This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Ryan Winn: And so it really is how do we clean up our environment? How do we create resilience? How do we, build a partnership where instead of making your life harder, we're actually giving you tools that, reduce the burden of InfoSec on top of your already busy day.

Drex DeFord: I'm Drex DeFord, a recovering healthcare CIO and long time cyber advisor for some of the world's most innovative cybersecurity companies.

Now I'm president of Cyber and Risk at This Week Health and the 229 Project, where we are dedicated to transforming healthcare one connection at a time. Our keynote show is designed to share conference level value with you every week. Now, let's get started with today's episode

Ultimately, how that will help secure the future. Of patient care. Today's webinar is sponsored by the good folks at Zscaler. I'm Drex Ford. I'm your host today, the cyber and risk guy at this week Health and if you would please hang in there with me. We're gonna give folks a couple of minutes to show up late.

Because that's the world that we live in today, folks will be a little bit late. The last meeting ran over. We'll want to give everybody a couple of minutes. So we'll get underway with the webinar shortly. For those who've already joined us, thanks for being here. Thanks for submitting questions for the webinar.

We've been looking at those. For those of you who put questions in when you're registered we've got a lot of them. And as a reminder, you can submit additional questions. During the webinar, through the webinar sidebar, there's a q and a block for that, and I have that up and running and Holly's gonna keep me squared away.

What was your very first computer?

You couldn't save anything unless you bought a tape deck Which I couldn't afford at the time, so if I wrote a program, I just had to leave it on.

Drex DeFord: I love that. Tamer, I know we've talked about this before you didn't buy your first computer, right?

You built it.

Tamer Baker: That's right. Yeah. So the first computer I built because we couldn't afford to buy a computer for a long time, and I had a friend of the family that was more well off. He saw my inclination to it and he offered to buy me a computer and I said no, just get these parts for me.

So

Drex DeFord: amazing. Yeah, so amazing back then too.

Tamer Baker: It was really fun to upgrade, right? Like you buy next extra one little meg Rams stick and you're like, yes, this is great. This thing

Drex DeFord: screams now. Yeah. Yeah, when you had little ports we could actually plug things in and make your computer better. Yeah, I was a Commodore 64 guy yeah, I had a little black and white TV that it plugged into.

And like you Ryan, anything that I did on it. It had to stay on all the time. I think I wound up getting some sort of a cassette player or something that I could save off to the cassette so I could reload stuff later. But yeah, what a terrible way to start. And look at us now. I.

Tamer Baker: We got our first Q and A question in.

Drex DeFord: Oh, the K Pro people answering the question too. The K Pro. Yeah. Yeah. That's a classic too. You can tell when people answer this question. There's a little bit about being able to figure out their age by the answer to this question too. Especially if you're a bunch of nerds like us. Okay. As I said earlier, this is the Zero Trust Hospital revolutionizing healthcare security for the digital age.

A webinar sponsored by Zscaler. Again, I'm Drex DeFord, a long time recovering healthcare, CIO. Now I'm the cybersecurity and risk leader of This Week Health in the 229 project, and I'll be your moderator today in the virtual room with me here are a couple of my friends and a pair of folks who can really get into the practical parts of how to do Zero Trust.

Tamer Baker: Thank you for having us. Yeah, thanks for having us.

Drex DeFord: Again, to the audience thanks for being here. Thanks for submitting questions when you register. And of course, thanks to Zscaler and our panelists and a quick thanks to Holly too.

'cause Holly, our producer actually is the one who keeps us on the straight and narrow. So let's start with some introductions. Ryan why don't you go first, tell us a little bit about your background and then we'll flip over to Tamer.

Ryan Winn: Sure. Sounds good. Yeah. My name's Ryan Winn. I'm the chief Information Security Officer for Advent Health.

Some of you may know us, some of you maybe not. We're a fairly large healthcare system based out of Orlando, Florida. We're in nine states, 50 plus hospitals. We're growing pretty fast and we just crested a hundred thousand users and really excited about the growth and trajectory and glad to be here and be able to talk with you guys today

Drex DeFord: Appreciate it. Tamer what's going on buddy?

And for those of you, again, that don't realize we're not just a verticalized healthcare in the sense of we've got an account team that does healthcare. It's everything from myself, from the product side building in all the, and providing integrations, medical device security, et cetera all the way down to our architects, our customer success managers, and, everything.

