In light of Mozilla's alarming vehicle privacy report, a dialog with BlackCloak unveils the vital need for comprehensive personal cybersecurity solutions to shield executives and individuals from the spiraling risks tied to modern technology, underscoring a broader call for a privacy-centric transformation in our digitized lives.
The recent report by Mozilla, shedding light on the privacy concerns around modern vehicles, struck a chord. Notably, every car brand reviewed, including behemoths like Ford, Volkswagen, and Toyota, flunked the privacy test. This revelation steered a fascinating conversation with Chris Pierson and Ingrid Gliottone from BlackCloak during a brand story recording for the Redefining Society podcast. Our focus veered towards the lurking privacy and security issues tied to the modern, tech-savvy vehicles we so casually entrust with our data.
The modern car is no longer just a mode of transport—it's a smart gadget, a data hub on wheels. But as the wheels spin, so does the reel of our personal information, weaving into the vast web of data, ready for harvest by not just the car makers, but a string of 'they' – the infotainment system providers, app developers, network providers, and possibly cyber rogues. The conversation took a deeper dive as Chris, the CEO of BlackCloak, elucidated the firm's mission—shielding corporate executives and key personnel from personal cyber threats that could ricochet back to the corporations.
The Mozilla report is an alarm bell, underscoring the high time to separate the wheat from the chaff in terms of what data is essential for functionality and what merely serves as a gold mine for advertisers or a hunting ground for cyber-attackers. This blend of privacy and security, or the lack thereof, is a cocktail we are forced to sip, as Ingrid pointed out the lack of clarity presented to buyers at the point of sale concerning the privacy policies tied to these vehicles.
The promise of tech advancements in vehicles is dazzling—better shocks for off-roaders, safety features to prevent accidents during a sudden snooze, and so on. Yet, as Chris highlighted, there's a dark side. Some policies mentioned collecting data about one's sex life and genetic information— a far cry from the basic expectations of privacy.
As the conversation with BlackCloak unrolled, the blend of excitement and concern was palpable. The question now is not about halting the march of technology but steering it towards a path where privacy and security are not the passengers but co-drivers.
The findings from the Mozilla report and insights from BlackCloak are not just food for thought, but a call to action. It is crucial to reckon with the reality of the modern-day vehicles doubling as data hubs and to steer the conversation towards a road where transparency, consent, and security are the landmarks. I urge you to dive into BlackCloak's offerings to explore how they are redefining the security landscape, ensuring the privacy and security of your personal digital realm, including that computer on wheels parked in your driveway. Visit BlackCloak to discover what they offer in shielding the modern-day knights from the unseen arrows of the digital world.
Guests:
Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]
On Linkedin | https://www.linkedin.com/in/drchristopherpierson/
On Twitter | https://twitter.com/drchrispierson
Ingrid Gliottone, Chief Experience Officer of BlackCloak [@BlackCloakCyber]
On LinkedIn | https://www.linkedin.com/in/ingridgliottone/
Resources
Learn more about BlackCloak and their offering: https://itspm.ag/itspbcweb
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00] Marco Ciappelli: All right, everybody. Here we are. This is a Redefining Society podcast with a spin on a brand story, and it's with a good friend of mine, and brought another friend, and your friend is my friend, so everybody's welcome, and we're going to talk about something that was in the news, quite a bit in the past few days and is a research done by the Mozilla organization they do a lot of privacy versus convenience, security, safety, kind of get confusing there.
We're going to touch on that as well. And uh, and we're going to talk about, uh, the, the stuff that we drive. Distinguish four wheels that will feel very comfortable in it. But now we don't have to worry just about the engine or the electric battery, whatever you drive. But we have to worry maybe about what that car knows about us and how it may touch on our privacy, our safety, our security.
Again, enough talking. I want to introduce Chris and Ingrid. They're here with me. Uh, how are you guys doing?
[00:01:09] Chris Pierson: Doing good, doing good. It's always, always a pleasure to talk to you, Marco. Always a pleasure. And I brought a friend today.
[00:01:16] Marco Ciappelli: Yes. You want to introduce your friend and yourself?
[00:01:20] Chris Pierson: Yeah, I'll say hi to everyone.
