Chat GPT, emerging technologies and cyber security insights with Lani Refiti
[Music] hello and welcome to Red's Business and Technology podcast I'm your host Jackson Barnes and your co-host Nigel Hein and today we're sitting down with Lani rafiti who's an expert in everything in emerging Technologies and cyber security should be an exciting episode we're going to discuss cyber security chat GPT Ai and what's next for Lani thanks for coming in really appreciate it you're welcome thanks for having me on and and can I um commend you on the setup and and the offices Etc so thanks for having me on no problems at all let's start with uh your background before we get to what you're doing now yeah um roll way back to your first foray into technology and cyber security um out there but Jackson that's going to give up my age mate so I've been in in cyber before it was cyber in fact you know it's funny I was talking to someone over um over the break and said hey you know what New Year's resolution how about we don't call it cyber anymore because it's you know information security or data security but I've I've broken that already so let's go with that so I've been in cyber for about 25 years which probably gives away as I said my uh my age but yeah 25 years uh in cyber emerging Tech as well so worked for a lot of Technology vendors um Intel Corporation Cisco um some of the consulting firms as well so it was at PWC a partner at Deloitte for a while looking after this smart cities uh practice and at the moment I'm uh a partner at a venture capital firm called Ascend okay but uh throughout the throughout their 25 years always in technology business technology I've always said that technology is Great Tech is great I mean I love my gadgets like everyone else but it's the actual people element that make it really interesting without that people element you know it's it's for naught right and um and so back in 2015 I did my masters in Psychotherapy so I've got a masters inside of the rare practice as a therapist as a volunteer I don't have my own private practice so I practice at our local community center so I see a lot of people you know with um what I call the worried well so they're you know stressed they've got anxiety they've got um some trauma uh lost grief Etc so it's that for me the the interesting thing is that people element and then if you the intersection of people and in technology is is really that that's my sweet spot it's definitely a mental element to sort of scary these days with like just the the risk and fear Associated for businesses and people responsible yeah risk and fear and there's also there's always been the element uh you know when you look at something like fishing or whaling sort of attacks it plays on you know the psychology aspect of humans and as humans we're we're in if you look at from a you know how we've evolved and from an anthropological perspective our tribal nature our need to connect our need to trust well that's what you know cyber criminals play on right and that's how they're so successful in terms of getting people to click on things you know it's funny um and I don't mean to digress but I reckon like most of our security problems will be solved if people just stopped clicking on links or downloading files Etc but it's you know we have spent billions of dollars on things like cyber education I just don't think it's going to be sold we can delve into it later in terms of my theories around that but yeah so I've got that technology I've got the people aspect to it and um yeah I think with the way technology is going you know ask me 10 years ago I would have said yeah you know it's got a bit to go and you know where it'll be you know somewhat fun in terms of the next 10 20 odd years but you know with the Advent of AI with you know chat gbt it's made me sort of reassess that and go wow okay where you know where I thought we were going to be in 15 maybe 20 years you could probably condense down potentially five we'll we'll see but it's going to be a pretty exciting uh ride nonetheless yeah it's quite exciting something I want to touch down in a second but before we get there uh do you want to explain in your words what emerging Technologies is for your audience yeah yeah it used to be called you know cyber security as a as a discipline used to be called when I first started was PC security because there was only really Microsoft desktops then became computer security data security information security now we're at cyber security emerging techs are similar right it used to be called high tech when I was working at Cisco and Intel it was high-tech anything that was outside of the ordinary anything that was on The Cutting Edge um iot AI that weren't that wasn't sort of mainstream operational sort of systems was tagged with emerging Tech so it's a bit of a an umbrella and catch-all yeah but it's I I usually um classifies it every every anything that's sort of outside of the mainstream that's being deployed managed Etc yeah it makes sense all right let's uh jump into what you're doing now at Ascend lining yeah yeah so we started to send about two years ago uh and Ascend as a venture capital firm so we've sort of a fund and the the point of differentiation with Ascend is that the the fund mandate or fund thesis is all around National Security and critical infrastructure so we don't do fintech we don't do you know buy now pay later we don't do crypto definitely don't do crypto Etc we looked at how how technology could be most impactful to humans and we picked a thesis that we thought was different in the market but would be impactful which is National Security and critical infrastructure so we we look for startups that can be used Dual Purpose uh you know with a national security context as well as you know critical infrastructure and everyday life so we just felt that that was the most impactful for society impact for for humans and there are some great businesses uh you know in in terms of Australian startups that are actually looking to configure here for the