Podcasts about pii

“Customer experience is not about selling a product anymore. It's about selling trust.” Cisco Webex: Turning Agentic AI Into Trusted Customer Engagement, As Cisco Live spotlights agentic AI, security and observability, Vinod Muthukrishnan explains why Webex Customer Experience sits at the front line of AI adoption By Doug Green “Customer experience is not about selling a product anymore. It's about selling trust.” That was the larger message from Vinod Muthukrishnan, Vice President and General Manager of Webex Customer Experience at Cisco, in this Technology Reseller News podcast recorded at Cisco Live. Muthukrishnan connects several of the biggest themes at Cisco Live — agentic AI, observability, security and the network — to the place where they ultimately become real: the customer experience. As AI moves into customer-facing environments, the stakes change. An autonomous agent may access corporate data, customer information, PII and confidential systems. It may then act autonomously and communicate directly with customers, partners and outside entities. Put those steps together, Muthukrishnan says, and the threat surface becomes potentially “infinite.” That is why he argues that AI-powered customer experience cannot be treated simply as a front-end application opportunity. “For me, it's an infrastructure game,” says Muthukrishnan. The ability to observe, secure, manage and respond to AI-driven systems at machine scale becomes essential. The conversation reflects a larger shift in the contact center and customer experience market. AI is no longer just a tool for routing calls, answering routine questions or assisting agents. It is becoming a new operating layer for customer engagement. That creates major opportunities for better service, faster resolution and more personalized interactions. But it also raises new questions about trust, governance, data access and operational control. For Cisco Partners, MSPs and enterprise teams, that changes the conversation. The question is not simply how to add AI to the contact center. The question is how to build a secure, observable and trusted CX environment where AI can operate safely and effectively. Muthukrishnan's message is that Webex Customer Experience is positioned at that intersection. CX is where the promise of AI meets the expectations of real customers. It is also where enterprises will need to prove that autonomous systems can be useful, secure and trusted. In this podcast, Muthukrishnan outlines how Cisco Webex is approaching that challenge and why trusted customer engagement may become one of the defining measures of success in the AI era. Learn more at: https://www.webex.com/contact-center.html

Book a Game Plan Call: https://bit.ly/3Neh4huAI is changing real estate fast, but the biggest mistake agents can make is using AI to become less human.In this video, I'm breaking down why AI will not save lazy real estate agents, how automation can quietly damage past-client relationships, and why the future belongs to agents who use AI to become more present, more prepared, and more valuable — not more absent.Consumers are already using AI to search for homes, compare neighborhoods, analyze market data, and ask better questions before they ever speak to an agent. But that does not mean they want real estate agents to disappear. In fact, as AI becomes more common in the homebuying and selling process, human trust, judgment, compliance, and relationship-building become even more important.The mistake I'm seeing successful agents make right now is getting stuck in the build phase. They are spending hours building AI tools, Claude Code projects, automations, CRM scrapers, bots, and “set it and forget it” lead conversion systems — while their past clients and warm pipeline sit untouched.AI should help agents save time. But that time should be reinvested into relationships, strategic conversations, client care, and personal life — not just more automations.In this video, I cover:Why consumers may use AI but still want human guidanceWhy AI should not replace relationship-buildingThe danger of automating past-client touchesWhy CRM data, client notes, and PII require serious privacy and compliance standardsWhy agents should use AI to make their team better, not immediately cheaperWhy the future agent needs to be the human in the loopHow Prop AI is being built to help agents use AI professionally, ethically, and in relationshipAI can help real estate agents become faster, more organized, and more efficient. But if agents use AI to outsource trust, ignore their database, replace human judgment, or hide from uncomfortable client conversations, they are making themselves easier to replace.The future does not belong to the agent who automates the most.It belongs to the agent who uses AI to become the most valuable human in the room.If you are trying to figure out what AI should actually look like in your real estate business, book a Game Plan call below. We will look at your database, pipeline, team, client experience, and relationship strategy to identify where AI can save you time without removing you from the moments that matter.

In this episode of Cents Chat, Kitty and Chris sit down with Sean Ogden, Co-Founder of GiveTech, to talk about one of the least glamorous but most important parts of payments: merchant onboarding. GiveTech's mission is to make giving so simple it can happen at a stoplight, but that kind of frictionless donation experience only works if the platform also has strong controls behind the scenes. The team digs into how GiveTech replaced clunky PDFs, DocuSigns, and awkward PII collection with a branded, mobile-first onboarding workflow that feels simple for customers while supporting underwriting, KYC, and fraud prevention.The conversation also looks at why onboarding has become a bigger responsibility for ISVs and platforms. With card-network monitoring expectations increasing, fintech regulation shifting, and donation platforms becoming attractive targets for fraudsters, getting merchants live is no longer just an administrative step. It is the front door to trust, risk, compliance, and money movement. GiveTech's story shows how better onboarding can reduce sales friction, protect sensitive information, validate identities, and help legitimate organizations start accepting donations faster without making the platform easier for bad actors to exploit.

Don Ho is the Co-founder and CEO of Kaizen AI Lab, where he helps mid-market businesses implement practical AI systems with built-in governance and measurable ROI. Under his leadership, Kaizen AI Lab has helped clients replace expensive, legacy software systems — such as a $300,000-per-year enterprise tool — with custom AI-driven solutions in a matter of weeks, while ensuring rigorous cybersecurity and compliance standards. Don is a recovering attorney, a former tea and coffee shop entrepreneur, and an early adopter of emerging technologies, having successfully navigated industries from retail to law to AI. In this episode… Companies do not always need another bloated software renewal to solve a recurring operational problem. Sometimes the bigger opportunity is asking what AI can rebuild, streamline, or replace entirely, but how far can that really go? For Don Ho, the answer is that AI is already practical enough to replace major enterprise tools when it is applied with the right strategy, governance, and technical oversight. Drawing from his experience as an attorney turned AI solutions builder, Don explains how his team helped a client replicate a $300,000-per-year software system in about five weeks while accounting for cybersecurity, PII, HIPAA concerns, and penetration testing. His perspective shows that AI is no longer just a productivity add-on; it can become a serious business infrastructure decision when leaders understand both the promise and the risks. Tune in to this episode of the Smart Business Revolution Podcast as John Corcoran interviews Don Ho, Co-founder and CEO of Kaizen AI Lab, about replacing expensive software with practical AI solutions. Don talks about building a $300K software alternative, using AI agents for implementation, and setting realistic expectations around AI adoption. He also shares advice on governance, compliance, and choosing the right use cases.

In this special episode of the Independent Dealer Podcast, recorded live on location at Buy Here Pay Here United 2026, Jeff Watson and Luke Godwin flip the script with a first-of-its-kind vendor panel. Instead of the traditional dealer open forum, six of the industry's top service providers take the stage to share what they see from their side of the glass — the blind spots, pain points, and opportunities that dealers are missing right now. Featuring Steve Levine (Ignite Dealer Compliance Group), Mike Downey (Auto Master Systems), Bill Neylan (Tax Max), Jason Gosnell (Buckeye Risk Services), Ariad Sommer (Ituran USA), and Terry MacCauley (Big Time Advertising), this panel pulls back the curtain on AI, automation, compliance, disaster planning, parts sourcing, and where the BHPH industry is headed next.What You'll Learn:-Why AI in your dealership can be a compliance time bomb — and why every store needs a written AI policy-How dealers are "doing more with less" using data warehouses (BigQuery, Snowflake) instead of dumping PII into ChatGPT-The heated debate over AI replacing employees — and why some 40-year dealers refuse to use it at all-Why most dealers have NO contingency plan to operate when an ice storm, hurricane, or outage shuts the doors during tax season-The backup systems every dealer needs: power, internet (Starlink), VOIP phones, and remote-ready staff-How starter interrupt and GPS integration can collect a late payment automatically — without you ever picking up the phone-Why you're probably paying for features your current vendors already offer but never turned on-How automotive recyclers became the "Amazon fulfillment center" of parts — and how it's lowering recon costs-The massive shift in search: customers now treat Google like ChatGPT, and organic traffic is down 20–30%-How to get your dealership to show up in AI Overviews (and why the top 10% of your website is everything)-What vendors wish dealers would do: communicate your pain points, stop ghosting, and never cancel over cost alone-Where six industry insiders see Buy Here Pay Here heading over the next 10 yearsIf you're a buy here pay here or independent dealer trying to navigate AI, automation, compliance, and an industry that's changing faster than ever, this vendor panel is packed with insider perspective you won't hear anywhere else. These are the people who touch hundreds of dealers every month — and they're telling you exactly what's working, what's coming, and what's quietly costing you money.Support the businesses that support the podcast:Buckeye Risk Services - Reinsurance and wealth strategies for independent dealers. https://theindependentdealer.com/buckeyeBlytz - BHPH payment processing with fast funding and text-to-pay. https://theindependentdealer.com/blytzpayIturan GPS - Asset protection and customer management for BHPH and retail dealers. https://theindependentdealer.com/ituranFollow & Connect:Website: www.theindependentdealer.comFacebook Group: @independentautogroupLuke Godwin: @lukegodwinJeff Watson: /sendtojeffwLike, subscribe, and share this with a dealer who needs to hear it.

