 Everybody, this is Christian Buckley with another MVP buzz chat and I'm talking today with Victor, hello. Hi, Christian, how are you? I just like to point out, so thanks for joining so late. It's, in fact, I was looking, I'm talking to somebody in Sweden and it's 4 p.m. Mountain U.S. Yeah, so it's midnight there. So thank you for joining. Yeah, it's actually, you know, it's Tuesday here now. So yeah. Well, there you go. Well, so why don't you introduce yourself? Who you are, what you do and go from there. Yeah, sure. So as stated, my name is Victor Hedberg. I work as a cybersecurity consultant at a cybersecurity firm based in Sweden. I'm a cloud and data center management MVP, but that's only because I'm contributing in the enterprise security category. So that's the reason why it's the cloud and data center management because, you know, enterprise security is under cloud and data center management. It's always interesting to look in that may shift and change as they kind of move pieces around and evolves and changes. That's, you know, one of the, I talked about this with a couple of interviews that I've done recently, but, you know, once you become an MVP, I mean, you may find that your own role and your job and what you're passionate about may evolve and change, but there's room for you to go and adopt, pick up other, you can suddenly be focusing most of your time on power platform and then make a transition over being a business applications MVP, like that crazier things have happened or pick up a dual MVP. Yeah, exactly. I think one of the employees at my company used to be a dual MVP, but I can't say that for certain. I think he's apparently an enterprise mobility MVP. And I think he was in the cloud when they into center management category as well before. Well, when you see somebody who is a dual MVP or even I've run across and interviewed a couple that are, I think two that are triple focus areas. And there, one thing that we can all understand is that those people have no personal life. Yeah, exactly, exactly. Because they're constantly contributing. Yeah, they're doing things out of the community. So yeah, it's like, you know, that's out on the front lines of a war who's a medic. You know, they're actively engaged. Yeah, to say the least. So how long have you been an MVP now? Well, I got my award on October 1st. So it's a little bit more than a month now. Congratulations. Yeah, I got the award package delivered, stuff like that. It kind of hasn't sunk in yet, I think. Yeah. At some point, you know, well, I got the stickers now. So I put them all over my laptop, stuff like that. So it kind of feels real, but at the same time, it kind of doesn't. And then I, so I realized, cause I have all of the award, like the boxes, the renewals and stuff, and I have them in my closet. And I've got all the stickers in there. I realize I have a stack of stickers. And I'm just like, oh, do I need to refresh? And things that I put stickers on the year before, still looks good. Goes to show the quality that goes into these. There you go. That's right. Quality of the stickers. Good job, Microsoft, on that. Yeah, exactly. So what was your path to becoming an MVP? Kind of what's your story? Well, I started proposing, putting in, you know, called for, called for papers when it comes to cybersecurity related topics. And a bunch of them got caught up. And I guess we're kind of spread from there. So I started talking a lot with the UK community people, got invited to some of those events, actually got to speak at an in-person conference event earlier in October, which was kind of weird, given, you know, the times past. So I spoke at an event. So I attended one in September last year. But when we thought things were opening up again, and then it doubled back, you know? But thankfully it didn't become a super spreader event. And it was fine. But it just was poorly attended for some reason. Yeah, hard to see why. But it's good to get in front of the community. I mean, it thinks, I mean, honestly, the, you know, for new MVPs, especially, it's unfortunate. I mean, there's certain amount of things that you can do when it's virtual, but I mean, you lose a lot of the, I know, the benefit of having the award, having the recognition as being an MVP, if you can't get out and meet new people and have conversations, but we're just kind of hibernating now. So it'll open back up and we'll get back into the swing of things. Yeah, you know, in Sweden, we lifted restrictions back in the end of September, I think. So things kind of, you know, have panned out in our favor so far. So my company is actually hosting an in-person event, well, later today for me, where I'm talking about cybersecurity stuff with one of my colleagues who's also an MVP. Well, there's a lot, you know, with Ignite now behind us, like there were a bunch of announcements of things that are, what kind of stood out? What were you most excited to see and talk about? The rebranding of certain products once more, you know, that all of this is like a monkey wrench thrown at us. That's part of the, everything old is becomes new again. You just... Yeah, I know, exactly. Just like with the company behind Facebook, you know, they're not Facebook anymore. They're made up. Yeah, they're bigger than that. It's a bigger thing, yeah. Yeah, exactly, exactly. But what