Hi, everyone! I'm Ed Amoroso and this week I'm standing with one of my good friends, Elad Yoran, the chairman of Koolspan. Elad, thanks for joining us. Ed, delighted to be here. Thank you for the opportunity. Nice standing here in the lobby at the NYU Tandon School, and hey we want to learn about you. Tell us a little bit about yourself. How you kind of got interested in technology and ultimately into cybersecurity. So first, I spent a couple of years at this very school, at this very building back before I was ten. And so, really wonderful to be back here with all of you guys. Back then it was Brooklyn Poly. So, shout out to all the Poly folks. That's great. So you came here, what were you studying at the school? So I was working with one of the professors here, who is doing some research in the area of infrastructure protection, bringing in the sort of things we had done in the cyber world into the area of urban infrastructure protection. It was a very interesting two years. Now, you'd been in military school before that. Tell us a little about that. I had been in military school. So, undergraduate degree at West Point, Engineering Management-Industrial Engineering. So all the electrical engineering equations on that board behind me, you know, kind of go way over my head at this point in time. I used to know that years ago. But West Point underground, and served as an army officer, deployed, came back, graduate school and got into cyber. It wasn't called cyber back then. We didn't have that sexy name, cyber. It was computer security, network security, and sometimes infosec. Infosec was about as cool as it got. But got into it because, I think because of the military aspect. Sort of had already been trained to think in terms of perimeters and security and defense in depth, and all those sort of concepts that we had been talking about for years. And applying into an area that I was just enjoying, working in computers, hacking, playing with computers. I had my first computer at the age of 12 and I guess, sort of the rest as they say is history. It's awesome. I bet during that time, you're probably working like the rest of us in sort of data security but now you work in a very interesting area. When you focused on voice, and mobility, and people using smartphones to communicate. Tell us more about the threat there, should people be worried about the voice security the way we've always worried about data? So we started thinking about networks and data, and now it's voice. It is kind of a privilege to be talking to you, the guru of telco security and networks. So we are now worried about voice. Right. That's the oldest thing that people talk on their mobile devices. It used to be phones, we used to call them phones, now they are smartphones. But the simplest thing to do is don't make a phone call. Maybe the second simplest is send a text message. And we know because of internetworking with different carriers around the world. Not many I would say, are as sophisticated as AT&T obviously. And you have carriers in different parts of the world that are much less sophisticated, much less advanced. Internetworking with ours and others around the world and you create this environment that can be exploited by people, by foreign governments, by hackers. And so it's a big deal and now it's an issue that's sort of rising up to the top of the awareness level, I think. Tell me if I'm thinking about this right. So obviously, data security is about a bunch of ones and zeros and data and email and files and things. But voice today is no longer analog. It's ones and zeros. Voice is data. As our community here thinks about that, is that like this merge of voice and almost any type of computing or communications that are all converging on common technology. So these threats are probably converging too. Am I thinking about that right? I think, you are thinking about it absolutely the right way. I mean, let me say, a voice used to be on one network and the data on a separate network. And now it's all integrated. So voice calls today are IP based. And so it's all one network. And so whether we are thinking about voice or data. I mean, the construct of sort of dealing with the issue is very similar. You see a lot of business executives worried as they travel and they're all kinds of crazy places and bringing their phone, being worried maybe about eavesdropping and other kinds of things going on. So we've been thinking about this problem for a number of years. And recently as two years ago, people said, "Who would want to listen to my phone calls? " There were sort of security by obscurity, right? I mean today, nobody thinks that. Everybody's aware that what they say is being intercepted and being monitored. And interestingly enough in all of my entrepreneurial experience in different areas of cyber, this is the first time where frankly the market evolved first overseas. And when we talked to our customers in South America, in Asia, in Europe, Middle East, they've been worried about this issue a lot longer than we have and we are only catching up in the United States. I think it's the issue of trust that they have less of when it comes to their own government, certainly