ep. 80 - Jeff Lanza

Bio

Jeff Lanza was head of operations security for the Kansas City FBI and a graduate of the world renowned John E. Reid School of Interviewing and Interrogation. He is a certified FBI instructor and has trained numerous government agencies and corporate clients on how to handle the media tricks that the national television personalities such as Connie Chung and Chris Hansen used on him during his near two decades as a crisis communicator with the FBI.

Jeff speaks on several timely topics, including; cyber security, terrorism, organized crime, and identity theft prevention.


Transcript

Gail Davis: Our guest on today's episode of GDA Podcast is Jeff Lanza. Jeff was an FBI special agent for over 20 years. He investigated fraud, organized crime, cybercrime, human [00:01:00] trafficking, and terrorism. He appears regularly on CNBC's Closing Bell, the Fox News channel, and has appeared on Larry King Live, the Today Show, Good Morning America. Has lectured at Princeton University. He's a published author of a critically-acclaimed book. He has consulted on an Oscar-winning movie. He has presented around the globe and in 49 U.S. states. He is also certified as a Kansas City barbecue judge. Welcome, [00:01:30] Jeff, to today's episode of GDA Podcast.

Jeff Lanza: Oh, thanks for having me on. It's a pleasure to be here.

Kyle Davis: Well, it's a pleasure to have a Kansas City barbecue judge on.

Gail Davis: I think I met you through one of my favorite clients in Kansas City, John Starr. I think he had you in to speak to the YPO group, and he made the connection for me, and I know that the groups have just been always so fascinated with the insight that you can provide [00:02:00] on these cases. Obviously you don't go into the details, but the background of what's right under our nose. I think sometimes we don't really understand what's happening in our own backyard.

Jeff Lanza: Yeah, that's very true, especially when it comes to topics like cybercrime. Human trafficking was something that John and I ... You mentioned John Starr, a great YPO member in Kansas City. That's when I first started speaking to groups, YPO groups. It was about human trafficking, because they had no [00:02:30] real broad view of that and the fact that it's really right before our eyes, so that was one of the topics that got me started with John. And then as an FBI agent, I worked a lot of things other than that, including cybercrime, and that's mostly what I talk about today. And you mentioned the audience and kind of what they don't know, and when I talk to an audience it's like ... I try to figure out, first of all, what do they want to hear, but not only [00:03:00] that, what don't they know that they need to know? And if you don't know what you want to achieve in your presentation, your audience never will, and my goals are to inform, inspire, and entertain people with the information that I have about these various topics.

Kyle Davis: One of the things that you talked about, and I think this is kind of a good kind of bringing it back full circle and giving a refresher for people, but what we were talking about prior to record was kind of the trajectory that you had in the FBI, and I think [00:03:30] you made an interesting point, pre-9/11, post-9/11. So if you could give that trajectory for people to know kind of what it is that you've done, because it sounds to me, and in our brief conversation, that you're a jack of all trades, so to speak.

Jeff Lanza: And most agents do have varied backgrounds when they come in the FBI, and then also they work various types of cases in the bureau as well. I started out working white collar crime, which is a broad category, but specifically I was on a corruption squad, so we [00:04:00] dealt with public officials who were basically ... stepped over the line, either taking bribes for official acts or other things that were illegal based on the position they were in. So, I investigated public corruption cases for quite a while in Kansas City, and then other white collar crime cases as well, organized crime sprinkled into that. And then we had, of course, 9/11 happened. I had been in the bureau already about 13 years when that happened, and that really changed everything. It [00:04:30] changed the FBI's focus, and many agents were drawn into counter-terrorism investigations, including me, over the course of time. That was really a big demarcation point for where I had been and where I was going and where the FBI was going in general.

Kyle Davis: And I know that one of things that you talk a lot about now is cybercrime and cybersecurity, and I would be remiss to say we can't talk about just the big cyber issue of the day with this Russian hacking situation. And I don't want to get into the politics of it, per se, [00:05:00] but if you could just kind of just explain what are some of the vulnerabilities that we have as a nation, and then from there, what kind of things can we do as individual businesses and as an informed society to prevent meddling from a foreign power?

