We are now live with episode 17 of the Cyber Talent Series!
Join Thomas Rogers, Co-Founder of SkillBit (Formerly MetaCTF), and co-host Phoebe DeVito as they connect with Alex Collison, Director of Information Security, Surface Area Management at Cargill, to discuss leading across vulnerability management, threat intelligence, and offensive security. Alex shares how she empowers her teams with autonomy and clear outcomes, and why leaning into discomfort is critical for growth. She also offers her perspective on upskilling through hands-on experience and navigating the security landscape influenced by the evolution of AI.
Tune in now with the player below, or check it out on the SkillBit (formerly known as MetaCTF) YouTube and Spotify channels!
Phoebe DeVito (00:00)
Welcome to the Cyber Talent Series, where we explore how organizations are closing skills gaps, accelerating onboarding, and building high performing cybersecurity teams. My name is Phoebe DeVito; I’m joined by my co-host, Thomas Rogers, and today, we are speaking with Alex Collison, Director of Information Technology Surface Area Management at Cargill.
Thank you so much for coming on, and welcome, Alex!
Alex Collison (00:31)
Thank you, Phoebe. I’m so happy to be here.
Phoebe DeVito (00:33)
Awesome. So to kick it off, could you just tell us a little bit more about who you are and what you do now?
Alex Collison (00:39)
Yeah, so as you mentioned, Phoebe, my name’s Alex Collison. I am Director of Information Security Surface Area Management. It’s a very long title, but really what it means is I run our vulnerability management team, threat intel team, threat hunt, and offensive security. And so those combined, our forces combined, work to proactively reduce Cargill’s attack surface. So trying to reduce the threats before they get in.
Phoebe DeVito (01:03)
That’s amazing. Earlier on in your career, you spent some time working with the NSA. And I’m just curious how that experience early on shaped how you think about security strategy now as you’re kind of in this large organization.
Alex Collison (01:17)
Yeah, NSA really was my first big girl job, as some people may So pretty much everything was new. And it was really the foundation of how I built my understanding of cybersecurity strategy do I or we as an organization defend against the bad guys. So from its very nature, NSA is very focused on intelligence. Do we have intelligence to suggest that X threat is a, you know, threat to national security. If so, then how are we being proactive to defend against that threat? What actions are we taking? What actions could we take? You cannot wait for an alarm to react. You had to be proactive. I’d also say that the focus was on real adversaries, not on compliance control.
That’s been, you know, one of the differences that I’ve recognized moving from government space to private sector. It wasn’t, we need to do this so audit is happy. It was always, we need to do this to protect ourselves. And then lastly, I would say that security was a mission. wasn’t just a function of the organization. It was what we did. And so having a mission is, I would say, a deeply embedded need for me to my day-to-day. So my focus is not, you know, working for Cargill now. It’s not how much money can I make Cargill. It’s how do I protect Cargill so that we can continue to feed and nourish the billions of people on the planet.
Thomas Rogers (02:41)
That’s awesome. I mean, obviously important mission there and important work to be done. I’m curious as you were getting started in your career in cyber and then sort of growing as like a, as an IC and like moving into people manager, it seems like you did a lot of different stuff, which I feel like there’s, I see some people in cyber that sort of specialize and go really deep and just become kind of experts. Maybe it’s that they find their calling.
But you seem to do new things and experiment. Could you talk about what led you to pursue those different interests?
Alex Collison (03:13)
Yeah, definitely. I think if I’m being honest with myself, I would say issue with saying no. You know, I would always say like, there is an opportunity for it sounds somewhat interesting? Yeah, why not? Let’s try it. Maybe I crash and burn. Maybe I don’t do so great. But no, I would never know unless I tried. So that’s, think where it really led me to not just being focused in one area and being happy with that one area. I like to try new things and I like to journey through all different areas of cybersecurity.
Thomas Rogers (03:44)
Were there specific triggers that got you interested in those things? Was it like personal research you were doing? Did you have a manager that would approach you and say, hey, we have this new problem. Do you want to check it out? Was it serendipitous? Or was that strategic for you?
Alex Collison (03:57)
Combination, right? So I would say certain times it would be strategic where I may be solved, there was a problem, there was a concern, and then there was also an interest on my side. But there was, I think, like you said, serendipitous is a great word. And I think sometimes the right opportunity has just presented itself at the right time. And I’ve said yes, instead of no.
