In this episode, the hosts discuss the Aerospace Village at the RSA Conference with Adam Scheuer, Chris McDaniels, and Henry Danielson. The group discusses their backgrounds in cyber warfare and aviation, and their work with CT Cubed to do good things for society in the aerospace industry.
Guests:
Henry Danielson, Volunteer at AeroSpace Village [@SecureAerospace]
On LinkedIn | https://www.linkedin.com/in/henry-danielson-43a61213/
On Twitter | https://twitter.com/hdanielson
Adam Scheuer, Executive Vice President at CT Cubed Inc. [@CTcubed]
Chris McDaniels, CEO at CT Cubed Inc. [@CTcubed]
On LinkedIn | https://www.linkedin.com/in/mcdanielsc/
____________________________
Hosts
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
This Episode’s Sponsors
BlackCloak | https://itspm.ag/itspbcweb
Brinqa | https://itspm.ag/brinqa-pmdp
SandboxAQ | https://itspm.ag/sandboxaq-j2en
____________________________
Episode Notes
Welcome to this exciting episode where we take you on a journey to the RSA Conference in San Francisco, and even to space! In this episode, we get to explore the Aerospace Village and learn about the fascinating work of the group CT Cubed, all of whom are volunteers doing good things for society in aerospace. Our guests, Adam, Chris, and Henry share their stories and backgrounds, which have led them to their current roles.
The Aerospace Village at RSA Conference features many sub-villages and exciting activities, such as the work being done by CT Cubed. They focus on realistic training for engineering and analytical work, in addition to training, to keep current in the aerospace industry. Their work has led to the creation of a system of systems called the Mouse, which allows for realistic training of students in the aerospace field.
But that's not all! As Sean Martin, Marco Ciappelli and our guests discuss, there is a lot of activity happening in space, and we get the pleasure of connecting with some of the folks working on this topic through ITSPmagazine. It's one thing to read a book, watch it on TV, or listen to someone's story, but it's even cooler to get hands-on experience with it. And that's exactly what the Aerospace Village at RSA Conference provides.
So come join us on this thrilling journey to space and the Aerospace Village at RSA Conference, and learn about the exciting work being done by CT Cubed. Don't forget to share and subscribe to our podcast for more exciting episodes like this one!
____________________________
Resources
Learn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw
____________________________
Catch the video here: https://youtu.be/U7B_wUN8Pe8
For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverage
Are you interested in telling your story in connection with RSA Conference by sponsoring our coverage?
Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/podcast-series-sponsorships
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast
Be sure to share and subscribe!
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording as errors may exist. At this time we provide it “as it is” and we hope it can be useful for our audience.
_________________________________________
voiceover00:15
Either we're there or not. ITSPmagazine still gets the best stories that are plenty of conferences and all sorts of events that spark our curiosity and allow us to start conversations with some of the world's brightest minds, in person or virtually, we sit down with them at the intersection of technology, cybersecurity, and society. Together, we discover what the synergy of these three elements means for the future of humanity. Knowledge is power, now more than ever.
sponsor message00:51
Black Cloak provides concierge cybersecurity protection to corporate executives and high net worth individuals to protect against hacking, reputational loss, financial loss, and the impact of a corporate data breach. Learn more at Black cloak.io.
Sean Martin 01:14
Marco
Marco Ciappelli01:16
Shawn,
Sean Martin 01:17
Vroom vroom, here we go.
Marco Ciappelli01:21
Chats on the road,
Sean Martin 01:22
Chats on the road, riding our drone up to San Francisco.
Marco Ciappelli01:27
Oh, that was a drone room room is a drone now. Propellers sounds like the scooter I used to have an ELD when I was 16 years old. I thought the drone does a difference. Whatever it is, whatever.
Sean Martin 01:43
You don't hold on to the handlebars, you just kind of go right. Yeah,
Marco Ciappelli01:48
it was the original self, self driving, bicycle, motorcycle, whatever, whatever you want to call it. Lucky to still be here to talk about it. But now we are excited. We're talking about going to RSA Conference in San Francisco. And, and we're going to space to I mean, let's let's bring it there.