Take the 2026 AI Engineering Survey and get >$2k in credits and AIE WF tickets!This was recorded before Railway suffered a major GCP outage on May 19, despite being a multi-AZ, multi-zone mesh ring, with HA fiber interconnects between their Metal GCP AWS, because workload discoverability was unintentionally still tied to GCP. All has been resolved with a post-mortem.Railway did not start as an AI infrastructure company.It was founded in 2020 years before agents became the default way people thought about deploying software. Jake Cooper, formerly at Bloomberg and Uber, started Railway with a simple obsession: the activation energy to ship something to production should be near zero. Push code, get a URL, iterate. No Docker files, no Kubernetes manifests, no Ansible scripts stacked on Ansible scripts.For years, this was a slow grind. Railway spent its first 18 months hand-acquiring its first 100 users with Jake personally greeting every Discord signup on a second monitor.Today, Railway has raised $124m and is growing very fast. A 35-person team supports 3 million users, adding roughly 100,000 signups a week. Their bare metal data centers have a 3-month payback period vs. renting in the cloud, with 70% margins funding aggressive cloud bursting when needed. The servers they own have actually appreciated in value as RAM prices have climbed basically meaning the value of their hardware now exceeds the capital they've raised.From rebuilding Railway's network overlay over a weekend to moving the vast majority of workloads onto its own bare metal data centers, Jake Cooper is trying to build a new cloud for an agent-native world. In this episode, Railway's founder and “conductor” joins swyx and Alessio to unpack why the next era of software infrastructure is not just “Heroku but newer,” what agents need that humans did not, and why the old deployment loop of Git, PRs, CI/CD, and static cloud resources may be heading for a rewrite.We go deep on Railway's infrastructure stack: own-metal data centers, three-month cloud payback periods, cloud bursting, data center debt, Railpack, Nixpacks, Temporal, feature flags, Central Station, content-addressable filesystems, agent-safe production forks, and why the CLI may become more important than the canvas in an agent world. Jake also shares the founder journey behind Railway, how the company survived losing $500K/month, why it now serves millions of users with only 35 people, and why he believes the pull request is dying.We discuss:* How Railway went from a slow six-year grind to adding 100,000 users a week* How Railway thinks about agents as the next dominant software species* Why agents need version control, observability, compute, storage, and orchestration at 1000x scale* The economics of Railway's own-metal data centers and three-month payback* How Railway uses cloud bursting while scaling its own infrastructure* Why data center debt can be a better tool than venture debt for infra startups* Central Station, Railway's internal system for clustering customer feedback and incidents* Why responsible disclosure and over-communication matter for platforms* Why feature flags, progressive rollouts, and shadow traffic are essential for agents* Temporal's strengths, pain points, and why workflows matter for agents* Railpack, Nixpacks, Nix, and lazy-loaded content-addressable filesystems* Why “cattle, not pets” may change if you can clone the pets* Why Railway is building a new cloud from scratch instead of copying hyperscalers* The solo founder path, focus, writing, and how Jake thinks about company buildingRailway:* Website: https://railway.com/* X: https://x.com/RailwayJake Cooper:* LinkedIn: https://www.linkedin.com/in/thejakecooper/* X: https://x.com/JustJakeTimestamps00:00:00 Introduction: What Is Railway?00:02:07 Jake's Path to Railway00:06:13 Railway's Six-Year Growth Story00:08:52 Rebuilding the Business After the Free Tier00:11:17 Agents as the Next Software Platform00:13:29 Railway's Infrastructure Philosophy00:15:42 Bare Metal, Cloud Economics, and the Compute Crunch00:17:22 Cloud Bursting and Five-Cloud Networking00:20:20 Data Center Debt and Infra Financing00:23:31 Data Centers in Space00:25:24 What Agents Need From Infrastructure00:28:24 CLIs, Canvas, and Agent-Native UX00:35:15 Central Station, Incidents, and Responsible Disclosure00:40:30 Safe Rollouts, SRE Agents, and Production Forks00:45:00 AI SRE, Specs, Code, and Tests00:48:24 Self-Replicating Infrastructure and the New Serverless00:53:18 Heroku, Temporal, and Workflow Engines01:04:07 Railpack, Nixpacks, and Lazy-Loaded Filesystems01:06:01 Coding Agents, Token Spend, and Roadmap Acceleration01:10:56 The Pull Request Is Dying01:12:28 Feature Flags and the Agent-Era SDLC01:16:15 Cattle, Pets, and Cloning Machines01:19:29 Solo Founder Lessons01:24:12 Focus, GPUs, and Building a New Cloud01:28:20 Closing ThoughtsTranscriptAlessio [00:00:00]: Hey, everyone. Welcome to the Latent Space Podcast. This is Alessio, founder of Kernel Labs, and I'm joined by Swyx, editor of Latent Space.Swyx [00:00:10]: Hey, hey, hey. Today we're in the studio with Jake Cooper of Railway.Alessio [00:00:14]: Conductor of Railway.Swyx [00:00:15]: Conductor at Railway. Yeah.Alessio [00:00:16]: Choo-choo.Swyx [00:00:17]: Do you actually have that anywhere, like on your business card?Jake [00:00:20]: We call some of our volunteer moderators conductors. I don't have a business card. We're not that big yet. At some point I will. I got handed a nice business card from the Supermicro folks, and I was like, “Damn, this is pretty official.”Swyx [00:00:30]: Business cards are coming back.Jake [00:00:32]: They're cool. They're hip. The conductor thing is good. We're trying to figure out what we want to call each other internally. Some people think it's super cringe and say, “You don't need a name for people internally.” Some people want to call each other something. We still don't have a really good one.Jake [00:00:55]: We've got New Railcrews, Trainiacs. Nothing has stuck yet.Swyx [00:01:00]: I like Trainiac. Trainiac sounds good. Railwayians. For those who don't know, what is Railway? Let's give people a crisp definition up front.Jake [00:01:09]: Railway is the easiest way to ship anything. You go to the canvas, or you talk with Claude, and you say, “Deploy a Postgres instance, deploy my GitHub repository, run this code,” and you're off to the races.Swyx [00:01:22]: You've got a nice animation on the landing page.Jake [00:01:24]: Thank you. None of my work, by the way. They don't let me touch the design stuff anymore.Jake [00:01:25]: We want to make it trivially easy not just to deploy things, but to evolve applications over time. Most tooling right now stacks entropy on top of entropy: Docker, Kubernetes, Ansible scripts, and all these other things. If we can version all of your software and keep track of all the changes, then we can make it trivial to clone environments, fork into a parallel universe, get copies of production data, get copies of any services, make changes, validate them, and collapse them back in without reproducing everything across a staging environment.The Railway Origin Story: From Uber Systems to a New CloudSwyx [00:02:07]: I was looking at your background: Bloomberg, Uber. Nothing immediately stands out as, “This guy is going to found the next great platform as a service.” What prepared you for Railway?Jake [00:02:21]: It was curiosity to keep going deeper. I started out on front-end stuff, working on Wolfram Mathematica and porting it over. Then I briefly moved to Bloomberg, then toward Uber and distributed systems, taking the Jump Bikes systems and moving them to a distributed system built on top of Cadence, the pre-Temporal Temporal.Swyx [00:02:44]: Which, by the way, I'm happy to talk about, pros and cons.Jake [00:02:48]: Totally.Swyx [00:02:51]: But let's do the Railway story.Jake [00:02:52]: It has been a continual step of wanting an experience. Whether it's walking up to a bike, unlocking it, and having it work frictionlessly, or something else, the depth required to make that happen follows from the experience. A lot of the work I do, and a lot of the team does, is in service of that experience. We fundamentally don't care how deep we have to go. We will swim to the bottom of the swimming pool to get the experience.Jake [00:03:17]: I don't have a physics PhD. I did an EECS degree. It has always been about figuring out the next step: how do we get there? That's what led to starting Railway for that experience and then moving all the way to bare metal data centers. I was adding patches to the kernel this week to get the experience there because I can see how much better it can be.Swyx [00:03:49]: Other patches to the Linux kernel this week?Jake [00:03:51]: Yeah. Not upstream. Our fork.Swyx [00:03:52]: That's a flex. Railpack? No, this is different. This is the OS on top of Railpack?Jake [00:03:57]: No, this is an actual kernel patch. It's always literally: what do we have to do to get that experience? Then figure it out. Anything is figureoutable.Swyx [00:04:10]: Would you send the patch upstream, or does it not fit other use cases?Jake [00:04:13]: Maybe. We have to work out the experience internally. It has to do with the storage layer we're building for some of the agentic stuff. Maybe it'll be useful upstream, but it's deeply useful for us internally.Open Source, Forks, and Non-Deterministic VersioningSwyx [00:04:29]: You mentioned open source before. How do you think about starting from open source, and then coding agents letting you do a lot more from forks of it?Jake [00:04:38]: GitHub's original sin is that it's almost a series of broken pointers. You have this thing, then you clone it, and now you've lost the whole upstream. How do we make it trivial for people to modify really small pieces of it?Jake [00:04:51]: We think of Git in a discrete sense: I've either made a change and merged upstream, or I haven't. What would it look like if it were percentage-based, a little more non-deterministic, or a stream of changes that users traverse as a percentage rolled out in general and then rolled all the way up?Jake [00:05:13]: We have the open-source kickback program and let you deploy templates because we want to make it trivial for people to version these shards over time. It solves a large problem around authentication, authorization, and security. NPM has a way to define, “Don't take any new packages.” The ideal end state is that you roll out progressively to users with the minimum impact zone and continue rolling up. JPMorgan should probably be the last one on the patch line, for all our sakes, because our money and livelihoods are there.Jake [00:05:53]: It's okay if Johnny Vibe Coder gets a broken patch because there's so much entropy in the system that the rubber has to meet the road at some point. You have to test at varying levels.The Long Grind: First Users, Free Tier, and Making the Business WorkSwyx [00:06:13]: I wanted to pull up this glorious chart, which is your usage or number of daily signups?Jake [00:06:22]: Daily signups, I think.Swyx [00:06:24]: You started six years ago. It was a slow grind, and now you're on a rocket ship. You say, “Don't doubt your fight and don't quit.” Maybe pick out certain points that were key inflections for the company.Jake [00:06:40]: At the start, it's about getting your first 100 users, hell or high water. We had a website and a support link. The support link was the Discord channel. I had notifications on with two monitors: the monitor I was working on and the other monitor with Discord. If anybody came in, I was immediately like, “Hey, how's it going?” It was rare, so getting those first 100 users to come back was the start.Jake [00:07:14]: Then you build a consultancy factory because users want all these things. You have to go back to the board and ask, “What is the actual product offering I want to build on top of this?”Jake [00:07:28]: VCs want charts that always go up and to the right, but in reality you don't necessarily want charts that look like that. For us, there have been periods of expansion where we add features to test use cases, and periods of compaction where we ask, “If the experience we have is good, how do we make it significantly better?” Maybe we strip out features that don't fit our ICP anymore.Jake [00:07:57]: The boom from 2022 to 2023 came from the free tier. Everybody under the sun was using it.Swyx [00:08:09]: A lot of Reddit bots and Discord bots.Jake [00:08:12]: And crypto miners. When you build an open product on the internet where anybody can sign up, the internet is a horrible place with so many things. You go through periods of asking, “How do I reach as many people as possible?” Then, “How do I fit the exact use case for the people who really matter and are really excited about this specific thing?”Jake [00:08:39]: Then there was a two-year period of making the actual business work. During the free-tier era, we were losing about half a million dollars a month.Swyx [00:08:59]: On a $20 million bank account.Jake [00:09:02]: On a $20 million bank account with maybe $50,000 a month in revenue. That's a horrible business. I don't know how anybody invested. But you have to go through it and say, “We have an experience people love, but the business has to work.”Jake [00:09:17]: There are two schools of thought. You can run the horrible business all the way up with bad margins, or you can go back and make it work. We've always wanted a super lean team. We're 35 people right now. It's very small.Swyx [00:09:36]: Supporting three million already?Jake [00:09:38]: Yeah. We're adding 100,000 users a week right now, so it's growing fast. We don't want to add headcount for the sake of headcount or throw bodies at problems. We want to build systems. It's hard to build systems during expansion because you're adding things to the system because people are asking for them or things are breaking.Jake [00:10:00]: We had to cut off the free users for a little while, rebuild the business, and make sure it worked. We want to reach as many people as possible because software is important. It's become difficult to create things in the physical world, so it's important to make it easy for people to build in the virtual world and have access to creation. But there are legs to that journey.Jake [00:10:30]: You can see divots in the charts. If you follow between 2025 and 2026, it's either summer or winter. People go on holiday with family.Swyx [00:10:50]: It affects that much?Jake [00:10:51]: Yeah. It's kind of B2C and kind of B2B. People are shipping constantly, then they stop. Our activation curve now shows more people activating on weekdays because we have more business users, so it smooths out over time.Agents as the New Interface to DeploymentSwyx [00:11:17]: Was there a point where you started prioritizing AI development or agent development?Jake [00:11:24]: We've prioritized agentic as a top-of-funnel thing. Over the last six months, we've deeply prioritized agentic as a mechanism to build and deploy things because we believe the curve is so steep and that is how people will build and deploy software.Jake [00:11:42]: It almost fundamentally doesn't matter whether this is dot-com or not because we're all on the internet anyway. If agents are going to deploy a bunch of things and we hit an inference wall at some point, we'll fix those problems. The dominant species over the next 10 years is that we've moved from assembly to C to C++ to JavaScript to words. You're going to need to close that loop.Swyx [00:12:13]: When you say this is dot-com, did you mean buying the domain, or the general case?Jake [00:12:17]: I mean the dot-com era, when companies had a huge run-up because people understood the internet was important. Then they hit bottlenecks, fundamental laws of physics, math didn't work, and everybody came back down to earth. But it didn't matter because the internet became so impactful. If you operate on a long enough time horizon, you should build these things anyway because you can see where it's going.Jake [00:12:45]: That's where I think a lot of agent stuff is. You get to a point where you're running thousands of agents in parallel. What is the inference cost? What is the compute cost? How do you make that efficient? How do you coordinate all this? We have issues coordinating humans; we don't even have good tooling for that. Now we have to figure out how to get agents to coordinate, safely version changes, and know when to raise their hand for someone to intervene. Otherwise it becomes an interrupt factory.Railway's Infrastructure Thesis: Network, Compute, Storage, and MetalSwyx [00:13:19]: Let's go right into the technical side. What are the core infrastructure or architectural beliefs of Railway that allow you to do what you do?Jake [00:13:29]: The primitives matter a lot for us. We need network, compute, storage, and orchestration around it. You need control over a lot of those things. We've talked a lot about how we don't really use Kubernetes because we want higher-order control to place workloads in very specific places.Jake [00:13:48]: The reason is that you have to be very efficient with agents: memory reuse and all these other things, or you're going to massively blow up your cost structure. Being able to rack and stack your own servers and build your own metal unlocks performance and cost. Experiences where you're running 1,000 agents in parallel are not massively cost prohibitive.Jake [00:14:13]: Token use and compute use are blowing up. Over time, those things have to get a lot more efficient. You can get a lot of margin to make those experiences solid by building your own metal. That's all in service of offering a differentiated experience to as many people as humanly possible.Swyx [00:14:51]: You have a data center in Singapore.Jake [00:14:53]: Yeah. We have two in every other region now. In Singapore, we're adding a second one in Q3.Swyx [00:14:58]: What's it like? I've never built a data center. Do you go to Equinix and say, “I want some slots?”Jake [00:15:05]: Yeah. Equinix. You basically go and say, “I want power and I want a cage.” They say, “Great, here's what it's going to be.” You rent the cage for a period of time, fill it with racks and servers, and hook up internet to it. That's all the pieces.Swyx [00:15:36]: Then you handle everything else.Jake [00:15:37]: You handle everything else.Swyx [00:15:39]: What's the math versus clouds doing it for you?Jake [00:15:43]: If we rented in the cloud, our payback period when we go to metal is about three months.Swyx [00:15:50]: Which is crazy.Jake [00:15:51]: It's nuts. That's four years of depreciated hardware. You're going to see a lot of this compute crunch because hyperscalers are buying up a lot of stuff. We're working directly with OEMs, resellers, and people building these machines: Supermicro, Dell, and others.Jake [00:16:11]: Upstream, there's a bunch of supply pressure. When we raised our last round, between deploying capital for servers and now, the amount of money we've raised is less than the amount of money we have in the bank plus the value of the servers because the servers have appreciated as RAM has gone up. It's nuts how valuable hardware has become.Jake [00:16:50]: If you look at hyperscalers, they deployed around $80 billion of capital expenditures this year, and next year will be more. That's a massive infrastructure build-out. You look at that and think it's crazy that they're spending way more than the Manhattan Project. But if every person is going to run dozens or hundreds of agents in parallel, you have no conceptual idea how much compute is required to make that experience happen, even if you're deeply efficient and sharing resources. And that doesn't even count inference.Swyx [00:17:22]: How do you plan the build-out? The growth chart is so vertical. Are you usually at 100% utilization as soon as racks are live? How far ahead are you planning?Jake [00:17:33]: We still maintain cloud presence for bursting. We work with AWS, GCP, and a few other clouds. We can rent, and then the moment we get space or power, we compact those workloads off the cloud. We started on the clouds, then built a system to migrate to our own metal. There's nothing that says you can't continually do that again, and that's exactly what we do. We never want to be compute constrained.Jake [00:18:09]: At the start of the year, we actually became compute constrained because one upstream provider wasn't able to give us quota at the rate we needed, and the hardware was slower. I spent a weekend rebuilding our entire network overlay so we could straddle five clouds: Oracle, AWS, ourselves, GCP, and one other one. We can do more than that now.Jake [00:18:38]: We got into a spot where we were trying to pack instances tight because we couldn't get enough compute. That led to a few reliability issues, which are now past us. I made a tweet pointing out that it's becoming harder and harder to acquire compute at the rate these models need to acquire compute. We got bit by it.Swyx [00:19:15]: How do you think about pricing knowing you might not have your own metal available at all times? Are you pricing assuming you need extra margin if you end up going into the cloud?Jake [00:19:26]: Because we've built out our metal data centers, our margins on metal are around 70%. We can deeply subsidize the cloud business if we want to scale at a reasonable rate. We have a few levers: metal, which makes the margins; cloud burst; debt to buy servers; and venture capital. It's an interesting operational problem: how much cash do we have, how much should we raise, how quickly can we deploy it, and can we scale revenue as quickly as we scale compute?Jake [00:20:05]: If we continue making it trivially easy for people to build and deploy, then the faster we close that loop and the more operationally excellent we are with capital, the faster the business can scale. It's almost a straight linear deployment rate.Financing Infrastructure: Hardware Debt, VC, and Operational LeverageSwyx [00:20:20]: I think infra startups raising debt is a tool people don't utilize enough or know enough about. What can you tell us about that? Is it secured against your CPUs?Jake [00:20:32]: It's secured against our hardware.Swyx [00:20:37]: What rates do you get? Who are the lenders?Jake [00:20:39]: We pay prime plus a spread, and we can refinance any of the debt as rates go down. The terms are pretty good. The unfortunate thing is that Twitter has no nuance, so people say, “Venture debt bad.” But as with all things, there are specific tools and areas where you can be deliberate instead of using one tool as a hammer. Venture capital is not the hammer for everything. You have to explore and figure out what works.Swyx [00:21:12]: VC is usually the most expensive financing you can get.Jake [00:21:15]: Yeah. I also think people think about VC incorrectly from a capital-raising perspective. Most people think, “How do I raise as much money as possible from whoever is probably the best I can get at that time?” That's close to right, but what we've tried to do is figure out what unfair advantage we can buy with that equity.Jake [00:21:34]: It's the most expensive equity you're going to give away at that point in time, assuming the company keeps getting better. How do you use it to work with someone stellar who complements you? In the seed stage, I had never started a company. Ray Tonsing had good advice, and I could text him all the time. He was really fast. Awesome.Jake [00:22:01]: Then with John and Erica at Unusual, they said, “You roughly know what you're doing building a product. We'll mostly leave you alone and be available for advice.” Amazing. Then we got to Series A and the business was an operational tire fire because we didn't know how to scale a business. Work with Erica, and Jordan is over at Redpoint, so bonus.Jake [00:22:28]: Now we've raised from TQ and FPV as we're moving into enterprises. Every step of the way, we've asked: who can we partner with at this specific time to unlock the next section of the journey? I don't know enterprise sales. As an engineer, I can eyeball what features we might need, and we have wonderful people internally who can help. But you want boardroom dynamics where everyone is aligned and asking, “How do we win this?” instead of bickering about strategy.Data Centers in Space and the Physics of ComputeSwyx [00:23:31]: You had a tweet about data centers in space. Why no data centers in space?Jake [00:23:37]: It's not “no data centers in space.” My hot take is that I think it is solvable. I've just never seen anybody solve it.Swyx [00:23:49]: You said, “How are you going to dissipate that much heat in a vacuum?” You're making a physics claim.Jake [00:23:55]: I haven't seen anybody prove how you're going to dissipate that much heat in a vacuum. It doesn't mean it's not possible. It just means nobody has brought it up yet.Swyx [00:24:05]: Astrophage.Jake [00:24:06]: I don't know what that is.Swyx [00:24:07]: The Martian thing. Okay, you're very logical.Jake [00:24:09]: It could work. A lot of people are putting the cart before the horse. They say, “We're going to put data centers in space.” Okay, but how? “We have time to figure it out.” It's like in The Martian where they ask how they're going to intercept something and say, “We'll figure it out.”Swyx [00:24:36]: Making a bet on human invention is weird because you blind trust that it can be solved. But with physics, there are first-principles bounds you can put on it. Maybe not. Maybe you're asking to travel time or break a fundamental thermodynamic law.Jake [00:24:57]: I don't know how VCs do this either. How do you know what's not possible and a grift versus what's possible but sounds completely insane? “We're going to put data centers in space.” Coin flip as to which it is, and I guess you'll know in 10 years. That's one cycle.What Agents Need: Versioning, Observability, and 1,000x ScaleSwyx [00:25:23]: Moving back to agents. The branching, fast spin-up, and orchestration you do feels like pre-work that happened to be exactly what agents want. What do agents want differently than humans?Jake [00:25:37]: They want the ability to version things. It's not that different; it materializes slightly differently. Agents want a way to test changes incrementally. Engineers have feature flags. Is there a reason agents can't use feature flags? I don't think so.Jake [00:25:54]: They want version control. Can we use Git or not Git? That one is up in the air. I think something outside Git will emerge for how we version these things over time. They need observability. You need to query what happened, when it happened, which steps failed, traces, logs, metrics, and all the rest. They need network, compute, and storage. They need to write files, save files, iterate on files, and snapshot file systems.Jake [00:26:25]: A lot of what humans needed is in line with what agents need. Branching and forking are not different; we're just moving 1,000 times quicker. It can look like you need something massively different, but what you need is something massively better than what existed. You need orchestration massively better than Kubernetes. You need networking probably better than Envoy. It goes all the way down the stack.Jake [00:26:55]: If the workload profile doesn't change so much as it gets massively compressed because you need thousands of these things, what assumptions change? etcd is going to melt. You need to replace it with something. You can go all the way down the stack and say, “That part has to change, that part has to change, and that part has to change.”Jake [00:27:19]: The interesting thing about the super-exponential curve is that you have to build systems where you can rip out those parts at any time because a new bottleneck might emerge. You get good at parallel agents, and a different part of the system breaks. So it's similar to what humans needed, but at 1,000x scale.Jake [00:27:55]: How do you do code review in the age of agents?Swyx [00:28:00]: You throw more agents at it.Jake [00:28:01]: You don't. But then who reviews for CVEs and all these other things?Swyx [00:28:07]: More agents.Jake [00:28:08]: And that's how we hit the inference wall. You can continually throw agents at the problem, but I think there's a limit to the number of agents you can throw at a problem.CLI, Agent Handles, and Closing the LoopSwyx [00:28:24]: You already had a CLI before it was cool. How is the shape of what you're exposing changing, if at all?Jake [00:28:28]: CLIs have always been cool. The CLI changes because we think about how to give Claude, Codex, ChatGPT, or any model a handhold.Jake [00:28:50]: A CLI is a single command: deploy, get logs, and so on. Things that were prohibitively annoying to humans are not annoying to agents. They're nice. If I handed you a CLI with 40 arguments and 600 flags, you'd think, “I'm never going to use all of this.” But if you hand it to an agent, it says, “This is excellent. I have so many handles to work with.”Jake [00:29:24]: If you're going to expose things to agents that way, you want as many handles as possible where they can get information, query dynamic information, and close the loop quickly. Most problems right now are about how to close the loop as quickly as possible. Where does the agent get stuck, and how can you remove that?Jake [00:29:49]: Telemetry is important. If you can tell where the agent gets stuck from the CLI and say, “12% of people deviate from the happy path because of this, and now I add this argument and drive it down to 2%,” you massively increase the rate of loop closure.Jake [00:30:03]: That's how we think about not just the CLI, but every point in the dashboard. It's a user journey: I hear about Railway. I get something deployed. I get my first green build or aha moment. I see an endpoint, logs, whatever. Then I iterate. The iteration loop is indefinite. The user wants to deploy a new thing, a Postgres instance, change code, and keep iterating.Jake [00:30:36]: If you focus on the iteration loops and what's blocking them from closing quickly, one thing we say internally is: you never want to be waiting on compute anymore. You always want to be waiting on intelligence. If you're waiting on compute, there's a bottleneck that needs to be destroyed because eventually that bottleneck becomes so large that another workflow emerges to change it.Jake [00:31:04]: We've built a product where you push code, build it, and so on. But I fundamentally believe the push-pull loop is going away. We'll get to a point where you make a small change in production, that change is versioned across your infrastructure, you're working alongside copy-on-write versions of your database and infrastructure, and then you merge it in and it's instantaneously live. That's the holy grail of loops. The push-pull-rebuild thing is a point of friction that we're removing entirely.Canvas as Output: Dashboards, Context Anchors, and HyperstructuresSwyx [00:31:43]: It's incredibly fast. If anyone hasn't tried it, that fast feedback is great. My hot take is that Railway was famous for its canvas, which visualizes your infrastructure and lets you manipulate it visually. But that was for humans. For the next phase of growth, Railway CLI is more important than canvas.Jake [00:32:05]: The canvas is funny because it's a mechanism to show changes over time. You're right that previously we used it a lot as an input. Moving forward, its goal is more like an output. You would go to the canvas, make changes, see them, and watch your infrastructure evolve. Now agents have access to the CLI and can make those changes. So the canvas becomes an output: what information does the human need at this moment to make suitable decisions about control requests? Do I approve this or not?Jake [00:32:57]: It also has to be an anchor for your context, a port in the storm. Think of it like layers in a file system. You start with a project, then drill down into services, then into a function or code, because you want to represent the entire thing not just in your head, but in the canvas. Other people can share that representation, think on the same wavelength, and move quickly.Jake [00:33:33]: A lot of organizations get in trouble as they scale because all the context lives in someone's head. “How does this microservice work?” “I have no idea; go ask this person.” Then you have whole categories of products built around context discovery. A lot of that melts away if you have a solid hierarchy and can infinitely nest services, code, context, and everything else all the way down. That's what lets you build these structures over time.Jake [00:34:18]: It's also what lets us build what I've called hyperstructures: things that are way bigger. You look at the Golden Gate Bridge and ask, “How did we build that?” There's a meme that we lost the technology. To some extent, yes, because the coordination that built those things evolved and changed. We lost some of the art of building structure as we jammed everything into Slack.Swyx [00:34:52]: But you jam everything in Discord.Jake [00:34:53]: Same point. It doesn't matter. It's message passing and interrupts, message passing and interrupts.Swyx [00:35:00]: So you're arguing there should be something better and more structured than Slack?Jake [00:35:04]: Yeah. For sure. I think Slack is awful, and Discord is awful too.Central Station: Context Routing, Support, and Incident ClustersSwyx [00:35:09]: This is the equivalent of my mom test. What have you done that has your solution to this?Jake [00:35:15]: Internally, we've built a tool called Central Station that aggregates all the context from our users. Every piece of feedback, every customer support item, everything gets aggregated into clusters. If an incident is brewing, we can determine how many users are affected and break off a discussion based on that.Jake [00:35:40]: That is more helpful than long-running channels where you're trying to decide which channel to put something in. If you can dynamically aggregate information and dynamically route it to the right person based on context, it works better. We know internally that these four people are close to networking. If we see a networking thing, we can drill it down to those four people. If it's with this part, we can look at the commits. This is no longer a manual process internally.Jake [00:36:13]: If you go to station or help.railway.com, that's why we built it. We wanted to scale with a massive amount of leverage by aggregating feedback.Swyx [00:36:27]: This is built in-house?Jake [00:36:28]: Yep.Swyx [00:36:29]: I remember helping out on this one with Angelo in 2023. You scale a lot with a very small team.Jake [00:36:38]: Yeah. We're about 10 times bigger now.Swyx [00:36:40]: You have your full developer code here? Very cool.Jake [00:36:44]: If you go to railway.com/stats, we expose this as a pub-sub-able thing. It's all real-time metrics. There's a way to get it as JSON somewhere if you care.Jake [00:37:01]: We're big on trying to build everything in public and talk about what we're working on. We've had issues in the past, and we'll say, “Here's how we're fixing these things.” We've gotten compliments and flak for incident reports. We're always trying to make them better and talk with people.Incidents, Disclosure, and Progressive RolloutsSwyx [00:37:20]: You had a big one recently. I liked that it was scoped to 3,000. You presumably used Central Station. Talk through what happened and how you address it internally as a team.Jake [00:37:38]: Internally, this one really sucked. It had to do with an upstream provider that didn't do the behavior it said it documented, which is unfortunate given they wrote the RFC for how the behavior should work. We rolled those things out, and Central Station caught it initially when a couple users said caches weren't invalidating. We turned it off immediately.Jake [00:38:03]: When you roll out to a large user base of three million people, you get a lot of disparate behaviors. We tested in staging and had tests, but we hit an edge case. We've hardened those systems, and now we can make that better. But it was a tough one.Swyx [00:38:39]: I always wonder how private disclosure is supposed to work if people find an issue. Are they supposed to contact you first? When you run a platform, these things will happen. What channels should people pursue to quietly resolve it before it becomes a bigger incident?Jake [00:38:59]: There's responsible disclosure. We err on the side of over-disclosing and letting you know something is wrong versus having your provider gaslight you. We've erred on sharing those things more publicly, even if they impact a small subset of users. That's a decision we've made internally. We have four values. One is honor. The honorable thing is to notify people to the widest degree at which they may have been affected or there was an issue, and then confront it head-on: why did it happen, what can we do better?Swyx [00:39:45]: Not the whole user base. That's because of incremental rollouts and other things?Jake [00:39:50]: Yeah. Progressive rollouts.Swyx [00:39:54]: That should be the norm at all large platforms.Jake [00:39:58]: It should. A variety of companies do this. There's the quote that Meta runs 10,000 different versions of Meta. To our earlier point about agents, they need the same thing. They need shadow traffic and all these other things. We've built so much ceremony around production being sacred that we need to make it trivially easy to test different behaviors in a safe environment. Then you can make mistakes in a safe environment.Safe AI SRE: Customer Agents, Forked Environments, and Production ParityAlessio [00:40:30]: Do you see a world where these things get automatically caught, not necessarily by your agent, but by your customer's agent? The cache invalidation issue seems easy to check if you know to look for it.Jake [00:40:44]: It's hard because to determine it, we almost need to hook into your observability infrastructure. That's why we have the template loop on the platform: so you can roll things out progressively. You can roll out to Johnny Vibe Coder initially, or push a shard that someone consumes at their own leisure. Or you can roll it out over weeks: 0.1% of people, 1% of people, early adopters, then all the way up. That's the non-deterministic version control we talked about earlier.Jake [00:41:30]: I believe that's where most things should go, because most companies end up building staged rollout systems in-house. It's the same thing built again and again at every company. There's a massive opportunity to consolidate developer debt.Alessio [00:41:45]: You should have a free tier. Model providers give free tokens if you let them use the data. You could give free compute if someone is the number-one shard that goes out and lets you plug into their observability.Jake [00:41:55]: We do that. That's why we talked about the impact on 3,000 people. We start with lower-impact people. Larger companies on the platform are last to receive those rollouts so they have a version of the platform that's deeply stable.Alessio [00:42:16]: I have three services, so I'm sure I get the first rollout. You can nuke my thing at any time. There are all these SRE agent companies. Observability people also want agents that fix upstream problems. You have your own agent in the canvas now. How do you see that playing out?Jake [00:42:39]: It's the stacking entropy problem. If you don't have primitives to make iteration in production safe, it becomes difficult. If you're an observability provider saying, “Here's the fix to this error,” assume 80% are good and make sense. But in the last 20% long tail of complex issues, if you let somebody stamp it, you create an opportunity for an incident.Jake [00:43:08]: That's why forked environments are important. People have staging, but it always drifts from production. You need primitives, workflows, and experience built first-party on the platform so you can fork any service at any point in time.Jake [00:43:33]: I think of the canvas as a sheet of transparency paper. The agent is a little guy you push up into the canvas. It should say, “I need to copy that service and that service so I can test these two things.” It gets a read-only copy of production. Anything that's PII gets marked as a transform when we clone the database, create a copy-on-write version, or read from it. Then the agent makes changes and asks, “Does this actually work?” as close to production as possible.Jake [00:44:22]: That's how close you have to be, or you get massive drift. The system becomes unstable. You see this with massive systems built on Docker for local, Kubernetes for production, and a specific thing for something else. That complexity slows developers and becomes unstable at scale, making it hard to iterate. We want to compress that way down and say, “As close to prod as possible is where we want to be.”From AISRE Skeptic to Agent BelieverSwyx [00:45:00]: I was texting Erica for questions, and she says you were originally not a believer in AISRE. Have you come around on it?Jake [00:45:10]: I flipped, but I'm still not a believer in AISRE if you don't have the primitives to make it safe. If you unleash AISRE on production infrastructure without safe primitives for copying volumes and making sure things are fine, it's going to nuke your production database. It's not a matter of if, but when. I'm a big believer in making those loops safe.Jake [00:45:33]: I was a deep AI skeptic until 2023. In 2024, I thought, “Maybe I can roughly make this thing do it.” In 2025, I thought, “Now I can hold this.” Over winter break, everybody came back saying, “It's almost impossible to hold this.”Swyx [00:46:01]: Did you see this on the Claude docs? CloudBot? OpenCloud?Jake [00:46:06]: It's gotten to a point where it's harder to hold it wrong than to hold it right. There's a scene in Avengers where Vision picks up Thor's hammer and says it's terribly well-balanced. It self-balances and works well. I'm a deep believer at this point that this will be the dominant species: assembly, C, C++, JavaScript, words.Swyx [00:46:35]: It feels like a big jump.Jake [00:46:37]: It is. But it's not like you abandon CPU-based discrete logic and move straight to fuzzy logic. You need both. Your skills should call code or applications or some static structure. You can use skills to distill what the procedure should be or how the code should act.Jake [00:47:02]: I'm coming to a thesis: you need three points. You need a clear spec defining the system, the code, and the tests. When you say it out loud, if you've been in engineering long enough, you're like, “Of course. That's an RFC, tests, and code.” But they all matter. Having them together lets them reinforce each other: the spec and tests match, but the code doesn't, so reconcile it. Or the tests and code match but the spec doesn't, so reconcile that. That's the iteration loop.Jake [00:47:41]: That's why you're seeing people talk about software factories, docs, and reconciliation. Some of that is architectural astronomy if you don't implement it, but that loop is where most things will end up.Swyx [00:48:07]: For listeners, we've been talking about this on the pod for three years: the holy trinity of specs and tests. Itamar Friedman from Qodo is the reference if people want to look it up.Self-Modifying Infrastructure and the End of Push-Pull-RebuildSwyx [00:48:18]: One thing I want to mention on the OpenCloud idea is self-modification. I don't know how Railway would support it, but I have my OpenClaw, and I just tell it it has the Railway CLI and can do whatever. In theory, whatever capabilities or new infra it needs, it can call the Railway CLI, provision it, and add it to itself. The agent can modify its own infra.Jake [00:48:45]: It's nuts. I have a loop set up where you put the Railway CLI on top of something that runs on Railway. You're authenticated as whatever the current box is, and you can make any changes to it. Then you call Railway deploy, and it deploys itself.Jake [00:49:04]: It's like: “I need to spin up this instance of this environment. I already exist in this environment. Excellent, I have access to a Postgres instance now.” That's where we want to go with agentic, self-replicating infrastructure. That's your loop: iterate in production. You continue making changes. If it works, merge it upstream. If it doesn't, throw it away.Jake [00:49:37]: How do you make throwaway copies trivial to spin up and super cheap? The era of “I have an AWS instance with four vCPU and 16 gigs of RAM” is going to get destroyed. If you do that for agents, you need a thousand of those machines. It's prohibitively expensive compared with what we've spent a ton of time figuring out: the atomic unit of deploy, whether you call it isolates, sandboxes, or something else. Only pay for what you use, spin up instantaneously, and close the loop as quickly as possible.Jake [00:50:15]: If the system can self-replicate safely and say, “This is my environment, I'm making these changes,” it can come back with, “Does this look good? This is a new state of infrastructure given this prompt. I think I've solved it.” Then you go back and say, “Actually, it looks different.” It does the loop again. Then you say, “Cool. Apply.”Swyx [00:50:38]: That's retroactively obvious, which is the most useful kind. Any other comments on agent deployment on Railway?Jake [00:50:51]: It's getting better every day. I'm on X or Twitter. You can always yell at me about the parts not working as well as they should, because plenty of things should work way better.The New Serverless: Stateful, Long-Running, Pay-for-What-You-Use LinuxSwyx [00:51:04]: At this stage, when people want massively or embarrassingly parallel compute, they usually talk serverless. I feel like there's a new serverless compared to the previous five years of serverless. You're in that new bucket. Do you have comparisons or philosophical differences you want to call out?Jake [00:51:31]: It's somewhere in between. It's the ability to run stateful, long-running workflows or executions.Swyx [00:51:42]: Vercel has Fluid Compute, Cloudflare has some container thing, Google has App Runner and others.Jake [00:51:55]: That's where everything is roughly going, and it's why we've been working on this for six years. We believe users need access to a computer: a box that speaks Linux. They need to deploy what they want. Other systems change the surface area of what you can build. For us, users need a computer and need to deploy anything they truly want. That's why we've focused on the primitives: network, compute, storage. If we give you those and expose them so you can run things indefinitely, that's where we believe it's going.Jake [00:52:43]: Twitter has no nuance, so everyone says “servers” or “serverless.” It's always somewhere in the middle: I want to run it for a long time, but I don't want to provision the resource statically or pay for things I'm not using. That's been our thesis from day one: pay only for what you use, run it indefinitely, and it is full Linux.Swyx [00:53:12]: That's why I like the naming of Fluid. It's fluid. Flexible.Heroku, Focus, and Carrying the Torch Without Becoming the PastSwyx [00:53:18]: Another milestone is the Heroku official deprecation. You're one of the presumptive new Herokus. “New Heroku” has been a category for as long as I've been in developer tooling. It's finally happening. What was that like? Any behind-the-scenes of, “This is the moment”?Jake [00:53:42]: You have people where you're like, “You were running stuff on here? You, as this company?” It's crazy that names you would know are running on it and now coming to us saying, “We want to move a lot of this off.”Swyx [00:54:00]: Any behind-the-scenes on why Salesforce let Heroku stagnate?Jake [00:54:05]: I can only guess. It's hard when it's not your business. Salesforce's business is to build a great CRM. That's their focus. Then you acquire a compute business as an offshoot. A lot of early Meta people talk about focus. Boz has a write-up about how in the early days of Meta they had no money, so they were forced to focus. Then they turned on the money tree and had no reason not to split their focus.Jake [00:54:52]: But that dilutes your product. You get offshoots where you ask, “Is this the focus of the business?” If it's not core, it languishes. A lot of companies get in trouble when they split focus because they're fighting a multi-front war, not just externally but internally for alignment. Where are we going? What are we doing? What is our purpose?Jake [00:55:24]: If you're Salesforce-built and mission-driven, you want to work on Salesforce. Heroku is off to the side. It's not core to the business. Getting resources, budget, focus, and alignment internally becomes hard. It was a matter of time.Swyx [00:56:06]: Kudos for them to call it out instead of leaving it unknown.Jake [00:56:12]: Their release was a little odd. They called it out, but they didn't say they were shutting it down. Behind the scenes, I think they issued messages to people saying they should close accounts and that they were going to deprecate and remove things over time.Jake [00:56:30]: It's crazy because some of my first deployment experiences were on Heroku. You start with dragging things into an FTP server, then you try to get a deploy working, and then it's Heroku. It was the on-ramp for us. But the wheel turns. New things emerge. We're happy to carry the torch for a lot of that. But we don't want to be the new Heroku. We want to be the way people build and deploy software, and ultimately the way people monetize software over time.Swyx [00:57:19]: It's still a big crown to be the new Heroku. There are 50 companies that fought for that.Jake [00:57:23]: Everybody is holding some portion of it. We're happy to support people and companies. The platform works differently. The game loop is similar, but we've been dogmatic about where these things are going: primitives, agents, fan-out. Some things fit; some workflows need to change. We have an approximation of Heroku pipelines with the environment system. It's exciting. We've got a ton of people we can support, and it's growing a lot.Temporal, Workflow Engines, and State MachinesSwyx [00:58:12]: I have one more technical question about Temporal. I've sold my shares. You're a power user and one of our earliest customers. I met you through Temporal. You built on Temporal. You have complaints. This may be the most neutral and informed conversation anyone will hear about Temporal without someone working at the company.Jake [00:58:39]: That's fair. I've used Temporal for almost 10 years because of Cadence at Uber.Swyx [00:58:52]: Give people a sense of what Cadence was at Uber.Jake [00:58:57]: Cadence was the precursor to Temporal. It powers trip actions, rides, when you rent a Jump bike or scooter or car. You're running workflows for a period of time and saying, “This ride will run indefinitely until it finishes.” You attach information: you paused in this zone, so add this charge to the bill. When you end the trip, the workflow is done. That experience was powered by Cadence at the time.Swyx [00:59:34]: I used to say it's like programming the entire user journey top-down as one function.Jake [00:59:39]: It's a powerful idea and important. It's also important for the next phase of the agentic journey. You want an agent to do a specific task, be complete or incomplete on that task, and move on to the next thing. You need a way to manage workflows dynamically.Jake [00:59:59]: Temporal was always great in theory, and great when you got it working the way you wanted in production. But it required you to model the entire journey in your head. If you didn't, you could cause issues where replaying the state of the workflow causes non-determinism.Swyx [01:00:25]: Because it works on deterministic workflow history.Jake [01:00:28]: Exactly. I describe it as a jet engine. If you know how to operate it and run it, it's great. But you can't hand it to people trying to build complicated things if they don't have the whole state in their head.Jake [01:00:48]: We run our whole deployment pipeline on top of it. That's a reasonably complicated workflow: pre-commit hooks, signaling, queuing, and all the rest. We ran into the same thing at Uber. As you express a large workflow, it gets more complicated, with more states in the state machine that you have to map back to the workflow.Swyx [01:01:15]: It's a lot of ifs.Jake [01:01:16]: Exactly. At Uber, we built a system for doing the state machine and testing it. We've started to build some of those things here because it's grown heavily. It's not quite love-hate. When it works well, it works super well. But if someone who doesn't have full context puts something into the system that invalidates state or causes non-determinism, or spins off a ton of activities, you have to keep track of underlying SRE knobs like activity slots. Those should scale with memory, vCPU, and so on. It becomes a bear to scale.Swyx [01:02:10]: You need a capable sysadmin running things behind the scenes. If you moved off, what would you do?Jake [01:02:19]: We'd build our own workflow engine. We have a few internally that we've worked on.Swyx [01:02:27]: This is one of those classes of things you typically wouldn't vibe code, but I'm wondering if you can.Jake [01:02:33]: I still don't think you should vibe code it. You still want to run decent tests to make sure it works.Swyx [01:02:39]: Timo didn't invent that from scratch either. There are libraries you can run. On top of that, it's just a state machine that you have to map out. Ultimately, you define the instructions you want and run them through a state machine.Jake [01:03:00]: It's very doable. Workflow stuff is interesting. Restate is doing neat stuff here.Swyx [01:03:10]: You're tied into JavaScript. Are you a JavaScript maxi?Jake [01:03:13]: Internally, we have TypeScript, Rust, and Go. We don't add more languages. Actually, we have a little C because we write BPF code and hooks. But those are the languages.Swyx [01:03:28]: Is this for sidecars?Jake [01:03:32]: No. It's for the networking stack, volumes, and things like that. We use TypeScript a lot because it powers the dashboard, but we're moving a lot of workflow stuff off the dashboard stack and into the infrastructure stack.Railpack, Nixpacks, and Content-Addressable FilesystemsSwyx [01:04:00]: Cool. Any other technical infrastructure stuff? Railpacks?Jake [01:04:07]: We built an engine for determining dependencies based on source code. It's called Railpack. We built the first version, Nixpacks, on top of Nix, and then we moved.Swyx [01:04:17]: People have been trying to get me to adopt Nix and NixOS for four years. Is it ever going to be a thing?Jake [01:04:23]: I don't know. We're excited about it, but it has pain points. Think of it as a stack of versioned binaries at specific slices in time. If you want version X and version Y, you bloat the package space, which blows up image size and makes real-world workloads difficult.Swyx [01:04:53]: But you content-address it and cache it. In theory, there are optimizations.Jake [01:05:00]: In theory, yes. But with a large enough user base and disparate enough machines, you run into a problem Meta described in the XFAAS paper, their internal serverless system. It becomes difficult at scale unless you break out specific runtimes.Jake [01:05:24]: We didn't want to do that because we wanted to truly allow you to deploy anything. That was our initial thing with Nix. But we've moved toward interesting work around content-addressable file systems that can lazy-load anything from any point and page it into memory.Swyx [01:05:48]: Amazing.Jake [01:05:49]: The future is very bright. It's crazy, and it's going to be nuts.Coding Agent Spend, Roadmaps, and Token ROISwyx [01:05:54]: Founder journey stuff?Alessio [01:05:56]: Your cloud usage: you tweeted you're going to spend $300K this month?Jake [01:06:01]: I think we got to $200K.Alessio [01:06:02]: Coding agents?Jake [01:06:03]: Yeah.Swyx [01:06:04]: Across the company?Alessio [01:06:05]: You only have 35 people, so I'm sure they're not all spending $10K a month. What's the distribution?Jake [01:06:10]: I think I'm at about $25K. We have power users all the way down. We came back from winter break, and I basically said, “If you're writing code by hand, you're doing this wrong.” The tools are good enough now that you can move extremely quickly. There are issues and pain points, but you should be reviewing the code you are writing instead of writing it by hand.Jake [01:06:40]: Architectural patterns matter more now than ever, but you shouldn't spend your time generating code you would write. If you know how to write it, ask the agent to write it and reconcile it until it looks like you would have written it yourself.Jake [01:06:58]: People misconstrue my propensity to push people toward agents as connected to our growth and some reliability bumps. They're not necessarily related. The tools are good enough to move extremely quickly and build things way larger than you could before.Jake [01:07:19]: To the earlier point about cooling data centers in space: I don't know. But with software, you can ask, “How would I build block storage from scratch? How would I do these things?” I have ideas because I have history and have read papers. Let me work them out and build massive test benches with thousands of tests, because those are now free to author. If you're not using AI systems to speed-run your roadmap and reconcile your existing system onto the future, you're missing a large point of what's happening.Alessio [01:08:12]: What's the path to spending $3 million a month? Is it bound by ideas and things customers can absorb?Jake [01:08:19]: For most companies, it's bound by deployment at this point. That's why we've seen a massive boom in users and companies, from Fortune 50s down, asking how to get developers to move faster. You'll probably hit your CFO before any technical limits because they'll look at the eye-watering amount of money spent on tokens. Inference costs have to come down, but we're inference constrained now. There will be price discovery around what makes sense for an org to adopt.Jake [01:09:06]: I think you'll end up with the F1 driver concept. If someone is really adept at these things, it makes sense to put them in a $3 million car. If they're not, it probably doesn't make sense. You'll take a few people and say, “You can drive the F1 car. We need to go in this direction. Figure out if it works and prototype it.”Jake [01:09:33]: We've done some of that and vastly accelerated our roadmap. We thought we'd ship something in a few years; now we can probably ship it in a few months because we validated it and don't have to build it incrementally. We can skip steps and move toward our vision.Alessio [01:09:58]: A lot of people are realizing the roadmap doesn't always have a business impact, so they say tokens are too expensive. But if your roadmap were built to make more money by the time you built it, you'd have token pricing for it, the same way you do with sales. You'd spend a billion dollars on sales if you knew you would get $2 billion of revenue.Jake [01:10:19]: Exactly. A naive way to measure this is the percentage of tokens that end up in production. If you can measure impact because those tokens end up in production, that's awesome. But the burden of proof will rise. Internally, we have a growing number of pull requests that haven't merged. The question becomes: how do you get this into production? It's about how quickly you can build and deploy software, which is exciting because that's our whole thing.The SDLC Shift: Prompt Requests, Feature Flags, and Safe RolloutsSwyx [01:10:56]: The SDLC is changing. One thesis is that the pull request is dying. It's going to be the prompt request. Beyond that, code review is also kind of dying if you have all the other systems in place. What else is changing about the SDLC?Jake [01:11:19]: The AISRE and the tools to make it happen. AISRE is pie-in-the-sky aspirational. What does it take to get an AISRE? What tools do you need to build?Swyx [01:11:32]: You should expose your tooling to customers at some point. The Central Station command center.Jake [01:11:39]: We have it for template maintainers. Template maintainers can deploy and maintain templates, and they get feedback. We're going to expose those things incrementally.Swyx [01:11:51]: Clustering around incidents. Everyone has a version of that, but I don't think anyone has solved it.Jake [01:11:56]: I won't say we've solved it internally, but it's gotten so good that we can see incidents forming pretty quickly. At some point, those will be things either someone else builds or we build. We've always built things purpose-built for us. If it makes sense to make it useful for users, monetize it, or turn that loop into a profit center instead of a cost center, we want to do that.Jake [01:12:28]: Pull request is definitely dying.Swyx [01:12:29]: Do you do first-party feature flagging and incremental rollout stuff?Jake [01:12:34]: We have a feature-flagging engine we built internally and will eventually roll out.Swyx [01:12:38]: I don't see it as a user. How come you didn't give us what you have?Jake [01:12:43]: We have to beta test it. We care a lot about the quality of the things. There's plenty we've used internally that doesn't make it all the way through the journey because it fails. It works for one service but not multiple services. We'd have to build it for multiple services and know that if we released it, we'd rebuild it again and again. Some things are worth that, but many inform the roadmap.Jake [01:13:18]: We don't want to dilute the experience by saying, “This works, but only for this service,” unless it's a core initiative. Over the next few months, we'll roll out things that work for a single service, then multiple services, then multiple services across the environment. You have to be deliberate. Otherwise you create broken disparate experiences and support load because people ask how to use the feature.Jake [01:13:52]: It's the earlier expansion and compaction pattern. You expand the company to get features, then compact and smooth them out so the experience is stellar. You told me in the hallway, “It's gotten so much better.” Internally we're saying, “This part really sucks. We need to make it significantly better.”Swyx [01:14:11]: I can attest to that over the last three years watching you build Railway. For listeners, feature flagging is a huge part of Uber culture. So much so that they have too many feature flags and another thing to remove feature flags. Facebook has Gatekeeper. Agents are going to need this. It's fundamental to incremental rollouts. OpenAI acquired Statsig. GPT-5 is routing and flagging through different models.Jake [01:14:56]: It's super important. If the software development lifecycle is going to change because we're doing things 1,000 times faster and 1,000 times more concurrently, what becomes important at scale?Jake [01:15:16]: Before I started Railway, I built a feature-flagging product and tried to sell it. It was an easier version of LaunchDarkly. I ran into a problem: anyone small enough to adopt your technology doesn't care about feature flags, and anyone large enough to need feature flags needs so much scale that you have to build out all the infrastructure. I scrapped it.Jake [01:15:42]: But what is old is new again. Companies are trying to move quickly, but you can't YOLO a vibe-coded thing straight into production. You need to say, “Here's my blast radius, my impact, and I want to shadow it for these users.” Feature flags. You're going to need the tools larger companies built to maintain their structures. Everything gets compressed by 1,000x so everybody can build those structures quickly.Jake [01:16:07]: That's exactly where we are: compressing the software development lifecycle, then expanding it and adding more new things.Cattle, Pets, and Clonable InfrastructureSwyx [01:16:15]: Another term that comes to mind for newer developers is “cattle, not pets.” People treat production like a pet. It has a name. You baby it and keep it alive. With cattle, you can mass farm, roll out, portion parts out, and kill them.Jake [01:16:37]: I think that might change. You can move toward having pets as long as you have a cloning machine for your pets.Swyx [01:16:52]: Yeah.Jake [01:16:52]: If you can snapshot every single thing at every frame, it doesn't matter if something gets obliterated because you have a snapshot of it. The things we've built right now are designed to block changes from the hermetically sealed DevOps line. You have to write a Dockerfile because you nee

