409- Permission to Play w/Nathan Kaufman

Mike Kelley: welcome back to, you've been heard, everyone. And today we've got Nathan Kaufman and Nathan. You've been doing a lot of stuff around, cybersecurity and actually getting an organization compliant for business with the US government that I believe that's where Cmmc really comes into play, is being compliant for doing business and requirements for the DoD to make sure that all contractors, subcontractors and subcontractors are all being very aware so that nobody accidentally introduces vulnerabilities. But we'll get into all of that in just a minute. But for the moment, why don't you tell us a little bit about who you are, where you came from, and how you found yourself being the head geek and cybersecurity guy for infrastructure and stuff? Sure.

Nathan Kaufman: So I have twenty five years experience in it. Move my way up from desktop support all the way through. being a director of it started in two thousand as a MSP consultant before they were called MSP. They didn't really have that name back then. got A+ certified in two thousand and one. Yay. I'm a lifer. and then I worked across many organizations, ten person ISP. I worked at AT&T. got laid off twice from AT&T and decided, I'm done with AT&T. I've done a lot.

Mike Kelley: Of y you do that?

Nathan Kaufman: Yeah. Like, why would I want to keep going back? and so like, I've done carve outs, divestitures, mergers, acquisitions, done complex regulatory compliance. and I built two IT departments from the ground up.

Mike Kelley: Yeah. And actually on LinkedIn stalking that I was doing, I noticed that at the last organization or at the current organization that you're at, you did exactly that. You built it from the ground up. So talk to me a little about what it's like going into an organization. How large was the organization when you came in? and what's the user base and what kind of scenarios did you have there to deal with, to build it from the ground up? Because most everywhere I've been, it's, there's something's already in place.

Nathan Kaufman: Yeah. it was an interesting place. they were about sixty software engineers. they all had Linux as their primary operating system, laptops, various ages of the laptop. They had maybe twenty office staff between manufacturing and admin stuff. they had no active directory. When I got there, they had SSH open to the internet. Yeah, directly into a Synology Nas's, which was our primary server. OpenVPN. And so it was, probably pretty much everything you can think of not to do a flat network. Multiple different switches. They were using ubiquiti, equipment, which isn't too bad, but it was out of date, not patched. And so there's just a big, hot mess. and they know, and they had to be cmmc compliant in two years. So, they needed somebody to come in the new technology, knew the government regulations and get them compliant in two years so they can keep the business alive.

Mike Kelley: Wow. the number of challenges behind all of that, how large was the user group?

Nathan Kaufman: it's roughly eighty employees when I was brought on and I was the director of it, but a director of one at the time.

Mike Kelley: Yeah. Director of it. Me. And okay, so like I've looked at trying to do CMC and get to level one and, just trying to mark off each of the check marks that's on that list. let alone level two within two years. And The challenges or the opportunities, that you had with that. So, wow. where'd you start?

