Companies hire Gary Chan to help them build or improve their cybersecurity programs. He has 16 years of experience, four security certifications, and an electrical engineering and computer science degree from MIT. Having worked in over a dozen countries, Gary has deployed security solutions to multiple state agencies, built the information security program for large-cap companies, mentored cybersecurity start-ups, and given seminars on cybersecurity. He’s here today to discuss how companies can build information security that makes pragmatic sense. Welcome to the show, Gary!
What Expert Authority World™ is saying about the show:
- 0285: Sales Driven Agency: Helping Founders Become Predictable, Sustainable and ScalableJune 28, 2021 by Mary2577 from Philippines
Thank you so much and keep on doing more great show.
- Easily One of My FavoritesMay 7, 2021 by ScottDGray from United States
I recently discovered Expert Authority Effect. It’s quickly worked it’s way onto my list of must listen podcasts. The episodes are less than an hour and packed with great information from top-level entrepreneurs.
- Priceless Content!May 7, 2021 by megan@podcastingyou from United States
Mario does such a good job covering a variety of topics. His guests offer awesome advice as well. I would recommend this show to anyone looking to learn more about entrepreneurship!
- Very helpfulMay 7, 2021 by Luke and Susie from Australia
As a business owner I love being challenged to see things a different way and be reminded of how to do thing better. This podcast has been so helpful to do that.
- Great ShowMay 6, 2021 by emj-js from United States
Mario does an excellent job being fun an entertaining while asking insightful questions to draw out the experise of his guests. Thoughtful, helpful conversations to make work and life better. Thanks!
- Smart Ways to GiftApril 26, 2021 by Michelle Kaplan from United States
I learned some key things during Mario's interview with Chelsea Martin on gifting. What stands out is how impactful direct mail really is and how important a customized presentation of your products not only creates happy customers, but also a great referral source. Thank you!
- Heart Centered SuccessApril 18, 2021 by Macnjacs from United States
Your interview with Brandon Fong was great. I appreciated the fact you started with the 3 steps, it was so valuable it really made me want to hear more. Thanks!
- Love this show!March 12, 2021 by Gisele_Oliveira from United States
This is so far my favorite podcast. It’s been my weekly dose of motivation and inspiration. Keep up the great work, Mario !
- So much value!March 7, 2021 by Loose Seeds from United States
The conversation with James, Sana and John Lee Dumas was awesome. Unique questions were asked by the hosts and JLD responded with gems that I stick right into my pocket. Thanks for this valuable info on how to up my podcasting game guys!
- Always Enjoy Mario's Interviews!March 5, 2021 by HarloB from United States
I really enjoy Mario and his shows. The Stress and Anger in the Workplace episode was great because it cut to the chase of all the issues around this topic. Great interview!
- Great PodcastMarch 5, 2021 by 11Dreamer11 from United States
Really interesting interviews that are really well done! Great listen and great for inspiration.
- InnovativeFebruary 22, 2021 by Michelle Kaplan from United States
I love Mario's energy! It captures my attention throughout his podcasts. Listenng to him and his guests, their ideas, actions, and accomplishments makes me brainstorm what's next for my business. Relevant and fresh!
- Inspiriation 7 Days A Week!February 19, 2021 by ST Rappaport | LifePix from United States
Mario doesn't miss a day. No matter what is going on, there's an episode relase. Mario is on a mission and nothing is going to stop him. He's a real model to be doing these interviews!
- An Expert on Experts!February 12, 2021 by Powerful Eric from United States
Love this show! Mario's show is a asset to podcasting. Thanks for helping others Mario!
- Now I knowJanuary 22, 2021 by Margo Lovett from United States
Mario, I see how active and generous you are in Podcast Paradise. Today, I listened to a few of your shows - episodes 1 & 59. Episode 1 brought me into the moment of prayer. You produced a show according to the Spirit. Now I know why you are so generous, able to operate from your seat of genius. Margo Lovett
- Keeping the BooksJanuary 15, 2021 by E-World from United States
Great interview with Judith keeping Net Profits as key thing to look at. Interesting point she made some owners make 30 millions but not enough Net to take a paycheck.
- Excellent podcastJanuary 12, 2021 by Atomickitten99 from United States
I’m enjoying the guest interviews. They are packed full of great nuggets! Thank you.
- Unique - Engaging - BoldJanuary 2, 2021 by Paul D Johnson from United States
As host of interveiw based The God Zone Show podcast I fournd Mario's show uniquely valuable in providing inpriation and engouragment for my work.
- Fun, insightful, and quality productionDecember 23, 2020 by koltrass from United States
Mario brings in top-notch guests for engaging conversations on a variety of topics. Moreover, his attention to technical (e.g. audio, editing) quality is obvious and makes a difference. Listen to be entertained and enlightened!
- Inspiring interviews to take the next step!December 12, 2020 by BillableWithBaby from United States
Inspiring interviews with interesting entrepreneurs inform and motivate you to take things to the next level. Always good things to learn and implement. Thank you Mario!
- Pure value, I love itDecember 4, 2020 by Jdoggg222 from United States
Mario has a way of asking the questions I am wondering as the guest is speaking. He seems to intentionally ask the questions that most benefit you as a listener. Great podcast!
- Loved the Craig Handley EpisodeNovember 13, 2020 by MHillfan from United States
Mario’s energy is infectious and Craig Handley is a character and some. But really every episode brings out the uniqueness of each guest. This pod has become one of my must listens›
- Inspiring. Informative.November 6, 2020 by SunDevil from United States
Mario is incredibly inspiring and does something few other podcast hosts can manage to do… allow his guests to actuall talk at length and answer his questions. He offers great information and I really appreciate that he is invested in what his guests have to offer as well. Other podcasts come across as an ego stroke for the host, but this podcast is truly here to help guests share their stories as well to the benefit of the listener. Worth subscribing.
- Game changerOctober 30, 2020 by Player's Handbook from United States
This podcast is informative and inspiring. I love it!
- If you are a wanna be entrepreneur look no further!October 23, 2020 by Elisa Di Napoli from United Kingdom
Great podcast full of interesting insights. The host is engaging and thoughtful and I can say I have enjoyed listening to each episode!
- Amazing Interviews not to miss!!!October 16, 2020 by Jbower1282 from United States
Consistantly uniques interviews or amazing people really making it happen.
- Mario is a great host with great questions!October 16, 2020 by alexdesigns from United States
Take a few minutes out of your day to listen to Mario. He is a super smart guy and I love the questions he asks his guests.
- A great podcast for dreamers and do-ers!October 16, 2020 by Chiquita2727 from United States
Lots of great information and inspiration for anyone who wants to turn dreams into reality. Mario brings a lot of spot-on information to this podcast.
- Great ShowOctober 9, 2020 by Palminchen from London from United Kingdom
Love the broad selection of topics for inner
- Amazing inspirational storiesOctober 9, 2020 by Nicholas Lee 18 from United Kingdom
This podcast is so good. The stories from the people sharing their stories about their struggles in life and how they overcame these struggles is just inspirational and helped me push harder when things get tough. Keep up the good work with these amazing interviews Mario.
- FantasticOctober 9, 2020 by sttoggyigctdrvy from United States
Mario goes above & beyond on his show. Lots of great information for his listeners!
- Top LearningOctober 2, 2020 by BLNT PPTT from Hungary
Love hearing these great interviews with a great host. Keep up the good work!
- Mario inspires!September 18, 2020 by CHRISTOPH - HABITFREAK from United States
These interviews are fantastic. Mario inspires with great questions that draw out great answers from his guests!
- Expert authority!September 18, 2020 by Tara Williams Phone from United States
Mario shares some amazing people on this podcast and they have some gold to share!
- Great show!September 10, 2020 by Karen @ Interview Valet from United States
Mario is an awesome podcast host! I love the FB Live interviews and the opportunity for listeners to engage in real time. The audio and video quality is spot on every time. Be sure to subscribe so you don't miss anything! You won't be sorry.
- A Podcasters Inspiration!August 14, 2020 by JamieKullman from United States
Mario has so much insight and delivers such incredible value through his show. I just started listening, but I've already learned so much from him and his wonderful interviews. Keep up the awesome work!!
- Quality professionalismAugust 6, 2020 by VirtForce from United States
I can’t say enough about how pristine and professional Mario is in his interviews. He truly wants his guests to have the best experience and recording possible. And not to mention he is fun and knows how to put people at ease in front of the camera.
- How to conquer your limiting beliefsJuly 31, 2020 by Dave4syth from United States
Listen to episode 103 an dlearn how to overcome your limiting beliefs. Great advice.
- I can’t believe how much I learned in just one episodeJuly 29, 2020 by AwesomeMontana from United States
Mario is knowledgeable, curious and able to bring great guests that deliver value that every business needs to understand! Outstanding podcast!
- Great content!July 15, 2020 by Cory Lee Leadership from United States
Mario does a great job of providing relevant information and bringing on guests to share their expertise in a variety of fields. Highly recommend his podcast!
- Fascinating interviewsJuly 10, 2020 by Bill Ringle from United States
Mario brings on accomplished guests and draws out their expertise and stories in a way that leaves me on the edge of my seat. Keep up the great work, Mario!
- Love It!June 26, 2020 by Laura Moreno Cabanillas from India
Loving this podcasts, an entrepreneur I really appreciate the energy and passion being shared to help us grow our business. Keep up the great work.
- Boost my Amazon sales!June 19, 2020 by SurvivalDad from United States
I tap Amazon as one of my sales channels and your interview with John Ghiorso was an eye-opener. Ignore at your own peril!
- Love It!June 16, 2020 by LauraMore from United States
I loved the Memorial Day episode, Mario! Thanks so much for creating this awesome podcast!
- Flawless interview styleMay 29, 2020 by GninraeL14 from United States
Mario makes everyone appear even more interesting to me. Great format and style!
- Come here for valueMay 29, 2020 by Joshua User 202! from Canada
Really appreciated this podcast for the raw, genuine interviews. Love it!
- Crisp and interesting interviewsMay 22, 2020 by Joel Goobich from United States
As someone who created one of the first podcasts dedicated to video marketing, I was very impressed by your recent episode about using video. Your interview style is crisp and interesting
- If you are in business, this podcast needs to be on your playlist.May 22, 2020 by Macstephen1 from United States
Mario has a great conversational style that helps his guests shine. This show is a must if you have an entrepreneurial spirit. It provides thought provoking content that will help any businessperson in their quest for success.
