►
From YouTube: Cybersecurity Public Education 2023
Description
The City of Cupertino and the Technology, Information and Communications Commission (TICC) present a cybersecurity awareness event featuring an esteemed panel of experts who share their knowledge on this important topic.
This event was recorded September 16, 2023 at the Cupertino Community Hall.
A
Ladies
and
gentlemen,
distin
guests
welcome
to
the
catino
cyber
security
science
fair.
This
event
is
brought
to
you
by
the
city
of
catino
Technology
information
and
Communications
Commission,
and
we
appreciate
your
passion
with
the
city
in
bringing
this
Innovative
and
important
competition
to
catino.
Today's
event
will
include
two
parts.
First,
a
panel
of
distinguished
cyber
Security
Experts
will
share
their
knowledge
in
a
discussion
moderated
by
Tom
Ching
office
of
emergency
management
for
the
city
of
catino.
A
Following
this
discussion,
we
have
budding
psycho
Security
Experts
from
our
local
high
schools,
who
have
displayed
their
project
in
the
back
and
will
present
present
to
our
judges.
Following
at
the
panel
discussion,
our
panel's
judges
and
commission
organizers,
Alisa
do
and
rerm
sandar
Jing.
Thank
you
so
much.
We
are
grateful
for
your
participation
and
commitment
to
this
important
issue
I'
like
to
offer
just
a
couple
of
context
to
this.
Why
this
is
such
an
important
issue.
A
According
to
a
recent
article
in
National
Defense
magazine,
the
United
States
does
not
have
enough
cyber
Security
Experts
to
protect
the
nation's
critical
infrastructure
and
federal
networks
from
cyber
threats.
This
is
according
to
members
of
industry
and
Congress
further
according
to
M
Marlo,
with
labor
market
analyss
from
lightcast
in
the
past
12
months,
there
are
over
660
cyber
security
job
openings
in
the
United
States,
but
we
have
only
69
SK
skilled
cyber
security
workers
for
every
100
that
employees
demand.
A
This
means
we
are
stepping
into
the
digital
Battlefield
missing
nearly
a
third
of
our
Army
and
the
consequences
of
this
Talent
shortage
EOS
across
our
country.
We
have
talents
right
here
as
a
city.
We
are
committed
to
bring
being
part
of
the
solution.
We
invite
high
school
students
who
are
passionate
about
cyber
security
and
making
a
positive
difference
in
our
community
to
Showcase
their
innovative
ideas
on
educating
the
public
about
Cy
cyber
security
and
scam
awareness,
we're
thrilled
to
see
the
responses
for
our
students
to
our
students.
We
joined
today
in
the
competition
I.
A
Thank
you
and
wish
you
the
best
of
luck.
It
can
be
intimidating
to
Pro
present
a
panel
of
judges
of
your
project.
However,
we
are
proud
of
each
and
and
every
one
of
you,
you
are
the
Future
Leaders
in
our
country
that
is
critical
to
the
Safety
and
Security
of
our
nation.
Thank
you
and
thank
you
to
the
teachers
and
parents
and
family
for
supporting
your
students
in
this
Endeavors.
Thank
you
again
for
all
of
you
for
joining
us.
A
C
B
Yeah
yeah
and
I
am
a
commissioner
and
also
the
vice
chair
in
the
the
technology
commission
for
the
city
of
catino
and
I
I
joined
by
my
fellow
Commissioners
here.
Please
rise
CH,
chair
gar
and
commissioner
Sharin
commissioner
du
yeah.
Thank
you
and
on
behalf
of
the
city
of
catino
and
the
tech
commission.
We
welcome
you
to
this
2023
cyber
security
public.
D
Education
well,
thank
you
mayor
way
and
vice
chair
Raj.
It
is
my
distinct
honor
to
join.
You
me
other
members
of
the
city
council,
the
entire
tick
Comm
technology,
information
and
Communications
Commission,
and
this
incredible
panel
we're
here
at
the
cyber
security
public
education
event.
For
the
first
time
in
the
city
of
copertino.
D
Here
in
copertino,
Community
Hall,
we
are
joined
by
an
incredible
audience
and
live
streamed
online
at
all
of
our
streaming
Services
here
at
the
city
of
cutino,
we
value
education,
Innovation
and
collaboration,
so
I
am
Tom
chin,
as
the
mayor
mentioned,
I
serve
as
the
I
serve
the
city
of
Cupertino
as
the
emergency
manager,
I
oversee
the
office
of
emergency
management
and
I
work
in
collaboration
with
the
public
safety
Partners
at
the
Sheriff's
Office
and
the
fire
department
to
prepare
for
all
hazards.
As
the
mayor
indicated
in
her
opening
remarks,
cyber
security
is
Paramount.
D
Today
the
risks
associated
with
cyber
threats
equate
to
any
natural
disaster
and
therefore
we
at
the
city
of
Cupertino
work
tirelessly
to
mitigate
our
risks
to
our
community
for
every
Hazard.
So
once
again,
thank
you
mayor
way.
Vice,
chair
Raj,
for
getting
us
started.
This
portion
of
today's
event
is
a
discussion
among
cyber
Security,
Experts
and
I.
Invite
those
here
in
the
room
to
take
note
of
any
questions.
We'll
have
an
opportunity
near
the
end,
to
address
the
panel
directly
and
I'm
pleased
at
this
point
to
introduce
our
first
panelist
Dr
May.
D
Wang
Dr
Wang
is
the
chief
technology
officer
for
the
internet
of
things
at
paloalto
networks,
a
multinational
cyber
security
company.
She
co-founded
zingbox,
which
was
acquired
by
paloalto
networks
in
2019
for
its
AI
based
iot
Security
Solutions
Dr
Wang
also
serves
on
the
board
of
directors
for
septon,
a
public
autonomous
driving
company
and
Dr
Wayne
received
her
PhD
in
electrical
engineering
from
Stanford
University
Welcome
Dr
Wayne
welome.
If
we
could
start
first
by
hearing
from
you
directly
what
led
you
to
the
position
you're
in
now
and
then
as
we
transition
to
our
next
panelist.
E
Security
solution
use
AI
about
9
years
ago,
and
four
years
ago
we
were
acquired
by
pal
networks
and
to
answer
Tommy's
question
I'm.
Just
so
glad,
thanks
to
the
Mayors
thanks
to
the
leader
of
Cino
City,
it's
amazing
I'm
I'm,
very
impressed
to
see
that
we're
having
this
event,
because
there
are
just
so
many
things
in
cyber
security.
E
That
concern
me
a
lot
because
we
work
with
the
lws
of
tens
of
thousands
of
customers
and
we
are
protecting
tens
of
millions
of
devices
and
we
see
all
kinds
of
horrible
horrible
things
out
there
and
they're
just
only
getting
worse.
So
the
biggest
concern
I
have
are
all
these
device
Securities
and
also
nowadays,
Ai,
and
we
can
dive
into
deeper
about
why
we're
concerned
about
cyber
security
because
of
AI
and
also
the
ai's
security.
Thank.
D
You
thank
you
Dr
Wang.
Our
next
panelist
is
rames
nelli.
He
is
the
senior
director
of
cloud
infrastructure
and
platform
engineering
at
paloalto
networks,
where
raes
is,
has
a
proven
track
record
for
of
leading
engineering
efficiency,
site,
reliability,
engineering
and
infrastructure
teams
for
cuttingedge
technology
products.
Welcome
raes,.
F
F
F
And
now
recently,
two
and
a
half
years
ago,
I
joined
palal
to
as
a
sen
director
of
engineering
leading
the
cloud
infrastructure
and
platform
engineering,
and
one
of
the
important
areas
is
to
protect
our
applications.
Whatever
palto
is
offering
to
our
customers
and
coming
to
the
concern.
I
see
is
awareness
towards
the
cyber
security.
That's
what
I
feel,
because
a
lot
of
people
even
being
at
home
and
our
kids
and
everybody
you
know,
uses
the
Wi-Fi
and
internet
almost
like
day
and
day
out.
But
what
is
the
you
know?
F
The
threats
that
you
are
actually
exposed
to
the
awareness
is
missing,
and
one
of
thing
that
I
always
even
tell
my
kids.
You
know
whenever
they're
surfing,
whenever
they're,
using
what
are
the
different
practices.
They
need
to
follow.
You
know
it
to
not
get
into
this
adversaries
that
what
you
stated
today.
D
Great,
thank
you
very
much
welcome
and
now.
Turning
to
our
next
panelist,
we
have
Aaron
West,
who
has
a
passion
for
assisting
victims
and
has
served
as
Deputy
district
attorney
in
Santa
Clair
County
for
25
years.
