Podcast appearances and mentions of michael slaby

Q&A from the keynote session with Michael Slaby (Avens, Harmony Labs)

What if the cracks in our social and civic institutions are not signs of collapse but the first signs of transformation? Let's face it: We've been living in an overly masculine society focused on dominion, growth, labour as a source of dignity, achievement as our basis of meaning and productivity as our key to purpose. But it's a tale as old as humankind — and one we've put on to ourselves as a survival mechanism. Now, it's on us to stop being at odds with nature. It's a role that no longer serves us as it keeps snapping back at us like a rubber band with anxiety and loneliness.Michael Slaby explores Ursula K. Le Guin's path of Utopiyin and Utopiyang as a way out. A new balance requires us to choose more feminine wisdom and leadership for now. Better yet, if we forgive ourselves for our estrangement and move ourselves back into nature's systems, we can embrace the world through a lens of openness and connectedness. And that's what being human is all about — isn't it?

As politics gets grimmer, Michael Slaby — former Chief Innovation Officer & CTO on Barack Obama's two presidential campaigns — answers the question: where have all the good guys gone? Download the Callin app for iOS and Android to listen to this podcast live, call in, and more! Also available at callin.com

Frank Sadler (Chief of Staff to Carly Fiorina) and Michael Slaby (former Chief Technology Officer to the 2012 Obama campaign) join guest host Lucy Caldwell to unpack some of the most important stories of the week: (02:26) The recall election of San Francisco's District Attorney, the rise in crime, and what it might mean for elections this fall (31:25) Did Facebook destroy democracy? What will Sheryl Sandberg's exit mean for Meta (52:55) President Biden's planned trip to Saudi Arabia and what it means for our relationship with the authoritarian regime [Politicology+ Members Only] What to expect from the January 6th Committee's public hearings  // To get your private, ad-free Politicology+ podcast feed with extra episodes, go to politicology.com/plus or subscribe in Apple Podcasts. Are you learning from Politicology? Help us expand by pitching in now: https://politicology.com/donate Follow this week's panel on Twitter: https://twitter.com/lucymcaldwell https://twitter.com/slaby Learn more about your ad choices. Visit megaphone.fm/adchoices

About DanDan is CISO and VP of Cybersecurity for Shipt, a Target subsidiary. He worked previously as a Distinguished Engineer on Target's cloud infrastructure. He served as CTO for Joe Biden's 2020 Presidential campaign. Prior to that Dan worked with the Hillary for America tech team through the Groundwork, and contributed as a founding developer on Spinnaker while at Netflix. Dan is an O'Reilly published author and avid public speaker.  Links: Shipt: https://www.shipt.com/ Twitter: https://twitter.com/danveloper LinkedIn: https://www.linkedin.com/in/danveloper TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: It seems like there is a new security breach every day. Are you confident that an old SSH key, or a shared admin account, isn't going to come back and bite you? If not, check out Teleport. Teleport is the easiest, most secure way to access all of your infrastructure. The open source Teleport Access Plane consolidates everything you need for secure access to your Linux and Windows servers—and I assure you there is no third option there. Kubernetes clusters, databases, and internal applications like AWS Management Console, Yankins, GitLab, Grafana, Jupyter Notebooks, and more. Teleport's unique approach is not only more secure, it also improves developer productivity. To learn more visit: goteleport.com. And not, that is not me telling you to go away, it is: goteleport.com.Corey: Writing ad copy to fit into a 30 second slot is hard, but if anyone can do it the folks at Quali can. Just like their Torque infrastructure automation platform can deliver complex application environments anytime, anywhere, in just seconds instead of hours, days or weeks. Visit Qtorque.io today and learn how you can spin up application environments in about the same amount of time it took you to listen to this ad.Corey: Welcome to Screaming in the Cloud, I'm Corey Quinn. Sometimes I talk to people who are involved in working on the nonprofit slash political side of the world. Other times I talk to folks who are deep in the throes of commercial businesses, and I obviously personally spend more of my time on one of those sides of the world than I do the other. But today's guest is a little bit different, Dan Woods is the CISO and VP of Cybersecurity at Shipt, a division of Target where he's worked for a fair number of years, but took some time off for his side project, the side hustle as the kids call it, as the CTO for the Biden campaign. Dan, thank you for joining me.Dan: Yeah. Thank you, Corey. Happy to be here.Corey: So, you have an interesting track record as far as your career goes, you've been at Target for a long time. You were a distinguished engineer—not to be confused with ‘extinguished engineer,' which is just someone who is finally—the fire has gone out. And from there you went from being a distinguished engineer to a VP slash CISO, which generally looks a lot less engineer-like, and a lot more, at least in my experience, of sitting in a whole lot of executive-level meetings, managing teams, et cetera. Was that, in fact, an individual contributor—or IC—move into a management track, or am I just misunderstanding this because these are commonly overloaded terms in our industry?Dan: Yeah, yeah, no, that's exactly right. So, IC to leadership, two distinct tracks, distinct career paths. It was something that I've spent a number of years thinking about and more or less working toward and making sure that it was the right path for me to go. The interesting thing about the break that I took in the middle of Target when I was CTO for the campaign is that that was a leadership role, right. I led the team. I managed the team.I did performance reviews and all of that kind of managerial stuff, but I also sat down and did a lot of tech. So, it was kind of like a mix of being a senior executive, but also still continuing to be a distinguished engineer. So, then the natural path out of that for me was to make a decision about do I continue to be an individual contributor or do I go into a leadership track? And I felt like for a number of reasons that my interests more aligned with being on the leadership side of the world, and so that's how I've ended up where I am.Corey: And correct me if I'm wrong because generally speaking political campaigns are not usually my target customers given the fact that they're turning the entire AWS environment off in a few months—win or lose—and yeah, that is, in fact, remains the best way to save money on your AWS bill; it's hard for me to beat that. But at that point most of the people you're working with are in large part volunteers I would imagine.So, managing in a traditional sense of, “Well, we're going to have your next quarterly review.” Well, your candidate might not be in the race then, and what we're going to put you on a PIP, and what exactly you're going to stop letting me volunteer here? You're going to dock them pay—you're not paying me for this. It becomes an interesting management challenge I would imagine just because the people you're working with are passionate and volunteering, and a lot of traditional management and career advice doesn't necessarily map one-to-one I would have to assume.Dan: That is the best way that I've heard it described yet. I try to explain this to folks sometimes and it's kind of difficult to get that message across that like there is sort of a base level organization that exists, right. There were full-time employees who were a part of the tech team, really great group of folks especially from very early on willing to join the campaign and be a part of what it was that we were doing.And then there was this whole ecosystem of folks who just wanted to volunteer, folks who wanted to be a part of it but didn't want to leave their 9:00 to 5:00 who wanted to come in. One of the most difficult things about—we rely on volunteers very heavily in the political space, and very grateful for all the folks who step up and volunteer with organizations that they feel passionate about. In fact, one of the best little tidbits of wisdom the President imparted to me at one point, we were having dinner at his house very early on in the campaign, and he said, “The greatest gift that you can give somebody is your time.” And I think that's so incredibly true. So, the folks who volunteer, it's really important, really grateful that they're all there.In particular, how it becomes difficult, is that you need somebody to manage the volunteers, right, who are there. You need somebody to come up with work and check in that work is getting done because while it's great that folks want to volunteer five, ten hours a week, or whatever it is that they can put in, we also have very real things that need to get done, and they need to get done in a timely manner.So, we had a lot of difficulty especially early on in the campaign utilizing the volunteers to the extent that we could because we were such a small and scrappy team and because everybody who was working on the campaign at the time had a lot of responsibilities that they needed to see through on their own. And so getting into this, it's quite literally a full-time job having to sit down and follow up with volunteers and make sure that they have the appropriate amount of work and make sure that we've set up our environment appropriately so that volunteers can come and go and all of that kind of stuff, so yeah.Corey: It's always an interesting joy looking at the swath of architectural decisions and how they came to be. I talked on a previous episode with Jackie Singh, who was, I believe, after your tenure as CISO, she was involved on the InfoSec side of things, and she was curious as to your thought process or rationale with a lot of the initial architectural decisions that she talked about on her episode which I'm sure she didn't intend it this way, but I am going to blatantly miscategorize as, “Justify yourself. What were you thinking?” Usually it takes years for that kind of, “I don't understand what's going on here so I'm playing data center archeologist or cloud spelunker.” This was a very short window. How did decisions get made architecturally as far as what you're going to run things on? It's been disclosed that you were on AWS, for example. Was that a hard decision?Dan: No, not at all. Not at all. We started out the campaign—I in particular I was one of the first employees hired onto the campaign and the idea all along was that we're not going to be clever, right? We're basically just going to develop what needs to be developed. And the idea with that was that a lot of the code that we were going to sit down and write or a lot of the infrastructure that we were going to build was going to be glue, it not AWS Glue, right, ideally, but just glue that would bind data streams together, right?So, data movement, vendor A produces a CSV file for you and it needs to end up in a bucket somewhere. So, somebody needs to write the code to make that happen, or you need to find a sufficient vendor who can make that happen. There's a lot more vendors today believe it or not than there were two years ago that are doing much better in that kind of space, but two years ago we had the constraints of time and money.Our idea was that the code that we were going to write was going to be for those purposes. What it actually turned into is that in other areas of the business—and I will call it a business because we had formalized roadmaps and different departments working on different things—but in other areas of the business where we didn't have enough money to purchase a solution, we had the ability to go and write software.The interesting thing about this group of technologists who came together especially early on in the campaign to build out the tech team most of them came from an enterprise software development background, right? So, we had the know-how of how to build things at scale and how to do continuous delivery and continuous deployment, and how to operate a cloud-native environment, and how to build applications for that world.So, we ended up doing things like writing an API for managing our donor vetting pipeline, right? And that turned into a complex system of Lambda functions and continuous delivery for a variety of different services that facilitated that pipeline. We also built an architecture for our mobile app which there were plenty of companies that wanted to sell us a mobile app and we just couldn't afford it so we ended up writing the mobile app ourselves.So, after some point in time, what we said was we actually have a fairly robust and complex software infrastructure. We have a number of microservices that are doing various things to facilitate the operation of the business, and something that we need to do is we need to spend a little bit of time and make sure that we're building this in a cohesive way, right? And what part of that means was that, for example, we had to take a step back and say, “Okay, we need to have a unified identity service.” We can't have a different identity—or we can't have every single individual service creating its own identity. We need to have—Corey: I really wish you could pass that lesson out on some of the AWS service teams.Dan: [laugh]. Yes, I know. I know. Yeah. So, we went through—Corey: So, there were some questionable choices you made in there, like you started that with the beginning of, “Well, we had no time which is fine and no budget. So, we chose AWS.” It's like, “Oh, that looks like the exact opposite direction of a great decision, given, you know, my view on it.” Stepping past that entirely, you are also dealing with challenges that I don't think map very well to things that exist in the corporate world. For example, you said you had to build a donor vetting pipeline.It's in the corporate world I didn't have it. It's one of those, “Why in the world would I get in the way of people trying to give me money?” And the obvious answer in your case is, federal law, and it turns out that the best outcome generally does not involve serving prison time. So, you have to address these things in ways that don't necessarily have a one-to-one analog in other spaces.Dan: That's true. That's true. Yes, correct to the federal law thing. Our more pressing reason to do this kind of thing was that we made a commitment very early on in the campaign that we wouldn't take money from executives of the gas and oil industry, for example. There were another bunch of other commitments that were made, but it was inconceivable for us to have enough people that could possibly go manually through those filings. So, for us to be able to build an automated system for doing that meant that we were literally saving thousands of human hours and still getting a beneficial result out of it.Corey: And everything you do is subject to intense scrutiny by folks who are willing to make hay out of anything. If it had leaked at the time, I would have absolutely done some ridiculous nonsense thing about, “Ah, clearly looking at this AWS bill. Joe Biden's supports managed NAT gateway data processing pricing.” And it's absolutely not, but that doesn't stop people from making hay about this because headlines are going to be headlines.And do you have to also deal with the interesting aspect—industrial espionage is always kind of a thing, but by and large most companies don't have to worry that effectively half of the population is diametrically opposed to the thing it is that they're trying to do to the point where they might very well try to get insiders there to start leaking things out. Everything you do has to be built with optics in mind, working under tight constraints, and it seems like an almost insurmountable challenge except for the fact where you actually pulled it off.Dan: Yeah. Yeah. Yeah. We kept saying that the tech was not the story, right, and we wanted to do everything within our power to keep the conversation on the candidate and not on emails or AWS bills or any of that kind of stuff. And so we were very intentional about a lot of the decisions that we ended up making with the idea that if the optics are bad, we pull away from the primary mission of what it is that we're trying to do.Corey: So, what was it that qualified you to be the CTO of a—at the time very fledgling and uncertain campaign, given that you were coming from a role where you were a distinguished engineer, which is not nothing, let's be clear, but it's an executive-level of role rather than a hands-on level of role as CTO. And then if we go back in time, you were one of the founding developers of Spinnaker over at Netflix.And I have a lot of thoughts about Netflix technology and a lot of thoughts about Spinnaker as well, and none of those thoughts are, “This seems like a reasonable architecture I should roll out for a presidential campaign.” So, please, don't take this as the insult that probably sounds like, but why were you the CTO that got tapped?Dan: Great question. And I think in some ways, right place, right time. But in other ways probably needs to speak a little bit to the journey of how I've gotten anywhere in my career. So, going back to Netflix, yeah, so I worked in Netflix. I had the opportunity to work with a lot of incredibly bright and talented folks there. One of the people in particular who I met there and became friends with was Corey Bertram who worked on the core SRE team.Corey left Netflix to go off and at the time he was just like, “I'm going to go do a political startup.” The interesting thing about Netflix at the time—this was 2013, so, this was just after the Obama for America '12 campaign. And a bunch of folks from OFA world came and worked at Netflix and a variety of other organizations in the Bay Area. Corey was not one of those people but we were very well-connected with folks in that world, and Corey said he was going off to do a political startup, and so after my non-mutual departure from Netflix, I was talking to Corey and he said, “Hey, why don't you come over and help us figure out how to do continuous delivery over on the political startup.” That political startup turned into the groundwork which turned into essentially the tech platform for the Hillary for America campaign.So, I had the opportunity working for the groundwork to work very closely with the folks in the technology organization at HFA. And that got me more exposure to what that world is and more connections into that space. And the groundwork was run by Corey, but was the CEO or head—I don't even know what he called himself, was Michael Slaby, who was President Obama's CTO in 2008 and had a bigger technical role in the 2012 campaign.And so, for his involvement in HFA '16 meant that he was a person who was very well connected for the 2020 campaign. And when we were out at a political conference in late 2018 and he said, “Hey, I think that Vice President Biden is going to run. Do you have any interest in talking with his team?” And I said, “Yes, absolutely. Please introduce me.”And I had a couple of conversations with Greg Schultz who was the campaign manager and we just hit it off. And it was a really great fit. Greg was an excellent leader. He was a real visionary, exactly the person that President Biden needed. And he brought me in to set up the tech operation and get everything to where we ultimately won the primary and won the election after that.Corey: And then, as all things do, it ended and the question then becomes, “Great, what's next?” And the answer for you was apparently, “Okay, I'm going to go back to Target-ish.” Although now you're the CISO of a Target subsidiary, Shipt and Target's relationship is—again, I imagine I have that correct as far as you are in fact a subsidiary of Target, so it wasn't exactly a new company, but rather a transition into the previous organization you were in a different role.Dan: Yeah, correct. Yeah, it's a different department inside of Target, but my paycheck still come from Target. [laugh].Corey: So, what was it that inspired you to go into the CISO role? Because obviously security is everyone's job, which is what everyone says, which is why we get away with treating it like it's nobody's job because shared responsibilities tend to work out that way.Dan: Yeah.Corey: And you've done an awful lot of stuff that was not historically deeply security-centric although there's always an element passing through it. Now, going into a CISO role as someone without a deep InfoSec background that I'm aware of, what drove that? How did that work?Dan: You know, I think the most correct answer is that security has always been in my blood. I think like most people who started out—Corey: There are medications for that now.Dan: Yeah, [laugh] good. I might need them. [laugh]. I think like most folks who are kind of my era who started seriously getting into software development and computer system administration in the late ‘90s, early thousands, cybersecurity it wasn't called cybersecurity at the time. It wasn't even called InfoSec, right, it was just called, I don't know, dabbling or something. But that was a gateway for getting into Linux system administration, network engineering, so forth and so on.And for a short period of time I became—when I was getting my RHCE certification way back in the day, I became pretty entrenched in network security and that was a really big focus area that I spent a lot of time on and I got whatever the supplemental network security certification from Red Hat was at the time. And then I realized pretty quickly that the world isn't going to need box operators for very long, and this was just before the DevOps revolution had really come around and more and more things were automated.So, we were still doing hand deployments. I was still dropping WAR files onto a file system and restarting Apache. That was our deployment process. And I saw the writing on the wall and I said, “If I don't dedicate myself to becoming first and foremost a software engineer, then I'm not going to have a very good time in technology here.” So, I jumped out of that and I got into software development, and so that's where my software engineering career evolved out of.So, when I was CTO for the campaign, I like to tell people that I was a hundred percent of CTO, I was a hundred percent a CIO, and I was a hundred percent of CISO for the first 514 days of the campaign or whatever it was. So, I was 300 percent doing all of the top-level technology jobs for the campaign, but cybersecurity was without a doubt the one that we would drop everything for every single time.And that was by necessity; we were constantly under attack on the campaign. And a lot of my headspace during that period of time was dedicated to how do we make sure that we're doing things in the most secure way? So, when I left—when I came back into Target and I came back in as a distinguished engineer there were some areas that they were hoping that I could contribute positively and help move a couple of things along.The idea always the whole time was going to be for me to jump into a leadership position. And I got a call one day from Rich Agostino who's the CISO for Target and he said, “Hey, Shipt needs a cybersecurity operation built out and you're looking for a leadership role. Would you be interested in doing this?” And believe it or not, I had missed the world of cybersecurity so much that when the opportunity came up I said, “Yes, absolutely. I'll dive in head first.” And so that was the path for getting there.Corey: This episode is sponsored by our friends at Oracle HeatWave is a new high-performance accelerator for the Oracle MySQL Database Service. Although I insist on calling it “my squirrel.” While MySQL has long been the worlds most popular open source database, shifting from transacting to analytics required way too much overhead and, ya know, work. With HeatWave you can run your OLTP and OLAP, don't ask me to ever say those acronyms again, workloads directly from your MySQL database and eliminate the time consuming data movement and integration work, while also performing 1100X faster than Amazon Aurora, and 2.5X faster than Amazon Redshift, at a third of the cost. My thanks again to Oracle Cloud for sponsoring this ridiculous nonsense.Corey: My take to cybersecurity space is, a little, I think, different than most people's journeys through it. The reason I started a Thursday edition of the Last Week in AWS newsletter is the security happenings in the AWS ecosystem for folks who don't have the word security in their job titles because I used to dabble in that space a fair bit. The problem I found is that is as you move up the ladder to executives that our directors, VPs, and CISOs, the language changes significantly.And it almost becomes a dialect of corporate-speak that I find borderline impenetrable, versus the real world terminology we're talking about when, “Okay, let's make sure that we rotate credentials on a reasonable expected basis where it makes sense,” et cetera et cetera. It almost becomes much more of a box-checking compliance exercise slash layering on as much as you possibly can that for plausible deniability for the inevitable breach that one day hits and instead of actually driving towards better outcomes.And I understand that's a cynical, strange perspective, but I started talking to people about this, and I'm very far from alone in that, which is why people are subscribing to that newsletter and that's the corner of the market I wanted to start speaking to. So, given that you've been an engineer practitioner trying to build things and now a security executive as well, is my assessment of the further higher up you go the entire messaging and purpose change, or is that just someone who's been in the trenches for too long and hasn't been on that side of the world, and I have a certain lack of perspective that would make this all very clear. Which I freely accept, if that's the case.Dan: No, I think that you're right for a lot of organizations. I think that that's a hundred percent true, and it is exactly as you described: a box-checking exercise for a lot of organizations. Something that's important to remember about Target is—Target was the subject of a data breach in 2012, and that was before there were data breaches every single day, right.Now, we look at a data breach and we say that's just going to happen, right, that's the cost of doing business. But back in 2012 it was really a very big story and it was a very big deal, and there was quite a bit of activity in the Target technology world after that breach. So, it reshaped the culture quite literally, new executives were brought in, but there's this whole world of folks inside of Target who have never forgotten that, right, and work day-in and day-out to make sure that we don't have another breach.So, security at Target is a main centrally thought about kind of thing. So, it's very much something that is a part of the way that people operate inside of Target. So, coming over to Shipt, obviously, Shipt is—it is a subsidiary. It is a part of Target, but it doesn't have that long history and hasn't had that same kind of experience. The biggest thing that we really needed at Shipt is first and foremost to get the program established, right. So, I'm three or four months onto the job now and we've tripled the team size. I've been—Corey: And you've stayed out of the headlines, which is basically the biggest and most accurate breach indicator I've found so far.Dan: So far so good. Well, but the thing that we want to do though is to be able to bring that same kind of focus of importance that Target has on cybersecurity into the world of engineering at Shipt. And it's not just a compliance game, and it's not just a thing where we're just trying to say that we have it. We're actually trying to make sure that as we go forward we've got all these best practices from an organization that's been through the bad stuff that we can adopt into our day-to-day and kind of get it done.When we talk about it at an executive level, obviously we're not talking about the penetration tests done by the red team the earlier day, right. We're not calling any of that stuff out in particular. But we do try to summarize it in a way that makes it clear that the thing that we're trying to do is build a security-minded culture and not just check some boxes and make sure that we have the appropriate titles in the appropriate places so that our insurance rates go down, right. We're actually trying to keep people safe.Corey: There's a lot to be said for that. With the Target breach back in—I want to say 2012, was it?Dan: 2012. Yep.Corey: Again, it was a wake-up call and the argument that I've always seen is that everyone is vulnerable—just depends on how much work it's going to take to get there. And for, credit where due, there was a complete rotation in the executive levels which whether that's fair or not, I—people have different opinions on it; my belief has always been you own the responsibility, regardless of who's doing the work.And there's no one as fanatical as a convert, on some level, and you've clearly been doing a lot of things in the right direction. The thing that always surprises me is that when I wind up seeing these surveys in the industry that—what is it? 65% of companies say that they would be vulnerable to a breach, and everybody said, “Oh, we should definitely look at those companies.” My argument is, “Hang on a sec. I want to talk to the 35% who say, ‘oh, we're impenetrable.'” because, spoiler, you are not.No one is. Just the question of how heavy is the lift and how much work is it going to take to get there? I do know that mouthing off in public about how perfect the security of anything is, is the best way to more or less climb to the top of a mountain during a thunderstorm, a hold up a giant metal rod, and curse the name of God. It doesn't lead to positive outcomes, basically ever. In turn, this also leads to companies not talking about security openly.I find that in many cases it is easier for me to get people to talk about their AWS bills than their InfoSec posture. And I do believe, incidentally, those two things are not entirely unrelated, but how do you view it? It was surprisingly easy to get Shipt's CISO to have a conversation with me here on this podcast. It is significantly more challenging in most other companies.Dan: Well, in fairness, you've been asking me for about two-and-a-half years pretty regularly [laugh] to come.Corey: And I always say I will stop bothering you if you want. You said, “No, no. Ask me again in a few months. Ask me again, after the election. Ask me again after—I don't know, like, the one-day delivery thing gets sorted out.” Whatever it happens to be. And that's fine. I follow up religiously, and eventually I can wear people down by being polite yet persistent.Dan: So, persistence on you is actually to credit here. No, I think to your question though, I think that there's a good balance. There's a good balance in being open about what it is that you're trying to do versus over-sharing areas that maybe you're less proficient in, right. So, it wouldn't make a lot of sense for me to come on here and tell you the areas that we need to develop into security. But on the other side of things, I am very happy to come in and talk to you about how our incident response plan is evolving, right, and what our plan looks like for doing all of that kind of stuff.Some of the best security practitioners who I've worked with in the world will tell you that you're not going to prevent a breach from a motivated attacker, and your job as CISO is to make sure that your response is appropriate, right, more so than anything. So, our incident response areas where today we're dedicating quite a bit of effort to build up our proficiency, and that's a very important aspect of the cybersecurity program that we're trying to build here.Corey: And unlike the early days of a campaign, you still have to be ultra-conscious about security, but now you have the luxury of actually being able to hire security staff because it turns out that, “Please come volunteer here,” is not presumably Shipt's hiring pitch.Dan: That's correct. Yeah, exactly. We have a lot of buy-in from the rest of leadership to build out this program. Shipt's history with cybersecurity is one where there were a couple of folks who did a remarkably good job for just being two or three of them for a really long period of time who ran the cybersecurity operation very much was not a part of the engineering culture at Shipt, but there still was coverage.Those folks left earlier in the year, all of them, simultaneously, unfortunately. And that's sort of how the position became open to me in the first place. But it also meant that I was quite literally starting with next to nothing, right. And from that standpoint it made it feel a lot like the early days of the campaign because I was having to build a team from scratch and having to get people motivated to come and work on this thing that had kind of an unknown future roadmap associated with it and all of that kind of stuff.But we've been very privileged to—because we have that leadership support we're able to pay market rates and actually hire qualified and capable and competent engineers and engineering leaders to help build out the aspects of this program that we need. And like I said, we've managed to—we weren't exactly at zero when I walked in the door. So, when I say we were able to quadruple the team, it doesn't mean that we just added four zeros there, [laugh] but we've got a little bit over a dozen people focusing on all areas of security for the business that we can think of. And that's just going to continue to grow. So, it's exciting; it's a challenge. But having the support of the entire organization behind something like this really, really helps a lot.Corey: I know we're running out of time for a lot of the interview, but one more question I want to ask you about is, when you're the CISO for a nationally known politician who is running for the highest office, the risk inherent to getting it wrong is massive. This is one of those mistakes will show indelibly for the rest of, well, one would argue US history, you could arguably say that there will be consequences that go that far out.On the other side of it, once you're done on the campaign you're now the CISO at Shipt. And I am not in any way insinuating that the security of your customers, and your partners, and your data across the board is important. But it does not seem to me from the outside that it has the same, “If we get this wrong there are repercussions that will extend into my grandchildren's time.” How do you find that your ability to care as deeply about this has changed, if it has?Dan: My stress levels are a lot lower I'll say that, but—Corey: You can always spot the veterans on an SRE team because—when I say veterans I mean veterans from the armed forces because, “No one's shooting at me. We can't serve ads right now. I'm really not going to run around and scream like, ‘My hair's on fire,' because this is nothing compared to what stress can look like.” And yeah there's always a worst stressor, but, on some level, it feels like it would be an asset. And again this is not to suggest you don't take security seriously. I want to be very clear on that point.Dan: Yeah, yeah, no. The important challenge of the role is building this out in a way that we have coverage over all the areas that we really need, right, and that is actually the kind of stuff that I enjoy quite a bit. I enjoy starting a program. I enjoy seeing a program come to fruition. I enjoy helping other people build their careers out, and so I have a number of folks who are at earlier at points in their career who I'm very happy that we have them on our team because I can see them grow and I can see them understand and set up what the next thing for them to do is.And so when I look at the day-to-day here, I was motivated on the campaign by that reality of like there is some quite literal life or death stuff that is going to happen here. And that's a really strong presser to make sure that you're doing all the right stuff at the right time. In this case, my motivation is different because I actually enjoy building this kind of stuff out and making sure that we're doing all the right stuff and not having the stress of, like, this could be the end of the world if we get this wrong.Means that I can spend time focusing on making sure that the program is coming together as it should, and getting joy from seeing the program come together is where a lot of that motivation is coming from today. So, it's just different, right? It's a different thing, but at the end of the day it's very rewarding and I'm enjoying it and can see this continuing on for quite some time.Corey: And I look forward to ideally getting you back in another two-and-a-half years after I began badgering you in two hours in order to come back on the show. If—Dan: [laugh].Corey: —people want to hear more about what you're up to, how you view about these things, potentially consider working with you, where can they find you?Dan: Best place although I've not been as active because it has been very busy the last couple of months, but find me on Twitter, @danveloper, find me on LinkedIn. Those—you know, I posted a couple of blog posts about the technology choices that we made on the campaign that I think folks find interesting, and periodically I'll share out my thoughts on Twitter about whatever the most current thing is, Kubernetes or AWS about to go down or something along those lines. So, yeah, that's the best way. And I tweet out all the jobs and post all the jobs that we're hiring for on LinkedIn and all of that kind of stuff. So, usual social channels. Just not Facebook.Corey: Amen to that. And I will of course include links to those things in the [show notes 00:37:29]. Thank you so much for taking the time to speak with me. I appreciate it.Dan: Thank you, Corey.Corey: Dan Woods, CISO and VP of Cybersecurity at Shipt, also formerly of the Biden campaign because wherever he goes he clearly paints a target on his back. I'm Cloud Economist, Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast please leave a five-star review on your podcast platform of choice along with an incoherent rant that is no doubt tied to either politics or the alternate form of politics: Spinnaker.Dan: [laugh].Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

We don't often think about common ground as a forum for disagreement. But the most productive discourse often requires first identifying a shared set of goals, facts, or ideas. How can today's leaders help build an environment of mutual understanding, respect, and productive disagreement in an increasingly divisive world? What role do technology and the internet play in helping people find and create common ground?  In this episode, Host Gautam Mukunda speaks with two digital strategists about the role of commonality in productive dialogue and debate and the impacts that technology has had on building common ground. Katie Harbath was Facebook's Public Policy Director before founding Anchor Change, a consulting firm dedicated to upholding democracy and stopping the spread of misinformation around elections. Michael Slaby, author of For ALL the People and Chief Strategist at Harmony Labs, was the Deputy Digital Director and Chief Technology Officer during Barack Obama's 2008 presidential campaign. “I feel we do have that commonality of wanting to make sure that the internet is a space that can help to raise voices that wouldn't otherwise get to be heard, that can increase access to the democratic process, and can get more people involved.” — Katie Harbath “The nature of how a company believes what its responsibility and relationship is to community, what their responsibilities are for leadership -- that's not just a soft positioning, values-based conversation -- that needs to be a more fulsome understanding and a more multi-dimensional, quantifiable understanding of what a successful company means.” – Michael Slaby Follow @GMukunda on Twitter or email us at WorldReimagined@nasdaq.com   Books Referenced: For ALL the People: Redeeming the Broken Promises of Modern Media and Reclaiming Our Civic Life by Michael Slaby   For more information on this episode's guests, please visit: https://www.nasdaq.com/world-reimagined-podcast  

Kelly reconnects with Michael Slaby who has written a powerful new book, For All The People: Redeeming the Broken Promises of Modern Media and Reclaiming our Civic Life.

One of the dominant themes of the last several years, and especially the last year, is the loss of shared truth, a sense in the country that it's increasingly difficult to talk to one another when we disagree. Because increasingly, it seems like people don't know what is true and what is false, and then public debate just becomes a matter of tribalism, where our identity shapes what we believe rather than a more honest attempt to sort through facts and weigh evidence.This is a major theme of this show now. This year so far, I've interviewed one of the most insightful thinkers and writers on the topic, Peter Pomerantsev, two members of Congress who are fighting disinformation -- Democrat Tom Malinowski and Republican Adam Kinzinger -- and another activist -- David Blankenhorn -- who is trying to get Americans to sit down with others who think differently to try to understand their point of view.This episode is an interview with a guy who really understands the Internet, and has some pretty granular suggestions about how to fix it. Michael Slaby's book, "For All the People," is a trenchant analysis of what has gone wrong over the past two decades with the internet, and a passionate call for change. He writes for the leaders of private companies, for politicians and policy-makers, and for you and me, the average person who wants to know what we can do today to reclaim more control of our lives from big tech and to help repair our country.Slaby was chief technology officer on Barack Obama's 2008 reelection campaign, and then oversaw innovation and integration of tech into the entire 2012 campaign. He now runs Harmony Labs, a company working on internet reform implementation at the local scale.Outro music: "Think Too Much" by Hannah Jadagu Support this show http://supporter.acast.com/thelonggame. See acast.com/privacy for privacy and opt-out information.

Our first husband & wife team on You Seem Interesting. Last week, https://www.patreon.com/posts/48488802 (Michael Slaby), this week, https://lydiaslaby.com/about/ (Lydia Slaby). While the pair was living in Chicago, Michael was doing transformative work on the Obama Campaigns & Lydia was a corporate attorney working a zillion hours. Then she received a cancer diagnosis. Since then, they have each written a book, moved to the middle of nowhere NY, and Lydia is running for public office. Her book, https://lydiaslaby.com/book/ (Wait, It Gets Worse), is an extremely personal look at dealing with horrid circumstances and learning to roll with previously unthinkable reality. We discussed her small town re-election campaign, lessons from big politics that can be used in a town of 10s of people, and making fun of her husband as he goes through the book promotion process. This podcast uses the following third-party services for analysis: Chartable - https://chartable.com/privacy Support this podcast

We are joined by author Michael Slaby this week who’s recently published, “For All the People: Redeeming the Broken Promises of Modern Media and Reclaiming our Civic Life.” He earned his chops as CTO and CIO of Obamas 2008 and 2012 campaigns. While we get into big techs role and opine on popular culture discourse such as the social dilemma, we of course gotta bring in the historical lens and economics cus you know how we do. Buckle up, this isn’t your typical tech is making us divided talk!

Our guest this week is https://michaelslaby.com/bio.html (Michael Slaby). Michael has had a really unique career which has featured 2 hugely impactful roles in President Obama's campaigns, high profile jobs seeking media reform, and now, as an author. His book https://michaelslaby.com/forallthepeople.html (For All The People) is a look inside our social media platforms, what they were supposed to do, how they have failed us, and what we can do to get them back to working for us in a positive way. We discussed his integral role with the Obama campaigns and their incredible, on the fly innovations that have rapidly become industry standard, our legacy media, and reforming our online platforms. Great convo with a really sharp guy. This podcast uses the following third-party services for analysis: Chartable - https://chartable.com/privacy Support this podcast

Michael Slaby returns to The Great Battlefield podcast to talk about his new book "For ALL the People" which is about the changes in our media ecosystem brought about by the digital revolution that are not serving us and how we can reform that system.

Rob and Dan follow up on their conversation with author Michael Slaby and explore solutions for media and political polarization, discuss what it means to be an "American," and wonder if it is possible for hopeful visionaries like MLK, Gandhi, and JFK to exist in our current social media, 24/7 newstainment culture. Enjoy! (and if you do, subscribe and share, please.)

Rob and Dan have their first guest! Michael Slaby, author of the new book For All The People: Redeeming the Broken Promises of Modern Media and Reclaiming Our Civic Life, joins the fray and we discuss the state of media and social media, confirmation bias, personal responsibility, weapons of exclusion, how the pandemic is making us more susceptible to conspiracy theories, and what is possible as we try to come together as a nation. Enjoy and pick up Michael's book anywhere books are sold.

Rob and Dan conned Michael Slaby - former CTO/CIO for Obama of America, Head of Edelman's Digital Practice, Harvard Fellow, and too much other cool stuff to list - and now author of For All the People (releasing Feb 23) to join us in a conversation about media, society, politics and discuss what is possible as we try to come together as a people of America and the world. Here is a 5 min teaser. Full episode drops Wed Feb 24.If you want to pre-order Michael's book - here is the Amazon link: https://www.amazon.com/dp/1633310515/ref=cm_sw_em_r_mt_dp_ZRMX2DNJFXD977TKKABR

Michael Slaby returns to The Great Battlefield podcast to talk about how Harmony Labs is working to transform media systems as well as his vision for a progressive future.

In previous episodes we’ve looked at this issue of tech dominance from several angles. We’ve seen how they gather data, what they can do with it, how they make money from it, and how social media allows them to muddy the water and shape the narrative. You may have asked yourself along the way, “how can they do this? Why doesn’t the government do anything about it?”  The seven largest tech companies spent nearly $500 million dollars lobbying Congress in the last decade. That sounds like a huge amount of money, but when you consider that they’ve gained trillions in market value during the same period of time, it was just money well spent. This episode, we’ll dive into why government has dropped the ball on tech regulation to such an extreme degree, and what they might be able to still do to rein in the worst of these big tech behaviors.  Featured guests this episode:  K Krasnow Waterman was the Chief Information Officer of the first post-9/11 data analytics facility established by the White House and, next, led the reorganization of the FBI's intelligence operations. She has held a multitude of roles across the government and business worlds, as well as being a Sloan Fellow at the Massachusetts Institute of Technology. Michael Slaby was the Chief Technology Officer of Obama for America in 2008. In 2012, he rejoined the campaign as Chief Integration and Innovation Officer. When the campaign finished, he began work on social impact organizations that leverage technology to create social movements. Today, he's the Chief Strategist at Harmony Labs.  Jonathon Morgan is the founder of Yonder, a fast-growing Authentic Internet company on a mission to give the online world the same amount of authentic cultural context as the offline world. Using artificial intelligence, we help organizations identify the groups and narratives that drive conversation, revealing what matters and creating the confidence to act. Matt Stoller is a fellow at the Open Markets Institute and the author of Goliath: The Hundred Year War Between Monopoly Power and Democracy Katelyn Ringrose is a Christopher Wolf Diversity Fellow at the Future of Privacy Forum. She currently works on health and genetics privacy issues, and is tracking state and federal privacy legislation.

When I got on Facebook in 8th grade, it was worth somewhere in the vicinity of $100 million. By the time I was a junior in college, studying abroad in Senegal and forced to have a much more limited Internet experience, it was worth $50 billion.  Today, it’s worth about $550 billion, the 5th most valuable company in the world.  How did they do it?  Well, it turns out your data is really, really valuable to advertisers. And the longer you stay on the platform, the more ads they can serve you, translating directly to more dollars in their pocket.  What happened, is that they discovered anger and fear. Anger and fear drive more engagement than positivity and hope ever could -- and so that was the content their algorithm pushed.  In the preparation for this episode, I asked a colleague for an introduction to a friend of his who I wanted to interview for this podcast, a former senior executive at a social media company.  The response?  “I sold. I’m out. I don’t want anyone to remember I was doing that.”    Featured guests this episode:  K Krasnow Waterman was the Chief Information Officer of the first post-9/11 data analytics facility established by the White House and, next, led the reorganization of the FBI's intelligence operations. She has held a multitude of roles across the government and business worlds, as well as being a Sloan Fellow at the Massachusetts Institute of Technology. Tim Shea is the founder and CEO of Latticework Insights.  Bryan Lane is the Director of Data and Artificial Intelligence at the General Services Administration. Michael Slaby was the Chief Technology Officer of Obama for America in 2008. In 2012, he rejoined the campaign as Chief Integration and Innovation Officer. When the campaign finished, he began work on social impact organizations that leverage technology to create social movements. Today, he's the Chief Strategist at Harmony Labs.  Eric Yang is the Founder and Executive Director at Junto. Junto is a new breed of social media founded in the spirit of authenticity, with the goal of rebalancing our relationship with technology and inspiring agency, privacy, and free expression.  Jonathon Morgan is the founder of Yonder, a fast-growing Authentic Internet company on a mission to give the online world the same amount of authentic cultural context as the offline world. Using artificial intelligence, we help organizations identify the groups and narratives that drive conversation, revealing what matters and creating the confidence to act.

Michael Slaby joins The Great Battlefield podcast to discuss his unusual path to the position of CTO for Barack Obama's 2008 presidential campaign. He also chats about his approach to his work as the Head Of Mission of Timshel - a social-impact digital technology company which developed some tools utilized by Hillary Clinton's 2016 presidential campaign. | Episode 232

Guest host Danny Warshay '87, executive director of the Jonathan M. Nelson Center for Entrepreneurship, talks with Michael Slaby '01, executive director of Chicago Ideas, head of Timshel, and former chief integration and innovation officer for President Obama, about how we can use technology, entrepreneurship, and people to make the world a better place. For more information, go to; Tmshel https://timshel.com/ Chicago Ideas https://www.chicagoideas.com/about Nelson Center https://entrepreneurship.brown.edu/ Download episode transcript

On this episode, we unpack impact with three business leaders who show us how to become transitional agents to help institutions evolve and fix broken systems. Angela Tran Kingyens, a principal at Version One ventures shares her recipe for impactful investments. Barak Obama’s former CTO Michael Slaby explains how to use tech (and the Tinder for food waste) to solve intractable problems, and father of microcredit Prof. Muhammad Yunus is a shining example of selflessness in action. 

To kick off 2018, we gathered 5 tips from creative thought leaders to help you crush the new year. From Apple co-founder Steve Wozniak to media expert Randi Zuckerberg, tech lobbyist Gary Shapiro, political innovator Michael Slaby and diversity advocate Lauren Wesley Wilson, you don’t want to miss this great advice. 

Jason Gots: It’s 150,000 years ago. You’re a Homo sapiens, hanging out in a really cozy clearing protected from behind by a cliff wall. It’s a great spot. Temperate, isolated, pretty safe. Lots of good fruits and tubers nearby. Should you just hang out here forever? Well…you could…but something’s nagging at that medial frontal cortex of yours. There’s a hill in the distance. What’s beyond it? Something different, maybe! Something new and shiny! Maybe today you’ll just take a quick look.  My guest today is neuroscientist David Eagleman. In The Runaway Species, How Human Creativity Remakes the World, David and his co-author Anthony Brandt explore that ancient tension between mastery and curiosity - the known and the unknown. And how the human imagination exploits it to make new things.  Surprise conversation-starter clips in this episode:  Isaac Lidsky on how going blind showed one man the light, Michael Slaby on a 30-hour work week.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Since 2008, Big Think has been sharing big ideas from creative and curious minds. Since 2015, the Think Again podcast has been taking us out of our comfort zone, surprising our guests and Jason Gots, your host, with unexpected conversation starters from Big Think’s interview archives. Today's guest Peter Frankopan is a historian at Oxford University, where he is Director of the Oxford Centre for Byzantine Research. He works on the history of the Mediterranean, Russia, the Middle East, Persia, Central Asia and beyond, and on relations between Christianity and Islam. Peter's new book The Silk Roads: A New History of the World, is an international bestseller, described by William Dalrymple as a 'historical epic of dazzling range, ambition and achievement'. At an anxious moment in Western history, Frankopan encourages us to take a historical perspective, understanding how change happens in societies and how people typically react to it. This conversation unpacks the fascinating and dense history of the Silk Road countries and digs deep into the economic and social forces that shape our lives. Surprise conversation starter interview clips in this episode: Michael Slaby on the 30 hour work week and Geneticist Jennifer Doudna on designer babies   Learn more about your ad choices. Visit megaphone.fm/adchoices

Michael Slaby is the Founder and Head of Mission of Timshel, a startup that has developed a platform called The Groundwork to give organizations and brands more powerful digital tools to analyze all the data they are producing, help them organize supporters, get their message out, and raise money. According to Federal Election Commission records, Hillary Clinton has spent almost $500,000 on Timshel’s services since announcing her candidacy last year. Before starting Timshel, Michael was the CTO of Obama for America in 2008 and Obama’s Chief Integration Officer in 2012,  overseeing the campaign's integration of technology, digital strategy, and analytics.  listen on iTunes listen on stitcher In This Episode You Will Learn: How an "argument of violent agreement" got Michael into politics The differences between the 2008 election and 2012 election What the team took from the 2012 campaign to Timshel How Timshel balances being a for profit company and having a social mission How Timshel is helping Hillary Clinton's campaign Why they started a podcast Why we need to improve the availability of early stage capital here in Chicago (None of Timshel's investors are from here) Why Michael thinks Chicago has a bright future in impact analytics How entrepreneurs can balance the line between optimism and insanity Selected Links From The Episode: Dick Durbin, Illinois Senator Joe Rospars, Founder & CEO of Blue State Digital Harper Reed, Former CTO at Obama For America Dan Wagner, Founder and CEO of Civis Analytics UN Refugee Agency The Hive, digital arm of UN Refugee Agency Impact Engine The way we think about charity is dead wrong by Dan Pallotta,  Stephanie Hannon, CTO of Clinton Campaign Edelmen, Marketing Agency Fabretto Foundation Bright Pink I Am That Girl Food Tank Elevate Purpose, Timshel's podcast Rayid Ghani, Director of the Center for Data Science and Public Policy Kevin Willer, VC at Chicago Ventures JB Pritzker, VC at Pritzker VC Matter Data For Social Good University of Chicago Crime Lab UN Sustainable Development Goals Favorite Books:  East of Eden by John Steinbeck (where the name Timshel comes from) This Is Water by David Foster Wallace (given to every new employee)  Shantaram by Gregory David Roberts

In 2008, Michael Slaby served as Chief Technology Officer from Obama for America, and helped with technology policy as the Obama campaign transitioned to an administration. One of the most difficult aspects of the transition has come in trying to keep a huge group of grassroots, web-enabled supporters, after the campaigning is over and the policy making has begun. Today David Weinberger speaks with Michael about how government uses the web to stay engaged, and some of the policies regarding freedom and the internet that the administration has pursued since taking office. CC Music this week: Jasptertine: Pling Jeremiah Jacobs