Hello everyone. thank you so much for joining. and we thank you for being on time. we're going to wait just a beat or two before we get started.

but say thank you to everyone who has joined so far again as more people come in again like to say thank you all so much for being here. we're going to wait just a beat or two before we get started. but we do thank you for your timeliness, but we recognize that sometimes it can be a little difficult logging in to to webinar. So we're going to wait just another 30 to 45 seconds, maybe even 60 seconds. Yeah, we'll give it a full 45

seconds and then we'll get started. I struggled with finding a cup that had like no markings on it. , but I did find one. But it's just water.

It's just water. That's all it is. I promise. Well, good morning, good afternoon, and good evening to everyone. Thank you so much for joining our webinar defending against multi-channel threats and today we'll be speaking with my good friend Shashank Balazer Romanian who is the head of information security at Trip Advisor and he's going to talk to us a little bit about how they're using Doppel to defend against multi-channel threats. I am Bobby Ford, Chief Strategy

and Experience Officer at Doppel. And before we get started, just a few housekeeping things. I wanted to let everyone know that we are recording today's session so that we can send it to you. So today's session will be recorded. So feel free to take notes, but if you happen to miss anything, we can send the recording to you. and also the mics are muted. but if you do want to ask a question, feel free to drop it into the chat below and we will raise it when it's time for Q&A.

so with that, let's get started. First, I thought it'd be really really cool to talk to you a little bit about what we're doing at Doppel. and to give you an introduction into Doppel. As I said, I'm Bobby Ford and I'm joined by Shashank. And so we recognize at Doppel that we're at an AI inflection point.

, and what we mean by that is that because of generative AI, we've seen an increase in what we like to call the three Vss. We've seen an increase in the volume of social engineering attacks.

We've seen an increase in the velocity of social engineering attacks and we've seen an increase in the variety of social engineering attacks. And because of generative AI and its impact on social engineering attacks, we've seen that it has advanced the cyber criminals. And what I mean by that is that in the past, in order to be a successful and sophisticated cyber criminal, you had to have skill. And no longer do you have to have skill. Now you just need an AI tool. And with these AI tools, , you can launch hundreds, if not thousands of social engineering campaigns against sophisticated and

welle equipped organizations. And we've seen it be extraordinarily successful , with certain groups, especially one group, especially one group that we all know, scattered spider. And not only are they successful, right, but they're happening at volume.

And this volume is targeting individuals. there's a popular saying that I'm sure we've all heard that hackers don't hack into systems. they log in. And the thought behind that is no longer do I need to compromise a system. I can just compromise an individual. And once I compromise that individual, the individual will give me access to the system. So, we're at this AI inflection point as relates to social engineering attacks and what used to work doesn't work anymore. , we always had these point solutions provided by legacy vendors.

And so, we had something that would allow us to defend against attacks on our domains. We had something else that would defend against email, something else for URL, something else for dark web. but there wasn't a holistic tool. We had these point solutions and the legacy vendors couldn't provide a holistic tool, a comprehensive tool.

And as we all know, multi-channel attacks require multi-channel defenses. And so you need something that can look at social media. You need something else that can look at the applications, something to look at telco. And you need that stitched together in a single unified platform. So we want a multi-channel defense platform so that we can defend against multi-channel attacks.

And that's where Doppel comes in. So Doppel is the AIBorn social engineering defense platform. Not only do we detect attacks, but we dismantle them. We disrupt them. And the way that we do that is we provide multi-channel coverage. So we look we look across multiple channels across domains, social, paid ads, telco, the dark web, crypto, and more. We then put together a threat graph using this intelligence so that we can link signals across multiple platforms across multiple brands and across the

infrastructure and then we leverage agentic AI in order to disrupt those attacks because I think it's one thing to be able to detect attack. another thing to be able to alert but we want to go beyond that and not just signal and not just alert but then we also want to remediate. It's not just about detecting attacks, it's about disrupting them.

And we do that with our three products. First, brand protection, which is all leveraged on top of our AI born platform called Doppel Vision. First, it's brand protection and you leverage brand protection in order to defend your company and to protect its reputation.

Next is executive protection because we know that our VIPs are highly targeted individuals. And then we pull that together with our simulation product. It's a social engineering simulation product so that you can actually test your defenses in order to prevent attacks.