you know overseas markets they're fantastic so how do you help like if you identify um businesses or startups in that field then what do you do for them so it's the um startups that we normally engage have a pretty good idea around their Tech they're usually so we're early stage right so we're seed to series a so they will we'll head to have had a you know an idea an MVP either uh that's almost there a minimal viable product or already have an MVP and sort of pushing it into the market so we can help them with that final stage of product fit Market fit development Etc but most of like I would say 90 of the startups that we talk to the help that we'd give them is more from that market perspective you know a lot of let's say cyber startups they they built their startups for you know the General market and we go well have you considered National Security as well as critical infrastructure and usually eight times out of ten they'll be like well no not really because we don't have any experience in that we we hear that defense is hard to engage with Etc so we we help them build for that particular market and also build for the U.S market most nearly every single startup I've come across is dreams of one day entering the US market so we've got a partner in the US we've got a firm stood up there as well uh networks there to to help them sort of configure here for the US market rather than you know build a business here in Australia hey we're going to the US oh we've got to you know reconfigure our business Market fit Etc yeah that is exciting when we hear of like atlassian who the crazy two Aussies going and doing a lot but you don't hear a lot of um other Aussie Tech startups that actually go over the US and do really well so that's interesting all right let's um let's pivot a little bit to um Ai and chat GPT and everyone's talking about right now um in your words Lonnie what is chat GPT well it's it look in the most simplest term it's a it's a chatbot right and if you've if you've got if you're a customer at a bank or with Telstra or whatever you'll you'll you'll have had experiences with their uh like I'll talk to the Telstra one they're uh the app there's a chatbot you you log on to the app you want to talk to somebody um they'll you have a really rudimentary chat bot that will ask you you know to basically direct your call so uh in the simpler sense chat gbt is a a glorified chat bot it's probably the best I've ever seen like by far and the the language model the data that it saves access to is enormous um and it's a chatbot using natural language processing that's um that's really conversant in terms of human engagement like um it would I would say that it would be close to passing the churning test in terms of being able to actually tell whether it's a human you're interacting with and it's written in text at the moment but it eventually it'll be put into You Know audio in terms of voice something like Siri or Alexa Etc quite scary it is exciting that I've had to play around and um yeah even just like like marketing copy for example this can save you I just want to accomplish something you can just ask the question has everything what what people tend to focus on is chat chat gbt itself but if you look at it as one potential use case from an AI perspective um there could be many right and it's a fantastic use case right it's in beta at the moment it's version four is due out I think in a few months which um supposedly is going to be much more powerful 10 times more powerful than what it is already and like and you're right it you know at the moment it's it's complementary you can use it to complement and supplement what you do I've been using it since version two and version 3.5 is is so much better so much more powerful writing proposals writing reports um you know sometimes I'll be writing a report and you know I'll get writer's block and it'll be like oh you know I've got a I've got to fill this with you know a little bit more and it's like hey chat GPT yeah yeah give me some content to write I'm you know I'm doing this and it's it's fantastic yeah that's exciting so what um have you seen any realistic use cases of charge EBT like being used in Australian businesses yeah not not in Australia I mean it was only released last year November December time frame I know a lot of people who I talk to are using it already marketing um copywriters Etc using it as a supplement yep uh if you've used it I don't know if you notice it but if it's something that you're you're knowledgeable about the actual content is fairly um Bland like it's not really in-depth it's fairly generic like I've asked a number of cyber security questions and the response is a really cookie cutter right and it's not something you could actually look at and go oh yeah I'll take that and implemented immediately but it's pretty good for what it is and I'll I'll give you is one sort of edge use case and this is in the psychology for your mental health field right so I've always been interested as I said the intersection of people in technology and in terms of mental health the some of the challenges that we have is that it's not available to everyone because it can be expensive right to see a psychologist or a therapist 150 an hour kind of thing so and you usually need multiple sessions not just one session you go there and hey I'm well it's usually you know ideally between three to five sessions minimum right so that's a a bit of an investment and there's government programs you can access but that's one of the challenges yeah the Second Challenge is is that uh Regional areas don't have access to to good therapists right because I mean the challenges already with doctors and nurses Etc so I've always been interested in terms of how we can deliver it over video um how we can pre-screen or triage people using chatbots right so I had this over Christmas had a bit of time in my hand so I had these conversations with uh chati chat GPT one of them went for an hour and a half and I thought you know what how is this going to