Thomas Rogers (04:19)
Well, I think there’s a lot to be said for just being open to trying that. But I think that probably speaks a lot to your perspective on being curious and trying new things. I guess now having been a manager, and I’d like to talk more about that transition too, but how does that shape the way you manage people?
Alex Collison (04:38)
Yeah, I would say the way that I like to manage people is I do like to make sure that they have the freedom available to them what they need to However, I do want to make sure that my vision and that the team’s vision is clear. So making sure that they have clarity around what are our outcomes, what are we trying to do here. Make sure that they have the right guardrails, like we need to get to this outcome, but we can’t do X, Y, and Z.
However they want to get to that outcome, make sure that that is up to them. What works best for them, what works best for their team, especially if it’s one of my managers that’s managing other people, I want to make sure that they have the freedom to do what’s right for them and their team. Now I will make sure that we have some type of metrics that we can measure and say, are you staying on track here?
Are you falling off track here? You know, and if you’re falling off track, if you start to recognize that, leaning in, as quick as possible, Hey, what’s going on? What are the issues that you’re facing? Is there anything that I can do? the last thing, one of the big challenges I’ve had moving into this position, has been trying to take a step back. Because I do find myself still to this day and something that I’m working on is wanting to jump in when something might not be going right. But if I do that, then it generally causes more harm than good. Then I become this bottleneck and people are like, well, Alex said this, so it must be true or I must do this. And I don’t ever want that to be the case. I want people to challenge me and I want people to ask me questions. Yeah, and I also make sure I have a open door policy, if you want to call it that, where nothing’s off limits, right? Come to me, talk to me about the challenges that you’re facing and we can work together to resolve those.
Thomas Rogers (06:15)
I mean, think communication is like such an underrated part of InfoSec in general, just having clear lines of communication, then also like the comfort and like, I mean, there’s no point really in like having like a hierarchical team from my point of view, from like a communication perspective, like there’s gotta be like a flatness to that. It seems like that’s like the highest level of operations, but there’s a lot that goes into seems like having a leader with a background like yours, it’s got to be helpful for that because you have like all the perspectives you need. You’re not just taking like, this is what I did in the past, like you can empathize with more of the different types of people. I guess on the individual level and like compiling those teams, like I’m interested like for you, how did you upskill when you were switching to a new function or when you moved to purple team or something? What’d you do? I saw a you have a lot of certifications. Was that a part of it or was it more research-based? How did you get comfortable in learning new things?
Alex Collison (07:14)
Yeah, and I’ll be totally transparent here, especially with the certifications. I hate to say this, but a lot of times certifications are very resume candy, right? They look nice on paper, but there’s not a great way to actually measure the upskilling of what the certification was supposed to bring. So I would say, yes, certifications can be good. And I think there are trainings and companies out there that provide better certifications and training than others.
I would say that more so what I needed to do was that on-the-job training or on-the-job experience where I just sat down with the teams that were more experienced or the people that were more experienced in those areas, really made sure that I stopped talking and I listened. And I also made sure that I was transparent if I didn’t know something, you know, I don’t know what you’re talking about. Can you explain that? I don’t know what that acronym is. What is that technology? What is that tool? Even if there was that nagging voice in the back of my head that said, Alex, you’ve been in this industry for 15 plus years. Actually, I didn’t count, probably more at this point, but you you’ve been in this industry for your entire career. You should know what this is. It’s like, just ask the question. It’s okay to be wrong and it’s okay to not know everything.
Thomas Rogers (08:27)
I’m curious too, are you taking that and then applying it to like how you manage people? How do you take that approach to like encouraging voices to speak up and communicate and teach you, teach up in the organization.
Alex Collison (08:40)
So I encourage that with my team. It’s okay to say you don’t know, it’s okay to ask questions. Please ask all of the questions. And you said the word, know, remain curious. Why are we doing this thing? How are we doing this thing? Is there another way to do this thing that we’re trying to do? I would say that, yeah, and upskilling, right? So, you know, on-the-job training, that’s where I’ve gotten the most value out of. And then late nights of just research, like, oh, there’s this new topic and I need to know at least a little bit about this meeting I have at 8 a.m. in the morning tomorrow, right? And I need to go talk about vulnerability management and risk reduction and how are we going to do this across our organization? I have some knowledge, I have my experts, but let me go see what other industries are doing, what other companies are doing, and I may need to go out and do that research myself.
