Discover how Asaf Dori and Ashwin Pal unravel the often-overlooked gaps in cybersecurity response and recovery, sharing practical strategies to bridge the divide between IT and business needs. Learn how aligning recovery plans with operational goals can transform cybersecurity from a cost center into a competitive advantage.
Guests:
Asaf Dori, Cyber Security Lead, Healthshare NSW
On LinkedIn | https://www.linkedin.com/in/adori/
Ashwin Pal, Partner – Cyber Security and Privacy Services, RSM Australia
On LinkedIn | https://www.linkedin.com/in/ashwin-pal-a1769a5/
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
At the AISA CyberCon 2024 in Melbourne, Sean Martin sat down with Asaf Dori and Ashwin Pal to explore the often-overlooked areas of the NIST Cybersecurity Framework: response and recovery. Both guests highlighted the critical gaps organizations face in these domains and shared practical insights on addressing them.
Asaf Dori, a cybersecurity professional in healthcare and a researcher at the University of Sydney, underscored the need for governance-driven awareness to improve response and recovery capabilities. His research revealed that while organizations invest heavily in prevention and detection, they frequently neglect robust recovery plans. He emphasized the importance of comprehensive disaster recovery exercises over isolated system-based approaches. By linking governance to practical outcomes, Dori argued that organizations could better align their strategies with business resilience.
Ashwin Pal, a partner at RSM with 26 years of experience in IT security, brought a field perspective, pointing out how recovery strategies often fail to meet business requirements. He discussed the disconnect between IT recovery metrics, such as RPOs and RTOs, and actual business needs. Pal noted that outdated assumptions about recovery timeframes and critical systems frequently result in misaligned priorities. He advocated for direct business engagement to establish recovery strategies that support operational continuity.
A key theme was the role of effective governance in fostering collaboration between IT and business stakeholders. Both speakers agreed that engaging business leaders through tabletop exercises is an essential starting point. Simulating ransomware scenarios, for instance, often exposes gaps in recovery plans, such as inaccessible continuity documents during a crisis. Such exercises, they suggested, empower CISOs to secure executive buy-in for strategic improvements.
The discussion also touched on the competitive advantages of robust cybersecurity practices. Dori noted that in some industries, such as energy, cybersecurity maturity is increasingly viewed as a differentiator in securing contracts. Pal echoed this, citing examples where certifications like ISO have become prerequisites in supply chain partnerships.
By reframing cybersecurity as a business enabler rather than a cost center, organizations can align their response and recovery strategies with broader operational goals. This shift requires CISOs and risk officers to lead conversations that translate technical requirements into business outcomes, emphasizing trust, resilience, and customer retention.
This dialogue provides actionable insights for leaders aiming to close the response and recovery gap and position cybersecurity as a strategic asset.
____________________________
This Episode’s Sponsors
Threatlocker: https://itspm.ag/threatlocker-r974
____________________________
Resources
Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australia
Be sure to share and subscribe!
____________________________
Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverage
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast
To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast
Want to tell your Brand Story Briefing as part of our event coverage?
Learn More 👉 https://itspm.ag/evtcovbrf
Rebalancing Cyber Security: Prioritizing Response and Recovery in Governance | An Australian Cyber Conference 2024 in Melbourne Conversation with Asaf Dori and Ashwin Pal | On Location Coverage with Sean Martin and Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00]
Sean Martin: Here we are. It's the end of day two. And, uh, we've had a lot of conversations, but nothing on this topic yet. I think, well, we've talked a lot about ransomware, which has a lot to do with response, of course. Um, But only, most of the conversation has been around payments and should we or shouldn't we pay and how do we disclose to the government now, right?
Like, a lot of that stuff. And before we started talking, uh, on camera, we were talking about the NIST CSF framework and detect and, and, uh, Respond. And respond. Well, respond is one of the ones that doesn't get a lot of attention. Yeah. We talked about it. The earlier. Um, phases have a lot of investment, a lot of programs, visibility and scrutiny, perhaps the response and recovery, not as much.