- New Subscriber here and on your YouTube ChannelMay 15, 2020 by Angela Brown Oberer from United States
Wow Mario you have a real knack for interviewing. You ask great questions and have a fun way of keeping the conversations lively and interesting. After listening to your episode with Owen Video I subscribed to your podcast and then I hunted you down on YouTube. High Five and great job!
- Very Professional & Engaging Show!May 15, 2020 by Mitche Graf from United States
Mario is extremely engaging and can hold your attention, and is a great interviewer! He has some great guests that really get into the details of running a successful business. Keep up the great work Mario!
- Great ContentMay 10, 2020 by Pilar S. from United States
Excellent! LOTS of advice from experts. The most recent episode talks about speaking–a must-listen for anyone who presents or is thinking about presenting.
- Great content!May 1, 2020 by @Mentally_Strong from United States
I really enjoy your podcast each time I listen. The content helps any entreprenur level up with they do. Keep it up and thanks for each episode.
- Professional and InformativeMay 1, 2020 by Bruce at Mindfulness Mode from Canada
Mario Fachini is an excellent interviewer and has terrific guests on the show. I highly recommend this podcast.
- Great PodcastMay 1, 2020 by Amber Fuhriman from United States
I love the topic of this podcast. The episode with Tod Lindsay is super super helpful!!
- Great find!May 1, 2020 by Reed Stiles from United States
Great message and content. Stumbled upon this due to the cool logo, stayed for the content.
- Great show and great host!May 1, 2020 by Laurapowers44 from United States
Love what Mario offers! So glad he is doing his show and providing all this helpful info! Keep them coming!
- Walks the walkMay 1, 2020 by Me15463 from United States
Mario encapsulates everything he talks about on the show. Be sure to tune in to this!
- Honest and authenticApril 17, 2020 by Deano3622 from United Kingdom
Wow, just come across this podcast. Mario is such an awesome guy. He comes across so honest and genuine. Loved the content. I honestly don’t know where you find the time?! Keep it up Mario, love how honest and real you are!
- Great and insightful!March 7, 2020 by Karty12345 from Australia
I really enjoyed this podcast, so much relevant content. Thank you!
- So much Value..!February 28, 2020 by Alex Dali Rizo from United States
Great content, I really recommend this to any Entrepreneur looking to excel in their path, Mario brings topic experts to teach and inspire your day
- Inspirational Intentional InformationFebruary 28, 2020 by 10Kforte from United States
This podcast shares the stories from people that are doing whatever it takes to rise up and help others along the way. “What Are You Made Of” is one of the many messages shared on the podcast. There are so many takeaways that are applicable to anyone. I really enjoyed listening.
- Wow!February 25, 2020 by Tyscoaching from Australia
Just listened to the 'rescue site AED Program' episode! If you love epic stories and inspirational people, this is the podcast for you!
- Motivation on TapFebruary 7, 2020 by AnthonyPGarcia from United States
Mario brings on some of the most impactful entrepreneurs to hear from. He dives into the key performance factors of their business. He extracts information very well and keeps the show flowing very smoothly. Definitely a show to subscribe to!
- Starting a MovementFebruary 7, 2020 by JustMe2say from United States
There are many areas of business and entrepreneurs have an opporunity to gain some insight with this podcast. Excellent interviews!
- Great Podcast For Entrepreneurs!February 7, 2020 by The Big Game Hunter from United States
Full of knowledgeable guests and useful information that will help you accomplish your goals in business and in life!
- Mario Truly Care About His GuestsFebruary 7, 2020 by Podcast Junkies from United States
Having met Mario and spent time with him at Podfest I can truly say that he is passionate about his show. He’s genuine and that clearly comes through in his own story and what he brings to every interview.
- Put your thinking cap on!January 27, 2020 by Cliff Duvernois from United States
This is probably one of the most information dense podcasts I’ve listened to in many moons. Each episode could easily be expanded out into 2 or 3 hours. Mario does a great job of asking the right questions to get his guests to reveal great tips, tricks and advice. Sure a lot of information can be applied to an entrepreneur but I found a lot of advice applicable to my personal life. This podcast is definitely worth my time to listen to and I’m looking forward to more episodes to come. Great job!
- Relavant for anyone!January 17, 2020 by HarloB from United States
- Mario nails it!January 17, 2020 by Mickiezada from United States
I've listened to Mario for a long time...his podcast is well produced, his guests are influencers and authentic authority, and chock full of insights and inspiration for entrepreneurs. Love it!
- Mario is the real dealJanuary 9, 2020 by jamesnewcomb.io from United States
I’ve known Mario personally and professionally for over a year now. He is genuinely interested in helping people succeed, and consistently over delivers in his interactions and valuable advice with fellow entrepreneurs, podcasters, what have you. In this era of showmen who “give value” only if they think they’ll get something in return, Mario stands out as a man among men. Listen to his show and learn what true leadership and value in the marketplace mean.
- Listening On My Entrepreneurial JourneyJanuary 3, 2020 by FromLisa2 from United States
I was surprised when I stumbled over the servant leadership that shows up in these episodes. It's collaborative. It's focused on relationships with clients versus transactions. I especially enjoyed the episode on getting clients without "selling" because it's more about genuine relationship building.
- A GiftDecember 25, 2019 by Lisa Vogt from United States
Mario uses all his talents, gifts and abilities to produce this life affirming show. It's incredible that we are able to grow our abilities and develop our talents and gifts just through subscribing and listening. Thank you Mario!
- This show is ON FIRE!December 14, 2019 by tibor.mindsethorizon from United States
Love your show Mario! Your niche is close to mine but I focus more on mindset and manifestation in a business setting. I tuned into episode #103 with Karen Brown which is dope! Keep up the great work!
- Entrepreneur Must ListenNovember 30, 2019 by HWoodwriter from United States
If you’re an entrepreneur this is a must listen show. So many inside tips and thought processes behind moving your business forward. Mario does a great job with the guests by asking the right questions at the right time. He and his guests give the information you need to grow your business and leadership skills.
- What a show!!October 26, 2019 by CWLuecke from United States
Man, do I love interviews with world-changers! Mario does an excellent job gathering the cream of the crop for his show and giving insightful interviews. Check it out!
- Loved it!October 25, 2019 by Seodrigo from United States
This interview was very enjoyable. Mario brought on a wise guest by the name of Michael Lauria. I loved the interview and Michael's perspective on the topic. He had wonderful insights and around min 31, he hit something very profound. Excited to share what I learned today with others. Way to go!
- Great listenOctober 25, 2019 by trinity3712 from United States
Good listen. Great range of guests and topics. Something here is you keep listening will help you in many areas of life and leadership b
- Great Knowledge!October 18, 2019 by Jon Vroman FRD from United States
Great show Mario! So much valuable information in one episode!
- Excellent show, very imformative!October 5, 2019 by Shaolin Soprano from United States
Mario loving the podcast bro, great content, immense value. Enjoying these interviews!!!
- Helpful Information!October 4, 2019 by The Medicare Nation from United States
Love the valuable information on these episodes! Lots of tips & tricks for every Entrepreneur to use. Kudos Mario! Diane Daniels Host of Medicare Nation
- Love Mario’s AttitudeSeptember 12, 2019 by marisaimon from United States
Mario’s heart shines through his interviews, making these fun and positive, and the people he brings on offer such a wealth of knowledge.
- Lots of Great Info!September 6, 2019 by DarlajPowell from United States
Mario provides lots of great info and advice in this 7 day a week show.
- Great Content!August 31, 2019 by LanceJohnson_ from United States
Mario does a great job of share valuable information that every entrepreneur could use and apply to their journey. Great work! 🙂
- Important information!August 31, 2019 by Allmenow from United States
Very engaging information. Mario draws out experiences and knowledge from his guests. Loved the show!
- Difference-MakerAugust 21, 2019 by Unlimited Beliefs from United States
Mario is a master at bringing out, shining a light on, and internalizing the difference-making mindset. His knowledge and experience and mission enable him to synthesize information into diamonds for all of us! What you want is accessible by taking in this show!
- Excellent InformationAugust 21, 2019 by Stallion golf from United States
Great advice and information with a wonderful blend of topics! Loved the episode with the british healthcare professional and the ideas shared on how to make the industry better.
- Motivating and valuable informationAugust 16, 2019 by Calvin Javier from United States
Great insight on mindset from business leaders and entrepreneurs making things happen. Definitely worth your attention. Will be listening and learning more!
- Good informationAugust 2, 2019 by FIRE NATION! from United States
Engaging interview with a british health pro, I was surprised to hear the similarties and the application she has for making healthcare better
- GreatnessAugust 2, 2019 by MiaSportFanatic from United States
Have had the chance to listen to one show so far but man, we should be paying for this information. Lots of greatness. Thanks for the heart to serve.
- Listen to the experts - and thrive!July 28, 2019 by The Marketing Book Podcast from United States
There's a lot of advice out there these days but, sadly, a lot (and I mean a LOT) of is from people with little to no expertise. That's not the case with this gem of a show. Listen to what the experts say and profit from the experience!
- Show is amazing!July 26, 2019 by BestMorningRoutineEver from United States
I love learning about mindset and how to master my thoughts. This show provide the tools!
- Great show!July 19, 2019 by Jefferson_79 from United States
Great information for all businesses.
- Good value!July 12, 2019 by Audrey purplele from United States
Great information that applies to any business! I really felt he provided value for my time.
- Interesting TopicJuly 6, 2019 by Real Estate Journeys Podcast from United States
Interesting topic. Great interviews. Keep up the hard work!
- Helpful Advice from ExpertsJune 14, 2019 by ichuck2 from United States
Mario talks to experts in a wide range of subject matters and asks good questions to pull out helpful advice.
- What a great show!June 14, 2019 by Christopher List from United States
Mario really brings out the best in his guests. The police dog trainer had such a great story. Can’t wait to hear more!
- Great!!!June 11, 2019 by tommye w-c from United States
Great podcast, awesome guests, incredible host!!!
- Fun & informativeJune 11, 2019 by Saoirse Sky from United States
Some people want something fun, others want something informative. This podcast gives you both!
- Great show!June 10, 2019 by CJThomas6 from United States
Very inspirational show! Appreciate the advice and thoughts shared by the host and his guests!
- Great podcastJune 10, 2019 by Rosie81200 from United States
Great podcast! Love hearing about the guests’ journeys and what they learned from them.
- Never Stop Learning!June 10, 2019 by Terri in Fairhope from United States
Tune in to this great podcast and host! You're probably really good at what you do (top of your game...an Expert Authority), but there is always more to learn...streamline processes and gain more freedom in your life. It's not always about the bottom line. This one is worth a listen!
