The Real Risks of LLMs – Guardrails, Judgment, and the Human Element in Cybersecurity

Welcome to Data Driven, the podcast that explores the collision of

data, AI and occasionally common sense.

Today's guest is Mike Armistead, CEO of Pulse Security

AI, a man who's been defending digital fortresses since before

AI was cool and hackers had LinkedIn profiles. We talk

about AI as both weapon and watchdog, why LLMs need

guardrails and possibly a muzzle, and how your next data breach

might come gift wrapped in a prompt. Grab your headphones and your

password manager and let's get Data Driven.

Hello and welcome to Data Driven Podcast. We explore the

emergent field of artificial intelligence, data engineering, and data

science. And you'll notice that Andy looks a

bit different today. If you're viewing the screen, if you're viewing this, if you're listening

to this, he'll sound a bit different. That's because Andy is actually presenting

a pre con today at SQL Past in Seattle. And,

and I am in my car because many complicated

reasons, but I'm not

driving. And I have with me my co host on Impact,

Quantum, which I believe that we'll all be in good

hands here. How's it going, Candace? It's great. It's great. I'm

actually really excited because with all honesty, although we focus so much

on Quantum, the truth is AI and Quantum

are now being like, spoken as if they're already

one word. So being able to speak today to Mike,

who I understand is the CEO of Pulse Security

AI, makes. I'm very excited about the conversation, which. Is

another field that is intricately tied to Quantum and AI.

Right. This is like, this is the center of the Venn diagram. Right?

So. So welcome to the show, Mike. Yeah, thank you. Thanks for having me.

Hey, no problem, no problem. So just a quick question.

What exactly does your company do?

You know, so we are in. I'm one of these stealth companies

still, so I will. But let me, let

me generally describe to you the problem that we're

addressing. And it's, it's a little bit. It's

interesting because I think it, it definitely falls upon

earlier waves of even what was going on in AI. My previous company

was, was called response Software. We actually used

was a little bit different though. You know, the field of AI is very broad.

We were probably more on the expert system end of that

spectrum than what. Where the LLMs are today.

And. But our journey was fantastic.

We were applying AI to do something that, I'll say it in

today's terms, everyone can understand, which is we were an

assistant for a tier one soc Analyst,

which if you know, in enterprises, security operations

centers or a soc have really

struggled to get skilled and even

just people to be able to interpret what these signals

are coming at them and what's a real threat and what's not a real

threat and what's going on there. So they have, and they, most

of them have to be 7 by 24. So it felt like

a really great application where AI, because the AI can do a lot

of that assistance and then give it to person, to a person to make the

final judgment. And we learned a lot along the way. In fact,

we ended up getting acquired by a company called

Mandiant, which is already a public company in the

security space. They're most known for doing

incident responses. So that's when you know, someone gets hacked and

they have to parachute in to try to get them back on their feet again,

which is a very, you know, manual human kind of way of going

through it. But they also had products and

our team kind of got, got involved with that. That company

ended up getting bought by Google a few years later.

And so myself and our team was at Google for

a couple of years. And we were at Google during an interesting time because that

was code red happened at Google when we were there, which is

chatgpt came out and Google had already had.

Yeah, exactly. Google already had all this

investment in AI that they weren't really telling anyone about.

And ChatGPT beat him to the punch. And

suddenly by edict of the CEO,

every product had to have AI features in it.

And our team was already in charge of the

large language model for security. And so we got to see

from all the teams that were doing product kind of what worked and

what didn't. And there's a lot because,

you know, I mean, it's like you guys, you see me, I've been in the

industry for a long time, been through many waves, was an

executive at a, at a

Internet 1.0 company in the days of

Web 1.0 and you know, ran

ops and ad tech and all this stuff from that. So I understand these different

waves, but LLMs aren't the answer to everything.

And we got to see a lot of that. Makes

you laugh. That's good, Frank. It should make you laugh. It's truer

words that's ever been said. Right. So I remember when I first made the switch

from Windows Phone development into AI or data science or machine

learning, which was called then, it was a very different world.

This is all pre LLM, right. I think

there's going to be like an ad and a BC moment

for AI people. It's probably going to be, you

know, invention of ChatGPT or the release of Chat CPT.

Right. And you know, where now everything's about LLMs. LLM

that there's plenty other types of AI out there. Right. Whether it's good old fashioned

math and stats, statistical analysis,

it's actually easier to do than it is say and,

or it's just, you know, old fashioned, you know, just machine learning. Right.

They're not related to, you know,

LLMs. Right. LLMs. I think it's kind of taking all the oxygen out of the

room for good or for bad. But I remember like I was

just, I was sitting at the Microsoft Research, a Microsoft Research

conference because I worked at Microsoft at the time and now I'm at Red Hat

and I'm only. They're not sponsoring this and they're not, you know,

approving in this or this isn't completely independent. Just want to say that

but my hair is a mess because haircut was one of the things I was

supposed to do when my hot water tank decided to blow up flood my basin.

Some entire weekend I've been putting stuff in dumpsters.

But, but like you're right, like LLMs, you know, they're great tools,

they're amazing. They're not going to solve everything. Right.

