 and tech tech talks. I'm Jay Fidel here on a given Tuesday morning and we're talking about spikes and cyber attacks with two guys who can see and know what's going on. Maybe even they can deal with it. Phyllis Arestram Stylanda and we have a special guest today, Gerhardt Rickert and he's a I'll let you I'll let you define yourself. What what are you doing here and how did you get into our studio back here? Well, I'm the CEO of Pacific Global Security Group, a former CISO of Dark Matter and currently in Hawaii, supporting our war fighters and government and cybersecurity consulting and work together here with Attila. Okay, so Attila, you know what's going on here? We have a spike in cyber attacks and we are referring to Hawaii. This is a spike in cyber attacks in Hawaii. Is it beyond Hawaii? What has this come to your attention? Well, that's the main thing here, Jay. So and this is why everyone who's listening should pay attention is that if they are doing business with the government in any way shape or form, either as a prime or a subcontractor, know that you've been targeted over the past few weeks by a highly sophisticated spearfishing attempt. Now spearfishing, what that means is that's an email that looks very believable. Now, Jay, I'm sure has disseminated the information, but if you want to, you can go to our blog or on the ThinkTech blog and you'll see the what it looks like. And it's a very convincing email that we've been seeing from a number of government contractors. They've been forwarding us these emails and, you know, we were just trying to get the word out to be careful. Those emails direct you to a webpage where they are harvesting credentials. What that means is usernames and passwords to your email accounts, to your share point, to anything that could be relevant to your business. And unfortunately, if you are reusing those passwords anywhere, that means that if they get access to one, they have access to more. And the reason this is important right now is that government contractors often have proprietary information. And a highly targeted attack like this means that they're trying to probably get into government resources. And not only could that be detrimental to our economy here and to our government, but it can be detrimental to your company. Because now, if it's linked to you that you had some poor cyber hygiene and accidentally gave your credentials over, that means that that government contract that you have, or if you're up for renewal, you may not get it because that means that you've been compromised. It's a nationwide just Hawaii. Mind you, Hawaii has a lot of government contract. We have the highest density in all of the country. So this is why Gerhard is so important here, because he has the other perspective, which is what does it look like from the other side? Who are these guys that are trying to get into our economy and destroy it? And how can we protect ourselves? And part of what he does on his side, which is why he's so vital to the community here, is to protect our economy. And he knows who these guys are on the other side, so I wanted to have him speak to us on that. Yeah, Gerhard, thanks for joining the show. How much of what it tell us that is true? 100%. It is nationwide. Hawaii is having a spike right now due to all the government spending within Hawaii to bolster the presence within the Pacific against China or whatnot, any type of adversaries that may be interested in starting issues here. So these APTs, these advanced persistent threats, these nation states are constantly probing primarily China, a lot of Russia, but other places as well. Why a spike now? Well, it's due to all the spending that's starting, right? Everybody knows that they're going to dump lots and lots of money. It's an obscene amount of money that's coming into the Hawaiian islands to fortify the Hawaiian islands, as we're the first line of defense. Yeah, he's correct. We asked for $4 billion. We got $7 billion here. $7 billion over the next year. That never happens to me. Never. Yeah, so Gerhard is absolutely correct. That is going to make us a target. And you're not looking at, you're not, they're not going after, say, the military directly, right? The military bylaw has to use these small companies. These small companies provide these services, Joe Begadon's shop of widgets and digits, and the government needs to use these by SBA rules and regulations. Well, guess what? They're not so secure. They reuse passwords. They probably don't have certain type of security technology in place, and they're easy targets. So whatever they have, whatever information they have on their government contract or what they're doing at work, this could be stolen and used against them. And then eventually the critical infrastructure will be the next attack. The critical infrastructure here in Hawaii is probably the most sought after attack. What does that mean? What does that mean, Gerhard? What is critical infrastructure? Electricity, water, everything. Why go after the base itself, the military itself, when you can take down the infrastructure around it first, right? Cause a lot of problems, cause a lot of havoc, cause chaos within the islands. Lots of money needs to be spent to fix it up. So yeah, this is something that we've been preaching about day in and day out. So what's the theory? If I knock off, say, the power grid or water or the internet in general in Hawaii, that is going to take everybody down, including these defense contractors and subcontractors. So if I knock off the platform, then everybody in the platform, including them are affected. Am I right? Absolutely. Absolutely. Now, you know, the base is obviously they're built for redundancy, but the rest of the