When does passion for cybersecurity best practices turn into smugness for anything that falls short? Too often, professionals lose the forest for the trees, insisting on perfection instead of encouraging practices that are still a net positive for organizations. How can we be better about embracing meaningful improvements instead of demanding purity?
This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Saket Modi, co-founder and CEO, SAFE Security.
Got feedback? Join the conversation on LinkedIn.
Huge thanks to our sponsor, SAFE Security
Full Transcript
Intro
0:00.000
[Voiceover] Best advice for a CISO. Go!
[Saket Modi] As Simon Sinek says, start with the why. I think that is a fundamental question we don’t ask in cybersecurity. We want a new tool. We want to patch a new vulnerability. We want to run a new phishing campaign. So what? And who cares? Why are we doing this? I think that’s a fundamental missing question.
And that’s the delta between somebody being technical and being a business enabler, which really CISOs and the security teams need to elevate themselves to.
[Voiceover] It’s time to begin the CISO Series Podcast.
[David Spark] Welcome to the CISO Series Podcast. My name is David Spark, I’m the producer of the CISO Series. And joining me as my co-host for this very episode, it’s none other than Andy Ellis, a partner, well, only the partner you need to really care about, over at YL Ventures. Andy, say hello to the audience.
[Andy Ellis] Hey, and I’m going to try something a little new today. [Foreign language 00:00:59].
[David Spark] What was that?
[Andy Ellis] Our guest will be able to tell you that was a really bad rendition of my greeting in Hindi.
[Saket Modi] [Laughter] It was a very accurate one, by the way. And you’ve done way better than any of my American slash Jewish friends out there, Andy, so great job. And he basically said, good morning and good evening. And welcome to everybody.
[David Spark] Well, that is, by the way, Saket Modi, the person who’s talking. He’s the CEO over at SAFE, and he’s our sponsor guest for today’s episode. So thrilled that you’re here. In fact, Saket and I got to meet in D.C. when they ran a big event. His company’s sponsoring us, SAFE. By the way, for those of you who don’t know, third-party risk management reinvented with agentic AI.
We’re going to be talking actually about that a little bit later in the show. But let me just bring something up. I realize we are now recording, and for those you listening, just to get into the little sausage making of our show, we have a discussion before the show to discuss what is the banter we’re going to do right after I mention the sponsor.
And I realized we didn’t do that. And so, now, live in front of you, we’re going to figure out what that is or maybe not at all. And Andy usually comes up with ideas like, oh, well, I’m going to be moving soon, or it’s this Jewish holiday coming up, or this team won this game, or their game’s coming up.
And my response to all of that is nobody cares. Do I have that right, Andy?
[Saket Modi] [Laughter]
[Andy Ellis] Yeah. David thinks that none of you care when the Jewish holidays are, which ones we’re in the middle of. Which this is actually one of my favorites is we’re actually currently in the middle of counting the Omer, and we will still be doing that when this one airs. Although we’re doing the Boston live CISO recording right after this airs.
[David Spark] Yes, that will be actually, if you’re listening to this, in just a couple of days, we’ll be in Boston. Both Andy and I will be recording a live show. So, go to our events page at CISOseries.com and you’ll see the link to register for just that.
[Andy Ellis] But actually, I have a real question, which is you’ve often been a little jokingly critical of my efforts to do my greeting in various languages, and I tried to fit it to the language of Saket since he was joining us.
[David Spark] By the way, you nailed it on the head with that one, being that you brought our guest in on your multi-language. By the way, do you know how many languages you’ve done so far in your greeting?
[Andy Ellis] I think I’m probably at about 10 or 11 so far. I will say that when I first thought about doing this in Hindi, I was just like, oh my God, this is not an easy language to try to do anything in.
[David Spark] So, by the way, how was his pronunciation, Saket?
[Saket Modi] It was pretty close to being accurate.
[David Spark] [Laughter] Pretty close to being accurate.
[Saket Modi] Yeah, for somebody who I’m guessing has not tried…
[Andy Ellis] Ever.
[Saket Modi] …this in the past ever, well, first time, considering that, I would say it was exceptional.
[Laughter]
[Andy Ellis] Thank you.
[David Spark] All right, now here’s what Saket knows. He knows to butter up to the co-host in a big way.
[Laughter]
[Saket Modi] I always make best friends out of them. You understand that, how it works.
What about this AI security challenge?
4:09.436
[David Spark] We’re seeing evidence that there is a gap between awareness of the risks posed by AI and the actual action, creating systemic risk for organizations trying to move too quickly. Stanford University recently released its Artificial Intelligence Index report for 2025, and it shows big gaps between organizations who recognize risk and are actively mitigating them.
