Self-Driving Cars Today, Robot Coworkers Tomorrow?

1 00:00:00,400 - > 00:00:03,120 Matt Lovell: I don't think it's seven years before most 2 00:00:03,120 - > 00:00:06,160 surgeries are performed, routine surgeries are performed 3 00:00:06,160 - > 00:00:06,639 robotically. 4 00:00:06,959 - > 00:00:09,679 Sinéad Hammond: What does that mean for businesses that 5 00:00:09,679 - > 00:00:13,039 robotics are becoming a much more important part of the 6 00:00:13,039 - > 00:00:13,519 conversation? 7 00:00:13,839 - > 00:00:17,039 Matt Lovell: We cannot afford, as a global entity, as a human 8 00:00:17,039 - > 00:00:20,640 society, to lose CISA or an equivalent capability. 9 00:00:23,839 - > 00:00:26,320 Sinéad Hammond: Welcome back to the AI for Business podcast. 10 00:00:26,320 - > 00:00:29,359 Last time we touched on the widespread adoption of AI 11 00:00:29,359 - > 00:00:32,320 technologies, the increasing investment in AI, and the impact 12 00:00:32,320 - > 00:00:36,079 of safety with data centers, which process AI, springing up 13 00:00:36,079 - > 00:00:38,079 globally and even into space. 14 00:00:38,079 - > 00:00:40,799 That momentum is now pushing into something even more 15 00:00:40,799 - > 00:00:44,159 tangible and kind of sci-fi, which is robots. 16 00:00:44,159 - > 00:00:48,000 And this is moving closer every day to businesses and 17 00:00:48,000 - > 00:00:49,039 operational environments. 18 00:00:49,039 - > 00:00:52,079 So we're going to talk a bit more about how that works. 19 00:00:52,079 - > 00:00:55,679 And as AI spreads more quickly into organizations, it brings 20 00:00:55,679 - > 00:00:56,960 through new responsibilities. 21 00:00:56,960 - > 00:00:59,840 Later in the episode, I'll be asking Matt about some important 22 00:00:59,840 - > 00:01:03,920 recent developments from the CISA, the Cybersecurity and 23 00:01:03,920 - > 00:01:07,519 Infrastructure Security Agency, and what they signal about the 24 00:01:07,519 - > 00:01:10,079 risks leaders need to manage alongside innovation. 25 00:01:10,079 - > 00:01:14,239 I'm joined once again by Mart Rotherham, CTO at BCN, and Matt 26 00:01:14,239 - > 00:01:16,239 Lovell, CEO of CloudGuard. 27 00:01:16,239 - > 00:01:17,439 How are you both doing today? 28 00:01:17,920 - > 00:01:18,640 Matt Lovell: V ery well, thank you. 29 00:01:18,640 - > 00:01:19,840 All good, Sinéad. 30 00:01:20,239 - > 00:01:22,079 Sinéad Hammond: Let's start where we left off last time with 31 00:01:22,079 - > 00:01:23,760 a discussion around robotics. 32 00:01:23,760 - > 00:01:27,439 So when you talk about healthcare, I listen to someone 33 00:01:27,439 - > 00:01:30,000 saying that, you know, if you're training to be a doctor in 34 00:01:30,000 - > 00:01:32,159 seven years' time, the training will have to be completely 35 00:01:32,159 - > 00:01:34,799 different because by the time you finish your training, there 36 00:01:34,799 - > 00:01:39,439 will already be robots and different types of AI being able 37 00:01:39,439 - > 00:01:42,799 to kind of replace that learning a bit in that 38 00:01:42,799 - > 00:01:45,120 seven-year period because it takes so long to train to be a 39 00:01:45,120 - > 00:01:45,519 doctor. 40 00:01:45,519 - > 00:01:49,280 Robot sounds very sci-fi and a little bit like, you know, 41 00:01:49,280 - > 00:01:50,079 Hollywood. 42 00:01:50,079 - > 00:01:53,439 Should people, should businesses, should C-suite be 43 00:01:53,439 - > 00:01:54,959 taking note of this? 44 00:01:54,959 - > 00:01:56,000 Should they be listening? 