Jeff Lanza: Right. Well, the word "hacking" has a lot of different meanings, and people tend to think of it as someone's broken into my computer system somehow, and that's one of the terms we use, one of [00:05:30] the meanings of hacking, but hacking can also be using manipulation, social engineering, to gain information from people that involves sensitive information, for example. So what cracks me up about the Russian situation—I don't meant it cracks me up, I mean it's just, it surprises me, I guess—is that there's this conversation that, "Did Russia try to interfere with our election?" Well we have bonafide proof that they did, [00:06:00] weeks ago, months ago. We know that they tried to ... They hacked into the Democratic National Committee's computer. That's been proven. We know that. We know it came from them. And we know that they took over the account or they hijacked the account of John Podesta, who is Hillary's campaign manager. And so that alone is pretty good evidence that they were trying to do something with the election, as these are two ... the Democratic National Committee, of course, [00:06:30] is the body of the Democratic party, and specifically Hillary's campaign manager. So we know that they did that.

Now, what can people do themselves and businesses do to protect themselves from these type of efforts, not just from foreign powers but from anybody who wants to hack into a business computer or put ransomware on a computer, which would lock up files until people the ransom? And the key thing is that we just need to be careful what [00:07:00] we click on, be careful what we're ... anything coming in externally and make sure we educate employees about what to look out for, too. 90% of computer hacks as we define hacks, hacking into computer systems, come from emails designed to do just that. So we can eliminate 90% of the threat if we're just careful about what we're receiving and what we're clicking on, links and attachments in those emails.

Kyle Davis: Yeah, one [00:07:30] of the things that we were kind of trained on at one of my companies was just don't open PDF files. I mean, just something as simple as that, 'cause it's ... We don't communicate via PDF, so don't open a PDF file. You'd be surprised how many PDF emails I would get on a weekly basis. I mean, four or five from seemingly coworkers, but it wasn't. You know, just simple things like that.

Jeff Lanza: Right, simple things like that, and of course you have to build your external offenses and your perimeter defenses, too, with software, [00:08:00] with antivirus software and the firewalls and all that. But those aren't effective all the time, so combine that with training employees, combine that with good information. Testing employees as well. Sending fake PDF files designed to look like a real hack attempt would like and see who clicks on it. That's a good way to train employees, too. But overall, then you need to have your backup as well, so when your files are affected and in the case of ransomware, for example, that you'll be able to recover without having to pay [00:08:30] ransom. So it's kind of a layered defense with lots of different layers of security.

Kyle Davis: Like an onion.

Jeff Lanza: That would be one way. So if they get through one layer they're not at the core of your business yet. They get through a second layer, they're not there. Third layer, they're not there. So they have to penetrate many layers of security before [inaudible 00:08:50] before they can really do damage, and that's the whole idea of keeping businesses and even our own individual accounts safe.

Kyle Davis: So, kind of to go on with this Russia thing, and I have to give the date [00:09:00] because things always change with Russia. Today's 7/11. It's my brother's birthday, and you can go get a free slushie at 7/11 as well. So, again, I'm trying to be apolitical on this. Today Trump Jr. released some email correspondence meeting with somebody from ... has ties to Russia. And we talked about this beforehand, and you have kind of a unique background in that fact that you've worked with political corruption and then you also worked in cyber hacking, and I'm just kind of curious as to what you make of this. So far, [00:09:30] just from a cursory glance.

Jeff Lanza: Well, you know, my first reaction when I saw that story today was, "What has he just admitted that's potentially illegal, and why would they make that admission?" And so upon a little more thought I'm thinking, "Well, I guess they're thinking they didn't do anything do wrong, so let's put it out to the public, let them look at the email change to show there was nothing secret here." I'm not sure that just having that communication alone is not a problem, so [00:10:00] it's just a matter of how the law might apply and then what happened after that, or what hasn't been released that they still might have in terms of communication.

Kyle Davis: Yeah, I just find the whole interesting. At [crosstalk 00:10:14] ...

Jeff Lanza: It's bizarre. I mean, the whole thing has been bizarre from the beginning and now it's even taken another step in that direction.

