot younger than me? Are you making an age joke? Is that because of my hair, or.


Joe Toste [00:59:51]:
I got a couple gray hairs right here. I was telling my wife, do I look like a silver fox yet? And she was like, shut your mouth. Yeah, we were laughing pretty hard about that.


Morgan Wright, Chief Security Advisor, SentinelOne [01:00:05]:
I will tell you through one thing. Have you ever heard of the Savannah bananas?


Joe Toste [01:00:08]:
No.


Morgan Wright, Chief Security Advisor, SentinelOne [01:00:09]:
You need to go look up the savannah bananas. He's a buddy of mine, Jesse Cole. He's written a couple books about it. They, they do minor league baseball, but it's called banana ball. They are so customer focused. They have changed the game. In fact, ESPN did a whole series on them. I mean, they started getting to the attention.


Morgan Wright, Chief Security Advisor, SentinelOne [01:00:25]:
It's taken them a while, but they started getting to the attention of people, the way they do things, the way they've kind of. Now, they still go out and play regular baseball, but when they do their banana ball, it's like you've got a. Pitches have to. I mean, they've shortened the game. He's changed. He has no, he has no sponsors on their outfield sign anymore. I mean, they've done everything. You know, you go to these ballparks, and it's like, oh, my gosh, it's $50, $70 for the ticket, then $100 for snacks and everything.


Morgan Wright, Chief Security Advisor, SentinelOne [01:00:49]:
They charge one price to get in, and that includes everything. That includes your snacks, your drinks, whatever else. So. But what's to your point? He's redefined the customer experience. He's defined. He's looked at it from the standpoint, and he'll go out in the stands and be a, you know, secret shopper type of thing, but he's. He'll look at it. Everything from one of their people said one time, hey, look, our drains on the walkway up there are rusty.


Morgan Wright, Chief Security Advisor, SentinelOne [01:01:09]:
So he went out and got brand new drain covers. You know, just the small ones with the banana logo on there. Just small things like that. Their parking lot. Hey, it's bumpy, it's gravelly here. Change the experience on that. So, I mean, that's what, that's, that's the creativity he's got. And trust me, they were sleeping on an air mattress.


Morgan Wright, Chief Security Advisor, SentinelOne [01:01:27]:
They were a million dollars in debt. They were dead broke, and they had to make this work. So they figured out a way, and a lot of it was changing the mindset and stuff. But, yeah, no, I love that kind of, I love the creativity part. And that's, that's why podcasts are fun, too, because it's finding the different guests, it's the different avenues, the things you talk about. It's the, and it's, how can we solve the problem differently? I'm doing a couple things like that right now. We've got a. We'll tell you about, I'll tell you about later.


Morgan Wright, Chief Security Advisor, SentinelOne [01:01:49]:
We've got a, I've got a grant from the Department of Justice to build something I've been working on for a long time called the National center for Open and unsolved cases. So, but that's, but it's a creative way of looking at how do you generate tips for crime and not using the traditional way. So every. It's all about creativity. That's what, to me, that's the other thing, too. I think that's the other thing the private sector can unleash in you is you have the power to be creative. Without this type. You can be creative in government, don't get me wrong, but you have some constraints.


Morgan Wright, Chief Security Advisor, SentinelOne [01:02:16]:
But the, but when you get into the private sector now, it's kind of like, hey, there's a lot of things I can do that I could not do before. How would I do those differently? If I were going to solve the same problem? How would I do it differently today?


Joe Toste [01:02:27]:
Yeah, I absolutely love that. Yeah. The expressing the creativity and I think just figuring out, and you nailed it, like, how can we make this experience phenomenal? And I don't know, I think it kind of goes back like when I was a kid, I would had back in the day like a Sega genesis and like a very old Nintendo, but those didn't like, directly hook up to a tv. So I remember going to a swap meet. I had my mom driving to a swap meet. I bought a VCR and I would take the VCR and I hook it up to the tv to then hook the gaming console into. And this is pre Google, there's no AOL dial up. Didn't hit the scene yet.


Joe Toste [01:03:08]:
And you're having to figure, I'm reading manuals, like, as a kid, trying to figure out how I can get this system to work. And I just remember always. And then when I got a little bit older, when we got computers in school, I was constantly downloading packages and trying to figure out. I was, like, helping the teacher install stuff. And so. So I think some of those traits of, like, hey, are you curious? Are you interested in, like, looking at problems in the world? And I love asking how questions. And I can tell when someone's like, this is impossible, or, we can't do this. Like, okay, well, what if you just ask, like, how could we do this? Like, how could we make this happen?


Morgan Wright, Chief Security Advisor, SentinelOne [01:03:45]:
Well, you know the question I would ask when they go, it's impossible. We can't do it. Well, how do you know? How do you know it's impossible? You know what's impossible? How many things that. When you looked at Star Trek back in the original Star Trek series, it's impossible. You can't do those things. Guess what? 95% of that technology now exists. You know? So I think the only thing I hesitate to use is. But one of my favorite sayings comes from Albert Einstein.


Morgan Wright, Chief Security Advisor, SentinelOne [01:04:07]:
He says, there are only two things that are infinite, the universe and stupidity. And I'm not so sure about the universe. You know, I just. People are so limp. They. You know what they do? They limit the possibilities because they limit their thinking. So when I was working at DOJ on information sharing, you wouldn't believe the number of people I had come in say, well, we can't do that. And I say, why not? Well, because our policy says, forget the policy.


Morgan Wright, Chief Security Advisor, SentinelOne [01:04:26]:
What information do you need, and how would you share it? And you know what made some major, major breakthroughs? In fact, one of the biggest breakthroughs we got was the attorney general at that time, John Ashcroft. His deputy attorney general was James Comey. We showed them why you should consolidate all ballistic information into one system. And that was my. One of my first early wins in this thing was, now it's called Nibin, the National Integrated Ballistics Information Network. I don't need to go to three systems to look for firearms and casing information. There shall be one repository, and it shall be with the Bureau of Alcohol, Tobacco, Firearms and Explosives. Bat fee.


Morgan Wright, Chief Security Advisor, SentinelOne [01:04:59]:
But we call it ATF.


Joe Toste [01:05:02]:
I love. I love that insight, that background.


Morgan Wright, Chief Security Advisor, SentinelOne [01:05:06]:
We also joke. You know what ATF stands for as well? They show up after the fire. That's a joke for you.


Joe Toste [01:05:10]:
ATF people out there after the fire, that was. I'm actually going to jot that down because I was. I just started reading this book that was recommended by a CIO called the Phoenix Project, which is a novel about it, DevOps, and helping your business win. And so it's a pretty funny story. I just started it yesterday, and in the opening story, both the CIO and the VP of it get fired. And the guy that's underneath starts to come in, and the CEO tries to put him in place, and he's like, hey, I don't want this job. And he's like, well, don't worry. You don't have to be the CIO.


Joe Toste [01:05:49]:
We're gonna get a new one. He's like, I don't want that job either. That stands for. It's like, career is over. Yeah, career is over. And like, that's so funny.


Morgan Wright, Chief Security Advisor, SentinelOne [01:05:58]:
Well, there's. There's also another joke, too, in the private sector, but it's like you become CEO of a company, the former CEO hands you three envelopes, and he says, look, first time you have a problem, open up the first envelope. The first envelope says, first thing you do is you reorganize or you blame the previous CEO. Then if you have more problems, you open up the second envelope, and the second envelope says, reorganize. And then he goes, well, what's in the third envelope? He says, prepare three more envelopes, you know, because you're going to get fired, and the next guys are going to come in. So, yeah, I've heard that people. Do you. Most CIO's have a career of less than three years, which, by the way, is what most police chiefs have, believe it or not, they average ten years, like 2.8 years.


Morgan Wright, Chief Security Advisor, SentinelOne [01:06:36]:
And when I was working down at justice, the longest just the CIO, the. The longest DOJ CIO they've ever had is Van Hitch. He actually came out of the private sector, into the public sector. And I worked with Van. I actually worked with his daughter, too, at Cisco, but he was there for, like, eight, nine years. I mean, that's a long time in the federal government to be CIO.


Joe Toste [01:06:55]:
Yeah, that sounds like a couple eternities. Hopefully. It looks like he had a couple years to think about those three envelopes. Okay, so we know s one's amazing. You're the chief security advisor there. Walk us through, like, what are the top priorities of a chief security advisor?


Morgan Wright, Chief Security Advisor, SentinelOne [01:07:13]:
So, you know, it's really, it's to win the air wards, to win the battle of the hearts and minds. So I go out and I work a lot, directly facing the customer, with the sales teams, with the marketing teams, and I don't do sales pitches. In fact, I mean, I know a lot of their products, but if you ask me how they, how all of them work, I'd say that's why we've got sales engineers, and that's why we've got great account executives over here. Let me bring them into you, because I'm not here to talk about the tech. And that was one of the decisions it's really about. All I do is I come in, I say, let me change your point of view about how you think about problems. Let me change your point of view. And so, really, a lot of this is about, but, you know, work, when we work and meet directly with them, it's to listen to them.


Morgan Wright, Chief Security Advisor, SentinelOne [01:07:49]:
And I ask, because I'm not. I don't have the baggage that a account manager has or, you know, some other executive in the company has. I can ask questions. In fact, one of my favorite questions is to say, you know, how do you get measured at the end of the year? How do you know you've been successful? And how does your board, if you're publicly traded, if you have an audit risk committee, how do you know you've been successful? What are your metrics for success, and how do you demonstrate that you've been successful? We implemented a program. Well, I implemented a program, too, but what outcomes did you get? What did it achieve? I think a lot of the struggles have been, how do you really define those good metrics that show I've been successful this year here? It's very easy if you're in sales because you have a revenue target. It's very simple, right. And you're the same way, too. You're in public sector.


Morgan Wright, Chief Security Advisor, SentinelOne [01:08:37]:
You might have, your goals might be certain things like, we got to get this plan or this project implemented or this technology implemented. But, like, from our side, when you're doing your own thing, it's like, hey, I've got a rep, you've got a revenue goal. And it's pretty simple. My expenses are x, my income is y. Right. And as long as y exceeds x, you know, we're good. When y drops below x, you know, I've got to. I gotta rethink things.


Morgan Wright, Chief Security Advisor, SentinelOne [01:09:03]:
So. So for me, it's really about, it's meeting with them a lot of one on one, but a lot of public presentation. And, like, the one I currently do right now, the cyberspace of the cold war in cyberspace with Russia, it's really about, I challenge people about the way they think about the problem. So that's really all I want them to do, is come in and add value, let them know, hey, we're bringing in, we, it's initial, it's another touch point. But like, when I present on the media, when I present on television or I do radio interviews, I'm not harping products. I'm not, I don't shill. I mean, that's not something I do. I'm not here to sell you sentinel one.


Morgan Wright, Chief Security Advisor, SentinelOne [01:09:33]:
Put your pocketbooks away. All I want to do is have a conversation and see if I can challenge the way you think about the problem, how you think about it now. And will you think about it differently when I'm done?


Joe Toste [01:09:44]:
Yeah, I love that. Thinking about the problem differently, winning the battle of the hearts and minds. Like, yeah, not having, I mean, you're detached, so you can, you can listen, you can ask those questions. Kind of very similar. I don't know any of sentinel one's products. Like, I couldn't tell you, I couldn't tell anything about their products except, you know, kind of from a very high level surface. But I love interviewing people, love connecting the dots and telling the stories. I think how you tell the stories is somewhat wrapped around, like, you know, how are you measured? Were you effective? Did you hit the outcomes? If you hit, if you didn't hit the out, whether you hit the outcomes or you didn't hit the outcomes, there's still a story attached to that, a narrative.


