This Week in Startups - Gavin Baker on AI platform shift, upside vs downside, extinction risk, Nvidia outlook & more | E1764
Episode Date: June 19, 2023This Week in Startups is presented by: Hampton. Are you a startup founder or CEO seeking expert advice? Join Hampton, the private, highly vetted community for high-growth founders. Get invaluable insi...ghts, connections, and support to accelerate your business at joinhampton.com/twist today! Squarespace. Turn your idea into a new website! Go to Squarespace.com/twist for a free trial. When you’re ready to launch, use offer code TWIST to save 10% off your first purchase of a website or domain. .Tech domains are the go-to namespace to build anything in tech… and home to the world’s most innovative startups. Secure your .Tech domain today and lock down a 1-year domain for $10, or a 5-year domain for $50 at go.tech/TWIST! * Today’s show: Atreides Management’s Gavin Baker joins Jason to break down the current macro picture, the AI platform shift, and the reshuffling of the entire tech deck. (1:27) They also cover the potential impact of AI recursively improving itself and extinction risks (15:06) before discussing chip demand, Nvidia’s outlook, and more! (25:13) Then, Embroker's Chief Insurance Officer David Derigiotis explains how to differentiate your business with cybersecurity! (40:24) Gavin's fireside chat was recorded live at LAUNCH Angel Summit in Napa. * Time stamps: (0:00) Gavin and Jason on joining the resistance! (1:27) Current macro picture, the AI platform shift, and how AI is reshuffling everything in tech (13:42) Hampton - Join Hampton's community of high-growth founders today at https://joinhampton.com/twist (15:06) Exponential compounding of generative AI, AGI chances, recursive AI improvement (23:55) Squarespace - Use offer code TWIST to save 10% off your first purchase of a website or domain at https://Squarespace.com/TWIST (25:13) Chip demand, Nvidia’s outlook, which high-end fields might be most at risk, extinction risks (39:02) .Tech Domains - get a 1-year domain for $10 or a 5-year domain for $50 at https://go.tech/TWIST (40:24) Embroker Chief Insurance Officer David Derigiotis gives a talk on how to differentiate your business with cybersecurity * Read LAUNCH Fund 4 Deal Memo: https://www.launch.co/four Apply for Funding: https://www.launch.co/apply Buy ANGEL: https://www.angelthebook.com Great recent interviews: Steve Huffman, Brian Chesky, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarland, PrayingForExits, Jenny Lefcourt Check out Jason’s suite of newsletters: https://substack.com/@calacanis * Follow Jason: Twitter: https://twitter.com/jason Instagram: https://www.instagram.com/jason LinkedIn: https://www.linkedin.com/in/jasoncalacanis * Follow TWiST: Substack: https://twistartups.substack.com Twitter: https://twitter.com/TWiStartups YouTube: https://www.youtube.com/thisweekin * Subscribe to the Founder University Podcast: https://www.founder.university/podcast * All opinions expressed in this episode are solely the speakers’ own opinions and do not necessarily reflect the opinion of any firm affiliated with the speakers. This episode is for informational purposes only and should not be relied upon as a basis for investment decisions. Clients of the speakers’ firms may maintain positions in the securities discussed.
Transcript
Discussion (0)
If there's some chance that this is a powerful enough technology to wipe out humanity, what is the upside?
I am not like, as far as the downside, there's not a lot I can do.
I will just say, like, if we're looking at a Terminator scenario, I will be in the resistance.
I will not be like a very, I won't be a very valuable member of the resistance, but it will be high energy.
But I think.
All right. I take him for my team.
Yes.
Any other resistance, what we do the resistance draft right now?
I think we'd be a good.
team. We're scrapping high energy. Like, we'd find a way to contribute. This week in startups is
brought to you by Hampton. Are you a startup founder or CEO seeking expert advice? Join
Hampton. The private, highly vetted community for high growth founders. Get invaluable insights,
connections, and support to accelerate your business at joinhampton.com slash twist today.
Squarespace. Turn your idea into a new website. Go to Squarespace.com slash twist for a free
trial. When you're ready to launch, use offer code Twist to save 10% off your first purchase of a
website or domain. And dot-tech domains are the go-to namespace to build anything in tech and home
to some of the world's most innovative startups. Secure your dot-tech domain today and lock down a one-year
domain for $10 or a five-year domain for $50 at go.com slash twist.
Gavin Baker is with us. So we can get into a little bit of privates and public markets.
By the way, Jason, you look, I feel like I always see you in black. You look great and white.
Okay. Truly great. I mean, let's give this man a round of applause.
Thank you. I'm going to take it under advisement. And it's going to be a lot of work because the wardrobe is all black, a couple of grays, and then two white suits.
So I'm going to have to really think about this. So you heard a lot of the time.
today. I saw her in the audience. And there's a lot of discussion about value, the value of these
companies. Obviously, we're in a really dynamic environment. It's the best first six months for
the NASDAQ in decades, I think. For sure. And we were led to believe that this was going to be a
disaster. Unemployment remains incredibly like lifetime lows. Inflation remains pretty high.
The stock market is a mixed bag, and we have all these late stage companies that are just an
absolute mess.
Train wreck.
Train wrecks.
And so what are we, when you look at the market and you're looking for opportunities
placing bets, what's your assessment of this Malstrom, if we can come up with a term
for this moment?
Yeah, well, the first thing from a macro perspective, I think it's just important to be very,
very humble and avoid having a strong view.
And for the simple reason is the Federal Reserve, they employ more PhD economists than any institution on earth by a factor of two.
They have all the computing power they want to run simulations.
They get what is effectively the equivalent of inside information and that they get all sorts of daily sales feeds from big retailers, the big credit card companies.
They know what is going on with the economy more than anyone else.
And they control the single most important dependent variable for predicting the future of the economy.
And that is the price of money.
So they at some level control the outcome.
And yet they regularly make forecasts.
And if you look at their forecasts, they have zero predictive ability looking out more than six months.
So if that's, you know, if that's a success rate of the Fed, like I think we should be very humble as
investors. But the reason, like, the NASDAQ has had this extraordinary start is Gen AI. And this is for me,
I think for everyone in the room, the next three years are going to be the most exciting three
years of all of our careers. And for the simple reason, there had been nothing new in technology
in more than 10 years. So there was cloud computing in 2012. Before that, there was the iPhone in 2007.
and before that there was the internet, which I would date to the Mosaic browser in 1993.
Those were all at some level new methods of distribution.
You know, the iPhone and the internet, they directly distributed just existing content,
you know, made it very easy to access.
Cloud computing was just a better, more efficient, cheaper distribution mechanism for software.
I think this is one reason that people went so crazy over the last five or six years
trying to kind of create new distribution channels.
This is why Facebook spent $60 billion
trying to bring the metaverse into being.