And props to Google though. The, the paper that basically made

LLMs, the technology on it was theirs. Attention is all you need. Was that

2019ish. It was, it was a

while ago. Yeah. You know, I mean, and a while

ago maybe in today's terms. In today's terms, really it's like

pre. Pandemic or post pandemic, honestly. Right, right. That's how people think

about things. Right. How things, you know, and, and

I. Think you know, why Google was holding on to things was there

was a, there was a lot of unproven

sides to using an LLM. And,

and I think, you know, so in some ways as we look at, look forward

and why there's so much thought about what's safe or what's not is

because they were kind of holding onto it. Well,

OpenAI didn't really feel they had that constraint and whether

that's a good thing or a bad thing, we're going to find out. But they're

both very different companies. Right. Google is a consumer enterprise company

and OpenAI was just a research group of at the time, maybe

what, 80 people, 100 people. Yeah. Right. Google was a

worldwide phenomena. Like so if you, if you're that big, you really have to think

very carefully before you release something like

that. Whereas if you're just a research. Yeah, yeah, for sure.

Anyway, to actually continue the story because that is the right

sidecar. No, no, no, that's fine. Because I think it's an

important kind of description of what's going on. We

then eventually we formed this company called Pulse Security

AI because we actually do believe that

there's some really great applications

of using an LLM. But I think within an agentix system

rather than just the LLM being the database,

we created a company that is into a place that there isn't

been a lot of work, which is security

programs are multi dimensional. There's a lot

to them. They grew up kind of in a technology era

where you solved almost one thing at a time. So if there's a

threat of malware, you create something that sandbox the

malware and detonates it and allows you to take care of it.

If there's a threat to access or you're over privileging things, you

have to think of your identity and access management. But it all kind

of grew up from that. But there's a layer kind of missing which is how

do you connect all all of this together? And security

teams and in our experience

they put people which are great on the judgment, they put people

in there. And so there's a lot of manual tasks about connecting the dots between

things. And we think AI can help a lot in at

the program level how you know, what people

should do from a strategy standpoint, not just from a

detailed kind of technical detection standpoint.

No, absolutely. My wife actually works in cybersecurity

for the US government at at nist. So like some of these

things I'm familiar with. So when you said soc, I was like, oh, I know

what that is, you know, like. And mand I'm

familiar with them, right. And it's an interesting,

it's an interesting time because when I

First, when ChatGPT released, I was just coming back from

reinvent in Vegas and you know, anyone's been to Vegas, right?

You know, like after the third day you get to the airport early because you

just have to get out, you know what I mean? And

I was starting to play with it and I was like, wow, I'm actually really

impressed with it. So my wife picks up the airport. I'm. All I could talk

about is chat gbd. Like that's literally all I could talk about. And she was

so like, well, I'm like, it's trained on all this corpus of data. And, and

she just looked at me and said, so that means all the data that it's

trained on is basically one giant attack surface.

And I was like, oh, my God, she's right.

But when I would tell fellow data scientists and AI engineers that

they would look like me, they would look at me like I had a tinfoil

hat on. And I was like, you know, talking about

conspiracies and lizard people. You know what I mean? Like, that's how they looked at

me. But, you know, a few years later, right, what's

on the owasp? It's like second or third, right?

Yeah, right, for sure. I mean, there's. I often

talk. Because you've talked about the security program,

it ends up that you end up talking about

strategy, and strategy has to include what your adversaries are doing plus

what you have internally. And so I end

up talking a bit about even

use of AI by the adversary and, or

leveraging the AI by the adversary. And so new

kinds of attacks based on a

prompt injection. I mean, that's a, that is a new thing where you

could, you know, just through the prompt, ask it

to divulge information. It shouldn't be divulging. But, but also you

bring up a great point, Frank, which is just

the LLMs, when they're getting trained, are using

data and you have to be very sensitive

to what data that is there. That's

why I think a lot of enterprises are scrambling to make sure that their policies

are set, that they can make all their employees aware of. Don't put sensitive

information, even though it provide great context to your

prompt, that it's going to be used and

it's going to be, it's going to be sucked in there, and before you know

it, it's going to be in everybody's, you know, prompt or

available to everybody. And it's, it's definitely a real thing. So

given your background in cybersecurity and talking about,

you know, LLMs and the LLMs adoption, what is. Do you think

that that is the biggest unaddressed security risk

is not training the LLM properly so that

it doesn't protect the data that it has. Like, what do you think is the

biggest unaddressed security risk?

I think a little bit related is

ChatGPT and Gemini and Cloud. They've kind

of. They're teaching everybody that

their system is a database of answers,

when, in fact, you shouldn't be thinking about it that way. You should think of

it as it is a tool that helps you collect the answers and

see the answers and do that. And

so the real

danger actually is in

the fact that the adversaries can use the same

technology to perform attacks at scale and speed

that we haven't really been used to.

And so there's that aspect to it. Then the

other aspect is a data

like hole that's there I think

typical in the cybersecurity world.

The business is really wanting to use this because it's such a

productivity gain and whatever it might be, either

your business side is either really pushing it for creative

work or pushing it for just understanding

different parts of the business. And they're ahead of the security team.

