#206 Madalin Staniu on Cyber Hygiene and the Importance of Trust in Digital World

0:00:02 - Mehmet
Hello and welcome back to a new episode of the CTO show with Mehmet. Today I'm very pleased joining me from Romania. Madalin, thank you very much for being on the show today. The way I like to do it is I leave it up to the guests to introduce themselves, so the floor is yours, Madalin. Tell us about you and what you are doing. 

0:00:22 - Madalin
Thank you. Thank you, mehmet, for having me. I'm Madalin Staniu and I represent Black Bullet. Black Bullet is a technology company with focus on cybersecurity. We are based in Romania. Our headquarters is in Romania. We are delivering services of cybersecurity and software development for clients from abroad, especially from GCC, asia starting this year and America. Of course, the most important clients are from Europe because it's more easy to access them face to face. So we are a technology and cybersecurity company and we started in 2014. 

0:01:29 - Mehmet
How did you start, Madalin? What brought you first to the tech and then cybersecurity? Because you know cybersecurity, people think it's easy, but actually it's a lot of headaches. So what brought you in this domain? 

0:01:44 - Madalin
Yes, I believe I need to start with the first, very beginning in 2006, when I was a developer and I worked as a programmer in a software company that deliver HR software for their clients. 

Since 2013 and 2014, when I decided to move on on entrepreneurship way I don't know I made the journey for the career path, starting as a developer, technical lead, technical director, and after that I decided to move on, to move on on my own, and I decided to start BlackBullet on target digital solution with focus on developing custom software solution, bespoke software solution for our clients. And, as you know, now and it was previously in 2014, you need to have a competitive advantage in the market for setting your services, because setting the services of software development, it's a huge market for everyone but very hard to access the project with added value. So, basically, we added the security by design in our delivery and we started for our clients to deliver solution security by design and after that to deliver security assessment to be compliant with some regulation. So all the clients from, especially from America, they ask us to deliver this kind of security assessment security vulnerability assessment especially and we gained the trust of the clients and for sure, they conduct their assessment, security assessment by themselves, and it was okay. 

So basically, we decided to combine software development since 2014 to combine software development with cyber security and, since we have this kind of services, we decided with my partner in 2017 to join the team and my partner is my brother that he developed the department in a big bank in Romania ING Bank the information security department and after he gained a lot of experience and gained a lot of experience we decided let's go to work together and create two divisions of BlackWallet One for software development and one for cyber security. And I don't know he's very passionate on what has been cyber security and we have been focusing since 2007,. 2017 the cyber security part. My first interaction with cyber security was in 2008, when a client of me asked okay, I will buy your solution, but I need to conduct your security assessment. And it was, I don't know, something mind blowing regarding what does it mean? Cross-site scripting, sql injection? No one cares about this at that time. No one cares in more deeply details, but the security mindset exists from the very beginning. 

0:05:40 - Mehmet
Yeah, that's great to know, Madeline, and you know, like I say, long history. I would say, so let's start before going to cyber security, because you were in the development part as well. So how things have changed from 2006 till today and where you know what are like now the I would say if someone you know is interested or you know they want to learn, because back in 2006, if you ask someone like where should I start, probably they will tell you go learn C or C sharp was still new maybe at that time and then things started to change very fast. So how you know things evolved and you know what are. You know the things that you know any developer should know in today's time. 

0:06:30 - Madalin
I would like to make I don't know to be grateful that we have today. And what we have today is access to more and more information regarding what you'd like to learn in development area. In 2006 it was very hard to see. Okay, I will stay at home and I will learn by myself. 

I don't know programming language. For example, if you'd like to learn NET, it was a little bit easier because in that time and now you have MSDN, the documentation from Microsoft that will help you a lot and you have that MSDN on CDs and DVDs at that time, not only to access very well online, but, for example, if you'd like to learn Python or something I don't know, php, it was very hard to start. I don't know to understand the PHP. Not only that, programming languages were somehow different because on NET you have the background of Visual Studio and the IDE will help you to develop faster and faster and faster. Most of the programmer in PHP was, I don't know. They started with Notepad, some small and it was a little bit hard, but not impossible. Now and I don't want to be biased in what does it mean to AI? But AI will help. You will not take the jobs for developers. 

