Modern Cyber with Jeremy Snyder - Episode
8

Evgeniy Kharam of EK Cyber

In this episode of Modern Cyber, Jeremy talks to cybersecurity veteran Evgeniy Kharam about a broad range of industry topics including the complexities of managed security services and the importance of soft skills.

Evgeniy Kharam of EK Cyber

Podcast Transcript

Jeremy at Firetail (00:00.686)
Hello, welcome back to another episode of the Modern Cyber Podcast. If you are joining us for the second or third time, please do us a favor, hit that subscribe button, follow us, like, share, all that good stuff. And you know, if you do get the chance to rate and review, it helps very much. We are thrilled to have somebody on that I have spoken to a number of times and somebody who's been in the cyber industry, honestly, I think about twice as long as I have, and probably has about twice as much depth of knowledge as I do as well. We're...

thrilled to welcome Evgeny Karam to join us today. Evgeny is built and wired differently as a father of four, including twins. He has mastered the art of remaining unflappable in the face of adversity, arguably a very, very strong skill in cybersecurity as well. But again, his career began on the technical front lines as a firewall deployment engineer and has evolved remarkably to a VP role, VP of architecture at the Herjavec group, a name that I know many of us are familiar with. Evgeny's journey has provided when.

with a panoramic view of cybersecurity, showcasing his ability to navigate and lead across all of its domains. Beyond his corporate achievements, Evgeny's passion for the field exists to founding two podcasts himself, the technical security architecture and the other business focused cyber inspiration podcasts that I've had the pleasure of being on myself. And Evgeny moderates panels and does interviews for the entire industry.

He uniquely blends his personal passions with his professional life by co -founding a cybersecurity focused ski and snowboard conference, which sounds amazing, and creatively merging lifestyle with industry engagement. Evgeny now runs his own cyber and media consulting services, leveraging his extensive industry knowledge and media expertise to guide clients through the complexities of cybersecurity. That is quite a journey, Evgeny. I don't know where you find the time, but thanks so much for joining us today.

Evgeniy Kharam (01:48.005)
Did you came up with everything yourself Jeremy right now? This was quite amazing. I could use it later on.

Jeremy at Firetail (01:52.11)
Hey, look, I put in some ad libs to the copy that they gave me, but I know you and I've talked to you a number of times and it really is a pleasure to have you on here today. I really am curious though, that is quite a journey. You've gone through technical roles, you've gone through media roles, marketing roles. How's the journey been for you?

Evgeniy Kharam (02:14.053)
Well, so if you ever worked with Robert Hovjovec on Hovjovec Group, it's quite a ride. It's a very, very fast ride, very, very fast company. Not for everyone, but for me, it was definitely interesting to be part of so many different things. Like I started the journey as a deployment engineer, but by being and working with so many vendors, I had the opportunity to work with more than 400, 500 different vendors, maybe even more. So how are the speeches from different people, the pitches from different people?

people to actually pitch with vendors to the customers as well. So definitely, definitely humble for the journey. I like the journey. I was able to kind of get a lot from everything from project management, from deployment, from pre -sales, from post sales, from architecture. I'm definitely happy where I am. People told me that I probably stayed too long in one vendor, 16 years, 16 years in one company. But it is what has happened. I...

as I call it, graduated last year and now running my own consulting company that's been quite right as well so far. So very grateful where I am, very grateful to the people I meet like you again, we met through the podcast, we met through the LinkedIn and I'm very, very surprised that quality of people you can meet and also how great are the people because if you ask me like five, six years ago,

Jeremy at Firetail (03:20.43)
Yeah.

Evgeniy Kharam (03:39.717)
or you're gonna be on the call with the CEO, with the CTO. I'll be like, oh my God, oh my God, I'm gonna have CEO Nicole. They're probably some kind of magical special people that we cannot talk to them, but they're awesome people. They're like you and me, you're a founder, so you are magical. But they're great people that took an idea and moved it a bit farther from the idea to actually execute it.

Jeremy at Firetail (04:02.382)
Yeah, it's interesting. This point about the people you meet is something that I'll be honest, you know, there was a couple of years ago, I actually thought about getting out of cybersecurity and whole range of things happened. I had a little bit of career burnout. I had overworked for a couple of years in 2018 and 2019. And I really did feel like I needed like a bigger career break. COVID lockdown kind of changed my opinion. And there was a number of things that happened around the same time that made me stay in cybersecurity.