And that happens quite frequently. You know, in the my, not the

last company, but before that was all about application security. It was clear

software developers, you know, they were pushing the envelope about

making software so core to many organizations and they were thinking of building

stuff. They weren't thinking of somebody using it

to divulge, you know, corporate information

or to take down a corporation, you know, for

basically using it against them. They're creators, they don't think

about destroyers and the adversaries are

destroyers. And so you had to weave in security

into that culture, which remains a challenge today. I think

that's what's going on right now with LLMs. People are thinking, oh, I can use

it for all these things. They aren't thinking what it's exposing

Frank, back to your wife's thing. They're not thinking of the attack surface

you're suddenly creating by doing that. And

I think that's the biggest thing, Kansas, it's more that attack surface

expansion or just having

even the current attack surface just be more readily available

to the attackers is the thing

that's a real difference because ultimately it gets down to

even these sophisticated attacks that you're starting to hear about now

from the state sponsored

entities that are out there.

It's still coming down to they're exploiting age old vulnerabilities,

but it's just that they're getting to them in a way that's more

automatic. And

they can, as we often say in security, the bad

guys kind of have usually all the time in the world and they only have

to be right once. Yeah, right, right. Well, it's

interesting. You're thinking about like the jewelers, the builders, the

developers. That's their mindset versus the jewel heist

people. Right? And that's two very different mindsets.

And you know, I always joke that

our kids are going to be like the first developers ever to write secure code.

Right. That's my background.

I was a developer. But in all

seriousness. But one of the things that I heard is one of the things that's

driving companies, because you mentioned companies or businesses are encouraging

business users to use AI. One of the reasons I heard was

there was so much shadow it going on, I'm sure it's still going on

that if they banned it outright the stuff would just end up in

a public form of ChatGPT or Gemini

or Claude or something like that versus if they do it through the company way.

The companies that purvey these models, the enterprise versions,

they promise and pinky swear that they'll never use that

data for training data set in the future. So I guess that's

kind of better. But you're right, as I think about this,

we're putting AI in all of these places and we're not really

even sure exactly how it works. And even crazier still,

we're not even. Sure. We'Re not

even sure we know what

vulnerabilities are currently out there. So we're not even sure

now we're just pouring like all these new vulnerabilities in there.

We don't know what we don't know obviously. And it's just kind of like, it's

kind of wild like that. Yeah, I think it's also wild

because the AI LLMs

as trained, they speak so

authoritatively and in such, you know, proper

English and that you're, you're just apt to believe them.

You know, I, I, I, you know, one of my

soapbox, I guess I'll say it is that I think

the, one of the biggest things we can do in society today is we've

got to be teaching our kids at the junior

high, high school levels for sure and certainly in college. It should

be happening. But to be critical thinkers

because you can't, you know, if the world of social

media taught us anything, you know, people kind

of believe stuff that maybe they shouldn't believe. And,

and now you have an AI generating this. That sounds so

believable. And heck, these days, you know, you,

you even might see an image and think it's that person saying it.

It might not be at all. And yet, yet you believe that. You

got to, you got to kind of, you have to be, you have to

maybe you trust, but you got to verify. You know, it's an age old thing.

You just, you just can't believe things for their first blush.

And, and yeah, it's a whole believe.

H none of what you hear and only half of what you see. I think

now it's, you have to believe none of what you see or hear. Right.

Unless it happens physically in front of you. And

even then. Yeah, I mean look, what, what many

of the, the banks and other people that have to really have

trusted systems are doing is, you know, they're,

they're requiring on say a wire transfer. I know I

just had to do this is they, they want to call, they want me to

hold my, my, my license up next to my face.

And even then, you know, there's techniques that you use and we can get back

to the LLMs because you use a lot of. Well, I heard that some of

them will make you do this now. Yeah. Or

ask a question that is so off topic

like, and just see if, what

the response is, if it can't even respond, you know, ask for the favorite

football, pro football team or something like that, you know, and, and

just, you're going to be able to tell

using that. And if you go. So even going back. So we

use LLMs in our system

and we, we, I think the next

wave of things we really believe are those

guardrails that you have to put on it so that it won't hallucinate.

And you know, people think, oh, the hallucination, that's, that's an edge case.

It is not. You know, they, they weren't

really always hallucinating. I mean technically they were always hallucinating.

I guess you could, you could say that. I mean it's, it's a

probabilistic kind of way of, you know, getting the pattern and things.

But, but what, but what it does, it's been, the

models, the, the weights have been put on giving

a good response or a response that fulfills the

request and that waiting forces it

to make up stuff when it doesn't know.

And yet it sounds authoritative and things like that. And

so you really have to have the guardrails on it. And so I think as

I was saying, the next wave of systems are going to be very vertically aligned

like us in cybersecurity. It might be health care, it might be other things,

but they're going to know to make the LLM

to ask it basically tell me when you're like, we have, we

call them verification prompts, right. Or context. And so

it requires them to say if you're making it up, you got to tell me

basically, right. And then even then

limit what it's using as its

context because that'll help too. Because you can do that and

make it more authoritative sources rather than

on some Reddit board or something like that

where it's clearly gathering information from.

