Our special guest this week is Ryan Noon, CEO of Material Security. Material Security reduces the risks of email hacking. Email is an essential repository of sensitive content, the key to countless accounts, and the most ubiquitous business application. When attackers have multiple ways in, blocking messages is no longer enough. Material protects accounts even after they’re compromised or harmful messages get through.
Customers include Cloudera, Lyft, Sonos, PagerDuty, Databricks and others. The company is backed by Silicon Valley legends inside and outside the security community,and has raised venture capital from Andreessen Horowitz.
Prior to Material Security, Ryan was the founder of Parastructure, which was acquired by Dropbox. Ryan is an angel investor, and holds a BS and Master’s in Computer Science from Stanford.
Our special guest this week is Ryan Noon, CEO of Material Security. Material Security reduces the risks of email hacking. Email is an essential repository of sensitive content, the key to countless accounts, and the most ubiquitous business application. When attackers have multiple ways in, blocking messages is no longer enough. Material protects accounts even after they’re compromised or harmful messages get through.
Customers include Cloudera, Lyft, Sonos, PagerDuty, Databricks and others. The company is backed by Silicon Valley legends inside and outside the security community,and has raised venture capital from Andreessen Horowitz.
Prior to Material Security, Ryan was the founder of Parastructure, which was acquired by Dropbox. Ryan is an angel investor, and holds a BS and Master’s in Computer Science from Stanford.
It's the Next Wave Podcast episode 36. I'm James Thomason here with your co-hosts Dean Nelson and Brad Kirby and hanging out of the studio today is Laura Roman. Our special guest this week is Ryan Noon, he's CEO of Material Security. Material reduces the risks of email hacking. Email, of course, is an essential repository of sensitive content, the key to countless accounts and the most ubiquitous business application in the world. When attackers have multiple ways in, blocking messages is no longer enough, Material protects accounts even after they're compromised, or harmful messages get through, and their customers can include Cloudera, Lyft, Sonos, Pagerduty, Databricks, and others. The company is backed by Silicon Valley legends inside and outside the security community and has raised venture capital from Martin Casado and Andreessen Horowitz. And prior to Material Security, Ryan was the founder of Parastructure, which was acquired by Dropbox. He's an angel investor and holds a BS and MS In Computer Science from Stanford University. Welcome to the podcast, Ryan.
Ryan Noon:Hey, y'all. It's great to be here.
Dean Nelson:Excellent. And my fellow California. Yes?
Ryan Noon:Currently, I mean, at this point, I kind of have to be a California I guess, like the Midwest will no longer have me.
Dean Nelson:Ohio has gotten rid of you, apparently. Well, how did you how do you go back there?
Ryan Noon:They're like, get out of here, California. And then I'm here. And I'm like, No, no, the Midwest is where the real people live. And the Californians are like, shut up. So I don't know, man without a region.
James Thomason:California is like the event horizon for tech. Like you move here and then you try to move away and then you come back and you just there's no escaping.
Ryan Noon:Yeah, it just sucks you in. It's like the Yeah, mob movies, basically, except with better weather.
James Thomason:You can check out but you can never leave.
Ryan Noon:I believe I heard that in a song somewhere. Something involving some sort of Airbnb. I think.
James Thomason:I wrote that song. I can't back that up, actually. Okay, so you and Laura have known each other for a while, right?
Ryan Noon:Yeah, she was actually my teacher at Stanford.
James Thomason:Laura was your teacher? No way!
Ryan Noon:She taught me to communicate. I was even worse before I met her.
Laura Roman:Haha, yes, I will confess that we tortured Ryan, with Aristotle and rhetoric courses in earlier parts of his undergraduate career at Stanford, but it's so awesome to see you again. It's been a while and been following the great work you're doing leading on from Stanford days. So tell us about Material Security and how you got the idea for it.
Ryan Noon:Sure. I mean, when you go to Stanford, they kind of make you start a company when you graduate. It's like you don't really get to graduate until you go and raise venture capital or whatever. So I kind of fell into startups just during during grad school. I was like working at one, you know, to pay the bills while I was in grad school. And then when you're early at a company, you start one, when that goes, Well, you start another one. And then you start another one, and you start another one, you guys know how this is, it becomes a way of life and you become otherwise thoroughly unemployable. So this one Material Security is hopefully my like magnum opus, or whatever we got started after the 2016 election hacks. And we've been going basically, since you know, 2017, fully incorporated, big company now, I guess. And the point is, basically, technology can really mess things up. Sometimes, you know, we like to focus on the good that it does, but like we kind of now know that it's a double edged sword. And cybersecurity is exactly that the entire field is basically cleaning up for the rest of technology, right? Like we make these computers do useful things. And then the cybersecurity people have to figure out how to make them do useful things that don't mess with the election, things like that, like undermine the entire civilization, you know, just like super minor cleanup crew for the rest of the tech industry. So I don't know, I'm kind of into being a societal cleanup crew right now. It's like pretty fun. It's pretty rewarding beat selling ads. So you know, so we do it. And I just had an idea for how to protect the the guy that got hacked in 2016. Most infamously, was Hillary's campaign chairman, the john Podesta guy. And so I had an idea. Well, like if this existed, it could have protected him, right. And so we made it, it works. We generalized it, we sell it to businesses, we've raised a ton of money. We have a bunch of great customers, and it's a good living. It's honest work, I think, How much have you raised by the way? Well, there's always what you can say publicly versus what you can't say publicly. But publicly, we've raised $22 million. So yep.
James Thomason:Excellent. Excellent. And got 22 and growing. Yep.
Ryan Noon:And then we make a lot of money. Now two, which is actually awesome. Like fundraising. That's making money. That's really cool. I heard that's important. Never get to the making millions of dollars phase. And it's really quite nice. Like, I highly recommend anyone who chooses to ever have a revenue stream, like really get on that. It's super cool.
James Thomason:I don't know. But first of all of startup companies, as customers will only get in your way. They'll just slow you down. Yeah, we need to iterate really quickly. No customers.
Brad Kirby:That wasn't your first startup either. Right. So you found a pair of structure before that?