Like we have a full portfolio of healthcare specific folks here to support the team. So, happy to be here. Happy to have this conversation with both of you.

Drex DeFord: Yeah. Thanks. I'm really glad you're both here too. I've enjoyed all the prep time and the prep conversations with this too. so here's another thing.

You can download the book we'll make sure we put a link in the comments, but just in case you can go to this week, health.com/zero trust, and then scroll down. There's a link down there that says, download the book Now. It's in bright red, so go do that right now so you can get a copy of the book. This is just one

book in a series of books about Zero Trust, right. Tamer? Tell me a little bit about the others

Tamer Baker: so we it's a two book series right now. The second book is The Architect's Guide that was primarily authored by our principal engineers Steven Hajny. So. Between the two books, my CXO Vision book was tailored more towards this

The architect's guide is the detailed, like, how do you actually do it, and example, policies, examples of how you deploy this is so it's very detailed. So if you're on the webinar and you're CXO. I would still grab both books because you can get your architect's guide out to your teams as well.

And if you are an architect or a director or something that's not CXO level grab both books and hand it up to your CXO if that's of interest. So I highly recommend both books in the series.

Drex DeFord: This webinar actually is like the punchline of a whole series of podcasts that Tamer and I did around Zero Trust.

If you haven't seen those. We'll also send you a link to those podcasts so that you can read the book and follow along in the podcast. 'cause we track the chapters to the podcast too. Okay. Here we go. You guys ready?

Tamer Baker: Yeah, let's do it.

Drex DeFord: I'm gonna start obviously I'll start with Ryan.

Ryan Winn: I think I'm probably in a similar position to many of you on the call.

I came into this role about a year and a half ago and made a lot of changes, to update and put better technologies in place so that our security team had a, a. Decent chance of trying to secure our organization and be successful. So we basically ripped and replaced every piece of protective technology that we had out there the backend and support systems, ticketing privacy systems, all of those sorts of things.

So we went soup nuts and built completely new architecture for security. And in the process what we wanted to keep in mind was taking a zero trust. Lens and applying the framework principles. As we purchased, we made selections and we started to move forward. Obviously one of the partners that we selected to work with was Zscaler.

So we were rapid pace there. So, we started with, the proxy side of it and, what we're doing right now is we're actually moving into the ZPA space which, Tamer, I'll talk about the technical details of that later, but ultimately what we're really trying to do is solve some business problems with it.

So, there's absolutely security benefits. But what we're trying to prove is that there's also cost and benefits from just simplifying the way that your network works. And what we're trying to do is create models and we're really looking at the ambulatory space a lot as well to see if we can create a lower cost, go to market, speed to market.

For our ambulatory services because those are areas that are under significant financial pressure. So we're looking to start standing up zero trust clinics here very shortly. And ZPA is a basis of that branch connector, et cetera. And then a lot of this other infrastructure that we've put in place.

Drex DeFord: It's interesting to me that you rope into this, the idea that there's tech debt, there's other challenges in the organization.

You used the Zscaler project and the Zero Trust Program to help simplify the environment. Simpler is easier to operate and run, and it's obviously easier to secure too. How did you get everybody on board with that?

Ryan Winn: it's an ongoing process, so, we're in the early stages of what we're doing and when people talk about a zero trust journey, I think it's just that, and it's one that doesn't really end.

I don't think you ever get to a point where you feel like, Hey, I've nailed it. I am totally zero trust. We're good. What we're really trying to do is build a level of flexibility into the infrastructure that we put in place because, again, I assume, many of you suffer the same challenges.

And so, what we're hoping to do is our model, continues to progress. Speed to market is one of the key factors. And you can't move fast unless you have something that's repeatable. Repeatable tends to be simple and, simple is easier to secure than complex for sure.

Tamer Baker: I would say it's almost split 50 50 as far as a, who's a business owner of something like this? About half of our health systems, the business owners, the CISO, and then the other half is a CTO because, the CISOs want the security, et cetera that this provides.

It doesn't work well today. So when you do this simplification, it allows you to innovate faster. If it's a new physician that wants a new thing. New application, new da Vinci robot, whatever it may be. Or it's a business innovation, new acquisition, whatever it may be. Being able to have a simpler architecture, which is also secured, but allows you to do this innovation faster.

