Trending Tech: Digital Transformation: It's critical, but not all serious

Insider Threats and How to Beat them!

Jeremy Cowan Season 1 Episode 22

If you want advice on how to protect your organisation from Insider Threats go to the top as we did. In the latest Trending Tech Podcast, Eric Chilton, retired Special Agent in Charge of the USA’s Defense Counterintelligence & Security Agency outlines the key threats. And Ed Finegold, Chicago-based Tech Author & Analyst, discusses new research showing the scale of the cyber security problem facing every business today. You may be shocked, as host Jeremy Cowan was, at the range of threats, how long they go undetected, and the cost to unprotected businesses. Listen now to start protecting your organisation. 

Jeremy Cowan  00:04

Hi, and welcome to the latest Trending Tech Podcast. This time it's on Insider Threats and How to Beat Them. My name is Jeremy Cowan, and I'm co-founder of the three technology sites bringing you today's podcast. They are: https://www.IoT-Now.com , https://www.VanillaPlus.com , and https://theEE.ai . And today, we have some extraordinary expertise on insider threats to bring you. First, in the form of Eric Chilton, retired Special Agent in Charge of the USA’s Defense Counterintelligence & Security Agency, or DCSA. Before taking up that post, Eric was Supervisory Agent in Charge of the US Office of Personnel Management, or OPM. He retired in November and is now president of Chilton Security Partners. Eric, a warm welcome to the Trending Tech Podcast.

 

Eric Chilton  01:02

Thank you very much, Jeremy.

 

Jeremy Cowan  01:04

Also, I am delighted to say "Hello again", to Ed Finegold, Chicago-based tech author and communications analyst who has years of experience at the sharp end of telecoms, helping to make communications work. He has worked with organisations ranging from the TM Forum to Netcracker Technology. And I'm proud to say he has written for us on numerous occasions. Ed, it's great to have you back here. 

 

Edward Finegold  01:31

It's so nice to be back. Jeremy, thank you so much for the opportunity.

 

Jeremy Cowan  01:33

Gentlemen, let's get started. I want to look at the serious news headlines first, in a particularly serious month. Together, you sent me a link to an article in Homeland Security Today. And we'll include the link to this in the transcript for this podcast. (https://www.hstoday.us/federal-pages/dhs/internal-review-finds-four-recent-cases-of-domestic-violent-extremist-activity-in-dhs-workforce ). Which of you wants to describe this story to us about insider threats?

 

Edward Finegold  01:58

I think that's me. I started looking at the insider threat issue, for several reasons, it began doing research into telecom fraud, and coming at it looking more from the cybersecurity and external threat point of view. But then quickly finding that a lot of the frauds that were being committed that involve mobile phones, and actually the crossover between mobile and banking, where you see account takeovers happening because of people's mobile numbers being ported fraudulently. When I looked deeper into it, I started seeing what was happening was that most of these were insider attacks, for a lot of these different types of schemes. And what you had were that people who had legitimate access to systems were being compromised, so that they could do things like unlock phones, or port numbers. And sometimes these were sophisticated as someone being bribed to install a device that an outsider had designed, right, and then they installed it inside a contact centre, and gave that external person, therefore free access to systems like number porting, and phone unlocking systems. And so I started thinking a lot about like, Okay, well, where does this go? And, you know, looking more deeply at it, obviously, a lot of the technology focus has been on external threats, cybersecurity attacks from outside ransomware, those kinds of things. But interestingly, insider threats are growing maybe as fast or even faster, and are potentially a lot more dangerous. And so that's why we brought it up.

 

Jeremy Cowan  03:25

So, this story seems to be an example of, you know, how what you consider an insider threat or what you look for when vetting people can extend in all sorts of directions. I mean, is that fair?

 

Edward Finegold  03:39

Yeah, absolutely. I mean, I think a couple things, just to get into quickly; keep in mind that insider threats are, are increasing for a few different reasons. Right. So we talked about, like the vectors that have happened, let me stick to the technical side, because Eric can really address the people side. 
 
 On the technical side, what's driving insider threats? I think maybe another way to put your question, Jeremy is, ‘What's the attack surface, right? Or what does the threat surface look like? And how is it changed?’ And one of the ways it's changed is that everybody started working from home. And then people's access got all different, and people are coming in by VPN. And people have their computer systems sitting at home, and they have access to sensitive systems. So, it changed the entire shape of what's normally defended against which is okay, you're in the corporation, and you're inside the perimeter. And you can talk to a lot of cyber experts who will say, hey, you know, that perimeter security is not enough. You need more internal monitoring, internal security. Okay, well, we just blew that up, too. Because now you don't even have the perimeter anymore. 
 
