Andrew Rose (US)
👤 PersonPodcast Appearances
and that they would do a YouTube video, a case counterpoint, here's what you do if this happens. And that was my first experience with dealing with the public facing information from the FBI. There is a process and procedure, it's very difficult, it's like threading a needle to get them to say anything in public, but there is a way to do that.
and that they would do a YouTube video, a case counterpoint, here's what you do if this happens. And that was my first experience with dealing with the public facing information from the FBI. There is a process and procedure, it's very difficult, it's like threading a needle to get them to say anything in public, but there is a way to do that.
I put on a series of national seminars to bring awareness to the ag community that, hey, you are a target. This is a threat. We need to be aware. And I did those starting in 2016, 2017. And then probably by 2019, we'd done several very large conferences. And the time demands for me as a volunteer were so great that I needed to focus on what I was best at.
I put on a series of national seminars to bring awareness to the ag community that, hey, you are a target. This is a threat. We need to be aware. And I did those starting in 2016, 2017. And then probably by 2019, we'd done several very large conferences. And the time demands for me as a volunteer were so great that I needed to focus on what I was best at.
So I migrated from being everything to everybody to focusing on the emerging threats. And now and I do want to give a shout out to the FBI. They've been they've been supporting me the entire time. Whenever I need something, it's there. Whatever information needs to be shared with an audience, a speaker, what have you.
So I migrated from being everything to everybody to focusing on the emerging threats. And now and I do want to give a shout out to the FBI. They've been they've been supporting me the entire time. Whenever I need something, it's there. Whatever information needs to be shared with an audience, a speaker, what have you.
They've stood up and to their credit, they always apologize afterwards saying we could have done more, you know, and I'm always like, well, at least you're there for me. I do appreciate that. But one of their concerns is when they're called is after the incidents occurred. So the right of boom and the lack of preparation by many companies to what that looks like.
They've stood up and to their credit, they always apologize afterwards saying we could have done more, you know, and I'm always like, well, at least you're there for me. I do appreciate that. But one of their concerns is when they're called is after the incidents occurred. So the right of boom and the lack of preparation by many companies to what that looks like.
Not only are you dealing with the emotion of it, why was I attacked? Why was it me? You know, why was I singled out? Now you're going to make payroll with no records. Now you've got to send invoices out with no records. Now you've got to receive invoices with no access to your financial systems.
Not only are you dealing with the emotion of it, why was I attacked? Why was it me? You know, why was I singled out? Now you're going to make payroll with no records. Now you've got to send invoices out with no records. Now you've got to receive invoices with no access to your financial systems.
So I've been working on small, private-focused meetings with groups in the agricultural industry about, okay, it's not if and when, it's when and again. So let's just start planning for these things and getting ahead of these attacks. And that's my cybersecurity contribution.
So I've been working on small, private-focused meetings with groups in the agricultural industry about, okay, it's not if and when, it's when and again. So let's just start planning for these things and getting ahead of these attacks. And that's my cybersecurity contribution.
What I also do, though, to keep my lights on, I work on projects that benefit our species three generations from now, primarily in agricultural production. And a lot of that's technology transfer from other countries that will then benefit soft landing. It'll benefit the U.S., but it'll also benefit them.
What I also do, though, to keep my lights on, I work on projects that benefit our species three generations from now, primarily in agricultural production. And a lot of that's technology transfer from other countries that will then benefit soft landing. It'll benefit the U.S., but it'll also benefit them.
And then I also work as a fractional chief of staff for a variety of different companies across different categories, mostly in the agriculture sector, some in the IT sector. So that's a long-winded way of saying me. I'm in Baltimore, Maryland. So if anyone's out here in the area, I'd love to treat you to a crab cake and a cup of coffee.
And then I also work as a fractional chief of staff for a variety of different companies across different categories, mostly in the agriculture sector, some in the IT sector. So that's a long-winded way of saying me. I'm in Baltimore, Maryland. So if anyone's out here in the area, I'd love to treat you to a crab cake and a cup of coffee.
Yeah. Well, to get really hyper-focused in the agriculture production side, I specialize in novel plants and proteins. And that's going to be a micro or macroalgae, seaweed or a microalgae. It's going to be duckweed. It's going to be insects, space agriculture, recirculating aquaculture systems. And I do have an affinity for insects in particular. And of those, I have an
Yeah. Well, to get really hyper-focused in the agriculture production side, I specialize in novel plants and proteins. And that's going to be a micro or macroalgae, seaweed or a microalgae. It's going to be duckweed. It's going to be insects, space agriculture, recirculating aquaculture systems. And I do have an affinity for insects in particular. And of those, I have an
Real affinity for mealworms. I love the protein emulsification. They're cold blooded, like the five to nine harvest a year. And they're fine. They're two dimensional. They don't hop. They don't fly. They don't complain. They don't make noises. They just eat their carrots and apples and whole wheat and just do their mealworm thing.
Real affinity for mealworms. I love the protein emulsification. They're cold blooded, like the five to nine harvest a year. And they're fine. They're two dimensional. They don't hop. They don't fly. They don't complain. They don't make noises. They just eat their carrots and apples and whole wheat and just do their mealworm thing.
Indeed. Two years ago in Fargo, we ran a tabletop around resiliency in a big part of the agri-supply chain. And to Andrew's point, resiliency, not only in an organization, but in an entire supply chain is the critical piece because you've got competitors that if one goes down, it's either wolves on the carcass or everyone bands together and makes sure that our citizens get fed livestock gets fed.
Indeed. Two years ago in Fargo, we ran a tabletop around resiliency in a big part of the agri-supply chain. And to Andrew's point, resiliency, not only in an organization, but in an entire supply chain is the critical piece because you've got competitors that if one goes down, it's either wolves on the carcass or everyone bands together and makes sure that our citizens get fed livestock gets fed.