Now, the most commonly recognized risk in cybersecurity, 66% of respondents consider it a relevant risk with AI, but barely half have actually started actively mitigating it, which I argue that could be true with anything in security. Everyone sees the problem. [Laughter]
So, I don’t think this is isolated to AI, to tell you the honest truth. So, we see similar gaps in risk to regulatory compliance, privacy, and organizational reputation. This could be because organizations aren’t feeling the sting of these risks yet, with only 8% of respondents experiencing an AI incident last year.
Andy, I’m starting with you. This gap, the result of the technology moving so fast that organizations don’t want to invest in mitigations that might be irrelevant tomorrow. Because by the way, my joke before, which could be true, but this also could be true. What do you think?
[Andy Ellis] Yeah, no, so I don’t think it’s that. I don’t think that this is about the “maybe this won’t be relevant.” Actually, that 8% number is staggeringly high.
[David Spark] Okay.
[Andy Ellis] So people should not look at that number and say, “Oh, it’s only 8%.” Like, AI was not a thing people were thinking about at the start of 2024. Our organizations, everybody adopted it, and 8% have already been able to acknowledge they’ve had an incident. We should say that that’s 92% that might’ve had an incident, but don’t know about it yet, or don’t describe an incident to AI.
So, let’s just be cautious that 8% is a floor.
[David Spark] Oh, that’s a good point right there. Yeah.
[Andy Ellis] Look, here’s the reality, and we talk a lot about compliance versus security. And the reality is the reason that most cybersecurity professionals are late to the game when new technologies are coming out, there’s no compliance regime to follow. There’s no checklist that says, “If your company’s doing AI, here’s what to do.” You have to derive your security principles from your first principles and say, okay, what do I care about?
How will AI affect it? What does my loss analysis look like? Whether you’re going to use Nancy Leveson’s STAMP approach and say, what are my unacceptable losses? Which is what I love to do. I love to sit down with the CMO and say, “Your team is the most likely source of an AI incident,” because you’re going to have people who will ask AI to go write copy.
And AI has no self-reflection to know how bad the copy is. It’s really good at writing lots of copy that looks like other things people have sometimes written. And that’s your single biggest AI incident, likely for most companies, was just bad copy.
[David Spark] I think Andy brings up a really good point here, Saket, is I don’t think people know what an AI problem is or isn’t, do they?
[Saket Modi] So, a couple of points there. The first piece is the reason they don’t see that is because I think they don’t still understand what is AI and what is not AI.
[David Spark] Yeah.
[Saket Modi] Because that is the more fundamental issue. And that is very rightfully so. That’s the reason why it is so powerful because AI really by itself doesn’t stand out, but it’s truly getting weaved into the workflow of anything and everything that we are doing today. It’s almost like electricity when it was invented, right?
It just changed everything that we do. So, it was not attacks on electricity. It was like anything that you’re doing which uses electricity can now be attacked in a very different way. So, that’s how I look about AI attacks. By the way, we just released a new research that we co-authored with MIT and it’s public, which says that over 80% of ransomware attacks that have occurred in the last two years leveraged AI in some shape or form.
So, you’re not just talking about attacking AI, but you’re talking about leveraging AI to make the attacks which are already happening way more sophisticated, way more frequent, and that creates a very different kind of complexity.
[David Spark] And also, the definition of sort of AI is, because AI is kind of being layered into almost every tool out there, there’s an element of it so it’s just like it’s now just computing. I mean, can we even segment this out, Andy?
[Andy Ellis] Well, you can’t really segment it out, but at the same time, it’s a different way of using computing. In the same way that like Visual Basic macros were just computing and they aren’t actually really that powerful, but in the context in which they appear, they pose very special capabilities that amplify your risk.
Same thing for AI. And like let’s also remember that when we say AI in 2025, what we really mean is generative AI. People often forget that AI includes a lot of things that are non-generative that still pose risks, but what we’re talking about in general right now is the risk posed by take a prompt and hand it to something that has a very large corpus, and it will turn that prompt into something else.
And the corpus it might have is all of your data. So, it might go and say, when you say, “Hey, am I well paid?” It might say, “Well, you make 50 bucks a year, but your boss, David Spark, makes a million dollars a year.” Yeah, neither of those were things that you really wanted to have your employee know.
[David Spark] All right. You were nodding your head. Let me have you have the closing comment here, Saket.
[Saket Modi] All I will say is that from an AI perspective, AI is going to be the given. It’s table stakes now, whether it’s using AI for doing genetic stuff or using AI for hacks or using AI for security. Any company, any vendor which doesn’t say that they have that already or in their roadmap, I question whether you should even be talking to them.