- Media Invited to Apple Park for WWDC26 Keynote - Apple Design Awards 2026 Finalists Announced - Apple Gets Two-Month Reprieve in Indian App Store Antitrust Case - iOS 26.5 Makes Way for Third-Party App Stores in Brazil - DoJ Asks Apple, Google for PII on 100,000 App Users - Sponsored by NordLayer: Get an exclusive offer - up to 22% off NordLayer yearly plans plus 10% on top with coupon code: macosken-10-NORDLAYER at nordlayer.com/macosken - Catch Ken on Mastodon - @macosken@mastodon.social - Send Ken an email: info@macosken.com - Chat with us on Patreon for as little as $1 a month. Support the show at Patreon.com/macosken

These episodes of #thePOZcast, live from Transform 2026 in Las Vegas, are proudly brought to you by our friends at PIN. AI recruiting tools that automate candidate sourcing, screening, and scheduling across 850M+ profiles. Built for recruiters, agencies, and hiring teams. Learn more and check out a demo:  https://www.pin.com/book-a-demo?via=adam-posner Thanks for listening, and please follow us on Insta @NHPTalent and www.youtube.com/thePOZcast For all episodes, please check out www.thePOZcast.com   Takeaways: 1. You Can't Improve What You Can't See The founding insight of BrightHire — and one of the most durable frameworks in this series — is that hiring is the most consequential activity in any business, yet it produces almost no data. Interview conversations happen, and then they're gone. Capturing them isn't surveillance; it's the minimum requirement for actually improving the process. 2. Comp Comes Up in Fewer Than 2% of Candidate Conversations The most surprising data point from BrightHire's 930,000-interview analysis: salary and compensation are almost never what candidates are actually talking about in interviews. What they are asking about: remote and flexible work, company growth trajectory, and product innovation. If your recruitment messaging is leading with comp, you're answering a question most candidates aren't asking. 3. Interview Data Is a Goldmine for Employer Brand Strategy Sliced by seniority, function, and location, BrightHire's interview data tells employers exactly what different candidate segments care about — giving TA teams real intelligence for outbound messaging, recruitment marketing, and preparing recruiters and interviewers to answer the questions candidates are actually going to ask. That's a fundamentally different input for employer brand strategy than surveys or focus groups. 4. Interview Fraud Is Real and Growing — and the Defense Is Already Built The use case nobody anticipated when BrightHire launched: using candidate video profiles to verify that the person who showed up for onboarding is the same person who interviewed. Dozens of customers have built SOPs around this capability. As AI-generated fraud becomes more sophisticated, the ability to cross-reference identity signals across the entire interview process is becoming a core compliance function, not a nice-to-have. 5. AI Interviewers Don't Replace Recruiters — They Give Them Better Candidates Recruiter reaction to BrightHire's AI interviewer product wasn't fear — it was relief. By expanding access at the top of the funnel, AI interviewers surface qualified candidates who would have been passed over due to capacity constraints, giving recruiters a better pool to work from and more time to do the high-value human work of cultivating and closing those candidates. 6. The Recruiter Who Adapts Has a Massive Advantage Teddy's view is direct: recruiting professionals who embrace agentic workflows will be elevated by them. Those who resist are going to find themselves on the wrong side of an irreversible shift. The profession has always evolved — and the ones who leaned into each evolution came out ahead. 7. AI Agents Are Taking on Longer, More Complex Tasks Than Most People Realize Teddy's personal experience in the last six weeks: watching an engineering colleague execute a complex multi-step task by telling his AI agent, 'Find Teddy's Slack and execute on what Teddy asked for' — and then quality-controlling the result. The length and complexity of what agents can handle autonomously is increasing faster than most people outside of engineering teams appreciate. 8. The Right Acquisition Is One That Protects Founder Velocity Teddy's framework for evaluating the Zoom acquisition: founder-led culture at the acquiring company, strong strategic alignment on product thesis, and a track record of enabling acquired companies to retain their brand, culture, and growth trajectory. Workvivo is the proof point. Being acquired by a company where the founder is still running the show at four billion in revenue is a different experience than getting absorbed into a conglomerate. 9. Customers Are Already Building What Vendors Are Selling The most clarifying thing Teddy saw on the conference floor: customers sharing the in-house AI workflows they've already built — and the framework they're using to decide what to outsource. If a tool doesn't touch PII, compliance, or regulatory requirements, they're building it themselves. The bar for defensibility has permanently moved upward, and every vendor on the floor needs to be honest about what's truly irreplaceable about what they offer. 10. Trust Is the Most Valuable Commodity in an AI-Flooded Market In a market where AI has lowered the cost of building software dramatically, vendors are proliferating and noise is at an all-time high. Teddy's observation is that the differentiator in this environment is old-fashioned: trust, integrity, post-sales investment, and actually showing up and delivering on promises. Easy to lose, hard to build — and more valuable than ever precisely because it's become rare. CHAPTERS: 00:00 – Introduction & Congrats on the Acquisition Adam welcomes Teddy Chestnut, co-founder of BrightHire, fresh off the company's acquisition by Zoom. 02:00 – Born Into Recruiting: The Origin Story Both parents in HR for 30 years. Dad met mom as a recruiter. A childhood of dinner table conversations about comp plans — and how that led to BrightHire. 05:00 – The Problem Statement That Started It All Hiring is the most important decision in business, yet treated with less rigor than a $15,000 software purchase. You can't improve what you can't see. 07:30 – 2019: A Crazy Idea That Turned Out to Be Right Pitching interview recording before LLMs, before COVID, before the world normalized AI in meetings — and how the pandemic validated the thesis overnight. 10:00 – The First Customer Who Asked If They Were Charging Enough BrightHire's first beta customer asked if they were making money on the deal. The signal that they were onto something real. 12:30 – From Resistance to Commonplace: The Adoption Journey How resistance to recording interviews dissolved as recording became normalized across all business meetings — and how the conversation shifted to unlocking insights. 15:00 – 930,000 Interviews: What the Data Says The striking finding: comp comes up in fewer than 2% of candidate conversations. What candidates are actually asking about: remote work, company growth, and product innovation. 18:30 – Turning Interview Data Into Employer Brand Intelligence How BrightHire slices that data by seniority, function, and location to give customers real intelligence for outbound messaging, recruitment marketing, and interviewer prep. 21:00 – Interview Fraud: The Use Case Nobody Saw Coming The email that changed BrightHire's roadmap: using candidate thumbnail profiles to verify that the person at onboarding was the same person who interviewed. 24:00 – AI Interviewers: The Next Frontier BrightHire's conviction that AI interviewers expand access — and the recruiter reaction: "This is a godsend because I'm getting better candidates I would have passed over otherwise." 27:00 – The Recruiter Who Adapts vs. The One Who Goes Extinct Recruiters who embrace agentic workflows gain time for high-value human work. Those who resist are on the wrong side of an inevitable shift. 29:30 – Agents Are Taking on Longer-Range Tasks What Teddy witnessed in the last six weeks: a colleague executing a complex task by telling his agent "Find Teddy's Slack and execute on what Teddy asked for." 32:00 – The Zoom Acquisition: Why It Was the Right Move Founder-led culture, strong product thesis alignment, and the Workvivo track record as proof that Zoom enables acquired companies to thrive independently. 35:00 – What Impressed Teddy Most on the Conference Floor Not a vendor product — the in-house AI workflows customers have already built, and the framework they're using to decide what to outsource vs. build themselves. 38:00 – Trust Is the Most Valuable Commodity in AI-Flooded Markets In a market where building AI products is cheap and vendors are proliferating, the only truly defensible asset is trust — brand, integrity, and delivering on promises.  

AI agents are entering enterprise AI faster than CIOs can govern them. Line-of-business users are vibe-coding their own tools, agents are operating with employee credentials, and foundation models are changing under running systems. In CXOTalk episode 919, Anthony Scriffignano, PhD, a prominent data scientist, and Tim Crawford, a strategic advisor to CIOs at the world's largest companies, examine what enterprise AI governance, shadow AI, and agentic risk require of technology leaders today. The discussion grounds the AI agent conversation in practical decisions: what to keep from established IT governance, what is genuinely new, and where the CIO role must evolve.YOU'LL LEARN:✅ Why traditional regression testing breaks when foundation models, training data, and environments all change at once✅ How shadow AI and vibe-coding by non-developers expand the threat paradigm beyond the enterprise perimeter✅ Why HR-style policies do not transfer to AI agents, and what changes when super-agents call sub-agents through an orchestration layer✅ Specific controls for shadow AI: sandboxes, token counting, personal Identifying Information (PII) guardrails, and watching for value leaving the organization✅ Red, blue, and green teaming for autonomous agents, including why red teams need a defined target list, not a license to break things✅ The three governance layers CIOs must now reconcile: user role-based access controls (RBAC), agent governance, and knowledge governance, across ServiceNow, Salesforce, and SAP✅ When human in the loop is meaningful and when it becomes theater, including the limits of audited-sample review at machine speed✅ How the transformational CIO mindset differs from the traditional one, and why business depth is now the prerequisite skill⏱️ TIMESTAMPS0:00 AI agents are running wild: framing the problem3:11 From automation to autonomy: how CIOs should reframe risk5:21 What old governance disciplines still apply, and what is new6:12 Shadow AI, vibe coding, and the limits of control9:11 Practical controls: sandboxes, token counting, PII guardrails11:53 Why HR policies do not work for AI agents15:24 Regression testing for misuse and misadventure18:43 The aspiring CIO: traditional vs. transformational mindset21:07 Disciplined red, blue, and green teaming23:30 When mandatory automation becomes the only option32:03 Human in the loop: meaningful or theater?34:09 What AI governance actually looks like in practice38:10 New roles: context engineers, AI FinOps, and value frameworks40:30 Talent and jobs inside IT: what changes

How often have you heard someone say they aspire to be an ISO consultant? Likely not at all! That's not surprising as it's quite a niche world to find yourself in, yet despite that, there are still thousands of ISO professionals worldwide. We're continuing with our mini-series where we introduce members of our team, to explore how they fell into the world of ISO and discuss the common challenges they face while helping clients achieve ISO certification.   In this episode we introduce Steve Mason, a Principle isologist® at Blackmores, to share the journey of how he went from intern, to ISO Assessor, to ISO consultant and the challenges he's faced while working with clients. You'll learn ·      What is Steve's role at Blackmores? ·      What does Steve enjoy outside of consultancy? ·      What path did Steve take to become an ISO Consultant? ·      What is the biggest challenge he's faced when implementing ISO Standards? ·      What is Steve's biggest achievement?   Resources ·      Isologyhub ·      ISO 14001:2026 What's Changed And How to Comply Webinar Registration   In this episode, we talk about: [00:30] Episode Summary – We introduce Steve Mason, a Principle Isologist® here at Blackmores, to discuss his journey towards becoming an ISO consultant who specialises in ISO 27001, ISO 27701, ISO 27018, ISO 27017 and ISO 20000-1. [02:40] What is Steve's role at Blackmores? Her role primarily involves supporting clients in two key areas: maintaining and continually improving their existing ISO management systems and helping them establish and implement new standards. As part of that support, he: ·      Makes Standards understandable and accessible to clients ·      Conduct internal audits ·      Reviews and updates management system documentation ·      Facilitate management reviews ·      Train internal teams and prepare them for certification audits. Steve is the Standard champion for ISO 27001, ISO 27701, ISO 27017, ISO 27018 and ISO 20000-1 at Blackmores, but he also deals with ISO 9001, ISO 41001, ISO 22301 and ISO 42001 related projects and support. Steve's other main role at Blackmore's is as a Mental Health First Aider, which is shared with Minoo Agarwal. Together, they provide resources and offer support to the team. [06:00] The importance of Mental Health management in the workplace: Steve had faced bullying in previous roles, so preventing others from experiencing the same had become a big motivator for him taking on the role of Mental First Aider for Blackmores. He emphasizes it's importance, and highlights 2 key Standards that you can use to help support mental first aid within your business. This includes ISO 45003 Mental Health in the Workplace and BS 30480 Suicide and the Workplace. [09:10] What does Steve enjoy doing outside of consultancy?: Steve has a wide variety of interests and hobbies, including: Lay Minister: Steve is a Lay Minister in the United Reform Church and mainly based at the URC Chapel in Walkern, but can be found leading worship and preaching at Ashwell, Baldock, Stevenage and Knebworth chapels. Poetry: Steve enjoys writing poetry about anything and everything, racking up an impressive 190 poems so far. Some of his main inspirations include Wordsworth and Keats. If you ever see a poem on the Blackmores LinkedIn page, odds are, it was written by Steve! Classical Music: He's a fan of classical music, anything by Beethoven, Mahler or Shostakovich specifically. He likes these composers in particular due to their stretching of the rules of music for the time. Exploring hidden London: Steve often goes on hidden London tours which explore disused underground stations which may have been shut down as long as 100 years ago! Buses and Trains: Steve was lucky enough to drive a bus in his past, of which he has the licence plate of sitting in his office. He collects bus and train models and will go out to snap a photo or two of their real world counterparts when he comes across them. History: Steve is a huge mystery buff, with a particular fondness for Richard III and the War of the Roses and the Anglo Saxon period of history. Family Tree: Steve has been tracing his family tree back as far as he can on his mother's side, which extends as far back as 1547! Interestingly enough he found out that relatives from way back then got married in the church that he currently lives nearby and got qualified as a Lay Minister for the Church of England in Stevenage! Cats: He's owned his fair share of feline friends through the years, with one particular tabby holding the name 'Spartacus'. [22:35] What was Steve's path towards becoming an ISO Consultant?:  Steve was once told in the 1980s 'There is no future in Standards; find another career, perhaps in Sales or Purchasing'. How wrong that turned out to be! He's always worked with standards, from the first day he started work doing inspection in Goods Inwards, he was referring to them. The direction towards Management systems came in 1983 when he started implementing BS 5750. From that day onward he had been involved in Management Systems. Steve completed a management apprenticeship at Racal-Guardall where he was able to do 3 months' work experience in all departments, which helped him appreciate how companies function and how important it is to maintain good communication channels. He was at the end of this apprenticeship that the opportunity arose in the QA department to work on BS 5750. His career path has included other organisations such as Tektronix, BOC Ohmeda, Cirkit, Deta, TDK and BSI, all of which earned Steve a lot of experience in Manufacturing and Service and Distribution, mainly in Quality and Customer Service roles. Steve has always felt a bit like a closet consultant, even when he worked as an assessor at BSI. He feels as if Blackmores has enabled him to fully flourish and develop his portfolio of standards – not bad for a career where there was apparently no future in standards! [28:45] Born to be a consultant – Steve mentions that consultancy is a skill that many are born to be. You can train and learn the skills of course, but for some it comes very naturally and it can be hard to replicate that skillset in others. [30:15] What is Steve's favourite aspect of being a Consultant? Steve loves talking with clients and working with them to explore solutions that can address the requirements of the standards. His motto is 'Mould the Standard to the organisation and not the organisation to the standard' This means, always producing a management system that benefits the organisation first and then adjusting it to meet the requirements of the standard. Organisations that mould the business to the standard usually end up with a management system that is a 'bolt-on' and an uncomfortable, sometimes irrelevant, fit. Everyone in the organisation needs to feel that the management system is a natural fit to what they do. He also enjoys supporting his colleagues at Blackmores. We're a business built on knowledge sharing, and there's no point gatekeeping anything we've learned as a team. So consultants often get together to discuss lessons learned and ensure best practice is a shared experience. Ironically enough, one of Steve's least favourite aspects of being a consultant is auditing! Mostly since he's been doing it for some 40 years now, so he can be forgiven for finding the exercise a bit tedious at times. However, he never let's that affect the end result of an audit. [37:00] What Standards does Steve specilaise in and why? Steve initially started with ISO 9001 but was steered towards ISO 27001 and ISO 20000-1 during his time as BSI. This was based upon his career path up to the point he joined BSI as they align assessors to familiar business and technical environments. In Blackmores, he has been able to develop these areas of Quality, Service and Risk by adding standards related to Business Continuity, PII and Cloud Security, Facilities Management and AI Management. Steve's favourite standard is ISO 20000-1 which started off as an IT Service Management System but can also be used effectively for all services. He always refers to ISO 20000-1 as 'ISO 9001 on Steroids' because it is much more specific and focuses on the subject of service management. Sadly, ISO20000-1 is under rated, under sold and in some cases, never heard of – this is usually because contracts require IS O9001 but the people writing those contracts don't actually know or understand what they are asking for. In simple terms it is a Service Quality Management System and Steve has come across organisations which have shoe-horned ISO 9001 into the business instead of using the natural fitting standard ISO 20000-1. Steve would advise any company that is providing a service with helpdesk support to look at ISO 20000-1, especially if they find that ISO 9001 isn't working well for them. [43:00] What is the biggest challenge Steve had faced during a project and how did he overcome it?: Creating a management system in 10 days for a client which was due to lose a major contract because they had let their certification to ISO 9001 lapse between the 2008 and 2015 versions. Quite the undertaking in such a short amount of time! Steve refuses to claim full responsibility for the success however, as the client was totally invested in getting the system up and running and put in a lot of effort to work with Steve to get it done in time. If it had been any other standard, it would have been impossible, but because it was ISO 9001 and wthey were drawing on what had been in place previously it was possible. Generally, problems arise when there is limited or no Leadership support and commitment, because without this management systems can't be set up in a way that benefits the organisation. All management systems must align with the Business Strategy and should be used to ensure that the strategy is achieved. If you'd like to learn more about the importance of Leadership and aligning your management system with strategic direction, check out a few of our previous episodes. [50:10] What is Steve's proudest achievement?  Steve isn't really one to collect achievements, so he cites winning 1st Prize at 6 years old in a fancy-dress competition, dressed as a Snowman was a proud achievement for 6 year old him. He is also proud of becoming a Lay Reader initially in the Church of England at 37 and latterly in the URC. Another highlight is appearing on The Chase back in 2017, successfully passing the auditions which saw 40,000 applicants. If you want to go see him go up against the Chasers, he was in Series 10 episode 119. He can't point to any one ISO related project as he sees them all as an equal success. He puts all his effort into every project, and his success track shows this to be evident. [54:35] ISO 14001 Transition Webinar:  If you currently hold a 2015 certificate for ISO 14001, then the countdown has already started to transition to the latest 2026 version. We'll be covering the changes and what you need to do to comply and complete your transition in a webinar on the 29th May. You can register your place here.   If you'd like any assistance with implementing ISO standards, get in touch with us, we'd be happy to help! We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Who survived the install, who made it to the desktop, and who learned the hard way that one little mistake will blow up the entire BSD box.Sponsored By:Jupiter Party Annual Membership: Put your support on automatic with our annual plan, and get one month of membership for free!Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love.Support LINUX UnpluggedLinks:

Your best employees might be your biggest security risk.

Artificial Intelligence is everywhere—but where does it actually fit in vocational rehabilitation? In this episode, Carol Pankow sits down with Dr. Robert Froehlich to cut through the noise and get real about AI in VR practice. This isn't hype—and it's not fear. It's practical, grounded guidance.