islands, it's a minimum of six hour flight anywhere, if you want to go somewhere, right? So just the chaos that would be created, the havoc that would be created within the islands from a major cyber attack on any of the major facilities would. It's not just the defense facilities, defense contractors and subcontractors. It's all of us because if they go for the platform, they're affecting everyone in the state, every man, woman and child in the community. Well, and to, you know, have a little bit of evidence for current events. Remember how just, what was it about a month ago? It was all over the local news about how a fiber circuit was almost taken down. One of our primary interconnects between here and the mainland almost was taken down. And it was a coordinated effort, you know, multinational effort to stop it from happening. I mean, imagine if our communications infrastructure was interrupted, but it all comes from these small seemingly insignificant, you know, email taps or, you know, let's go to that. You know, so you describe what you call spearfishing and it's relatively unsophisticated. It's relatively clumsy. And, you know, well, I mean, a well-trained, you know, person is going to be able to spot what you described on the screen. So why are these nation states doing this kind of attack when they could do something much more sophisticated and get right to the heart of it without relying on fishing? Sophistication takes time and effort. You know, spearfishing, you're fishing the masses, right? And are these people intelligent enough to understand what type of fishing campaign is going on? For the most part, no, it doesn't mean that they're not intelligent. It's just this is a new wave of issues that are hitting the Hawaiian islands. And it's time for the Hawaiian islands to really understand that, hey, cybersecurity, cyber threats here are real. It's the real thing. It's not just in the movies. It's not just in the mainland. It's not just, you know, overseas. It's right here in our backyard. You know, it's a big problem we have is China is one of the main culprits here, but we have a very big Chinese demographic here in Hawaiian. People think, oh, well, it won't happen to us because we have a lot of Chinese here. No, that's not true. You know, it's happening as we speak and the training that has to go into, you know, getting these small businesses and these big businesses to understand that those emails look real. Those emails will get you unless you have a trained eye to identify it. And it's not hard. You know, if you kind of get the hang of it, if you kind of understand what you're looking at, you can identify a fishing attempt pretty quick. The average person can identify a fishing attack pretty quick with the proper training, 10 minutes of training and vigilance, right? Understanding it, learning it, and then all of a sudden not using it doesn't work. So, you know, once you understand what to look for, continuously do that. You know, we're in, it's a different world now. And I don't, I don't want to paint a doomsday picture, but... Well, you'll be okay if I ask you what essentially to summarize what that training is. Because if you, if you talk in public about what that training is, you're really tipping the other side off, the attackers off, who may be watching or who watch later. And they say, ah, you know, Gerhard is talking about, you know, the training and what the people are looking for. We'll bypass that. We'll bypass this training. How much can you talk about this training in public? It's public training. That's not anything, there's no secret sauce behind it, right? It's under, you know, it's looking at things like the email address, making sure that when you hover over it, it's actually the right email address. These tend to come from different countries that English is not the first language. So read, carefully read what's going on, look for the mistakes in the spelling. Sure, they may have a properly drafted email, but, you know, at the end of the day, there's some key points that, that will, will tip you off to some type of attack. And then it's the integrated technologies that companies bring into their, to help fight the battle, right? So the human aspect is one aspect, but there's other aspects, there's other technical aspects that can really help in the fight against this. And keep in mind, this is just one avenue of attack. Well, can you talk about some others? Talk about whatever you are. How much time do you have, Jay? Yeah. So why can't I, you know, prevent, you know, this kind of email from coming to my, to my company, my crew, my team, the people who might be a subject, you know, to being fooled. Isn't there technology that would block it somehow? Yeah, there, there is technology, but for me, it's the basics and configuration management is to me one of the biggest problems we have when you have a misconfigured server or technology or security device that can do the job, but is not configured properly. You know, that's half the battle, though, what humans, you know, really need to do is not rely 100% on technology itself. I think it was in Star Trek where the Borg said that technology or computers is an imperfect machine built by imperfect beings, right? So you can't, you can't rely on computers to protect you 100% of the time. You heard it here on Think Tech Hawaii, yeah. Yeah, absolutely right. So training, you know, proper security training, you know, quarterly, at least quarterly with your company to understand what the current trends are bringing a VC so, you know, virtual CSO or whatnot, and have them do the training, have them get your company up to speed on what's going on. How much, how much of the problem is that these companies