our government and others in their own communities whether it's criminals, hackers, etc. I don't know if it's a good thing, but on the trust, this is an equilibrium that's being reached here. Either we're losing trust here or somehow the equation is coming to the equilibrium for whatever reason. Our community will resonate a very international group that's part of our learning community here. Now at Koolspan, how do you solve it? I assume with a software encryption on the device. Over the top. Over the top, meaning, services running on top of the underlying infrastructure, IP and delivery. Correct. So, it's an application that's installed on the handset. It can be downloaded it from the Google Play store or iTunes store or be provisioned by-. Onto my iPhone. Onto your iPhone, onto your Samsung phone or other Android device. Most typically, it is managed by your company's IT department or your company's security department. And then to you as an employee of a company, it's just an app and you make your phone calls and make your text, do that. The one thing that we've been able to do that I think is unique or strongly where the innovation takes place is the ability to encrypt the phone call and then boost the quality and experience. You've used encrypted phone calls as a line. Historically, it's always been tough experience when you use of a phone call. You know, how it's supposed to sound like? Tinny robotic. Yeah. You go secure and it is definitely degradation there. But really interesting to be able to take of a regular phone call, add all the security around it and at the same time boost it to enhance the quality. That's awesome. So I submit to you that today people are using it because it's secure. They started using it because it's secure. They keep using it just because it sounds so much better. Not like I sound today. But generally speaking, it sounds so much better than a regular phone call. I say in few years from now, or four, five years, six years from now, every phone call by default will be secure. I mean, why would you make a regular call when making a secure call is so much better. I totally agree. Now here in the U.S., government agencies kind of figured this out. Do you see sort of a trend towards more awareness reports coming out, things like that maybe point to mobility and mobility security? So it's been a long time coming but the short answer is yes, I can point to two reports. One was published in March of 2017. The FCC working group published a set of recommendations around signaling system 7. And then more recently than that in late April, Department of Homeland Security published what I think is really a wonderful report. They did a bang up job addressing sort of a broad set of issues related to mobile security on the device side and on the network side. And that's a great report, that DHS report really does lay out the whole framework and threat landscape and makes some good recommendations around the area of security. There are tables in that report that just simply present what the issues are. Technologies that are available to mitigate some of the risks. And it did a great job. It's a long report. It's over 100 pages but worthwhile reading. That's homework assignment for you guys. Are you surprised that we don't see voice conversations on WikiLeaks? Or maybe we have but seems like that may be sort of the next of big threat. Lord knows I wouldn't want any of my voice conversations posted to the internet. Is that common? I mean, how could it not be? I know. It's interesting when we started our careers, the advice we got from the then-older and more-experienced folks were, "Don't write it down if you don't want people to discover it later on." "Don't enter it into email." "Don't put it in email." Pick up the phone and keep it in the realm of voice because it's ephemeral. It will be gone. But your question about WikiLeaks, I don't think that advice, necessarily, is good advice anymore because WikiLeaks could have voice recordings, text messages just as easily as email. Sort of profound like that ephemeral or temporary nature of any kind of communication. You wonder if that even exists anymore. You know, it's just sort of like anything you do that involves electronics, it's going to be there may be forever. Either it'll be there forever or the metadata associated. There's a whole separate conversation around metadata. But it's a big deal. It's becoming important. I think over the next year, two, three, we're going to be hearing an awful lot about the value of metadata or potentially the risks associated with it depending on what side of the equation one is on. Well, I appreciate everything you do at Koolspan. I'm glad you do what you do at Koolspan. Helping us keep voice communication safe. I hope our whole community goes and takes a look at Koolspan. You'll learn a little bit more about the product there and learn about maybe how they might use the tool. Well, I appreciate it. Thank you. Yeah it's great. He's the legend. Thank you for the opportunity of coming in and chatting with you. It's great. That's great. Thanks. On behalf of the whole group, I appreciate your time. No, delighted to do it. Thanks man. I'll see you.