We ran through the what if. What if the computers go down? What if there is an attack here? And Andrew, to your point, paper was the way that things are going to move around. The issue was there was no more paper because everything had been transferred to digital. And the people that knew how to use paper have either all retired or almost are retiring.
We ran through the what if. What if the computers go down? What if there is an attack here? And Andrew, to your point, paper was the way that things are going to move around. The issue was there was no more paper because everything had been transferred to digital. And the people that knew how to use paper have either all retired or almost are retiring.
so there was the human element of how do we move things as well as the the physical how do we record things as they're moving down the chain here we are going to meet in fargo on june 11th and part of that conversation is two years later where are we you know has have things been solved is there more communication between competitors we are bringing in the association heads as well so it's not just the companies it's the we won't call it oversight but the group that keeps them together and i think sometimes it's better to have them say hey this entire sector needs to function the way it should
so there was the human element of how do we move things as well as the the physical how do we record things as they're moving down the chain here we are going to meet in fargo on june 11th and part of that conversation is two years later where are we you know has have things been solved is there more communication between competitors we are bringing in the association heads as well so it's not just the companies it's the we won't call it oversight but the group that keeps them together and i think sometimes it's better to have them say hey this entire sector needs to function the way it should
And the other piece, Andrew, I'm going to talk about is the integrity of data. You mentioned that part there, too. This is public. Back when COVID hit and we were racing to get vaccines done, there was a cybersecurity incident with the calibration of the thermometers. And much of the vaccine was lost because of that attack. And it was an integrity of data.
And the other piece, Andrew, I'm going to talk about is the integrity of data. You mentioned that part there, too. This is public. Back when COVID hit and we were racing to get vaccines done, there was a cybersecurity incident with the calibration of the thermometers. And much of the vaccine was lost because of that attack. And it was an integrity of data.
The data readout looked good, but it wasn't. And it was done in such a way, in such a minor way, that would have been missed. And that's just another issue that, you know, Andrew, going back to the integrity of data is...
The data readout looked good, but it wasn't. And it was done in such a way, in such a minor way, that would have been missed. And that's just another issue that, you know, Andrew, going back to the integrity of data is...
Critical critic is otherwise, you know, if you're reading your screen or you're going to print a report, everything looks good and you can't figure out why things aren't matching up or correlated. And the last piece, too, and this is what I'm really excited about, is the social engineering piece of it.
Critical critic is otherwise, you know, if you're reading your screen or you're going to print a report, everything looks good and you can't figure out why things aren't matching up or correlated. And the last piece, too, and this is what I'm really excited about, is the social engineering piece of it.
You know, again, we spend so much money on blue team, red team, pen testing and all this stuff, which, yeah, you should patch your stuff. Things should be updated. There should be somebody watching over all your credentials. But social engineering, especially AI and enable social engineering is it's here.
You know, again, we spend so much money on blue team, red team, pen testing and all this stuff, which, yeah, you should patch your stuff. Things should be updated. There should be somebody watching over all your credentials. But social engineering, especially AI and enable social engineering is it's here.
I mean, we were warning about it 18 months ago, but now it's here full force and we are not prepared. I mean, the tsunami came in and we were still sitting on the beach with our lawn chairs.
I mean, we were warning about it 18 months ago, but now it's here full force and we are not prepared. I mean, the tsunami came in and we were still sitting on the beach with our lawn chairs.
Thank you for having me here. This is a huge honor. I can't believe that I was mistaken for someone else, but it certainly has aided me here at this point in my life. And then for the two of you, one of the best pizza joints I've ever eaten at is in Vegas. It's called Secret Pizza. And there are no signs. You have to be able to find this place.
Thank you for having me here. This is a huge honor. I can't believe that I was mistaken for someone else, but it certainly has aided me here at this point in my life. And then for the two of you, one of the best pizza joints I've ever eaten at is in Vegas. It's called Secret Pizza. And there are no signs. You have to be able to find this place.
Number one, you touched on is awareness. When you look at Maslow's hierarchy, I've been involved in this for eight years, and I can state with a fact that food, agriculture and water fight for last place in terms of resources from our government for protection. Yet absent water, you live three days. Absent food, you live for about three weeks.
Number one, you touched on is awareness. When you look at Maslow's hierarchy, I've been involved in this for eight years, and I can state with a fact that food, agriculture and water fight for last place in terms of resources from our government for protection. Yet absent water, you live three days. Absent food, you live for about three weeks.
You know, if your Internet goes down, the life's going to suck. But, you know, we got by in the 80s and it worked out right for us. You know, yeah, you take, and I mentioned this at a high level briefing, you know, if we go five days without food, you're going to break a law if your kid's hungry. And three weeks without food, that's the end of the government.
You know, if your Internet goes down, the life's going to suck. But, you know, we got by in the 80s and it worked out right for us. You know, yeah, you take, and I mentioned this at a high level briefing, you know, if we go five days without food, you're going to break a law if your kid's hungry. And three weeks without food, that's the end of the government.
I know some other people have a slightly shorter timeline than that, but I think I give our government three weeks without food before everything falls off. And back to the initial question that you asked, I think the real issue is that we generally, as a species, take our food for granted.
I know some other people have a slightly shorter timeline than that, but I think I give our government three weeks without food before everything falls off. And back to the initial question that you asked, I think the real issue is that we generally, as a species, take our food for granted.
That the availability, at least in the first world, maybe the second world, we just go to the store and get it. There's a complete disconnect of all the different pieces that it takes to get it from the farm to your plate and all the intermediary steps in there. And if you just take that for granted and you remove the foundational piece, there's going to be we're on demand.
That the availability, at least in the first world, maybe the second world, we just go to the store and get it. There's a complete disconnect of all the different pieces that it takes to get it from the farm to your plate and all the intermediary steps in there. And if you just take that for granted and you remove the foundational piece, there's going to be we're on demand.