It's just a new distribution channel like the internet.
It's why Amazon spent $50 billion on Alexa,
which is a new distribution channel, ambient computing.
Because that was the paradigm that it created value
for the last nearly 40 years.
And then along comes Gen A.I.
and this is fundamentally different.
This is not a new distribution channel.
If the computer was a bicycle for the mine to quote Steve Jobs,
Gen. AI is somewhere between, you know, a race car and a spaceship for the mine.
It's much more akin to the invention of the rotary steam engine in 1769,
which upon the whole industrial revolution and changed every aspect of life.
And 90% of people used to work, you know, basically in agriculture.
Now, it's less than 1%.
And I think it's that level of social and structural change that we are looking at.
And this is the first fundamentally new thing in technology in more than 10 years.
And it is for sure in my mind going to be bigger than the internet.
I get somewhere between the internet and the invention of fire.
And I think one way to kind of, I think one way to frame, you know, up, down,
and upside are correlated not just in investing, but with new technologies. You know, so, you know,
nuclear weapons. It's amazing. Cheap abundant free energy forever should, you know, we have the political
will to do that. Or could, you know, wipe out the human race. Elon, who you were close to,
has been warning about, you know, AI has an extinction risk for a long time. And really in the last
month, all sorts of people who had been really skeptical have come out and said, you know what,
like, you're right. This is an extinction level risk for humanity. And so if there's some chance that this is a
powerful enough technology to wipe out humanity, like, what is the upside? I am not like, as far as the
downside, there's not a lot I can do. I will just say, like, if we're looking at a Terminator scenario,
I will be in the resistance. I will not be like a very, I won't be a very valuable member of the
resistance, but it will be high energy. But I think,
All right, I take him for my team.
Yes.
Any other resistance, but we do the resistance draft right now.
I think we'd be a good team.
We're scrapping high energy.
Like, we'd find a way to contribute.
You know, you always want a bit of crazy on your side, especially in a leadership position during an apocalypse.
That's why I know that that's where I'll thrive.
I'm actually rooting for AI to be a Terminator-level situation because I think I'll naturally be at my best.
Yes.
I don't know if I'm rooting for it, but it would certainly make life very interesting.
interesting. But I think 90% it's going to be awesome. Like I, you know, I say I'm going to die on
Mars because I want to see a blue sunset and for sure SpaceX is going to get us there. But I used to
be really sad about two things. One, I thought I was probably going to be the last, one of the last
generations who didn't have the option to live a radically extended life. Now I think for sure I am.
And instead of, you know, dying, watching a blue sunset on Mars when I'm 85, I could easily be
185. I think the technology is that powerful, that profound, and it totally reshuffles the deck for all
of tech. And that's why I just feel like, if you were in this room, if you're an investor, if you're
involved with tech, this is what you live for. Yeah, I mean, we saw in Steve's chart that just like,
hey, you know, everything's been like this. But it's kind of like this now. That little step
is so meaningful because he's been running around with that chart for a long time.
And, you know, Steve has, it's a great chart. It's a proprietary Jervison chart. But, you know, he gets his, you know, he's got a little bit of that, you know, he gets a little OCD on something. And he's been obsessing about that chart for a long time. And is he still in the room? He is, right? There is. Trust to me, Steve and I are good friends. He gets a little obsessive. Yes. And for him to be like, I've been working on this chart for 12 years. And then it's like, boom, something changed. It shows you the brilliance of Steve Jervinson. There's something there in that chart that is undeniable, which is something.
happened with these GPUs and the processing power and the software stack that now is going
to compound. And the great paradox of this, I think, and I'll let you unpack it, is the people
who did that are also making the software that will make the next leap possible. So the concept
of compounding, like Steve, I think said, you know, like, oh, we're benefiting from the
peacetime dividend of the iPhone, you know, all those sensors. The piece time dividend,
of AI is going to be enormous.
What is the next generation of chips?
The next generation of chips is going to look like?
And is it going to be Nvidia runs away with it or Apple announced their M2 today?
Is everybody so now keyed in on this?
A trillion dollars is going to go into this.
And that step function steps again.
Yeah.
So a few things.
So first of all, what happened, it's very interesting.
I don't know if I really believe this.
But a human being is trained over its first,
the neural networks that run all of us are trained on 10 to the 24th power of flops,
floating point operations per second.
And chat GPT, GPT 3.5 really took off when it was trained with that exact same amount of data.
You know, it's just, it is a neural network that is the whole field of neural networks.
It is, you know, at some level modeled on the human brain.
And it is cool.
You know, the peacetime dividend, the iPhone and cloud computing were foundational technologies for this.
So the AI has been around for 80 years and it's gone through, I think that's right, 1960, no, 60 years.
It's gone through it.
It's actually invented at Dartmouth the first time someone spoke about it.
But deep learning and this idea of neural networks was around for a long time and it didn't work.
And so it was abandoned.
And there were other avenues of research like expert systems.
And it turned out all the theory of neural networks and deep learning was right on.
We just didn't have enough computing and we didn't have enough data.
So the iron law of AI is if you want to double the performance of an algorithm,
you must train it on 10x the data.
And you measure the performance of an algorithm is variance from zero errors.
So if you go from 99% accurate to 99.9.9%
inaccurate, you've added 99.5, you've doubled the performance. Human beings. We operate at 5'9s
all the time. I can do this all, like I can sit up here and do this all day. Until very recently,
that was almost impossible for a robot. Like, we're amazing in many ways. But what happened with
the iPhone and cloud computing, cloud computing, gave us the computing power necessary to train these
algorithms. It wasn't just Nvidia GPUs. It was the ability to put 50,000 of them to,
together and have them work on the same data set for months at a time.
So that huge pool of computing and then the data created from the iPhone, you put those
two together, that's how you got chat GPT.
This is very important to just pause on and let it sync in terms of compounding,
the power of compounding.
If the internet didn't create things like Gmail, Wikipedia, Reddit, Cora, it sounds silly,
Google to index it.
And then by indexing it, let people find things.
they were interested in, their own pursuits to then, you know, whatever it is,
1% or 2% of people will actually contribute.
How many people have edited a Wikipedia page more than twice?
Done more than two edits.
Like there's some weird people in the world who have done that.
There's like, in this room of technologists, it's 5%.
I know.
We'll talk to you.
You guys have a separate table at lunch.
It's just the wiki editors.
But those weirdos and the people who do Quora questions,
what about stuff?
I'm talking.
Not joking.
Those people are the foundation of this.
Had that stuff not, if people hadn't been tweeting, making subreddits, that's what's created
this demon.
We unlocked the demon through those seemingly.
Anacuous, individualized contributions.
Contributions has now led to this.
It's so bizarre.
It's 100% right.
These big LLMs that power generative AI are trained on the whole internet.