Thomas Rogers (09:30)
That’s super cool. I want to like drill into one thing you said, which was just about the importance of like the on-the-job training. And I think learning by doing is like the best way to do it in most cases. And I’m sure in some cases, like when you’re bringing someone new into a role, and it was probably this way for you earlier in your career is like, maybe you’re bringing someone that on paper isn’t like, they don’t have like the exact experience you’re looking for. So you’re gonna have to rely on like, hey, we have the capabilities to like get them to where they need to be. But there is like, obviously a massive component that is the on-the-job training. Like how do you make sure that people are getting that and sort of down the line taking a step back and saying like, did they reach the benchmarks that we checkpoints that we need them to do they need like supplemental training? Did we do a good job? You know, I’m curious because it’s not like the most quantifiable thing.
Alex Collison (10:21)
Yeah, and I would say if I’m thinking about how do I make sure that my people are getting the on the job experience? I put them in hard positions sometimes. Now I’m always there as a backup. So if I see something stumbling, if they need to call on me, I’m there, but I put them in these hard positions where I’m like, okay, you’re going to own this relationship with this other team and we’re going to, need to go discuss with them. Why do they have all these vulnerabilities, these age vulnerabilities? You’re going to own this relationship and you’re going to manage the presentations, you’re going to manage the communication. And that’s been, that’s hard for some of my team members who’ve only had to be kind of in the weeds doing, you know, maybe just the very focused analyst work.
It’s, need to expand outside of that, especially if they’ve moved from like a mid professional to a senior professional where that scope of responsibility has formally changed, or if they are interested in moving into a bigger position, I start to put them in those harder positions or I bring them along with me to just shadow me. I would also say that when I do build my team out, I don’t lean as heavily into the technical skillset as some of maybe my peers do.
I lean very heavily into people who aren’t scared to take some risks, people who can lean into discomfort. Like maybe we don’t have all the answers for everything, but we, you just need to lean into that and start to build off of that. I would also say that trying something new, even if it’s not perfect, like don’t be scared to try new things.
Phoebe DeVito (11:49)
That’s awesome. it’s so cool to hear you say that. And I think that’s the longer we’ve been doing this podcast, it’s become such a theme. And I think it really highlights, this like almost like this new kind of cyber skills gap in the sense of, I think so many people applying to these roles or with like, hoping to get into that world really think it is so solely focused on the technical skills. And I think every single person we’ve interviewed has mentioned like, curiosity, problem solving, ability to, yeah, take risks. How do you handle it when you don’t know how to do something because that’s what real world stuff looks like. Like that’s often how much, how so many of your days will go. So I love that you touched on that.
I’m curious now at this point in your career, what the transition has been like or kind of learning curves you’ve noticed transitioning from managing kind of more like individual contributors to managing managers as you’ve kind of moved up into those more executive leadership positions.
Alex Collison (12:45)
Yeah, and I think I mentioned a little bit about it earlier, which was, you know, letting go of control, being so available to jump into situations. So I would say that would be my biggest learning curve was I need to let go of control while still being accountable for the outcomes that the teams are producing.
So, you can stay close to the work and directly influencing those results when you’re managing the ICs, when you’re managing the managers, you’re one step removed. I had to learn to trust my leaders to execute. And so I needed to focus on, I think I mentioned this earlier too, but you needed to focus on the outcomes. Here’s the vision, here’s the outcomes and here are the guardrails. You have the freedom to then figure out how to get to those outcomes. And then I need to say, I need to trust my leaders to do that. I need to give them the autonomy. And then I also need to know that it might not go well, right? If there might be a poor outcome, something they may make a mistake and we own that together. We’re gonna own those wins together, and we’re gonna own opportunities for improvement together.
Phoebe DeVito (13:47)
Yeah, that’s awesome. One question I have is just kind of on like a practical level. How because I think it’s so interesting when we talk to different people and they have such different styles for doing this. On a practical level, like week to week, how does it look? I know you mentioned like that you have metrics and, you know, tracking performance against metrics to make sure you’re moving in the right direction. How do those conversations typically look? Do you have kind of a regular cadence with folks? Do you have like a preferred way that you like to do those types of performance conversations or just like growth conversations?
