Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:00
Hi there, it's Tucker Legursky, a researcher
0:02
at Masters of Scale. It's
0:04
no secret that changes to the economy
0:07
can greatly impact the future of a
0:09
business, especially for those just beginning their
0:11
entrepreneurial journeys. That's why it's
0:13
essential to have a keen understanding of
0:15
economic events such as recessions, inflation, or
0:18
even fluctuating gas prices. Luckily,
0:20
our friends at the Planet Money podcast have
0:22
you covered. Each week, the
0:24
folks at Planet Money take world events and
0:26
break them down, explaining how it all ties
0:29
back to the economy. So
0:31
to better understand how the economy shapes
0:33
the world and your business, be sure to
0:35
check out NPR's Planet Money wherever you
0:37
get your podcasts. Now, onto
0:39
our show. Let's
0:44
take as knowing that novel
0:47
threats are the new normal. We're
0:49
always going to be facing an
0:52
attack that we don't quite
0:54
anticipate or was unexpected. And
0:57
how do you protect a business?
0:59
And AI is a really powerful
1:01
tool in that. And yes, AI
1:04
can be leveraged by the attackers
1:06
as well. But cybersecurity, it's nuanced
1:08
and it's evolving. It's self-learning. And
1:10
that makes it such a natural
1:13
home to be able to use
1:15
AI. You really get excited
1:17
about this. Like, I'm just... It's mad. I
1:20
love it. Hey,
1:27
everyone. It's Bob Safian. That
1:30
was me with Poppy Gustafson,
1:32
the CEO of cybersecurity firm
1:34
Darktrace out of London. We
1:36
talked about how AI has helped
1:39
both attackers and defenders in an
1:41
escalating cyber war that's
1:43
raging across the dark web. If that
1:45
all sounds mysterious, it
1:47
is. Though cybercrime has also become
1:50
way more professionalized and business-like than
1:52
I'd realized. Poppy is
1:54
both a guide to this world and
1:56
a passionate advocate for how technology
1:58
can help us... get the
2:01
most from technology. We
2:03
also talked about deepfakes, which are
2:05
getting richer and more common, and
2:08
how our biggest cyber risks come
2:10
from human weaknesses, not software. This
2:13
is an area that business people would
2:15
often rather not think about, but they
2:17
should, and it's actually quite
2:19
fascinating. So here's me and Poppy getting
2:21
into it. We'll
2:32
start the show in a moment, afterward
2:34
from our premier brand partner, Capital One
2:36
Business. Georgian
2:40
food is to Russia, like Mexican food
2:42
is to the United States. It's comfort
2:44
food. Georgian wine was also the best
2:46
wine, but the Russians had embargoed it. And so
2:48
I vowed that if I ever did open a
2:51
restaurant, I would sell all the Georgian wine I
2:53
could. That's Rose
2:55
Prevett, owner of the Michelin-starred restaurant Maidan
2:57
and Compass Rose. And she was on
2:59
a trip aboard the Trans-Siberian Railway in
3:01
December 2011 with her husband, former
3:04
NPR journalist, David Green. Snowy
3:07
Siberia is the perfect place to have your
3:09
eat, pray, love moment. Only she was able
3:12
to go around Italy and eat
3:14
pasta. I'm sitting on this sweaty
3:16
train eating stuffed pies. Back
3:18
in Washington, D.C., Rose had a career
3:20
in public policy, but she was contemplating
3:22
a personal pivot into the restaurant business.
3:25
And she had been particularly taken with Georgian food
3:27
and wine. The very
3:29
first smack in the face was trying to get
3:32
my liquor license. But first,
3:34
Rose had to navigate obtaining a liquor
3:36
license. We'll hear about that later in
3:38
the show. It's all part of the
3:40
Refocus Playbook, a special series where Capital
3:42
One Business highlights stories of business owners
3:44
and leaders using one of Reed's theories
3:46
of entrepreneurship. Today's playbook insight,
3:49
every successful leader needs grit. All
3:56
right, so let's jump in. So Dark
3:59
Trace is one of the... fastest growing tech
4:01
firms in Europe. You've got more
4:03
than 9,000 corporate clients around the
4:06
world. Just a few days ago,
4:08
DarkTrace released a report about the
4:10
state of cybersecurity risks
4:12
right now. One of your colleagues said
4:15
to me, threats are evolving at an
4:17
insane pace. That's absolutely the
4:19
case. As you said, we just published our
4:21
threat report. It's a look back on the
4:23
last year. One of the biggest takeaways from
4:25
me is that innovation isn't
4:28
something that's just available to the
4:30
good guys. The bad guys are
4:32
innovating and evolving constantly.
