ITSPmagazine Podcasts

Pre Event Coverage | Unveiling Cybersecurity's Future: Joe Sullivan's Keynote Journey to Australian Cyber Conference 2024 in Melbourne | On Location Coverage with Sean Martin and Marco Ciappelli

Episode Summary

In the lead-up to the highly anticipated Australian Cyber Conference 2024 in Melbourne, hosts Sean Martin and Marco Ciappelli engage in an insightful pre-event conversation with keynote speaker Joe Sullivan. Together, they explore the evolving landscape of cybersecurity and the critical role of security leaders in navigating today’s challenges.

Episode Notes

Guest: Joe Sulllivan, CEO at Ukraine Friends [@UkraineFriends_]

On Linkedin | https://www.linkedin.com/in/joesu11ivan/

____________________________

Hosts: 

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/sean-martin

Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli

____________________________

Episode Notes

The discussion begins with Sean and Marco humorously chatting about sunsets in California versus those on the other side of the world, as they prepare for their trip. With excitement in the air, they highlight the conference’s stellar lineup, especially keynote speaker Joe Sullivan, joining the conversation from Sydney. Already immersed in the Australian vibe, Sullivan shares his anticipation for the event and comments on the sunny weather awaiting them.

Sullivan’s career is a fascinating intersection of technology, law, and leadership. From his days as a cybercrime prosecutor to leading security efforts at Facebook and Uber, he offers a unique perspective on the evolution of cybersecurity as both a profession and a global necessity.

Joe Sullivan's Career Journey
Reflecting on his career path, Sullivan describes his journey as a "Jenga pile" built on diverse and dynamic experiences. He recalls his transition from government service to the tech industry during the dot-com boom, driven by curiosity and a hunger for new challenges. His work at companies like eBay, PayPal, and Facebook involved pioneering projects such as building security teams from scratch and shaping policies like responsible disclosure programs.

The Role of Regulation in Cybersecurity
Sullivan and the hosts delve into the crucial topic of regulation in cybersecurity. Drawing on his experiences, Sullivan underscores the disparity in resources between regulated and unregulated sectors, pointing to financial services and healthcare as examples. He advocates for smart, balanced regulations to ensure cybersecurity initiatives are well-funded and effective, emphasizing that structure is key to protecting industries and consumers alike.

Connecting with Security Professionals Globally
Through his global speaking engagements and commitment to attending conferences in full, Sullivan has gained valuable insights into the shared challenges facing security professionals worldwide. He highlights the universal nature of these challenges and the importance of collaboration across borders. His passion for fostering connections within the cybersecurity community resonates strongly in today’s interconnected world.

Humanitarian Efforts Beyond Cybersecurity
Beyond his professional endeavors, Sullivan shares his inspiring humanitarian work, particularly his efforts to support Ukraine through laptop donations. These initiatives, born from his professional network, illustrate the profound impact the cybersecurity community can have on broader global issues. By using technology to aid children’s education in conflict zones, Sullivan underscores the power of tech to bring hope and stability to those in need.

Conclusion
As the Australian Cyber Conference 2024 approaches, Joe Sullivan’s insights set a compelling tone for discussions about the future of cybersecurity. His message of resilience, adaptability, and global cooperation will undoubtedly inspire attendees. For those ready to engage and learn, Sean Martin and Marco Ciappelli warmly invite you to join them in Melbourne for this transformative event — and of course, follow them subscribing to their podcast if you cannot be there.

____________________________

This Episode’s Sponsors

Threatlocker: https://itspm.ag/threatlocker-r974

____________________________

Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australia

Be sure to share and subscribe!

____________________________

Resources

UkraineFriends: https://itspm.ag/ukrainwwmj

____________________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverage

To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast

To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast

Want to tell your Brand Story as part of our event coverage?

Learn More 👉 https://itspm.ag/evtcovbrf

Episode Transcription

Pre Event Coverage | Unveiling Cybersecurity's Future: Joe Sullivan's Keynote Journey to Australian Cyber Conference 2024 in Melbourne | On Location Coverage with Sean Martin and Marco Ciappelli

Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.

_________________________________________

[00:00:00] Marco Ciappelli: Sean, can you see the sunset on my face?  
 

[00:00:05] Sean Martin: Is that what that is? I thought you were being interrogated.  
 

[00:00:08] Marco Ciappelli: I know. It's actually the sun that is going down on this side of the world. Yeah, it's the opposite side. Give it a minute. I'll go away. People that are listening to the podcast, the audio, they don't need to. 
 