Nathan Kaufman: So, during the interview process, I met the two engineers that were kind of the IT people at the time. And so, my jaw dropped probably in the interview after talking to them about the technology, but they knew the state of the environment, they were doing things the wrong way. So, I think it was refreshing that they were able to have somebody ask them a bunch of questions. the last part of the interview was five hours long. I went on site and, pretty much interviewed with every executive, took me out to lunch, all that fun stuff. Obviously, I got the job. and so I started with kind of a good understanding of where I come in. I did work with other departments, pretty much understand what the current state was, get to know like all the key players, the different staff, like who to talk to like, oh, that guy's got some hidden weird thing under his desk and he does all this stuff and it's like, that's great. That's critical business application that we should probably not have in a dying desktop under your desk. go building. Right? Yeah. Like, yeah, that's great. get access to all the equipment, get in there, kind of deep dive, see what's going on. just identify all the gaps they got. Create a plan. and then work on executing, step by step what the plan needs to be. I identified I needed to bring on a direct report pretty quickly. because I couldn't do it all myself. Worked with vendors to kind of like, you can't do all of that in two years. Like it's not possible, without getting outside consulting and help and stuff like that. And then communication, multiple locations. So during this whole process, they had one location to start. and, then they decided to acquire another company in the middle of all this. they bought another company in Canada. It was kind of just ignored for the most part until later down the road. So they were doing their own thing. I had to stand up the infrastructure where I got brought on. And then they bought a company. They had one IT person out there. So they have three entities all together. It was a divestiture merger and acquisition. So they were carving out from a parent company. We had to stand up. All their stuff migrated over, get it all integrated, plus standing up the IT organization. And then, I got that done in nine months. I asked for a year and, that was, quite the experience. It was challenging. Got active directory migrated. they had no antivirus at the place that was brought on to. So, I mean, literally like everything you can think of to go wrong or not do right. They were pretty much doing and I got it all under control. Implemented Rapid7, CrowdStrike, patch management, deployments, all that stuff. the user headcount with eighty employees to start off with. The user headcount of the company we bought was about one hundred during the entire thing. I believe they got it to two hundred and sixty employees total. Yeah, it was challenging. There's a lot of opportunities. It was fun, but.

Mike Kelley: eighty to two hundred and sixty in that nine months. standing up a standardized interface and our interface, infrastructure, now multiple locations. Did it, jump to the three true locations? Or was it still just two locations and.

Nathan Kaufman: Primarily focused on the two? And then we brought in the third entity later down the road.

Mike Kelley: And.

Nathan Kaufman: Probably getting they had no baseline budget before. They really didn't know what their. It was, they had engineers with credit cards and they just bought whatever they wanted whenever they needed it. And so I was consolidating all of this stuff under the IT department, outside of what was specific to us. like particular projects and contracts they had, which would go into separate budgets, like getting all of the software, all the licenses, all of the various aspects to running the business under one umbrella. So it can be managed like instead of ad hoc, oh, we got to renew this license. We got to do whatever. Like people just running around getting that consolidated. Then they had a rough idea. It was roughly around four hundred thousand. They were spending annually to about two and a half million. And they're like, what happened? Why are we spending all this money? I'm like, well, you didn't track it before you were spending it still. Plus, we had to get all this other new stuff and licensing and things. And so that just adds to it. And then like convincing them like, oh, really? This is it. It was around one hundred million dollar company after they bought the other one. And so if you look at it, going from one hundred million, two and a half, it's like two and a half percent of their annual growth. So that's in line, probably a little less than what typical company spend on it, especially in the government compliance. Like usually it's four to six percent. So I kept a tight budget too.

Mike Kelley: Yeah. Well, and man, getting a hold of all of that stuff is a challenge because some of that stuff come on this, that environment had to have been ripe for shadow it. Not to mention the fact that it was just shadow it to start with by what I would qualify things. it was not stood up with that infrastructure in mind. It was stood up and then things were bolted in. yeah, especially for, you Bruce. One of the people attending is saying that two and a half percent is way below, especially for a government provider.

Nathan Kaufman: no, I mean it, it's way below. I mean it's from four hundred to two and a half million, right? Like that's a big jump to executives from their perspective. Yeah. Like what I was going to have to chew, right? Like you can only do so much and you break it up in chunks to get to where you need to go. but yeah, the biggest challenge was, communicating to, the founders and the executives that, look, we're Department of defense contractors. Sure. You can't charge back because of the products we were selling, but like permission to play, you got to spend this money to get there, right? Like there's no other option. Like you go out of business or like you spend the money to get compliant, right?

Mike Kelley: Like as a DoD contractor, there's got to be a massive investment being made right now to handle audits and the cybersecurity audits. They just passed a bunch of new laws that make the cybersecurity audits for the DoD contractors even harder. Are they even aware of these laws that they're going to lose their DoD contracts if they don't comply? Because the harshness of the new laws is if you fail and don't have a corrective action within a certain number of days, you're gone.