It's great to be here. Appreciate it. I'm Chris Pearson, the CEO and founder of BlackCloak. BlackCloak digital executive protection. Protecting corporate executives, key personnel, executive team, board members in their personal lives. Partner with the CISO. Partner with the CSO. We protect the other 12 hours of the day so that cybercriminals don't hit them there and then get back into the company.
And I actually, uh, really lucky, brought along a 16 year old friend of mine, uh, who has served in multiple different roles in privacy and banking and information assurance. So, our Chief Experience Officer, uh, Ingrid Glietel.
[00:01:57] Ingrid Gliottone: Yes, pleasure to meet you all and, you know, as Chris mentioned, my team is responsible for onboarding our clients and helping to assist in that ongoing support, advice, and guidance.
relevant to the topic that we're discussing today, for sure.
[00:02:10] Chris Pierson: Absolutely. It's gonna be fun.
[00:02:13] Marco Ciappelli: You have a big responsibility. And I mean, we go way back ourself. We're not gonna date each other. But we have known each other. I've known about this company since before it was even a company. When it was an idea.
And I always thought it was something that eventually we will have to, uh, need it put into consideration for the level of security that we need outside of the famous wall, the perimeters, you know, is that even a perimeter anymore, right? That's just like,
[00:02:44] Chris Pierson: it's just like, you know, the castle walls, you got to get outside the castle walls.
Back then it was, you know, the stagecoach or horse drawn carriage. And today we're talking about getting outside the corporate walls and. And just what happens, you know, may have been your Tesla or your Lamborghini or your vehicle that we're talking about in terms of privacy and cybersecurity and how it all relates.
So, uh, yeah, it's gonna be fun.
[00:03:04] Marco Ciappelli: Why don't we start with that and then we dig into this article in more detail because it has some really impressive, if not scary information in it. But let's start with that. I kind of like threw it at the beginning. And I know Ingrid, if you want to take that or Chris. This.
Sometimes confusion between the interpretation of what is safety, what is security, what is privacy is, is it just one bundle or we need to look at it from different perspectives?
[00:03:36] Ingrid Gliottone: Coming from, you know, a very broad privacy space, I would say it's a combination of both. You really need to be complementing and bringing, bringing those together, both privacy and security.
Especially when it relates to even the data and how it's being shared and used by organizations.
[00:03:56] Marco Ciappelli: Yeah. And Chris, is that, is that easy to explain? Or, I mean, people grasp it right away? Or do you have problems when you try to define that?
[00:04:06] Chris Pierson: Yeah, I think that there's a real hard interplay here. I mean, a lot of times people will say, Oh my gosh, I want to, you know, get an example here.
Yeah. I was like, I don't want Facebook sucking up any more of my data. Don't want this, don't want that. I'm not going to use it, but they're still using it, but they haven't actually gone through privacy settings. And so the amount of digital exhaust that they're producing is huge. It's enormous. They're literally just.
You know, kind of sharing out so much data about them and their family and likes and dislikes and all the rest, and then they worry about the onward use of it, but they're actually the cause for that. And then separately, like different hat on, like, Oh my gosh, it's like my private messages aren't my private messages anymore because somebody was able to gain control of my account and I didn't have dual factor authentication on it.
I didn't even know I could, I didn't even know I should. And, and it's one of those things where, well, you just lost access to your contacts, your private messages. You just lost access to, you know, other things about you, but you're also leaving a bigger digital exhaust. And also your security has been violated in some form or fashion.
And it's a, is it privacy? Is it cybersecurity? And the answer is, well, yes. Um, you know, and, and it, and it's that, it's that coming together of those things that just, you know, they're inextricably intertwined, the yin and the yang, and we have to think about them in similar veins, and a lot of this is.
Simplifying things for the audience. Privacy, cybersecurity are two different sides of the same coin. They really can work in harmony together or they can work against you. But I mean, you know, we see people struggling with these, uh, with these items, with these topics, uh, each and every day, each and every week in it.
It just, I mean, it, you know, so, so needs a concierge touch on it to actually explain it.
[00:05:49] Ingrid Gliottone: Yeah. And I think a lot of it is, you know, you mentioned those privacy settings, right? They're so far down in the settings fields that, you know, you don't even know as an end user on where to go and what they mean and what sort of implications.