And one of the most interesting things that I've observed kind of coming out of COVID and then getting back into meeting people in person at RSA, Black Hat, industry events, et cetera, is I think this is the industry where I've seen people have the most human personal connections. And one of the little kind of measurements that I use is how many hugs do you get from people working at other companies?

not partner organizations, not customers, not your investors, but just people that you know who've been in the industry and the default greeting is.

Evgeniy Kharam (05:08.742)
Isn't this just part of culture? Depends from where you're coming, you're hugging or not hugging for personality.

Jeremy at Firetail (05:15.342)
I don't know. I mean, look, my family's Finnish. We don't hug in Finland. But I find that in the cybersecurity industry, I get more hugs than any other technology space that I've ever worked in.

Evgeniy Kharam (05:27.397)
It's just because of the entire idea as a service. So now it's hugging as a service, you know, that's it, you know, which is.

Jeremy at Firetail (05:31.534)
Could be, could be. I like to think that there's something of like a shared stress level in there. Like most of the people that you work with, you're going through difficult things, right? And cybersecurity is one of these things where it's like a day that nothing happens is a good day. And then you have bad days, but those good days, you don't get a lot of positive reinforcement a lot of the time, right? It's just kind of a normal day.

Evgeniy Kharam (05:38.053)
Yes.

Evgeniy Kharam (05:55.109)
But this is interesting what you're saying because I have a feeling many people's painting cyber in just like one paint. Here is blue, here is black, here is green, whatever the paint it is. But in reality, I really don't think so. So I am an architect by trade. I am not a pen tester.

Jeremy at Firetail (06:03.086)
Okay.

Evgeniy Kharam (06:16.869)
I'm not a blue team person. I'm not a red team person. Okay. I know how it's working. Don't get me wrong, but this is not what I do. This is not where I shine. So, and we have this idea that like, Oh my God, it's always about defending. It's like, no, I'm not defending anyone. I'm creating an architecture, a design that will defend what you need to do. But this is not what I'm doing. And we all like, I want to be a pen testers. Like why? Because it sounds cool. Because you can be in.

Jeremy at Firetail (06:19.246)
Right. Right.

Jeremy at Firetail (06:37.614)
Yeah.

Evgeniy Kharam (06:45.285)
consulting person, can be a GRC person. There are so many different flavors of what we can do in cyber that somehow it's not everything about the vulnerability. It's not everything about, oh my God, there's a critical flow with zero day here. It's different. And also, I think it's very applicable to what you guys do in your company as well, is we have a corporate security and we have like an application or the end user product security.

Jeremy at Firetail (06:55.598)
Yeah.

Yeah, yeah.

Evgeniy Kharam (07:15.109)
It's a bit different stack. It's a bit different controls. It's a bit different procedures, compliances, what we need to do. It's just, it's very, very interesting, but we're not always carving this this way in cybersecurity.

Jeremy at Firetail (07:17.422)
Absolutely.

Jeremy at Firetail (07:29.518)
Yeah, it's interesting. And I think you've probably gotten a unique view because of the range of positions that you've gone through. And then also working at a company like Hershivac where you're not focused on just one organization, you must have worked with, I imagine, hundreds of organizations over the years, if not thousands. I guess, like one of the things I'm curious is, are there any kind of summary or high level, let's say like trends or general lessons that you've taken away from that?

Evgeniy Kharam (07:59.877)
Everybody is very distributed. It takes a lot of people to actually synchronize effort and make sure the company is going in one direction. Remember the talks probably eight, 10 years ago that the network team don't talk to a cloud team. Sorry, network team don't talk to the endpoint team. Now, surprisingly, all the network companies are also endpoint companies because they also endpoint security. Now we say, oh, the cloud, they don't talk to the GRC.

Jeremy at Firetail (08:16.11)
Yeah, yeah.

Evgeniy Kharam (08:29.157)
So one trend I kind of see all the time is, unfortunately, people don't understand is a mutual bottle. If you can say this, it's a mutual effort. We need a village to raise a child. We need a mutual understanding where we take in this company and what are we doing? This is one part. Second part. People prefer to do sexy stuff, shiny stuff, then the stuff that need to be done. So asset management, vulnerability management.

Jeremy at Firetail (08:44.046)
Yeah.

Jeremy at Firetail (08:54.766)
Yeah.

Evgeniy Kharam (08:58.309)
Understanding do you have everything to actually protect it? It's kind of boring, but it's need to be done Understand that actually you fiber rules are commented you following the same naming convention You actually telling people when you're doing changes and I just didn't think any time you want because you know what you know everything But they're like, oh, let me put some Automation on top of it. I'm just gonna be okay right now without playbooks. So this is also like a trend I see But the positive trend is a lot of people care

Jeremy at Firetail (09:03.662)
Yeah.