Mike Kelley: And actually, my understanding is that that was already in place, that this has been those requirements and those. CM MC well.

Nathan Kaufman: They, they've been requirements since twenty seventeen.

Mike Kelley: The same thing, right? He's got Cmmc level two requirements, just like you have level two requirements with Cmmc.

Nathan Kaufman: Well, they passed their audit in November. I got let go in August. So I, I stayed in touch with some of the engineers there. Mhm. and so You're absolutely right. Like October twenty twenty five, CMC requirements are going to be in the contract if you don't have it. It's a pass or fail. If you don't have it, you have, I think, sixty days to,

Mike Kelley: to show corrective action.

Nathan Kaufman: They have the corrective action. If you don't have the corrective action, that's it. Game over. All contracts done.

Nathan Kaufman: So we are seeing CMC level one compliant. the level two. Yeah, the level two compliant just hit coming out of the initial audit for that, our auditor led us to believe that there isn't a finalization in that process. So you can, there's not a certification out there because there's no certified auditors to provide the certification and everybody's selling. It is just selling bullshit because there's nothing there to fit that for levels. What I was told, that's what I was told.

Mike Kelley: No, no. Level two.

Nathan Kaufman: That's completely wrong. cyber a B is where you want to go to find auditors. If you're really we can talk in the chat community. I'm happy to give you recommendations if you're needing it. I've got it. No, you need to be certified for Cmmc level two. If you're handling C, if you're only handling FCI, not a requirement.

Mike Kelley: So.

Nathan Kaufman: it's a lead up to the part of getting let go. I was reporting to the CTO initially. he was a founder. He decided to retire. I asked for project management to help out. I did not know it would be a nightmare dealing with project management. My typical involvement with project management before was like, hey, we'll let you do whatever you need to do to get the job done. Communicate with us, right? Like your deadlines, what you're working on, and we provide status reports to management, right? Like, we don't know what technology, we'll just make sure you're meeting deadlines. And if those change, we'll adjust them and let management.

Mike Kelley: Oh yeah. And communicate. Handle the communication.

Nathan Kaufman: Organize help bring in other resources like be the gopher, so to speak. Like, go. We need these meetings with these people. Help make it happen. the person that was doing the project management thought that meant to micromanage my IT staff, including me. And so.

Mike Kelley: Without knowing it and everything that's involved.

Nathan Kaufman: Or thought he did, but no. So he knew some terms which was helpful for explaining, but he didn't understand all the heavy lift that it would take. And so working through that, it was very challenging. But at any rate, we got it all done. We met the requirements.

Mike Kelley: Oh, okay.

Nathan Kaufman: So from a technical perspective, the easiest way to meet compliance with level two is to identify where the COI is a controlled unclassified information. For those that aren't familiar with the acronym, it's government data that is not classified but is sensitive enough to have certain controls. and so identify how that gets into your organization, what that actually is in relation to what you're doing, like how you're getting it right? Like where it resides currently, which should be in a secure environment. But in this case, it was not. And then get it in the secure environment and make sure it doesn't come back out. So we ended up using Azure GCP. Hi it's a Azure gov cloud.

Mike Kelley: And so I was going to ask about Azure and your use of that, but yeah, going into the government portion of it helps meet some of those. It's just built in for you.

Nathan Kaufman: It's one of those things where the biggest thing with why you want the gov cloud is the audit trail and logging that they keep for you versus commercial. you have to keep data for ninety days and I forget what clause that is. But basically that's what the gov cloud does to help meet some of the compliance. like if you got hacked, you got to keep that data for ninety days and the commercial doesn't do that.

Mike Kelley: Okay.

Nathan Kaufman: there's a few other reasons, but that's the main one.

Mike Kelley: Yeah. And definitely useful to have it just built in by default so that you've got it and you're not having to add it in or do the configurations to add because you can do it in the public one, but it's all those configuration changes. And and to have it just built in is nice.

