Keynote: Flavio Aggio
5:51PM Jul 31, 2020
world health organization
But know how to talk someone through it. If you wanted to be involved with this you could get in touch with Plan C, and they would teach you how medication abortion works how the dosing works and how to be a good source of information for people in your community and to dispel misinformation about medication, women on waves, is an organization that is dealing with the hostile abortion climate around the globe by getting abortion pills to people anywhere they are. They have done this in all kinds of ways either having boats in international waters where people could come out, and therefore they would not be subject to any kind of laws. They had abortion drones that would fly overhead and drop medication down to people.
And one of my favorites.
Hello hackers. My name is Fred. Some of you may know me. Others might not have been doing artwork for the hackers on planet earth conferences since the fifth hope was the first one. I worked on the last one to the circle of hope and put together a little graphic for you this year for the 2020 conference. Now, you saw the graphic already, but what you didn't see is, I've put a few easter eggs. We're going to update the site with the this new interactive version of the, of the image. If you click on the buttons right here,
you'll see that you can change the letters.
And the numbers.
And if you do the right combination.
You'll see that
a few easter eggs will pop up.
Now, I hope that keeps you busy for a few minutes. And if you like it if you enjoy it, let me know
and I'll let you get back to the conference. Have a good one. see you next year. Good afternoon.
It is a real pleasure to introduce today's keynote speaker Flavio Zhuo, given the worldwide, health crisis Flavio has one of the toughest and most critical roles in cybersecurity today, chief information security officer of the World Health Organization. True to help form Flavio Flavio and I met this past March when my law firm detected a state sponsored and ultimately unsuccessful attack on the who, since then we've become friends and colleagues and through this friendship, I've learned that Flavio really puts the W into who he's a citizen of Brazil, Italy, and the United States with the background in physics, information technology and cybersecurity Flavio has done some truly amazing work with the manufacturing and semiconductor industries as well as international organizations and held posts in the Netherlands, Switzerland, and Brazil, and oh yeah he was also the CTO of the city of San Francisco. Ladies and gentlemen, my friend. Love villagio.
Thank you very much for the nice introduction, Alex, and hopefully we'll continue to update each other on the journey of cybersecurity so thank you so much for the opportunity to speak to all of you. And we'll be able to have questions and answers towards the end. And hey what's up nerds.
Somebody in here should give me streaming rights under here and all streaming my stream back have a whole conference, as I live, mix it.
You gotta give me yeah give me streaming rights though.
How do we do that.
Well no, I can do that but he's still.
Well actually, so if I wanted a camera it's the same rights, screenshare and video share the same rights.
I am part of renting village, technically here to put that on there. I mean that role. Anyway,
we're currently doing these.
What we're currently doing the seaso of the who.
Yeah. So, tell me when I should start
Flavio your life, please proceed.
All right, so, yeah. So, as I said, thank you very much for the opportunity. We're going to have questions, towards the end. I don't want to go too tight to the presentation that I prepare for this conference, but I'd like to share a couple of things with you. When the first one, then the most important one is what who works worldwide to, to promote health to keep the world safe, and to serve the vulnerable. Those are the three pillars that we work for, and we're very proud to work for this organization.