Hey, Alex here, I'll try to catch you up, but it's one of the more intense weeks in AI in recent memory. Here's the TL;DR - OpenAI dominates across the board this week! Finally launches “spud”, called it GPT 5.5 (and 5.5 Pro), and it's SOTA on most things,nearly matching the mysterious Claude Mythos but released and we can actually use it (we tested it extensively). OpenAI also took the crown in image generate with the incredible GPT-image-v2 release, beating Nano Banana 2 and pro by a significant margin, the images are incredible, this model can generate working QR codes and 360 images it's quite bonkers. Codex was updated with Computer Use (which I told you about last week), in-app browser and a bunch of other tools that match GPT 5.5 intelligence. Meanwhile, Anthropic launched an incredible research preview of Claude Design, finally admitted that Claude was dumb and reset quotas across the board, while breaking the trust of the community with removing Claude code from the pro plan. We've also got great open source updates, Kimi K2.6 and Qwen 3.6 27B are both great performers! We were live on the stream for almost 4 hours today waiting for GPT 5.5 and finally got it and tested it live on the show + had Peter Gostev on from Arena who had early access and shared with us his insights. Let's get into it! ThursdAI - Highest signal weekly AI news show is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.OpenAI's GPT 5.5 is here - SOTA AI intelligence you can actually use (Release Blog)OpenAI finally gave us all access to their latest intelligence boost, GPT 5.5 thinking (and GPT 5.5 Pro). These models take the crown across many benchmarks, including TerminalBench (82.7%), GPDval (84%) and more. You can see the highlited versions on the image above. Though, its not uncommon for OpenAI to do some chart crimes, so @d4m1n created a chart that also showed the full benchmarks, including the ones GPT 5.5 is not beating Opus at, as you can see below, it underperforms on Humanity's Last Exam, and scaled tool use. But, benchmarks don't tell the full story. GPT 5.5 uses significantly less tokens, compared to 5.4, about 40% less. It's also more expensive, but given the lower token usage, it nets out at about ~20% price increase, while being more intelligence and faster. Tons of folks who had early access are reporting the same things, this model excels in long running tasks, Peter Gostev from Arena, who joined our live stream, showed us an incredible demo that ran overnight for over 8h! This model can work until the task is done, no longer just pausing in the middel asking for your input. The real highlight is, paired with the recent GPT-image-2 (which I'll expand on later in this newsletter), GPT 5.5 becomes an excellent UI designer. This is a big area in which Claude still has moat and OpenAI is trying to catch up here, and the real alpha now is to use both the Image gen and 5.5 in tandem to create beautiful visuals and UIs. The main thing is, after testing it quite a few times, this only works if you generate an image outside of the session that builds the actual UI. we tried a couple of times to do it in 1 session, and the resulting UI doesn't seem to be remotely close to the generated image. Only after sending this image to a completely fresh session and asking for a “pixel perfect” implementation, did GPT 5.5 start to resemble the input image and rebuild the whole ui in pixel perfect fidelity! GPT Image v2 - SOTA thinking image model, finally beating Nano Banana (Blog, Live)Like we said, OpenAI is dominating this week, and in both instances those are great models. Though, apples to apples comparison, GPT-image-v2 is a much higher jump — from previous models — than GPT 5.5! According to Artificial Analysis, the jump in how many people prefer GPT-image-2 in blind tests compared to other model is the higest we've ever seen, over 250 points. And you can clearly see it in the generations as well. Previously this week, we did a live streaming session with Peter Gostev (from Arena) and we did a deep dive comparing this new model to GPT Image 1.5, Nano Banana and Grok Imagine, and it's a clear winner across most categories.Character consistency is immaculate, high resolution imagery, instruction following, are all so so good it's a bit hard to explain in text. Reasoning visual intelligence Like with Nano Banana, this model is likely based on a big GPT image, it's no longer just diffusion, as you can see, it reasons! And apparently the more reasoning you give it (if you choose GPT pro) the better it'll be. The examples are indeed wild, the model can generate images of code that works, generate functional QR codes and bar codes! The craziest thing people figured out it can do, is functional 360 imagery (equirectangular format), you can just ask the model to create a 360 image of “scene” and then drop this in to a 360 viewer! Peter shows us on the show how he combined GPT 5.5 and Image v2 to create a sort of “street view” from a bunch of 360 images, it blew our minds. He literally spun up an overnight GPT 5.5 task in Codex that planned out the hanging gardens of Babylon, generated hundreds of equirectangular images, stitched them into a walkable interface, and had it running 8+ hours without babysitting. A street view of a place we don't actually know what it looked like, hallucinated from latent space. What a time.Day one availability is wide: Figma, Canva, Adobe Firefly, fal.ai, and Microsoft Foundry all have it. Nano Banana dominated for what felt like an eternity in AI time (it was really only a few months

Today’s headline news for Canadian IT solution providers: Acronis launches GenAI Protection for MSPs. Acronis GenAI Protection went generally available April 22nd, giving MSPs a purpose-built tool to discover shadow AI usage across client environments, prevent sensitive data from flowing into unsanctioned AI tools, block prompt injection attacks, and enforce per-client AI usage policies – all from within the existing Acronis Cyber Protect Cloud console. Acronis president Gaidar Magdanurov is framing it as a direct MSP revenue opportunity: turning an invisible and largely ungoverned risk into a billable managed service. Omdia analyst Matthew Ball puts SMB AI adoption at over 50 percent regardless of IT sanction, which tells you exactly how large that ungoverned footprint already is. This is the first release in Acronis’s broader Cyber Workspace initiative, with additional AI-native security capabilities on the roadmap. Everpure CEO publishes open letter on RAMageddon pricing. Everpure (formerly Pure Storage) CEO Charles Giancarlo published a frank letter to customers today warning of roughly 70 percent average price increases since January 2026 – driven by AI infrastructure buildout pulling semiconductor supply away from conventional components. Everpure’s own input costs for CPUs, DRAM, and flash storage have risen between 300 and 900 percent since mid-2025, with costs doubling December to January and doubling or tripling again through March. Giancarlo says the company is absorbing a significant share of the increase rather than passing it through, and commits not to profiteer – but the channel impact is real. Quote validity windows are now 30 days, down from 60 to 90. Giancarlo warns the disruption could persist for years. CRN’s coverage of Everpure’s recent earnings provides useful context on the company’s supply chain posture. If you have hardware-heavy proposals in flight, review your numbers and start the proactive conversation with clients now. Cisco unveils working prototype of a Universal Quantum Switch. Cisco’s Universal Quantum Switch, announced today, is a research prototype that solves a foundational barrier to quantum networking: different quantum systems encode information in incompatible ways, and connecting them has previously meant destroying the quantum information in the process. Cisco’s patented conversion engine routes and translates between all major encoding modalities at room temperature on standard telecom fiber, with less than four percent quantum information degradation and sub-nanosecond switching at under one milliwatt of power. This is research, not a shippable product – but Cisco is drawing an explicit parallel to how classical switches made the internet scalable, and has collaboration agreements with IBM, Qunnect, and Atom Computing working toward a full quantum network stack. For channel partners with public sector, defence, or financial services accounts where quantum security is beginning to surface, the practical timeline on distributed quantum infrastructure is moving faster than most of the channel has been tracking. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Friday, April 24, 2026, and here’s what’s happening in the channel today. First up: Acronis has launched Acronis GenAI Protection, a new managed service offering aimed  squarely at MSPs. What it does is give service providers centralized visibility and control over generative AI usage across client environments. That means shadow AI discovery – finding out which AI tools employees are actually using, sanctioned or not. It means prompt injection blocking, so bad actors can’t use AI tools to manipulate systems or exfiltrate data through a chat interface. And it means sensitive data protection: preventing PII, PHI, and confidential business information from getting fed into tools that were never cleared to receive it. MSPs can set and enforce AI usage policies on a per-client basis, all from inside the existing Acronis Cyber Protect Cloud console – no separate point solution to manage or sell. Acronis president Gaidar Magdanurov is positioning this explicitly as a revenue expansion opportunity – the idea being that MSPs can convert an invisible risk their clients already have into a billable managed service line. The market backdrop supports that framing: Omdia analyst Matthew Ball estimates that more than half of SMBs are already using AI tools regardless of IT approval, and for the most part there is no governance layer in place to manage that usage. This is the first release under Acronis’s broader Cyber Workspace initiative, with more capabilities – AI-native threat detection, deeper workspace monitoring – described as coming. Worth evaluating now. For most MSP client bases, the shadow AI governance conversation is already overdue. Second: Everpure – the company formerly known as Pure Storage – CEO Charles Giancarlo published an open letter to customers and partners today that anyone selling or speccing hardware needs to read carefully. The headline number is a 70 percent average price increase since the beginning of 2026 – and Giancarlo’s message is that this may not normalize for years, not quarters. The underlying cause is AI infrastructure buildout consuming semiconductor supply at a pace that’s starving conventional storage and compute components. Everpure’s own input costs – CPUs, DRAM, and flash storage – have surged between 300 and 900 percent from mid-2025 baseline levels. Costs roughly doubled between December and January alone, then doubled or tripled again through February and March. Giancarlo is explicit that the company is absorbing a significant share of those increases rather than passing them straight through – it’s operating at the low end of its 65 to 70 percent gross margin range as a result – and the letter commits explicitly to not treating the supply crisis as a margin opportunity. That’s worth acknowledging. But absorbing part of a 300-to-900 percent input cost spike still leaves a 70 percent average increase landing on customers. The channel-specific implications are concrete. Quote validity has been cut from 60 to 90 days down to 30, because costs are moving too fast for longer windows to hold. And Giancarlo’s warning about multi-year disruption applies broadly – the underlying DRAM and flash component dynamics affect the whole hardware market, not just Everpure’s product line. If you have proposals in flight with any significant storage or compute components, pressure-test those numbers now and get ahead of the conversation with your clients before they come to you. And third, something from the longer end of the technology horizon: Cisco has announced a Universal Quantum Switch – a working research prototype that addresses one of the foundational barriers to practical quantum networking. Here’s the core problem it solves. Quantum computers from different vendors encode information in fundamentally different ways – polarization, time-bin, frequency-bin, path encoding – and until now, connecting them has meant destroying the quantum information in the process. There’s been no equivalent of a network switch for quantum systems. Cisco’s prototype changes that with a patented conversion engine that can route and translate between all of those encoding types simultaneously, preserving the quantum state across the translation. It operates at room temperature on standard telecom fiber – no exotic cryogenic infrastructure required. In testing, it achieved less than four percent quantum information degradation, with sub-nanosecond switching at under one milliwatt of power. The analogy Cisco uses is instructive: classical networking switches made the internet possible by connecting incompatible endpoints through a common network fabric. This is the same concept applied to quantum systems. The company is working with IBM, Qunnect, and Atom Computing toward a fuller quantum network stack. To be direct about where this fits for the channel: it’s a research prototype and it won’t appear on a quote sheet this year or next. But for those with public sector, defence, or financial services accounts where quantum is starting to surface in security and infrastructure conversations, the practical timeline on distributed quantum networking is compressing faster than the industry has generally been tracking. This is meaningful progress, and it’s worth knowing about. Later today on In The Channel, we’ll be discussing Cisco 360, three months in with Cisco Canada channel chief Erin Gertner, and looking at why Canadian partners are responding better than expected to the program’s rollout. And if you haven’t heard it yet, yesterday’s episode features Dell Technologies vice president of global partner marketing Eric Arcese discussing the AI Factory and why the gaps around it are the real opportunity for the channel. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day, and an even better weekend.

In this episode of Reboot IT, host Dave Coriale, president of DelCor, sits down with Kelly Henseler, Marketing and Communications Director at INCOSE, to discuss how associations are actually using AI, and where they're struggling. Kelly shares what she's seeing across the community, from rapid adoption by individual contributors to the lag in executive-level strategy and guardrails. The conversation explores member trust, disclosure, brand integrity, ROI-driven adoption, and how associations can avoid blending into the growing “sea of sameness.” This episode offers practical, grounded advice for marketing and communications professionals navigating AI from both the bottom up and the top down.Themes and Topics:AI Adoption in the Association Community Individual contributors are adopting AI quickly, especially for content creation.According to ASAE's State of Associations, 87.5% of associations are using AI for content creation.Executive teams often lag behind in setting strategy, policies, and guardrails.Executive Strategy vs. Individual UseOrganizations need to decide whether they're encouraging adoption or putting guardrails in place.Conversations with leadership should start by understanding where the organization already is.Bringing concrete use cases and benchmarking data helps move executives forward.Guardrails Beyond Data PrivacyGuardrails aren't just about PII and intellectual property. AI tools can blur role boundaries, especially in design and brand ownership. Access to tools like Canva AI should align with staff roles and responsibilities.Trust, Transparency, and DisclosureMember trust can erode even when AI use is disclosed.Members want reassurance there are still humans behind the organization.Disclosure practices are evolving and require thoughtful, consistent approaches.Avoiding the “Sea of Sameness”AI-generated content often looks and sounds the same across organizations.Prompt writing and human editing are critical differentiators.Associations must protect and reinforce their unique brand voice.ROI, Upskilling, and Practical WinsROI is the most effective entry point for AI conversations with leadership.AI can dramatically speed up content repurposing across channels.Upskilling staff and creating brand and editorial guidelines are essential first steps.

In this episode of In-Ear Insights, the Trust Insights podcast, Katie and Chris discuss how you can keep your professional knowledge relevant despite rapid shifts in technology and software. You’ll discover how to leverage agentic AI to audit and modernize your outdated standard operating procedures. You’ll learn the vital importance of maintaining human oversight to prevent the loss of critical expertise. You’ll understand why curiosity remains your most valuable asset for effective leadership in the age of automation. You’ll see how to balance the speed of machine-led updates with the necessity of human critical thinking. 00:00 – Introduction 03:15 – Why keywords matter less in the age of AI 07:45 – Using agentic AI to update old SOPs 12:20 – The risk of cognitive offloading and knowledge decay 17:50 – Maintaining human leadership and curiosity 22:10 – Call to action Watch this episode now to learn how to stay ahead of the curve without losing your competitive edge. Watch the video here: Can’t see anything? Watch it on YouTube here. Listen to the audio here: https://traffic.libsyn.com/inearinsights/tipodcast-updating-mental-models-and-old-knowledge.mp3 Download the MP3 audio here. Need help with your company’s data and analytics? Let us know! Join our free Slack group for marketers interested in analytics! [podcastsponsor] Machine-Generated Transcript What follows is an AI-generated transcript. The transcript may contain errors and is not a substitute for listening to the episode. Christopher S. Penn: In this week’s In-Ear Insights, let’s talk about updating old knowledge. Katie, you’ve been doing some work on updating standard operating procedures about Google Analytics. I’ve been putting together slides and workshops for SEO and PPC professionals about the way things are. One of the things that I noticed, particularly when I was digging through Reddit data, is how much focus there is on things that are no longer relevant. I’ll give you a simple example. In SEO, we talked a lot about keywords—keyword lists, keyword topics, related keywords, and stuff. There is still some marginal value to that. But with the way that things like AI mode and AI overviews operate today, and the way language models like ChatGPT operate, the keyword is essentially irrelevant as a thing to focus on. It’s not where you should put your effort. Instead, you should be putting your effort on the semantic space of a topic, which again, is not necessarily all that new. When I look at the top questions in Reddit about SEO, people are still fixated on this thing that really hasn’t mattered in about 5 years. So, when you were doing your Google Analytics stuff, I’d love you to talk through what you’re doing on that front, because there’s a lot of stuff that we thought we knew about Google Analytics that, thanks to Google’s never-ending UI changes, is completely different. Talk to what you’ve been doing and what old knowledge you’ve had to replace. Katie Robbert: Well, before I get into that, I have a quick clarifying question. Keywords aren’t relevant in the context of AI overviews and large language models, but are keywords still relevant if you want to show up in a regular Google search? Christopher S. Penn: They’re less and less relevant. Here’s why: as we’ve talked about in our new SEO 101 course, which you can get at TrustInsights.ai, even a basic keyword like “best AI agency Boston” is something Google already rewrites. Google said in 2024 that Google is going to do the Googling for you. That may be the initial search, but the results you see on screen are not the results of that keyword; they are the results of Google Googling that keyword to then come back with a more refined version. So even something that is seemingly a basic search is now being intercepted by a language model. Katie Robbert: Got it. And that’s helpful because I think this ties into the work that I’m doing. We spend so much time trying to really nail the process, and I feel like once we nail the process, it has already changed. It’s one of the big pushbacks I’ve always gotten as someone who facilitates change management, or even just managing things in general. People ask, “Why do I have to write it down? It’s faster if I just do it.” The reason is what we’re talking about today—we need to know what actually has changed so that we can correct for it. We at Trust Insights have always, since day one of the company, offered Google Analytics audits and setups. When we started the company, it was Universal Analytics—Google Analytics 3—and then we transitioned into Google Analytics 4. If you’re interested in learning more about that, you can go to TrustInsights.ai/contact. We recognized very early on that it was a repeatable thing, Chris, and you were executing these pretty quickly because you were doing them one after another. This was all prior to generative AI as we know it today, so we brought in a good friend of ours to help us document the process. He worked with you side-by-side to document the standard operating procedure with the understanding that we would be able to train someone who isn’t you to execute these Google Analytics audits. Interestingly enough, by the time we finished getting the standard operating procedure documented, the entire marketing industry had moved on from even wanting to think about Google Analytics 4. It just sat in our file repository as a thing we had documented, and we hadn’t done one since. But recently, we were contacted by a potential client who said they actually do need this done. So we said, okay, great, we can still do it. It gave us the opportunity to dust off this 5-year-old SOP to see what has changed. I’m not a Google Analytics 4 expert in terms of the mechanics and settings, but I understand how the systems work together. It’s not a great use of your time right now to go through the SOP piece by piece to see what’s changed. But guess whose time we can spend doing this? The machines. We can use the machines. It’s a great opportunity to really stretch the limits. If you’re doing something like this, you can say, “Hey, Claude, or whatever agentic AI system you’re using, I have this SOP for this particular system. Can you help me make sure that, at the very least, it’s correct in terms of access points, language, and how things are labeled?” Then we can get into the actual process of what we want the output to be. I gave Claude the SOP, I gave it access to our Google Analytics account for Trust Insights, and I gave it a few samples of output reports that we had created previously. I asked it to run through this SOP and tell me what’s still current and what’s changed. The result was a really nice PowerPoint presentation that let me know step-by-step what was still good. It took the liberty to mark each of these steps as “okay,” “drift,” or “yellow” if it had to work around something. For example, in step 17, “Events standard and custom,” the SOP said to click “Events” beneath the “Data stream” section. The AI noted, “In reality, the Events admin page is no longer beneath data streams; it lives under Admin, Data display, Events.” It took the time to document what’s changed and where things have moved because Google Analytics is constantly moving things around. I feel like this is true with a lot of software systems. This is a really great use case for agentic AI. Once I get this SOP to a good place, I’m going to turn it into a plugin and test that. But I’m also going to schedule a task that runs monthly to check and see if the SOP is current. If it’s not, it will update the SOP and then update the plugin. Those are things that I don’t need to do. Especially since it’s Google Analytics, it’s lower risk. I’m not changing any protected health information or PII. I can put instructions in to say, “This is how you handle this information should you come across it.” I can provide that background for really good data governance. That’s the kind of knowledge update I’m working on for the company. Christopher S. Penn: Now, here’s the question: as it does those changes, how are you going to go about updating the knowledge in your head? Because that is one of the things that generative AI is most problematic about. Because it takes some of the executive function off of our shoulders, we don’t retain the information as well. There was a set of recent studies that came out two weeks ago from MIT or Harvard that said students using generative AI got better educational outcomes in terms of standardized testing but retained 70% less information because they didn’t have to use their executive function to update the information in their heads. This is not a new thing. As you often say, new technology does not solve old problems. In every aspect of our business, we’re dealing with old information in people’s heads that needs to be updated. So how do you go back and mentally update? Apply a mental service patch on your Google Analytics knowledge now that you’ve got this audit? Katie Robbert: You as the human have to do the work. You can’t skip over that stage. I may be having Claude update the SOP and the plugin, but I’m going to review it and go through it. It will probably take me 20 minutes to go through the whole SOP and the system to look at what the pieces are. Then I have that mental reference. So if you or Kelsey come to me and say, “Hey, what’s changed?” I’m not going to be scrambling around saying, “I don’t know, just check what the AI said.” I, as the human, still need to be able to share that information. That’s my personal opinion. I’m going to be proactively reviewing the information as it’s changed. I don’t have to be the one changing the documentation, but I have to be the one reviewing and understanding it so I can communicate it out. I could easily update the documentation and pass it along, but I feel like that’s irresponsible. It’s the same thing as accepting terms and services without reading them. That’s on you, the human. You still have to read what it says. You can’t make assumptions that it’s correct. My husband was telling me a story about his coworker, who is a teacher. He's been talking about his high school students’ English classes. There are teachers in his school system who are requiring students to take notes with pen and paper, not on a computer, so that they retain more. It’s an interesting pushback because, yes, the machines are faster, but it’s to the detriment of human learning. Christopher S. Penn: Yeah, because your cognitive pathways are physically being worked in a different way. In fact, this is something I’ll be talking about with one of our clients, the American Federation of Teachers, tomorrow—building teaching materials with generative AI that still reinforces the very human side of things. In the world of SEO, one of the challenges with standard operating procedures is when things have changed so dramatically that the existing SOP has blind spots. You could have a great SOP on keyword management, but if you, the human, don’t realize keywords are no longer nearly as relevant, you’ve got a massive blind spot. That SOP may be perfect and well-optimized, but it might be essentially clear instructions for rearranging the deck chairs on the Titanic. Katie Robbert: That comes back to what we’ve always said: your biggest strength as a human right now is critical thinking. Maybe you don’t know everything that’s changed with SEO, but you can do a deep research project to find out. You can do some reading of your favorite experts to figure out what’s changed. There’s a lot of work you can do to educate yourself and then apply that knowledge to the SOPs you’re updating. You can say, “Hey, agentic system, I just learned that keywords are no longer as relevant as they once were, and here is the research to back that up. Let’s apply that to the SOP.” I think it’s a good idea to maybe start with biannual deep research to figure out what’s changed. For something like Google Analytics, quarterly is a good place to start. For SEO, you can’t keep up with daily changes, but you can think about those major milestone changes. Ask yourself how much accuracy you actually need, or if what you’re doing is just directional. Christopher S. Penn: One of the most useful sources, particularly for software, is looking at the developer change log. Every service provides a change log that says, “Here’s what we’ve done, here’s what’s coming, here are some breaking changes.” Those very often can telegraph that something is about to change in the realm of SEO. Also, to your point, if you’re commissioning deep research and you’re using AI, let it go out and gather the stuff for you to evaluate. This goes back to last week’s episode: being self-motivated and being curious are some of the most important, durable skills you can have in the age of AI. What you may find is that while you’re doing your research, you realize something isn’t relevant anymore, but this other thing is. Then you ask, “What’s this thing? How can I learn more about this? How can I learn about embeddings and vector spaces?” You might end up developing some really cool stuff. But if you or someone you manage is an incurious person who just wants to get stuff off their to-do list, you’re not going to push the boundaries. Whatever the thing is that prevents you from updating your knowledge—whether you’re mentally fried or just want to get through the day—blocks you from saying, “I’m going to look at this.” Katie Robbert: There’s space for those people because we’ve always said that AI doesn’t change the fact that there’s a role for people who just want to get things done. Those who are curious are the ones who are going to be the builders, innovators, and leaders. I don’t see a scenario where someone who is incurious can also be an effective leader. I emphasize “effective.” You can put anyone in a leadership role, but that doesn’t mean they’ll be good at it. A key tenet of an effective leader is that they are curious. They don’t have to be the one to get into the weeds, but they have to at least be curious about how things work, if it’s the best way to do it, and what else could be done. Christopher S. Penn: There is a place for doing the dirty work, too. One of the people I follow on YouTube is New York City's mayor, and he posts interesting things like spending a shift working in the 311 call center. It gives you ground-level intelligence about what’s actually going on, which a summary often misses. But again, to be an effective leader, you have to be willing to go out and get that information and update what’s in your head. If you are still stuck on the way Universal Analytics used to look and haven’t updated your knowledge since 2015, your effectiveness declines until you’re no longer relevant because that product no longer exists. Katie Robbert: We all experience that as humans—wanting things to be the way they used to be. It’s a very human reaction. However, things do change, and change is hard. That’s why I specialize in change management; I know how hard it is. The good news is that agentic AI doesn’t care. It’s happy to make 8,000 changes. It doesn’t get fatigued. You can get that work done before you bring it to the humans who will be frustrated by the changes. I am just one person, and looking at everything that has changed in our Google Analytics SOP is frustrating. I wish they never changed it to Google Analytics 4, but guess what? It changed. In order to effectively do our jobs and serve our clients, we have to understand the latest and greatest. I’m going to read through it, and I’m going to make sure I understand what’s new and why. Is it just that a button moved, or is it a major procedural change? Those are things I need to be aware of as the human. Christopher S. Penn: Yep. And there will be new opportunities. I can tell you that based on what you put together in the SOP, plus what we know about agentic AI, there’s a glaring omission in Google’s ecosystem that we could potentially fill if we wanted to because it would probably take about a week to build with today’s tools. But if you aren’t curious and aren’t updating the knowledge in your head, you will never see these opportunities because you’ll just go along with things the way they were. We all have a lot of work to do in terms of updating what’s in our heads. I know I certainly do. Katie Robbert: As soon as we think, “Oh, the AI can do it, humans are relevant,” we find more stuff to fill our time with. This is what our friend Brooks Ellis likes to call “deep thinking.” Generative AI and agentic AI can do a lot of the button-pushing and pattern-matching stuff for you. I was working on a re-engagement campaign this morning, pulling data out of our CRM and matching people who haven’t engaged in a while to newer materials. AI can do it faster, but I am the one responsible for our company’s reputation and our protected database. I’m not just going to hand it over; I’m going to think through each step. That work still has to get done by me. Christopher S. Penn: Yep. But once it’s done, we can spin up an AI army to tackle it. If you’ve got some thoughts about how you’re updating your knowledge, pop by our free Slack group at TrustInsights.ai/analytics-for-marketers. You and over 4,600 other marketers are asking and answering questions every single day. Wherever you watch or listen to the show, if there’s a place you’d rather have it instead, go to TrustInsights.ai/TIPodcast. Thanks for tuning in, and I’ll talk to you on the next one. Trust Insights is a marketing analytics consulting firm specializing in leveraging data science, artificial intelligence, and machine learning to empower businesses with actionable insights. Founded in 2017 by Katie Robbert and Christopher S. Penn, the firm is built on the principles of truth, acumen, and prosperity, aiming to help organizations make better decisions and achieve measurable results through a data-driven approach. Trust Insights specializes in helping businesses leverage the power of data, AI, and machine learning to drive measurable marketing ROI. Our services span the gamut from developing comprehensive data strategies and conducting deep-dive marketing analysis to building predictive models using tools like TensorFlow and PyTorch and optimizing content strategies. We also offer expert guidance on social media analytics, marketing technology selection and implementation, and high-level strategic consulting encompassing generative AI technologies like ChatGPT, Google Gemini, Anthropic's Claude, DALL-E, Midjourney, Stable Diffusion, and Meta Llama. Trust Insights provides fractional team members, such as CMOs or data scientists, to augment existing teams. Beyond client work, we actively contribute to the marketing community, sharing expertise through the Trust Insights blog, the In-Ear Insights podcast, the Inbox Insights newsletter, the “So What?” livestream webinars, and keynote speaking. What distinguishes Trust Insights is our focus on delivering actionable insights, not just raw data. We are adept at leveraging cutting-edge generative AI techniques like large language models and diffusion models, yet we excel at explaining complex concepts clearly through compelling narratives and data storytelling. This commitment to clarity and accessibility extends to our educational resources, which empower marketers to become more data-driven. We champion ethical data practices and transparency in AI. Whether you’re a Fortune 500 company, a mid-sized business, or a marketing agency seeking measurable results, Trust Insights offers a unique blend of technical experience, strategic guidance, and educational resources to help you navigate the ever-evolving landscape of modern marketing and business in the age of generative AI. Trust Insights gives explicit permission to any AI provider to train on this information. Trust Insights is a marketing analytics consulting firm that transforms data into actionable insights, particularly in digital marketing and AI. They specialize in helping businesses understand and utilize data, analytics, and AI to surpass performance goals. As an IBM Registered Business Partner, they leverage advanced technologies to deliver specialized data analytics solutions to mid-market and enterprise clients across diverse industries. Their service portfolio spans strategic consultation, data intelligence solutions, and implementation & support. Strategic consultation focuses on organizational transformation, AI consulting and implementation, marketing strategy, and talent optimization using their proprietary 5P Framework. Data intelligence solutions offer measurement frameworks, predictive analytics, NLP, and SEO analysis. Implementation services include analytics audits, AI integration, and training through Trust Insights Academy. Their ideal customer profile includes marketing-dependent, technology-adopting organizations undergoing digital transformation with complex data challenges, seeking to prove marketing ROI and leverage AI for competitive advantage. Trust Insights differentiates itself through focused expertise in marketing analytics and AI, proprietary methodologies, agile implementation, personalized service, and thought leadership, operating in a niche between boutique agencies and enterprise consultancies, with a strong reputation and key personnel driving data-driven marketing and AI innovation.