And with that, we're now ready to get into our Q&A session with my good friend Shashank, who is the head of information security over at Trip Advisor. So, Shashank, thank you so much for being patient as I introduced everyone to Doppel. So, in honor of the start of the NHL season, Shashank, I thought it'd be really cool if we broke up today's conversation into three periods. So the first period will be you introducing yourself and talking a little bit about what you do at Trip Advisor and how you leverage Doppel in order to protect your organization. The second period I

thought we'd talk about AI's impact on social engineering attacks and how it's now going across multiple channels. And then I thought in the third period we'd talk about the future of social engineering attacks and structure that around hey what are some of the things that you're not doing today that you hope to be doing in the next 18 to 24 months. So does that does that sound good?

>> Sounds great. Sounds great. >> All right perfect. So Shashank why don't you introduce yourself and talk a little bit about what you're doing at Trip Adviser? >> Sure thing. Hey everyone. Um I I lead the information security team at Trip Adviser. Um and my primary responsibility is you know managing our security program overall and so that obviously involves deploying security controls across the enterprise. Um from the perspective of this discussion u that brings brand protection and you know um phishing simulation and stuff like that in in into the focus for us as well. So where we leverage Doppel today is primarily in the brand protection

space and so Doppel definitely is um sort of heavily used from the perspective of you know site takedowns or you know copyright infringements typo squatting kind of situations right um we also do have the telco module from um Doppel which I thought was very novel and I didn't quite see that in other vendors when we were venturing out and so that's that's really um um a very good quality about the double solution in general where you know this whole multi- channelannel um topic basically comes back into focus. So yeah, primarily we use it for for brand protection site takedowns as I

mentioned. Um in terms of why Doppel, right, maybe let's trace back and you know take a few steps back and see you know where we were and what led us to Doppel. So um I think in early 2024 I think Jan 2024 um we and and by the way Trip Adviser being um a travel brand um business is cyclical which means that you know when the holidays come around you know business activity there's an uptick in that as well as you know malicious actors who are trying to do something um fishy and so this it was kind of January 2024 and u what we

started observing was right like we had these paid ads from Google which was being that that was kind of the modus operandi of of whoever the malicious actor was, right? So there were Google ads and you know people went to these Google ads and you know it was really um a phishing exercise in general where they took basically harvested credentials, credit card information and and you know that was kind of that that raised a flag that you know hey something fishy is happening out there and so um at that point without Doppel what we observed was right we were very um reactive as opposed to being proactive with this right we were at you were we were basically tracking oh there's a no sort

of um paid ad and you know there was little visibility into you know um sometimes we found the paid ad sometimes the vendor basically gave it to us and so there was a lot of confusion in terms of controlling the the the bleed if you may and so um after that incident right we I mean everything was in perspective right we basically regrouped and we we thought right I mean I don't think we want to sort of continue this way because right the next attack is just um I mean it it's again going to our team and sort of exhaust all our resources. And so collectively we made a decision right that you know we're going to be looking for vendors in the space and as we sort of hunted for those

vendors Doppel came into the picture right and to be honest right I I wasn't even looking at multi- channelannel when I was thinking about I just wanted a fix for the problem that we had with paid ads in general and so when we did the demos and when we spoke with Doppel right um I realized right that this is just more than you know brand protection in general right they had these additional capabilities And um the interesting thing and again we will obviously talk a little bit more about that is multi-channel right I mean I think that is if if there's one message you want to take away from this it's multi- channelannel and doubles capability to uniquely address risks in the multi- channelannel domain right and

so um as as with all vendors we went through our PC and we love the tool and so I think as of December 2024 we became customers of double from a band brand protection perspective but yeah I mean I think the experience has been brilliant. I think everyone loves the tool. Um and yeah, I'm still continue to look forward to um a future relationship with Doppel.

>> Perfect. I appreciate that. Shane, you said a little bit when you talked about the benefit of Doppel. One of the things that I like to talk about and for those that don't know, I I have experience being a CYO so I sat in the same seat that Shashank sits in now. Um, and so I used to talk about it's one thing to be able to provide a technology. , it's something else to provide the support and services that sit on top of that technology. So if you were to talk think about how you leverage u the support or the services or what's the response time been like? Have you found that to be a good thing when you've engaged with Doppel?