 So, it's sort of not surprising that you'd have a lot more exposure to, like a general rise in security incidents, you know, that we're seeing. And it's something like, you know, 67% of companies are experiencing, you know, 21 to 40 incidents a year, and this has increased 60% just in 2020 as people started working from home. And then you know, inside of that insider threat incidents have increased 44% since 2020, because of that shift. So, the point being that, like, we've just seen this radical change to behaviour to the threat surface. And that's why we're then seeing this, this change to the rise in insider threat incidents. And so, going back to your question, which I think comes ultimately to Eric, is why. Why do people get taken advantage of to become insider threats? Or why do they act in ways that are against their employer and that sort of thing?

 

Jeremy Cowan  05:28

Well, we're gonna come to that in the meat and drink of the podcast when we have a chance to talk about this in greater detail. But in the meantime, just looking at the Homeland Security Today article, one of the things that struck me from that was, I was pretty surprised that US government departments weren't already classifying ‘domestic violent extremism’ allegations as a misconduct subcategory, and that there wasn't an official definition of ‘domestic violent extremist’. 
 
 Eric, is that something that I shouldn't be surprised by? I mean, I don't imagine that the UK Government is any further ahead, for example.

 

Eric Chilton  06:07

I, personally, am not surprised. But then coming from what we're going to phrase as insight or knowledge myself, that term in the past let's say two to three years, has been a political hot button to where politicians and those that sign off on laws, executive orders, mandating what can or cannot be done by those with access has not legally been defined. So, what the United States would determine a domestic problem versus what the UK versus what any other nation on the planet would term a domestic issue is a political topic by nature. So, no, it shouldn't really surprise too many people. 

 

Jeremy Cowan  06:50

Yeah. Well, moving on, there was another story that I wanted us to just dwell on for a moment, it came from bbc.co.uk. And I mean it's well known that Ukraine has developed and hopefully will soon rebuild its flourishing tech scene following the horrendous invasion from Russia. So, the news story that interested me was on the cyber front line in Russia's invasion. This was a BBC podcast in the last few days, called Inside Science. And again, we'll include a link to the episode in our transcript. (https://www.bbc.co.uk/sounds/play/m0014xv0 ) The guests were talking about the limited value of Elon Musk's highly-publicised single truck load of Starlink dishes being sent to Ukraine, to add resilience to its connectivity. Mike Sapiton, who's the tech editor at Forbes Ukraine, pointed out in this podcast that this is of limited use in a country of 40 million people, and when additional stock is limited in the market anyway. There's also the risk that the Russians could easily interfere with the signals or worse still, that they might triangulate the signals to launch more rocket attacks on Starlink locations. But he did point out on the plus side, that sanctions on digital technology supplies to Russia are definitely going to have more impact on the Russian administration. Russia's digital business economy will be cut off from software updates, he said, and from licensing. And above all, he points to the effect of a tech Brain Drain from Russia that has already started. So, this is going to be a significant factor in the war, it's probably not going to be a defining factor. But would you add anything to that, Eric?

 

Eric Chilton  08:48

Yes, as a matter of fact, to piggyback on that article, and to discuss another one that coincides with it. Just yesterday, the White House Government, President of the United States issued a statement warning against cybercrimes originating from the former Soviet Union, the Russian states, as it pertains to the incident and the crimes going on in the Ukraine now. And the instability, you talk about being able to triangulate signals, being able to hack for better of a different term. This is a real threat faced by the planet, but originating in what you termed the technology drain and the brain drain and the app developers and whatnot originating in the Ukraine.

 

Jeremy Cowan  09:37

Yeah, I mean, these are significant apps that have come out of Ukraine, not least one of them being WhatsApp. So, these are used by a number of highly significant global corporations. And it's obvious that any interruption to those and their development is going to have a global threat, but it does indicate the importance of Ukranian technology. 
 
 We've got to the meat in the sandwich, if you will, now in the podcast where I really wanted to talk about insider threats in more detail. My first question goes to you, Ed, what makes an insider threat? 