Joe Toste [01:10:30]:
And so one of my other favorite.


Morgan Wright, Chief Security Advisor, SentinelOne [01:10:31]:
Things to ask, I was just on a call with somebody. What day are we? Yeah, last week, yeah, this is Monday. Holy cow, I forgot what data it was last week on Friday. But I was, I was asking him, I said, look, if you were HMFiC, that is a technical term for head, you know, MFR in charge. If you're the HMFIC, what would you, and you could do anything you want for this next year. What's the, what's the one or two projects you would do? What would you do? You know, and then you'd be surprised with that. I would love to do this. I would love to do that.


Morgan Wright, Chief Security Advisor, SentinelOne [01:11:00]:
And then you start, well, then why aren't you doing it? Well, because they think, well, but let me be candid. Who knows better, you or some board member who's detached? That can only go maybe one, if they're lucky, two questions deep on the issues, you know, why aren't you changing that? So I gave, you know, part of this too is giving them strategies for how to do it. One of the folks I talked to out on the recent west coast trip with the west western team, the western region team, I was actually talking to one of the guys that said what you need to do is you need to, who are your one or two? Who are the one or two people on that board who are bellwethers as they go? Everybody else follows them on a particular issue. Who are your champions? Have you identified them? Have you done like basic board training when you have a new board member? Come on, do they get an hour or 2 hours with you so they understand, you know, your goal should be everybody on that board should be able to go two questions deep on what it is you're doing. You don't want them to be experts. I don't want them spending their time saying, this is how you configure a router and a switch and a gateway. Oh my. No, you don't want them doing that kind of stuff.


Morgan Wright, Chief Security Advisor, SentinelOne [01:11:56]:
But, you know, do they understand the metrics? Do they understand the risk if we don't have, if we're not, what's our patching cadence and what's the risk if we're not patching on a regular? How do we respond when a critical CVE comes out? You know, ask Equifax that question. When the stretts database that was actually discovered originally by Cisco Talon, then it was published and they failed to take action on that. And one of the biggest breaches of personal information in history. And I say, I've talked with the people at Equifax. They know it. They've gotten religion, but getting religion after the event is too late. You know, the mayor of the city, Atlanta, says, well, look, we never took cybersecurity seriously, but after our ransomware attack, we take it seriously. And I'm like, folks, you can spend a dollar now to solve the problem or you can spend $10 later.


Morgan Wright, Chief Security Advisor, SentinelOne [01:12:40]:
When I testified before Congress on healthcare dot gov, the security and privacy of healthcare Dot gov testified twice. One of the statements that has stuck with me, a member of Congress said, look, the us government never finds enough time and money to do it right, but we always seem to find the time and money to do it over. And when you do it over, it's always, IBM did this study, if it costs you a dollar to fix a problem before the product or solution is released, it will, on the, on average, cost you $100 to fictor, fix it after it's released. So, but, but we're in this rush to get things out. You know, we're in the rush to do stuff. So. So the reason I say that part of my work, bringing it all back around is I just get them thinking differently about how do they structure their relationship? Do they report directly to the board? Do they have to go through an intermediary like the CIO? You know, what's your relationship like? How do you change that? How do you change that dynamic, that relationship dynamic with them so that you have some facetime with the board so they can hear it straight from you? Look, CIO's are not cisos, you know, depending on the size, but they have different things. So at the end of the day, the CIO normally has the resources to implement the things that the CISO needs done, you know, and so what's that relationship like? So, I mean, there's really a lot of, this is just.


Morgan Wright, Chief Security Advisor, SentinelOne [01:13:50]:
And the other thing, too. It's not cookie cutter. You cannot go to one company and say, well, this, you know, you need to do it this way. Again, it goes back to culture. What's the culture of this company? What makes you different? What makes you unique? Why do you, why do you do things the way you do them? You know?


Joe Toste [01:14:05]:
Yeah, that's when I think about the strategies and that you're helping, I also think about, you know, just, just in the companies I talk with, I think a lot of folks struggle with how do I prioritize the most important work? And I'm just shocked it happens so much. But I think the work that you're doing, as far as helping them, a lot of these companies really crystallize around. Hey, here's the most important stuff that we need to do. Here are the strategies we can implement and part of it, too. I mean, you even talked about the relationship component. None of that's technical, anything technical. It's just if that relationship isn't there, for example, with the technology suite and the board, yeah, you're going to have a breakdown and you're going to be paying that $10.


Morgan Wright, Chief Security Advisor, SentinelOne [01:14:52]:
Or it could, if your public sector, it could be the relationship between you and the city, the county, you know, the state. Right. It's the same thing. Right. Do you have the right kind of relationships if you're the state CIO? Do you have the right, you know, the state CIO doesn't freelance. They do things that are at the agenda of the governor. And so are you in alignment there? So, yeah, everybody. Everybody.


Morgan Wright, Chief Security Advisor, SentinelOne [01:15:14]:
And to me, it really does. It boils down to relationships. Do you have the right relationships at the right level? And do you have insights at each level that help you understand the goals, problems and needs of that person at that level? What is it somebody at the worker level is trying to accomplish versus somebody at the managerial level versus somebody at the executive level? You know, mid level versus executive level? Because I can guarantee you what if I have a goal as a CEO, I drive that down. That becomes the goal at the next level, which generates problems and needs, which generates goals at the next level. So if you want, if you have good insight at each level, what they're, how they're being measured and what they're doing, you have good insight then to how it rolls up. And when you, where you find misalignment as to where they're working on x, but they should be working on. Yeah, that's where you want to identify those things early on because it means you don't have good alignment between what the outcomes of the organization are and what the folks that are building this and working on this are doing on a daily basis. If I'm building something in Java and it's supposed to be built in c, we got a problem.


Morgan Wright, Chief Security Advisor, SentinelOne [01:16:16]:
Right?


Joe Toste [01:16:17]:
Yeah, yeah. No, I love this company for me is only two people, me and my wife. We are actually trying to hire someone basically to be kind of like the, the COO of the company slash executive assistant a little bit right now. So figuring that out as we're kind of crafting our hiring, so I should say we're actively hiring. We're actively going through the process of what the hiring description would look like, building the right sops and like kind of all that stuff. But I think it's super important is, and we do this, my wife is like figuring out each week, does what we're doing match up with the outcomes that we have for the year?


Morgan Wright, Chief Security Advisor, SentinelOne [01:16:56]:
So I'm going to give you a piece of advice. Something I've been doing for the last few years I think would be great for you. There's two things you ought to look at. Michael Hyatt and his full focus planner. And he's got a, it's called you can go to Michael hyatt.com dot.


Joe Toste [01:17:07]:
Yep.


Morgan Wright, Chief Security Advisor, SentinelOne [01:17:07]:
I don't know if. Are you familiar with that?


Joe Toste [01:17:09]:
I am very familiar. Yeah.


Morgan Wright, Chief Security Advisor, SentinelOne [01:17:10]:
Okay.


Joe Toste [01:17:11]:
Yeah, yeah, yeah.


Morgan Wright, Chief Security Advisor, SentinelOne [01:17:12]:
The other thing is, because to me, that's the framework, that's the architecture. But the thing that really operationalized things is David Allen's getting things done.


Joe Toste [01:17:19]:
Yep. Yep. Those are our two absolutely fantastic resources anywhere.


Morgan Wright, Chief Security Advisor, SentinelOne [01:17:25]:
Public, private sector, solo. And, you know, whatever you do and to me, that's the biggest thing, is I've got to focus on to. I have my goals, like, in ten places throughout my house. One of them is getting my book done. Got to get it done by January 31. Right, but. But, yeah, but it's like getting things done. I only work on the things each day.


Morgan Wright, Chief Security Advisor, SentinelOne [01:17:42]:
In fact, it was the guy from Keller Williams. I'm trying to think of the guy's name. He wrote the book. Oh, the one thing. Yeah, it was called the one thing. And basically, he has a sign that says, until my one thing is done, my main thing is done. Everything else is a distraction. So when people say, I got ten priorities.


Morgan Wright, Chief Security Advisor, SentinelOne [01:17:57]:
No, you don't. You got ten. You got nine distractions and one priority. What's the priority? Priority actually was designed to be a singular word, not plural. So it's kind of like saying, you know, you can only focus on one thing. People say, why can multitask? I can show you an exercise where you can disprove anybody. They cannot multitask, period. Cannot be done.


Morgan Wright, Chief Security Advisor, SentinelOne [01:18:16]:
You got to singularly focus. You got to get in flow. You got to get that thing done. When that thing is done, when your main thing is done, then you find out what's the next thing. So, like, you're talking about the full focus planner they use. I change it around. They talk about their daily big three. I say it's daily big one plus two.


Morgan Wright, Chief Security Advisor, SentinelOne [01:18:32]:
When I get my one thing done, then I figure out what my next thing is. Based on the getting thing done methodology, what do I have the time for, the energy for? Is it the right context? I'm at the right place, etcetera. So I just don't put something on there, just to have something on there. I use full focus planner in that framework to help me decide what's the next. And GTD then helps me operationalize that whole framework work.


Joe Toste [01:18:53]:
Yeah, I love that. I wasn't planning on diving into this, but this is a great topic. I. At some point, I might even do, like, a little series. I think I haven't hurt too many folks in the public sector. I think I hear a lot of struggle on the priority front. I am huge David Allen fan, Gtd. I used to use Michael Hyatt's planner.


Joe Toste [01:19:13]:
I use kind of a different combination. Dave Ramsey has a. He actually has a piece of software, and then in that piece of software, he has something called a desired future. So I kind of map out the desired future for the year. I have defining objectives and key results, and then how I bring that in on a daily basis is there's a piece of software called Sensama and it's kind of the daily Planner for busy professionals. And I actually, because I work with so many different pieces of software, I manage my GTT system, my GTD system in todoist because it integrates with sensama. But also.


Morgan Wright, Chief Security Advisor, SentinelOne [01:19:46]:
Yeah, yeah, I have todoist as well.


Joe Toste [01:19:49]:
And so I will drag in also my email, I will drag in my tasks into samsama, which I absolutely love. And I think it's like if you can nail that down where you've got one central repository and you can not drop the ball, I said that as I dropped the coffee mug as I was buy that before this, but pretty good. Not drop the ball on that and you can bring your work into one area. It just frees your mind up.


Morgan Wright, Chief Security Advisor, SentinelOne [01:20:17]:
So see, that's the key thing people miss. David Allen has a great statement. He said your mind is for having ideas, not holding them.


Joe Toste [01:20:24]:
Yeah.


Morgan Wright, Chief Security Advisor, SentinelOne [01:20:25]:
And in fact, when you were just saying that, see, one of the things I do, one of the things I keep by my desk and I have these all over the house, I have my little notepads like David Allen style, I write it down, I have my inbox over here, I tear it down, it goes into there. I deal with my inbox either daily or, you know, every other day. But I don't, I don't keep anything up here. Why? Because I'm older than you, as you pointed out, you ageist, you age. You're discriminating me based on age. But I don't have to remember it. I put it into a trusted system and I know very quickly I used to do, I used a combination of full focus planner, GTD and todoist to do the same thing. But it doesn't matter what it is.


Morgan Wright, Chief Security Advisor, SentinelOne [01:21:00]:
Somebody said one time, what's the best platform? Is it this? Is it Zoom? What? I said, the best platform is the one you can use consistently and you're good at using. It's the one you understand. Is it teams, is it Google, is it Zoom doesn't, I don't care. It's what are you good at using that meets your needs and don't listen to everybody. Well, you have to use this. No, I don't have to do anything. I can choose to do something. But like for me, I found what works for me is a combination of to do it, GTD and full focus planner, but it doesn't matter.