don't take it seriously? And they don't do that quarterly training. And they don't, you know, motivate their employees to be careful. They sort of let it go at default, which is, it's never going to bother me. I'm smarter than that. How do they, how do you, or the government for that matter, get people and companies excited enough to actually take steps here? Well, unfortunately, as we've seen in the past, especially in Hawaii, it takes a compelling event to happen. It's after the fact that usually people get nervous, they get scared and boom, they get hit. And at that point, you know, the people are brought in the Paxx, the Mandians and whatnot are brought in. And, you know, we have to do damage control. But what is that here? What is damage control? So you get a call. And it's, you know, some kind of, and you, you know, we, we talked about this before until you get a call and somebody is in a cold panic and something is going really wrong. And they say, come and help me. Well, A, you know, what, what happened to make them call you and, and B, what can you do you do to do the damage control? Because sometimes this is also quotable. Sometimes it's too late, isn't it? Usually after the fact that it is pretty tough. But what I tell most people, I've watched in my previous life, I've watched seasoned PhD cybersecurity people freeze up in the middle of an incident. So my first piece of advice, if this happens is stop, take a breath, understand what's going on and then move forward, you know, get in touch with your cybersecurity professionals, get in touch with Paxx or Cylanda or whatnot. Both of us will probably respond at the same time. And then at that point, you know, we'll figure out what the damage is. But our goal is to, you know, promote cybersecurity awareness and learning so that you can get ahead of the cue ball so that, you know, you understand and you start to see the attack happening. What could the damage be? You know, I have a little company, let's take the company we began with, it does defense contracting for the government or some prime. And, and they are, they are very concerned with aberrations that are happening on their system. They're not sure, but they're worried because they've read about this and they know about the surge, the spike, if you will. And so what kind of damage could we have? Why don't you just turn the damn thing off and walk away and have them all to read it? That would, that would be nice, you know, and if it's a world work like that nowadays, but fortunately, we are too well connected. Let's see how quick, how long somebody can turn their cell phone off and see how long they can go out without that, right? So, you know, if you wanted to get into the, the statistics of it, a mentor of mine from Central Pacific Bank, he taught me a site called Pony Modern, he taught me all about statistics. And you get in there and you look at the statistics of how much a compromise costs most companies and you're looking at between three to four hundred thousand dollars an incident. So what does that mean for the small business here? If you're compromised and all of a sudden you're, you're hammered with three to four hundred thousand dollars worth of damages, well, guess what? You're out of business and slowly but surely, domino effects happen and people just go out of business. But what's the damage? In other words, am I losing data? Is that classified or, you know, proprietary data being destroyed? What is happening? You could lose data, you know, data could get compromised, they could get encrypted, it could get, you know, what malware could, could interest. Like ransomware, you talked about. Reputational damage. But there's an assurance, right? Yeah, here we go with insurance. There we go. Okay, insurance is never going to cover this kind of thing. Yeah, don't quote me, but the insurance company has come out and said, if it's a nation-state attack that they're not going to pay out, that's why you see a lot of companies dropping their cybersecurity insurance because major companies are getting hit by nation-states, they're getting hit by APT. And those, those nation-states and those advanced persistent threats have the time, the money, you know, to sit there and wait for you to mess up. And then they'll take advantage of that and you're done. What's in it for them? Some kind of geopolitical gain? Some kind of government there paying them to do this? Yeah, it could be geopolitical. It could be the safety of our people. It could be the safety of our warfighters. You know, and that, that hits home for me, right? That's a very personal part of, of, as a veteran, you know, I want to make sure my warfighters are safe and, you know, so that's a very a daring point in my heart. But let me go to the other side of this whole question. We have a little time to discuss this, but I'm so curious. Okay, we know, I know China is doing this and they're probably very, very good at it, but Russia's doing it too. And we read about Russia. Matter of fact, there was a very interesting suit filed this morning in District of Columbia by some lawyer against Mark Zuckerberg, remember him? For his shenanigans with Cambridge Analytica, trying to hold him personally responsible for the damage that was suffered by the misinformation and disinformation that Cambridge Analytica spread around. Anyway, that all reminds me of the ERA in a nondescript building in downtown Moscow. You wouldn't, you wouldn't tell it from any of the buildings here, you know, why nondescript, okay? And somewhere in this building, probably not a lot of floor space, is a bunch of guys whose job it is to do attacks like this. And, you know, if you can do it in a nondescript building in Moscow, you can do one in