Jeremy at Firetail (09:27.95)
Yeah.

Evgeniy Kharam (09:28.005)
This is the positive trend. A lot of people, they actually care about the job. They care about what they're doing. They care about the security and the protection the companies are working for. I think it's phenomenal. I think it's not just nine to five, like, oh, nine, five, one, there was an attack happening, a lot happening. No, no, I'm done. No. So this is the positive part, I think.

Jeremy at Firetail (09:47.95)
Yeah.

Yeah, interesting. I'm really curious, like managed security is something that I think it's gone through a number of different kind of names or brands over the years, right? There was managed sock, MSSP, MDR seems to be the brand or the kind of the acronym that's got the most buzz and momentum behind it right now. As somebody who spent 16 years working in managed security of various flavors,

What do you think people don't understand about managed security?

Evgeniy Kharam (10:22.341)
So I think first of all, some of the acronyms a lot of time are gimmicks. You shouldn't be looking on the acronym. You should look on what you get under the cover. So XDR, MDR, MSSP, NDR, there's many, many, many names. It doesn't matter the name. Understand what you're actually getting. And this is, I think, very, very important. Because everybody, again, can paint it in different colors you want. You need to understand what you get on top of this. If you're getting a product, a service, a combination.

Who is doing what? What people don't understand is if you are a company that making ice creams and you have a very high -end companies manufacturing these robots, okay, whatever it is, are you an IT company or you're an ice cream company? I hope you're an ice cream company. And people get stuck that, oh, but I have all these devices to manage. I have this all the security controls to manage.

So people get stuck in the idea that your main business is making ice cream or creating insurance or whatever you doing. I still remember a long time ago, we're doing a workshop for a company that making chickens. And of course, I was thinking about all the automation and they ask me, what's your biggest risk? And our mind is set on the cyber security incidents. Like it's basically the chickens are gonna get gonna be sick. Okay, this is my good.

Jeremy at Firetail (11:47.438)
Yeah. Yeah. Bird flu is a much bigger risk to that company than a ransomware. Yeah. Yeah. Yeah. Yeah.

Evgeniy Kharam (11:50.277)
Yeah, this just makes sense. Okay. Yeah. Okay. We didn't think about it. Like our mind was so locked. And where I'm taking this is companies need to understand that they need to focus on their main business and outsource the parts that are not the main business. Now, not outsource everything. It's not, don't go cold turkey because you need to have someone that's going to make the decisions.

But this is the beauty of having SaaS applications. You are outsourcing part of this thing. You don't need to manage the database. You don't need to manage the server, reboot the Windows box every time. Not your problem anymore, somebody else's problem anymore. So there's a bit of a risk there, but you understand that you don't need to wake up during the night and go to reboot the server because your production database doesn't work and you cannot do whatever you need to be done. Same with MSSP's. MSSP's are not just a chat box.

MSSP is the good one. You know, of course they have many different flavors of them are the ones that should take over your pain, take over the stuff you need to do and let you focus on your main business. This is, I guess, going to be my main part and we can definitely happy to go to nuances. What makes sense, what don't make sense. I do want to add another part. Every vendor I met like, oh, I want to sell to MSSP. Like, this is great.

Jeremy at Firetail (12:46.094)
Yeah. Yeah, sure.

Jeremy at Firetail (13:04.814)
Please.

Evgeniy Kharam (13:11.653)
but they don't understand that the MSSP need don't know how to sell them or me don't understand how to create a practice around them as part of everything or how to price them. So you will not go to MSSP and say, Oh, hello, how does it mean API security thingy, you know, with AI, sell me. MSSP will never tell them, I have no idea how to sell you. I don't know how to price you. You'll say, Oh yeah, this is great. No.

Jeremy at Firetail (13:25.422)
Mm -hmm.

Evgeniy Kharam (13:41.413)
And that's it, you know, it's gonna go up. So this is a vendor responsibility to actually teach this part. The custom responsibility to actually go to these nuances and understand what do we get? Or is it don't know, hire an expert that helps him to understand, hey, we get this one outsource some of the stuff, but we don't really sure what do we need to ask? What's important? Oh, is he gonna run all my firewalls? Great. Has he gonna actually update the firewalls?

Jeremy at Firetail (14:03.438)
Yeah. Yeah.