This is my point of view, and I will debate this, but my point of view is AI will help, not take the jobs and create the code and business logics in the app from the scratch. It will be a long way to that in this journey, but now, first thing. First, you have more and more information, you have communities, you have other partners that you can ask and you have the ability to test your work. Back in 2006, it was very hard to you need to have the knowledge and the experience and the proof of work you made on the daily basis job. So basically, it's wow, it's amazing how the development, development I don't know software development lifecycle is growing in this moment and how you can put in each cycle the cybersecurity themselves to be compliant and to be aware and to road code faster and secure. 

0:09:42 - Mehmet
That's you know. Yeah, actually I agree with you regarding the AI thing. You know it's not going to replace completely, because you still you need someone at least to give the prompt and you need to tell you know what you are trying to do and you need to do the design also as well, because I didn't see any, you know, except like few template thing, but I didn't see, you know, like an AI that can really develop a full-fledged web app to you, because I believe still you need the backend part also as well. I can tell you from my experience, I like to play a lot with AI. So, yeah, for example, it can give you the schema of a database, but it will not go and create the database for you. So you need still, you need still to have, you know, someone who understands the database. 

And same thing with code, because you know my short of the time, you know like it gives the wrong code, so you need to debug it and find you know more. Yeah, so 100%. Now let's, you know, focus a little bit about cybersecurity. So cybersecurity is a very, very, very broad topic and you know for you, you know, I think part of the services that you offer it's also awareness right, so you provide awareness. 

0:10:57 - Madalin
Yes, of course. 

0:10:58 - Mehmet
Now, of course, this, this, this I want the audience, especially because we target startups and you know founders. What do you, as an expert in this domain? Why it's important to have the awareness about cybersecurity and why they should not like think oh, you know, it's not for me, it's for big companies what you can tell us about this? 

0:11:23 - Madalin
It's not about big companies, it's not about small companies, medium companies, about us as a society, because most of the most of the attacks will start with, I don't know, clicking on the wrong link or I don't know influence some, some people that are in some organization, influence some people that have some ideologies and they would like to I don't know, not to harm the critical infrastructure, but to I don't know, to change something in the society. So, basically, it's about it's about the people and everything that starts with the people in cybersecurity. And if the people doesn't have, doesn't have the awareness and cybersecurity mindset, especially to avoid, to avoid some threats, not to block or, but to avoid them, not to click on the wrong link, not to access or download something on from the I don't know Facebook, because now there are paid campaign on Facebook, for example, in social media, they would like to tell you okay, google bar, they, I will help you with your job, click on this and we'll give you a landing page with Google branding and everything, and the click on link and you download the zip from Google Drive. It's unbelievable how and they are paid the ad and everything is statistics here the people will click on that link. So, awareness and returning to awareness and training, yes, it's, it's very important because on behind on each organization small, medium or big organization are people and the people interact with the system and the assets and the most important thing for for SMEs, especially for SMEs, they try to make business with a big player and they are part from the supply chain in this, in this way, and the supply chain is very important for for each organization because one, one link affected in the supply chain will create, will disturb the I don't know the good functionality of the all the flow of the information. 

So, basically, from from my point of view, everything will start with cybersecurity mindset and the awareness and training with with the people. 

Because what we are doing right now at BlackBullet, we are the promote to our clients after we deliver the strategic security services as a vulnerability assessment, pki penetration testing, pki services for inclusion, for example, we deliver for their employees at the final of the report and the radiation plan, let's let's take a look of of your organization and strengthen of of your people in the organization and we deliver custom, custom trainings for for them. 

So, basically, what we are trying to enforce to our and to create a mindset for each of our clients to protect their digital digital footprint and their digital asset, because what doesn't happen internally in the organization and what it's on the internet regarding your organization, it's a digital footprint and the digital footprint is your goal, it's the goal of the organization, because there are your data and what we are trying to protect as a cybersecurity I don't know company consultant and also businesses the principle of cybersecurity, confidentiality, integrity and availability of the data. 