She
has
worked
for
the
past
eight
years
with
react.
A
high-tech
task
force
nationally
known
for
its
arrests
and
prosecutions
of
sim
swapping
and
recovering
of
cryptocurrency
to
victims
of
pig
butchering
scams.
Miss
West
leads
the
crypto
Coalition
a
group
of
more
than
1,000
local
state,
federal
and
international
law
enforcement
agents
who
specialize
in
cryptocurrency
investigation.
G
Welcome
thank
you
mayor
and
thank
your
team
for
putting
this
together.
This
is
such
an
impressive
group.
It's
such
an
esteemed
panel
I'm
sitting
with
and
to
me
the
very
particular
Delight
of
being
here
is
seeing
you
guys,
especially
you,
young
women,
cuz.
So
often
I
find
myself
in
a
room
at
a
table
with
12
men
and
I'm
delighted
to
see
Fresh
Faces,
who
are
who
are
ready
to
make
their
way,
and
you,
gentlemen,
too
delighted
to
see
you
as
well
yeah
I!
No,
no,
shame
so
so.
G
G
That's
when
it
became
very
clear
to
me
the
dangers
that
lay
ahead
for
them
and
I
was
thrilled,
that
there
was
an
opportunity
within
my
office
to
really
address
those
issues
and
and
it
as
I
as
they've
grown
up,
the
the
mechanisms
of
of
threats
to
them
have
grown,
and
it's
been
a
very
good
place
for
me
to
be
so.
As
for
the
biggest
threat
threats
are
my
bread
and
butter?
Threads
are
what
I
deal
with
all
day
every
day,
I
deal
with
a
lot
of
victims
and
so
I'm
curious.
G
So
I'm
am
thrilled
about
that
because
you
are
exactly
the
type
of
people
that
I'd
like
to
tell
and
part
of
my
main
thrust
in
the
next
year
of
my
career
is
to
do
awareness,
because
there
are
some
major
scams
out
there
that
I
need
you
to
know
about
and
scams
that
are
disproportionately
hitting
the
Asian-American
community.
So
I'm
delighted
to
be
able
to
be
here
today
and
share
Pig
wiering
with
you,
but
I'll.
Just
ask
you
real
quickly.
How
many
of
you
have
gotten
that
text
message
on
your
phone?
G
D
Great
welcome
Erin
and
our
final
panelist
for
the
day
is
Tommy
U
and
believe
it
or
not.
You
don't
have
to
be
named
Tommy
to
work
for
the
city
of
copertino,
but
Tommy
is
the
infrastructure
manager
for
the
city
of
copertino
and
an
18-year
veteran
of
municipal
government.
It
operations.
He
received
his
Masters
in
computer
information
systems
from
Boston
University
and
holds
multiple
certifications
from
Microsoft
the
project
management
Institute
and
the
Computing
technology
industry
Association.
D
H
You
thank
you
Tom
and
everyone
for
inviting
me
here.
So
as
the
city's
infrastructure
manager,
my
primary
primary
responsibility
is
securing
the
city
from
all
cyper
threats.
That's
securing
our
Network
making
sure
we
have
constant
cyber
security,
education,
training
for
our
staff
and
just
keeping
on
top
of
all
the
threats
that
come
out
and
some
of
the
biggest
things
we
see
daily
and
actually
have
a
little
presentation
later,
but
you
know
ransomware
fishing
scams.
H
H
Sure
so,
let's
first
I
want
to
start
off
just
talking
about
the
threat
threats.
We
we
see
right,
you
heard
about
ransomware,
and
so
what
exactly
is
ransomware
and
you've
seen
the
news
where
other
cities
have
been
hit
with
ransomware
at
their
companies?
So
what
exactly
is
ransomware
so
ransomware
is
basically
a
type
of
malware.
That's
designed
to
deny
access
to
files
or
systems
and
malware
short
for
militia
software
a
lot
of
times.
You
know
they
lock
out
your
systems.
H
You
can't
access
your
files
or
programs,
and
you
know
that's
causing
a
lot
of
Devastation
to
a
company
or
you
know,
sometimes
even
personal,
you
know
computers.
So
how
does?
How
do
you
get
ransomware
a
lot
of
times?
It
comes
from
social
engineering
tax,
so
the
three
main
engineering
taxs
that
we
look
at
is
fishing,
which
is
through
emails,
you've
seen
all
of
that
before
smishing,
which
is
SMS
or
text
messaging.
H
Where
kind
of
like,
as
Ain
mentioned,
you
you're,
getting
a
text
from
someone
and
vising
is
someone
a
phone
call
where
someone
is
trying
to
know
trick
you
into
giving
some
information
or
doing
something.
So
all
of
these
are
attempts
on
basic
basally,
someone
imperson,
someone
that
you
trust
that
you
think
you
know
but
they're
not
who
they
say.
They
are
you'll,
see
in
the
news
recently
just
a
couple
days
ago,
a
major
Casino
chain
in
based
in
Las
Vegas.
H
They
are
a
victim
of
ransomware
and
it's
been
reported
that
primly
a
10-minute
phone
call
which
a
vising
attack.
That's
how
they
got
in,
and
you
know,
Devastation
throughout
the
hotel
chain.
Elevators
aren't
working
whole
whole
bunch
of
problems.
So
you
know
I
want
to
focus
next
on
more
on
the
fishing
side,
because,
according
to
the
cyber
security
infrastructure
and
infrastructure,
Security
Agency,
which
is
part
of
the
Department
of
Homeland
Security,
they
report
that
over
90%
of
cyber
attacks
actually
begins
with
fishing.
So
just
by
volume,
fishing
emails.
H
That's
the
most
prevalent
thread
that
you
know
affects
everyone,
so
on
the
next
slide,
I
can
kind
of
give
you
some
more
examples.
So
these
are
a
little
bit
real
world
examples
that
what
we
receive
in
the
city.
So
this
is
an
email
that
went
to
actal,
City,
kuun,
employee,
it's
the
centers,
pretending
to
be
Microsoft,
and
it's
asking
you,
the
user
to
you
know
change
your
password
today,
so
these
are
kind
of
end
lines.
What
we
look
for,
besides
obvious,
sometimes
there's
grammar
spelling
issues.
H
We
look
at
the
center
address
in
this
case.
You'll
see
it's,
it
doesn't
match
it's
actually
coming
from
outside
the
country.
Typically,
in
organizations
you'll
have
like
a
caution:
Banner
warning
you
that
it's
actually
coming
from
the
outside.
You
may
not
see
that
in
your
personal
accounts,
but
typically
it's
a
security
practice
in
companies,
so
that
caution
Banner,
is
like
your
first
sign.
This
is
not
from
inside
it's
from
outside
number
three
there's
a
sense
urgency
for
you
to
take
action.
They
want
you,
you
know
to.
Oh,
your
pastor
expires
today.
H
It's
making
you
think
oh
I
need
to
do
something
or
I
can't
get
back
into
my
email
or
my
system.
So
it's
a
sense
urgency
for
you.
Take
action
and
number
four
I
want
you
to
click,
a
link
which
will
most
likely
ask
you
for
a
password.
That's
how
you
get
your
password
because
they
you're
is
trying
to
trick
you
and
thinking
putting
your
password
in
oh
yeah,
I
want
to
keep
my
same
password,
but
then
you're
actually
giving
them
your
password.
H
H
You
can
see
it's
from
an
outside
account,
but
asking
the
employee
to
do
something
to
contact
them
and
typically,
what
we
see
is
when,
if
the
employee
or
person
actually
responds
back
they'll
get
response
back
saying:
oh,
can
you
help
me
get
some
gift
cards
have
a
surprise
party.
We
see
that
many
many
times
and
a
lot
of
times
they
try
to
get
you
to
switch
over
to
like
say,
text
message
and
get
off
the
email
system.
H
H
So
you
know
creating
strong
passwords
that
are
long
and
complex,
sound
great,
but
you
know
sometimes
it's
hard
for
people
to
remember
their
passwords
right.
So
what
what
you
want
to
try
to
emphasize
is
recommend
is
utilizing
P
phrases
to
make
it
easy
to
remember.
You
could
add
something
unique
to
you
or
someone
else,
and
you
purposely
misspell
words,
use
abbreviations,
add
numbers
special
characters,
so
this
table
below
you
can
kind
of
see
how
long
it
takes
for
passwords
for
a
computer
to
crack
your
password
Unfortunately.
H
Today,
a
lot
of
there's
the
password
of
password
is
still
being
used
and
you'll
see
it's
eight
characters,
long
it
it
takes
less
than
a
second
for
a
computer
to
crack
it
going
through
kind
of
the
other
examples
like
you
have
a
longer
password,
catino,
23,
exclamation,
there's
a
you
know,
capital
letter
there's
a
special
character.