4:34
We're seeing a huge rise
4:37
in the number of what we
4:39
call as-a-service tools. So
4:41
ransomware is a service, malware is
4:43
a service. All the tools of the
4:46
attackers are now available to rent.
4:49
It's like a commercial
4:51
ecosystem around cyberattacks? There
4:54
are helplines for the criminals to use to
4:56
help them say, I'm trying to do this
4:58
malware as a service. I'm having a little
5:00
problem. So I press button A or press
5:02
button B. This is big business that's operating
5:05
on the other side of the dark web.
5:07
That's both fascinating and terrifying all at
5:10
the same time. It's
5:12
very much a business.
5:14
There was a big breach last
5:16
year on the pipeline attack across the
5:19
US, which saw people queuing for gas
5:21
stations. There was a huge uproar
5:23
as people were getting very frustrated not being
5:25
able to fill their cars. I
5:28
remember at the time, the attackers sent
5:30
out a statement saying, I'm
5:32
so sorry that we caused
5:35
so much harm and disruption
5:37
to society. In the future,
5:39
we're going to do better diligence as to
5:41
the types of organizations that we hack into.
5:43
You think, wait a
5:46
minute, this is a business
5:48
or this is a legal business. They're
5:50
basically signaling their principles in a way
5:53
that any legitimate business would do. It was
5:55
a real moment of this is big business that's
5:57
happening on the other side of these attacks. Recently
6:00
the Director of sister the U
6:02
S Security Infrastructure Agency testify before
6:04
Congress about the risks of like
6:06
this societal panic and next talk
6:09
about state actors and China and
6:11
why can't to U S or
6:13
the Uk government just take care
6:15
of all this is just too
6:17
hard. it's too big. One
6:20
of the biggest misconceptions I think about.
6:23
Side. That. He said it's.
6:25
A Binary. Problem say you have
6:27
like bad things or good things.
6:29
And that it's a specific trains. And
6:32
if only it were because then you could just say that he's
6:34
It was a. Bad. Actors hero, the
6:36
threats. That
6:38
matches against As and you're done.
6:41
But the reality is, it's much
6:43
more analog than that. It's things
6:45
are. A bit bad or
6:47
something that sought sauces and nine
6:49
but can become Miss S or
6:51
something. it's malicious to become been
6:53
nine but it's constantly changing and
6:55
evolving and transit tree which means
6:58
it's very hard to keep up
7:00
with which is why it's become
7:02
such a large scale problem staff
7:04
or seen it was can omit
7:06
for and third of the businesses
7:08
that with saying that they have
7:10
suffered financial impact and significant cyberthreats
7:12
in the last twelve months. I
7:16
mean the Hollywood version of cyber
7:18
attacks is like you know, some
7:20
evil tech genius rights who, his
7:22
findings software gaps or something to
7:25
sneak into systems. It sounds like
7:27
the range of threat actors and
7:29
kind of threats is even more
7:31
complicated. math. I would think
7:34
that the level of threat as a
7:36
sort of that are and the road
7:38
map as he lied to us attacking
7:40
have a sense and the top hands.
7:42
there's a lot of expertise in the
7:44
Nation States attacks and shouted the taxes.
7:47
Court. For infrastructure, from sorry targeted
7:49
attacks to get to a specific.
7:51
Thing that could be in water infrastructure for
7:54
example. But once you've
7:56
created that technology like the
7:58
Kitsap. The bag. Then
8:00
move into these and surprises that role
8:02
these attack thousand scale and mimic a
8:04
lot of the business practice sets we
8:07
see in this summit. Businesses such as
8:09
Safe as a services model that recite
8:11
see earlier and then at the other
8:13
and you've got your bedroom hackers who
8:16
are just there to sort of say
8:18
case. That. Skills and expertise
8:20
and just the coolest that disrupts
8:22
and all the way to receive
8:25
menaces. Insider said people who are
8:27
legitimate employees of an organization for
8:29
a ceiling disgruntled and they want
8:32
set upon is that organizations such
8:34
as such a broad spectrum of
8:36
understanding where that attacked may come
8:39
from. it becomes very. Challenging
8:41
Security Professionals twenty.
8:43
Six hate where it's gonna come
8:45
from By whom, for what benefit.
8:47
A Dark Traces Sort of predicated on
8:50
the idea that a I could be
8:52
a tool to sort of stay ahead
8:54
of that, but it seems like. As.
8:56
You talk about these things that
8:58
serve. The solution becomes the problem.