This is the most important thing. That and everything, everything will start with the employees and the people and think about on the long term, on the I don't know, humanitarian, I don't know problem, no-transcript Educator, people in your organization, the people are living from your organization and they go to another organization and they have another employee, but the cybersecurity mindset it's implanted in their brains. So, basically, you will help and you help the society with small pieces, but to your help. But SMEs are, I believe are, the most affected in this part, because they need money to invest in cybersecurity. 

0:16:05 - Mehmet
Yeah, that's a great point and I hear it a lot. They are not after me, they are after the big guys. I don't have money what they will do with me? But actually, these bad actors, they don't think this way. For them it's like lottery, right? They try 1000 victim and then they will say, okay, let's see who would pay us the ransom, for example, or who. And you know, yeah, right, and you know funny enough, madeline, because you mentioned it, it's still in 2023 and still fishing attacks. I'm not sure about the percentage, but I read an article. Still, they are successful way. And why do? 

you think in your opinion? Why do you think still successful? Although, like you know, banks they send to their customers don't click on any link and any organization they will do this, but still people go and click. Why do you think this still happen? 

0:17:06 - Madalin
Because now we have another asset that we need to face it the AI. And we are using the AI in a proper way in our daily activities to automate the processes, to make automation, to make I don't know some data hygiene to everything that will help us, and I think about that. Also, the bad actors using the same AI use the same AI, train in their I don't know in their way to create vectors of attacks, to understand the mindset of the I don't know of their target. Basically, they create the perfect content to be very, very, very hard distinguished from the I don't know. Without softwares, they create perfect fishing campaigns with perfect content, with perfect branding. So that's why it's very hard to identify what is bad and what is good in terms of. You need to move a step backward and let's take a look of the email address, let's take a look at the links, let's take a look if you don't have any system that prevents this, For example, I will give you an example from here, from local market banks are started to create educational programs for their clients. Even there are individual or businesses and they create programs with okay, we usually send this email from this address, we usually contact you from this and this phone numbers. We usually don't ask. We don't ask you the card number via phone. Basically, they create. They create but they are enforced. They are enforced by the regulatory from the European Union Because in European Union we have in Romania, for example, we have European cybersecurity competence center, the headquarters it's in Bucharest in Romania and it's a financial. 

They promote a lot of projects that you can access and they found a lot of projects in cybersecurity. Here in Romania we have a national director of cybersecurity that promote, I don't know, the cyber hygiene for any population on general population. And the European Union came with directives and regulation like Cyber Resilience Act, Dora Act, ai Act, cyber Security, nis Act. So they have a lot of regulation that each country from European Union should be translated in law and what Romania and what other country from European Union made. They are strived to be compliant with those regulation. 

And this, piece by piece, small piece by piece, they work. It works, the mechanism it works. And the level of maturity, since I don't know if you compare the maturity level of general population from 2021 to 2023, it's a little bit increasing because not the victims are less victims, but the people are talking about in small community, at whole community, and the people are discussing and are aware about cybersecurity. So basically, we are returning at the same point. The people are the important key in this thing and, yes, the fishing spear fishing are the most efficient way to create bad things. 

0:21:29 - Mehmet
Yeah, that's 100% right, Madalin, and I think, yeah, people, because they are also now, especially after COVID they sit at home and they had to take care of their own devices by themselves, so they need to raise the awareness. So I think, yeah, you're right on that one. The other thing, in my opinion, why fishing still works and this is for maybe some of the audience, if you are not technical, but I will explain it very quickly so it's because of social engineering. So social engineering is, you know, trying to trick you. In a way. It's not like just sending you a link and say, hey, you won a prize of 1 million euros or dollars or whatever, and click to. It's not like this. 

So what they do is that they try to put you in a situation. This is why it's called social engineering. It's like they play on your behavior, they play on your fears, they play on psychology and I think these bad actors they study psychology very well, so they know how to trigger people and you know the way to trigger. So maybe and you know I've seen this a lot because I studied you know all majority of the, you know major cyber attacks that happened. You know not all of them, but I mean the major ones, and it was always, you know, they played on an emotion side. So, for example, just for the audience to know. 