Evgeniy Kharam (14:11.397)
Upgrade the firewalls like what's different within an object and an upgrade or update could be I'm I'm version 7 I'm going to 701 or this an update. Okay, so no reboot No, nothing or maybe a small reboot like a fast one. Okay, what's an upgrade or I need to go from 7 to 8 What does it mean? Oh, it's mean that there is much more risk involved because there's more features involved And if I have hundred firewalls if I need to spend a firewall a day a day for a firewall

then it's a hundred days and if I charge somebody $2 ,000 per day, whatever it is, companies may charge you these days, it's become quite expensive parts that you didn't put inside your contract.

Jeremy at Firetail (14:47.118)
Yeah, for sure.

Jeremy at Firetail (14:51.086)
Yeah. Yeah. That's really interesting perspective. I think that that point about, you know, vendors partnering with MSSPs is one that, you know, I work in the startup community. I talked to a lot of startups and a lot of startup founders and I hear that a lot. It's like, Oh, we're, we're going to launch and we're going to go to market through MSSPs and we're just going to like build our technology and our pricing model. And we're going to put it in front of a bunch of MSSPs and they're going to magically sell it. And I tend to think that there's a big challenge in that.

not only around what you said around the pricing model, but I even think the understanding is one of the big challenges because like fundamentally, where do cybersecurity startups work? They work in emerging technologies, right? We work in the API security space. There's not a ton of solutions. There are some, but there's not a long history of companies going out, customers going out and looking for API security solutions. So there's not a common understanding of, okay,

When a customer goes looking for API security, they're going to ask for the following things. The feature set should look like this. The pricing tier should look like that. So that a, you know, an average seller at an MSSP should be able to stand in front of a customer and present this offering. Coherently and in a way that it makes sense to the customer. And I think a lot of the times, especially for emerging technologies, that's just not the case, right?

Evgeniy Kharam (16:14.053)
It's not the case you observed, you're right. It takes time to explain. Also, don't forget, we have what, 4 ,000 vendors right now in the industry? Give or take? Give or take 500 here and there, you know? Depending on the day? Depending if Cisco acquired somebody or not today? It's, and not picking on Cisco, just like because they have a lot of vendors.

Jeremy at Firetail (16:22.798)
Yeah.

Yeah, yeah. Yeah, yeah.

Jeremy at Firetail (16:34.766)
Yeah. I would have said Palo Alto networks, but you know, the same point, right? Who acquires the most companies in the cybersecurity industry? It's those two are two of the top candidates.

Evgeniy Kharam (16:39.461)
Ah, yeah, yes. Fair, fair. So for the MSSP, like think about them. If you want to sell as a vendor to MSSP and there's 4 ,000 vendors and there are 60, 365 days a year. So what does it mean that in theory attend vendors a day may reach into MSSP and say, Hi, my slice brat is

Jeremy at Firetail (17:05.166)
Yeah, exactly.

Evgeniy Kharam (17:09.381)
the best sliced bread ever sell me. Okay, so you're not getting so many. Let's have two, let's have one. It's still a lot of vendors. Like they're not gonna sell all the vendors, not gonna be able to sell all the vendors. The good MSSP's will probably have 10, 20, 30 vendors. So maybe we're gonna have 40 when they have like overlap, a main vendor and a secondary vendor. It still takes a lot of time to do this.

Jeremy at Firetail (17:14.67)
Yeah.

Evgeniy Kharam (17:37.413)
Now, depending on what we're consulting, and it's not a consulting podcast right now, but the vendors really need to understand what the MSSP is going to ask them, what does it care about, how is it going to help them, how is it going to support them, because the days when you tell MSSP you're going to give you X amount of money and sell my technology are completely over. Nobody is doing this.

Jeremy at Firetail (17:37.87)
Yeah.

Jeremy at Firetail (17:55.886)
Yeah. Well, I'm curious about those early days, right? Because I was thinking about this the other day and talking to somebody who works in the managed security space and is recently in the managed security space as of like three or four years ago, not with the, you know, 15 plus year background that you have. And I was kind of curious about the early days of managed cybersecurity because on the one hand, I think it could have been super easy.

that a lot of companies would have been like, oh yeah, please take this problem off my hands. We have no cybersecurity expertise in house. We just know that we have risks and we know that we're not equipped to deal with them. Or it could have been super difficult where customers were like, I'm going to trust an outside firm with the cybersecurity of my entire organization. I'm curious, like what were those customer conversations like?