Sean Martin 02:10
Right, there's a lot of activity in space, which is cool. And we get the pleasure of connecting with many of many of the folks who haven't even have a couple channels on the topic here on ITSPmagazine, which is really cool. And it's great to listen to his story, great to read a book, great to watch it on TV. But when you can get your hands on stuff. That's when it gets really cool. And that's what's going on in the aerospace village during RSA conference in April, the end of the month. And as with most of the villages within the within RSA Conference, there are many sub villages, many things are going on within them and and we're going to talk about some of the things that the group at CT Cubed is doing. And we have Adam and Chris on to help us understand what that's all about. So thanks for thanks for being on guys. Thanks for having us. And it's it's an all volunteer thing, which is important to point out this is a group of people coming together to do good things for society, specifically in aerospace. I want to hear a little bit about that and your history. Both you and Adam and Chris, kind of leading up to your role, what you're doing now. So brief peek into who Adam is and then pass it over you Chris for the same.
Adam Scheuer03:26
Sure. Well, thanks. Thanks again for having us on. name's Adam Scheuer, I am a currently retired vet. I spent 23 years in the airforce. And I got a retired in 2020. And after that joined up with CT cubed, so got to work with Chris and the other guys. And that's kind of what led us here. Kind of aviation background with the Air Force, however, from a cyber perspective, So, Chris, Walsall mentioned, we're both cyber warfare operators in the Air Force. Did that for our careers, various aspects, you know, leading organizations to down in the beeps and squeaks of getting the technology working in running for the Air Force securing their missions. And also, you know, doing some offensive and defensive work there. So, that's a bit of my background. I'll pass it over to Chris.
Sean Martin 04:22
Before you do that, mystery guest joining us, I'm gonna let that Hank in.
Adam Scheuer04:28
Thank you can
Sean Martin 04:30
have some fun with us and move things around. Alright, so Hanke, we're in full swing here, but we're gonna pass the mic over to Chris for an intro to who he is and then we'll then we'll come back to you.
Chris McDaniels04:45
Sounds good? Thanks. Yeah, as Adam mentioned, you know, I met in in the Air Force, so I was at the Air Force weapons school actually as one of his students. And I went back there to be an instructor then I finished out my time with the Air Force red team got To do some interesting things along the way. And we got out we had a, you know, our hypothesis was that the skill set that we learned at the Air Force weapons school cyber warfare course, would translate to the commercial sector. And so we set out on a on a goal to do that if you guys have any experience with the weapons school at all, by chance. That name right now,
Sean Martin 05:23
not not on either side, thankfully. Okay,
Chris McDaniels05:25
so let's meet. Let's be tell a little story here. So what happened is like back in the 70s 80s, the rumor is Hollywood was looking to, to make a movie about an elite, you know, DOD training institutions. So they went to the Air Force weapons school, no weapons school said, Hey, we're, we're way too busy doing a lead warfighting training, you should go see the Navy guys, you know, over at Topcon instead. And so we'd like to tell people, you know, Top Gun, weapons school, they're kind of closely related, but the, you know, Top Gun is 13 weeks weapons calls twice the length were almost six month long course. And then I didn't get to play any shirtless volleyball at all, as I was going through. And we do some things, we did some some things different. But what it is, it's actually an instructor course at heart. So we we we really have a passion for training, realistic training, right relevant training. And that's what led us to launch, we figured out that you can't wait, our our philosophy is you can't just be a training company have to actually do engineering work or do analytical work, as well as training just to stay current? Right. That's our philosophy. So otherwise, things can just kind of stagnate. And so as that as we went out and started trying to figure out how we would translate our skill set to the commercial world, it led us into doing some work with the Boeing Company, specifically the product security engineering workforce. And that led us to build a system of systems we refer to as the mouse, Adam, we'll talk about a little bit later. So that we could have a realistic training platform to teach the students the skill sets, they needed to learn that the problem is that we start identifying vulnerabilities for live weapons systems that the DoD is using, things get classified pretty quickly. And we don't want anyone getting in trouble, right. But we do want to have realistic training. So we built something that would allow us to do all of the same things that occur within the cybersecurity maturation methodology that Boeing developed, without anyone getting in trouble for security classification guidance reasons, or any sort of intellectual property spilling where it's not supposed to. And then that's, that's what will be taken out to the sandbox at RSA in its virtual form. So I'll pause and I think you want to hate to say some words as well. Yeah. So
Sean Martin 07:47
aka Henry, who's been on with us as well. Good. Good to have you on for this too. And, yeah, maybe a quick intro to who you are, but also an intro to the broader aerospace village. Apologize for
Henry Danielson 08:03
my lateness.