It's
a
little
bit
longer,
but
still
only
takes
three
hours
to
crack
it.
So
there
here's
where
we
start
utilizing
pass
phrases
here:
Bobby
a
really
likes
cats.
H
It's
a
long
passer
22
characters
takes
nine
months
to
crack.
How
do
you
make
that
better?
You
can
you
know.
As
mentioned
you
can
replace
letters
with
numbers.
You
can
shorthand
certain
words
like
really
spell
it
as
RL
y,
so
you'll
see
it's
actually
a
shorter
password,
but
now
it
takes
2,000
years
to
crack
another
example:
I
love,
Mochi
ice
cream,
same
Concepts,
you're.
Putting
a
zero
instead
of
O
and
special
characters
takes
14
years.
How
do
we
improve
that
one?
Well,
you
can
purposely
misspell
cre
instead
of
c
e,
a
m.
H
You
spell
it
c
r
m,
as
well
as
adding
numbers
for
letters
and
now
from
14
years
now,
it's
17,000
years
to
crack
and
if
you
for
the
more
most
extreme
example,
this
long
passer,
38
characters
long.
My
best
friend
in
grade
school
was
Bobby
1992
at
so
we're
combining
all
different
elements.
You
know
we
have
again
letters
for
numbers,
special
characters
and
length.
It
takes
about
three
billion
years
for
a
computer
to
crack.
So
again,
you
know
just
kind
of
disclaimer.
These
passwords
are
just
examples.
H
Don't
use
these
for
any
of
your
accounts.
This
is
more
to
just
give
you
an
idea
of
what
a
strong
password
could
look
like
and
hopefully
utilizing
passphrases
to
SC
your
email,
your
accounts
and
anything
that
you
you
do
online
so
and
that
kind
of
wraps
up
my
brief
presentation
and
I'll
pass
it
back
to
Tom
yeah.
Thank
you.
D
So
so
so
Tommy
just
described
how
we
educate
our
employees
and
prepare
for
potential
attacks
into
our
community.
But
now,
in
today's
age
we
are
inviting
some
of
these
linked
Technologies
into
our
home
through
the
internet
of
things.
So
I'll
turn
to
Dr
Wang
here
and
ask
you
with
the
proliferation
of
iot
with
and
Academia
will
site
often
site
the
50
billion
devices
by
2020
and
pro
exponentially
more
by
2023.
How
how
do
we?
E
Yeah,
that's
a
that's
a
great
question.
We
actually
see.
As
I
mentioned,
we
actually
see
tens
of
millions
of
iot
devices
on
daily
basis
and
we
see
lots
of
horrible
horrible
things
and
lots
of
these
devices.
They
are
actually
they
don't
have
lots
of
resources
like
our
computers
or
cell
phones.
So
it's
kind
of
hard
for
them
to
protect
themselves,
and
also
lots
of
these
devices
are
in
service
for
a
long
time.
Instead
of
like
computers
and
laptops
or
cell
phones,
we
change
it
every
other
year.
So
you
probably
have
your
surveillance.
E
Camera
has
been
there,
I,
don't
know
five
easily
five
years
10
years
and
also
lots
of
these
devices.
They
are
using
default
password
and
they
don't
have
enough
capability
to,
for
example,
in
for
for
most
of
our
it
devices,
all
traffic
is
encrypted,
but
nowadays
actually
still
98%
of
it.
Traffic
is
not
encrypted,
so
they
are
the
low
hanging
FRS
and
we
saw
lots
of
cilian
cameras
got
hacked.
We
saw
lots
of
lots
of
iot
devices
got
hacked
the
and
I
can
give.
E
You
example
is
now
we
see
more
and
more
devices
now
you're
getting
back
to
your
home
or
connected
online
I.
Think,
probably
now
average
each
household
have
probably
20
30
connected
devices.
If
you
can
the
good
thing
is
these
devices
bring
you
lots
of
convenience,
you
can
remotely
watch
out
your
home,
you
can
remotely
control
and
you
can
use
ring
doorbell
to
for
security
cyber
security,
but
at
the
same
time,
because
you
can
access
them
remotely,
then
the
hackers
can
access
them
too.
E
An
example
is
recently
my
mom
just
got
the
new
cpath
machine,
the
the
machine
that
help
you
sleep
better.
At
night
she
had
an
old
one
that
she
had
to
bring
this
machine
back
to
Doctor
every
six
month
then
give
the
chip
to
doctor.
Then
the
doctor
can
see.
Oh
what's
your
sleeping
pattern,
but
that
was
already
six
months
ago,
which
is,
of
course
not
great
now.
The
new
machine
she
got
is
is
connected
onto
the
internet
and
the
doctor
actually
can
get
real
time
information
about
her
sleeping
pattern.
E
What
the
issues
can
give
her
in
instructions
of
ice
immediately
as
a
cyber
security
person?
The
first
thing
I
think
of
is
like:
is
this
machine
secure,
yeah?
Of
course
you
might
wonder
who
would
be
interested
in
sleeping
data
of
for
80
years
old
lady
who
want
to
steal
anything
like
that?
But
the
problem
is
not
only
hackers
if
they
want
they
can
get.
E
Access
to
this
machine
can
steal
data
on
this
machine
but,
more
importantly,
they
can
use
this
as
a
jumping
step,
jumping
Stone
to
to
get
access
to
your
network,
to
your
sensit,
sensitive
information
to
your
financial
information
and,
most
importantly,
to
your
identification.
You
know
now,
if
hackers
can
get
onto
your
identification
information,
it
can
be
even
more
devastating
than
the
credit
card.
Because
now
credit
card
companies
are
doing
pretty
good
job.
They
send
you
alert,
they
can
stop.
Even
they
put
a
charge.
E
You
can
get
it
back,
but
once
they
get
your
identification
information
they
can
use
it
for
lots
of
things.
I
know.
Personally,
my
contacts
got
impacted
because
identification
threat.
They,
the
hackers,
actually
used
their
identification,
went
to
IRS,
got
tons
of
tax
returns,
that
he
didn't
F
and
he
didn't
even
know
about
that,
and
they
can
actually
get
loans,
get
U
millions
of
dollars
of
loans
using
your
identification.
So
actually,
for
these
iot
devices
they
can
be
lwh
hanging
fruits.
E
We
actually
see
lots
of
already
obsoleted
that
we
don't
see
the
kind
of
malware
the
it's
already
extinct
in
it
world.
Now
they
still
shows
up.
They
still
show
up
in
hospitals
in
these
medical
devices
and
also
in
our
lab.
We
actually
can
hack
through
your
infusion
pump
and
can
randomly
change
the
medication
got
into
patients.
So
there
lots
of
risks
and
vulnerabilities
in
these
I2
devices
that
we
all
need
to
be
really
careful
about.
D
Thank
you,
Dr
Wang
and
I'm
really
happy
that
you
brought
up
that
you
know
we
bring
the
we
use
these
devices
because
they're
convenient
they.
They
can
help
our
lives
so
our
everyday
practices,
and
but
it
sounds
like
there's
a
couple
of
really
easy
things
to
do,
and
first
is
change
the
default
password
yep
and
to
understand
these
risks
from
the
very
beginning.
E
I
E
On
on
the
software,
because
these
device
companies
are
trying
to
do
a
better
job
too,
once
they
find
a
vulnerability,
they'll
send
up
out,
send
out
updates,
send
out
patches,
just
like
we
update
our
cell
phones
applications
and
but
for
these
devices
we
rarely
do
it
because
you
know
once
you
put
there,
you
never
touched
it,
but
it's
important
to
do
to
do
patches
and
updates
and
also
see
any
abnormal
behaviors.
If
you
see
anything
like
that,
you
want
to
quarantine
these
devices.
You
want
to
separate
these
devices
and
also
at
home.
E
D
That's
great
so
once
we
verify
that
the
prompt
to
update
is
legitimate,
we
we
make
sure
our
devices
are
up
to
date.
Now
we
we
link
our
device,
you've
talked
about
linking
them
and
our
home
is
going
to
become
an
Enterprise
and
they're
linked,
and
that's
usually
through
the
cloud.
So
the
the
cloud
services
are
becoming
more
prevalent
every
day
from
where
the
way
we
hold
host
our
emails
and
our
files
online.
To
again
the
way
the
iot
systems
connect
should
I
do
regular,
backup
information.
F
Yeah,
yes,
so
this
is
a
very
good
question.