- Amazing!June 10, 2019 by KatieHBrooks from United States
If you're looking for inspiration, tune in to listen to Mario and his top notch guests. I find that I am always much more motivated after listening to an episode of Expert Authority Effect!
- Wonderful show!June 10, 2019 by @IV-Heather Tieben from United States
Mario is a great host & puts on a wonderful show. The quality of his interview guests and entire production is impeccable, I couldn't recommend Expert Authority Effect more!
- You Will Not Be Disappointed!June 10, 2019 by Composer 1853 from United States
Mario does such a great job of engaging his guests from several different disciplines.
- The hardest working man in PodcastingJune 7, 2019 by EOFire.com from United States
Mario brings the HEAT with real energy and FIRE...don't miss the meteoric rise of this show! ~ John Lee Dumas
- Great interviews and guests!May 31, 2019 by Mel Good Karma from United States
Thanks for hosting such great interview guests. Look forward to hearing more and kudos on so many a week and also videos!
- FantasticMay 31, 2019 by Jason A. Duprat from United States
Awesome podcast, going to be adding this one to my list. Interesting topics with great interviews, good sound quality.
- Enjoying!May 31, 2019 by Slordan from United Kingdom
Enjoy listening to Mario and how he opens up the conversations to ensure it’s as relevant to us as listeners!
- Nice variety and interesting topicsMay 31, 2019 by emjgreen from United States
Love the variety of topics presented here on this show. Looking forward to listening to more of Mario's show.
- Great Content! Great Interviews!May 24, 2019 by No BS Mompreneur from United States
Wow! Really enjoy listening to all these fabulous expert authorities!! Lots of valuable take aways that I can implement into my life. I will continue to listen and share with others!! A+++
- A great addition to build authority and create an impactMay 24, 2019 by Cloris Kylie from United States
A great addition to build authority and create an impact. Also, a different twist on the topic. Engaging. 5 stars!
- Filled with motivation and ideasMay 20, 2019 by Thomas O'Grady, PhD from United States
Mario does a great job interviewing and pulling the stories behind people's stories or success. Good pleasant listen. If you are in a journey of your own, these episodes will give some things to bring into your on life.
- spartancvMay 17, 2019 by spartancv from United States
Great job following your passion, your purpose and creating this podcast to help serve others! Keep up the excellent work.
- This podcast is the bombMay 10, 2019 by Posturedoc from United States
Mario always crushed it, and this podcast is another example of his amazing insights and knowledge!! Great work.
- Wow - love the video show.May 4, 2019 by Thehighenergygirl from United States
Thank you for the encouragement and tips on how to succeed on video and the repurposing idea.
- Motivating and Inspiring!May 4, 2019 by KatyJoyWells from United States
Mario brings such enthusiasm to his shows and his content is fantastic. I’m always learning new things to implement or new ways to grow, thanks Mario!
- What a great show!April 29, 2019 by Gene_HPLN from United States
Awesome podcast! Mario brings great topic, great guests, and it is very easy to listen to. I definitely recommend for anybody interested in business success!
- It's greatApril 10, 2019 by Ian Ryan from United States
Just had a chance to check out your most recent episode appreciate the great insight! Great delivery from the host & can’t wait to dig into future content.
- Love it!April 6, 2019 by Brendan @ Entrepreneurs&Coffee from United States
I love that this interview podcast doesn't feature the same old folks that everybody has on their show. Keep it up, Mario!
- Amazing!!!!March 15, 2019 by Lindsey Russo from United States
This show is so impactful! Hearing from the experts and how they take authority in their space is so amazing. Looking forward to more episodes!
- Learned what I didin't even know I neededMarch 15, 2019 by Camilla-Jean from United States
Great info. I love the Q episode because I get just quic interst snippets that may get me thinking about where my business might go.
- Fabulous Interviews!March 1, 2019 by Life&RelationshipCoach from United States
Mario does a fantastic job interviewing really interesting and successful business people who explain how they got to where they are - tips you won't want to miss when your trying to grow your business! Keep up the great work Mario! Coach Riana Milne
- A+ ShowMarch 1, 2019 by Gisele_Oliveira from United States
I love this show. It's so entertaining and I learn a lot from the interviews. I highly recommend this show if you want to level up his game as an authority.
- Inspiration, transformation, success stories!February 23, 2019 by Chabo101 from United States
The title of this review should just be enough but it is just more than that. Its life lessons, its listening to personal struggles and how they over came those struggles. Love to hear from people that change the world through their struggle and the lessons that i learn from them are just more than amazing. I love this.
- Great interviews!February 22, 2019 by AlyciaDarby.com PodcastManager from United States
These interviews are well done and his guests are prepared to give really specific insights and stratagies... great podcast, Mario!!
- Inspiring story of courageFebruary 16, 2019 by StrongHeart<3 from United States
I love that she found gratitude in her circumstances. lorie is an inspiration
- Powerful!February 15, 2019 by The Food Heals Podcast from United States
Mario's interviews cover a variety of topics and provide great value in all areas of your life! Episode 15 discusses how change is temporary and transformation is permanent which was really powerful for me. I love this message! Thank you!
- Great content!February 15, 2019 by Blakeob85 from United States
Great answers to common questions many entrepreneurs have! Thanks Mario for sharing your and your guests' insight!
- Real Actionable Tactics!February 9, 2019 by MattBMaverick from United States
What I like about Mario's podcast is that he pulls out actionable tactics from his guests that we, the listeners, can actually use. Great show!
- Great Listen!February 8, 2019 by Real Estate Investor from United States
Mario and his guests provide useful techniques to succeed in any business venture. The interview style promotes learning through real life examples of his guests. Great listen!
- Great interviews!February 8, 2019 by Matt B 1818 from United States
Love hearing these interviews and learning from people who are top in their industry. Mario is a great host and is not afraid to share his emotion!
- Love itFebruary 1, 2019 by Duffash from United States
I love hearing interviews of successful business women and taking away what I can learn from their journey. Mario is a great host! I have enjoyed what I have learned so far. Congrats on the launch of your new podcast!
- Strong, professional, enthusiastic!February 1, 2019 by pm legs from Canada
If you're looking for an interviewer who's going to take you to investigative places to help you be your best you, through your professional life, you'll love listening to Mario!
Watch The Episode
Subscribe to EAInterviews
• Sandworm | Andy Greenberg
3+ Expert Authority Insights™ To Apply Now
- I learned because I was spending the time to understand.
- The attack surface has increased over time, which means that you have just so many more different ways of doing things and people, they’re creative. So today is way harder than it was 10 years ago, and 10 years from now, it’s gonna be way harder than it is today.
- If you’re an organization, you have to protect yourself and every other company who sells you products.
- In security, you are trying to do something that’s pretty hard already. And then people are actively trying to subvert you, work around you, and sometimes lie to you.
- Security does way more than just finding the bad guy,it helps in many, many other ways.
Wheel of Whatever™
[50:16] So with all the stuff, the government and all the bank servers and all of that stuff, how protected do you really think it is? Do you think that has the highest level of security or do you think it’s more of anything that’s ever been breached has been willfully just given away? Is it more hackers or is it more just bad people doing stupid stuff they shouldn’t be?
What You’ll Learn In This Episode
Click the time stamp to jump directly to that point in the episode.
[0:48] Sponsor – Free Business Book Publishing Course
[9:36] Recommended Steps For Security
- Training your employees on some very basic security measures.
- Understanding if the environment that you’re in and what types of laws and regulations may apply to you
[20:42] HR is the most targeted department by hackers
[21:14] Kinds of Employee Security Training
- Send out phishing email and check if they will click on it
- Send over a fraudulent invoice, just see if they pay it.
- Just looking at the sites they go to
[27:53] What you need to do in any organization is to figure out what are your most important things, and then protect those at the highest level.
[30:07] Network Segmentation
- Low level security still needs to talk to the high level at some point.
- Identify like just the one or two very specific things at each of those two levels that can talk to each other.
[32:29] Development Test and Production Environment.
- They have what are called development environments, where they sort of do stuff. And then there are test environments where they test the stuff that they did.
[38:40] Hackers know how you’re going to act, they know what you’re going to do, because that is what they’re doing. They’re thinking about what you’re going to do.
[50:16] The Wheel of Whatever
- So with all the stuff, the government and all the bank servers and all of that stuff, how protected do you really think it is? Do you think that has the highest level of security or do you think it’s more of anything that’s ever been breached has been willfully just given away? Is it more hackers or is it more just bad people doing stupid stuff they shouldn’t be?
[52:01] Most organizations don’t spend enough on security to be totally secure. But they may be spending enough on security, if they’re accepting the risk.
[58:18] Things that I always bring to people’s attention on why they should be in general buying security.
- To enable their sales.
- Enabling a sales business differentiator
[1:02:14] Let’s Thank our Sponsor, Free Business Book Publishing Course
[1:03:59] The Imperfect Action Round
- Read the news and understand how that could apply to your business and sell that.
- They’re reactive rather than proactive. So thinking about what they can do for the future, their business from a security perspective, or from any other perspective and doing a lot of planning, rather than just reacting to whatever happens, the one who’s best planned is going to win.
- Understanding your customer and understanding what it is that they’re looking for.
[1:05:58] Gary’s Book Recommendation
[1:06:48] Sponsor, Free Business Book Publishing Course
Gary Chan [0:00]
My name is Gary Chan. You can find me at Alfizo.com. And you’re listening to EA Interviews.
EA interviews, Episode 250, inspiration, transformation, success stories and the imperfect action round seven days a week. Join Mario Fachini for today’s Expert Authority Effect Interview.
Mario Fachini [0:19]
Cyber security, data, people hacking into stuff stealing what you have built up. These are not good things if they’re stealing it, but that’s why we’re going to be talking about protecting it. I have none other than Gary Chan with Alfizo here today, we’re going to be talking about having cybersecurity like a big company, even if you’re a small or midsize, why it’s important, and why you shouldn’t wait another day to do something about it. I’m going to bring them up. Right after we thank our sponsor.
Sponsor – Free Business Book Publishing Course [0:48]
Every business needs a book, including yours, visit freebusinessbookpublishingcourse.com today to learn the seven steps to publish and promote your nonfiction lead and profit generating business book in eight weeks. Once again, that’s freebusinessbookpublishingcourse.com.
Mario Fachini [1:03]
Ladies and gentlemen, Gary Chan. Gary, how are you feeling today?
Gary Chan [1:07]
I’m doing awesome. It’s a pleasure to chat with you today. I love your show, Mario.