help mental health professionals to to do those you know make it available freely available for everyone uh you know support remote areas so I started this conversation and it started with hey gbt um I'm feeling really depressed my mother has cancer and that was a simple prompt and it started with you know it started a conversation the first one went about an hour and a half and I've got to say as a therapist the responses that came back um had empathy so I was like oh you know it understands you know um and it even threw back some interventions inventions in in the therapy spaces when the therapist says try this or intervenes to try and make a change or a shift in the in the session or in your thinking and even some of the interventions that it had was just was was Vanilla in terms of you know its textbook yeah but you know for a you know a a something that's in beta at the moment you know version 3.5 you could almost see that in three to five years this thing once you merge it with a voice like Siri or Alexa it will actually help you know achieve better mental health outcomes so that merging of people in Tech so that's one use case yep a bit of an edge use case but um yeah because I was like wow yeah that's really impressive I'm excited to see where that goes and I actually did see a video of a Managed IT provider who was putting integrating to teams little connect them to chat TBT and trying to do that level one help desk um within team so you also a quick question around how to watch reset this password or how do I uninstall this application it just gives you back the response like that which is um another thing we've tried yet but uh who knows where that that's gonna go yeah look I even saw and the the brilliant thing about it is already the startups that are being built around who provide service wrappers around judge UBC like there's one I saw online last night as I was doing a bit of prep um it's called Uh do not pay and it basically helps you write letters back to you know if you've got a parking ticket a traffic fine Etc it helps you and I think I've got a success rate of something like 70 at the moment so that's that's really really good and you know even menial things right so I like to prep for a podcast right so I was like um earlier this week I was like hey Chad gbt I'm uh you know I'm a guest on a podcast that's going to be talking about these things how should I prepare and it basically you know how should I prepare talking about Ai and yourself you know Chad gbt in general yeah and it's sped out these five things I was like that's great like it would have taken me about half an hour to come up with these you know things to prepare for yeah that's really exciting and one thing that I did see as well which you probably surely you've seen this one as well um is like people doing malware for example as a service actually using AI to create scripts and different asking how can I social engineer this person better and how can I get into this environment and that's that's actually scary um it is it is and again right it's it's one of those things with technology that it's um you can use it for good and you can use it for evil or bad as well yeah you're right I've I've tried it it's it's um because it learns as you go and it remembers the conversation that you're you're having sometimes I'll get responses where it's where it will allow me to write like a fishing a real not a good fishing email and I've even got it to say write a phishing email because spam filters are good right so they're all they're pretty good these days so sometimes um the spam that you think has spelling areas and grammatical errors are actually ways to evade spam filters so I asked it you know write me a phishing email but tune it so it will you know bypass you know the best of the the current available spam filters I had to try about three times to ask at the same question in a different format because the first time it came and said you know ethically blah blah blah it's like okay well that's a good response but if you change the questions yeah enough or if you break the questions up enough you can actually get the answer that you want which is write me a great phishing email yeah and the sweet sauce with it um that I can see as well is the ability to look back at the same um conversation yeah and alter it so you can say things like make this sound more genuine yeah make it sound like it's from someone in Australia yeah those kind of stuff for you you know as a consultant right you know as you're writing it's like you know it'll spit out let's say a thousand words and then you can prompt it write more about blah blah blah write more you know write in the I've even tried to say write it in the style of McKinsey consultant and it will spit something out and I'll say write it in the um you know from an Auditor's perspective yeah something out completely different but on on tasks that's a brilliant it's a brilliant tool and when you think about where it is now to where it can be in the next five years let's say it's it's coming out of nowhere and it's kind of exploding well they've actually they've been developing for a while if you if you keep an eye I'm not a an AI researcher by any is but I keep an eye on on emerging Tech so they they were founded in 20 2015 so they've been there for as a lab they're not a they're what I call a quasi um a not-for-profit so they're a not-for-profit they're called a capped for profit so they can accept invest Microsoft and invested yep a billion already look like they're going to pour another 10 billion into it primarily as your credits but um so they've been around for a while they were they were a bit of a um an altruistic answer to when Google acquired deepmind so Google acquired deep mine in 2014 a bunch of people got together and thought hey this is too powerful to be in a in one company's you know one Tech you know companies uh remit so let's create an open source alternative in terms of research and it you know if you look at the people who founded Sam Altman