Tehran, in Pyongyang, you know, name it. And so, I'd like you to take me there. Take me to the ERA type of nondescript building where you have a bunch of smart guys with, you know, advanced degrees from that country who know well enough what they want to do. How do they do it? They're working presumably in teams. They have trainers. They have a lot of resources available. They probably start at, like, the fallen book or something really, you know, basic like that. And then they wind up with a list of people to send fishing attacks to. I mean, tell me how it works. How do they get in on this? How do they become such a threat to us? Well, there's, so we've identified the buildings and stuff in certain countries of where those particular groups sit. And at any point in time, there's about 100,000 people that are actively targeting from one particular building at any time. So the, you know, it's, and let's get the degree out of the way, right? It's not, you know, highly educated degrees and stuff. There's some of that. But there are people that are natural geniuses of this. And they, you know, they do a lot of damage. But if you look at the APT and how they're doing it, there's many different ways. One of them, one of the biggest ways of doing it is just basically automating it, spamming it, having it, having it shoot across the internet and, you know, looking for any kink in the armor. And once it hits it, then they'll get eyes on last to see what that particular vulnerability was. And if they'll do some research on it, and if it's worth moving any further, they will, or they'll put it in their back pocket. If you're targeted, then obviously they have a dossier on you. And you, you know, spy games is not anything that's, you know, fake. It happens. There are spies in Hawaii. There are spies all over the world. You can read multiple books on this. You can listen to multiple YouTube videos on this. Just watch Netflix. There's a million movies all about all these spies. And some of that has to be true. Well, yeah. And I mean, there's a couple of things that happened in America lately, you know, with certain demographics of spies and whatnot that we've heard. But here in Hawaii, you know, there's a dedicated amount that are here that are currently tracked. And I think that goes all over America as well. Gerhard, do you, and tell us, do you guys think that they're tracking you? Worse yet, do you think they're tracking me? I think my, my agent that probably tracks me is probably sick of my internet browsing style. I go up on top of them all the time. So What don't you think they want to know how you operate? Don't you want to, don't you think they want to know how you train, how your clientele? I, so I primarily service the U.S. government. And I'm, you know, I bleed red, white, and blue. I love my country. You know, and as a patriot, I would hope that my government trusts me enough to, you know, not, and if they do, that's fine. I have nothing to hide, right? Everything I do is above board. So I don't know how you feel about that. I tell, I agree with him immediately. Well, here's the thing. In order for us to do what we do, we need to have certain standards in place. We need to pass certain requirements. We need to be, we need to follow the same rules that we ask our clients to follow, which is making sure we have a security awareness training program that we have a lease privilege and proper security measures in effect that we're not running around with equipment that could potentially be, you know, stolen or lost and then provide access to our customers networks. These are the reasons that companies like ours exist is because we have to first, you know, eat that sausage ourselves. And then, or should I say, the other, the other thing is that, you know, we got to eat, we got to eat their own dog, our own dog food. Is that how it works? Yeah. So you have to eat the sausage. You have to do, you have to do it yourself first. You know, it's just like when you go to the gym, do you look for the fat guy to be your fitness trainer? Or are you looking for that real fit, you know, muscular guy to show you how to do the exercises correctly? So this explains why I can never get a job in a gym. Well, you know, at least you're among friends here, you know, us little overweight, pudgy IT guys really know. It's part of the profession, isn't it? Yeah. And another thing is, is yet you have to have, if you want to catch the bad guys, you have to think like a bad guy as well. You know, and you have to have one here in the dark, as well as the light. Well, I wanted to ask you about that, Gerhard. So, you know, I mean, the essential message that most people get is to don't worry, the government is here to help. Don't worry, the government has, you know, these standards and requirements that everybody who touches computers has to, you know, meet them and so forth. And part of that is, we know who's doing this. We can, you know, it's like those indictments, you know, out of the Russian invasion of Ukraine, they got the names, the names of the individuals who conducted the war crimes. That's impressive. But do they also have the names of the people in the ERA building in downtown Moscow or Tehran or Pyongyang or Beijing? But, you know, can't we get, can't I look at the invisible addresses of that very email, okay, that Attila was showing at the beginning of the show and track it back to where it, from whence it came, from whom it came and can I do that? Isn't there a technology that would let me identify the individuals and organizations involved? And then I can take much more aggressive steps against them. So it's, it's interesting, that's an interesting question because, you know, I've asked the same