Mario Fachini [1:12]
Well, I appreciate that. I’m excited for you to share with an expert authority world because cybersecurity is something that I’ve thought about, we see it in movies, we see it in the news, we see it here and there. But the reality is, does everyone have… I’d even argue the companies who are implementing it are secure, I think it is one of those things where it’s like we know what’s important, but not it’s not the highest priority on a day to day for the average business. And I want you to tell us why that’s the exact wrong thinking.
Gary Chan [1:42]
Yeah, well, you’re actually quite spot on. Most organizations call me after they have a problem, not before. And let me tell you, it’s way cheaper to sort of do it up front. But yeah, I mean, most companies that they’re interested in are interested in getting to that next contract and making that next big whatever product announcement, and they’re really not thinking about it. What am I protecting ? They just want to be looking at it from a revenue perspective. And security is normally a sort of a cost, and so it just never rises to the level of, you know, prioritization, I’m assuming that’s, that’s the bottom line of it until they have a problem?
Mario Fachini [2:24]
Do you think it’s because it’s one of those things kind of like going to the doctor or laundry, where it’s just not fun or sexy or something?
Gary Chan [2:32]
I really think it’s just profitability. So whenever I go into organizations, they really are more interested in buying. So I guess, let me put it this way, right? When you go into a business, and the owner has a choice between investing, say, $10,000, in something that might possibly get the more revenue, whether it’s marketing and sales, or maybe a new product feature, or investing $10,000, in security, most of them are gonna say, well, I’m going to spend the $10,000 to potentially earn more money is not going to be I’m going to spend $10,000, in order to keep what I have, because so far, no one’s stolen from me, or at least they don’t know that something’s been stolen from them. And so they don’t just don’t prioritize it. And that’s really a very, very common conversation that I have.
Mario Fachini [3:23]
So let’s talk about that. Because here in EA interviews, we talk about profit, we talked about business, specifically growing both, and what’s the cost of not doing it? And, you know, oh, no one’s done anything yet. But I don’t really want to spend the 10 grand, what does it typically look like when someone does get hacked, something does get breached? What is the real cost of it, not just the hey, come fix it. But what is the real cost of that?
Gary Chan [3:56]
So the real cost? Really, I know, I hate saying it depends, it sort of depends. But let me explain that a little bit more, right. So for really small shops, it could put them basically out of business, right. So if you’re holding on to customer data, and depending upon what that data is, or even just your employees, social security number, and all the other stuff, you are on the hook, potentially, to pay a lot of different things to compensate the people for your whatever may have happened after you lost their data. And so it could put the company under. I know there are a lot of statistics out there. Some of them even say like half of small businesses go out of business within six months after a breach. But it also it there’s just so many different factors that can go into it. And a lot of the larger companies, right, like if they have a little bit of security, and they’ve only lost a little bit of data, you can do some sort of calculation to figure out, how much money that they’ve lost and things like Like that, if you think about how much this data costs, it’s a really, really hard calculation to make. And so I think the easier thing for businesses to do is to just assume it’s zero and then ignore it.
Mario Fachini [5:15]
Yeah, and you can have two different mindsets through I mean, if you’re going, oh, we lost a terabyte of data. It’s like, ah, that’s like, what 50 bucks worth of hard drives? Well, maybe you have some enterprise class with helium inside of them. And they’re 500 bucks a hard drive. But that’s not what you’re, you know, that’s not the correct comparison. If you ask me, it’s really, what is the relationship? What is the reputation, I mean, whether you have 1010 clients, 10,000 or 10 million, it doesn’t really matter about specifically those bits of data. But the years that they represent and the relationships and all of that, that maybe you didn’t lose anything, maybe nothing was stolen, but the fact that it’s even breached, what does that do with the trust of your customers?
Gary Chan [6:02]
I completely agree, and I think it’s actually easier to look at it in terms of past breaches, and kind of what happened, right, so like, for example, Target, I mean, everybody knows about that, one where they got breached. And then basically some people lost their jobs. But then, you know, they also had to pay, you know, all these legal suits millions of dollars. And then they also, basically, gave like, a 10% off coupon to everybody, right. So that’s a lot of money that they can, that they lost. Some of these other companies, when they get breached, you know, they’re down for, you know, days at a time or maybe even weeks at a time, right? So can you put a measure against that, so there’s this one company, that’s kind of down the road to where I am. And basically they called me after they had a breach, right? So, and so, they’re like, hey, Gary we’re down, we just turned everything off, because we think that there’s a breach and so on, so forth. So I went in there, and in about 10 minutes, I showed them exactly what went wrong, it wasn’t actually a breach in that particular case, and I could prove it, and then they could go back to work, but they lost an entire day’s worth of work for all of their employees, right? So, um, you know, in terms of the total cost is just so different for every business, it could be you, whatever the cost is, for a day to whatever the cost is, for a week’s worth of work, or maybe it’s a reputational damage, where now are you going to trust them? Right. So with Equifax when they lost, you know, a lot of data years ago,where basically all of our security numbers and credit information, so and so forth, that was a pretty big deal. And then, of course, whenever the government loses our data, like, they lost a lot of the people who got the government security clearances, they lost a lot of that data, what’s the cost of that, even if you don’t put money against it, whenever those people traveled to a foreign country, and if that foreign country has a lot of that data, they now have a lot of data that they can use to blackmail that person, right. So I really don’t like putting things in just the, what’s the monetary cost, which I think is the problem whenever we try to sell security, but really looking at it from all these other angles to that are really, really important for a lot of businesses. But it just isn’t front and center all the time.
Mario Fachini [8:36]
What’s the first thing that someone should be doing to protect themself in situations like this, because I realize that maybe you’ve got a staff of 10, maybe you’ve got a team of 10,000. And those are two different scenarios, and again, dependent on industry, and I feel for the smaller to mid size, because I know of situations where it wasn’t like someone was hacking them. Like in swordfish, it was just, someone put the wrong thing in the wrong place that got uploaded in the wrong spot, this that the other thing, and it just turned into a mess, it could have easily been prevented. But it really is more detrimental to the smaller companies because it could be everything to them. And I’m not saying if you’re a big company, by all means lose half the data, it’s fine. But they’re just two different situations that all of it starts with someone the machines didn’t do it. It’s a person somewhere. Where do you recommend the first place that someone starts to go, Hey, we’re going to take this seriously, what’s the first step?
Gary Chan [9:36]
So I think you kind of alluded to it right, which is employee training. So I think that they’re actually a couple of things that I recommend. One is employee training, and two is just to understand the law and regulations that apply to you. And I’ll sort of talk a little bit about those two things. So in terms of training, I think everyone at this point has heard, let’s make sure that you don’t click on phishing links. And let’s make sure that you go to websites and only download from trusted things and your phone and all these other things, right. And let me tell you, in my years of experience, everyone believes they’re doing it, but very few people are. So, you know, people will cancel that update, they’re going to click on those links, I’ll tell you a little story. For this one organization, they asked me to just help them because they actually opened with almost exactly what you said, which is, we think our people may be the greatest risk here, and we’re just, we just want you to look at their email, that’s all we want you to do. So okay, that’s fine. Right. So, um, sent out the emails to 1000s of employees, and tried to get them to click and give me their password. And at the, you know, basically at the, at the briefing, or rather, at the debriefing, I said, you know, you guys think that you’re pretty good, about 20 to 25% of you, I forget exactly a number actually clicked on it. And actually a large number, more than half of those who clicked on it also gave me their username and password. So you need some training, right? And so they’re like, yeah, yeah, let’s, let’s get some training. Right. So everybody was required to watch this 30 minute video on what not to click and then we did the exercise again. And so we did the exercise again. And I said, hey how many of you in the room right now think that you are much better prepared for fishing? And basically, everybody raised their hand, right? Because nobody wanted to say the training was useless. And I said, Well, let me tell you, 50% of you gave me, you know, clicked on it, and even more people, percentage wise of that, in the last time gave me their username and password. So I think the problem is, is that I, that you took some training, and you thought, you’re better, you were more confident, and you didn’t actually learn, I looked at what you did, I learned because I was spending the time to understand and then I craft is something that everybody would want to click on. So this is just the stuff that when we say training, I don’t mean a 30 minute video, I mean, something a little bit better than that. And then, just the second thing very briefly, from a legal and regulatory perspective, and first off, I’m not a lawyer, so I’m not giving legal advice. But a lot of companies really don’t look at what are the things that they have to do and actually surprises me, when I talk with some of them, they say, Hey, you know, we had some people knocking on our doors and their auditors asking about security stuff, and we don’t have any, and I’m like, Well, how can you possibly be doing that? You didn’t have a lawyer that kind of walked you through some of the stuff that you need to do. And so that’s just one of the things that I learned is, those two things are really, really important. One is training your employees on some very basic security measures. And then secondly, just understanding, you know, if the environment that you’re in and what types of laws and regulations may apply to you.
Mario Fachini [13:14]
Yeah, it’s interesting, because I’ve seen emails even recently, usually, it’s from banking places or things where you’re checking out stuff for processing things because it’s so easy to say, hey, we’re doing an update the terms and service yada, yada, yada, click here to consent to the thing in some of them, you know, when they’re coming from xyz.com maybe you shouldn’t click it if it’s supposed to be a certified whatever. But they’re, like you’re, you’re saying you can be so good at it and masking them over. I remember an instance on eBay, I was trying to buy it, go figure a video camera years ago, and I lost 1000s of dollars, because it looked like a legit link and everything and I come to find out send the money Western Union this that the other thing and I felt horrible. I mean, I took everything I had to invest in this for my company, it seems like decades ago, but it was just like they had faked the site so well. And again, to your point, I’d like to think I know what I’m doing and I’m familiar with this stuff, but I just remember sending the final email that’s like I’m in college I hope you feel good about yourself you’re stealing from a college kid that’s trying to do something this that that if you have a heart please send it back or the camera. I didn’t really care which one it was, I just really actually would have preferred the camera because it was awesome. But it was just like wow, you know what I mean? The people that are out there it’s like I’m not advocating be Robin Hood and steal from the rich to give to the poor because there’s a lot of rich people doing good stuff and it’s not like all big companies are bad but you gotta be a special kind of stupid to be like stealing from college kids and people just, you know what I mean?
Gary Chan [15:07]
Yeah, no, that’s a very sad story. Oh, my gosh, this stuff. I really don’t know what motivates and I think everyone has a different motivation, but just the things that people do. It’s just not right.