So
at
every
home
we
have
like,
as
as
May
said,
20
plus
devices
from
every
home,
and
you
know
you
keep
using
it
for
your
day-to-day
usage
and
stuff
and
everything
is
connected
to
your
home
Wi-Fi
and
you
are
using
your
online
services
and
lot
of
information
that
you
actually
keep
surfing
and
using
in
your
devices,
and
it's
always
recommended
to
actually
backup.
But
you
know,
go
for
the
backup
which
is
sec
cure
right.
F
Let's
say
if
you
use
iOS
devices,
you
already
get
the
iCloud
from
and
apple
itself
right
and
if
you
use
Android
devices,
you
have
a
Google
Drive
and
if
you
use
a
Microsoft
devices,
you
have
one
drive
from
Microsoft.
So
it's
better
to
use
this.
You
know
well-known
and
protected.
You
know
secured
Services
rather
than
a
cheaper
or
op
Source
backup,
you
know
kind
of
solutions,
but
in
my
opinion,
it's
better
to
backup
your
devices
and
again,
when
you
are
backing
up,
you
also
have
an
option.
F
F
It
as
well
yeah-
and
you
know,
even
for
your
backup
or
anything
to
access
what
I
would
suggest
is
have
a
multiactor
authentication
enabled
right.
You
know
when
you
use
iCloud,
and
actually
my
Apple
enforces
you
to
have
a
multiactor
authentication.
They
are
very,
very
particular
about
it,
and
there
is
a
reason
for
it.
Even
if
Government
seeks
that
information,
they
won't
right
and
that's
how
you
know
apple
is
considered
as
one
of
the
you
know
more
secured.
You
know,
at
least
from
a
consumer
devic
standpoint
right.
F
D
D
F
So
and
as
I
said
like
when
you
have
you
know
one
of
the
recommendation
that
I
tell
everybody
in
my
circle
or
my
my
friend
circle
is
that
do
not
use
the
common
passwords
across
the
websites
that
you
access
right
or
any
account
that
you
have
make
sure
every
website
has
a
unique
credential
or
unique.
You
know
passwords
and
stuff.
So
when
you
follow
that
best
practice
and
dayto
day,
you
use
like
hundreds
of
websites
right
and
remembering
all
those
unique
passwords
become
really
really
difficult.
F
So
that
is
when
you
know
these
are.
There
are
like
well-known
password
managers,
and
you
pay
very
like
not
too
much
of
money
right,
but
it
helps
you
encrypting
your
passwords
right
and
whenever
you
want,
even
if
you
forget
you
just
have
to
remember
the
master
password
with
again
twoa
authentication
enabled
do
not
just
go
with
the
password.
It
has
to
be
multiactor
authenticated,
but
having
password
manager
is
really
help.
You
absolutely.
D
And
since
all
of
our
systems
are
linked,
we
often
have
different
ways
of
receiving
information
and
pushing
information
I'd
like
to
turn
to
Ain
West.
Here
we
you've
mentioned
earlier
Pig
butchering
scheme
games
and
you
can
get
a
random
text
message
from
a
unknown
number
that
maybe
you
you
think
you
looks
familiar
or
looks
similar
to
something
you
know,
but
with
all
this
different
information
coming
in,
how
do
we
know
what
a
pig
birching
schem
is?
I
think
we
should
always
be?
Should
I
use
that.
G
Okay,
whenever,
whenever
anyone
is
contacting
us
from
a
digital
source
that
we
don't
know,
our
first
Instinct
should
be
I
need
to
vet
this
person
and
what
we're
finding
with
the
pig
butchering
scam
is.
They
are
the
way
any
scam
works.
Is
the
scammer
has
to
find
their
victim
and
I'm
always
amazed
when
I
sit
in
a
room
like
this
and
I
realize
that
these
scammers
have
contacted
everyone
in
this
room
already
right
like
what
does
it
take
to
contact
everyone
in
this
room
already
so
what's
happening?
G
All
of
us
sitting
in
this
room
today
think
probably
oh
I
would
never
fall
for
that.
But
I
am
here
to
tell
you
that
you
know
someone
who
has,
and
the
prevalence
of
this
is
amazing,
just
the
fact
that
we've
all
received
that
lure
means
that
they
are
consistently
sending
out
this
threat
and
here's
what
they're
after
it's
called
Pig
butchering.
It's
a
Chinese
term.
That
means
it's
shazu
pan,
which
means
Pig
butchering,
and
the
concept
is
that
this
scammer
wants
to
eat
you
from
snout
to
tail.
They
want
to
take
every
last
penny.
G
You
have.
They
want
your
retirement
fund,
your
kids
college
accounts.
They
want
the
quarters
that
are
in
your
couch
cushions
and
they
will
not
stop
until
they
get
it.
The
way
they
do
this
is
they
spend
90
days
in
a
in
a
grooming
period
appearing
to
be
the
relationship
that
you
would
have
dreamt
for
yourself.
If
you
could
have
these
people
have
playbooks,
we
are
up
against
a
very
organized
threat
in
Southeast,
Asia,
that's
being
run
by
Chinese
organized
crime.
It
is
being
conducted
in
compounds,
sweat,
shops
running
this
on
a
24-hour
basis.
G
Let
me
just
show
you
how
well
you
can
do
for
yourself
and
our
victims
then
deposit
it
into
a
beautiful
looking
website.
That
looks
like
any
other
legitimate
investment
opportunity
on
the
internet
and
when
they
do
that,
they
find
that
in
days
their
$5,000
is
now6
,000
7500
by
the
end
of
the
week,
it's
10,000
and
they
are
in
love
with
their
person
and
now
they
are
rich
and
you
cannot
fight
the
endorphins
and
the
the
hormones
that
that
it's,
the
perfect
storm.
That
then
brings
our
victims
to
say.
G
Okay,
I
think
I've
got
a
little
bit
more
money.
I
can
kick
into
this
and
a
little
bit
more
all
coerced
by
the
scammer
and
at
the
end
of
the
day
our
victim
will
try
and
take
money
out
of
that
account,
because
now
they've
got
a
million
$2
million
and
the
scammer
will
say
you
can
have
it
back,
but
only
after
you
pay
25%
in
taxes
and
they'll,
say:
okay,
we'll
take
it
out
of
my
gains.
G
No,
it
has
to
be
new
money
and
that's
when
our
victims
are
getting
mortgages
on
their
houses
are
taking
money
from
relatives
and
they
find
themselves
at
the
end
of
the
day,
completely
betrayed
no
girlfriend
no
boyfriend
and
all
of
their
money
is
gone
and
what
I
want
you
to
know
and
what
I
want
you
to
walk
away
with
today
is
this
is
in
our
backyard.
This
is
what
I
do
all
day.
G
Every
day
is
talk
to
people
who
are
desperate
and
suicidal,
and
so
I
encourage
you
I,
encourage
you
to
bring
this
up
when
you're.
Getting
your
haircut
bring
this
up
on
the
soccer
field.
Bring
this
up
to
anyone
in
everyone,
because
the
point
of
this
whole
thing
that
you
guys
have
put
together
today
is
education
and
we
are
fighting
Chinese,
organized
crime,
that's
happening
in
Cambodia
and
Myanmar,
where
we're
not
going
to
be
able
to
show
up
and
make
arrests
our
best
weapon
against
this
fight
is
education,
so
join
me,
be
part
of
that.
G
So
that's
what
pig
butchering
is
and
I'm
scared
to
death
of
it
and
and
just
one
last
thing:
it's
massive:
it's
billions
and
billions
of
dollars.
We
are
literally
taking
our
middle
class
generational
wealth
in
the
United
States
and
putting
it
on
the
other
side
of
the
world,
never
to
be
seen
again.
So
these
guys
have
give
you
cautionary
tales,
I'm
already
afraid,
based
on
what
I've
heard
from
today
and
I
hope
that
I've
raised
your
Consciousness
a
little
bit
about
Pig
butchering.
D
D
I
I
wanted
to
deliver
yeah
and
I'll
link.
This
back
to
the
reason
why
I'm
helping
to
moderate
this
panel
is
there's
a
body
of
research
out
of
the
Naval
Postgraduate
School
Center
for
Homeland
defense
and
security
at
montere,
montere
California
that'll
show
that
romance
scams
which
you're
describing
is
a
Homeland
Security
concern.
D
So
I'll
note
that,
and
because
sometimes
these
romance
camps
can
be
very
difficult
to
one
for
the
government
and
the
public
entities
to
find
out
that
they've
occurred
because
there's
the
there's
a
little
bit
of
embarrassment
right
when
you
fall
for
one
of
these
and
so
I
want
to
get
I
want
to
ask
you
a
a
pointed
question
about
if
I
think
that
I've
been
a
part
of
a
crime,
a
cyber
crime
or
a
cyber
security
crime?