>> Oh yes, absolutely. And I I'll I mean I I cannot emphasize enough as to what Bobby really brought about is just the customer support team in general and the experience in general, right? So um I will contra compare and contrast this with what we were doing to what Doppel basically gave us the ability to. So pre-dop um everything was email. You know, even with this whole paid ads incident that was going on, there was a lot of email going back and forth. Hey, we found this new ad. Can you take it down? And you know there was a lot of noise essentially and and it wasn't really productive or efficient.

I mean now talk about Doppel right um I think they've a this customer support team is fabulous. I mean I don't think um I've I've spoken I've had f I have I've had multiple touch points with my team in terms of their experience with Doppel and pretty much everyone basically touted their customer service to be top-notch right and so there's absolutely um no complaints from that perspective. Secondly, I think they made it very easy for us because I think they natively integrated with Slack, which is what we use today in the organization.

And so, contrast that, right? Sending an email versus a Slack message and getting a response within seconds. Really, literally within seconds, um is is the difference, right? And so, I mean, I cannot stress enough as to, you know, I mean, the technology is great. it it works and stuff like that. But you know these are the some of the and and at least for me when I'm evaluating a vendor I place equal emphasis on the soft skills as much as on the technology. Right. And so I would definitely say Doppel excels in in that regard.

>> Yeah. Um I I know that for me when and you may have heard me say it that that I don't even like saying AI native. I say AI born. And and the reason why I say AI born is because I think that we're living through this period right now where there will be organizations that were around before the introduction of generative AI and then organizations that started after generative AI and as a result those organizations that are AI born throughout their entire organization embedded within like it's in their DNA to sort of be fast to leverage AI and I can tell you on the

back end. we don't just leverage Slack for our customers, but that that's our primary mode of of just communicating because it is so fast.

>> We're extraordinarily fast. We're fast internally. When you think about cyber security >> and you think about speed, what what comes to mind? Like what areas would you like to see us be faster as a cyber security industry? What areas would you like to be see us be faster? Especially when you think about various channels because as you said, email is slow. Mhm.

>> So we sort of think of email as slow, but if there are any areas where we could be faster in various channels, what what would those areas be?

>> Yeah. So I mean I think I think I' I've definitely mentioned that with Slack, right? Because we are a I mean we we're pretty fast with Slack. and so in addition to that, right, I would I would really like as just as an industry, right? I I think it makes sense if we can respond faster to incidents, right?

I think incidents happen all the time. But then and everyone has playbooks and everything. I I agree. I understand that. Right. But you know if you have the ability to respond fast and take corrective action, remediate the issue as soon as possible that sort of helps you like not bleed too much right during the incident right because that's again that's just going back to my earlier point. That's what really led us to doppel where you know it was very inefficient as I looked at it right but again right nowadays you know there are you know several communication channels that that can be sort of leveraged instead of email and I think as as you look at as Bobby was referring to like

AI born companies and organizations I think there's also we we've also seen that shift away from email as kind of like the primary way we communicate and sort of do those kinds of things right and so um two ways we do it. Obviously, one of them is slack and then the other one is within the portal itself which is pretty intuitive and it's pretty helpful in you know getting our job done and and sort of getting it done speedily right and so um I I don't even think that you know we do send any emails to the double team today because everything can be done through the platform and the slack integration so um in in my opinion right response to incidents is extremely

important and you need to be quick quick and swift about it. Yeah, absolutely. I could not agree more. All right, perfect. All right, we're ready to move into the second period. , unless there was something else you wanted to cover in the first period.

>> No, I think we can move on. >> All right, let's go. Second period. Second period, we're going to talk about the impact of AI on social engineering attacks. And I want to kick off the conversation with something you said about like rarely using email.

So, I'll be provocative as we start the second period. Um, I think that email as we know it will go away. I I'm I'm saying that email, and again, I know we're recording this, so this will be a hot take. We can go back and we can listen to it five years from now. I'm saying that within five years, email will go the way of the telephone.

it'll still be around and people will periodically use it, but I I don't think it'll be the primary way we do business. >> What do you say to that? What's your response?