So we're going to talk a bit about that today and some of the research you've done, some of the experiences you've had working with organizations. And hopefully [00:01:00] provide some insight, some guidance for folks. So, um, we'll start with a few words from each of you. Asaf, then Ashwin, about who you are, what you're up to, and what your role is, uh, in your current, current job.
Asaf Dori: Yeah. Okay, I can start. So, um, I, uh, I work as my day job as a cyber security professional in the healthcare industry at the moment. Um, but I also do teaching and research with the University of Sydney focusing on cyber security governance and I was doing it from 2016, uh, now. Kind of also doing a late life Ph.
D. which I completing on the topic of cyber security governance, which has fascinated me since I had my role, previous role as an IT auditor many years ago, working for an international company. Uh, yeah, that's briefly it, actually.
Sean Martin: [00:02:00] Different university.
Ashwin Pal: Yeah, it's a very different university. Uh, and now I have I ran away before I could do my master's degree.
Um, but no, Ashwin Pal. Um, partner at, um, RSM. We are the sixth largest taxation consulting accounting firm in the world, actually. Um, I've been in the industry 26 years. Way too long. Um, started my career in New Zealand, yes. Um, and then moved to Australia. And then in the last row, I was actually after looking after as your pack.
So, um, done everything from consulting through to architecture design, quite technical roles, managed security services and everything in between. Um, so yeah, I've been around the block a few times
Sean Martin: around the same time frame. We are the same vintage, uh, so here at, uh, CyberCon hosted by ACE in Melbourne, you had the opportunity.
Congratulations, by the way, on getting a spot. Thank you to speak. [00:03:00] Um, kind of give us an overview. Well, that's. Um, you know, I think this is for the purposes of what the session was about, who was targeted for what you hoped they would learn, and then we'll kind of dig into some of the nitty gritty of what you presented.
Sure.
Ashwin Pal: Um, maybe I'll start, um, look, both, um, as of and I have seen, um, through, you know, our stuffed research and my work that, um, When it comes to the NIST CSF framework, you know, people do the protect and the detect stuff reasonably well But when it comes to governance, which is a new one, but then identify respond and recover It's actually done extremely poorly.
So we thought what would be good to share with the audience are basically You know what we have seen out there So me in the field are suffering in it with his research But and talk through what some of the issues are Um, we've done, we when I say we, it's RSM, we've done some research both here, um, U. S.
and U. K. as well, talked through some of the data, but also then talked through, [00:04:00] um, you know, what are some of the practical steps organizations can take that would actually help address that gap and really share that knowledge. So, um, you know, Asaf and I had a common, um, sort of view and vision in that and we got together, pulled a presentation together and we were lucky enough to be accepted and presented that a little bit earlier today.
Sean Martin: That's fantastic. Let me, let me ask this question, and it may be relevant, I may be completely off the mark. Um, are we defining success for recovery in a way that's meaningful? Because a lot of the stuff that I see, and maybe this leads into some of the research that you have put together, um, a lot of stuff I've seen is measured in.
Meantime to detect, meantime to respond, and I mean, those are numbers that we can calculate easily and report on easily. But when we start [00:05:00] to talk about what does recovery look like, um, is that the right measurement? Are there other things we should be looking at? I don't know, what were some of the things you looked at in your research and how does it relate?
Getting to what's, what really matters for recovery.
Asaf Dori: Yeah, so my research was a bit broader, so looking more on different aspects of governance. Uh, however, I did delve into the five fundamental pillars of the NIST framework, and I did, uh, look at how, uh, address these different capabilities and to what extent, uh, what they do, what they think they do better, what they think they have room for improvement.
And the area of response and recover were by largely identified as areas that many company thinks that they are not doing enough, don't do well in to a certain extent. And to try and maybe, Talk about measurements. Some company maybe don't measure [00:06:00] really response and recover because the measurement that you mentioned are more things like, you know, data, disaster recovery exercises, which is if you have a serious Cybersecurity incident is not a holistic approach.