They don't need to worry about that.  
 

[00:00:23] Sean Martin: They don't want to see us either.  
 

[00:00:25] Marco Ciappelli: That's a smart choice anyway. That's right. Well, but if we're there If they are listening and not watching, they don't know who is our guest.  
 

[00:00:33] Sean Martin: They don't know who the guest is yet. And this is, I'm gonna, I'm gonna leave it in suspense for a moment. 
 

Cause we're on our way to Melbourne in Australia. For the Australian Cyber Conference 2025 there in Melbourne. 19 years that thing's been running. Our first time going. Great lineup of folks, one of which is a keynote speaker, and uh, I'll say a good friend of ours. He's been on the show a couple times. Joe Sullivan, there he is. 
 

How are you, Joe?  
 

[00:01:02] Joe Sullivan: Hey, I'm doing great. Thanks for having me on. I'm coming to you from tomorrow because I'm already in Sydney. So the sun you see is the sun that's coming up into the sky.  
 

[00:01:13] Marco Ciappelli: That's right. Can you give me the lottery ticket?  
 

[00:01:18] Sean Martin: Exactly. He can tell us what the weather is anyway. It's going to be warmer than California, Marco, in Sydney. 
 

It's approaching summertime. Great weather. Excited for the event. Excited to hear all the All the presentations and uh, connect with people and have some great conversations. Joe, uh, I don't know, have you, have you spoken in Australia before?  
 

[00:01:40] Joe Sullivan: Yeah, this is my second visit to Australia. I came About a little more than a decade ago, uh, came to do meetings with government. 
 

I've spent some time here in Sydney and spent some time in Canberra, the nation's capital.  
 

[00:01:56] Sean Martin: Very nice. Very nice. And this year you're speaking at, uh, AU CyberCon and, uh, you're going to talk about all kinds of fun things, which we're going to get into in a moment. Um, Of course, the, the folks that follow us regularly know who you are, I would say. 
 

Um, and, uh, hopefully they've listened to our, our episode. Yeah. One was from Black Hat when we talked a little bit more in depth about, uh, your experiences over the past few years, uh, for the folks in the APJ, APAC region. Um, let's share a bit, your personal journey. Past, your history, some of the roles you've had, some of the, I don't know what I, air quotes, fun you've had over the past few years in the roles that you had. 
 

Just kind of set the stage because I think a lot of, a lot of what you'll be talking about on stage will be rooted in the experiences you've had and how to bring things forward for security leaders. So, take it away Joe.  
 

[00:02:53] Joe Sullivan: Yeah, thanks. It's funny, a lot of people when they look at my I career progression. 
 

They refer to it as like a Jenga pile, uh, because it's a little bit all over the place. And, uh, It probably ties to some of the career advice I give people, which is I've always tried to just take the next step into something that looked interesting and that would keep me challenged and excited to get to work. 
 

So when I was back in school, I went to, I went to college. I went to law school. I planned to be a lawyer for my whole career and I planned to go work for the government for my career. And I did that for the first eight years. I went into the U S Department of Justice and I was very fortunate. Uh, it was the mid 1990s. 
 

Uh, I was the person who convinced the Department of Justice to give them an internet connection directly to their desk. And it was not easy in 1995 to do that. I wasn't allowed to connect my, To it, but I could get internet at my desk at a time when I couldn't get internet at home. And so I, um, started doing, uh, technology related things as a lawyer for the government. 
 

And before you know it, I was a full time cyber crime prosecutor in Silicon Valley. And. I got into that role at the end of 1999, which people recall was the dot com boom. So everybody else was moving to Silicon Valley to be part of all the startups and make lots of money. And I moved there to be a government lawyer. 
 

[00:04:24] Sean Martin: You're there with open arms.  
 

[00:04:27] Joe Sullivan: And I, and I, Yeah, and I went around asking, uh, everyone, Hey, uh, tell me about the cybercrime that's happening at your companies. And they all said, Oh, there's, there's nothing bad happening here. Move along. And, uh, that was the start of kind of my last 25 years working at the intersection of kind of the government and technology companies trying to deal with cybercrime and the challenges there. 
 

Uh, in 2002, I, I left, uh, government and went over to eBay and, uh, built out and ran their fraud investigations team. After doing that, I think for four years, I kind of said, should I go back to being a lawyer? And I moved over to the PayPal side. That was a time when eBay and PayPal were under the same corporate umbrella. 
 