45 00:01:56,000 - > 00:01:58,560 And even if they're not going to be like wandering round 46 00:01:58,560 - > 00:02:03,280 offices tomorrow, what does that mean for businesses that 47 00:02:03,280 - > 00:02:06,879 robotics are becoming a much more important part of the 48 00:02:06,879 - > 00:02:07,760 conversation? 49 00:02:08,400 - > 00:02:12,479 Mark Rotheram: I think it it's good to think about it from a an 50 00:02:12,479 - > 00:02:15,039 almost work displacement perspective. 51 00:02:15,039 - > 00:02:20,639 So we're seeing work displacement and the abstraction 52 00:02:20,639 - > 00:02:21,599 layers move up. 53 00:02:21,599 - > 00:02:25,599 So if we use you know, we talked a little bit about 54 00:02:25,599 - > 00:02:29,039 software development previously, but we still need really good, 55 00:02:29,039 - > 00:02:32,719 solid people that understand what software is and how to 56 00:02:32,719 - > 00:02:33,439 develop it. 57 00:02:33,439 - > 00:02:37,840 But they're being levelled up from writing a specific line of 58 00:02:37,840 - > 00:02:40,719 code to writing and validating a really good spec. 59 00:02:40,719 - > 00:02:44,960 I think what we'll see is the robotic kind of capabilities 60 00:02:44,960 - > 00:02:46,560 come through, similar things. 61 00:02:46,560 - > 00:02:50,639 The things that people do today that they may like or may not 62 00:02:50,639 - > 00:02:52,879 like will start to get abstracted from. 63 00:02:52,879 - > 00:02:57,120 In the the kind of virtual world, the software world that 64 00:02:57,120 - > 00:03:01,599 we spend a lot of time in, the concept is you're no longer a 65 00:03:01,599 - > 00:03:05,120 sole contributor, you're a manager, but you're managing an 66 00:03:05,120 - > 00:03:06,560 agentic workforce. 67 00:03:06,560 - > 00:03:10,879 And I think you can draw a lot of parallels with what's 68 00:03:10,879 - > 00:03:15,039 happening with AI and robotics, you're going to be able to think 69 00:03:15,039 - > 00:03:19,039 about managing that robotic workforce in a similar way. 70 00:03:19,039 - > 00:03:24,400 So it will take longer to come because physical takes longer 71 00:03:24,400 - > 00:03:29,120 from a robot wandering around your office or your factory or 72 00:03:29,120 - > 00:03:30,879 whatever it is that you're thinking there. 73 00:03:30,879 - > 00:03:35,840 But what we will see between now and the humanoid robots is 74 00:03:35,840 - > 00:03:38,319 much more autonomy in things. 75 00:03:38,319 - > 00:03:40,879 So that the first wave of things that we will all 76 00:03:40,879 - > 00:03:41,919 experience is the car. 77 00:03:41,919 - > 00:03:46,960 You know, we saw the latest version of FSD from Tesla 78 00:03:46,960 - > 00:03:50,400 launch, which again is another shift in capability to 79 00:03:50,400 - > 00:03:51,360 self-driving. 80 00:03:51,360 - > 00:03:57,199 Uber, Nvidia, and a whole swath of people are spending millions 81 00:03:57,199 - > 00:04:00,319 on self-driving in that domain. 82 00:04:00,319 - > 00:04:06,080 I think what we'll see is point AI robotic solutions start to 83 00:04:06,080 - > 00:04:09,919 saturate, like driving and eventually, you know, surgery, 84 00:04:09,919 - > 00:04:10,879 things like that. 85 00:04:10,879 - > 00:04:15,599 Before we get to the general use robots wandering around and 86 00:04:15,599 - > 00:04:16,319 doing things. 87 00:04:16,319 - > 00:04:19,839 It's kind of what we've seen with AI in the software land. 88 00:04:19,839 - > 00:04:22,480 You know, it's starting with certain domains and it's slowly 89 00:04:22,480 - > 00:04:24,160 encroaching out everywhere else. 90 00:04:24,160 - > 00:04:26,480 That's the kind of way that I see it coming. 