It's sort of like trial and error, unless you have someone that really understands those settings to be able to help further, you know, secure and peel back the information that you're. They're sharing or maybe unknowingly are, are, are sharing and disclosing.
[00:06:15] Marco Ciappelli: So there is this trick that I, I think all the time that could solve a lot of problem.
We kind of, we're talking about this before start recording, like, you know, opt in, opt out, right? Uh, you, you get all this gadget and I don't know, the car is not really a gadget, but let's say it's part of that category and you're like, yep, everything is on. Now there are way you can turn it off. And I would say from a privacy perspective, maybe as a European, in a way, like there, I may see things a little bit different.
I would rather know that, hey, you could open some of these doors and windows and whatever you want to call it. It's up to you. But there is an economy behind this. So let's start talking about this, these articles. Like, first of all, why do company do that and what they are actually doing? Cause this is like 25 of the major manufacturers.
So,
[00:07:11] Chris Pierson: yeah, so I mean, again, yeah, I was, I was about to say, you know, this, this study is earth shattering in terms of a few different things. Um, you know, first of all, and probably the biggest takeaway is this. Is that like everyone said, maybe 10 years ago, five years ago, it's like, you have a computer in your pocket when they were talking about the revolution of it not being a cell phone, but literally a miniature digitized computer in terms of all, and that it rings even more true to this day.
Cars are computers on wheel. It is your house on a wheel, your family on a wheel. It's not just about you, it's about that whole familial unit. And the amount of data that is there, the amount of data that can be collected, is being collected. Um, you know, I think for me, I mean, this, this study really shined a light on some of those practices.
You know, really opens your eyes in terms of who's collecting what for what purpose and what is the onward use and obviously a lot of concern there.
[00:08:09] Ingrid Gliottone: Yeah. And if you think about it too, it's not just the basics of like how far you've traveled, the gas consumption that you're using when you start to like explore complete other facets of personal information that have no relation to how you drive a car that are now included in that data set.
You know, it's. It's a little bit unnerving
[00:08:29] Chris Pierson: at the same time. And I would say this is there are some positive things out there that could be collected. Like, um, I'll give you an example of maybe it's four by four. It's like a Jeep Wrangler for a vehicle and you know, maybe the shocks and struts there want to see how many people actually go off roading and the amount of inches of depression of those shocks and stress will tell you how many of your clients go off roading.
And if it's like 80 percent of people that have a Jeep Wrangler go off roading. Well, get better shocks, get better struts, sell different, you know, extra gas cans, or sell things around to them that's actually going to complement the lifestyle that they want and how they want to use the car. I think there are some really cool benefits to data collection for purposes that an individual consumer would say, yeah, that's something that would be cool.
That's something that appeals to me and something that I can get my arms around. As opposed to a little bit darker, seedier side. I mean, I wrote down two things, uh, two of these vehicle policies. Um, uh, and we said, you know, we'll collect information about your, your sex life and we'll collect information about genetic information about you.
Now, I don't know exactly how that's happening and all the rest, but that's a little bit scary. Nobody who is purchasing a vehicle is going to say from a rational perspective that when I purchased this vehicle, I expected an onward, or a collection. And sharing an onward use of my sexual life or sexual patterns or whatever it might be, and or information about my genetics.
Now whether it's actually taking place or in placeholder for the future. But honestly, it shocks the senses, like really shocks the senses.
[00:10:04] Marco Ciappelli: You know, I, I am a big fan of George Orwell, 1984. And I, not that I'm a fan of what happens there, but I'm a fan of the book and how ahead of the time that was like, which is waiting for the third police, which is.
Kind of coming. I think it's it's getting there. But the fact that there is this 24/7 surveillance and it's kind of sold to us as If you don't have anything to hide, it's just gonna help you and I don't know if this is necessarily truth, but it's, shocking all of this.
[00:10:43] Chris Pierson: Yeah. I mean, you know, what's interesting is, uh, uh, Ingrid and I both, you know, work together, uh, back at the Royal Bank of Scotland days.
And, you know, people view things very, very differently. You know, the United States, we view privacy more in a patchwork quilt of things. Um, and it's more, hey, Um, you can opt out if you want to, um, but everyone's opted in by default and European Union takes a look at things from a privacy is a fundamental human right.