Are we creating more problems?
10:09.724
[David Spark] Why do cybersecurity practitioners let smugness get in the way of actually reducing risk? Ira Winkler of CYE took umbrage at security folks scoffing at the branded “password notebooks.” Now, keep all your passwords here in this special notebook. Now, if you look at where most people get accounts breached, it isn’t from writing passwords in a physical notebook or the office equivalent of leaving a password on a Post-it note.
These notebooks actually help reduce risk if they stop people from reusing passwords or using really weak ones. So, you’re much more likely to be hit with credential stuffing than someone stealing one physical notebook. So, I throw this to you, Saket. A, do you agree with this? And where do we also see this smugness over best practices?
Because technically this isn’t a best practice, but it is a risk reduction. We see these best practices being overshadowing something that just meaningfully reduces risk. What do you think?
[Saket Modi] Yeah, David. So, a couple of points there. There’s a reason in security we have this concept of defense in depth, which basically means, you know, securing every single layer. It’s called the airport model where every single pass, now, in an ideal world, you can remember 50 complex passwords with special characters across 50 websites, and you don’t even need a password manager because forget about the notebooks.
Even if you use a last pass, even that’s your single source of a lot of wrong things which can happen, right? But that’s also unrealistic. It’s almost like saying the safest computer in the world is the one that nobody has ever opened. So, yes, but then that’s not what computers are built for. So, that’s the same way I would go in defining this, that there are different controls.
And this actually brings me to the fact that the fundamental flaw in how we’ve seen security for the longest time has been very, very isolated controls in the form of compliances. Take any compliance, NIST, CSF, 108 controls. What happens if I don’t do 107th control versus 53rd control versus 3rd control?
Are they all equal? They’re definitely not equal. How do they work with each other? It’s almost like looking at the human body where you get the concept of anatomy versus physiology. Everybody’s talking anatomy with controls, which is individually, but how do they work with each other to then be resistant to different kinds of risk scenarios, is something that nobody’s talking about.
And that’s exactly where obviously we’ve been pioneering risk quantification starts with scenario definitions and then looks at controls intertwined with each other with an open standard like FAIR-CAM called Controls Analytics Model.
[David Spark] All right, Andy.
[Andy Ellis] So, I actually, I kind of agree with Ira and with Saket, but I’m going to go further. I’m actually going to say that a password notebook is a best practice. If you are not using a password notebook, you’re doing it wrong. And why do I say that? Because at some point you’re going to die.
And does your spouse know the passwords that they’re going to need? Do your children know the passwords they’re going to need?
[David Spark] Hold on, wait. Do you have a physical password notebook, Andy, yourself?
[Andy Ellis] Yes, I do.
[David Spark] You do have a physical password notebook.
[Andy Ellis] I have a physical password notebook. My password manager passwords are in it. And there is a cipher involved in the password notebook that my family knows how to reverse engineer. They actually don’t know how to reverse engineer the cipher. I left them some puzzles.
[Laughter]
[Andy Ellis] I’m still a little too paranoid. Oops, if they can’t get through the puzzles, I guess they don’t get to recover my accounts if something happens to me. Because my attitude is if the NSA wants access to these things, they’ll break into my house and like put a sniffer on my keyboard. Like, this keyboard that I think is safe won’t be safe.
[David Spark] Here’s my only argument. Here’s my only tiny, tiny argument.
[Andy Ellis] Sure.
[David Spark] Maybe not use a notebook that says on it, “Password notebook.” That’s my only… [Laughter]
[Andy Ellis] Mine does not say “Password notebook.” But look, I’m not going to critique that over this. The problem here is not even smugness. It’s just outright the hubris where security practitioners grew up in a world and they are wrong. Because the problem is the security practitioners still believe that you can separate the human from the computer, and it’s all about authenticating the human to the computer.
You should not know 90% of your passwords because your password manager is part of your computer. It knows how to authenticate you to a bunch of stuff. You just need the root of trust of how do I authenticate to the computer and to the password manager. But I don’t know most of my passwords. Like, my biggest problem is I have three different password managers, and like where is each password stored?
Four if you count what’s written down, but that one doesn’t matter as much.
[Saket Modi] By the way, Andy, just to add to your analogy, a great example would be Waymo and Tesla full self-drive would not exist if it was for security folks.
[Andy Ellis] Oh, my God. Well, they’re going to have an interesting problem. This one, we’re kind of afield from the original problem, but how many people die a year in car accidents? It’s like 36,000 people in America. But every one of them dies from a different cause. If we could get to full self-driving cars, whether it’s Tesla or Waymo, and brought that number down to 3,000, but they were all caused by one of three pieces of technology, we will go hard after those three companies for creating this risk.