Ryan Noon:Yeah, that was I kind of got obsessed with data analysis, among other things. And so speaking of rhetoric, and Greek and Latin bases, that company got named because I was like, well, I want to work on like unstructured data, but it's not totally unstructured. There's a little bit of structure. And so like pa ra is like the prefix in I guess Latin for like auxiliary like Paralympics or paramilitary or parasailing or whatever I was like, let's call it para structure because that domain is available. So anybody who's ever trying to name a startup, go and get the like AP English list of Greek and Latin prefixes and suffixes, and then just pick a word and then glue it on like Legos. And like the domain will be available, it beats like taking out the vowels or whatever other abominations people do to name their companies. So it makes it makes your name way too long. And people are like, what that name is 12 characters like I'm not ever typing that. I hope you can Google it, but it's like, like the flicker thing. That's what I was in being an acronym. That's honest, that's fine. But when you're like, you pronounce it like flicker. But there's no E, I think that's where you're doing a major disservice to people with yours. With the IRS? Well, we
James Thomason:demanded to have a four character startup name, so we're at gx, which is edge x, which is one of those bastards decisions are talking about. But it also includes an amalgamation of the founders names. So it's Doug, James, john Delano and Mike, we consider an Ian horizontal M. And that's kind of how we how we honed in on that. And there turned out to be a bunch of other objections, which of course, it's terrible reading. But anyway, back to you. So do you know anything about we're sitting here on the end, the tail end of the colonial pipeline hack, there's just been a huge lack of huge disruption to the gas supply chain on the east coast. I've got some family who's trying to fly from the East Coast back to the west coast now. And they're having trouble feeling jets in some places still, what do we know about that? so far? Do you know anything?
Ryan Noon:I mean, I know what's been, like reasonably reported by the smart people, and then the meta conversation in the dark circles of the security industry around it. But I mean, I think the most interesting thing about this is people are viewing it as like, you know, an attack on national infrastructure. And a lot of the like, you know, large scale society wide conversations we have or like, what if Vladimir Putin took down the power grid. And so this like, neatly fits that narrative for people, but it was just some like greedy people in Eastern Europe or whatever, just trying to get paid like $4 million dollars, right? I think it's always tricky is like, you know, you realize that you're vulnerable on these things, not because like judgment day comes and Vladimir Putin comes for you. But because some idiot got lucky. And you're like, Whoa, like, we're that insecure? You remember the Twitter hack last summer, where all these password reset emails were abused, which, incidentally, is something that my company's product cares about, you know, Twitter is something that needs to be protected as national infrastructure, sadly, at this point, you know, but like, everyone's like, Whoa, like you reset brock obama's like Twitter account, oh, my God, like you could end the world as we know it. And all they were doing was like trying to get small, popular Twitter handles, so they could like resell them. It was like, you know, some hobbyist people that are trying to squash short Twitter handles. And you're like, if those people can find the hole, like oh, my God, imagine what the people who are good at this stuff. So it's, it's one of those like, thank God, they weren't trying to take down the country, but like, Oh, my God, does this mean, it's that easy to take down the country. And the other thing that's interesting about this hack is that it's ransomware. And so they actually just encrypted a bunch of business systems. And then the pipeline people themselves are the ones that shut the pipeline down, because they're like, well, we can't do billing, we don't want to run the pipeline. So it's sort of like, if this thing is this important to the country, then like, clearly missing a couple orders and having like your Excel documents be like temporarily disadvantaged doesn't mean you have to stop the oil from going it wasn't like they targeted microcontrollers in the oil pipeline, like it was it was a front office hack, you know. So I think there's this, like any big bad thing, it raises more questions than answers when you actually read about it. But it's a there's been a lot of these just really big society wide tax in the last in the last year. Like it's, things aren't getting better. Like I'm here from the security industry. I'm a founder and I'm an optimist, because you kind of have to be if you're going to start companies, you guys know how this works. But yeah, it's just it's not getting better, like the White House press secretary is like telling people to patch their Exchange servers. Like that's not what progress looks like. awareness, I guess, is the first stage of progress. But I wouldn't exactly call it progress.
James Thomason:So it's interesting. This isn't like a sophisticated ransomware attack. When I first heard the story in the pipeline shut down. I thought it was like, okay, what's one of the Israelis have hacked the Iranian uranium enrichment facilities and shut down the tumblers and like, Oh, my God, this must be state sponsored attack. But no, it just turns out to be script kiddies in the front office, run of the mill 100 times a day ransomware attack and they haven't hit the jackpot, which they said initially, we didn't pay ransom. We would never pay ransom. And then like two days later, like, No, we totally paid all the ransom. So the party the back. I think that's hilarious. Yeah, that's sad.
Ryan Noon:It's sort of like the obvious questions that a lot of this ransomware stuff is like, didn't you have backups? Weren't they separate from the other systems? So like, it's like, it's interesting that people get so thoroughly owned, that they really don't have offsite backups, like the ransomware person either got to them or you didn't have it. backups. Because the ransoms are two part, right? You're paying a ransom to get your data back. And then you're also paying a ransom for them to theoretically delete their copy or whatever. And that first part, it's like, how did you not have backups? You know, when we were at Dropbox, we built a feature in appropriately named hack week. It's actually for like making new things, not hacking things, right. It's the good hack, not the bad hack. And it was like, detect if the entire Dropbox just became random bits, because you know what random bits are encrypted. And if someone's entire Dropbox just became extremely high entropy random data, then maybe send them a little pop up saying, it looks like you just got ransomware Would you like to undo it? Click here, you know. And so it's interesting that the enterprise backup story is so bad in most of these companies, I think there's maybe more to the story of like, the shortest path to getting it actually decrypted and they know exactly how they did it, and whatever. So it's time is money. And, you know, restoring for backups is hard. But like, if one individual getting ransomware, it can be a click away in a Dropbox or OneDrive or a Google Drive then like you kind of want like the enterprise software industry to take this seriously from a backup and restore and like operational Juju perspective, like that would be an improvement.