Nathan Kaufman: the other, right. If you were to use commercial, I don't know the differences, but you'd have to store that data in a environment that is also locked down to meet all the requirements. So it just makes the whole process easier. And we had a short timeline to get it. So that was throughout the go. And the cost isn't significantly more. I mean, it is, but if you got a subset of users that need it versus making all of commercial be compliant, it just made it easier. The founders were also engineers and so they understand certain technical things, software engineers and so, they knew they had to meet government compliance. It was a thing to keep their contracts. They didn't know the depth of it and what it would cost. presented them with multiple options. They didn't like the cost, had to come up with some other creative solutions, Turns out that wasn't really the route to go. And so we had to pivot back to what I originally said. and they were still balking at the cost. and so I'm like, look, this is permission to play. This isn't one of those things that like, if we don't get it by this timeline, that puts a whole business in jeopardy. I don't know how else to communicate this. And I had tons of data to back it up. They were in communication with other people in the DoD space already, and they're like, all right, we gotta do it. So that took almost a year of convincing with the executive team that we had to do it. Some of them were like, oh, we'll just get a waiver. I'm like, that's not how that works. So it took a while, but in the end term, I was like, alright, well, this is going to be a longer approach to do it. I understand that we can do an enclave, and I had a consultant lined up that could build it out for us. and then the idea was we build it out or we pay them to maintain it moving forward or train my team to manage Azure. and we just take it on and have the team manage that aspect of it. But I'm like, if our team manages it, that means we need additional headcount because that means they're going to have to manage it. but so that's kind of where it went. but I still was able to make wins. Like they, they still had to be compliant with CI at the self attestation. So you say, yes, I'm meeting compliance requirements. Okay, good. level two is they have a third party auditor come out and certify you. So self attestation is you're supposed to meet the requirements. You're supposed to, but they didn't view that as problematic as the requirement to have the contract.

Mike Kelley: I was wondering about all of the audits and whether how much of this was that they had heard that they needed to do this, and how much of it was that somebody had showed up at the door and said, hey, you're doing this or bye bye, and here's your timeline. with the fact that you had two years to accomplish it, it sounds like it's more of they realized that they needed it so that they could continue versus an auditor or somebody else showing up and saying, hey, you're out of compliance.

Nathan Kaufman: yeah, luckily during this time, they weren't hacked or breached or any of that because that would have triggered a, an audit a lot sooner. yeah, at least not that we're aware of.

Mike Kelley: So, and remind me of that, audit timeline again, and your experience with or your employment timeline.

Nathan Kaufman: So I was right.

Nathan Kaufman: On, end of

Nathan Kaufman: twenty twenty three, basically two years. So. basically August twenty twenty three to August of twenty twenty five, they got compliant in November, so I stayed in contact with the people, but I already had all the stuff in place. It's just the auditors couldn't get out because there's like, that's just what it was like. There's so many people that need to pass the audit and there's so many auditors. And so they had to schedule it in November, but they passed the audit.

Mike Kelley: So yeah. So in other words, you built and set everything up and everything was good to go. And then ultimately, they just still had to wait for the appointment to happen for somebody to show up.

Nathan Kaufman: Right. So there's a couple different ways to view this. Like if you're at the top, right, and you're communicating with other executives at your same level, right? Like money and value is a thing. Like we're spending all this money. What value are you providing to the business? so having that in a clear structured format, I think is very important.

Mike Kelley: for sure.