from y combinator Elon Musk needs no introduction Peter Thiel palantir and PayPal Reed Hoffman LinkedIn so they had some really um you know sort of fantastic Silicon Valley type people yeah and it's just gone from there so the you know model two was released about a year and a half ago so as I said I've been playing around with it since then but the reason it's gone public and more in the public eye and blood recently is because of the was it version 3 or 3.5 open so anyone can go and do it before it was kind of um I mean they said they got uh they reached a million users in five days right yeah if you look at it yeah well Facebook took 10 months to get them to a million users I think insta Instagram was like two and a half months so it's I haven't seen the numbers but it's been pretty pretty quick and everyone I talked to who's who even dabbles in Tech teachers you know um have tried it and have used it Etc yeah well the next podcast we've got actually in the studio uh later this week is with the head of our tea at a school in Brisbane he's going to talk about um chat tipty and AI future and education yeah yeah I'd be Keen to hear that from a from a professional and an education um and from a pedagogical you know sort of educational yeah good to hear because I think that's going to be the first industry that's going to be really disrupted by by something like ubt I think so nice have you checked out it's been AI oh look it's going to be as you said a platform right so I see more emerging economies and new Industries in your business you know leveraging this platform to help you know humans do more yeah yeah yeah and that look and people often will ask hey you know is this going to do which jobs are going to be displaced um by things like Chad gbt that's what's gonna ask next on I guess you're like what are the what is what's the actual impact and what's going to be I guess automated or what's AI going to enchantically in particular going to um cut out from a job's perspective in Australia yeah yeah yeah you know what I find before I answer that what I find interesting is about uh when I was at Cisco uh this is going back six or seven years ago we were talking to traditional Industries Trucking manufacturing Etc about their blue collar workers being displaced by automation robotics Etc and uh you know the the catch cry back then was learn to code right the teacher um digital people how to code about technology now with chat gbt who can do rudimentary sort of programming and you can see you know within the next five years uh the disruption coming in software development now what do you teach them right I think the latest one is uh teach them to be an entrepreneur right build a business um but look I I think in the short term um and again right the timeline's good depending on how quickly the city develops I think within the short frame three to five years I think you're going to see a lot of um not disruption as such I think what's going to happen is uh complementary or it becomes complementary or supplementary to content creation to copywriters to Etc marketing so it's going to be it's going to complement them and help them make their jobs easier uh potentially will you know the need to have so many of these workers may you know they may reduce their numbers but it's it's you don't have to be a rocket science to see that within three to five years it'll probably be automated and uh well trained and the data sets they use won't be so generic so they'll be able to build up I don't know like legal data sets you know real estate data sets Etc because everything in the database if I'm wrong is up until mid 2020 is nothing but it's generic right it's a it's built as a you know a generic data model so it doesn't specialize in anything in particular but that's the next next step right to make builds um smaller data models off it so when you ask it questions it can point to that particular data model rather than answering it from its sort of general knowledge uh perspective yeah so in your thoughts Lonnie I mean in like emerging Technologies for 25 years now are you in a good spot in Australia to have input on this you think that like coding is something that can be you know really supplemented really like buy AI HTTP and then marketing content creation anything else you think that's going to be good information I think education particularly around how um an non-modern educator right but particularly around how they assess because you know the the first cap of the rank is writing you know essays thesis is Etc using it so I think those three Industries will be supplemented at first disrupted so the you know people in it will need to either do it um you know add more skills or add more points of differentiation and then the third step will be displacement so it'll be our five again five to ten years you'll probably see displacement in terms of people having to retrain reskill to do to do something else yeah it's gonna be so different I'll I'll give a real estate use case actually it's quite funny my sister-in-law she's a zookeeper and um she was saying oh no it's not going to change what I do there's no way and then okay well what's something you've written before she's like oh well we always write you know guides on how to um like build a nutrition plan for example for a kangaroo and I put that in chat DBT and it's like this big and exactly oh she's like wow that's actually very very good and I was like yeah and then shortened to 100 words shorten it for her and she's like oh damn yes there are some industries that it um that it won't disrupt like Barbers you know people think oh you're just joking but I'm like yeah if you look at the hairdressing or barbering it requires human both human interaction but the actual actions from a robotic perspective is going to be pretty hard to you know in terms of dexterity in terms of movement in terms of it's going to be pretty hard to disrupt within the next what we know is happening in robotics within the next I reckon 20 years but even things like blue