And I see that attitude endemic across security. Like this one vendor, CrowdStrike had its outage. We all freaked out. But how many incidents had CrowdStrike stopped in all the days it didn’t have a very bad day?
Sponsor – SAFE
16:04.616
[David Spark] Who’s our sponsor this week? Well, we’ve been chatting with Saket Modi, who’s CEO of SAFE, and let me tell you about how awesome SAFE is. This episode is sponsored by SAFE, the cyber risk management company flipping the script on third-party risk management with agentic AI. So, let’s face it, traditional TPRM, that’s third-party risk management, it’s kind of broken.
Like, we never have a guest on the show that says, “Ah, my third-party risk management program is excellent. It’s wonderful.” Manual questionnaires, static assessments, and solid tools can’t keep up with the speed and complexity of today’s vendor ecosystems. This is where SAFE comes in. SAFE leads the way with agentic AI, powering a zero-effort TPRM platform that automates the entire third-party risk lifecycle, from onboarding and due diligence to continuous monitoring.
SAFE’s growing fleet of specialized AI agents does the heavy lifting so your team can focus on what really matters, making smart, risk-informed decisions. Now, that means 100% automated vendor risk assessments and real-time risk-prioritized visibility without the manual grind.
So, it’s no surprise SAFE was recently named a leader in Liminal’s 2025 TPRM report. Top in the charts for product capability, SAFE is also the fastest growing vendor in the TPRM space, hitting $10 million in annual recurring revenue from its TPRM platform alone in just 12 months. So, want to scale your TPRM program without adding headcount?
Check out the future of vendor risk management at tprmdemo.safe.security. And if you don’t remember that, just go to our site. We’ll have a link to it. If you click their banner, it’ll be right there. SAFE is leading the way with autonomous TPRM, and they’ve made their live demo open to everyone. See it in action now.
It’s time to play “What’s Worse?”
18:09.287
[David Spark] All right, Saket, you’re familiar with the “What’s Worse?” game? Two horrible scenarios, you won’t like either one?
[Saket Modi] I am.
[David Spark] You have to figure which one’s worse. I make Andy answer first, and then you can agree or disagree with Andy. I love it when people disagree with Andy.
[Andy Ellis] But I think you should agree with the person who tried to speak a language that you also speak.
[Saket Modi] I like that. That’s where we started the podcast.
[Andy Ellis] That’s right.
[Saket Modi] Now I know.
[Laughter]
[David Spark] You couldn’t do the rest of the show in Hindi, could you, Andy? [Laughter]
[Andy Ellis] Oh, absolutely not.
[David Spark] This one comes from Mustafa Hodzic, and here are the two scenarios. Scenario number one. Andy, you find out from your new OEM reseller who gave you amazing pricing that they cut corners on compliance. As a result, you realize that all your network hardware infrastructure purchases over the past year weren’t sourced as promised, and you’ve now got scattered dozens of unvetted switches, servers, routers, and SD-WAN devices across your on-premises infrastructure.
So, who knows the validity of anything in your environment?
[Andy Ellis] Okay. I mean, I have a serious problem if these are not correctly sourced. Like, I might be in ITAR violation space.
[David Spark] Yeah, this is not good.
[Andy Ellis] I have legal issues. This is not even security issues, necessarily.
[David Spark] Yeah.
[Andy Ellis] Okay, [Laughter] I want to know what’s possibly worse than I might go to jail even after I replace all of this stuff.
[David Spark] All right. Well, this one might be worse, I don’t know. You tell me. Second scenario from Mustafa. You discover that your director of network infrastructure has been running a substantial Bitcoin mining operation inside your private data center. The majority of the new budget over the past five years has been prioritized [Laughter] for better mining gear, with little to no refresh on the company’s infrastructure.
Which one’s worse?
[Andy Ellis] Okay, first one’s worse. The second one’s funny, though. I really do like this.
[Saket Modi] [Laughter]
[David Spark] Well, the first one is just because you have legal implications?
[Andy Ellis] Well, in both cases, I have spent a lot of money.
[David Spark] Well, you’ve got legal implications on the second one, too.
[Andy Ellis] No. Way fewer legal implications on the second one. Here’s why. In both cases, I spent a lot of money, and I basically did not get any value out of that money. I’m going to have to replace all this hardware, and now I have a bunch of hardware, mostly that I can’t use. Like I don’t need a lot of GPUs, although maybe my CFO will be happy if I turn it over and say, “Well, we have this equipment to mine Bitcoin.