It's just targeted as one system or a specific aspect of our process. Uh, and it's not really representative for a scenario whereby you're impacted by a significant, uh, cybersecurity incident. And probably ransomware is always an example of that because it will lock you out. Potentially from everything, uh, and what's the use of, you know, and you know, the, the, the time to recover.
Sean Martin: Yeah, there is none. Yeah. There is none. The other thing I think about is, I don't know if you speak to playbooks or how many organizations you have. Oh, yeah. Oh yeah, we just spoke about it a little while ago. Yeah, yeah. To me, [00:07:00] one, one way of looking at, are we doing enough? What does the outcome look like?
Ashwin Pal: Yeah.
Sean Martin: Did we achieve the outcome without popping out to legal too many times or out to cyber insurance too many? So I don't know.
Ashwin Pal: So, so we, I mean, A lot of what I actually do is to actually help organizations actually understand where the gaps in this area lie, and how they can actually plug those gaps.
Um, so obviously a lot of sort of evidence around what's actually going on out in the field. Now, I, I'm a very simple guy, I start with the basics. Why do IT systems exist? To support the business, right? Why else would an organization have IT systems, right? Okay, let's take it. Employees want a game, they want to stream Netflix.
That too. Um, so let's take it that one step further. Right, so if the IT systems were going to get impacted, the business needs to tell us how quickly they actually want it. Up and running! [00:08:00] And then, that should drive the recovery strategies. Right? And what, and within that, are terms like RPOs, RTOs, so recovery time objectives, recovery point objectives, right?
And maximum allowable outage, MAO times. Those are the matrix that we see are not either captured well in discussions with the business, or are very old. As a result, what ends up happening is even if you are fortunate enough. to actually have recovery plans and strategies. They're not aligned to what the business wants, right?
So you have a very critical system, a crown jewel system that needs to be up and running within two hours. What we see is the backups are being done daily. See the problem there? So, yeah, you're and your backups are beautiful. They're the world's best things ever. air gapped, tested, like there's no tomorrow.[00:09:00]
But it doesn't actually meet the business requirement. 22 hours out of date. Exactly, you're just a little bit out there. 22 hours out, right? In the worst case scenario, that's exactly. I mean, we laugh about it. The number of times I've actually seen that and written in our reports and, and work, it's absolutely phenomenal.
So, um, long answer to your short question, yes, we are looking at the wrong matrices and, uh, and, and again, we spoke about that, you know, and unfortunately that's where the fundamentals are. If you're not driving to the right outcomes, you will never reach the right outcomes. So
Sean Martin: who's responsible for having that conversation in a way that speaks to the outcomes?
Asaf Dori: I think that's the point where it's connected to governance, which I think that's one of the things that you started with. I think governance should drive increased awareness and maturity in these two areas of response and recover.
Ashwin Pal: Yep, and clearly define roles and [00:10:00] responsibilities. That is central to your question.
Who is actually responsible? Well, who is responsible for the business? It's really everyone, especially at the exec level, right? So, that's where the Chief Information Security Officer and, and, you know, um, the Chief Risk Officer, for example, and heads of departments need to get together and actually have that conversation, right?
This is my business area. This is my baby. This is the dependency I actually have on IT systems to actually run and survive. This is how quickly I need it up and running, right? Mr. CRO, Mr. CISO, are you geared up to actually support me in that endeavor? Yes. No. What are the gaps? How do we actually plug that?
And obviously, you know, I can sit here and actually have a very good conversation. technical conversation with you around the best recovery strategies and all the rest of it. But that's not what this is all about. This is actually a business conversation we actually need to [00:11:00] have. Once you get that right, once you understand the requirements, the technology should then help meet that, not the other way around.
Which is what we're seeing a lot of in the field. Field.
Sean Martin: So I've had countless conversations where we speak to or hear from the CISOs saying, we wanna be closer to the business. Yeah. We wanna understand the business more, we wanna have these conversations. Um, but I still hear conversations like this. Yeah.
Where they're not happening. I think CISOs think they're making progress, but I don't know, your experience is that gap still exists.
Ashwin Pal: Which they are, right? And remember, I have the benefit of, you know, really sort of having visibility over the last few years. 26 years and how this thing has actually evolved.
It's getting better? Yes. We have a long way to go yet. So, um, [00:12:00] 10 years ago, the conversations were very technical and the business people used to get switched off. It is getting a lot better, but the conversations are still not there actually at the business level. At the end of the day, the area we're talking about, including schools.
is all about risk management, right? So the CISO and the CRO need to really be working hand in glove to make sure they actually understand how they support the business and how their activities could actually support the business. Have the conversation in that language, you know? So if we had a ransomware incident, let's not talk about what malware is and how it actually works and how to reverse engineer one.
Nobody cares, right? Let's talk about what it means to the survivability of the business. What it actually means in terms of reputational risk, impact on customers, and what controls do we then need to have in place, including recovery and response, to mitigate that. To bring that risk [00:13:00] back down into the organization's risk appetite.
And then you'll find you are getting more purchase from the boards, the execs, and the, you know, the ones that have the purse strings.
Sean Martin: Is it, I often try to look at other parts of the business where my sense is a lot of these types of conversations happen naturally. Mm hmm. Like legal, right? We need to sign contracts.
Well, how many contracts are we going to be doing over the next six months? How fast do we do it? Do we have enough team? Do we have enough knowledge to get through those contracts and, and protect the business? I like to look at legal because there's a lot of risk based stuff there. Um, engineering, right?
How often are we going to release? What are the, what are the unknowns we might encounter? Do we have the right team in place? Do we have doubts? I think organizations. Find a way to work through some of those things yet. We can't seem to [00:14:00] get there from a cyber perspective. It might let me relate to that.
Asaf Dori: So if you think about that, what is the composition of typical board? Legal finance. If it's an engineering company, it will be engineering. If it's maybe retail to be marketing, is there. significant representation in the board in this area of technology governance, cyber security governance? What do you guys think?
Not enough.
Sean Martin: I don't know. Let's pick the retail one. Are they talking at the board and exec level about point of sale technology? Probably not, right? Of course not. It's how much money do we want to make? How many transactions does that mean? How many? How many people are going to drive those transactions?
The economy is tanking.
Ashwin Pal: How do we actually keep sales and revenue numbers up? Um, and you know, that's the cost center down there, which is normally what IT and cyber [00:15:00] security is seen as. They'll get, they'll get the money. the squeeze and the funds are going to be redirected into more revenue generating activities.
So if you keep that in mind, why aren't we actually having conversations around how us as cyber folks can actually help that initiative, right? Because there is a link, okay? If you're trying to increase sales and you have a massive data breach, what's going to happen? Particularly if your competition is that you're doing quite well in that space.
Good example would be, look at the, uh, it would be, if you look at the big four banks here. And I've just been seeing billboards going up about safety and security. Love it! Not just because I'm a cyber guy, but they are actually now using that to increase trust in their customer base. And if you don't trust somebody, you're not going to [00:16:00] deal with them.
It's quite interesting many years ago I you know, I've worked in banking for quite a while and one of the CISOs there actually asked me, Ashwin, do you know What we actually traded? The obvious, you'd think money, right? He goes, not, not at all. Real estate, trust? Trust. Ah, okay. Trust. If you don't trust your bank, will you put money in, in that bank?
Asaf Dori: But let me go a step further. I think it's also a part of my research was looking at that is that cyber security capability can be seen and sometimes already seen as potential competitive advantage. And it relates to the part of trust that you mentioned. And one example from an energy company that I was interviewing.
Um, In the energy sector, a lot of like oil companies, they use joint ventures and all of this complicated structures. Uh, and in this structures, if you are being seen as a [00:17:00] trust trusted partner that has their cybersecurity as, as one aspect under control or more under control than others, you'd be most like more likely maybe than others to get a contract awarded to work as a joint venture with a government.
So that's already been seen as a competitive advantage in some scenarios and I can, I can see a potential to develop even more in this, in this space. And then when you have conversation on a board level about cyber as unable, as an enabler of competitive, competitive advantage, that also helped to bring more value to the table.
