She Said Privacy / He Said Security Podcast: How Companies Can Prevent Identity-Based Attacks

TL;DR

Full Transcript

[0:06 - 0:14] Podcast Narrator:  Welcome to the She Said Privacy, He Said Security podcast. Like any good marriage, we will debate, evaluate, and sometimes quarrel about how privacy and security impact business in the 21st century.

[0:21 - 0:35] Jodi Daniels:  Hi, Jodi Daniels here. I'm the founder and CEO of Red Clover Advisors, a certified women's privacy consultancy. I'm a privacy consultant and certified informational privacy professional providing practical privacy advice to overwhelmed companies.

[0:37 - 0:52] Justin Daniels:  Indeed. Do you remember who you are? I think so. Hi, I am Justin Daniels. I am a shareholder and corporate M&A and tech transaction lawyer at the law firm Baker Donaldson, advising companies in the deployment and scaling of technology.

[0:53 - 1:04] Justin Daniels:  Since data is critical to every transaction, I help clients make informed business decisions while managing data privacy and cybersecurity risk, and when needed, I lead the Legal Cyber Data Breach Response Brigade.

[1:04 - 1:11] Jodi Daniels:  And this episode is brought to you by... No one can see a finger pointing.No one can.

[1:11 - 1:11] Justin Daniels: one can.

[1:11 - 1:25] Jodi Daniels: ...for advisors. We help companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. We work with companies in a variety of fields, including technology, e-commerce, professional services, and digital media.

[1:25 - 1:41] Jodi Daniels:  In short, we use data privacy to transform the way companies do business. Together, we're creating a future where there is greater trust between companies and consumers. To learn more and to check out our best-selling book, Data Reimagined, Building Trust One Bite at a Time, visit RedCloverAdvisors.com.

[1:42 - 1:45] Jodi Daniels:  Today is going to be a security-focused podcast.

[1:46 - 1:48] Justin Daniels:  Is that exciting for you?

[1:48 - 1:52] Jodi Daniels:  Well, you enjoy those because you're the he said security.

[1:53 - 1:56] Justin Daniels:  I think you should be like the she said ad tech.

[1:57 - 2:04] Jodi Daniels:  Well, that's a whole totally different kind of podcast. So we're going to stick with the she said privacy and he said security. So you get to introduce our guest today.

[2:05 - 2:19] Justin Daniels:  Okay, well, let's get to our guest. So today we have Jason Casey, who's the CEO and co-founder of Beyond Identity. Beyond Identity is the first and only identity security platform built to make identity-based attacks impossible.

[2:20 - 2:29] Justin Daniels:  With 20-plus years in security and networking, Jason has built enterprise solutions that protect global organizations from credential-based threats.

[2:30 - 2:31] Jodi Daniels:  Welcome to the show.

[2:32 - 2:33] Jasson Casey, CEO of Beyond Identity:  Thank you for having me.

[2:34 - 2:41] Jodi Daniels:  We always like to start with how did you get here to co-founding Beyond Identity? So tell us a little bit about your journey.

[2:42 - 2:58] Jasson Casey, CEO of Beyond Identity:  Let's see. The abridged version, my first decade of work, I worked in telco and big data network infrastructure. So I think like designing and building routers and firewalls, but kind of application-specific routers, firewalls, and proxies.

[2:58 - 3:11] Jasson Casey, CEO of Beyond Identity:  That got me into an area called software-defined networking, which is how do you leverage as much as possible about the hardware in general scenarios to make the software go fast?

[3:11 - 3:28] Jasson Casey, CEO of Beyond Identity:  I fell into some really interesting analytics problems at that time.Ended up working and running engineeringGeneral Keith Alexander, the former longest-serving director of the NSA, working on a really interesting problem, which was find the needle in the needle stack.

[3:28 - 3:55] Jasson Casey, CEO of Beyond Identity:  Made my way up to Security Scorecard, was the CTO there, running a similar sort of problem, kind of global-scale data intelligence for companies to manage their third-party risk. and, you know, through that journey, it became really, really evident that, you know, the top three things that decide whether a company is going to have a bad day, whether you want to call that a breach or just a flood of security incidents, is how does the company manage their identity stack?