James Thomason:So as an ops person and security person, sometimes I have these recurring anxiety dreams where I'm working on my laptop, and my dream, and my laptop has been compromised by like a group of remote hackers, and they're just screwing with me horrifically, they've owned everything. They're killing windows and stuff like as I'm trying to work and killing terminal sessions. And it all harkens back to the days like long time ago way back in the day where where there were different groups of us doing mostly creative things on the internet back before that kind of stuff was illegal. So those are like more memories on the our dreams maybe but hasn't happened a long time. Do you have dreams like that ever dream that you're like, completely freaking owned and you've completely forgotten like the command line and have no idea how to help yourself? You're just like a helpless SAP. Your windows are closing your computers crashing? Yeah, well,
Ryan Noon:that's kind of like when I try to use Snapchat and Tiktok and clubhouse and stuff. Like I don't know how to use anything that's new. So I think it's it's sort of like a grandparent simulator maybe is like, what your dream is, like this computer. What is it doing to me? Right? But not I mean, you think about like your digital life, right? Like, we protect, you know, personal email accounts, we have like a, you know, a whitelist and we protect a bunch of people right now just on their personal accounts, because they've got their whole like life in it. You know, like you I've had a Gmail account since 2004. You know, the actual original beta when like, the beta was not just 10 years of being in beta, and everything's in there like I'm a hoarder. I like it that way, you know, and so if like, just there's even simpler horror stories here like Google, you know, Miss flags, some thing you post as an abuse of their services and they lock you out of that personal Gmail account or whatever right? Imagine all that data is gone. You can't sign into anything you can't even like tell people that this happened to you right like this gets into like, is it a good thing that we have multitrillion dollar companies that are essentially operating our entire passport of our digital life? You know, I don't know that's maybe more of an interesting question for whatever tech forward regulator or legislator but like Yeah, man like you, you could disappear on the internet really, really, really easily. And it's just now more than ever like that is you know, I don't need my car. I need my gmail account. You know, I have nowhere to go in my car. I've everywhere to go in my gmail account.
James Thomason:On the internet, no one can hear you scream That is until the hackers take a video with your own camera and upload that to tick tock
Ryan Noon:tick tock. Tick Tock. Is that a new one or is it Tic Tac? Oh my god. I just did the like thing that old people do where they mispronounce things. For me, yeah, we should go for that. Yeah. Damn, kids on the tick tag. used to be called the facebook.com. Okay.
Brad Kirby:Ryan's around my age. So he must add Facebook. Right, Right back at the beginning to Yeah, it was like cool to have Facebook like you got your college email and then we can easily Yeah, exactly.
Dean Nelson:status symbol. We recently deleted
Brad Kirby:Facebook. It's the end of the era. We made a pact in late 2020 that we would delete it. And so James and I have been completely off Facebook for months now. Oh, I'm so proud of you, Laura. And I don't get me on WhatsApp though. If you need to contact me. For one less thing to steal until I have to sign their terms of service then
Ryan Noon:I'll truly be done with Facebook where nobody says Happy birthday to me on Facebook. On my birthday. It's down to like 30 people like it used to be like what we did? Yeah, it was like how you didn't do you didn't do cards you just wrote HB
Brad Kirby:my birthday two years ago as precursor to this whole thing because all of a sudden, nobody's wishing me happy birthday or I just deactivated my wall or something like that. I was like, No, no, I don't feel like I exist on here anymore.
James Thomason:We've done with social media fully when Tom isn't even my friends. That's a MySpace job. That's a nice nice reference for Got that one that goes way back.
Dean Nelson:Oh man, I didn't get that 1am I that old Now hold on what happened?
James Thomason:He might be Give me the towel. So in my space that was the founder was everyone's friend, their first friend on MySpace.
Brad Kirby:We were the ones who transitioned from MySpace to
James Thomason:it was the joke is like if you hadn't even Tom isn't your friend? Yeah, I
Dean Nelson:see you really, really gone bad.
James Thomason:You Really Got that? Okay, so it's RSA this week? Is that right?
Ryan Noon:virtual RSA. Does it even matter? The only thing worse than red regular RSA is virtual RSA. Are you attending virtual RSA? I'm trying not to like some things. And I click them every once in a while, but I'm largely trying to ignore RSA is mostly good, isn't it? The honest view of RSA i think is, well, everybody good is in town. So you might as well like have dinner with them. But like walking the floor is like, you know, it's, you start to realize why cybersecurity is so bad, because, you know, the vendors are like, no joke. My co founder abishek noticed once that there was someone had an yousician or no, no magician magic, like the thing with the rabbits like in their booth being like, Come over here. Like I'll do it. It's like, it's not about like, Hey, here's how the product makes you more secure. And it's really important. Here's why it's valuable. He was talking about our customers. It was like, look at this magic trick. Like I'm doing a magic trick, right? That's like, snake oil, you know, but worse, right? So I feel like it's a cautionary tale. And you're supposed to hate RSA. I think it's like the rational thing.
James Thomason:It's the uncool factor versus blackhat.
Ryan Noon:Yeah, I mean, but you're glad that everybody's in town. And it's in San Francisco. And like, all the people that live in San Francisco are kind of embarrassed for a week. But yeah, it's the people that matter, but the actual booths and stuff. It's just exhausting. Last year, there was COVID, you know, doing community spread at RSA. And like, I want to say that was like the worst RSA ever, but probably not.
Brad Kirby:So So Ryan, we've talked on touched on a number of different hacks already. But to move away from RSA a bit, but, you know, there's been obviously solar winds, which was, you know, a big slap in the face. And then, obviously, with your business with Material Security, as Microsoft Exchange Server hack, what's been the most impactful one that you've worked on? Or that you've seen into your business specifically?