Ashwin Pal: Totally agree. And especially as third party risk. Um, and supply chain risk is becoming more and more important. Um, cyber security has its time to shine, right? I mean, if you do it better than your competition, there's every chance you should be using it as a [00:18:00] competitive advantage. I've seen multiple requests for proposals and things like that come out, where now, um, if you don't have an industry based certification like ISO or something like that, it's very industry dependent.
You won't even get the chance to put a response in. Right? That's no longer is it that you, you know, it's desirable to have that. It's mandatory. And if you don't have it, don't even bother sending me your
Asaf Dori: business. Yeah.
Ashwin Pal: And straight away, it eliminates. It's quite a few people.
Sean Martin: Again looking at different aspects of business and I, another one that comes to mind is fraud.
Some organizations will accept a certain amount of fraud. Yep. Absolutely. Um, others want [00:19:00] zero if you're dealing with a high, high net worth individual. 100%. Right? And zero is probably the number you're really used to. Cheating for, um, again, think forgetting what it is that it's fraud versus cyber. I expect that organizations have a clear view of how they manage the set of processes, the set of workflows.
Even the set of systems that would make that, well, reduce, get, reach the level of fraud that's acceptable for them in that area. Um, where do we run off the rails when, when we, when we all of a sudden change it from fraud to breach?
Ashwin Pal: Yeah. Why, why, why? And it's interesting, so I'll, I'll give you a little, uh, Um, case study, right, about, uh, quite a bit of work that we ended up doing on the back of that in Asia.
So if you're working in Asia, um, high net worth [00:20:00] individuals, um, so you get the concept of VIPs, and then you have VVIPs, which I only found out when I was working in Asia. And the VVIPs, So, what was, it's, it's not uncommon that, um, you know, so let's say there's a VVIP, um, their credit card gets stolen, right?
And, um, somebody uses it, the fraud systems in the banks will detect it, and then automatically the card gets shut down. Now, let's just take Now, take that a step further, and let's just say that actually happened just before, they're actually about to check out of a very expensive hotel, card doesn't work, and they have no cash.
That's a very bad customer experience, and if you've worked in Asia, they will no longer have that customer. Yeah. The relationship is everything. Absolutely. Now. Um, the way fraud detection systems generally work, and it is getting better, but I'm going back a few years here, [00:21:00] is that it'll first, there'll have to be a fraudulent transaction, which then obviously matches a certain pattern, and then obviously, It'll get flagged and the card gets killed.
How can you make it proactive? So we had this idea that, um, a lot of the stolen credit cards end up in one place. The dark web. Right? And, that's in the realms of cyber. So long story short, what we started doing is basically getting information The dark web, pumping debt into the fraud systems and proactively letting the VVIP know that we have detected that your credit card has actually been breached.
We will issue you with one. It'll be in your mailbox. It'll be with you in five days time. Once you've actually received that, please give us a call so we can cancel the old one or you know, we'll cancel it within 10 days or whatever it may be. Notice the difference in customer experience then? Not only have we not inconvenienced this person.
We are actually proactively [00:22:00] protecting them and their money. Guess what happens then? Hold on to the customer for life.
Asaf Dori: That can lead to a competitive advantage as well.
Ashwin Pal: But, um, and these conversations were actually not having with the security team. We're actually having with the chief marketing officer and the CEO because the conversation was more about Um, you know, protecting your client base, um, protecting your reputation and effectively connecting fraud and cyber.
But then the messaging was purely all actually around. How do we help you retain your customer? How do we help you gain new customers? Because people talk. How do we enhance your reputation? Trust me, CEO didn't hear anything beyond that. But that's the, that's the change in language needs to happen. I love this.
Right. And this is a real story like, and, and that we sold like hotcakes. [00:23:00]
Sean Martin: So how do we, I don't know, maybe some of this is from your presentation today, but how do we move more toward that? Cause I have this whole thing of that we have a bunch of data that we should leverage with marketing. And the rest of the organization and build stuff that's safer and we'll keep customers.
We won't go down that path right now. But what are some of the, some of the things that you suggest to organizations to kind of get a handle on this? Maybe
Asaf Dori: we can start with, you know, one example that we gave as a start. The starting point is just to do a tabletop exercise, a cyber ransomware type of a tabletop ransomware exercise with your director and business executives.