collar jobs like mechanics right my son's a finishing his apprenticeship this year and I've been in his ear for such so long hey you should have gone to business school or should done your MBA kind of thing but you know talking him through the you know what he does and the complexity of car engines and the different types of you know models Etc again right from a robotics perspective AI will be able to disrupt it from a diagnosis so you bring your car in you'll literally be able to plug into a diagnostic Sport and go hey this is what's wrong a b c and d you need to you know fix replace yeah but it's still going to have to be primarily um done physically and until we get to a stage where cars are fairly carbon copy templated and robotic can you know it's like a like a assembly line yeah see what Tesla does in that space because if you probably saw the uh drone uh walkthrough of like a Tesla gigafactory and how you know robotics in that is pretty pretty intense yeah yeah robotics is coming uh it's still lagging yep um and I'll give you an example right so robotics uh for a long time I've I've been looking at robotics from a um interestingly I'm from an aged care perspective okay so the challenge of this care aged care that we have at the moment is that there's simply not enough people in terms of care from a one-to-one even a one to you know four or five in terms of so a lot of the ages large aged care providers have been looking to tick to try and how can we solve this problem looking ahead you know 10 15 20 years or so so um I did a couple when I was previously as a consultant I did a couple of gigs looking 10 20 years into the future for these organizations in terms of what personal assistance will look like so from an AI perspective you know chat gbt by the time you get into a Serial Alexa type interface and they tune the model you know within about five years great you'll be conversant but still robotics from uh what people tend from a robotics perspective if you're looking for a personal help or a personal carer what people actually connect to are the facial features and if you look at the human face there are you know hundreds of muscles in your actual face and each time it changes and shifts in contrast to another model sorry another muscle it depicts emotion empathy Etc so that's where I think robotics still has a way to go the fine motor skills Etc you know if you look at the Boston Dynamic stuff um you know from a a military perspective yeah you can definitely see it in the next 10 years but from a personal assistant uh kind of thing it's still got a ways to go to catch up to where we are with the AI at the moment yeah I can't imagine it's gonna be a wax I know like in the tech in aged care like you know cameras and fall overseas that kind of stuff already there but it's already the most might be a while like warn sensors you know Apple watch type sensors Laura sensors lorawan sensors so dementia patients if they get out and they're you know roaming the streets or whatever it can be easily identified yeah that kind of tick absolutely yeah yeah so let's put a little bit um into more cyber security you know you're passionate about yeah if you want to lead in with a couple questions yeah sure Jackson's uh look it's interesting listening to the conversation it's all about adaptability right so you know I think yep something that'll pay you massive respect for is you know when cyber security if you want to have a subject matter expert it's always been you right so I really appreciate you coming in but the in terms of adaptability in terms of AI you know I've known you for about a decade now and what you've come from to where we're going yeah what can you share from a cyber point of view in terms of you know thoughts ideas like where the world is going given that we've got this new platform like I say the the AI is really an enabler to let humans achieve more yeah can you talk a bit about that yeah yeah look you're right look 25 years has taught me and cyber has taught me that a lot of things change technology some things don't change you know the motives of cyber criminals to do what they do right they do it for profit um you know uh nation-state actors do it because you know they want to um a geopolitical advantage over other countries Etc so those that aspect of cyber hasn't changed probably never will but the technology definitely um if you look at techniques tactics processes of adversaries of hackers again it's um a lot of it is uh stayed the same a lot of it has changed I I think what what has changed the most particularly here in Australia you could talk more broad globally but um here in particular in Australia we've been fairly slow to um to adopt to to spend to Resource cyber Security Programs I'm talking about individual organizations even from a governmental perspective for a long long time like I remember talking to boards even 10 years ago right so I used to run these um workshops called Black Swan workshops for boards so they they look at their risk to register and they go what are some of the risks that we're just not seeing some you know something that will happen like covert right something we just didn't outside of our um of our standard sort of risk processes so run those workshops to make them more aware of what's what could be coming what what are you not looking at and then you look at it and go okay well is it you know one one power organization we looked at was wanted to start a workshop what it would be like if this is back going back 10 years ago if terrorists sort of sailed a ship into Brisbane port and blew it up you know kind of things like yeah okay you want to look at that let's Workshop that so I used to run these blacks on one workshops and up until still up until about five years ago in critical infrastructure still boards were like yeah a Cyber attack on our critical on our ability to provide clean water or our ability to generate power yeah that's that's Black Swan right won't happen and it's like are you sure that's like given where we are are you sure that that's the case yeah yeah the ability of someone to directly Target our our operational technology systems uh way out there and then what happened right is they're right like no one it's very rare for someone to actually attack a power plant directly in terms of their operational technology but what's happened is that ransomware on the I.T