Mario Fachini [15:23]
Yeah. And it’s why now I like helping people going, Hey, here’s things to consider whether it’s business or not, hey, I get family, friends, relatives going, Hey, what do you think about this? And I’m like, it’s not always fishing stuff. It’s just anything dealing with business or marketing or advanced tech, or whatever. And I’m like, yeah, I wouldn’t do that. Or call the company that asked for this. He asked these specific questions, because sometimes why I love marketing is because some companies are really legit, and they’re good. They just don’t know how to communicate this message. Like you’re doing very eloquently right now, I must add, and some people just can’t communicate it. That’s not doesn’t mean they’re a bad person or a bad business. They just literally can’t communicate it. And there’s other people that are so effective at communication, they use it manipulatively. And it hurts me, because I know, that’s the breaking point. For most of them out there. I think there’s more good people out there than bad. But that’s why I think it’s so important to be getting this out there to go, Hey, here’s things to consider before you do it. It’s not just If it sounds too good to be true, it’s probably not. Matter of fact, I got something last week, it wasn’t the Nigerian scam or whatever. But it was like,Merry Christmas, may God save your soul. I’m an old lady on my deathbed, I want to help more people. I only hit you know, I unfortunately only have $5.5 million. But I’d like to donate it to you and your cause. And I’m like, is this a viewer of the show’s listener? What? Where’s this coming from? Like, but at the end of the day, you know, what is it that filters it through a brain cell?
Gary Chan [17:01]
Yeah. And that almost certainly a scam I, what I really don’t like is during this COVID the amount of scams that have gone up with job related scams, or, you know, it’s, it’s a lot, so like, the people will post fake jobs on there, hoping people will apply. And one of two things happens. One is they apply, and then they never hear from them. Because they took all of their personal information, they asked for a social security number, they asked for all this, that and the other during the application process, and the applicant gave it. The other is that they offered them the job and they say, look, in order for you to start the job, we need you to put down a deposit of $4,000 that’s typically the rate $4,000 to pay for the training and the computer, but you’ll get the money back within the first month. Um, and then they just take their money, right? You know, and they’re taking it from people who just lost their jobs because of COVID. And that’s just horrible.
Mario Fachini [17:58]
Yeah, and it reminds me of like, oh, for your uniform and shoes, it’s like, what are these Dolce Gabbana shoes that you’re buying? What do you need, in what company makes the employees pay? I remember having to deal with that. And I’m like, you’re making me pay to work? Like, this isn’t even a cool outfit. I don’t want to wear it. Yeah, there’s like zero incentive. Like, I don’t even really want to work here. I haven’t even got a paycheck. So I’m glad we’re talking about this. So you’re talking about the training? Do you do any follow up with training or advise it to your point of don’t just watch a 30 minute video, but do you go, Hey, we’re gonna do a 3030 day or anything where it’s like this comprehensive. Okay, we’re gonna do stage one, and then you engineer stuff for weeks two, and three to see if anything’s changed. Because what I’m hearing is, you need to create the habit, a good habit of protection, because most of this is just people don’t think twice about it.
Gary Chan [18:59]
Yeah. So a quick quiz for you. And then I’ll answer your question. Which department in a company do you think is most targeted by hackers? You know, via email, right, sending them to do fake emails, emails with you know, malware or whatever it is, which department?
Mario Fachini [19:19]
I’m not going to search Google over here or ask my friend who starts with it over there. But I am going to see if I can get some qualifying info, what niche, what industry, there’s a lot of…
Gary Chan [19:30]
Any industry on average. So a big company with, say, 1000s of employees, they’re all going to have…
Mario Fachini [19:36]
So there would be accounting, HR, sales, marketing.
Gary Chan [19:40]
Mario Fachini [19:41]
It’s not marketing, I would naturally think it’s probably not accounting because I would think they’re a little bit more to the money side. But let me ask you, are they trying to steal the money? Are they just trying to get info, I say HR.
Gary Chan [19:55]
They’re just trying to get in which doesn’t which could be anything.
Mario Fachini [19:58]
Gary Chan [20:00]
That is ding ding, ding, that’s actually correct. Very good.
Mario Fachini [20:04]
Oh, thank God, we’re gonna do a quiz. I’m like, wait a second, I need some stuff here. But you know, because of marketing and sales, they might not have the info, they’d have the sales numbers, but they’re probably not going to have the mission critical accounts. Accounting, literally, I think they’d be more aware just because they’re dealing with that stuff and could sniff out HR, I think it’d be a happy balance of they know enough, but not so much that it would protect them, but they still have enough access to the records that it could do damage.
Gary Chan [20:37]
So I think all of that thinking makes a ton of sense. I would add that HR is used to getting external emails from applicants. And so they’re saying, open this email, it’s my resume. And that’s their entry point for malware to steal, or whatever. So you’re right, on all accounts, and I would just add that one minor, one minor thing.
Mario Fachini [21:03]
Yeah, because I’ve seen those other ones where it’s like, this is not an internal email. And I forgot about that, where they don’t even allow external emails, but HR would be vulnerable to that.
Gary Chan [21:14]
Yep. Yep. But in terms of answering your question of training, so I’ll first caveat with, there’s a very limited amount of training that executives are generally amenable to. One, they don’t really want to spend the time or money on it. And so what I’ll tell you is pretty much the maximum that is, I guess, that companies will ever do, but it’s certainly not even 10% of what I would suggest. So what they’ll typically do is do phishing emails, you know, something like that. So I’m sending out every month, just fake email, see, if you click maybe ask you for your username and password, something like that. So I think the next level that some organizations will do is they’ll actually have it the same thing, but a little bit more specific. So if you’re in the finance department, like, what you’re saying, right, you got to pay bills and things. So send over a fraudulent invoice, just see if they pay it, so I’m here to let you know, there’s stuff that you can do very specific to two departments. But of course, there’s a ton more that you can do beyond that, from a training perspective, just looking at the sites they go to I mean, one of the reasons companies don’t like you looking at porn is is not necessarily because of the porn, although that is an issue. The second it’s really, the malware with you tried to go to a porn site, a lot of times they make money because they’re installing malware on your computer at the same time. So yeah, there’s a lot of training that you can do, like, you know, blocking that stuff, and then throwing up a page to say, Hey, you know, here’s why you shouldn’t be doing these things. Although a very funny story, I’ll just tell you,there was a guy, so he was looking at porn, like, on his computer, on his work computer. And so I called him up, I said, look, it’s against policy. You shouldn’t be looking at porn on the computer. Just don’t do it anymore. But yeah,I really don’t want to worry about him not gonna report, you just don’t do it. He’s like, hey, you know, this is awesome. And I was like, wait, what? And he’s like, you gave me a call? And I’m like, okay. And he’s like, well, now I know that you’re actually monitoring my computer for malware. You see, I know that porn sites usually have a lot of malware on it. And that’s why I didn’t want to use my personal computer. And now that I know that you’re monitoring it, I’m just going to use my work computer. People think in very different ways.
Mario Fachini [24:00]
Wow. That logic is interesting.
Gary Chan [24:09]
Yes, it is. I’ve had a lot of very interesting conversations with people. If you go up to people and you say, hey, I, I caught you doing this, don’t do this. Or if you just say, hey, you know, I saw that you kind of did this. What were you thinking? If you take that second approach, sometimes you’d be really surprised at what you hear.
Mario Fachini [24:29]
I think I just figured out what I’m gonna ask you in the next segment.
Gary Chan [24:34]
Mario Fachini [24:35]
You seem like you have all kinds of funny stories you could share.
Gary Chan [24:40]
Oh, yeah, that’s what I do kind of every day. So they’re serious stuff, which and then there’s the I don’t understand why you were thinking this.
Mario Fachini [24:50]
Let me ask you this, because I remember wow, it’s been a few years, but I remember dialing up and people were always don’t giving your credit card online, people can steal it this and that. And my argument was always that you think it’s safer giving it to some random Joe Bob at a restaurant when it’s not encrypted, and they have all the time in the world in the backroom, to copy it, take a picture of it and do whatever. I mean, I am literally writing down the numbers, this is before camera phones. But I see it two ways, you could say that the internet was smaller and less protected than and there was less traffic on it, and people were less educated. And I believe that’s true. And you could say, now, it’s harder to do some of that stuff. But what do you think? Do you think that the attacks and the scams and all this stuff has increased? Or do you think it’s more protected now? Because it’s been around long enough? I mean, when you got a Windows 95 PC, no one was like, oh, gee, does this, you might say, oh, it comes with McAfee virus scan, and it’s included in the bundle and no extra cost. But people weren’t really thinking and there were no big stories of you know what I mean? There’s just less out there.
Gary Chan [26:01]
This is an easy, easy answer. The attack surface has increased over time, which means that you have just so many more different ways of doing things and people, they’re creative. So today is way harder than it was 10 years ago, and 10 years from now, it’s gonna be way harder than it is today. So it’s only going to become more…
Mario Fachini [26:21]
It is harder to hack now?
Gary Chan [26:24]
It is no easier to steal, easier to do all these things, it’s much harder to protect.
Mario Fachini [26:29]
Oh, I see.
Gary Chan [26:31]
Mario Fachini [26:33]
Gary Chan [26:34]
Much, much easier, because there are just so many different ways to steal. Nowadays, think of all the different software that you have on your computer, you probably have more software and applications now than you did 10 years ago, and more than 10 years before that. And so just even those, yeah, it’s just an immeasurable, today, or rather, I think it was like, December 13, or something, you know, that there was a hack out the solar winds, what they’re calling the solar wind sunburst hack. And, you know, that was when they basically hacked one IT company and created a mighty software. And that gets used by a large number of organizations, including government entities. And because they hack that, basically, they now have an entry point to all of the other organizations, too. So if you’re an organization, you have to protect yourself and every other company who sells you products. I mean, that’s crazy.
Mario Fachini [27:35]
Do you think that there’s any system short of being air gapped that is truly safe?
Gary Chan [27:44]
Now, I don’t, I don’t think so. At least not inherently. Now, that doesn’t mean you can’t be relatively safe, right? It’s just a risk calculation. So what you need to do in any organization is to figure out what are your most important things, and then protect those at the highest level, you’re not going to protect everything at the highest level, because it’s just too expensive, right, you’re not going to have guard dogs and 24 by seven security with like cameras and everything. I mean, I got to do that for everything. So you just pick the four or five really important things, you put it there, maybe if it’s your Coca Cola formula, that’s your one thing, you do that. And then you’ve got your next tier that you have, and then you have just you just have, depending upon how many things you have, you just have different layers, different tiers, and you protect them at different levels. So that’s your most cost effective way of doing things. And typically, what happens is a criminal, they’re going to start at the lowest level, right? I mean, they’re going to, they’re going to try to break into the place that has the fewest locks on the doors, or the ones that that you know, have it broken locks or whatever, then maybe they’ll pick the ones with like, a lot of windows on the first floor, right? So, you know, they’re going to start out easy. And once you start seeing that you’ve started to get stuff broken on the first your first floor windows are always broken, then you know that you really need to either beef that up or you know, just you know, accept the risk that you’re going to lose that data, but then you need to strengthen at all the other levels accordingly.