And that's one of the business values, that we actually talk about in the CXO vision.

I guess we can't have a webinar without talking about ai. We never, we can't have anything anymore without talking about ai. There's so many different forms of ai, so this can go in many different directions. Of course AI is one of those innovations that everybody wants, right?

Tamer Baker: Everybody needs it. If you're not using it some way, shape or form, or multiple different ways, right? For the clinician side, for the admin side, et cetera, you're gonna get left behind, right? You have to get on that train. The challenge becomes how do you do it? Securely because many organizations, haven't even stood up.

How do we govern it? What are the governance processes? So a lot of people have put just blocks into place and it's stifling that innovation. With something like this in place, though, this structure this way of doing quote unquote zero trust, like what Ryan was talking about, it allows you to implement these new innovations in AI

you can just block p sensitive data going in their PHI either sensitive information about the health system, et cetera. Just don't let that go through to it. Or the other flip side of it is maybe you're building an LLM, maybe you're building some models for, whether it's research or diagnostics or whatever it may be.

We wanna make sure that stuff isn't getting poisoned. We wanna make sure only the right users are accessing it. Make sure that bad actors can't get to it if they have compromised your system. Those are the challenges, like how do I do this securely and how do I do it to where I can't lose data and I can't compromise patient care, by a poisoned LLM,

but also enabling that business to do it.

It's, they're pretty interesting.

Tamer Baker: I'll talk two quick barriers that I've seen commonly. One is the perceived notion of disruption because people have tried to do zero trust in the past with, at the network layer, whether that's, acls, firewall rules dac, l, microsegmentation with other things.

There's so many different ways people have attempted to do it at the network layer, and. It's very disruptive. Lots of failed projects I've seen in the past that just gave zero trust that negative connotation, right? It became a four letter word in a lot of organizations and outside those organizations.

But in reality, once you see the modern way of trying to do it. You're not doing it at the network layer and you're not trying to deal with ips and firewall rules, et cetera. It becomes a lot simpler, as Ryan has talked about, and it becomes possible to do this a lot easier. Another perceived barrier is cost.

Costs. You're also taking out legacy tech debt. You're also lowering the cost to manage and maintain this because operationally now you're able to do this with fewer human capital hours because it's a lot simpler way to do it. So those are some of the barriers, and you can have these discussions across different teams in your organization to just alleviate that burden.

So it's a much easier process for those care providers and they don't even know it's zero trust 'cause you don't talk about it. In those terms. But we talk about it, well, we're gonna do a transformation or monetization or whatever. that helps alleviate that burden as well.

Drex DeFord: Yeah. I love where the story's going here. Simplification, creating agility for the business to be able to do the things that the business wants to do and needs to do quickly so that they're not hindered by the legacy stuff and the legacy. Mm. Way of doing things. I guess that a lot of organizations are mired in Ryan.

How do healthcare organizations measure success and progress in their zero trust journey? You talked about it being a journey, what are the measurement tools, the measurement things that you're looking at to see that you're making progress?

Ryan Winn: To Tamer's point, when we're talking about Zero Trust, we know that it's an embedded concept in what we're trying to do, but I almost never talk about Zero Trust from how do you brand it?

How are you

Drex DeFord: branding it?

'cause resilience is key, particularly in healthcare. I. We see this time and time again being more and more of a focus. So, how do you create resilience by having redundancies and simplification and, easier ways to do things than we've done historically. The other sort of like internal branding is what we're really trying to do is for years as a CISO.

And I've been on both sides of the fence. I've been a CIO, I've been a CISO and I've, delved on the technology side as well. You know what information security would typically do is they'd make your life harder. They'd say, Hey network team, this is all the stuff that you need to do in order to make us secure.

So we talk about network simplification that has absolutely nothing to do with a zero trust architecture necessarily. And so it really is how do we clean up our environment? How do we create resilience? How do we, build a partnership where instead of making your life harder, we're actually giving you tools that, reduce the burden of InfoSec on top of your already busy day.

I can default on all that debt and just start fresh. Right. That was powerful to me. I told him, as soon as he told me that line, I was like, I'm gonna reuse this over and over again. Like, defaulting on your tech debt was a fantastic way to put it.

Drex DeFord: Ryan, what's your vision for the role of Zero Trust?