What
how
do
I
report
that
or
who
should
I
report
that
to.
G
I'm
glad
you
asked
that
question
because
it's
important
the
first
thing
you
should
do
is
you
should
report
it
to
ic3.
Ic3
is
the
internet
portal
for
the
FBI
and
the
reason
why
it's
super
important
to
report
to
the
FBI
is:
we
need
the
FBI
to
know
how.
Often
this
is
happening.
How
often
a
pig
butchering
is
happening?
How
often
a
sex
tortion
is
happening?
How
often
any
other
of
these
crimes
are
happening
so
that
they
realize
wow?
G
Second,
you
need
to
report
quickly
because,
if
we're
especially,
if
we're
talking
about
cryptocurrency
cases,
these
Bad
actors
know
how
to
move
money
spit
spot
and
the
only
chance
we
have
at
making
a
recovery
is,
if
you
get
in
front
of
someone
who
is
competent
to
do
this
work,
which
is
why
it's
so
important
you
guys
are
here,
because
you
heard
the
how
much
we
need
you,
how
bef
was
it
the
mayor
who
said
that
we're
like
a
at
a
we're
missing
a
third
of
our
Army
and
and
that's?
We
can't
do
that.
G
This
is
a
major
threat
that
we
we're
all
very
concerned
about
stolen
cars
and
all
of
that.
But
what
we
need
to
be
concerned
about
is
how
we're
losing
all
of
our
money
and
so
I
I'm,
so
delighted
that
you
guys
are
thinking
about
this
and
working
on
it
and
I've
genuinely
lost
my
train
of
thought
about
this.
But
but
the
the
point
is
yes,
you
need
to
report
quickly
and
you
should
report
to
your
local
law
enforcement
and
your
local
law
enforcement.
You
deserve
to
have
a
local
law
enforcement.
D
Absolutely
and
I'm
here
to
say
that
the
your
your
here
in
the
city
of
kutino
and
Santa
Clair
County,
the
your
law
enforcement
agencies,
your
Public
Safety
agencies,
are
well
aware
of
this
risk
and
threat.
We
have
dedicated
resources
to
provide
this
resource
to
you.
So,
as
Aon
mentioned,
please
report.
If
you
even
think
you
might
be
at
risk
and
we
are
honored
to
have
our
Public
Safety
educa
our
cybercity
education
event.
Here
today,
we
have
young
people
coming
to
help
demonstrate
how
to
learn
more
information.
H
Sure
Tom
there's
a
lot
of
resources
out
there.
You
know
free
resources
at
no
cost
online.
A
lot
of
it
I
mentioned
earlier
siza,
which
is
a
cyber
security
and
infrastructure
Security
Agency.
They
have
a
lot
of
free
training
classes
on
on
their
website.
There's
whole
bunch
of
other
resources.
You
can
find
on
YouTube
and
other
as
well
as
other
sites
as
well,
but
just
kind
of
looking
at
your
local
community
right.
There's
your
Resource
Centers
libraries.
H
H
You
can
follow
that
kind
of
keep
you
up
to
date
on
the
latest
news,
so
just
kind
of
following
on
different
sources
that
you
can
find-
and
you
know
you
know,
the
state
of
California
has
some
resources
as
well,
but
just
kind
of
doing
your
D
due
diligence
to
protect.
You
know
yourself,
your
family
on.
You
know
what
the
latest
threats
are
and
kind
of
keeping
up
to
dat
and
that's
kind
of
what
you
need
to
do
and
what
you
can
look
for
in
protecting
those.
D
H
Upon
that
sure,
so,
if
you
think
of
going
back
to
hygiene,
that's
you
know
taking
care
of
yourself
right,
your
health
with
brushing
your
teeth
taking
showers.
You
know
washing
your
face
things
like
that,
but
the
cyber
world,
cyber
hygiene,
it's
kind
of
the
same
thing,
keeping
your
your
identity,
your
privacy,
safe
and
in
that's
in
the
cyber
world.
So
that
involves
a
lot
of
things
that
we've
talked
about
already
right,
having
strong
passers,
hopefully
using
pass
phrases.
H
So
combination
of
that
having
multiactor
authentication
like
remes
mentioned
and
just
kind
of
being,
very
careful
about
where
you
go
online,
and
you
know
the
sources
and
just
kind
of
again
Going
Back
to
Basics
on
security,
where
you're
doing
your
best
practices.
If
so,
you
do
get
a
message,
an
email,
a
fishing
email
or
a
text,
message
that
say:
you're
you're,
there's
a
fraudulent
charge
on
your
your
card
or
something
like
that.
H
Like
don't
respond
back
to
any
of
those
mediums,
always
contact
The
Source
directly,
either
through
if
it's
work,
rated
contact,
your
it
Department.
If
it's,
you
know,
banking
call,
the
number
on
the
back
of
your
credit
card
do
not
ever
call
the
number
that
they
send
you
in
the
email
or
the
text
message
or
reply
back
CU
that
might
not
be
who
they
are.
It
might
be
someone
else
right.
It
could
be
imp
person,
so
always
go
the
source.
D
Well,
thank
you
again,
Tommy
and
I'm
glad
you
brought
up
social
media
we'll
get
to
that
in
just
a
second,
but
before
I
move
back
to
our
private
sector.
Partners
I
do
want
to
ask
our
our
government
Representatives.
Will
the
government
ever
ask
you
for
your
social
security
number
over
text
message?
No,
no!
Will
the
government
ever
ask
you
for
your
bank
account
information
over
text,
message
or
phone
call
all
no.
G
H
Great
yeah,
so
that's
just
as
Aon
said,
there's
a
lot
of
these
scams.
We
look
out
for
where
you
know
you
you'll
hear
about.
You
know
the
Sheriff's
Office
calling
there's
a
warrant
out
for
arrest.
You
need
to
you,
know,
pay
gift
cards
to
you,
know,
secure
your
release.
So
again
the
government
will
never
ask
you
or
say
things
like
that
lot.
Irs
scams
as
well!
Oh
you're!
You
owe
you
know
on
your
taxes,
we're
going
to
garnish
your
wages
or
something
you
need
to
send
us.
H
You
know
payment
right
and
a
lot
of
times
is
going
back
to
gift
card,
sending
the
code
so
remember
they
will
you
know
we.
The
government
will
not
ask
you
for
that.
They
won't
try
to.
You
know,
there's
no
warrant
out
for
arrests.
You
know
if
again,
if
you're
ever
in
doubt
call
The
Source
call
the
sheriff's
department
if
you're
really
that
not
sure
about
it,
but
most
cases
it's
most
likely
a
scam.
You
know
and
other
ones
that
I
think
Aon
probably
has
seen
us
a
lot.
H
Is
the
kind
of
grandparent
scam
right
where
the
content?
Oh,
this
is
so,
and
so
like
little
Timmy
I'm
in
Mexico,
I'm,
trapped
or
somewhere
I
need
help
to
secure
my
release,
but
not
dumb
and
I.
Just
want
to
bring
a
big
point
where
a
lot
of
scams
now
they're
using
your
voice
right,
there's
a
lot
of
vision.
Scams
where
you
know,
if,
like
personally
when
I
try
not
to
answer
answer
calls
that
I
don't
know
because
they're
starting
to
record
your
voice,
now
there's
a
lot
of
sophisticated
AI
software.
H
They
just
need
a
few
words
and
they
can
generate
like
whole
sentences
of
vocabulary
and
I
think
the
last
thing
I
heard
they
just
need
3
seconds
and
they
can
create
convinc
ing
sentences
using
your
voice
to
try
to
trick.
You
know
your
bank
or
someone
else,
and
you
know
that's
very,
very
prevalent
or
coming
more
up
now.
Nowadays,.
D
D
We're
we're
an
inperson
uhp
how
we
operate.
I
want
to
turn
back
to
our
private
sector
Partners
here
and
at
this
point,
I
want
to
look
at
to
the
Future
We've.
We
and
Tommy
alluded
to
a
little
bit,
but
AI
generative
AI
chat.
Gpt.
We've
heard
a
lot
about
these
things.
Now,
what's
on
the
horizon,
what
should
we
be
concerned
about
for
cyber
security
in
the
future?
Maybe
May,
1
and
raes.
E
Yeah
there
are
just
so
many
things
we
need
to
be
concerned
about
that's
how
I
got
all
my
white
hair,
so
H.
We
all
know
this.