side which is diamond a dozen right has now started to impact their critical infrastructure because we're now as you guys would know we're now sort of converging operational technology with I.T with Cloud Etc so it's like yeah yeah no one's going to attack you directly in terms of how you generate power and how to clean water but it's going to come through your standard you know it systems so I I think the done the awareness of that as we finally got into the stage where I say that the the long holiday Australia has had when it comes to cyber is over right cyber criminals know that we're we're vulnerable because our we're less mature processes are you know we're just not as Vigilant as they are in the US and the UK so you're seeing a lot more breaches Optus medibank you know last year I follow up I've got a question I got from from that question for you is that there has been so much Innovation from Bad actors and threat actors uh across the globe if you look at the phishing emails throughout even five years ago it was broken English it was shocking and then now you've got like sophisticated social engineering people bypassing MFA like it's evolved so crazy you can use JoJo PC now exactly it can um cyber security in Australia keep up with that yeah look we don't like tools right and I think we spoke about this earlier we don't lack and I said this about five years ago and it was really unpopular I said we don't like the technology and the tools right we've got Oodles of them Oodles of choice Etc in terms of vendors you know even even in terms of security providers it's not that it's the ability to actually integrate that into your organization into your organization's technology sort of processes but even into your organizational culture as well um that's an important point because I'll I'll make I'll give you a short example right so I won't name who the client is but and all the thermals working for but we were doing a privilege access management deployment at a very large Healthcare organization one of the largest in Australia um and so this Pam I'll call it this Pam implementation was essentially to reduce the um what doctors and nurses had access to on their uh on their machines in terms of their user rights they're they're used to having local admin rights they can do anything they want right trouble that is you know malware once all ransomware whatever it is once it gets on your machine it takes those privileges and then does whatever it wants so that so the first tip was we're actually going to restrict it to give you only user rights so you can use your machine but you can't do much else the project that was a it was a eight to nine million dollar project over three years fell over at that first hurdle because doctors and nurses said we're not going to do this uh you know administrators have been working in development there for 15 years and who had access to these tools they said we're not going to do it are we simply not going to give up those uh those rights right so from a cultural perspective there's always going to be challenges adopting new technology but the tech definitely is is out there hopefully in all the big massive breaches that happened recently have kind of changed that mentality a little bit for I think people I think it will and the reason why people have said oh but you know there's been breaches overseas for you know years like we've been talking about there's a particular breach that has been a bit of a use case uh the target breach happened in like 2003 right 2004 time frame so people say oh what's going to change this time and I think what's different is that if you look at just the two Optus midi Bank breaches they were so large and they affected actually people you know you and I Etc um there was a woolies breach as well around there my deal and I've talked to a number of people who who hit the trifecta right they were a customer of all three so I think that's um that's going to change the the mentality of uh of boards of Executives who have already been under scrutiny either from Asic who's a the regulator or apra or the aimo who's the energy uh regulator so there's there there's pressure coming from Regulators from a compliance and Regulatory perspective you know the the stick approach yeah and then there's obviously pressure coming from adversaries threat actors Etc so I think using those two approaches I think you will see change um first of all at the you know the the public sector large end of town but it will definitely flow through because what what one of the big themes of 2023 will be uh supply chain or third-party risk yeah so a lot of these organizations are going to go wow the regulate is asking me to do all these things it's going to cost me so much money to do it all my suppliers I'm just going to pass that risk onto them and get them to meet you know their their sort of obligations under it which reduces my risk and reduces the cost to to me that's definitely I think what's next this year that's big for large companies because Telstra had a little scare because that was like an API with a third-party contractor yeah um internal employees benefits package or something just go release and a lot of employees got um that data got around breached so I think that um people the supply chain connected to you that have data sharing are a big threat as well as looking at people who just supply stuff to you in general yeah I mean I've I did I'm doing some work for a smaller 100 person company at the moment and they they have customers who are very large in transport Etc and so what they're starting to see now in their contracts that they have to adhere to as they're being renewed is that