Alex Collison (14:19)
So I’d say at a team level, we do have weekly meetings. So that’s the entire SAM team, Surface Area Management team. So all leaders, that’s all individual contributors, that’s myself. And we try to always refocus on what outcomes are we guiding to, what roadblocks are we running into, what gaps are we running into, and then we have plans for those, are any escalations necessary in those situations?
I would also say that for individual performance reviews, you know, I meet my leaders, the people who directly report to me on every other week basis. I try to always make sure that those conversations are formatted in coaching format. So here’s, you know, everything that I’m seeing that you’re doing really well. Here’s what I’m seeing that could be opportunities for improvement.
And then I would also say of improvement, maybe there’s something in between, you know, where you’re doing well and like the hard opportunities of improvement. Maybe like, here’s some things that maybe you could adjust. Like these aren’t big things that you need to adjust that are impacting your performance, but it’s like, hey, you ever thought about being able to communicate more effectively. Like if you’re using a lot of filler words or you’re getting nervous in front of people, or I’ve had, this is maybe leans more towards hard sometimes, but if you don’t want to turn your camera on, it’s like if you’re speaking like turn your camera on like it feels like you know being able to provide those types of coaching moments. I do that in a one-on-one capacity.
Thomas Rogers (15:45)
Have you seen, I assume you’ve like, there’s probably a time in your career, where I think we got started in like work probably around the same time. And the first like several years of my career were in person predominantly, and that sort of shifted in the past few years. How much has that stuff changed? And like, what’s the, what different challenges have you seen like with, I assume your teams are at least partially remote.
Yeah, what’s that management like?
Alex Collison (16:12)
I think there is always going to be the challenge of, do we get the right feel or the right types of conversations happening when we’re only doing remote? I would say for the most part, yes. And so the way that we try to balance it, we are a mixed team. So the people that are close to one of our headquarters locations, they do have to come in. But then there becomes this kind of resentment, I would say, for the fully remote people who just did happen to not be close to a office location. So trying to manage those feelings, trying to make sure people understand, like, this is a company-wide decision. This is not up to me. But how can we make this make sense?
For those people that do have to go in, is there an opportunity that, you know, align with each other? So you’re all there on like Tuesday, Wednesday, Thursday, or maybe it’s better Monday, Tuesday, Thursday, or something aligned to all be there together. So it is actually collaborative. You’re not just going in to check a box. You’re trying to actually use the thing you have to do and make it worth your while. And so that’s within the team as well, but like partnering with other teams, you know, okay, the IAM team is going to be in the office every Monday and Tuesday. Let’s align with them. What if we have a question for IAM? Okay, we’re actually there and we can actually collaborate together.
Thomas Rogers (17:28)
Are you doing interviews in person those virtual or kind of a mix?
Alex Collison (17:32)
Virtual.
Thomas Rogers (17:33)
I would say probably culturally, it’s the hardest to like really get a sense for is this person a good fit or how are they responding? I’d say also I’ve heard many people like, the technical skills is more of like a validation thing. Like we need to validate they have like sort of this baseline and also like they are, they know what they say they know and aren’t just like glancing at like Claude or ChatGPT, you know like the whole time. So like, how do you do that? Cause like, obviously in person you can, you can, you know, verify a little bit easier. So, any learnings from that?
Alex Collison (17:53)
Yeah, I would say the things that we look out for, I would look out for is I always want someone to be on camera. Like I want it to be as close to face to face as possible. I know we’re over the computer. So it’s not like that. And it’s weird to try to maintain eye contact. Like I can look at the camera, but it looks weird. Right. So that’s not going to happen. So but just, you know, try to, you know, maintain the best type of eye contact that you can. Because if you’re sitting over here and you’re looking and then you’re answering like, that looks weird. Like, I can’t tell what you’re doing. You may just, I know when I listen, I look down, right? I just, this is what I do. It’s an ism. But if you have an ism like that, try and not do it, the best I can say. Try and have a personal touch to your answers. If you’re just reading a list of the right technologies, that feels weird. So use storytelling, use your own experiences, use your own technologies that you’ve used in the past. If you don’t know the answer to a question, say that you don’t know. I would say that those are my biggest pieces of advice.
Thomas Rogers (19:08)
I think that those are all good tips that are easy and think it’s pretty easy to pick up on if something, you know, is going on and if someone is relying overly external sources.
