Modern Cyber with Jeremy Snyder - Episode
50

Shrav Mehta of Secureframe

In this episode of Modern Cyber, Jeremy sits down with Shrav Mehta, founder and CEO of Secureframe, to explore the intersection of compliance, security, and automation.

Watch Now
Shrav Mehta of Secureframe

Podcast Transcript

Alright. Welcome back to another episode of Modern Cyber. I'm really excited for today's conversation because it talks about an area that a lot of people have strong feelings about, and that is compliance and particularly compliance automation. We're gonna get into other topics as well, but you know there's a saying in cybersecurity that cybersecurity is not compliance and compliance is not security, but there's definitely a strong intersection. And our guest today brings a whole wealth of experience on the compliance side working with I think hundreds, if not thousands of companies around the world on their compliance journeys.

By the way, by way of disclosure, ourselves included, we are also customers of the organization whose CEO we will be introducing today. I'm delighted to be joined today on Modern Cyber by Shrav Mehta of Secureframe. Shrav is the founder and CEO of Secureframe, which has quickly become a leading compliance automation platform helping thousands of organizations meet their security and privacy obligations. A lifelong entrepreneur, Shrav began developing mobile apps as a teenager, creating more than a dozen apps, collectively millions of downloads. Recognizing the need for a modern streamlined approach to security and compliance, he launched Secureframe at just 23 years old, and under his leadership, the company continues to grow and redefine the industry.

Shrav, Shrav, thank you so much for taking the time to join us today on Modern Cyber. Of course. Thanks for having me. My pleasure. I wanna start by diving into something that we talked about there, which was, you know, really starting that journey with Secureframe at 23 years old.

So talk to us a little bit about the inspiration behind it and how you think about Secureframe today. Yeah. Definitely. So, you know, I had always wanted to start a company at some point, and I was just waiting for kind of the right idea that I could spend a very long time working on. And so, you know, just just for the audience, to to give a more, you know, clear description of what Secureframe is and and and who we are.

So Secureframe is a compliance automation platform that helps businesses streamline and manage their security and privacy requirements from, you know, frameworks like SOC two, ISO 27,001, HIPAA, CMMC, you know, all these frameworks that exist in, you know, pretty much every, you know, industry. So Mhmm. I founded Secureframe after seeing firsthand, you know, how painful some of these compliance and security processes were. I had a bunch of scripts I had written at previous startups I had worked at and, you know, figured, hey. Why is everyone doing this, you know, so very manually?

You know, a lot of the things that you're doing in the you know, to meet SOC two, you know, requirements are essentially, like, configuring your AWS environment, your GitHub, you know, some of the other business systems you have, and all these business systems have APIs. So, I was kind of wondering why aren't we automating this. And it was really just a a new thing where all the APIs that we needed to actually automate these compliance requirements started to become available. And then it was a matter of, you know, putting it together, aligning it to the security requirements that companies have as well as the frameworks that they wanna comply with. And now we have, you know, a very robust automation platform that I think has made security and compliance, you know, much, much more manageable for, you know, organizations of all sizes.

Yeah. Yeah. I think it's really interesting. You know, when I was getting my MBA, which is years ago now, but we did this entrepreneurship class and I always thought it was kind of funny by the way that our entrepreneurship class was taught by adjunct professors, some of whom had entrepreneurial experience and others of whom had kind of sat on the sidelines and watched it go. But one of the things they talked to you about was like, when you're looking for that opportunity to start a company, sometimes you need to look for a shift in the marketplace.

And that shift in the marketplace, they describe two of the classic shifts in the marketplace that you see as being regulatory change and being technology change. And it sounds like for Secureframe, some of the things you mentioned there that really enabled the journey are, one, the rise of all the different frameworks, but two, the availability of the APIs that ties all of that together. Was that kind of what you were seeing? Oh, a %. And we definitely spent a lot of time thinking about this.

Right? You have to kind of ask yourself when you start a new business, you know, why now? Right. Why not five years ago? Why not in five years is now, you know, the right time?

You know, there are many businesses that, you know, could have been, you know, very successful had they been built at a different time. Right? Yeah. I think you look at the classic Instacart, which was started, and there was, like, an equivalent that started during the .com boom, and it just wasn't Webvan. The right time.

Yeah. Exactly. Webvan. So I I think, you know, you hit the nail on the head. We were seeing the rise of all these new regulatory frameworks, and they weren't being necessarily requested, you know, by governments like, you know, HIPAA and some of that stuff is definitely, you know, a law.

But SOC two is being prescribed by a lot of, you know, vendors and customers, of our customers as kind of just the baseline things that you have to get done in order to work with them. And SOC two is definitely not the end all be all of security. It doesn't mean you're secure. It's kind of just a good framework or a base layer to get started. Is that how you think about SOC two?

Because it's it's interesting you bring that up. It like, I don't work in a regulated space. I work in cybersecurity, and FireTel is a cybersecurity software company. But we did our SOC two, and we did it kind of proactively thinking that, hey, we know customers are gonna come along who ask us what are our own internal processes. And we picked it because we thought it was just a good framework in general to layer to kind of lay down that baseline as you described it.

But one of the things you said there, I'm curious to hear what your experience has been in working with lots of customers. Is it really this inheritance where, you know, customers are coming to vendors and saying, hey, look. I need to know that you've got your basics in place, and this is a good way to check that box, so to speak? Oh, a %. I would say that is probably one of the main reasons why, you know, folks initially get their SOC two.

It's because a customer is asking for it or they need some sort of proof or attestation that they're actually doing all the security things that they claim to be doing. So SOC two is a great way to do that. ISO 27,001 is as well. You know, if you're dealing with, you know, the federal government or more government entities, you see a lot of these companies, you know, abiding by NIST. So I I would say that it's probably, you know, one of the most common reasons why people get it.