When you're the founder of a high growth startup, things are chaotic.
pretty often, let's be honest. You face a ton of questions, you've got problems that you don't always
know the answer to, especially if it's your first startup. But you don't have to do this alone.
That's where Hampton comes in. Hampton is a highly vetted private community exclusively for founders and
CEOs. What's their mission? Founders' mission is to create the most valuable and engaged community
for high growth founders. And here are why some members have already called it life changing.
When you join Hampton, their membership team carefully hamps seven other members to join your core
group. It's almost like a mastermind group, right? Okay, so now you got your core group. This group is like
a personal board of directors for you. They're going to provide you with advice, critical feedback,
and they're going to aim to help you accelerate your growth. I mean, that's what we're all in it for
anyway, right? Personal growth. We want our companies to grow, revenue to grow, the amount of money
we raise to grow, all that good stuff. So Hampton members run some of the fastest growing startups in
the world, and you probably use some of their products like Morning Brew, Blank Street, Coffee,
a dribble and more. The connections, personal accomplishments, and a sense of belonging are what
make the Hampton membership so special. Community is everything. You know that. Like here,
this weekend's our artistic community and here is an even smaller, more focused, tighter community
for you to take a look at joining. If you're ready to scale your business, join the Hampton
community today at joinhampton.com slash twist. I love this idea. Joinhampton.com slash twist today.
But, you know, in terms of the exponential agent compounding, what's really exciting,
and this is what some people call a hard takeoff scenario
is the idea that now the artificial general intelligence,
you know, that GPD 4 and more probably GPD 5,
can begin to improve itself recursively.
And that's how you get a true super intelligence.
Give us an example of this,
because this is the part where I think the general public,
they hear people say, you know, okay, artificial general intelligence,
it's, you know, going to be as smart as me.
It passes the touring test.
It already passes a turning test.
For sure.
We need more tests.
But this AGI scenario and the recursive learning and Google BARD talking to chat GPT-5, talking to Po, talking to Falcon, whatever, these things are going to start talking to each other and getting more intelligent.
Can you give us an example of what that might look like or how it might manifest?
Yeah, well, past is off in prologue.
And I would just look at the progress from GPT3 to GPT4.
So GPT3 came out in 2020.
And it could essentially do nothing that GPT4 could do.
And GPT4 could do all sorts of things that GPT 3.5, only nine months ago, couldn't do.
So GPT4 today, effectively at the same time, can pass the multi-state bar to become an attorney,
the medical licensing exam, the toughest MBA exam, which is the UPIN operations exam.
it can, there's, talk about strange, strange phenomenon, people, there's, there are these things
called the college biology Olympiads and the college physics Olympiads and people who are
super into, and by the way, I wish I was smart enough to ever compete in one of those, but anyways,
the smartest college students who are physicists, biologists, or chemists compete in these
Olympiads. And GPT4 scores in the high 90s on all of it. Not only can it
do that. There's something called the Higgs-Bosson particle. It can provide you proof of the Higgs-Bosson
particle has a poem or write a mathematical proof of the existence of primes as a poem. It is already
superhuman and doing things that no human can do. And it has something called the theory of mind,
understanding that people have their own mindsets and respond to stimuli. It has an interest.
representation of the world. And that's just in one to three years. Without a huge amount of funding,
right? You know, $100 billion went into crypto. You know, Open AI did this basically on a shoestring,
okay? Now that $100 billion is coming to this. And so the progress is going to...
Where is that $100 billion? Has anybody found it yet?
Where did it all go?
I was still looking for that.
The guy from Binance has got pinched today.
It's in private jets, mansions, nice apartments.
I mean, all over the world, yachts.
It's somewhere.
It's somewhere.
But yeah, now you're going to have a massive chip stack being pushed into this.
And now we're, and also into, I think, the big data, you know, dream that, I don't
know if it was IBM or, you know, whoever were just big data, big data.
Remember that 15 years ago?
and it kind of just fizzled.
And now we're like, oh, yeah, that big data thing,
they were right about that too.
We just didn't know how to query it or how to use it
or why we were storing everything.
But maybe you could talk a little bit.
You talked about the 185 year lifespan.
I actually agree with you on this because
maybe we'll have some Yamazaki on Mars.
Let's do it.
And watch a blue sunset.
I can't wait.
But this is going to be really interesting
when something like the Apple Watch and these sensors, people are doing, you know, blood, you know, sensors,
etc.
When all that data, every x-ray that's ever been taken is fed into this and then correlated with
everybody's heart rate, oxygen levels, whatever, I mean, we don't know what we're going to find
at all.
Yeah.
But it knows how to find it because you can already today upload a PDF and say, what am I looking at
in this spreadsheet?
And it's like, okay, here's what you're looking at.
at, tell me some trends. It's like, here's some trends. You mean, you're going to be able to just
look at that data set and say, find us ways to make humans, you know, more fit. It knows what you mean
and we'll come back with answers in the next couple of years. Absolutely. Yeah, I feel,
I mean, I feel kind of bad. It's like for the last, you know, learned to code became like a pejorie,
you know, a thing. You told someone who you wanted to do something else on Twitter, and there was this,
you know, belief system that getting a computer science degree. And then I'd say the last
years a data science degree was really going to be the path to success.
It was bulletproof.
It was bulletproof.
And I, and it like, what, what these, what these transformers, these LMs fundamentally do is they
mean that the human language is now the programming language for machines.
You don't need to know Python.
You could get software to do everything you wanted to do just by.
speaking to it, similarly with data, chat GPT code interpreter.
You can just speak to data and it can understand data with a totally new data set.
You know, Brad's trading at LLB, so are we.
I'm super excited to be able to speak to my data.
But I think, and it's going to be transformative, but in the same way, software has a service,
replace software, and the same way, you know, if we had been here pre-2007, like I was a gadget guy,
You know, like I had, I had my Blackberry.
I had my Nokia flip phone.
I had a, you know, I had a digital reader.
I had my laptop.
I had a digital camera.
I had an iPod.
All of that was consolidated into this.
The same thing is going to happen with software.
ChatGPT today can already do almost anything that any other piece of software can do
where a human being would relate to it.
So in the same way that all these discrete pieces of hardware were consolidated into one iPhone,
software is going to be consolidated into this one medium.
And its foundation models as a service are going to replace software as a service.
Isn't it extraordinary that?
I agree with you.
Yes.
The interface is now going to be talking to your computer, whether you choose to do it with text or voice.
100%.
It's all the same thing.
Isn't it amazing how close Alexa and Siri came to this, but they just opened the wrong door?
They went left when they should have gone right.
Yeah.
And they spent 50 billion on Alexa.
But it's not just this.
I mean, it's like all of content is going to be personalized.
Like you're going to like this, this calls it to question so many things.