You have to do that. And there's people that do that. You see some of

the AIs being very good about

noting or citing its sources. I think that's something. I really

like it when it does that. Yeah, totally. Right, because.

Yeah. And they let you decide on the judgment because in my view,

people have to be in the middle of this for a long time.

Right. I'm not a believer. It's going to go sentient here

shortly. Again, it's my web 1.0 side to me that

the world was going to change. There were going to be no retailers, no bricks

and mortar. If you guys remember that term, bricks and mortar retailers.

You know, that was then they had clicking mortars. I was at barnes and

noble.com during, during that era. Yeah. So you know this

clicking water. Yeah. You know, and. But they,

you know, the hype was they were going to get. That was just going to

go by the wayside. And it was 10 years later, before that

really start that Amazon stopped becoming a bookstore

and started becoming, you know, much more than that or, or ebay got around.

It was much, much later. Same thing happening in AI. It's not going to.

These things aren't going to get there right away. So there's going to be vertical

use of the AI that's going to

provide the guardrails, provide the context that's necessary. And then people

start trusting those kinds of things.

And I think that's going to be needed for a while and then we're going

to see a rise of something that people then can start to trust. But

the LLM is not all that trustworthy right now and you need a lot

of stuff around it to make it accurate and

you know, not making up stuff. I'm

sorry, do you believe the future LLMs will develop

stronger reasoning capabilities or do you think that,

you know, we'll still need the human critical thinkers always,

you know, to close the loop. I

think the ultimate. We're always going to need the human

on judgment. So, you know, I think you can

close certain loops pretty accurately even

today with the LLM. But, but is it judgment

and it's, you know, the LLMs are, you know, they're just repeating patterns and,

and with what they have and, and things like that. So in

fact I just did a, you know, did a prompt recently

that I was asking one LLM to use another LLM

and it came back with kind of an odd response. So it's

like, so re asked it like, what version are you using? And

sure enough, it was using a version that was like three

versions ago. Because what it got trained on and

you just make these assumptions. It's like, oh, of course we're now

at ChatGPT 5. But something might not have been

trained on that. It might have been trained on an old version. And so there's

even that kind of thing happening. Sorry, Candice.

To fully answer your question, though, I do believe that

we are in for some things you might be able to close a

loop for. But if they involve judgment,

we almost ethically need to have a person involved

with that because you just don't know where it's going to go. And, and, and

you can't. And because they speak so well, people

are already misunderstanding that,

that, that, you know, they are like, like what, what they are really.

And they're just repeating stuff that they know. Right. They're not, they're, they're kind of

not making judgment calls. And there's so many things that are just

about judgment that I think it's just better to think of

them as a tool, not as this thing. I,

I think there's a lot to get to, to get to these, you know,

I know, I don't know. Sam Altman might say it's only two years

away. I just think that's, that's, there's no way

not, not for proper ethical judgment.

Right? I mean, yeah, it might fake it

really well, but it won't be ethics

based judgment. And so do you think we

could use AI tools to design better prompts.

That we do that all the time? Absolutely

you can. And in fact, I think it's

almost the best practice now that you are both,

like I had mentioned before, kind of the truth or the

truth directive that you give it, you can give it a lot of pros. We

also notice it's kind of, I don't know, like

what about a month ago there

was a very illustrative

way of you need to threaten these things because it'll access

or raise the stakes for these things because it'll access different parts of the

model. Back to your thing, Frank. We don't really understand how they really

work. And so it was just mind blowing in a way

that you have to say. And so we even

give our prompts the ability to say, hey,

I will lose my job if I don't get this right. So get

this right. But we definitely play the models

off on each other because it's good

and it's kind of asking one to be

the devil's advocate on the other. And that's a known

group think, you know, think about just people socially. Right

group thinks, been around forever. And the way you,

you go against it is you ask someone to be the

devil's advocate in whatever this judgment needs to be. And

that's a great way to test, pressure test if what you're hearing

is actually right or not. And so yes, we have to pressure

test, use the elements to pressure test each other, use our own

prompts to pressure test the current model. You know, there's lots of different, different

techniques to do this. I mean, you know, I think of your

world especially, you guys have long specialized in, you

know, data science has been one of these areas that uses a lot of these

techniques to make sure that it just, you know, you don't get too narrow

in the focus and you know, and you get to get the right answers.

There's a whole, there's a whole new set of things that have to be

done to make sure that we're, we're, we're using the tool in the way

we should use it.

I love you guys. Speechless. It's

interesting. Like, and what's your take on private AI? Right, like running

your AIs entirely on prem within servers you can control.

I mean, I know a lot of people, including myself, think that's

the cure all for a lot of these issues, but even then I'm thinking like,

if it sounds like a cure all or a silver bullet, it's probably not.

Yeah, I mean, I think it, it solves a bunch of these problems that we've

been talking about. You know, it clearly does, but you

can't air gap it totally because people, you want people to be using it.

And so it'll, you know, you're still going to have insider threats.