[3:55 - 4:11] Jasson Casey, CEO of Beyond Identity:  How do they manage the security of the devices that their workforce uses to connect to their services and data? And that was about the time that I met Jim Clark and TJ and Nelson and Mike, and we started the company back in 2019.

[4:12 - 4:20] Jodi Daniels:  What a fun and interesting story. It's always my favorite part. I know we're supposed to actually talk about privacy and security, but I really like career journey.

[4:21 - 4:35] Justin Daniels:  I see. So, Jason, Beyond Identity was built to eliminate identity-based attacks. what's broken about traditional identity and authentication methods and what makes your approach different?

[4:36 - 4:51] Jasson Casey, CEO of Beyond Identity:  So what's broken? When you think about, so you read about breaches every day in the paper, right? This company has been breached today. That company has been breached the day before. Before an event becomes a breach, it's a security incident, right?

[4:51 - 5:02] Jasson Casey, CEO of Beyond Identity:  So like not every kitchen fire burns down your house, but some kitchen fires burn down your house. Every kitchen fire is something that you don't actually want to have, right? You want to prevent kitchen fires. They are timely.

[5:02 - 5:18] Jasson Casey, CEO of Beyond Identity:  They're costly. They soak a lot of energy. In the corporate world, this is a security incident, right? Security incidents are things that you are forced to respond to. And the number one cause of security incidents is the identity system of an organization.

[5:19 - 5:31] Jasson Casey, CEO of Beyond Identity:  So you may not think of this often, but every time you log into your work, every time you access a service related to work, every time you touch a piece of data, you're actually going through an identity system to get that.

[5:32 - 5:45] Jasson Casey, CEO of Beyond Identity:  Now, it doesn't matter if you're an employee, a contractor. It doesn't matter if you're working on work-managed devices or if you're working on a BYOD device. In all cases, you're going through the identity system to touch that service or data.

[5:45 - 5:58] Jasson Casey, CEO of Beyond Identity:  And according to Verizon, they have this thing called DBIR, a database of incident response, Mandian's threat report or CrowdStrike's threat report. 70% to 80% of all security incidents are kind of a failure of this identity system.

[5:58 - 6:10] Jasson Casey, CEO of Beyond Identity:  So, like, identity really is the number one cause of these problems. And we think at a high level the reason is identity was built around a concept of productivity. How do I get you to work fast, right?

[6:11 - 6:17] Jasson Casey, CEO of Beyond Identity: I get you to work fast doesn't really have a lot in common with, how do I make sure I don't get the bad guy to your work fast too?

[6:17 - 6:36] Justin Daniels: So, Jason, on this identity access management, I'd be interested for your take on how this evolvesbecause lookall the money that banks, insurance companies have spent on voice identity access management authentication.

[6:37 - 6:51] Justin Daniels: On top of I literally was able to make a deep fake of myself on Gemini, Google's AI with a picture of myself and I sent it to Jody and it wasn't that great, but I did it in like four minutes.

[6:54 - 7:03] Justin Daniels:  How do we respond I mean it like it evolved so quickly with identity access management How do you as a professional how do we respond to this

[7:03 - 7:16] Jasson Casey, CEO of Beyond Identity:  Yeah, I think it's a great illustration of, like, a mismanagement of the problem. So let's talk about the problem a little bit. The AI is this amazing tool that is the ultimate mimic.

[7:17 - 7:49] Jasson Casey, CEO of Beyond Identity: AI I can sound like you I can look like you and I can write like you and this is a great productivity tool I can actually get an editor and help me write faster and write better did you know I don't speak English I only speak Spanish this real time AI translation is great isn't it you probably also can't tell I got kicked by a horse this weekend and so I don't want you to see all of my bandages and my black eye I'm using a real-time AI engine to mask that.

[7:50 - 8:01] Jasson Casey, CEO of Beyond Identity:  These are all real applications that already happen. Look at a company. They're called Deep Voodoo. It's a company started by the same guys that did South Park.

