Rahul Powar Podcast Transcript
Rahul Powar joins host Brian Thomas on The Digital Executive Podcast.
Brian Thomas: Welcome to Coruzant Technologies, Home of The Digital Executive Podcast.
Do you work in emerging tech, working on something innovative? Maybe an entrepreneur? Apply to be a guest at www.coruzant.com/brand.
Welcome to The Digital Executive. Today’s guest is Rahul Powar. Rahul Powar is a serial entrepreneur, technologist, and leader.
Before Red Sift, he founded App Smartt, which was acquired by Thomas Reuters Corporation in 2012 at Thomas Reuters. He served as the head of Advanced Products and Innovation, and in a previous life, he was part of the founding team and principal technical architect at Shazam. Before the launch of the iTunes app store, he envisioned and created the first Shazam iPhone app.
Well, good afternoon, Rahul. Welcome to the show.
Rahul Powar: Hi, Brian. Thanks for having me.
Brian Thomas: Absolutely my friend. It’s been a while and I hope you’ve been well. I know you were on the podcast previously, and I just really appreciate you coming back and having another conversation and updating our audience, kind of where things are at in your technology career and leading as a leader in your organization.
So, Rahul, I’m gonna jump into your first question. You’ve been part of several transformative technology companies from helping architect Shazam to founding App Smartt, and now leading Red Sift. What experiences along your journey shaped the path that brought you where you are today?
Rahul Powar: Yeah, it’s great. And I think when you put it like that, it feels like a very long time.
But I guess it has been. I, I’m a I class myself as a technologist through and through. I get excited by technology, but I’m not a technologist in the sense I get excited by the technology purely for what it is. I get excited because I think those technologies can have a really transformative impact on people and that’s the bit that has sort of been the common thread across.
All of these businesses that have been involved with in one way or the other. I like to work on problems that are genuinely sort of at the edge of what technology can do. And you know, I think back in early two thousands, Shazam was one of those things, right? The idea of actually recognizing music.
Out in the wild across many lifetimes worth of audio was difficult. But what was really cool was, people really got a lot of value out of this. It it, you know, I still meet people who tell me it’s one of the great experiences of, you know, the apps that they use on a daily basis and, makes them smile and they think that’s really, that’s the exciting part of the technology.
That Apps Smartt, we were building, you know, early natural language. Processing technology to help people understand what content was most relevant to them. And then we later started to scale that up when Thomson Reuters acquired the business. And here at Red Sift, as we get a little bit older we’re thinking about the challenges with technology as it stands today.
The way trust is fragile, the way digital transformation is. Sort of scaling across, across every dimension of our lives, but the security implications of that are not sort of fully understood and fully addressed. So, I think we’re at a point where technology can be part of the problem or it can be part of the solution.
And the common thread is say, how do we take these capabilities that exist and actually make them work for the people? So at Red Sift Cybersecurity, we’re just trying to make that happen.
Brian Thomas: Thank you. And I like what you said about that tech technology can be part of the solution or it can be part of the problem.
And it’s really how you look at that and applying it obviously. You’re, I can hear it in your voice. You’re excited about the technology because it can be a, have a transformative impact on people and in the world. And you are bringing great solutions to the world. And I like that you like to work on problems with technology,
is on that cutting edge of really trying to solve a bigger problem, and I think that’s exciting. So, thank you. And Rahul, at Red Sift, your mission is to make the internet fundamentally safer. What critical security gaps did you see in the Internet’s infrastructure that inspired the creation of the company?
Rahul Powar: Yeah. So, yeah, I think most people, organizations, consumers sort of take, take the internet for granted. But what’s interesting about the history of the development of the internet is it was sort of. It wasn’t really built with security for want of a better word, as a first loss citizen of, of the internet.
Right. It was, it’s sort of being layered on top. So, back, back when we sort of think about the early, early use cases of the internet, they were basically emerged from these interconnected networks, predominantly through universities that need to communicate with each other. And the idea of security was, was very much an afterthought.
And then, come come.com, come the mobile revolution, come, everything else. And the fact that so much of our identity and our business has translated to using the fabric of the internet. We find that security is sort of built in these layers that sit on top of the internet and they’re very unevenly implemented and distributed.
So, basically what you have is an internet that runs on trust layers that were never, never really designed for today’s threat environment. So, if someone sort of drops in and starts using the internet, say, Hey, why are all these things that exist, phishing and zero to exploits and all these other things that sort of seem to be continuously assaulting the safety and, and business continuity of the services that we use and rely on.