And I ran the North America legal team at PayPal for a couple of years, but couldn't stop doing the cybersecurity stuff. Even at PayPal, I worked on and helped push out our responsible disclosure policy, which the people who know about bug bounty programs know that. Responsible disclosure came before bug bounty. 
 

And I think PayPal was the first company to push out a policy like that. Um, in 2008, I kind of followed my excitement about what was happening in Silicon Valley. And I went over to Facebook, Facebook was smaller than my space. When I joined a couple hundred people, we didn't even have a building. We were in just lots of little, um, rented. 
 

Kind of suites along this one street in Palo Alto. And, uh, pretty quickly started working on privacy and security things there. And before he knew it, they asked me to be the chief security officer of the company, which I did for six years. So built the security team at Facebook from I think four or five people to four, 500 and was there through till the company was built into what we know as meta now. 
 

During my time there, we acquired Instagram, we acquired WhatsApp, we acquired Oculus, which is the virtual, um, reality, uh, business now. And then in 2015, uh, it seemed like it was, it had turned into a big company and was kind of, Settling down. Uh, I didn't know what was going to happen in 2016 and, you know, Cambridge Analytica and the, um, all the, uh, challenges around election related content. 
 

Um, but, uh, I left in 2015 and went over to another company that, Needed someone to build a security team from scratch. And that was Uber. So I got to Uber in the spring of 2015 and there I built a second time, a security team from two or three people to several hundred people. Um, people know a bit about my Uber story. 
 

Uh, I, uh, reported to the CEO, Travis Kalanick. And, uh, in 2017, he was essentially forced out of the company. Those of us who were there reporting to him. We became co CEOs for a few months. We just, the nine of us had to run the company without a CEO and, uh, with a little help from the board, we hired a new CEO and not too long after he fired me and, uh, and put out as, and the company put out a story that I had been involved in a coverup of a security incident, um, The following spring, after kind of going into my, um, hermit phase for a few months and growing a beard and being pretty scary to my kids, hovering around them all the time, I, uh, I got back out of the house and I went over to cloud flare, which was a small private company back then. 
 

And for the third time, I built a security team from. Three or four people to, and got to be, um, there, you know, CloudFlare grew up, uh, we IPO'd and I ended up leaving in the fall of, uh, 2022 after more than four years there, so three times I've, I've built companies from, uh, security organizations from almost nothing to pretty large, and I, and I spent a lot of time mentoring security leaders and, um, I set up my own LLC security consulting and advising business. 
 

I advise I think a dozen small startup companies now and I do consulting probably one or one to three companies at a time for larger companies.  
 

[00:08:56] Marco Ciappelli: You know, you were in security when it wasn't even a thing. Right. Like you mentioned, like the MySpace and it was the beginning of the internet and, and the fact that you built pretty much three company from few hundred, few, few, actually a handful of people into, I mean, really big, big company, uh, I guess you got so much to share. 
 

Is that, uh, something that you're going to touch on, on your presentation and in Australia and Melbourne?  
 

[00:09:26] Joe Sullivan: Yeah, that's almost exactly. Right. That's it. The, the profession.  
 

[00:09:32] Marco Ciappelli: No, I didn't.  
 

[00:09:35] Joe Sullivan: But look, the, the profession is so young. It's so different from any other executive function in corporations. If we stop the CFO of 10 companies and say, Hey, tell us the career journey. 
 

Like my kid wants to be a CFO. If you ask 10 CFOs, they'll give you variations of the same things that you should do. This is what you should major in. This is where you should intern that when you go inside a company, you should work over an FPNA. You should be a business partner. You need to know how to do this math, et cetera. 
 

Uh, and. If you ask 10 security executives, hey, I want to be a CISO, CSO, you know, one of the different, many chief digital risk officer, we, we don't, we don't even align on title, uh, at this point. Uh, we don't align on scope of responsibilities. We don't align on so many different things and we have to grow up. 
 

As a profession, if we want to be taken seriously by the other executives, and if we want to get the kind of structured protections that the other executives have. And so, uh, we're at, I think a really important time in the profession because let's be honest, a whole new set of digital risks are coming at us right now. 
 

And in, and I think regulators and governments around the world are also at this point where they're like, we've been hands off on cybersecurity for a long time and you know, it's not. Like it's not, it's not good enough. And I think we would all agree, like our cybersecurity world, we're not doing enough to protect the, the, the, you know, the least ready to, to venture on to technology. 
 