Kyle Davis: And, you know, you've been on ... And we were just talking about this prior to, but you were on CNN a few months ago talking about this, and I'm just kind of ... [00:10:30] How would one defend themselves, like in the press, against just this onslaught of ... I don't even want to call it ... I mean, it's not a leak if it's not classified information. Just this data dump of just this and that, and more importantly, I mean, I think if you're gonna run for political office there should be a class on tradecraft.

Jeff Lanza: That's right, and we probably don't do enough to train people that are in political offices of what [00:11:00] to look out for. But the truth is when you have a release of information, yeah, it's one thing when it's classified information. There's definitely lines broken there, laws broken there. The other thing is sensitive information, so it's not classified, hasn't risen to the level of classified, but it's still sensitive. As an FBI agent, I had top secret security clearance for 20 years as an agent, and if I released any information that was classified, 'course you [00:11:30] could be arrested for that, but even sensitive information. Sensitive information about cases can be a problem as well. So you really have to be careful on what you say publicly and how it may affect the people that you're talking about and the cases that you're talking about. And that's whole reason we're having these laws is to protect people and sources.

Gail Davis: Jeff, were there any specific FBI case situations that took an unexpected turn that maybe provided [00:12:00] lessons that you're able to incorporate when you're out speaking to audiences?

Jeff Lanza: Yeah, there is one in particular that I'll mention to you briefly, and it's one of my key ... one of my, I guess, signature stories I like to tell, and it takes a few minutes but I won't go into all the detail today. It was this very simple case of the FBI serving a search warrant at the home of a bookie, a guy taking bets over the phone, many years ago. And I was involved in the execution of the search warrant. And [00:12:30] the phone is ... I'm at a bookie's desk. The bookie's being cooperative with the agent that was with me. I'm at the bookie's desk and the phone starts ringing. It's a Sunday morning. It's September. Baseball and football are in season. I pick up the phone and the people at the other end didn't seem to care who they were talking to. They said, "Who's this?" I told them my name. They started giving me their bets for the day. So I started taking them down like the bookie would, and call after call came in, and I still kept taking the bets.

What I learned from that ... And there's more to the [00:13:00] story than that. We may not have time to go into all of it, but what I learned from that is people are way too loose with information. You gotta know who you're talking to online, in person, in the phone, before you provide sensitive information. At one point the guy, a guy even asked me when he called, he goes, "Jeff who?" And here I am. We're not busting the betters, we're just busting the bookie. And he goes, "Jeff who?" So I said, "Jeff with the FBI." And I expected a quick hang-up. I expected to hear a click. I don't hear a click. I don't hear a click, I hear hysterical laughing on the other [00:13:30] end. "Jeff with the FBI? That's great, that's funny, answering the bookie phone. I love it, Jeff with the FBI. That's a good one." And then he says, "Hey Jeff with the FBI, give me 50 on the Chiefs, will ya?" So that unexpected turn told me that people should be more careful about how they release information. And I try to share that with audiences and tell that story in more detail.

Kyle Davis: So kind of the releasing information umbrella, or underneath it really, [00:14:00] what are some things that people can do it protect their personal information? And then what are some things ... I know we talked about some things that businesses can do, but in a professional setting, what are some also things that individuals can do there as well?

Jeff Lanza: Well, I think people just need to be careful who they're giving information to. Social Security number is your key. Aside from that, you can't steal someone's identity and open credit card accounts in their name without their Social, so the Social's the most important thing to protect. You shouldn't be giving that out to anyone. [00:14:30] You should keep that as closely held as possible. But in terms of social media and the things people put out online as well, every piece of information someone gets from you in an online setting like that is potentially a building block to obtain a more complete profile of a person and could be used for various reasons, but the Social is the key. If they don't have the Social, they can't really steal your identity and open those new accounts, so that's what you really have to protect. But you still need to be careful when people ... from [00:15:00] unsolicited phone calls, unsolicited emails, never provide person information to those. Know who you're talking to first.

Gail Davis: You know, often you'll be on the phone with, I don't know, the phone company and they'll ask for the last four digits of your Social. Is that okay?