Morgan Wright, Chief Security Advisor, SentinelOne [01:21:27]:
Use somebody else's planner, doesn't matter. But I think the key thing is, do you have goals for the year? Do you have a way of visualizing those goals and knowing, and what am I doing today? Is it moving me closer towards my goals or farther away from them? You know, and so it's just. But you better have goals. Whether you're in public sector, private sector, you need to have those things and how do you track them and how do you know you're making progress? And one of the best ways is sometimes it's look at. Look at the gain, don't look at the gap. Dan Sullivan said that, look at the gain. You might have just been 25% into your goal, and you might think, I still got 75% to go. That's a long way.


Morgan Wright, Chief Security Advisor, SentinelOne [01:21:59]:
As opposed to, look, I've already accomplished 25%. Look what I've done so far. So look at the gain, not the gap. And actually, I was just finishing up, going in depth on goal setting this morning, Michael, one of Michael Hyatt's courses. And. And once you get past 50%, the science has shown you actually get more excited about your goal and you accomplish it, because now you've kind of crossed that threshold. So.


Joe Toste [01:22:19]:
Yeah, no, that's great. I love Michael Hyatt. He's a tremendous resource. A few other kind of, I think, things that, that really helped. David Allen talks about the two minute rule. So I found people struggle, because I'm like, if it's less than two minutes, just do it.


Morgan Wright, Chief Security Advisor, SentinelOne [01:22:32]:
The four ds. Do it. If you can do it in two minutes, do it. Delete it or defer it.


Joe Toste [01:22:36]:
It. Yep, yep. And, and so, so the two minute roll, the two minute rule is absolutely game changer and huge. And then I think the next thing is understanding. People take a long time to do stuff because they don't understand. Like, hey, this email you received is not just an email, it's actually a project. And so a really simple email is just, I acknowledge this email, this is actually a project. And we need to, like, break this email up into a bunch of different steps because it's actually a giant project.


Joe Toste [01:23:07]:
And so I found if you can have the goals, and I found, too, because going back to the eat what you kill, I have to be highly productive. I don't get paid to sit at my desk. I know it sounds a little harsh, but it's just the truth. And so right now, we're one. Yes. Let's go. Except for right now. Exactly.


Joe Toste [01:23:27]:
Have to move very quickly, much like yourself. Move very, very quickly. So running the business with that kind of general understanding, I look at each week on a content perspective. What do I want to ship? We're releasing three podcasts and a newsletter every week, and no one's even close to doing that now. They're not long form for the audience listening, but still takes a lot of research. We got a lot of really great guests coming on, so there's a lot of prep time, but now I've got it dialed in. I know. And I just.


Joe Toste [01:24:00]:
It's easy. I just. I put my phone away and people, you know, even. Even sponsors. Hey, I was just dropping in one. Give you a phone call and you're like, well, it's probably not going to work because beyond do not disturb. So I can be highly productive. I'm not getting distracted pinged by a bunch of random.


Morgan Wright, Chief Security Advisor, SentinelOne [01:24:15]:
We also call it being present. You during. You turn that off and so you can be present. Yeah. And that's good.


Joe Toste [01:24:20]:
Yeah, I'm being present right now. People always ask me, Joe, I texted you at this time and for today, well, I'm on a podcast of Morgan. I don't know what to tell.


Morgan Wright, Chief Security Advisor, SentinelOne [01:24:31]:
You're absolutely right. You did text me at that time. Was there a question in that? You know.


Joe Toste [01:24:37]:
Yeah, yeah, yeah. So, yeah, I just want to reiterate. Michael Hyatt, David Allen. Really great. If those of you who are in the kind of faith space, I've got a great friend. He's got a book. Where is it? I know it's over here. Over here somewhere.


Joe Toste [01:24:55]:
Aha.


Morgan Wright, Chief Security Advisor, SentinelOne [01:24:57]:
Aha.


Joe Toste [01:24:58]:
Redeeming your time. This is a great one by my friend Jordan Raynor. Seven biblical principles for being purposeful, present and wildly productive. Definitely check out Jordan Raynor. He basically takes a lot of the GTD methodology and kind of integrates it that way. But, you know, however you're going to do it, you need a system. It's got to be repeatable, and you got to be able to integrate both the goals. And I love what you said about Michael Hyatt, that stat about if you get 50% there, you're more likely to complete it.


Joe Toste [01:25:28]:
I've run a marathon a couple times and. Yeah, when you get to 50%, let me tell you, you're not giving up at that point.


Morgan Wright, Chief Security Advisor, SentinelOne [01:25:34]:
Well, the other thing, too, is, you know, I don't run marathons. I did some triathlon related stuff, but I'm not a good runner. I can't. I just. Not my strength, but I can bike and swim, but. But it's. Even then with the guys who run, it's. You hit the wall, right? What do you do? When you hit the wall, even like on a long ride, 112 miles, you know, that's a long ride.


Morgan Wright, Chief Security Advisor, SentinelOne [01:25:50]:
What do you do when you hit the wall? And you got to be able to. You got to be able to just reach within, find that mental fortitude. And I'll tell you what, one of the great podcasts we did, too, with a guy named Kevin Holland. Kevin is the only publicly acknowledged member of both DEVGRU, SEAL team six, and the Army Special mission unit Delta, which everybody calls Delta, cannot be publicly acknowledged, but it's a special mission. But that was the guy that pulled Saddam Hussein out of the spidey hole. So he was the operator that did that. When you go through and realize the mental toughness you have to do to get through buds or Delta, I mean, it's like just listening to what they did and what they go through, I listen to that and I go, oh, man, that's like, it's like me complaining about the fact I have a little hang nail. I don't have anything near that tough, you know? So a lot of it, too, is about putting it in perspective.


Morgan Wright, Chief Security Advisor, SentinelOne [01:26:35]:
And I think, again, kind of close off on that. It doesn't matter what you do. As long as you do something, you do it consistently, have it repeatable. The best thing in the world is to get everything out of your head into a trusted system so that you can do exactly what you think. I challenge people. In fact, when I took over a team, I had a lot of people, they judged their value by how full their calendar was. And I said, I judge your value by how clear your calendar is, because let me ask you, you've got a week booked here with no time. When do you think about the problem? When do you sit back and do nothing but stare into space and think about the problem? Where is the time you think critically about the problems we're trying to solve? And they've shown this at Google at three M and other places.


Morgan Wright, Chief Security Advisor, SentinelOne [01:27:16]:
You got to have not, I don't want to say goof off time, but you have to. When you're staring off into space and wasting time, you're actually thinking about stuff. By the way, the biggest breakthroughs that came through on DNA, or when the two scientists took their afternoon walks, they'd get out of the office and they'd walk together and they'd get away from their environment. That's how they got the breakthroughs in DNA sequence.


Joe Toste [01:27:36]:
Yeah. Do you find. I. We're gonna jump around a little bit, but one of the things how I write podcast questions, I'm actually, since you're a pro, I would love to hear a little bit insight from you. How I write questions is I actually very rarely write the rough drafts at my desk. I actually go on walks. And as I'm listening to either content or exploring, I will come up with questions that way. Probably the best questions I come up with typically are on walks.


Joe Toste [01:28:05]:
Last night I was, I was writing some additional stuff. I was not walking in the middle of the night, but here in California because it's been raining. But when it's not, I love going on walks to think about questions. And I use a couple apps, like, there's one called Air IO. So when I'm listening, I listen to a couple episodes of Morgan's content and I can highlight the audio and then comment, hey, I really like this great insight over here. Come back to this. And then that actually gets hooked up to this little app I use called readwise IO. So niche app that kind of hooks in all this stuff, and then that's hooked up to Evernote, and then that information all gets transferred in.


Joe Toste [01:28:45]:
So when I go to listen, when I want to go back and look at maybe Morgan's got an episode that, that I was listening to, I'll go back and see all of the time stamped plus my notes, and then I will go maybe write a summary on, like, hey, you know, I really like this, and I'll just write the questions. Then. Then when I sit down at my desk, I collect all the information and then I put it in. But I would love to know, how do you write podcast questions? How do you think about the research process? Like, what does that look like for you?


Morgan Wright, Chief Security Advisor, SentinelOne [01:29:13]:
I'm going to disappoint you. I used to do a lot of that upfront, but with the type of guests we have, like, when I had Dave Reichert on the investigator for the Green river killers, me and Murph, I had like, probably 21 pages of notes. But that's because I researched, this was an important case. I researched a lot of it. But a lot of what I've transitioned to now is, I mean, I just use my experience as an interviewer. I mean, it's, look, we basically break it into four things. Tell us how you got started. Cosa Nostra.


Morgan Wright, Chief Security Advisor, SentinelOne [01:29:38]:
How did you get started in this, what we call thing of ours? Right? So I walk them through how you get started, and I can tell when somebody's holding back. You'll hear me on a lot of podcasts. Go, whoa, whoa, whoa, whoa. You don't get to gloss over like that. Yeah. Then when I got out of the army. Oh, no, no. Let's roll back and talk about when you were in the army.


Morgan Wright, Chief Security Advisor, SentinelOne [01:29:54]:
You know, so, but we have a standard thing we do, which is how did you get started? Let's set context for the event. We're going to talk about. Let's talk about the event then. Let's talk about what you're doing now. And so, naturally, now we, we had divisional responsibilities. Murph, if there's a book, Murph usually reads the book because I'm producing the episodes and I'm doing the editing. So, you know, there's only so much time. So we do a division of labor.


Morgan Wright, Chief Security Advisor, SentinelOne [01:30:13]:
But I kind of drive the interview. Why? Because that's what I did for a living. I interviewed people. And so a lot of it is like, I mean, just a few things you've told me I would drill down on. I would dive. I would dive in on. I'd find out a little bit more here. But, you know, it's always fun out.


Morgan Wright, Chief Security Advisor, SentinelOne [01:30:26]:
You'd start, you always make connections. Where'd you get started? So where'd, where'd you go to school at? You know, where, you know, and then how did you get started? And same questions to your is the same. How, what led you into this thing of ours, right. Law enforcement, you know, were you drunk one night standing in front of a police station, decided, hey, I'd rather be on that side than this side? I mean, what, you know, so we would find out. But you'd be surprised, especially we got so many great stories on people's first day of work. You know, it's like, what was your first day of work? Like, you know, what was your first day in the work? We talk about their academy. So I don't write as many questions. What I do is, Murph, like I said, we have just a general description.


Morgan Wright, Chief Security Advisor, SentinelOne [01:31:00]:
Here's the thing we're going to talk about. I read a few articles on it, but then in my head, because I've done that kind of stuff before, it's like, now, I did a lot more research on operation relentless, the operation to get Victor boot. I did research on the Green river killer. But we've had people on where I don't do any research. Murph's done a little bit of that. I get the synopsis, but I drive it and I, I take them down the paths because I've done this before. You've interviewed people. So it's like, why did you, so my big question is, why? Why did you do it that way? And then you get why I went because of this.


Morgan Wright, Chief Security Advisor, SentinelOne [01:31:32]:
Well, you know, etcetera. So I don't write as many questions anymore. I mean, I don't do, Murph does a lot more prep on the front end because I do a lot of the work on the back end because I have to produce everything and edit everything and publish it, etcetera. So it's a division of labor because guess what? There's only so many hours in a day. You know, I used to joke too, we only work half days now. The first 12 hours or the last 12 hours to pick. But you know, that's the way it is when you're doing your own thing, right?