Ryan Noon:Yeah, I think the common theme behind all these really big bad ones is like, people think about email, which is, you know, my life these days, like they think about it as, don't click those tricky emails, right. Like, it's the thing that like, even my like, elderly relatives know, like, oh, they're on the lookout to not click those tricky things, and those links and whatever, right, but the point of the Podesta hack, and the solar winds hack, and the hafnium one, and the Sony Pictures when you go through it Panama Papers, like anything, it's that like, they want the email, like, yeah, that's what they actually want. They're not trying to like get you to click a thing and whatever. It's like, I want to get your stuff. And so solar winds like it had nothing to do with fishing, for example, right fishing means I sent you something tricky and you fell for it. It was I hacked a vendor that Microsoft used, because if I got into Microsoft environment, then I can steal everybody's office 365. Yeah, right. So crisply insecurity. The way we talk about this is there are two concepts. One is a vector. And that's how I get you. Right, like mosquitoes are a vector for malaria. They're the vector for malaria, right? Like the whatever, a chimpanzee adenovirus inside the j&j and AstraZeneca virus is the vector for the actual DNA that makes the vaccine or the RNA that makes the vaccine. So like, in the case of email, the vector for phishing is email, right? I sent you this tricky thing, and you fell for it. And then what I wanted was to like get your password or to get you to pay an invoice from a spoofed email, right? It's like, but email is the way that I get you. But the other concept in security that's really important to keep in mind is the target, which is what I want, right. And these things are independent concepts. And so in email, we put like 98% of our of our defensive budget into trying to block and detect bad incoming emails, just like any other firewall, right, but the point of solar winds pedesta, like hafnium, whatever is that they email is the target. And then solar winds was the vector. It was this poor, unfortunate company that everybody used, right? That was the vector email was the target. So like, what we're trying to basically help people understand is you have to keep these things separate, and the consequences of somebody actually getting into your email. They're just stealing all the data that's there, or doing all the things that you can do once you have my email, right? Like the what, what if somebody actually got into it, even if they got in some other way, right? Stop worrying about the front door and start worrying about well, what if someone's in your kitchen, right? And that ends up being like, just eye opening for folks. Because the problem with these markets and RSA and Gartner and stuff is they train you to think of the problem is like, in one specific way. And so when I tell somebody I do email security, they're like, Oh, so you're trying to get me to not click on bad things, you know, and I'm like, No, like emails way worse than that. And so you know, it's a kind of a conceptual reframe, of just you have to worry about the application that people actually are trying to get into The last like, oh, man, like, Don't copy that floppy like, Don't click that link, you know. So
Brad Kirby:yeah, and even going back to like, there's like the JPMorgan hack back in 2014, where I think something like 86 million emails got stolen. That wasn't even really an email breach of anyone's email, except for the fact that they hacked JP Morgan not to steal money for them, but to steal a communication resource that they use to them, you can make a lot of money if you get the right Email Archive. Yeah, exactly. So you can get a name and an email, you might be able to, that's when you can start targeting. And it's, it's,
Ryan Noon:yeah, it's kind of makes it worse, because the blur of like personal and professional life means that you might be signed into your work machine on your personal email, or signed into your personal machine with your work email. And so even from like a blocking tricky that emails that use case, if I send something to your personal account, then like none of the email security things that your company buys work there. But if you fall for it on your personal account, then I can take over the computer that you're using, right, just like James was talking about. And then now I can open your work outlook. And I'm in your working email, even though I got to skip like that firewall that your company bought for the work email, right? So you have to like think a little bit more thoughtfully, where the doors and the windows are and what's inside the house?
James Thomason:How does your technology help us get better control and protect us?
Ryan Noon:Yeah, I mean, it's all on the site, we have Material.Security, if you guy want to check it out, the dot security thing is like a hug waste of money. It's like $2, 00 a year, but it's really, you re gonna break every old web ite you ever tried to type you email into if you ever get one of those. So I highly rec mmend getting one but then als having a backup lik.io or.com or something. But wha we do is basically the pro ucts all on there, but it's, it' essentially like What does som one do after they hack your ema l? And can we make that har er or impossible, right. And so he number one thing that peo le do, for example, is dow load all of it. So they can go hrough it at their leisure and find out all the unreleased qua terly numbers that are in the whatever company CFO inbox or hatever, right, they want to lik, use this data. And so one of he things that we can do is, it' really simple. But after an ema l has been in your mailbox for a while, we can actually mod fy it, so that there's not ing actually there except a big retrieve button on it. And the if you press that button, and we have some out of band cha lenge that you only need to do hen you're spelunking thr ugh your Email Archive, bec use you need that time that you had your passport and your ema l or whatever. And that was nev r happens, right. But every onc in a while you maybe need it. And we can just do something lik send a push notification to som app on your phone, or like, you know, touch your hardware to fac or just some extra test that the bad guy who broke in can't pas, then you can rewrite it and put it back for a couple hou s, kind of like Cinderella wit like a pumpkin or whatever, rig t? Then it goes away again. So ou basically let people have a r ally, really, really big Ema l Archive. But you can find the things in it that are sen itive, or that you've put a lab l on or whatever, that you don t want to actually leak. And the you can put defense in dep h around certain kinds of inf rmation within it. So it let you basically have a more tho ghtful policy with regards to he data that you nominally hav access to, but you don't wan to get hacked if somebody act ally breaks into your mai box. So it's like a good ide. It's like how it should be. And we happen to like invent tha years ago. And now it's, it' really popular, and you can rea about the customers on this sit, and whatever whatever. The e's a personal account wai list, if you want to try it on our personal account.
Dean Nelson:And that way, that's just an
Ryan Noon:example of like defense in depth basically.
Dean Nelson:Okay. And that waitlist, you're saying specifically, so you do this for individuals as to but individuals, the focus
Ryan Noon:of the company is businesses, just as we all used to work at Dropbox, and we didn't want to build something accidentally for consumers that businesses were the actual best market for and then forget to go and sell to the businesses. You don't like to make the exact same mistakes more than once. So you try to make the opposite set of mistakes, and you ignore the consumers that would make grow a lot faster, which is my other fear that you know, we're doing that. But yeah, the point of the company is right now to sell to businesses, but we do protect certain individuals. And if you have an especially interesting use case, just get in touch with us, we're pretty, pretty easy to get at.
Dean Nelson:So this reminds me of a I think it was 1999 or 2000. I think it was 1995. So I had one of the SIS admins have worked with me. He went in and for some reason started just running this passer break program. Was it by the way, Stanford University network. So we worked over some Yeah, yep, there we go. Another son reference. So he was just playing around with it. But you remember was the protocol that that shared all that on Unix, all the passwords, there's like one PSAP Kerberos or, yeah, Kerberos is what we use at Stanford. Yeah. So and this, this sorry, and is so at Sun they would basically say I can now distribute out all the password files and the accounts and everything else, right. So he was went back in, he had this superadmin he started running the program. Well, it started doing against the entire sun, employee master password file. But what he had is it was just the default thing. So it started sending people There passwords all over the company. Good luck. So by the way, this is not very secure if I was not very secure, and it was like, Oh, she starts turning it off. I'm like, What are you doing? And then realized
Ryan Noon:he was reversing hashes, or it was
Dean Nelson:just running. It was decrypting because everybody had horrible passwords. They still do. But back then, right, so all it was was inside of this file, and they just kept running against that thing. It just started cranking away and they were it was catching them like this, right? And so anyways, but it just reminds me pretty clearly the devil and we all know this point. Yeah. But uh, but I love the love of these these
James Thomason:I use password 123 exclamation point. So that really,
Brad Kirby:I've I've tried using non human readable passwords, like you can generate through programs, or done anything like that.
Dean Nelson:What do you do with that? Once you actually put it in? you store it somewhere? Or you or you write it down? Find it?
James Thomason:You write it on a sticky note and attach that to your monitor? Yes, because that's
Brad Kirby:inside a book.
Dean Nelson:Oh, now I know, Brad. Okay, I'm coming to your house.
Brad Kirby:Now I actually have my password separate on two pieces of paper, two different safety deposit boxes that are that have two different people on them. If I die, they have to go get them.