[8:02 - 8:13] Jasson Casey, CEO of Beyond Identity:  And it is using the exact same technology not to deepfake anyone, but to actually lower the cost of production in movies and film. And it is real-time.

[8:13 - 8:27] Jasson Casey, CEO of Beyond Identity:  It's real-time audio and it's real-time video. And there are many other examples of this. So you think about security and you think about, well, how are you going to handle the mismanage of this?

[8:27 - 8:42] Jasson Casey, CEO of Beyond Identity:  And you can see a ton of companies actually building deepfake detectors. And we think that is kind of a miscategorization of the problem. Like, is this a deepfake? What is the utility of asking that question when I don't even speak your language?

[8:42 - 8:54] Jasson Casey, CEO of Beyond Identity:  Like, of course there's an AI engine translating me in real time. What is the utility when I'm using it to cover up my black eye from my farming accident? Like, what is the utility there?

[8:54 - 9:08] Jasson Casey, CEO of Beyond Identity:  So we argue that's not even a good question to ask. And from a technical perspective, it's also a bit of an arms race. Every detector can be used to train the next generation of generators.So we think a better questionthis coming from?

[9:08 - 9:20] Jasson Casey, CEO of Beyond Identity:  What device is this coming from? What level of assurance around identity and authentication can I get with what's actually going on here? And that is a solvable problem.

[9:20 - 9:45] Jasson Casey, CEO of Beyond Identity:  It's solvable in what we call a deterministic, not a probabilistic way. I'm not telling you that 80% of the time this is correct with a confidence interval. I'm telling you that this feed, this may not be what Jason looks like today, but this feed is coming from Jason's computer with the security controls that you would expect on Jason's computer administered by Beyond Identity, and Jason's approved a possession and a biometric factor at the initiation of this Zoom chat.

[9:46 - 10:02] Jasson Casey, CEO of Beyond Identity:  So, like, there are absolute ways of kind of leveraging the hardware around us to answer a different but much stronger question of not is this a deepfake or is AI being used in the production of this content, but who actually is authorizing the production of this content.

[10:02 - 10:13] Jasson Casey, CEO of Beyond Identity:  And we actually have the banking industry to thank for this. This is all rooted in technology that was initially rolled out in the support of mobile payments.

[10:13 - 10:25] Jasson Casey, CEO of Beyond Identity:  When you pay for a cup of coffee at the coffee shop in the morning with your Apple or your Google phone, you're actually using something called a secure enclave on that phone. It looks just like the enclave on your credit card.

[10:25 - 10:38] Jasson Casey, CEO of Beyond Identity:  It has a little signing key. A receipt is sent over the air to your phone. Your phone will then staple two bits of information to that receipt. one is some sort of proof of a possession factor, right?

[10:39 - 10:53] Jasson Casey, CEO of Beyond Identity:  Like this is the key that was enrolled. And then two is some sort of proof of some second factor, right?Usually you put a pen into your phoneyou put a, you smile and give the phone a biometric, right?

[10:54 - 11:05] Jasson Casey, CEO of Beyond Identity:  And then it will sign over that whole thing with that private key and that local enclave and present it back to the merchant. The merchant will verify it with their bank and, you know, The teller smiles and hands you your coffee.

[11:06 - 11:27] Jasson Casey, CEO of Beyond Identity:  That technology now exists in almost all modern electronics, and here at Beyond Identity, we leverage it to actually answer real security questions in a very kind of careless and useful way to allow people to get to work, to allow customers to transact faster, and to allow companies to also build out automation in a more secure way.

[11:28 - 11:45] Jodi Daniels:  Let's talk a little bit more about what that looks like, because you shared before, one of the big challenges is everyone's trying to log in to their systems. I have multiple systems. I have my traditional login. How does the description that you just provided and that kind of mobile payment technology, you said that you've built that in here.

[11:45 - 11:57] Jodi Daniels:  So what does that look like for a company who has their employees trying to log into all their systems? Where does Beyond Identity fit? And I'll let you take it from there.