Like what is the value of the content that social media depends on if you're not, if you can't
know whether content was real or not. Everybody fell for the fake, you know, photo of the Pope.
That's just the beginning. You know, the value of Netflix and all these movie studios is on their
libraries. In three years, like, I'm going to say, I'm a big science fiction nerd. I want to watch
a movie where the Frimmin from Doom encounter an imperial star destroyer. And then I want some Jedi
to come in. And then I want the Star Trek Enterprise come in. I'd like it to be 87 minutes
long and I'd like it to have a happy ending. And I'm going to watch that. So so many things are
going to change. And that's why it's just, it's so exciting if you were an investor. Like everything,
the deck is being completely reshuffled. This is a totally new kind of opportunity. And the person was up
here before, I will admit, I'm personally excited. Like, talked about strike zone. Like, this is my
strike zone. Because at the beginning of new technology, the only sure winners are pixel
shovels, semiconductors, deep tech, because you don't know the application layer winners yet.
Like in 1996, you know, when the internet boom was really getting going, you know, people thought
AOL was the winner. Google hadn't even been invented. You know, similarly, like, you know, the true
winners of the iPhone era took a long time to emerge. It's going to take a long time for these
application layer winners to emerge. And for a lot of mega-cap tech, this may end up being a
sustaining innovation.
Listen, we have been doubling and tripling down on Founder University here at launch.
In fact, it's kind of the future of our firm, and it's amazing for us to work with hundreds
of early stage founders, even before they incorporate, right?
They have ideas, and they're trying to figure out what tools to use to make their ideas
into our reality, and we're seeing so many of these Founder University startups using Squarespace.
Everybody knows Squarespace has beautiful design templates.
They're all mobile optimized.
And of course, they have powerful e-commerce integrations, but did you know that Squarespace also added member areas?
This is where you can sell members-only premium content, okay, educational stuff, et cetera.
And if you're a consultant of some type, you have now appointment scheduling built into Squarespace.
So listen, if you build it on Squarespace, everything's going to work.
They keep adding amazing features, and you're going to load super fast on your desktop and mobile.
It's going to look great, super easy to edit, super easy to evolve.
And if you're looking to start your business, you can't go wrong with Squarespace. We all know that.
So I want you to head to Squarespace.com slash twist for a free trial.
And when you're ready to launch, use the offer code Twist to save 10% off your first purchase of a website or domain.
We love your Squarespace, our longest running partner here on This Week in Startups.
Thank you so much for supporting our founders and for supporting this week in startups.
But the one thing is, all of these models, all of this, that's going to require a lot of chips.
And by the way, I mean, it's, you know, NVIDIA's done.
It's going to require a lot of sub-conductors, and this is my strike zone.
Is NVIDIA run away with it?
Or do you believe it's going to be a multi-horse race?
So there's two questions in here.
So in Dune, there's something called the water of life.
And if you take the water of life, you either succeed or you die.
They say, you know, oh, take the water of life.
They try to fail?
No, they try to die.
And that has been competing with
Nvidia and data center GPUs
for last 10 years.
I think there's a lot of reasons
to think
that
that Nvidia may finally
begin to lose some share
for the first time.
But I mean, the market is exploding.
Is it possible, though, that
because watching the software gains
if you go to Hugging Face and you look at
some of these models, it does
feel like the open source software crowd is
like, hmm, if we make better
software. We need less compute. We don't have access to that compute. So therefore, we're forced as a
group of rebels to fight this on a different war. We're not going to fight fairly. We're going to
optimize the heck out of this and we're going to use less compute. This is exactly right. And
this trend really began. It's amazing how fast this is moving. So Facebook released something
called the Lama model, which was a much smaller model. And that set off this Cambrian was in,
somebody's slide, that set off this Cambrian explosion of innovation with transformer-based architectures
and LLMs. And it is evolving right now towards smaller model sizes. And if I were to make a
prediction, and I think it's just important to be so humble because, like, one, I don't have a
computer science degree. I have been in and around this stuff for 25 years now. But to solve
general intelligence, AGI, you're going to need a huge model. You're going to need a model that is
trained for a long time on a massive pool of GPUs on every piece of content ever created by
the human race. But for narrower tasks, like, hey, I just want a model that's a really good doctor.
we're going to have small models for that.
And that has very profound implications for GPU demand.
I mean, paradoxically, like something that's so important to humans, like doctors,
might be the easiest model to make.
And these are things that are in incredibly high demand.
Yes.
Where people around the world are fighting for doctors.
And it might be that doctors can be replicated and do a better job on a Android phone from 10 years ago.
well you said it not me i have a lot of friends who are doctors i don't want to bum them out because it's
like if computer scientists and data scientists like worked hard like doctors they went through a long time
but yeah well i mean anything that was memorization anything that was learning a language and was
rules based yes is now the first group to get hit which is kind of a if we if we start thinking about
revolutions, like a bunch of white-collar people who went 250 or 500K into debt to a school
to get this position of power, they're going to fight against this. And this is why I think we
know this is very real. The moment I realize that this is in no way hyped at all is when I saw
the Writers Guild, the last item on the second page was, we want to ban chat GPT from the
writer's room. And you can't train any models on previous IP. And the response that the
WGA got from the studios was, our counter to you writers who want to ban, you know, AI is we'll meet
with you every year to discuss technology, new technologies. Like literally, it was fuck you.
Of course. Because they see it clearly. Put all of Marvel and Star Wars in your prediction into
language model and great stuff's going to come out. Amazing. It'll be exactly what I want because
every time, if I stop watching a movie, my own personalized AI will learn, oh, Gavin didn't like that.
I'm going to make something different next time. But what you said, it's very important. So
everything is tech is cyclical and, you know, kind of, and it's all built in these sedimentary
laterers, but we go back and forth between the centralization of compute to the edge.
You know, compute was centralized in the 70s and 80s, that it was distributed to the edge with the
server, that it was re-centralized with cloud computing.
And I think we're going to see a move back to the edge, particularly with these small
models that you reference.
But another thing that is coming back into Vogue, cloud computing, companies like
AWS, they made it, they abstracted all the hardware away.
If you were a programmer, software programmer in the 70s, 80s, even the 90s, you spent
a lot of time thinking about, oh, I don't want to use a lot of memory, I don't want to use
a hard disk space, like, because I take up too much space, I might not get on the computer.
And like cloud computing made that meaningless.
You could use as much compute as you want it.
And as you reference, we solve this AI problem with just vast amounts of compute.
But what is going to come back into Vogue?
So a GPU is like, what we'll call it, the size of your iPhone, costs $50,000.
As Brad said, you've got to wait three years to use.
to get one if you want to use it.
Yet, in the papers from Open AI and Google,
where they trained their Palm and GPT3 models,
this is back when Open AI was maybe a little more open,
and they released data,
the GPUs they used to trade them were only utilized 30% of the time.