With that, so Phoebe mentioned the manager of manager roles. What sort of kind of overarching management are you doing with like the broader team? So like workforce planning, I guess maybe you would say, like what sort of evaluation are you doing of like, do we have all the pieces in place, like kind of across the board? Do we have the capabilities? Our tech stack, like, is that what it needs to be?
Are you doing that once a year, quarterly? What does that look like? And just curious what that process is like.
Alex Collison (19:49)
So I would say Cargill is in a period of change right now. And like we have been for the past year, almost two, I think. And so of tools and technologies are in flux. We have a lot of movement going on; a lot of good movement, right? We’re going in really great directions with what we’re trying to do. But with that, we, we haven’t been able to really settle on we’re going to do a formal evaluation every six months or something. As these opportunities come up, we hear from another team that they’re investigating this certain type of technology. Huh, I wonder how that would fit with what we’re currently doing. Let’s take a little peek and then from there, if the answer is, oh yeah, that could solve this problem for us, we try to make sure we have that conversation with that other team and see what their direction is.
So it’s, I wouldn’t call it like a formal process at this point or formal, like, okay, this is our tech stack and this is what we need to reevaluate. It’s like, we’ve identified a concern with this technology or we identified an opportunity with this other technology. Let’s investigate, let’s put it like in some type of tracking system so that we don’t lose, so we don’t forget about it. But you know, we don’t have a formal process at this point. But it’s good point because I think I need to refocus on that and make sure we have at least some kind of touch point.
Thomas Rogers (21:07)
I think the subtext of everything you just said is AI or that’s my takeaways. Like everything changing, so many, like a vendor explosion, everyone is promising, every team is going to be more efficient. We’ve seen different boards and executive teams mandate AI adoption at a crazy level that I would assume other teams are adopting AI at a more rapid rate, it expands the attack surface And it just creates new questions, challenges for you all, including like what tools should we be adopting and using to be more efficient? Could you talk about that a little bit?
Alex Collison (21:41)
When I was discussing, you know, with the technology that we’re using actually wasn’t thinking AI, but you’re right. But before I go into I think what’s going to answer your question, one thing I would say is a lot of our current vendors that we use are adopting AI, which is really good because we’re able to say, hey, we are leading into AI and hey, we have this trusted vendor that we’re still really happy with and they are leading into AI as well.
And so, and that can be in two different ways, right? There’s AI for security, like to enhance security to say, okay, can we have a AI agent that’s able to review SOC tickets and so that the SOC analysts can have less false positives in their queue? Is there a way to enrich or enhance the work effort there, reduce the toil work? Then there’s how do we protect against AI, which is, did somebody decide to download some type of open source AI technology and now we have this exposure in this area? Does someone open up some type of server or is there some other exposure that they’re able to bring up. So how do we protect against that? And leaning back on what I said before, a lot of our vendors are incorporating the scanning technology that will detect the AI. So like the shadow AI. So a lot of them are adopting that. So we’re able to identify if that happens. And then we’re also then putting protections in place, like, okay, we’re gonna try to make sure we block this or even de or pivoting to like whitelist rather than blacklist because okay, if we have, know, openclaw, everybody wants it, it’s cool, it’s interesting, but absolutely not. Like any security person you talk to about openclaw is going to say that is a terrifying technology and please do not put it in my environment.
And so, you know, creating some type of whitelist that says, this is the technology that you can use, because there’s gonna be openclaw, and there’s gonna be other types of AI technology that comes out that’s gonna mimic it. So it’s gonna be constant battle to blacklist this type of technology. But how can we say, okay, this is the good one that you can use, and then making sure we communicate that to the people that want to use it.
So to our developers who, if they are downloading the stuff, it’s, I would say 99% of the time, not malicious. They don’t want to hurt the company. They just don’t know any better or they don’t have another resource. So give them the good thing to be able to download or to take from so that they don’t feel the need to go to the bad thing.
Thomas Rogers (23:53)
That makes sense and most of the time, not only are they not trying to hurt the company, they’re probably trying to help the company. Like they’re probably trying to do something positive. It just.
