Aaron Painter Podcast Transcript
Aaron Painter joins host Brian Thomas on The Digital Executive Podcast.
Welcome to Coruzant Technologies, home of The Digital Executive podcast.
Brian Thomas: Welcome to The Digital Executive. Today’s guest is Aaron Painter. Aaron Painter is a CEO of NameTag, an identity verification company that stops social engineering attacks at the employee IT help desk. Having lived and worked in six countries across four continents, Aaron exemplifies a new generation of global leaders.
In his 2017 best-selling book, Loyal, he describes his key to leadership, fostering a culture of listening. Through codifying and implementing a business framework of listening, Aaron has built success across the world. Aaron is a Fellow at the Royal Society of Arts, Founder Fellow at OnDeck, A brain trust advisory board member at Silicon Valley Bank, a member of Forbes business council and a senior external advisor to Bain and company as well as was named as the AWS 2019 consulting partner of the year for his work at cloud reach a frequent media commentator.
Aaron has appeared on Bloomberg and cheddar news and is also an active speaker, advisor, and investor to companies that are pursuing business transformation. Well, good afternoon, Aaron. Welcome to the show.
Aaron Painter: Thanks, Brian. I’m excited to be here.
Brian Thomas: Absolutely. This is so fun. Best part of my day is doing a podcast.
So again, appreciate you making the time jumping on and let’s get into a great conversation here, Aaron. I’m gonna ask you a few questions, but the first one is, could you share with us your journey that led you to become the CEO of NameTag? Especially after such a diverse international career.
Aaron Painter: Yeah, thank you.
I spent almost 20 years living and working outside the U. S. I was CEO of a company based in Europe that was kind of Amazon’s largest partner on cloud computing and transformation. And I moved to the U. S. just at the start of the pandemic. I moved kind of back home, so to speak, to Seattle. And very quickly at the start of the pandemic, you might remember, but so many things started just moving digital only.
And I had a bunch of friends and family members who had their identities stolen. And I said, you know what? I’m going to be a good friend. I’m going to be a good son. You know, I’m going to jump on the phone with you. We’re going to call customer support people. We’re going to straighten this out. And of course, when we call to verify that it was us, they often asked a couple standard sort of, quote, security questions, maybe an experience we’ve been familiar with, all of us.
And we realized that someone else had called before us and answered those security questions using kind of our answers and was able to take over the account. And sort of just struck me as crazy that in today’s day and age, you know, particularly then as felt like the world was falling apart, but we needed our accounts, our digital accounts more protected than ever.
And there was this sort of backdoor that existed because whenever you, you know, however many layers of security someone put on an account, we’re going to set up two FA multi factor authentication, authenticator apps, SMS messages, whatever it might be. It was simply far too easy to call customer support, say you were the account owner, maybe you’re locked out of whatever that login mechanism is, and then to take over someone’s account.
And so it was this deep kind of personal need and pain I was feeling to say, gosh, there has to be a better way. And ultimately that that’s what led to NameTag.
Brian Thomas: That is, well, we all have unique stories on the podcast here, but that really touches us because we’ve all had some sort of, even a near miss, but I know just like you, family members that have been scammed or money’s been taken and we need to make this a better, better world, safer world.
And with your help, we’re going to do that. So, I appreciate the story and Aaron jumping into the next question here. You’ve worked again, across various continents, how have your experiences in different countries influenced your leadership? style, particularly in fostering a culture of listening, as you described in your book, Loyal.
Aaron Painter: Yeah. Well, in about 2017, I was living in, working in China. I had the privilege of running Microsoft’s enterprise business in greater China. So, for about five and a half years, most of it in Beijing. And there were all these Chinese companies that were kind of becoming big and going on the global stage.
And I at first was nervous because I said, you know, I don’t speak Chinese fluently. I kind of get enough to get around. I’m nervous to go talk to these people in these big, you know, state owned enterprises and multinationals. And I quickly realized They were excited to talk because so much of my life and career had been in other countries, and people were really eager to learn.
And I said, all right, how do I go learn when I don’t speak the language and I want to sort of add value to these conversations? And quickly, I learned sort of the best technique was often to try and listen. And whether that was listening through body language, a little bit of help of translators, maybe understanding some words and us kind of getting by and whatever.
You know, English, we could rummage together. I was able to learn a lot of what people were thinking about and ideas they had. And by me listening, they also felt respected and like their views and opinions mattered. And so, I ended up writing this book in 2017 about listening. The title was Loyal, Listen or You Always Lose.
And it was this concept that when employees in particular feel like their voice matters or they feel heard, then they engage with customers differently because they’re getting that customer feedback, the customer knows that their opinion matters, and the employee is hunting for that feedback because they know when they go tell their management what they heard.
you know, they’ll be heard too. And so, it’s kind of this fortuitous cycle. And I’ve always felt like listening was core of that. Now, interestingly, in NameTag, of course, there’s a lot of our internal culture that we try and subscribe to there and ways we try and innovate there, particularly with all remote teams and things.
But for us, it was really formative because we had an early sort of advisor is really, is chief security officer at a large company called HubSpot, really innovative in the marketing automation space. And, you know, Eric, the advisor said, hey, you know, you. Folks had built this really interesting and secure way to do identity verification, right?