stood out for me was that the security track was, it got even more highlighted than Ignite a couple of years back. So it really goes to show that Microsoft really, really are developing good security tools and they're focusing heavily on cybersecurity at the moment, which I find super interesting. And I think that is what's needed right now. Yeah, there's, Microsoft is in the news about at least once a month, once or twice a month where they're thwarting something and you know, or they're involved in and helping out at least with the US government. There's something that's been going on around that. I know that the... So I was in on a panel earlier today with a user group at the Minneapolis, Microsoft 365 and doing a post event and post Ignite panel. And I know that there's a whole category. There's just a bunch of announcements and things that are around it. It's not my space. I didn't really pay attention to all the announcements. I know that probably people in my team, we've got our chief security officer, probably be very sad to hear me say that. But except the fact that Microsoft is focusing on opening up multi-cloud and realizing that they need to be actively working with, you know, competing cloud solutions, but by providing solutions because the reality is every one of us on companies, we're all multi-cloud. Like nobody just works within the Microsoft stack. Yeah, exactly. And I think the challenge that lays ahead is trying to find some kind of, you know, how do we keep our security posture being in a multi-cloud environment and when we also have the hybrid part of it to adhere to as well. So it really, it kind of gets mesmerizing at some points, you know, you have all these dots that you're trying to connect. But yeah, it's super interesting. And I think we'll see real cool things happen when it comes to the capabilities of Microsoft security. You know, something that jumped out to me, I don't remember who was talking as part of the Ignite Keynotes, but they even made the comment of being careful with their words and to be a little humbled about cybersecurity and things going out there because they don't want somebody to be, take that as a signal or a challenge to go and, you know, even attack on Microsoft even more. But I mean, I look at it just from an Office 365 customer as a client for my own tenant, and I'm sure my company sees the same things. I'm amazed and astounded at the volume of attacks that are against my tenant and what Office 365 thwarts. It's just crazy numbers. Exactly what you're describing. We're seeing that on a day-to-day basis on all of our clients, you know, signing attempts from all over the world because now we're publicly facing our signing prompts using the internet, right? So there is no stopping us from getting that Nigerian Prince if you want to, trying to sign into your account. Victor, when somebody asks for your help, you know, you should help. Yeah, exactly. Well, not if they're asking about my credit card information. I won't help. Well, yeah. No, it wasn't that. All I did was send $500 in Amazon gift cards to the email address. I mean, it was, you know, the thing I could do to help. It's a prince in his own country. Come on, Victor. No, but I think, so what was the latest news like Microsoft? I think it was like the largest DDoS attack that they had, you know, seen ever. Just a massive, you know. Yeah, you know, the records are being broken every year, every day it seems with massive ransomware attacks, massive DDoS attacks. There's just no end to it. We're kind of pushing our luck right now with a couple of the big bad guys in ransomware operators out in Eastern Europe getting picked out by local authorities. Yeah. So we're hoping to see some kind of, you know, positive consequences following from that. But, you know, it's a never-ending battle. And the only way we can do it is if we work together, basically. So that's why I'm so proud of what my company is doing, where we're actively promoting community work. So we're trying to help our customers implement a safe solution and also understand why it is a safe solution and how they can use it. So we're not just, you know, we're not just deploying a solution and then like we're done. So we're trying to educate each and every one of our customers and like the event taking place in, well, seven hours from now. Or sorry, nine hours from now. It just, you know, these are our insights. We're trying to spread the knowledge, spread the words. So we focus a lot of what we're doing on the value we provide rather than, you know, strict consulting services because that's not how we roll. Well, also, I mean, you guys have to stay on top of everything because it's constantly changing. You know, when they fail at the attacks, I could go and try something else. So there's, it's a, unfortunately, or fortunately, it's a growing business. It's a good space to be in. Yeah, business from a partner standpoint. Yeah, from a business and from a partner standpoint. Absolutely. You know, the revenue we're creating is insanely huge. But, you know, it all comes from a cost at some point. We've been lucky so far here in Sweden that we haven't had like health services being compromised in that way. Like I know you guys in the US have been attacked on several occasions and it really goes to show that, you know, there are, there