And the, the idea here
is to really share the COVID-19 cybersecurity attacks, and what technologies related to protect the tact respond to recover, very extremely important but not sufficient. You know when we had multiple attacks in different times, was a little bit different but the number of attacks that we started to receive. When COVID-19 was declared a pandemic increased dramatically. And what gave me a very clear notion that technology by itself cannot really be sufficient. So, we need to think about human OS upgrade, because what, what I mean is it people security people in users need to think differently. The way that we rely on technology 100% is the wrong way. And the way that users may rely 100% on it is, is wrong as well. We need to reach a balance, and it is not only about training awareness because in my experience with multiple departments and who, with the public, what they see is the lack of understanding, and how technology works and how online works. So, it came to me that we need to really change the behavior of the users, online and change the behaviors of the IT community. And we needs to must openly acknowledge systems or abilities in another way. What I'm trying to say is, humans are the weakest, and the strongest links. The strongest links in cybersecurity. What I mean by that is when you use a system, the user is the first line of defense, and if the user doesn't understand the implications of those actions is very difficult to defend an organization, or a system. But on the other end users. It produces the softer and softer is really written by humans. Therefore, they, they have intrinsic vulnerabilities. So that's the reason I see as the strongest links, and the weakest links, and we need to really change that. And quite simply, I like the term new OSI I never, I was not the one that created I don't know who created that term. I heard in a train. And based on my background. omalos in Portuguese, as an example, is written in the same way. So the human operating system. So if you put lowercase, O and x. It is precisely human in plural. In Portuguese language and Spanish as well. So it's interesting to think in that way because we need to really not look at only from the technology side and not look at only on the training awareness when we are talking about cybersecurity. So this is the important component for my presentation. So I try to show to you, what are the important parts from the technology side and important parts from the human side and the human side impacts the users, and also the community. So, in, in trying to stress that when the Sunday, the COVID-19 pandemic hit. We had a fivefold increase in cyber attacks was like a flood incredible flood, and we didn't have nine key important components of the integrated cybersecurity program will be in trouble so I listed here. All the things that I believe that were essential, especially during the pandemic. The notion of identity management, the privileged access management, they're important. More important is the multi factor authentication, so when Alex was describing the introduction,
all successful attempts was only unsuccessful because we precisely had multi factor authentication for our system so quite important. Another one is password management solution for IT professionals and users so I'm going to pause here and tell you a story. During the, the covid 19 pandemic declaration. In, right after we detected that the ad teams were not only trying to target the lead to users in the who, environment, but also on their personal environment, and the social media in accounts. Elsewhere, with the hope that they could load code or trying to find ways to do a parallel jump and and teaching the users password management and enabling multi factor authentication in their personal lives is quite important. So I'm going to go back to this lines and continuing with the other items. This one is an important one that we started last year with a business case quite important to enable an integrated sock security operation center. And with this, the SIM, the security information and event management vulnerability management including patch management. Threat Intelligence think internal and external, if we don't do that quite difficult. And antivirus is so something from the past, you need to have endpoint detection response for in device desktops, laptops, servers phones, smartphones and tablets and global proxy for any device. So when a user goes to a conference to a hotel home, doesn't matter where, and at least the manageability of the access to the internet is controlled and the endpoint detection is established and all that integrated with the SOC. And by doing that to be able to really quickly detect and quickly respond to attacks are going to go back to the slide. Another thing that was quite important. When, when we started to see cobit 19 in the media, and who started to really make the announcements. We saw a huge increase of email impersonations. So just for you to have an idea for all the internet, email,
That was being sent. 70% was impersonation. And we needed to find that the with technology. And we implemented in 30 days, demark domain based Message Authentication reporting and conformance, and we dropped all those 70% impersonation. So, this was quite important for us. And I asked you you IT professional hacker Ethical Hacker government entity companies. Let's all together. Implement demark in all email systems and perhaps make the demark required in order for email to work. And with that, we can eliminate the AMA impersonation. That we suffered quite a lot of people impersonating x w to the int, and it will be, it was very difficult for the receiver to distinguish. So, with demark bomb. Again we implemented in 30 days, we dropped a lot of emails that shouldn't be even generated so I asked for your help. And I have multiple people working with me to really put that campaign. Let's make demark mandatory. So back to this slide. In May Advanced Threat Protection. Most of the attacks that we observed 90% of plus, they are related to links and attachments. So I urge you to think about solutions. There are several in the market. Do your research we are doing hours to implement safe links and attachments, and by doing that, we will be able to really avoid a lot of effects. And the last two to complete the nine recommendations is remote access via a browser, make sure that we drop all the clients, avoid all declines to do remote access the browser base is way better. And the last one is legacy, but still necessary VPN and firewalls, very important, but we are moving away from that, because we are adopting a zero trust is strategy. The idea is, there is no perimeter perimeter goes to the endpoint, so much that is the technology aspect, and I didn't include everything I included only the key ones. So, the next slide. It is related to the technology is not enough. We need to upgrade the human OS. So, when working for level a job, we realized that we needed to dedicate a lot of time in the Cybersecurity Awareness Program so we had multiple trainings online training briefings questions and answers and regular fishing exercise, what they mean by regular. So we we adopted the monthly fishing exercise. And we have the percentage of users, let's say, 4000 users per quarter, that we randomly selected. And we sent phishing exercise to their members. And for the users that clicked on the link. We repeat it, we generated a longer fishing exercise for the next month. And then, the ones that, click the twice. On the third month we sent up another one. And for those that click the three times. We had a one on one conversation to understand how can we help them to understand what is needed in what they can help us to improve our awareness program. And with that, we improved a lot. The understanding from our users, and what how to inspect how to not fall for those phishing
important is to have a policy, an overall policy to handle cybersecurity from all aspects and make that policy available, and really communicates to the Empire organization, and is a very important integrated risk management so risk can be seen as not only a cyber risk but a risk to the organization, and how to connect to that into the governance of the risk for the organization. So, integrating that risk management, with the from the cybersecurity side to the organization. Very important. So understanding how those three bullets really play along with IT professionals end users is one way to really upgrade the human OS. in. But not only that, we need to do way more to improve our defenses and how I put together, seven recommendations, and how you can do that in your organization. And the important component is to really manage the risk by changing the behavior from IT professionals and users. So you have to work on both sides, implement and maintain a cyber security awareness program that I mentioned before, quite important.