[11:57 - 12:07] Jasson Casey, CEO of Beyond Identity:  So we're an identity defense platform. You plug out – so every company has an existing identity stack, and it's probably based on a company called Okta or a company called Microsoft. Maybe you've heard of them.

[12:08 - 12:22] Jasson Casey, CEO of Beyond Identity:  They have a platform called Intra. There's also some players out there like Ping and Google Workspace. We'll plug into or integrate into that existing identity provider, and we basically add a defensive layer.

[12:22 - 12:35] Jasson Casey, CEO of Beyond Identity:  So your end users will see beyond identity at the authentication screen, and we'll take charge of the authentication. The user basically gets to do away with the password as part of the process, so they don't have to deal with that if the company chooses.

[12:36 - 12:47] Jasson Casey, CEO of Beyond Identity:  But we guarantee that there will be no phishing-based access or security incidents, period, for any of those users moving forward.

[12:47 - 12:59] Jasson Casey, CEO of Beyond Identity:  And we help the company answer the questions of, like, what user on what machine with what security controls is asking for what data for how long in what geography? And we can answer that question deterministically.

[13:00 - 13:19] Jasson Casey, CEO of Beyond Identity:  Traditionally, that's kind of a probabilistic question. And we can answer it using kind of that hardware-backed provenance that I described, that largely we can thank the mobile industry for introducing it to mobile phones,and then we can thank the CPU industry for beingthe right description, but they don't want to build two things.

[13:19 - 13:28] Jasson Casey, CEO of Beyond Identity:  They want to build one thing. So it turns out almost every chip they build, whether it's for a laptop, a workstation, a server, or a mobile device has a lot of the same common components.

[13:29 - 13:37] Jodi Daniels:  That makes sense. Thank you. It's really interesting. I do like my little double click when I got to go pay for my something with my Apple Pay.

[13:38 - 14:03] Justin Daniels:  Well, I guess, Jason, if you have this whole system with mobile payments, I guess you're saying it's not proliferating because other people just want to have one chip?Because data breaches you correct about what you said about identity access management Andguess how come the problem is persisting if you got companies like yours that use this technology or that the mobile payments industry seems to have developed and seems pretty mature?

[14:04 - 14:15] Jasson Casey, CEO of Beyond Identity:  So you actually don't have this problem stealing mobile payment keys. What you have is you have this problem with people actually stealing user credentials or workload credentials.

[14:16 - 14:35] Jasson Casey, CEO of Beyond Identity:  So the technology hasn't actually crossed the chasm yet. I would argue we're really the only company doing it the way I described, and we're also a very young company. So we have a handful of customers that are using this technology, and we've actually got a couple of use cases with several of them showing the rate of security and it's dropping to zero of these categories.

[14:37 - 14:49] Jasson Casey, CEO of Beyond Identity:  But just to kind of mentally think about it, right, Like most authentication today that people experience is based on something they share, right? You remember a password and you share it.

[14:49 - 14:59] Jasson Casey, CEO of Beyond Identity:  You then get to that second screen saying, well, what's your code? And you pull up your phone and you look at, see what your code is, and then you share it. These things, as they're shared, they have to travel, right?

[14:59 - 15:10] Jasson Casey, CEO of Beyond Identity:  They travel through machines, and this creates an opportunity for someone to steal this data. Any piece of data that moves can be stolen, can be read, either by an insider or a malicious third party.

[15:10 - 15:27] Jasson Casey, CEO of Beyond Identity:  by transitioning this concept to something that does not have to move, right, a signing key, if you will, by something that never moves, right, that's hardware-backed and it's device-bound, you actually remove the ability of credential theft.

[15:27 - 15:41] Jasson Casey, CEO of Beyond Identity:  Like, it physically is not possible to steal it. And there's some other things we do as well, because if the adversary can't steal the key, then they may try and man in the middle of the connection and do something called a signing full attack. But these are actually solvable problems if you solve them in the right way.

[15:41 - 15:46] Jasson Casey, CEO of Beyond Identity:  And I would say we're seeing early success in our approach, but it's still early times.

