Insight Enterprises, Inc. (NSIT) Earnings Call Transcript & Summary

Welcome to the webinar Talos threat intelligence and the evolving threat landscape. Before we begin, I want to cover a few housekeeping items. At the bottom of your audience console are multiple application register [indiscernible]. If you have any questions during the webinar, you can submit your questions in the Q&A box and they'll be answered the end of the presentation. You can also expand your slide area by clicking the maximize icon on the top right of the slide window. If you have any technical difficulties, please click the help widget. If you can please take a moment to fill up the survey at the end of the webinar, that would be great. I will now hand the presentation over to your speaker, Chris Clark. Thank you.

Thank you. Good afternoon, everyone, and thank you for joining the webinar. My name is Chris Clark. I'm a solution architect with Insight public sector. So today, we're going to be diving into Cisco Talos and Cisco public funding. With us today, I have Caroline Murphy, who is a public funding adviser from Cisco and then Joe Marshall, who is an engineering technical leader at Cisco as well. Caroline will get things started with our Cisco public funding team and what is the current 2021 funding status, then we'll pass it over to Joe to discuss Cisco Talos, emerging security threats, that we're seeing and what we can do to protect those against those threats. And then I will close things out with our Insight team and how we can help you build a security solution based on information we get today. We'll also open it up for some Q&A if we have time at the end. So with that, I will pass it over to Carole to take it away.

Hi, everyone. My name is Caroline Murphy, and I'm the channel manager on the Cisco public funding team I'm going to give you a short overview of 5 minutes maybe 8 minutes around Cisco public funding and all things funding. Let me just -- I'm just getting us those through platforms, forgive me. All right. Our team, we support our sellers, partners and customers as it relates to grants bonds, E-rate and stimulus. We do all sorts of things. So we do research and funding reports, we do project checks and training and grant promotion. We work with a third party called the Grants Office. So this is a great thing for all of our customers and our partners' customers, so Insight customers. When you're working through your technology projects and you're getting to a point where you were really excited about this project. Now how do we pay for it. This is actually a great time for you to reach out to the Cisco public funding team, we can run a comprehensive report on all of the funding that's available to you. And then -- our team, along with the Grants Office, we can provide guidance around what funding sources you should pursue for your project. Our team, we actively monitor all public funding sources, keeping in mind technology projects that might be underfunded or require funding, and we try to promote the grants that really make the most sense for you, for our customers. We, of course, I have to mention this, also have a fully supported operation around E-rate. And as you can see there are multiple sources of funding. We have E-rate, bonds, federal, state and local ongoing grants, and COVID stimulus funding on the top left. The first 2 rounds of stimulus funding that needs to be tied back to COVID, but almost everything connects to COVID. So whether that's for education, strengthening network security, security cameras, and create bandwidth all of that. Okay. A quick way to think about it. So for funding sources, when you're thinking about devices, think about the emergency connectivity fund, so ECF for security and collaboration, think about stimulus. So for K-12, we call Esser and for network and infrastructure, think about E-Rate. I'm going to dig into that just a little bit further. So for seamless think about facilitating safety and security, both cyber and physical. Think about creating hybrid learning environment, so hybrid learning and like classroom device refresh things like that. And for E-Rate, think about building campuses that are flexible. So you could set your wireless routing switches and any related licenses. Okay. So now I'm going to go through just the highlights of the stimulus funding by vertical. So as everyone knows, the original seamless funding passed in March 2020 and almost a year later, in March 2021, the American Rescue Plan Act task. So for K-12 schools and higher ed, you were covered in all 3 rounds of funding. For nonpublic schools, they were covered in 2 rounds of funding, and state and local governments, they recovered in the first and third rounds. It's really interesting to look at the numbers here. So you can see K-12 started with $13 billion. And then the second round, $54 billion, and then in the American Rescue Plan Access Act round plan at ground $122 billion. So let's take a closer look at K12. So for K-12, the public schools, they had Esser funds, which they receive funds in all 3 rounds of funding. All 3 rounds were called Esser, and they all have basically the same guidelines. For every iteration of Esser funding, technology is specifically called out. The deadline for public and nonpublic schools is September 2023. The Department of Education wants schools to strengthen their infrastructure, and strengthen their networks, so that at any point seems to move in and out of distance and hybrid learning models. The Department of Education actually provided 13 spending categories to make sure required spending for strong learning infrastructure would qualify. That was my quick K-12 highlight. If you need more support around K-12 reach out to us, we can give you a lot more. For higher ed, they received $40 billion in their third round of stimulus funding. The first 2 rounds have received $14 billion and $23 billion. 