You're not going to collect things unless you say and tell me and allow for that free exchange and sharing of what you've actually collected and also the removal of it. Um, you know, two very, very, very different models. And yes, there does need to be in terms of like, look, you download a free app on your phone.
You are the product. Everyone should understand that in some form or fashion, but I still, you know, grapple with the, does everybody know? Are we explaining to everyone in a way that they understand? And are we giving people easy ways by which they can opt out? The problem I have with the car is it's not a free app.
It's not a 199 app. It's not just a You know, tool that's used, you know, once a month. I mean, this is one of the next to a home. I think it's probably a correct statement next to your home. This is probably the most significant financial purchase you make, you know, 40, 50, 60, whatever it is, you know, in, in, in your, but you're also captive in the, in the vehicle.
Like you don't, once you buy it, you don't have a choice. You can't just be like, Oh, I don't like the privacy policy. So I'm just going to leave it in the garage and I'm going to go get a, um, You know, 1967 Volkswagen, uh, that has no internet connectivity. It's um, you know, you, you want the, you want the advances, you want the airbags to go off.
You want the sensors, you want all of those things that. Will improve your life and the lives of the loved ones in the vehicle, you know, it just, it's, it's mind boggling.
[00:12:30] Ingrid Gliottone: I know I get excited when I hear about new technology features and functionality that come out and you know, the newer models of cars and you know, that's the exact reason why we want to buy them in the first place, right?
Um, but, you know, I can't recall the last time I was in a car dealership and I had someone or, you know, review the privacy policy with me before signing to say, this is what I'm entering into. Do you agree?
[00:12:55] Chris Pierson: Yeah,
[00:12:55] Marco Ciappelli: right. I remember the first car when I was a kid, I would care if it's how fast it is, how, you know, how large the tires are and how much can handle and, if there is a good stereo system.
We didn't have to worry about this kind of stuff. And now you, now I feel like people still don't really worry about this. They're like, eh, whatever. So can we talk about what are the consequences? So, okay. They know where you are. They may know who is in the car with you. I mean, they're, they're doing incredible things like, okay, maybe the car doesn't start if you are drunk, if you're sleepy.
And so again, it seems like they give you a lot, but all of that, somebody takes it. Resell it maybe to third parties and a clear some clear example of how does impact these Your security as an executive. I mean you have a car that costs hundreds of thousands or close to that and then all of a sudden that could be the way into your to your life
[00:14:01] Chris Pierson: Yeah, no, absolutely.
You know, I think an interesting thing, let me, let me tackle the they, it's so interesting who the they is, like, like, you know, when we say the they, it's like, you know, your, whatever your car brand is, put it in your head and that that's the brand it's like, we've got the car manufacturer as one of the they's.
You've got the audio entertainment infotainment system, and that's created by a third party and then implemented into the car. You've got the actual apps that ride on that system, which may be developed by a third party or none of the above. You've got the network chip that your car is on. Which network is it using?
Which cellular network? You then have your device, potentially, that you were Kind of jumping in and connecting into the vehicle. You have your network. You can actually have two networks that are sucking up the data just from being in the car and you got your apps and then you have all the associated third parties that are coming in that the they is.
Like at least eight people is what you're talking about. No, at least eight people. Um, and, and that's scary because well, who's the, who's the, they, who's the policy, who's the, this, is there a policy for each one of those things? And, and the answer is yes, there is. And there are, and, and I don't know, but I mean, there's amazing amount of good.
Things coming out of this, you know, crash detection, rapid deceleration, um, improvement of airbags and deployment, improvement of what you need to do in terms of side airbag versus front and all the rest of stuff, changing sensors, uh, road drivability and all this is probably a lot of. Non personally identifiable information.
Aggregate level information that holistically can say, are we driving better, are cars safer, what are the roadways like, and can be shared with, in the aggregate and anonymously, to improve society. But then Ingrid, I mean, you know, woe is me, we got a lot of, we got a lot of, and especially from this report, you know, we've got a lot of negative.
Um, a lot of negative information, a lot of negative things coming out.
[00:16:01] Ingrid Gliottone: Yeah, when you think about as part of that report, like... 84 percent of the companies, you know, were found sharing the data, right? Um, and 76 percent of them were even selling that data, you know, with blink of an eye. And then even consider over 50 percent were disclosing information to government agencies and, you know, the, the language used with that was, you know, informal or formal related, right?