[15:47 - 16:11] Jodi Daniels:  I want to go back to, Justin, what you were talking about with deep fakes and AI. And, Jason, you had some thoughts on those questions. These are real challenges that people have today. So can you elaborate a little bit more on how your approach and the questions that you were talking about, companies can try and reduce the reality of AI deepfakes and trying to protect their environments?

[16:11 - 16:26] Jasson Casey, CEO of Beyond Identity:  So you're not going to reduce the rate of deepfakes. In fact, we're going to see that skyrocket. What you're going to do is you're going to figure out how do I establish assurance that who I'm communicating with or the data that I'm consuming is legitimate.

[16:26 - 16:40] Jasson Casey, CEO of Beyond Identity:  and of the prominence that I expect. So it's a slightly different problem. There's a little bit of market education involved. But the answer there is if I have device-backed, excuse me, if I have device-bound, hardware-backed identity, right?

[16:40 - 16:57] Jasson Casey, CEO of Beyond Identity:  Like I always know I'm talking to this person on this device with these security controls. It's very easy to leverage or bridge that concept into now a test to this piece of data, a test that this piece of data is, in fact, coming from that person on that device with those security controls.

[16:57 - 17:27] Jasson Casey, CEO of Beyond Identity:  And so what that means in practical sense is we built plugins for Teams, for Microsoft Outlook, for Zoom. In fact, that's what this green label is up here. And we built these plugins to where when you plug us into your kind of productivity suite, we can actually start cryptographically signing this content, whether it's real-time or offline, so that when you consume it, you can actually understand, is this actually coming from Jason's computer?

[17:27 - 17:39] Jasson Casey, CEO of Beyond Identity:  Did Jason use a strong level of authentication when he generated or started the particular Zoom session? It's a much stronger question to answer than, is this a deep fake?

[17:40 - 17:51] Jodi Daniels: follow-on was going to be,have the traditional username and password, we have contractors who are bringing your own device. I might have a mobile phone. I might have my work computer.

[17:52 - 18:04] Jodi Daniels:  And so you do have people who are kind of flipping between devices. Can you talk a little bit about how does the solution recognize that? And maybe that's part of the plug-in that you were just describing.

[18:05 - 18:16] Jasson Casey, CEO of Beyond Identity:  So in our system, we have an authenticator, and our authenticator runs on the device you're working from. If you're working on your phone, it runs on your phone. If you're working on your computer, it works on your computer.

[18:17 - 18:28] Jasson Casey, CEO of Beyond Identity:  Our authenticator does not require privilege. So our Authenticator gets installed on BYOD. It gets installed on third-party devices. So, like, let's say you have a consulting firm doing some work for you.

[18:28 - 18:43] Jasson Casey, CEO of Beyond Identity:  It would be on their devices as they access your infrastructure. No different than how they would use an Authenticator to access your infrastructure today. The only difference is rather than pulling out a second device to get work done, it all happens on the device you're actually working from.

[18:44 - 18:54] Jasson Casey, CEO of Beyond Identity:  Because we're hardware-backed and device-bound, every authentication actually produces a unique signature that is unforgeable and trackable back to that singular device.

[18:55 - 19:06] Jasson Casey, CEO of Beyond Identity:  So the unique thing you get in our system is every authentication in your log you can track back to a singular person, a singular device, and the controls on that device in that moment in time. It doesn't matter if it's BYOD.

[19:07 - 19:22] Jasson Casey, CEO of Beyond Identity:  It doesn't matter if you manage it or not. We help you understand exactly what it is. And the way customers take advantage of this is they may have more sensitive information that they won't allow access under some scenarios.

[19:22 - 19:33] Jasson Casey, CEO of Beyond Identity:  They may be a little bit more progressive where they're going to allow BYOD, but they're going to expect responsible management of that BYOD. They're going to expect certain kind of good practices and security controls to be present.

[19:34 - 19:38] Jasson Casey, CEO of Beyond Identity:  And as part of authentication, we'll verify that those things are all true before essentially we provide access.

[19:40 - 19:41] Jodi Daniels:  Thank you. Really helpful.

[19:42 - 19:57] Justin Daniels:  So as we alluded to, you know, as I gave you those examples with AI and deep fakes, obviously this identity-based threat is really evolving.