50% has to go to student aid and 50% to institutional needs. And priorities include things like distance learning, technology and expenses due to coronavirus. Every single school receive something. A quick highlight is just that higher ed, they have a shorter spending guideline compared to K-12. So higher ed actually need to spend their funding 1 year from when they received it. So over the first 2 rounds, their deadline is coming up in January 2022 and May 2022 for the third round. And finally. Again, I'm just giving you the very highlights. We're giving you enough to be dangerous, not to know what you can do with your money, but if you need more support reach out to us. So for state and local governments, they had $360 billion in funding. And what I want to highlight here is just the relatively open nature when it comes to the funding, and there's a long runway to spend it. You see the breakdown, it's almost $220 billion for State and DC as well as [ tribal nations ] and $130 billion for local government. So something for all levels of government. Every level of government has something earmarked for them. And that's really awesome, but since for the first time ever, everyone is working with something. So it's definitely a time to dream big and to get those pain points, things that you always wanted to solve. The government -- the state and local governments, they actually have it until 2024 to spend. So you can be strategic, you really think about what you want the future to look like. You can think about things like securing remote work and citizen experience when it comes to inclusion, empowering public engagement, all these words of things that were in the funding descriptions. So ensuring critical continuity of services, inclusive society when it comes to broadband, modernizing work, addressing the digital device of building trusted experiences. All right. Those are my quick funding highlights for you to leverage, reach out to our team if you need anything else in terms of funding, but we have lots of resources you can look at on your own. So we have an eerie.com site you can check out. We've got industry solution sites. There's a grants and bonds website here. So based on your verticals, so if you're coming from higher ed, if you're coming from K-12, you can actually go into this grants and bonds site based on where you're coming from and look at all of the funding available to you based on that -- like which vertical you're in. We also have a stimulus allocation [indiscernible]. So if you just want to go in and see where, how much has been allocated at a very high level. You can check that out as well. We have lots of mailers and also webinar playback on specific topics, if you want to get caught up on any of that. I think that's all from me. So thank you very much, and I'll hand it back.

All right. Thanks, Caroline. So with that now, actually, we will pass this over to Joe to dive into the Talos conversation.

Well, first, thanks for the team for having me today. I'm looking forward to talking about threats, sort of what we see in the threat landscape right now. And sort of -- I hope to make you a student of the game. So I want explain some of -- or demystify what these bad actors are doing, how they do their business, and then hopefully give you some resources to combat these threats or to at least think about how does this affect my enterprise, how do I defend against these threats. What are some valuable things, takeaways that I could create from this. And with our friends here, I think we're going to be able to really provide you some really great information. So let's just jump right into it. Who is this handsome bearded man in front of you. My -- again, my name is Joe Marshall. So I am Joe Senior Security Strategist for Cisco Talos. So I focus on packing all the things. We're in a giant hacker collective here at Cisco Talos. I come from utility space, and I worked a lot with educational institutions. I worked a lot with power utilities, I worked a lot with water, oil and gas, manufacturing, you name it, to think about embedded system security, actually built our first offensive security team to that here at Talos. And general threat research, no matter what your specialization here is at Cisco Talos, everybody here is a threat researcher. So we're always looking for bad, net new and keeping everybody safe. And of course, I am out here in the Midwest -- Mid-Atlantic at Baltimore, Maryland. What is Cisco Talos, how do I define that to you? There's about 400 of us. We're on 5 different continents. We speak nearly 30 languages amongst all of us, and we are threat researchers. We are with a small exception, which I'll get into. We're not fee-for-service. So I am not billable by Cisco. My job is to find the bad guys, stop the bad guys, end of sentence. Our threat intelligence that we generate gets issued to all of our products and