91 00:04:26,480 - > 00:04:31,600 So from a general business perspective, keep an eye on 92 00:04:31,600 - > 00:04:34,399 what's happening in the software world and in the the the 93 00:04:34,399 - > 00:04:37,279 virtual world and what's what's been happening over the last 94 00:04:37,279 - > 00:04:40,319 three years there, and then think about the next three years 95 00:04:40,319 - > 00:04:43,040 of how that's going to start to come through from a the 96 00:04:43,040 - > 00:04:44,079 physical world. 97 00:04:44,399 - > 00:04:45,279 Sinéad Hammond: Absolutely. 98 00:04:45,279 - > 00:04:47,120 Matt, what are your thoughts on? 99 00:04:47,120 - > 00:04:49,120 Do you have any thoughts on robots? 100 00:04:49,120 - > 00:04:54,639 And I'm also interested in kind of I mean the security 101 00:04:54,639 - > 00:04:58,800 concerns, I guess, and again governance and why that's still 102 00:04:58,800 - > 00:04:59,439 really important. 103 00:04:59,439 - > 00:05:03,680 And I guess kind of not just generating more and more and 104 00:05:03,680 - > 00:05:04,800 making it bigger and bigger. 105 00:05:04,800 - > 00:05:07,360 Like we still need to think about these guardrails, I would 106 00:05:07,360 - > 00:05:10,240 say, but what what's your what's your kind of opinion, I 107 00:05:10,240 - > 00:05:11,040 suppose, on this? 108 00:05:11,040 - > 00:05:14,480 Uh many and varied, in a sense that you can take robotics and 109 00:05:14,480 - > 00:05:18,480 you can look at the immediate application where we've got 110 00:05:18,480 - > 00:05:22,079 driverless vehicles, where we've got warehouse technology where 111 00:05:22,079 - > 00:05:25,759 there's no humans anymore, and and that's rapidly accelerating. 112 00:05:25,759 - > 00:05:28,240 If you take, if I've sort of ground myself back into 113 00:05:28,240 - > 00:05:32,399 healthcare where you started, I don't think it's seven years 114 00:05:32,399 - > 00:05:36,000 before most surgeries are performed, routine surgeries are 115 00:05:36,000 - > 00:05:37,199 performed robotically. 116 00:05:37,199 - > 00:05:39,360 And I think that's a really good thing, by the way, right? 117 00:05:39,360 - > 00:05:42,160 And I caveat that statement fundamentally, and there's 118 00:05:42,160 - > 00:05:44,319 always, always got to be human governance. 119 00:05:44,319 - > 00:05:48,000 And you know, you see that in the mass acceleration, and I've 120 00:05:48,000 - > 00:05:50,720 seen this in one of my other businesses in in medical 121 00:05:50,720 - > 00:05:55,279 analytics, where we move from a diagnosis in skin cancer to 122 00:05:55,279 - > 00:05:57,199 treatment within 90 seconds, right? 123 00:05:57,199 - > 00:06:00,079 And that massively accelerates survival rates for people with 124 00:06:00,079 - > 00:06:01,920 melanoma as an example. 125 00:06:01,920 - > 00:06:06,480 If you take the problems in our own health system, where are 126 00:06:06,480 - > 00:06:07,199 the pinch points? 127 00:06:07,199 - > 00:06:08,240 Where are the key problems? 128 00:06:08,240 - > 00:06:09,680 What are the priorities to solve? 129 00:06:09,680 - > 00:06:15,120 You look at AE and GP triage and diagnosis, initial 130 00:06:15,120 - > 00:06:19,279 diagnosis, how can we use robotics in those forums and 131 00:06:19,279 - > 00:06:22,079 particularly remotely as well, where patients either have to 132 00:06:22,079 - > 00:06:25,279 travel in and therefore we could alleviate that pressure point. 