 

Edward Finegold  10:16

Well, I mean, I think the simple answer is that insider threats caused when a person who has access to systems information or other resources behaves in ways that are security risks to an organisation, right. Now that security risk could be something like a national security risk, because that organisation has control over let's say, a power grid. Or it could be something simpler, just downtime disruption for a factory or something that's, that's really, really harmful to a business. You know, even if it doesn't serve some political or national security end it, you know, causes potentially existential problems for the business. And so really the basic thing is that. It's the insider threat, is it someone who's already inside who has legitimate access, right, who's being corrupted to use that legitimate access in negative ways, as opposed to an external threat, obviously, which would be, for example, an attacker, you know, hacking into someone's credentials externally to take over a system or something to that effect. That’s the typical kind of thing you're accustomed to. 

 

Jeremy Cowan  11:12

So, Eric, are negligent or malicious insider threats, the most frequent that we're facing these days?

 

Eric Chilton  11:20

By far and away negligent, not to say that malicious is not on the rise. And I tell you this, because more often than not, the loss of data, or the loss of IP (intellectual property), or any type of information, is not even known by the individual that created the issue. Think of, in the IT world, clicking on links that you're not permitted to and now somebody has access to your computer without your knowledge. The same happens in human intelligence, where a trained elicitor can, I can extract anything I want from you with a smile on my face. And you'll give it to me. Without even knowing. So, it's malicious on the part of the employee due to negligence.


‘I can extract anything I want from you with a smile
 on my face. And you'll give it to me. Without
 even knowing
.’ 
– Eric Chilton
 
 

Jeremy Cowan  12:08

Yeah. And a can you put a cost on this?

 

Edward Finegold  12:11

Yeah, I've actually seen some research on this, from a group called the Ponemon Institute, who actually put out a really strong report on the cost of insider threats. And this actually stood out to me, because a lot of times when you're doing research and doing primary research, you don't often stumble over someone else, having done a really good study on the specific thing you're looking at. And I did in this case, so you know, props to these folks. So, in any event, a couple of things that they look at are things like the time to contain an incident, and then the cost per incident. And those two things are related. And so both of those things have increased. 
 
So, what Ponemon was saying is that, since 2020, there's been more than a third or 33% increase in the cost per insider threat incident. And then when you have a malicious insider threat incident, so someone doing something on purpose, average cost is about $650,000 per incident. And that's the incident. On the flip side, companies are expending increasingly to contain threats, right to have a process and a set of systems in place to deal with the threat once it's identified. And the average cost, apparently, that Ponemon found, companies are spending is US$15 million, just to contain, right basically, just to manage the cases – your internal security threat cases, $15 million a year. So, there's a substantial cost to this. And just quickly, a couple of other notes they had was that organisations will take 77 to 85 days to contain a threat. So, you can see why that would be cumbersome and costly. And then the other thing is, obviously the cost goes up. So, if the containment takes more than 90 days, the average cost will jump to more than $17 million that a company spends. So, being inefficient at this, right and not having a process and not knowing what you're doing is going to cost you all that much more. Right. Even than just the incident itself. I found that to be pretty interesting.

 

Jeremy Cowan  14:07

So just rewinding for a moment. I mean, Eric, why do malicious insiders do it?

 

Eric Chilton  14:13

Well, I can give you a laundry list of reasons. If they're truly out to get the company, it boils down to a couple of things. Greed. Maybe they have extraneous factors in their life that the receiving party might help them with, be it a lifestyle issue hiding something in their personal life. Or basically finance is by far and away, financial reasons are number one. Others, addictive behaviours. I have found that a lot of times people want to prove that they're smarter than the organisation, that they can out think the rules and regulations and they do it for no other reason than to prove to themselves that they're as smart as they think they are.

 

Jeremy Cowan  15:02

Yeah. Ed, help me here. You've referenced in the past Dennis Nedry. In this respect. Who is Dennis Nedry? And what did he do?

 

Edward Finegold  15:11

Yeah, I'm going to answer that. And just as a quick follow up to what Eric was saying, as a back-up to that. Verizon, you know, does a breach investigations report. And when they looked at the motivations for insider threat actors, financial was one; it was the top reason, and espionage was second. But fun was equal, and grudge was almost equal. 

 

Jeremy Cowan  15:36

Yeah. 

 

Edward Finegold  15:37

So, you know, you can't make assumptions about the people's motivations are necessarily rational. That was the thing I always had issues with, like in college economics; assume everyone's a rational actor. Well, everyone isn't! Like Dennis Nedry. (Laughter) So, who's Dennis Nedry?
 