>> I think I mean I I would I would tend to largely agree with you, right? I think it's on the way out. Um and so as people are adopting new technologies, right, and and I think um social media is is definitely one thing where, you know, people are engaging more, at least the younger generation. So I'm I'm the reason I say it's on its way out is because right it it'll phase out right as new users come on board um they will have preference for like maybe text messaging or social media or you know again um other channels of communication and so what I envision is going to happen is that you know in the next 5 years as you mentioned um we will be using much less email um and and more

like productivity tools right maybe Slack or some other um messenger tool or text messages as I mentioned, right? So, I mean, I do agree with you. I I think it's it's not going to go away completely as you mentioned, but it'll probably be there, but it it's really not going to be um taking up as much of your asset space as you know or or you know, mind space in terms of, you know, a concern or a risk. I think I think there going to be bigger risks with these new communication techniques coming up.

>> Yeah. And and you you mentioned two things. You talked about social media and you talked about text messages. So if we think about the impact that AI has had on social engineering attacks, >> we're starting to see now more attacks via social media, more attacks via text message. What would you say to that?

>> I mean, it's it's evolving a lot, right? And it's it's evolving rapidly, right? I mean, if you had if you had asked me about a year ago what the threat would be of AI being integrated into phishing, I would I would be like, "Yeah, it's still kind of like a developing technology. it's not as much of a risk.

Having said that, now if you fast forward to today, I think they're writing. I mean, if you look at the phishing some of the phishing emails from AI, I mean, let me backtrack, right? Typically before AI, what kind of information provide the um larger employees to spot a fish, right? Spelling mistakes, bad grammar, right? Bad English, say for instance. Fast forward to today, AI has made all I haven't even deep stuff because that's

also involved technology which sort of catching folks all guard but I think as AI advances the right way, right? It enables the attackers, but it also enables you if you leverage the right tools and technologies. Yeah, I I I think that you you hit the nail on the head in

particular when you talk about the um sophistication of AI attacks. That's why I like to say that we've we we're at a point now to where you can't educate and awareness your way out of the problem, >> right?

>> And it goes to the point that you were making with we educate the employees on how to spot suspicious email. I remember that that was a whole campaign, right?

Suspicious or malicious. So, we would, you know, here's how you spot a suspicious email. What happens when you can no longer do that with the naked eye or you can no longer distinguish, you know, a deep fake voice with the naked ear. Shout out to an AI quiz that we launched today around spotting deep fake voices. Um, and so it takes AI to defend against AI, which is also the point that you were making, , when you said that, you know, there's good and bad uses of AI. Talk a little bit about how you're leveraging AI. Is it through your use of technology? So,

are you looking for the suppliers to leverage AI or are you looking, you know, within your organization for how you can embed it and you can deploy your own AI defense tools?

So I would say it's a mix of both really. I mean I think we we're we're fairly more mature where you know suppliers are embedding AI within their solutions to sort of help us um with you know threat detection response and stuff like that. But I think as um a roadmap item or as something on my wish list is, you know, I want to embed more AI proactively on the protection side for my team to sort of be able to leverage AI and its technology to, you know, circumvent some of the attacks that we see. It's possible. And I think and and to a certain extent, right, I think um it's it's basically all going to go down the road where, you know, in the future, I see all of this potentially being

replaced by agentic AI, right? where you have agents running u basically automating most of the stuff that was pretty straightforward and and sort of simple to do. So I I really think that it's it's going the agentic AI route.

And so from my perspective I I look at it both ways, right? I I definitely want suppliers to sort of u see if they can embed AI and and sort of help protect us that way. But then for my team and for the protection of the organization, I want to proactively make sure I'm embedding AI within the workflows, making sure I'm leveraging it because, right, I mean to be very brutally honest, I think if you're ignoring AI at this point of time, it's basically just going to be your loss at this point because yeah, I mean it's it's here to stay. It's it's going to get better hopefully in the next few years. And so I think I think it's very important that you know you embrace AI and you know adopt it in as many flows as possible.

I I agree. But before we move into the third period where we talk about like sort of the future of AI attacks and I provide some stats, let's talk about that term AI.

>> If we can talk about that term for a minute um I know that there are a lot of technologists who believe it's a marketing term.

>> Um and and um rightfully so. But however there are two things I want to do. The first thing I want to do is I want to recognize the importance of marketing.

not just because like we have the most brilliant marketing team in the world here at Doppel led by the most brilliant CMO ever. but just because I recognize the important part that they play in all things. Remember I I remember Shank and you tell me if you remember this. I remember when we thought the term cloud was a marketing term >> and we used to wear t-shirts that said there is no cloud. it's just someone else's computer, but it stuck around.