One thing that we started to do,
and makes a huge difference is to build a red and a blue team, the red team is creating all the checks and the blue team the balances that are needed. We are in the beginning in that journey, the red team is being formed and makes a huge difference, especially during the pandemic. And I recommend organizations to think about the creation and start with the red team. And, and, in the blue team will will be boring, because that creates the checks and balances necessary. The fourth item is to recognize and mitigate it products and processes vulnerabilities. So, we need to really identify the risk owner and understand that it products will always be in processes as well. We're going to have vulnerabilities how many times, you're being requested to upgrade software, every time. And how many times attacks happen because software is not up to date. Meaning, so we need to recognize that and be that in INTO IT professionals and users. The, the logical continuation is to promote and perform software updates continuously. In order to fight in each to enable rapid response so when as an attack happens, how can users communicate in a faster way, and technology can communicate and assess stories so we can really respond. And the last one is an important one, I don't want to stress the who, the sizzle reports to. I just wanted to make sure everybody recognizes, and there is, we need to address the potential conflict of interest. It wants to do things wants to enable the organization to make more money to be more efficient to do these are math and cyber security wants to really protect the organization manage to the risk level. So, creating that balance is important, and make sure that we recognize a potential conflict of interest is the first element to upgrade the human OS. Continuing with the denial that cybersecurity and it, there are no conflicts, will not help anyone. So there is a there is a conflict, because if you wanted to be 100% secure. One is impossible. And if you wanted to be absolutely efficient, without security, that's not possible, either. So, the balance needs to exist. The last part is, I wanted to really help people and this is what I do in who. And the best way to help people is to help the individual and their family, because if they are better protected. And if they do that at home, they're going to do that at work. So the first is we promotes the use of long and unique passwords forever services. So, we recommend passphrase and a unique password for each system so personal work. The normal question we received from user is how can I memorize so many passwords so we promote the use of password vault. With that, the user can generate a very good long password unique password, and we give suggestions that you can see on the slide. And the third third element is to really make sure everybody uses dual factor authentication sometimes is being called two step verification. Always use hard or soft token, and we give suggestions, when soft token is is used. So Google or Microsoft authenticator authenticator and your smartphone. So those are the three basic tips that we give to our employees, and to help themselves and their families.
So just remember, as I said, technology is not enough to protect anyone in a normal state, or when you have a pandemic situation. We have to really get together to change the behavior. And it is not only about training. It's also of course training awareness are a component, but we need to recognize those points that I mentioned before, and work with the community, as I'm doing now. And we have to really communicate in an open way and acknowledge the system's own abilities. Again, Humans are the weakest and strongest strongest links in cybersecurity, and we are the ones that are responsible for code that are running in our lives, but also we are responsible to make sure that users understand, and they can make their decisions in the best way. So we can be protected. So with that, I'd like to really open for questions. And, as I said, I don't want to be as a lecture way I reserve more time for the questions and answers. So, Alex.
Excellent, thank you so much for this Flavio, I think it's very insightful to hear your thoughts as to what's happening inside the World Health Organization during, quite possibly it's it's craziest point in time ever in the history of the World Health Organization and, and with you at the helm of it I think it's a, you know, it's in good hands I have to say, I, I had a question there's quite a few questions from the audience and I'm so glad that you left, a good chunk of time here because I think we'll be able to get to quite a few of them so please for everybody in matrix chat please keep them coming I think we'll have a lot to talk about here with Flavio. And this is a very rare opportunity. You know, my question to you that, you know, and I only asked one because you and I talk and we can always talk offline. But I'm sure others are interested as well. You mentioned demark the importance of demark and third parties impersonating. The World Health Organization during this health crisis with the coronavirus obviously that's super critical to prevent from the World Health Organization, with respect to attacks on the who you mentioned there's been a significant uptick all around. Are you seeing more attacks in one area or, as opposed to another.