You know, this is there's not like there is a warehouse full of bread that's going to be shipped if you're unable to produce more to go with that. And then and just
You know, this is there's not like there is a warehouse full of bread that's going to be shipped if you're unable to produce more to go with that. And then and just
Yeah. I've been there. And you only go there after 12 o'clock, you know, like 2 a.m. There's a line out the door, but it's an amazing place. Anyway, my favorite food and the favorite food memory are both linked together. And my favorite food is lobster.
Yeah. I've been there. And you only go there after 12 o'clock, you know, like 2 a.m. There's a line out the door, but it's an amazing place. Anyway, my favorite food and the favorite food memory are both linked together. And my favorite food is lobster.
From the existential risk, you know, we talked about bugs and other things that, I mean, the one that really took us by surprise was the solar flare knocking out all the GPS systems, all the John Deere tractors in Canada right before planting.
From the existential risk, you know, we talked about bugs and other things that, I mean, the one that really took us by surprise was the solar flare knocking out all the GPS systems, all the John Deere tractors in Canada right before planting.
You know, you get a short window for planting, you disrupt that, and all of a sudden, if you lose a crop, you can't plant it tomorrow and hope that it comes back in a day or two. I mean, it's like trying to raise a teenager. It's going to take 18 years to get that person to adulthood.
You know, you get a short window for planting, you disrupt that, and all of a sudden, if you lose a crop, you can't plant it tomorrow and hope that it comes back in a day or two. I mean, it's like trying to raise a teenager. It's going to take 18 years to get that person to adulthood.
You do. Agronomy is so advanced right now that we are planting seeds at depths. within millimeter calibrations, spacings of the same. These plants are engineered to grow at a certain rate. Their leaves will shade out the weeds. Their spacing, everything is down to the nth degree. And that's not even taking into account the soil moisture, any kind of inputs that need to be done like that.
You do. Agronomy is so advanced right now that we are planting seeds at depths. within millimeter calibrations, spacings of the same. These plants are engineered to grow at a certain rate. Their leaves will shade out the weeds. Their spacing, everything is down to the nth degree. And that's not even taking into account the soil moisture, any kind of inputs that need to be done like that.
But it's incredibly precise. And if you think about all the money being poured into ag technology, it's all about that data. The more granular you can get on that data, you did mention data and data is a huge concern. Obviously, we're mutual friends with Pablo.
But it's incredibly precise. And if you think about all the money being poured into ag technology, it's all about that data. The more granular you can get on that data, you did mention data and data is a huge concern. Obviously, we're mutual friends with Pablo.
And I love Pablo's idea of creating an ag data lake that some sort of oversight will administer and can then take parts of that data, share it with somebody, but make sure that the farmer gets some sort of reimbursement for that data. Because there's so much that's being put on farmers these days. I mean, forget about environmental regulations.
And I love Pablo's idea of creating an ag data lake that some sort of oversight will administer and can then take parts of that data, share it with somebody, but make sure that the farmer gets some sort of reimbursement for that data. Because there's so much that's being put on farmers these days. I mean, forget about environmental regulations.
I was at an event recently, a very large event, and someone made the suggestion that we should blame farmers if there's a cybersecurity attack on They're far. No. Exactly. And I said, I stood on stage. I said, no, stop. Do not even go down that line of things.
I was at an event recently, a very large event, and someone made the suggestion that we should blame farmers if there's a cybersecurity attack on They're far. No. Exactly. And I said, I stood on stage. I said, no, stop. Do not even go down that line of things.
I've often thought if I had done something really, really bad and I was locked in a cell and have one last meal to eat on this planet, it would be a lobster and not just a lobster. It'd be boiled in the seawater from Bar Harbor, Maine. When I was a kid, I spent several weeks on a boat, sailboat off.
I've often thought if I had done something really, really bad and I was locked in a cell and have one last meal to eat on this planet, it would be a lobster and not just a lobster. It'd be boiled in the seawater from Bar Harbor, Maine. When I was a kid, I spent several weeks on a boat, sailboat off.
One question I do have for the two of you. So Kristen, what's the longest you've gone without food for?
One question I do have for the two of you. So Kristen, what's the longest you've gone without food for?
My record was five days. And I did it as a dare because a friend of mine told me he did 10. And I thought that I could maybe do 10 too. I got to five days and it was so painful. I mean, physically painful. It felt like there was somebody inside my stomach with razor blades just slashing at me night and day. You couldn't sleep with that kind of pain.
My record was five days. And I did it as a dare because a friend of mine told me he did 10. And I thought that I could maybe do 10 too. I got to five days and it was so painful. I mean, physically painful. It felt like there was somebody inside my stomach with razor blades just slashing at me night and day. You couldn't sleep with that kind of pain.
And when you hear this term, the gnawing hunger from Appalachia, that's what it felt like. It felt like something was trying to eat me from the inside out. That disconcerting feeling after four or five days, you're desperate. You're going to do a whole lot of things.
And when you hear this term, the gnawing hunger from Appalachia, that's what it felt like. It felt like something was trying to eat me from the inside out. That disconcerting feeling after four or five days, you're desperate. You're going to do a whole lot of things.
So, you know, if anything comes out of this, I do hope cybersecurity community and the regulatory community understands how important food is to us as a species. And if we're not learning lessons from the war in Ukraine, Russia is going to take out electricity in the winter. So you freeze to death and you take out the food in the summer. So you starve to death.
So, you know, if anything comes out of this, I do hope cybersecurity community and the regulatory community understands how important food is to us as a species. And if we're not learning lessons from the war in Ukraine, Russia is going to take out electricity in the winter. So you freeze to death and you take out the food in the summer. So you starve to death.
