Transcript
that poses and opens up the door for cyber security risks to grow. So what do you do with that if you've now got Chinese companies on the front foot as well? Yotam Segev is the co-founder and CEO of the cyber security start-up Syera. Good morning. Good morning. Nice to see you. If the Chinese get hold of US technology out of the labs that we're seeing coming out of the United States, the Frontier Labs, closed source, highly advanced technology, do they become a bigger threat going forward? How do you think about this epic arms race that is being fought between the United States and China when it comes to the cyber security story? Certainly. And I think we've all seen the steps that the US government has taken to try to delay that from happening. The same time, it's an eventuality. It will happen sooner or later. The technology will be prevalent and will be available to many, many people in all countries. And I think that this is really a time to double down on the defenses and make sure that our organizations, our governments, our companies are setting up the right foundation for success to really protect themselves from this eventuality. How does that work? Because you have really advanced models that are capable of finding flaws in current security that is being used. And I'm wondering how, as a cyber security firm, you deal with that. The models are so good at finding the threats. Can you stay ahead of that? How do you stay ahead of that? Is it possible to plug all the holes? So first I have to say that it's even worse than that. OK, great. Excellent. I think mythos and the whole vulnerability story is a super important story for society and for organizations. But it's only the first chapter in the book. The book has many more chapters that are going to unravel over the next few years. And they're going to challenge every aspect of cyber security as it has been done before. And every aspect of cyber security is going to need to reinvent itself of IT management, IT hygiene, and things that we were able to get by with are just not going to make the cut anymore. Organization. Is this a fund? I just want to, in terms of in terms of framing this, are we are we right now in a fundamentally new era when it comes to cyber security then? Absolutely. I think we used to fight humans and now we're fighting machines. We're living in the Terminator movie and we better get ourselves ready because it's going to be a much, much more intense battle. So if mythos is chapter one, we have many more chapters to come. Mythos is both defensive and offensive. On the defensive side, why wouldn't enterprise use mythos for defensive capabilities instead of using your product? What is your moat if these models keep improving? So defense, when done well, is done in depth. You need many, many layers of defense in order to really achieve security. Any layer by itself will always be unsatisfactory. So Sierra is focused on the data identity and agentic layer. That is a completely different layer than the vulnerability and infrastructure layer which mythos deals with. All of our customers need both. They need to be able to protect their infrastructure and as they have been doing and are doing, but they also need to be able to protect their data, to monitor their AI, to control what AI sees and what AI does. That is a completely different challenge than the one that mythos poses in front of them. It's going to be critical because the attackers are no longer human. If a human used to stumble into an organization from a cyber perspective, start to look around, learn at a human pace, reconnaissance, understand what they're trying to achieve in that organization, today it's going to be an agent doing that. It's going to be doing it so much faster than what our defenses were built to deal with that you have to streamline, you have to automate a lot of the fundamentals of cyber security that we used to handle manually. They're all going to have to become fully automated, fully agentic because only machines will protect us from machines. It's not going to be, we're not going to be able to keep up as humans. There's a tension as well, isn't there? Because the enterprise customers that you have and your customers includes the likes of AT&T, Peloton, Nordstrom, Chipotle, they need to adopt AI very quickly, but also they need to assure that adopting AI and particularly agentic AI is not going to compromise their data and their cyber security. So you see those companies, our enterprises generally, you're seeing a slowing in terms of their ability to adopt AI because of those risks. Certainly, and when you think about this whole AI revolution we're living with, it's so misleading because as consumers, as individuals, we have the power to use the technology as we wish all the time. But when you look at that technology as it comes into play in a big organization with sensitive information, with customer information, with intellectual property, with regulation, it's a completely different world to actually implement and get this technology to deliver value in a way that we can trust. Trust is the missing layer for AI and when I look at Sayera's role in the market, it's to provide the infrastructure for AI adoption in the enterprise. That AI infrastructure is the ability to trust these agents, to trust these AI technologies and that trust today is missing. It's not there. Is this industry under-regulated? Is AI under-regulated at the moment? I don't feel like AI is under-regulated. I feel like the companies understand the risks very well and are taking significant steps to make sure that they're doing things in a secure and responsible way. I'm not sure that regulation is the best driver to get us there. The reality of the friction with the attackers, the ability to lose sensitive information, the ability to create production outages, the risks of AI adoption are so real and so tangible to these organizations that they're taking the steps that are necessary, even without regulators forcing them to do so. The risks sound absolutely enormous and we're talking about critical infrastructure here, we're talking about corporate data, we're talking about personal data, health data, all those kinds of things feel like they're very exposed at the moment. If this is chapter one of the book, what does chapter three look like? What does the end of the book look like? Where are we going with this? Because the rate of change, the second derivative on this feels like it's picking up. So how quickly are we going to get to chapter two, chapter five? How fast is this going to evolve? I think it's going to evolve at the pace of AI and we've seen that pace so far. It's a very, very rapid pace. At the same time, cybersecurity is a maturing industry. There is some maturity in it already and we know how to do this. We don't need to reinvent the wheel. Everything is known. It's hard work. It takes a lot of investment. Mostly what we need to see is we need to see the mindset for enterprise leaders, for government leaders, that investment in AI has to go hand in hand with investment in security. If you're going to invest $100 million in your AI transformation initiative and none of that is going towards up-leveling your security, the gap is getting wider and wider. If I'm investing $100 million here, what kind of numbers do I need to invest? CEOs are watching this, are they underspending at the moment? I'm sure you're going to say yes. Definitely. No doubt about it because the investments in AI are coming on top of many of the existing IT investments. We're seeing these massive AI transformation budgets. I was just here in Europe, Paris, Frankfurt, London, meeting with the chief AI officers, chief data officers that are getting to drive these organizations into the AI age. They have access to a lot of budget, but the CISOs, the chief information security officers are not getting that budget easily. They need to adapt to a world where the attack surface is growing tremendously. There's so many new risks being introduced into the organization at a rapid pace, and they need the help and they need the ability to deal with that. Can you give us some concrete examples of where some of the most obvious vulnerabilities are right now? If you were leading an enterprise right now, what would be keeping you up at night in a real sense? I'll give you one example that we're seeing constantly. You roll out AI in the corporate sense. Microsoft Co-Pilot, Gemini, Claude Kowalk, Chachipiti with access to your data. You think about it as a corporate capability. My employees will be more efficient, they'll use these capabilities. The distance between the corporate side of the house to oftentimes the operational technology, the critical systems, in banking, critical trading systems, in other critical infrastructure literally the operational technologies that run those services, the distance is almost non-existent. The AI can and is touching those systems very quickly, so much so that we're seeing organizations telling us we rolled it out and we rolled it back because we got scared. It was too close. We didn't feel like we had the right controls in place, and we had to roll back and re-evaluate before we take the next step forward. So security today is absolutely a challenge that needs to be overcome for these organizations. It's also an opportunity. I think that AI can lead us to a world that is more secure, not to a world that is less secure. But it requires a change of mindset. If we keep doing the same things, we're not going to get there. The good guys can win. The good guys can win. Okay. Yotam, thank you very much indeed. Yotam Segev, Co-Founder and CEO of Sierra, recently raised $600 million, valued at about $12 billion.