And basically what we are seeing is, we see a continuation of attacks, using sophisticated phishing
multiple apds doing that.
And, and we see attacks related to application vulnerabilities. More and more. So vulnerabilities that we don't know. So 08. We saw that happening, but some vulnerabilities that we didn't have the time, because the organizations quite large, to really address and and that's reason I mentioned them out the renting formation. So, we, we can have external organizations doing penetration testing and internally. Also, we can really assess the level of weaknesses, from, from the application layer. So, I, but again, most of the attacks. What we are seeing it comes from the sensitives from fishing and. And some of those are quite sophisticated, one that I can stress that it's very important to use safe links and attachments, as I mentioned my presentation is the Bitly shortened URL. That is quite tough to educate users. So we need a bit of technology to prevent those, because when the URL is not that clear. And if you have a user that is quiet, in a hurry. That can happen. So, this is what I see
that that's fascinating and probably a bit of a wake up call for application developers to think about it like that I mean Application Security has always been important and I think even more so for an organization like the who and especially when a good chunk of the workforce is probably at home. So very, very difficult to manage all of those endpoints so all of the updates all the patching. I completely get it. Staying on the same subject matter as demark and email authentication. We have a question from the audience. Actually it's several questions from the audience in the form of one question. And the first one is, how is availability affected by adoption of demark for such a large organization as who second one would be Do you consider availability problems as their own security risk. And the third, if we can keep this all in our heads. Were you rejecting demark failures from the beginning, or did you take a graduated approach so I think the long and the short of that is summing it all up is, what was the business impact of implementing implementing demark
fascinating question, so.
So, let me, let me, let me expand a little bit on the demark implementation so you understand when, when we decided to explore, demark, we needed to really understand what was being used and what applications, was from. We're coming from. And we had a good list that we knew off the bat, and we started implementing one by one. The demark DNS configuration. So, this was something that we we do, but we kind of got lucky in one way, because we we wanted to implement the mark. For a long time, but we never had the right time, the right opportunity, and when the lovers email increases dramatically, that was the right time, and the opportunity. So, we had, we work with the communications department of who and who needed to send multiple newsletters, to journalists globally. And they were having problems and doing that because of the number of impersonations, and our app who the end was at risk to be considered as malicious. So, what we have done working with the Communication Department is to create the sub domain. And this is what they recommend to everyone in terms of implementation of demark, why is that because by creating that sub domain, we're able to separate completely different high number of emails, and we enable the policy in three stages. One week to be only the documentation. So, P zero. The second week. 60%. So, 60%. So, the first week was. Sorry. I muscle rating so let me go back, the first week was only to acquire the information. The second week was to configure as current time. So messages will be quarantined in their target destination, based on the policy. And the third week was we configured to be rejected 50%. In the fourth week. Reject 100%. So by doing that, we, we created a level of control, and investigation, and we could accelerate for that new sub domain, because we didn't exist, and we will not interfere with the ads who bought it. So, we could compress those four weeks into, basically. And, and we enable that. Then we continue to work on each application to enable the demark configuration. And we had most of the applications, call cigarettes in about two weeks, and we created two is a two stage approach. Because as we consider it, we, we, we put the local reporting and the court on time. Almost immediately. And so we need in the second week, the 50%, reject. In the last week. On the fourth week
beginning of May. We put 100% reject. So, so that was very good. Most of
systems were okay. Unfortunately, because we couldn't find owners of two or three systems. We took the arm, because we didn't have an option. We had problems, availability problems for those systems, and we work later on to enable demark for those that minor systems, but everybody understood, everybody understood why, and everybody was glad that impersonation was controlled in a, in a 30 day period. So, I really recommend the to do in stages, maybe 30 days is too aggressive but you could do that in two months or within two months. And I really encourage everyone to do to do that so I hope I answered most of those points that you us.