[19:59 - 20:31] Justin Daniels:  And I literally have a consult coming up next week with someone like, hey, how do we rethink handling deep fakes from a security perspective? From your standpoint, with your years of experience in what you're doing, how are you suggesting that security leaders rethink not only identity access management, but more generally, what does security look like now that you've got to contend with deep fakes that could be on the Internet of the CEO of a publicly traded company saying something that tanks the stock and it was fake?

[20:32 - 21:04] Jasson Casey, CEO of Beyond Identity:  So a couple things. Number one, I'd say the industry has spent the last 20 years focused on detection and response. And we've gotten really good at it, right?But detection and response is still being really good at putting out our kitchen fires We nowability to actually prevent these kitchen fires We now have an ability to actually change some of our architecture So the number one thing I tell folks is to kind of rethink their assumptionsof how they'veorganized security, their security architecture,

[21:04 - 21:16] Jasson Casey, CEO of Beyond Identity:  their security operations, and their approach to IT. How much of it is responsive, because that was the best tool that was available when they established the program,versus howcould actually shift to be more preventative today, right?

[21:16 - 21:27] Jasson Casey, CEO of Beyond Identity:  Prevention is always cheaper than response. And then as we drill into some of these things around deepfakes, we're still asking a question of authenticity and providence.

[21:27 - 21:46] Jasson Casey, CEO of Beyond Identity:  Who signed off on this? And why do I trust that statement of who signed off on this? That question is valid for whether it's a media clip, whether it's a press release, whether it's code that I'm actually compiling to build into a product to go install in the core of some infrastructure, right?

[21:46 - 21:58] Jasson Casey, CEO of Beyond Identity:  Like think about SolarWinds and Sunspot and how Russia actually compromised the inside of some organizations by essentially piggybacking inside of critical software. It's still a prominence question.

[21:58 - 22:17] Jasson Casey, CEO of Beyond Identity:  Where did this come from? On whose authority with what security controls? And whether it's with us or some other company, it is now possible to leverage strong identity or identity defense to answer a lot of these questions, from things like video to code to just basic application interaction.

[22:19 - 22:32] Jodi Daniels:  Jason, with all the knowledge that you have, I imagine when you are out and about and people appreciate you are the security guy, What is your best security tip that you might offer them?

[22:36 - 22:47] Jasson Casey, CEO of Beyond Identity:  I mean, it really comes back to credential theft, right? Like when you look at what companies work on, right, like pull the ticket workloads from their security operations center or their MSSP that's actually working.

[22:48 - 23:04] Jasson Casey, CEO of Beyond Identity:  70% to 80% of it has to do with credential theft. Now, they may think, oh, it's password theft. I have all these other controls. I train all these people on this. I already spend a lot of money on this. I would still come back to you're spending time and energy on detecting and putting out kitchen fires.

[23:05 - 23:21] Jasson Casey, CEO of Beyond Identity:  What if the kitchen fire never started? And did you actually know that most of them are it's possible to prevent them? How do I actually do that? How do I get in some of this device-backed hardware or device-bound hardware-backed identity?

[23:22 - 23:36] Jasson Casey, CEO of Beyond Identity: The other analogies that I would flip to is, you know, by continuing toon after or post-incident response, you're setting your team up for failure, right?

[23:36 - 23:46] Jasson Casey, CEO of Beyond Identity:  Like in the deepfick example, we're literally sending humans to fight robots, right? Like how do I know that link is really a phishing link? How do I know that QR code is like a legitimate QR code I should follow or not?

[23:46 - 24:01] Jasson Casey, CEO of Beyond Identity:  Like does this smell like chloroform? Like, that's not a winnable question. It's not even an answerable question. So you kind of have to change the equation, right? And so it really is challenging our thinking and challenging our assumptions.

[24:01 - 24:11] Jasson Casey, CEO of Beyond Identity:  A lot of what we're doing today is the momentum of what we've been doing for a decade and a half. What are those fundamental assumptions and which ones used to be true but are no longer so?

[24:13 - 24:14] Jodi Daniels:  Well, thank you.