We’ll be mining our own Bitcoin.” Who knows if that will fly? But in the first scenario, like A, I screwed this one up. Like this is me as an officer of the corporation failed to do proper diligence on vetting my vendor. My vendor was amazingly sketchy, did some things that exposed me to legal issues.
[David Spark] But you didn’t even vet your own employee in the second scenario.
[Andy Ellis] In the second scenario, I had an employee who went bad. I can toss all the blame right onto that employee. Like what they did is probably a legal violation, certainly a policy violation, like firing and suing them is completely reasonable. And from an optics perspective, I get to do the thing that I hate to do, which is blame the human.
Like, this was their fault. Should I have had better controls? Absolutely. Now I will get some budget to go do them or really my successor will get some budget to go do them because I think in either case, I’m likely out of a job. Maybe we’ll get to reclaim some of that Bitcoin. Who knows? Like, that’ll probably be tied up in a lawsuit for quite a long time, but I’m going to go with the first one way worse.
[David Spark] All right.
[Andy Ellis] But they’re both really bad. And more importantly, they’re both entertaining and novel. So, Mustafa, fantastic job on these two.
[David Spark] So, yeah, these were creative. I like this. I like this one a lot. All right. Even though you immediately picked one right away, still two good bad scenarios.
[Andy Ellis] Yeah. Very good bad scenarios.
[David Spark] All right. Saket, do you agree or disagree, and for what reason?
[Saket Modi] So, the reason I don’t do either, and let me explain why I say that.
[David Spark] Oh, no. You don’t know how this game works.
[Saket Modi] Yeah, I’ll tell you.
[Andy Ellis] You got to pick one.
[David Spark] You got to pick one.
[Saket Modi] Changing the rule of the game, I don’t think that was an informed decision, and I think it depends. I need more analysis and more data to make a more data-backed decision.
[David Spark] So, okay. But this is the information that’s given to you and this is what is presented to you. So, how would you go about making a decision for this?
[Saket Modi] Both answers are wrong. So, here, I cannot go ahead and choose anything because this is the problem with the security community. We’ve been talking about finger in the air, red, amber, green, for the longest time. And that’s the reason why they don’t qualify to being in the C-suite because they can’t back up with the data to say why is one more important than the other, and that’s exactly what I stand for.
So, David, unfortunately, I cannot choose between the two, which is worse, till the time I actually know what is the impact of that. And by the way, if I am the CFO or the CEO or the CISO, I should come with better analysis.
[David Spark] Right. But hold it. You don’t know the impact, but this, okay, that brings a good point. That’s the thing. A lot of times the CISO is working with imperfect information. You can’t always have the information. So, given the information you have here, to what level of decision can you make?
[Saket Modi] Therefore, you talk in ranges. So, FAIR never talks in accurate numbers because anybody who says with ransomware, it’ll cost you $263 million and 43 cents, they’re smoking up something. It always says that, look, based on historical data, and here are the loss drivers, based on this, you’re looking at an impact between $110 to $140 million, and that’s the right way to look at the loss magnitude.
So, I want a range for both of these.
[David Spark] So, you’re telling me the game is wrong. The game shouldn’t be a binary choice.
[Saket Modi] Exactly.
[David Spark] The game should be a range.
[Saket Modi] You got it.
[David Spark] First one to challenge the game. I like it.
[Andy Ellis] He’s not the first one to challenge the game. We’ve had others challenge the game.
[Saket Modi] It changed the game. It’s very simple. That’s what cybersecurity needs, David.
Please, enough! No, more!
24:09.641
[David Spark] Today’s topic is third-party risk management because apparently, your security’s only as good as your sketchiest vendor. So, we’ve all seen the spreadsheets, the endless questionnaires, and the, “Trust us, we’re secure,” responses or “Security is very important to us.” But with supply chain attacks on the rise and everyone outsourcing everything, are we actually managing the risk or just documenting it?
So, I take this to you, Andy. What have you heard enough about when it comes to third-party risk, and what would you like to hear a lot more about?
[Andy Ellis] So, what I’m actually really tired of hearing about is rating the vendors in a vacuum. A lot of what people do when they do TPRM is they take a vendor, and they want to know is this vendor tall enough to do business? And the reality is most vendors at this point know how to fake that. Like, oh, we know how to fill out your questionnaire because we have filled out a lot before, and we have our own AI solution that will fill out the questionnaire for us.
Like we don’t even have to have a human do it. Fine. Send us all the questions you want. And what you end up with is trying to judge like the caliber of company you do business with and you’re trying to critique their practices.
I’m tired of hearing about this because the reality is that’s not your biggest risk. Your risks come from how you use the vendors. Like, the only important question, in my opinion, to ask a vendor, and I know we can’t get to just this question because we have a lot of compliance needs, but is how can I shoot myself in the foot using your technology or your service?