Joe Toste [01:31:57]:
Yeah, 100%. My wife is fantastic. She jumps in and she helps. She helps quite a bit. And then we're drafting sops right now because we want to plug some, some additional folks, folks in or folk in to help us kind of streamline the whole process. And yeah, it's 12 hours. You want the first? I think sometimes I've got, I get the first and second, second half of the second piece of it too. But that's how it goes sometimes.


Joe Toste [01:32:25]:
So I did, before we jump on, I did want to mention there's a great video for those on kind of that goal setting front that I would highly recommend. I'll drop in the show notes. But there's one how Google sets goals. OKRs from their startup lab, workshops and key results. Yep, yep. Objectives and key results. Yeah, a lot of really great stuff there. They've got a, Google came out with a bunch of great research.


Morgan Wright, Chief Security Advisor, SentinelOne [01:32:48]:
Actually, there's a site for okRs. I used to subscribe to their new letters. So there's a whole site around on OKRs and how you set them. And I went to some of that training on that. So it's really good stuff.


Joe Toste [01:32:57]:
Yeah, yeah. Super important. Jumping back. So on the game of Crimes podcast, I love this question with so much background, how do you choose the stories that you're able to tell? Like is Hollywood's rendition of events and you've kind of hinted to it, but it's Hollywood's rendition of events inspiration for you and Murph to break down what really happened. Are you guys sitting at a bar like, oh, we're going to break this down. They totally got this right. Like what's, what does that process look like?


Morgan Wright, Chief Security Advisor, SentinelOne [01:33:26]:
Well, our secret sauce is we talked to the people who were actually involved. So we're, it's first person, it's who was there who put the handcuffs on who investigated the case. And I will tell you, we did. Our first kickoff episode was me interviewing Steve and Javier Pena, JP on the real DEA narcos, talking about the real DEA narcos. And then we did a twelve part series on Patreon with them. And we're just now concluding a 15 part series with the real DEA Narcos. Cali Edition. Chris Feistel, Dave Mitchell, who brought down the gentleman of the Cali cartel.


Morgan Wright, Chief Security Advisor, SentinelOne [01:33:54]:
And what you find out, for example, with Hollywood, it's one third, one third, one third. One third of it is factual. One third of it. They've taken liberties with it's factual information, but they make it occur at different times. Like in narcos, the Avianca bombing, that actually happened. But Murph was not in country when the Avianca bombing happened. That happened before he got there. And then one third of it is totally b's.


Morgan Wright, Chief Security Advisor, SentinelOne [01:34:15]:
They make it up. It's like, I can guarantee you and I know Murph and JP never threw anybody out of the helicopter. I mean, I joke with him about that, but they never threw anybody about the helicopter. By the way, neither Murph or JP smoked. And both Pedro and Boyd Holbrook in the series smoked. Steve and JP never argued with each other, but they had to have conflict. So Hollywood, you know, does their thing and the same thing. The Cali investigation, season three of narcos, that was condensed down far shorter than what it actually was.


Morgan Wright, Chief Security Advisor, SentinelOne [01:34:41]:
But a lot of the information in there is correct.


Joe Toste [01:34:45]:
I love that. And I was kind of curious. How did you and Murph meet? Did the tagline, if you were to go to the gameofcrimespodcast.com and you look up kind of the about section, you kind of are listed as the real cop and he's the former fed, dot dot dot DEA. Did you guys walk into a bar like, hey, how did that work out? How did you guys meet and connect? Well, how did all come together?


Morgan Wright, Chief Security Advisor, SentinelOne [01:35:10]:
Unbeknownst to us, we had crossed paths several times. In fact, when I was working in Columbia, I crossed paths with Javier and I didn't realize it. We were both working out of the embassy and he was back for his second tour of Columbia. But Steve was actually a neighbor of mine just about a mile away. And we knew of each other. But finally I took a mutual friend to say, hey, you guys ought to get together. And that's what we did. We went out and had coffee, then realized that, man, we crossed paths at DOJ or at other places.


Morgan Wright, Chief Security Advisor, SentinelOne [01:35:35]:
Things like that. So it's like, hey, so that's kind of how it started. But he lived. I mean, I could. I could drive to his house in less than five minutes. That's how close we were.


Joe Toste [01:35:47]:
I love that. Okay, so for the audience last time, maybe head to Game of crimespodcast.com. check out. To check out what evil is coming. Also, as I mentioned, the swags. Pretty sweet. I don't have a swag shop. You got to help me out.


Joe Toste [01:36:04]:
I got to get one. People have been asking. I've got to figure that out. People want the swag shop. They want the tech tables. Someone told me, I want a beanie. I need. How do I get these jackets? So I got to get my swag shop going.


Joe Toste [01:36:15]:
I like that you guys have that. You got the coffee mugs. Love that. Also, you got to head over to Apple podcasts, drops, five star and Spotify. I know. And Spotify. Apple and Spotify drop some five stars for. Someone told me, Joe, you can't tell people to give five stars.


Joe Toste [01:36:32]:
I can't?


Morgan Wright, Chief Security Advisor, SentinelOne [01:36:33]:
Who says you can't? Yes.


Joe Toste [01:36:34]:
That's what I'm saying. That's what I'm saying. And the public, when you.


Morgan Wright, Chief Security Advisor, SentinelOne [01:36:40]:
When you look at the. I can guarantee you, if you put in. If I put in half the effort I know that you're putting in, you deserve five stars, because you know what? Most podcasts don't make it past seven to ten episodes. They filter off. And there are 1.3 to 1.5 million podcasts out there right now. Now. So for. The fact is that you're continuing to put out, you should get five stars.


Morgan Wright, Chief Security Advisor, SentinelOne [01:37:02]:
Hey, look, you want people to give you five stars, but, you know, it's like, hey, look, whatever you do, don't go give somebody a one star just because you're being a. I won't. You'll bleep it out, but I won't say the word. But it'll be like beeping, you know, beeping head. You know, we've had a couple of those. I don't like cops. All cops lie. So therefore, I'm giving you one stars.


Morgan Wright, Chief Security Advisor, SentinelOne [01:37:20]:
Did you even listen to the podcast?


Joe Toste [01:37:23]:
You know, yeah, yeah. Actually, Spotify has got a great. If you try and add five stars or any stars, you try to just add any type of rating. They don't let you until you've listened to a couple episodes or a couple minutes or. I don't know how it works, but which I can't do.


Morgan Wright, Chief Security Advisor, SentinelOne [01:37:39]:
It drive. You can't do a drive by rating, you actually have to participate.


Joe Toste [01:37:42]:
Yep. Yeah. I love that. All right.


Morgan Wright, Chief Security Advisor, SentinelOne [01:37:45]:
Don't forget your show. Give your show five stars, too. You deserve it.


Joe Toste [01:37:49]:
Oh, yeah. And the public sector show by tech tables. Formerly tech tables, but now the public sector show by tech tables. And pretty soon on Apple Podcast, short plug, you will see tech tables network as a channel because we're dropping a couple different podcasts. So I'm prepping right now. The CEO show is a big one. I'm very excited to drop that with some CEO interviews that I have. I also have another one called the digital show.


Joe Toste [01:38:15]:
I also have another one in the public sector called the Higher Ed show. So we're building out this network. I'm even going to branch out. I got a guy I've been talking to. I like him a lot. We're going to co host a new show. Very excited about that. In the cybersecurity space in Texas.


Joe Toste [01:38:31]:
That's all I'm going to hint to. So, kind of super niche. But we, I spoke on the stage at the Texas military department, and this guy had a lot of really great energy. And so we're going to explore down that route and see where that goes. And so, fun times, but that's going to wrap up part one, we covered a lot of really great stuff. Now, part two I'm very excited about is cyberspace a history? The coming cyberspace cold war with Russia. Morgan, so you give a presentation to clients, you know, some keynotes about the coming cyberspace cold war with Russia, which is absolutely fantastic. And my wife and I actually were diving into that presentation, and, you know, I was really struggling with, would there be specific questions I should pull out? But then I said, you know what? He's probably got this master.


Joe Toste [01:39:21]:
Let's just let you have a run at it. And we will overlay the photos from the slide deck that you provided, if you're up for it. And I think that history will lay the foundation for part three, which is going to be cybersecurity threats coming up in 2023. So I think let's lay the foundation with, with the cold war with Russia, and then we will jump into part three of the cybersecurity threats coming up in 2023.


Morgan Wright, Chief Security Advisor, SentinelOne [01:39:51]:
Yeah, I mean, this morphed out of a, like I said, a tabletop exercise, basically as a war game exercise. How would you invade Ukraine? Because we all knew it was going to happen at some point. So I actually gave the first one in 2013. I went back and looked at my first presentation. It was called cyber strike warfare in the fifth domain, how Russia will invade Ukraine basically without firing a shot. Now, they didn't. They fired a shot, but, but it was, but basically, we looked at the tactics they were going to use, how they were going to infiltrate things, what things they were going to go after. And true to form, one of the big things I said in that and big lessons out of that, if you want to bring a nation to its knees, you have to go after two things, power and water.


Morgan Wright, Chief Security Advisor, SentinelOne [01:40:24]:
And what is Russia going after in Ukraine right now? Power. Power and water. Everything from the nuclear plants to the power generation stations, you know, public utilities and stuff like that. Why? Because if you can remove electricity and water, seriously, you, you create a lot of civil issues, a lot of unrest, things that they have to deal with. So, so, but that morphed. So, and then it morphed into then when the invasion happened. Then it's like, okay, need to transition. Now, you can do this with any of the top tier adversaries or transnational crime groups, criminal groups.


Morgan Wright, Chief Security Advisor, SentinelOne [01:40:52]:
But I picked Russia because it's topical. They're in the news right now. So now the current one's called cyberspace. You know, the coming cyberspace cold war with Russia because we had a previous cold war. But there's, but the reason I say it's going to move to that because my belief is we'll never have outright outright conflict. We'll never have outright war in cyberspace with Russia because it doesn't meet either one of our national security needs and interests. It would only cause a lot of problems. But I start off by simply saying the problem isn't the problem.


Morgan Wright, Chief Security Advisor, SentinelOne [01:41:19]:
The problem isn't the way you think about the problem. The only thing that matters is the way your adversary thinks about the problem. You can say, well, I wouldn't have done it that way. Why did they do it that way? Because we were defending against you coming in the door and you came in the window instead. Nobody cares what you think, Skippy. You know, they don't. What they actually are looking for is they exploit the flaws in your thinking. And this is where I, this is where I challenge people do.


Morgan Wright, Chief Security Advisor, SentinelOne [01:41:39]:
So I'm giving you a little bit of insight here, but where does everybody's heard the phrase think outside the box? And I say, well, what does that mean? And second of all, where does it come from? I can tell you only one person, in all of the presentations I've done, only one person has known where it's come from, and it actually comes from Gestalt psychiatry. And they did an exercise in all of these different dots that you had to connect. But one of them was called the three dots exercise, and it was three rows of three dots. Connect all nine dots. They, you know, in the shape of a box. Connect all nine dots with four straight lines. Don't take your pen off the paper. And you would get all these filter.


Morgan Wright, Chief Security Advisor, SentinelOne [01:42:14]:
You can't do it. Why? Because you stop here. You can't go here. I gave you the answer five times. Think outside the box. So the kid. The people who solve this are kids. They go up and outside the box, come down through a couple other dots, come over, and then back up.