9:00
The problem becomes the solutions that
9:02
now A and with Gen Vi
9:04
the it's being used by threat
9:06
actors to make it more complicated
9:08
Again, We. Set out ten
9:10
years ago, Let's take his
9:13
nine. Set. Novel threats
9:15
or the new normal we always
9:17
gonna be say saying and it's
9:19
hat set we don't anticipate a
9:21
was unexpected and how d didn't
9:23
mean institute to business and I
9:25
certainly don't know what it is
9:27
going to be. An Ai isn't
9:29
really powerful tool in that And
9:31
yes, A I can be leveraged
9:33
by the attack as as well.
9:35
Not such a mess in a
9:37
moment. That cyber. Security.
9:40
It's nuance and it's evolving and
9:42
it requires an ability to reassess
9:44
decisions being made. A pass it's
9:46
is to take itself learning and
9:49
that makes such a natural same
9:51
to be able to use a
9:53
Ice to put the defenders on
9:55
the front set because ultimately to
9:58
defend the has the things. The
10:00
advantage they are the people that
10:02
know the thesis and it's culture
10:04
and it gets sly density better
10:06
than anyone else And by leveraging
10:08
ai they're able to on. They
10:10
descend as we sat knowledge and
10:12
stay one step ahead of the
10:14
attacker. I saw this
10:16
recent report about. Deep.
10:18
Sakes a finance for in Hong
10:20
Kong who was stamped out of
10:23
like twenty five million dollars by
10:25
a video call. With will.
10:27
Who they thought was there See a fall?
10:30
But. Turned out to be someone else
10:32
masquerading as they say fuck It doesn't
10:34
surprise me. It's something that. We see
10:36
all the time. the absence nice
10:39
to such as set C B
10:41
T that use a I and
10:43
center says a Isis pray conversational
10:45
praise. Be. The to set a
10:48
lot of us benefits mother's day nice
10:50
but susan it's could benefit from that.
10:52
We seeing. Phishing. Emails Being
10:54
crossed. it's easy need to send a
10:56
linguistic complexity of those emails has got
10:59
fall through their as it becomes much
11:01
easier for people to communicate in a
11:03
way that feels much more natural and
11:05
human. It might not be the first
11:08
language, but suddenly they're able to talk
11:10
in a much more convincing way. That
11:12
means you're more likely to pick on
11:14
that lane for do that. Saying that
11:17
that that and sixty to even do
11:19
otherwise said extrapolating that serve as we
11:21
think about. Enough. Seats renovations make
11:23
it much easier pretty steep sakes.
11:25
whether it's in order audiovisual with
11:28
access to your team's are you're
11:30
testing Is this? whatever it is
11:32
all of which broaden that the
11:34
footprint. The and it's have kids
11:36
but since she signed that way
11:38
infant organization, five sets of really
11:41
complicated and expanding tannins. And.
11:43
Like even of us call. How
11:45
do I know that You are
11:47
really You. And. How do you
11:50
know that you're actually talking to me
11:52
and not someone who's pretending to be
11:54
be? One of the things that we
11:56
try and look for is. the out
11:58
from other the mates is so Often what attackers
12:00
are trying to do is to create
12:03
a quick response that if
12:05
you had time to think about it,
12:07
perhaps you wouldn't do. But if you're
12:09
under pressure, they're trying to create an
12:11
urgency, so you respond before you've had
12:13
the chance to think. So
12:15
it's not about saying, how do I
12:17
authenticate this image that I'm receiving necessary?
12:20
But what is the behavior that has been
12:22
trying to be driven out of this communication?
12:24
Are they trying to create a sense of
12:26
urgency? Are they steering you to a behavior
12:29
that is unusual for your organization
12:31
or you and your behavior? So what
12:33
we tend to look for is not
12:35
saying, is this a threat? But what
12:37
is the outcome of this? And could
12:40
that be threatening to the organization or
12:42
something that's indicative of a behavior that
12:44
you'd want to control? And
12:47
when you find yourself that it maybe is that to
12:49
sort of pause and
12:51
try to find the right way to
12:53
confirm that this is actually something that...
12:56
This business does move at a much
12:58
faster pace than it ever
13:00
has. And so we are being put
13:02
under pressure to act quickly
13:04
in ambiguous situations in a different
13:06
way. Let's take a step back.
13:09
Cyber threats comes wherever
13:11
we mix people and
13:14
technologies. And the gap between
13:16
those two is what an attacker is
13:18
trying to exploit. And if
13:20
we had businesses that had
13:22
no technology, there'd be no cyber threats.