I think you did. I think it's an interesting graduated approach that you took there, and true to form what you had mentioned in your presentation is about sort of you know the Nelson Mandela approach to cybersecurity, so to speak, which is that changing the behaviors gradually changing the behaviors and and that's what you did over a period of weeks. I'm sure there were some angry users at some points you know. But, such as life you have to deal with it, especially when you are trying to prevent impersonation of the who, it you know subdomains and things of that nature. Our next question actually has to deal with the IT departments. So, you know, you also briefly touched upon this, and it's something I've dealt with quite a lot in my life as well. And the question is how can organizations, address, the potential conflict of interest between information technology and information security. When infosec folks, work within it. So I think what the question is trying to get at is, is there an inherent conflict of interest between it and infosec. Perhaps when I t's metrics are based on things like uptime. And infosec departments his metrics are based on, you know, patching updating and very often in order to secure systems may have to take them offline. I'll let you answer that.
So, so this is a classical problem related to risk. So I, my, my approach is always bring the risk assessment, and, and, and their degrees of risks, if the, if the vulnerability, for example, happens. Externally, which
ways to attack to exploit it. So exploitations available. Then, even the business owner, as part of the process, agree that the system needs to be taken offline. So, this happened multiple times in the ritual. So, so this is part of the behavior change and understanding, but the only way you can achieve that is to tie it to the risk management, and to make sure that it's quite clear what risk you're willing to pay. And so this is one well angle to your question, I see all their angles. The other angles are related to the quality of the information or type of information in the impact that these may have to the organization so if you have very sensitive information that is a very good argument to take systems offline. And then, the ability to really assess that is the important aspect and bringing the IT security and, and the information security glue to the risk management and understanding the risk from the type of information from the impact to the organization. And in teaching it about lateral movement, because some people may believe that, oh but this system is so your senses and doesn't have a lot of impact etc but when you look at the ability for hackers to jump, and to use that system as the bridge. Then, when they understand that they are with you and, again, it is all tied to the risk.
There we go. Sorry I'm back.
So the cohesive tissue there between it and an information security in your opinion is really the concept of risk management putting it all together and I would guess you know as well. You know properly documenting what that risk is, you know, writing it down, figuring out what that residual risk is and then how do you mitigate that residual risk which requires more collaboration between information technology and information security people to begin with. Great, great questions still coming in here Flavio and I'm glad we still have some time. Another question is also sort of about some internal issues in politics. So the question is, you mentioned people clicking your phishing link three times then a one on one conversation happening at that point. Many times people can become defensive in this situation, how were these conversational conversations handled to avoid that.
No, I absolutely that's
sometimes in one click, generates the complaint from the user calling me and saying that they will never click again in the link because we shouldn't be testing. And over time, and then talking with them to make sure that the. Yeah, maybe. It is better than the don't click because if they don't look at the, they are exposing your organization to hackers. So, so that they're trying to dialogue with the users in a way that they really understand the situation. But again, after the three clicks that personal conversation starts with, how can you help us to change the. Definitely something is wrong on the language so how can we adapt our language to show to you, how to catch those links that you're clicking three times, so it's it's when, when you start that conversation, asking for their help. It breaks the ice and creates the collaboration. And again, this is part of the human OS, we need to really understand that technology is complicated, and we need to acknowledge that people are doing their best doing their work. And we cannot require that they are technical people, they need to use things but they need to understand why why they should see what they should see. And somewhere, somehow, the training online training is not doing all the favor to really understand all the aspects. So, we are getting the feedback from them. And that's what one on one sometimes we'll do the trick. And, and the aspect of being tested regularly. Every year, and more than once, is another way to do, it's like gymnastics right so if you if you run constantly run is not really a big problem for you. If you never run and sometimes needed to run. Maybe a muscle will be weak. So, we need to keep doing the exercises in multiple ways. In order for the user to be prepared. So, this is how I think
I can understand perfectly your analogy about needing to run. Yes, that, thank you for that. And going from the sort of this specific individuals to question more about organizations themselves. I love this. This next question that we have from the audience here, which is, do you see the who, in a prime position to push governments, all over the world to develop robust secure portals to consolidate PP distribution contact tracing, etc. that are, you know, all of these, these activities that are related to the pandemic itself so going from individual behavioral changes to organizational, and governmental behavioral changes through the wh O.