133 00:06:25,279 - > 00:06:28,560 And also, you know, from a GP point of view, those sort of 134 00:06:28,560 - > 00:06:32,959 peak activities where we can use robotics to alleviate those 135 00:06:32,959 - > 00:06:36,480 pressure points and release GP capacity for those elements that 136 00:06:36,480 - > 00:06:37,360 are human only. 137 00:06:37,360 - > 00:06:40,639 And the same for accident and emergency, and the same for 138 00:06:40,639 - > 00:06:45,199 other war duties where we can use and leverage robotics to you 139 00:06:45,199 - > 00:06:48,240 know understand and relieve key pressure points in resource 140 00:06:48,240 - > 00:06:50,800 because it is resource fundamentally in the expertise 141 00:06:50,800 - > 00:06:52,240 that we need to be thinking about. 142 00:06:52,240 - > 00:06:54,639 We've got to be training the surgeons for the future. 143 00:06:54,639 - > 00:06:57,279 How can robotics help us accelerate? 144 00:06:57,279 - > 00:07:01,199 You know, when if you look in the NHS, actually the one of the 145 00:07:01,199 - > 00:07:05,439 battlenecks of many, despite how brilliant it is, is actually 146 00:07:05,439 - > 00:07:08,639 taking doctors through that experience curve faster. 147 00:07:08,639 - > 00:07:12,240 So we've got more specialists in more areas, you know, whether 148 00:07:12,240 - > 00:07:14,800 that's physical or mental or a combination. 149 00:07:14,800 - > 00:07:18,480 So it's is looking at how robotics can help us move there. 150 00:07:18,480 - > 00:07:24,399 Can will we as a human entrust our soul conversation to an AI 151 00:07:24,399 - > 00:07:25,839 agentic process? 152 00:07:25,839 - > 00:07:27,600 It's going to vary, right? 153 00:07:27,600 - > 00:07:30,160 And it's going to it's going to take time for people to build 154 00:07:30,160 - > 00:07:31,120 trust and confidence. 155 00:07:31,120 - > 00:07:35,519 If I talk to somebody of my mother's generation, their only 156 00:07:35,519 - > 00:07:39,120 conception is that of a physical robot, and you know, they're 157 00:07:39,120 - > 00:07:42,560 seeing robots running marathons and various other sort of news 158 00:07:42,560 - > 00:07:44,959 headlines, and they're going, Well, they're almost there in 159 00:07:44,959 - > 00:07:46,319 physical capability. 160 00:07:46,319 - > 00:07:47,920 You're absolutely right. 161 00:07:47,920 - > 00:07:52,720 But can they perform autonomous tasks that that involve 162 00:07:52,720 - > 00:07:55,839 cognitive reasoning and some of the other capabilities that we 163 00:07:55,839 - > 00:07:56,000 need? 164 00:07:56,000 - > 00:07:59,360 Can they make those split-second decisions that are 165 00:07:59,360 - > 00:08:02,160 based on other people's judgment and make them correctly? 166 00:08:02,160 - > 00:08:04,480 You know, you've only got to drive on the motorway, you know, 167 00:08:04,480 - > 00:08:09,279 in bad weather to understand how difficult a autonomous 168 00:08:09,279 - > 00:08:13,279 system would find it, you know, if suddenly another vehicle had 169 00:08:13,279 - > 00:08:15,600 an issue in front of you and you've got to take evasive 170 00:08:15,600 - > 00:08:15,839 action. 171 00:08:15,839 - > 00:08:20,319 Humans have such an advanced capability in respect of 172 00:08:20,319 - > 00:08:21,199 responding to those. 173 00:08:21,199 - > 00:08:25,600 And it's just understanding how we put additional guardrails in 174 00:08:25,600 - > 00:08:29,120 place to accelerate specific targeted robotic use and build 175 00:08:29,120 - > 00:08:30,480 trust and confidence from there. 176 00:08:30,720 - > 00:08:33,039 Sinéad Hammond: Yeah, there's that big question about whether 177 00:08:33,039 - > 00:08:37,360 AI will or should or will ever be able to make those ethical 178 00:08:37,360 - > 00:08:37,919 decisions. 