some of our open source tools like Snort, which is a very popular open source IDS/IDP, we invented that, that's us. So to make sure that all of our customers and all of our communities are protected against emerging threats, both known and unknown. To give you an idea of just the volume, the breadth, depth, scale and scope of just data that we see, you can kind of see these statistics in front of you. At some point, numbers become kind of abstract because a lot is a lot. But if I were to really summarize what we -- just in a single day, we see about 6 petabytes of threat intelligence information in a day. And that's honestly from the 87 million endpoints of data that we collect. So we're looking for malware, we're looking for malicious URLs, we're looking for e-mails, we're looking for DNS infrastructure that we know is supporting command and control for these attacks. Like inota is very resurgent right now. So we're in the hunt. We're looking for additional [ inota ] infrastructure to a black hole or take down. So that just gives you a sort of a snapshot of the volume that we see here. And we have a lot of different sort of specializations that make all of this analysis, even possible. Of the 400 of us, it's a fairly robust infrastructure. We started to organize ourselves organically to combat these threats. And I don't have a tremendous amount of time to go each individual one. But for example, on our threat intelligence and interdiction team we have in Talos, we have linguist that speak just about every language you could possibly think of, Korean or Japanese, Urdu, Pashto, Farsi, Ukrainian, Russian, Portuguese, French, Spanish, you name it, Italian. We have just about everyone, and they're typically native speakers of that language, which is incredibly important, as is also where we coordinate a lot with our government partners all over the world like Europol or the FBI. We have a lot of intelligence relationships that we cultivate and maintain all over the world to both exchange and information, and stay current on threats. Sort of a dirty secret in this space, I guess, is that nobody sees at all. That's just not possible. But what you really get is that security is fundamentally a people business, and so we form those relationships, and we really endorse them. We have our own malware research team, obviously, they're in detection research. We have a community team because we have so much open source technology, and data, and threat intelligence that we provide to our communities. We have our own offensive security team because we want to know what bad guys are doing, so we emulate them as much as possible. And of course, we have incident response on the very bottom. Obviously, they're fee-for-service. They're not free. You purchase retainers through them and they're able to give you a lot of proactive and reactive services. We're actually going to talk a little bit about incident response today as well. If you ever want to quit your job and go into threat intelligence and you're wondering, how do I do what Joe does. These are the 3 areas of execution. So whether I see 1 piece of malware or in fact, 1.4. And actually, I think we're honing in on 1.5 or 1.6 these days. These are the 3 ways you have to make it happen. This is the circle of life. You have to be able to see it, analyze it and then do something about it, Hakuna Matata, circle of life, there you go. When I mean visibility, this is the great thing about as a threat researcher and as the product ecosystem that we support, everything talks to everything, it has to. And we own a entire security stack ecosystem at Cisco from pre perimeter DNS. So we can examine fast flux DNS, we can examine all the threats that we know exist in that space from rapid command-and-control, malware delivery before it even gets to their intended victim all the way to Layer 2 inside of an enterprise network, where we can install rapid monitoring. We can look at metadata for packets like Stealthwatch and other things as well. So let's go on to the next 1 real quick. Here's a kind of a cool story, all right, that I really, really like. And that story is, well, how do you kind of marry all that together. And 1 of the things that I really, really enjoy here is that we are able to really sort of put this together, and this is a cool story, a scary story but a cool story with NotPetya. Obviously, the most costly cyber attack in history, $10 billion with the [ b ] and damage. It was destructive malware. Obviously, attempting to emulate ransomware, it was not. And what was able to happen here is that we were able -- because of the relationships that we have formed, we were able to get a call 3 am in the morning from the country of Ukraine from their Ministry of Defense and from their Ukrainian cyber police, "hey, the internet is on fire, please come help us." And if you are ever curious, Wired Magazine, Andy Greenberg wrote a fantastic article on the damage that was done. The Port of New Jersey couldn't open its gates at a 10-mile traffic jam, Renault couldn't make cars, Nabisco couldn't make cookies, Merck, the massive pharmaceutical company lost a tremendous amount of money and Maersk, the largest oceanic shipping company was literally saved by 1 hard drive in South Africa. Just spread like wildfire, and it turns out, this was an exploit using SMB exploits. The Wiper malware recently, Wiper Malware just was