thing, right? Why don't we just hack back and, well, the answer to that and I don't know if it's a viable answer, but it's the United States of America and we need to be, we need to be a, you know, a beacon of good of what we're doing. We need to have the right principles in place. Now, maybe, maybe there's some ruffles here and there, but for the most part, you know, the United States is not going to do the same type of terrorist activities. Well, I mean, defensive though. I mean, I want to know the people, you know, defensive is fine. But where do you go from that, right? So if you're getting attacked, you stop the attack, you mitigate the attack. You ask any cybersecurity professional, would you want to hack back? Sure. You want to see where it's going. You want to shut them down. You don't want them to do it ever again. Will they stop? No. So the best you can do is, you know, is the government here to help? They're a part of the fabric. I would say if you rely on the government to protect your infrastructure and whatnot, then you're opening up a very big Pandora's box that you don't want to get into. I think you should take the responsibility as a company owner or as a CEO or as a CISO to do every type of due diligence to protect your infrastructure against any type of threat when, you know, coming down to even just the basics, vulnerability, you know, vulnerability management, asset management, configuration management, firewall management, all these housekeeping basics, you know, you get that down and you get that proper. And then you'd be surprised how much, you know, the government now starts to fade away. If you're relying on the government to protect your assets, then it's not, the government doesn't move that quick, you know. Well, you know, suppose I go back to the beginning, what was his name, Berners-Lee, Berners-Lee Movan, to the beginning of the internet. And I say, wait, just like on my phone, you know, when I log in on my computer, we have two-step verification. Except that I apply that to the whole enchilada, to all of the internet. Attila and I have discussed this before. Go back and, you know, reform the whole thing, have an issue from the very beginning and say, if you want to get on the internet, you want to use the internet anyway, you have to have two-step verification. And, you know, it's going to stay, get a hard record. That's what it's going to say. And you're going to have to prove up that you are, and so forth. Okay. And then if you mess around, we know who you are and you will be shut out. And so the whole internet is kind of a reveal. It's an open book in the sense that we know who's there. Why can't we fix that? Would Berners-Lee agree to that? Do we have to have all this freedom on the internet? Why can't we have a price of admission in terms of the identification through two-step verification, whatever you like, to make sure we know who's around? Attila, you've answered this. You completely dissolved my question when I asked it last time. Let's see if you can do that again. Well, you know, one thing about the internet is we do have the federal governments to thank for that. I mean, that came out of DARPA. It was the original ARPANET. And one thing about technology, which is important, is to remember that hindsight is 20-20. At the time, we don't know what's going to happen. When Bitcoin first came out, it was a joke. Who's laughing now? All the Bitcoin billionaires. Maybe they're not laughing as of recent months. But I'll tell you this, in general, things become adopted over time and they become the norm. That's from in hundreds of years. We're talking about the history of the automobile, the history of the internet, history of modern medicine, even GPS satellites, we forget. That technology has only been available to the public for 20 years. These are all relatively new things. And internet security is the same. Internet security 20 years ago was different. And even, I would even argue, five years ago was different. Pre-COVID was different. Now we have an entire workforce that is now used to working remotely. The technology isn't new, but it's improved over the past couple of years just because of COVID. And because of that, the attack surface has increased. We now need to take these things a little bit more seriously. We have all these great new flexibilities. I got to say, even two years ago, it was Disney Plus and Apple TV Plus didn't exist. Paramount Plus didn't exist. We have all these wonderful new innovations that are occurring, not just on the consumer side, but on the business side. And everyone, especially if you're doing business with the government in any way, shape, or form, you need to really take this seriously because the internet of a couple of years ago doesn't exist anymore. This is the new normal. And if you don't get on board, someone else who does will put you out of business. He did it again. He completely dissolved my question. But let me ask you, Gerhard, isn't there something that we can do? For example, Twitter can say, Donald Trump can't come on here. We're withdrawing his privileges, whatever it is. So why can't there be a policing mechanism that says, if you're going to do a nation state hacking cyber attacks, we're going to take away all the IP addresses that you could use. And we have the technology to identify you. You're toast, man. You're toast. Why can't we do that? And is it in your interest? And is it in Attila's interest to come up with that? Because you'd be pulling the rug out from under your own delves, wouldn't you? Yeah. I mean, if you're talking about cybersecurity employment, right? And I don't think there's going to be a shortage of that even if we were to put it in place because technology was