Like, and so do you, you don't have a choice in the matter of when this is happening. Obviously they're, they're doing it for. A lot of it is monetary reasons, right? Like they're sharing data and selling it specifically to either for future upsells or, you know, add ons to accessories for the car or maybe for a future vehicle later on down the road, right?
All of their collecting it for that reason.
[00:16:49] Chris Pierson: Well, it's, it's, it's Mark, Marco, do you remember it was, um, you know, way back when it was software is being sold and was like, well, Hey, you know, we'll sell you the software and the software is, you know, 10, 000 to use the software. And it's just the, the permanent life cycle license and you buy it and you're done.
And then, you know, someone was like, well, let's actually have this be the recurring revenue model. It's like, well, it's not going to cost you 10, 000. It'll cost you 000, but it costs you 7, 000 each and every year. And you're like, huh, wait, what am I doing here? And a lot of that is the same thing as do. How can, how can vehicle, I don't want to say necessarily manufacturers, but the ecosystem, how can you go ahead and mine that one time purchase, which may last, I don't know what the average is for a vehicle, may last 10 years, seven years, whatever it is.
How can you go ahead and make continual streams of revenue from something, which is a one time purchase, and maybe it's a, in the adult life of someone that's only five vehicle purchases, how can you continually find ways to monetize that? And I think this is where the privacy policies and how they're written and what they're trying to do comes into play in terms of going a little.
I say a little aggressive, a little overly broad in terms of what types of things we want to do. And once again, we're the captive product, we're the captive subject, so to speak, and people aren't opting out. Um, don't, they don't know to opt out. Um, and in many cases, I forget Ingrid, but the, with the one from Tesla was said, but it was something of a, you know, if you decide to turn off these different features, it's like.
Your vehicle might not work.
[00:18:23] Ingrid Gliottone: Hey, you won't get over the air updates, you know, there'll be a whole bunch of essentially inoperability. So, okay, I purchased this great vehicle and then I can't use it because I don't want to share my information. And something to add, you mentioned just purchases of cars, but think about all of the people that end up leasing vehicles, right?
Like that's even more recurring, you know, that this data is being mined, I think, especially for those future, you know, leasers as a result.
[00:18:51] Chris Pierson: Oh, I absolutely think so.
[00:18:53] Marco Ciappelli: Well, that's a, that's a great point. And I was getting there when, uh, Chris, when you were talking about, I'm envisioning the box of the software that you go buy it.
And then, you know, next year there is a new release, but it was still like in the wall, was still in your computer, in your office, in the box, in the floppy disk, wherever it was. Right now it's, it's connected. So you, you want that download. Oh, we just found the bag of, you know, the Phone is getting a little too hot, but don't worry.
In a week, we're going to fix it because, you know, it's just a software update. And, and the car, many are doing just this. And there's the fact that, yeah, you don't, many people don't want to own a car. I mean, I was reading, people don't want to own anything anymore. Before it used to be like, Oh my God, I need to have a house and a car.
That's what's kind of like, I'm good. Right now. It's like, why do you want to have the car? I don't even want to think when we ride into, um, self driving cars where for sure they know who I am and for sure they know where I'm going. So I don't know. Maybe we'll leave this
[00:19:53] Chris Pierson: I want that new flying car, the Jetson.
[00:19:56] Marco Ciappelli: I'm still waiting for the Jetson.
[00:19:58] Chris Pierson: I'm waiting. I'm waiting for one of those. I want to check that out.
[00:20:00] Marco Ciappelli: Um, can we talk about the security, the cyber security effect of this? Meaning not just cyber, but security in general. Like I know that you guys do all this. You help all the executive to be safe at home and not when they're not in the company walls.
Now, the consequence for this is that, yeah, you may know when you're not home. You may know when the car can park at the, at the airport. I mean, if somebody hack in the car. They got all that information, most of it, they probably have it, and I don't think we want that.
[00:20:38] Ingrid Gliottone: Yeah, no, and what I was going to say, too, is that it's from the report, it's unclear how any of these car companies actually go about protecting the data that they're collecting, whether encryption is being used or not.