179 00:08:37,919 - > 00:08:40,480 And I think that's part of what you're saying there as well. 180 00:08:40,480 - > 00:08:43,919 And that kind of, and we talked about judgment in the past, but 181 00:08:43,919 - > 00:08:47,440 those judgment decisions that have kind of consequences. 182 00:08:47,440 - > 00:08:51,120 That I I actually had a chat with my AI last night to find 183 00:08:51,120 - > 00:08:52,399 out how close it was to that. 184 00:08:52,399 - > 00:08:56,559 And I think the the premise is that in it will always be a tool 185 00:08:56,559 - > 00:09:00,960 to assist as opposed to a tool to make those kind of bigger 186 00:09:00,960 - > 00:09:05,039 moral ethical decisions that humans then stay in the loop to 187 00:09:05,039 - > 00:09:05,360 do that. 188 00:09:05,360 - > 00:09:08,399 And we've spoken about that a lot recently. 189 00:09:08,399 - > 00:09:13,360 So, Matt, I know that you mentioned uh the CISA, and for 190 00:09:13,360 - > 00:09:17,679 people who aren't listening, who are you know not in security 191 00:09:17,679 - > 00:09:21,279 and listening to these sorts of updates day to day, in plain 192 00:09:21,279 - > 00:09:23,840 English, kind of what is happening at the moment, what 193 00:09:23,840 - > 00:09:24,799 does that mean? 194 00:09:24,799 - > 00:09:27,679 Something that's happening out in America, what does that mean 195 00:09:27,679 - > 00:09:28,159 for us? 196 00:09:28,159 - > 00:09:32,000 And then what does that kind of mean for a business on a 197 00:09:32,000 - > 00:09:37,120 business level and how we adopt and approach our use of AI? 198 00:09:37,600 - > 00:09:38,639 Matt Lovell: Great question. 199 00:09:38,639 - > 00:09:42,639 And I will try to break down this because it is quite a large 200 00:09:42,639 - > 00:09:45,759 topic for the audience, and I'm going to assume a relatively 201 00:09:45,759 - > 00:09:49,360 low understanding and bear with me while I try to build the 202 00:09:49,360 - > 00:09:51,120 different blocks that tell you the story. 203 00:09:51,200 - > 00:09:54,000 Sinéad Hammond: So convince me I'll be your level, buffer. 204 00:09:55,600 - > 00:09:58,799 Matt Lovell: Okay, so the US Cybersecurity and Infrastructure 205 00:09:58,799 - > 00:10:03,919 Security Agency, or CESA, as it's easier to say, has and is 206 00:10:03,919 - > 00:10:07,679 an absolutely mission-critical organization for all of us, 207 00:10:07,679 - > 00:10:08,960 every single one of us. 208 00:10:08,960 - > 00:10:12,559 Let me explain to you and obviously to you, Sinead, and 209 00:10:12,559 - > 00:10:13,519 try to convince you. 210 00:10:13,519 - > 00:10:17,679 So, like with a lot of things globally, we need to have a 211 00:10:17,679 - > 00:10:21,919 standard that defines a security vulnerability. 212 00:10:21,919 - > 00:10:25,919 Okay, so we call that the common vulnerabilities and 213 00:10:25,919 - > 00:10:28,240 exposures or CVEs for short. 214 00:10:28,240 - > 00:10:33,360 So when a vulnerability is identified anywhere in software, 215 00:10:33,360 - > 00:10:37,360 in an API, in an interface, in an application, in a bit of 216 00:10:37,360 - > 00:10:42,480 code, if it is known or unknown, then it is classified, it has a 217 00:10:42,480 - > 00:10:46,320 severity rating, and it's documented in a standard 218 00:10:46,320 - > 00:10:47,279 reference system. 