Jeff Lanza: Yeah. People ask me that all the time, Gail. In presentations that's one of the first questions that comes up. And four is okay. I mean, you got nine digits to your Social. And people argue, "Well, wait, the first three are tied to where you were [00:15:30] born, so you might be able to figure that out if you knew where someone was born. The last two ... The middle two are random, and so that means if you have the last four and you know where they're born, you might be able to guess the other 99 combinations of the middle two." And I said, "People aren't gonna go through that much trouble." They could buy a Social Security number online on the dark web for about $10, so don't worry about giving the last four. They already have the last four and they're verifying on the phone to make sure you're the person, and that's why [00:16:00] they do that. So never worry about giving the last four.

Gail Davis: And I'm just gonna ask this question, but like I don't think you probably should be sharing your Social Security number with anybody via email, like say for some reason you need to give it to your child or something. That wouldn't be ... That's probably not a good idea, right?

Jeff Lanza: Yeah, see, email generally is not secure. You can do secure email. There's many secure email companies you can, for a nominal fee, use their services. You can [00:16:30] use that when you provide personal information like that, but the problem with putting out Social over an email account is, number one, it's potentially not secure just in the transmission but also now you have emails that are saved in many places. It's in the cloud, on Yahoo email or Gmail, and that ... Unless you delete it specifically and they have, the recipient has deleted that email, it can be obtained. So someone hacks into your email account, hijacks your email account through many tricks that they use to do [00:17:00] that—a whole 'nother story—then they can look through past emails or they can search in your email, because they have access to it, for Social Security numbers that you have in a saved email that you sent to someone. So that's another reason why you should never include Social Security numbers in an email unless it's secure.

Kyle Davis: So you just hinted at it, but what are some of the tricks that people are using to hijack someone's email address? I'm familiar with phishing and spearphishing, but maybe the listeners there aren't too familiar with those or other ways that people [00:17:30] have to go about getting your email.

Jeff Lanza: So those are two of the most common ways. So let's talk about phishing. Phishing is, most people are familiar with the term, but you're basically sending out a big net in the ocean, you're trying to catch ... You're not [inaudible 00:17:44] catch every fish in the sea, just whoever might respond. And so an example of a phishing email might be you're sending out an email to someone—many thousands of people, by the way, that's the big net—that says, "Hey, we have a PDF file [00:18:00] waiting for you," or, "We have documents for your review." Now most people don't even know the sender. They're not gonna click on anything in that email. They're not gonna click on the PDF file because they don't know the sender, but other people might be curious. So remember, you're only gonna catch a few fish in every net, not every fish in the sea. So then you might click on that PDF or click on something in that email that it says "Review these documents," and that brings you to a Google log-in page, which is fake, which is designed to steal your Google credentials, and that's how they get control of [00:18:30] your Google account, including your Gmail account. So that'd be an example of phishing.

Spearphishing is when you target a specific person at an organization, like a CFO, for example. So you can find out easily who the CFOs are at numerous companies. It's all listed online, it's on their websites. And then you target them with specific emails designed to steal access to their email account, for example, in the way I just described, or try to get them to download malware on their computer, knowing that their computer will [00:19:00] probably, since they're CFO, probably [inaudible 00:19:02] transactions. So that'd be a case of spearphishing.

Kyle Davis: What are some other ways that people have their emails or basically just their whole Internet life vulnerable?

Jeff Lanza: Well, one of the things that happens in the business world is that people will look ... They'll go online ... The crooks will go online and they'll target a company, ABC Company, [00:19:30] and they'll set up a domain name that looks exactly like that company's name online, only there might be another letter in there. So it'll be, I'm using a very simple example, but ABCC Company, right? And so then they'll create email names that look exactly like the CFO or the CEO, and they'll start sending emails to employees in the company from ABCCCompany.com. And for people who [00:20:00] may not notice, they're think they're getting an email from the CEO. "Oh, [inaudible 00:20:04] want? Oh, he wants a list of all my W-2s that we sent out last year." This has happened and has happen ... It's happening right now, that specific example, which contains Social Security numbers, by the way. Or, my CEO is in China, and he may actually be, and he needs money for a transaction. It's very secretive. We can't tell anybody. The SEC does not let us talk about it. We need you to send $17.2 million to this Chinese account. [00:20:30] And CFO does, 'cause it's looks like it's coming from the CEO's email account. True example. That actually happened. Company in Nebraska was ripped off for $17.2 million. Another company ripped off the same way: $46.7 million.