 If you remember the now classic movie, Jurassic Park, Dennis Nedry is a character who's really like the caricature of everything you would think of as an insider threat. And Eric, and I were discussing this issue and had a really good laugh. I mean, it's a serious issue. But we had a good laugh about this, when we realised that this character, you know, Wayne Knight (who was also Newman on Seinfeld, and we love him for that reason) was Dennis Nedry. And so, Dennis was technically skilled. He was very insecure, narcissistic, he was greedy, he was showing a lot of erratic behaviour, he would vanish without explanation. And unfortunately, he had access to absolutely everything in Jurassic Park. And so, what did he do, right? He, in order to make money, and like Eric said, to prove to everyone that he was smarter than all of them, he cut a deal with a competitor to steal, and then sell them intellectual property. And used his access to everything to facilitate his ability to get the material out of the facility and potentially to the dock and to the people that he was stealing it for. And get paid, which obviously never happened. If we think about it, from a business point of view, what did Nedry do? Well, his bad work created park opening delays, which was a business disruption. His bad behaviour also created workplace discord. Another problem was Samuel Jackson was very unhappy with him. (Laughter) They had investor difficulties because of his behaviour, which is why the lawyer was sent out, a lawyer goes out; well the lawyer never went back because he was eaten by a dinosaur, which we'll call a poor guest experience, or a poor customer experience. (Laughter) So every aspect of the business can be threatened in this way. And then ultimately, it was a complete loss of capital and a disaster, because of what this guy did. And then he obviously himself got eaten by dinosaur, which is sort of beside the point. The point is, though, that this one person, right, with unmitigated access, and bad motivations, can create a disaster for a business on multiple fronts. And that starts to get scary, and then some, when you think about what are the potential threats, for insider threats? And where's this going for, for telecom and for IoT, for example.

 

Jeremy Cowan  18:05

Ed, you've hinted at a play-by-play, what are the risk factors affecting companies here that enterprises should be aware of?

 

Edward Finegold  18:14

Here's what's concerned me, as a tech analyst, where you're always looking at a lot of different trends and how they can merge, right, which I know something is you're very much in the business of doing as well, Jeremy. So, as I was joking with you, you know, okay, when I put my tinfoil cap on, what do I worry about? And, you know, how does this all connect to each other? Think about that we're moving to API-first architectures right, something that's much more open and accessible. To make an integration happen between systems, you make a call out to an API, which is sort of a public thing, then connect that to the IoT world. So, the IoT world is existing in that, we're adding a lot more devices. And there's a whole separate story to that, that I'm sure your audience knows, right, the number of different devices, the expansion of the threat surface, all the different updates to firmware that can be compromised, right, all these different kinds of things that are that are well explored issues. So, now bring that into 5G, you bring it in to the 5G world that's emerging. And we're bringing all these things together to do a lot more industry 4.0, automation, a lot more remote control over factories, over critical systems, over power grids, right, over fuel pipelines, dams, all these kinds of things. And at the same time that all that automation is happening, these advances are happening, you have companies fighting like crazy for tech talent to bring ’em in the door. Which means that they don't have a lot of incentive to do that slowly or maybe extra carefully beyond what they feel maybe they already do to check all the boxes from a compliance point of view, right?

Okay, so now you have all these people in, all this automation, a lot more things are connected, a lot of it's new, it's probably not that well governed if we think about how technology usually evolves. And now we have the opportunity for misused credentials. People who you don't really know their background, who are new in, have the access, are then corrupted as Eric described, and create some kind of catastrophe. Now I'll take my tinfoil cap off and let you carry on. (Laughter) But that, but that's the daisy chain of things that I think is a real threat that's happening quickly.

 

Jeremy Cowan  20:17

Understood. Eric, what are your thoughts on the risk factors affecting companies? 

 

Eric Chilton  20:22

Just to  follow what Ed was saying, I've, during the course of my career, 25 years, I used to start by saying I deal with people, not machines. And that has certainly changed throughout my career, whereas now it's almost the opposite. So, I'll throw in topics like social media, and the number of devices, and working remotely.  Even if you weren't involved in the IT world 10 years ago, you almost have to be now. So, things that the government would look at as a threat or a possible, malicious incident has absolutely changed by definition, just in the past 10 years, and most certainly the past two, with COVID restrictions and remote access, and now you throw in world politics and wars, and who controls the technology and who controls the money behind it. People like me have been forced to learn about machines real fast.