And so if you have an insider, you know, there's still going

to be ways of getting information out. And it might not be

a risk that you want to take as a company. I mean you still,

and, and so you still have certain things

that do it. But I do think it solves some things. The thing it doesn't

solve is the, you know, why we're seeing

such a rapid advancement in stuff is because

it's the LLMs are looking at everything kind of that

are public, that's public out there and making use of

those and then people are looking at them and going, oh wow, that's great. And

doing that, you'd have to replicate a bit of that. And yeah, you could bring

those in and, and but there's going to be a lot of advances that we

can't even predict right now. You know, like talking to, you know, Candace, you

on the quantum side or you know, now we're seeing that, you know,

Nvidia's got the chips right now, but the wafers and

the amount of transist, you know, transistor equivalents you can put

on these things are, it's going to impact things and maybe it's

going to be practical, you know. No, nobody thought we'd have a whole

computer on our phones, but you know, us going back

into the 80s, yeah, it was a, that's a

pretty powerful computer compared to what we were using at the time. You

know, there's a lot of those things that are going to come to play. And,

and so I, I do think bringing some of this stuff internal

and that it'll solve some things. It won't solve everything though.

And you know, you'll still have to, you'll still have to do a lot of

good security hygiene. You'll start to do a good, a lot of good data hygiene.

You know, I mean I'm kind of. Worrying though because like companies have not been

doing a really bang up job of that last 50 years.

Yeah, it's more noticeable, it's more noticeable now more than ever.

I wonder what new vulnerabilities would private

AI, what new vulnerable would private

AI solve? And what or what, what new

vulnerabilities would it, would it expose? Right? Like because we

still don't know even if it's running on your server, you still don't know how

it works. You know the only thing. And

you're right and you also, that's why I brought up the

insider. You know, it's an attack surface. You

know, maybe you closed it down a little bit from being external but you have

insider threat threats. You have other right. You know, the creative

things that are going on on the attacker side about

they've long kind of done, you know, the,

where the attacks were. They'll get inside and they'll just wait and

they'll wait for kind of the dust to clear so you cannot trace it back.

And they'll cover their tracks and, and it

could be sitting there in the first time someone in the business

connects that model that's you think is walled

off to something even for good

legitimate business reasons. It might expose

an avenue that someone could get in and start exfil trading. And you may not

even know they are, I mean these low and slow

Attacks that have been the bane of so many

enterprises where you're just siphoning it off enough so

that the controls don't see it. Those will happen

in a lot of. And they could happen to models. And there you have your

crown jewels, your data. That's everything slow slowly being

siphoned off. You know, that's, that's going to remain. And

you're going to have to have a multi layer security

system in place to kind of deal with that as well.

No, that's true. And it makes me wonder like,

you know, I guess, I guess you can

be. I had an actually interesting conversation with the customer a couple

years ago and he talked about what's called the. And I know I'm going to

mess up what the acronym is, but it's CIA Triad. And there's

nothing to do with the Central Intelligence Agency. It's

confidentiality, something.

And what is it? Probably identity. Yeah.

Or integrity, I think. And then access.

Right. And he had this whole, you know, he had a whole thing where like,

you know, if you lock things down so much, you basically kill

the access part of it. Right. You basically make it impossible to access. Right. If

you. It seems like security is one of those jobs that

will be augmented by AI for sure. Right. Because no one's going to have time

to read gigs and gigs of log files anymore. Right.

But it's also going to need. You're going to need a human in the loop.

Right. I don't say that because that's what my wife does. And

I like.

Yeah, I like paying. You bring up a great point.

And let me transition it to this because

I think I'm going to use a term that gets misapplied

a lot for enterprises and it's about risk.

You are not going to. And Candice, it gets to your

point too. The job of security

programs inside of enterprise is actually to mitigate

the risks to the business. It's not to provide 100%

security. That's not the goal. The goal is to mitigate the risk because

every business is going to have risk. And, and you need to accept a certain

amount of risk so that you can do business and you can reach more

people and you can, you can do that. And

circling all the way back to what Pulse Security

does is that we hope to bring that concept back into things, is

that the leaders should be thinking about risk

and tracking their risks and knowing where they're

taking risks or where they're not taking risk. I think today

why I said it's kind of one of these misplaced things is we kind

of allow regulations and things like that

to say to be about risk. And that's really the low

bar, you know, in security we always talk about, you know, if

you're, you talked about the OWASP earlier or you know, you think about the

PCI standard, you know, for retailers and

transaction processing, or you think about some of these other

standards, they're the low bar. And many people

think about risk as something that I have to do it we call

checkbox compliance. Right. I have to be compliant, but I only want to

do as much as I, as I can. As you need to. Because no one

looks forward to seeing security people, whether it's physical security, you know,

or it security. Like you know, the things

developers have told her. Right.

You know, and like, as a form, you know, as a former developer, like, I

get it, like, and I know data scientists don't think about this

generally speaking, right. Data engineers might,

but even then, like, you know, they're, I think you said

it earlier like it's the mindset, right? You know, you have the builder mindset,

maybe the plumber mindset for data engineers and

then you have kind of the attacker mindset, right. These are different ways of

thinking. It almost cries out that you need to have

diverse mindsets on these projects now. I mean, you always need.