Nathan Kaufman: And. Right. Like what? We're spending all this money, why are we going to do it? And right, like get it into terms that make sense to them. like be one of giving any speech, know your audience. And that's pretty much it. Know who you're talking to to have them use the terms they use. Not necessarily like all the IT lingo, because nobody really cares about that and maybe care IT professionals, no other IT professional wording, but executives don't. So that's one aspect of communicating the same level. The other thing is if you're at like a director and you're communicating up, provide the value of your offering to like to other executives, not just like if you're reporting to the CTO or CIO, you let them know, but let the broader audience know. So it's not like not just filtered through one person. because if you really like, I think the other part is like, what value are you providing? Well, if you don't take the time to actually like one, believe you're providing this value or two, take the time to reflect on it because we need solving all these problems. You may not really digest, wow, I'm making a huge impact on this organization. What am I doing? Take the time to document that, reflect on it, and distill it into information that you can communicate out to the broader audience. and that was some reason I got let go.

Mike Kelley: Yeah, there's some great advice in the middle of all of that, that take the moment to pause, reflect on it because like, like your work on the CMMC compliance allowed the business to continue. So without it that the business stops. that's like, okay, we provided electricity to the organization. And, the value of it. It's. Oh, you met compliance? No, we made it so that you could continue to stay in business. And, being able to communicate that or to have that shift in mindset of, no, I didn't just make us compliant. I made it so that the business could continue. Having that kind of shift in your mindset is a product of what you're talking about, of that reflecting on your value and, but being able to articulate it is huge for all of us. Because I think that's one of the things that many of us struggle with. And, being able to see it from that other point of view or talk about that other point of view, whether you see it from there or not. You gotta at least be able to speak to it.

Nathan Kaufman: Yes, it's very important. and take the time to do it. There's a few different frameworks to kind of help guide you through that. SBI is one of them. Situation, behavior impact.

Mike Kelley: Okay. Yeah, I was going to ask.

Nathan Kaufman: so like, what's the situation? like what's going on then like the behavior, what did you do to or what did you like? Basically, what did you do? And then the impact on the organization. And then that's kind of a way to kind of if you're stuck to think about it. but yeah, it's really, you got to take the time to do it and celebrate those wins, right? Like there's a lot these leaders are doing a lot you're doing for the organization and celebrate them, celebrate them with your team. Like it's not just you. Usually your other team needs to kind of get the feedback. They're doing a great job. And yeah.

Mike Kelley: It's I don't know about you, but I find it so easy to slip into that mentality of, okay, I can put that check mark done, move on to the next thing and move on to the next thing and move on to the next thing. And, not taking that time to acknowledge the wind, not only for your team's morale, but for the organization too. It's part of proving that value and showing that value and, making sure that that you're being heard. You've got to communicate that out. my predecessor, the current organization wasn't very good at that. And he was doing a lot of things and, he had a lot of wins for the organization, but since he wasn't able to communicate it out, the organization didn't see all of the value that was being brought.

Nathan Kaufman: Exactly. And you can have the amazing technical skills, which I feel that I have, but if you don't let anybody know about it, they're not going to know all the stuff you're doing. and that's a lesson learned, right? Like advocate for yourself, advocate for your team. Let everybody, not just the executives, but the broader audience, like get in the communication channels. Let them know what you're doing and setbacks. that happened, right? Like you don't need to not the nitty gritty details and technical stuff, but like.

Mike Kelley: But you need to be honest. Don't hide any of those stumbles. Every, all of us stumble. All of us have challenges and they turn themselves into opportunities. But if you're not communicating them, if I'm not communicating them, then I'm afraid of what's going on today. And I need to be able to be honest with the whole organization so that we can be honest about when things are going to be achieved.

Nathan Kaufman: Right? If things change, let people know ahead of time, right? Like, hey, we're going to roll out Active Directory and oh, three months later, we're not quite there yet. So let them know when things change. Why?

Mike Kelley: Yeah.

Nathan Kaufman: Why? And so they feel more comfortable with what it is doing.

Mike Kelley: Yeah.