219 00:10:47,279 - > 00:10:50,639 Okay, and then that can be shared with everybody very 220 00:10:50,639 - > 00:10:54,080 quickly in terms of understanding this unique 221 00:10:54,080 - > 00:10:58,159 identifier and vulnerability and the properties associated with 222 00:10:58,159 - > 00:10:58,320 it. 223 00:10:58,320 - > 00:11:02,720 So the general annotation is you have a CVE, you have the 224 00:11:02,720 - > 00:11:06,559 year that it's been identified, and then it has a reference 225 00:11:06,559 - > 00:11:09,120 number, usually five digits, etc. 226 00:11:09,120 - > 00:11:13,440 So you would have, for example, OpenClaw, you know, a very 227 00:11:13,440 - > 00:11:14,159 recent product. 228 00:11:14,159 - > 00:11:17,759 It has a CVE in 2026, you know, because it's just been 229 00:11:17,759 - > 00:11:18,320 identified. 230 00:11:18,320 - > 00:11:21,519 It relates to a WebSocket hijacking vulnerability. 231 00:11:21,519 - > 00:11:24,639 So it's, you know, it's behaving under the user context, 232 00:11:24,639 - > 00:11:27,679 and that can be hijacked, and they can actually siphon or 233 00:11:27,679 - > 00:11:29,120 exfiltrate data from that. 234 00:11:29,120 - > 00:11:32,240 So it's a pretty severe vulnerability. 235 00:11:32,240 - > 00:11:37,279 And the vulnerability database itself is therefore mission 236 00:11:37,279 - > 00:11:38,480 critical to us all. 237 00:11:38,480 - > 00:11:42,879 And the US has formed a very big part of this with the MITA 238 00:11:42,879 - > 00:11:43,360 organization. 239 00:11:43,360 - > 00:11:46,240 People have heard of the MITRE attack framework, it's the same 240 00:11:46,240 - > 00:11:47,200 organization. 241 00:11:47,200 - > 00:11:50,879 And CESA and the MITA organization work together to 242 00:11:50,879 - > 00:11:55,279 put this database and make that publicly available for people. 243 00:11:55,279 - > 00:11:59,759 But it's predominantly funded by MITA and CESA, which is 244 00:11:59,759 - > 00:12:01,919 funded itself by the US government. 245 00:12:01,919 - > 00:12:05,919 Now, that funding was questioned over 12 months ago. 246 00:12:05,919 - > 00:12:08,799 It has been renewed for 12 months, but the funding is 247 00:12:08,799 - > 00:12:09,919 declining, right? 248 00:12:09,919 - > 00:12:13,919 And we are all, all of us, every single individual 249 00:12:13,919 - > 00:12:17,039 employee, business, you know, and people using devices in 250 00:12:17,039 - > 00:12:19,279 their own homes suffer from TVEs, right? 251 00:12:19,279 - > 00:12:22,879 We are all dependent on those being known to people publicly. 252 00:12:22,879 - > 00:12:25,440 Now, the US is saying everyone should contribute to that. 253 00:12:25,440 - > 00:12:27,039 And I agree with that principle, right? 254 00:12:27,039 - > 00:12:29,759 We are all reliant, we're all dependent, we're all benefiting 255 00:12:29,759 - > 00:12:31,840 from the service that CESA provides. 256 00:12:31,840 - > 00:12:36,480 CESA as an organization has lost some amazing talent, 257 00:12:36,480 - > 00:12:37,519 particularly recently. 258 00:12:37,519 - > 00:12:40,639 We've got people in there, absolute heroes, working for no 259 00:12:40,639 - > 00:12:42,480 salary at this moment in time. 260 00:12:42,480 - > 00:12:47,679 And therefore, the long-term benefit that we all derive from 261 00:12:47,679 - > 00:12:48,720 that is in question. 262 00:12:48,720 - > 00:12:52,480 And we cannot afford, as a global entity, as a human 263 00:12:52,480 - > 00:12:56,000 society, to lose CSRO and equivalent capability. 