Mario Fachini [29:17]
Is there anything you can share with the expert authority world in a short, brief ish answer, I’m sure it’s pretty elaborate. But how can you protect it and segment that like that, but still have it in a way where you can communicate because I realize I’m thinking of the original mission impossible from the 90s when it was like they broke in and there’s a sensor on the floor and the lasers and a retinal scan and only that machine that wasn’t connected to anything. It’s like, okay, that’s probably pretty secure, especially if it’s a military base that has radar all over the plane and RPGs and all kinds of stuff might not be for the common business or it might just be such a pain to access it. You lose all productivity, how do you find that happy medium?
Gary Chan [30:04]
Yeah, so I think it’s pretty straightforward. network segmentation is probably the first thing that I would say, right. So if you have, let’s just say high level of security, low level of security, keep it simple, right. So if you have a high level of security, then everything in there has the latest and greatest software for security, you’ve got your 24 by seven monitoring, you know, whatever that is, but then everything within that segment can talk to each other, then you have the lower level segment where maybe you don’t have as much security, and they can all talk to each other. But as you said, you know, your low level still needs to talk to the high level at some point. So you need to basically identify like just the one or two very specific things at each of those two levels that can talk to each other. So you have sort of like a middleman or like some sort of gateway between that, where now you say, okay, you even though you’re in the low level, we’re actually going to give you a higher level of security just for you. And then you can be that middleman to sort of send data into the high level stuff. And at the high level, you say, Okay, I’ve got stuff coming in from the low level, and I’m going to actually check everything that comes in from this guy, because even though he has some security on it, I still don’t trust it. So I need to review that. And so you do some what’s often called a V and V, I forget what that’s called, something validation, you know, wherever you go between the two levels. And so that’s how you would sort of address the concern that you’ve brought up.
Mario Fachini [31:39]
Okay. Well, I appreciate the insight on that. Because it’s so voluminous, there’s so much out there with how crazy you can go with it. And I know at some point, and I don’t think a lot of people realize that it can get to be more than just software, or more than just a specific box or a server. I mean, you could always have different boxes, different networks, different kinds of stuff. But there’s a point where it comes into real life in the physical realm where you might have the critical mission critical stuff, literally on a military site somewhere. And the other stuff, it’s just in the other room next door that someone can break into the building, steal the whole server, and you don’t need to hack it at that point, you just plug it in at a new location.
Gary Chan [32:23]
Yeah, and that’s exactly what a lot of hackers do, is because usually you have what’s called a development test and production environment. And what that means is, you know, if you go to bank of america.com, or you know, whatever google.com, those are all production environments, which means that it’s, you know, people are using it for real, there It’s live. And then what you have is you have these other environments, because software developers, they’re not going to develop in the live environment, right? Imagine if you were doing… Imagine if the developer all of a sudden was like testing out stuff, trying different colors, and it started changing on your computer screen as you’re doing things like that wouldn’t work. So they have what are called development environments, where they sort of do stuff. And then there are test environments where they test like the stuff that they did. And those oftentimes, will have actually the identical data from the production from the live site, because they want to be testing it on real data. That’s actually a really bad practice from a security perspective. But it’s very, quite unquote, good practice, if you’re just trying to do customer service, because now you can totally test everything. Well, all the hackers know this, so they just hack those. So like, you know, because those are usually in a lower level of security, if you will, back to what we earlier talked about. And so I can totally break into that and steal the same information, why wouldn’t I do that as a hacker?
Mario Fachini [33:46]
So good point, you got me thinking about a few things with my team. And thank you for that. I mean, it’s something yeah, it’s like, let’s put the highest security over here. But if you’re still taking all the data, you got encrypted thumb drives, and hard drives and all kinds of stuff, and you got an escort at the airport and all these things, but then you get in the cab, and you just throw it on the seat next to you.
Gary Chan [34:11]
Yeah, the funniest thing is, is that, and this is why it kind of goes back to when we were talking earlier about training, is that I can sort of map out exactly what people are going to do, because people think the same way, especially people in companies. And so, like whenever you do like passwords as a very basic example, right?Whenever you have to, when you add a policy that says, you need to have a special character. What do people do? They add an exclamation point at the end of whatever the password was supposed to be. Okay, that’s just what they do. And if there’s a letter and numbers are required, the numbers are at the end of that, so it’s a number and followed by an exclamation point. And then if and then you’re like, Okay, well, let me let me change this up, you have to have like, all of these things, and you and you have to change it every 90 days. Well, what do we know? That’s 90 days? It’s the seasons. So a lot of people will do something like, Summer 2020 exclamation point. And then when they change it, it’ll be winter 2020 exclamation, seriously. So yeah, no, this is extremely common.
Mario Fachini [35:23]
You piqued my interest with the first part of what you said, but I don’t think I’ve ever in my life used the seasons.
Gary Chan [35:29]
And that’s okay, then you’re not one of those people. But people will do that. Or they come up with a pneumonic. So they come up with, like, their favorite things to have, you know, that they like Batman movies, and you know, that for one particular thing, they use Batman, well, the process of probability than having a password somewhere else is like having like Joker in there is pretty high. So you can do these sorts of things. So it’s just pretty funny what, what people do, because you can predict kind of what it is, I used to work with a lot of dmvs, to look for fraud, and what some people would do, and the reason why they take the photo ahead of time now versus do it, you know, because you used to be that they would ask you for all of your documentation and say, you know, where do you live and all this stuff? And then they would say, let me take your photo. Well, what they found was that people would like, show them the fraudulent documents, because they’re trying to get a fake ID. And then they’d be like, we can’t accept this fraudulent, we can’t accept this, because we, you know, it doesn’t pass whatever, right, they wouldn’t actually tell them that they thought it was fraud, they would just say we can’t accept this. And then what would happen is the guy would just like, you know, bail on them, right. And because they’re not going to take, I mean, they’re not going to be like, well, we’re not accepting your, your, your, your documents, but we would like to take your photo anyway. I mean, if you’re committing fraud, you’re gonna leave, right. So what they’re doing is they’re taking the photos first. So that way they at least have a picture of you, even if they don’t go after you. But the point is that those people who go in a lot of times they would steal, you know, if they had a if they had like a twin, you would always, they would be taking their twins information or if they don’t have a twin, and they’re in college, they’re going to be taking the roommates information. So you know exactly based on the demographic based on a little bit of that person, you know exactly what they’re going to do. And if they got caught, like I could tell you, and I won’t tell you on this show, because they still use these checks, what they’re going to do the following week. And then they’re also going to go to the next location, not that location, right. And so you actually know exactly what they’re going to do. And they’re just going to show up there and you can predict it like clockwork, it’s pretty interesting.
Mario Fachini [37:44]
And you’re just talking about stuff that people will do just from thinking and stuff. You’re not even talking about passwords, or port sniffers, or anything where you can be going through tons and tons of data automatically. I mean, this is just, what’s the term for it. It’s just like, I’ve seen it, like where someone just calls on the phone, and then they pull up YouTube videos of a baby crying like psychological hacking or behavioral.
Gary Chan [38:10]
I don’t really know what it’s called. But I guess it’s behavioral understanding.
Mario Fachini [38:15]
It’s a type of phishing. But there’s people who will call customer service, that if they don’t have your info, they have like a baby crying over this screen. They have yeah, the husband yelling over here this scenario. That’s it?
Gary Chan [38:28]
Yes. Yeah, no, they do all sorts of things. And all the other stuff that you mentioned, looking through logs, and, yeah, totally do that as well. Right. But it’s just like, the point is like, there are just so many things that hackers know, they know how you’re going to act, they know what you’re going to do, because that is what they’re doing. They’re thinking about what you’re going to do, whereas you’re doing other things, and you’re not thinking about it. And then they come up with all these other things. So then you now need somebody else to go and look through it and, and make sure that you weren’t hacked, whether it was social engineering, or whether it was some sort of technical thing that they did.
Mario Fachini [39:02]
See. And the crazy thing about this, just like with most criminals, they’re not stupid people. There’s some of the smartest people on the planet, and they could be using all their powers for good. They’re not but you’re no slouch. If you’re doing this.
Gary Chan [39:16]
I agree and if you’re that bad guy, you’re granted a lot of them. They’re not in the US. So it’s the laws and the rules, they’re different in whatever country that they’re in. But like they have different how do you say I lost my train of thought
Mario Fachini [39:40]
Gary Chan [39:43]
Yeah, that culture is beliefs. But the thing is like they’re going to be, this is like their livelihood. Maybe they didn’t have the opportunity to be doing defense for whatever because that’s just not what they don’t have any companies that they’re doing that. Right. So they don’t want to get caught. They’ve got completely different incentives. So imagine if I told you that you had no choice, that there was no real quote unquote, job that would pay you to go do the marketing things or being on the air, you have to basically go steal. And by the way, if you don’t do this properly, you might get caught and go to jail.
Mario Fachini [40:26]
Or get your hand chopped off or something.
Gary Chan [40:29]
Yeah, right. So like, wouldn’t you do a really, really good job?
Mario Fachini [40:34]
I don’t I don’t like those options. Can I phone a friend? Right? Or better yet? Ask the audience. Right? No, I get what you’re saying. It’s just, that’s the thing, the human potential is so unlimited, it just really always comes down to what people are using it for. It’s not that it’s not possible. That’s why I was asking you if it is ever 100% secure, and it’s like, if someone is determined enough, they’ll take a bulldozer or steal a tank, drive into the building and find the room that they need to to get access to the keycard or whatever. Yep, that’s crazy. How did you get into this?
Gary Chan [41:12]
Um, so basically, one of my, I guess my earlier Jobs was in security. And it was basically just because I saw a pretty cool job description that somebody wrote, and I applied for it. That was it, it was just a good job description. I like technology. I like just sort of thinking through things and the way it was written, I don’t remember what it was. I just remember I liked the job description.
Mario Fachini [41:40]
And what have you found been from being in the industry so far, you’re still liking it?