is no honor among thieves. Right, there's no, you know, there's no line they won't cross to try to get their money. Right. Well, it's, you know, so my, you know, personal experience, I mean, I've been, you know, I don't have any major my, you know, individually, my, you know, assets, online assets that like I have my backups that may be more of an incendiance. It wouldn't destroy anything, you know, take, take down, but my former company, my independent business, two of my clients that experienced ransomware, one that just took the hit and lost a couple of days of data, but they were otherwise they were prepared for that. And the other one that they, there was a, I don't know, you'll flaw, there's something that, you know, but they ended up paying the ransom and they had no other option, but to go and do that and, you know, got their data back. But yeah, it's a lot more common than I think we even hear about. Yeah, absolutely. You know, we only hear about and all these numbers about, you know, oh, the ransomware industry is overtaking the drug industry when it comes to, comes to revenue and all of that. That's only the visible cases, right? We don't see the invisible cases where you don't want the bad press because you just got hit by ransomware and you want to pay the ransom to get out, get out somewhat scot-free. So yeah, I think that the problem is even larger than most of us would, would get at. And I have some insights, but, you know, I can't publicly disclose all of it. Well, there was some, so I participated in a webinar two months ago. There are some stats that was shared. I don't have them in front of me, but it's, you know, the vast majority are not these large companies that make the news, that do the PR around it, that have the formal responses around there. It's small to medium-sized businesses and the cost per employee cost is like 10, 20 times the cost to the large companies. And so that's the thing where, I mean, look, if something had happened, if I didn't have all of my data out in the cloud, if I didn't have those protections in place for my little standalone business, it wouldn't just put me out of business. If I lost all that data, I would have been done. You know, and so how do you then measure that cost? It's, you know, it's pretty simple, zero income coming in, so. Yeah, exactly. And you know, that's why it's so rewarding working in those incidents where you actually get to feel the happiness from coming from the client in that case when, you know, we can come forth and say that, hey, we know you've been hit, it's real bad, but, you know, we'll help you through this and we'll provide you with crisis management, all of that. And once we actually get them up and running again, it's just, you know, bursting with tears and like, oh my God, you helped us so much. And it's so rewarding and it really makes it all worthwhile. You know, one of the most entertaining presenters within over in the office apps and services side. So I came up through the, you know, within the SharePoint community and kind of that side of things. So I have a really good friend who's really well known in the security space over within, you know, collaboration and content management is Liam Cleary. So he does a lot of stuff based in the DC area. So he has a lot of customers, but he used to do a session which there's still recordings out there. He'd always preface his session by saying if there's anybody in the room, if I show some of the examples, I'm gonna show live environments that are broken that I can, you know, hack. And his session was like, so you think you can't hack SharePoint and then he would go in and just public facing but SharePoint based sites and show how they were not adequately architected and that they were easily accessible with free tools, things without there. I saw it twice where he gave the session in DC, both times somebody in the room like gasped. And one time a woman said, that's my company. And so he stopped presenting, walked outside with her, had a conversation and talked to him like, what did you talk about? He's like, look, I gave her my information. I said, like, I'd be happy to walk through. He says, and he kept saying over and over again, like everything I'm doing here is legal. If I were to take a screenshot or pull down any content, I would be breaking the law. He's like, but this is broken. He says, I'd be happy to tell your team exactly what I did to get in there and do that. I'm just saying that there's a big business and people love that kind of theater, that kind of presentation to show people what you're doing wrong. Do you do a session like that where you walk through and you're a friendly half? Yeah, for my session tomorrow, I actually have a demo environment set up because I don't wanna password spray one of my clients, but the tools I'm using, I'm happy to provide afterwards. Just try this out on your own and see if you get any hits because if I can do it, so can you because it's basically a PowerShell script and looping through the users in some variables with some passwords and trying to brute force their way into the basic off side of Office 365. And it really goes to show that it adds like a second layer of your presentation, I think that these techniques are readily available and everyone can use them. Like I can get my six year old son to run a