[00:11:18] Sean Martin: I have so many questions, um, two in particular that I. I feel I want to separate, but I can't, and it's, it's around the, you touched on a little bit and, and we've talked a lot about it on, on my show. Uh, just the, the pressure and the weight and the responsibility of the CISO, uh, to the business and, and then now legally, uh, at least in the U S and so that's part of the question, what, what is it? 
 

The current state of that, in your opinion, and then the second part of the question, and we can, we can talk about them separately if you want, but the second part of the question, because one of the things we like about when we travel to Asia, for example, and Pacific region is kind of the differences in policy and laws and culture that. 
 

Change the game for how people live their lives, how they run their business, how they protect their business, the role of the CISO in that world. So what differences do you see and what you perhaps touch on in your keynote, again, bringing back to the weight of the role here in the U S compared to what you see happening in other regions, specifically APJ. 
 

[00:12:37] Joe Sullivan: Yeah, it's interesting about a year ago. I, um, did my first post Uber situation international talk in London. 
 

Well, I guess I've in the last year or so I've spoken in Israel, London, Norway, Denmark, Switzerland, here in Australia, I've been, and every time I go to these conferences, I don't just kind of pop in, do my session and leave, I try and spend the whole, I try and go to the whole conference because I really enjoy connecting with security people. 
 

Because, and one of the things I find is that we're, we're, we're the same all over the planet. And I will say that the risks for the executives are the same too. It's funny when I was in, I was in Denmark last month, uh, for a conference for Deloitte and. I reached out to some people I'd met in Norway when I'd been there a couple months before, who I knew lived in Copenhagen, and they, uh, two of them arranged for just a random group of security people, let's all meet up in a pub, uh, on a free night that I had in Copenhagen, and it ended up being me and about 40 People, including a bunch of people who were getting the, all the planners for Copenhagen besides, which were happening the next week. 
 

And so they were deep in like talking about that. And it was no different than, you know, last month when I was in Dallas, hanging out with a bunch of security leaders, At something completely different. There are definitely, uh, um, differences and say, you know, when I talk about, like, I think that there, I think that we, we need some smart regulation because there's the security leaders of the world are struggling right now to get the resources they need. 
 

And if you look at. If you look at the regulated industries and the regulated countries, the security leaders in those, in those places and func in categories get more funding. It's, it's a lot harder to go convince your CEO to give me resources. If it's just about managing risk. Because as an aside, we're not very good at explaining and, uh, tying like spend to risk reduction, but so, yeah, when I go to Dallas and I say, I think that we might want some regulation, there's a little bit more pushback than there is when I say that in Denmark, uh, but, uh, at its core though, cybersecurity. 
 

is a unique profession because we have to be technologists, we have to understand technology, and it's the same technology across the globe, number one. But number two, we also have to understand politics. Geopolitical implications show up in our work every day. And so it's unlike a lot of other technology roles. 
 

And, um, We also, no matter where we are, we play the same role inside our organizations. We're not the ones building the cool technology that people want to buy. We're the ones trying to build the technology that manages the risks, risks of the new technology that everybody wants to buy.  
 

[00:15:58] Marco Ciappelli: You know, it's funny cause we were actually on a meeting call, uh, earlier with Sean and someone, some company, we were talking exactly about that. 
 

Like when you order to get the money, you need to get, you know, Out it and then somebody tell you that you need to spend the money or you need and then if you want to go to the big, you need a breach and then you really get the money, which is kind of like you could avoid that by, I agree with you, bringing a little bit more regulation in it because it's like, well, why should I do it? 
 

Because you have to, and I don't know if you can. I mean, you kind of confirmed that already, but that's the story I usually hear. Yeah. With the European community or Australia where it's a little bit more government driven, which again, I'm with you. For me, it's actually a good thing. I mean, not a hundred percent, but you know, it needs that push. 
 

[00:16:51] Joe Sullivan: Yeah. I mean, just like, just focus on an example in the United States for a moment, uh, the difference between the financial services category where we don't have daily stories of compromises of our large banks. The people who work in cyber security in those large banks will tell you they have too many regulators and too many conflicting sets of guidance, and they probably do, but the fact is that they have regulators who visit with them constantly, who want to understand their technology environment, who are tech people. 
 

technicians, technologists themselves. And so in financial services in the United States, on average, the security organization and the security spend is probably exceeding 10 percent of total technology spend at the organization. Compare that to. where we've, you know, are probably our biggest and most painful security incident of, of the last year for Americans was the change healthcare and how it impacted people being able to get service. 
 