Marco Ciappelli08:06
You know, we were hiding from you. We don't
Chris McDaniels08:09
know. We're not supposed to start until three minutes from now. So you're actually you're actually early.
Henry Danielson 08:16
Anyway, my name is Henry Daniels, aka Hank and part of the aerospace village and working with CT Cubed very excited to see your live wares, if you call it. And I'm especially excited to talk to you about space Grand Challenge and how we could integrate some of the learning to high school students. Specifically, we're going to be using Unity rooms this year. And again, and a gamer if you're a gamer, you know what that is. But we're going to have a, what I would like to do is a sneak peek of rover or a robotic. You know, I'll just say rover, up up on the lunar surface fixing a NIC, a network interface card. And I'd love to have that discussion with you all if what you think about my idea, and is this plausible, or you're shooting to the moon Henry, or your way out of weight base. But anyway, I work at the California cybersecurity Institute. Sorry, I have ADHD LMNOP hyperactivity and add. So that's why I'm all over the place. But I appreciate your your support. And I cannot wait to see you all in aerospace Village, we are going to have a phenomenal time and it's going to be really good and thanks for the intro today. Appreciate it.
Marco Ciappelli09:32
appreciate having you here. So I guess Adam and Chris is going to like what would have started here you know the the importance of experience but what what are people going to experience because it's our job is to help people watch this and then flocked to the aerospace village. So what they can expect with you. They're
Chris McDaniels09:56
sure you want to take it out on
Adam Scheuer09:58
Monday. Yeah, sure. So so just For all the viewers, so to put a put an image with what's going on here, so this is about a quarter the size of what it would be in the real world. So this is our mouse. This is the platform that we designed system of systems contains the major subsystems you'd expect to find on any space or air platform mission, computer navigation, communications. So those types of subsystems, when you start to put them together can get very complex, and even just at the notional level. We've run our platform here, through some threat modeling software. And just with the subsystems we have, there's over 200,000 attack vectors, given different threat actors with something so simple. And this doesn't even exist in the real world, to be honest. So this is notional. And
Sean Martin 10:52
if you if you could add them to things, one, describe what you're holding. Sure, you said is a system assistance, but it's right, that is something. And then the other thing is, when he when you maybe if you can describe the attack vectors, attack vector doesn't mean vulnerability necessarily. It just means a way and rights maybe you can kind of describe a little bit of that too. That'd be good.
Adam Scheuer11:14
Sure, thanks. So this is the third version that has evolved for us, it started out as a trick tank tread vehicle, and it moved to mecanum wheels. And now we have the flying version. So for for anybody, we could go back to use those other ones, to demonstrate a system of systems, which really is kind of a fancy way of saying, there's not just one component in this. There's several components and subsystems that are dependent on other parts. So for example, using will use the attack vector kind of definition. So this has to be flown remotely. So there's someone sitting somewhere in a container on the ground or in a building sending signals could be direct RF energy, or it could be up over a satellite to control this remotely. So if someone were to say, get into that control station, because there's some access, that's unfortunately there, that is an attack vector that could get all the way to the system to the mouse here. I'll take a step back. The mouse is a fancy acronym we came up with, it's a mobile, optical, ultrasonic sensor explorer, not a backronym. We came up with that first, and then we fit the letters.