devastating using those internal blue exploits. One of the really cool things that happened was when we did the analysis, we were actually able to pass this information on to the Department of Justice. And then last year, in October, they issued indictments for the 5 hackers responsible for NotPetya. And we got a very nice call out from the Department of Justice for the work we were able to contribute to the law enforcement and to community to have those incitements issued, which is a pretty rare thing because typically, they think Twitter or Facebook or Google, and you kind of see that in there, but getting a very specific call out of a small 400-person organization inside of Cisco was really cool and very kind of thing to do. And it makes you feel good that you're contributing. So what are we going to talk about today? Well, we're going to talk a lot about ransomware. You can't throw a stick without hitting it right now. And that's just the hard reality of what our threat landscape looks like between that and supply chain. And I would say more ransomware than supply chain right now. It is a tough, tough market for your small, mid-market and large cap organizations, and that includes everything from small municipalities to massive higher education institutions and everything in between. The attackers are very canny. They're very meticulous in their research and they choose their victims very well. Of course, I live in Baltimore, so Baltimore County Public School System got tracked pretty hard, and actually believe they paid the ransom. So we're seeing, again, just prolific in this threat space. We are part of the ransomware Task Force for the Executive Office of President Biden. I am actually quoted on the EO and the White House. You see Matt Olney, Director of Talos Threat intelligence Interdiction. I worked a lot with Matt and his team, of being able to have a seat at the table for how this country, and how our law enforcement apparatuses and our civil apparatuses has come that ransomware. So it's very cool that we're a part of that conversation and that our work is recognized. So when you're in the threat intelligence business, I have a bit of a shocker. I'm not really in the good news business. I'm kind of in what are the bad guys doing and sometimes that just equates to all bad news. But I don't want to leave you with that. I want to be able to leave you with positive changes that you can make. So I'm not trying to scare at the same time, this is the reality of what we're being confronted with right now as threat thing. And what we're thinking of what we're seeing right now is a tremendous amount of perimeter target. We still see phishing. We still see what we call BEC, business e-mail compromise, but we're also seeing unpatched IIS servers all [ of half ], which happened earlier this year. We're seeing a lot of RDP services being exposed, VPN endpoints, which don't have two-factor authentication. We're actually going to get into that with Colonial Pipeline. So these exposed infrastructures are really doing no one in the victim world of favor. A lot of the sometimes stems from COVID. A lot of organizations had to rapidly pivot to a remote workforce. It didn't really consider security implications of being able to do that. And there's a bit of a long tail when you think about their remote decisions finally catching up with them in the realm of we have a security compromise. So what's changed? If you think 2015 and 2018, we had a lot of onesies and twosies. So my grandmother would get ransomware, and she had to pay a bitcoin to get pictures of her grands gets back. Well, they shifted that business model because these new cartels, these ransomware as a service infrastructure, really decided that the reason robbers rob banks because that's where the money is. So large organizations got targeted. We call that big game hunting, which is you're going for the biggest kill because that's the easiest way to get the most money the fastest. That's why you see large companies being targeted or large health institutions or educational institutions because they probably carry a cyber insurance policy, and that policy will pay out. They know you're good for the money, and they can get paid out. So if you wonder how that business model actually works, it's really no different from any other business that actually exists. I have a product, I need to move that product. I have my miscreance or my ransomware affiliates who are designed to do the kinetic attacks. And then I have to ransom repeat or reinvest my profits, do I cash out? How do I launder my bitcoin into actual fiat currency. These are all very important things that these cartels have to think about. They themselves do not do the active hacking. They are a business that has a supply chain. So they'll bring in the actual actors who do the compromise. And 1 of the things we're going to talk about here is access brokers. What is an access broker. Access brokers are basically compromised as a service. This is a very mercenary attitude to think about with ransomware right now. So admin access for sale. So what you see is a lot of research being done, and you can a kind of see any screenshots. That's a Saudi Arabian hospital with 7,400 employees. They make about $1 billion in revenue. I have full domain admin access for a bitcoin and a half or whatever that value is because it fluctuates in value in currency, give