>> We still leverage the term cloud. It's still a whole category. I think that we're starting to witness that with AI with people pushing back on the term AI and like they say, hey, it's not really AI, it's large language model or it's not really AI, it's legit. So, how do you feel about the term AI in general?

Yeah, I think I think I mean I I can kind of understand where that sentiment is coming from that you know it's it and it and to me right it's it's really not as much about the term AI but it's about the capability that that's behind this term right and so I think I I think all the I mean there there's definitely resistance to change when you know something as drastic or something groundbreaking as AI that comes along um and so for me right it's it's more the opportunity or the productivity boost that I get by um as I understand AI better and as I sort of integrate it more um into my flows and so I what I would say is right I don't in my personal opinion I don't think AI is

going away anywhere I think it's just going to get better and stronger um and it's going to be ingrained in many more I mean it's just going to get very basic right I mean I think I in the future maybe 6 months down the line I don't even think you will be I don't think we are today but I don't think you will be talking about any technology which doesn't touch AI in any shape or form it's it's just that omnipresent and prevalent in everything that we do.

but again right I think I think what what might end up happening is you know how we leverage AI and you know what kind of work streams we end up creating which which leverage AI but by and large I think AI is here to stay it's here to grow and get stronger so rather than sort of you know treating it as something which will go away and you know something which seems scary I think it's it's wise to maybe adopt it maybe learn it adopt it because I think you are going to be better served VED if you sort of really embrace AI and sort of yeah implement it in in um in as much as possible implement in your day-to-day operations.

>> Yeah. So as we move into the third period where we talk about the future of AI attacks and the future of multi-channel AI born cyber social engineering attacks let's talk a little bit about the future and specifically like what's something that you hope to be doing in 12 to 24 months that you're not doing now in order to defend against social engineering attacks? that are fueled by AI.

>> Yeah. And so, um, I think I think that's a great question and it sort of aligns very well with something we're actively doing at this point of time, right? So um I know Doppel does have this whole um AI simulated phishing piece which phishing simulation piece um and so um we are currently not customers of that but at the same time we are actually in the middle of trying out that product and sort of trying to understand you know how applicable it is right um here's what I'd say about it right I think um I mean you cannot really ignore that attack vector in general right I mean it's it's again gone Gone are the days

of email, gone are the days of classic sort of phishing campaigns and stuff like that. I think attackers are getting smarter. techniques are getting more sophisticated and so I think you need to sort of look at um AI holistically in all aspects of you know how so think like an attacker right they will basically leverage AI for anything and everything that they can and it's freely available right and so I I think it's it's going to be as much more important if not more important to sort of start focusing on you know these attack vectors and you know AI being used in these flows right at least that's how I'm thinking about it and So I think if you ask about the next I would even say the next 12 months I would say probably

in the next 3 to 6 months I would really want to see you know us having a firm command or control over you know AI phishing AI based attacks and you know having maybe some partnering with Doppel maybe we have that covered as well right where you know Doppel sort of helps us cover from that perspective but yeah I think it's it's it's too hard to ignore at this point of time just given how much things have progressed. Yeah. I I I like to say that it goes beyond email.

>> Yes. I think that's where like that's the future that you have to defend and you have to protect beyond email. So if we're talking about defending beyond email and we recognize that I read a survey recently, I read a report recently that said something like less than 20% of the incoming workforce prefer to use email as a primary method of communication.

>> Okay. So, if you take that and you take the attackers who are now I don't know about you, but I get tons of text messages about tolls that I haven't paid or tons of text messages about potential jobs or tons of text messages about, you know, taxes that I haven't paid. And so, if you take all of that and attackers are now targeting our phones, how do you feel? This might be controversial, but how do you feel about leveraging solution that touches your employees personal devices? Because we allow them access to our corporate networks or we

allow them access to our corporate, you know, um, applications via their personal device. How do you feel about touching their personal devices in order to protect them? Yeah, I mean I think that's that's definitely I don't want to say anything controversial here, but I mean I do understand that you know BYOD is a problem and so I mean I wouldn't say problem, it's a risk, let's put it that way, right? you don't know what kind of um it opens up the attack surface which are not necessarily monitored by our traditional like laptop would for instance right and so I mean my thought process around this is this way right I mean by and large um I will

not necessarily monitor u another person's I mean we have protections in place which would sort of guard against sort of unauthorized access of our systems through phones say for instance right I'm I'm just talking purely from from a company perspective and so we have safeguards in place which would prevent any random person from using a phone and getting into our network.