Great question. We who we work for all member states, really, we cannot impose anything to Member States we can make recommendations and has meetings with member states to agree upon those recommendations and and well example a good example and I can see here on the chat contact tracing. For example, this is a great example, who developed a contract, contact tracing software. And we shared that the capability with member states to really run those compacts racing to enable a much better way to really, especially during the time of Ebola. To really understand all the connections because through comes from contact tracing. Were you able to really manage the, the distributions, the virus containment and all the work that doctors young resists will will perform. So we already do this type of activity. But we have limited resources, right. So, we need guidelines with these specifically specific cybersecurity guidelines and multiple times. And, and we will do our best to create those frameworks. So, each member state can implement at their own capabilities, because each member state may have different limitations, and sometimes even, who is the hosting of those systems for specific member states.
Speaking of which, you know, and sort of going along the same lines about about collaboration and influence. Another question is, do you have, and by you I think you know i mean the who, and perhaps you know the Office of the Cisco within the Who do you have important partnerships with other international organizations I imagine organizations like Doctors Without Borders or UNICEF. I mean, the United Nations obviously you've got a unique relationship with them being being part of the United Nations. But all of these other NGOs use intergovernmental organizations that might be facing similar challenges, maybe not as immediate or imminent as wha, who faced in the face of this pandemic. But what's that type of collaboration between international organizations like.
Alright. We have multiple groups. One group with offices. Close group that we share all the time. Once I receive any signal any IOC or they receive. We collaborate and as part of the event system so there is a another unit call un ICC that developed a system that we share all the traffic intelligence. So we do a lot of that across the UN, and in in we has smaller groups that are more regional, because there are some attacks that are quite restricted and are limited to countries. And then we have this type of subgroups. I'm part I'm a member of the subgroup in Geneva. Because citizens are next to each other and we get get together all the time. So I see you on Saturday I see other organizations, and with within the UN we have a complete collaboration. Not only fee recently we had integration of systems and using federation of identity, in order to enable dashboard for supply chain for the covert situation. So, we normally do that, and with other organizations that are not un, we have a slightly different type of collaboration, but we still do. And with partners, so we we have multiple other partners that we provide systems to integrate into being able to mobilize doctors. In case of need. So, I think from the collaboration point of view, we are doing that for a long time, and, and this is done well.
It sounds like you know there's a lot of efficiencies that are built into the process itself. I mean, and across agencies do you share things even like you know your third party risk assessments for potential vendors things, things like that I mean that there's so much time and effort that organizations put into third party risk assessments if information like that could be shared on a timely basis, amongst international organizations, you would think that your resources could be read dedicated to something like solving the world health crisis. So that's something that you would you would you would share.
Yeah, absolutely, we, we do that, and even a simple example of procurement. So within the UN, if we have an RFP, doesn't matter what agency. And if that RFP is then in the last two years, we can just piggyback on that RSP and avoid all the time spent in the process because we follow the when RFP process, and we can save a lot of time, I'm just using one example, but on the other example when we have situations that we get into, and that info is shared across the UN as well.
Well, we have to wrap this up and and first of all thank you so much for your time and sharing this insight into the into how the World Health Organization has been operating and your role there and, and how things are changing is just so incredibly fascinating. The sort of conclusionary recapitulation usual question here is, you've got an audience of the hackers on planet earth community here, glued to the screen. What advice. What requests. Do you have from this particular community, how can we help What do you need. Now's your chance.
Thank you. Oh, by the way, thank you for the opportunity. I think that's it. That is a fascinating opportunity, unique opportunity. And what I can tell you is, make sure that if you find anything in any transport any vulnerability related to them, who, who can't please share with me, shared with a giraffe, who isn't very important to get your help,
meaningful information data information.
I'm more active only in. And if she wanted to connect they're more than welcome. And as I mentioned in the presentation last together, put pressure on the community, the entire community, to enable the mark the mark must be mandatory. And if we all speak that and who all put pressures, the pressure in Congress pressure in the, in the internet community, and make sure that the mark is mandatory. We can alleviate a lot of problems. So, this is, those are the two requests that I have. And that I think will be quite important, and I'm really thank you for the opportunity Alex thank hope, 2020. I hope you enjoy the rest of the conference, and if you have any questions, let me know. And if you have any indication of the vulnerabilities or attacks shared with us as quickly as possible.
Great advice. Thank you so much Flavio, we'll talk soon.