you need to like you need to be ISO 27001 certified now that is that's a huge program right for 100 organization so that then becomes a point of contention for them it's like do we spend over millions of dollars is going to take to build an isms or you know how are we going to do this because one customer may ask for it but you know that it's going to be stock standard across the you know across the board so larger organ in 2023 larger organizations are going to start pushing that down to smaller ones in their supply chain which is you need to comply to list you need to comply to ISM you need to you know which ads which it's cost for a business and just on that line what is your advice to a business owner that I guess is aware they need to do something and we're talking about you know the probably the only businesses yes how do they get match fit from a cyber point of view yeah yeah it's it's be productive right the the worst thing you can do is wait till either a you have a breach or B it comes down in a contract that you have to you know meet certain cyber contractual obligations that you can't because these things um like a ISO 27001 seems to be popular if it's American companies usually around the nist framework but ISO 27001 to build a proper auditable certified isms which is information security management system runs into the millions of dollars right because it's people process and then technology as well in terms of controls so get on the full especially for business owners who you know I know I work with a lot of them a lot of them are very conscious of budgets conscious of cash flow Capital Etc but you need to get you need to see cyber as a as a as a an existential risk just a business risk to you get on the front foot get someone in like yourselves to assess you or where you are in terms of your position and then map out a remediation program these these programs don't get done in months right they're usually two to three years to build them it's interesting and that's something that um that's what I said before like that kind of cost does kind of need to be passed on to if you're putting inflation and inflation to um perspective plus the cost of getting 27001 what that would do to your average kind of cost to other businesses you have to raise a fair amount but something I will say is that even though you know it's a whatever most recession overseas and things Australian businesses aren't really always going especially with technology for the cheapest option so kind of allow us for that a little bit I would say as well um not you have any other questions before we start to wrap up well it's interesting like you talk about you know the the VC fund and technology and all that as a Brisbane boy like yeah what's your take on the the Brisbane scene from a tech point of view and you know you've done a lot with the US and everything to understand you know I love Brisbane and you know living in as you do Lenny so Brisbane is part of the national ecosystem is probably the the Third Wheel you know you've got uh Sydney and Melbourne definitely the the PowerHouse is from an Australian perspective Brisbane does have a um a sort of unique sort of Boutique startup culture I mean we're lucky that people like Steve Baxter you know back in the revision Labs days started early right and he sort of really cemented that sort of scene RCL is still uh here you know with the Australian computer Society owning it but that sort of started off a bit of a a bit of a startup culture around Australian startups here in Brisbane so there's a few of them but primarily most of them are in that um uh you know fintech crypto you know type space uh we're trying to encourage um and at the end we're trying to encourage veterans in particular so those who have served in the Australian Defense Force they they come out people go people think oh veterans come out and they're you know their programs I think a certain way yeah they've got hierarchy and chain of command built in but actually if you talk to them about what they did in their day-to-day jobs whether they've been deployed or whatever it is they had to actually come up with pretty unique sort of ways to get the job done within their unit so to speak so a lot of them come out with fantastic ideas around how you know procurement could be improved in defense or how you know certain things can be done so it's really about creating that new ecosystem tapping into it so I you know we love the fact that the National Security sort of thesis because I I think that's the area for growth for Australia and and starting to export some of our startup Tech given that we have all these you know geopolitical pressures in Ukraine and you know potential conflict coming with China Etc it's it's a good space to be in terms terms of it's a resilient thesis but it will return the same type of returns that investors are looking for fantastic yeah exciting space to uh to be so what's next for lion graffiti I look I think at the moment I I had you know 10 years ago I had all these boxes to uh to tick in terms of career um you know big vendor experience you know tick partner in the big four you know tick and VC was my last one so I'm hoping this is uh this is it uh it's such an exciting space for someone who's got a background in Tech like myself I really had to teach myself investment you know Basics Etc so that's the you know learning something new is probably for me the the exciting but so that's probably what you'll see for me in the next you know decade is around that Venture always you know cyber is always going to be there because that's what I've been doing forever but um yeah in the Venture Capital space exciting uh it's Keen to see uh where how that goes mate thanks again we really appreciate you welcome good insights around chat TBT and Ai and cyber security and you're generally an expert in the Brisbane area and Forsyth in in it cyber and emerging technology so I really appreciate it like awesome really enjoyed the conversation guys thank you [Music]
2023-02-06 23:56