So one famous attack that happened in the US. So what they did is that they choose a Friday night or afternoon. So when you know the people are in rush, they want to go to the weekend and they want to, just to get, you know, some rest. And then you know this fake message from the CEO I need you know, for example, to share with me this file now click here. And you know the guy is in panic. Oh, that big boss is asking for something. You click so you don't have time to, as you said, to check the URL, to check the email, and sometimes you know yeah, of course, ai, it's now a big thing. So I've seen this article. I didn't check the tool itself, although I like to play with such tools, but this warm GPT right. So I think you have seen it, how you are seeing this now, bad actors also using AI, and how we can protect ourselves in a better way, especially these bad actors. As you said, they are using AI. 

0:23:57 - Madalin
First thing. First let's take a look of cybersecurity environment. Everyone, cybersecurity is developed on the brain of the consultants, of cybersecurity consultants with the perfect tools to protect the cyberspace. Yeah, in a simple word. On the other hand, the bad actors are using, I don't know, on other brains, I believe more structured brains, because they are acting as a whole in terms of, I don't know, activities for actors or bad actors, but everyone are using AI. What does it mean? What AI is doing? Its react is wrapped very quickly, more quickly than a consultant, and you can take a decision in milliseconds. 

A consultant knows they should take a look in the CM to see the logs, to see the I don't know, to make the threat analysis, to understand what happens in these weeks and even if they know they have an attack because last year the average time to identify, to see if to identify an attack was 270 days Then the attack happens until OK, we had an attack when 270 days before. So what an AI helped to isolate and to see we have an attack now and take a decision Regarding bad actors. Yes, if you are training the models by mistake in a biased way, you will have the biased results for your AI model. If, for example, the bad actors, if they are trained the model of AI in this bad way, yes, will act and they create, I don't know, construction of adversarial example, defending against I don't know, some evasion attacks, but they make evasion attacks in learning transfer. So, basically, they have a lot of tools and a lot of knowledge and they share a lot of knowledge within them to create the perfect attack On the other side. 

As a cybersecurity consultant, we are very focused on what happens now and how we can use our brains and tools and this is the main point. What an AI can do can react very quickly. What an AI can do is cannot take the brain of the consultant and create the lateral movement to understand how you can protect yourself in front of an attack. This is in, I don't know, the AI will help a lot, will help a lot, but we need to pay attention how we can train our model in this situation, in some situations, yeah, you know, like I don't put. 

0:27:41 - Mehmet
you know sometimes I start to think about you know companies that they have their own cybersecurity analysts and you know team and I think you know majority of the people like I interviewed here on the show we all agreed that there is a kind of a fatigue. You know people are Like little bit, you know, okay, every day something new every so you see them like little bit demotivated. So here I think, where you know the, the services of companies like yours, Madalin, come into the picture to help people, to take little bit. 

You know I mean to do some of the war because you know it's it's it's not something that one person can do it alone, right, so so this is where you need to have the additional consultancies, whether it's like Assessment, as you mentioned, before the things happen or after, which is, like you know, to do what they call it usually triage and analysis, and and all this. So, but this is a lot of work, Madalin, and I want to ask, like how you and your team, you keep yourself up to date with all these. You know bombardment of information and news, and every day we hear about a new Type of attack, so so how you keep up with all this happening around. 

0:29:15 - Madalin
It's not hard to keep the pace with what it happens because I don't know, you, don't you, I don't, you don't need to solve, for example, what the Microsoft has right now that the encryption key was stolen by I don't know. Yeah, how I can help Microsoft is their problem. They will solve it because if they don't solve it will be a business disruption for them and they will Lose a lot of money. So, basically, what we are trying to, what we are trying to do with our clients to enforce, enforce the Any any zero days that that appear and we communicate the on a daily basis with with our clients on this aspect important as, because it's like in marketing a Clients a client from I don't know legal and taxes has a profile. A client from oil and gas industry has a profile. They everyone protects, protects their assets and protects their debt. This is, this is the very clear from the from the beginning. But one of them are using Apple, microsoft and they don't have servers and other. They have internal servers with different version and we make this segmentation and we send client to the clients, the, the right to I don't know newsletter regarding hey, please, because, please be aware, because we have this and we don't have a patch right now, but you can, you can accommodate this with I don't know this work around. So, basically, we communicate, communicate with, with our clients. It's like a digital marketing, but is that not for? Have leads. It's to Create a trust between you and your clients as a cyber security. Yes, it's very hard to to to send for each small thing, zero days appear. Let's Aware all the clients. No, it's not about. It's not about this, but but what we are proposing for clients is to to this cyber hygiene Periodically, twice a year, to have one to one meeting with the sea level, to have one to one meeting with their IT department or Extended the ID department. Maybe they they need to have us as a extended team or virtual C. So how, how? 

The trend is right now virtual CTO and and we are, we are Very close to our clients in terms of what, what it happens, okay, the, the source, we that we have, we have from our tools that we are using from I don't know internet, and we we keep. We keep close with the community because here in Romania, we are part from cluster of excellence C-square cyber security, cluster of excellence from from Romania, and we share all the information in in this in this way, and we take a look of all the sucks from Health, from energy, from OT sucks all over the world and, okay, we have, we have this problem. Let's communicate to our clients. This is, this is our approach week. We are close to our clients and we communicate the I don't know the potential problem, but with the impact in their business, not Something e-commerce problem that they don't have an e-commerce solution. 

0:33:08 - Mehmet
So this is yeah. 

0:33:10 - Madalin
Especially, especially, on their business. And, yes, yes, they need to keep in mind Everyone, keep in mind the cyber hygiene, because it's very important for everyone 100% cyber hygiene and this is. 

0:33:23 - Mehmet
You know, you remember we're talking a couple of weeks back and then together, and this is something you know, I feel myself, you know and I believe you same, and you started actually this way you said about the society. You know, like it's helping the society and you know, like I'm telling this to the whoever is listening or watching us it's it's not something guys, like you know, don't, don't think about it. Oh, I just have to spend some money on this. You know it's actually to protect your own assets and, again, because the show focus on small business owners and entrepreneurs and the startups owners and founders, so when you are doing a startup, you know you are coming up with something. Probably, if not new, maybe it's something that enhancing something, this thing. So you are creating something new actually, and you know you need to protect your Assets, and these assets could be your source code, could be your designs, could be, you know, even it could be your communications also as well, like it could be your documents, could be your PowerPoint presentation, maybe. If you are raising funds, the last thing you want to do, if you have especially a competitor in the market, the last thing you want to to do or to have is someone take your financial Documents and give them to your competitor because the competitor is willing to pay these bad actors. Okay, this is not ethical. We know this, but this happens and we I heard a lot of stories. You know when people they go out of business because of this. So this is really good. 

And the second thing you know I take away from what you mentioned also as well is and this is an advice Is to to learn about communication skills, because in cybersecurity specifically, you need to explain, not in bits and bytes, what happened. You need to explain in business language, and I'm telling this for anyone who Is willing to to start his or her career in in cybersecurity. Communication is key because people they don't understand your. You know sim logs and no one understand what does it mean that you have some traces of this and you know the dwell time and all this. So you just need to try to communicate it to the executives on a Level that they can understand it. I mean from business perspective. So I like this man. It's like tying the business I mean the technology or whatever cyber risk to to to a Business number. So this is always something I also talked about a lot. 

0:36:01 - Madalin
Yes, in the. Sorry I'm interrupting you, but no. I would like to add something, because when you start the business On the very beginning, from the scratch, you need to to have the business idea, of course, because that's why you start the business. 

Uh, the lawyer and the accountant now in nowadays, in 2006 the 2006 was this too business idea, lawyer and accountant. Now you need to put the cybersecurity on top of this, because you need to protect your, your idea in a, in a simple, in a simple, and not not only that Someone will stole the idea, but, from mistake, you share your idea to others and. 

Is not, is not about stating your, your data. It's about your mistakes that you made as a business owner and what. What I am trying to tell is not it's everyone has a lot of tools and For all, also as a small businesses. Please do not make paper security. Do not make iso 20, 27, thousand as a paper security. No, it's not about that. It's, if you make paper security will be, will be um on your side after that. 

0:37:26 - Mehmet
Yeah, the most easiest thing you can do ever I agree with you is just to have these Check boxes. It's not about this and you know, when I said about someone, you know, data leakage maybe, what I wanted to say, and it's not only because someone come and hack you, it's also because, yeah, you're right, because you did some misconfiguration and to make it more, more simple. So maybe if you are using, let's say, uh, microsoft one drive, or maybe you are using, uh, google drive, so you have put this document there and you you wanted to share it with your colleague and, by mistake, you share it, you know publicly, and you know there are like services when they look for these links and then they find them and then they will take it. Yeah, so, actually, and more badly, if you did the mistake and you gave full access, like read, write, access, then you know they would even be able to delete it, encrypted, whatever you want. So, yeah, yeah, I want to say something. Go ahead. 

0:38:25 - Madalin
No, no, no, it's, I'm perfectly. I completely understand page with you. 

0:38:29 - Mehmet
Yeah, sure. So you know, as we are coming to an end, like what are you know, what are your expectations? What's next for cyber security in the coming? I would not tell you 10 years. I'll tell you maybe in one, two years, because now technology is moving so fast. What are you expecting to see more, whether it's from Advancements in technology or from you know threat actors as well, both sides. 

0:38:55 - Madalin
I Don't know. I will take a look of the of the trends, because the trends that we are having in cyber security it's somehow part. Part of them are reaction of what it happens in In the when you have an attack. So I Believe, at this moment, we have all the, all the tools that that we need. We have all the technology to protect our businesses, to protect our I don't know our Images that we took in a holiday with our children and wife, and Everything. We have the technology, the perfect technology, to protect our date, what, what I'm taking Take a look it's to, to use it properly and to understand again how you, we can use the, the technology. But here, here it's a we will go in a part. 

That lack of specialist that we have at this moment, and Each country I believe UAI is is the same as European countries that they put a lot of accent on on Cyber, on cyber, cyber security. They put a lot of accent on create, create talents in cyber security. They put a lot of talent, they put a lot of effort to, to, to educate their, their people, their people, their general population, how to use wisely the, the solution that we have, for example, digital digital ID. You cannot share your digital ID with anyone that you are code with anyone. No, so, basically, basically what, what we have, what we have will will, year by year. We need to, we need to increase our, our talents, the pull of talents in cyber security, not only, not only to have the talents on in our place, but to understand what does it mean, the digitalization process and what are the risks associated with the digitalization process and the trends, the trends right now? Well, I believe, in few years, some solution, because we have. 

We have at this moment, each solution for each problem in cyber security and they need to be understandable. And what to be understandable? Its Technical guy, legal guy, commercial director, marketing director, to take a look in a dashboard to see the cyber posture of their organization and what we should put and what we should work and we are still working as a cyber security Spanish specialist and community to make, to make the things more human, readable, not command line, and, and I believe the dashboard part will be the next, the next level of cyber security to be understandable by anyone, for I don't know, by a fifth grade child in the school. So this is, this is, I Believe that will be the next, the next step I. 

0:42:17 - Mehmet
Love this. You know, and it's logical because you know, back in the days when Someone if you remember, they used to call it in for second one of my guests he reminded me the other day about it so it was called infosec. And then, you know, it became cyber security. And when you know the world security injury comes to my mind I mean computer security, whatever the first thing you know you see either a hacker with a hoodie or you see a geek guy who's doing the command line, but with, you know, use of technology by Everyone. Yeah, as you said, like we are digital all the way, our IDs, our phones. You know it's part of our lives. So I believe yeah, I'm agreeing with you here you know, any tool that we use for cyber security should be more user friendly. 

I would say it should not be only like for the geeks. I would say like, yes, anyone should come and say, oh, hey, like, for example, here we have an issue because we didn't implement, let's say, multi-factor authentication. So the dashboard is showing us like we are 94 percent Score. Because you know you don't have. And it should explain in a Easy language of says the MFA, what is MFA? It should say okay, because you have a risk that someone might Steal your password and login or your password might be leaked in the dark web and someone can use and login easily. So you need to avoid this. So hundred percent on this one and final you know question. I always have the same question Is there anything you wished I asked you and how you would answer that. 