It’s sort of because we’re, we’re sitting in this world of this layer cake where. This, this underlying technology, which is incredibly powerful, has basically been patched and adapted to meet the security requirements for modern business. But the reality is most organizations haven’t really adapted all of these things.
It’s, as you can imagine it’s quite complex. And there’s a lot of the internet that just relies on this sort of implicit trust model. And we need to actually start to develop modern. Predominantly automated solutions that help organizations of every kind. And, you know, and obviously at Red Sift, we work across, relatively small organizations all the way to sort of government scale.
So we understand what, you know, the challenges are each, each range of that and, and make those solutions applicable for the, for these organizations so they can effectively level up their security and ultimately lead to better outcomes for their customers, their employees, their supply chain. You know, everyone else who, who relies on them.
Brian Thomas: Thank you. I really appreciate that. You’re absolutely right. You and I remember back in the days of early internet.com, et cetera, and most people take the internet for granted. They think that you know, just because the internet was developed without any real security, they still to this day think, Hey, everything’s fine.
But there are so many layers across the internet that have been patched and adapted for, you know, modern business, making it very complex today, as you said. What you’re doing at Red Sift is you’re developing these modern secure solutions where people can adopt and feel you know, more confident about the work that they’re doing across the internet.
So, I appreciate that. And Rahul, as AI becomes more integrated into cybersecurity systems, how can organizations ensure that automation improves security without introducing new risks?
Rahul Powar: Yeah, so AI is, AI is a, is a very obviously interesting technology because, you know, as a technologist I did not expect the capability that we have today to really happen within my professional career.
I think machines have historically really struggled with a lot of the things that us humans find, you know, very easy to do. You know, for the, for the very longest time, you couldn’t really build AI systems that could, you know, string together a, a compelling sounding. A sentence must much less make judgment calls on, you know, various types of assessments as we do routinely today.
So, I think AI has just sort of emerged as this. Unreasonably powerful and incredibly useful technology over a very short period of time. And I think that has sort of lent the world to many challenges. And then we think about it in, in the realm of security. I think the technology is, you know, poorly, poorly understood.
In completely implemented and introduces new threat models that, you know, most, most users, and most businesses don’t fully understand simply as a function of it being, you know, so surprisingly effective and at the same time being, being under such rapid. Development. So I think when you, we think about the use of ai, I think the first thing to acknowledge is that it is just an unreasonably useful piece of technology for organizations to ignore.
And I think that’s one of the challenges that we have. It’s just so incredibly useful at doing things that are so hard and traditionally so expensive that it is you know, frankly impossible to ignore. You are going to be using and integrating AI into your. Assessment and decisioning workflow in some way or form, whether you’re an individual use user or an organization or a security vendor such as ourselves, who’s building these technologies for other organizations to adopt?
I think the other thing that people have to recognize is it’s actually incredibly powerful, but in ways that machines have always been have always struggled with, you know, like I said before. We couldn’t have imagined that it would be so easy and relatively inexpensive to use AI to build what is, you know, effective human sounding conversation.
But it’s also meant that in speech and in vision and all these things that computers are always struggled with to understand, it’s now actually relatively inexpensive for us to build systems that can work with us in these very important domains of communication. Now, of course the bad guys also have access to a very similar technology, and so we find ourselves in a little bit of an arms race over here where it’s becoming cheaper and cheaper to find and launch attacks and to surveil organizations online and surveil social media accounts online and those sorts of things, which, you know, would’ve historically required a lot of human capital to be deployed now can be done in a very mechanical, autonomous way.
So, it is a contingent on us, as you know, vendors in the ecosystem. And as organizations that are looking to protect the digital assets, to actually look at how do we use these technologies to more cost effectively combat these AB adversaries. Because, you know, I think if we think about this at a global scale, it really is about the economics of this.
If it becomes incredibly inexpensive for someone to launch attacks against you, it has to be equally inexpensive for you to defend against them. Because if you if you’re not able to get that. Economic equation, right? That you are structurally at a disadvantage. So, you know, I think it’s very important that we’re quite you know, frankly aggressive about the adoption of these AI technologies.
But along with that comes a whole new set of risks. You know, they are not perfect machines in the same, we’re human beings are not perfect machines, right? AI is AI is, uh, vulnerable to very types, types of attacks that are specific to ai. AI is extremely powerful, but it is not without fault or error.
So how do you set up the right guardrails so that you can use AI to amplify judgment, not necessarily replace it? And I think, you know, your question is, is very timely, but it’s, it’s also probably a little bit complicated right now because I don’t think we have all the answers, but I know that we’re on the journey of actually understanding these systems better and implementing them and finding where they work most effectively and where they break.