If you don’t understand how the use of that service itself creates risk for you, no matter how great they are at security, you need to assume at some point they’ll get breached, they’ll have a bad day, whatever, or your own employees will just misuse it. If you don’t know where those risks come from, knowing whether or not they themselves are intrinsically risky is putting lipstick on a pig.
[David Spark] All right. I throw this to you, Saket. Same question. What have you heard enough about when it comes to third-party risk, and what would you like to hear a lot more? And I know you have a solution that’s dealing with this right now.
[Saket Modi] Of course. So, I’ll give a completely non-biased answer. [Laughter] Let’s start from there. But I totally agree with Andy, what he said. He absolutely is right. I think the historical ways of sending out questionnaire and just having an ABCDEF score, what’s the meaning of a B? What’s the meaning of a C?
And what Andy very rightly pointed out, it’s basically how am I operating with you? For example, if I’m sharing my network access with you, if I’m sharing my data with you, and then you get hacked, right, that is really what is my biggest risk. It’s not about that stationary vendor who supplies to me some staplers.
Who cares about that? And that, how do you do business with them? So, 100% aligned to that.
However, when you look at a mass industry, right? And this is a big industry. According to Gartner, it is a $4 to $5 billion market. Everybody’s not as smart as Andy. So, you need a framework around that on how do you go ahead and say, what is the risk of each of my third party? And then be able to simply stack rank that in order to understand based on my business relationship with that third-party vendor.
And that’s exactly what we’ve gone ahead, and we’ve automated. We think having questionnaires is a piece of the puzzle. It’s not the whole puzzle. Having the outside and assessment is a piece of the puzzle. And then you put the puzzle together with agentic AI. So, what we’ve been able to do is we’ve been able to achieve what almost sounds too good to be true, 100% autonomous third-party risk management.
And what that means in a very simple way, we have 25 GenAI agents talking to each other. So, let me give you an example.
[David Spark] Mm-hmm.
[Saket Modi] When you enter a Tesla, since we spoke about that, or a Waymo, you enter the name of the destination and click and enter and that’s it. Hands off. And you’re now able to go ahead and the car takes you there. We do the same thing. You want to add McDonald’s as a third party, for example.
And the moment you just say McDonald’s, it automatically looks at the contract from the CLM if it’s already there. If it’s not there, it asks you for it, of what you’re thinking about. And that’s it. The AI agents will go to mcdonalds.com/trustcenter to download their SOC 2 report from there. It’ll go to their privacy policy to read that.
It’ll look at their 8K filings and their 10K filings to see what security disclosures have they made. It’ll see if they’ve been historically breached or not. It will look at everything from the outside and then automatically generate an email, which will go to the third-party vendor, which will say, “So excited to onboard you, Mr.
or Ms. McDonald’s.” Out of my 160 questions I need to know from you based on your relationship with me, because I’m going to give you my network access, I’ve already filled in 110 questions. So, now you just have to fill in those 60 or 70 questions.
And by the way, you don’t have to fill it one by one. You can drag and drop any format, any security assessment, CSV, XLS, PDF, doesn’t matter. Our agentic AI reads that and suppose you fill in a SOC 2, which was not publicly exposed, but you have that, it will auto answer 20 more questions, 30 more questions.
So, this whole experience. And by the way, if somebody is not responding to those answers, it will send an auto nudge in one, two, three days, depending on the tier of the vendor. So, if you think about it, now you can upload say 1000, 2000, 10,000 vendors, and we have a flat fee model. We don’t charge per third party.
So, you can truly scale your third-party risk management program. And once you do that, you basically have now 1000 third parties being onboarded in parallel with zero human intervention required. If you want to intervene, you can totally take over and it’s non-autopilot and you say, “Hey, I will interact.” That’s, totally, that’s the easier use case, but this is 100% automated.
And I just gave you an example of onboarding. There’s a ton of AI agents for monitoring and even sometimes offboarding what you need. So, that’s what we think in a totally non-biased way, the future of third-party risk management.
[David Spark] No, but this just makes a sense for a lot of different things because think about it, how many forms I’ve as a supplier filled out with the same information. I mean, geez, I could literally just… And I usually just upload a document and send it to them, but it always has to fit somebody’s fields in their format for their database to fill that out.
[Andy Ellis] Such a pain.
[David Spark] Andy? Yeah, you’ve done this.
[Andy Ellis] I’ve had the same, right? Because I’ll occasionally have somebody wants me to do consulting with them and I’ll quote them a fee. And I’ve now added, I have a new line-item fee, which is, “If you make me fill out your dang vendor whatever, that’s an extra thousand dollars.”