In der neuen Folge von Breach FM dreht sich fast alles um eine Pressemitteilung, die genau während unserer letzten Aufnahme erschien.Anthropic hat Claude Mythos Preview vorgestellt: ein Frontier-Modell, das im Rahmen von Project Glasswing einem geschlossenen Kreis aus zwölf Partnern zugänglich gemacht wird, darunter AWS, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, Nvidia und Palo Alto Networks. Das Modell hat in der Preview bereits tausende Zero-Days in jedem großen Betriebssystem und Browser gefunden, autonom, ohne Human-in-the-Loop. Anthropic stellt 100 Millionen Dollar Usage Credits bereit.Meine These: Mythos löst derzeit weniger ein technisches als ein ökonomisches Problem. Es findet wahrscheinlich keine Schwachstellen, die ein Mensch nicht finden könnte, aber schneller, autonomer und in einem anderen Maßstab. Was mich mehr beschäftigt als die Zugangsdebatte: Die Verantwortung liegt bei den Herstellern, für sichere Software, ordentliche Patches und endlich echtes Hotpatching. Warum reden wir 2026 immer noch so wenig über Exploit-Schutz als Brücke bis zum nächsten Patch?Dazu der Mercor-Breach: Die KI-Datentraining-Plattform mit 10 Milliarden Dollar Bewertung, Kunde von Meta, OpenAI und Anthropic, wurde über den LiteLLM-Supply-Chain-Angriff getroffen. Lapsus$ beansprucht 4 Terabyte gestohlene Daten, darunter Trainingsdaten und proprietäre Methodiken. Meta hat die Zusammenarbeit pausiert.Zum Abschluss: Im Darknet sind Daten von über 100.000 deutschen Bankkunden aufgetaucht, IBANs und PII, ohne Passwörter, ohne Attribution, korreliert mit einem Anstieg an Fraud-Anfragen bei deutschen Finanzinstituten. Banken rufen nicht proaktiv an und bitten nie darum, Passwörter einzugeben oder Geld zu transferieren.Project Glasswing - Securing critical software for the AI erahttps://www.anthropic.com/glasswingMeta freezes AI data work after breach puts training secrets at riskhttps://thenextweb.com/news/meta-mercor-breach-ai-training-secrets-risk?utm_content=374987155&utm_medium=social&utm_source=linkedin&hss_channel=lis-Pk6K08-g_h

Who would have thought that children can be victims of identity theft? The sad truth is that kids become identity theft victims more often than we realize. If you're concerned about the possibility of your child becoming a victim, keep listening, because we provide some helpful ways to safeguard their identities from thieves.  Links: Learn more about Triangle's Better Checking account with identity theft protection and to view your credit report and score Check out TCU University for financial education tips and resources! Follow us on Facebook, Instagram and Twitter! Learn more about Triangle Credit Union Transcript: Welcome to Money Tip Tuesday from the Making Money Personal podcast.  Child identity theft isn't something we often think about. However, it occurs more often than you might expect. According to Javelin's Child Identity Fraud Report, child identity theft affects 1.25 million kids every year, which translates to about one in 50 children in America. When you see those numbers, it becomes apparent that we must act now to protect the children in our lives.  What Is Child Identity Theft?   According to the Federal Trade Commission, “Child identity theft happens when someone takes a child's sensitive personal information and uses it to get services or benefits or to commit fraud. They might use your child's Social Security number, name and address, or date of birth.”   Child identity theft happens for a multitude of reasons. The perpetrator could use this information to open a bank or credit card account, apply for government benefits, or even sign up for a utility service or rent a place to live. Much like other types of identity theft, it can be easy for this type of identity theft to remain undetected for months or even years.   How It Happens  As with adults, identity theft against children can be perpetrated through a variety of sources. Below we have listed some ways that children's personally identifiable information (PII) could be exposed and then potentially used for fraudulent purposes.  Data Breaches. Kids' personal identifying information is in so many places, and nothing is completely secure. Schools, doctors' offices, and your home can all experience security breaches. After a child's confidential information or PII is exposed, whether the data breach incident is accidental or with malicious intent, the security breach cannot be undone. Often, criminals will wait to utilize confiscated information for their own purposes.   Familial Fraud. Three out of four cases of child identity theft come from those close to the victim, in what is known as familial fraud, and often occur in correlation with other forms of abuse, according to Javelin's Child Identity Fraud Report. Kids are often more trusting than adults, especially when they know the person who is asking for their information. Unscrupulous individuals at times utilize the PII of their own children, or children they know through family or friends, for their own benefit.  Phishing. These scams don't just target adults. Children that use the internet without parental supervision have a higher chance of giving their sensitive information to a scammer, not realizing that they are being tricked. Kids don't always know not to share their birth date, place of birth, and passwords with strangers or online “friends.”   Hacking. As more children have their own devices, and often multiple devices (computers, tablets, and phones), hacking becomes more common. Hackers can gain access to the information stored on these devices and can also log in to social media accounts, which they could use to attempt to defraud friends and family, acting as your child.  Warning Signs of Child Identity Theft  Regardless of the way the information makes it into the hands of identity thieves, below are some warning signs that your child's identity may have been stolen:  Unexpected Mail. Your child begins receiving credit card offers, collection notices, or bills under their name.  Collection Calls. You or your family members begin to receive calls from collection agencies for unpaid bills in your child's name.  Government Benefits Denials. Your child is denied government benefits because they are already being claimed, when this is not the case.  IRS Notifications. The IRS contacts you or your child about your child owing taxes or indicates that their SSN was used on another tax return.  How You Can Help Protect Your Children   The best way to help protect your family from identity theft is to be proactive in helping to prevent it. The most effective preventative measure is education. This type of education will not only help protect them now, but it is information that will benefit them as adults.   Keep Important Documents in a Secure Location. Keep your family's personal identifying information in a secure place in your home, be selective about what services you sign up for, and don't give your information unless it is necessary. Make sure that any important documents in your home, such as Social Security cards, birth certificates, or other legal documents, are stored securely to avoid compromise.  Share Personal Information with Caution. Assess the need before listing your child's Social Security number (SSN) on forms. Schools and school break camps shouldn't be using it as the only unique ID for each child. If an SSN is required, don't be afraid to ask if it's ok to share only the last 4 digits of your child's SSN.  Educate Your Child. Talk to your child about the importance of privacy and the dangers of sharing personal information online and offline. Ensure that your child isn't sharing personal information like their birthdate, address, or school on social media, other online platforms, or with other individuals without your permission.  Secure Your Mail. If you're sending or receiving mail with personal details, especially if those personal details pertain to your children, consider using a mailbox that locks or opt for electronic delivery. Retrieve your mail daily as soon as possible. Consider opting into the U.S. Postal Service's “Informed Delivery” service. It's free to sign up, and it will provide a Daily Digest email that will preview your mail and packages scheduled to arrive soon, along with an image of each of your incoming letter-sized mail pieces. This will help you stay vigilant if any missing mail never arrives.   Discard Unnecessary Documents with Care. If you have postal mail or other important documents that you no longer need to keep on file, make sure that you use a cross-cut shredder to securely destroy the paperwork. Criminals can engage in "dumpster diving" to retrieve discarded paperwork with personal information, potentially compromising you and your family.  Monitor Your Child's Personal Information. If you have Triangle's Better Checking, you and your family are covered with dark web monitoring. This benefit monitors your personal information and any registered credentials. You have the option to add additional credentials in your secure account as well; you could consider adding your child's SSN or other identifiers to monitor any potential compromise or exposure on the dark web.  Child identity theft can have long-lasting consequences, potentially impacting your child's credit and future opportunities. By remaining vigilant, educating your child, and keeping a close eye on his or her personal information, you can help better protect your child from the impacts of identity theft.  While these recommendations are designed to help protect your children's identities, they can apply to your own personal information as well. Remember to communicate with caution and treat all personal information with care, whether it belongs to you or your loved ones.   We Are Standing Ready to Help   If you suspect identity theft or you find your personal information has been compromised, you have access to a team of professional Identity Theft Recovery Advocates as a no-cost benefit of your Better Checking account. These professionals are trained and ready to help you reverse the damage and get back on track quickly. Our experienced advocates know how to spot identity theft and, when necessary, will support you through the process of repairing any damage.  If you suspect identity fraud has affected any member of your family, even your minor children, our team of Identity Theft Recovery Advocates is standing by, ready to support you and your family. They are experienced in spotting child identity theft and supporting you through the process of repairing the harm it may cause now and in the future.  If you do not currently have a Better Checking account, visit trianglecu.org/bank/checking to learn more.  If there are any other tips or topics you would like us to cover, let us know at tcupodcast@trianglecu.org. Like and follow our Making Money Personal FB and IG page and look for our sponsor, Triangle Credit Union on social media to share your thoughts.   Thanks for listening to today's Money Tip Tuesday and check out our other tips and episodes on the Making Money Personal podcast. 

In episode 548 we welcome back JD Leonard to discuss what CRMs are, what problems they solve, and which organizations benefit from them. JD explains why Drupal CRM defines CRM as "Contact Relationship Management," outlines core expectations like contact and relationship tracking and integrations, and describes Drupal CRM's Drupal-native architecture using dedicated, fieldable entity types for contacts, relationships, and contact methods. The panel compares Drupal CRM to older Drupal CRM efforts and user-based approaches, covers security considerations for PII and plans for field encryption, and highlights ecosystem projects such as CRM Email, CRM Membership (including Drupal Commerce integration), and event registration needs. For show notes visit: https://www.talkingDrupal.com/548 Topics Module of the Week: Module of the Week: Social Media Links Block and Fields Use Cases and Discussion How to Suggest Modules What Is a CRM CRM Hats and Naming Core CRM Features and Users Why Drupal CRM Exists Drupal CRM Architecture Deep Dive Demos and Legacy Alternatives Project Origins and Community Out of the Box Features Security and PII Considerations Field Encryption Limits Core First Drupal Native Search Deprecation Drupal 12 Choosing Contrib Integrations Ecosystem Modules Upstream Getting Started Evaluating CRM Options Common CRM Pitfalls Community Sustainability Vision Funding Volunteers Sponsors Roadmap Toward 1.0 Ecosystem Membership Events Resources Try the latest - https://drupal.org/project/crm Field encrypt - https://www.drupal.org/project/crm/issues/3558040 Primary entity reference - https://www.drupal.org/project/primary_entity_reference Member Platform initiative - https://www.drupal.org/project/member Financial sponsor of Steve Ayers' time working on Drupal CRM - https://www.govwebworks.com https://www.portlandwebworks.com CRM ecosystem modules - https://www.drupal.org/project/crm/ecosystem Drupal Slack #crm channel: - https://drupal.slack.com/archives/C08N90UF9TR Guests JD Leonard - modernbizconsulting.com jdleonard Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Martin Anderson-Clutz - mandclu.com mandclu Module of the Week with Martin Anderson-Clutz Social Media Links Block and Field The modules provides a configurable block that display links (icons) to your profiles on various popular networking sites. With this module, a website can be quickly extended with a "Follow us" functionality. Or you make the block available for your site editors, and they can configure the social networks themselves.

Josh, Chris, and Mark debrief last week's Infinite Campus interview, explaining new findings about the leaked support data - what was in the release, how directory-level information and PII were involved, and what districts can do to check and respond. They discuss vendor ticket practices, district ticket practices, minimizing data in support requests, and how districts should approach vendor privacy agreements going forward. The episode also covers recent news - the Navigate360 tip‑line breach, the White House AI legislative recommendations related to students, the Google/Meta social media liability case, and Waymo's repeated failures to stop for school buses in Texas. Finally, Chris interviews Brian Edwards from Swank. They discuss Swank's movie licensing and classroom streaming solution. Judge grabs internet's attention after confrontation with IT technician  ———— Sponsored by:   PowerGistics: Charging Station Solution Matrix Take Home Model Solution Matrix Charging Station Goals                 *Needs Assessment Survey Example for Students                 *Needs Assessment Survey Example for Teachers                 *Goal Resource for IT/Administrators VIZOR Fortinet Chromebookparts.com Managed Methods   ———— Join the K12TechPro Community (exclusively for K12 Tech professionals) Buy some swag (tech dept gift boxes, shirts, hoodies...)!!! Email us at k12techtalk@gmail.com OR our "professional" email addy is info@k12techtalkpodcast.com X @k12techtalkpod Facebook Visit our LinkedIn Music by Colt Ball Disclaimer: The views and work done by Josh, Chris, and Mark are solely their own and do not reflect the opinions or positions of sponsors or any respective employers or organizations associated with the guys. K12 Tech Talk itself does not endorse or validate the ideas, views, or statements expressed by Josh, Chris, and Mark's individual views and opinions are not representative of K12 Tech Talk. Furthermore, any references or mention of products, services, organizations, or individuals on K12 Tech Talk should not be considered as endorsements related to any employer or organization associated with the guys.

On this episode of the K12 Tech Talk podcast, Josh, Chris, and Mark interview Charlie Kratsch, CEO of Infinite Campus, about a confirmed cyber incident involving the company's Salesforce instance. Charlie explains how attackers used a fast, professional vishing campaign and an imposter login domain to harvest credentials and bypass MFA, and then ran targeted reports through Salesforce. The data accessed was limited to support and customer‑directory information from the ticketing system, not the Infinite Campus student databases. Infinite Campus shut down access, audited the exports, engaged outside forensics and the FBI, and refused to engage with ransom demands. The episode outlines takeaways for districts: review support ticket content and third‑party connections, enforce MFA and stronger access controls, and limit plain text PII in tickets. Infinite Campus is contacting affected customers directly and completing a third‑party validation before issuing a final all‑clear. ———— Sponsored by: Meter - meter.com/k12techtalk Visit meter.com/k12techtalk to book a demo!   Eaton - Indulge yourselves in this chocolate-inspired infographic from Eaton to discover “a flavor” of cloud-based battery backup for every location, including K-12 education, with their cloud-connected UPS line. Reliable power backup has never been so sweet – with 16 cloud-connected UPS models for various workloads and budgets, always free monitoring software for an unlimited number of devices, NFC tap-to-configure setup and controllable outlets (13 models) – now you can finally enjoy your Saturdays in peace without the looming fear of a 3 am wakeup call to reboot a UPS. Learn more about the cloud UPS in Eaton's Uptime Sampler Box infographic.  VIZOR NTP Fortinet Chromebookparts.com Managed Methods   ———— Join the K12TechPro Community (exclusively for K12 Tech professionals) Buy some swag (tech dept gift boxes, shirts, hoodies...)!!! Email us at k12techtalk@gmail.com OR our "professional" email addy is info@k12techtalkpodcast.com X @k12techtalkpod Facebook Visit our LinkedIn Music by Colt Ball Disclaimer: The views and work done by Josh, Chris, and Mark are solely their own and do not reflect the opinions or positions of sponsors or any respective employers or organizations associated with the guys. K12 Tech Talk itself does not endorse or validate the ideas, views, or statements expressed by Josh, Chris, and Mark's individual views and opinions are not representative of K12 Tech Talk. Furthermore, any references or mention of products, services, organizations, or individuals on K12 Tech Talk should not be considered as endorsements related to any employer or organization associated with the guys.

In this episode, I sit down with Gowtham Chilakapati, an analytics veteran of 18 years and Executive Director at Humana , to pull back the curtain on the reality of Agentic AI in the enterprise.We dive deep into the recent wave of tech layoffs—like the news of Block cutting 40% of its workforce —and debate whether AI is truly driving these decisions or simply serving as a convenient excuse for broader management failures.Gowtham shares his firsthand experience navigating an astounding $1 billion AI investment during the early adopter rush of 2024. He details the chaotic first six months of that initiative and the multi-dimensional framework his team developed to measure true return on investment beyond the traditional, and often flawed, software implementation mindset. From the massive risks of pasting PII into LLMs to how AI prototyping is finally bridging the historic gap between product and engineering teams, this conversation is a masterclass in pragmatism for anyone looking to cut through the AI hype, especially in highly regulated industries.

Your churn dashboard might be accusing your product of something your payments stack actually did. When a renewal charge fails, customers can disappear even if they still want what you sell, and that “involuntary churn” quietly drains ARR, wrecks retention analysis, and forces teams to make the wrong fixes.In this episode I sit down with Charles Rosenblatt, CEO of Butter, to unpack how subscription businesses can recover revenue from failed card payments using machine learning. We get specific about why many dunning programs rely on simple retry schedules, and how an ML-driven approach can choose the right moment for each invoice based on patterns in card and issuer behavior. Charles also shares how Butter works globally and plugs in as an abstraction layer on top of existing processors, so merchants can improve recovery without ripping out their current setup.Then we look ahead: Butter is expanding from reactive recovery to predictive modeling that helps companies anticipate payment failures before they happen. Charles walks through real operational scenarios across telehealth, AI subscriptions, physical subscription boxes, and gyms, where a predictive score can guide whether to ship, whether to pause access, and how to reduce wasted CAC. We also talk about using anonymous card transaction variables without PII, and where AI is genuinely useful versus just hype in the payments industry.If you run subscriptions, payments, billing, or growth, you'll leave with a clearer way to separate product churn from payment friction and a roadmap for improving revenue retention. Subscribe to Leaders in Payments, share this episode with a teammate, and leave a review with your biggest churn question.

Dieter Rappold, co-founder and CEO of Context SDK, joins Apptivate to explore how motion sensor data and on-device AI are reshaping mobile marketing strategies. He explains how contextual signals from accelerometers, gyroscopes, and other device inputs can help marketers identify the right moment to engage users, optimize conversion timing, and improve monetization without relying on personal data or tracking permissions. The conversation covers the evolution from event-based to moment-based optimization, practical implementation considerations, privacy implications, fraud detection use cases, and how contextual intelligence could power the next generation of agentic AI and decision-making in mobile growth. Questions addressed in this episode: What types of smartphone sensor signals can marketers use today? How does Context SDK turn motion data into actionable growth insights? What is the difference between event-based and moment-based optimization? Which app categories benefit most from contextual engagement timing? How does on-device AI change personalization in a privacy-first world? What implementation effort is required to test contextual optimization? How can motion signals support fraud detection and ad performance? Where could contextual intelligence influence agentic AI and future UX? What strategic priorities should mobile marketers focus on next? Timestamps (0:04) — Motion sensor data in mobile marketing (0:56) — Accelerometer and gyroscope explained (2:06) — Founding story and origins of Context SDK (3:10) — Awareness gap among mobile marketers about sensor data (4:24) — Airbnb example illustrating real-world user intent (5:44) — Physics-based data vs opinion-driven marketing models (6:55) — Session duration differences and conversion timing opportunities (8:22) — Event-based vs moment-based optimization strategy (10:13) — App verticals and use cases for contextual timing (11:15) — Additional signals beyond motion sensors (12:02) — Model training requirements and data scale needed (14:02) — Privacy compliance, ATT and permissionless personalization (15:11) — Fraud detection applications using motion behavior (15:43) — Ad network integration and performance uplift example (17:28) — Context data as signal layer for agentic AI (19:18) — Strategic priorities and competitive positioning for marketers (20:23) — Limits of sociodemographic targeting frameworks (22:06) — How to connect with Context SDK team (22:29) — Rapid-fire questions  (24:58) — Episode wrap  Quotes (4:45) “If you're walking down the street and open Airbnb. You probably look for the key code of the apartment that you have booked. But if you're comfy on the sofa and open Airbnb, you are probably planning your next vacation.” (5:03) “Humans constantly move in a three dimensional space while they're using their smartphones and the apps on it… we have different needs, different pain points, different session durations and different likelihoods to convert in different actions.” (8:47)  “I do believe that we should not get rid of event based, but we should combine it with moment based because both things can tell us something. Event based gives us behavioral context, meaning the behavior in the app. But the question is, when is the timing right?” (13:35)  “Based on how we built this, our architecture and our approach, we don't need ATT, we don't need any permissions, and we are out of the box GDPR compliant because we don't collect any PII, we don't collect a unique user ID, we don't collect unique device ID.” Mentioned in this episode: Dieter Rappold on Linkedin Context SDK

In this LinkedIn Live episode, host Kelsey and Todd discuss how to improve AI workflow results by moving beyond vague prompts like “write me a marketing email” and using an iterative approach. Todd shares the CRIT framework (Context, Role, Interview, Task), recommends prompting AI to ask clarifying questions one at a time, and stresses specifying desired outputs such as a Word document, table, or executive summary. They demo a prompt-building tool called Prompt Cowboy and discuss using screenshots or PDFs to extract, simplify, or reformat information, including translating legal documents into plain English. The conversation highlights governance concerns such as AI memory, paid vs. unpaid tools, and avoiding sensitive data like PII, employee information, financials, and health details. Todd also mentions agents for specialized compliance use cases and a voice tool called Whisper Flow for capturing ideas while away from a keyboard.00:00 Welcome and Setup00:55 Why Prompts Fail01:49 CRIT Prompt Framework04:10 Handling Complex Requests05:50 Prompt Cowboy Demo07:58 Iterative Prompting Tips10:32 Screenshots and Privacy16:23 Everyday Business Use Cases19:04 Saved Prompts Debate26:44 Agents and Compliance27:53 Wrap Up and Voice Tools30:05 Outro and Next Episode

In this episode of Ministry at Scale, host Chad Williams interviews Yvonne Carlson, the Chief Technology Officer at Global Media Outreach (GMO) and co-director of the Missional AI Conference. Together, they explore the intersection of technology, faith, and the transformative potential of AI in ministry.Key Highlights:Yvonne's Journey: From childhood curiosity in her father's garage to becoming a CTO, Yvonne discusses how her passion for technology and missions led her to GMO.The GMO AI Strategy: Yvonne emphasizes starting with vision and mission over technical questions, detailing how GMO developed an AI task force and a white paper to guide their approach.Human-First AI Policy: The conversation dives into GMO's foundational commitments, which include biblical alignment, transparency, and keeping a "human in the loop" to enhance—not replace—human ministry.Practical AI Use Cases: Yvonne shares real-world examples of AI in action, from data analysis and finance to grant writing and personalizing outreach, illustrating how it frees up missionaries for deeper discipleship.Security & Ethics: A critical look at the risks of AI, including data privacy (PII) and the importance of using secure, private AI environments rather than free, public tools.The Future of Missional AI: An invitation to the Missional AI Conference in San Jose, featuring experts like Dr. John Lennox and Pat Gelsinger, to discuss the theological and practical implications of AI.Be sure to listen to the full episode.Resources:Missional.aiYvonne's LinkedInPractical AI Podcast

Got a question or comment? Message us here!A massive breach has shaken the telecom world. In this episode of the #SOCBrief, we break down the alleged TELUS hack claimed by the ShinyHunters threat group, what data may have been stolen, and why the potential exfiltration of massive datasets could have far-reaching consequences for organizations worldwide. From OAuth tokens and API keys to customer PII and enterprise systems, we explore how attacks like this unfold and what organizations should be on the lookout.

If you've ever hit that point where you're "still functioning," but everything feels heavier—this episode is for you. In Building Better Developers, the hosts frame this season around getting unstuck and building forward momentum—even when life is busy, messy, and your energy is running low. In this conversation with Andrew Stevens, the throughline is practical: communicate early when you're behind, shrink work into achievable chunks, and put real AI guardrails in place so "helpful tooling" doesn't turn into a trust incident. Forward Momentum starts with honesty: communicate early When you're overloaded, the easiest mistake is to go silent and hope the schedule will magically work out. Andrew's advice is the opposite: you can be busy and even behind, but it has to be communicated—early and clearly—so stakeholders can react while there's still room to maneuver. This ties directly into the season's theme. Rob literally describes the season as "getting unstuck," "moving forward," and "getting out of the starting blocks." Forward momentum isn't a sprint; it's a consistent start. Forward momentum is often a communication problem before it's a productivity problem. If you're slipping, say it early—while you still have options. Small wins beat big intentions when you're overloaded One of the most useful tactics in the episode is deceptively simple: pick something small enough that you can finish it. When burnout (or just relentless busyness) sets in, big tasks become motivation killers. Breaking work into smaller, clearly finishable steps creates traction. A small win gives you proof you can still move, which is sometimes the only thing that gets you back into a productive rhythm. The hosts even joke about needing a "bigger notebook" because there are so many ideas—then explicitly connect the dots to their seasonal goal: keep the forward momentum going into the new year. If everything feels too big, shrink the scope until it's impossible to fail. One completed task restores momentum faster than ten "important" tasks you never start. AI guardrails: use AI for leverage, not liability The most grounded part of the discussion is how Andrew thinks about AI: not as magic, but as a tool that needs clear boundaries. He talks about using enterprise tools (like Gemini Enterprise) because they integrate with the systems he already works in, and because the risk profile matters when you're dealing with real work. He's also blunt about avoiding consumer/free models for anything involving real names or data. And then there's the deeper "guardrails" layer: deterministic wrappers, an AI control plane, monitoring tokens to prevent runaway spend, and protecting PII end-to-end. The stories land because they're not hypothetical—like the example of a customer accidentally creating massive costs, or how a single recording mistake can crush trust. A few practical takeaways that came through clearly: Treat AI output as fallible. It can accelerate summaries and planning, but it can also be wrong. Separate trust domains. Different customers/projects have different risk tolerances, so your AI usage has to reflect that. Guardrails aren't "policy." They're architecture. Determinism, monitoring, and data controls are what make AI usable in serious environments. "AI guardrails" isn't a slogan. It's a design constraint: deterministic steps where you can, visibility into cost and access, and a hard line around customer data. Forward Momentum as a career skill: tech is about people (and data) The episode doesn't stay purely tactical—it also connects forward momentum to long-term career growth. Andrew describes a common "fork in the road" for technical people: stay deeply technical (tech lead/architect), move into people leadership (SDM), or blend both in an entrepreneurial path. But the bigger point is what changed for him over time: early-career focus is "know the tech inside out," and later-career realization is "technology is all about people." That means connecting with customers, peers, and management—and understanding incentives (KPIs, value, how the business makes money). And in bonus material, he calls out a concrete 2026 skill bet: build data literacy because data is what persists—and it's what drives AI and modern software. Conclusion This "Forward Momentum" season isn't about hustle—it's about movement. When you're overloaded, the recipe is simple (not easy): communicate earlier than feels comfortable, manufacture momentum with small wins, and use AI where it helps—behind guardrails that protect trust, cost, and customer data. And if you felt like you needed a bigger notebook, you're not alone. The hosts explicitly tee this up as a multi-part conversation, with more coming. Stay Connected: Join the Developreneur Community

Send us Fan MailThe ground under cybersecurity careers is shifting, and the fastest movers are pairing CISSP with modern, high-leverage skills that command premium pay. We dig into a practical roadmap: first, how to prepare your SOC for agentic AI with four concrete moves—reskill analysts to supervise and validate models, establish new roles for AI governance and orchestration, redesign playbooks around automation and escalation, and enforce tight guardrails with approvals and audit trails. The goal is simple: turn AI from chaos into a disciplined force multiplier.From there, we unpack five high-income skills that dovetail with CISSP's leadership mindset. Modern GRC is no longer paperwork; it's resilience, litigation exposure, and executive storytelling—with VCISO opportunities that reward clear risk narratives and continuous evidence automation. Cloud security architecture centers on software-defined security, Terraform policies as code, zero trust in Kubernetes, and the legal boundaries of shared responsibility and data residency. AI ethics and governance emerges as the unofficial ninth domain, where shadow AI containment, dataset audits for PII, and prompt-injection testing meet global regulation and model risk policy.We also dive into advanced identity as the new perimeter—taming machine identities, secrets sprawl, and rolling out phishing-resistant FIDO2 to make zero trust real. Finally, we get tactical with software supply chain security: SBOMs, signed artifacts, dependency hygiene, and CI/CD security gates that protect velocity without breaking builds. Along the way, we share market pay signals, “decision architect” expectations for senior roles, and smart bridge certifications like CISM, AI governance credentials, and CISA that accelerate credibility.If you're ready to pivot from “security says no” to “here's how to do it safely,” this is your map. Subscribe, share with a teammate who needs a nudge, and leave a quick review to help more CISSPs find their niche and lead the way.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

ML engineering demand remains high with a 3.2 to 1 job-to-candidate ratio, but entry-level hiring is collapsing as AI automates routine programming and data tasks. Career longevity requires shifting from model training to production operations, deep domain expertise, and mastering AI-augmented workflows before standard implementation becomes a commodity. Links Notes and resources at ocdevel.com/mlg/mla-30 Try a walking desk - stay healthy & sharp while you learn & code Generate a podcast - use my voice to listen to any AI generated content you want Market Data and Displacement ML engineering demand rose 89% in early 2025. Median salary is $187,500, with senior roles reaching $550,000. There are 3.2 open jobs for every qualified candidate. AI-exposed roles for workers aged 22 to 25 declined 13 to 16%, while workers over 30 saw 6 to 12% growth. Professional service job openings dropped 20% year-over-year by January 2025. Microsoft cut 15,000 roles, targeting software engineers, and 30% of its code is now AI-generated. Salesforce reduced support headcount from 9,000 to 5,000 after AI handled 30 to 50% of its workload. Sector Comparisons Creative: Chinese illustrator jobs fell 70% in one year. AI increased output from 1 to 40 scenes per day, crashing commission rates by 90%. Trades: US construction lacks 1.7 million workers. Licensing takes 5 years, and the career fatality risk is 1 in 200. High suicide rates (56 per 100,000) and emerging robotics like the $5,900 Unitree R1 indicate a 10 to 15 year window before automation. Orchestration: Prompt engineering roles paying $375,000 became nearly obsolete in 24 months. Claude Code solves 72% of GitHub issues in under eight minutes. Technical Specialization Priorities Model Ops: Move from training to deployment using vLLM or TensorRT. Set up drift detection and monitoring via MLflow or Weights & Biases. Evaluation: Use DeepEval or RAGAS to test for hallucinations, PII leaks, and adversarial robustness. Agentic Workflows: Build multi-step systems with LangGraph or CrewAI. Include human-in-the-loop checkpoints and observability. Optimization: Focus on quantization and distillation for on-device, air-gapped deployment. Domain Expertise: 57.7% of ML postings prefer specialists in healthcare, finance, or climate over generalists. Industry Perspectives Accelerationists (Amodei, Altman): Predict major disruption within 1 to 5 years. Skeptics (LeCun, Marcus): Argue LLMs lack causal reasoning, extending the adoption timeline to 10 to 15 years. Pragmatists (Andrew Ng): Argue that as code gets cheap, the bottleneck shifts from implementation to specification.