Brian Thomas: Thank you. I really appreciate that. And I would totally agree with you. You know, we’ve been in technology a lot of times or for a long time, Rahul, but the last few years, technology has really advanced faster than ever before with this proliferation of AI. And as you mentioned, AI is unreasonably useful and a powerful technology that organizations, it’s just impossible to ignore.
People need to start to adopt this at the business and personal level. Obviously just to get ahead, but now the bad guys have this technology as well, and they’re trying to penetrate businesses and again, disrupt businesses or obtain financial information or funding for that matters. So, I appreciate your insights.
And Rahul, the last question of the day as we look ahead, how do you see the future of internet security evolving over the next decade? And what role will proactive infrastructure and AI play in making the digital world safer?
Rahul Powar: I think, predicting the next 10 years from where we are today is, is a bit of a challenge, but I’ll give it a go.
I think, like I described before, you know, clearly. Everyone in the digital space is, you know, predominantly using knowledge work in some way or form, right? We are. You know, we’re not, we’re not physically building houses. We’re using digital technologies to sort of transform intelligent intelligence into some sort of like, business outcome.
And clearly AI is the new machine that we’ve created that, you know, effectively turns energy into some form of intelligence. So, it’s pretty clear to everyone in the industry that, you know, AI is gonna be a very sort of important. Arguably the foundational component for the way we build, deliver, and secure services over the next 10 years.
But that means that everything effectively starts to move a lot faster and everything is a little bit less deterministic than it is today. So, you know, I think one, one reasonable example of that is that, you know, the organizations have traditionally thought about their security.
Infrastructure as the per sort of perimeter and you know, that’s on the outside and then everything on the inside, you protect it in a different way. Clearly as you have these sort of, sort of intelligent machines and intelligent agents scattered throughout your organization and throughout your entire business process, you clearly have many different boundaries in your infrastructure now that you know, didn’t have five years ago.
So it’s. It’s clear that the perimeter of an organization will sort of matter less and trust will matter a lot more. So, you know, how are all of these human agents and AI agents, Secured, what sort of data do they have access to? How, how do you enable the right guardrails that allow them to move at pace while at the same time having characteristics like being auditable and being able to be replayed and sandboxed appropriately?
So all of this points to the fact that security is gonna become more of an architectural piece. Then a reactive piece. And I think that’s quite important because, you know, in our industry, in cybersecurity, there’s been a lot of focus on sort of like breach detection and response, which is clearly very important because when bad things happen you need to know what it is you’re doing.
You need to contain it, you need to measure it. But I think as we move to a world where everything happens at, you know, for want of a better word, AI speed, your infrastructure needs to be architecturally ready for the threats that come because things will be too noisy and too fast for you to just respond to things.
So that’s why I think fundamentally in our industry, security’s just gonna have to become a much more proactive and preventive. Process and that requires a basic architectural rethink to say, how are we going to harden our attack surface? How are we going to discover everything that’s important to us, all the assets, all the data, and how are we gonna keep that?
Inventory effectively up to date on an ongoing basis. So, there’s a whole new dimension of complexity that I think is going to appear in the way security team thinks about architect, about security architectures. And of course, as all of this becomes, you know, more commercially relevant, you know, for every kind of business, you know, every kind of business can be digital in some way or or the other.
It’s going to become a much more important, you know, executive and board level issue to say, you know, how are we on top of. All of these security risks, how are we actually progressing our security architecture to be ready for, you know, what comes in the next two to five years?
Brian Thomas: Thank you so much. I really appreciate that.
And I know you mentioned you don’t really have a crystal ball prediction in the next 10 years, especially in this age of ai, but you did mention AI will be the technology that humankind will be leveraging the most to, to build and advance technology and business ecosystems in the future, obviously.
But from a security perspective you talked about, you know, perimeters are gonna matter less, right? More fluid, more dynamic, but trust will matter the most. Our infrastructure needs to have that be architecturally sound and ready and have more proactive and preventative processes in place. As you know, it’s challenging in this cyber world we live in, especially with this proliferation of ai as you talked about.
So, Rahul, I really appreciate that and it was such a pleasure having you on today, and I look forward to speaking with you real soon.
Rahul Powar: Absolutely. Thanks Brian. Appreciate the conversation.
Brian Thomas: Bye for now.
Rahul Powar Podcast Transcript. Listen to the audio on the guest’s Podcast Page.