Shaping the future of patient care. You talked on it there or maybe it was, Tamer mentioned it very briefly, physicians, they don't know why they like it, but they know it feels good, right? Yeah. What's the future tied to patient care and obviously operational efficiencies in general on the clinical side.

Ryan Winn: Yeah. I think it's a little bit of a cascading effect. So, when you're able to do things easier and faster for providers and they don't have to think about it it lets them pay more attention to patient care. So, I seriously doubt there's ever gonna be a time that's a physician comes to me and says, Hey, I really appreciate this zero trust stuff that'll never happen.

So I think ultimately the technology should be fairly transparent. It should be providing a layer of security without an extra layer of operational burden. And as a result, it gives providers the time to, refocus in the work that they really wanna be doing, which is, interacting and taking care of the communities that we serve.

Tamer Baker: I'm gonna be contrary to one statement that you made, which was, nobody will ever tell you thank you for, this is better. Because I've had two different CTOs of two different orgs tell me this. One of them said that their chief radiologist, and they were just deploying this to a couple of the radiologists, including the chief and, one or two others as a test.

You've made our lives so much faster and better. So that has happened at least. I've heard two different stories of it where you do get a thank you from some of the squeakiest wheels, which are those, remote imaging folks out there. So yes. If I get a hug I'll text the group and I will uh,

Ryan Winn: affirm your assertions there.

Drex DeFord: I want a photo of the hug in that's right in progress, like a selfie that we can, post. A good problem to have, right? When you have folks coming to you and starting to demand that you hurry up and get it to them because we're not gonna have great place to work scores this year if you guys don't get that tech to us

So that's what made them happy. And again, they had no idea they were getting zero trust access and it was way more secure.

Drex DeFord: Yeah. And just a reminder of the folks in the audience, if you want to submit questions, you absolutely can. There's q and a in the sidebar. Let me hit a couple of those.

These kind of could be maybe merged into the same question. The question I'll start with you, Tamer. Go to Ryan. How much difficulty is involved in handling the medical device space versus hospital users versus hospital guests. And the other question is in the same vein, how do you handle zero trust on IOT and medical devices that typically don't have things like user logging or don't support loading a client that whole group of kind of medical device stuff,

how do you guys handle that?

We've changed that paradigm even at that level.

Drex DeFord: The problem there often is that we take, because the only way to do this is. Through the legacy way we've always done it. Yeah. That it's so burdensome that we take shortcuts and create risk that we didn't intend to create, but just, dude, there's only so many hours in the day and so,

Tamer Baker: yeah. The difference now is, again, going back to the simplification and doing things easier, is instead of trying to create rules that way we're able to control their traffic flows by saying, Hey. It's human readable language on a screen. These types of devices are communicating to these things, and do you want to create a rule for this.

They have to get their updates from GE or whoever that you're using. So we're monitoring the communications as well externally and making sure that, hey, if this device starts talking to command and control. We need to do something about it. So a block that command and control so that the bad actors can't use it as a pivot point to move laterally and then also alert the team that something's going on there. There's a couple of ways that we handle those devices and we do it again in a simpler, easier to read way to do it.

Drex DeFord: Ryan give us some of the practical, real world? What are you guys thinking about medical devices and

things that have traditionally been, like both of you, I've been doing this for 30 plus years.

It's always been a very painful thing to try to figure out.

Our inventory systems, inventory spread between a bunch of different things, the logging platforms that we're using. When we started using this we were able to see what users were interacting. And, where they sat on the network to a certain extent, in a way that we never had done so before.

And we have the fingerprinting services and stuff to, you know, kind of define the devices. What it really has allowed us to do is understand how big the bread basket is a little bit better, and then start developing the strategy. So I think, with all of these kinds of problems, so first that you've gotta solve is do you know how big your problem is and do you know where things are? And if you can answer that, then you can come up with a strategy to move forward. The other thing, just from a very simplistic perspective is if you do it kind of depending on where you start from a zero trust perspective, one of the things you can do is get your users off the network.

but I don't think we're really in a place to, you know, pontificate on our particular segmentation strategy at this point, but I think we're getting really close to having a great plan because of a lot of, you know, the data that we've been able to aggregate.