So these are big cases. Lots of money is involved, and it's very simple to do, and it's also very simple to prevent. How do we prevent it? We're careful about where we're clicking, number one, but we also look very closely at emails and we always [00:21:00] verify before we do wire transfers. I don't care what your CEO says about secrecy in this email, but it's fake. You always call to verify.

Kyle Davis: Mm-hmm (affirmative). One of the things that we were told at one of companies was to never have an away message on your email because it allows people to know that you're out of town so they can send a fake email kind of like that.

Jeff Lanza: Right. Right. And that's true. That's a good preventative step, but if they're targeting people as well, they're already gonna know they're away. And here's, [00:21:30] again, where the international connection comes in. You asked earlier about international attempts to hack ... affect our election or to hack companies. You have to imagine that there's countries in the world, like China, for example, and I'll use that example because we've seen many of these hacks come from China. We know they try hack us, our businesses and our government. I go ... I'm a businessman. I'm doing business in China. I go through immigration, show them my passport, [00:22:00] and you have to imagine there's someone at the immigration office in China passing along to their hacker friends, "We've got this person here. We know his name. We know everything about him, and now go after him." And while he's in China they can start doing ... The hackers behind the scenes, they can start doing their work on the rest of the people at the company. So they already know they're away. They don't have to do phishing emails for away messages on their email account.

Kyle Davis: Well, shoot, maybe I shouldn't go to China.

Gail Davis: [00:22:30] I'd like to ...

Kyle Davis: Not that I'm important. I'm not.

Gail Davis: ... shift gears just a little bit. I'm personally very interested in human trafficking, and I'm curious if we have made improvements with that or do we still have a significant problem there?

Jeff Lanza: The presentation that I gave for YPO and I still do today is called "Hidden in Plain Sight," which is basically an indication of the problem, so [00:23:00] meaning that it's there, we just don't see it. I believe that we've made inroads in terms of public knowledge at least. I travel a lot, right? I'm on an airplane all the time and giving various presentations around the country. I see a lot of signage now in airports, train stations, and other places bringing up the issue of human trafficking, and so I think the level of awareness has increased, and for that reason I think maybe we have at least overall knowledge that the problem [00:23:30] is there. And governments are starting to address it on an international basis more than they have in the past. But the numbers, if you listen to the State Department and other agencies, the numbers are huge in terms of not just sex trafficking but overall trafficking in terms of farm labor, migrant labor, factory labor, restaurants, and things like that. People are violating the laws regarding human beings and labor, and I still think it's pretty big, but I think there's an overall knowledge of ... awareness of [00:24:00] it more than it was in the past.

Gail Davis: That is a very powerful keynote, "Hidden in Plain Sight." That's thought-provoking.

Kyle Davis: Did you hear about the incident where the flight attendant was on a plane and she saw a young girl traveling with a guy that he was dressed to the nines and she was disheveled and didn't look great, and it was one of those human trafficking cases?

Jeff Lanza: I didn't hear specifically about that case. It doesn't surprise me, and again, this level of awareness is changing people's perception of [00:24:30] that type of situation, and you ... I've heard other cases where people have ... And not just on airplanes as you mentioned, but in other situations, too, where people have noticed things, maybe based on a poster, a billboard they saw.

Gail Davis: But, you know, if your radar went up, what would you do with that information?

Jeff Lanza: Well, so, on those posters and billboards I just mentioned there's a number to call, there's an 800 number. You're not gonna remember that days later necessarily, but there [00:25:00] is ... you can just Google online and you'll be able to find the number. There is a hotline to call if you suspect human trafficking, or, worst case scenario, you just call the police and tell them. They'll get the right ... And they've been educated about this, too. I think the FBI's done a great job over the course of the last couple years educating police departments in what to look for as well.