If we're not thinking that we're moving into wartime footing and agriculture is not in the crosshairs, shame on us because I guarantee your adversaries are well underway to whatever planning there is out there. So hopefully this podcast will put a few red flags in the poll as well.
If we're not thinking that we're moving into wartime footing and agriculture is not in the crosshairs, shame on us because I guarantee your adversaries are well underway to whatever planning there is out there. So hopefully this podcast will put a few red flags in the poll as well.
coast of Maine and we pulled into Bar Harbor and you get a $5 lobster and you boil in the water of the bay there with some clams and other things, a little bit of seaweed. And it's that, that, that right there is a memory in itself.
coast of Maine and we pulled into Bar Harbor and you get a $5 lobster and you boil in the water of the bay there with some clams and other things, a little bit of seaweed. And it's that, that, that right there is a memory in itself.
Well, I've got my opinions. I'll jump in here. So first of all, if we take a look at the entire globe, who produces more than they consume? Which countries are those? And typically you're looking at the US, Australia, and Brazil. And when the world is going into a food insecurity situation, the first thing you're gonna do is take care of your own population. I mean, that's just normal.
Well, I've got my opinions. I'll jump in here. So first of all, if we take a look at the entire globe, who produces more than they consume? Which countries are those? And typically you're looking at the US, Australia, and Brazil. And when the world is going into a food insecurity situation, the first thing you're gonna do is take care of your own population. I mean, that's just normal.
If there is excess, we want to take care of our allies as well. Here in the US, we certainly have a geographic advantage of having moats to our east and west, and friendlies north and south. And if you look at where most of our food goes, it's keeping the people to our north and south very happy. Food insecurity roils the planet.
If there is excess, we want to take care of our allies as well. Here in the US, we certainly have a geographic advantage of having moats to our east and west, and friendlies north and south. And if you look at where most of our food goes, it's keeping the people to our north and south very happy. Food insecurity roils the planet.
There are going to be populations that are going to not stay within their borders, and there's going to be governments that will begin to topple. In order for us to keep our friends in different continents happy, if we can export some of that excess produce or excess production to them, that will help placate their populations and provide a soft power diplomacy.
There are going to be populations that are going to not stay within their borders, and there's going to be governments that will begin to topple. In order for us to keep our friends in different continents happy, if we can export some of that excess produce or excess production to them, that will help placate their populations and provide a soft power diplomacy.
I kind of have to get too political on this one here. What does it mean? It's going to mean, well, there's 8 billion people on the planet today. Today, there's not enough food to feed all 8 billion people. And that's just a given using traditional conventional methods of production.
I kind of have to get too political on this one here. What does it mean? It's going to mean, well, there's 8 billion people on the planet today. Today, there's not enough food to feed all 8 billion people. And that's just a given using traditional conventional methods of production.
If you look at a country like Sri Lanka, they went and politically made a statement that they will no longer have anything other than organic non-GMO production. And within, it was less than a year, they went from an upper middle class country, by definition, everybody
If you look at a country like Sri Lanka, they went and politically made a statement that they will no longer have anything other than organic non-GMO production. And within, it was less than a year, they went from an upper middle class country, by definition, everybody
person in the country was upper middle class to having the politicians swinging from lampposts everyone starved now the country's in receivership just because of a political dictate and if you look at what europe is doing with a lot of their standards too they're they're removing the ability for them to feed their own populations they're going to become dependent upon other people for food and that's
person in the country was upper middle class to having the politicians swinging from lampposts everyone starved now the country's in receivership just because of a political dictate and if you look at what europe is doing with a lot of their standards too they're they're removing the ability for them to feed their own populations they're going to become dependent upon other people for food and that's
you know they're putting themselves in a weird position mexico's playing that that same way it's it's more of this this this dogma this mythology that genetically engineered food or gmo or anything like that which are scientifically we need them there there is no other way to to avoid that but i don't know it's a conundrum and again this is andrew thinking out here i think we've kind of reached the bounds of um upper ends of intelligence as a species you know we basically we're primates you know so maybe this is the the furthest that we can possibly go and it this is the next 18 months
you know they're putting themselves in a weird position mexico's playing that that same way it's it's more of this this this dogma this mythology that genetically engineered food or gmo or anything like that which are scientifically we need them there there is no other way to to avoid that but i don't know it's a conundrum and again this is andrew thinking out here i think we've kind of reached the bounds of um upper ends of intelligence as a species you know we basically we're primates you know so maybe this is the the furthest that we can possibly go and it this is the next 18 months
months are going to be terrifying. With the Ukraine situation, they were very fortunate to get a grain corridor put up in the Black Sea. As you can see, they've been spending a lot of time on their aquatic drones and making sure that's secure. So they're able to get grain out more than we thought.
months are going to be terrifying. With the Ukraine situation, they were very fortunate to get a grain corridor put up in the Black Sea. As you can see, they've been spending a lot of time on their aquatic drones and making sure that's secure. So they're able to get grain out more than we thought.
The issue was when they were doing it over land through Poland and the rest of Europe, all that glut of grain then drove prices down. So there was some reluctance to accept that grain coming across the borders. We'll see. It's not necessarily the food. It's the inputs. It's the fertilizers. And where are the precursors of those fertilizers coming from?
The issue was when they were doing it over land through Poland and the rest of Europe, all that glut of grain then drove prices down. So there was some reluctance to accept that grain coming across the borders. We'll see. It's not necessarily the food. It's the inputs. It's the fertilizers. And where are the precursors of those fertilizers coming from?
The majority are from Ukraine or Russia or China. So the next 18 months will be a little bit bumpy. I'll leave it at that before I get too dystopian.