 

Jeremy Cowan  21:25

Yeah. And in view of that rapidly changing landscape, Eric, what particularly do you think enterprises should do to protect themselves?

 

Eric Chilton  21:36

I'm going to say social media restrictions, number one. And I'll give you some examples of people put way too much information online, that anybody trolling for information has ready access to. For instance, who you work for, what you do there, hey, I've got promoted to this and this and this, I'm now in charge of this and this and this. I can start right there of the rabbit hole I want to go down, of whom do I contact at the XYZ Organisation, if I'm your competitor and I want to learn about your company's financials. It doesn't have to be tech data. But where are you spending your money? How are you spending your money? This might get me the information that I want. 

 

Jeremy Cowan  22:23

Well, that makes it sound as though LinkedIn is more than just an asset for good business, but also a bit of a tool for misuse of business.

 

Eric Chilton  22:32

There is a pro and con to everything. Yes.

 

Jeremy Cowan  22:35

Yeah. Well, gentlemen, thank you for that. Let's move on. Because we've got time, just, left for the section we call What The Tech, where it's a chance for us to look at news that normally I would say may amuse or amaze you. Sadly, in the current circumstances, I'm scratching around for anything that may amuse you. But there is plenty to amaze us. Ed, what's your final story all about?

 

Edward Finegold  23:02

There was a story on UKTech.news . (https://www.uktech.news/cybersecurity/uk-cryptojacking-attacks-soar-by-564-in-one-year-20220218 ) That was kind of a continuing story, I've been following about cryptojacking that's been going on. And so just as we were talking about with folks having access to all kinds of things, you know, if you think about the whole migration to cloud, and the number of just people – they could be contractors, just developers, things like that, that now have access, that may not be that well governed, you know, to a really broad variety of resources. Which could be their own companies, or it could be something that they're maintaining for someone else's company. And then what they're doing is going ahead and setting up crypto mining rigs on someone else's resources, someone else is footing the bill for the web resources, right or for the for the hosting resources in the cloud. They're setting up these big distributed crypto jacking rigs, and then filling their bank accounts with them. 
 
And so, it just didn't surprise me to see that story as I think we'll see a lot more of it for this reason. And it's just like a really basic idea of an insider threat that's not necessarily a direct attack on anybody, but it's harmful. It's unlawful, and it's something that someone's doing for greed and fun and to prove something, right. And that's just the sort of odd kind of threat that we live with.

 

Jeremy Cowan  24:06

As I scroll down through that story, I mean I knew that crypto jacking was on the rise, but even so, SonicWall’s report that there were, I think, 436,000 Crypto jacking attacks in the UK alone in 2021, Compared to 66,000 in 2020. That shocked me, that's a seven-fold increase in a year.

 

Edward Finegold  24:30

Yeah, some of it is because people figure out no one's watching, right. It's funny, you describe it as an attack. It's almost like oh, is logging into my email an attack? Like what you're doing is basically you're logging into like an AWS account and using it. You're just using it in a way it's not supposed to be used. Yeah, sure that's an attack. It's just kind of funny though, there's not really anything out of the ordinary about it. You're doing exactly what you would do to do your job. You're just not supposed to be doing it. (Laughter)

 

Jeremy Cowan  25:00

We already talked on here about the added risks. And Eric's mentioned it already about people working from home, bringing in extra risks and obviously, being somewhat outside of the normal defences. And I noticed in the US just the other day, President Biden has allocated $2 billion to improving America's cybersecurity infrastructure. I mean, I'm hoping that stories like this will focus minds, not just among legislators, but amongst Chief Finance and Chief Information Officers. But maybe we have to have the bad news before people wake up to it.
 
 Anyway, the story that I wanted to end with was, again, a serious piece of news. I drew a blank in my search for lighter news. But I did find myself on Wired.com looking at a headline called, ‘Are you being tracked by an Air Tag?’ And again, the link is in our transcript (https://www.wired.com/story/how-to-find-airtags/ ). The story tells you how to check if you are already being tracked, or have been tracked, and it gives some useful advice for anyone worried that a tracker is reporting their moves without their consent. To be fair to products like this, they are a great way to find every day, missing objects like car keys or purses that go walkabout all the time – although for some colleagues more than others, I guess, Nathalie.