Gary Chan [41:45]
Oh, I love it. I think that this is the only industry where you actually have people who are trying actively to stop you from doing your job. So like in any other job, you can get really, really good at, say physics, right? But you don’t have somebody who’s like trying to stop you from figuring out that theorem. In security, like you are trying to do something that’s, you know, pretty hard already. And then people are actively trying to subvert you, work around you, and sometimes lie to you. Right? So like, if I’m working a case, and I find that, you know, so and so, you know, did something, then, if you’re that person is not going to just be like, Yeah, you got me. They’re not going to do that, right? Because from their perspective, if you catch them, and you were hired to investigate, and that person was the culprit, if they admit to it, they lose their job. So like, no, they’re not going to admit to it, they’re just not going to do that. So, yeah, no other job do you have actually people who were actually trying to not work with you.
Mario Fachini [43:02]
I never really thought about it like that. Because I mean, in most industries, there’s a challenge and people like that, but to the degree that you do all this cool stuff today, got a great episode. And tomorrow, they’re like, hey, we took everything screw you like, what? Right? Again, don’t like that too much. So it’s an ever changing Rubik’s cube of a challenge. It’s not linear.
Gary Chan [43:28]
It is. And I would say that we talk a lot about, you know, investigations where people get caught, and, you know, so So, I also always want to point out that security does way more than just finding the bad guy, like, it helps in many, many other ways. So I’ll just give this other example, there was a guy who was going to be let go, don’t really thinking that the security guys were firing, but actually trying really hard to not ever make a recommendation to fire somebody. It’s, it’s, you know, this guy, basically, you know, he had two people complain that he was looking at porn while on their computer site, while on the computer while on the work premise. And basically, they sent it over to it, it pulled up the pictures. And, and, and they said, Yeah, he was looking at these nude photos. And so they were HR was gonna go fire them. And, you know, then, for whatever reason, I don’t remember why, like, I heard about it, and then I talked to the guy and I was like, you know, I talked this guy, he doesn’t doesn’t seem like somebody who would do something like they just doesn’t seem right. So let me know, I’ll just do it for free in my own time. I just want to take a look, just let me take a look right. So I looked at it and it turned out that this guy basically was not looking at porn. What had happened was he went to a news website that had a pop up. That happened to have nude, you know, image in it and The people that walked by who complained about him happened to be walking by right when that pop up came up, he clicked it away, he wasn’t even thinking about it. Right, he just clicked it away. And I can prove that it was an ad that was pushed to him that he didn’t even know about. And that’s why he was really confused. Like, I never looked at anything and so your security guy can actually help you actually get out of jail, so to speak. So there’s, uh, you know, that’s, that’s one example. Another example that a lot of people call me about, is like, they send emails out and their newsletters or whatever, they go to spam. And you can, your marketing guys can do all they want to try to optimize the time that they send it, what words they use, but the bottom line that goes to spam is kind of useless. And who actually filters stuff, security guys filter out the emails, so knowing that you can actually improve and optimize how you send out the emails to like, get through, like three times as many into people’s inboxes, right, just by simply configuring your email better. So you can use security to do pretty much anything. And then of course, if I sort of, you know, help a company do that, I can turn around and go to another company and say, Hey, I’ll help you filter out those guys. newsletters, you know,
Mario Fachini [46:20]
How do you do that, that I’m interested in from a marketing perspective? How do you get a higher opt in and conversion rates?
Gary Chan [46:26]
Oh, well, there’s a large number of differences… So when the way these spam filters work, is they actually we’ll look at a lot of different attributes in the emails, there isn’t enough time to talk about all of them, but just at a highest level, imagine that your email comes with a lot of attributes, like did you send it from an email address that you own? You know, was it from a particular domain? Are you also mixing it with other emails that previously were flagged as spam? You know, like, when people click on the, you know, this is a spam button? Are you sending out 500 emails an hour? Or are you sending out more like two or three emails an hour versus whatever, right? So there’s your IP address, your country that you’re sending it from, they’re like, they’re like 100 different things that the spam filters look at. And then when you reach a certain number of points, so as you get so many points for everything that you do, when you reach a certain number of points, then you’re probably spam. And so then you end up basically in the spam box,
Mario Fachini [47:33]
Or if the message has 15, click here to buy buttons on it with not much content.
Gary Chan [47:38]
Yeah, that would, that would probably trigger it as well. So anyway, there’s stuff that you can do. That’s not just content related, but that’s also with your email and stuff like that. So that you can then increase the probability that it lands in particular inboxes. And if you get really detailed, you can say, well, Gmail does these specific types of filters. Microsoft Office has these particular types, filters, and you actually want to send different newsletters to each of them. Because the spam filters handled it differently. I don’t know that anybody cares that much. But you could actually get to that level of detail. And then actually you’ll get a much higher level of delivery. from that.
Mario Fachini [48:20]
Wow, that’s kind of I knew some of when you started talking about the score. And the points. I know, I’ve seen spam index, and it’s like, you don’t want it above, like you said, so many points. But I didn’t know there were that many. I know if you literally if you put like a dozen Click here to buy links. That’s not a good thing. Like you can get away with, you know, 1, 2, 3, maybe even up to five but I’ve seen I’ve received some where it’s just like, you’ve got a dozen links and three sentences in between them. It’s got to have that balance and the weight and everything. So, but I appreciate you bringing that up. We’re going to have fun. Wheel of whatever now and thank our sponsor, and come back for the imperfect action round. So now I get to ask you a question. It’s not like I haven’t been doing it this whole time. Come on. Here we go. I’ve got two questions. I want to ask you about one of them’s kind of softball. Let’s see where it lands on black or yellow. What is it on? Oh, right on the border of both. One of them was going to play softball with Mac or PC but the real one I want to ask you is are you willing to go there?
Gary Chan [49:42]
Oh, you know, we can talk about whatever you want. I do have my biases though.
Mario Fachini [49:50]
One of them is the argument of Mac or PC. I’ve been hearing that for decades. The other one is dealing with things like government facilities and anything electrictronic and all the you’ve touched on the government stuff a lot. I’d actually rather go there because, you know, can you go there? Are you willing?
Gary Chan [50:10]
Yeah, I mean, you know, I, I don’t know what the question is. So it sounds good.
Mario Fachini [50:16]
So with all the stuff, the government and all the bank servers and all of that stuff, how protected do you really think it is? Do you think that has the highest level of security or do you think it’s more of anything that’s ever been breached has been willfully just given away? It’s not so much it’s a breach? It’s just more hackers? Or is it more just bad people doing stupid stuff they shouldn’t be?
Gary Chan [50:44]
So that’s a really tough question. What I can say is, in general, I think most people are more concerned about compliance than they are about security. So what are the laws? What are the regulations? What’s the bare minimum that I have to do to not get fined? And if I were to get breached? What is the bare minimum that I can do so that I can go to the judge and say that I did my due diligence, which again, just goes back to compliance, which is did I meet the minimum requirements that are required by law and by regulations? So that is generally what I see. I would say that there are some that whenever companies are breached, there are some times it’s because the hackers got in other times is because, so an employee just didn’t take security seriously. Or maybe he just had a bad day, right? So I don’t want to put mal intent in there. But it could be anything, or maybe someone who’s just suddenly got lucky, right? The door happened to be open for 20 seconds, because they opened the door, because, you know, something, they were connecting up a new vendor, and then the hacker just happened to find it that moment, right. So there’s just so many different possibilities, I think it’s really hard to ascribe it to one or two things, what I would say is that most organizations don’t spend enough on security to be totally secure. But they may be spending enough on security, if they’re accepting the risk. Most organizations don’t accept the risk and they will blame somebody and then fire somebody if something bad happens. But that was actually a conscious decision initially, to just say, hey, I’m not even going to bother putting in security here. So it’s kind of one of those things when you’re in charge over there, and you do get breached, you want to point the finger at somebody. But whenever things are going, well, you’re not going to want to spend the money. And it comes down to your meeting compliance.
Mario Fachini [52:42]
Gotcha. So it might cost you a million dollars to fix it. And Bob’s only making two quarter of a mil, it’s cheaper to fire him and fix the problem. And just hope it doesn’t happen for another five or eight years.
Gary Chan [52:56]
Potentially. But yeah, I mean, I think most people just discounted this as this is not going to happen to us. And so it goes to zero, because when you get to the bigger companies, especially because you talked about the government, like small businesses work completely differently. But when you are talking about big businesses, or the government, usually what happens is, in order to get funded for the project, you have to prove and by that it’s worthwhile by writing a business case for it. So I actually help a lot of people actually write business cases to say, look, this is why it’s actually worth something. But the one line item that I really have difficulty changing on my own, because it really is up to the client to determine the probability of it happening, I can bring all the statistics in the world and say, you know, what, 70% of organizations, you know, have this problem. But that guy is gonna say, you know, what, um, you know, I really think it’s only 10%. So that they put 10%, you multiply there, you know, your value has just gone down to 1/7. And so then of course, you’re gonna have to charge less. So it makes it less lucrative for you. But it also decreased the entire value of the entire project. And so they’re not going to want to fund it. So there are two problems with that one from the buyer perspective and one from the seller perspective, because risk is really just one of those that is very, very subjective. And that is what happens at the bigger companies.
Mario Fachini [54:24]
One quick follow up. Before we go to the sponsor, have you ever given someone a proposal with two price points that says if you do this now, before anything happens? It’s x, y, z, and after the fact it’s this?
Gary Chan [54:38]
You must be stealing my notes because that is exactly what I do now.
Mario Fachini [54:43]
I didn’t see them. I was just legit asking because it’s like, when you made the comment about well, I think it’s 10% it’s like, okay, Bob, what’s your background and credentials for the security? Okay, cool. Well, it’s gonna cost you seven times more when we you do have a problem. Is it next week or next month? I don’t know that. But when you call me, here’s the super Batman number, here’s what it’s gonna cost you.
Gary Chan [55:05]
Yeah, I was kidding. I don’t actually have any notes on that. But that is what I do. So either way, you’re correct, I do actually do a couple of different things. One is, look, this is the, the light version, if you just want some basic security, so you don’t look stupid, this is the I don’t want to look stupid number, then this is the I want to do kind of what’s okay,I want to do, I want to do better than that I want to, I want to at least meet, you know, some compliance, I want to do some good balance between, you know, not spending the farm to protect this. And then the sort of the higher end, which is, I want the kitchen sink, I want everything because this is my business, this is super important. And I think, basically, I’ve always found that people either fall in the first or the third bucket, and I have the middle bucket there, I actually don’t know why I just sort of have it there. No one ever…
Mario Fachini [56:05]
Because if you didn’t,they would ask for it.
Gary Chan [56:09]
Probably, but it’s always one or the other. And then what sort of pushes them over the line is what happens if I do nothing, then I’ll say, Well, on average…
Mario Fachini [56:19]
That was the best deal.