[Laughter]
[Saket Modi] That’s a smart way to do it.
[David Spark] Really? Just to fill out the form?
[Andy Ellis] Yeah. And it’s become a negotiating point with someone. And I’m like, “Well…” Because the problem is you then all of a sudden send me this, “Oh, you have to onboard and do all of this work.” And I’m like, “That’s like two, three hours of my time or my wife’s time doing, like, integrated to your portal.”
[David Spark] Can I tell you how many times…? I just got a payment that got very delayed because of the system that it was through that didn’t recognize this and didn’t recognize that.
[Andy Ellis] Yeah. And when you cross borders, I had that with a client in Europe who onboarded us and yet somehow onboarded us as if we were a European customer, even though we’d given them U.S. banking details. And so, when they sent money, they just sent it to the transshipment point who then sat on it because they failed to say which bank to forward it to.
[Saket Modi] And by the way, that’s a great example of another GenAI agent of ours, which is the contract analyzer. Because this could have just been caught by a simple thing. So, we go ahead and integrate with your ServiceNow CLM, the contract lifecycle management tool, where we read. And one of the so crazy things I think in cybersecurity and TPRM is the legal team, which is negotiating the limitation of liability, never ever gets inputs from cybersecurity.
It’s so crazy because you might be giving a vendor a $200,000 contract while you’re a $20 billion company, which will cost you $200 million because you’re giving all your PII records or PCI records of your customers. And it’s so crazy that they’re talking about limitation of liability of the contract value.
So, where are you from? What part of the world are you from? And what are the AI-related risks? Are they mentioned in the contract? Where is the domicile of the data? Where will you store it? All of that is something that our contract analyzer is doing.
And by the way, as you would have seen because we launched this a few weeks back at RSA, every GenAI agent is a superhero. So, we actually have these baseball cards. I have 25 GenAI agents and I launch a new GenAI agent every Monday. So, we’ll be doing it throughout the year and every single GenAI agent, so the contract analyzer agent, we made a 30-second movie on that, on how boring and how sad the life of the GenAI agent while growing up it was, and then he became a superhero.
And as they say, the rest is history. So, yeah, just trying to humanize agents.
Managing security changes for business optimization.
33:21.285
[David Spark] If you’re sick of hearing about generative AI, get ready for the agentic AI train. Now we’ve already been talking about this. That’s about to hit business. Heck that’s what Saket is doing right now. It’s not just about to. So, the idea of using AI agents to make autonomous decisions and actions without human intervention offers the possibility to enhance operational efficiency.
I mean, Saket was just showing a perfect example of that.
But there are obvious risks like unauthorized access, bias concern, and figuring out accountability, noted Mark Akins on LinkedIn. So, he suggested strong guardrails, of course, that CISOs should implement for these systems from regular comprehensive risk assessments and continuous monitoring of anomalies to developing ethical frameworks for their deployment and still maintaining human-in-the-loop systems for validating outcomes.
Those sound like a solid foundation and easy to say, but hard to implement. I mean, I always say have guardrails, have guardrails. It’s like when I hear “trust but verify,” they say it, but they never do it, to tell you the honest truth. [Laughter] So, where are we, Andy, with reliable creating standardized frameworks for these systems?
And is there anything out there right now, and what would you like to see?
[Andy Ellis] So, I think there’s a lot of agentic companies who are thinking about some of the guardrails, but in many cases, they’re really thinking about agentic-to-agentic guardrails is what I often see is like how do you protect one agent from another? And I think the guardrails that companies need to have is to say, given an agent, what is it capable of doing and what are its constraints?
And how do I have a human validate that the agent did not operate outside of its constraints and did reasonable things? So, since we just talked about the contract management, is the contract manager just reading the contract and giving me an assessment? Like, that seems like pretty easy guardrails.
It gets to look at contracts. It gets to output an assessment that’s going to give me some risk. And maybe it’s going to suggest to me, “Hey, here’s some contract items that you might want to get before this contract’s closed.”
But I’d be a little more concerned if you said, “Oh, and the guardrails are it will rewrite the contract for you and there’ll be no human involved.” Like, no, no, no. I would like to have a lawyer review the contract. Now, maybe I’ve got an agent that suggests to the lawyer, “Hey, by the way, PII is coming in here.
That’s a $50 million liability, but there’s a $200,000 cap on liability here. You need to have a conversation with the business.” That’s the sort of thing that when you think about guardrails for agentic, that’s what you need to understand is what is the agent capable of doing? What are the guardrails around it?