And they won't say it on the record, but I've talked to plenty of people in the healthcare ISAC who have confirmed to me that the typical budget in healthcare. Is less than 5 percent of technology spent. What's the difference between financial services and healthcare? Both of them are critical services. 
 

Uh, that are foundational for protecting people, but one of them gets twice as much money for, uh, doing cybersecurity and protecting us.  
 

[00:18:31] Sean Martin: That's all, all about the money, perhaps? I don't know. Yeah, because the other, the other industry I think of, um, and it's not necessarily cyber, but cyber plays a big role in, and I'm sure is, uh, retail. 
 

Where there's a lot of fraud and my understanding is a lot of that fraud has just written off. So there's an acceptable amount and there's some controls to kind of keep that at bay, but there's always some that, that just sits there and gets written off.  
 

[00:19:00] Joe Sullivan: Well, and that's a great point. I I've been, I've never had the title CSO. 
 

I've always had the title CSO. And a lot of the time it was because it was always because I had more functions Cybersecurity. And there were multiple times where I had responsibility around fraud. And let me tell you that the meeting with the CFO, when I'm asking for my budget for my fraud prevention team, is fundamentally different than my meeting asking for my cybersecurity budget. 
 

And here's how. It's this simple. When I go in for the fraud meeting, the CFO knows how bad our fraud is because of chargeback rates. Because of the, there's a, there's an, Maximum of 180 day window in which you'll know, and it's, and it's typically much more compressed than that within weeks, you know, whether you processed a fraudulent transaction. 
 

And so I, I remember the first time I went to the C ffo and I said, look, if you give me $2 million more for my budget, I will save you $5 million in fraud. And the CFO said, if I give you 4 million, will you save me 10 million? Like they wanted to gimme more money. , right. Have you ever heard of a CISO having that conversation? 
 

[00:20:19] Marco Ciappelli: You know what that is called? Investment. In security. Right there.  
 

[00:20:25] Sean Martin: Right. It's the business of security, but it's articulating that number. And not having any, uh, well, it's kind of like the cyber insurance as well. There's no actuarial data to say, this is what we see. Here's how you can do that calculation, right? 
 

[00:20:42] Joe Sullivan: Yeah, I think some, uh, we're slowly getting there. Uh, like I have, um, I have a friend who's at a, uh, at a big PE firm in New York city. And, uh, I was visiting him when I was there a few months ago and the PE firm has a portfolio of companies. And every company has, uh, cybersecurity challenges. And so imagine you have a portfolio of 50 companies and it's 50 evolving companies over 10 years, maybe at some times you have 100. 
 

And this PE firm had been collecting data over the last decade from all of their investment companies about cybersecurity incidents and what cybersecurity tools they had in place, and they characterized every single incident. They have a very disciplined approach to when they acquire another company, they go in and say, look, you must have multi factor authentication implemented through a single sign on. 
 

No ifs, ands, or buts. Number one, number two, you must have. And so they have a data driven approach, uh, which, which we all had that visibility and opportunity. Um, but you know, We're on the journey, and that's part of what we have to, as a security community, get a lot better at.  
 

[00:22:06] Sean Martin: Yep. Very cool. I agree. I, I could, as you probably know from one of our previous conversations, I could talk to you for hours. 
 

Um, we'll save that for when we're in person. You come from Sydney, I'll come from, from other states. We'll meet in person. We'll have a longer conversation. Hopefully others do as well. Um, I invite everybody to, uh, check us out. Connect with you at the Australia Cyber Conference 2024. It is the . What's the date, Marco? 26th through the 28th. There we go. I had to get my dates right. Um, you speak on the, you speak on the second day, you speak on that Wednesday. Um, I would encourage everybody to join your session, get a chance to meet you. Maybe have a conversation of their own with you. 
 

Uh, you're, you're a good dude. Really appreciate you. Uh, You spending the time here and then sharing your story and conversations. There, I know you do a lot of other stuff outside of cyber as well.  
 

[00:23:06] Marco Ciappelli: A couple of minutes to add to, to the end of the story.  
 

[00:23:09] Sean Martin: Important thing for humanity that you're doing. And, uh, maybe share a little bit about, uh, Frenzy Ukraine with us, Joe. 
 

[00:23:15] Joe Sullivan: Yeah, thanks for that opportunity and at, at CyberCon next week, I'll also be I'll be attending that they have a, um, CISO bootcamp. And so I'm going to speak at that as well. It's going to be a smaller session just for security executives. Uh, I'll speak at that and I'm going to try and attend that for the whole day on Monday as well. 
 