13:25
And likewise, if we had businesses that
13:27
were just technology and had no humans
13:29
in it, they'd be much, much, much
13:31
easier to protect. So it's that combination
13:33
that attackers are constantly trying to push
13:36
their way between. But
13:38
technology is a huge enabler for
13:40
so many businesses. And cybersecurity is
13:43
the thing that allows people to
13:45
embrace that technology. If
13:48
we really do our jobs properly, they
13:50
shouldn't be having to see that through
13:52
a cybersecurity lens. It's
13:54
not really having to have a conversation with me thinking,
13:56
oh, can I trust Poppy? Technology
13:59
has... The Power to be able to
14:01
take care of that and do a
14:03
lot of our understanding and dissemination itself.
14:06
The way you describe it, it's like
14:08
the people are the problem. Like if
14:10
it were just machines talking to me,
14:12
seems we wouldn't have the same risks.
14:14
Without people that would be far
14:16
less. Cyber. Attacks I
14:18
think that says to say. But it's also
14:21
safe to say that people are an essential
14:23
part of what makes our businesses brilliance and
14:25
it.say. see wanna let the people in the
14:27
business focused some what it is that they
14:29
do best. I mention
14:32
the congressional testimony from the
14:34
security folks earlier in one
14:36
of the things that was
14:38
brought up with almost an
14:40
admonition to business that in
14:42
the. Push. To get
14:44
things to market quickly that security
14:46
is sometimes B D emphasized almost
14:48
like there's an underlying vulnerability thread
14:50
the tech business because people are
14:53
rushing to fast My my colleague
14:55
Reid Hoffman or talks about the
14:57
need for blitz scaling that it's
14:59
important to go faster than you
15:01
think you can and less some
15:03
fires burn and you know, put
15:05
products out that may not be
15:07
perfect yet in the lens of
15:10
cyber security such as like a
15:12
bad idea. This. Is the
15:14
idea that software sits be
15:16
secure by design. Whereas.
15:18
A possible people should
15:20
be building products. That
15:23
sense in doubt. Security
15:25
sucks. That it makes. It's just
15:27
his job. Father. And
15:29
I agree with. Let's. Make the
15:31
attack. his job saw that whereas a
15:33
we can as a fast food to
15:35
school but a lot of this is
15:37
based on the idea is it. Gets.
15:40
Sacked will be nine a have. Somewhat
15:43
predictable or repeatable.
15:46
And. The reality is the vast majority
15:48
of these attacks on novel an unpredictable
15:50
and so you can never eradicate all
15:52
risk by building in that secure by
15:55
design that press it's have been
15:57
products. Out quickly is very rare.
15:59
Listen. very real benefit to people
16:01
bringing out things out to market and
16:03
in accelerated fashion. So the
16:06
reality is, is a compromise between those two.
16:08
But the idea that we could eradicate all
16:10
risk, I think, is unrealistic. And
16:13
for you in running your business
16:15
and running DarkTrace, like you are having
16:18
to respond to new threats, novel threats.
16:20
So there's a certain pressure on you
16:22
guys to get products out quickly
16:24
that can do that. And
16:26
at the same time, how do
16:29
you manage that sort of push to get there quickly
16:31
with the need to make your
16:33
own products secure and safe in that
16:35
way? This is the
16:38
brilliance of what we do at DarkTrace.
16:41
So cyber can be
16:43
viewed through two lenses. And
16:46
the first is just as you described.
16:48
So what's happening outside there in
16:50
that big bad world? And who are the
16:52
attackers? And what are all of the known
16:54
attacks? And what do we think that the
16:56
threats of tomorrow are going to be? And
16:59
then lock all the doors and fasten
17:01
all the windows against all of that
17:03
known threat. But the
17:05
reality is something's always forgotten or missed or the
17:07
human whose job it was to lock the doors
17:09
and windows had a bit of an off day
17:11
and didn't quite do it. There's always something that
17:13
goes wrong with that plan. And that's where DarkTrace
17:15
comes in. And we see the
17:18
problem through the opposite lens. So
17:20
instead of saying what's happening out there in
17:23
the threat landscape and what are the baddies
17:25
up to, we say, let's look at you
17:28
and your business and your
17:30
organization and just observe
17:32
the daily ebb and flow
17:34
of digital activity to learn
17:36
your unique digital culture, your
17:38
unique digital fingerprint, if you
17:41
like. And once you
17:43
know that, you can
17:45
always spot when it changes. You
17:48
can find the aberration that says this
17:51
could be a big alarm bell. Or there's something
17:53
very different that doesn't normally happen for your organization
17:55
is happening over here, or it could
17:57
be lots of small crumbs of evidence.
