Simplifying Cyber
This show features an interactive discussion, expert hosts, and guests focused on solving cyber security and privacy challenges in innovative and creative ways. Our goal is for our audience to learn and discover real, tangible, usable ideas that don't require a huge budget to accomplish. Shows like “How It’s Made” have become popular because they explain complicated or largely unknown things in easy terms. This show brings the human element to cyber security and privacy.
Simplifying Cyber
Threat Intel Networking: The Power of Peer Connections with Grace Chi
Grace Chi, co-founder and COO of PulseDive, takes us deep into the often overlooked world of cyber threat intelligence networking. Grace has become a passionate advocate for the human connections that power effective security programs, conducting groundbreaking research on how threat intelligence practitioners share information.
What makes this conversation especially valuable is Grace's focus on the practical realities of threat intelligence implementation. She reveals that while formal structure or groups like ISACs provide important frameworks, the most timely and actionable intelligence typically flows through one-to-one relationships and trusted peer networks. These connections become critical during security incidents, when having someone who can provide just-in-time context about a threat can make all the difference between detection and compromise.
The discussion tackles common pitfalls in threat intelligence program development, particularly the tendency to invest in platforms without proper implementation planning or ongoing maintenance resources. Grace offers concrete advice for organizations at different maturity levels, emphasizing the importance of starting with clear requirements, assigning dedicated point persons for implementation, and understanding pricing models before making significant investments.
For those building threat intelligence capabilities from scratch, this episode provides a roadmap that focuses on identifying organizational pain points, leveraging existing talent, and implementing capabilities incrementally rather than attempting to configure every available feed immediately. Grace also highlights the critical distinction between external intelligence sources and the often-underutilized wealth of internal telemetry and observations.
Beyond the tactical aspects, we explore how threat intelligence must be communicated differently to technical teams versus executive stakeholders, and how building a diverse network across multiple channels creates compounding value over time. Whether you're a seasoned security professional or just beginning to explore threat intelligence, this conversation offers insights that will help you build more effective security capabilities through the power of community.
Thanks for tuning in to Simplifying Cyber. I'm Aaron Pritz and I'm Cody Rivers, and today we're here with Grace Chee, co-founder and COO of Pulse Dive. Welcome to the show, grace.
Speaker 2:Thanks for having me.
Speaker 1:Awesome. Well, we were lucky enough to meet each other at Cyber Marketing Con in where were we? Philadelphia, pittsburgh, philadelphia, yep, philadelphia, you know, in December, which is the best time to be in Philadelphia Just kidding, beautiful but or not right after the Super Bowl, because that got a little crazy up there. But anyway, we were really excited to talk to you because you're doing so many things for the cybersecurity community and specifically threat intel. But we wanted to focus our topic today on the state of sharing, and sharing is so important within cybersecurity and what you do at Pulse Dive obviously opens up a lot of that sharing. But I want to cover people process technology sides of sharing and tips for our listeners of how they can get more plugged into the community and, most importantly, share information, receive information and use it to help reduce the risks that we're all focused on. So let me let you give a little bit of a backstory on yourself and then we'll dive right into that topic.
Speaker 2:Yeah, we'll keep it sweet and short. So Pulse Dive is a vendor in the space. We offer community-driven threat intelligence and everything we do is focused around creating frictionless threat intelligence solutions for growing teams. So that means, whether you're the single IT person that somehow is also responsible for all of security in a small org, or you have an established, large, flourishing budget and group of people and processes, there is something that fits for you and the focus, our keyword, is frictionless, because we think that in security there's a lot of technology, there's a lot of talent, there's a lot of processes, but it becomes very burdensome in a lot of ways. So personally for me, I came in from a non-security background. I had some experience with security startups before, but as I jumped into the space of threat intelligence, which was not my domain expertise at all, and still today, right, if you ask for specific threat intelligence expertise, I'd pass you to 1000 people before I'd recommend myself.
Speaker 2:I work a lot on the business side, but I love the threat intel community so much and I saw as I was getting in and there's all these shiny tools and cool you know exploits and lots of news about threats.
Speaker 2:At the end of the day, digging in deeper in my first couple of years with Polstive, I realized a lot of this was still happening on a very peer-to-peer, one-to-one basis, and so, as you mentioned before, the state of sharing that ended up driving some of my research, which was completely not vendor-driven. It doesn't lead to any deals for me or anyone else. I know about what is happening within the CTI space when it comes to networking and by networking, not technical networking and also not networking for a new job or to close a deal or something. Networking in terms of I'm a threat intelligence practitioner or adjacent practitioner. I need to do better for my company and my role. How do I connect with people that way? And so that led to a huge report and that's one of my passion topics that I do in conjunction related to Polstive, but really not a direct output of you know, driving the Polstive business.
Speaker 1:That's really cool. So for those that haven't seen that report, give us the high level synopsis of what you cover and what what they you know. If they go download it now, what, what, what, what can they do with it?
Speaker 2:Yeah, so these reports are fully ungated.
Speaker 2:I did two years of this because I wanted a quasi-lateral study over time of how there were trends that were changing.
Speaker 2:But my hypothesis going in was that while this quote-unquote networking CTI networking phrase was extremely valuable, it was underrepresented, under-acknowledged in the space. It's under-acknowledged in the space. So people put a lot of emphasis on what tools you have and potentially what you've implemented, what your program looks like. A lot of the value that was driven was somebody who's giving you a just-in-time warning because you met them at an event or you connected with them through an ISAC, a sharing group, being able to get you ahead of a threat or just-in-time for a threat. But that was never really attributed to. So I went in and I said, as I'm observing this field as a little bit of an outsider, how much of this is taking place in these one-to-one DMs or in these trust groups? Let's demystify that for everyone else who says they're interested in CTI, trying to build up a CTI program. Maybe there's a security manager who doesn't really understand or acknowledge that at all, to have awareness that this is happening and it can be a leverage, strength and skill versus a liability.
Speaker 3:Awesome. So, grace, this is very interesting to me. I think you know, here in Indiana, myself and Aaron are involved with the ISAC group but trying to get this started and we learned of it from the national stage with, like, the health ISAC and they do a great job but, to your point earlier, they don't have the budget to get there, for travel or the cost of membership. So what do you think you're doing? Like that's, that's kind of new, and give us a kind of some insight of like connecting folks to your point of like if they can't afford to get to an ISAC? Or you've got health ISAC and financial ISAC. So how do you kind of take these little different communities and kind of distill them down and open the doors?
Speaker 2:Yeah, that's a great point, and I'll step back into the research I had done, because one of the key points was what channels are people connecting ISACs and industry? Formal groups was one. There's social media, which, for all its toxic junk, there's also still very much, so value there. Reddit is obviously a fan favorite, and then there's also one-to-one and industry events and so forth. So I think there were seven channels that I looked into and you can find all this on blogpulsedivecom if you look for the CTI networking report. And ISACs are really valuable because they are established, they have key membership players, they have funding, they have tooling.
Speaker 2:The truth of the matter is a lot of the companies out there that need to be plugged into the threat landscape and what's happening don't have the capability, and even if they had the money right, they might not have the time because they're stretched very thin.
Speaker 2:And so what we saw in the research was that one-to-one and peer-to-peer relationships so unstructured let's call it free and ungated in terms of who you're affiliated with were always the most valuable, the most timely, the most actionable intelligence you could get. But outlets like ISACs, outlets like industry events so a B-sides conference, which is what $5 to $50 max being available and active online on social media within your comfort. Those were all feeders to get you connected to the people that could then think about you when they see a piece of a puzzle that might impact you. And so ISACs are really valuable, but they are not one and only. I think they just come up as the first kind of obvious structured component right channel that somebody can get involved with. But I also hear a lot of times that it's great that these exist, but they are a gateway for then the practitioners that are member organizations that then talk to each other more directly too, versus just in the formal meetings and the formal settings.
Speaker 3:Yeah. So that kind of goes to my next question too, which I think is key. One thing we get, you know, you see a lot of threat intel like vulnerability, any topics or tactics from bad actors. One thing that we get from virtually every client and potential client and just kind of colleagues in the industry are benchmark data and particularly around like NIST assessments, and that we get a lot of it. We have a lot of internal stuff that we've developed because we have our clientele growing and benchmarking for, call it, small financial regional bank or something or global pharma company under 40,000 employees.
Speaker 3:But that's one thing I see as a gap right now is that people are sometimes scared to share or don't have the avenue to share that data. And then also you don't want to be public because I don't want to say, hey, I'm a 1.5 in recovery or something, so recover. So I think do you see anything like changing there or any ideas on like how that improves or how we kind of get access? Because benchmarking I think is also valid when you're looking to go fight for budget of like this is where we stand against our peers or our you know that data right now At least I've not seen yet and you can chime in you know that we've not seen freely available outside of things we have ourselves.
Speaker 2:Yeah, and I think, benchmarking. So that leads to some of the challenges that we looked at, and some of the top challenges were legal liability right, your legal team does not want you sharing anything you've seen because that can cause all sorts of issues, even if that might have positive benefit of you sharing the data. Two, there's also TLP right, so can you share something, even within a trusted group? Obviously, publicly is not always the best. And then also like fear, like reputation and just competitive advantage right, those types of external factors that have these security practitioners being like I'm not allowed, I want to, I'm not allowed to.
Speaker 2:Unfortunately, I think the truth about benchmarking is, with any sample size, a lot of data is not there and where I'm witnessing in my research, it's more of an intuitive like have you guys seen this? I'm witnessing this issue. Are you also getting this? And I will not name any names, but recently I had a lot of people reaching out to me because I do love connecting people for the sake of them helping each other in their roles.
Speaker 2:Being like we got an alert from this vendor that you know one of our clients are compromised and we have no idea. There's no details. Help me, because this is becoming an incident for our client, but we don't even know what the validity is right, and so I can bring them saying, oh, I know that you have a shared vendor, or, hey, I know somebody who used to work there, help paint a picture, and so, unfortunately, this is a very anecdotal, point by point and not a large benchmark. But when it comes to these moments where there is a fire, how much you know somebody or can get connected someone to give you pieces of the picture so you're not scrambling to write a full RFI and doing research or using ChatGPT to make up some sort of essay for you is really important because timeliness is so key in all of these events.
Speaker 1:Awesome Grace. Do you have any? Obviously being so close to Threat Intel even though I think you described yourself you're not a threat analyst and you came from more the business side but you probably have come across a lot of stories of like how Threat Intel saved the day or prevented something. So do you have like a marquee story that you like to tell about that would maybe encourage those that are maybe starting to build their threat intel program or they're not quite there yet?
Speaker 2:We had a workshop, so there's a few quotes, and I like quoting the customers and the users versus like our own stories.
Speaker 3:Sure.
Speaker 2:Because I just feel like it's way more interesting. Right, there was a workshop that we had delivered. It was about and you would love this connecting threat intelligence and risk because the different audiences, same type of shared outcomes, a lot of overlap, but not in how things are executed. And I found this really great example of threat intelligence people being successful in a Reddit thread and they were saying, when risk was coming to ask me about you know what policies, what processes, what structures, how to react to certain threats on the risk register that are coming, they were helping define that.
Speaker 2:So, at a process level, having threat intelligence become this trusted advisor to help translate right, because threat researchers, threat intel analysts are very analytical, they can process, they can communicate well is great. From the program level On a very discrete, granular level, there are times where somebody who's working in a threat intel hat maybe they're in a SOC, maybe they're dedicated threat intel on a team. I have some of these vignettes as well in my report. They'll say I got an alert over the weekend that some compromised network was related to our environment and so I sent that over and I became the conduit of all these other sources that were providing granular raw data to the incident response team, and so this is a way in which you have this awareness, this almost like presence in the market of peers, that they can reach out to you as an intel analyst, intel practitioner, to then help be a channel to communicate information to the right team members at critical moments in time.
Speaker 1:Great, all right Grace. I'd like to pivot to. You know, at RevealRisk we do a lot of process-oriented work and I feel like we're big supporters of tech. But tech without process sometimes can result in more risk and more complications. So we spend a lot of time building and improving processes that make tech and cyber work better. So I would like to talk about that specific to threat intel and threat intel programs. How does the role of process come into play? Where have you seen examples where lack of process can make for not a good program result, and maybe those that have invested in it? How do you invest in it if you're an early program adopter?
Speaker 2:Yeah, with threat intelligence in particular, this was one of the biggest headaches that I witnessed working with our clients and users and as a awful salesperson. Sometimes I would say, hey, you don't need the thing that you came to us for. And I ended up writing a blog about this, about tips for tips. So tips for threat intelligence platforms, and it was about building a process around the procurement piece of getting a threat intel platform. One of the products threat intel, all security products there's a lot of noise, a lot of new adjectives, a lot of new abbreviations that can be very confusing for customers. Sometimes it leads to somebody, maybe outside of the organization or program itself, demanding that you know you get a new tool or saying, hey, we need this. Or sometimes it goes bottom up where somebody says we need it but then at the point of successful implementation it's not resourced properly, right to succeed. And so I had kind of three key tips, and one was building requirements.
Speaker 2:Threat Intel folks are very good at requirements overall, but not always necessarily in procuring technology like a platform for themselves, and so we talk about and we introduce like what a Moscow method is and that the must have nice to have right will not have type of tiering as well as applying that to like the NIST cybersecurity framework, depending on how deep you want to go, and then assigning a point person. It is unbelievable how often people are like let's buy a platform and then we just like turn it on and then we're going to walk away. And I say all the time, if you're not curating the data, if you don't have some sort of automation, feeding, unique internal telemetry or feeds, and then you're commenting and manipulating that data for your benefit and pulling that out, you don't need a platform. I would love the paycheck if you need. You know. I would love it if you wanted to procure either way to check a box, but you don't need this. You could do just as well with feeds and APIs, automation and other ways.
Speaker 2:And so what we hear a lot is that, process-wise, they're not actually thinking about one, the requirements of what does it need to do day one, day 30, day 60 versus shiny bells and whistles of what it could do in the future for undisclosed price point. And then two do you have an engineer who's building the integrations? Do you have an analyst who's going in? Is it not just supporting a POC but also supporting the maintenance of this product over time, which sounds so obvious, but it is something that I constantly am reminding and pushing our clients who are in the procurement cycle to think about and to really address early on. And then the last piece I had was confronting pricing. Very early and often and there's no vendor bashing it can be very confusing. But when you go in thinking positively or not fully understanding pricing models, scaling models, what integrations or what seats will cause more pricing, that can cause a lot of pain on both sides and end up being churned for unfortunately for both sides as well one year later during renewal.
Speaker 1:Yeah, what you said really resonates on the buying tools and then walking away, and I've had conversations over the years of what drives that mentality. I think there's something in the reward system within IT of how IT projects are awarded, and the word project doesn't necessarily imply the ongoing care and feeding and support and building it to scale. So I think part of it is. A lot of us came up in IT and delivery and project execution and there was always a new initiative each year and it was easy to neglect last year's initiative. So I think same thing with threat intel programs, grc programs. You got to plan past the launch, because usually that's not the launch isn't where the value is. That's usually like base MVP capabilities and, like you mentioned, integrations, use cases. You know who's going to consume the data. All of that is process work. That's not going to come from any vendor out of a box. That there's no magic and you can find people that have done it before and get those people.
Speaker 2:But on the flip side, like don't expect because it's going to be a big letdown that the tool is going to automatically do everything, that a end of the year you don't have that ROI and fingers are being pointed, so you're in a defensive position, and that's the last thing we would want for any of our customers. And the other piece as well is being able to say that this is the product that we need, that's going to deliver XYZ immediately and over time too. So it is a big sticking point. It is something we repeat to our customers over time and we almost challenge them in some ways, like can you answer these questions? Do you have a requirements sheet that you're allowed to share with us?
Speaker 2:That's like you know, cross out so we can tell you what we can and cannot do right now in terms of your use case. And if you don't have a use case, you know. Once again, I will help them as much as I can, but there's no vendor and if there's a vendor giving you these answers, they're just giving you the answers that they are going to score a hundred on.
Speaker 3:Yeah, yeah, grace, thank you too. So I love to give out tips to our listeners and kind of like, if I have nothing now, what's the next, my next three steps, and so thinking from like a break into three phases of like gather, review and action right, new program, new CISO, new person in security? We don't have a threat intel program yet. What are some like here's three steps or kind of. You know, the first, like 90 days, I'd look into, of setting up a threat intel program. Or even, just to your point, I've got all these feeds. How do I gather, review and action threat intel?
Speaker 2:Yeah, and this is a challenge that even as a vendor I faced, where I've gone to clients being like I will give you a year of feed for free. Can you just one-to-one benchmark we talked about benchmarking Tell me what we give us, Tell us what our false positives, tell us what our false negatives are. And there's just no capacity. We've gone out and said we'll give it to you. Can you do this? Can you help us with this research? And the answers have still been very anecdotal, right, Piece by piece. We got some feedback. It helped us improve our algorithms and our processes, but it was never at that top level that we'd hoped for that academic level of research.