264 00:12:56,000 - > 00:12:59,679 One, because it's super trusted by people that find these 265 00:12:59,679 - > 00:13:01,600 vulnerabilities and tell us all about them. 266 00:13:01,600 - > 00:13:05,519 And two, this database is used by pretty much universally every 267 00:13:05,519 - > 00:13:09,039 vulnerability service that I know of to tell us what's going 268 00:13:09,039 - > 00:13:09,200 on. 269 00:13:09,200 - > 00:13:13,440 So the national vulnerability database, or the MVD for short, 270 00:13:13,440 - > 00:13:15,039 is where all of this ends up. 271 00:13:15,039 - > 00:13:18,240 And it isn't just about here are the vulnerabilities, it's 272 00:13:18,240 - > 00:13:21,519 about this is how severe, this is where it was most recently 273 00:13:21,519 - > 00:13:24,799 exploited, it's full classification, loads of 274 00:13:24,799 - > 00:13:28,080 references on how to patch and remediate it from the vendors 275 00:13:28,080 - > 00:13:31,440 themselves, and exploit vulnerability indicators. 276 00:13:31,440 - > 00:13:34,080 Why is that the most critical piece of information? 277 00:13:34,080 - > 00:13:35,679 I hear you ask, Sinead. 278 00:13:35,679 - > 00:13:40,159 And the simple answer is that attackers are using generative 279 00:13:40,159 - > 00:13:43,039 AI to identify vulnerabilities super fast. 280 00:13:43,039 - > 00:13:46,240 And therefore they can exploit those so much quicker. 281 00:13:46,240 - > 00:13:49,279 And if we haven't updated, if we haven't patched, if we're not 282 00:13:49,279 - > 00:13:53,360 even aware that vulnerability is a problem for us, it can be 283 00:13:53,360 - > 00:13:56,320 exploited without our knowledge and without any form of 284 00:13:56,320 - > 00:13:56,960 detection. 285 00:13:56,960 - > 00:13:59,600 And it could be a living off-the-land attack or it could 286 00:13:59,600 - > 00:14:02,399 be some other data exfiltration that takes place, and that's 287 00:14:02,399 - > 00:14:04,000 super bad for any of us. 288 00:14:04,000 - > 00:14:06,240 That's why this is so critical. 289 00:14:06,240 - > 00:14:09,600 If we don't all get behind this, if we don't all support 290 00:14:09,600 - > 00:14:12,720 CESA, if we don't contribute, you know, if we're using this 291 00:14:12,720 - > 00:14:16,240 insight and innovation, then CESA is in question. 292 00:14:16,240 - > 00:14:19,519 And the loss of CESA and the trust of that will be really 293 00:14:19,519 - > 00:14:20,559 difficult to replace. 294 00:14:20,559 - > 00:14:22,639 That's why that headline is so important. 295 00:14:22,639 - > 00:14:24,240 Hopefully, I've convinced you. 296 00:14:24,240 - > 00:14:24,639 Tell me. 297 00:14:25,120 - > 00:14:27,679 Sinéad Hammond: Yeah, I think my understanding is that you know 298 00:14:27,679 - > 00:14:32,240 all the systems that we rely on and we keep uh to keep us safe 299 00:14:32,240 - > 00:14:38,000 and secure without that kind of body there is going to put those 300 00:14:38,000 - > 00:14:40,000 security checks, I guess, at risk. 301 00:14:40,000 - > 00:14:44,639 Is from the most the most basic way I can explain what I think 302 00:14:44,639 - > 00:14:45,600 I understand from that. 303 00:14:45,600 - > 00:14:48,480 And I think then from a business decision level or from 304 00:14:48,480 - > 00:14:52,639 a business owner level, are there any things that we need to 305 00:14:52,639 - > 00:14:56,559 consider or think about based on the fact that maybe this is, 306 00:14:56,559 - > 00:14:58,960 I mean, you're saying we need to contribute more, but is there 307 00:14:58,960 - > 00:15:00,639 things that we need to think again about? 308 00:15:00,639 - > 00:15:04,639 You know, is it we need to be better at risk mapping or we 309 00:15:04,639 - > 00:15:07,440 need to make sure we're keeping our patching up to date, or all 310 00:15:07,440 - > 00:15:08,320 of those different types of things? 