We marketed at the time as kind of knowing who the human is behind the screen, particularly let’s say at those high-risk moments when you’re calling customer support, or you’re locked out. But he said, you know, at HubSpot, for example, we have a bunch of users who, you know, we’ve tried to increase security of their accounts.
We’ve put on multi factor authentication, but they get locked out. And they get locked out in actually pretty high numbers. And so, we said, hey, can we use NameTag to verify who those customers are when they call and they want to access their account and their other methods aren’t working? We said, oh, that’s kind of a really interesting scenario.
It was sort of focused on the help desk. It’s focused on those customer support scenarios. And we did and we started doing that. And, you know, they’ve had amazing things. HubSpot, it’s now really cool. It’s kind of in their product. It’s now fully automated. So, if you can just simply click and say, I’m locked out.
You don’t actually have to call customer support anymore. You can go through a nametag flow and kind of reset your credentials or your access. And that took us into this really interesting space with a bunch of other really big companies that also had their customer accounts that they needed to protect.
And then we had one customer actually was really interesting. Another really big social media platform that said, hey, we’re actually worried about our employees. We’re worried about our workforce, because people are calling the helpdesk, pretending to be an employee, and they’re trying to take over an employee’s account, because if they do that, they sort of get the keys to the kingdom, so to speak, and can go cause a lot of havoc, you know, ransomware, data breaches, and other things.
And so, we helped them create this really interesting way to solve that using this sort of nametag solution that we had. And then late August happened. And in late August you might remember sort of MGM became very well-known because some bad actor went on LinkedIn, spent a few minutes, researched an employee, called the MGM help desk and sort of social engineered their way in.
And then it turns out that happened to Clorox and MGM Caesars and now hundreds of other companies in just the last few months. And so, we’re able to use that concept of listening, right, where someone gave us a really good insight and said, how can we adjust our product to solve a problem that coincidentally is now a problem a lot of people and a lot of companies are facing.
Brian Thomas: Yeah, absolutely. And I love that that you’ve you got down to business to help these customers out with the problems they were having. But yeah, the social engineering is gone to a whole new level. It’s just crazy what people are doing to get in and get a compromise account. So, appreciate the share really, really do.
And Aaron switching gears. Let’s talk about You know, your identity verification here, you’ve chosen to focus on a pretty unique angle when it comes to identity verification, social engineering attacks, and protecting employee help desk. Why this focus?
Aaron Painter: It felt like the way we could have the most impact.
I, I, fundamentally we have all these great new innovations in technology, and yet we’re still using things like security questions when somebody calls and says they’re locked out. And it’s become sort of the ultimate backdoor. And frankly, following this MGM and Clorox and other hacks, this one particular group and others that are following them they’re using this to such a degree that it’s become an epidemic.
Right. I mean, companies were getting multiple calls, emails a day from companies saying, look, I just got hit. I just got breached. I’ve got, I maybe I just squeezed by, but boy, this was a close call. And what we’re realizing is sort of what Okta and Gartner, and now everyone else is coming to say, which is, you know, this social engineering at the help desk has become the ultimate backdoor to get around account security.
So, we’ve said, hey, if we can have this mission of protecting accounts, stopping social engineering, stopping the ransomware and data breaches that flow from it, and actually ending this world of security questions, we can make a massive impact on helping people be safe online and ultimately hopefully stop these sort of account takeovers that have just become too rampant.
So, we felt like it was a really novel, but very high impact way to apply this is this really unique technology that we were able to build.
Brian Thomas: Thank you. And I appreciate that. You know, sometimes we try to really address something, not the problem with maybe technology or solution, but you guys went down to the root of it.
And I can tell you right now employee help desk is really a big target right now. And I’ve, you know, as a CIO, I’ve seen. This happened to our help desk many times where people tried to social engineer their way in. Luckily today, we’ve been lucky, but I can tell you, this is always a scary moment.
So, thank you for that, the share. And then last question of the day, Aaron, looking ahead, what is your vision for the future of online identity protection? And how does name tag plan to evolve in this rapidly changing digital landscape?
Aaron Painter: Yeah, our goal is to end the social engineering attacks and protect the help desk, secure the help desk, as we often say now it feels like this low hanging vector and there are many, many other things you can do when you give particularly employees or customers a sense of reusable identity verification.
That’s frankly not built the way that the industry grew up, which is around know your customer or financial regulatory compliance, but focused on security. And when you can offer a really secure way to verify who a person is, using a flow that might be similar to that Know Your Customer experience, as far as the end user is concerned, but in a much higher fidelity way.
We happen to use mobile phone technology, which gives us the benefit of cryptography and AI. And so, it, it’s just a fundamentally different way to do what’s otherwise a familiar experience. We feel like that can lead us down this path and just massive impact towards our mission of, you know, securing the help desk.
Thank you. I
Brian Thomas: appreciate that. And again, we have to be one step, sometimes two steps ahead of the bad guys in order to protect our safe spaces. And that’s one of the things that you’re doing is leveraging that technology. And I appreciate that. Love what you and nametag have done thus far.
And I can’t wait to hear more. Aaron, last thing, it was just such a pleasure getting to meet you today. And I look forward to speaking with you real soon.
Aaron Painter: As often my favorite 10 minutes of the week. So, thank you for all the great work you do in this podcast. And it was an honor to be on today.
Brian Thomas: Absolutely. Bye for now.
Aaron Painter Podcast Transcript. Listen to the audio on the guest’s podcast page.