And, you know, another funny thing about the report article was how they were saying that the brands have all signed off on the consumer protection principles. It is also unclear to actually, if they're actually... Adhering to any of those principles.
[00:21:04] Chris Pierson: Yeah. Yeah. I mean, I look at it as, I look at it as right.
Different pieces of the attack surface is all back to the castle. It's like the king and queen, when they're in the castle with the CISO and the walls are high, they're protected on all their devices and all the rest of that stuff. But the king queen do go to the summer, summer cottage. They do go down by the river.
They do go down to the, you know, whiskey joint and they do have, you know, different means of transportation. All of those are just part of an attack surface. The fact of the matter is, is that, um, whether your car's connected to your home or not, you still have digital risks there because of the data that the, the, that the vehicle has and holds, uh, especially on.
Location. So location on where you're traveling, location on where the car is being parked. I mean for, you know, our celebrity and sports star and rockstar clients, they buy homes in, you know, obfuscated trust names. They have homes in the names of, uh, LLCs and other corporations. They're masking where they are.
If you can just like grab that data and try to figure it out there, there's definitely a security attack surface. That is there. That is, that is potentially big. Um, for those that are actually connected into their homes, it goes even one step further. You now have a massive, you know, IOT device that you're allowing straight in access to your homes.
And, and the, the amount of information that contains, you know, for many people, I think are doing good job on if they rent a car right there, when they plug in Jack into that car, you know, click no, don't upload my whole address, but many, many of you, some people do, but, but many people are like a little more cautious on that in terms of your own personal car, you know, my car.
Right. It's my car. So I'm going to connect. Yes. I want you to download my address book. Yes. I want you to have all this information about me. Yes. I want you to know which apps are connected and all the rest. And I want that full featured functionality for a few reasons. Number one, for safety, I want to be heads up looking around and have it, all this stuff displayed on the map and the digital display there.
Number two, I want the convenience to go in hands free and all the rest. I'm going to share as much data as possible with my car, with my vehicle. So that attack surface, right? When, especially when you're sharing your information, you have your husband or wife or a significant other, a spouse, whatever's information in your phone.
You're now sharing your address, location there, you know, where they are, you know, the kids, where they are, you know, all their phone numbers. It's all there in that enclave, even if you're being sold, you know, shared and sold in the aggregate, now that data is going out to different places, being parsed in different manners, it is absolutely a security risk.
And we, I mean, well, Ingrid's team gets asked all the time of what types of things should I do to minimize? We can't, we can't go, you know, rip out the cords and, and, and sex, uh, segregate, uh, ourselves from that vehicle. Um, but what do we do to actually think about this in a rational way? To decrease the attack surface, to share less with a vehicle and onward from there, it's all, especially with our executive protection.
And I know right now we're at a onsite of doing an executive protection, uh, uh, kind of gig, um, executive protection teams, those CSOs are thinking about this, you know, they're hiding, uh, uh, hiding the whereabouts of the top executives, they have physical security protection details. If the car is literally leaking out all this information, I mean, just undercuts the whole program.
I don't know. You guys deal with this every day.
[00:24:19] Ingrid Gliottone: Well, and you know, you mentioned leaking out information that's knowingly providing, right? But earlier today we were talking about zero day vulnerabilities, right? Apple having a lot of those. Um, but Also, similarly, think about cars and updates, and I was recently with my parents and their vehicle, and it has a firmware update that's needed, right?
Like, what, from a software, you're giving your car, granting it all this access to this data, like, how are you ensuring that, you know, it gets updated? In some cases, you actually have to go into the car dealership with your busy schedule, like, or sometimes even just getting into the car dealership can be, you know, a problem to get in.
Are you putting yourself even more at risk by not having, you know, even those systems up to date?
[00:24:59] Chris Pierson: Yeah, you know, you know, what's so funny is the whole conversation around. It's like, I feel like, I feel like with vehicles, connected vehicles, I feel like the security things can be known, can be dimensioned, can be tackled, can be fixed.
A lot of good engineers, a lot of people working in positive ways to do this, some task forces around it at a DEF CON every year, they have the vehicle hacking and all the rest. I feel like. We're paying attention to this and, and we're not, we're not even close to being there, but, but we're paying attention to it and marching forward towards it.