Having said that, right, I think it'll get to a point where, you know, as this risk elevates, um, what what's going to happen is that, you know, ultimately in terms of responding to an incident, let's say your phone was involved in some sort of a malicious attack or something. Um, I think what's going to happen eventually is that, you know, the company will sort of eventually have the right to respond maybe wiping that phone out, remote wipe, or you know, taking action against that phone or that device or whatever it is, right? I think it'll basically veer somewhere around that. I don't want to sort of sound too controversial, but again, I think it's it's a very open attack vector. Um, and then I think what's also going to happen

is u we will definitely start looking or you will probably even start seeing new vendors pop into the space where you know they're protecting against BYOD in general that whole use case in general.

So I think that's the trend we we're heading in. I know it's personal devices and so it's it's always risky and controversial to sort of say anything about them at this point. But again, I think as the risk elevates, I think there are going to be clear solutions on the horizon in terms of how we want to tackle this.

>> So, so I want to ask you to take off your, you know, head of information security at Trip Advisor hat. Like, let's take that off. I'll take off my Doppel hat and we'll just have a conversation as like two people who've been in cyber security for a really long time. I'm talking about social media.

>> Yeah. >> And and we're starting to see attacks via social media. And one of the things that that some organizations like, you know, the organization that I'm not representing at this moment, like we will go after and we will disrupt fake social media accounts.

>> We will we'll take them down. fake social. I want to talk about like legit social media accounts >> and our employees leverage social media like you know LinkedIn or Facebook or Instagram and they're being attacked there.

>> Do you feel like security professionals should protect their employees personal social media accounts?

>> Oh, that's another interesting aspect. It's controversial, right? I mean um so the thing is um it it depends on the context, right? I don't want to necessarily put a blanket statement and say, "Yeah, the security team should protect the personal devices and personal lives of everyone under the sun, but I think the context matters."

Um, and so we've obviously seen several I mean, not even Trip Advisor specific, we've seen several examples in the out there where you know, , people are either harassed or bullied or whatever it might be or just because they belong to a particular organization or not or whatever, right? I think it's a fine line that organizations must walk here in terms of you know how much they want to get involved in all of this right um I I definitely think that you know going back to the context I think if depending on what kind of if it's a reputational damage to the organization then I think it it all depends you have to weigh the risk and you have to weigh the pros and cons of acting versus not acting um and

so I would I wouldn't really be able to give like a clear black and white answer it's very gray right and Again, um it varies from organization to organization. Some organizations have no risk appetite and this and they'll just come down hard on it and say, "Yep, we're going to protect it. We're going to shut down whatever account and stuff like that." Some have a little bit a little bit more leeway and risk appetite to say, "Yeah, okay. we're not going to infringe now, but again, we'll keep a close eye on this and act if necessary."

So, it it really depends unfortunately. That's the answer I will give for this one. >> Yeah. No, I I don't think there's an easy answer. I think it's a question that'll keep coming up. I think that we'll continue to see adversaries target our employees via their social media accounts because they know that that we're not defending there.

>> Yeah, exactly. >> They know that we're not watching there. They know that we're not defending there. And I think that we'll continue to, you know, we'll continue to monitor that. I wish I had an answer for it.

Maybe there's someone out there that does have an answer for it. But I think that we have to be mindful of that. And what we can do what we can do is we can monitor attacks that happen via social media and we can disrupt the attacks that happen via social media. So we're almost out of time Shashank.

so I'll open it up to Q&A from the audience see if we have any questions there. and want to encourage everyone to take the quiz that one of our brilliant marketeers put in the in the chat there. fish or fact which is a quiz that we launched today to see if you can distinguish a real voice from an AI generated deep fake. I took the quiz. I did not do as well as you would think someone that has tons of experience in cyber would do. but nevertheless, let's see if you can beat my score. So we encourage everyone to

take that. I'm not seeing any questions in the chat. So, was there anything else that you wanted to say, , Shashank, before we say goodbye?