18:00
that come together. It could be a number
18:02
of different things, but we spend our time
18:04
learning and studying the business
18:06
rather than the threat, which
18:09
means when there's a
18:11
big new ransomware attack such as the
18:13
ones that US water facilities
18:15
are currently suffering from, when there is
18:17
a bigger event like that, we don't
18:19
have to come scrambling through and say,
18:21
quick, now let's update the dark trace
18:23
9,000 customers that we're protecting
18:25
for this new form of ransomware. It
18:28
will just find it. By virtue of
18:30
the fact it's not the business that
18:32
it's studying, there's no update or push
18:34
required. The AI learns on the job
18:37
that by virtue of the fact it's
18:39
not normal for that organization. It knows
18:41
that it's a threat that needs to
18:43
be intercepted and controlled. And of course,
18:46
all of this done entirely autonomously, entirely
18:48
by the software and without human intervention.
18:51
And so each installation of
18:53
dark trace for each business is
18:55
effectively different because it's learning from
18:58
that business and understanding that business
19:00
separately. With the passage
19:02
of time, each of those
19:05
installations becomes entirely unique and
19:07
completely bespoke to that organization.
19:10
But when it comes out the box, on day
19:12
one, when that license key is
19:14
typed in, it's exactly the same software.
19:16
Whether you're protecting a global
19:19
financial bank that's got
19:22
offices all over the world, or whether it's
19:25
one of my favorite customers as a small
19:28
hospice down the road from near
19:30
where I live or anything in
19:32
between. It's exactly the same thing,
19:35
which is artificial intelligence that goes
19:37
into that organization and learns unique
19:39
digital DNA. The
19:42
unique digital DNA of an organization.
19:44
That's pretty cool. What
19:46
surprised me most listening to Poppy
19:48
though was her description of cyber
19:50
attacks enabled by software as a
19:52
service providers. I never realized that
19:55
dark web was so business like.
19:57
Next up, Poppy is going to
19:59
explain the of running a
20:01
business where best case for
20:03
your clients, nothing happens. We'll
20:05
be right back. We'll be back
20:08
in a moment after a word from our
20:10
premier brand partner, Capital One Business. They
20:15
saw a very young woman who had never owned a
20:17
business before and thought the fight they were
20:19
going to fight was going to be the one against
20:21
me because there were a bunch of other
20:23
restaurants opening, but no one went after
20:25
them as hard as they would after me. These guys
20:28
wouldn't give up. We're back
20:30
with Washington, D.C. restaurant owner Rose Preffitt.
20:32
A decade ago, she was
20:34
opening her first restaurant, Compass Rose, in
20:36
the rapidly gentrifying 14th Street corridor.
20:39
But some disapproving members of the community were
20:41
determined to stop her, so Rose pounded the
20:43
pavement in search of support. We
20:46
knocked on doors and got hundreds of
20:48
petitions signed by our neighbors, and
20:50
eventually we did win. And
20:52
what ended up happening is those people felt
20:54
very invested in our cause. So when Compass
20:57
Rose opened, all those people came. Rose
21:00
was dedicated to her vision, and that grit would
21:02
prove essential as she faced the challenges of
21:04
being a first-time business owner, says Lauren Tresco,
21:07
head of brand partnerships and insights at Capital One
21:09
Business. When you're starting
21:11
out as a business owner, it's really easy to get
21:13
discouraged. The challenges you
21:15
have to face are daunting and constant.
21:17
In order to succeed, you really have
21:19
to be your own biggest advocate. But
21:23
getting a liquor license would only be the
21:25
first hurdle Rose faced, because in the middle
21:27
of D.C., she wanted to serve food, cook
21:29
outdoors, over an open fire. We'll
21:32
hear about that later in the show. It's
21:34
all part of Capital One Business' Spotlight
21:36
on Entrepreneurs, following Reed's Refocus Playbook at
21:38
all levels of scale. She
21:42
wanted to serve food, cook outdoors, over
21:44
an open fire. We'll hear
21:47
about that later in the show. It's all
21:49
part of Capital One Business' Spotlight on Entrepreneurs,
21:51
following Reed's Refocus Playbook at all levels of
21:53
scale. The
22:00
Break: We heard Dark Tracy, a
22:02
Poppy Gustafsson talk about the rapid
22:04
evolution of cyber threats and how
22:07
Ai is both an accelerant and
22:09
a tool for defenders. Now we
22:11
go into the odds psychology of
22:14
running a cyber security business plus
22:16
cyber impacts on elections handling problems
22:18
the don't have answers and more.
22:21
Let's get to it. You
22:23
mentioned serve the traditional way that
22:25
cyber security works desert an organization
22:27
needs that along with dark Price
22:30
like is Dark Trace a supplement.