me, let's say, USD 50,000, you can have this, you'll easily make $4 million to $5 million on your ransom depending on what you want to make. Sometimes, they are just purely access as a service, and sometimes they actually also will participate as an affiliate to do that. The ransomware cartels just don't have the time or the energy to be able to go and hunt victims, but this market sort of sprung up on the dark web that really facilitates that. This information, of course, makes it to the affiliates, who then go, now I have full domain access. I don't really have to hack the organization. I just need to get inside, go low, go slow, distribute my ransomware, ex fill information for extortion and then press the button. Again, this is sort of big game hunting. This is just basically an overview -- a graphical overview of what that actually looks like. We're going to talk just a little bit about the lateral propagation and the data exfiltration elements because it's very important. So data exfiltration, why do ransomware groups exfil data from your network. This is a compliance mechanism. It is the most [indiscernible] extortion tactic since the history of time. I have decimated your network with ransomware. I want $1 million in Bitcoin for -- to make this go away. Also, if you do not pay me in that time that I allot, your private information that I've stolen, and I'm specifically looking for human resources files, legal contracts, PII information that would be awful to be disclosed, things are essentially very, very sensitive. And you can a kind of see that list here, finance contracts, projects, marketing. I would never want to see the day of light because that could hurt me competitively. It could get me in regulatory or legal trouble, the cost could be astronomical. They know that and they set ransoms that are going to be just under that pain threshold of I can make this go away, you don't have to deal with these things. They're very, very smart about how they initiate their ransoms. We call these shaming sites. So this is scrap right off the dark web. It's not that old. It's actually like a couple of weeks. And basically, this tells us this is where they announced that. You can a kind of see published, which meant they didn't pay me, so not here's all your data for anybody to go download. Some people pay, so people don't pay. Unfortunately, it's an incredibly opaque thing, so we don't know who pays. But through this site, we can tell who does not pay. And unfortunately, all of this data is now being exposed to the detriment of quite a few people. And certainly, revenue lost on all kinds of qualitative and quantitative things that are just bad happening. Of course, BlackMatter got brought up. Actually, BlackMatter is sort of subsumed right now by the LockBit. But this was so bad of BlackMatter. They came swinging out so hard, the FBI did issue in mid-October, that update of, "Oh, gosh, this was really bad." These guys were causing a lot of damage. Black Matter is actually in the process of rebranding and I think that's why LockBit is really taking off. To give you an idea, this is what that BlackMatter shaming site would look like. These guys have rebrand and reorganize all the time because they're avoiding legal authorities and they don't like the heat. They want to stay very, very quiet. They don't want to draw attention to themselves. And it happens anyway, though. If you're wondering how these guys do their dirt. So if you're wondering how a cartel gives their affiliates, the ammunition to go make them money. And by the way, they have a profit sharing, so an affiliate or a mercenary, if you will, afflict the ransoms under, say, $4 million, the ransomware as a cartel gets a 5% cut if I say it's over $5 million, they get 25% cut. So there's a profit sharing agreement between these affiliates and the actual cartels. Then how do I get my affiliates? Well, you have to go through an interview process, you have to verify that you're actually native to the country, you're Russian or Ukrainian, they have tests they'll subject you to. They want to know who you've hacked previously. And then once you are in, once you've been approved much like the mob, you're now a friend of ours, then we are going to equip you with everything you can to be successful. We actually were able to get a playbook from the Conti ransomware cartel and then it was all in Russian because we have native Russian speakers in Cisco Talos. We decrypted it and translated it for you. If you go to our website, talosintelligence.com, you can get a playbook, a step-by-step-by-step playbook of everything they're going to do when they get inside of your network to discover the domain admin, discover how the network is built, exfil that data, launch their ransomware. It is a 100% demystifying what the bad guys do. And you absolutely should give it a read or at least pass to your active network defenders of going, "hey, have you seen this, this is important stuff." We're going to get a little bit right here into something to mention. Springhill Medical Center is probably, let's say, in my hometown, I'm from Mobile, Alabama. They were hit by ransomware, and this was actually a legal case going on right now. I don't think it's settled out of court. I still think it's in court of the first confirmed what we think was a fatality of ransomware, unfortunately, a child passed away in a