It's on that privacy side of, well, if the default position is you connect your phone or you use this multifunctional display, we're gonna take all your information and sell it or share it. Mm-hmm. , I mean, that just is, um, yeah. I mean it's like a really, really big divide between, is that really what people were thinking when they bought the vehicle and what the expected result was.
And what do you do? You don't, Hey guys, I bought this car from you. I bought my Audi from you last year. I'm just going to go ahead and swing by and return it. Cause I don't agree with the privacy policy. I mean, like, like how does that, there is no there, there you can't like you're, you're literally captive.
[00:26:09] Ingrid Gliottone: Yeah, no, I would say it's definitely, you know, with our clients, it's on a case by case basis, understanding what their privacy, their level of privacy, right? Do they want to be really restrictive in their privacy? Are they more okay with their data being shared and trying to find that happy balance in their usability of a vehicle?
Along with the sharing of their
data.
[00:26:28] Marco Ciappelli: Can I just jump in here, because I want to connect a little bit more with what you guys do, Black Clock, and the idea. I feel like you just choose one of the worst possible jobs in the world. And that's a compliment, because you're doing it right. But, I mean, the way that I see it is, every day is going to come out something new.
That is connected. The fact that we call a car an IOT device is just blow my mind. The Mozilla report said it call it The cars are the worst product category we have ever reviewed for privacy. I mean the worst And and you're buying a car because of safety Because it should protect you So I don't even want to think about all the other aspect of your client's life that you have to think I mean you always have that the thinking cap on How's that?
I don't want to be I want to be in one of our brainstorming session and
[00:27:29] Ingrid Gliottone: it's an exciting part of the job as landscape is ever changing and there's new attack vectors that are constantly arising. Right? Um, and so, yeah, it's definitely our, our end goal for any of our end users and clients on the platform is really to, you know, help educate them, help them become more aware of all of these things that like, and you know, uh, Yeah.
Oh, I don't know why I'm thinking about the intricacies of them and yeah, the intricacies and just how they impact their own personal privacy and security as a result of it.
[00:28:03] Chris Pierson: Yeah. I think it's like, I, what is so exciting about Black Cloak is this, is that it will never ever be a done product. It will never ever be a done platform.
And what I think excites our entire team, everyone at the team, is that it's always going to remain in motion. It is, there is no destination to when we are done or how we are done. And that is super, just so amazingly cool. It's like, right now, actually, you know, you know, we're dealing with internet connected refrigerators, stovetops, washing machines, dryers.
What's the impact to the house? What does it do? How does it, like, these are all exciting things where people are coming and having to rebuy, you know, different, uh, brand things that they haven't bought in five years, 10 years. And they're totally different. And our team has to think about that attack surface, how to give appropriate guidance, how not to neuter the device, right?
You want those benefits. You want to know, hey, on your phone, the clothes, really, you need to like check on them. They're going to shrink, you know, all your new shirts are shrinking. Um, get over there to go turn it off or whatever. There's a lot of good positive benefits to this. I think that, you know, like to kind of summarize this, the people that we watch over and protect, the people whose digital lives are our mission.
They're always going to be attacked. They're always going to be targeted. And the list of ways to actually go ahead and target them is becoming endless. And it just keeps on going and keeps on going. And I love waking up every day thinking about those. I know our team loves waking up every day thinking about how can we solve this?
How can we solve what's coming out for the holidays? How can we get ahead of that? Um, I mean, that that's what really keeps everyone fresh.
[00:29:43] Ingrid Gliottone: Yeah. And you know, everything that you alluded to are. are benefits and enhancements to technology, right? It goes back to the reason we want to buy a new car because the new technology.
So, and it's all used for good, right? But anything used for good can be, you know, also used for bad. So that's where the team also at Black Cloak is able to kind of put that hat on and act as that bad actor and kind of think of all the ways to defend against it. Um, and then relay that to our clients.
[00:30:11] Marco Ciappelli: It's fascinating. It's like you have a, an evolving, uh, puzzle in front of you that change every time. We haven't even touched on, I'm thinking like wearables, wearables that are connected to the API of the car that are connected to your phone. And then you leave the car and you know, maybe you leave your phone behind, but you have your, your watch with you or something else that still keep you connected.