Dean Nelson:He's really thought about
Brad Kirby:that is I've thought about it because I've been hacked before. So just a personal story. I've spent a little bit of time talking about DLT and blockchain, like over the last four years, a little bit. And I was hacked pretty badly where my two FA was actually broken, like one call from a very well to number and there was like a void buffer overload hack. And they clearly had been keylogging. me somehow. So they were able to take all of my emails like Gmail, like an outlook, like Microsoft, OneDrive, every single email I had, and every single login to social ads, so my Facebook, my Twitter, my LinkedIn, all with one phone call, boom, just wiped everything. My phone was crashed, my laptop crashed. I got one of my hacker colleagues to try to help it he put it into, he puts something into his Linux, custom Linux, installing it pried his computer right away, tried to restore it and took me about three days to get back up and running. So it was pretty scary because even my recovery emails were compromised, because they just backwards kind of maneuvered it. For all I know, it was James, he's smiling over there. But I'm just kidding. That'll learn
James Thomason:you to take your phone to DEFCON. to DEF
Brad Kirby:CON. I've never been to DEF CON but that Rumi has, though. So it's maybe it was him. For all I know. That sounds really rough man. Yeah, no. Right. So I've thought about every kind of way around it. Because like you said earlier about your email getting compromised at all, it acts like a database of your life, really unstructured data, like a pair of structure of your life. But
Dean Nelson:Ryan, is it safe to say, let me give you a parallel. So I worked over another company previous life and you know, there was a there was a breach and the breach came in. And we all I guess, adopted this posture that you're already compromised. Just assume what you got is on the internet, what are you going to do about it? So if we take that concept, what you just said, with your email and other things, you're allowed to say that I'm assuming I'm going to get hacked at some point, but I'm minimizing the exposure by doing these other encryptions or removing elements inside of the emails. I don't access all the time. Is that correct?
Ryan Noon:Yeah, I mean, that sounds complicated. But like that's accurate. And the analogy that we use when the situation calls for it is like seatbelts in your car, right? Like they don't do anything. If you never hit anything, the whole point of them is because you're gonna hit something, and maybe it's your fault. Maybe it's somebody else's fault. Maybe something fell out of the sky. But like it's a device that assumes, like, assume compromise, speaking of RSA is like on posters at RSA, right. But the products don't actually do that, you know, they're just basically blockers and detectors for things, right? Like a person standing on a wall with like, eagle eyed vision is not assuming compromise. They're trying to look for things. And that's like, that is the default product in the security industry is like it goes beep or it blocks things, right. But a seatbelt is like it's not trying to detect a car coming at you at 60 miles an hour. It's saying, Hi, I'm a piece of cloth and my job is to make your face not go splat on the windshield, you know. So that's generally our inspiration, like simple things that are designed with the assumption that the bad thing is going to happen. Right? Because it's it's you know, it's
Dean Nelson:insurance.
Ryan Noon:What's the phrase? Like it's not the fall? It's the landing.
Dean Nelson:Yeah, so that's a digital seatbelt. You're calling Yeah, we
Ryan Noon:we've gone seatbelts for email before I think we have that on a T shirt somewhere. It's kind of become like a meme. It might be like a Wi Fi password at some point.
Dean Nelson:But with a capitalist.
Ryan Noon:Several exclamation points. I can't tell you how many it's this. Okay. Okay.
James Thomason:So, so there's a lot of talk out there in the security industry and debate around this idea of zero trust. Could you tell us what is zero trust and what's TIG on it.
Ryan Noon:Yeah, like anything else. It's sort of good ideas when many, many, many millions of dollars of marketing budgets are inflated into them, you know, kind of hit their limits. But it's it's fundamentally a great concept. And like, what it means to me is, traditionally, we think in terms of terrain, as a defender, we say, Well, here's the firewall, and everything inside of that is free and fair and whatever, right? That's, like, we like to try and control the bottlenecks. And the choke points to mark these things out and say, out there is scary in here is safe, right, like walls are the original defensive concept. And so zero trust says, Hi, there are no walls, right? It's much more of like a, like a combat patrol, right? I don't know where the enemy is, I can't perfectly see that. So I'm just going to assume that the enemy is everywhere, right? That kind of stuff. And so classically, something like MFA is deemed zero trust, because you know, what, I'm not trusting that you don't have my password, right? So it's used quite broadly these days to just basically mean like, be paranoid, assume compromise, etc, etc. But like, it's just take your prior belief about what control you have over the network, or the machine or the account or whatever, right? And throw it out and make it a little more narrow and a little more surgical. Right, it's less about what you know, and more about, like, you know, what you have with you, right? So don't just have a VPN that you then blindly trust, like the same things that's good enough for the entire internet, where it's a point to point TLS HTTPS link, like, Great. Okay, cool. And then Oh, authen, you know, don't just blindly trust people because they're coming from the right IP address, right? It's like, you know, think a little more thoughtfully, a little more deeply, a little more surgically, about what is secure, and what is not. That's probably where it's us most, that we use it, because honestly, it literally is what we do on email, like, like the internet, for example. You want to talk about dangerous assumptions, right? If you're staring at my inbox right now, because say, I left my laptop open at Starbucks, because I can go there again, I've kind of learned not to, and I like I'm pretty good at making my own coffee now, like COVID gives me enough for what it takes. If you're in my email, and you go to a service I use, like a Dropbox or a Twitter, and you say, I forgotten my password. Again, how many exclamation points are there? You know, I don't know. It sends you an email that says press here to reset your password. And that's like how the internet works. So like, the second thing I do after I break into your email as the bad guy after I download it all, because I can go through it at my leisure, is I go and try and reset every other account you've gotten. It sounds like this happened to Brad Yeah, trust the internet trust that if you have my email, you are me. And that's way too much trust that's like, I don't know, a million trust. How about zero? You know, a little bit less trust would be good, right? So that's, that's something that we do. For example, we can make it so that even if someone's in your mailbox, they can't reset all your other accounts. It's very popular feature.
Brad Kirby:That's really cool. Yeah. And like you talked about a little bit about networks, zero trust networks, and think about solar winds, which whose product is a network monitoring? Access Tool, right. Like it? I think some of the companies out there have the zero trust networking feature that is certainly interesting. And versus like a traditional VPN, like you said, that has these these security flaws with the that are inherent in them. And so I certainly fully understand the practicality of it and the potential to avert disaster scenarios that are happening literally every week right now.