Gary Chan [56:20]
This deal, if you do nothing, you’ll call me later, and then I’m gonna charge you 10 times as much money, to be able to do it and you would have lost it, because by the time you call me, you would have already lost it. So the only thing I’m doing is sort of giving you peace of mind that whatever the issue was, is now fixed, you still lost it, and then kind of it really, I’m just gonna then do the same thing again after that. So it’s just gonna cost more, so you just, you should just do it now. So that’s sort of the thing that, I don’t want to look stupid, I want to have something in between. And I want the whole thing because this is super important. And what pushes them over the line is,hey, it’s actually going to cost way more. And there actually are reasons why it costs more. It’s not just because I want to charge me, it is a lot harder when somebody is in.
Mario Fachini [57:09]
Well, yeah, because of your work and everything. I was completely talking about premium pricing, though, because I know it would be more work and everything just off the bat. But I would have zero qualms about saying here’s our basically rushed delivery thing, it’s like you willingly chose not to listen to me after you consulted me. Have you ever considered using the higher point package? Because you were saying some people don’t value it and they don’t want to invest the money? Have you ever considered using it as a selling point to say you can actually use this in your marketing and sales material, because that’s a differentiating factor where if you go Company A, B, and C? Well, what’s the difference between them? They’re all the same price. They’re all okay, they’re all going to get the job done. They’re all relatively. But if company C has this governmental cloud in a package on it for security? Well, I would go with them, because I know it’s more secure. And not everyone can say that.
Gary Chan [58:07]
Yeah, no, that’s, that’s perfect. That’s actually the number so if you look on my website, so Alfizo.com they’re actually three things that I always bring to people’s attention on why they should be in general, right? Buying security, the first is to enable their sales. So that’s exactly what you were talking about. It’s a business differentiator, but I’ll go a little further than that. If you’re a small business, and you’re trying to sell to a big business, especially if it’s like a fortune 100, or whatever, you really want to get that sale. And this is actually where I get most of the people who asked for the kitchen sink, if they actually will hand you a security questionnaire and say fill this out. And so if you can’t fill it out, and I’ve seen so many of these, I’ve seen like hundreds of these things like you probably don’t even… if you’re a small business and haven’t done it first off, you’re not going to win that contract. But secondly, like you probably don’t even understand half the words that are on there. And even if you do, you probably don’t understand how they’re evaluating it. Because if you just answer it straight up, even if you think that you can answer yes to everything, you’re not going to pass it because you don’t understand what they’re actually looking for and how they’re evaluating you. And so it is a business differentiator if you can do that. And so whenever I talk to customers who call me up to say, look, you know, Acme, Inc., you know, just asked me to fill out the security questionnaire, what do I do? My response is, look, you can keep calling around and go and you will probably find a sales guy who will tell you that he will make sure that you can win this bid. But I’m going to tell you right now that if you didn’t understand even what it was asking for, it’s too late. You’ve already lost the contract. What you can do now is if you want to ever sell to that company or a different one downstream, like a year from now, then let’s go into business. And let’s help you do that, because it does take time to do. And so and they have it your returns are so much bigger, right? Like once you start talking about those are millions of dollars of contracts, right? So it’s not like 100,000 or last or whatever, it’s gonna be millions. And so it’s worth the investment. So enabling a sales business differentiator, that is definitely one of the top three reasons that you should be doing it. Excellent.
Mario Fachini [1:00:27]
Well, I’m glad we touched upon that, because that crossed my mind, because you can really assign money to anything, especially time. And I just feel like a lot of people don’t, especially with sales and marketing. And regardless of the product, it’s like you said it early on, they see it as a cost. Well, you’re already running uphill at that point. And it could be Everest, but when you start going, hey, it’s costing you $1,000 a day, the investment is 10 or 20. Grand, you’ll have this paid off in the month to break even and you’ll be cash flow positive on day 21, from there on out, it’s gonna enable you to get $6.8 million over the next five years, annualized. It’s like, hey, this isn’t a bad deal. We should have done this five years ago, huh?
Gary Chan [1:01:14]
Yeah, no, it makes total sense. And not to extend it too far. But there was this one company that asked me how they could actually use security as a new business line for them. So I went through market analysis for them and showed how basically, they could augment what they were doing to then just charge an extra line item for whatever it is that they were selling well. And it was basically a security line item, that they had customers that were willing to pay for it. So you know, you can use it for revenue, it’s just not usually the first thing that people think of.
Mario Fachini [1:01:46]
It’s usually that we have a problem, we need to fix it.
Gary Chan [1:01:49]
That’s right. It’s usually a detected problem, which is usually at that point, very bad.
Mario Fachini [1:01:56]
All right, expert authority world, we’re gonna thank our sponsor, but let’s give thanks to Gary here. And if you’re taking notes, get it fixed first to make money with it before you have a problem. Don’t wait until you do and you can’t even think straight. We’ll be right back. Afterwards, we thank our sponsor.
Sponsor – Free Business Book Publishing Course [1:02:14]
You’ve heard me say every business needs a book, including yours, and it’s true. And that’s why you should visit freebusinessbookpublishingcourse.com today to learn the seven steps to publish and promote your nonfiction lead and profit generating business book in eight weeks. But you know what? Don’t take my word for it. Take it from a few of my authors like Lori “I went from having an idea and the possibility to actually getting my book published.” Or Katherine, “Thank you for making my mom the number one bestselling author.” Or Maryalice, “What he got done for me in three days regarding my book launch, unimaginable.” Jon Cody, “I’ve worked with Mario over the phone and online and he’s been very helpful in getting me where I needed to go with promoting my books.” Rosio, “There’s no way in the world I would have been able to do this with somebody else. Again, I’ve attempted it in the past, it didn’t serve me. As a matter of fact, I ended up more frustrated than anything. So this has been a very seamless process.” Adele, “If you’re looking for an amazing business coach, I highly recommend Mario Fachini.” Or Bill Benner, “I can’t make a higher recommendation than to work with Mario Fachini. He has been great for me. And right now, I won’t work with anybody else except for Mario.” Hey, their words, not mine. Visit FreeBusinessBookPublishingCourse.com to get started now and I look forward to hearing your transformation as the next video success story. Once again, that’s FreeBusinessBookPublishingCourse.com.
Mario Fachini [1:03:45]
And we are back with the Imperfect Action Round. Gary, are you ready to take imperfect action?
Gary Chan [1:03:50]
I’m ready for it?
Mario Fachini [1:03:52]
Alright, three rapid fire questions. 60 seconds or less two answers. The first one is what is the fastest path to the profits?
Gary Chan [1:03:59]
Ah, the fastest path to profits. I would say read the news. So read the news and understand how that could apply to your business and sell that. So for example, right now, everybody’s probably heard of this virus called COVID-19. So one of the things that’s most common nowadays, is to work from home. And security has changed significantly as a result of working from home, for example. So that’s something that I can sell. And I think that the general concept of reading the news, understand how it applies to your business can be applied pretty much anywhere.
Mario Fachini [1:04:41]
Very good. Number two, what is the biggest problem you see your prospects making in the fastest way for them to fix it?
Gary Chan [1:04:48]
So I think that was the whole conversation we had today, which is that they’re reactive rather than proactive. So thinking about what they can do for the future, their business from a security perspective, or from any other perspective and doing a lot of planning, rather than just reacting to whatever happens, the one who’s best planned is going to win.
Mario Fachini [1:05:15]
Excellent. Number three, what is the best way to maximize customer lifetime value?
Gary Chan [1:05:22]
So that one, I think, would be understanding your customer, understanding what it is that they’re looking for. So in my case, for example, are they looking to increase their revenue? Or are they looking to protect what they have? And by understanding what the customer is really trying to do, then you can really tailor whatever it is that you’re trying to do to what they’re looking for.
Mario Fachini [1:05:45]
Very good. Well, appreciate all your thoughts. On all the stuff you’ve covered in some ones I even threw in there. I have just a few more, and it’s what books would you recommend to the expert authority world.
Gary Chan [1:05:58]
So if it’s just for fun, I really love the book Sandworm. So I believe that there was an author from wired that wrote just a really incredible hacking story about what Russia did with Ukraine. It’s just a very, very interesting read.
Mario Fachini [1:06:15]
Thank you for that. And where would you like people to learn more?
Gary Chan [1:06:19]
So if they would like to learn more about Alfizo, they could go to the website, Alfizo.com. Just take a look there. And if you’d like to contact me just use the form at the bottom.
Mario Fachini [1:06:31]
Excellent. Well, thank you so much, Gary. It’s been a pleasure. And I thank you for your time.
Gary Chan [1:06:37]
Thank you very much. It was a real pleasure to be on the show.
Mario Fachini [1:06:41]
All right, expert authority world. We have another great one here today. I’ll see you tomorrow. Have a great day. God bless.
Sponsor – Free Business Book Publishing Course [1:06:48]
You’re already an expert. But have you transformed your expertise into a tangible asset that will generate unqualified leads while increasing profit for you 24 Seven? And if so, how well are you promoting it? With the expert authority effect publishing method it’s easier and faster than ever. Visit freebusinessbookpublishingcourse.com today to learn the seven steps to publish and promote your nonfiction lead and profit generating business book in eight weeks. Visit freebusinessbookpublishingcourse.com to get started now, once again, that’s freebusinessbookpublishingcourse.com.
Hey, thanks for listening to today’s episode. I hope you got a lot out of it. I know I sure did. If you haven’t done so already, I invite you to subscribe to the show. And also be sure to check out EAInterviews.com for complete show notes, the full interview video experience links to the resources we mentioned in more. Have a blessed day and I’ll see you tomorrow.
Connect with Gary
- Website | Public Figure/Speaking Site
- Website | Company
- Facebook | Public Figure Page
- Facebook | Company
Resources to Profit Your Business!
1) FREE! Business Book Publishing Course:Learn How to Publish Your Lead and Profit-Generating Business Book in 8 Weeks2) FREE! Video Podcast Course: The World’s Best Blueprint on How to Profitably Create A Hollywood Style Livestream Video Podcast from Your Home or Office 3) Expert Authority Effect™ Messaging Learn the difference from the $1 bill to the $100 bill and how you can stop leaving the other $99 on the table today with all sales
Join the Expert Authority World™ Community
This is your fun, FREE and profitable interactive resource, to engage with other listeners, leaders, VIP Guests and myself to discuss the show and business 🙂
Leave a Rating & Review
If you found value from me, todays VIP Guest, website, community, or really anything show related, it would mean the world to me if you could take a second and leave an honest rating & review on iTunes, I read them all personally, and would love to know the biggest benefit you got from the show, THANK YOU in advance 🙂