Nathan Kaufman: And eighteen months. I think AI is the biggest hype right now. And I think it's one of those things that's kind of like a black box where, executives are like, oh, new shiny thing. We must do it, implement it in our whole organization, or we lose productivity and missing out. So it's like FOMO kind of. They don't really know what it is, but they need it. And so really, like, I think in the next eighteen months, people will start to figure out where AI can fit in in an organization's, probably not everybody needs it. And the organizations that can adopt and implement it well will have a far greater competitive advantage to those who just buy a tool and figure people will know how to use it. so there's a process to get people on board and start using it. And the cost of that, right? Like, oh, we're laying off sixteen thousand people because AI is going to replace all their jobs. I think it quite works that way.

Mike Kelley: Prove that it works before you lay them off. Yeah.

Nathan Kaufman: Right. Like don't just yeah, AI can replace some people sort of. But you still need a human in the loop. It's not perfect. man.

Mike Kelley: So is it not perfect?

Nathan Kaufman: No, it's definitely not. And, so I think really where I see the advantage is, already defined process and workflow. And then how can you tie automations in there where AI could fill the gap or make it faster and better and distilling that information? another way is like rag databases and stuff like that where like you can have like, for example, like all of these podcasts go in somewhere, right? You have the data, the transcripts, blah, blah, blah. And then AI can process that. And then you'd be like, oh, this podcast from three years ago that I did. And I talked about that. Like, you're not going to know that, but you can throw it somewhere in a database and search for it. So there's elements to this that are helpful. but having it replace everybody's job, I don't see that. Well, not in the next eighteen months. I just think that you got to find out where it fits best in the organization, what you want to accomplish, the outcomes you want, and then see if AI is the right fit.

Mike Kelley: Okay, so let's, let's break into a little of the conversation around some of that. because I foresee this being a huge aspect of this within the next eighteen months, that, right now there's a buzz around vibe coding. And so anybody can code because they can talk to these generative models and they can start to have the generative models write code for them. you've got some of that cyber security background and, when. Johnny Cornflakes is one of my coworkers. Loves to say. Starts figuring out how to vibe code and creates this program and introduces it inside of the CMMC certified network. what thoughts? Talk about shadow I t five coatings about to just cover us all in that.

Nathan Kaufman: Yeah. that's a big thing. So, right, like you gotta have governance and some sort of, controls on things, just filters and you can be aware of it, you can block it, you cannot block it. people typically will figure out a way around things that are blocked if they have some wiggle room. you can have some policies in place like don't do this if you do this, right. Like, bad things can happen, but that doesn't prevent a breach, right? That's a human element. so. Racemic, what I was talking about earlier is enclave, right? Like where is the data build an enclave and that's it. Like that's set. Once it's set, it's set. And if you want to introduce a change, you may have to bring an auditor again. And so that's going to pretty much deter any executive from having to spend that kind of money to have somebody audit if somebody wants to vibe code stuff. And then if you don't pass the audit because somebody's vibe coded things weird, now you lose all your contracts. So do you really want to throw vibe code in CMMC? Probably not. but is that on the other network? That's not necessarily a strict on compliance. how do you stop that? How do you prevent it? it's a cultural thing to a certain extent. And. I think the broader question is how do you stop shadow it? Because there's one aspect to it, right? And, I don't think it hurts to let people explore, but maybe giving them a kind of more isolated environment to explore so they can do it and not introduce it to production, before it's vetted and tested and secured. Like if people are going to play around, but if you don't let them play around in secure way, they'll do it on production network and well, that's typically not a good idea. So, my personality is generally, I love helping people. and, technology, I'm really good at it. Hone those skills. And so that's an avenue I can help others. and I like stepping into complex environments or environments that definitely need help and, getting things done in a way that provides like the organization value, build them up and, Like building teams, like high performance teams like that. That's a, Very rewarding thing. Like getting some, an admin to focus on the things they want to do with their career and then helping them achieve it and get their, leaders, the good leaders, I feel don't help just serve their staff, but they help build other leaders. And I love doing that. I take time to, lead. I guess lead myself first is probably the biggest thing. we're not all perfect, but we try and then, so I guess what fires me up is, solving a lot of business problems and helping people achieve what they want to accomplish, and technology is the way to do that. But building those personal relationships throughout the process.