So you really need to think all of the. ramification of all of that. And it's incredible. I feel like you're doing almost like a, consulting for sure. It's not just the technology, easy button that technology is going to resolve technology. I think education is, it's key for, for your job and the relationship, Ingrid, the relationship you have with your clients.
[00:30:57] Ingrid Gliottone: Yeah. You know, it's a big part of who we are and wanting to establish and deepen those relationships with our clients because Cybersecurity and privacy is very convoluted, messy topic, and for people that aren't familiar with it, it's, it's the unknown, right? And they're not quite sure what questions to ask.
And so, you know, being able to come to the team at Black Cloak and ask those questions for not fear of asking the question in the first place, right? And, you know, having it also tailored to their specific use case and needs, I think also sets us.
[00:31:30] Marco Ciappelli: So to to end this conversation, uh, we, we said you can't really unplug the car. Uh, you, you still need to use it. So what is the, where do you kind of find in a happy middle there? What would be a couple of advice from you for, for handling this car situation?
[00:31:52] Chris Pierson: I think a few, a few things. Number one, figure out where your car, where the infotainment system, where it is in oversharing.
And all the options therein. Just assess it, figure it out for yourself in terms of where that actually stands. Second, actually make some better decisions on your vehicle in terms of what information you want it to have and hold. Uh, and what you want to share and what you can live with and without everyone needs the roving map.
You need the crash detection. There's some things that you just absolutely, absolutely need there. Um, and also think about how that impacts your device. Usually your cell phone when you plug it into the vehicle and also similarly what your privacy footprint is there. If you do those things and start having a real conversation about it.
You can make some better choices. I do feel like there's a little bit of that captive audience, uh, in terms of, you can't just return the car. You can't just stop driving it all the rest. And I don't like necessarily that power imbalance. I think there's going to have to be some things here from a governance perspective.
There might have to be some legislation. There might have to be some new rules introduced. Um, there might have to be some hard questions that are asked of different vehicle manufacturers of what exactly does. Right? The sex life, collecting data on it, or genetic information have to do with providing a more enjoyable or safer vehicle experience, and shouldn't we egress those things out?
This should be a relationship, and a relationship means a give and take, but when you have one side that is absolutely captive, and held captive, That's not so good in terms of the balance of privacy and privacy interests versus kind of the commercial interest side. And so I think that this is a good time and place to have.
And I, you know, I would really, really like, you know, encourage the entire audience that's listening to this. Go to your own car and go look at the system setting, then you look at the privacy policy. You're interested in how technology impacts society. You're obviously listening to that with, uh, fascination.
You know, become vocal about it. Become informed about it. And I will, you know, separately, I mean, maybe advice and guidance for our CSOs or CISOs
[00:34:07] Ingrid Gliottone: out there. Um, so, yeah, just a couple other things to add on is, um, in addition to the info team and system itself, I'd say consider if your car has its own personal app.
or other apps that you are connecting in and integrating with your car vehicle and the data sharing that's going on from that perspective. Another caveat would be not only just your personal car, but you know, be mindful when you're getting into rental cars and the type of data that you're sharing and making sure that you're clearing up, because we all like to go on travel and trips and we're not necessarily taking our vehicle with us.
And then from a CISO perspective, I would say, you know, just of, you know, the inform on your executives and ho them kind of going back e security perspective, loc things are
going on.
[00:34:52] Marco Ciappelli: Huge Absolutely. Well, the car is a big factor. And I think a lot of people there be like thinking, uh, I had no idea. Uh, I really like my car and now I'm afraid of it, but don't be afraid. Just be educated, educate yourself. We can't stop technology. And I think maybe one day we'll talk about what AI has to do with all of these, but that's a conversation for, for another time.
Uh, Chris, always a pleasure to hang out with you. Ingrid, a pleasure to see you again, and thank you for taking the time. I am sure our audience will have more questions than answers, but that's good, because that makes them think. All the information to get in touch with you guys with BlackClock. io will be on the notes, on everywhere where we post on social media, so Stay in touch, connect, and really thank you again for being part of this important conversation.
[00:35:50] Chris Pierson: Thanks, Marco. Appreciate it.
[00:35:52] Ingrid Gliottone: Thank you so much.
[00:35:53] Marco Ciappelli: All right. Take care, everybody. Bye.