>> , I do see one in the Q&A, by the way. >> You do. Okay, here we go. There we go. >> Yep. >> All right. So, the question is, thank you for that. Um, I don't see it anymore. I did see it, but I don't see it. Do you see it?

>> Yeah, it's So, I I'll read it out to you and then you can definitely answer. I mean, take it. What advice would you give others looking to protect against social engineering attacks?

>> That's a great question. What advice would you give them? >> I think the first piece is, you know, you need to solve is the visibility piece. You need to understand what's really happening on the horizon before you basically start protecting it. Um, and I think and again, I think a tool like Doppel is going to be ideal in this kind of a situation. I'm not saying Doppel is the only one which does this, but it does a pretty good job of it. And so I would say you know if you do not have any controls in place today to sort of control your social media risk I would say you know talk to doppel look at their solution and sort of see what they can do because I think I think those are the two parts right getting a visibility on it and then sort of acting

on that right because typically what you see right and I'll just add this one more point is typically what you see is you know these u actors basically don't deal necessarily with individuals or just your organization in general. It's pretty a wide it's a wide web where you know they cast this wide web and see you know who gets basically entangled in all of it right and so more often than not what you will find is that you know something you're experiencing or something your organization's going through right now has either happened or is happening with other organizations right and so having a vendor which helps you protect and gets that visibility so so think of it let's say if you're a double customer and if they find something like this and there are three

other organizations which are impacted similarly to you I they would have that capability to shut it down altogether right so it's going to benefit those three organizations including yours as as they respond to this respond to this right so I would say um definitely it's a very serious risk and so definitely consider the risk the visibility and and the control piece pre preferably with a vendor >> I absolutely agree so I figured out how to to look at the Q&A so I I'll ask the next question how can proactive attack simulation change the way your company and employees take agency in

protecting themselves and the brand from social engineering attacks. >> Yeah. And so the way I look at it is, you know, as we do these campaigns and simulations, right, what we're just trying to again, it's we're trying to sort of influence and change behaviors really. It's not really something where, you know, you do an exercise and you know, you you know it's phishing, you report phishing and that's it, right?

that's that's really not what we um that's not the intent or that's not the goal. What I want to do is basically make you more proactive. And so when when you sort of see these emails coming, at least it happens with me, right? When I see a phishing email and I can spot it that it's a fish, subconsciously I apply that to anything um that comes to me really. And so Bobby was talking about those like USPS or UPS text messages which come in. I mean, I know again I might be a security guy and so I'm I'm probably a little bit I don't want to consider it, but I might be a little bit more cautious about these kinds of things or savvy, but that thought process is basically since my behavior has changed, that thought

process automatically applies that towards that text message. And I'm like, yeah, this seems fishy. I don't know who this comes from. Even today, right, I whenever I get a suspicious email, I I keep looking, you know, who that sender is. And there's still telltale signs of you know bad domains from which these emails are coming or bad numbers from which these unverified numbers from which these text messages are coming right so the way I would answer it is right they're important from an organizational perspective to make sure right that your employee larger employees are aware and they are sort of spotting these on a regular basis. But if you do enough of them and if you do them pretty frequently, you get to a point where you know you can actually

change the thought process and the behavior. And that's the that's the winning thing, right? I mean, if if you can do that, then you know, they'll protect themselves outside of the organizational context as well in their personal lives as well and in general.

That's how I would put it. >> Perfect. We have another question. What methods have proven effective in improving awareness amidst amongst employees?

Hm. So I mean I think it it it depends right I mean in terms of what kind of awareness but in general security awareness right and it's kind of opportune right because we are in the middle of the cyber security awareness month being that >> and so right we take several approaches I think we are very we're very proactive with definitely with phishing simulations because that definitely runs throughout the year um across our entire organization but um our SOC team does a pretty great job of you making sure you know at multiple times during the year we send out frequent feelers and emails to the rest of the organization in terms

of right what to spot out for what's happening out there you know there there's like the QR code scam that comes up right I mean it's it's kind of evalu evolving pretty rapidly and so yeah we try to sort of take that dual approach where you know on one hand we're testing you that you know hey can you spot all of this and on the other hand we're providing me with an information that you know hey maybe X got an email which looks like this this is why it's bad and you know if it comes to you please spot these or look out for these three or four things which are sort of interesting so I mean it's again um unfortunately there's no right answer to this right there's not like I can tell you do this and everything will be

golden after that it's it's more about sort of be persistent and sort of keep doing what you're doing you might not get the desired results initially but then at least my experience says that you know if you do this enough number of times those numbers would sort of definitely start improving.