Marco Ciappelli12:37
Also, let me add a note for the people that are not watching the video. But they're actually listening to the audio version of this. The mouse doesn't look like a mouse, it looks like a drone. It's making holding in your hands. So people exactly think about the drone is a drone.
Adam Scheuer12:54
Exactly. So if you've flown like a DGI, or any other kind of drone that's out there. Very, very similar picture that except ours is CT Cubed. Orange. So yeah, so we're gonna bring this however, I'm pretty sure if we were to actually bring it, RSA folks wouldn't be happy if we flew a quadcopter drone indoors, probably a safety issue. So we're bringing it in three forms, we have put it into a HoloLens. So mixed reality, if you will. So you can fly that around the open. You know, the Oakland convention area, we brought it, we're going to be bringing it in metta quest to so straight up VR, virtual reality. And then most recent one is we put it on a, on a tablet on an Android tablet. So it's kind of another version of of AR So that's those are the three different ways. And then the here's the, you know, dangling the carrot out there. If you come fly it, you're gonna get your wings. So, here are the mouse wings. You know, we will
Chris McDaniels14:04
be one way to earn those Yep.
Adam Scheuer14:05
So little, you know, put it on your maybe we'll get some pins you can wear it. But yeah, so earn your wings come fly or mouse come talk to us. We can talk about everything that I just mentioned regards to attack surfaces. Talk about different threats that the, you know, aerospace industry is facing, you know, what did they have to think about? These aren't traditional Windows systems that are just up there that get patched? Normally there's a lot that go into these aircraft and other space systems, different considerations to think about.
Henry Danielson 14:37
I have a question really quick about the VR. The quest to so if I brought mine is there a possibility to get it on there to try it or you're going to have some quest goggles, if you will, for us to try?
Adam Scheuer14:52
We're gonna have our own equipment, but if we'll give you a sneak peek if you're interested in definitely hook it up and push it to yours if you're interested
Henry Danielson 14:59
us So I just want to show my son who we trust, you are not coming to RSA, but let him try it. So
Chris McDaniels15:07
the idea what the platform's tie everything together. So what we found with engineers, in particular systems engineers, they can spend many years working on a problem set. And we and we consider this to be a wicked learning environment, if you're familiar at all with the concepts of wicked verse kind, learning environments. And the simplest way to say that is that in a wicked learning environment, feedback may be non existent or very delayed. So if you make a poor security decision on a Space Platform, you may not find out that you've made that poor decision for a decade, or ever, you may never know that something you did was a result of some vulnerability or error, unless it just, you know, something unlucky happens. So what we've done is, again, this thing is complex enough as a system of systems that we tell the engineers here, here are attack vectors you need to consider, or here's some extra things you have to think about when you're not just doing enterprise IT. And then we have them actually fly it to complete a mission. So they can get that operator perspective. While we actually attack it from a red team perspective, right, then we'll take advantage of anything they failed to properly secure. We'll show them exactly how we did it. And then give them a chance to iterate and do it again, that that has really resonated with the students that have been through this type. Of course, there's, there's something about getting that operator perspective that makes them think, you know, I never want to put the operator of any system I'm working on in the same place. I didn't like the way it felt.
Henry Danielson 16:40
In real world environment. That's awesome. Just saying, let's,
Marco Ciappelli16:43
let's talk about that. Henry. That's a good lead in some example without giving away top secret situation, like some scenario so that the audience is not familiar with this type of attack and what actually look like in real life, right? So what what is the consequences for an airplane? Or is my mistake space shuttle is not flying anymore, but for a subtle life for rocket for anything that flies? So what could go wrong? Sure.