Evgeniy Kharam (18:43.525)
This is oh my god, you're bringing yeah, you're bringing so much memory So it is a lot of smoke and smoke and mirrors in a way It was very easy in one hand and very difficult on the other hand. I'll explain So first of all, if we go 15 years ago What did we had firewall email security web proxy some kind of antivirus McAfee semantic trend? I don't know network acceleration

Jeremy at Firetail (18:56.494)
Please.

Jeremy at Firetail (19:02.734)
Yeah. Yeah.

Jeremy at Firetail (19:09.294)
Yep. DLP maybe.

Evgeniy Kharam (19:12.581)
Yeah, like we had like 10 domains, let's put them domains or now like I have a list. I have my own like a mini vendor database that I maintain for myself for my work. So I have 120 categories overall of different type of vendors. There's like 15, 16 main categories, but just the endpoint security itself has like eight different subcategories. Network security, like 15 different subcategories.

Jeremy at Firetail (19:16.045)
Yeah, yeah, yeah.

Jeremy at Firetail (19:28.782)
Oh jeez.

Evgeniy Kharam (19:41.541)
application security, you know, risk compliance, there's many, many different things. So from this perspective back in the days, what you used to manage was quite simple. It was a SIM and a firewall. That's it, you know, pretty much even the endpoint security management came probably much, much later.

Jeremy at Firetail (19:54.542)
Yep. Okay.

Jeremy at Firetail (20:04.046)
There wasn't really centralized management of endpoint security in that time. Okay. Okay.

Evgeniy Kharam (20:07.109)
There was, there was. MacAfee and Symantec had it. It was pain in the butt. The first EPP is like you need to have your own security SQL. You need to have your Windows server. Each database file, the .file was like 400 megabytes. So you need service to actually take them and then redistribute them inside your company. And then from time to time, the companies will make a mistake, screwed up on a .file and you have to repeat this. So your infrastructure for endpoint management will be like 40 servers.

Jeremy at Firetail (20:27.726)
Yeah.

Evgeniy Kharam (20:36.709)
across a big company. Right now, you just tiny, miny, like 50, 20 meg file on your endpoint and you go to a cloud with Sentinel -1, CrowdStrike, and let's call them the next generation EDRs and typically they are right now. And also, the migration was hard as well. So you manage SIEM, you manage firewalls, you manage IPSs, so there's a lot to manage. But there was no cloud, there was no SaaS.

It's meaning to connect to customer premises. So it's an interesting blog and potentially an interesting discussion we can do. But right now, you probably will not talk to an MSSP that tell you, oh, I have a direct VPN to my customer.

But back in the days, this is what you did. You added your XVPN to a customer that you can connect probably from your own network that you can connect to the firewalls, to the manager, to the manager appliances. The second part, and it still actually exists for many, many different MSSP's is a centralized model for the same. I'll take a same ArcSight was a big one in this case, for example, and I will chunk the same.

Jeremy at Firetail (21:53.294)
Yeah.

Evgeniy Kharam (21:56.005)
for many, many different slices. And I will not sell you a SIM, I'll sell you a service. And I'll have an abstract panel to you where I take all the logs, these collectors to my ArcSight internally or whatever the scene you use, gear radar, there was a lot of different, the RSA as well, like we can talk, it is a different topic. So my architecture was different and it definitely created many problems because,

If I have a tunnel from my network to your network, what if I get infected? What if you get infected? There really did a good segmentation, good rules on my VK and my firewalls to make it, to change it. I remember we actually changed, me and Sean Higgins and Herjave Group, we changed how we connected. We had a different network with different tunnels, with everything related to Active Directory. So if you need to let Evgeny go tomorrow, there is no way Evgeny can connect to customers and mess up stops. And then, okay,

Jeremy at Firetail (22:30.798)
Yeah. Yeah.

Evgeniy Kharam (22:54.821)
later on, do I really need to have any talents? Can I have a jump service? So can I use a different methodology, a different architecture to connect to collect telemetry? Still work. There was a lot of architecture and changes from a separation from the customer and also keeping the safety from the customer, not moving all the logs across, keep the telemetry. And also I'm a very big believer that the data belong to a customer. So if I now take data from the customer to my SIM,

Jeremy at Firetail (23:10.606)
Yeah. Yeah. Yeah.

Evgeniy Kharam (23:24.325)
I can keep you hostage. And it happened. It happened so many times. The customer will not going to be happy if he's a managed service provider. And we're going to leave you. OK, leave me. I need my logs. No, because they're my same. So this is we coming back to I'm a customer. I want to outsource. Is there going to be fine print? Where is the data reside? How many months of cold, cold storage and who is belong to where I want to leave?