Kyle Davis: And then in the particular case that I mentioned, the flight attendant was able to communicate with the girl that was on the plane. 'Cause they were going to the Super Bowl, if I remember correctly. And [00:25:30] they were able to communicate, and as soon as they landed they told everybody to stay seated on the plane. The police came on the plane and then took the both of them.

Gail Davis: Oh wow.

Jeff Lanza: Yeah. Police are good.

Gail Davis: That's awesome.

Jeff Lanza: And you know that makes a whole lot of sense because the Super Bowl ... When I give this presentation I always talk about Super Bowls. That's a big target, focus, for human trafficking, because they bring the girls in for all the people that are visiting those cities, and then police have been focusing on those in various cities over the years. So it doesn't surprise me that they would've responded as you've [00:26:00] described.

Now, they weren't dragging somebody off a plane like we saw in another case, were they?

Kyle Davis: Oh, no. No, no, not like that case. I was scratching my head for a moment. I was like, "Huh?" Oh, yeah, yeah. No, not like that. But I think what's interesting though, and I have some friends of mine who do a lot of work in human trafficking, and a lot of people automatically just assume it's sex trafficking and sex workers and all of that stuff, and it's really not. I mean, it really runs the gamut. I know that you've mentioned farming [00:26:30] and more menial labor that we might assume when it comes to whether it's illegal immigration or if it's trafficked immigration, but there's also just things like essentially just modern day slavery where people have people in their homes cooking them dinner, and they're paying them nothing, or they're paying some agency that then pays that person nothing. So there's a lot of different ways that you can knowingly or unknowingly be implicated in a trafficking incident.

Jeff Lanza: [00:27:00] Right. And just give you an example along those lines, and there's several of these, by the way. But there was a couple in Long Island. Both were doctors, and they brought someone in from the Philippines, and this person worked for many, many years, worked in their home and had to stay out in a shack out in the back. They lived in a beautiful home, multi-million-dollar home. Person lived in a shack in the back. They kept her locked up, and they were basically didn't pay her anything. Gave her menial amounts of food for substanance and never paid her the true wages. And someone discovered her in the neighborhood. [00:27:30] They saw her, she was out there scrubbing on her hands and knees in tennis courts, and then they reported it to authorities. And anyway, she got her payday eventually. The people were prosecuted. They went to jail and she got the millions of dollars that she was owed for many years that she worked without pay.

So, and those cases ... That's just one example. You've seen so many of those type of cases around the country, and they're all online if people have more interest in that. You can actually google that term "human trafficking," "human trafficking" and [00:28:00] whatever, just specific examples, non-sex trafficking human trafficking. You'll come up with examples like that and you can read about it yourself. And people don't realize this stuff is going on right in front of them.

Kyle Davis: Yeah, I believe ... I think I read that same article. It's about that ... Wasn't the woman part of the dowry or something like that? Like a wedding gift, if I remember correctly?

Jeff Lanza: I don't know, I don't know if that was the case. Again, it could've been another example. The one I'm thinking of, I don't think that was the case, but there's been [00:28:30] a few.

Kyle Davis: I read an interesting article about that, but neither here nor there.

Gail Davis: Jeff, I know a lot of times you're have national TV appearances. Does that have any effect on how you then turn around and relate to audiences?

Jeff Lanza: It's funny you should say that because, yes, it absolutely does, and here's why. A TV audience, I think, decides within about five seconds whether they like you or not, and [00:29:00] it comes down to a couple things: your appearance, clothing, eye contact with the camera, and the first words out of your mouth. And I think the same thing really applies to an audience that you're speaking to in person. So whether you're talking to four million people on the Today Show or 400 people in an audience, I think the same rules apply. And the other thing, it's not just about appearance, necessarily; it's about a whole persona up there. But whether they like you or not is gonna depend on whether ... If gonna [00:29:30] be ... Whether they listen to you or not is gonna be a function of whether they like you. They determine that very quickly.