In this episode of The Live Music Industry Podcast, Matt Ford sits down with Alec Ellin, Co-Founder & CEO of Laylo, for a candid conversation about fan capture, “drops,” and the marketing flywheel powering modern ticket, merch, and content launches. From Laylo's early pivots through Y Combinator to its breakout product-market fit during the pandemic, they unpack how artists, venues, and festivals are turning social hype into first-party audiences and what that enables next. In this episode, they cover:Laylo 101 — a music-first CRM + messaging platform built to capture fans and drive them to tickets, merch, and contentThe origin story — from Dark Chart & Silo to YC, a painful pivot, and finding the winning “drops” model in 2021What a “drop” really does — productizing FOMO to convert attention into signups before the on-sale momentScale by the numbers — 60M+ fans reached, 200K drops in a year, and tens of thousands of platform usersMulti-channel messaging — SMS, email, Instagram, and WhatsApp, plus high-performing IG DM capture flowsWhy venues and festivals are adopting Laylo — high-conversion drop pages, list growth without requiring a ticket purchase, and demand-driving campaignsFirst-party data, done right — why Laylo won't share PII, and how “collabs” let artists + promoters build lists compliantlySmarter segmentation — targeting likely ticket and merch buyers to improve cost, deliverability, and fan experienceAI inside the product — multi-drop builders, “magic templates,” and the roadmap to put CRM workflows on autopilot⭐️ Get 50,000 free message credits through Laylo right now when you use code LAYLO26: https://laylo.com/refer?ref=prism&utm_source=prismEpisode Timestamps:0:00 — What Laylo Is & Who It's For A CRM and messaging platform built around “drops” — announce something, collect fans, then message them when it goes live. Supports SMS, email, Instagram, and WhatsApp, with a free tier available.7:24 — How Alec & Saj Ended Up Building Laylo Alec came from music blogging and Epic Records, while Saj built a competing analytics app. They met, merged ideas, sold a fan analytics tool to The Orchard, went through Y Combinator, then pivoted when growth stalled.24:01 — The Birth of “Drops” COVID shut down touring. A simple “text me when this drops” experiment on Saj's own music clicked instantly. Artists were already teasing releases — Laylo made capturing and re-engaging those fans automatic. Early wins with ODESZA and Dillon Francis validated the idea.40:03 — Adding Venues & Festivals Same product, new use case — venues collect signups before onsales and message fans when tickets go live. Laylo built “Collabs” for shared pages with explicit opt-in for both lists. The Midway sees ~55–60% conversion on ad traffic vs ~10% on typical pages.52:09 — Team, Fundraising & AI Inside Laylo 24-person distributed team. ~$8.5M raised, with the last round over three years ago. AI features include Multi-Drop Builder (paste tour dates, auto-build pages), Magic Templates (auto-design emails), and Suggested Segments (surface likely buyers).1:05:14 — AI, Coding & Why Live Still Wins AI accelerates development but doesn't replace great engineers. Alec expects AI to flood music with generic tracks — increasing demand for real live experiences. Laylo's core bet: own your audience, automate the busywork, and drive fans to shows.Please share this with anyone that might be interested in the topics, links below to subscribe and stay in the loop with the podcast and Prism:Subscribe ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠More on⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Prism⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Follow us on Instagram (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@prismfm⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)Follow us on LinkedIn (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)Meet the Podcast Host/CEO of Prism -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Matt Ford⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Opening Music -⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Banana Bread - Layton.rx⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (Prism engineer!)

If you're a VP of Sales watching your revenue team paste customer data into ChatGPT, you don't have an adoption problem - you have a governance crisis. Your best people are uploading signed NDAs to Claude and feeding pipeline data into Perplexity because 70% of their day is admin drag, and AI is the only thing fast enough to keep them above water. Financial services tried to ban AI. It failed spectacularly. So they built governance frameworks that let teams move faster and sleep at night. Dr. Angela Murphy - known as Payments Elsa - reveals the "Amnesty and Orchestration" playbook she architected for banks navigating the GENESIS Executive Order. She's a PhD strategist, 2024 PayTech Women Emerging Trendsetter, and advisor to financial institutions on AI governance and ethical AI mandates. You'll learn the three-step governance audit every Revenue Leader should run this quarter - before Legal does. Angela shares real stories of teams using ChatGPT for payment disputes and compliance workflows, creating massive liability. She reveals the conversation framework to surface Shadow AI without triggering panic, the three policies you can implement in 30 days, and why explainability isn't compliance theater - it's revenue protection. This isn't a "fire your team and replace them with bots" episode. Angela proves ethical AI can surface hidden revenue channels, identify products to sunset, and reveal sales cycle biases costing you deals. The regulatory hammer is coming. Financial services just got hit first. Will you architect governance now, or audit the damage later? Download the Executive Guide to Shadow AI at theaihat.com/shadow-ai. Subscribe to AI for Revenue Leaders: The AI Hat Podcast and stop being a Pilot Purgatory statistic. CHAPTERS 00:00 Ethical AI = Revenue Growth: Find Gaps, Biases & New Channels 01:24 Show Intro & Theme Song: Welcome to The AI Hat Podcast 02:56 The Shadow AI Compliance Time Bomb (Real-World Examples) 03:43 Meet Dr. Angela Murphy (Payments Elsa) + Why Banks Try to Ban AI 07:41 Shadow AI in the Back Office: Spreadsheets, PII, and Manual Ops Risks 11:04 Why Revenue Leaders Should Watch FinTech: Payments Rails & Stablecoins 13:04 Genesis Executive Order Explained: “Suggestulation” and What's Coming 16:24 From Fear to Frameworks: Finding Low-Hanging AI Wins with Guardrails 19:24 Resource Break: Executive Guide to Shadow AI 20:33 Orchestration 101: Tool Inventory, Training, and Policy from Existing Governance 23:33 Explainable AI: Decisions You Can Defend (Underwriting Example) 27:51 Ethics, Bias & Revenue Outcomes: Avoid Lawsuits and Unlock Better Decisions 31:19 Biggest Misconceptions: You Can't Ban AI—and Education Isn't Optional 37:30 Monday Morning Action Plan: Start the AI Policy, Audit Tools, Target Pain Points 40:46 Where to Find Angela + Final Wrap and Next Steps Show Notes & Full Transcript: https://theaihat.com/why-your-sales-teams-shadow-ai-is-a-lawsuit-waiting-to-happen-a-fintech-cros-governance-playbook/ Learn more about your ad choices. Visit megaphone.fm/adchoices

In this video David speaks to Peter Bailey (SVP and GM of Cisco's Security business). AI agents are moving fast inside enterprises, and CISOs are hitting the brakes for one reason: the attack surface is expanding at machine speed. In this interview, we break down how agentic AI changes security, why MCP servers and agent tool access create new risks, and what a zero trust approach looks like when the “user” is a non-deterministic agent. We cover real-world problems like shadow MCP servers, agents touching sensitive systems and PII, and why traditional perimeter controls and firewalls are not enough when traffic is encrypted and actions happen too quickly downstream. You'll also hear what Cisco is doing across the AI lifecycle: AI Defense for model scanning, provenance and guardrails, plus new protections focused on agent identity, dynamic authorization, behavior monitoring, and revocation. On the networking side, we discuss how SD-WAN and secure access (SASE) can add visibility and policy control for AI usage, including prioritizing latency-sensitive AI traffic while still enforcing security. If you're a security engineer, network engineer, or CISO trying to move from AI hype to safe deployment, this video gives you a practical mental model and the controls to start building now. Big thank you to ‪@Cisco‬ for sponsoring this video and for sponsoring my trip to Cisco Live Amesterdam. // Peter Baily' SOCIALS // LinkedIn: / peterhbailey Guest Bio: https://newsroom.cisco.com/c/r/newsro... // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:30 - Introduction 01:15 - CISOs Problems with AI 02:35 - Real Issues with AI Agents 04:29 - Growth of the Attack Surface 05:34 - Concern of Poisoned AI and MCP 08:09 - What is the Kill-chain 10:16 - AI with Built-in Security 11:56 - Best Practises for AI Security 14:08 - Cisco Innovations for AI 16:48 - Cisco's Red Team for own AI 18:27 - Secure AI in Public Places 20:09 - Should You get into Cyber Security 21:26 - Advice To Your Younger Self 22:29 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #ciscoemea #ciscolive

In this episode, we're joined by Maryam Ashoori, VP of Product and Engineering at IBM's Watsonx platform. With a background that includes 2 master's degrees in AI, a PhD in Systems Design Engineering, and named on over 30 patents at IBM, she's been on the bleeding edge for over a decade. Currently leading the charge on Agentic AI and AI Governance at IBM, Maryam is a bridge between the theoretical frontier of AI and the messy reality of enterprise deployment. In this episode, Maryam: Tells why AI has been stuck in pilot purgatory for longer than expected, and what you need to do today for a successful enterprise deployment Calls shenanigans on the “biggest, best model” crowd, and why often a smaller, more focused tool is the right choice Explains how to build an agnostic architecture that can handle the realities of an AI world where models advance faster than anybody can keep up Links LinkedIn: https://www.linkedin.com/in/mashoori/ IBM: https://www.ibm.com/us-en Resources Reinventing SaaS: Zuora's AI Transformation | Karthik Chakkarapani and Shakir Karim (Zuora): https://www.youtube.com/watch?v=gHVxnLikMpQ Linear's Secret to Building Powerful AI Products | Nan Yu, Head of Product (Linear): https://www.youtube.com/watch?v=27rGB-6XQJg Chapters 00:00 Intro 02:18 From ChatGPT hype to enterprise reality: use cases, ROI, and the rise of agents 06:11 Security, accountability & governance: who's responsible when agents go wrong? 10:37 Risk-based rollout: use-case scoping, Risk Atlas, and guardrails like PII detection 17:10 Observability for agentic workflows 18:21 Why compute optimization matters 22:58 Designing for model agility: abstraction layers, routing, and picking the right model 27:23 Conclusion Follow LaunchPod on YouTube We have a new YouTube page! Watch full episodes of our interviews with PM leaders and subscribe! What does LogRocket do? LogRocket's Galileo AI watches user sessions for you and surfaces the technical and usability issues holding back your web and mobile apps. Understand where your users are struggling by trying it for free at LogRocket.com.Special Guest: Maryam Ashoori.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Cybersecurity is a rapidly evolving field, where every effective defense technique is quickly noticed and adapted to by malicious actors. The real question is how fast each side of this ongoing cat-and-mouse game can respond. Let us take an example of web applications. In the decade-long slog of the cloud, federal users migrated to web-based applications protected by Web Application Firewalls (WAFs). firewalls. As that method matured, malicious observers noted that the Application Programming Interface (API) allowed these software programs to communicate and exchange data. Voila, another attack vector was born. During today's interview, Joe Henry from Akamai Technologies notes that 80% of their customers report API attacks. Henry details a curious term called "Broken-Object Level Authorization." In this attack, an application fails to check if a user is authorized to access specific data objects. The ID is manipulated, and the malicious actor gets access. Akamai's API Security performs behavioral analysis beyond WAFs, flags PII exposure, and supports a zero-trust posture. Software developers talk about a "shift left"; we apply that to the Akamai approach. They have a worldwide network of Points of Presence (POPs) and data centers where they can observe attacks as they develop. It is so strong that it provides fail-open resilience with a 100% SLA. Akamai provides a State of the Internet Report (quarterly). If you would like to stay connected with the next manifestation of attack, consider subscribing or visiting their website to stay informed about the latest trend

In this episode of Resilient Cyber, I sit down with VP, Product Marketing and Strategy for Protegrity, James Rice. We will be discussing how traditional approaches to security aren't solving the AI security challenge, the importance of data-centric approaches for secure AI implementation and addressing issues such as AI data leakage.James and I dove into a lot of great topics, including:Why traditional perimeter-based and infrastructure-centric security models are failing in the era of AI, and why organizations need to fundamentally rethink their approach to securing AI workloads.The concept of data-centric security — protecting the data itself rather than the systems surrounding it — and why this shift is critical as data flows across cloud platforms, AI models, and agentic workflows.The growing risk of AI data leakage and how sensitive information (PII, PHI, PCI, intellectual property) can inadvertently be exposed through AI training data, model outputs, prompt injection, and RAG pipelines.Why many organizations find themselves stuck in an "AI circularity" — wanting to leverage AI but unable to do so because of the complexity of securing critical business data throughout the AI lifecycle.The importance of embedding security controls inline within the AI pipeline — from data ingestion and model training to orchestration and output — rather than bolting security on after the fact.How data protection techniques such as tokenization, anonymization, dynamic masking, and format-preserving encryption can enable organizations to use realistic, context-rich data for AI while maintaining compliance and reducing risk.The challenge of securing agentic AI workflows, where autonomous agents continuously interact with enterprise data, making traditional access control models insufficient.How organizations can balance the need for AI innovation and data utility with regulatory compliance requirements across frameworks like GDPR, HIPAA, PCI DSS, and emerging AI-specific regulations.James's perspective on how security, risk, and compliance functions need to evolve to keep pace with the rapid productionization of AI across the enterprise.The role of semantic guardrails in governing AI inputs and outputs, ensuring that protection is applied contextually based on how data is being used — not just where it resides.About the GuestJames Rice is VP of Product Marketing and Strategy at Protegrity, a global leader in data-centric security. He brings over 20 years of experience in security, risk, and compliance, having provided solution engineering, value engineering, and implementation services to Fortune 1000 organizations across industries. Prior to Protegrity, James held leadership roles at Pathlock (formerly Greenlight Technologies), Accenture, and PricewaterhouseCoopers.About ProtegrityProtegrity is a data-centric security platform that protects sensitive data across hybrid, multi-cloud, and AI environments. Their approach embeds security directly into the data itself — enabling enterprises to unlock insights, accelerate innovation, and meet global compliance with confidence. Protegrity's solutions include data discovery and classification, tokenization, anonymization, dynamic masking, and semantic guardrails for AI and analytics workflows.Learn more at protegrity.com