Chris McDaniels17:15
An easy example to Yeah, so so many things, right? limited only by your imagination. So one of the things with it with our mouse is that it's actually collecting information has an ultrasonic sensor on it has a EO IR camera, and easy example to look at from a very recently as a attacks against any sort of smart home device that has a microphone on it. Right. So there are some security researchers found that, you know, that microphone is taking in information from the environment, passing it into the system. And then depending on what it talks to, from there, some interesting things can happen. So what these folks found is that they could be a few blocks away on top of a roof and use a laser to stimulate the microphone of this device. And it could tell that microphone, you know, the laser could make the microphone think that it heard, Hey, go and open up my garage door. And then boom, the garage door opens. Right? So now that the engineers know that's possible, and they've got to see it, they can do things to mitigate. Right? You can, it can be as simple as not letting the device be near a window, or laser can get to it could be putting some sort of filter to stop lasers, it could be adding a challenge to say, hey, you just asked me to do this sensitive action, I'd be glad to do it. But tell me what two plus four is? Right? What's the adversary wouldn't be able to hear, the way you can then start solving it becomes very interesting as well. But you have to just even understand that this was an attack that could have happened in the first place. And we have a whole list of those without we don't want to give away the secret sauce, obviously, of all the surprises you'll see in the course. But that's a pretty easy one to wrap your head around.
Sean Martin 18:56
Yeah, cuz um, you said could be decades or even never that you that you experienced a vulnerability being exploited. And it makes me kind of like a parallel first I want to go into the ocean, there are things in the oceans, similar things right, live down in the ocean for a while, but also thinking like medical devices, where you're inserting something in your body like pacemaker or an insulin pump, and those things have expected lifetime and they're probably not going to be patched anytime soon. So you're kind of building these things, knowing that they're going to be in a place for quite quite some time. Now in the medical world, we have the FDA kind of hopefully, helping to mitigate some of that risk with controls and release cycles and things like that. What's the equivalent in in the aerospace and is it? Is it airplanes versus base travel versus satellites? Are they separate? Things are what's that landscape look like? lack of a better word.
Adam Scheuer20:03
I'll take this one. So I think we're just realizing that it exists that that concept that you just kind of just went through that, oh, no, we have to think about this stuff for the future. Because we have to do so secure by design is a word that starts it's gets gets used a lot these days. I always like to refer back to like the B 52. It was, I think it was awarded in like 1946. They're like, hey, contractor, go start to make this. And it first flew in 1952. And it's still flying today. So those, those folks had no idea what the internet was back then. So the the idea, I think that you kind of just have to go back to is that secure by design idea. And it has to last however long it might be out there, and the shelf life of the of the B 52. It's just going to keep going from what we can tell, there might there might never be an end, they'll just keep modifying it and adding new widgets on it to make it still effective. So can can something be just deployed? Like in a medical field? Or on an aircraft? And can it exist as it is? Or will there be reoccurring maintenance? Does it have to come off, get calibrated go back on? Those are all design decisions that engineers have to think about as they're going through the design process? So in some instances, maybe medical device that goes in you, the expectation is it will stay on you forever? So therefore, you got to think through all those considerations? Of how long could that be in someone's, you know, inside someone helping them live? And then what could go wrong? The what ifs, you know, so can't plan for everything, but you've got to at least be able to prioritize what are the most likely things that could happen and apply those resources to try to make sure you mitigate or stop them from happening.
Sean Martin 22:02
And Anke, kind of on this same topic, because I mean, there's been a lot of emphasis on IT security, and information security, in the enterprise and in, in government, Operation departments, right, things like that. We're we're looking at Windows and Linux and, and mainframes and, and common protocols with standards and frameworks driven by government entities to say this is kind of how you build stuff, here's how you best practices for securing it. The OT world, and probably even more. So when you get out to the fringes of some of the things that your teams are looking at. How how do people and obviously we're talking about the aerospace village and the work that you're doing here? But how do people start to get a sense of what those systems are? What are the protocols? What are the networks? What are the applications? What are the communications to begin to understand what what needs to be done to reach that secure by design that Adams talking about?
Henry Danielson 23:13
Yeah, I think personally, there's amazing researchers out there that are publishing, doing books, doing papers, academics, how do people find out about this? And I'll just, I'll just say, you know, I definitely think in the aerospace village, anybody that's going to be hanging around with us and the partners that are there would be able to discuss IoT devices, I know that we're going to talk a little about the cloud as well. I mean, at some point, space travel will be and other companies are doing that now, where they're actually using cloud based systems to be able to control cube sats, for example. So back to your question about IoT, I think, and OT, there's so many things that we have to know now. So for example, maybe it at one of the academic institutions, they will teach secure security by design and have them look at a current product that's maybe two, three years old, that wasn't designed with security in mind. And they'll come up with maybe, how can we encrypt something? How could we encrypt something from the endpoint to all the way up into space and outer space? So I think that getting people to understand at the aerospace village that we want to educate people and get people to understand there's a cool thing out there right now called Sparta, that talks about a matrix and it's kind of a mash up of mitre and space. That would be something that I would always lean towards right now. That's a newer technology that not necessarily newer, I should say, but it's by the Aerospace Corporation, which is great. They're sharing How to Protect outerspace. So that would be something that I would want to always reference back and then think about mitre and how attack surfaces are, and look at them. So educating the the people coming into this space is really a huge passion for me and trying to get young people involved in this or someone that maybe is on the, I don't know, maybe they're in medical information research, and they want to flip and come over to the space or aerospace era. I hope that answered that.
Marco Ciappelli25:33
Yeah, that's really cool. Actually, kind of made me curious about a question about the future, always, kind of have a weird mind. I like to think about the future looking at the past. And and when you look at the future in what you do, how do you actually kind of predict? How far can you look into the future, even if knowing that even the most advanced technology now could actually be developed, deployed with malfunction or bugs or things that we just couldn't even think about? So is it like more of a cultural approach that we need to switch and really think about everything from different perspective? Or it's just impossible, really, because the complexity of of things? So, Chris, maybe you want to throw your opinion here? Sure.
Chris McDaniels26:26
Yeah, I think there's a way to abstract and look at the fundamentals of Pebble, what we're dealing with the problems that all that's not going to get outdated here, just because a new vulnerability comes out or new, like a PT actor, is found. So we've, we've talked about attack vectors several times, for example, if you the end of the day, there's energy entering and leaving your platform, all attacks will have to start or, or end with one of those paths. It's like, if you can understand that, by you, you can at least start to understand the general attack surface to your platform, then it's as we as we get more mature, it's how, how deep we dive into each of those threat vectors, right? So then you have to understand, you know, the difference between Windows, Linux, embedded systems that maybe don't have a traditional operating system, real time operating systems. And then it's just been a dentist, the constant cat and mouse game that's been, you know, been in place with security for millennia, right? So I think that we can, we can teach the mindset, we can teach fundamentals that will, that will last people's entire careers. And that's, that's the place we tend to operate right now. Like, get everyone that solid foundation, and then you expand on it and grow as you mature in the field. That makes
Marco Ciappelli27:51
sense, kind of like the the main rules, and then we can go deeper from from here. Adam, anything you want to add on that?
Adam Scheuer28:00
Sure. Just the fact that, like Chris mentioned, once you have documented your attack surface, other than the the wrench attack, where someone just comes up and starts banging on your system, or, you know, maybe the evil astronaut out in space, doing a spacewalk starts hitting on it. From a from a cybersecurity perspective, that is the the understanding of everyone who's involved is that those those lines in and out for the attack surface. And once that's understood, like I said, Before, you can start to rack and stack, where's the highest risk, you know, limited resources, no one has a trillion dollar budget. No one has all the time in the world. So that's when you start to take your smart folks that are on your teams and say, Alright, we're gonna go after the top three issues related to these these threat vectors. And we need to figure out how real of a threat they are. And do we need to change some system design? Do we need to add some tactic techniques and procedures, if something bad does happen? Because we can't mitigate it all? Like, what's our response? So that it really becomes a holistic approach? Once you understand that, so it does go back to culture for sure. And just the foundation of what what do you know about your platform?