The majority are from Ukraine or Russia or China. So the next 18 months will be a little bit bumpy. I'll leave it at that before I get too dystopian.
nostalgic moment you just described is how childhood was and you know we've reached that point in our lives where they will crack the shell for us and take the meat out so we don't have to do all that work you know the way it was very manual back in the day when i was a kid
nostalgic moment you just described is how childhood was and you know we've reached that point in our lives where they will crack the shell for us and take the meat out so we don't have to do all that work you know the way it was very manual back in the day when i was a kid
One thing I do want to add to that, in terms of the heat and the environment and what's going on, there are some really interesting advances in genetics, both for proteins as well as for plants. I think it's probably common, we've developed a short-statured corn, which has a thicker stalk, same ear yield, but it resists a lot of those wind storms that come across the Iowa and Illinois and Indiana.
One thing I do want to add to that, in terms of the heat and the environment and what's going on, there are some really interesting advances in genetics, both for proteins as well as for plants. I think it's probably common, we've developed a short-statured corn, which has a thicker stalk, same ear yield, but it resists a lot of those wind storms that come across the Iowa and Illinois and Indiana.
And Illinois came out with a strain of corn, I believe it was about two years ago, that requires 25% less water because now there's an abundance of carbon dioxide in the air that it can absorb. And it doesn't need all that water, but it hasn't evolved fast enough to reduce its water uptake. So through engineering, we're able to assist it in that function.
And Illinois came out with a strain of corn, I believe it was about two years ago, that requires 25% less water because now there's an abundance of carbon dioxide in the air that it can absorb. And it doesn't need all that water, but it hasn't evolved fast enough to reduce its water uptake. So through engineering, we're able to assist it in that function.
And I'm sure you've heard about the slick gene that we've got in the beef cows. So now we can have beef cows existing on a planet with an ambient temperature of 120 degrees. And I've heard rumors that dairy is not far behind on that one. So the piece there is making sure that we've got soy and other crops that can then feed the livestock that can exist on that planet as well.
And I'm sure you've heard about the slick gene that we've got in the beef cows. So now we can have beef cows existing on a planet with an ambient temperature of 120 degrees. And I've heard rumors that dairy is not far behind on that one. So the piece there is making sure that we've got soy and other crops that can then feed the livestock that can exist on that planet as well.
So again, going back to science, because we're not going to be able to selectively breed ourselves out of the way of climate change. It's just not going to happen.
So again, going back to science, because we're not going to be able to selectively breed ourselves out of the way of climate change. It's just not going to happen.
All right. Well, that's a bone with a lot of meat on it. So I'm going to pause here and think. One thing I do want to mention, too, for anyone who's listening who is in the agriculture sector, if something happens, please report it. There is an easy website called ic3.gov. You can report anonymously.
All right. Well, that's a bone with a lot of meat on it. So I'm going to pause here and think. One thing I do want to mention, too, for anyone who's listening who is in the agriculture sector, if something happens, please report it. There is an easy website called ic3.gov. You can report anonymously.
The government will use that information to both triage and identify trends, and it'll be a multi-agency response. If you file something and it's a low dollar amount, obviously the federal government has budgets. They need to justify the expense of going after something. But if you're
The government will use that information to both triage and identify trends, and it'll be a multi-agency response. If you file something and it's a low dollar amount, obviously the federal government has budgets. They need to justify the expense of going after something. But if you're
report it and someone else reports it and a third person reports it, all of a sudden the aggregated amount gets to a level where they can respond. So please report to ic3.gov, report on behalf of your friends, yourself, anonymously again. The FBI is there to catch criminals. They're not there to victim shame.
report it and someone else reports it and a third person reports it, all of a sudden the aggregated amount gets to a level where they can respond. So please report to ic3.gov, report on behalf of your friends, yourself, anonymously again. The FBI is there to catch criminals. They're not there to victim shame.
If you call the FBI in, they're going to get it in and out as quickly as possible with full permission from you to access whatever it is they need. And then they're going to go catch the criminal, but they're not going to fix your systems. So I did talk to a large pork producer who was upset the FBI didn't fix his computers. I said, that's not their job. And he was,
If you call the FBI in, they're going to get it in and out as quickly as possible with full permission from you to access whatever it is they need. And then they're going to go catch the criminal, but they're not going to fix your systems. So I did talk to a large pork producer who was upset the FBI didn't fix his computers. I said, that's not their job. And he was,
I couldn't placate him, but I at least stated that as a whole.
I couldn't placate him, but I at least stated that as a whole.
Make a friend before you need it. Yeah, make a friend before you need a friend. That's usually my first bulleted point. But in the ag community, there is a little bit of trepidation about the FBI. There are certain sympathies for what happened on January 6th.
Make a friend before you need it. Yeah, make a friend before you need a friend. That's usually my first bulleted point. But in the ag community, there is a little bit of trepidation about the FBI. There are certain sympathies for what happened on January 6th.
And the FBI will be the first to tell you everyone in this country has a First Amendment right to wave a flag, to have a bullhorn, to ring a cowbell. But once you take an action, that's when risk and consequence occurs. So sympathies are fine, you know, and they're not there to judge you on anything like that. They're there to catch criminals. That's
And the FBI will be the first to tell you everyone in this country has a First Amendment right to wave a flag, to have a bullhorn, to ring a cowbell. But once you take an action, that's when risk and consequence occurs. So sympathies are fine, you know, and they're not there to judge you on anything like that. They're there to catch criminals. That's
I do want to give an amen to that. I've been preaching the secure by design principles to robotics and ag tech companies, and it's not a resistance. Oh, didn't think about that. So it's not a... It's worse. Well, I mean, they're concerned with interoperability, exchanging information, flow of data. So security is obviously an afterthought, if it's thought at all.
I do want to give an amen to that. I've been preaching the secure by design principles to robotics and ag tech companies, and it's not a resistance. Oh, didn't think about that. So it's not a... It's worse. Well, I mean, they're concerned with interoperability, exchanging information, flow of data. So security is obviously an afterthought, if it's thought at all.