Ai
brings
a
lots
of
efficiency,
automation,
scalability
same
thing
to
the
hackers,
so
actually
AI
can
help
hackers
dramatically
reduce
the
cost
for
the
fishing
email
for
the
spam
Etc
and
they
can,
as
Tom
mentioned
it,
they
can
do
it
really
fast
and
Target
lots
of
people
and
also
they
can
make
it
more
specific.
E
Now
you
you
saw
the
email
example
say:
oh
I'm,
your
boss
and
I
need
to
send
me
a
gift
card,
but
they
can
actually
use
AI
to
collect
all
your
information
online
and
know
who
your
boss
is
know
his
name
and
know
lots
of
personal
information
about
your
boss
and
about
yourself
and
send
you
a
very
tailored,
targeted
email
and
make
it
even
harder
to
distinguish
and
U.
This
is
kind
of
new.
How
thing
is
deep
fake,
which
is
what
Tommy
mentioned.
E
They
can
not
only
send
you
a
text
message,
send
you
email,
but
they
can
send
you
video,
send
you
voice
that
look
identical
to
the
person
that
you're
familiar
with,
and
how
do
you
identifyy
that
so
there
are
lots
of
challenges,
AI
is
bringing
one
is.
Attackers
can
use
AI
this
amazing
tool
to
attack
us
at
the
on
the
other
side
is
now.
Everybody
is
using
AI
all
companies,
all
products
are
using
AI,
so
AI
is
ubiquitous.
E
But
how
do
you
guarantee
that
the
AI
models-
AI
data
you
using,
are
safe
enough,
even
though
we
we're
yet
to
see
the
massive
attack
against
AI
yet?
But
we
need
to
be
very
well
prepared
because
it's
going
to
come
sooner
or
later
how
we
can
identify
the
vulnerabilities,
how
we
can
make
sure
the
AI
models,
we're
building,
are
robust
and
secure
enough.
F
Yeah
so
as
as
May
said,
g
AI
is,
is
helping
all
of
us
to
improve
our
efficiency
right,
so
we
generally
get
attracted
too
much
to
start
using
it
on
a
day-to-day
basis.
Because
lot
of
automation,
a
lot
of
information,
you
can
get
using
any
of
the
generi
tools,
but
couple
of
things
that
comes
to
my
mind
that
everybody
has
to
be
really
careful,
as
one
is
a
privacy
and
other
one
is
a
security.
So
when
I
say
privacy,
whenever
you're
using
any
jni
tool,
make
sure
you're
not
feeding
in
your
personal
data
right.
F
So
with
think
that,
okay,
it's
helping
me,
let
me
put
in
all
my
details
so
that
it
can
answer.
You
know
on
behalf
of
you
know
the
entire
system,
but
you
are
feeding
the
data
in
your
own
data,
so
be
careful
when
you're
using
any
of
these
tools
that
you
know
what
data
you
really
feeding
in,
because
that
data,
if
it
going
to
be
used
for
the
good
purpose,
it's
okay,
but
as
May
said
there
are
people
who
can
actually
catch
up
on
this
data
and
misuse
it
right
and
when
it
comes
to
security.
F
The
same
security
practice,
I
es
that
you
know
we've
been
talking
about,
are
applicable
for
Gen
applications
as
well,
whether
the
application
that
you're
using
is
secure
enough
right.
Are
they
using
the
encrypted?
You
know,
traffic
or,
or
you
know,
data
transmission
or
not
so
just
take
few
seconds
or
few
minutes
to
look
at
the
authenticity
and
the
security
posture
of
the
tool
that
you're
using
okay.
So
these
are
very
important
when,
when
you,
you
know,
use
a
gen.
D
So,
for
example,
if
you
see
at
Starbucks
that
Batman
is
coming
to
pick
up
their
coffee,
that's
probably
me
coming
through
the
door,
but
I
don't
want
my
name
out
there
as
much
as
possible
for
any
any
source.
So
I'll
turn
back
to
you
both
and
we're
talking
about
a
lot
of
risks
is
and
you're
an
in
in
an
industry
of
technology.
Is
technology
helpful
for
us
at
this
point.
F
So
as
long
as
we
are
really
careful
about,
you
know
how
we
use
the
technology,
then
we
are
okay,
but
just
because
it's
so
attractive
you
go
and
you
know
start
using
it
whatever
the
way
or
whatever
the
fashion
want
to
use
it.
There
are
definitely
Bad
actors
that
always
look
for
an
opportunity
to
you
know,
do
whatever
the
way
to
to
steal
your
information
to
steal
your
money
and
stuff.
D
E
Yeah
definitely
so
they're.
Actually
there,
it
happened
several
times
that
there
were
huge
attacks
against
these
I
devices,
so
there
were
even
people
proposing
solution.
Let's
just
cut
all
these
devices
nobody's
connected
to
anybody,
no
devices
going,
that's
that
will
make
us
most
secure.
But
of
course
we
know
it's
like
after
we
have
the
smartphone
there's
no
way
we're
going
back
to
the
days
without
smartphone,
so
actually
every
year,
Pilato
networks
and
actually
multiple
security.
Vendors
all
do
prediction
about.
Okay,
what's
what's
the
prediction
for
20
23?
What's
the
prediction
for
next
year?
E
Actually
I
can
guarantee
you
every
year
we
can
do
the
same
prediction,
and
always
right
is
that
we're
going
to
see
more
cyber
attacks,
we're
going
to
see
more
incidents
and
we
we
have
the
data.
It's
only
going
up
and
going
up
pretty
fast,
so
I
think
there
couple
things
we
can
do
here.
One
is
just
like
today's
event:
education,
everybody,
eventually
you're
working
with
devices
where
you're
working
with
data
that
everything
is
connected.
Everybody
is
connected,
so
everybody
needs
to
have
some
basic
hygiene
basic
cyber
security
knowledge.
What
are
the
safe
things
to
do?
E
Just
like
wash
your
our
hands,
change,
password,
update
the
software
and
be
careful
about
the
email
text.
Messages
you
receive
and
actually
cyber
security
is,
is
going
to
be
so
ubiquitous.
The
US
government
is
conceiving
a
new
law
that
for
every
company's
board
that,
before
you
need
a
financial
expert,
a
CFO
to
be
on
the
board
in
every
quarter.
You
need
to
report
that
your
status
of
financial
Health,
now
they're,
coming
up
with
new
rule
is
you
need
to
have
a
cyber
security
expert
on
every
board
and
every
quarter.
E
E
Your
main
expertise
and
we
can
take
care
of
the
cyber
security
and,
of
course,
AI,
helps
and
there's
so
many
big
companies
and
small
companies
are
trying
so
we're
going
to
make
the
cyber
security
more
invisible
in
a
sense
so
that
it
takes
care
of
the
cyber
security,
whether
that's
a
device.
Your
cell
phone,
your
laptop
data,
private
information,
Etc
we're
going
to
take
care
of
that
more
automatically
more
intelligently.
D
Absolutely
and
I
I'd
be
a
little
I'm,
a
little
fous.
When
I
ask
you
is
it?
Is
it
worth
it
because
I
do
consider
myself
a
technologist
I
do
use
a
lot
of
these
Technologies,
but
looping
it
back
to
the
Emergency
Management
world.
You
we
talk
about
preparedness
and
being
knowledgeable
about
your
risks
and
Hazards
associated
with
where
you
live,
where
you
work
and
where
you
play
and
the
same
we're
you're
hearing
a
lot
of
the
same
themes
coming
about
about
here
in
cyber
security.
D
So
we
are
getting
close
to
our
time
and
but
I
want
to
I
have
a
few
more
questions
for
our
panel,
but
I
want
to
allow
for
you
and
the
audience
to
prepare
your
questions,
and
while
we
get
ready
with
our
some
of
our
technology
in
the
room
to
help
pass
the
microphone
around,
we
might
actually
need
this.
One
I'
I
want
you
to
consider
what
questions
you'd
like
to
ask
this
esteemed
panel.
D
So
it's
clear
that
the
need
for
cyber
security
education
will
continue
and
in
order
to
be
or
needs
to
continue
U,
but
to
be
more
practical
and
direct
to
our
our
young
people
in
the
room.
Let
me
turn
to
Aaron
and
ask
you
about
social
media.
You
have
teenage
boys.
Social
media
is
a
problem.
I
have
young
children
myself
I'm
concerned
about
the
future.
So
what
can
you?
What
advice?
Can
you
provide
to
our
young
people
about
their
social
media
awareness
in
terms
of
cyers
security?
I?
Think
that.
G
You
know
on
Snapchat
on
what
whatever
you
guys
are
using
and
has
created
over
it.