Dean Nelson:Well limits the blast radius right? In the end of it. Yeah. Right down to say you can only hit this. So yeah,
Ryan Noon:yeah. Just because I hit something with my car. I guess I need a new car. But I don't need a new face. You know, limiting the blast radius is a good idea.
Dean Nelson:Yes. Is a cloth, strong line across, it's a lot harder to get a new face. Yeah, some of us could really use a new face.
James Thomason:That's what we have a radio show. Where it's one of the podcasts.
Ryan Noon:Growing up, my mom was in a really bad car accident, like right before I was born. And she always told me like, that was the best thing that ever happened to my nose.
Dean Nelson:Your mom loves you.
Laura Roman:So Ryan, what about technology? You know, what about AI? And ml? How do you see these technologies evolving to strengthen cyber defense?
Ryan Noon:Yeah, I mean, the underlying thing that's like, changed a lot. You know, I've been on a college, I guess, what, 12 years now or so. And there's lots of things that were theoretical, maybe the computer can help with this, where now like it's been democratized. And you can just go and like, buy a GPU. If you can get one from the Bitcoin theory of miners, like it's just a theory. And you can just mix and match something that now the computer can like, detect some pattern or generate some cool content or something. And it's easy, you know, it's like, you don't actually have to be like a linear algebra god or goddess to do this. And so like anything else, technology democratizes stuff and like, maybe it helps with defense. Maybe it helps with offense, I don't know. But the ratchet keeps turning, you know, like technology moves forward and it doesn't go backwards. Unless we have some sort of systemic collapse, and so computers are just better at recognizing patterns and generating convincing information than they used to be. Are we close to AI? Like Hal? 9000? General, you know, Turing test passing? I know, I don't think that's like a crazy skeptical viewpoint, like, we don't even really know what cognition is. So like, you don't have to worry about that. But our computers doing things that even people like me never really thought they could. Hell yeah. And that's terrifying. You know, cuz like, if it's easy, anybody can do it. And if only they can do it, the bad guys can do it. And if the bad guys can do it, well, you have to hope that all the good guys have it together. So I like anything else. If you put billions of dollars of venture capital funding and a bunch of confused buyers who just don't want to get hacked in a room, there's going to be a lot of snake oil that happens. And so you know that AI is like eye rolling for a lot of people just in terms of you know, like, the marketing words get ridiculous, like my favorite one is we don't, we don't have machine learning, we have machine reasoning. And I'm like, you mean an if statement because the machine is real. So I think there's like totally a lot of BS that you have to cut out. But at the same time, like the computers can do more than they used to. And I think the bad guys have the advantage right now typically, like when technology advances, usually the bad guys get to take advantage of it first. And then the good guys have to play catch up. So I've yet to see like anything in defensive security that leverages any of the fancy new things that can computers can do that really, really, really moves the needle. But oh my god, like how fast you can mass produce convincing text, for example, like, oh, the phishing emails go away better in the last 10 years. You can do more of them, you know, more thoughtfully, so I don't know. I tend to be on Team simple solution with regards to defense, like how much AI is in the damn seatbelt. So I never ever, ever give up on simple solutions to problems ever. Because the underlying problems are changing. So occasionally, you get lucky in the universe gives you the opportunity for a simple solution, just because technology is a wheel that turns and turns and turns. So never, ever ever write off simple solutions. The right now yeah, I mean, I'm scared of what computers could do. I'm like, I might just go throw mine away. So
James Thomason:yeah, I think there's a lot to be gained from throwing it in the trash maybe. But I want to ask you, email was invented in 1971 by Ray Tomlinson. It is now 2021. Number one, is email ever going away? I have a feeling I know what you're gonna say, given your company what you do, but why hasn't email gone away? Like, why is it so ubiquitous? It's like, if you think of the internet, it is the most ubiquitous internet application ever. Right?
Ryan Noon:I mean, probably besides hypertext and whenever, but,
James Thomason:yeah, so why is it so sticky? And why can't we get rid of it? And why is there nothing better?
Ryan Noon:Yeah, and that's a good question. And to be clear, my company is called Material Security, not like Material Mail, whatever, like if internet moves on from email will protect whatever is else is on fire. Like, our job is to reduce risk within technology. And like I'm, yeah, I'm not exactly going to pigeonhole you in email. No, yeah, no. So and all of our, like patents and stuff are written to be like remote content repository, not like email mailbox and stuff for a reason. So yeah, I mean, why is it still here, I'd say someone I think described it to me once as like, email is the push mechanism of the internet, right, like before WebSockets. And long polling and whatever. Like all the other ways we hacked it, like when the internet wants to reach out and touch you. Email is that. So it's like, it's really a fundamental building block. And at the end of the day, it is an open standard, like, you can run your own email server, you might have problem getting your messages delivered, and whatever. And you might have to set up, you know, SPF and demark, and partner up at the right routing things to not be a spammer. Because, you know, it's an open standard that's been abused by many, many, many bad people. But fundamentally, all it is, is just sending multimedia content to a given address, like what else do you want it to be? You know, what people are sick of is, I think their email clients, and they're sick of how we use email. But like, yo, send me some like bytes and some markups till a simple identifier. Why don't we have to hate that, you know, like, it's like, I hate what emails become. But fundamentally, the technology I think, is like, pretty innocent. And so my co founder, abishek is like a very wise person. And I don't think he'll necessarily listen to this because he's, he's sick of me on podcast in general at this point, so I'll compliment him while he's not listening. But he told me something really wise once, which is when new communication mechanisms come out, people don't really retire the old ones. It's all additive, right? And what he's means is like people want to communicate with other people. It's kind of what makes us people. Right? And so I'm gonna keep emailing, you know, maybe I'm not sending the big like chain joke emails or whatever, like we all used to that my dad still does, but like maybe I'm posting that on Reddit or the TIC tocs with the kitty, you know, whatever people tic tac toe. Yeah, the Tic Tac Yeah, it's it freshens your breath and shows you people dancing I think amazing. So but like people just Do more communication, right? Like, it just opens up another front more or less. So emails not really going anywhere, because like when my credit card wants to tell me to pay them, that's what they do. Like, yeah, they could send me a push notification, too. But like, I'm not gonna put the app on my phone, you know, it's just it's so it's so burned into these day to day workflows. And frankly, like, it is how businesses communicate to each other. Like, you want to do something worse than email, like when slack did like you can dm between different organizations, and then they shut it off the same day. Like, people run screaming back to
Brad Kirby:email. So I was I was gonna bring up slack because you know, we we like slack. But at the same time, if you access, if you were to hack in, like someone's email, like a, say, James arise email, you're probably gonna get access to all of our conversations over a certain period of time. Now, we don't we don't put sensitive information on there. Because we're, who are aware of that, in the same sense that we probably wouldn't be able to send you something and then it's there. You know, you're like, yeah, you have to send me this. Oh, yeah. And I can't delete it, because it's their message. So it's one of those things that I certainly see the application extending beyond email into something like slack as a collaboration tool. We should be doing those kinds of audits as as an organization, and we do, but I doubt most companies do. So it's another vector, not even a vector. I guess.