Drex DeFord: so, one of the things we talked about prior to the webinar and the prep was using zero trust for you to be able to not only see the things that are on your network, but the apps that are on your network, and how that has changed the way you've thought about.

Driving prioritization and risk management and all of that. Tell me a little bit about that story, Ryan.

Ryan Winn: Very much the same way that we were looking for an accurate asset inventory for the things that are on our network. We were able to use telemetry from a variety of different systems to see all of the different applications that were being used.

Because again, to your point, Drex knowing what you have is. Maybe it's not half the battle, but it's probably a quarter of the battle. And then you can decide based on the, counts and if you feel like you've got accurate data at that point you can focus your remediation efforts on the vulnerabilities that are gonna give you the greatest level of protection.

So, again, I think it's the same play as the assets. You've gotta have the inventory and then you know, you can attack your vulnerabilities a lot more effectively. And then as you see that, one of the reasons for doing this is, eventually you want to be able to understand what your users are actually using.

In this frequency. That's what our licensure model should look like because yeah, right now we have a model that says, okay, we don't really know, so we're gonna buy everything. And I think that's another opportunity to maybe decrease some of the costs associated with There's a lot of

Drex DeFord: money to be there.

Yeah. License management. Yeah. App rationalization. Tamer, what else?

Tamer Baker: So I think a lot of what. Ryan's describing there's an actual Gartner framework that exists that he's actually talking about whether you were talking about it intentionally or not. But for those of you that have seen this it's one of the top trends that Gartner's put out called CTEM, which is Continuous Threat Exposure Management.

It's,, my phishing tests in the who's more susceptible to clicking those links, et cetera. Once you've defined that business from a business level. Next is what you've described Brian as just seeing what all the bad is. I gotta just uncover the bad, open those skeletons, shine the flashlight.

It gets uncomfortable because you're seeing that stuff, but now you have a complete picture of what all the bad looks like. The third step in it is that prioritization that you mentioned. So I'm going again through the CTEM meth mythology. When I look at all that information, I'm also looking at,

That's gonna be a lower priority for you versus another system that it is exposed to the internet. It's missing your EDR agent as an example that's gonna have a higher prioritization, but. More than that. It also takes into account your mitigating factors, right? So I'm understanding what mitigations I have in place today to help judge your prioritization.

Because I already have this segmented, I already have this, whatever, those lower prioritizations on that risk. And again, the CTEM there's a few other steps to it, but I'll stop there since this isn't a CE conversation, but that's a big part of the data fabric that Ryan talks about, which we offer as part of this package of zero trust.

So

What patches are the ones we really need to focus on. And that might not be the ones that you would naturally think of

Tamer Baker: Just to close off on the CTEM thing, there is a step in that too, which is remediating and having this extra context and workflow management between the different teams so that your Linux team sees, here's the top 10 things you gotta work on and why.

These are the ones you need to work on. And here's the, this team gets that. This team gets that and having that workflow being a closed loop so that when things get fixed, it automatically updates to somebody like Ryan who's tracking this so that he can report to the board or report to whoever he needs to report to.

Drex DeFord: This is our current status of risk, or this new zero day that's all over the news. And the board doesn't even understand why they're asking, but like, Hey, I'm hearing about this. Where do we stand with this? Zero day? Right? Like. It gives you an easy way to track and answer that.

Drex DeFord: Ryan, where do you start and what is a typical implementation lifecycle and what are the steps and how long do they take and you've talked about this a little bit, but I think this person's trying to get a little more specific on the. Where did you start and what were the steps that you went through, to get there?

Again, knowing it's a journey too. I think that's an important

Ryan Winn: Right, right. And I will say this, I think Tamer probably has a a better kind of general response to this for the steps. If you're working with Zscaler, these are the kind of sequence of events and what, is the fastest path going forward.

But I'll tell you, from my perspective, you just start, you have to find a place where you have a problem that you can solve with the technology. And that's where you start. In our instance, we were having performance issues with our proxy. And okay, well that opens the door to start the journey because we have the underlying.

And I think once you start getting traction and seeing success, and you really do solve a problem. You have the opportunity to take on that next problem and then advance, that thinking forward, to the next place. Yeah. So Tamer, I, you probably have a more direct answer than that.

Tamer Baker: so the answer I have, we've seen the journey differently across different organizations based off of the business needs that they're trying to solve for, which dictates the order of operations, right? Just doing something is the best advice. Just get started because one of the quote unquote barriers that you mentioned earlier, Drex, I only went over two.