Because human programmers and even, you know,
the data architects who set this up,
they're not used to having to optimize
for a resource.
And because H-100s are so important,
they're now scarce,
when there's a scarce resource,
it gets optimized.
And you're just starting to see that.
And it's,
the optimization could lead to gains
that were unproductive.
Absolutely.
And the optimization
will be done by the AI itself.
It's going to look at that 30%.
And AI will answer that question for the developers.
You'll be like, hey, here's a solution
to use the other 70s.
AI is already being used to design.
chips. What happens when something as powerful as GPT6 is designing a chip, designing the, you know,
the software and data stack that's used to trade itself, and then starts rapidly and recursively
training itself. This is why people are worried about, you know, there's a famous thought
experiment by guy named Nick Bostrom, where an AI, you know, if you gave it the job of like, hey,
we want you to, you know, maximize the number of paperclips in the world, it would find a way to convert
everything into paperclips.
And I think what COVID taught us is, you know, all modern civilization, it is just a thin veneer.
Like, you know, February, March, it was scary.
And that was like, COVID was not a good virus.
It's like if an AI decides, like, oh, these human beings are scary.
Well, we're just going to make a few tweaks and introduce a much better novel coronavirus.
then make sure that RNA vaccines will work on it.
Yeah.
That is why serious people, I mean, this stuff sounds crazy,
but the closer someone is to this, the more worried they are.
And if you ask anyone who's deep in this,
what are the odds that this is an extinction event for humanity in the next 10 years?
And you survey the top 500, the top 1,000,
it's consistently between 5 and 20%, 5% and 10%.
that's like playing Russian roulette with the human race
with a revolver that has between 10 and 20 chambers.
Like, I would not do that, but we're doing it,
and it's going to happen.
And, you know, I hope that it's,
I hope that we're in one of the 19 chambers that's empty,
and it's awesome, but I live forever.
Thanks for coming, everybody.
This is just the beginning of our program.
Tomorrow's going to be equally in thrilling and terrifying.
It's, you know, at least we're on the journey together.
Yeah.
Resistance.
And we will, yeah, if we have to fight, we fight.
But it feels like, you know, these conversations are very healthy to be having because we always, as a society, I think, look at, you know, whatever unintended consequences, we kind of deal with them in the review.
We're like, oh, we knock some shit over.
Okay, yeah, Instagram is probably causing a bunch of teens to kill themselves and it's causing a bunch of body dysmorphia issues and people are getting, you know, anorexia.
Yeah, we should probably change that.
Let's debate it for 10 years and do nothing.
Here, this is like the first time in my lifetime and certainly in our lifetimes that we can remember a technology being introduced and everybody going, let's think about how this could go off the rails.
Let's prepare for it.
let's have a vibrant debate about it.
Yeah.
And the only other time that I think that happened,
and it's amazing that Nolan's coming out with this film Oppenheimer,
at this time.
100%.
Which proves to me this is a simulation.
Yes.
Because whoever coded this simulation,
it's like, you know, it'd be great to fuck with them.
Yes.
Let's give them the H-100 chips now and A-100s.
At the same time, let's have the greatest filmmaker of this generation
replay the Nazi race for the atomic bomb.
Just let's see what happens in that simulation and how they take that.
Yeah.
It's a simulation.
Baby.
Who would be Oppenheimer?
I actually think, in terms of actually Evidence the technology,
I actually think you have to give it to Jensen.
I wouldn't give it like Jensen at Nvidia.
He ushered this into being.
to make video games faster?
Yes.
Well, it turns out, to make 3D graphics,
you just have to crunch a bunch of relatively simple math really quickly.
That is what AI is, in parallel.
Critical.
That's what makes it quick.
And that's what AI is.
You know, it's very funny.
All these startups, you know, raised all this money to go try and compete with
Nvidia, the data center.
They had, you know, they were not aware of my water of life.
principle when it comes to competing with
Nvidia in the data center.
And they had, like, on every deck,
it was like, how likely is it that chips
that were developed for video games
are good for AI? And it's like, well,
100% likely.
Fate loves irony.
Fate loves irony. It is,
you know, in the same way,
like, you did not understand
what the iPhone would actually do
at scale to billions of people, or
Starlink will do.
You know, we just didn't understand
that people would take that GPU
so you can play Call of Duty
and make it as lifelike as possible like a movie
or that people editing Wikipedia
would train this.
There's a great William Gibson quote,
the street finds its own use for technology.
And here we are.
For sure.
And it's like,
and it's like,
we're an exciting time.
You know,
Steve talked about SpaceX.
Like, we are going to become a multi-planetary species.
We're going to be able to go to Mars.
Like, that's going to really reduce
the extinction risk.
You know, we're going to like climate change, like we're all going to be driving EVs, you know, affordable utility scale battery storage. Like, you know, fossil fuels are slowly going to phase out. Like we're, we're living at an awesome time.
We are literally, we've already solved climate change. We just haven't implemented the solution fully.
Yeah, well, do you believe that?
Yeah, yeah. Compounding will just, compounding will just take care of it. You know, photovoltaic cell efficiency compounds. It. It.
roughly 8% a year, battery cell efficiency is compounding at 6.
I suspect Tesla is probably compounding at a faster rate than that.
And when you put those two things together, like the world already runs on sunlight,
it just runs on sunlight that is stored in the carbon-based organisms of, you know,
ancient creatures and that we turn it into, you know, natural gas and oil,
we're going to just directly run on sunlight.
It's going to be awesome.
Yeah.
And when the sun's not around, we just have a little nuclear.
Well, that's why you need the storage.
Did you see?
That's why a battery cell cop out of his port.
Did you see Phelan had a couple of negative energy days.
They're like, energy will, is now cost negative.
And it's like, what do you mean?
It's like, yeah, we didn't kind of, we built the software.
And now you're, yeah, it costs negative because they have so much solar, wind and nuclear at
the same time, they had to burn it off.
It's crazy.
Yeah.
Love it.
Love it. We're going to solve everything.
Yeah. I'm optimistic.
All right, everybody. Give it up for Gavin.
After investing in over 300 early stage startups, I've seen it all.
I've seen thousands of pitches. And I can tell you, one of the early indicators of success
for me is having a great brand. And it's hard to get a great brand if you can't get
a great domain name. Why? The domain name and the brand. They're so synonymous. They want to
have something simple and easy to remember. And this will raise your credibility with investors
and your customers.
So check out the latest hot domain.
It's called dot tech.
This is one of the go-to namespaces for anybody working in tech now.
It's home to some of the world's most innovative startups.
Like 1x.Tech, a really innovative robotics company building humanoid robots.
And in the latest YC cohort, there were a ton of people using dot tech.
It is sweeping the startup nation.