And the other thing is you don't have much time on TV. So my TV appearances, when you're live on the Today Show or CNBC or CNN, you've got about four minutes during these segments, for the most part. You don't have much time to get across a message, so you have to be clear, you have to be concise, you have to be [00:30:00] able to get things across quickly but yet still in a way that's memorable. So for television I've learned how to do that, but audiences in person expect the same thing. You may have 45 minutes in front of an audience [inaudible 00:30:14] 60 minutes, but still, you gotta get that stuff across in a clear, concise way that's memorable, and I think the same rules apply in television. So that's what's helped me in terms of my television [inaudible 00:30:25] relate to my audiences in person.

Kyle Davis: If you could for a moment, I know that [00:30:30] one of your ... You have a book now. It's Pistol to Press or Press to Pistol, or I'm trying to ...

Jeff Lanza: Right.

Kyle Davis: Right. Could you tell us about that? And I know that you're also working on another book, so if you could tease that as well.

Jeff Lanza: So Pistols to Press came out about four years ago, five years ago now. It was about my career as an agent, as an FBI spokesman, where I learned how to take to the media and I learned how to communicate in front of an audience, and that's all about communication. So it's about how to communicate effectively, [00:31:00] efficiently, and persuade people, basically. So that was Pistols to Press about my transition from an FBI agent into being a spokesman and delivering these messages to a nationwide audiences.

My current book—which I'm working on as we speak actually, I was writing some of it today—is about cybercrime. But it's specifically for audiences that are ... I'd say people 50 and up that are starting to really be [00:31:30] affected by these hijackers, hijacking, the ransomware cases. And so I'm writing really for that audience 'cause that's one of the biggest audiences I talk to are people that are retired or approaching retirement and have lots of questions about how to stay safe online. So that book is specifically for that audience and also relates to anyone who wants to know a little bit about cybersecurity.

Kyle Davis: And I guess my final question for you is what keeps you up at night?

Jeff Lanza: Well, that's a good one, and [00:32:00] the main thing I would say also relates to cybersecurity, and that is our infrastructure. And I think it's pretty well protected, but we just saw a case a few weeks ago that ... The government of the Ukraine, their whole infrastructure system, their electric power grid, or part of it, was taken down by a cyber attack, and the story explained, in many different media outlets, explained that we may be vulnerable to the same [00:32:30] type of thing. So what keeps me up at night is the hackers are looking for the next big target, all right? It's not gonna be a physical attack necessarily, and I hope it never is, like we've experienced. But they're looking for ways maybe electronically to do damage to us as well, and you think about taking down a power system, you think about taking down water supply, you think about the banking system and the devastating effect that would have on people and the economy. So that I worry about a little bit, and I don't think the government [00:33:00] is doing enough to keep us safe in that regard, and I think we need to really focus on that and do more, and businesses do as [inaudible 00:33:05].

Kyle Davis: Yeah, the line that I heard from some of my friends that do a lot of counter-terrorism stuff is the super-empowered individual, the individual who, with a laptop and a good education, could bring down whatever they want. I mean, that's the thing that freaks a lot of people out, or a team of people like that.

Jeff Lanza: Yeah, and a perfect [00:33:30] example of that is just to take cars offline, attacking the entertainment systems of cars, through the entertainment system getting at the functional aspects of the car. Steering, taking control of steering, taking control of breaks. We've seen it happen, real examples of that, as a test. So the same things apply in a business. So you got your control systems, your things that control whatever you're doing, electrical, water, whatever it is. That should be separated from everything [00:34:00] else, but in many cases it's not. So if they can get into an email account, can they then get into the company's network? Can they then get into these control systems? And that's the big issue today, and that's what we have to focus on protecting.

Kyle Davis: Well I guess everybody should get off the grid and go buy themselves a 1984 Chevy Blazer that's diesel.

Jeff Lanza: That's a great car.

Kyle Davis: I think it's a great car.

All right, cool beans. Well, hey, if you want to have Jeff Lanza come and speak to your audience, you can do so by contacting GDA Speakers at [00:34:30] 204-420-1999 or by going to gdaspeakers.com. For the transcript and the books and everything else, you can go to gdapodcast.com where we post all of that stuff. With that being said, thanks, Jeff.

Gail Davis: Thank you, Jeff.

Jeff Lanza: You're very welcome. Thanks for having me on.

Comment