And that's not atypical many of our organizations are doing this within the year, right? This is not a multi-year journey. Some of our organizations start where Ryan did, right? That's a great start to it. Other ones start where they go down the path of just take everything off the internet.

I don't want internet exposed things anymore. Let's hide that from the internet, because that's a step one that dramatically reduces your risk as well, right? Once you've gotten started, what does a phase two look like? What does a phase three look like?

And we have on our side when we're helping our customers architect this through. We utilize what your business needs are first. So some people's Phase two is, I wanna work on the data protection side of it, right? And then they start doing data protection across internet, CASB endpoint, et cetera, and all these different ways to do data protection.

So where to start typically is from your business need perspective, right? As Ryan mentioned, like he had a business need. That was his starting point. But the beauty of this is once you've gotten started, it's very easy to expand into the next phases because you're not getting more and more things.

You're just flipping on more switches, right? You're just saying, okay, let's turn this on. Now, let's turn this on. Now let's turn this on next, right? The hard part's done. The very initial implementation, no matter where you're starting point is.

Drex DeFord: A lot of us are perfectionists.

We really want to like have a good plan before we start. But the problem is that sometimes, on the Zero trust journey can feel like I'm paralyzed. I don't know what to do because I have to have everything figured out before I start and it just isn't the case. Right. Ryan?

And I think that's where you break out. And then you have something that allows you, like Tamer stated, it's a platform for innovation going forward. So yeah, a hundred percent agree.

Tamer Baker: I think even a precursor starting point would be having the conversations across the other business units, because if you really want to get started.

We want other folks on board. And again, you may not use zero trust as your terminology, as Ryan mentioned. You may just call it, Hey, we're gonna modernize, we're gonna transform, this is how it's gonna help you. CMIO. This is how it's going to help your teams chief radiologists, whatever it may be, so that the other business units are involved in that conversation.

Because if you start it without their buy-in it's a lot harder to get their buy-in later. So I think that's a good starting point as well, is those business conversations across the board, which we cover in that CXO vision book.

I can't believe we've been on this long already. There are so many things we could talk about. This is a great conversation. The question is very much tied to, Tamer's reference there. What service lines and stakeholders have you engaged with? And which of those have become the most valuable partners in justifying and implementing a zero Trust enterprise?

Ryan Winn: Yeah. I try to be really transparent about things. So I talk to everybody. I talk to our applications team, our technical folks, networking. what I find is, it's our operations areas that are actually strong advocates for trying things because they're the ones who experience the pain on a day-to-day basis of, how long it takes us to do X or the outages that we're creating with y kind of thing.

They have to be included in everybody thinks they're a change agent until they're not involved with a decision that they've, gets forced upon 'em. So I think it's a really good idea. Pull as many people as you can and make it a group effort. Not have it be a CTO thing or a CISO thing.

This is really a organizational effort and we're gonna try to make things better.

Tamer Baker: Yeah, I'll say our most successful deployments in healthcare are always the ones where it's all the various teams working together in it. Because it is multi beneficial, it is beneficial to the CISOs team, the CTOs team, the CMIOs team, like everybody benefits from it.

And when they're all working together on it, it makes things so great. I love those partners that are working together like that.

Drex DeFord: Everything's connected to everything else. So when you can get the right sheet music and get everybody playing the same tune, whatever the right analogy is, had it in the right direction, it can be really cool.

Tamer Baker: Yeah. Thank you. I can't believe we talked for over 45 minutes and it, and it was just a breeze. So thank you for moderating. I.

Drex DeFord: Of course.

Thanks to everyone who joined us today. We really appreciate you. We appreciate the questions that you asked. Some of them were incredibly insightful.

Don't forget, you can download Tamer's book right now. Go to this week, health.com/zero trust, and then scroll down. There's a link to download the book. It's in bright red. You can't miss it. Go do that right now. And of course, thanks to our partner Zscaler, who made the whole thing happen.

Thanks for listening to this week's keynote.

If you found value, share it with a peer. It's a great way to discuss the issues and in some cases, even start a mentoring relationship. One way you can support the show is to subscribe and leave us a rating. That would be really appreciated. Thanks for listening. That's all for now.