22:32
You. Need a combination? The Princess. Sit.
22:35
Separately and organize a sin well.
22:37
Six. Zero bucks. Last line defense will
22:39
be on s threat face. You know
22:42
who the attacks at the past? You've
22:44
got that maria de mer of what
22:46
has happened historically. Let's
22:49
not suffered a same attacks against
22:51
the perimeter Aggie whoop seat states
22:53
out unless you're anti viruses that
22:55
you fireballs. But the
22:57
moment that something gets through, that's your
22:59
next line of defense By definition, can't
23:01
be relying on the same approach each.
23:03
It's to see the problem from it's
23:05
different sectors and that's what we do
23:07
here. It outright. And
23:10
then once. Your. Group may
23:12
be identifies that. The firewall's
23:14
technology will then be adjusted to try
23:16
to block those kinds of attacks right
23:18
then you're looking for the next. Exactly
23:21
says it's evolution. Avast as a
23:23
business has gone really sucks through
23:26
three chances and the sources say
23:28
this to say. We've. Identified
23:30
an attack and alarm bell would ring and
23:32
will say yes who and we think yes
23:34
groups of that. But. Very quick
23:37
even realize it at some react to
23:39
the plates wasn't enough that you can't
23:41
simply be another alarm bell ringing. And
23:43
so he moved into what I think
23:46
of is like the Axis say the
23:48
Middle period as of.faces lies to date
23:50
it's not enough. For me simply
23:52
telling Bold that he's been attacked.
23:55
We need to so both by stopping
23:57
at talking, taking it out. So d.
24:00
you autonomously make changes within that organization to
24:02
stop the attack within its tracks. And that
24:04
is done by the software itself. It's done
24:06
by the way it integrates with the rest
24:08
of the technology stack. But it's about saying,
24:10
you have been breached, but we're going to
24:13
stop it right now. So you might have
24:15
lost a few files, but you're not losing
24:17
a whole bunch of data. And
24:19
then the most recent phase is what
24:21
we call the proactive phase. So
24:24
given we have this unique understanding
24:26
of your organization, you very quickly
24:28
gain an understanding of how this
24:31
organization is uniquely vulnerable,
24:33
where its crown jewels are.
24:36
There's a window that's been left that we
24:38
can identify that window slightly ajar, but it
24:40
only goes to the stationary room. That's probably
24:43
not high risk. Whereas
24:45
over here, this door is unbolted
24:47
and that takes you to the
24:49
crown jewels. How do we proactively
24:52
wrap a blanket around that risk
24:54
and actively harden against those? So
24:57
you end up with this wonderful
24:59
virtuous circle where each phase feeds
25:01
into the next. And only
25:03
because you have that really rich understanding of
25:06
how best to respond to an in-progress
25:08
threat, would you then think, oh, we
25:10
now know how to proactively harden against
25:13
that in a way that's unique to
25:15
that organization, which then means you're more
25:17
uniquely to able to understand when that
25:20
business is breached and so
25:22
on and so forth. So you end up with this lovely
25:25
virtuous circle where each part informs
25:27
and enforces the other. You
25:29
really get excited about this. I love it. I
25:33
love it. You
25:35
just, you light up about the
25:38
sort of, the structure of all this. I
25:40
think it's because I'm a mathematician.
25:42
I studied maths at university and
25:44
I loved my maths lecture, but
25:46
in those days, it was a
25:48
big overhead projector and people were
25:50
writing formulas and then algorithms and
25:52
projecting it onto this big white
25:54
board and it felt very serial
25:56
and filled with people with leather
25:58
patches on their back. elbows and
26:00
now I am here running a
26:03
business where that mass, that
26:05
very same mass that we studied
26:07
all those years ago is solving
26:09
real life problems on real data
26:11
for like real organizations that all
26:13
of us benefit from and seeing
26:15
that mass in action is just
26:18
very exciting. It's kind of a
26:20
strange business that DarkTrace is in because in some
26:22
ways and you mentioned the new threat
26:24
report that came out like bad
26:26
news in the industry is
26:29
kind of good news for you
26:31
right because the more trouble there
26:33
is out there the more people
26:35
need what you have. No
26:37
I think very quickly want to avoid any of
26:39
that sort of ambivalent chasing behavior but I think
26:41
for me it's cyber security's
26:44
got such a pessimistic view. Whenever
26:46
you talk about cyber security people
26:48
imagine that person in IT that's writing their
26:50
finger and saying don't forget to update your passport
26:52
or else and you feel like it's you know
26:55
oh god I don't get this right and the
26:57
world's gonna it always feels like that you're
27:00
being told off and you have to
27:02
do this or else but it's a
27:04
very sort of critical or negative perception.