So bring them to the room, do the exercise, and let them see what will happen in such a disastrous scenario. And let them, [00:24:00] uh, understand by themselves how unprepared, potentially, their organization is for such an event. And based on my
Sean Martin: I don't want to do that as a CISO.
Asaf Dori: Hm?
Sean Martin: I don't want to say that my team's unprepared.
Asaf Dori: That's what I say. You need to have business executives and directors involved in that. Because potentially when this is becoming an eye opener, these were, this is going to be the stakeholder that can back you up as a CISO with initiatives to improve back to our topic response and capabilities. And, uh, and then that that can be very helpful.
For my experience doing this kind of exercises, um, one simple example will be you start exercise. You said you've been impacted by ransomware. And then the executives say, what's the first step? And then one executive say, I will open the door. business continuity plan and I will start dialing in, [00:25:00] bringing people in.
Then I'm asking, so where's your BCP business continuity plan? It says on a system. I said, how can you access it? Your system is locked. So you don't have your BCP, you don't have your call tree. What are you going to do? How are you going to bring people in? And then people, you know, left with their mouth open because they realize.
that they're not prepared for that. And that can help you to get buy in to take these capabilities further.
Ashwin Pal: And to build onto that, um, the focus has to be about the business. So a lot of what we do is what we call, um, line of sight exercises. Right, so exercise is a good way because it actually helps people realize, um, the importance if something does go wrong.
Um, but also Sort of highlights the connection between the various areas. And I agree with you. This CISO is not going to want to get exposed, right? But, but the smarter CISOs though, what they're [00:26:00] doing is actually bringing this to the table and using that as a way of showing, look how well we have actually done our piece, right?
So Atlanta site exercises, what we actually do is we, choose, um, incidences that is going to trigger the incident response plan. So we've got an IT cybersecurity incident, right? Which then becomes, and we build onto it, which then becomes, which then creates an outage with the IT systems. So IT disaster recovery plan gets activated.
And then we basically say, um, systems are still down, it's causing a major impact, activate BCP. Right? So it does a couple of things. One, it actually, um, tries to show the linkage and the gaps in between the three key areas. But also, um, generally, not always, generally, the CISOs, Um, remit will extend to the ITDRP side of things, and a little bit towards BCP.
The business needs to actually come, definitely, for it to succeed in the BCP arena, right? And that's where we start seeing gaps. Where the IT [00:27:00] guys, the CISO and the IT teams are going, Yeah, we're good to go, we're good to go. But the business is going, whoa, we're not ready, we're not ready. Like, we need to do this, that, and the other.
Um, and, and that's where the realization is, Actually happens is okay. We need to do more work in the BCP arena. We need to focus more on just brought up business recovery and response, and we need to work with our I T folks more because We are two sides of the same coin. We're not two different things.
And when that realization happens, the, the collaboration increases. And that's, that's key because both parties need to collaborate more in order for, for, you know, for them to be successful basically. Yeah. Yeah.
Sean Martin: Well, I could talk to you guys for hours.
Ashwin Pal: Yeah.
Sean Martin: Yeah. Yeah. Yeah. Recovery is, is important. An interesting thing, and of course it all comes back to risk because you have to understand that if you're going to prepare for the recovery.
Um, I'm hopeful everybody found a few nuggets in this as well. I'm assuming [00:28:00] your session will be online for those who attended CyberCon and weren't able to attend in person. We'll include links to connect with the two of you. I don't know if you have any research you want to share.
Asaf Dori: Yeah, I can give you a link, yeah.
Sean Martin: Share a link to that for folks as well. And, uh, appreciate you spending the time with me today.
Asaf Dori: Thank you for having us.
Sean Martin: Thank you. And, uh, thanks everybody for listening and watching. And I'm going to wrap day two here at Australia CyberCon. We'll have a whole full day tomorrow with more conversations.
Please stay tuned, subscribe, share with your friends and enemies, and we'll see you later.