Sean Martin 29:20
Speaking of foundation, students, Hank, your thoughts on this from from an education perspective, kind of security by design starts with secure mindset. In my mind, so your thoughts on the future of this?
Henry Danielson 29:38
Yeah, I do think that more universities as we're growing, are designing courses on are giving young people the opportunity to be able to have that mindset and think in that mindset, and learn by doing which is Cal Polly's motto to try to, you know, be able to get their hands on something I know that we we try to support the student as far as we can. But I also think in reality, if they leave directly from an institution, they may, they may be one of the only people that are coming to the new organization with that with that thinking, just because it's it's currently in flux and and change. But I do really feel like all the universities out there that are that are teaching cybersecurity and specifically in space, what I would suggest, is in the aerospace arena, that they have courses in hell, that the students are required at least one on security by design or security in general, how to secure an airplane, how to secure a drone, how to secure a spacecraft or a satellite, that way they understand how things could be compromised, and they get just a little bit of understanding of what that could be. So I do think it's interesting, because I think we're in a flux. And maybe Chris and Adam can expand on that in your corporation, when you're trying to hire a young person or an entry level human. And you ask them, Do you know anything about security, design, security by design? They may not have that skill set? Or maybe they do. And I'd love to know, when you're when you guys are you all are hiring? how's that coming up with you? And maybe I'm wrong. We're not in a flux where it's just at the middle part of that.
Chris McDaniels31:30
Yeah, we started, we don't have any great input there. We don't. We're pretty small. And we don't tend to hire entry level, just where we're at. So okay, we haven't solved that problem just yet. Okay, awesome.
Sean Martin 31:43
But it's an interesting conversation. And one that I would would encourage folks to have guests where they are. At the sandbox, this is one of the one of many, many things I think folks should be talking about education and training and cross training, we talked about healthcare and maritime and, and there's a chance to learn from each other private, public, private sector, commercial academia, we all need to come together and generate awareness, build the foundation, continue education, and move things forward. Because as we've pointed out, this stuff's gonna live for a long time, we better, better get it right as best we can, as early as, as early as we can. And with that, if you're an executive, if you're a business leader, or if your practitioner or security analysts come visit, Adam and Chris and Hank, in the aerospace bill is mark on I will be hanging out in there as well. Doing stuff with Boeing doing stuff with with the drone and having these conversations. So
Marco Ciappelli32:54
I'm Hank, if you don't mind, I'm gonna make a t shirt that says entry level human. I really like the Phoenician. I think I want to record to get a domain. Yeah, we are excited. And also you guys are going to be in great company there with the IOC village, the ICS village and dark art and pen and ops. What is the other one showing? Up? Sack? Yep, that's right. And I think there are some pop up villages. Well, I haven't really figured out what that is. But
Sean Martin 33:26
yes, every game says, thing go in there and the pop up. So yeah, tons of good stuff. Great people. Again, I mentioned the beginning, this is all volunteer. So go support for the crew, and be part of the crew and help them move these things forward. Of course, stay tuned to all of our coverage of RSA Conference, including other chats with villages, we have some stuff with IoT coming up as well. And on itspmagazine.com forward slash RSA. See, it's all right there. Stay tuned, join us see you in San Francisco everybody. Thank you there.
Marco Ciappelli34:06
Subscribe.
sponsor message34:11
Black Cloak provides concierge cybersecurity protection to corporate executives and high net worth individuals to protect against hacking, reputational loss, financial loss, and the impact of a corporate data breach. Learn more at Black cloak.io
voiceover34:32
We hope you enjoyed this episode of our on location conversation. If you learned something new and this podcast made you think then share itspmagazine.com with your friends, family and colleagues. If you represent a company and wish to associate your brand with our conversations sponsor, one or more of our podcast channels, we hope you will come back for more stories and follow us on our journey. You can always find us at the intersection of technology, cybersecurity, and society