Jeremy at Firetail (23:40.43)
Yeah. Yeah.

Evgeniy Kharam (23:53.797)
This is not what people think about it when they unfortunately outsource that.

Jeremy at Firetail (23:53.87)
Yeah.

Jeremy at Firetail (23:58.094)
That's really interesting. Over the time as that evolved, I mean, I hear a couple of things from what you said. I mean, one of the things that actually jumps out to me as a former practitioner is you guys were probably one of the best, you know, had one of the strongest security architectures of any company around at the time, because of having all of these considerations around, let's say your third party risk to the customer or, you know, from the customer perspective, how they viewed that. And then also your own controls to make sure that no.

Evgeniy Kharam (24:21.637)
Yes.

Jeremy at Firetail (24:26.798)
let's say insider threat could really like damage a customer and how you were handling the data and so on. I think a lot of the things that you said around, let's say micro segmentation is still something we don't see a lot of, right? I mean, we see ransomware attacks. Yeah.

Evgeniy Kharam (24:40.709)
But we're back to acronyms, you know, we're back to, I have a fancy acronym. Okay, so what do you actually do about this, you know?

Jeremy at Firetail (24:49.038)
Yeah, yeah. Yeah. It's funny. One of the things, one of the other things that occurs to me is like over that time period as what, what drove the adoption of new technologies? I mean, I assume a lot of the demand came from the customer saying like, Hey, we're all of a sudden going to start using SAS solutions. We're going to start using hosted email. We're going to start using AWS, et cetera. And I assume that the, you know, that the managed security providers responded to that.

Or was it more like managed security providers were seeing the new technologies and then like helping the customers see that they could gain efficiency by using them or some of both.

Evgeniy Kharam (25:28.965)
I think it's a combination. I think a combination of three. One, compliance. You cannot remove compliance from the equation. Compliance is probably the biggest driver in my mind in cybersecurity selling right now because you know the customer needs this. The customer knows he needs this. So we can slice a different way. If the customer needs to be compliant or some kind of financial compliant, then okay, there's a clear case of why they need to buy it. Now they realize what they need to buy and how.

Jeremy at Firetail (25:32.622)
Okay, yeah.

Evgeniy Kharam (25:58.885)
Because, okay, I can buy what exists or maybe you have a very, I think it's an architecture work or engineering work at a customer. Like, okay, I need to fix a problem to be compliant. Do I need to fix the problem in one way or another way? Or maybe I can not just be compliant, but also improve my cybersecurity. This is where the innovation going to come. So people like trying to understand, oh, I can do that, but I can also do segmentation, for example.

Jeremy at Firetail (26:21.998)
Mm -hmm. Yeah.

Jeremy at Firetail (26:28.526)
Yeah. Yeah.

Evgeniy Kharam (26:28.581)
I can also have a better resulting and understanding what's happening with my users. So let's say I need to track data what my people are doing in a company. Great. It doesn't say I need to do behavior, but I have the data. So what if I get a product? So let's go to the same. So we have this time, secure onyx, exabim, gurukul, and many of these companies started to do UBA. Is it like, okay, so I can do the same, but I can also analyze.

Not just Evgeny and have logs in case HR asks me to understand what Evgeny is doing, I can make it predict stuff. Oh, Evgeny usually works 9 to 5, right? And don't get me wrong, it's not like that, it's always worked. You need to have a lot of things happening at work. But now Evgeny is working night shifts like something happened. Oh, Evgeny never done so much data over the FTP or Formula One drive. Is Evgeny actually leaving? Evgeny is trying to leave or preparing to leave?

Jeremy at Firetail (27:13.23)
Yeah, yeah.

Evgeniy Kharam (27:28.101)
There's a lot of data we can do. So we have compliance. We have innovation that people come, OK, I can fix the same problem a different way. And it's definitely MSSP and VAR say, hey, this amazing vendor just came out to us and they're solving this problem. And people are like, I don't have this problem. Oh, but our people want to have a new gaming solution. And guess what? It's going to do APIs.

So now we're going to have this problem.

Jeremy at Firetail (27:57.134)
Yeah. Yeah. Interesting. Interesting. And I'm curious about a couple of other things. I mean, you know, you've learned a lot along this way. What led you to kind of do what you're doing now? Because it's a lot of things, right? So you're doing media stuff, you're doing consulting work. I take it you have a book coming out, you do this snow and ski boarding conference. I mean, first of all, talk to us about the book and about the snow and ski boarding conference.