Morgan Wright, Chief Security Advisor, SentinelOne [01:42:26]:
There's two places when you solve that, that you're thinking outside the box. You're going outside the box to solve the problem. Now we have to act within the box because that's our legal framework, rules, regulations, responsibilities, you know, all that good stuff. Stuff. But if you want to defeat an adversary, that's why the CIA, that's why the NSA, that's why these other people, where their stock and trade is, is thinking about how can we exploit the way you think about the problem. Well, that's what the Russians do. They exploit the way we think about the problem. And it goes back into their history of russian intelligence.


Morgan Wright, Chief Security Advisor, SentinelOne [01:42:54]:
They have been doing this game. People wonder why in 2016, Russia, at least with Facebook, there's a report that's come out. They weren't so effective with Twitter, but with Facebook, they were fairly effective. Why? Why? Because it was outmatched. You've got Facebook, who was only a public company for six years by that point. They went public in 2010, going against a country who for 100 years has had an intelligence organization, the v check of the NKVD, the KGB, which the biggest tactical error they made was trying to overthrow Gorbachev, and then they became the FSB and SVR. Still, you have the GRU. But I mean, but it goes back into the way they think about the problem.


Morgan Wright, Chief Security Advisor, SentinelOne [01:43:29]:
So, I mean, that's kind of, you know, that. That's kind of how I start to lay it out. And then we talk about the different attacks. You know, people think that, hey, oh, gosh, this whole, you know, the whole reason this war started is because, you know, Ukraine wanted to join NATO. You know, that. That's always been a contention. But where it really started, and this is why Russia is very. What's key to them are dates in history, events that happen.


Morgan Wright, Chief Security Advisor, SentinelOne [01:43:53]:
And so for them, the reason. The black energy attack, the first use of black energy against, you know, the Zappo Rosaja hydroelectric plant, the reason it occurred on December 23, 2015, is because exactly one year earlier, December 23, 2014, ukrainian parliament voted 303 to eight to change their status from a non aligned nation to an aligned nation to join which organization? NATO. This has been going on a lot longer than just what's happened the last year. In fact, the conflict between Russia and Ukraine goes back over 200 years, if not even more so. This is nothing new. This was not the first attack. In fact, the first attack against the Zaporozhydjah hydroelectric plant wasn't 2015. It was 1941, when Hitler Operation Barbarossa, was invading Russia by way of Ukraine.


Morgan Wright, Chief Security Advisor, SentinelOne [01:44:41]:
What did Stalin and his Nkvd do? They blew up the Zaporizhajah hydroelectric plant, the same one they attacked in 2015. What people don't realize is back in 1941, it killed over 100,000 Ukrainians. So when I say they take the long view of history, here's Russia. Russia attacking the same dam in 2015 that they attacked in 1941. Do you think they have a long view of history? They absolutely do. So do not look at Russia today going, well, they're getting their butts kicked. We're sending over tanks. We're beating them in all these different places.


Morgan Wright, Chief Security Advisor, SentinelOne [01:45:10]:
Hey, do you know how long they were getting their ass kicked by Hitler before they got their act together and then actually turned the tide and started building more tanks and airplanes? Three or four years. Three years. They were losing a lot of people. The siege of Stalingrad, you know, Leningrad, you know, let's look at how many. How many hundreds of thousands of soldiers lost their life, but they turned the tide. So, in fact, one of their. There's always quotes from Stalin, but there's one quote, too, that is very applicable to the way they look at it, too. You know, we talk about, you know, is it quality versus quantity? And he says, look, quantity or quantity or quality has.


Morgan Wright, Chief Security Advisor, SentinelOne [01:45:49]:
Or quantity, I'm sorry. Has equality all its own own. If you can throw enough stuff at it, it has its own quality. So you can say, I'd rather have good soldiers versus bad soldiers, but if I can throw enough bad soldiers at it, I can still overwhelm you, you know? So the gate, you know, you can. You can look at all of the different lessons from history. But anyway, that's kind of the way I looked at it. You have to take a historical view, because many of their tactics, see, the tools may change, but tactics remain the same. Influence, operations, active measure.


Morgan Wright, Chief Security Advisor, SentinelOne [01:46:18]:
All of those things are things they were doing 50, 60 years ago, by the way, here's a shock to people. We were doing the same thing. The CIA spent a million dollars a year on spoiling operations in South America to affect elections. Why? Because what did we not want in South America? Communism. We still don't want it today. And look at what's going on in Venezuela, places like that, what's going on in Cuba. Right. So these are things that are still applicable today.


Morgan Wright, Chief Security Advisor, SentinelOne [01:46:41]:
So let me stop there, take a breath and see what you got to say.


Joe Toste [01:46:45]:
Yeah, that was absolutely fantastic. I think one thing in particular, and you actually did talk about it, was Russians taking the long view of history. Could you maybe just go a little bit deeper on that? You mentioned that and actually some fantastic history with Hitler going through Ukraine. But could you maybe go deeper with that in regards with cyber warfare? I think would be pretty cool.


Morgan Wright, Chief Security Advisor, SentinelOne [01:47:12]:
So I do that to take you back just a little bit and say if you look at where actually for a long time the majority of grandmasters and chess came from, it was Russia and then I think it was Iran. Believe it or not. It's the way they think about the problem when you play chess, Garry Kasparov, you know, you're thinking of him playing big blue. You've got to think. You're thinking 50, 60, 70 steps ahead. Literally, he was thinking that far ahead trying to play big blue. And, you know, and so they take the long view of history. In other words, they don't look at, we look at it, our elections are driven by, oh, my God, look at the economy, look what's happening today, one party versus this party.


Morgan Wright, Chief Security Advisor, SentinelOne [01:47:46]:
Elections are really driven by what's topical, what's happening, what's the pain people are feeling today. But if you look at the way Russia moved out of the central committee, the way they were doing, Gorbachev was the last full head of the Soviet Union, the chairman. And then they quote, got a premier and a president. Well, look, Putin's basically president for life until he dies, which I think will be in short order here because either he's going to get overthrown or he's going to die from the affliction of. The ukrainian intelligence says he's got cancer and I think Parkinson's, so his time is short. In fact, I just saw a story today suggesting that he may retire in 2023. Now, he's either going to die in 2023 or get overthrown. Look, the chairman, heads of the KGB and stuff, nobody retires over there.


Morgan Wright, Chief Security Advisor, SentinelOne [01:48:30]:
They die. There is no retirement plan. It's Soviet, the old Soviet Russia or even current Russia. But when I say they take the long view of history they don't care what happens today. They don't care what happens tomorrow. They're planning chess moves. You might take my pawn today and my night tomorrow, but I'm looking at taking your queen, you know, in 60 moves, and I'm looking at taking your and checkmate in 61 moves. I mean, they're thinking that far ahead.


Morgan Wright, Chief Security Advisor, SentinelOne [01:48:54]:
If you compare their politics to our politics, a little bit different. But the way they think about it is we're worried about, oh, you took my pawn. Oh, my God. We have to have a revolt. We need to go whatever now. To them, it's like, okay, you took my pawn. Okay, it's, that's the reality. They don't care about the pawn.


Morgan Wright, Chief Security Advisor, SentinelOne [01:49:10]:
Quantity has a quality all its own. They're willing to sacrifice a lot of pawns. Why? Because their ultimate objective is to get to your queen and then get to your king. So for them, it's really, it's a long term chess game, and they don't look at the outcome today. They're thinking of an outcome a decade from now, two decades from now. That's, that's, that's a lot of what they're looking at. Let me tie it real quick back into cyber, cybersecurity. So what they're thinking about is people look at it and they go, oh, they didn't use all of their, we thought there's going to drop all of these cyber weapons on, on Ukraine and blow up everything from a cyber standpoint.


Morgan Wright, Chief Security Advisor, SentinelOne [01:49:41]:
Well, they started doing that to begin with because they released some things called acid rain, which affected routers and modems. That got into the routers and modems for the wind turbines for Germany at jump containment. So one of the things they realized is when, and that happened before the deputy secretary of NATO came out and said, hey, look, cyber is an operational domain. We consider a massive attack on one as an attack on all article five. Everybody now switched from being an expert on Covid to be an expert on article five, which, by the way, its real name is the Washington Treaty. Thats how it originally was done. But, so they looked at, but what Russia realized is, hey, weve got to put the safeties on it, not Petcha. The worst ransomware, the most damaging cyber attack in history was actually designed only to attack Ukraine.


Morgan Wright, Chief Security Advisor, SentinelOne [01:50:26]:
A supply chain attack against an accounting software. They called me Doc, and it jumped and it hit Maersk and it hit other people. So one of the things they started doing is started putting full safeties on it. If you watched the movie hunt for Red October, when he took the safeties off. You idiot. You've killed us. Because the torpedo came back around and blew them up. That's what they were concerned about.


Morgan Wright, Chief Security Advisor, SentinelOne [01:50:44]:
So, so from, it's, so what they looked at is they look, we're going to play the long game. We won't get everything we want. We got to put safeties on. So a lot of these weapons, cyber attacks, kind of landed with duds. Why? Because they put such constraints on them. They did not want them jumping containment. Why? Because they've got the long view of history. You know, he who fights and runs away shall live to fight another day.


Morgan Wright, Chief Security Advisor, SentinelOne [01:51:02]:
I mean, you survived the battle to win the war. They're, they're losing a lot of battles, but they're interested in winning the war. So what they will continue to do is what they voiced on from a cybersecurity standpoint as well as a military standpoint. They excel in the gray areas, the fringe areas of policy and in cyberspace. That will be low intensity conflict, whether it's in the actual real world or in the cyber world. They will continue to do what's called low intensity conflict and stay right below the threshold of a full response, but be continued to use proxies like ransomware gains, dark side ransomware group out of Russia. They will continue to use them as proxies for russian policy and continue to use them. And they will continue, it will be dark side today.


Morgan Wright, Chief Security Advisor, SentinelOne [01:51:41]:
It will be another group tomorrow. It'll be another group five years from now. But they will, they're looking at the war. They're not. They realize they're going to lose battles. You know how many battles they lost before they won World War two? Almost every single one. Then the battle of curse came along. Big tank battle.


Morgan Wright, Chief Security Advisor, SentinelOne [01:51:57]:
So if you go back and look at the lessons from history, especially World War two and the Cold War, you will see that informing a lot of what they're doing today.


Joe Toste [01:52:06]:
Okay, so I've got a couple questions. One right off the bat is what are some of your favorite books around this topic? Specifically, I'm thinking long term perspective within military history, World War two to date today. Do you have any books that you're like, hey, I love this book.


Morgan Wright, Chief Security Advisor, SentinelOne [01:52:25]:
Book. I'd have to, I'd have to go up here on my shelf and look at it. But I pulled a lot of ones like Operation Market Garden. When they, when the, when the phrase they bridge too far, people say, no, that's a bridge too far. That actually comes from Operation market garden. I think the bridge at Remogen, it was just. They overextended their abilities after. So they landed on D Day.


Morgan Wright, Chief Security Advisor, SentinelOne [01:52:44]:
Montgomery's idea was, hey, let me run this operation, Operation Market Garden. We'll do a final punch to the Nazis. And, well, it didn't work out that way. Fact, we lost that engagement. I wouldn't say decisively, but significantly. But, you know, so, I mean, I look at things like that in terms of long term thinking. We did. I don't think we thought through the problem.


Morgan Wright, Chief Security Advisor, SentinelOne [01:53:02]:
And it basically was Eisenhower giving Montgomery something. He's got to give him something the same way that they did with the Russians to get to Berlin, because Germany killed a lot of Russians. And so Stalin was pretty mad. He wanted something for it. You had to give the british something, you had to give the Russians something. So this was part of what they gave to the UK and to Montgomery was to do market garden. And so I. I think a good friend of mine writes a weekly email, and he was a colonel, retired from the air Force, but basically, he looks at the lessons of history, especially from World War Two or the Korean War, and we look at what we're doing now.