Alex Collison (24:10)
Exactly! Like they are the ones trying to make the company money. You know how I said, you know, my mission is to protect Cargill. They’re trying to make sure that Cargill can like continue to operate and so that we can continue to fund and we can do this. And they’re trying to make sure that they’re the ones making an application that’s going to make sure this group of people is fed. Right. So they are doing something to help the company, but you know, let’s make sure that we provide the safe technology so they can do that even, even better.
Thomas Rogers (24:37)
Right. And that’s where your job is challenging too, because you got to create the culture of security where people, when they go to download that file or tool, they’re like, okay, maybe I should think about this a little more critically or like, how’s this going to impact the network so I don’t get yelled at by Alex.
Alex Collison (24:54)
It’s usually me, it’s like, hey you have these vulnerabilities.
Thomas Rogers (25:00)
On management, something that you’ve been doing for little while now, can you think of anything that surprised you about management? And I know we were talking about, yeah, like tech stack. Obviously there’s the people management, there’s the manager of managers who are then managing individuals, interviewing, hiring, building teams, communicating to executives. What are the types of things that have surprised you about management?
Alex Collison (25:23)
I don’t know if it’s so much of a surprise, but maybe also a challenge, just how much bigger picture I need to think. And it’s something that I’m working on is how do I create that are three, four, five years long that are, going to be successful where, you know, everything is changing so rapidly. How do you create a five year strategy or a three year strategy? So, you know, being able to think in that capacity has been, I don’t know if it’s surprise because I kind of like expect it. Like, yeah, leaders are thinking, you know, three years ahead. But I guess the surprise is how challenging it actually is to think at that scale with the environment changing, you know, especially with AI and AI adoption and where is AI going? And is it going to be something that everybody uses? Everybody thinks they’re going to use it. Is the bubble going to burst? Is it actually going to be helpful? So.
Thomas Rogers (26:14)
How do you think three, five years in the future when, I mean, ChatGPT came out what, like four and a half years ago? I don’t know how you would have like had a strong perspective on five years from now, five years ago. So like, yeah, what do you do to do that? It sounds hard.
Alex Collison (26:28)
Trying to monitor landscape. you know, I talk with different vendors and different technology companies that are very heavily leading into AI, one of my big questions is prove it, right? You’re telling me that I can, and I don’t own the SOC I’m using this because I hear it a lot and I see it at a lot of conferences, like two that I’ve been to, but it’s like, replace your SOC with our AI agents. And it’s, like it feels gross. People are invaluable to a company. Good people are invaluable to a company. And so when I see something like that, it’s “prove it”. And I don’t think I’ve come across an AI company that can prove it. What I do think is going to happen is AI is going to be a tool in the toolbox. I think AI is going to assist in reducing toil work so that the good people that are working at a company can take a step back and really think about strategy and be able to do the harder problems that AI won’t be able to do.
They won’t be able to take the human element into, or an AI company is going to sell you that they will. now, and I do think in the next three to five years, they still won’t be able to replace people. I think it will be a useful tool and toolbox, but I’m heavy on the side that this will not be a replacement for people.
Phoebe DeVito (27:41)
So Alex, we like to finish up with kind of a wrap up question, which is if you were starting your career in cybersecurity today, what is one thing that you would like to tell yourself?
Alex Collison (27:51)
Ooo! Don’t do it. No, I’m joking. I would say, lean into, I think what’s, I don’t know, set me apart is the right word, but something that’s allowed me the opportunities that I’ve been provided is the focus and work on the soft skills. Like make sure you do the soft skills. Continue to build the soft skills, make the connections around you. Lean into on the job training. That is one thing I would say at the beginning of my career, I really focused heavily on the certifications like we talked about in beginning. That was not useful. Well, some of it was. Most of it was not useful for the position I’m in now.
Like being able to be coached or shadow my boss who’s having these really high level conversations, he’s presenting in front of the board. That type of stuff is going to be what is going to get you to the next level if leadership is what you’re working for. I do think that soft skills, regardless if you’re a leader or you’re an individual contributor, and that’s where you want to stay, is what’s going to get you, get people to be motivated behind what you’re saying, get people to act and say, yeah, I believe in Alex’s direction or Thomas’s direction, Phoebe’s direction.
And I’m going to do it because I actually believe in it. So getting people to be motivated by you. If I could tell my former self, I’d say focus on that and know the technologies, but focus on those soft skills.
Thomas Rogers (29:13)
Awesome, great answer.