0:44:01 - Madalin
Yeah, it's very, yeah, I believe that what, what I, how, how you protect, how you protect your, you as a person, how you, how you react on a digital space. Yeah, tell me if you're asking. So what, what I am? I'm doing right now I'm put the less information about the personal life, because less information about personal life Will not give you attack vector on an emotional part. So, basically, don't put the your I don't know your photos from your holiday with your child on social media. Don't share your I don't know, check in, check in every day where you are going. So, basically, protector, give your privacy because it's your privacy. So, protect, protect yourself. 

On the other side, on, on the business part, you cannot sell without Something that you cannot promote on social media, because on social media, linked in Facebook, twitter, there are communities and this, this part of PR and small marketing acts, that that you make, will give you a capitalization of, I don't know, trust in in the community. So it's a I don't know, not a bad thing, but some, I don't know, yes, a balance. So this is, this is what this is, are my, my, my thoughts protect your privacy in a private life because you are I don't know Of, of the your, of the spearfishing, for example, and okay, promote yourself as a, as a business owner, because I believe at this moment, not, the company will sell, will sell the, the people from behind, because Influencing selling and the, each company will create the influencer for for selling. Yes, this is a good part, but not not too much information to be exploited. 

0:46:22 - Mehmet
This is yeah, that great one, actually, I would say. And yeah, you're right, you need to do the balance between. You know I don't share personal. You know I used to maybe 10, 12, 15 years ago, but I stopped so because and even I deleted, you know, majority of the things. Because what? Then? You know that that Vector was not there at that time and once I said, okay, so some, for example, facebook and all this I Instagram. So now, but yeah, like you need to sell. I mean you need to establish your personal brand and you touch base on something. 

Also we discuss on other episodes about you know, tech influencers. You know like, yeah, now companies are looking for people who can be their kind of ambassadors To talk about their technology services, whatever. Yeah, and you need to do it because if you don't do it, people they would not know about you. And you know the old-fashioned ways of selling. I'm not saying they are not effective, but they're not effective like as the new ones. So, picking out the phone and talk to someone out of the blue, okay, 10,000 in one, maybe you will succeed. Reaching someone in email Okay, why they should reply. You know there are. I receive more than I don't know, I don't count exactly, but Hundreds of emails per day from people you know trying to sell me something. So you need to differentiate yourself, and one way to do it is through social media because, as you said, there are Comments is over there. So good, you brought this point. I think it's a very valid one. Well, madan, like Thank you very much for your time today, where people can find about you and your company. 

0:48:08 - Madalin
You can find me on LinkedIn, Madalin Staniu, and, of course, on our website, black bullet dot ro, and you can reach me Anytime because I'm available available for not only for business, but only for discussion. To to create this cyberspace more, more secure and to protect our Future generation, child, to to be to stay in not a biased way, to stay in a Proper, proper environment. 

0:48:43 - Mehmet
Yeah, that's great. I will make sure that I will put the links in the episode description. Thank you very much, Madalin, for your time today for the audience. I hope you enjoyed the discussion today. It was a little bit we tried not to go too much technical, but I think cyber security I Thought I touched base on it in couple of episodes, but from time to time I always feel that we need to have our as Madalin said, like we need to have our mission to remind you about the importance of Cyber security and hygiene, because it's not only about you know and I know guys, I know, like you know, you see a lot of companies. They bombard you with their marketing as stuff and you know zero thrust and you know we are the best and you stop. It's not about this. It's about the awareness what's happening then type of attacks, about how you can protect yourself and the privacy that Madalin brought at the end also as well. So I hope you enjoyed this episode today. 

If you have any questions or feedback, please reach out to me. You can find also a link in them. You can send me a message. Also, if you are interested to be guests on the show, don't be shy, reach out to me. It doesn't matter where you are in the world. I can afford the time zones. I'm like lucky to be kind of middle of the world From from time zones perspective, so I can speak with you anytime which is suitable for you. Maybe it's afternoon or morning, it doesn't matter. Thank you very much for tuning in and we'll see you again next episode. Thank you very much, bye, bye. 

0:50:12 - Madalin
Thank you, bye you. 

Transcribed by https://hello.podium.page/?via=mehmet