And I just got my own dot tech, Jason.
And I'm building a micro blogging site.
Go check it out.
And secure yours now.
and get a great deal. Check this out. You can lock down a one-year domain for just 10 bucks and a
five-year deal for 50. You want to lock it down from five years. Of course, you don't want to forget
and then have somebody else snipe it. Nope, drop 10, drop 50, get it locked down. And here's your offer.
Go.com.com.com slash twist. Once again, the word go-go.t-tec-h-the-slash-twist. Go.com.com slash
T-W-I-S-T to lock in that great deal right now.
Next up, Mbroker's chief insurance officer David Derogadis gives a 25-minute talk on how to differentiate your business with cybersecurity.
Specifically, you'll learn how to protect your business from cyber threats and why this is more important right now than ever before.
This was recorded on the Founder University podcast, which you could find across all podcast players and on YouTube.
Good morning, good afternoon. Thank you so much for joining me today. And my name is David Dare Jodas. I'm the chief insurance officer.
with and broker.
And I'm going to talk a little bit about how cybersecurity can differentiate your
business.
There's no question around the concerns that everybody has for cyber attacks, ransomware,
security incidents.
It's in the headlines every single day.
So I want to talk about why it's important to not only invest, but how it can also be
used as a differentiator for you and your organization, why it's important to your clients,
customers, and your vendors as well.
So just a quick little background of myself.
Again, my name is David Dary Jodas. I'm the chief insurance officer within Broker. I oversee all of our
insurance programs, products, claims, and actuarial services for the insure attack. I have 20 years of
experience within the specialty professional cyber risk management liability space. Prior to
Mbroker, I was the national practice group leader with an international wholesale insurance broker
overseeing their specialty underwriting programs within professional cyber risk, D&O, as well as all of their
brokerage operations as well. And prior to that, I also have experience with two different
international A-rated insurance companies, again, all within the special professional liability
and cyber risk space. I'm also a certified information privacy professional with a concentration
in U.S. privacy law, a certified information privacy manager, and I'm a fellow of information
privacy privacy with the International Association of Privacy Professionals. So that's a quick overview of my
background. Now, I want to get into why is this important? Why are we talking about this? Why now?
What's the big deal? There are a few things that are going on across not only the United States,
but really internationally as well. Of course, we have GDPR, which is important for anybody that
collects information or does business in the UK and abroad overseas. We also have a brand new news
of the national cybersecurity strategy that was issued by the White House. And again, this is something
that they talk about really every year, every presidency, but what's unique about this is, you know,
a couple of the finer points that they pointed out within their release. So I just, I want to read
specifically from the press release. I want to talk about what that means. You know, they stated,
we must rebalance the responsibility to defend cyberspace by shifting the burden for cybersecurity
away from individual, small businesses, and local governments, and onto organizations that are the
most capable and best positioned to reduce risks for all.
all of us. And the White House released that specifically last month. So what does that mean? They're
looking to change liability and pass off liability from not only just the organization that experiences
the data breach. And again, we hear about these in the news quite frequently, but they're
looking to specifically hold software companies liable for failing to build security into their
products. Now, there's some work that's going to have to go into making this a reality. There's
going to have to be legislation that's passed. But they have stated that's their
intent. So any organization, and that's a big part of what our client base is made up of, all sorts
of technology companies, SaaS companies, you know, technology related across all sorts of
industry segments, they're looking to hold those organizations accountable for data breaches and
security lapses if they did not invest and spend the time in quality around security and privacy
within those products. So just something to keep in mind. Again, we're a ways off before that
becomes a reality, but it's just important to understand what's on the minds of leaders and
those in Washington. We also have a number of privacy consumer laws across the United States
because we don't have a national privacy law that's in place. That's been something that Congress
has fought over for many years for a variety of reasons. But what we have seen as a result of that
absence is different states popping up with their own consumer privacy laws. So as it stands today,
California, Colorado, Connecticut, Iowa, Virginia, and Utah all have specific consumer privacy laws.
And there are about 20 other states as well that have active language where they're looking to pass and get new laws into place.
We see this every single year.
There are all sorts of laws that will be proposed and regulation that's proposed.
A lot of them don't make it through on the other side.
But every now and again, we see another pop through and we see another state that goes live.
and that's what we've seen with this year as well.
So it's just important to understand
if you're collecting information
on a consumer or a client that's based in those states,
there'll be additional privacy regulations
and rules that you'll have to be in compliance with.
Some of those things include giving consumers
the right to access their information,
the right to correct that information,
giving them the right to delete that information,
and of course having the proper notice
and transparency requirements for them to view
and make sure that they're okay and comfortable
with that type of data being collected.
shared or sold with any other organization.
So it's just important to understand what's going on.
From a regulatory standpoint, we are seeing more regulation around privacy risk.
We are seeing more regulation around consumer rights.
So again, depending on where you're operating your business and what type of clients
and customers you're serving, these certainly could apply to you.
And of course, ransomware has been in the news a lot.
There was a little bit of a lull last year, but it's become extraordinarily active again,
all of these different operators and groups in 2023.
So I want to spend a little bit of time showing you some ransomware operators from the
dark web.
I want to give you really a view of what it looks like when they compromise an organization
and they share that organization's data online for others to access.
It's something that I think is important to understand to know what happens on the
back end when a compromise like that does occur and to know how you can prevent it
from taking place or be properly prepared in the event that something does happen.
So, and then of course, there's all sorts of emerging technologies that we need to keep our eyes on.
Chad GPT has been one, artificial intelligence that's been in the news quite a bit.
You know, it's important to understand how those services operate and the way that they're utilized.
And I think it's important to understand how it could potentially expose your organization if you have employees that are using it.
There's nothing that is, in terms of privacy, there's nothing that's protected from a confidentiality standpoint if employees and individuals are using it.
and there's already been a case where one organization,
their employees were putting very sensitive source code information into it
because they were looking to solve a problem
with coding errors that were taking place.
Another instance, there was an employee that uploaded group meetings
or employee meetings into the interface,
and they were looking to have those notes rewritten
so that they can share it with everybody sounds harmless.
And so you realize you're sharing very sensitive,
confidential corporate information into a system
that is being monitored in real time by all of the researchers,
and there could be a data breach.
You never know what can happen.
So it's important to know if you're going to allow your employees to utilize and access
these types of tools.
You want to be careful about what is specifically being shared in terms of trade secrets
or very sensitive corporate information.
So these are some of the things that are going on overall across the United States
when it comes to a privacy, regulatory, and cybersecurity standpoint.
So let's look at some of the numbers now.
Again, I don't think it's a surprise to know that cyber risk is on the mind of all sorts of organizations
large and small.
You know, the cost of cybercrime is expected to hit $8 trillion this year.
That's globally.