Evgeniy Kharam (28:16.421)
Yes.

Evgeniy Kharam (28:22.757)
Okay, so it's actually one lead to another.

Jeremy at Firetail (28:25.454)
Okay.

Evgeniy Kharam (28:27.141)
I have a very big believer of soft skills and I think you and me spoke about this several times. And I think that we always not think I truly believe in this, that we are happy to talk to people that are single -minded or similar to us or basically people that kind of sharing same expertise. So if I'm going snowboarding with you, we're gonna talk about snowboarding. So there's a long story about how we came out with the Key and Snowboard Conference, but basically I was...

Jeremy at Firetail (28:31.854)
Yes. Yeah.

Evgeniy Kharam (28:57.093)
doing training for snowboarding, I see how easy it is to connect to other people, came back, put a LinkedIn post, what if we do an event like that? Later on my partner Tony saw my picture, we spoke about that, he had access to a resort and we did it. Two years in a row right now and we're doing a summer event in August 15 for bikes and hikes right now. So people ask for a summer event as well. But the theory was...

If I'm going to a conference, I usually coming back and saying, oh my God, I met this person when I was waiting in line for the talk. I talked to this person in the hall. So past COVID, when we have everything available online, do I really need to go to a conference to learn something new? Or as you mentioned about hugging, I want to go and interact with people. So what if we bring people to a place?

Jeremy at Firetail (29:50.446)
Yeah.

Evgeniy Kharam (29:54.213)
where they don't need to think how to start a conversation with anyone in the room. Where they don't need to be shy. Where they don't need to ask, are you getting kind of in cyber? Can I sell you something? Can I understand what you're doing? Maybe you have a fancy suit. Because I can always come and generally say, hey, I see you riding board turn. Like, what is your favorite? Why are you riding this board? What is your favorite mountain? Like, oh yeah. And you start talking to them.

Jeremy at Firetail (29:59.118)
Interesting. Yeah.

Jeremy at Firetail (30:06.574)
Yeah, yeah, yeah.

Evgeniy Kharam (30:20.741)
Because why? Because you already sharing something in common. And if you have this conversation about skiing, about riding, about your favorite mountain, you're going up a lift. Tony, my partner, always like to jog that it's a perfect elevator pitch in Ontario because the lifts are so short. You only have two minutes to pitch to someone. So the moving from talking about skiing and skiing to cyber is very native, is very common.

Jeremy at Firetail (30:25.294)
Yeah.

Jeremy at Firetail (30:38.542)
Okay.

Jeremy at Firetail (30:48.43)
Okay. Yeah.

Evgeniy Kharam (30:49.158)
If I didn't like the conversation with you about skiing and snowboarding at the mountain, I probably not going to talk to you about cyber as well. And if you add food and a bit of alcohol on top of it, just leave people alone and let them mingle. This is basically what we did. And it proven it.

Jeremy at Firetail (31:06.638)
Did the skiers and snowboarders get along? Because I know that's sometimes, you know, that's a little bit oil and water where they don't mix, but.

Evgeniy Kharam (31:12.933)
Yeah. No, we just joke around, you know, like I'm writing by the way, though. Now we are friends. We all like the amount in the end of the day. Doesn't matter. You know. So it proved the theory about the connection part. And the book is basically about soft skills. My thesis is that right now when we lost, not lost the ability, but we limit the amount of physical meetings and we're mainly doing majority of the meetings online for sales.

Jeremy at Firetail (31:21.55)
Awesome.

Jeremy at Firetail (31:26.862)
Yeah.

Evgeniy Kharam (31:42.789)
that we only have limited minutes to connect to each other because people lose interest. And not because they're bad people. It's because they have three, four screens around them. They're very distracted. Slack is going here, Signal, Teams, LinkedIn. But if we're able to connect on a personal level, then the chances of the building report going up and then we have more opportunity to sell. So, book talks about how...

create the hooks, how to understand the hooks, how to understand the physical logic, the philosophical part of the other person, because people learn differently as well. I also touch base on voice, because if we speak the entire day we need to make sure our voice is actually good, the same way we go into chiropractor or somebody else. I suggest we can go to voice coach and understand how it improves the voice. I speak about fear.

Jeremy at Firetail (32:21.102)
Yeah.

Jeremy at Firetail (32:38.894)
Oh, interesting. Yeah.