And how are you providing oversight that it isn’t making business choices for you that are not within the realm you have delegated to it? Because it’s just like an employee. Just like you don’t delegate to your security analysts the ability to spend $10 million. You’re presumably not delegating to your agent the same capability.
But if you let it do it, it’s totally going to do it because it becomes a tool at its disposal.
[David Spark] All right. I throw this one to you, Saket. You are dealing with this front and center. What do you look for or what do you suggest to your customers about guardrails to the systems?
[Saket Modi] I think the whole technology is so new, I don’t know what I don’t know. I think it’ll evolve very rapidly. The unfortunate reality as human race is generally, we learn the most with our mistakes, not by thinking through all the challenges that’ll come along the way. Having said that, adding to what Andy was saying, look, it’s not going to be AI replacing humans.
It’s going to be humans with AI replacing humans without AI. I think we all have heard that many times. And I think those are the guardrails that we’re talking about where how empowering are those AI agents and what kind of decisions do we allow them to do? Are we making them as our informants? Or actually, in fact, our positioning of every AI agent and making them a superhero is for every Batman, there is a Robin.
Find your Robin. That’s our GenAI agents, right? So, you still have the main character, which in this case is the third-party risk management analyst who decides, but they are assisted in the right way.
Now, assistant is not just completion of code or it’s not just something on the fringe. They’re actually doing the work. They’re actually talking to the third-party vendor. They’re actually suggesting, is this a good enough risk to take? What is the industry thinking about? But that final decision, that final button to press, that should be there with the human, at least for the foreseeable future, given the limitations of data and availability of what’s good and what’s not good out there.
So, that’s just how we think about guardrails right now. Again, I am pretty sure there’ll be a lot of bumps along the way, but because the productivity gain very, very, very, very outweighs the issues which will come along the way, at least that’s what it seems like, the juice is totally worth the squeeze.
That’s why we are doubling down on that.
And for the last two years, that’s why you see a crazy growth. In just 12 months, we went from zero to 10 million in ARR in a brand-new category that today is almost like 25%, 30% of our total ARR. And of course, we were, if you remember, David, you came for our Faircon [Phonetic 00:38:41]. We are the number one risk quantification first-party company on the planet today, serving the largest names that you can think of.
And we got the same problem in third-party, but this time we solved it, not just risk-based decision-making, but also automating the end-to-end process with agentic AI. And we think we’ll totally disrupt the market. And there’s a very high chance that we will become the number one player in TPRM in the next 18 to 24 months in the world.
[David Spark] That is some serious confidence. I love hearing that. Awesome.
Closing
39:11.625
[David Spark] Well, that brings us to the end of the show. I want to thank Saket Modi, who’s the CEO of SAFE, for joining us and for sponsoring this very episode of the show. Remember, go to their website to see a demo of their TPRM tool. Again, let me read this again to you slowly, tprmdemo.safe to see a demo of this tool.
See how it actually works the way he was just describing it. See it for yourself. All right. Thank you very much, Andy, as well. But Saket, I’ll let you have the very last word. Is there any offer you would like? I mean, obviously, besides going out to see the demo, but anything else you would like to say to our audience about SAFE?
[Saket Modi] No, we’ve actually made this very, very, very simple to start with because the reality is what I just mentioned almost sounds too good to be true. And I don’t know any TPRM analyst on the planet who would not want to jump on this. It’s basically saying that I will make your life easier while making it more accurate and making it the right thing.
Where do you start? And the start is obviously you can see the demo, but even we’ve got the land pricing to something as little as $5,000 a month. So, you can start as that tiny piece, and that’s for 100 vendors to start with. And then beyond that, we get to a point where it’s flat pricing for unlimited vendors also, so that you can truly scale your TPRM platform.
So, again, 100% automated TPRM powered by 25-plus GenAI agents or GenAI superheroes. And you get to start at 5,000 bucks a month, so that is how easy it will be to land. And if you like it, you can keep expanding on that.
[David Spark] Please check it out. Thank you very much, Saket. Thank you very much, Andy. Thank you to SAFE as well. And thank you, our audience. We greatly appreciate your contributions. Bring in more “What’s Worse?” scenarios. And thank you for listening to the CISO Series Podcast.
[Voiceover] That wraps up another episode. If you haven’t subscribed to the podcast, please do. We have lots more shows on our website, CISOseries.com. Please join us on Fridays for our live shows – Super Cyber Friday, our virtual meetup, and Cyber Security Headlines Week in Review. This show thrives on your input.
Go to the Participate menu on our site for plenty of ways to get involved, including recording a question or a comment for the show. If you’re interested in sponsoring the podcast, contact David Spark directly at David@CISOseries.com. Thank you for listening to the CISO Series Podcast.