Now it's more obvious. That's why you see, yeah,

that's why you see

good hygiene insecurity is that you have, you do

a threat modeling before you are going to go external. And

that is a very different person that usually guides that. It's, it's exactly what you

said, Frank. They have, they have the. I'm going to bring to you

this, what you might feel is a very, very big edge case.

But if there's a probability can happen, you have to consider

it and you have to, you have to think about it. And that's back

to something we talked about earlier. When you have the attackers using

AI, they can explore the

corners and these edge cases so much easier.

And if they find one. And it could be very

unsophisticated though, because it could still be a vulnerability

that has been around for 10 years and believe it or not,

that's still going on that the ultimate way they got in

was a very old unpatched

resource that just happened to get exposed. But it was, it was the

reason other term in security, the lateral movement of the bad guy, that they're

just, they're just moving laterally to investigate

different parts and they found something and they got in that way

and back, back to the thing. Just have to be right once and

poor defenders have to be right 100% of the time and they

won't be. So that's why taking a risk approach

is the way, is the way to go. Because no matter

what your size of the company, you got to consider your budget,

how many people you have, the skill set of those people.

And this is where I think AI can really assist the

defenders is that it can add some of that

expertise and some of that, you know, vigilance

that's on 24. 7 in ways that people

can't. But they got to bring it to people and the people can make the

judgment call. Because if the AI had its way, I mean,

Frankie kind of said this too, that the most secure thing is to

shut the whole thing down and not let customers access it.

You know, and you don't want that because that, that's your business, you know. That

kind of defeats the purpose. Yeah, exactly, exactly.

So a risk based approach is super important. And, and it is

about then just, you know, you judging how much

risk you want to take and your board wants to take and you

know, and the CEO wants to take and the business people want to take and

then, and then applying that and making sure that,

you know, it matches your business.

And so that's, you know, that, that's a lot of the game. Right.

That makes a lot of sense. So what is your. I'm sorry, candid. Go ahead.

So what would trigger the shift inside an organization

from reactive security to risk aligned decision

making? You

know, oftentimes, unfortunately,

it's you get hacked and

you, a lot of times also, unfortunately, you bring

in new leadership who understand that their charter is to

come in and change the culture a bit, you know,

from that. Now existing leadership can certainly do that, but

whether they're given enough chance to, I

don't know, I, you know, it's. All fun and games

until somebody gets hurt. Right. Like, and you know, and I think that

if you'd never had a problem before and then it suddenly

happens. Right. I don't think it's, there's

a joke, it's a bit of a gallows humor type thing where

like clockwork, within 24 hours of a major breach of a major company. Right.

What do you see? Job listings for

cybersecurity? Okay. There was a major, I

think it was one of the major hotel chains. I think you all know who

we're talking about. I don't want to, I don't want to name Anyone by name,

I don't want to get sued. But you know, literally

like within a week, you know, there was like two pages of job

listings for, you know, some flavor of

cybersecurity or security analysis.

And it's unfortunate that in many

organizations the security leader is kind of

set up to be the scapegoat when something like that happens. When

in fact, you know, you could be doing all the right things.

And I don't know, you guys probably know the term

too. The, a black swan event kind of happens. Which, right, which,

you know, we know it, everybody knows it if they travel. Because

how often have we caught someone who has the explosive in their shoes

getting on an airplane? It's never happened since the first time.

That, and that was a black swan event. And yet we

designed our whole security, a lot of our security around

that and that. And it should be done around the major,

the risks. And if you think about

it in that way, really if you've

traveled internationally, especially in places that they really have a risk,

they will often randomly pick a plane,

get everybody off, look at all the baggage. But it's a

random kind of thing that happens

rather than kind of a systemic way of going through it that becomes

kind of wrote and it, you know, and, and people learn how to defeat it,

you know, in some ways. And, and that happens in cyber security

all the time. You know, you gotta, you gotta really be

doing that. That's why doing like practice, you know,

it's, it's a, it's a real important thing to do what we call

tabletop exercises in this because you have to

pretend like you just got hacked. What, what do you do

from the lowest level analyst all the way up to

the board. Do they, do they know what to do? Because,

and there's a lot of regulations now within like 24 hours, they have to,

or 72 hours of detecting it, they have to, they're on the

hook to claim it. I forget what that law is called. Yeah,

that's right there. If you're a public company, you have to disclose

and typically you don't have any idea yet

what, how that's happened and yet you have to disclose it's

happened and it's, you know, so,

so yeah, there's, there's a lot of risk to the organization

that, that this, this presents. And so that's why having,

thinking about it that way, doing exercises, you

know, it is a new world. I'll say. I, I'm

a big believer in what I'm going to call situational security where

And I mentioned this before, you just got to know your situation and if the

stakes are high and you have a big security team and you better be

practicing these things, you better have done, you know,

multi layers of security. But if you're a small team and you only have a

couple people on it, you've got to kind of think of what your crown jewels

are. Go protect those first and let the other

stuff go because who cares who's on your guest network?

You know, it's like you got to let that go, maybe make sure that,

make sure your guest network is not tied to your internal network.