meant to be broken and people will find their way around it and they'll get through it over and over and over again. So we can start from the very beginning, but that's a hypothetical thought, right? And the fact of the matter is it's the real world right now. This is what we're dealing with at this particular time, at this particular day. And I would love to go back and redo everything. Windows 95 should go away. But there's nothing that we can do to change the past. All we can do right now is really work hard to fortify the future and keep as much security and integrity within the companies and the government as possible. What is the future in terms of the technology of dealing with this bad technology? The technology of stopping it or at least limiting it and dealing with the bad guys. I mean, you say, well, okay, we're going to train these people to look for suspicious emails. That's not at a high level of technology. That's a low level of technology. We're getting way past that, right? I mean, you're looking at AI, artificial intelligence, deep machine learning and whatnot and getting that involved into the cybersecurity realm. You talk about putting me out of work. AI will put me out of work. I'm not worried about, there'll always be humans messing up, right? I'll always be the moment you get artificial intelligence involved, then cybersecurity starts to to look really, really dim for the practitioner. But again, you listen to a bunch of different people on artificial intelligence. I particularly like Michio Kaku on his ideas on artificial intelligence. So I don't think we'll be seeing any type of loss of jobs in the industry for the next maybe 67 years. So does the security. So does the different types of technology advances. We move into pre-COVID. Pre-COVID was more on the industry, more on the company, more on the data center, more on the hot, hot, the hot cold type data centers and disaster recovery and everything else. And then COVID hit and now all of a sudden the, I hate this term new norm, but the norm is everybody's remote. Everybody's working remote and technology had to balance itself out to accommodate that. And that opened up a lot of different vulnerabilities, a lot of different things that people weren't looking at before. And they had to focus on it. Yeah. And worry about it. I mean, clearly, we're in another time. Maybe COVID, you know, somehow accelerated that time. But here we are. And it's just another thing to worry about when you get up in the morning. That's why I think about the Margaritas. So Gerhard, you're closing advice to people and then Attila will have his closing advice to them. Get the basics down. If you're a business owner, get the basics down. Get your housekeeping in order. If you need a security professional, get yourself a VC. So if you're a small, medium company, that's a fractional C. So we provide the service if you need. And get the basics down. You'd be surprised how much you can button up in your company with the basics squared away. And then we can talk about the cream on the coffee and all that at a later point of view. So I think that would be my biggest advice. Understand what your business is doing it, doing it and get the basics down. Okay, Attila. You started this conversation. Let's see if you can provide some closing remarks on it. Yeah, absolutely. I mean, the basics that Gerhard mentions, that's a great place to start. And be kind to yourself. Many of the organizations we all come in contact with, no one's perfect. Back in the day, I remember in Think Tech, we used to meet in person. Now we have to do this imperfect Zoom thing. I mean, we're all just kind of doing best effort here on some of this stuff. But when it comes right down to it, every organization that we work with that exists, we also solve problems. So the bigger your problem that you're solving, the more at risk you are. If that problem is federal work, that's a big problem that has a lot of responsibility behind it. You got to do the basics and more and keep up with the trends. This is not a one-time thing. You don't take a shower just once and then you're finished. You take a shower more often. You brush your teeth more often. Cyber hygiene is a very real part of that. And it's going to be up to your organization to make sure that you keep up with it. And sometimes you don't have the time. Hey, guys, I don't have the time to change the oil in my car anymore. You probably don't have the time to change your technology and keep it up to date. The thing is, what I take from this is that, and this goes for our country and our society. It's everybody's job. At the end of the day, we're talking about national security. I mean, both on the economic level and on the security level. And you can't just bob it off to someone else. We're all part of it. We also take steps. We all have to be conscious. We all have to be part of the solution. Anyway, thank you, Matt. Thank you for telling us to rest. And Gair Hart, I guess that's right, Gair Hart-Rickert. Thank you very much for joining us. It's been a great discussion. I learned a lot and I appreciate you coming on. Thanks so much. And by the way, next time, we're going to get into the cream and the coffee. That was a very oblique reference, Gair Hart. We're not going to let you go on that. We have to understand what's in the cream. Like maybe they have chips in the cream. I'm only kidding. All right, we'll talk soon. Aloha. Stay safe. Thank you so much for watching Think Tech Hawaii. If you like what we do, please like us and click the subscribe button on YouTube and the follow button on Vimeo. You can also follow us on Facebook, Instagram, Twitter, and LinkedIn, and donate to us at thinktechhawaii.com. Mahalo.