Speaker 2:But I would say, if you have a security environment and you're considering threat intelligence, call me old-fashioned, but I'm like where are your current pain points right now? Where are you wasting too much time? Where do you need capabilities that a single resource that you have could peel off some hours? Or there is talent in your team that is interested, right, being able to nurture a stock analyst or a detection analyst or somebody malware reverse engineer who likes intelligence, to then think about it from that level and then do research and context and look at what the capabilities are is really important, versus thinking, well, we first need the tool and then all these crazy commercial feeds, and then we need to join an ISAC all at the same time, because you won't have the structures to support it underneath to get your ROI which is the most important thing right, the ROI that then reduces your risk.
Speaker 3:Yeah, I think from like the if I'm thinking of like strategic, operational and tactical kind of like those different tiers At the tactical level, yeah, we see an increase in Citrix vulnerabilities or RDP and manufacturing or you know some like legacy tech or OT stuff. And then I think at like strategic level of like the same threat intel to two different people yields two different outcomes, and so how do you kind of delineate what goes to my tech tactical team for the firefighting and then what goes to my executives for additional budget or capacity planning and those kinds of things? And I think that's where I think a lot of our at least some of our clientele have struggled of like they get a feed from their MDR provider or you know, or maybe they've got recorded future or one of those types of services. But then it's like I don't know how to change the narrative and push it to the right person to then warrant action.
Speaker 3:I think to your point earlier, that's kind of where it's harder than, at the end of the year, assign an ROI to it. Did we get value from it? Do we just not use it? Do we need to action it better? And I think that's a lot of our findings we see in our NIST assessments with clients is like I've got threat intel but I need to action it better. But I need to action it better, but I don't know how to action it better.
Speaker 2:Right and the most granular, is like we need threat intel and then they get an abusech feed and they're like, okay, we have threat intel now, right, and that's fine. That's a starting point. It is a decent, high-fidelity, open-source feed. But where I do see a huge gap and it really takes a special type of advocate in the organization and leadership support is being able to speak to that risk and executive team. I think the tactical support and the even operational level intelligence there is good groundwork there. But when it comes to even the intel cycle of collection and processing and analysis, there's strong communication.
Speaker 2:I have my thoughts about it. I think it falls apart in a lot of ways. And then getting the feedback right so communicating findings in the right format to these different levels of teams and then actually pulling in the feedback from the board, from the CISO, from the CEO right About risks, what they're looking for, and then how to bring that back through the cycle again is something that's come through a lot of maturation, I would say as just an area of focus, even in the last five years no-transcript.
Speaker 2:That's a big, that's a tough one, and I don't want to be the security person that says it depends on what you have, but obviously it's true, right Depends on who's on your team, what kind of buy-in you have from leadership, what kind of support you have right within your existing talent and technology stack. But I would say the one big miss that I see is like industry level and peer level research. I think what we hear in the news cycle is, oh my God, ransomware, why, oh, there's a war in Ukraine? And then everyone and all the leadership is like tell me about this, when it may or may not even be relevant. So Scott Small over at Tidal Intelligence and I think Simone over at Orange Cyber Defense also delivered a workshop about how to do threat profiling for your organization in a realistic way, versus drowning in spreadsheets with data that you're just making up right. So being able to look at what your threat profile looks like as light as you have it, but definitely creating that kind of dossier for yourself, is important.
Speaker 2:The other piece of don'ts is don't just try to configure every feed.
Speaker 2:It's going to be noisy, it's going to cause a lot of headache, it may cost a lot of money that your leadership isn't really going to understand the quality of.
Speaker 2:So it's much more of a be selective and implement over time so you can actually begin to see what feeds are providing valuable enrichment for you, what types of data, what type of IOCs are important, as well as like what types of potential, like tooling or commercial vendors you're purchasing from that have the capabilities that you need in smaller batches, because we do know that there are teams that are like, oh, we have an open source platform, like a mispronouncement, just add everything, and then they're spending their time calling or just drowning in alerts, not really thinking at that strategic level of what is providing value.