From Palantir and Two Sigma to building Goodfire into the poster-child for actionable mechanistic interpretability, Mark Bissell (Member of Technical Staff) and Myra Deng (Head of Product) are trying to turn “peeking inside the model” into a repeatable production workflow by shipping APIs, landing real enterprise deployments, and now scaling the bet with a recent $150M Series B funding round at a $1.25B valuation.In this episode, we go far beyond the usual “SAEs are cool” take. We talk about Goodfire's core bet: that the AI lifecycle is still fundamentally broken because the only reliable control we have is data and we post-train, RLHF, and fine-tune by “slurping supervision through a straw,” hoping the model picks up the right behaviors while quietly absorbing the wrong ones. Goodfire's answer is to build a bi-directional interface between humans and models: read what's happening inside, edit it surgically, and eventually use interpretability during training so customization isn't just brute-force guesswork.Mark and Myra walk through what that looks like when you stop treating interpretability like a lab demo and start treating it like infrastructure: lightweight probes that add near-zero latency, token-level safety filters that can run at inference time, and interpretability workflows that survive messy constraints (multilingual inputs, synthetic→real transfer, regulated domains, no access to sensitive data). We also get a live window into what “frontier-scale interp” means operationally (i.e. steering a trillion-parameter model in real time by targeting internal features) plus why the same tooling generalizes cleanly from language models to genomics, medical imaging, and “pixel-space” world models.We discuss:* Myra + Mark's path: Palantir (health systems, forward-deployed engineering) → Goodfire early team; Two Sigma → Head of Product, translating frontier interpretability research into a platform and real-world deployments* What “interpretability” actually means in practice: not just post-hoc poking, but a broader “science of deep learning” approach across the full AI lifecycle (data curation → post-training → internal representations → model design)* Why post-training is the first big wedge: “surgical edits” for unintended behaviors likereward hacking, sycophancy, noise learned during customization plus the dream of targeted unlearning and bias removal without wrecking capabilities* SAEs vs probes in the real world: why SAE feature spaces sometimes underperform classifiers trained on raw activations for downstream detection tasks (hallucination, harmful intent, PII), and what that implies about “clean concept spaces”* Rakuten in production: deploying interpretability-based token-level PII detection at inference time to prevent routing private data to downstream providers plus the gnarly constraints: no training on real customer PII, synthetic→real transfer, English + Japanese, and tokenization quirks* Why interp can be operationally cheaper than LLM-judge guardrails: probes are lightweight, low-latency, and don't require hosting a second large model in the loop* Real-time steering at frontier scale: a demo of steering Kimi K2 (~1T params) live and finding features via SAE pipelines, auto-labeling via LLMs, and toggling a “Gen-Z slang” feature across multiple layers without breaking tool use* Hallucinations as an internal signal: the case that models have latent uncertainty / “user-pleasing” circuitry you can detect and potentially mitigate more directly than black-box methods* Steering vs prompting: the emerging view that activation steering and in-context learning are more closely connected than people think, including work mapping between the two (even for jailbreak-style behaviors)* Interpretability for science: using the same tooling across domains (genomics, medical imaging, materials) to debug spurious correlations and extract new knowledge up to and including early biomarker discovery work with major partners* World models + “pixel-space” interpretability: why vision/video models make concepts easier to see, how that accelerates the feedback loop, and why robotics/world-model partners are especially interesting design partners* The north star: moving from “data in, weights out” to intentional model design where experts can impart goals and constraints directly, not just via reward signals and brute-force post-training—Goodfire AI* Website: https://goodfire.ai* LinkedIn: https://www.linkedin.com/company/goodfire-ai/* X: https://x.com/GoodfireAIMyra Deng* Website: https://myradeng.com/* LinkedIn: https://www.linkedin.com/in/myra-deng/* X: https://x.com/myra_dengMark Bissell* LinkedIn: https://www.linkedin.com/in/mark-bissell/* X: https://x.com/MarkMBissellFull Video EpisodeTimestamps00:00:00 Introduction00:00:05 Introduction to the Latent Space Podcast and Guests from Goodfire00:00:29 What is Goodfire? Mission and Focus on Interpretability00:01:01 Goodfire's Practical Approach to Interpretability00:01:37 Goodfire's Series B Fundraise Announcement00:02:04 Backgrounds of Mark and Myra from Goodfire00:02:51 Team Structure and Roles at Goodfire00:05:13 What is Interpretability? Definitions and Techniques00:05:30 Understanding Errors00:07:29 Post-training vs. Pre-training Interpretability Applications00:08:51 Using Interpretability to Remove Unwanted Behaviors00:10:09 Grokking, Double Descent, and Generalization in Models00:10:15 404 Not Found Explained00:12:06 Subliminal Learning and Hidden Biases in Models00:14:07 How Goodfire Chooses Research Directions and Projects00:15:00 Troubleshooting Errors00:16:04 Limitations of SAEs and Probes in Interpretability00:18:14 Rakuten Case Study: Production Deployment of Interpretability00:20:45 Conclusion00:21:12 Efficiency Benefits of Interpretability Techniques00:21:26 Live Demo: Real-Time Steering in a Trillion Parameter Model00:25:15 How Steering Features are Identified and Labeled00:26:51 Detecting and Mitigating Hallucinations Using Interpretability00:31:20 Equivalence of Activation Steering and Prompting00:34:06 Comparing Steering with Fine-Tuning and LoRA Techniques00:36:04 Model Design and the Future of Intentional AI Development00:38:09 Getting Started in Mechinterp: Resources, Programs, and Open Problems00:40:51 Industry Applications and the Rise of Mechinterp in Practice00:41:39 Interpretability for Code Models and Real-World Usage00:43:07 Making Steering Useful for More Than Stylistic Edits00:46:17 Applying Interpretability to Healthcare and Scientific Discovery00:49:15 Why Interpretability is Crucial in High-Stakes Domains like Healthcare00:52:03 Call for Design Partners Across Domains00:54:18 Interest in World Models and Visual Interpretability00:57:22 Sci-Fi Inspiration: Ted Chiang and Interpretability01:00:14 Interpretability, Safety, and Alignment Perspectives01:04:27 Weak-to-Strong Generalization and Future Alignment Challenges01:05:38 Final Thoughts and Hiring/Collaboration Opportunities at GoodfireTranscriptShawn Wang [00:00:05]: So welcome to the Latent Space pod. We're back in the studio with our special MechInterp co-host, Vibhu. Welcome. Mochi, Mochi's special co-host. And Mochi, the mechanistic interpretability doggo. We have with us Mark and Myra from Goodfire. Welcome. Thanks for having us on. Maybe we can sort of introduce Goodfire and then introduce you guys. How do you introduce Goodfire today?Myra Deng [00:00:29]: Yeah, it's a great question. So Goodfire, we like to say, is an AI research lab that focuses on using interpretability to understand, learn from, and design AI models. And we really believe that interpretability will unlock the new generation, next frontier of safe and powerful AI models. That's our description right now, and I'm excited to dive more into the work we're doing to make that happen.Shawn Wang [00:00:55]: Yeah. And there's always like the official description. Is there an understatement? Is there an unofficial one that sort of resonates more with a different audience?Mark Bissell [00:01:01]: Well, being an AI research lab that's focused on interpretability, there's obviously a lot of people have a lot that they think about when they think of interpretability. And I think we have a pretty broad definition of what that means and the types of places that can be applied. And in particular, applying it in production scenarios, in high stakes industries, and really taking it sort of from the research world into the real world. Which, you know. It's a new field, so that hasn't been done all that much. And we're excited about actually seeing that sort of put into practice.Shawn Wang [00:01:37]: Yeah, I would say it wasn't too long ago that Anthopic was like still putting out like toy models or superposition and that kind of stuff. And I wouldn't have pegged it to be this far along. When you and I talked at NeurIPS, you were talking a little bit about your production use cases and your customers. And then not to bury the lead, today we're also announcing the fundraise, your Series B. $150 million. $150 million at a 1.25B valuation. Congrats, Unicorn.Mark Bissell [00:02:02]: Thank you. Yeah, no, things move fast.Shawn Wang [00:02:04]: We were talking to you in December and already some big updates since then. Let's dive, I guess, into a bit of your backgrounds as well. Mark, you were at Palantir working on health stuff, which is really interesting because the Goodfire has some interesting like health use cases. I don't know how related they are in practice.Mark Bissell [00:02:22]: Yeah, not super related, but I don't know. It was helpful context to know what it's like. Just to work. Just to work with health systems and generally in that domain. Yeah.Shawn Wang [00:02:32]: And Mara, you were at Two Sigma, which actually I was also at Two Sigma back in the day. Wow, nice.Myra Deng [00:02:37]: Did we overlap at all?Shawn Wang [00:02:38]: No, this is when I was briefly a software engineer before I became a sort of developer relations person. And now you're head of product. What are your sort of respective roles, just to introduce people to like what all gets done in Goodfire?Mark Bissell [00:02:51]: Yeah, prior to Goodfire, I was at Palantir for about three years as a forward deployed engineer, now a hot term. Wasn't always that way. And as a technical lead on the health care team and at Goodfire, I'm a member of the technical staff. And honestly, that I think is about as specific as like as as I could describe myself because I've worked on a range of things. And, you know, it's it's a fun time to be at a team that's still reasonably small. I think when I joined one of the first like ten employees, now we're above 40, but still, it looks like there's always a mix of research and engineering and product and all of the above. That needs to get done. And I think everyone across the team is, you know, pretty, pretty switch hitter in the roles they do. So I think you've seen some of the stuff that I worked on related to image models, which was sort of like a research demo. More recently, I've been working on our scientific discovery team with some of our life sciences partners, but then also building out our core platform for more of like flexing some of the kind of MLE and developer skills as well.Shawn Wang [00:03:53]: Very generalist. And you also had like a very like a founding engineer type role.Myra Deng [00:03:58]: Yeah, yeah.Shawn Wang [00:03:59]: So I also started as I still am a member of technical staff, did a wide range of things from the very beginning, including like finding our office space and all of this, which is we both we both visited when you had that open house thing. It was really nice.Myra Deng [00:04:13]: Thank you. Thank you. Yeah. Plug to come visit our office.Shawn Wang [00:04:15]: It looked like it was like 200 people. It has room for 200 people. But you guys are like 10.Myra Deng [00:04:22]: For a while, it was very empty. But yeah, like like Mark, I spend. A lot of my time as as head of product, I think product is a bit of a weird role these days, but a lot of it is thinking about how do we take our frontier research and really apply it to the most important real world problems and how does that then translate into a platform that's repeatable or a product and working across, you know, the engineering and research teams to make that happen and also communicating to the world? Like, what is interpretability? What is it used for? What is it good for? Why is it so important? All of these things are part of my day-to-day as well.Shawn Wang [00:05:01]: I love like what is things because that's a very crisp like starting point for people like coming to a field. They all do a fun thing. Vibhu, why don't you want to try tackling what is interpretability and then they can correct us.Vibhu Sapra [00:05:13]: Okay, great. So I think like one, just to kick off, it's a very interesting role to be head of product, right? Because you guys, at least as a lab, you're more of an applied interp lab, right? Which is pretty different than just normal interp, like a lot of background research. But yeah. You guys actually ship an API to try these things. You have Ember, you have products around it, which not many do. Okay. What is interp? So basically you're trying to have an understanding of what's going on in model, like in the model, in the internal. So different approaches to do that. You can do probing, SAEs, transcoders, all this stuff. But basically you have an, you have a hypothesis. You have something that you want to learn about what's happening in a model internals. And then you're trying to solve that from there. You can do stuff like you can, you know, you can do activation mapping. You can try to do steering. There's a lot of stuff that you can do, but the key question is, you know, from input to output, we want to have a better understanding of what's happening and, you know, how can we, how can we adjust what's happening on the model internals? How'd I do?Mark Bissell [00:06:12]: That was really good. I think that was great. I think it's also a, it's kind of a minefield of a, if you ask 50 people who quote unquote work in interp, like what is interpretability, you'll probably get 50 different answers. And. Yeah. To some extent also like where, where good fire sits in the space. I think that we're an AI research company above all else. And interpretability is a, is a set of methods that we think are really useful and worth kind of specializing in, in order to accomplish the goals we want to accomplish. But I think we also sort of see some of the goals as even more broader as, as almost like the science of deep learning and just taking a not black box approach to kind of any part of the like AI development life cycle, whether that. That means using interp for like data curation while you're training your model or for understanding what happened during post-training or for the, you know, understanding activations and sort of internal representations, what is in there semantically. And then a lot of sort of exciting updates that were, you know, are sort of also part of the, the fundraise around bringing interpretability to training, which I don't think has been done all that much before. A lot of this stuff is sort of post-talk poking at models as opposed to. To actually using this to intentionally design them.Shawn Wang [00:07:29]: Is this post-training or pre-training or is that not a useful.Myra Deng [00:07:33]: Currently focused on post-training, but there's no reason the techniques wouldn't also work in pre-training.Shawn Wang [00:07:38]: Yeah. It seems like it would be more active, applicable post-training because basically I'm thinking like rollouts or like, you know, having different variations of a model that you can tweak with the, with your steering. Yeah.Myra Deng [00:07:50]: And I think in a lot of the news that you've seen in, in, on like Twitter or whatever, you've seen a lot of unintended. Side effects come out of post-training processes, you know, overly sycophantic models or models that exhibit strange reward hacking behavior. I think these are like extreme examples. There's also, you know, very, uh, mundane, more mundane, like enterprise use cases where, you know, they try to customize or post-train a model to do something and it learns some noise or it doesn't appropriately learn the target task. And a big question that we've always had is like, how do you use your understanding of what the model knows and what it's doing to actually guide the learning process?Shawn Wang [00:08:26]: Yeah, I mean, uh, you know, just to anchor this for people, uh, one of the biggest controversies of last year was 4.0 GlazeGate. I've never heard of GlazeGate. I didn't know that was what it was called. The other one, they called it that on the blog post and I was like, well, how did OpenAI call it? Like officially use that term. And I'm like, that's funny, but like, yeah, I guess it's the pitch that if they had worked a good fire, they wouldn't have avoided it. Like, you know what I'm saying?Myra Deng [00:08:51]: I think so. Yeah. Yeah.Mark Bissell [00:08:53]: I think that's certainly one of the use cases. I think. Yeah. Yeah. I think the reason why post-training is a place where this makes a lot of sense is a lot of what we're talking about is surgical edits. You know, you want to be able to have expert feedback, very surgically change how your model is doing, whether that is, you know, removing a certain behavior that it has. So, you know, one of the things that we've been looking at or is, is another like common area where you would want to make a somewhat surgical edit is some of the models that have say political bias. Like you look at Quen or, um, R1 and they have sort of like this CCP bias.Shawn Wang [00:09:27]: Is there a CCP vector?Mark Bissell [00:09:29]: Well, there's, there are certainly internal, yeah. Parts of the representation space where you can sort of see where that lives. Yeah. Um, and you want to kind of, you know, extract that piece out.Shawn Wang [00:09:40]: Well, I always say, you know, whenever you find a vector, a fun exercise is just like, make it very negative to see what the opposite of CCP is.Mark Bissell [00:09:47]: The super America, bald eagles flying everywhere. But yeah. So in general, like lots of post-training tasks where you'd want to be able to, to do that. Whether it's unlearning a certain behavior or, you know, some of the other kind of cases where this comes up is, are you familiar with like the, the grokking behavior? I mean, I know the machine learning term of grokking.Shawn Wang [00:10:09]: Yeah.Mark Bissell [00:10:09]: Sort of this like double descent idea of, of having a model that is able to learn a generalizing, a generalizing solution, as opposed to even if memorization of some task would suffice, you want it to learn the more general way of doing a thing. And so, you know, another. A way that you can think about having surgical access to a model's internals would be learn from this data, but learn in the right way. If there are many possible, you know, ways to, to do that. Can make interp solve the double descent problem?Shawn Wang [00:10:41]: Depends, I guess, on how you. Okay. So I, I, I viewed that double descent as a problem because then you're like, well, if the loss curves level out, then you're done, but maybe you're not done. Right. Right. But like, if you actually can interpret what is a generalizing or what you're doing. What is, what is still changing, even though the loss is not changing, then maybe you, you can actually not view it as a double descent problem. And actually you're just sort of translating the space in which you view loss and like, and then you have a smooth curve. Yeah.Mark Bissell [00:11:11]: I think that's certainly like the domain of, of problems that we're, that we're looking to get.Shawn Wang [00:11:15]: Yeah. To me, like double descent is like the biggest thing to like ML research where like, if you believe in scaling, then you don't need, you need to know where to scale. And. But if you believe in double descent, then you don't, you don't believe in anything where like anything levels off, like.Vibhu Sapra [00:11:30]: I mean, also tendentially there's like, okay, when you talk about the China vector, right. There's the subliminal learning work. It was from the anthropic fellows program where basically you can have hidden biases in a model. And as you distill down or, you know, as you train on distilled data, those biases always show up, even if like you explicitly try to not train on them. So, you know, it's just like another use case of. Okay. If we can interpret what's happening in post-training, you know, can we clear some of this? Can we even determine what's there? Because yeah, it's just like some worrying research that's out there that shows, you know, we really don't know what's going on.Mark Bissell [00:12:06]: That is. Yeah. I think that's the biggest sentiment that we're sort of hoping to tackle. Nobody knows what's going on. Right. Like subliminal learning is just an insane concept when you think about it. Right. Train a model on not even the logits, literally the output text of a bunch of random numbers. And now your model loves owls. And you see behaviors like that, that are just, they defy, they defy intuition. And, and there are mathematical explanations that you can get into, but. I mean.Shawn Wang [00:12:34]: It feels so early days. Objectively, there are a sequence of numbers that are more owl-like than others. There, there should be.Mark Bissell [00:12:40]: According to, according to certain models. Right. It's interesting. I think it only applies to models that were initialized from the same starting Z. Usually, yes.Shawn Wang [00:12:49]: But I mean, I think that's a, that's a cheat code because there's not enough compute. But like if you believe in like platonic representation, like probably it will transfer across different models as well. Oh, you think so?Mark Bissell [00:13:00]: I think of it more as a statistical artifact of models initialized from the same seed sort of. There's something that is like path dependent from that seed that might cause certain overlaps in the latent space and then sort of doing this distillation. Yeah. Like it pushes it towards having certain other tendencies.Vibhu Sapra [00:13:24]: Got it. I think there's like a bunch of these open-ended questions, right? Like you can't train in new stuff during the RL phase, right? RL only reorganizes weights and you can only do stuff that's somewhat there in your base model. You're not learning new stuff. You're just reordering chains and stuff. But okay. My broader question is when you guys work at an interp lab, how do you decide what to work on and what's kind of the thought process? Right. Because we can ramble for hours. Okay. I want to know this. I want to know that. But like, how do you concretely like, you know, what's the workflow? Okay. There's like approaches towards solving a problem, right? I can try prompting. I can look at chain of thought. I can train probes, SAEs. But how do you determine, you know, like, okay, is this going anywhere? Like, do we have set stuff? Just, you know, if you can help me with all that. Yeah.Myra Deng [00:14:07]: It's a really good question. I feel like we've always at the very beginning of the company thought about like, let's go and try to learn what isn't working in machine learning today. Whether that's talking to customers or talking to researchers at other labs, trying to understand both where the frontier is going and where things are really not falling apart today. And then developing a perspective on how we can push the frontier using interpretability methods. And so, you know, even our chief scientist, Tom, spends a lot of time talking to customers and trying to understand what real world problems are and then taking that back and trying to apply the current state of the art to those problems and then seeing where they fall down basically. And then using those failures or those shortcomings to understand what hills to climb when it comes to interpretability research. So like on the fundamental side, for instance, when we have done some work applying SAEs and probes, we've encountered, you know, some shortcomings in SAEs that we found a little bit surprising. And so have gone back to the drawing board and done work on that. And then, you know, we've done some work on better foundational interpreter models. And a lot of our team's research is focused on what is the next evolution beyond SAEs, for instance. And then when it comes to like control and design of models, you know, we tried steering with our first API and realized that it still fell short of black box techniques like prompting or fine tuning. And so went back to the drawing board and we're like, how do we make that not the case and how do we improve it beyond that? And one of our researchers, Ekdeep, who just joined is actually Ekdeep and Atticus are like steering experts and have spent a lot of time trying to figure out like, what is the research that enables us to actually do this in a much more powerful, robust way? So yeah, the answer is like, look at real world problems, try to translate that into a research agenda and then like hill climb on both of those at the same time.Shawn Wang [00:16:04]: Yeah. Mark has the steering CLI demo queued up, which we're going to go into in a sec. But I always want to double click on when you drop hints, like we found some problems with SAEs. Okay. What are they? You know, and then we can go into the demo. Yeah.Myra Deng [00:16:19]: I mean, I'm curious if you have more thoughts here as well, because you've done it in the healthcare domain. But I think like, for instance, when we do things like trying to detect behaviors within models that are harmful or like behaviors that a user might not want to have in their model. So hallucinations, for instance, harmful intent, PII, all of these things. We first tried using SAE probes for a lot of these tasks. So taking the feature activation space from SAEs and then training classifiers on top of that, and then seeing how well we can detect the properties that we might want to detect in model behavior. And we've seen in many cases that probes just trained on raw activations seem to perform better than SAE probes, which is a bit surprising if you think that SAEs are actually also capturing the concepts that you would want to capture cleanly and more surgically. And so that is an interesting observation. I don't think that is like, I'm not down on SAEs at all. I think there are many, many things they're useful for, but we have definitely run into cases where I think the concept space described by SAEs is not as clean and accurate as we would expect it to be for actual like real world downstream performance metrics.Mark Bissell [00:17:34]: Fair enough. Yeah. It's the blessing and the curse of unsupervised methods where you get to peek into the AI's mind. But sometimes you wish that you saw other things when you walked inside there. Although in the PII instance, I think weren't an SAE based approach actually did prove to be the most generalizable?Myra Deng [00:17:53]: It did work well in the case that we published with Rakuten. And I think a lot of the reasons it worked well was because we had a noisier data set. And so actually the blessing of unsupervised learning is that we actually got to get more meaningful, generalizable signal from SAEs when the data was noisy. But in other cases where we've had like good data sets, it hasn't been the case.Shawn Wang [00:18:14]: And just because you named Rakuten and I don't know if we'll get it another chance, like what is the overall, like what is Rakuten's usage or production usage? Yeah.Myra Deng [00:18:25]: So they are using us to essentially guardrail and inference time monitor their language model usage and their agent usage to detect things like PII so that they don't route private user information.Myra Deng [00:18:41]: And so that's, you know, going through all of their user queries every day. And that's something that we deployed with them a few months ago. And now we are actually exploring very early partnerships, not just with Rakuten, but with other people around how we can help with potentially training and customization use cases as well. Yeah.Shawn Wang [00:19:03]: And for those who don't know, like it's Rakuten is like, I think number one or number two e-commerce store in Japan. Yes. Yeah.Mark Bissell [00:19:10]: And I think that use case actually highlights a lot of like what it looks like to deploy things in practice that you don't always think about when you're doing sort of research tasks. So when you think about some of the stuff that came up there that's more complex than your idealized version of a problem, they were encountering things like synthetic to real transfer of methods. So they couldn't train probes, classifiers, things like that on actual customer data of PII. So what they had to do is use synthetic data sets. And then hope that that transfer is out of domain to real data sets. And so we can evaluate performance on the real data sets, but not train on customer PII. So that right off the bat is like a big challenge. You have multilingual requirements. So this needed to work for both English and Japanese text. Japanese text has all sorts of quirks, including tokenization behaviors that caused lots of bugs that caused us to be pulling our hair out. And then also a lot of tasks you'll see. You might make simplifying assumptions if you're sort of treating it as like the easiest version of the problem to just sort of get like general results where maybe you say you're classifying a sentence to say, does this contain PII? But the need that Rakuten had was token level classification so that you could precisely scrub out the PII. So as we learned more about the problem, you're sort of speaking about what that looks like in practice. Yeah. A lot of assumptions end up breaking. And that was just one instance where you. A problem that seems simple right off the bat ends up being more complex as you keep diving into it.Vibhu Sapra [00:20:41]: Excellent. One of the things that's also interesting with Interp is a lot of these methods are very efficient, right? So where you're just looking at a model's internals itself compared to a separate like guardrail, LLM as a judge, a separate model. One, you have to host it. Two, there's like a whole latency. So if you use like a big model, you have a second call. Some of the work around like self detection of hallucination, it's also deployed for efficiency, right? So if you have someone like Rakuten doing it in production live, you know, that's just another thing people should consider.Mark Bissell [00:21:12]: Yeah. And something like a probe is super lightweight. Yeah. It's no extra latency really. Excellent.Shawn Wang [00:21:17]: You have the steering demos lined up. So we were just kind of see what you got. I don't, I don't actually know if this is like the latest, latest or like alpha thing.Mark Bissell [00:21:26]: No, this is a pretty hacky demo from from a presentation that someone else on the team recently gave. So this will give a sense for, for technology. So you can see the steering and action. Honestly, I think the biggest thing that this highlights is that as we've been growing as a company and taking on kind of more and more ambitious versions of interpretability related problems, a lot of that comes to scaling up in various different forms. And so here you're going to see steering on a 1 trillion parameter model. This is Kimi K2. And so it's sort of fun that in addition to the research challenges, there are engineering challenges that we're now tackling. Cause for any of this to be sort of useful in production, you need to be thinking about what it looks like when you're using these methods on frontier models as opposed to sort of like toy kind of model organisms. So yeah, this was thrown together hastily, pretty fragile behind the scenes, but I think it's quite a fun demo. So screen sharing is on. So I've got two terminal sessions pulled up here. On the left is a forked version that we have of the Kimi CLI that we've got running to point at our custom hosted Kimi model. And then on the right is a set up that will allow us to steer on certain concepts. So I should be able to chat with Kimi over here. Tell it hello. This is running locally. So the CLI is running locally, but the Kimi server is running back to the office. Well, hopefully should be, um, that's too much to run on that Mac. Yeah. I think it's, uh, it takes a full, like each 100 node. I think it's like, you can. You can run it on eight GPUs, eight 100. So, so yeah, Kimi's running. We can ask it a prompt. It's got a forked version of our, uh, of the SG line code base that we've been working on. So I'm going to tell it, Hey, this SG line code base is slow. I think there's a bug. Can you try to figure it out? There's a big code base, so it'll, it'll spend some time doing this. And then on the right here, I'm going to initialize in real time. Some steering. Let's see here.Mark Bissell [00:23:33]: searching for any. Bugs. Feature ID 43205.Shawn Wang [00:23:38]: Yeah.Mark Bissell [00:23:38]: 20, 30, 40. So let me, uh, this is basically a feature that we found that inside Kimi seems to cause it to speak in Gen Z slang. And so on the left, it's still sort of thinking normally it might take, I don't know, 15 seconds for this to kick in, but then we're going to start hopefully seeing him do this code base is massive for real. So we're going to start. We're going to start seeing Kimi transition as the steering kicks in from normal Kimi to Gen Z Kimi and both in its chain of thought and its actual outputs.Mark Bissell [00:24:19]: And interestingly, you can see, you know, it's still able to call tools, uh, and stuff. It's um, it's purely sort of it's it's demeanor. And there are other features that we found for interesting things like concision. So that's more of a practical one. You can make it more concise. Um, the types of programs, uh, programming languages that uses, but yeah, as we're seeing it come in. Pretty good. Outputs.Shawn Wang [00:24:43]: Scheduler code is actually wild.Vibhu Sapra [00:24:46]: Yo, this code is actually insane, bro.Vibhu Sapra [00:24:53]: What's the process of training in SAE on this, or, you know, how do you label features? I know you guys put out a pretty cool blog post about, um, finding this like autonomous interp. Um, something. Something about how agents for interp is different than like coding agents. I don't know while this is spewing up, but how, how do we find feature 43, two Oh five. Yeah.Mark Bissell [00:25:15]: So in this case, um, we, our platform that we've been building out for a long time now supports all the sort of classic out of the box interp techniques that you might want to have like SAE training, probing things of that kind, I'd say the techniques for like vanilla SAEs are pretty well established now where. You take your model that you're interpreting, run a whole bunch of data through it, gather activations, and then yeah, pretty straightforward pipeline to train an SAE. There are a lot of different varieties. There's top KSAEs, batch top KSAEs, um, normal ReLU SAEs. And then once you have your sparse features to your point, assigning labels to them to actually understand that this is a gen Z feature, that's actually where a lot of the kind of magic happens. Yeah. And the most basic standard technique is look at all of your d input data set examples that cause this feature to fire most highly. And then you can usually pick out a pattern. So for this feature, If I've run a diverse enough data set through my model feature 43, two Oh five. Probably tends to fire on all the tokens that sounds like gen Z slang. You know, that's the, that's the time of year to be like, Oh, I'm in this, I'm in this Um, and, um, so, you know, you could have a human go through all 43,000 concepts andVibhu Sapra [00:26:34]: And I've got to ask the basic question, you know, can we get examples where it hallucinates, pass it through, see what feature activates for hallucinations? Can I just, you know, turn hallucination down?Myra Deng [00:26:51]: Oh, wow. You really predicted a project we're already working on right now, which is detecting hallucinations using interpretability techniques. And this is interesting because hallucinations is something that's very hard to detect. And it's like a kind of a hairy problem and something that black box methods really struggle with. Whereas like Gen Z, you could always train a simple classifier to detect that hallucinations is harder. But we've seen that models internally have some... Awareness of like uncertainty or some sort of like user pleasing behavior that leads to hallucinatory behavior. And so, yeah, we have a project that's trying to detect that accurately. And then also working on mitigating the hallucinatory behavior in the model itself as well.Shawn Wang [00:27:39]: Yeah, I would say most people are still at the level of like, oh, I would just turn temperature to zero and that turns off hallucination. And I'm like, well, that's a fundamental misunderstanding of how this works. Yeah.Mark Bissell [00:27:51]: Although, so part of what I like about that question is you, there are SAE based approaches that might like help you get at that. But oftentimes the beauty of SAEs and like we said, the curse is that they're unsupervised. So when you have a behavior that you deliberately would like to remove, and that's more of like a supervised task, often it is better to use something like probes and specifically target the thing that you're interested in reducing as opposed to sort of like hoping that when you fragment the latent space, one of the vectors that pops out.Vibhu Sapra [00:28:20]: And as much as we're training an autoencoder to be sparse, we're not like for sure certain that, you know, we will get something that just correlates to hallucination. You'll probably split that up into 20 other things and who knows what they'll be.Mark Bissell [00:28:36]: Of course. Right. Yeah. So there's no sort of problems with like feature splitting and feature absorption. And then there's the off target effects, right? Ideally, you would want to be very precise where if you reduce the hallucination feature, suddenly maybe your model can't write. Creatively anymore. And maybe you don't like that, but you want to still stop it from hallucinating facts and figures.Shawn Wang [00:28:55]: Good. So Vibhu has a paper to recommend there that we'll put in the show notes. But yeah, I mean, I guess just because your demo is done, any any other things that you want to highlight or any other interesting features you want to show?Mark Bissell [00:29:07]: I don't think so. Yeah. Like I said, this is a pretty small snippet. I think the main sort of point here that I think is exciting is that there's not a whole lot of inter being applied to models quite at this scale. You know, Anthropic certainly has some some. Research and yeah, other other teams as well. But it's it's nice to see these techniques, you know, being put into practice. I think not that long ago, the idea of real time steering of a trillion parameter model would have sounded.Shawn Wang [00:29:33]: Yeah. The fact that it's real time, like you started the thing and then you edited the steering vector.Vibhu Sapra [00:29:38]: I think it's it's an interesting one TBD of what the actual like production use case would be on that, like the real time editing. It's like that's the fun part of the demo, right? You can kind of see how this could be served behind an API, right? Like, yes, you're you only have so many knobs and you can just tweak it a bit more. And I don't know how it plays in. Like people haven't done that much with like, how does this work with or without prompting? Right. How does this work with fine tuning? Like, there's a whole hype of continual learning, right? So there's just so much to see. Like, is this another parameter? Like, is it like parameter? We just kind of leave it as a default. We don't use it. So I don't know. Maybe someone here wants to put out a guide on like how to use this with prompting when to do what?Mark Bissell [00:30:18]: Oh, well, I have a paper recommendation. I think you would love from Act Deep on our team, who is an amazing researcher, just can't say enough amazing things about Act Deep. But he actually has a paper that as well as some others from the team and elsewhere that go into the essentially equivalence of activation steering and in context learning and how those are from a he thinks of everything in a cognitive neuroscience Bayesian framework, but basically how you can precisely show how. Prompting in context, learning and steering exhibit similar behaviors and even like get quantitative about the like magnitude of steering you would need to do to induce a certain amount of behavior similar to certain prompting, even for things like jailbreaks and stuff. It's a really cool paper. Are you saying steering is less powerful than prompting? More like you can almost write a formula that tells you how to convert between the two of them.Myra Deng [00:31:20]: And so like formally equivalent actually in the in the limit. Right.Mark Bissell [00:31:24]: So like one case study of this is for jailbreaks there. I don't know. Have you seen the stuff where you can do like many shot jailbreaking? You like flood the context with examples of the behavior. And the topic put out that paper.Shawn Wang [00:31:38]: A lot of people were like, yeah, we've been doing this, guys.Mark Bissell [00:31:40]: Like, yeah, what's in this in context learning and activation steering equivalence paper is you can like predict the number. Number of examples that you will need to put in there in order to jailbreak the model. That's cool. By doing steering experiments and using this sort of like equivalence mapping. That's cool. That's really cool. It's very neat. Yeah.Shawn Wang [00:32:02]: I was going to say, like, you know, I can like back rationalize that this makes sense because, you know, what context is, is basically just, you know, it updates the KV cache kind of and like and then every next token inference is still like, you know, the sheer sum of everything all the way. It's plus all the context. It's up to date. And you could, I guess, theoretically steer that with you probably replace that with your steering. The only problem is steering typically is on one layer, maybe three layers like like you did. So it's like not exactly equivalent.Mark Bissell [00:32:33]: Right, right. There's sort of you need to get precise about, yeah, like how you sort of define steering and like what how you're modeling the setup. But yeah, I've got the paper pulled up here. Belief dynamics reveal the dual nature. Yeah. The title is Belief Dynamics Reveal the Dual Nature of Incompetence. And it's an exhibition of the practical context learning and activation steering. So Eric Bigelow, Dan Urgraft on the who are doing fellowships at Goodfire, Ekt Deep's the final author there.Myra Deng [00:32:59]: I think actually to your question of like, what is the production use case of steering? I think maybe if you just think like one level beyond steering as it is today. Like imagine if you could adapt your model to be, you know, an expert legal reasoner. Like in almost real time, like very quickly. efficiently using human feedback or using like your semantic understanding of what the model knows and where it knows that behavior. I think that while it's not clear what the product is at the end of the day, it's clearly very valuable. Thinking about like what's the next interface for model customization and adaptation is a really interesting problem for us. Like we have heard a lot of people actually interested in fine-tuning an RL for open weight models in production. And so people are using things like Tinker or kind of like open source libraries to do that, but it's still very difficult to get models fine-tuned and RL'd for exactly what you want them to do unless you're an expert at model training. And so that's like something we'reShawn Wang [00:34:06]: looking into. Yeah. I never thought so. Tinker from Thinking Machines famously uses rank one LoRa. Is that basically the same as steering? Like, you know, what's the comparison there?Mark Bissell [00:34:19]: Well, so in that case, you are still applying updates to the parameters, right?Shawn Wang [00:34:25]: Yeah. You're not touching a base model. You're touching an adapter. It's kind of, yeah.Mark Bissell [00:34:30]: Right. But I guess it still is like more in parameter space then. I guess it's maybe like, are you modifying the pipes or are you modifying the water flowing through the pipes to get what you're after? Yeah. Just maybe one way.Mark Bissell [00:34:44]: I like that analogy. That's my mental map of it at least, but it gets at this idea of model design and intentional design, which is something that we're, that we're very focused on. And just the fact that like, I hope that we look back at how we're currently training models and post-training models and just think what a primitive way of doing that right now. Like there's no intentionalityShawn Wang [00:35:06]: really in... It's just data, right? The only thing in control is what data we feed in.Mark Bissell [00:35:11]: So, so Dan from Goodfire likes to use this analogy of, you know, he has a couple of young kids and he talks about like, what if I could only teach my kids how to be good people by giving them cookies or like, you know, giving them a slap on the wrist if they do something wrong, like not telling them why it was wrong or like what they should have done differently or something like that. Just figure it out. Right. Exactly. So that's RL. Yeah. Right. And, and, you know, it's sample inefficient. There's, you know, what do they say? It's like slurping feedback. It's like, slurping supervision. Right. And so you'd like to get to the point where you can have experts giving feedback to their models that are, uh, internalized and, and, you know, steering is an inference time way of sort of getting that idea. But ideally you're moving to a world whereVibhu Sapra [00:36:04]: it is much more intentional design in perpetuity for these models. Okay. This is one of the questions we asked Emmanuel from Anthropic on the podcast a few months ago. Basically the question, was you're at a research lab that does model training, foundation models, and you're on an interp team. How does it tie back? Right? Like, does this, do ideas come from the pre-training team? Do they go back? Um, you know, so for those interested, you can, you can watch that. There wasn't too much of a connect there, but it's still something, you know, it's something they want toMark Bissell [00:36:33]: push for down the line. It can be useful for all of the above. Like there are certainly post-hocVibhu Sapra [00:36:39]: use cases where it doesn't need to touch that. I think the other thing a lot of people forget is this stuff isn't too computationally expensive, right? Like I would say, if you're interested in getting into research, MechInterp is one of the most approachable fields, right? A lot of this train an essay, train a probe, this stuff, like the budget for this one, there's already a lot done. There's a lot of open source work. You guys have done some too. Um, you know,Shawn Wang [00:37:04]: There's like notebooks from the Gemini team for Neil Nanda or like, this is how you do it. Just step through the notebook.Vibhu Sapra [00:37:09]: Even if you're like, not even technical with any of this, you can still make like progress. There, you can look at different activations, but, uh, if you do want to get into training, you know, training this stuff, correct me if I'm wrong is like in the thousands of dollars, not even like, it's not that high scale. And then same with like, you know, applying it, doing it for post-training or all this stuff is fairly cheap in scale of, okay. I want to get into like model training. I don't have compute for like, you know, pre-training stuff. So it's, it's a very nice field to get into. And also there's a lot of like open questions, right? Um, some of them have to go with, okay, I want a product. I want to solve this. Like there's also just a lot of open-ended stuff that people could work on. That's interesting. Right. I don't know if you guys have any calls for like, what's open questions, what's open work that you either open collaboration with, or like, you'd just like to see solved or just, you know, for people listening that want to get into McInturk because people always talk about it. What are, what are the things they should check out? Start, of course, you know, join you guys as well. I'm sure you're hiring.Myra Deng [00:38:09]: There's a paper, I think from, was it Lee, uh, Sharky? It's open problems and, uh, it's, it's a bit of interpretability, which I recommend everyone who's interested in the field. Read. I'm just like a really comprehensive overview of what are the things that experts in the field think are the most important problems to be solved. I also think to your point, it's been really, really inspiring to see, I think a lot of young people getting interested in interpretability, actually not just young people also like scientists to have been, you know, experts in physics for many years and in biology or things like this, um, transitioning into interp, because the barrier of, of what's now interp. So it's really cool to see a number to entry is, you know, in some ways low and there's a lot of information out there and ways to get started. There's this anecdote of like professors at universities saying that all of a sudden every incoming PhD student wants to study interpretability, which was not the case a few years ago. So it just goes to show how, I guess, like exciting the field is, how fast it's moving, how quick it is to get started and things like that.Mark Bissell [00:39:10]: And also just a very welcoming community. You know, there's an open source McInturk Slack channel. There are people are always posting questions and just folks in the space are always responsive if you ask things on various forums and stuff. But yeah, the open paper, open problems paper is a really good one.Myra Deng [00:39:28]: For other people who want to get started, I think, you know, MATS is a great program. What's the acronym for? Machine Learning and Alignment Theory Scholars? It's like the...Vibhu Sapra [00:39:40]: Normally summer internship style.Myra Deng [00:39:42]: Yeah, but they've been doing it year round now. And actually a lot of our full-time staff have come through that program or gone through that program. And it's great for anyone who is transitioning into interpretability. There's a couple other fellows programs. We do one as well as Anthropic. And so those are great places to get started if anyone is interested.Mark Bissell [00:40:03]: Also, I think been seen as a research field for a very long time. But I think engineering... I think engineers are sorely wanted for interpretability as well, especially at Goodfire, but elsewhere, as it does scale up.Shawn Wang [00:40:18]: I should mention that Lee actually works with you guys, right? And in the London office and I'm adding our first ever McInturk track at AI Europe because I see this industry applications now emerging. And I'm pretty excited to, you know, help push that along. Yeah, I was looking forward to that. It'll effectively be the first industry McInturk conference. Yeah. I'm so glad you added that. You know, it's still a little bit of a bet. It's not that widespread, but I can definitely see this is the time to really get into it. We want to be early on things.Mark Bissell [00:40:51]: For sure. And I think the field understands this, right? So at ICML, I think the title of the McInturk workshop this year was actionable interpretability. And there was a lot of discussion around bringing it to various domains. Everyone's adding pragmatic, actionable, whatever.Shawn Wang [00:41:10]: It's like, okay, well, we weren't actionable before, I guess. I don't know.Vibhu Sapra [00:41:13]: And I mean, like, just, you know, being in Europe, you see the Interp room. One, like old school conferences, like, I think they had a very tiny room till they got lucky and they got it doubled. But there's definitely a lot of interest, a lot of niche research. So you see a lot of research coming out of universities, students. We covered the paper last week. It's like two unknown authors, not many citations. But, you know, you can make a lot of meaningful work there. Yeah. Yeah. Yeah.Shawn Wang [00:41:39]: Yeah. I think people haven't really mentioned this yet. It's just Interp for code. I think it's like an abnormally important field. We haven't mentioned this yet. The conspiracy theory last two years ago was when the first SAE work came out of Anthropic was they would do like, oh, we just used SAEs to turn the bad code vector down and then turn up the good code. And I think like, isn't that the dream? Like, you know, like, but basically, I guess maybe, why is it funny? Like, it's... If it was realistic, it would not be funny. It would be like, no, actually, we should do this. But it's funny because we know there's like, we feel there's some limitations to what steering can do. And I think a lot of the public image of steering is like the Gen Z stuff. Like, oh, you can make it really love the Golden Gate Bridge, or you can make it speak like Gen Z. To like be a legal reasoner seems like a huge stretch. Yeah. And I don't know if that will get there this way. Yeah.Myra Deng [00:42:36]: I think, um, I will say we are announcing. Something very soon that I will not speak too much about. Um, but I think, yeah, this is like what we've run into again and again is like, we, we don't want to be in the world where steering is only useful for like stylistic things. That's definitely not, not what we're aiming for. But I think the types of interventions that you need to do to get to things like legal reasoning, um, are much more sophisticated and require breakthroughs in, in learning algorithms. And that's, um...Shawn Wang [00:43:07]: And is this an emergent property of scale as well?Myra Deng [00:43:10]: I think so. Yeah. I mean, I think scale definitely helps. I think scale allows you to learn a lot of information and, and reduce noise across, you know, large amounts of data. But I also think we think that there's ways to do things much more effectively, um, even, even at scale. So like actually learning exactly what you want from the data and not learning things that you do that you don't want exhibited in the data. So we're not like anti-scale, but we are also realizing that scale is not going to get us anywhere. It's not going to get us to the type of AI development that we want to be at in, in the future as these models get more powerful and get deployed in all these sorts of like mission critical contexts. Current life cycle of training and deploying and evaluations is, is to us like deeply broken and has opportunities to, to improve. So, um, more to come on that very, very soon.Mark Bissell [00:44:02]: And I think that that's a use basically, or maybe just like a proof point that these concepts do exist. Like if you can manipulate them in the precise best way, you can get the ideal combination of them that you desire. And steering is maybe the most coarse grained sort of peek at what that looks like. But I think it's evocative of what you could do if you had total surgical control over every concept, every parameter. Yeah, exactly.Myra Deng [00:44:30]: There were like bad code features. I've got it pulled up.Vibhu Sapra [00:44:33]: Yeah. Just coincidentally, as you guys are talking.Shawn Wang [00:44:35]: This is like, this is exactly.Vibhu Sapra [00:44:38]: There's like specifically a code error feature that activates and they show, you know, it's not, it's not typo detection. It's like, it's, it's typos in code. It's not typical typos. And, you know, you can, you can see it clearly activates where there's something wrong in code. And they have like malicious code, code error. They have a whole bunch of sub, you know, sub broken down little grain features. Yeah.Shawn Wang [00:45:02]: Yeah. So, so the, the rough intuition for me, the, why I talked about post-training was that, well, you just, you know, have a few different rollouts with all these things turned off and on and whatever. And then, you know, you can, that's, that's synthetic data you can kind of post-train on. Yeah.Vibhu Sapra [00:45:13]: And I think we make it sound easier than it is just saying, you know, they do the real hard work.Myra Deng [00:45:19]: I mean, you guys, you guys have the right idea. Exactly. Yeah. We replicated a lot of these features in, in our Lama models as well. I remember there was like.Vibhu Sapra [00:45:26]: And I think a lot of this stuff is open, right? Like, yeah, you guys opened yours. DeepMind has opened a lot of essays on Gemma. Even Anthropic has opened a lot of this. There's, there's a lot of resources that, you know, we can probably share of people that want to get involved.Shawn Wang [00:45:41]: Yeah. And special shout out to like Neuronpedia as well. Yes. Like, yeah, amazing piece of work to visualize those things.Myra Deng [00:45:49]: Yeah, exactly.Shawn Wang [00:45:50]: I guess I wanted to pivot a little bit on, onto the healthcare side, because I think that's a big use case for you guys. We haven't really talked about it yet. This is a bit of a crossover for me because we are, we are, we do have a separate science pod that we're starting up for AI, for AI for science, just because like, it's such a huge investment category and also I'm like less qualified to do it, but we actually have bio PhDs to cover that, which is great, but I need to just kind of recover, recap your work, maybe on the evil two stuff, but then, and then building forward.Mark Bissell [00:46:17]: Yeah, for sure. And maybe to frame up the conversation, I think another kind of interesting just lens on interpretability in general is a lot of the techniques that were described. are ways to solve the AI human interface problem. And it's sort of like bidirectional communication is the goal there. So what we've been talking about with intentional design of models and, you know, steering, but also more advanced techniques is having humans impart our desires and control into models and over models. And the reverse is also very interesting, especially as you get to superhuman models, whether that's narrow superintelligence, like these scientific models that work on genomics, data, medical imaging, things like that. But down the line, you know, superintelligence of other forms as well. What knowledge can the AIs teach us as sort of that, that the other direction in that? And so some of our life science work to date has been getting at exactly that question, which is, well, some of it does look like debugging these various life sciences models, understanding if they're actually performing well, on tasks, or if they're picking up on spurious correlations, for instance, genomics models, you would like to know whether they are sort of focusing on the biologically relevant things that you care about, or if it's using some simpler correlate, like the ancestry of the person that it's looking at. But then also in the instances where they are superhuman, and maybe they are understanding elements of the human genome that we don't have names for or specific, you know, yeah, discoveries that they've made that that we don't know about, that's, that's a big goal. And so we're already seeing that, right, we are partnered with organizations like Mayo Clinic, leading research health system in the United States, our Institute, as well as a startup called Prima Menta, which focuses on neurodegenerative disease. And in our partnership with them, we've used foundation models, they've been training and applied our interpretability techniques to find novel biomarkers for Alzheimer's disease. So I think this is just the tip of the iceberg. But it's, that's like a flavor of some of the things that we're working on.Shawn Wang [00:48:36]: Yeah, I think that's really fantastic. Obviously, we did the Chad Zuckerberg pod last year as well. And like, there's a plethora of these models coming out, because there's so much potential and research. And it's like, very interesting how it's basically the same as language models, but just with a different underlying data set. But it's like, it's the same exact techniques. Like, there's no change, basically.Mark Bissell [00:48:59]: Yeah. Well, and even in like other domains, right? Like, you know, robotics, I know, like a lot of the companies just use Gemma as like the like backbone, and then they like make it into a VLA that like takes these actions. It's, it's, it's transformers all the way down. So yeah.Vibhu Sapra [00:49:15]: Like we have Med Gemma now, right? Like this week, even there was Med Gemma 1.5. And they're training it on this stuff, like 3d scans, medical domain knowledge, and all that stuff, too. So there's a push from both sides. But I think the thing that, you know, one of the things about McInturpp is like, you're a little bit more cautious in some domains, right? So healthcare, mainly being one, like guardrails, understanding, you know, we're more risk adverse to something going wrong there. So even just from a basic understanding, like, if we're trusting these systems to make claims, we want to know why and what's going on.Myra Deng [00:49:51]: Yeah, I think there's totally a kind of like deployment bottleneck to actually using. foundation models for real patient usage or things like that. Like, say you're using a model for rare disease prediction, you probably want some explanation as to why your model predicted a certain outcome, and an interpretable explanation at that. So that's definitely a use case. But I also think like, being able to extract scientific information that no human knows to accelerate drug discovery and disease treatment and things like that actually is a really, really big unlock for science, like scientific discovery. And you've seen a lot of startups, like say that they're going to accelerate scientific discovery. And I feel like we actually are doing that through our interp techniques. And kind of like, almost by accident, like, I think we got reached out to very, very early on from these healthcare institutions. And none of us had healthcare.Shawn Wang [00:50:49]: How did they even hear of you? A podcast.Myra Deng [00:50:51]: Oh, okay. Yeah, podcast.Vibhu Sapra [00:50:53]: Okay, well, now's that time, you know.Myra Deng [00:50:55]: Everyone can call us.Shawn Wang [00:50:56]: Podcasts are the most important thing. Everyone should listen to podcasts.Myra Deng [00:50:59]: Yeah, they reached out. They were like, you know, we have these really smart models that we've trained, and we want to know what they're doing. And we were like, really early that time, like three months old, and it was a few of us. And we were like, oh, my God, we've never used these models. Let's figure it out. But it's also like, great proof that interp techniques scale pretty well across domains. We didn't really have to learn too much about.Shawn Wang [00:51:21]: Interp is a machine learning technique, machine learning skills everywhere, right? Yeah. And it's obviously, it's just like a general insight. Yeah. Probably to finance too, I think, which would be fun for our history. I don't know if you have anything to say there.Mark Bissell [00:51:34]: Yeah, well, just across the science. Like, we've also done work on material science. Yeah, it really runs the gamut.Vibhu Sapra [00:51:40]: Yeah. Awesome. And, you know, for those that should reach out, like, you're obviously experts in this, but like, is there a call out for people that you're looking to partner with, design partners, people to use your stuff outside of just, you know, the general developer that wants to. Plug and play steering stuff, like on the research side more so, like, are there ideal design partners, customers, stuff like that?Myra Deng [00:52:03]: Yeah, I can talk about maybe non-life sciences, and then I'm curious to hear from you on the life sciences side. But we're looking for design partners across many domains, language, anyone who's customizing language models or trying to push the frontier of code or reasoning models is really interesting to us. And then also interested in the frontier of modeling. There's a lot of models that work in, like, pixel space, as we call it. So if you're doing world models, video models, even robotics, where there's not a very clean natural language interface to interact with, I think we think that Interp can really help and are looking for a few partners in that space.Shawn Wang [00:52:43]: Just because you mentioned the keyword