>> Yeah, I I agree. And one of the things that I I like to do is when I was a CISO, I would leverage our simulation to test the security organization.

And so we would launch a simulation and then we would get back the results. And when we get that back the results, we could say, okay, we see that defenses go down early in the morning.

And as a result of that, we need to make sure that we tighten up our controls. So maybe we have an additional layer of control every, you know, early morning because we know that our defenses are down.

>> Yeah. >> So I would love to use like like I believe it that that we leverage simulation products or we leverage simulation campaigns to test the effectivity of our security controls.

, here's one. Fishing has been around for decades, yet it's still one of the most effective attack methods. Why do you think people still fall for it? Um, I I'll let you answer that.

>> It's it's I mean, I think it goes back to the age-old I mean, I don't know if you heard the um the saying, but the human is probably the weakest link in that security chain, right? And so, I mean, it's it's it's just perception, right? when when you see an email which sometimes seems too good to be true um it's it's it's really the practical versus emotional battle right sometimes emotionally you would sort of associate more with an email and sort of you want to sort of engage with that email and go further up right and so I don't think um it it still will be probably the best way to get access or infiltrate systems or you know um get get these credentials right phishing and you know

stuff like that right so I mean there's a reason why it has been around for so long is just because people engage with them in the same way, engage with these messages, engage with these sort of outreaches in the same way. So unless and until right that's that's where I'm going back to that changing the behavior right as and when you change the behavior as they become more aware that you know this is out there and this is out there to get us um and yeah just improve that awareness and so automatically you will start thinking right and you'll start hopefully behaving right as well and so that downsizes your risk considerably.

I definitely know that phishing will be around um >> for even decades more. Sure. >> I think that we will continue to see it across multiple channels.

I think that if we feel like people have been falling for it before, then woe is us because with AI they will fall for it even more.

>> Yeah. Agreed. Agreed. because we will no longer be able to educate and awareness our way out of the problem. I think that the way that we solve it is that we put the right controls in place so that it doesn't even get into the inbox, so that it doesn't even get into the text message, so that it doesn't even get into the social media channel.

>> I think that's the only way that we can solve it. It's sort of like, you know, um I don't know, people have been falling for pickpockets for for centuries. Why do you know, people still keep getting robbed by >> pickpockets?

>> the the way to stop it is to to actually go after the >> pickpocketers. >> I think that's how you stop it. And so that's what our mission is is like >> Yep.

>> I know some people don't like to say it, but it's really to take the fight to the adversary. Mhm. >> is to take the to stop it so that our employees are protected at such a level that talking to them about phishing is dead because like I said with generative AI you won't be able to distinguish the real from the fake. Take take the quiz.

Tell me if you can. And if you can't distinguish the real from the fake then it's like the only way to prevent it from happening is to disrupt it to take the attack to the adversaries. And that's what true social engineering defense is all about. It's about disrupting the attack before it even occurs.

>> So we should definitely come back and follow this conversation up because I feel like we could talk we could have an entire conversation just around simulation. So So maybe we'll postpone that Shashank and we'll visit that topic later. What do you say?

>> Sure. Yeah. Yeah. Yeah. Sure. Sounds good. >> Cool. >> Definitely. Yeah. It's it's an exciting topic. You can yeah there can be many angles to this discussion. So yeah for sure >> absolutely well if someone wanted to reach out to you how would they get in contact with you?

>> So I mean I am on LinkedIn and so definitely if you're interested please do shoot me a message and send me a LinkedIn connection. I would be happy to sort of accept and yeah >> perfect.

>> Cool. Well thank you so much for your time. Thank you to everyone that attended. We really appreciate it learning about Doppel, learning about how Doppel is helping Trip Advisor as they defend against social engineering attack and talking about our favorite word of the year, AI. thanks everyone and have a brilliant evening and rest of your day.

>> All right. Thanks everyone. Bye. >> Thanks. Bye.