This
extortion
happens
just
over
hours,
where,
all
of
a
sudden,
you
find
yourself
sending
pictures
that
you
never
thought
you
would
send
anyone,
and
so
I
have
I,
have
funny
rules
for
my
kids
that
I've
been
hammering
on
them
forever
and
the
first
one
is
don't
act
like
don't
act
like
a
crazy
person
around
bees,
because
they
they
don't
really.
G
So
so,
let's
just
talk.
Let
me
let
me
just
give
you
the
the
quick
one
two,
if
you
find
yourself
in
this
situation,
if
someone
you
know
is
in
this
situation,
it's
a
bluff,
they're
not
going
to
send
this
to
all
your
friends,
so
just
block
them,
don't
send
them
any
money
block
them
in
every
in
every
which
way
that
they're
communicating
with
you
and
if
you
have
a
trusted
friend
or
a
trusted
adult,
let
them
know
about
it.
G
But
the
fact
is,
it's
again
one
of
those
things
that,
just
as
people
are
humiliated
and
embarrassed
about
the
pig
butchering
people
are
humiliated
and
embarrassed
about
sex.
Tortion
and
I
was
saying
my
best
friend's
son,
I
I
got
a
call
from
my
best
friend
and
she's
like
I.
Need
you
to
talk
to
Dylan
and
I
was
like?
Oh,
my
god,
oh
shoot!
This
is
okay!
I!
G
J
Passed
so
well.
That
is
definitely
something
that
we
should
be
aware
of.
I
was
wondering,
is
it?
Is
there
any
harm
in
posting,
like
an
innocent
picture
of
your
dog,
or
like
a
picture
of
you
in
like
on
vacation
on
social
media?
Like
is
there
any
risk
in
doing
posting,
something
that
might
be
seemingly
innocent.
G
Well,
I'm,
going
to
I'm
going
to
be
straight
up
with
you:
I
am
a
I'm,
a
big
fan
of
social
media
and
I
post
a
lot
so
I'm
sure
your
mom
is
going
to
have
probably
different
opinion
about
this
than
I
do
but
I
think
with
social
media.
You
need
to
limit
who
has
access
to
that
information?
Keep
your
circle!
Small!
Keep
your
circle!
G
Only
people
who
actually
know
you
probably
turn
off
the
mechanisms
in
your
in
your
camera,
that
that
say
exactly
where
you
are
don't
post,
that
you're
on
a
vacation
while
you're
on
the
vacation.
All
the
obvious
things
like
that,
but
I
I
am
a
fan
of
social
media
and
I.
Think
I
think
there's
a
lot
of
good
pieces
of
social
media
as
well.
D
Well,
I
I
mean
I
would
add
that
it's
just
a
matter
of
knowing
that
risk.
What
what
those
risks
of
what
you're
posting
really
are
the
backgrounds
in
the
photo
that
you're
sending
really
lead
to
some
information
that
people
can
gather
so
no
selfies
in
front
of
your
bank
things
like
that,
probably
not
a
good
idea,
but
your
dog,
you
know
just
a
matter
of
knowing
what
what's
going
on
and
what
the
risk
could
be.
C
E
Yeah,
the
the
there
there
are
reasons
these
I
devices
are
not
encrypted
because
lots
of
them.
If
you
look
at
your
some
of
your
I
devices,
some
of
them
are
very
small.
They
don't
have
enough
computation
Powers,
they
don't
have
enough
networking
capability
Etc
and
we
can
exchange
information
offline
because
that's
the
challenge
about
iot
devices.
E
They
have
we,
we
call
them
5
L,
they
have
large
quantity,
large
variety,
they
are
very,
very
different
and
they
have
long
life
span
in
service
and
they
have
a
large
Risk
Service
and
also
they
lack
of
self-
protection.
So
when
we
talk
about
iot
devices,
it
can
be
all
as
small
as
a
sensor
on
your
bed
to
to
surveillance
camera
to
large
x-ray
machines.
So
it's
there's.
No
one
solution:
you
can
okay
I.
Do
this
I
protect
all
iot
devices
or
I.
E
Do
this
I
can
figure
out
everything
about
all
I
devices?
That's
the
challenging
part
about
protecting
and
figuring
out
to
these
I
devices.
Now
we're
trying
to
work
with
the
device
vendors
so
that
when
these
devices
coming
out
of
the
manufacturing
floor,
they
can
be
more
secure.
Put
in
as
much
of
endpoint
protection
as
much
as
possible,
actually
we're
also
advising
multiple
government
agencies
across
the
world
policy
makers.
E
Even
in
the
US,
the
White
House
is
working
on
the
potential
new
regulation
that
requir
every
single
device
outside
of
manufacturing
have
a
stamp,
have
a
certificate
to
show
how
secure
these
devices
are.
That's
the
excellent
First
Step,
but
we
all
know
that's
not
enough,
because
once
you
have
this
iot
device
deployed
in
real
world,
it
can
be
in
different
environment,
different
people
using
it
different
way
and
every
day
things
change
it
was
Secure
yesterday
doesn't
mean
secure
today
doesn't
mean
secure
tomorrow.
E
K
As
as
a
senior
I'm
having
pretty
fortunate
to
have
been
in
VPN
technology
for
20
year
over
20
years
ago,
starting
doing
that
and
I
have
a
30-year-old
son
who
gives
me
a
weekly
update
on
AI
stuff
and
what
to
be
afraid
of.
But
the
most
vulnerable
group
are
the
seniors.
Your
young
kids
know
everything
and
stay
a
breast,
but
how
do
we
protect
the
most
vulnerable
and
the
seniors
who
have
probably
the
most
assets?
And
how
can
we
get
the
word
and
get
them.
E
Even
yesterday,
I
was
thinking.
We
should
start.
You
know
again.
Kutino
city
is
really
set
setting
up
this
excellent
excellent
model
of
educating
our
residents.
I
was
even
thinking.
We
should
start
some
kind
of
nonprofit
organization
to
help
young
kids
as
well
as
senior
people
they're.
My
dad
used
to
stay
at
a
a
nursing,
home
and
I
saw
lots
of
seniors.
There
really
need
lots
of
help
how
how
I
get
connected
online
and
how
I
can
make
sure
my
laptop
my
computer
is
safe.
E
Is
this
app
I'm
down
downloading
safe
enough
I
think
they
need
not
only
the
from
that
perspective.
Probably
the
the
end.
I
said
automatic
tools
alone
is
not
enough.
We
really
need
lots
of
people
touch,
whether
it's
family,
members,
friends
or
even
young
people
with
lots
of
love
and
care,
can
go
there
and
help
them
G
little
by
little
give
them
some
basic
information.
D
No,
you
know
that
these
hazards
are
coming
because
you're
connected
to
us
at
the
city,
but
we're
asking
you
to
reach
out
to
your
your
older
family
members
and
those
that
might
be
at
more
risk
for
heat
for
cold
for
wind
for
flooding
and
help
share
that
information.
So
the
same
principle
applies
here
with
cyber
security
awareness,
M.
A
So
I
have
a
whole
file
in
my
phone
called
renewal
notices,
I
receed
tons
of
NE
noes
I,
never
even
subscribed,
and
one
of
them
is
from
P
space.
A
p
like
look,
look
like
PayPal
is
that
very
prevalent,
I'm
I
saved
them
I,
don't
clip
on
them.
It
says
you
have
a
transaction
coming
through
it's
$850.
If
you
want
to
verify
it,
click
this
or
call
this
number
is
that
a
very
I
I
re
see
them
almost
every
day.
That's.
H
Very
common:
we
see
very
a
lot
of
variations
with
with
within
the
city,
so
it
could
be
from
that
it
could
be
like
oh
Best
Buy.
Your
warranty
is
coming
out
for
your
t,
TV
or
for
your
refrigerator,
but
you
maybe
never
bought
a
refrigerator
from
them
right.
So
there's
a
lot
of
these
scams
going
on
so
a
lot
of
times.
People
forget,
oh,
who
did
I
buy
this
from.
Maybe
it
is
legit
right,
but
you
have
to
kind
of
think
about
be
careful,
there's,
so
many
scams
pretending
to
be
from
I've.
H
Seen,
like
you
know,
from
different
companies,
selling
services
or
renewals
coming
up
your
warranty's
expired.
You
want
to
renew
so
a
lot
of
times
again
going
back
to
what
we
talked
about
before,
if
you're
ever
in
doubt
go
back
to
the
source.
You
know
log
into
your
account
to
actual
website
call
the
the
the
official
number
don't
use
any.
H
You
know
whatever
information
that
you
see
in
the
email
or
notice,
like
don't
contact
with
them
through
that
method,
but
that's
a
very
common
common
scan
that
we
see
where
you
know
they
try
to.