So it's, it's a, it's a really, I think it's going to be a really good, uh, few days, uh, of activities. And yeah, yeah. One of the things that, uh, after I lost the Uber trial and. I stopped working at CloudFlare. I started, uh, well, there was one thing that I had been doing at CloudFlare that I really didn't want to stop doing. 
 

And that was, uh, we had been asked in early 2022 to, to kind of help with the cyber defenses for Ukraine. And so after I, I left, uh, CloudFlare, I reached out to, uh, A friend of mine who was the recruiter who had placed me at Uber and Cloudflare, and said, well, you placed me at Uber, so you owe me one. Can you find me a non profit where I could volunteer for a bit, uh, related to Ukraine? 
 

And he contacted me a month later and said, I found this nonprofit. It's, it's actually not cybersecurity focused, but, uh, but they need a CEO. And I said, wait, I wanted to volunteer a couple of hours a week on cyber stuff. And now you're going to, you want me to be the CEO of a humanitarian organization? 
 

Long story short, I've been to Ukraine four times in the last 18 months, and I'm planning on another trip soon. The main thing that we're doing these days is we're bringing laptop computers in and setting up kids who are stuck in remote school, especially kids who've lost a parent in the war and can't afford one. 
 

And, and the coolest thing about it all is that every single computer that I've brought into Ukraine and that we've shipped over, and I'm talking thousands of them at this point, every single one. Was donated from a company that I connected with through their cyber security team meeting at one of these conferences, or when I've been speaking about cyber security stuff, I, if I get a little opportunity to mention at the end, uh, our website's ukrainefriends. 
 

org and we, uh, Like this, the cybersecurity community is all about helping people. And so I think we've got hundreds of laptops from three companies in progress of shipping to Ukraine right now. And at any given time, there's usually one or two companies that are boxing up. Uh, you know, those laptops that if you've ever been inside a technology company, there's an it help desk, and there's usually 10 laptops stacked up in the corner before those things are gold. 
 

Uh, they might not be brand new, but you give that to a 12 year old kid in a war zone and it gives them an escape. It's not just connectivity to remote school, but it's like a, it's a distraction from the tough stuff around them. So the community has really helped.  
 

[00:26:12] Sean Martin: And can, can people, I presume they can donate cash. 
 

Um, they can also donate as individuals, uh, computers if you have them as well and all that's on the website or how does that work?  
 

[00:26:23] Joe Sullivan: Yeah, every penny that we get donated, we put a hundred percent into basically right now, the only thing we do with cash is we buy cardboard boxes and pay for shipping of laptops. 
 

When I travel to Ukraine, I pay for myself. I don't take a penny in salary. I haven't, um, from the start and we, we don't have any paid staff at this point even. Uh, so we just do it all as volunteers. And, uh, the only expense we have is Essentially shipping, you know, shipping laptops, uh, we want to do it safely and, you know, comply with all the standards so that, uh, shipping isn't free. 
 

Uh, and so we do like cash donations, uh, at, along with the computers.  
 

[00:27:08] Marco Ciappelli: Very cool.  
 

[00:27:09] Sean Martin: I love it.  
 

[00:27:11] Marco Ciappelli: Yep.  
 

[00:27:11] Sean Martin: I won't bring any with me, but I have a couple, uh, I'm going to make sure to end up, uh, with you and, uh, And with some cash to help, help make sure they arrive as well. So, um, yeah, well, and we'll, obviously we'll include a link to ukrainefriends. 
 

org as well. So folks can connect directly. Joe, you're, you're amazing. Appreciate all that you do. Looking forward to seeing you at, uh, AU CyberCon, uh, which is hosted by AISA, which is an Australian organization. Also, uh, Government run as well there. Um, if you haven't figured  
 

[00:27:49] Marco Ciappelli: out, yeah, if you guys listening, I haven't figured it out. 
 

We're going there. We're very excited. We're going into the future. By the way, the theme of the company is the future is now. So how appropriate. And, uh, we're going to have so many conversation when we're there. We're planning. I think we're going to be super busy. We'll create a ton of content. So, uh, You should follow us on location with Sean Martin and Marco Ciapelli, which is me. 
 

And we'll meet again with Joe and all the amazing people that are going to be there. Thank you very much.  
 

[00:28:20] Sean Martin: Excited for a few days, Joe. Thanks a million. Safe journey from Sydney. See you in a few days.