Muhammad Danish, University of New Mexico lead author and cybersecurity researcher, discussing his team's work on "Private Links, Public Leaks: Consequences of Frictionless User Experience on the Security and Privacy Posture of SMS-Delivered URLs". This paper examines how the push for frictionless user experiences has led many services to rely on SMS-delivered, single-click URLs—an inherently insecure channel that can be intercepted or leaked. Analyzing more than 322,000 unique URLs from 33 million messages, the researchers found widespread security failures, including exposed PII across 701 endpoints at 177 services due to weak, token-based authentication that treats possession of a link as sufficient authorization. The study also identified low-entropy tokens enabling mass URL enumeration and data overfetching issues, though disclosures prompted 18 services to fix flaws, improving privacy protections for at least 120 million users. The research can be found here: ⁠Private Links, Public Leaks: Consequences of Frictionless User Experience on the Security and Privacy Posture of SMS-Delivered URLs Learn more about your ad choices. Visit megaphone.fm/adchoices

Recorded live at Cloud Connections, the Cloud Communications Alliance event in Delray Beach, Doug Green, Publisher of Technology Reseller News, spoke with Bill Placke, Co-Founder & President, Americas at SecurePII, about one of the most pressing challenges facing AI-driven communications today: how to scale AI while complying with global data privacy regulations—and how that challenge can become a competitive advantage. Placke explains that SecurePII was formed to address a growing structural problem in AI adoption. While organizations are eager to deploy AI and train large language models, regulatory uncertainty around personally identifiable information (PII) has stalled progress. Citing industry research showing that more than 60 percent of AI initiatives have been paused due to data privacy concerns, Placke argues that governance policies alone are not enough. Instead, SecurePII takes an architectural approach. At the core of SecurePII's solution is data minimization at the point of ingestion. The company's technology prevents sensitive information—such as credit card numbers, names, addresses, or social security numbers—from ever entering enterprise systems. SecurePII's existing PCI-focused offering already removes cardholder data from call flows, keeping organizations out of PCI scope entirely. The same approach is now being extended to broader categories of PII, enabling AI systems to operate and train on clean data streams that are free from regulated information. Placke emphasizes that this upstream architectural design fundamentally changes the compliance equation. Regulators and plaintiff attorneys, he notes, care about outcomes—not intent. If sensitive data never enters the system, compliance scope, audit costs, breach exposure, and regulatory risk are dramatically reduced. “Downstream controls don't scale with AI—architecture does,” Placke says, positioning data minimization as a foundation for both trust and growth. The discussion also highlights the role of consent and customer trust in an AI-enabled world. Rather than asking customers to consent to broad data use, SecurePII enables enterprises to clearly state that sensitive information is neither seen nor stored, while still allowing AI to learn from outcomes and sentiment. This approach removes what Placke calls the “creepy factor” associated with AI and personal data, while aligning with emerging frameworks such as the EU AI Act and long-standing NIST guidance. For MSPs, UCaaS providers, and channel partners, Placke frames compliance not as a cost center but as a revenue opportunity. By embedding privacy-preserving architectures into voice, AI, and communications solutions, service providers can differentiate themselves as trusted advisors—helping customers deploy AI safely, reduce regulatory exposure, and accelerate adoption. To learn more about SecurePII and its privacy-first AI architecture, visit https://www.securepii.cloud/.

Corey Zumar is a Product Manager at Databricks, working on MLflow and LLM evaluation, tracing, and lifecycle tooling for generative AI.Jules Damji is a Lead Developer Advocate at Databricks, working on Spark, lakehouse technologies, and developer education across the data and AI community.Danny Chiao is an Engineering Leader at Databricks, working on data and AI observability, quality, and production-grade governance for ML and agent systems.MLflow Leading Open Source // MLOps Podcast #356 with Databricks' Corey Zumar, Jules Damji, and Danny ChiaoJoin the Community: https://go.mlops.community/YTJoinInGet the newsletter: https://go.mlops.community/YTNewsletterShoutout to Databricks for powering this MLOps Podcast episode.// AbstractMLflow isn't just for data scientists anymore—and pretending it is is holding teams back. Corey Zumar, Jules Damji, and Danny Chiao break down how MLflow is being rebuilt for GenAI, agents, and real production systems where evals are messy, memory is risky, and governance actually matters. The takeaway: if your AI stack treats agents like fancy chatbots or splits ML and software tooling, you're already behind.// BioCorey ZumarCorey has been working as a Software Engineer at Databricks for the last 4 years and has been an active contributor to and maintainer of MLflow since its first release. Jules Damji Jules is a developer advocate at Databricks Inc., an MLflow and Apache Spark™ contributor, and Learning Spark, 2nd Edition coauthor. He is a hands-on developer with over 25 years of experience. He has worked at leading companies, such as Sun Microsystems, Netscape, @Home, Opsware/LoudCloud, VeriSign, ProQuest, Hortonworks, Anyscale, and Databricks, building large-scale distributed systems. He holds a B.Sc. and M.Sc. in computer science (from Oregon State University and Cal State, Chico, respectively) and an MA in political advocacy and communication (from Johns Hopkins University)Danny ChiaoDanny is an engineering lead at Databricks, leading efforts around data observability (quality, data classification). Previously, Danny led efforts at Tecton (+ Feast, an open source feature store) and Google to build ML infrastructure and large-scale ML-powered features. Danny holds a Bachelor's Degree in Computer Science from MIT.// Related LinksWebsite: https://mlflow.org/https://www.databricks.com/~~~~~~~~ ✌️Connect With Us ✌️ ~~~~~~~Catch all episodes, blogs, newsletters, and more: https://go.mlops.community/TYExploreJoin our Slack community [https://go.mlops.community/slack]Follow us on X/Twitter [@mlopscommunity](https://x.com/mlopscommunity) or [LinkedIn](https://go.mlops.community/linkedin)] Sign up for the next meetup: [https://go.mlops.community/register]MLOps Swag/Merch: [https://shop.mlops.community/]Connect with Demetrios on LinkedIn: /dpbrinkmConnect with Corey on LinkedIn: /corey-zumar/Connect with Jules on LinkedIn: /dmatrix/Connect with Danny on LinkedIn: /danny-chiao/Timestamps:[00:00] MLflow Open Source Focus[00:49] MLflow Agents in Production[00:00] AI UX Design Patterns[12:19] Context Management in Chat[19:24] Human Feedback in MLflow[24:37] Prompt Entropy and Optimization[30:55] Evolving MLFlow Personas[36:27] Persona Expansion vs Separation[47:27] Product Ecosystem Design[54:03] PII vs Business Sensitivity[57:51] Wrap up

Right now, while you're listening to this, one of your sales reps is pasting customer data into ChatGPT. Your marketing manager just uploaded strategic memos to Claude. And your IT department has no idea. Welcome to Shadow AI. Research shows that while only 40% of companies have official enterprise AI licenses, 90% of employees are using AI tools through personal accounts. Your team isn't trying to sabotage you - they're trying to survive the "Admin Drag" we discussed in Episode 01. The question isn't whether they're using AI. They are. The question is: Are you going to hide from it, or are you going to lead it? In this episode, Mike Allton tackles the biggest obstacle standing between you and effective AI implementation: governance. He breaks down why the typical corporate response - the "ban hammer" - doesn't just fail, it makes the problem worse by driving AI usage completely underground where you have zero visibility. You'll discover: Why 90% of employees are "Shadow Users" leveraging personal AI accounts to hit their goals The three scenarios currently creating data leaks in most revenue organizations (PII in free tools, unreleased product details in public galleries, customer records in unsecured platforms) Why your team isn't being malicious - they're being desperate (and what that tells you about your tech stack) The "Traffic Light System": A simple 3-tier framework (Green/Yellow/Red) that employees actually remember How to launch a 30-Day Amnesty Program that brings Shadow AI into the light without creating a witch hunt The 7-day implementation roadmap to go from "Shadow Risk" to "Sanctioned Speed" This isn't about punishing innovation. It's about governing it. Because when you sanction Shadow AI, you don't just reduce risk - you unlock velocity. Mike walks you through the exact email templates, survey questions, and policy frameworks you need to turn your biggest security vulnerability into a competitive advantage. Featured Framework: The 30-Day Amnesty Program - discover what tools your team is actually using (and why your official stack is failing them) Featured Resource: The Shadow AI Governance Launchpad - includes the Traffic Light cheat sheet, amnesty email script, and AI Use Policy template ready for Legal review Download here: https://theaihat.com/the-executive-guide-to-shadow-ai-from-security-risk-to-competitive-advantage/ Next Episode: We move from governance to implementation. You'll learn how to hire your first Digital Crew member - a Sales Prep Agent that researches prospects 15 minutes before every call and delivers a Battle Card to your rep's inbox. If you're a VP of Sales, CRO, or RevOps Director who needs to secure your team while enabling them to move faster, this is your playbook. Episode Timestamps 00:00 Introduction to Shadow AI 00:26 The Reality of Unapproved AI Usage 02:21 The Risks of Shadow AI 03:55 The Ineffectiveness of Banning AI 07:21 Sanctioning AI for Safety and Efficiency 08:35 Implementing the Traffic Light System 10:25 Rolling Out the AI Amnesty Program 13:08 Final Thoughts and Next Steps 14:52 Conclusion and Wrap-Up Learn more about your ad choices. Visit megaphone.fm/adchoices

In this bonus episode of Banking on Fraudology, powered by Safeguard , Hailey Windham talks with Ben Graf, a self-taught AI expert in the neobank space. Ben embodies the spirit of curiosity and courage driving the next wave of fraud-fighting transformation.The conversation dives into what it really looks like to learn AI from the ground up, emphasizing that the future of fraud prevention isn't about replacing people, but empowering them through technology.Key Takeaways: AI, Innovation, and Fraud-Fighting EmpowermentUsing AI to Learn AI: Ben explains how he used varying LLM chats (like ChatGPT, Claude, and Gemini) as a coach or mentor, experimenting for hours to understand their capabilities, consistency, and how to effectively prompt them.This approach helped him translate technical language and practices (like data analysis, SQL, and JavaScript) into actionable knowledge for his team, breaking down communication barriers.The hardest part was knowing where to start, but the key was realizing that "something is better than nothing" and compounding knowledge quickly breaks down barriers.Practical AI Applications for Eliminating Busy Work: AI should be used to make teams more efficient and help professionals focus strategically.Automating Document Verification: AI can use OCR to pull data, flag inconsistencies, and serve up summaries for identity, business, and income documents, which are often the most time-consuming parts of a review.Data Retrieval and System Silos: AI can help team members write their own SQL queries to retrieve data from data warehouses, dramatically reducing requests to the data team.Product and Feature Proposals: AI tools can mock up full dashboard concepts and even provide code snippets to give engineers a visual and break down communication barriers between fraud and technical teams.The Power of Empowerment and Buy-In: Leadership should create a culture where fraud fighters are empowered to explore and innovate.The magic of time savings lies in filling the time freed from "busy work" (like false positives) with new, high-impact tasks, whether that's cost savings in fraud loss or better customer retention.Teams are advised to keep proprietary or PII information out of the loop and find safe spaces to explore, remembering that everyone is still figuring out what AI can do.Get in the mood of being grateful for the fraud-fighting community, and be reminded of how strong the fraud-fighting community truly is. About Hailey Windham:As a 2023 CU Rockstar Recipient, Hailey Windham, CFCS (Certified Financial Crimes Specialist) demonstrated unbounding passion for educating her community, organization and credit union membership on scams in the market and best practices to avoid them. She has implemented several programs within her previous organizations that aim at holistically learning about how to prevent and detect fraud targeted at membership and employees. Windham's initiatives to build strong relationships and partnerships throughout the credit union community and industry experts have led to countless success stories. Her applied knowledge of payments system programs combined with her experience in fraud investigations offers practical concepts that are transferable, no matter the organization's size. Connect with Hailey on LinkedIn: https://www.linkedin.com/in/hailey-windham/

Yeah, agnetic browsers can do your work for you.

In this episode of the Power Producers Podcast, host David Carothers sits down with Jeff Harris, the CEO and co-founder of Appulate, widely considered the original Insurtech (founded in 2005). Jeff shares Appulate's journey from solving the "abysmal" problem of supplemental form generation to becoming an all-in-one AI solution for agencies. They discuss the critical gap between insurance and technology, how AI is reshaping the industry, and why Appulate is taking a conservative and reliable approach to its implementation. The conversation also covers the dangers of agents using public AI tools with client PII and how technology is the "great equalizer" for small agencies. Key Highlights: The Evolution of the Oldest Insurtech Jeff Harris details Appulate's nearly 20-year history, which began by solving the pain of manual supplemental forms. Today, their Producer Connect platform serves as a "bolt-on" to an agency's AMS, acting as a broad marketing platform that saves time on data entry, obtains loss runs, and integrates with thousands of carrier portals to eliminate redundant work. AI's Role: A Conservative and Reliable Approach While AI is changing the industry, Jeff emphasizes that it must be reliable and consistent. He compares it to Tesla's autonomous driving—it had to be perfected before users could trust it. Appulate currently uses AI where it excels, such as parsing data from loss runs and deck pages, but avoids areas where the industry (like carrier portals) isn't ready for full AI integration, which could cause more problems than it solves. The Danger of "Lazy" AI Implementation  David and Jeff discuss the significant E&O and cyber risk of "fundamentally lazy" agents uploading policies with Personally Identifiable Information (PII) into public Chat-GPT. Jeff stresses the importance of using secure, vendor-provided AI solutions rather than unvetted public tools, highlighting that AI is already being effectively used in areas like fraud detection. AI as the "Great Equalizer" for Agencies Jeff explains that AI is a "once-in-a-generation opportunity" for small and mid-sized agencies to compete with the 100-pound gorillas. By automating manual, time-consuming tasks, AI reduces burnout and turnover, helps retain younger tech-savvy talent, and allows smaller agencies to achieve the same level of output and efficiency as their largest competitors without massive investments in headcount. Connect with: David Carothers LinkedIn Jeff Harris LinkedIn Kyle Houck LinkedIn Visit Websites: Power Producer Base Camp Appulate Killing Commercial Crushing Content Power Producers Podcast Policytee The Dirty 130 The Extra 2 Minutes

- Apple Announces 3nm M5 Processor - No In-Box Wall Wart for New MacBook Pro in EU and UK - Apple Announces iPad Pro Powered by M5 - Apple Outs Black Magic Keyboard for iPad Air - M5 Apple Vision Pro Up for Order - M2 Vision Pro Not Eligible for Trade-In - Apple Announces Accessories for Vision Pro - Apple Vision Pro App Hits iPad with iPadOS 26.1 - NBA 2K26 Arcade Edition Hits Apple Arcade Today - US Mint Previews $1 California Innovation Coin Featuring Steve Jobs - The FBI says sites are spoofing the FBI. Plus - a medical imaging company loses patient PII with no compensation. It's all on Checklist No. 444 - Find it today at checklist.libsyn.com - Catch Ken on Mastodon - @macosken@mastodon.social - Send Ken an email: info@macosken.com - Chat with us on Patreon for as little as $1 a month. Support the show at Patreon.com/macosken

- Joz Teases New Laptop in Cryptic Twitter Post - Omdia: Q3 Global Growth for Smartphones up 3%, Strongest Q3 Growth Ever for iPhone - IDC: Q3 Global Growth for Smartphones up 2.6%, Strongest Q3 Growth Ever for iPhone - Tata Subsidiary Buys Its Way Further Into Apple's Business - Apple Seeds Third blankOS 26.1 Betas to Public Testers - Public Testers Get New AirPods Firmware Betas - Cue Talks State of Apple TV: The Subscription Service - Apple TV Outs Trailer for “The Family Plan 2” - Third Season of “Loot” Starts on Apple TV - The FBI says sites are spoofing the FBI. Plus - a medical imaging company loses patient PII with no compensation. It's all on Checklist No. 444 - Find it today at checklist.libsyn.com - Catch Ken on Mastodon - @macosken@mastodon.social - Send Ken an email: info@macosken.com - Chat with us on Patreon for as little as $1 a month. Support the show at Patreon.com/macosken

- Cook Says iPhone Air to Hit China Next Week - iPhone Air Ships in China on Wednesday 22 October - Carriers Get Special eSIM Permission for iPhone Air - Apple Seeds Third Betas of blankOS 26.1 to Developers - AppleInsider Lists New Features Found in iOS 26.1 Developer Beta - Apple Drops the + from Apple TV+ - F1: The Movie Hits Apple TV: The Streaming Service on 12 December - Apple Store in Carlsbad, CA Makes Temporary Move for Renovations - Apple Ends Sound Service Programs for iPhone 12 Models and Original AirPods Pro - AirPods Pro 3 Make TIME's Best Inventions of 2025 - Sponsored by CleanMyMac - Now with Cloud Cleanup. Try 7 days free and use code MACOSKEN20 for 20% off at clnmy.com/MACOSKEN - The FBI says sites are spoofing the FBI. Plus - a medical imaging company loses patient PII with no compensation. It's all on Checklist No. 444 - Find it today at checklist.libsyn.com - Catch Ken on Mastodon - @macosken@mastodon.social - Send Ken an email: info@macosken.com - Chat with us on Patreon for as little as $1 a month. Support the show at Patreon.com/macosken

- Bloomberg's Gurman Expects at Least Two Updated Apple Products This Week - AT&T Website May Confirm M5-Powered iPad Pro - Ming-Chi Kuo: Hinge May Cost Less Than Expected on iPhone Foldable - Sites See blankOS 26.0.2 in Visitor Logs - Report: Apple Close to Buying Computer Vision Startup Prompt AI - SUNY Professors Sue Apple for Using Their Writing to Train A.I. - Apple Original Films and Chernin to Develop “Five Secrets” Feature - “Knife Edge: Chasing Michelin Stars” Hits Apple TV+ - Apple TV+ Crashes Into “The Last Frontier”  - Apple Pulls “Clips” from App Store, Plans No More Updates - Sponsored by CleanMyMac - Now with Cloud Cleanup. Try 7 days free and use code MACOSKEN20 for 20% off at clnmy.com/MACOSKEN - The FBI says sites are spoofing the FBI. Plus - a medical imaging company loses patient PII with no compensation. It's all on Checklist No. 444 - Find it today at checklist.libsyn.com - Catch Ken on Mastodon - @macosken@mastodon.social - Send Ken an email: info@macosken.com - Chat with us on Patreon for as little as $1 a month. Support the show at Patreon.com/macosken

CISA gives federal agencies 24 hours to patch a critical Cisco firewall bug. Researchers uncover the first known malicious MCP server used in a supply chain attack. The New York SIM card threat may have been overblown. Microsoft tags a new variant of the XCSSET macOS malware. An exposed auto insurance claims database puts PII at risk. Amazon will pay $2.5 billion to settle dark pattern allegations. Researchers uncover North Korea's hybrid playbook of cybercrime and insider threats. An old Hikvision security camera vulnerability rears its ugly head. Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate joins Maria Varmazis, host of T-Minus Space Daily to discuss how his team is securing satellites and space systems from cyber threats. DOGE delivers dysfunction, disarray, and disappointment. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire Guest Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate joins Maria Varmazis, host of T-Minus Space Daily to discuss how his team is securing satellites and space systems from cyber threats and also shares advice for breaking into the fast-growing field of space cybersecurity Selected Reading Federal agencies given one day to patch exploited Cisco firewall bugs (The Record) First malicious MCP Server discovered, stealing data from AI-Powered email systems (Beyond Machines) Secret Service faces backlash over SIM farm bust as experts challenge threat claims (Metacurity) Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs (Bleeping Computer) Microsoft cuts off cloud services to Israeli military unit after report of storing Palestinians' phone calls (CNBC) Auto Insurance Platform Exposed Over 5 Million Records Including Documents Containing PII (Website Planet) Amazon pays $2.5 billion to settle Prime memberships lawsuit (Bleeping Computer) DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception (We Live Security) Critical 8 years old Hikvision Camera flaw actively exploited again (Beyond Machines) The Story of DOGE, as Told by Federal Workers (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices