This Week in Startups - Gavin Baker on AI platform shift, upside vs downside, extinction risk, Nvidia outlook & more | E1764

Episode Date: June 19, 2023

This Week in Startups is presented by: Hampton. Are you a startup founder or CEO seeking expert advice? Join Hampton, the private, highly vetted community for high-growth founders. Get invaluable insi...ghts, connections, and support to accelerate your business at joinhampton.com/twist today! Squarespace. Turn your idea into a new website! Go to Squarespace.com/twist for a free trial. When you’re ready to launch, use offer code TWIST to save 10% off your first purchase of a website or domain. .Tech domains are the go-to namespace to build anything in tech… and home to the world’s most innovative startups. Secure your .Tech domain today and lock down a 1-year domain for $10, or a 5-year domain for $50 at go.tech/TWIST! * Today’s show: Atreides Management’s Gavin Baker joins Jason to break down the current macro picture, the AI platform shift, and the reshuffling of the entire tech deck. (1:27) They also cover the potential impact of AI recursively improving itself and extinction risks (15:06) before discussing chip demand, Nvidia’s outlook, and more! (25:13) Then, Embroker's Chief Insurance Officer David Derigiotis explains how to differentiate your business with cybersecurity! (40:24) Gavin's fireside chat was recorded live at LAUNCH Angel Summit in Napa. * Time stamps: (0:00) Gavin and Jason on joining the resistance! (1:27) Current macro picture, the AI platform shift, and how AI is reshuffling everything in tech (13:42) Hampton - Join Hampton's community of high-growth founders today at https://joinhampton.com/twist (15:06) Exponential compounding of generative AI, AGI chances, recursive AI improvement (23:55) Squarespace - Use offer code TWIST to save 10% off your first purchase of a website or domain at https://Squarespace.com/TWIST (25:13) Chip demand, Nvidia’s outlook, which high-end fields might be most at risk, extinction risks (39:02) .Tech Domains - get a 1-year domain for $10 or a 5-year domain for $50 at https://go.tech/TWIST (40:24) Embroker Chief Insurance Officer David Derigiotis gives a talk on how to differentiate your business with cybersecurity * Read LAUNCH Fund 4 Deal Memo: https://www.launch.co/four Apply for Funding: https://www.launch.co/apply Buy ANGEL: https://www.angelthebook.com Great recent interviews: Steve Huffman, Brian Chesky, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarland, PrayingForExits, Jenny Lefcourt Check out Jason’s suite of newsletters: https://substack.com/@calacanis * Follow Jason: Twitter: https://twitter.com/jason Instagram: https://www.instagram.com/jason LinkedIn: https://www.linkedin.com/in/jasoncalacanis * Follow TWiST: Substack: https://twistartups.substack.com Twitter: https://twitter.com/TWiStartups YouTube: https://www.youtube.com/thisweekin * Subscribe to the Founder University Podcast: https://www.founder.university/podcast * All opinions expressed in this episode are solely the speakers’ own opinions and do not necessarily reflect the opinion of any firm affiliated with the speakers. This episode is for informational purposes only and should not be relied upon as a basis for investment decisions. Clients of the speakers’ firms may maintain positions in the securities discussed.

Transcript
Discussion (0)
Starting point is 00:00:00 If there's some chance that this is a powerful enough technology to wipe out humanity, what is the upside? I am not like, as far as the downside, there's not a lot I can do. I will just say, like, if we're looking at a Terminator scenario, I will be in the resistance. I will not be like a very, I won't be a very valuable member of the resistance, but it will be high energy. But I think. All right. I take him for my team. Yes. Any other resistance, what we do the resistance draft right now?
Starting point is 00:00:29 I think we'd be a good. team. We're scrapping high energy. Like, we'd find a way to contribute. This week in startups is brought to you by Hampton. Are you a startup founder or CEO seeking expert advice? Join Hampton. The private, highly vetted community for high growth founders. Get invaluable insights, connections, and support to accelerate your business at joinhampton.com slash twist today. Squarespace. Turn your idea into a new website. Go to Squarespace.com slash twist for a free trial. When you're ready to launch, use offer code Twist to save 10% off your first purchase of a website or domain. And dot-tech domains are the go-to namespace to build anything in tech and home
Starting point is 00:01:13 to some of the world's most innovative startups. Secure your dot-tech domain today and lock down a one-year domain for $10 or a five-year domain for $50 at go.com slash twist. Gavin Baker is with us. So we can get into a little bit of privates and public markets. By the way, Jason, you look, I feel like I always see you in black. You look great and white. Okay. Truly great. I mean, let's give this man a round of applause. Thank you. I'm going to take it under advisement. And it's going to be a lot of work because the wardrobe is all black, a couple of grays, and then two white suits. So I'm going to have to really think about this. So you heard a lot of the time. today. I saw her in the audience. And there's a lot of discussion about value, the value of these
Starting point is 00:02:03 companies. Obviously, we're in a really dynamic environment. It's the best first six months for the NASDAQ in decades, I think. For sure. And we were led to believe that this was going to be a disaster. Unemployment remains incredibly like lifetime lows. Inflation remains pretty high. The stock market is a mixed bag, and we have all these late stage companies that are just an absolute mess. Train wreck. Train wrecks. And so what are we, when you look at the market and you're looking for opportunities
Starting point is 00:02:42 placing bets, what's your assessment of this Malstrom, if we can come up with a term for this moment? Yeah, well, the first thing from a macro perspective, I think it's just important to be very, very humble and avoid having a strong view. And for the simple reason is the Federal Reserve, they employ more PhD economists than any institution on earth by a factor of two. They have all the computing power they want to run simulations. They get what is effectively the equivalent of inside information and that they get all sorts of daily sales feeds from big retailers, the big credit card companies. They know what is going on with the economy more than anyone else.
Starting point is 00:03:25 And they control the single most important dependent variable for predicting the future of the economy. And that is the price of money. So they at some level control the outcome. And yet they regularly make forecasts. And if you look at their forecasts, they have zero predictive ability looking out more than six months. So if that's, you know, if that's a success rate of the Fed, like I think we should be very humble as investors. But the reason, like, the NASDAQ has had this extraordinary start is Gen AI. And this is for me, I think for everyone in the room, the next three years are going to be the most exciting three
Starting point is 00:04:11 years of all of our careers. And for the simple reason, there had been nothing new in technology in more than 10 years. So there was cloud computing in 2012. Before that, there was the iPhone in 2007. and before that there was the internet, which I would date to the Mosaic browser in 1993. Those were all at some level new methods of distribution. You know, the iPhone and the internet, they directly distributed just existing content, you know, made it very easy to access. Cloud computing was just a better, more efficient, cheaper distribution mechanism for software. I think this is one reason that people went so crazy over the last five or six years
Starting point is 00:04:50 trying to kind of create new distribution channels. This is why Facebook spent $60 billion trying to bring the metaverse into being. It's just a new distribution channel like the internet. It's why Amazon spent $50 billion on Alexa, which is a new distribution channel, ambient computing. Because that was the paradigm that it created value for the last nearly 40 years.
Starting point is 00:05:16 And then along comes Gen A.I. and this is fundamentally different. This is not a new distribution channel. If the computer was a bicycle for the mine to quote Steve Jobs, Gen. AI is somewhere between, you know, a race car and a spaceship for the mine. It's much more akin to the invention of the rotary steam engine in 1769, which upon the whole industrial revolution and changed every aspect of life. And 90% of people used to work, you know, basically in agriculture.
Starting point is 00:05:48 Now, it's less than 1%. And I think it's that level of social and structural change that we are looking at. And this is the first fundamentally new thing in technology in more than 10 years. And it is for sure in my mind going to be bigger than the internet. I get somewhere between the internet and the invention of fire. And I think one way to kind of, I think one way to frame, you know, up, down, and upside are correlated not just in investing, but with new technologies. You know, so, you know, nuclear weapons. It's amazing. Cheap abundant free energy forever should, you know, we have the political
Starting point is 00:06:29 will to do that. Or could, you know, wipe out the human race. Elon, who you were close to, has been warning about, you know, AI has an extinction risk for a long time. And really in the last month, all sorts of people who had been really skeptical have come out and said, you know what, like, you're right. This is an extinction level risk for humanity. And so if there's some chance that this is a powerful enough technology to wipe out humanity, like, what is the upside? I am not like, as far as the downside, there's not a lot I can do. I will just say, like, if we're looking at a Terminator scenario, I will be in the resistance. I will not be like a very, I won't be a very valuable member of the resistance, but it will be high energy. But I think,
Starting point is 00:07:17 All right, I take him for my team. Yes. Any other resistance, but we do the resistance draft right now. I think we'd be a good team. We're scrapping high energy. Like, we'd find a way to contribute. You know, you always want a bit of crazy on your side, especially in a leadership position during an apocalypse. That's why I know that that's where I'll thrive.
Starting point is 00:07:36 I'm actually rooting for AI to be a Terminator-level situation because I think I'll naturally be at my best. Yes. I don't know if I'm rooting for it, but it would certainly make life very interesting. interesting. But I think 90% it's going to be awesome. Like I, you know, I say I'm going to die on Mars because I want to see a blue sunset and for sure SpaceX is going to get us there. But I used to be really sad about two things. One, I thought I was probably going to be the last, one of the last generations who didn't have the option to live a radically extended life. Now I think for sure I am. And instead of, you know, dying, watching a blue sunset on Mars when I'm 85, I could easily be
Starting point is 00:08:17 185. I think the technology is that powerful, that profound, and it totally reshuffles the deck for all of tech. And that's why I just feel like, if you were in this room, if you're an investor, if you're involved with tech, this is what you live for. Yeah, I mean, we saw in Steve's chart that just like, hey, you know, everything's been like this. But it's kind of like this now. That little step is so meaningful because he's been running around with that chart for a long time. And, you know, Steve has, it's a great chart. It's a proprietary Jervison chart. But, you know, he gets his, you know, he's got a little bit of that, you know, he gets a little OCD on something. And he's been obsessing about that chart for a long time. And is he still in the room? He is, right? There is. Trust to me, Steve and I are good friends. He gets a little obsessive. Yes. And for him to be like, I've been working on this chart for 12 years. And then it's like, boom, something changed. It shows you the brilliance of Steve Jervinson. There's something there in that chart that is undeniable, which is something. happened with these GPUs and the processing power and the software stack that now is going to compound. And the great paradox of this, I think, and I'll let you unpack it, is the people
Starting point is 00:09:30 who did that are also making the software that will make the next leap possible. So the concept of compounding, like Steve, I think said, you know, like, oh, we're benefiting from the peacetime dividend of the iPhone, you know, all those sensors. The piece time dividend, of AI is going to be enormous. What is the next generation of chips? The next generation of chips is going to look like? And is it going to be Nvidia runs away with it or Apple announced their M2 today? Is everybody so now keyed in on this?
Starting point is 00:10:01 A trillion dollars is going to go into this. And that step function steps again. Yeah. So a few things. So first of all, what happened, it's very interesting. I don't know if I really believe this. But a human being is trained over its first, the neural networks that run all of us are trained on 10 to the 24th power of flops,
Starting point is 00:10:24 floating point operations per second. And chat GPT, GPT 3.5 really took off when it was trained with that exact same amount of data. You know, it's just, it is a neural network that is the whole field of neural networks. It is, you know, at some level modeled on the human brain. And it is cool. You know, the peacetime dividend, the iPhone and cloud computing were foundational technologies for this. So the AI has been around for 80 years and it's gone through, I think that's right, 1960, no, 60 years. It's gone through it.
Starting point is 00:11:02 It's actually invented at Dartmouth the first time someone spoke about it. But deep learning and this idea of neural networks was around for a long time and it didn't work. And so it was abandoned. And there were other avenues of research like expert systems. And it turned out all the theory of neural networks and deep learning was right on. We just didn't have enough computing and we didn't have enough data. So the iron law of AI is if you want to double the performance of an algorithm, you must train it on 10x the data.
Starting point is 00:11:36 And you measure the performance of an algorithm is variance from zero errors. So if you go from 99% accurate to 99.9.9% inaccurate, you've added 99.5, you've doubled the performance. Human beings. We operate at 5'9s all the time. I can do this all, like I can sit up here and do this all day. Until very recently, that was almost impossible for a robot. Like, we're amazing in many ways. But what happened with the iPhone and cloud computing, cloud computing, gave us the computing power necessary to train these algorithms. It wasn't just Nvidia GPUs. It was the ability to put 50,000 of them to, together and have them work on the same data set for months at a time.
Starting point is 00:12:20 So that huge pool of computing and then the data created from the iPhone, you put those two together, that's how you got chat GPT. This is very important to just pause on and let it sync in terms of compounding, the power of compounding. If the internet didn't create things like Gmail, Wikipedia, Reddit, Cora, it sounds silly, Google to index it. And then by indexing it, let people find things. they were interested in, their own pursuits to then, you know, whatever it is,
Starting point is 00:12:49 1% or 2% of people will actually contribute. How many people have edited a Wikipedia page more than twice? Done more than two edits. Like there's some weird people in the world who have done that. There's like, in this room of technologists, it's 5%. I know. We'll talk to you. You guys have a separate table at lunch.
Starting point is 00:13:06 It's just the wiki editors. But those weirdos and the people who do Quora questions, what about stuff? I'm talking. Not joking. Those people are the foundation of this. Had that stuff not, if people hadn't been tweeting, making subreddits, that's what's created this demon.
Starting point is 00:13:24 We unlocked the demon through those seemingly. Anacuous, individualized contributions. Contributions has now led to this. It's so bizarre. It's 100% right. These big LLMs that power generative AI are trained on the whole internet. When you're the founder of a high growth startup, things are chaotic. pretty often, let's be honest. You face a ton of questions, you've got problems that you don't always
Starting point is 00:13:49 know the answer to, especially if it's your first startup. But you don't have to do this alone. That's where Hampton comes in. Hampton is a highly vetted private community exclusively for founders and CEOs. What's their mission? Founders' mission is to create the most valuable and engaged community for high growth founders. And here are why some members have already called it life changing. When you join Hampton, their membership team carefully hamps seven other members to join your core group. It's almost like a mastermind group, right? Okay, so now you got your core group. This group is like a personal board of directors for you. They're going to provide you with advice, critical feedback, and they're going to aim to help you accelerate your growth. I mean, that's what we're all in it for
Starting point is 00:14:27 anyway, right? Personal growth. We want our companies to grow, revenue to grow, the amount of money we raise to grow, all that good stuff. So Hampton members run some of the fastest growing startups in the world, and you probably use some of their products like Morning Brew, Blank Street, Coffee, a dribble and more. The connections, personal accomplishments, and a sense of belonging are what make the Hampton membership so special. Community is everything. You know that. Like here, this weekend's our artistic community and here is an even smaller, more focused, tighter community for you to take a look at joining. If you're ready to scale your business, join the Hampton community today at joinhampton.com slash twist. I love this idea. Joinhampton.com slash twist today.
Starting point is 00:15:05 But, you know, in terms of the exponential agent compounding, what's really exciting, and this is what some people call a hard takeoff scenario is the idea that now the artificial general intelligence, you know, that GPD 4 and more probably GPD 5, can begin to improve itself recursively. And that's how you get a true super intelligence. Give us an example of this, because this is the part where I think the general public,
Starting point is 00:15:32 they hear people say, you know, okay, artificial general intelligence, it's, you know, going to be as smart as me. It passes the touring test. It already passes a turning test. For sure. We need more tests. But this AGI scenario and the recursive learning and Google BARD talking to chat GPT-5, talking to Po, talking to Falcon, whatever, these things are going to start talking to each other and getting more intelligent. Can you give us an example of what that might look like or how it might manifest?
Starting point is 00:15:59 Yeah, well, past is off in prologue. And I would just look at the progress from GPT3 to GPT4. So GPT3 came out in 2020. And it could essentially do nothing that GPT4 could do. And GPT4 could do all sorts of things that GPT 3.5, only nine months ago, couldn't do. So GPT4 today, effectively at the same time, can pass the multi-state bar to become an attorney, the medical licensing exam, the toughest MBA exam, which is the UPIN operations exam. it can, there's, talk about strange, strange phenomenon, people, there's, there are these things
Starting point is 00:16:40 called the college biology Olympiads and the college physics Olympiads and people who are super into, and by the way, I wish I was smart enough to ever compete in one of those, but anyways, the smartest college students who are physicists, biologists, or chemists compete in these Olympiads. And GPT4 scores in the high 90s on all of it. Not only can it do that. There's something called the Higgs-Bosson particle. It can provide you proof of the Higgs-Bosson particle has a poem or write a mathematical proof of the existence of primes as a poem. It is already superhuman and doing things that no human can do. And it has something called the theory of mind, understanding that people have their own mindsets and respond to stimuli. It has an interest.
Starting point is 00:17:32 representation of the world. And that's just in one to three years. Without a huge amount of funding, right? You know, $100 billion went into crypto. You know, Open AI did this basically on a shoestring, okay? Now that $100 billion is coming to this. And so the progress is going to... Where is that $100 billion? Has anybody found it yet? Where did it all go? I was still looking for that. The guy from Binance has got pinched today. It's in private jets, mansions, nice apartments.
Starting point is 00:18:10 I mean, all over the world, yachts. It's somewhere. It's somewhere. But yeah, now you're going to have a massive chip stack being pushed into this. And now we're, and also into, I think, the big data, you know, dream that, I don't know if it was IBM or, you know, whoever were just big data, big data. Remember that 15 years ago? and it kind of just fizzled.
Starting point is 00:18:32 And now we're like, oh, yeah, that big data thing, they were right about that too. We just didn't know how to query it or how to use it or why we were storing everything. But maybe you could talk a little bit. You talked about the 185 year lifespan. I actually agree with you on this because maybe we'll have some Yamazaki on Mars.
Starting point is 00:18:51 Let's do it. And watch a blue sunset. I can't wait. But this is going to be really interesting when something like the Apple Watch and these sensors, people are doing, you know, blood, you know, sensors, etc. When all that data, every x-ray that's ever been taken is fed into this and then correlated with everybody's heart rate, oxygen levels, whatever, I mean, we don't know what we're going to find
Starting point is 00:19:18 at all. Yeah. But it knows how to find it because you can already today upload a PDF and say, what am I looking at in this spreadsheet? And it's like, okay, here's what you're looking at. at, tell me some trends. It's like, here's some trends. You mean, you're going to be able to just look at that data set and say, find us ways to make humans, you know, more fit. It knows what you mean and we'll come back with answers in the next couple of years. Absolutely. Yeah, I feel,
Starting point is 00:19:46 I mean, I feel kind of bad. It's like for the last, you know, learned to code became like a pejorie, you know, a thing. You told someone who you wanted to do something else on Twitter, and there was this, you know, belief system that getting a computer science degree. And then I'd say the last years a data science degree was really going to be the path to success. It was bulletproof. It was bulletproof. And I, and it like, what, what these, what these transformers, these LMs fundamentally do is they mean that the human language is now the programming language for machines.
Starting point is 00:20:22 You don't need to know Python. You could get software to do everything you wanted to do just by. speaking to it, similarly with data, chat GPT code interpreter. You can just speak to data and it can understand data with a totally new data set. You know, Brad's trading at LLB, so are we. I'm super excited to be able to speak to my data. But I think, and it's going to be transformative, but in the same way, software has a service, replace software, and the same way, you know, if we had been here pre-2007, like I was a gadget guy,
Starting point is 00:20:58 You know, like I had, I had my Blackberry. I had my Nokia flip phone. I had a, you know, I had a digital reader. I had my laptop. I had a digital camera. I had an iPod. All of that was consolidated into this. The same thing is going to happen with software.
Starting point is 00:21:17 ChatGPT today can already do almost anything that any other piece of software can do where a human being would relate to it. So in the same way that all these discrete pieces of hardware were consolidated into one iPhone, software is going to be consolidated into this one medium. And its foundation models as a service are going to replace software as a service. Isn't it extraordinary that? I agree with you. Yes.
Starting point is 00:21:49 The interface is now going to be talking to your computer, whether you choose to do it with text or voice. 100%. It's all the same thing. Isn't it amazing how close Alexa and Siri came to this, but they just opened the wrong door? They went left when they should have gone right. Yeah. And they spent 50 billion on Alexa. But it's not just this.
Starting point is 00:22:13 I mean, it's like all of content is going to be personalized. Like you're going to like this, this calls it to question so many things. Like what is the value of the content that social media depends on if you're not, if you can't know whether content was real or not. Everybody fell for the fake, you know, photo of the Pope. That's just the beginning. You know, the value of Netflix and all these movie studios is on their libraries. In three years, like, I'm going to say, I'm a big science fiction nerd. I want to watch a movie where the Frimmin from Doom encounter an imperial star destroyer. And then I want some Jedi to come in. And then I want the Star Trek Enterprise come in. I'd like it to be 87 minutes
Starting point is 00:22:56 long and I'd like it to have a happy ending. And I'm going to watch that. So so many things are going to change. And that's why it's just, it's so exciting if you were an investor. Like everything, the deck is being completely reshuffled. This is a totally new kind of opportunity. And the person was up here before, I will admit, I'm personally excited. Like, talked about strike zone. Like, this is my strike zone. Because at the beginning of new technology, the only sure winners are pixel shovels, semiconductors, deep tech, because you don't know the application layer winners yet. Like in 1996, you know, when the internet boom was really getting going, you know, people thought AOL was the winner. Google hadn't even been invented. You know, similarly, like, you know, the true
Starting point is 00:23:43 winners of the iPhone era took a long time to emerge. It's going to take a long time for these application layer winners to emerge. And for a lot of mega-cap tech, this may end up being a sustaining innovation. Listen, we have been doubling and tripling down on Founder University here at launch. In fact, it's kind of the future of our firm, and it's amazing for us to work with hundreds of early stage founders, even before they incorporate, right? They have ideas, and they're trying to figure out what tools to use to make their ideas into our reality, and we're seeing so many of these Founder University startups using Squarespace.
Starting point is 00:24:17 Everybody knows Squarespace has beautiful design templates. They're all mobile optimized. And of course, they have powerful e-commerce integrations, but did you know that Squarespace also added member areas? This is where you can sell members-only premium content, okay, educational stuff, et cetera. And if you're a consultant of some type, you have now appointment scheduling built into Squarespace. So listen, if you build it on Squarespace, everything's going to work. They keep adding amazing features, and you're going to load super fast on your desktop and mobile. It's going to look great, super easy to edit, super easy to evolve.
Starting point is 00:24:51 And if you're looking to start your business, you can't go wrong with Squarespace. We all know that. So I want you to head to Squarespace.com slash twist for a free trial. And when you're ready to launch, use the offer code Twist to save 10% off your first purchase of a website or domain. We love your Squarespace, our longest running partner here on This Week in Startups. Thank you so much for supporting our founders and for supporting this week in startups. But the one thing is, all of these models, all of this, that's going to require a lot of chips. And by the way, I mean, it's, you know, NVIDIA's done. It's going to require a lot of sub-conductors, and this is my strike zone.
Starting point is 00:25:26 Is NVIDIA run away with it? Or do you believe it's going to be a multi-horse race? So there's two questions in here. So in Dune, there's something called the water of life. And if you take the water of life, you either succeed or you die. They say, you know, oh, take the water of life. They try to fail? No, they try to die.
Starting point is 00:25:50 And that has been competing with Nvidia and data center GPUs for last 10 years. I think there's a lot of reasons to think that that Nvidia may finally begin to lose some share
Starting point is 00:26:05 for the first time. But I mean, the market is exploding. Is it possible, though, that because watching the software gains if you go to Hugging Face and you look at some of these models, it does feel like the open source software crowd is like, hmm, if we make better
Starting point is 00:26:21 software. We need less compute. We don't have access to that compute. So therefore, we're forced as a group of rebels to fight this on a different war. We're not going to fight fairly. We're going to optimize the heck out of this and we're going to use less compute. This is exactly right. And this trend really began. It's amazing how fast this is moving. So Facebook released something called the Lama model, which was a much smaller model. And that set off this Cambrian was in, somebody's slide, that set off this Cambrian explosion of innovation with transformer-based architectures and LLMs. And it is evolving right now towards smaller model sizes. And if I were to make a prediction, and I think it's just important to be so humble because, like, one, I don't have a
Starting point is 00:27:15 computer science degree. I have been in and around this stuff for 25 years now. But to solve general intelligence, AGI, you're going to need a huge model. You're going to need a model that is trained for a long time on a massive pool of GPUs on every piece of content ever created by the human race. But for narrower tasks, like, hey, I just want a model that's a really good doctor. we're going to have small models for that. And that has very profound implications for GPU demand. I mean, paradoxically, like something that's so important to humans, like doctors, might be the easiest model to make.
Starting point is 00:27:59 And these are things that are in incredibly high demand. Yes. Where people around the world are fighting for doctors. And it might be that doctors can be replicated and do a better job on a Android phone from 10 years ago. well you said it not me i have a lot of friends who are doctors i don't want to bum them out because it's like if computer scientists and data scientists like worked hard like doctors they went through a long time but yeah well i mean anything that was memorization anything that was learning a language and was rules based yes is now the first group to get hit which is kind of a if we if we start thinking about
Starting point is 00:28:40 revolutions, like a bunch of white-collar people who went 250 or 500K into debt to a school to get this position of power, they're going to fight against this. And this is why I think we know this is very real. The moment I realize that this is in no way hyped at all is when I saw the Writers Guild, the last item on the second page was, we want to ban chat GPT from the writer's room. And you can't train any models on previous IP. And the response that the WGA got from the studios was, our counter to you writers who want to ban, you know, AI is we'll meet with you every year to discuss technology, new technologies. Like literally, it was fuck you. Of course. Because they see it clearly. Put all of Marvel and Star Wars in your prediction into
Starting point is 00:29:36 language model and great stuff's going to come out. Amazing. It'll be exactly what I want because every time, if I stop watching a movie, my own personalized AI will learn, oh, Gavin didn't like that. I'm going to make something different next time. But what you said, it's very important. So everything is tech is cyclical and, you know, kind of, and it's all built in these sedimentary laterers, but we go back and forth between the centralization of compute to the edge. You know, compute was centralized in the 70s and 80s, that it was distributed to the edge with the server, that it was re-centralized with cloud computing. And I think we're going to see a move back to the edge, particularly with these small
Starting point is 00:30:16 models that you reference. But another thing that is coming back into Vogue, cloud computing, companies like AWS, they made it, they abstracted all the hardware away. If you were a programmer, software programmer in the 70s, 80s, even the 90s, you spent a lot of time thinking about, oh, I don't want to use a lot of memory, I don't want to use a hard disk space, like, because I take up too much space, I might not get on the computer. And like cloud computing made that meaningless. You could use as much compute as you want it.
Starting point is 00:30:48 And as you reference, we solve this AI problem with just vast amounts of compute. But what is going to come back into Vogue? So a GPU is like, what we'll call it, the size of your iPhone, costs $50,000. As Brad said, you've got to wait three years to use. to get one if you want to use it. Yet, in the papers from Open AI and Google, where they trained their Palm and GPT3 models, this is back when Open AI was maybe a little more open,
Starting point is 00:31:19 and they released data, the GPUs they used to trade them were only utilized 30% of the time. Because human programmers and even, you know, the data architects who set this up, they're not used to having to optimize for a resource. And because H-100s are so important, they're now scarce,
Starting point is 00:31:42 when there's a scarce resource, it gets optimized. And you're just starting to see that. And it's, the optimization could lead to gains that were unproductive. Absolutely. And the optimization
Starting point is 00:31:55 will be done by the AI itself. It's going to look at that 30%. And AI will answer that question for the developers. You'll be like, hey, here's a solution to use the other 70s. AI is already being used to design. chips. What happens when something as powerful as GPT6 is designing a chip, designing the, you know, the software and data stack that's used to trade itself, and then starts rapidly and recursively
Starting point is 00:32:18 training itself. This is why people are worried about, you know, there's a famous thought experiment by guy named Nick Bostrom, where an AI, you know, if you gave it the job of like, hey, we want you to, you know, maximize the number of paperclips in the world, it would find a way to convert everything into paperclips. And I think what COVID taught us is, you know, all modern civilization, it is just a thin veneer. Like, you know, February, March, it was scary. And that was like, COVID was not a good virus. It's like if an AI decides, like, oh, these human beings are scary.
Starting point is 00:32:57 Well, we're just going to make a few tweaks and introduce a much better novel coronavirus. then make sure that RNA vaccines will work on it. Yeah. That is why serious people, I mean, this stuff sounds crazy, but the closer someone is to this, the more worried they are. And if you ask anyone who's deep in this, what are the odds that this is an extinction event for humanity in the next 10 years? And you survey the top 500, the top 1,000,
Starting point is 00:33:28 it's consistently between 5 and 20%, 5% and 10%. that's like playing Russian roulette with the human race with a revolver that has between 10 and 20 chambers. Like, I would not do that, but we're doing it, and it's going to happen. And, you know, I hope that it's, I hope that we're in one of the 19 chambers that's empty, and it's awesome, but I live forever.
Starting point is 00:33:53 Thanks for coming, everybody. This is just the beginning of our program. Tomorrow's going to be equally in thrilling and terrifying. It's, you know, at least we're on the journey together. Yeah. Resistance. And we will, yeah, if we have to fight, we fight. But it feels like, you know, these conversations are very healthy to be having because we always, as a society, I think, look at, you know, whatever unintended consequences, we kind of deal with them in the review.
Starting point is 00:34:32 We're like, oh, we knock some shit over. Okay, yeah, Instagram is probably causing a bunch of teens to kill themselves and it's causing a bunch of body dysmorphia issues and people are getting, you know, anorexia. Yeah, we should probably change that. Let's debate it for 10 years and do nothing. Here, this is like the first time in my lifetime and certainly in our lifetimes that we can remember a technology being introduced and everybody going, let's think about how this could go off the rails. Let's prepare for it. let's have a vibrant debate about it. Yeah.
Starting point is 00:35:03 And the only other time that I think that happened, and it's amazing that Nolan's coming out with this film Oppenheimer, at this time. 100%. Which proves to me this is a simulation. Yes. Because whoever coded this simulation, it's like, you know, it'd be great to fuck with them.
Starting point is 00:35:21 Yes. Let's give them the H-100 chips now and A-100s. At the same time, let's have the greatest filmmaker of this generation replay the Nazi race for the atomic bomb. Just let's see what happens in that simulation and how they take that. Yeah. It's a simulation. Baby.
Starting point is 00:35:41 Who would be Oppenheimer? I actually think, in terms of actually Evidence the technology, I actually think you have to give it to Jensen. I wouldn't give it like Jensen at Nvidia. He ushered this into being. to make video games faster? Yes. Well, it turns out, to make 3D graphics,
Starting point is 00:36:05 you just have to crunch a bunch of relatively simple math really quickly. That is what AI is, in parallel. Critical. That's what makes it quick. And that's what AI is. You know, it's very funny. All these startups, you know, raised all this money to go try and compete with Nvidia, the data center.
Starting point is 00:36:24 They had, you know, they were not aware of my water of life. principle when it comes to competing with Nvidia in the data center. And they had, like, on every deck, it was like, how likely is it that chips that were developed for video games are good for AI? And it's like, well, 100% likely.
Starting point is 00:36:41 Fate loves irony. Fate loves irony. It is, you know, in the same way, like, you did not understand what the iPhone would actually do at scale to billions of people, or Starlink will do. You know, we just didn't understand
Starting point is 00:36:55 that people would take that GPU so you can play Call of Duty and make it as lifelike as possible like a movie or that people editing Wikipedia would train this. There's a great William Gibson quote, the street finds its own use for technology. And here we are.
Starting point is 00:37:13 For sure. And it's like, and it's like, we're an exciting time. You know, Steve talked about SpaceX. Like, we are going to become a multi-planetary species. We're going to be able to go to Mars.
Starting point is 00:37:23 Like, that's going to really reduce the extinction risk. You know, we're going to like climate change, like we're all going to be driving EVs, you know, affordable utility scale battery storage. Like, you know, fossil fuels are slowly going to phase out. Like we're, we're living at an awesome time. We are literally, we've already solved climate change. We just haven't implemented the solution fully. Yeah, well, do you believe that? Yeah, yeah. Compounding will just, compounding will just take care of it. You know, photovoltaic cell efficiency compounds. It. It. roughly 8% a year, battery cell efficiency is compounding at 6. I suspect Tesla is probably compounding at a faster rate than that.
Starting point is 00:38:04 And when you put those two things together, like the world already runs on sunlight, it just runs on sunlight that is stored in the carbon-based organisms of, you know, ancient creatures and that we turn it into, you know, natural gas and oil, we're going to just directly run on sunlight. It's going to be awesome. Yeah. And when the sun's not around, we just have a little nuclear. Well, that's why you need the storage.
Starting point is 00:38:30 Did you see? That's why a battery cell cop out of his port. Did you see Phelan had a couple of negative energy days. They're like, energy will, is now cost negative. And it's like, what do you mean? It's like, yeah, we didn't kind of, we built the software. And now you're, yeah, it costs negative because they have so much solar, wind and nuclear at the same time, they had to burn it off.
Starting point is 00:38:50 It's crazy. Yeah. Love it. Love it. We're going to solve everything. Yeah. I'm optimistic. All right, everybody. Give it up for Gavin. After investing in over 300 early stage startups, I've seen it all. I've seen thousands of pitches. And I can tell you, one of the early indicators of success
Starting point is 00:39:09 for me is having a great brand. And it's hard to get a great brand if you can't get a great domain name. Why? The domain name and the brand. They're so synonymous. They want to have something simple and easy to remember. And this will raise your credibility with investors and your customers. So check out the latest hot domain. It's called dot tech. This is one of the go-to namespaces for anybody working in tech now. It's home to some of the world's most innovative startups.
Starting point is 00:39:35 Like 1x.Tech, a really innovative robotics company building humanoid robots. And in the latest YC cohort, there were a ton of people using dot tech. It is sweeping the startup nation. And I just got my own dot tech, Jason. And I'm building a micro blogging site. Go check it out. And secure yours now. and get a great deal. Check this out. You can lock down a one-year domain for just 10 bucks and a
Starting point is 00:40:00 five-year deal for 50. You want to lock it down from five years. Of course, you don't want to forget and then have somebody else snipe it. Nope, drop 10, drop 50, get it locked down. And here's your offer. Go.com.com.com slash twist. Once again, the word go-go.t-tec-h-the-slash-twist. Go.com.com slash T-W-I-S-T to lock in that great deal right now. Next up, Mbroker's chief insurance officer David Derogadis gives a 25-minute talk on how to differentiate your business with cybersecurity. Specifically, you'll learn how to protect your business from cyber threats and why this is more important right now than ever before. This was recorded on the Founder University podcast, which you could find across all podcast players and on YouTube. Good morning, good afternoon. Thank you so much for joining me today. And my name is David Dare Jodas. I'm the chief insurance officer.
Starting point is 00:40:54 with and broker. And I'm going to talk a little bit about how cybersecurity can differentiate your business. There's no question around the concerns that everybody has for cyber attacks, ransomware, security incidents. It's in the headlines every single day. So I want to talk about why it's important to not only invest, but how it can also be used as a differentiator for you and your organization, why it's important to your clients,
Starting point is 00:41:17 customers, and your vendors as well. So just a quick little background of myself. Again, my name is David Dary Jodas. I'm the chief insurance officer within Broker. I oversee all of our insurance programs, products, claims, and actuarial services for the insure attack. I have 20 years of experience within the specialty professional cyber risk management liability space. Prior to Mbroker, I was the national practice group leader with an international wholesale insurance broker overseeing their specialty underwriting programs within professional cyber risk, D&O, as well as all of their brokerage operations as well. And prior to that, I also have experience with two different
Starting point is 00:41:54 international A-rated insurance companies, again, all within the special professional liability and cyber risk space. I'm also a certified information privacy professional with a concentration in U.S. privacy law, a certified information privacy manager, and I'm a fellow of information privacy privacy with the International Association of Privacy Professionals. So that's a quick overview of my background. Now, I want to get into why is this important? Why are we talking about this? Why now? What's the big deal? There are a few things that are going on across not only the United States, but really internationally as well. Of course, we have GDPR, which is important for anybody that collects information or does business in the UK and abroad overseas. We also have a brand new news
Starting point is 00:42:40 of the national cybersecurity strategy that was issued by the White House. And again, this is something that they talk about really every year, every presidency, but what's unique about this is, you know, a couple of the finer points that they pointed out within their release. So I just, I want to read specifically from the press release. I want to talk about what that means. You know, they stated, we must rebalance the responsibility to defend cyberspace by shifting the burden for cybersecurity away from individual, small businesses, and local governments, and onto organizations that are the most capable and best positioned to reduce risks for all. all of us. And the White House released that specifically last month. So what does that mean? They're
Starting point is 00:43:20 looking to change liability and pass off liability from not only just the organization that experiences the data breach. And again, we hear about these in the news quite frequently, but they're looking to specifically hold software companies liable for failing to build security into their products. Now, there's some work that's going to have to go into making this a reality. There's going to have to be legislation that's passed. But they have stated that's their intent. So any organization, and that's a big part of what our client base is made up of, all sorts of technology companies, SaaS companies, you know, technology related across all sorts of industry segments, they're looking to hold those organizations accountable for data breaches and
Starting point is 00:44:02 security lapses if they did not invest and spend the time in quality around security and privacy within those products. So just something to keep in mind. Again, we're a ways off before that becomes a reality, but it's just important to understand what's on the minds of leaders and those in Washington. We also have a number of privacy consumer laws across the United States because we don't have a national privacy law that's in place. That's been something that Congress has fought over for many years for a variety of reasons. But what we have seen as a result of that absence is different states popping up with their own consumer privacy laws. So as it stands today, California, Colorado, Connecticut, Iowa, Virginia, and Utah all have specific consumer privacy laws.
Starting point is 00:44:50 And there are about 20 other states as well that have active language where they're looking to pass and get new laws into place. We see this every single year. There are all sorts of laws that will be proposed and regulation that's proposed. A lot of them don't make it through on the other side. But every now and again, we see another pop through and we see another state that goes live. and that's what we've seen with this year as well. So it's just important to understand if you're collecting information
Starting point is 00:45:17 on a consumer or a client that's based in those states, there'll be additional privacy regulations and rules that you'll have to be in compliance with. Some of those things include giving consumers the right to access their information, the right to correct that information, giving them the right to delete that information, and of course having the proper notice
Starting point is 00:45:35 and transparency requirements for them to view and make sure that they're okay and comfortable with that type of data being collected. shared or sold with any other organization. So it's just important to understand what's going on. From a regulatory standpoint, we are seeing more regulation around privacy risk. We are seeing more regulation around consumer rights. So again, depending on where you're operating your business and what type of clients
Starting point is 00:45:56 and customers you're serving, these certainly could apply to you. And of course, ransomware has been in the news a lot. There was a little bit of a lull last year, but it's become extraordinarily active again, all of these different operators and groups in 2023. So I want to spend a little bit of time showing you some ransomware operators from the dark web. I want to give you really a view of what it looks like when they compromise an organization and they share that organization's data online for others to access.
Starting point is 00:46:27 It's something that I think is important to understand to know what happens on the back end when a compromise like that does occur and to know how you can prevent it from taking place or be properly prepared in the event that something does happen. So, and then of course, there's all sorts of emerging technologies that we need to keep our eyes on. Chad GPT has been one, artificial intelligence that's been in the news quite a bit. You know, it's important to understand how those services operate and the way that they're utilized. And I think it's important to understand how it could potentially expose your organization if you have employees that are using it. There's nothing that is, in terms of privacy, there's nothing that's protected from a confidentiality standpoint if employees and individuals are using it.
Starting point is 00:47:09 and there's already been a case where one organization, their employees were putting very sensitive source code information into it because they were looking to solve a problem with coding errors that were taking place. Another instance, there was an employee that uploaded group meetings or employee meetings into the interface, and they were looking to have those notes rewritten so that they can share it with everybody sounds harmless.
Starting point is 00:47:34 And so you realize you're sharing very sensitive, confidential corporate information into a system that is being monitored in real time by all of the researchers, and there could be a data breach. You never know what can happen. So it's important to know if you're going to allow your employees to utilize and access these types of tools. You want to be careful about what is specifically being shared in terms of trade secrets
Starting point is 00:47:55 or very sensitive corporate information. So these are some of the things that are going on overall across the United States when it comes to a privacy, regulatory, and cybersecurity standpoint. So let's look at some of the numbers now. Again, I don't think it's a surprise to know that cyber risk is on the mind of all sorts of organizations large and small. You know, the cost of cybercrime is expected to hit $8 trillion this year. That's globally.
Starting point is 00:48:22 Cyber attack concerns have risen from 36% to 50% in 2022. And that's some interesting data. What Broker did last year in late Q4s, we published a report and we wanted to survey over 400 of our clients, our VC-backed clients. to figure out how cybersecurity was on their mind, how it was impacting their organization, and some of the things that they were worried about. And again, 50% responded and said that they expect to experience a cyber attack in the year ahead. That was a 14% increase from last year. 68% responded and said that they've actually experienced an attack at some point. So again,
Starting point is 00:49:02 we're talking more than half of all those individuals that we surveyed have already experienced some type of attack. There's obviously going to be costs associated with dealing with it, with managing all of that, and it's a real drain on resources. 97% said that they discussed cyber risk and related issues with their board of directors. So again, knowing that this is something that's reaching the highest plateau, highest peaks within the organization. And again, it's no surprise to hear those things that cyber risk is on their mind that they've experienced an attack and that they're forecasting there to be some type of attack going forward. And I think if you look at some of the data that's being shared, in particular by the FBI,
Starting point is 00:49:40 you look at some of the largest losses that are taking place within organizations large and small. There's something what's called a business email compromise attack, BEC attacks. Those grew by 13% in 2022 over the prior year. We're talking about $2.7 billion in business email compromise. And what that is, you can have somebody that will either spoof an email or they will actually compromise somebody's email inbox and they will send an email that looks like or it's under the guys of the CEO or the CFO or somebody that's in a position of authority and they'll be asking to wire transfer some amount of money. And this has been a serious loss leader for the insurance
Starting point is 00:50:23 industry because policyholders, again, of all sizes, all industry sectors have been impacted and hurt by this. So it's something to keep an eye on. Now I want to talk about some of the things later on in the presentation that you can do to make a difference there and to curb some of those attacks and those threats. So what can you do to protect your business? Again, part of this is talking about how cybersecurity and investing in this space can not only help you as an organization, but really how can be a differentiator for you in terms of your brand and how you serve and protect all the data that you collect on your clients.
Starting point is 00:50:58 So I talked about electronic funds transfer, you know, that being a very important and significant part of losses. There are a few things that you need to do to make sure that you're not falling victim to these types of attacks. Of course, setting up multifactor authentication is a big one within your email and other privileged accounts and other systems, other apps that you're using. Giving that second barrier or providing forcing, that second barrier will make it much tougher when somebody just has an email address and a password to be able to access your account.
Starting point is 00:51:29 So that's first and foremost. But there are some rules that you should put in place internally. to be able to catch any type of fraudulent wire transfer request. Number one, confirm the requester's identity. Before proceeding with any wire transfer request, it's important to verify the identity of person that's requesting that transfer. You can do this by calling the person
Starting point is 00:51:47 using a known phone number that you have on file for that individual. We're using a separate email to respond back to the request. Don't go through the initial request that you've received. I've seen that happen from time to time, and all the person does is respond back to the attacker. And they're saying, yep, go ahead. we're confirming this, go ahead and send it, then the person sends it, and then they're out that money.
Starting point is 00:52:07 Number two, you're going to want to verify the details of the wire transfer. So again, going over the name, the account number, bank routing number, all of those details is going to be very important to look for any discrepancies or any false information that's on there. Number three is going to be used a secondary verification method as well. Maybe having another form of communication and app, some type of chat bot, some type of phone number that you have on, file again to re-verify that the verification is accurate.
Starting point is 00:52:38 And then look for some red flags. And I think that's very important. That's going to come into training and developing your staff. Look for red flags such as a rush request or an urgent request or something that's unexpected, a change in payment instructions, a request for secrecy if it's coming from, you know, they think it's coming from the CEO or the CFO. Those are some of the things that should be really jumping out to you. and they'd have to be really investigated to make sure that you're not falling victim to these
Starting point is 00:53:04 types of attacks. So I think those are very important. That goes in line with, of course, training your employees in knowing what to look for. I think if any organization has this type of plan in place, it's going to allow them to really thwart or prevent 99% of the attacks that takes place. And again, this is an area of losses that the insurance industry as a whole have really experienced quite significantly over the last several years. really ramped up probably within the last 12 to 18 months quite considerably.
Starting point is 00:53:35 And then I think there are some other things outside of that. Again, I talked about how to verify having the process in place, making sure that you're reviewing access to the information that's being collected, making sure that you have a good understanding of the data that your organization is collecting, storing, sharing with others, and of course, being transparent with your clients and customers about the data that you're collecting. It's going to allow you to operate in compliance. with the various laws, rules and regulations all across the country, whether they're federal or
Starting point is 00:54:04 state-specific. And I think making sure that you have the proper insurance is another big one. That's going to help round out any risk management program. Make sure that you're not only investing in your technology and in your compliance, but in the event that you need to go a little bit deeper in terms of resources, in terms of forensic firms having access to these types of organizations, a cyber insurance policy is going to do all of that for you. So it's looking at cyber insurance as more than just the necessary evil in form of other lines of insurance that you have to purchase. But I like to look at cyber insurance almost as an investment
Starting point is 00:54:40 because it's going to come with all sorts of risk management tools. It's going to come with access to the appropriate vendors. And of course, what anybody expects from insurance, which is that financial protection, that balance sheet protection in the event that something does happen. So now what I want to do here is I want to show a few screenshots. And this is of the dark web. This is a couple of different ransomware operators.
Starting point is 00:55:02 And I want to give you a feel for what it looks like. Ransomware attacks, again, they took a little bit of a lull last year, but they're certainly back on the rise now in 2023 with no signs of really slowing down. But what will happen is like this particular group, if you look at one of the top screenshots here, they give instructions around what to do if there's a compromise. Typically, they're going to walk the victim organization through the process, how to purchase Bitcoin, maybe send a little bit through initially to show that the transaction
Starting point is 00:55:29 is open and they did it correctly. Then you can send the rest of the amount that they asked for shortly after that. You can also see that there's a warning sign, but really a warning message at the bottom where they don't want any negotiators involved. And again, I can understand why they don't want it because typically the cost of what the ransom demand is is typically brought down. and they just simply don't like dealing with anybody that has the expertise, has the knowledge, or is there to assist. They want to keep the pressure on the organization while they're afraid, while they're backpedaling, and while they're scrambling. So that's one particular screenshot from a ransomware operator where they give the instructions and they have a warning built in as well. If you look at the screenshot next to that, that's what it looks like when they're making information publicly available.
Starting point is 00:56:16 So a lot of these ransomware operators have their own PR page on the dark web. And what they've done here is maybe it was an organization that decided not to pay. They did make all of the data that they captured absolutely free and accessible to anybody who knows where to get it. So this is what one bit of information looks like. You can go through and click through the various files, pull up the various documents. There are PDFs. There could be all sorts of other spreadsheets that are within there that have Social Security numbers, that have dates of birth, and could have financial information within there.
Starting point is 00:56:48 but this is typically what it looks like when that information is in fact made public and then just there's a screenshot of another ransomware operator here on the bottom left just to get a feel for what it looks like and the one that's been extremely active as a way is LockBit 3.0 and here you're going to
Starting point is 00:57:04 see a host of organizations that they have compromised and that they have put up kind of on their wall of shame to show that if they don't make a payment there will be negative consequences for that and typically that's double extortion there's a compromise, they lock up all of your files,
Starting point is 00:57:20 but before they do that, they exfiltrate all of the data, and they pressure you. If you want access back to your systems and your data, you better pay if you don't pay. Well, they took your information, they're going to dump it online and make it available to anybody who wants it. So this is the behind-the-scenes look at what some of these groups look like and how they operate.
Starting point is 00:57:37 Now, this next one is just a few other screenshots across the dark web. With so many individuals working from home, I think it's important to understand the added risk that an organization has. We have computers that are being used by parents, they're being used by children, they're used by other members of people
Starting point is 00:57:52 in the house. And when that happens, you can end up with some type of malware that's constantly collecting passwords and other sensitive information. And that's what we have right here where logs are being made available, you know, for purchase. Here we have some other screenshots, again,
Starting point is 00:58:06 of other services that are available on the dark web. You can see in the far right one, there's a hacker for hire. They're looking to offer some of their services. You can see the cost, just like any other website that you might go to where you're looking to pay for services rendered, you know, here that you can pay in Bitcoin, and they'll do all sorts of things. They'll spend time attacking somebody's Facebook or Twitter account.
Starting point is 00:58:27 They'll spend time attacking somebody's mobile device. Or you can even hire them for a full 30 days, if you like, for the price of $9,500, and they'll do whatever project you want to assign to them. So again, these are some of the risks that we face as organizations and individuals and some of the services that are available online on that. the dark web. Now, how can you leverage this to really differentiate yourself? I think it's important to really showcase your commitment to clients. You can include a cybersecurity statement on your website that really shows your commitment to security and the measures that you have in place to
Starting point is 00:59:00 protect your customer's data, as well as any certifications that you might hold. I think it's important to leverage social media as well. Social media platforms can be used to promote the company's cybersecurity initiatives, share relevant news and information, educate your customers on best practices. So if you're spending the time doing these things, if you're spending the money and making that investment to protect data and to show that you care about privacy, cybersecurity risk, I think it's important to very carefully share that information. You don't want to be shouting from the top of the rooftops. You know, I think that can certainly draw attention to you. But again, having a statement on your website for the clients that visit, leveraging your
Starting point is 00:59:40 social media accounts to talk about some of the things that you're doing. You can even host a webinar or event that focuses on a variety of cybersecurity topics such as data protection. Could be identity theft prevention that you have in place, as well as other secure online practices that you have implemented. Doing this will showcase to your customers that the company's invested in educating and protecting them. I think providing resources for your clients is a nice thing that you can do as well.
Starting point is 01:00:04 Businesses create, offer all sorts of resources, whether it's a white paper, ebucks or infographics, that provide clients with the cybersecurity best practices and tips to help them stay safe online. So those are some of the things that a business can do to showcase the investment that they're making and why it's important. And I think that gives a little bit more comfort to clients that are doing business with you. And I think some of the things that you don't do also speak volumes because we've all seen all sorts of data breaches and security incidents that have taken place over the years. And it was handled in a complete debacle. You know, it was handled in a manner that left people frustrated. There was not a lot of transparency. So avoiding some of the
Starting point is 01:00:44 pitfalls that organizations have made in the past, I think will go a long way. You know, if you look at some of the most common mistakes that organizations make, delayed response in notifying, notifying their clients or disclosing the breach that took place, providing inadequate communication. I've seen cases where companies provide very vague or incomplete information about the breach. it just leads the confusion and frustration from those that have been impacted. And then insufficient preparation, companies not taking the time, you know, ahead of the event. You know, you have to forecast and plan for something to take place.
Starting point is 01:01:19 You have to have a good incident response plan in place. And if you don't, it can lead to all sorts of disorganization and ineffective response when something does happen. I think lack of transparency is another big one. Companies not providing clear information about what information was compromised. Who was affected? and what are the steps being taken to prevent something from happening in the future going forward? I think those are big mistakes that organizations make. And then last is really a failure to take responsibility.
Starting point is 01:01:46 You know, companies deflect blame or they downplay the severity of the event. I've seen that plenty of times where they release a statement and it talks about they'll give a number or a type of data that was impacted. And that only has to be revised coming out three days later, four days later, by expanding that number and expanding the type of data that was involved. I think those are things that really frustrate many consumers, many individuals that are doing business with that organization. So it's all about handling it in a correct manner. Prop. Notification, companies that promptly notify affected individuals of the breach and provide clear information about what data was affected and what steps are being taken are very important. Transparency being transparent and crystal clear about the breach and taking responsibility for any mistakes that have been made, having very clear communication around,
Starting point is 01:02:35 what exactly happened in timeline, you know, trying to minimize any type of uncertainty or confusion that arises following a data breach. And then providing adequate customer support, I think making sure that you're providing, whether it's a call center, free credit monitoring, other services that can help remedy the situation are very important. And that's all tied up with preparation as well. Making sure that you're taking the steps ahead of time you're rehearsing, you have people designated across a variety of different areas within your organization that know what to do, that can snap into action, having that incident response plan in place will go a long way. And again, insurance can help with a lot of these things because cyber insurance has become so much more than just financial
Starting point is 01:03:18 risk transfer. But again, it's the services and access and risk management to all of these tools, all of these vendors that can help any organization prepare ahead of time, as well as deal with an incident when they're in the thick of it as well. So you want to be very proactive, not reactive, engage with your customer base, provide information that can help benefit them, which will include all sorts of resources and tools that will show your commitment to cybersecurity. So I know that was a lot of information. I wanted to close by sharing maybe some free resources that I think will be very important
Starting point is 01:03:53 and you can look into to have access to. the cybersecurity and infrastructure agency, CISA, they provide a range of different tools and resources, including best practices, guidance documents, toolkits for businesses to implement security measures. They also offer some free vulnerability scanning and assessment services, which I think is important to take full advantage of. There's NIST, the National Institute of Standards and Technology. They provide a framework that can help businesses identify, assess, manage cybersecurity risk, and includes guidelines and standards for securing your systems and networks.
Starting point is 01:04:25 And then there's a website that I think is important to take a look at or at least have in the back pocket. Stop ransomware.gov. And it's from the cybersecurity infrastructure and security agency. Again, they provide a range of resources, tools to help you prepare for dealing with ransomware, to help you manage it if you're in the thick of it, and to just provide better education and understanding around the most recent threats in groups that are very active. So all of these tools can be utilized absolutely for free. and I think implementing and having a commitment to cybersecurity
Starting point is 01:04:55 will not only benefit you as an organization, but it will help differentiate you as well, which is very important. And of course, you can go to our website and brokker.com forward slash startups to take a look at the resources, tools, and access that we have to a variety of insurance products as well. Thank you.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.