But as with so many great tech ideas, they can be misused, with the likes of Air Tags and Tiles and others being deployed by stalkers. Wired.com was reporting the other day that New York model Brooks Nader, found an Air Tag had been slipped into her coat pocket in a bar, and she was tracked for hours before discovering it, while walking home alone. And in another case, police in Connecticut arrested and charged a man after a woman found an Air Tag in her car. To be fair, I think Apple has responded and owners of iPhones running iOS 14.5 or newer, will receive a push alert whenever an unknown Air Tag is near them for an extended time and away from its owner. Apple doesn't say how long the extended time is, though. But you can also play a sound on the air tag to help locate it. So fair play to Apple for that. And it's also since launched an app called Tracker Detect for Android phones. And the Android app does not automatically look for unknown Air Tags, you have to do the scan yourself. Ed, did you have any thoughts on that? 

 

Edward Finegold  27:43

I have thoughts on two sides of it. On the one side, I don't envy anyone that's living, you know, a very public life right now for these reasons. And so I don't like to say, ‘oh, it's the Air Tags fault’. It's another symptom of this really weird stalking culture that's evolved around celebrities and athletes. And it's unfortunate. And then there's a whole set of stories in the US going on right now about a couple of big athletes who are literally having mental breakdowns because of the fans that are getting on them about dumb things. You know, that's kind of a kind of a separate story. On the technology side, it's interesting to me, you know, because you get into the whole, it's technology being misused. And I was thinking about this the other day, that I was walking by a US Home Depot, a big, big home goods and hardware tool seller. And I'm thinking like, you know, I could walk into that store and buy a chainsaw, or a machete or any of those kinds of things that could be misused, just like an Air Tag could be, but no one's hollering at Home Depot not sell a chainsaw, because there's perfectly good uses. You got to cut trees down, right? And so that's where I think is always the challenge here. And if we just go back to the insider threat thing, for example, you know, what's the point of talking about these days is trying to get out ahead of it. Right. What concerns me with any of these things like Air Tags as we introduce … or the (Boeing) 737 Max, we introduce technology very, very quickly. And we kind of deal with the consequences later. And so that was my concern, where we were talking about the convergence of all those texts is like, let's think about the critical mass of gaps that happens and what the consequences of that are, as opposed to looking at everything as an individual piece. Right, if that makes sense. So again, I think the Air Tag thing is just another example of that. It's the unintended consequences that are really, really negative, for something that had a positive intent.

 

Jeremy Cowan  29:25

Eric, I'm finally just coming to you. I liked Ed's comment about getting out ahead of it. How do you think that businesses can do more to get out ahead of some of the challenges, either through malicious or otherwise misuse of their technology?

 

Eric Chilton  29:44

I would ask companies to think of it almost as a sales pitch that an insurance agent would give you; not is something going to happen to you it’s when. And what can you mitigate up front by preparation? So, we talked about risk response time earlier, look at first responders and the data that they can give you, if you wait 24 or 48, 72 hours before a medical incident, what are your rates of survival? The same can be said for any type of security incident, the shockwaves of that, and the longer it takes to contain. I just encourage you to look at any opportunities you have, whether it's personnel vetting, physical security, IT security and understand it's not an if, it's when. And to go back to your Air Tag story. Like many things in this world, I found out the hard way what that was when a friend called me in the middle of the night to say that her younger sister had an Air Tag installed on her vehicle by a potential suitor at a nightclub. So, I learned about it real fast.

 

Jeremy Cowan  30:49

That's shocking. Yeah. Well, it is there for all of us to learn from. Gentlemen, thank you so much. That's all sadly that we've got time for. I want to thank you both for sharing your considerable expertise with us. Ed, it's been great to have you on the pod.

 

Edward Finegold  31:04

Thank you so much, Jeremy. It's great to be back. 

 

Jeremy Cowan  31:06

And Eric, it's been fascinating to hear your expert input. Thank you very much for your time, too.

 

Eric Chilton  31:11

Absolutely, my pleasure. Thank you.

 

Jeremy Cowan  31:13

Before we go, let me just say we've got some more great podcasts in the pipeline, including one on next generation automotive connectivity. I'm looking forward to that one, too.
 
 In the meantime, please subscribe to the Trending Tech Podcast wherever you found us today and give us a five star rating; we’ll not only love you forever, it'll boost us up the rankings and help others find the latest global tech news. So, until the next Trending Tech Podcast, bye for now.