Mike Kelley: Okay. And so along those lines, is there anything that you want to promote? anything that you're doing currently? ways that you're trying to succeed yourself. talk to us some about that, bring up some of those things and help let any of our listeners know what you can help them with.

Nathan Kaufman: So there's, a couple various things. I was a member of heroic us for a while. They have a person with growth coaching program, a lot of different things, but probably the piece that provides the most value is their philosopher notes. It's over seven hundred some books. This guy is read, he provides CliffsNotes versions. They're all related to like personal growth, stoic philosophy, like tons of stuff. if you want a good book to read, I recommend checking out the philosopher notes there. Ponda data, ponda information.

Mike Kelley: And what was the site again? Heroic.us heroic.us. Okay.

Nathan Kaufman: I think they were trying to do us dot us but heroic.us. and so the other portion of this, you can have all the logical theory and everything else, but there's an aspect to it of your nervous system and I don't know how many people have heard of this, but polyvagal theory. Are you familiar with that?

Mike Kelley: No. I'm not.

Nathan Kaufman: So there's, vagus nerve in your body that basically goes from your stomach to your brain and regulates the nervous system. And so, there's a certain element of how you respond throughout the day that is tied to your nervous system, your default reaction to stress and how you view things. and there's actually ways that you can train your brain. It sounds kind of crazy, but there's ways that you can train pathways in your brain, and work on this kind of like working out, you build muscles, you can really build like pathways in your brain to help you handle stress better, to help you handle challenges better versus just like reacting and not handling it, right. You can take a brief second back, do an exercise for like 10s and kind of flip that switch in your brain to get clearer perspective on what's going on. It's fascinating to.

Mike Kelley: Me. Yeah. For me, I've always thought of that as the difference between responding and reacting because for me, when I react, it's that instant just and response. Yeah, I've taken that step back. And then then move forward with a yeah, a response. Yeah.

Nathan Kaufman: What you want. Like not showing up how you want versus showing up reactive, which typically, doesn't always help. So it's positive, intelligence. Com it doesn't talk specifically about polyvagal, but I've done a lot of reading on this stuff. that's probably the most, effective program to developing the skills to, work through this process and figure things out. those two programs have definitely helped me out through this process. and if you need help, ask for it. I guess that's the other thing. Like don't be, shy to ask for help when you need it. I think, this kind of summarize what I said before is, when you're in the weeds, you may not really take the time to reflect on the value you provide. Just take that time to write it down. Celebrate the wins and, maybe even just write like a quick jot on like a note card by you that like you can remind yourself of like the worth and value you provide. Like those little things definitely help you get through the day.

Mike Kelley: yeah, find your champions. Yeah. find your champions. Help talk to them. Let them tell you some of the things that I don't know about you, but I have a tendency to shove down those wins. I worry about the losses and I carry those losses with me. But those wins, I have a tendency to go, oh, I'm just doing my job. I'm just doing my job. but when people recognize it and tell me, hey, this helped a lot. I got to capture those and I got to make sure to share that for my teammates, being somebody else's champion is just as important as being your own champion. It's okay for you to be your own champion. I think that's one of the other things Nathan's trying to tell us. So if you've enjoyed today's discussion, please make sure to give us some likes or hit some stars or or leave some comments on your podcast collecting application wherever you happen to get this stuff. And or if you happen to be a fellow nerd or a geek, join us at the youvebeenheard.com community so that we can talk about these things. No vendors are in there. It's just guys like us talking to each other and guys and gals. So everybody's welcome in the you've been heard community. Thanks for listening, everyone.

Nathan Kaufman: Thank you.

Mike Kelley: Thanks, Nathan. Truly been a wonderful discussion.