Morgan Wright, Chief Security Advisor, SentinelOne [01:53:34]:
So, I mean, you can go back to the books called Washington Spies, the original gang that Washington had. You can go back and look at the six frigates, Thomas Jefferson talking about the need to create a modern navy. Why? Because of the pirates off the Barbary coast. It was because of piracy that we created the first Navy. So you can. You can go back and almost any of these things. I mean, I'm trying to think of some good books. I mean, there's tons of good books on.


Morgan Wright, Chief Security Advisor, SentinelOne [01:53:58]:
I don't those I don't read as regular as. I read some other things because of the stuff I'm writing, the thriller novels. So I tend to read a lot more of those. But I will tell you, it's like anything else. You can go back and read the biographies of former directors of central intelligence, of people who operated in the intelligence community, even special operators, people who are green berets, special forces or, you know, special operations, you know about their thinking about how they did stuff. So I think there's a ton of stuff out there. I don't think there's one book that encapsulates every. Well, but I will tell you, I think the one thing you have to read is the Art of War by Sun Tzu.


Morgan Wright, Chief Security Advisor, SentinelOne [01:54:29]:
His tactics from there. If you look at the army field manual to today, you will see a lot of Sun Tzu and that. So if I'm serious, people think, oh, that's it's so, you know, it's so typical. Say, oh, man, that's. Go read Sun Tzu. That's what you expect everybody to say. But I'm telling you, read Sun Tzu with an appreciation for what you can learn from that to apply to today about how we're thinking about problems. You know, never divide your forces in half.


Morgan Wright, Chief Security Advisor, SentinelOne [01:54:56]:
Attack where you're least expected. You know, why do you not divide your forces in half? Because then it's easier to attack if you're a smaller force. You have to concentrate your forces, you know, so that goes to cyber security. There's the art of war in cyber security. It's the same thing. You can defend anything. You just can't defend everything. What are you going to defend? And what are you going to defend it? When, with and at what cost?


Joe Toste [01:55:16]:
Yeah. Who, who is the friend that writes the weekly email?


Morgan Wright, Chief Security Advisor, SentinelOne [01:55:21]:
His name is Jeffrey, former Air Force colonel. I'll forward you one of his emails. You can see it. And because he. Right. He puts a very well thought out PDF that goes with it and links to things. And the thinking from brigadier generals on the invasion, you know, even our thinking around invading D Day. The invasion of D Day, you know, what we would do there.


Morgan Wright, Chief Security Advisor, SentinelOne [01:55:39]:
So much thinking back then.


Joe Toste [01:55:40]:
No, that's great. I'm going to link to that in the show notes. And I was just reaching down to grab my copy of the art of war. Yeah, the art of War.


Morgan Wright, Chief Security Advisor, SentinelOne [01:55:47]:
Jeffrey Decker.


Joe Toste [01:55:49]:
Jeffrey Decker. Okay. I got Jeffrey Decker down. Do you have a favorite part in the art of war? This book is so good.


Morgan Wright, Chief Security Advisor, SentinelOne [01:55:57]:
No, I mean, it's like saying, who's your favorite kid?


Joe Toste [01:56:00]:
I think all, all of them are.


Morgan Wright, Chief Security Advisor, SentinelOne [01:56:03]:
All of them are. I think there's, in fact, I'm going to send this to you right now. Let me see here. There he goes. I just sent it to you through the magic of Al Gore's amazing Internet. I've just sent you his latest one. And. But, no, I may.


Morgan Wright, Chief Security Advisor, SentinelOne [01:56:17]:
But I think one of the things is I think you have to look at each lesson and say, how does that apply to me today? Or does it? Not everything has to apply to you, but how does it apply to me today? In other words, if you've got a small team, you can't. If you, you know, if you, if you divide your team too much, you get little accomplished. Right? So the question you have to ask is, do you want to go an inch wide or a mile deep? You know, and if you go an inch wide. I'm sorry, it's that's window dressing. Will some things suffer? Yeah, but can I make progress on. Can I make progress on some big foundational things that will set the progress to where then it becomes. Becomes less intense, as I do later. But right now, if you're trying to.


Morgan Wright, Chief Security Advisor, SentinelOne [01:56:49]:
That's the thing. If you're trying to. If you're trying to multitask, and I'm telling you, you cannot multitask, it's fiction. It's scientifically proven. The brain cannot multitask. People go, why? Can walk and chew gum at the same time. That's not multitasking. What we're talking about is the ability to do two separate actions, going context switching all the time, and trying to get.


Morgan Wright, Chief Security Advisor, SentinelOne [01:57:08]:
You're saying that you can get two things faster done than you can if you do two things serially as opposed to sequentially. Can't be done.


Joe Toste [01:57:16]:
Yeah, yeah. No, 100%. You cannot multitask. Not possible. And you never achieve any form of deep work that's required to really work on hard problems or creative output, anything like that.


Morgan Wright, Chief Security Advisor, SentinelOne [01:57:30]:
There's another great book right there. Deep work.


Joe Toste [01:57:33]:
Yep, yep. By Cal Newport. Yeah, Cal Newport.


Morgan Wright, Chief Security Advisor, SentinelOne [01:57:35]:
He's got a couple books out there. Right. You know, and it's like. And you've got Simon Sinek, you know, great. I tell you, if you want to read a great book about leadership, leaders eat last. I think that's a great book there, too. Malcolm Gladwell, you know, some of his books, too. You know, it's like, I was going to think of.


Morgan Wright, Chief Security Advisor, SentinelOne [01:57:49]:
What's the one? Oh, gosh, I'll think of the name here in a second. You know, it's a problem when you get to thinking about all these books, you think, you know, blink. I'm sorry? Blink.


Joe Toste [01:57:55]:
Yes.


Morgan Wright, Chief Security Advisor, SentinelOne [01:57:56]:
Great book about trusting your instincts and knowing that there's something wrong there. It's the. You'd be surprised at the ability for humans to look at something to go, I don't know what it is, but there's something wrong with this.


Joe Toste [01:58:07]:
Yeah, yeah, yeah. So I'm just gonna call an audible off the bookshelf real quick. So we've got the art of war. Really great. Highly recommend. We've got Simon Sinek. We've got. Start with why.


Joe Toste [01:58:20]:
Find your why. We've got the infinite game, which is really. Also, Patrick Lyncioni's got a really great stuff. He's got a great book out called the Advantage. I'm currently going through this one. Why organizational health trumps everything in life, life, or else in business. And that one's really, really great. Yeah.


Joe Toste [01:58:40]:
John Maxwell's got a lot of really great leadership books. Let's go. Atomic habits. Habits by James Clear is really great by Jocko. I am a Jaco fan.


Morgan Wright, Chief Security Advisor, SentinelOne [01:58:52]:
Yeah. Extreme ownership. How Navy Seals lead and win.


Joe Toste [01:58:59]:
Yeah.


Morgan Wright, Chief Security Advisor, SentinelOne [01:59:00]:
And leaf Babbitt, they. Yeah, they wrote that first book together. But some good stuff in there, though, too. Yeah, it's some good leadership stuff. But I'll tell you, when you read that newsletter I sent you from Jeffrey Decker, you'll. You'll be impressed with that, too. So.


Joe Toste [01:59:10]:
Yeah, I'm looking forward to that. I actually interviewed this guy. His name is JP Danelle, and he was the lead sniper for Jocko when they went through the battle of Ramadi.


Morgan Wright, Chief Security Advisor, SentinelOne [01:59:18]:
Marty.


Joe Toste [01:59:19]:
Yeah. And it was a fat, it was a great episode, actually met JP in person at a echelon front event. It was great to connect with him, and he was willing to come on the podcast. So that was a. That was an awesome episode. So we're going to kick off part three, cybersecurity threats coming up in 2023. Very excited about this. So, Morgan, on our podcast intro call, you had mentioned that you wanted to talk about cybersecurity threats coming up.


Joe Toste [01:59:44]:
I'd love to hear just from. And you mentioned a couple of, a couple of the big terms. I don't know if they're buzzwords yet. Maybe AI is a little is definitely in there. But can you maybe talk about the implications for deepfake AI chat GTP in 2023?


Morgan Wright, Chief Security Advisor, SentinelOne [02:00:01]:
You know, one of the things that I tell you, I don't, I don't want to say what scares what keeps you. I don't know. What keeps me up at night. Indigestion, I don't know. Sleep on my side. My cats. I don't do. That's the other thing.


Morgan Wright, Chief Security Advisor, SentinelOne [02:00:10]:
I don't ask questions like that, sister. What keeps you up at night?


Joe Toste [02:00:13]:
You know, neither do I.


Morgan Wright, Chief Security Advisor, SentinelOne [02:00:17]:
Hey, you know, my big thing is, what are your big projects for this year and how do you get measured? How, at the end of the year, do you know if you've been successful? But any. Anyway, so one of the things, one of the things that I'm concerned about with deepfakes and actually, I saw two articles that inform that. One is I just saw a headline that says, like, in the next couple years, AI will generate 90% of all online content. So you start thinking about, we're going to be consuming things written by something that is non human. And I know a lot of that goes on right now, but the other thing that caught my attention was an article that came out a few days ago. Microsoft now has AI that can listen to 3 seconds of your voice and impersonate you to a t. And so you start thinking about now it's. It's one of those things.


Morgan Wright, Chief Security Advisor, SentinelOne [02:01:06]:
Well, it's not. It's not like a robot. It's not rolled out yet, folks. Nothing ever works that way. I mean, you'd think the first electric vehicle that Elon Musk had was perfect and rolled out, you know? No, you go through a lot of challenges. The version one, version 5.9, anything early is never where you want it to be. But the thing is, you look at where. Again, what's the long view? Where is it going? So I'm starting to think what could happen if I could use deepfake video, which they're getting much better at that, where you can.


Morgan Wright, Chief Security Advisor, SentinelOne [02:01:36]:
Now I can take video of you, Joe, combine it now with the deepfake algorithm for voice that Microsoft has, and now I can, in real time, take a video of you, like what we're looking right now, and make you say or do things that you didn't do. And now the question becomes, it's not prove that I did it. Now you. The burden is on you to prove that you didn't say that. Suppose you said something very inflammatory, you know, like, I don't know, like the buccaneers are going to take it all this year, you know, and win the Super bowl, you know? You know, you know. Or about how cisos should, you know, should CIO's should report to cisos, not the other way around. Suppose you said something radical like that. But I've got you on video now.


Morgan Wright, Chief Security Advisor, SentinelOne [02:02:21]:
How do you go about proving that you didn't say that? So it goes back into something I talked about one time. The thing about deepfakes is not eventually discovering that they're deepfakes. The problem with deepfakes is getting so good is that the lie is allowed to propagate long enough that the damage is done. So by the time you get ready to do it, it's already embedded into the consciousness, into the psyche of people that Joe Tosti said that. You know this, and Joe Tosti said that, or Morgan Wright said this. How do you, how do you unring that bell once it's done? So, I mean, I think some of the threats are going to be from something like that, and it does. Look, it's not going to be. Well, they're not.


Morgan Wright, Chief Security Advisor, SentinelOne [02:02:56]:
They can't. You can't do that to a thousand or a million people. I don't need to. What if I could do it to five people and get in and influence money policy or release secrets, you know, or do something else? I mean, you see, that's the other thing, too, is you think you got to get to everybody. You don't, you only got to get to the right few that everybody else follows, right. That they go along the line. So. So, I mean, those are.