And I think these days you have to really look at access

because so much. Everyone's in the cloud with

a lot of their infrastructure these days and you can tell a lot

by, so don't over privilege people to have access to things

and do that. So you have to look at those kinds of things. You do

have to look at your, you know, it goes without saying,

look at, look at your resources and I'm going to use that term broadly,

your assets that you have because you have to know about them.

So having some protection on those assets is super critical as well.

And I'm an old appsec guy, so yes, you, and you know, Frank,

you mentioned you got to have your applications

that are actually performing much of the business these days. You have to,

you have to know what your vulnerabilities are and you've got to plug the big

holes in that. But from there really

can't stop the bad guys. But you can at least stop,

stop the amateur bad guys. Right. Well, and, and

they're going to look around. So you can, if your bar is

higher than the next guy, as we know. You know, I know

that's all these adages of, you know, running faster than a bear or

the next guy, you know, on the bear and all things. That'd be the second

slowest. That's right. And it is true, you know, you can, you can

dissuade a lot of attacks if you

look like it's going to be difficult because the attackers,

they run playbooks too, because it's easier for them, it's cheaper for

them. It. And they'll just run playbooks. And if, if you

thwart the playbook, they'll find someone who, who

doesn't. And if you're not state actor, it's a, it's a criminal

enterprise. Right. And criminals are there to make money. Right. State

actors have different motives and different budgets.

Yeah. They may go a lot more targeted and they're just going to wait and

be patient. You're exactly right. But

actually targets like. I'm sorry,

no, I don't mean to interrupt. I was just going to say a funny story

is when we were

pitching our application security company

how

underfunded but patient and have all the times in the

world the hackers are, we were kind of

dismissive of no state would ever

hack another state's assets because it start a

war. And at the time that was really, that was the thinking.

I mean, how quaint does that sound today when we all know it's like, oh,

that's a Russian hacker group. You know, it's like we just kind of go,

oh, of course it was. It's like, oh my gosh. Yeah.

Well, it's also, I think in terms of geopolitics become a real

equalizer. Right. Because a nation state like North Korea can go toe to

toe with the United States. Right. Whereas in a

conventional war really wouldn't work out well for them. You know what I mean?

It's an interesting, yeah, it is interesting.

We have really good hackers ourselves in the

United States, right? Oh, I'm sure we do. It's, it's, it, you know,

I mean I, you know, you kind of hope that but,

but you are right, like a North Korean thing like, like we've seen

they can use these deep fakes to infiltrate in ways

that, you know, because of the work at home thing how, how they

can get employees hired in some of these places

with the expressed intent of, you know, stealing

things, you know, from, from those organizations and it's,

yeah, it's, it's a new world. It's pretty wild. Yeah. I mean when you think

about it like in, and you know, and it's not, not saying that the United

States doesn't have good hackers. I'm sure, I'm sure we have among the best. I

mean, maybe the best. But it's like a

baseball team, right? Like, you know, obviously there are some baseball teams that are going

to be better than others, right. And it's going to be kind of like the

smaller town that doesn't have the budget to pay for this. Rock stars. Same

with football, right? Whatever sport your thing is, right. You know, for me, I'm a

Yankees fan, although the Yankees have not had a good run of late. But

historically they have been kind of the top. But you know, you

can definitely tell like nation states can be all in like the same league

because they do have more or Less the same capacity in terms of. They're

not, they're not in it for the money per se. Like, you know what I

mean? They're not, you know, they, they. Because they're a

nation state, you know, they can harbor. They can harbor themselves and not

prosecute. You know, they have certain more advantages than your average criminal gang.

Oh yeah. I mean. And well funded. Right. I mean, that's. Money's not

an issue. Yeah, right. It's it. It

puts to be a formative adversary.

And that's why places

like Mandy and that come out with threat reports.

They talk about these actor groups, but you could see moves of

actor groups as well,

changing their tactics and techniques. Again, one of the

more interesting things that happened. I think we could talk about it

because it is public. But if you remember

maybe a year and a half ago, maybe it was two years ago that, that

mgm, you know, casinos guy. Oh yeah, the resort. Remember that?

And it shut. It shut down two casinos with

ransomware. The actors that did that.

It goes back to what's come full circle where it used to be the adversaries,

where it used to be called script kiddies were basically kids

that want to just cause disruption. Well, this is, this is actually a

more sophisticated. It ends up. This group was just a more sophisticated thing of that.

They. Yeah, it was ransomware, but they weren't actually out there

just for the money. They just wanted to do it. They just wanted to see

if they could shut down a casin. And it's crazy that that

that's like that and they still got away with a bunch of crypto

money. But. But it,

you know, it just shows that even like

those, even those hackers could then stand on the shoulders of

all this technology that's being hopefully built for

good and stuff too. But they can use that. And now

you can generate. I know the LLMs.

Back to the subject. You could ask it to

generate malware for you and it'll at

first say no, but if you could trick it, it'll say yes and it'll do

it. And then you can. Didn't that happen recently where there were. State actors

with cl. Yeah, anthropic.

That they were. That. That that plot had been used

and they're, you know, I, I think anthropic really looks at the

safety of what they're doing and stuff too. So they, that's why they disclosed it.

But. And they filled that hole. But it was. It wasn't that hard.

You know, all they did was say, oh no, I'm a Researcher. And

I'm doing an ethical. Yep. It

was not an ethical. How would you. I mean, you've been in the

AppSec before. It was called cyber security. Was called

AppSec or application security. But, you know,

if somebody told you back when you said, you know, no nation state would do

this, right. That, you know, all you had to do is trick a computer into

giving you, like, talk to a computer and tell it you're a research. Like, how

unreal is that? Like, I don't know. I'm doing this for research. Like, oh,

okay. Like, yeah, you know. Yeah, pretty, pretty,

pretty unreal because it was so manual before,

you know where. But again, you know, it gets back

to the thing we talked about earlier. It's like there are builders of the

world that can't imagine someone wanting to destroy,

you know, this beautiful building that's, that's been, that's been

built. And then there's people that. All they think about is, how can I

find a weakness in that building and take it, either take it down or just

gain access and that. Right, that's, that's, that's what's around.

Yeah. I mean, that keeps on. If you're in cyber security, that, that,

that, that keeps the lights on for sure. Because there's always,

always, there's always work to do to help the defenders.

Yeah. So you have something to defend. It was like going back to medieval times,

right. Like, you had the kings, but you had a pretty large class of

knights, you know, that would have to do defending and. Or

I forget what the people were called, but they would stand on the walls and,

like shoot arrows and catapults and stuff like. Yeah.

And you design the moat is because of that. And then

the ways you get into the city, you know, has got

traps in it, you know, and we would

liken that to a honey pot, you know, I mean, there's lots of, lots of.

And then Trojan horse was originally a Trojan horse.

That's right. And it's a battle. Right. And so I think right

now with AI, the attackers have a bit of the upper hand

because we just don't know how they're using it.

But, you know, there'll be tools and there already

are. I mean, if you're a cybersecurity company and you don't have

some AI assistance to help,

either with the scope or the breadth or the speed,

you know, it's. You see that and that. But that's on the detection

end, and sometimes that's too late. I mean,

I hope that the industry moves to some prevention. And then it is

about the building of the moats or the maze that they

have to go through or something like that. And I think that's an important

balance that has to be maintained by enterprises today

to. To make sure that they mitigate the risk. No, that's a

good way to put it.

Any question? We're getting close to the top of the hour, so I want to

be respectful of your time. Any questions? Candace? Sorry, I. No,

honestly, like, this has been a fantastic, fantastic interview.

It's been incredibly enlightening. Like, so much to think about,

you. Know, makes me want to change all my passwords. Right,

right. Well, you know, password 1, 2, 3, nobody. No, you can't. That's not secure

anymore, you know. Well, even, you know, it's interesting

because talk about checkbox compliance versus real

security. Even as we were setting up the company,

little old us, you know, we go to, and we're

needing help because we're wanting to become compliant to some of these

bars that are out there, like SoC2, if you've heard

of that. It's a compliance standard

for trustworthiness of. Of companies like us who might have your day.

There's a massive Alphabet soup there. There is,

there is. And, but like, password policy was really interesting

because what. We were using some AI to help us

in that, and it came back with password policy of. Oh,

yeah, you know, like, change your password every two weeks. Well, that's

been. That might have been state of the art a couple of years ago, but

that's not what you do today. Today, you know, it's about

length and scrambling, and we have these things called password

managers that allow us to do that rather than

us remembering something and. Yeah, even that.

Dynamics. Yes, those can get hacked.

A recent breach on one of those.

You know, there's. I. You know, I don't know, one that was

really bad publicly. There has been in the past, for sure. All right.

Um, yeah, so. But you're still, I think, Correct me if I'm wrong, but I

still think you're safer with a password Manager without

it 100% you. It's.

It's because you want. You want long length,

jumbled, you know, kinds of things that just aren't easy,

easy for the attacker. So.

Yeah, and then you change your master password of that manager

frequently. That's one where you, you. And again, you still want it to be long

and. Right, right, right. Long and complicated. Remember, one long

and complicated thing. Well, I'm, I'm glad

that we got to kind of talk yeah, awesome. It's been

great. Yeah, it's been great. Where can folks find out more about you and your

company? So I think today, you know, like I said, we're

in stealth, but eventually, please follow

Pulse Security AI will be coming out of stealth, you know, in

the, in the probably new year to mid

year kind of thing. But also we started a community

of security professionals and we as

just a networking organization, we call that

securityimpactcircle.org and there

we have blogs. We want to have

people talking about this prevention versus detection or even for

the security leader, about risk and how they should manage

things and best practices that they have together. So

yeah, we have a site, securityimpactcircle.org that is a great place for people

to go and eventually, you know, you'll get to us through that as

well. Cool. Awesome. Well, I'll let

our AI finish the show. And that's a wrap on this

episode of Data Driven. Big thanks to Mike Armistead for

reminding us that while AI may be the future, security breaches

are very much the present. Remember, the attackers only have

to be right once. So maybe don't make your password password

until next time. Stay curious, stay secure, and for

the love of data, please update your firmware. Cheers for

listening. Now go change that password.