27:06
For me cyber security is such
27:08
a huge enabler like we all
27:10
love tech and we all love
27:13
seeing innovation that's happening throughout society
27:15
and cyber security is
27:17
the tool that enables you
27:19
to embrace that technology into your business
27:21
and explore it in a way that
27:24
if the worst were to happen you'll
27:26
still be okay. But
27:28
is this strange to be operating a business
27:31
where like in the best-case
27:33
scenario like nothing happens like
27:35
you prove your value by
27:37
by nothing happening? I
27:40
mean if we wanted a round of applause it would all go
27:42
and work for the circus wouldn't me. I do think it's if
27:46
we do our job right no one knows that
27:48
you've ever been there. We've got
27:50
customers we've got a wonderful neonatal
27:52
unit where those doctors and nurses
27:54
are doing a real job of
27:57
caring for babies
27:59
and they're relying on a lot of tech in
28:02
order to be able to do that
28:04
properly. And if DARTO
28:06
does its job right, they can just
28:08
take that tech for granted. There's
28:11
a lot of discussion in the
28:13
US about the integrity of
28:15
elections and whether results
28:17
can be trusted and whether bad
28:20
actors from Russia or other places
28:22
can influence things. From
28:24
your perspective, how much of that
28:26
is sort of conspiracy theory and
28:29
how much of it is real?
28:33
I can't comment specifically on terms of the
28:35
election, but when it comes to cyber
28:38
threats, attackers
28:40
are intentionally exploiting
28:43
human vulnerability to their own
28:45
advantage, trying to shape their
28:47
behaviors in a way that
28:50
is advantageous to them. I can
28:52
see how that translates to another
28:55
world when it's changing perceptions or
28:58
influence. I can absolutely see
29:00
that people will be driving to those ends.
29:02
And the idea about sort of hacking
29:04
into voting machines and
29:07
tabulation data and things like that,
29:09
that if that's happening, that is
29:11
probably more happening through
29:14
a human interface than a
29:16
technical one. Again,
29:18
it's always that interface between the
29:20
humans and the technology. And
29:24
attackers will be leveraging
29:26
their influence to change human
29:29
actions, to gain an entrance
29:31
into technology that they wouldn't
29:33
otherwise have that access to.
29:36
As a business leader, aside
29:39
from the specifics of cybersecurity,
29:41
is it getting harder
29:44
to run a business
29:46
and the role of what business
29:48
plays beyond its
29:51
shareholders? Running a business is always
29:53
hard because you're dealing
29:55
with stakeholders that are changing and
29:57
they're once a niece. Hunt
30:00
for a change a sort. Of Balance
30:02
says like coat sir' and
30:04
principles but business leaders fries
30:06
in that change and. If.
30:09
It was easy we wouldn't
30:11
need sea ice. I
30:13
mean only the hard questions should reach
30:15
your desk, right? But I guess if
30:17
you're a mathematicians, you like hard math
30:19
problems. Wow that. but the thing
30:21
about math problems is there is always an
30:24
answer as have with business problems is as
30:26
not always an obvious answer. He.
30:28
Has so have you decide. And.
30:32
Quit. See. Wins. And lot
30:34
is. Good. Advice some people that you
30:36
trust. Around see and with
30:38
and understand a seat. get it
30:41
wrong with sometimes you will. He.
30:43
Time. Change. Your mind
30:45
and forth correct and it's ha. Well
30:48
puppy this has great! Thank you so
30:50
much for spending time with us! Really
30:53
prescience. Alice of Brooks I said something to
30:55
me Thank you both. I. Could
30:57
have talked to Poppy for hours.
30:59
The window she offers into the
31:01
whole ecosystem of cyberthreats fascinates me.
31:04
The idea of it, say I
31:06
can keep us head of the
31:08
baddies as she calls them is
31:10
pretty compelling. But then there's the
31:12
reality that bad these are putting
31:14
those tools to work to and
31:16
you just have to come away
31:19
recognizing that like every other area
31:21
of business today, it's cyber security
31:23
is moving faster with more unknowns
31:25
requiring more attention than favour. whenever.
31:28
The promise of a I and technology
31:30
and I really believe in both. Our
31:32
world certainly isn't getting simpler. About.
31:35
Sassy And thanks for listening! And
31:38
now a final word from our
31:40
brand partner, Capital One Business. There's.