neonatal unit because the nursing station systems were down because of ransomware. And they -- the nursing were not able to get to a child in time and there was a fatality. I think there's actually been others, but this is the first actual documented case of ransomware affecting the health of a human being. And my small story, my grandmother is in that hospital and that ransomware attack it. So it's funny how sometimes things can be personal, when bad things happen to people. I would certainly encourage you to Google that case and follow it. Even if they settle, I think it's safe to say in the infosec community, this did happen and it's awful, but this is the world we live in now. LockBit is now the sort of predominant cartel that we're seeing doing activity. BlackMatter is either going quiet or being subsumed by other cartels. We actually interviewed a LockBit mercenary affiliate. We have that complete interview. He was getting out of the game and we're like, well, if you're getting out of this, why don't you tell us what you do and how you did your business. And this is how they did it. Again, on our blog, talos and talos.com, it's all free. There's no marketing. There's no pay wall. We want you to be smarter. We want you to be informed, [ you will read it ]. It's fascinating and terrifying, but you will learn how bad guys think, and how they do their business. I do want to mention Colonial pipeline real quick because if you live on the East Coast, you had a gas shortage to you. I just want you to think about, well, how did this happen? And basically, wind Colonial pipeline because it made the news, I've actually been at the Colonial pipeline. Again, I focus on [indiscernible] and oil and gas and things like that. The company itself did not have a PII disclosure, but a former employee was part of another website that was compromised. They use their Colonial Pipeline e-mail address and username and password. And they basically said, "Well, we have this through a data leak. Let's just try it against Colonial Pipeline and it worked." That's how they got in. They did not have a multifactor authentication solution in front of that VPN. They did not have, I think, robust monitoring that existed after the adversary was able to get inside that network. And then in the worst-case scenario basically happens, the initial alerts of, "Oh gosh, something bad is happening," actually happened on the operator stations in their oil and gas command and control center, which I've been do. It looks like the NASA space shuttle center, it's huge and impressive. And that's how they were compromised. It really is to think about sort of your integrated systems, especially inside of an enterprise, what's talking to what, what are my data flows, how am I thinking about visibility. Really important question you should be asking yourself, as you think about how these adversaries are able to make themselves successful, something I always want to leave everyone with is every time an adversary is inside your network doing bad stuff, it's an opportunity to detect what that badness is. So if you're doing deep packet inspection, if you're doing endpoint detection response or XDR, if you're doing pre perimeter, if you're doing multifactor authentication solution, yes, these things are not bulletproof, but collaboratively, they're amazing. And they really do create defense and depth that you're going to get a lot of value out of. And if the worst actually happens and there is a breach, everything they do is not super ninja. It is absolutely an opportunity to attack. That Conti playbook is a wonderful thing to think about as you read it as should the domain user be using whoami. No, not really. That would be an opportunity to things like that. I do want to leave you with a bit of a supply chain question. And then a very important question on incident response and then I'm going to turn it over to our friends. When solar winds impacted the world as it was, and we discovered it in December of last year, it seemed to be predominantly as a nation state targeting, this is 100% nation state. The initial compromise happened all the way back in February of last year, but it really didn't become prevalent until March. It wasn't discovered until December of last year, and this was the SolarWinds infrastructure management tool being compromised and then the patch -- malicious patch, much like in NotPetya was being distributed and that caused a lot of damage. The thing to think about and the thing that we -- we're sort of sitting in a shorter is compromised. And that victims downloaded this for this very common predominant infrastructure management tool, but their logging capabilities were 30 to 60 to 90 days. So no one's going to keep logs all the way back to March to know that if this essential product to my enterprise was compromised, how do I know the adversary did not get into my network. And things were very tough for us in Talos as we try to figure out just how bad this really was. And unfortunately, in this business, it's very tough to get closure on what adversaries are doing, only because of the visibility question, and because of the logging problems that our enterprise customers and our retainer customers have. So when you think about supply chain, when you think about upstream or downstream, what are my liabilities or if you're having a merger or an acquisition, it's important to think