Cyber attack concerns have risen from 36% to 50% in 2022.
And that's some interesting data.
What Broker did last year in late Q4s, we published a report and we wanted to survey over 400
of our clients, our VC-backed clients.
to figure out how cybersecurity was on their mind, how it was impacting their organization, and
some of the things that they were worried about. And again, 50% responded and said that they expect
to experience a cyber attack in the year ahead. That was a 14% increase from last year.
68% responded and said that they've actually experienced an attack at some point. So again,
we're talking more than half of all those individuals that we surveyed have already experienced
some type of attack. There's obviously going to be costs associated with dealing with it,
with managing all of that, and it's a real drain on resources. 97% said that they discussed
cyber risk and related issues with their board of directors. So again, knowing that this is
something that's reaching the highest plateau, highest peaks within the organization. And again,
it's no surprise to hear those things that cyber risk is on their mind that they've experienced
an attack and that they're forecasting there to be some type of attack going forward.
And I think if you look at some of the data that's being shared, in particular by the FBI,
you look at some of the largest losses that are taking place within organizations large and small.
There's something what's called a business email compromise attack, BEC attacks.
Those grew by 13% in 2022 over the prior year.
We're talking about $2.7 billion in business email compromise.
And what that is, you can have somebody that will either spoof an email or they will actually
compromise somebody's email inbox and they will send an email that looks like or it's under the
guys of the CEO or the CFO or somebody that's in a position of authority and they'll be asking
to wire transfer some amount of money. And this has been a serious loss leader for the insurance
industry because policyholders, again, of all sizes, all industry sectors have been impacted and
hurt by this. So it's something to keep an eye on. Now I want to talk about some of the things later on
in the presentation that you can do to make a difference there and to curb some of those
attacks and those threats.
So what can you do to protect your business?
Again, part of this is talking about how cybersecurity and investing in this space can not
only help you as an organization, but really how can be a differentiator for you in terms of
your brand and how you serve and protect all the data that you collect on your clients.
So I talked about electronic funds transfer, you know, that being a very important
and significant part of losses.
There are a few things that you need to do to make sure that you're not falling victim
to these types of attacks.
Of course, setting up multifactor authentication is a big one within your email and other
privileged accounts and other systems, other apps that you're using.
Giving that second barrier or providing forcing, that second barrier will make it much tougher
when somebody just has an email address and a password to be able to access your account.
So that's first and foremost.
But there are some rules that you should put in place internally.
to be able to catch any type of fraudulent wire transfer request.
Number one, confirm the requester's identity.
Before proceeding with any wire transfer request,
it's important to verify the identity of person
that's requesting that transfer.
You can do this by calling the person
using a known phone number that you have on file for that individual.
We're using a separate email to respond back to the request.
Don't go through the initial request that you've received.
I've seen that happen from time to time,
and all the person does is respond back to the attacker.
And they're saying, yep, go ahead.
we're confirming this, go ahead and send it,
then the person sends it, and then they're out that money.
Number two, you're going to want to verify the details of the wire transfer.
So again, going over the name, the account number, bank routing number,
all of those details is going to be very important to look for any discrepancies
or any false information that's on there.
Number three is going to be used a secondary verification method as well.
Maybe having another form of communication and app,
some type of chat bot, some type of phone number that you have on,
file again to re-verify that the verification is accurate.
And then look for some red flags.
And I think that's very important.
That's going to come into training and developing your staff.
Look for red flags such as a rush request or an urgent request or something that's
unexpected, a change in payment instructions, a request for secrecy if it's coming from,
you know, they think it's coming from the CEO or the CFO.
Those are some of the things that should be really jumping out to you.
and they'd have to be really investigated to make sure that you're not falling victim to these
types of attacks.
So I think those are very important.
That goes in line with, of course, training your employees in knowing what to look for.
I think if any organization has this type of plan in place, it's going to allow them to really
thwart or prevent 99% of the attacks that takes place.
And again, this is an area of losses that the insurance industry as a whole have really
experienced quite significantly over the last several years.
really ramped up probably within the last 12 to 18 months quite considerably.
And then I think there are some other things outside of that.
Again, I talked about how to verify having the process in place, making sure that you're
reviewing access to the information that's being collected, making sure that you have a
good understanding of the data that your organization is collecting, storing, sharing with
others, and of course, being transparent with your clients and customers about the data that
you're collecting.
It's going to allow you to operate in compliance.
with the various laws, rules and regulations all across the country, whether they're federal or
state-specific. And I think making sure that you have the proper insurance is another big one.
That's going to help round out any risk management program. Make sure that you're not only investing
in your technology and in your compliance, but in the event that you need to go a little bit deeper
in terms of resources, in terms of forensic firms having access to these types of organizations,
a cyber insurance policy is going to do all of that for you.
So it's looking at cyber insurance as more than just the necessary evil
in form of other lines of insurance that you have to purchase.
But I like to look at cyber insurance almost as an investment
because it's going to come with all sorts of risk management tools.
It's going to come with access to the appropriate vendors.
And of course, what anybody expects from insurance,
which is that financial protection, that balance sheet protection in the event
that something does happen.
So now what I want to do here is I want to show a few screenshots.
And this is of the dark web.
This is a couple of different ransomware operators.
And I want to give you a feel for what it looks like.
Ransomware attacks, again, they took a little bit of a lull last year,
but they're certainly back on the rise now in 2023 with no signs of really slowing down.
But what will happen is like this particular group,
if you look at one of the top screenshots here,
they give instructions around what to do if there's a compromise.
Typically, they're going to walk the victim organization through the process,
how to purchase Bitcoin, maybe send a little bit through initially to show that the transaction
is open and they did it correctly. Then you can send the rest of the amount that they asked for
shortly after that. You can also see that there's a warning sign, but really a warning message
at the bottom where they don't want any negotiators involved. And again, I can understand why they
don't want it because typically the cost of what the ransom demand is is typically brought down.
and they just simply don't like dealing with anybody that has the expertise, has the knowledge, or is there to assist.
They want to keep the pressure on the organization while they're afraid, while they're backpedaling, and while they're scrambling.
So that's one particular screenshot from a ransomware operator where they give the instructions and they have a warning built in as well.
If you look at the screenshot next to that, that's what it looks like when they're making information publicly available.
So a lot of these ransomware operators have their own PR page on the dark web.
And what they've done here is maybe it was an organization that decided not to pay.
They did make all of the data that they captured absolutely free and accessible to anybody who knows where to get it.
So this is what one bit of information looks like.
You can go through and click through the various files, pull up the various documents.
There are PDFs.