Ryan Noon:It'd be a vector in units both man? Yeah, most things kind of are both, but you think about them as both right? You really have to threat model these things. Right?
Brad Kirby:Exactly. So yeah, no, it's it's
Dean Nelson:a factor would be trying to get an email sending to get into slack. But slack would be like trying to get content.
Ryan Noon:Yeah, as you see this, for example, like a lot of times, you know, if you get my email, you can actually sign up for slack. Because in addition to resetting passwords, people will trust that you're an employee of the company, if you can't respond, click a link into an email that I send to your domain. Yeah, right. Interestingly, there's, there's like the workplace was it like the, like, secret or whatever, where you can like gossip about your employer, and they confirm that you worked at the company by sending an email to your work email, and then all the security teams immediately started looking for these emails. But my point is like email, you know, it proves that you are an employee, or at least can get someone to give you an email account. And so then you can sign up for like, some SAS app, and then start tricking people into sharing data with you, you know, things like that. So you see all these nasty things. But yeah, I mean, slack is simultaneously like, yeah, people will shit talk, they're everything like, like, the real water cooler stuff is in slack these days. But Slack, for example, if you paste the document, even in a private channel, like there's a place where all the admins could see all the documents that have ever been shared, right? Same with email. So there are admin accounts in slack if you compromise them that are, you know, as bad or worse than an email account as well. But the way that people attack them usually is through email, because email is the most exposed to the outside world. It's like the reason you know, kids get like pinkeye in their eyes, because their eyes are open and exposed to the outside world, whereas their liver is safely protected. And you have to drink yourself to death to
Dean Nelson:actually hit the liver. I love your analogy, which by the way, yeah. Drinking.
Brad Kirby:How Dave? Okay. And I haven't heard you repeat yourself once compared to other podcasts. So that's,
Ryan Noon:I never, ever, ever really premeditate most of these analogies, and sometimes they're just horrible, like, really horrible. So yeah, it's it's basically over Russian Roulette as a speaker.
Dean Nelson:You're about 1000. Right now. It's all good. All right. Well, thank God. Thank you.
Laura Roman:Alright, so what about the last year? So everything has changed dramatically with this working from home? So like, really quickly, what's your take on how much there has to be done to kind of like catch up? It seems like the bad guys had this. They just jumped right in. And we're still trying to catch up right and prove your point with RSA. And like, kind of security technology so much has just kind of become obsolete last year, right? Even like, you can't have massive networks and VPN, for example. And we have Sassine.
Ryan Noon:Yeah, I mean, obviously, the pessimistic side of this is quite clear. It's like, Oh, God, all of our assumptions about security and where users were and where data is like, yep, I guess that's bad. Oh, the servers that we kept in the office, we can't even go there to like, check on them. Oh, man. Oh, wow. So like, it hit you know, everyone's security posture with a big sledgehammer, right. But at the same time, like a lot of people in security, like they want to make big changes. The CIO term here is digital transformation. Right? Like, people want to like, you know, modernize, and what better time is there to modernize, then when everything's on fire, right? So creative destruction is maybe the Milton Friedman or whatever approach to the term but like, I know a lot of people in security are like, finally, I can do the things I always wanted to do. No one's standing in my way. I have no excuse not to do what needs to be done. Right. I'll just tell them, you know, it'll help us collaborate more someday, you know, and like you can see this in a lot of these COVID stocks, because everyone's like, I have been meaning to like roll out multi factor authentication on the side. Second half of my applications, oh, I have been meaning to shoot my VPN in the head because it doesn't work anymore. You know? So the underlying, you know, model of COVID should be like it made the future happen really, really much faster than all of us were expecting, for better or for worse, you know, like, even like, Amazon is like, Whoa, that's amazing. But also dystopian, right? Like, so. Yeah, it's just the big society wide, fast forward button. So and
Brad Kirby:package to me yesterday. Yeah, I was I never actually did that. I think they got approved for it, though. You never know. It might actually happen soon.
Ryan Noon:But, so yeah, I mean, there's an optimistic side of this, though, to address your point, like, you know, it's good things are happening to it's helped us as a business a lot. Like, like, I think like everybody else in like, you know, March and April, we were like, panicked, like, is the whole world falling apart and whatever, whatever. But it ended up being a fantastic year for our business, like really grateful for that, because it was a really hard year for a lot of other people's businesses. Very good. Yeah.
Brad Kirby:So I had one quick question, just for like the average consumer. And we talked about emails getting compromised. There's a website called Have I been owned, like with a Pete? poned? Have I been poned? Calm down? I just say, just because people don't know, if I'm talking to like a layman. And you just want to say how do I how do I know if I've been hacked? I
Ryan Noon:think if you google anything like that, it will do the right thing, because it's really popular.
Brad Kirby:Yeah. Is there anything you have any recommendations you have for like the average person? like no, you work with businesses today, but someone that's not in tech
Ryan Noon:to sell? I mean, to speed, the standard baby boomer assistance package? Yeah. So to speak, is Yeah, like go and set up to FA on literally everything you can Yeah, especially like your primary email accounts and whatever, right? If you're still using like that AOL account, it might be time to like, really deprecate that, if you're gonna have to put a lot of your eggs in a basket. Make sure it's a really, really good basket. I mean, MFA, it sounds like you had a bad problem with it. Was it SMS phone porting that they got you the or?
Brad Kirby:I think they apparently is sort of what's up like, voice buffer overflow? Oh, I see. It was an actual, like vulnerability on your phone now. Yeah. Yeah. Oh, man.
Ryan Noon:Yeah. But I mean, a lot of people that the most common thing you see is like the sin porting attacks where they go to the Verizon store, and they pretend that they lost their phone or whatever. And so then you can just
Brad Kirby:click as far as to
Ryan Noon:Yeah, I mean, that happened to like jack Dorsey, like two years. Yeah, exactly.