Morgan Wright, Chief Security Advisor, SentinelOne [02:03:17]:
Those are some things I look at. Just from an AI standpoint, I also look at. It goes back to the thinking standpoint, and this gets into cybersecurity. So are you familiar with the Lapsis gang, Joe?


Joe Toste [02:03:26]:
I am not lapsis.


Morgan Wright, Chief Security Advisor, SentinelOne [02:03:28]:
So they were responsible for some of the biggest breaches last year, like Samsung and Nvidia, and they just made some arrests on the gang. And these companies are not insignificant. I've met with one of these companies that the smart people, they spend money on cybersecurity. Do you want to know what the age of the ringleader of Lapsus was when they arrested him in the UK? Do you know how old the ringleader was of this gang?


Joe Toste [02:03:51]:
I'm going to guess sub 25 years old.


Morgan Wright, Chief Security Advisor, SentinelOne [02:03:53]:
16 years old. 16 years old. And he is out thinking and out doing seasoned, trained cybersecurity professionals that have millions of dollars behind them. And part of it, you think, is it technical? Some of it is. Some of it was as simple as posting on board, saying, hey, we're looking for vulnerabilities, we're looking for VPN access. They were buying their way in. Sometimes you don't have to be smarter than the keyboard. You just got to be smarter than the person behind the keyboard.


Morgan Wright, Chief Security Advisor, SentinelOne [02:04:24]:
We used to call it Pebcat. P e b k a c. Problem exists between keyboard and chair. You know, that's what you're attacking again. It's going after the people. I don't need to be the greatest coder. I can get into everything I need if I can get through you. So, I mean, they were basically buying access, or they were using attacks against passwords, you know, and things like that.


Morgan Wright, Chief Security Advisor, SentinelOne [02:04:43]:
So. But what they did is they found the flaws and they're thinking, and what they did is they actually attacked again. It goes back to being overwhelmed, right? They're attacking these people who are coming in, and on Monday, they've got a full inbox, they've got tons and tons of things to do. So how do you prioritize? How do you do the one thing thing when you got a thousand things out there, right? What's the one thing that's important. It goes back to, like, David Allen we talked about, what's the one thing I can do right now that moves me closer towards my goals? And so what? They have the advantage of attackers. Bad guys and girls have the advantage of sitting and thinking about the problem differently than you do. Why? Because they don't have any constraints. By definition, they're criminals.


Morgan Wright, Chief Security Advisor, SentinelOne [02:05:23]:
So they, by nature, think outside the box. Well, what if I did this? What if I did this? What if I did this? And then they keep trying those things and eventually they find out things that work. So the old saying was, you know, bad guys, you know, we have to be right 100% of the time. Bad guys only got to get lucky once, you know, and that's. That's true whether it's physical attacks, terrorism, or cyber attacks. So. So that's one of the things I looked at. It shows flaws in adult thinking because we're not thinking about the problem correctly or, you know what? We're not taking action against those things.


Morgan Wright, Chief Security Advisor, SentinelOne [02:05:51]:
It's kind of like we talk about awareness, you know, hey, watch out for phishing attempts. Watch out for these emails. And let's. Links. Are we spending any time training people to. Look, if you're getting solicited to provide access, this is what it looks like, this is what it sounds, you know, and why are they able to do it? Different culture, different generation. That could be part of the answer. It could be, hey, no loyalty.


Morgan Wright, Chief Security Advisor, SentinelOne [02:06:13]:
If you ask people 25 years ago what they did, they said, I worked for IBM or I worked for Cisco. You ask them now what you do, you say. They say, I'm a software engineer, I'm a developer. They identify more with their skills than they do the company. So how they align with their company and how they think about their company has changed. So we talked about that. And for me, I looked at it, too. I said, I think there'll be some.


Morgan Wright, Chief Security Advisor, SentinelOne [02:06:33]:
So let's think for a minute about. I brought up China a little bit ago. China will become more active this year, especially in their targeting of research and development around vaccines and efficacy testing. And why is that? It's not for what you think it is. You think it's because people are dying over in China. China again. Does that bother Xi Jinping? Not a lot. They disappear people a lot over there.


Morgan Wright, Chief Security Advisor, SentinelOne [02:06:56]:
I mean, they've got the camps with the Uyghurs. You've got all these other things that have gone on. What's more concerning to Xi Jinping is his hold on power. What's happened in China is something that hasn't happened since Tiananmen Square. And that is a public uprising, a public pushback against authority. That's what he's worried about. Not all the people dying. And it sounds harsh, but folks, you take the world as you find it, not as you wish it was, does.


Morgan Wright, Chief Security Advisor, SentinelOne [02:07:17]:
So the fact that they're, you know, that they're losing a few hundred thousand, it's of consequence, but it's not that big. Why? Because he, his, his whole goal is to maintain control of the country. Excuse me. So I think you'll see increased on stuff like, because it's about hold on power. You search Tiananmen Square in China. It's prohibited it. That there are people, there are kids growing up that have no idea, by the way, I even asked people, do you know how many people died that day? Estimates are over 10,000.


Joe Toste [02:07:45]:
Yeah, it's, it's crazy that they try and wipe that from any regulation the citizens would have is absolutely. And then what they. And then taking over Hong Kong, they're just trying to rewrite history right now itself, which is very sad and also.


Morgan Wright, Chief Security Advisor, SentinelOne [02:08:03]:
Well, but it's problematic because that's the whole thing. You have to be able to learn from history, right. Those who forget their history are doomed to repeat the mistakes of the past. So, I mean, so that's part of what I look at is how do we learn from history? So that, that's one of the things we got to be careful. The other thing I think, though, too, is, I think from a nation point of view, this is one thing I looked at, too. From a national security standpoint. We have to retask our intelligence priorities, give you an example. So the SolarWinds compromise, that happened and everybody's heard about it by now.


Morgan Wright, Chief Security Advisor, SentinelOne [02:08:28]:
Right? I'm not picking on the company. Solarwinds. That was then. That's one of the easiest ways to refer to it. But SolarWinds was not a cybersecurity company. But what Russia did was they found the flaws in our thinking. And the flaws in our thinking were we implicitly, if not explicitly, trust an update that comes from a company, and then we install it. So you get a patch from Microsoft or are you a Mac guy or a PC guy?


Joe Toste [02:08:50]:
I'm a Mac guy.


Morgan Wright, Chief Security Advisor, SentinelOne [02:08:51]:
I'm a Mac guy, too. Right. But do you have the resources that when you get an update from Apple, that you reverse engineer it to see if there's any malware inside there? What are the implications? Or do you do like. I do. I trust what comes from Apple, basically, because I have no choice. What am I, what else am I going to do, right? And I install the patch, right?


Joe Toste [02:09:10]:
Yep, yep.


Morgan Wright, Chief Security Advisor, SentinelOne [02:09:10]:
The update.


Joe Toste [02:09:11]:
I trust what comes. And actually as a side comment on the Mac front, I've got, my wife believes this. I've got some friends still too. They think just because Apple is Apple that no attacks can get through. And I'm like that thinking is wrong, wrong, wrong, wrong. No, no, no.


Morgan Wright, Chief Security Advisor, SentinelOne [02:09:33]:
Shameless plug for Sentinel one, which I don't really do. I was than our podcast game of Crimespodcast.com, which you can find on any major podcast platform. I might have said that once or twice. But our Sentinel labs has done some great research and one of the things they do is they look at all the attacks on Macs and the way that they're compromising Mac. So it used to be that Macs weren't a big target. Why? Because 90% of the desktops and more than that were windows. You went where it is. But when you look at Unix, Linux and stuff like that, there's still attacks against those.


Morgan Wright, Chief Security Advisor, SentinelOne [02:09:59]:
So, yeah, don't do that. But the reason I was saying that is SolarWinds is that because we implicitly trusted it, we installed the update. So all they had to do was violate the trust between us and the people providing the updates and they were able to walk their way into all of these different systems. So, but the reason I say that is when Brad Smith, George Kurtz and Kevin Mandiant, they testified before the Senate select committee on intelligence on this a couple months after it was discovered. Brad Smith actually Microsoft does some great research, you know, and one of the things they said is Brad Smith says, our people took a look at it and looked at the malware and they said for this operation to work, they think it would take about a thousand software engineers to do so. My question was, you have a thousand Russians working on this. Why did not our intelligence agencies, predominantly the CIA, but the NSA or the DIA, the Defense intelligence Agency, which by the way, here's a trivia fact for you. DIA is the largest intelligence agency there is in the United States.


Morgan Wright, Chief Security Advisor, SentinelOne [02:10:55]:
They've got more, far more people than the CIA. But why with 1000 people, why did we not go take somebody out, get them drunk and say, okay, Vladimir, you know, Petrov, what, what the hell's going on? What are you guys working on? You know, we, we've, we've relied so much on technology, we forgot sometimes the easiest ways, what lapses did is go after the people. I want to, I want to compromise something. Maybe it's easier to maybe it's easier to compromise the people than it is the system, because if I can compromise the people, I get into the system, then the system treats me as a trusted insight. So I think one of the things we have to do is we have to retask our intelligence priorities, and we've got to start looking at disrupting these things before we start getting hit with them, because the way we find out about them is after they've wound down or after they've basically achieved their objective, as opposed to stopping them before it happens. So I look at this same way of looking at nuclear technology, building things you don't want. We're concerned about North Korea and Iran, as we should be. Pakistan, India, you know, some of the people with nuclear powers in a region, kind of a volatile area.


Morgan Wright, Chief Security Advisor, SentinelOne [02:11:58]:
A couple times, Pakistan and India have almost gone to war. And we look, what do we look at? We look at those indicators. What does our intelligence tell us? Are they fueling up rockets? Are they moving certain things? There's certain things you have to do, you know, or what's the chatter saying? So I think, you know, one of the things we have to do from a nation is, is retast some of our intelligence priorities and put a lot more effort into human, human intelligence as opposed to sigint, signal intelligence, elant, electronic intelligence, intelligence. But the best kind of intelligence there is, it's rumored, rumor, intelligence, believe it or not, you can tell a rumor. It spreads faster than information does sometimes. You know, that's a joke room.


Joe Toste [02:12:33]:
It the telephone game, actually.


Morgan Wright, Chief Security Advisor, SentinelOne [02:12:36]:
So this is a real story. Down at Department of Justice I'm working on. They said, hey, look, you know, they wanted to figure out what's a better way to share information between all these agencies. I said, I'll tell you what, here's the way to do it. To start a real juicy room rumor and find out how that rumor spreads, because that's how information gets shared better than how do rumor, you know, rumors spread so fast by the time you get home, you hear the rumor about yourself, you know, and it's like, how does that work? You know? So, but seriously. But again, it goes back to people. So I look at all of these things, you know, we're looking at the people equation of this. That's one of the biggest challenges we have in cybersecurity is, and people are a bad line of defense.


Morgan Wright, Chief Security Advisor, SentinelOne [02:13:12]:
People should never be the first line of defense in cybersecurity security, never. Why? Because we can't think as fast as a one and zero, can we? Can't think as fast as a processor can. You know, we can't, we can't and nor can we think. We cannot react as fast. So machine speed attacks need machine speed defenses, you know, and so we've got to be able to respond to these that way.