There could be all sorts of other spreadsheets that are within there that have Social Security numbers,
that have dates of birth, and could have financial information within there.
but this is typically what it looks like
when that information is in fact made public
and then just there's a screenshot of another
ransomware operator here on the bottom
left just to get a feel for what it looks like
and the one that's been extremely
active as a way is
LockBit 3.0 and here you're going to
see a host of organizations
that they have compromised and that they have put up
kind of on their wall of shame
to show that
if they don't make a payment there will be
negative consequences for that
and typically that's double extortion
there's a compromise, they lock up all of your files,
but before they do that, they exfiltrate all of the data,
and they pressure you.
If you want access back to your systems and your data,
you better pay if you don't pay.
Well, they took your information,
they're going to dump it online and make it available to anybody who wants it.
So this is the behind-the-scenes look
at what some of these groups look like and how they operate.
Now, this next one is just a few other screenshots
across the dark web.
With so many individuals working from home,
I think it's important to understand the added risk
that an organization has.
We have computers that are being used by
parents, they're being used by children,
they're used by other members of people
in the house. And when that happens,
you can end up with some type of malware
that's constantly collecting passwords
and other sensitive information.
And that's what we have right here
where logs are being made available, you know,
for purchase.
Here we have some other screenshots, again,
of other services that are available
on the dark web. You can see in the far right one,
there's a hacker for hire.
They're looking to offer some of their services.
You can see the cost,
just like any other website that you might go to where you're looking to pay for services
rendered, you know, here that you can pay in Bitcoin, and they'll do all sorts of things.
They'll spend time attacking somebody's Facebook or Twitter account.
They'll spend time attacking somebody's mobile device.
Or you can even hire them for a full 30 days, if you like, for the price of $9,500,
and they'll do whatever project you want to assign to them.
So again, these are some of the risks that we face as organizations and individuals
and some of the services that are available online on that.
the dark web. Now, how can you leverage this to really differentiate yourself? I think it's important
to really showcase your commitment to clients. You can include a cybersecurity statement on your
website that really shows your commitment to security and the measures that you have in place to
protect your customer's data, as well as any certifications that you might hold. I think it's
important to leverage social media as well. Social media platforms can be used to promote the
company's cybersecurity initiatives, share relevant news and information, educate your customers
on best practices. So if you're spending the time doing these things, if you're spending the
money and making that investment to protect data and to show that you care about privacy,
cybersecurity risk, I think it's important to very carefully share that information. You don't
want to be shouting from the top of the rooftops. You know, I think that can certainly draw attention
to you. But again, having a statement on your website for the clients that visit, leveraging your
social media accounts to talk about some of the things that you're doing.
You can even host a webinar or event that focuses on a variety of cybersecurity topics such
as data protection.
Could be identity theft prevention that you have in place, as well as other secure online
practices that you have implemented.
Doing this will showcase to your customers that the company's invested in educating
and protecting them.
I think providing resources for your clients is a nice thing that you can do as well.
Businesses create, offer all sorts of resources, whether it's a white paper, ebucks or infographics,
that provide clients with the cybersecurity best practices and tips to help them stay safe online.
So those are some of the things that a business can do to showcase the investment that they're
making and why it's important. And I think that gives a little bit more comfort to clients
that are doing business with you. And I think some of the things that you don't do also speak
volumes because we've all seen all sorts of data breaches and security incidents that have taken
place over the years. And it was handled in a complete debacle. You know, it was handled in a
manner that left people frustrated. There was not a lot of transparency. So avoiding some of the
pitfalls that organizations have made in the past, I think will go a long way. You know, if you look
at some of the most common mistakes that organizations make, delayed response in notifying,
notifying their clients or disclosing the breach that took place, providing inadequate communication.
I've seen cases where companies provide very vague or incomplete information about the breach.
it just leads the confusion and frustration from those that have been impacted.
And then insufficient preparation,
companies not taking the time, you know, ahead of the event.
You know, you have to forecast and plan for something to take place.
You have to have a good incident response plan in place.
And if you don't, it can lead to all sorts of disorganization and ineffective response when something does happen.
I think lack of transparency is another big one.
Companies not providing clear information about what information was compromised.
Who was affected?
and what are the steps being taken to prevent something from happening in the future going forward?
I think those are big mistakes that organizations make.
And then last is really a failure to take responsibility.
You know, companies deflect blame or they downplay the severity of the event.
I've seen that plenty of times where they release a statement and it talks about they'll give a number or a type of data that was impacted.
And that only has to be revised coming out three days later, four days later, by expanding that number and expanding the type of data that was involved.
I think those are things that really frustrate many consumers, many individuals that are doing business with that organization.
So it's all about handling it in a correct manner.
Prop.
Notification, companies that promptly notify affected individuals of the breach and provide clear information about what data was affected and what steps are being taken are very important.
Transparency being transparent and crystal clear about the breach and taking responsibility for any mistakes that have been made, having very clear communication around,
what exactly happened in timeline, you know, trying to minimize any type of uncertainty or confusion
that arises following a data breach. And then providing adequate customer support, I think making
sure that you're providing, whether it's a call center, free credit monitoring, other services that can
help remedy the situation are very important. And that's all tied up with preparation as well.
Making sure that you're taking the steps ahead of time you're rehearsing, you have people designated
across a variety of different areas within your organization that know what to do, that can snap into action,
having that incident response plan in place will go a long way. And again, insurance can help
with a lot of these things because cyber insurance has become so much more than just financial
risk transfer. But again, it's the services and access and risk management to all of these
tools, all of these vendors that can help any organization prepare ahead of time, as well as
deal with an incident when they're in the thick of it as well.
So you want to be very proactive, not reactive, engage with your customer base,
provide information that can help benefit them, which will include all sorts of resources
and tools that will show your commitment to cybersecurity.
So I know that was a lot of information.
I wanted to close by sharing maybe some free resources that I think will be very important
and you can look into to have access to.
the cybersecurity and infrastructure agency, CISA, they provide a range of different tools and resources,
including best practices, guidance documents, toolkits for businesses to implement security measures.
They also offer some free vulnerability scanning and assessment services, which I think is important
to take full advantage of.
There's NIST, the National Institute of Standards and Technology.
They provide a framework that can help businesses identify, assess, manage cybersecurity risk,
and includes guidelines and standards for securing your systems and networks.
And then there's a website that I think is important to take a look at or at least have in the back pocket.
Stop ransomware.gov.
And it's from the cybersecurity infrastructure and security agency.
Again, they provide a range of resources, tools to help you prepare for dealing with ransomware,
to help you manage it if you're in the thick of it, and to just provide better education
and understanding around the most recent threats in groups that are very active.
So all of these tools can be utilized absolutely for free.
and I think implementing and having a commitment to cybersecurity
will not only benefit you as an organization,
but it will help differentiate you as well,
which is very important.
And of course, you can go to our website
and brokker.com forward slash startups
to take a look at the resources, tools,
and access that we have to a variety of insurance products as well.
Thank you.