Evgeniy Kharam (32:40.645)
Like what if you actually free to talk for so many hours or free to ask questions like, Oh, Jeremy, how are you doing? So we presented to you already three, four times. There's a budget for this. Or we just here to educate. It's a simple question. Like I'm not trying to offend Jeremy and Jeremy may say, no, there's no budget. So there is a lot of stuff involved there. And actually a chapter is that, uh, is the latest chapter that came.

Jeremy at Firetail (32:43.534)
Yeah.

Jeremy at Firetail (33:02.702)
Yeah. Yeah.

Evgeniy Kharam (33:10.149)
to the book right now, is still in progress, is basically how to overcome burnout. Like if I'm doing 10, 12 meetings a day, what happens if I have a meeting number five is bad? You know, I had five amazing meetings. What do I do to come back to meeting number six fully present? So this is the book all about. There are a lot of interesting stuff there. I'm very excited. It's definitely hard work.

Jeremy at Firetail (33:19.918)
Yeah.

Jeremy at Firetail (33:27.822)
Yeah. Yeah.

Jeremy at Firetail (33:37.614)
super cool.

Evgeniy Kharam (33:40.197)
I knew it would be hard, I didn't know how hard it was going to be. Soon, soon.

Jeremy at Firetail (33:43.598)
Yeah. Soon. Well, I look forward to that. And as somebody who's actually, you know, it's funny, my own background and my own educational background, I ended up dropping out of college. I was in a chemical engineering program and I went into linguistics and then I worked at a translation agency and hated it for a number of reasons. Uh, and then I went into IT and cyber and, you know, I did it as a practitioner for a number of years. Um, and then I went back to school and got an MBA at one point. And I always tell people I basically had three training.

So I did my linguistics degree, I did my MBA, and I did improv comedy for about 10 years. Out of those three, improv comedy is by far the most useful. Occasionally I get to use my language skills and that's a lot of fun. I recently did a podcast appearance on an episode in Portuguese talking about API security. I'm looking forward to that coming out. But the ability to interact with people and relate to them...

just as you described around the ski and snowboarding conference and around, you know, kind of the difference in level of interaction engagement we have in person versus remote, I think is so important. And that point about remote meetings, you know, throwing off your flow for the rest of the day, but also by the way, you're always only kind of like half present in a remote meeting. I know, you know, from my own experience, a previous cloud security company that I was with, when we did virtual,

proof of concept exercises, they took about four weeks. But when we could get everybody in the room, no other, you know, no other screens going, no email, Slack, et cetera, we could knock out a POC in between two and four hours. And, you know, it's just a dramatically better use of people's time and a better experience overall. And we all walk away from that experience thinking, this is great. We really achieved something here. We really actually proved.

that we could deliver value to the customer and they can actually improve their cybersecurity outcomes, right? And that's what customers are ultimately after. Yeah. Awesome. Well, what is it? Can you tell us the book title or when we can expect to see it out and where it's going to be available or not sure yet.

Evgeniy Kharam (35:53.67)
We are redoing the book title as it so we're thinking what can we do? Can we change the draft will be available probably mid -may and then we need to read approve the draft. So July August I'm guessing

Jeremy at Firetail (35:57.646)
Okay.

Jeremy at Firetail (36:09.646)
Okay, awesome. So later this year, everybody keep an eye out for that. And for people who want to know more about the ski and snowboarding conference, where can they find that information?

Evgeniy Kharam (36:20.773)
So they can go definitely to the thessc .ca. So thessc .ca. We're doing the bikes and hikes event August 15. Or they can find me online and I'll direct them there as well. Thanks God my last name is quite unique. And the first name as well. So it's not very hard to find me online.

Jeremy at Firetail (36:28.846)
Okay.

Jeremy at Firetail (36:40.846)
Yep. And we'll link all of that from the show notes for today's episode. And then last but not least, I definitely want to get in a plug for your podcast, the security architectures podcast and the, um, sorry, I can't remember the name of the other one of cyber inspiration podcast. Um, so please have a look out for those again. We'll link those from the show notes. Evgeny Karam. Thank you so much. It's been a real pleasure having this conversation with you today and thank you for sharing your experience, your knowledge.

Evgeniy Kharam (36:49.669)
Thank you.

Evgeniy Kharam (36:53.605)
Cyber inspiration.

Jeremy at Firetail (37:08.43)
and all the things that you've learned over your career and for all that you're doing right now for the community.

Evgeniy Kharam (37:13.573)
Thank you. Thank you.

Discover all of your APIs today

If you can't see it, you can't secure it. Let FireTail find and inventory all of the APIs across your organization. Start a free trial now.