You
know
prey
on
people's
forgetfulness,
like
oh
did
I
get
that
like
years
ago,
or
maybe
I
do
have
this
service,
but
I
forgot
about
it.
H
So
it's
just
very
important
to
keep
keep
a
good
records
and
be
diligent
on
what
you
know
what
you
have
and
just
be
very,
very
mindful
of
who
and
again
the
lot
of
times
these
emails
you'll
see,
there's
misspellings,
there's
the
common
signs
right,
there's,
it
might
be
spelled
like
you
mentioned,
PayPal
might
be,
have
slightly
different
character
or
there's
like
weird.
You
know
graphical
issues,
some
some
images
don't
load
there.
A
lot
of
tell
tell
signs
that
this
is
just
not
a
real
email
from
the
actual
company.
E
When
you,
when
you
receive
something
U,
keep
two
things
in
mind,
the
first
one
is
is:
if
this
either
email
message
or
text
message
asks
you
to
connect
click,
something
or
ask
you
provide
any
information,
be
from
people.
You
don't
know,
be
super
careful
about
that,
and
second
use
your
common
sense.
If
something
sound
too
good
to
be
true,
there's
no
free
lunch
yeah,
it's
suspicious
yeah.
I
Right
here
on
the
stage,
I
would
love
to
take
this
out
of
this
room
to
the
public,
create
that
awareness
generation
that
is
needed
around
this.
How
is
it
that
we
could
come
together
and
create
awareness,
public
level,
a
awareness,
Mass
awareness
around
what
you
guys
are
saying
is
there
a
way
to
you
know
push
this
forward
from
where
it
is
at
right
now.
G
I
loved
what
Dr
way
was
saying
earlier
is
that
I
I
think
there
is
a
gap
here
and
a
real
opportunity
to
to
educate
and
to
bring
private
and
public
together
when
I
talk
about
Pig
butchering
I'm
I
usually
talk
about
it
in
this,
isn't
a
law
enforcement
problem.
This
is
isn't
a
social
media
problem.
This
isn't
a
cryptocurrency
problem
like
this
is.
This
is
the
time
where
I
I,
I,
think
of
pig
butchering
a
lot
but
I.
Think
of
all
of
these
threats
as
well
is
that
we
need
to.
G
We
need
to
unite,
and
it's
not
the
time
for
for
Egos
and
for
government
versus
private
or
all
of
it.
It's
like
you
know,
Listen
to
listen
to
these
experts
in
what
they're
doing
and
what
they
have
to
say,
and
then
we
bring
a
different
expertise
and
I
just
think.
There's
so
much
opportunity
here
for
collaboration,
and
it
reminds
me
of
what
what
our
friend
in
the
back
was
saying
about.
Our
seniors
is
that
I
think
what
what
they
really
need
is
community.
They
need
people
checking
in
on
them.
D
L
Yeah,
so
I
had
a
doubt
on
how
people
even
get
our
information
in
the
first
place.
So
how
do?
How
are
they
able
to
like
contact
us
and
then
understand,
like
our
demographics,
so
age
cuz
me
specifically
I've,
not
gotten
like?
Oh,
you
spent
$850
on
something.
This
is
a
it's.
Those
are
not
the
scams
which
I
get
it's
more
of
like
hey
my
name's
Nancy.
We
should
hang
out
or
something-
and
it's
like
how
are
they
able
to
figure
that
out?
How
can
we
like
prevent
them
from
getting
this
information?
G
I'm,
what
I'm
saying
is:
that's
totally
random
if
everybody
in
this
room's
gotten
it
they're
just
going
digit
by
digit
by
digit
and
sending
out
these
mass
texts.
So
so
a
couple
of
things,
one
they're
guessing
they're,
they're
guessing
and
what's
weird-
is
that
somehow
they're
able
to
guess
right
between
men
and
women
and
I,
don't
even
know
how
they're
doing
that.
G
But
the
other
thing
I
would
tell
you
is
that
we
should
assume
that
anything
we
ever
put
in
that
we
enter
digitally
anywhere
is
going
to
get
compromised
because
every
single
day
we
hear
about
like
oh
Herz,
rental
car
was
compromised
or
oh
I'm.
Thinking
like
Macy's
I,
don't
even
know
if
Macy's
is
the
thing
anymore,
but
but
basically
like
whatever
it
is.
G
Is
that
we
use
those
databases
are
all
getting
compromised
and
they
are
all
for
sale
on
the
dark
web
and
so
I
used
to
for
a
long
time,
I
had
like
a
consistent,
password
and
I
need
to
assume
that
that
password
is
everywhere,
and
so,
if
I've
used
it
on
one
thing
it
it's
notable.
So,
whatever
you
ever
put
online,
you
should
assume
that
someone
is
going
to
have
access
to
it.
H
Yeah
I
want
to
add
on
that
a
lot
of
that
information
does
get
out
in
the
public
and
if
you
ever,
you
know,
search
yourself
right
on
Google
a
search
engine
you'll
be
surprised
how
much
information
you
can
find
a
lot
of
times.
You
can
find
your
full
name,
the
names
of
all
your
family
members.
What
at
what
house
or
address
you
live
at
your
age?
Sometimes
your
email
address.
H
H
Would
you
know,
recommend
you
actually
search
yourself
see
what's
out
there
see
where
the
sources
coming
from,
if
there's
a
way
to
remove
that,
if
possible,
sometimes
it's
not
always
possible,
but
at
least
being
aware
what's
out
there
and
that
you
can
kind
of
get
an
idea
like
again
to
your
question:
how
are
they
finding
out
information
about
me?
You
know
cuz
the
names
and
phone
numbers.
A
lot
of
that
is
tied
together,
your
cell
phone,
your
home
phone
number.
H
If
you
have
one
that's
you
know
it's
a
lot
of
public
databases
out
there
that
are
out
there,
so
I
would
recommend.
Definitely
check
that
out.
You
I
think
you'd
be
surprised
like
I.
Technically,
look
up,
you
know
my
my
you
know
panel
here,
I
had
not
her
names.
If
I
kind
of
idea
where
to
live,
I
can
find
a
whole
bunch
of
information
all
available
free
online.
H
M
So,
first
of
all
us
as
young
students
interested
in
this
field,
we
are
so
honored
to
be
able
to
communicate
with
such
a
distinguished
panel.
So
my
question
was
for
prosecutor
West.
We
heard
stories
about
you,
know
27
year
olds,
30y
olds
falling
for
these
scams
and
you
know
cyber
attacks.
So
we
were
wondering
what
does
the
general
demographic
for
these
victims
look
like
and
is
there
a
sort
of
you
know
weight
in
a
certain
age,
group
or
ethnic
group,
or
you
know
of
that
sort.
G
That's
a
really
good
question
and
in
fact
reporters
are
always
asking
me
that,
because
they
want
to
be
able
to
figure
out
how
to
Market
these
stories.
But
what's
really
strange
about
Pig
butchering
is
just
as
you've
all
been
contacted,
you're
all
potential
victims,
so
I
think
a
lot
of
times.
A
reporter
would
love
to
make
this
a
senior
story
that
this
is
mainly
seniors.
It's
happening
to,
but
it's
not
it's!
It's
Millennials!
G
It's
young
people
I
was
contacted
by
a
friend
who's
whose
adult
son
who's,
like
you,
know,
22
lost,
$10,000
and
then
got
his
friends
involved
who
lost
50,000
so
like
they
will
take
all
comers
anybody
with
a
dollar
they're
here
for
it
and
and
it's
both
genders-
it's
it's
Millennials
to
seniors.
But
what
I
will
say
is
it's
predominantly
40s
and
50s?
It's
predominantly
really
bright.
G
D
D
Today
and
before
we
formally
conclude
this
panel
session,
I
do
want
to
also
take
the
opportunity
to
thank
our,
of
course,
our
copertino
city
council,
mayor
way,
council
member
Moore
here
in
attendance,
our
technology,
information
and
Communications
Commission
than
thank
you
very
much
for
sponsoring
this
event
and
our
city
staff,
who
put
all
of
this
on
in
order
to
host
this
first.
Cyber
security,
public
education
event
for.
D
2023,
but
most
importantly,
I
want
to
thank
all
of
you,
both
here
in
the
room
and
online.
Thank
you
for
attending.
Thank
you
for
beginning
our
journey
on
this
public
education
experience.
This
will
conclude
this
panel
session.
We
will
have
about
10
minutes
before
we
move
into
our
second
phase
of
this
event,
where
we
will
look
to
our
young
people
to
help
educate
us.
So
thank
you
once
again
on
behalf
of
the
city
of
copertino.
Thank
you
for
joining
the
cyber
security
public
UC.