about who you do business with and how you talk to them. And should you or should you not have a permissive infrastructure with them. I typically err on the side of no or yes, but as a security person, you want to be enabling of business imperatives, but you want to do it in such a way that doesn't expose an undue risk to the business. And that really is something you to think about. Also, I want you to think about preventative versus a response. So one of the things that I encounter a lot when I talk with victims, I say, ransomware or supply chain-based attack, and I worked a lot with our Cisco intelligence response team, is how much of your budget is proportioned to stopping the thing versus, "oh, gosh, something bad has happened, how do I respond to that thing." So business continuity or disaster recovery plans are important, but what about incident response, if I need to bring in some hacker experts to figure out how do I stop myself becoming an additional more impacted victim or how do I proactively determine what my security posture and hygiene actually is. And that's where an incident response retainer is going to be invaluable because it's going to help you answer those questions and get a real strong sense of, well, what is my risk? How do I mitigate? Risk is never 0, but if I'm more knowledgeable, knowledge is power. And now you can think about budget structuring and personnel, and things that are important for you to keep your name out of the news and keep your enterprise safe. So think about response. Response is very, very important. And I see a lot of SKU to prevent. But just think about how you would respond if something bad did happen. I hope it doesn't. But unfortunately, that's just the world we live in. And that's kind of it. I really appreciate the time of being able to talk. And if there's any questions, if anyone wants to quiz me on threats, what the bad guys are doing. As of yesterday, I was following law enforcement rating, several cryptocurrency and ransomware cartel offices in Russia. So I have up-to-the-minute information I can supply if anyone is curious if they have general questions. I'm here or available later on in the presentation. I stunned you in the silence. That's fantastic. All right. I will turn over the ball.

Thanks, Joe. Great stuff. I appreciate it. So to close out, I just want to wrap this all around how we, at Insight, can help you build out a security solution for your organization, the using public funding or accessing the capabilities of Talos. So here, you can see slide actually. So Insight has evolved. We're continuously evolving from our beginnings as an IT reseller to our -- in the mid-2000s, just being more IT services focused to today where we consider ourselves more of a global technology solution partner. With our combined strength, we are a full service provider for efficiency and customer transformative services. Through our deep partner relationships and creative mindset, we provide meaningful solutions to overcome complex challenges and drive agency outcomes. So our supply chain optimization services can help you invest smarter, so you can maximize resources and invest in your future. We have our Connected Workforce Services to help your employees work smarter with the tools they need to still connected, engage, inspire. This ranges from ability to collaboration. Then our cloud and data center transformation solutions can help you run your workloads smarter with the right cloud and data center platform, so you can achieve agility. And then we have our digital innovation team that can help you innovate smarter, so you can leverage data-driven insights to make meaningful connections to drive differentiation and how you deliver your services. As you can see here, we have a global reach. Our global reach with operations in more than 20 countries. We also provided in 14 languages and currencies. But also, we have a national reach and local presence with offices in major markets throughout the United States and Canada. So whether you need an IT complication or access to our resources or top partners, where we can see we have 3,500 plus partners, 8,000 client-facing executives, and teammates and then over 4,500 technical experts focused on all of our vendors to include Cisco. We can provide the dedicated personnel and certified active professionals who will help you throughout the life cycle. So our goal is to essentially become your 1 hand to shake when it comes to your technology needs. And with all of that, so where do you go to get the conversation started around Talos using public funds of Cisco. You can see the organization. So the first step would be, if you know who your Insight account rep is, you reach out to them to get the conversation started. It's not always go to insight.com. You can just started there, get your request information, they'll get you connected with somebody and then they will bring in 1 of those resources, technical experts to help you guys get the conversation started. And then as we go deeper into it, we can hopefully build out a -- help you transform your organization. So again, I'm going to Joe ask if there's any questions. I'll open it back up for any other questions. If not, then I think we can wrap this up.

It doesn't look like we have any questions. So I want to thank everyone for joining today, and I hope you have a great rest of your week. Thank you.