Speaker 2:And then, of course, selfishly, I'm going to say getting engaged in the network, whether that's a trust group, whether that's just people that you've known over time, that are working on similar projects or that can offer you insight into new tools and new techniques that are helpful to keep you on track of your news and just be able to think about you. New techniques that are helpful to keep you on track of your news and just be able to think about you. That has compounding value over time as well, even though it does take time and effort right from day one to build up.
Speaker 1:That's awesome. I'm curious your thoughts on threat modeling and what program CTI teams or cyber teams in general should be doing with threat modeling. And when I was a Six Sigma black belt on the corporate side, we had a tool called FMEA failure mode and effects analysis and it was kind of very similar. That was for analyzing a process and anticipating what could go wrong. But threat modeling and then kind of using Intel to validate or to focus you in, I think is super powerful. Give me your thoughts on that, and is threat modeling something you advocate for?
Speaker 2:So I will say that is it, in theory, something I advocate for? Obviously there are threat models out there, but I think somewhere where I do see the pitfall is, I see assessments from certain vendors being like oh, mitre attack, right, we prevented 100%. Therefore we are winning as a vendor. And I think that's the mistake. Where, let's say, you've modeled something out and you have detections that fit what is already known. Unfortunately it gives you a false sense of security in a way, and it becomes a sales tactic. So I would pass it off to someone much smarter to myself to say, hey, use this specific tool set or this specific GitHub repo to guide you. But I'm not anti, it's just I think that in a lot of ways it becomes convoluted with sales processes, like a lot of a lot.
Speaker 1:And I think threat model is to model something you have to know it Whereas threat intel you could be learning something that's a zero day or an unknown. So I think maybe there's a place for it, but not being overly complacent that hey, we've modeled our threats, so we're good. Or whether it's a corporate practitioner saying that or thinking that, or if it's a vendor trying to claim turf in their sales pitch.
Speaker 2:Yeah, and I think the other piece that this reminds me of is like the do's and don'ts. When I talked to or just witness conversations, discourse online, a lot of threat intelligence conversations used to be about external stuff, like what can I buy externally, what can I get extra, what tool can I add? And not enough time and effort was focused on internally how much data can you track? What can you learn? What have you observed? How do you structure that into intelligence in its own right that is then enriched by external sources? So I do think that that's another piece where having a threat profile, being able to understand your threat model, being able to understand your risk appetite related to threat intelligence, is important, where we need to not only look outwards but make sure that the internal stuff which is really valuable, that no one right will be able to just sell to you in a feed, in a CSV or Stix taxi format, we'll be able to compound, right, force, multiply any tool, any process, any person you hire on top.
Speaker 3:Awesome? I think so, Grace. This has been phenomenal conversation. We like to always kind of at the end, kind of in with like a fun fact or something about a fun story. So for those out there who had never met which most people have never met before on our podcast until today, what is a fun grace fact that someone may not know off the street? You know, it could be history, it could be a fun talent.
Speaker 1:Is this a reveal? Is this going to be some intel on Grace that the community doesn't know? My goodness.
Speaker 2:There's some intel. That's more I've shared before in the past, even if they don't know me. But this one is fun. I don't talk about that much. I do have some watercolor illustrations published in an art history textbook.
Speaker 1:Oh, that's pretty neat. How long have you been painting?
Speaker 2:My whole life, I think. Back in the day I was learning piano and I hated it and my mom, being so smart, she was like that's okay, you don't have to do this. Because I was dragging my feet every day. And she said then pick something else you want to do. And I said art. And then I think, because as a child I picked it I kept with it much better than being told right, that idea of choosing to do something versus being forced to do something. And so ever since then I would just take so many art courses. I still practice. I take commissions once in a while, but it's more just for fun, it's just a way to get away from the screen.
Speaker 1:That's awesome, very cool fact. Now we're going to have to do recon to find a piece and maybe we'll land that in the post cover of this podcast.
Speaker 2:So if we can find it. Maybe I'll share something with you. We'll see.
Speaker 1:First see if we can find it that would be the security answer and then, if we fail, if our pen test does not work on whatever the public domain this is, then we'll ask it for you, okay, perfect. Awesome. Well Grace, this has been an awesome conversation. Really appreciate you coming on to share with our community and talking about sharing and intelligence, so I really wish you best of luck and appreciate your time.
Speaker 2:Thanks so much for having me again. Have a good week.