Brad Kirby:Around the same time. Yeah. So it was but
Ryan Noon:so you want to just get people used to MFA get them used to preferably more secure forms of MFA, like these, you know, UB keys, hardware, two factor things. These are really nice. You know, like, they there's no excuse not to use one these days. It's way easier than like, typing into code and whatever, whatever. Right. It's like having your keys to open your car and having your kids Open your Gmail account. It's like a good idea. Yeah. Yeah. Right. Like, and then, like, password managers are a good idea. You know, like, they put a lot of eggs in one basket, but like, it's unless you know,
Brad Kirby:the pants out the password manager.
Ryan Noon:Yeah, no, I mean, you have to really, really keep that secret and hope that they don't log you and whatever. But you can put MFA on a password manager. True, right? So you have to hope that the password manager doesn't get totally owned if right, if one password or LastPass, or whatever it gets like solar winds, then like we're in deep trouble and actually compromised via supply chain.
Brad Kirby:Right. And FAA should protect 99.9% of the targets, right? Yeah,
Ryan Noon:it's just so good MFA plus Password Manager is like, yeah, it's like, the obvious, obvious things. There's no magic silver bullet Other than that, but honestly, I still see so much resistance to even basic MFA from people who are, you know, the kinds of people who are gonna send me an email and tell me, is it okay, if I click on this, you know, like, like, clearly, there's high awareness on these things? Like, why are you so afraid of a multi factor authentication, like who hurts you? You know, just get over?
Dean Nelson:Alright, this is your third startup, I believe, right?
Ryan Noon:I was I was like a first engineer at the first one. So I don't really get credit for that one. But
Dean Nelson:gotcha. Okay. But more or less to you've really kind of dove into headfirst? What advice would you give to entrepreneurs about starting their own businesses?
Ryan Noon:I mean, it's totally worth doing like it is. I mean, I don't have to preach to you guys about this. It's like, there's nothing more fulfilling than like, this exists, because we made it that way. You know, and there's nothing, I guess more existentially difficult than being like, oh, wow, all of my problems, and all of my struggles are my fault. And I'm the one who has to get me out of this. You know, so, existentially it gives and takes, right. You can't blame anybody else. But you can't blame anybody else. It's worth doing. It's worth preparing thoughtfully for because I have a lot of friends who they rush into it. And then they don't have a great team around them. They haven't answered the basic questions of Who are we and why are we doing this? Right. What are the roles that we're going to play on the team? Like who do we want to be like, right, like even I wish I could get I'll bring him up because sob is real smart. But he he makes us do like pre mortem exercises on a regular basis where we live board preview, and you assume what if we failed? You know, it's kind of like threat modeling, but a little bit more existential, right? And you're saying, Well, what are all the ways at this point that we can fail, for example, and you just walk through them and you talk them out, and there's no sacred cows, like, you just have to have the most honest conversation you can. So you probably can't do it alone. All right, there are solo founders out there. But a lot of them weren't actually solo founders to beginning at the beginning, they just sort of devoured their co founders. parasitic twin or something. So you probably need a really good team, probably people that you really trust really, really, really well. And that, you know, you work well with, right, my first co founder is someone that I respect a lot from the last company, he's very smart, very creative, but like, we just never worked together every day, right? We had like ta together at Stanford, and that wasn't the same. And so as a result, there are all these things we had to learn just working together. And honestly, like, you know, maybe the company would have lasted longer, and we wouldn't have sold it to Dropbox if if we'd been better at working together. Right. So honestly, like, most people tend to focus way too hard on like, the idea and the opportunity, and like, way less, and just having two or three, really, you know, one, two, or three, I think three is the right number for me total, three, three co founders, I think two is I can talk about it, but you know, really focus on on the team. And if you think about it as like this search and discovery process, where we will find the opportunity, and we will do it together. And like you and me and maybe one other person, you know, we're all a unit like that's, it's so much easier. Fundamentally, if you have that deep baseline trust and respect for each other like I, I would not be able to do it without my co founders and like, believe me, I've tried them so hard. They're so good. So there's no one else that I can take that level of responsibility, right? It's like, it's Sunday. And I'm so worried about this thing that's broken. And I get to call you because you own as much of the company as me, and we're going to talk about it. And we're going to talk about it right now. Like you can't do that to your employees, you can do that to your co founders. So you really need them. They let you take vacations even it's really nice kind of Amen. co founders. So yeah, and then on the idea side, just be disciplined and like be thoughtful on how you size markets, you have to be able to think top down in terms of markets, like I gonna go and revolutionize the automotive dealership advertising space, which is growing at negative 30% year over year from a small existing, you know, existing base, or am I going to go into cybersecurity where a lot of it might be Bs, but at least there's a lot of dollars and like companies get built here, healthy good companies get built here, right. So you got to pick a good space. And then you have to pick a great opportunity, which is an actual problem or set of related problems within a space that you want to tackle. And it sounds obvious, but people cut corners on this stuff, you know, you're in such a hurry to succeed and raise money and whatever. And like, you know, you just take it slow, nail the fundamentals of your team, your space and your opportunity. The whole point. It's a search process, it is a collaborative search process to find an opportunity and build a business. So like ignore all the rest of it, because the rest of it is just crap you read on the internet.
James Thomason:That's awesome advice. And thank you so much for coming on the show. I know we're coming at the end of our hour. So really sage advice and great insights into security. And I can't wait to try your products. Honestly, I've been looking at it. I'm scared of email. I'm terrified of being hacked. So I I for one can't wait to give this a shot. And maybe maybe it works for our business. everyone listening the show, you should check this out. What is it? You said dot security means Material.Sec rity. Is that right? Yep. You can
Ryan Noon:just even Google the word Material Security or the words and it'll come up. We thought that we'd have to fight with like economics for that term. Because in econ Material Security means having enough stuff. But it turns out we beat economics from an SEO perspective. Nice! lucked out. Very cool. All right. Well, thank you so much for having me on the show. This was a ton of fun. You guys are really great group. Great.
James Thomason:Thanks. Thank you so much. super interesting conversation. Well, folks, if you enjoy shows such as this one where we bring you the best and brightest minds in tech and business, please do give us a like and helps us grow our audience. This show is sponsored by Infrastructure Masons whose uniting builders of the digital age, learn how you can participate by going on the web to https://imasons.org that's
https://imasons.org. And by EDJX, who's building a planet scale edge computing platform for all the things visit us on
the web at https://edjx.io that's https://edjx.io.