31:44
a road some tbilisi to western
31:46
georgia lines with women have burns
31:49
up and down their arms and
31:51
they're all making a sin and
31:53
mean it's honey raisin bread they're
31:55
all competing and they're holding a
31:57
piece of the bread and waving
31:59
it at you in the hopes that you'll
32:01
stop at their hut. We're
32:04
back one more time with restaurant owner Rose
32:06
Previtt and those women who bake bread in
32:08
backyard ovens had given her an idea. I
32:11
really, really wanted to have a fire outside,
32:16
but the health department shot me down hard.
32:19
But Rose had the fortitude to pursue her goal and
32:22
that meant rethinking how she'd get there. What
32:24
if she opened a second restaurant, one
32:27
that could accommodate an indoor fire? I
32:30
walked into this 140 year old warehouse, I
32:33
saw super high ceilings and this steam shaft that
32:35
was very rusted, but I had a feeling went
32:37
through the roof. I was like, I think I
32:39
can put the fire there. Midon's
32:42
charred eggplant and scorched flatbread have won
32:44
the restaurant its first Michelin star. Rose
32:47
has since added a third restaurant and a
32:49
wine importing business to her portfolio. And
32:52
she wouldn't have been able to do it without
32:54
grit, says Lauren Tresco of Capital One Business. Rose's
32:57
story is such an inspiring example of how
33:00
important it is to have tenacity when it
33:02
comes to building a business. So
33:04
many elements need to align in order to
33:06
scale your company and navigating that journey takes
33:09
fortitude. Capital
33:11
One Business is proud to support entrepreneurs
33:13
and leaders working to scale their impact
33:15
from Fortune 500s to first-time business owners.
33:18
For more resources to help
33:20
drive your business forward, visit
33:22
capitalone.com/Business Hub. Again,
33:24
that's capitalone.com/Business Hub.
33:27
As with every ad on Masters of Scale,
33:29
the entrepreneurs you just heard from were real
33:31
and unscripted. Because Capital One is
33:33
a financial institution, it's important to them
33:35
to be transparent about their relationship with
33:37
the entrepreneurs we interview. Some of
33:39
these entrepreneurs are Capital One customers and some
33:41
aren't. Capital One did compensate all
33:43
of them for participating in this campaign. Masters
33:48
of Scale Rapid Response is a Wait
33:50
What original. I'm Bob Safian,
33:52
your host and Masters of Scale's editor
33:54
at large. Our executive producer
33:57
is Chris McLeod. Our producers
33:59
are. Chris Gautier, Adam
34:01
Skusz, Alex Morris, Tucker
34:03
Legersky, and Masha Makotonina.
34:06
Our music director is Ryan Holiday.
34:09
Original music and sound design
34:11
by Eduardo Rivera, Ryan Holiday,
34:13
Hayes Holiday, and Nate Kinsella.
34:17
Audio editing by Keith J.
34:19
Nelson, Stephen Davies, Stephen Wells,
34:22
Andrew Nault, Liam Jenkins, and
34:24
Timothy Lu Lee. Mixing
34:26
and mastering by Aaron Bastinelli and
34:28
Brian Pugh. Our CEO
34:31
and Chairman of the Board is Jeff
34:33
Furman. Wait what was co-founded
34:35
by June Cohen and Darren Tripp. Special
34:38
thanks to Jodine Dorsay,
34:41
Alfonso Bravo, Tim Cronin,
34:43
Erica Flynn, Sarah Tartar,
34:46
Katie Blasing, Mary Elterrecker,
34:48
Chineme Ozuquena, Colin Howard,
34:51
Brandon Klein, Sami Aputa,
34:54
Kelsey Saison, Luisa Velez,
34:56
Nikki Williams, and Justin
34:59
Winslow. Visit Masters of
35:01
scale.com to find the transcript for
35:03
this episode and to subscribe to
35:05
our email newsletter. I'm
35:19
looking for a way to get listeners
35:21
to leave us a five-star
35:23
review on Apple Podcasts. Do
35:25
you have any suggestions? Absolutely.
35:29
One effective way is to engage with
35:31
your listeners directly during your episodes. Remind
35:35
them how much a five-star review can support
35:37
your show. What about
35:39
to try to convince listeners to
35:41
share one of their favorite episodes
35:43
with somebody in their life? Do
35:46
you have any suggestions for that? Certainly.
35:49
People love to share content that has made an impact
35:51
on them. So, remind your
35:53
listeners how sharing an episode can
35:55
start meaningful conversations with friends or
35:57
help others discover insights they've had.
35:59
benefited from. Would it
36:02
be okay if I use maybe our conversation
36:04
as a segment on the show? That
36:06
sounds like a creative approach. Using
36:09
a meta-conversation about engaging
36:11
your audience as a segment could
36:13
be
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More