311 00:15:08,320 - > 00:15:11,360 Like what would you make as a essay as would be the key bit of 312 00:15:11,360 - > 00:15:11,919 advice for that? 313 00:15:12,240 - > 00:15:16,159 Matt Lovell: Look, the the format of CISA Sinéad has worked 314 00:15:16,159 - > 00:15:16,720 super well. 315 00:15:16,720 - > 00:15:19,840 And we absolutely need some kind of centralized source. 316 00:15:19,840 - > 00:15:24,320 If you think about how AI is working in the language models 317 00:15:24,320 - > 00:15:27,440 and the large action models, etc., and they're culminating 318 00:15:27,440 - > 00:15:30,559 that together in the training capabilities at a global level. 319 00:15:30,559 - > 00:15:32,240 We need the same for vulnerabilities. 320 00:15:32,240 - > 00:15:35,039 We've got that for vulnerabilities in what CISR and 321 00:15:35,039 - > 00:15:38,240 MITA provide to us by contributing to it, by seeing 322 00:15:38,240 - > 00:15:41,360 the long-term strategic development of that organization 323 00:15:41,360 - > 00:15:44,720 and the amazing work that those individuals within there are 324 00:15:44,720 - > 00:15:48,320 doing right now as an absolute trusted source of that 325 00:15:48,320 - > 00:15:52,720 information is super critical to keeping you and everybody else 326 00:15:52,720 - > 00:15:54,480 safe at this moment in time. 327 00:15:54,480 - > 00:15:56,639 That's how I would put it back to you. 328 00:15:56,639 - > 00:15:58,960 So, do we need another CISA? 329 00:15:58,960 - > 00:16:00,960 No, we we need CISA, right? 330 00:16:00,960 - > 00:16:04,799 And therefore, let's get behind that and let's resolve this 331 00:16:04,799 - > 00:16:07,840 problem so we can go forward rather than backwards. 332 00:16:08,159 - > 00:16:08,480 Sinéad Hammond: Right. 333 00:16:08,480 - > 00:16:10,320 I'm gonna leave us with that. 334 00:16:10,320 - > 00:16:14,559 I'm gonna take that as an open opportunity for people to learn 335 00:16:14,559 - > 00:16:17,919 a little bit more about CISA going forward and look at what 336 00:16:17,919 - > 00:16:21,519 what's going on and what we can do and how this all fits in with 337 00:16:21,519 - > 00:16:23,120 our own businesses. 338 00:16:23,120 - > 00:16:25,600 This has been a really interesting episode. 339 00:16:25,600 - > 00:16:27,600 Thank you so much, both of you, for joining. 340 00:16:27,600 - > 00:16:30,879 I always learn so much on these because there's just so much 341 00:16:30,879 - > 00:16:33,519 going on and so many headlines that I'm not able to keep track 342 00:16:33,519 - > 00:16:33,679 of. 343 00:16:33,679 - > 00:16:36,240 So I do really appreciate you taking the time to talk us 344 00:16:36,240 - > 00:16:38,480 through and help us understand a little bit more about what 345 00:16:38,480 - > 00:16:41,600 businesses really should be um listening to and looking out for 346 00:16:41,600 - > 00:16:43,360 and what we should be monitoring. 347 00:16:43,360 - > 00:16:45,360 Thanks again for both being here. 348 00:16:45,360 - > 00:16:48,720 Um, thank you to our listeners for listening and tuning in. 349 00:16:48,720 - > 00:16:51,759 If you would like to catch previous episodes, then you can 350 00:16:51,759 - > 00:16:54,399 check out our website at bcn.co.uk. 351 00:16:54,399 - > 00:16:57,360 You'll also be able to subscribe to future episodes 352 00:16:57,360 - > 00:16:59,440 that we do in this podcast series. 353 00:16:59,440 - > 00:17:02,320 So, once again, thank you so much, and we'll see you all 354 00:17:02,320 - > 00:17:03,200 again next time. 355 00:17:03,200 - > 00:17:03,840 Thank you. 356 00:17:03,840 - > 00:17:05,200 Cheers, thank you.