Joe Toste [02:13:32]:
Yeah, that is, that is so good. I love what you said that we're going to pull that quote out on the machine piece. You also said about talking about people are their own worst enemy. Me, I love that. When I interviewed Tim Romer and Nancy Ranisack, Tim was the state CISO for Arizona before he just moved to the private sector. When the governor mansion switch change happened. And when I had the Phoenix lab podcast tour, they talked about how people are the weakest link and how to, why not enough organizations and companies have the training required to actually, because like what you said about machine needing machine capabilities to fight against back against machine, you know that attacks, yeah, attacks is like, but there's so many people and if people are the weakest link, we have to be able to train people to recognize these types of attacks.


Morgan Wright, Chief Security Advisor, SentinelOne [02:14:28]:
Actually, let me, let me, let's explore that for a second. If I do a good enough job, if I think this through, those attacks should never make it to you. So that you have to think about them like phishing emails and spear phishing emails and you're seeing a lot of solution that should get to the point to where that never makes it to the person for them to click on that link.


Joe Toste [02:14:49]:
Yep.


Morgan Wright, Chief Security Advisor, SentinelOne [02:14:49]:
So we've got to get to that point. So my question is, why can't we design something that prevents those emails from even getting there or if they get there? What we've done is we've stripped out the links and everything and identified this. And look, this might be legit. We think it's a phishing email, but we've, we've stripped out the link and make use, go through the effort to say, no, that's not the case. This is real. I need whatever that link was. But most of the time, some of these things are so simple. What we ought to be training people on is these business email compromise and voice compromises to where they call up pretending to be the CEO saying, hey, I don't have very much time, but I need you to go do this.


Morgan Wright, Chief Security Advisor, SentinelOne [02:15:24]:
And I'm in a meeting off site. Very easy solution to that. You just create a company wide policy that says no, absolutely no, not if it doesn't come in through regular channels. You as the employee are authorized to say no to the transaction and to call on a trusted number on a trusted communication channel and get approval directly from that person. Why is the CEO sending me a third level employee, an emails or a voice, you know, calling me up, say, hey, I need you to do this for me, and I'm going to a wedding, and I need, you wouldn't believe, you know, well, everybody, nobody wants to say no to the CEO. So what you do is you say, yeah, you can say no, because most of the time, that is not the CEO. You're not saying no to the CEO. You're saying no to somebody impersonating the CEO or business email compromise or things like that.


Morgan Wright, Chief Security Advisor, SentinelOne [02:16:08]:
One of the biggest female business email compromises happened in the southern district of New York because it attacked people. And what happened was a company that used a third party processor for their invoices. Somebody targeted not the company, but the third party processor pretending to be the company. And what did they say? Say, hey, we decided to change our banks. This is what we're changing it to. So I need you to make this change. Well, the company wanting to be responsive. Oh, yes.


Morgan Wright, Chief Security Advisor, SentinelOne [02:16:34]:
Whatever you need. They didn't want to question the customer. What do they do? So a romanian couple was just recently arrested for this. Probably like a year ago. $95 million. $95 million in one week was siphoned away. Now they were able to claw most of that back. What should have happened is the third party would have said, hey, we appreciate that you're a valued customer, but according to your own policy, it says that we have to seek and get verbal.


Morgan Wright, Chief Security Advisor, SentinelOne [02:16:57]:
We have to call directly in, get verbal approval as well as written authorization, you know, through our standard channels before we can do that. If they had had something in place like that, if you want to train people to be the first line of defense, they're more effective against that. So the largest business email compromise so far occurred in the southern district of New York, $95 million. And the way it worked. And the reason I say that, if you want to train people, train people, not against. Against, you know, the phishing attacks. We ought to be able to do that, but we ought to be able to train them to look at things because, see, there are no links, there's no malware in these other emails. They're simply, they're using social engineering.


Morgan Wright, Chief Security Advisor, SentinelOne [02:17:32]:
They're using sense of urgency, fear, uncertainty, and doubt, basically manipulation, deceit, influence and deceit to get you to do something, a take a targeted action. So in this case, it was a third party processor that has a very large customer that they're processing tens of millions of dollars each week for them. And somebody sent them an email said, hey, we're changing our banks. This is where it is. And what they should have said is, instead of going, you're our customer, we want to be responsive. Absolutely. We'll change the banking information for you. What should be in place is a response that says, anytime we say we're going to change a bank, here's the five things you have to do.


Morgan Wright, Chief Security Advisor, SentinelOne [02:18:07]:
You have to call, first of all, directly into our corporate offices, our numbers, talk directly to the CFO and get, number one, a verbal, verbal approval that says, yes, we're doing that. Number two, then you have. Then we have to send you. We will have a secure form or secure channel that we communicate on. We will send you authenticated documents from us. So you have to have a process, a protocol in place, because changing a bank is not a trivial thing. But they did it, and they lost $95 million. Now, they arrested a romanian couple, were able to basically extradite them and claw most of that money back.


Morgan Wright, Chief Security Advisor, SentinelOne [02:18:37]:
But if it was that easy, imagine what else is going on. And there was no malware, no links. So what we ought to be training people is training people to say no before they say yes. No. Hey, I need you to send this to me. No. Number one, I don't know who you are. Number two, I don't know what purpose it's for.


Morgan Wright, Chief Security Advisor, SentinelOne [02:18:54]:
And number three, no, because we've never agreed to do whatever it might be. Right? I'm just making up stuff. So it's easier to say no and then fix the problem. That is to say yes and try. And it's easier to say no and prevent the problem than as it is to say yes and fix the problem.


Joe Toste [02:19:09]:
One of the last questions that I was interested to hear from you is, on intro call, we kind of talked about chat, GTP and fraud. Love to hear a little bit more about that. I know that was kind of in the threats in 2023. If you could just speak to that and then we'll wrap up and get out of here.


Morgan Wright, Chief Security Advisor, SentinelOne [02:19:24]:
Sure. Well, I think the chat GPT, it's interesting because it's a direct threat to Google search, because now it's giving you responses. You can actually ask questions and it formulates responses. They're using it in a variety of ways for cybersecurity research. In fact, we're seeing examples right now where kids are writing programs and games using just chat GPD to do it. GPT, you can use the chat function to, hey, how do I do a sequel injection attack. Or how do I do? You know, you can ask it very technical things, or how do I initiate a Java X whatever it is. It's been a long time since I've written any code.


Morgan Wright, Chief Security Advisor, SentinelOne [02:19:57]:
Believe it or not, one of my degrees was computer information systems, and I have no idea how those things work anymore at that level. But I think what it is, it's one of those things. Is it fully formed yet? No, but we're getting to the point of where we go from narrow AI, dumb AI, where it can do certain things and use machine learning to artificial general intelligence. That's the Space Odyssey 2001. I'm sorry, Dave, I can't do that. Where it's actually, in a sense, almost becoming a sentinel, being. And being able to formulate responses and thoughts. That concerns me about that is it concerns me because we haven't thought through all the things it can do.


Morgan Wright, Chief Security Advisor, SentinelOne [02:20:34]:
But I'll give you final example here. Who are the Nobel prizes named after? Alfred Nobel. Yeah. You know what Alfred Nobel actually is famous for? He invented dynamite. Dynamite was supposed to be invented for peaceful purposes. And guess what? Somebody goes, wow, we could blow up bridges with this and we could blow up bank doors and what, you know, so, so here it's a dual use thing. So what I'm looking at, I'm concerned, is not how it's being used today. What are the ways that it's going to be used in the future? And how should we be thinking about defending against that now versus later? Because once the genie's out of the bottle, once the toothpaste is out of the tube, as they say, to overuse a bunch of analogies, there's no putting it back.


Morgan Wright, Chief Security Advisor, SentinelOne [02:21:14]:
Right. So what do we do? It's out there.


Joe Toste [02:21:17]:
Yeah, it's out there. And I think I was reading something. I don't know how true it is or not, but Google is kind of like, basically like a code red or whatever they have internally. They are freaking out right now.


Morgan Wright, Chief Security Advisor, SentinelOne [02:21:28]:
It's all hands on deck.


Joe Toste [02:21:29]:
All hands on deck. Yep, it's all hands on deck. Which begs the question for me is who on the intelligence side is also all hands on deck for the very reasons you were just talking about right now?


Morgan Wright, Chief Security Advisor, SentinelOne [02:21:43]:
That's a good question. And that would involve having knowledge of classified information, which I'm no longer clear to have. So if I did have it, I'd be in violation of federal law. And if I told you, you, you'd be going to prison with me. So we'll do a podcast called Prison Podcast. You know, and we'll do a whole new thing.


Joe Toste [02:22:00]:
Let's not go to prison in 2023 as we have.


Morgan Wright, Chief Security Advisor, SentinelOne [02:22:03]:
There's a goal. There's a goal. Let's stay out of prison.


Joe Toste [02:22:06]:
There's a goal. Let's stay out of prison in 2023. One last time, where can we find the Game of Crimes podcast? Morgan, give it to us.


Morgan Wright, Chief Security Advisor, SentinelOne [02:22:17]:
Go to your favorite podcast platform and just type in Game of crimes or go to gameofcrimespodcast.com dot. We've got it listed there, our stores there, the merch is there, all of our previous episodes pictures. And the thing I really like, too, is the books. We only highlight books that are written by the actual people on our show. If it's a book about the subject, we don't pimp that out. We only pimp out the things that our guests have written or co authored. We have about 40 books on there, so you can go find that. And I would be remiss if I say, and you can also find out a lot more about what we do as a company.


Morgan Wright, Chief Security Advisor, SentinelOne [02:22:48]:
Sentinel one. Go to Sentinel one.com. got a lot of great stuff there, a lot of webinars, a lot of good materials. Sentinel labs. So go there and really great website. Very good. Get a lot of awards for it. And it's, it's, and it's a fun thing to do.


Morgan Wright, Chief Security Advisor, SentinelOne [02:23:01]:
It's a family fun. It's a whole, it's a wholesome family activity that everybody can do.


Joe Toste [02:23:05]:
Yep, yep. And if you had to, I believe it is Patreon Backslash Game of Crimes podcast.


Morgan Wright, Chief Security Advisor, SentinelOne [02:23:13]:
Did I get that right.com? game of crimes.


Joe Toste [02:23:16]:
So Game of crimes, there it is. All right. And that's where you be able to find that. Thank you for coming on the public sector show by tech tables. This was a blast. We're actually going to turn this around, and I say we, my wife will edit this and we will turn this episode around pretty quickly. I know there's a lot of folks who've been at sentinel one who've been asking about this, so I'm excited to drop this pretty quickly and I will see you in Orlando at the Orlando live podcast tour event.


Morgan Wright, Chief Security Advisor, SentinelOne [02:23:39]:
March 18.


Joe Toste [02:23:40]:
March March 18.


Morgan Wright, Chief Security Advisor, SentinelOne [02:23:42]:
Mark your calendars.


Joe Toste [02:23:43]:
Mark your calendars. You're listening to the public sector show buy tech Tables, a podcast dedicated to sharing human centric stories from CIO's and technology leaders across the city, county, state and federal agencies. Join in a conversation and touching the hearts and minds of leaders across technology today. From mission driven leadership to cloud AI to cybersecurity workforce challenges, and more. Never miss insights from peers and better partners across the public sector. To make sure you never miss an episode, head over to Techtables.com and drop your email to subscribe. New podcast episodes come out every Tuesday and Thursday, along with weekly behind the mic newsletter. And one of today's podcast sponsors is Tech Tables plus, an engaging new community where you can have early access to never before released episodes, early access to live event recordings, early access to weekly three interesting learnings early access to live event tickets, purchases, no episode ads and more, plus three extra special bonuses when you sign up today bonus number one, access to the CEO show bonus number two, access to the higher Ed show and bonus number three, access to the digital show.


Joe Toste [02:24:46]:
Join tech tables plus today. As always, thank you for supporting the tech tables network.