[24:17 - 24:27] Justin Daniels: not out creating amazing ways to secure people from an identity accessmanagement perspective what do you

[24:27 - 24:54] Jasson Casey, CEO of Beyond Identity: like to do for fun I dream about the times it's been a pretty busy year I've been on the road quite a bit what do I do for fun I love cooking I really everybody's got to eat. I travel a lot. The easiest way to get to know folks is over good food. So I do try and spend a bit of time and energy. And I get a lot of help actually from some of my friends around finding good spots, really interesting kind of off the road spots in a lot of my travels.

[24:54 - 25:11] Jasson Casey, CEO of Beyond Identity:  When I'm at home, I do try and cook a lot. It's relaxing. It's cathartic. It's fun. It's also, it's kind of engineering, right? Like food is a science. Food is a bit of mechanical and chemical engineering. And you can really surprise people by actually just thinking about some of thefundamentals sometimes too. Do

[25:12 - 25:14] Jodi Daniels: favorite dish or cuisine you enjoy?

[25:15 - 25:35] Jasson Casey, CEO of Beyond Identity:  I honestly, I enjoy everything. But like the, let's see, the dish that I think, the dish my wife likes the best is I figured out how to do a veggie ramen for her that actually is decent. And it took me, it took me a couple of months of experimentation during COVID.

[25:36 - 26:03] Jasson Casey, CEO of Beyond Identity:  It's like a four day process. It's not four days of work, but like you're, you're, you're doing something every day and then kind of letting like, uh, uh, uh, flavors and, um, uh, and, and, and things kind of like, uh, uh, sink in and kind of marinate. The, the, the easy thing that I do that'salways a crowd pleaser thoughUm, uh, like a, like an overnight fermented dough, um, And then just a fresh sauce, and then our neighbors have this beautiful outdoor pizza oven.

[26:04 - 26:10] Jasson Casey, CEO of Beyond Identity:  And so it's pretty easy just to kind of cook really good pizza for folks, and it's not a lot of work, and it's definitely a pleaser.

[26:11 - 26:14] Jodi Daniels:  I've heard about those really cool ovens. Those seem so neat.

[26:15 - 26:27] Jasson Casey, CEO of Beyond Identity:  They're a lot of fun. It was intimidating at first, but then you just try it, and it's not that big a deal.And, you know,who did it, he's an architect, so he spent a lot of time and energy exactly about what it all looks like.

[26:27 - 26:31] Jasson Casey, CEO of Beyond Identity:  So it's really cool.But it's also pretty primitive, right?

[26:29 - 26:30] Podcast Narrator: also pretty primi

[26:31 - 26:46] Jasson Casey, CEO of Beyond Identity:  You throw wood in the back, you get it up to 700 degrees, and you're basically, your dough is, it's flour, it's salt, it's water, it's yeast. Your sauce is literally tomatoes off the vine and salt and cheese and herbs.

[26:46 - 26:50] Jasson Casey, CEO of Beyond Identity:  And it's amazing how good something so simple can be.

[26:51 - 27:00] Jodi Daniels:  I love things that are simple. Well, Jason, we're so glad that you came to join us today. If people would like to learn more about Beyond Identity and connect with you, where should they go?

[27:01 - 27:13] Jasson Casey, CEO of Beyond Identity:  Come to our website. We make a lot of material available on the website to read and to watch. You can certainly reach out to us through the website. You can reach out to me on LinkedIn or on X.

[27:14 - 27:21] Jasson Casey, CEO of Beyond Identity:  I don't really post much on X. I'm more of a lurker, but I'm pretty active on LinkedIn. And, yeah, just follow up in any of those ways.

[27:21 - 27:24] Jodi Daniels:  Well, wonderful. Thank you again. We really appreciate it.

[27:25 - 27:26] Jasson Casey, CEO of Beyond Identity:  Thanks for having me.

[27:26 - 27:41] Podcast Narrator:  thanks for listening to the she said privacy he said security podcast if you haven't already be sure to click subscribe to get future episodes and check us out on linkedin see you next time

‍

‍

‍