But by putting that in the top five on their list, now it's there. I'm also coming from the investor standpoint. So an investor is not going to want to put money into a company that's going to have a lifetime of patches and upgrades required because they weren't thinking about security on the front end. That's just going to degrade their investment dollars, too. So there is no pushback from that.
But by putting that in the top five on their list, now it's there. I'm also coming from the investor standpoint. So an investor is not going to want to put money into a company that's going to have a lifetime of patches and upgrades required because they weren't thinking about security on the front end. That's just going to degrade their investment dollars, too. So there is no pushback from that.
It's just a lack of awareness, which is the first step in anything. Another piece that I mean, this is more of a global piece, but as a species, we rarely will fix something until it's been broken. So we didn't even understand how significant this was until the JBS attack.
It's just a lack of awareness, which is the first step in anything. Another piece that I mean, this is more of a global piece, but as a species, we rarely will fix something until it's been broken. So we didn't even understand how significant this was until the JBS attack.
So Andrew, I'm just hoping that somebody someday will come back to this podcast and say, oh, all those things Andrew said, yeah, we're going to implement them now that something has occurred, you know, rather than getting ahead of the attack. So I'm not, I mean, I don't want to be overly cynical, but it appears that's typically the way that we operate.
So Andrew, I'm just hoping that somebody someday will come back to this podcast and say, oh, all those things Andrew said, yeah, we're going to implement them now that something has occurred, you know, rather than getting ahead of the attack. So I'm not, I mean, I don't want to be overly cynical, but it appears that's typically the way that we operate.
The thing that we haven't talked about here, and Chris, maybe you'll cover this in another podcast, was the Microsoft hack of all the executives. And there's a lot of speculation that the source code is gone and that the Russians now know every zero day vulnerability before Microsoft does.
The thing that we haven't talked about here, and Chris, maybe you'll cover this in another podcast, was the Microsoft hack of all the executives. And there's a lot of speculation that the source code is gone and that the Russians now know every zero day vulnerability before Microsoft does.
I don't know if you've been watching your Microsoft updates lately, but every day now there's another patch coming in. And again, Microsoft, I'm just speculating. No one's admitted anything yet, but I have a high suspicion that some of that could have been compromised. And then going back to the secure by design is the liability piece.
I don't know if you've been watching your Microsoft updates lately, but every day now there's another patch coming in. And again, Microsoft, I'm just speculating. No one's admitted anything yet, but I have a high suspicion that some of that could have been compromised. And then going back to the secure by design is the liability piece.
Let's say that there is that one little thing that everyone's using that isn't secured. What happens if that's a conduit from a tax? Then who is going to hold the liability? Is it the end user? Is it the farmer or the agribusiness? Is it the manufacturer? Who knows? Are they still in business? There's a lot more questions there than there are answers.
Let's say that there is that one little thing that everyone's using that isn't secured. What happens if that's a conduit from a tax? Then who is going to hold the liability? Is it the end user? Is it the farmer or the agribusiness? Is it the manufacturer? Who knows? Are they still in business? There's a lot more questions there than there are answers.
Amazing.
Amazing.
And as I mentioned before, we need to understand we're in pre-war footing here. Our enemies are already pre-positioned into our critical infrastructure. If we're not aware of that, if we're not mitigating and responding to that, shame on us.
And as I mentioned before, we need to understand we're in pre-war footing here. Our enemies are already pre-positioned into our critical infrastructure. If we're not aware of that, if we're not mitigating and responding to that, shame on us.
And with the, and again, this is Andrew just speculating out there, with the number of onslaught of attacks and the increase in velocity of these attacks, we still are playing the nice guy. You know, we're still putting the fires out, fixing things, and whatever offense we're taking is shrouded in opaque for certain reasons.
And with the, and again, this is Andrew just speculating out there, with the number of onslaught of attacks and the increase in velocity of these attacks, we still are playing the nice guy. You know, we're still putting the fires out, fixing things, and whatever offense we're taking is shrouded in opaque for certain reasons.
Well, I do have a bonus answer to that one too, because I was on the fence. The other thing is I love scones. Two years ago, I spent six months working from the road just to see if I could pull it off, working little tertiary towns. And when I go into one of these small towns across the US, the first thing I try to do is find a coffee shop, a local coffee shop and get a cup of coffee.
Well, I do have a bonus answer to that one too, because I was on the fence. The other thing is I love scones. Two years ago, I spent six months working from the road just to see if I could pull it off, working little tertiary towns. And when I go into one of these small towns across the US, the first thing I try to do is find a coffee shop, a local coffee shop and get a cup of coffee.
Yeah, but we're going to reach a day when this crescendo is so great that we're just going to take the gloves off and start hitting back. And, you know, I'm kind of looking forward to that. I mean, just... They said that a cyber attack could constitute an act of war. And I know that's been said, but I haven't seen it acted on yet.
Yeah, but we're going to reach a day when this crescendo is so great that we're just going to take the gloves off and start hitting back. And, you know, I'm kind of looking forward to that. I mean, just... They said that a cyber attack could constitute an act of war. And I know that's been said, but I haven't seen it acted on yet.
But it breaks my heart because for every ag hack that you see, there's probably another 90 that I hear about that aren't seen. And it breaks my heart what's going on right now. And I really would love to punch back a little bit.
But it breaks my heart because for every ag hack that you see, there's probably another 90 that I hear about that aren't seen. And it breaks my heart what's going on right now. And I really would love to punch back a little bit.
Or Kristen, I mean, the easy answer there, at least the normal reaction is let's just fire the CISO, you know? Absolutely.
Or Kristen, I mean, the easy answer there, at least the normal reaction is let's just fire the CISO, you know? Absolutely.
So Kristen, are you setting up the next podcast? Because we ran a field exercise recently in Pennsylvania that is pretty much word for word what you described. There were two identical companies, agribusinesses. They both got hit almost on the same day, the same ransomware, same actors. One paid ransom, one didn't. And we were able to do 18 months later postmortem on what that was.