PowerShell script, just press enter. Well, that's a great, so are you recording your session for tomorrow's event? Yeah, it's being live streamed onto our platform. I don't know if it will be, I think it's behind a paywall or some kind of. I mean, because this recording will be live, it will have already happened weeks in the back, but I think we're like six, seven weeks out on recordings, but yeah, I mean, so is that something if they go and search on your name, could they find your sessions like that available on YouTube? Well, not right now, but I'm currently discussing with some of my friends to maybe like do a Microsoft 365 Defender, hero to hero kind of video series where we'll touch on, touch on all of these points and help every one of you to, you know, secure successfully secure your Azure environments and your hybrid infrastructure as well. That was one of the announcements too is around Defender and availability through other licensing. Yeah, yeah, exactly. And we got some interesting news for the SMB segment with the small medium businesses using a Microsoft 365 business premium, I think. I get all the EDR capabilities from Defender friend points, which is hugely important in this day and age. Yeah, yeah. But, you know, my session will be more about getting back to the basics because I'm getting kind of fed up with all of these, oh, you know, oh, we got this fancy cloud access security broker system or we got this fancy EDR system. We need to take a step back and really, you know, take all the boxes in our basic security hygiene first, then we can proceed on and go talk about EDRs and sandboxing environments or what have you. That's always the danger. I mean, cause I know it now is, you know, MVPs. I mean, we're always excited to talk about the net new but when it's under premium licensing and things out there, like I actually prefer not to talk, like talk about that stuff. Hey, it's also available, but exactly to your point to talk about what are the majority of people have, what to go and talk about from that perspective, give people options, show them kind of the path forward. If that's not sufficient, what's the next step that they can do after that? It's more helpful for the majority of people. Exactly. I totally agree. And I'm trying to, you know, trying to show them all the raisins in the cake if you understand that the figure of speech, you know, pick the chocolate bits out of the cake to save all the goodies when it comes to the licensing part because it's a jungle. But if I can show people like, oh, if you use Defender for Identity in this way, you can actually get alerts on when somebody gets added into the domain admin group. And if you use the Defender for Endpoint integration you get a whole lot of more visibility into it as well. So that's basically what I'm trying to promote as well. You know, there really is a value into stepping up on your licensing game because the features that are there, they're not just there because they're costly. Just look at all the Gartner or the insights from other marketing companies like the Microsoft really, really are taking a position like as a cybersecurity leader in these days. But that just feels like you're signing yourself up for building a very hefty infographic around, you know, what lights up with each of those. You know, Microsoft probably has that that's out there in a couple of different places already, but. Yeah, you know, I regularly reference Aaron Dinege work. His GitHub repo is amazing when it comes to, you know, trying to figure out, oh, this bit or this be, these bits and pieces are represented in these kind of licensings. Aaron Dinege's GitHub repo, when it comes to Microsoft 365 licensing is a godsend. I've said it, I've said it. I have to go track that down, if you send me the link I'll add it into the blog post as well that you mentioned. Yeah, absolutely. Yeah, awesome. Well, Victor, really one great to meet you and hopefully as a new MVP things start to open up here. I think it was just in the news today that, you know, that they're dropping the, a lot of the travel restrictions for people. Yeah, I read that as well, you know. International. Exactly. So fingers crossed for an in-person MVP summit. I sure hope so. We need to have it, you know, it's been two years. So it's time to get back together. So looking forward to that. But thanks for doing this. Thanks for learning more for, so I'll have the blog post that's out there for people that are watching this, find us out on social or out on YouTube. Then you can go to bucktheplanet.com and I'll have a blog post. You can look for Victor's name, search on it. You'll be able to find it with the links there. But just for those that are listening to the podcast, people want to find you, reach out to you. What are the best ways to reach you? The best ways to reach me are predominantly through Twitter. So my Twitter handle is like, how would you pronounce my last name if you see it on your screen there? I'd say Hedberg. Yeah, so yeah, that's basically my Twitter handle. So it's at Hedberg, spelled like H-E-A-D-B-U-R-G-H. So at Hedberg, go follow me, reach out if you have any questions. Feel free, all the links to my other social connections are on my Twitter page as well. Awesome. And well, Victor, really appreciate your time. And hopefully we'll see you next year.