So Kristen, are you setting up the next podcast? Because we ran a field exercise recently in Pennsylvania that is pretty much word for word what you described. There were two identical companies, agribusinesses. They both got hit almost on the same day, the same ransomware, same actors. One paid ransom, one didn't. And we were able to do 18 months later postmortem on what that was.
And if they have a scone, I buy a scone. And then I listened like a thief to the conversations around me to get a sense of the vibe of the town. I checked the corkboard out to see what kind of things are being advertised and up there. And after six months of eating scones, I got back and said, boy, there's a few of those I miss. I don't even know how to make a scone.
And if they have a scone, I buy a scone. And then I listened like a thief to the conversations around me to get a sense of the vibe of the town. I checked the corkboard out to see what kind of things are being advertised and up there. And after six months of eating scones, I got back and said, boy, there's a few of those I miss. I don't even know how to make a scone.
And it is amazing. We haven't released a white paper yet, but that was part of the volunteer work I do for the Bio-ISAC.
And it is amazing. We haven't released a white paper yet, but that was part of the volunteer work I do for the Bio-ISAC.
Well, it echoes what you said. The CEO, they didn't even think that this was anything other than why us. It was emotional. It was tears. It was employee tears. So they felt personally attacked. They didn't even think about law enforcement or anything. They just wanted to get everything cleaned up and get their systems online. It was a significant financial hit, a significant timeout.
Well, it echoes what you said. The CEO, they didn't even think that this was anything other than why us. It was emotional. It was tears. It was employee tears. So they felt personally attacked. They didn't even think about law enforcement or anything. They just wanted to get everything cleaned up and get their systems online. It was a significant financial hit, a significant timeout.
time hit and they are a major player in the country for the sector they serve, as was their competitor. So yeah, affirmation to what you just said.
time hit and they are a major player in the country for the sector they serve, as was their competitor. So yeah, affirmation to what you just said.
Oh, I know where he is. It's just a matter of getting him on here. He's defense, so he's often kind of reticent about talking in public.
Oh, I know where he is. It's just a matter of getting him on here. He's defense, so he's often kind of reticent about talking in public.
Pretty much.
Pretty much.
It's been wonderful. Thank you, Kirsten. Thank you so much.
It's been wonderful. Thank you, Kirsten. Thank you so much.
And so I went on YouTube and started teaching myself how to make scones. And for the last about 18 months, I've been baking scones and people love them. People more than my friends and family love them. So I don't take that sort of feedback with any kind of any weight or measurement of how good they are. But it appears that my scones are a hit. So I'm becoming known for my scones as well.
And so I went on YouTube and started teaching myself how to make scones. And for the last about 18 months, I've been baking scones and people love them. People more than my friends and family love them. So I don't take that sort of feedback with any kind of any weight or measurement of how good they are. But it appears that my scones are a hit. So I'm becoming known for my scones as well.
well you know yeah those are fairly pedestrian shapes um i uh i also like to go to uh antique malls and i look for the cookie cutters that are deep enough so i've got any shape you can imagine i like the hearts a lot because i figure if you make a heart-shaped skull and if someone has a broken heart you give it that two of them and they always feel better about themselves but i've got cats and cows and flowers and stars like any shape you can imagine so no not not those mundane pedestrian scones you might find in the stores
well you know yeah those are fairly pedestrian shapes um i uh i also like to go to uh antique malls and i look for the cookie cutters that are deep enough so i've got any shape you can imagine i like the hearts a lot because i figure if you make a heart-shaped skull and if someone has a broken heart you give it that two of them and they always feel better about themselves but i've got cats and cows and flowers and stars like any shape you can imagine so no not not those mundane pedestrian scones you might find in the stores
Well, you know how our friends are over the ocean there. They have words for things that are inappropriate. So what they might call a scone, we might call a biscuit, you know, and one might have an egg in it. The other one might not have an egg in it. And I'm not that pure. I just want to go with taste best. You know, this is my palate I'm concerned with.
Well, you know how our friends are over the ocean there. They have words for things that are inappropriate. So what they might call a scone, we might call a biscuit, you know, and one might have an egg in it. The other one might not have an egg in it. And I'm not that pure. I just want to go with taste best. You know, this is my palate I'm concerned with.
So I'm going to I'm not going to touch that one. Yeah.
So I'm going to I'm not going to touch that one. Yeah.
Yeah, point of play here. Me and the viewer obviously raised in the southern part of the United States where sweet tea is the beverage of choice.
Yeah, point of play here. Me and the viewer obviously raised in the southern part of the United States where sweet tea is the beverage of choice.
It was too sweet. Well, the thing there is, do you put the sugar in when the water is hot or cold?
It was too sweet. Well, the thing there is, do you put the sugar in when the water is hot or cold?
Put it in when it's hot. Otherwise it gets cloudy.
Put it in when it's hot. Otherwise it gets cloudy.
That is a good question, and I love them all. They're sweet scones and they're savory scones. My personal favorite is a candied ginger butterscotch scone with a light green sugar glaze on top. That is my favorite sweet, but for savory, I go way off the charts. I like an anchovy sun-dried tomato caper with a pickle cream on top.
That is a good question, and I love them all. They're sweet scones and they're savory scones. My personal favorite is a candied ginger butterscotch scone with a light green sugar glaze on top. That is my favorite sweet, but for savory, I go way off the charts. I like an anchovy sun-dried tomato caper with a pickle cream on top.
So you get that sort of punch, that little, that tart bite, and it moves into more of a salty, um, unami flavor, but you get a full rich flavor. And I might throw some smoked cheddar, smoked horseradish cheddar cheese in there too, just to give it an extra oomph.
So you get that sort of punch, that little, that tart bite, and it moves into more of a salty, um, unami flavor, but you get a full rich flavor. And I might throw some smoked cheddar, smoked horseradish cheddar cheese in there too, just to give it an extra oomph.
But it's certainly a confusion in the palate, but all of a sudden the flavors dance together and then you're left with this wonderful taste there. But it's, you know, I'm, I'm a, I'm kind of a backyard chef, so it's an acquired taste at times.
But it's certainly a confusion in the palate, but all of a sudden the flavors dance together and then you're left with this wonderful taste there. But it's, you know, I'm, I'm a, I'm kind of a backyard chef, so it's an acquired taste at times.
So last night I baked mangoed candy ginger caramel scones with a simple sugar glaze and then dark cherries dried and dark, really dark chocolate with a sugar glaze as well. Heart shaped for an event tomorrow.
So last night I baked mangoed candy ginger caramel scones with a simple sugar glaze and then dark cherries dried and dark, really dark chocolate with a sugar glaze as well. Heart shaped for an event tomorrow.
I'm going to have to report back if people liked it. Wow. Andrew, I will hold you a plate and then Kristen, I'll find a way to get you some.
I'm going to have to report back if people liked it. Wow. Andrew, I will hold you a plate and then Kristen, I'll find a way to get you some.
I don't, I'm going to push back. You're a problem solver. I bet if you put your mind to it, you'd be the best scone baker we've seen.
I don't, I'm going to push back. You're a problem solver. I bet if you put your mind to it, you'd be the best scone baker we've seen.
All right. Well, thank you. Appreciate that. I am the other Andrew Rose, the US version of Andrew Rose. And fun fact, there is another Andrew Rose who does cyber, but we'll eventually get him into one of these podcasts. Yeah. So, I am an accidental cybersecurity advisor, expert, what have you.
All right. Well, thank you. Appreciate that. I am the other Andrew Rose, the US version of Andrew Rose. And fun fact, there is another Andrew Rose who does cyber, but we'll eventually get him into one of these podcasts. Yeah. So, I am an accidental cybersecurity advisor, expert, what have you.
I was working for a large bank that does agricultural financing and had just come off of helping stand up the Cybersecurity Association of Maryland as a favor to a friend of mine. It's not that I have any coding or cyber background, it's I know how to start nonprofits and write bylaws and put fiduciary responsibilities and governance in there and bringing sponsors.
I was working for a large bank that does agricultural financing and had just come off of helping stand up the Cybersecurity Association of Maryland as a favor to a friend of mine. It's not that I have any coding or cyber background, it's I know how to start nonprofits and write bylaws and put fiduciary responsibilities and governance in there and bringing sponsors.
And we hired an executive director, got an office location, got programming up and running. At about that time, I went over to the bank and I inherited a large team that was geographically dispersed. And I figured a great way to do a team building exercise was do a tabletop exercise.
And we hired an executive director, got an office location, got programming up and running. At about that time, I went over to the bank and I inherited a large team that was geographically dispersed. And I figured a great way to do a team building exercise was do a tabletop exercise.
And since I'd just come off cybersecurity, I figured, well, let's just do a nuclear internal disgruntled tech employee that bricks our machines, exfiltrates data, you know, the whole nine yards. And we ran through that exercise. And I won't really go into what our findings were, but it gave us 18 months of work to patch. over a few holes that were uncovered.
And since I'd just come off cybersecurity, I figured, well, let's just do a nuclear internal disgruntled tech employee that bricks our machines, exfiltrates data, you know, the whole nine yards. And we ran through that exercise. And I won't really go into what our findings were, but it gave us 18 months of work to patch. over a few holes that were uncovered.
One of the issues going into this, and for anyone out there listening, is we had assumed we had a playbook. We had assumed that whatever the crisis was, there was protocols and procedures in place to follow through that. And that was the pushback I got when I was pulling everyone together. And I said, well, we'll do this from muscle memory then.
One of the issues going into this, and for anyone out there listening, is we had assumed we had a playbook. We had assumed that whatever the crisis was, there was protocols and procedures in place to follow through that. And that was the pushback I got when I was pulling everyone together. And I said, well, we'll do this from muscle memory then.
We'll run through it just to understand what this looks like. And then we obviously identified some gaps and blind spots. What that that gave me a lot of pause. And I reached out to a friend of mine who was very high up in the U.S. Cybersecurity Command and said, hey, I'm in agriculture now and I just found something I'm a little little concerned.
We'll run through it just to understand what this looks like. And then we obviously identified some gaps and blind spots. What that that gave me a lot of pause. And I reached out to a friend of mine who was very high up in the U.S. Cybersecurity Command and said, hey, I'm in agriculture now and I just found something I'm a little little concerned.
Would you would you look around and just let me know what you see? And he got back to me about a month later with an OSSHIT type of email saying, hey, this is not good. And, you know, I'm just doing this as a volunteer. I'm a regular guys, but I know a lot of people. And at the same time, and I can share this publicly because there is a YouTube video.
Would you would you look around and just let me know what you see? And he got back to me about a month later with an OSSHIT type of email saying, hey, this is not good. And, you know, I'm just doing this as a volunteer. I'm a regular guys, but I know a lot of people. And at the same time, and I can share this publicly because there is a YouTube video.
One of our clients is a very large poultry integrator on the Eastern Shore, and their contract growers were getting hit by a variety of business email compromises and rerouting transaction numbers. And it was in the tens of millions of dollars were the hits. And no one knew what was going on. No one knew what to do. And I thought I'd be a superhero and I called the FBI.
One of our clients is a very large poultry integrator on the Eastern Shore, and their contract growers were getting hit by a variety of business email compromises and rerouting transaction numbers. And it was in the tens of millions of dollars were the hits. And no one knew what was going on. No one knew what to do. And I thought I'd be a superhero and I called the FBI.