And, again, you know, just because you have SOC two doesn't mean you're secure. It just means that, hey. You have some of the basics, you know, in place and you have a stronger foundation than, you know, probably having nothing. Well, let's get into that for a second. So, you know, in the introduction, I said there's there's some strongly held opinions in the cybersecurity industry that, like, security and compliance, while they may have some overlaps, people equate them and that's not really the right way to think about it.

How do you view the intersection or, you know, the the classic kind of, like, middle school essay question, compare and contrast these two concepts. How do you view, like, where they are overlapped and where they're different? Yeah. Totally. So when I describe secure for me, I often say security and compliance because, you know, both, you know, both of those words are very broad.

You know, when I say security, I I I sometimes don't even realize that some people don't think I'm talking about cybersecurity. They're thinking physical security. Right. Or with compliance, there's, you know, all sorts of compliance. There's compliance for, like, medical devices.

So what are we talking about? So I often say, you know, security and compliance to to notate that, like, where Secureframe operates is helping people, you know, achieve compliance with a number of these security frameworks. And, you know, technically, we do support a lot of different privacy frameworks, like GDPR, CPRA, and, you know, a bunch more. But, yeah, they are, you know, two very different things. Yeah.

And when you think about kind of, let's say, some of the common pitfalls that I hear around going through these processes, one is that like, okay, well actually though your SOC two audit, so to speak, is only as good as the auditor who actually comes in and checks your work. And if they're very thorough, they might, you know, a lot of audits are done on spot check basis where they do a sampling across all of the data points. If they're very thorough, they might do a broader sample, they might do more data points, and they might dive deeper on some of those. Whereas some auditors might be very surface level. What's been your experience in kind of seeing the different experiences and the different levels of engagement that these auditors might have?

Yeah. Definitely. So, I don't have a particular side to pick in this argument. What I'll share is just a bunch of things that I've observed. So, and, you know, I think a lot of your audience is like, you know, founders and entrepreneurs, so I'll kind of, you know, give some analogies.

Right? So, just a lot of, you know, a lot of the audit quality depends on the partner sometimes, you know, not necessarily the firm. You can get someone who does a, you know, a terrible job at a top firm, and, you know, it might look a little bit better on paper because it has, like, a shinier logo. Right. But, ultimately, that doesn't mean the audit was, you know, any better.

You know, the all all these frameworks have minimum requirements as far as, like, what needs to be audited, how the audit has to be conducted. So there is, like, a very strong baseline, you know, in place that everyone has to meet. I've seen, you know, smaller, you know, more boutique, you know, shops that help people get their soft tubes, ISOs, you know, CMMCs, whatever they need to get, you know, with a much higher level of rigor than I've seen top firms do that with. So I think a a lot of this stuff, you know, you know, is spewed by, you know, people who have, you know, how do I put it? They they have, how do I put it?

They have bias because they might be at a top firm saying these things because it's harder to, you know, differentiate. So the way I put it is, like, you know, look at how, you know, look at how your auditor, you know, plans to review, your security, you know, paperwork. These days with tools like Secureframe, you're able to check everything. You don't necessarily have to use sampling methodologies or, these kind of, you know, audit mechanisms of the past. It's much more easy to be thorough than people think.

So I I wouldn't worry too much about that these days. Okay. Fair enough. And when you think about, let's say, the evolution of the compliance space, like, we've just in this brief conversation that we've had so far, we've probably mentioned 10 plus different frameworks. It can be pretty confusing and overwhelming.

I know, you know, SOC two, the one we've talked about a little, maybe the most so far, is kind of this baseline that is, let's say, broadly accepted across the technology industry, not being, let's say, industry specific to financial services, healthcare, one of these regulated spaces, but being kind of broadly accepted as a good baseline. How do you think about, let's say, the proliferation of frameworks? Because I see stuff like right now we're working in AI security and I heard just the other day of an ISO framework that I'd never heard of before. And, you know, something new pops up, a new framework pops up, and now we got to go look at it, we got to go inspect it. A, how do you think about the proliferation of frameworks, and B, how do you keep your company ahead of that?

Yeah, a %, it's a a question we get all the time, honestly. There are a lot of different frameworks, but there are also a lot of different overlapping requirements. For example, SOC two, ISO 27,001, you know, two of our, you know, more popular frameworks. Depending on how you implement it, it can have, you know, seventy, eighty, you know, percent overlap. So, you know, a lot of these, you know, frameworks that are being created doesn't mean that you're doing, you know, a whole new set of work.

There's definitely a lot of duplicative activity across these frameworks. And that's kind of the magic of, you know, a tool like Secureframe. We, you know, cross map between all these different frameworks, and you can, you know, adjust the mappings however you want. But we make it easy to determine where that duplicate of work exists and make it much more easy to manage a much larger set of regulatory frameworks that you might have to follow. And what we have internally is we have a team that kind of keeps all these up to date.

We speak with auditors, you know, on a daily basis to figure out, you know, what they're seeing from their clients. We talk to our customers all the time to figure out, hey. What new things are they being asked to do? So we have, you know, a whole team of folks that stay on top of it and make sure that we're ahead of the curve as far as the new frameworks that are coming out. And, you know, it doesn't mean that, you know, every new framework that comes out is one that you have to implement.

You know, oftentimes, we're giving customers guidance saying, hey. You probably actually don't, you know, want to take on another framework unless, you know, x y z happens. Yeah. Well, along those lines, I'm I'm really curious to hear. You know, you work with thousands of customers around the world to the extent that you can, recognizing that some of this is gonna be confidential.

What have you learned from the data at the back end? You know, what you've been collecting from all of these organizations? Are there are there lessons that we as an industry can take? Are there kind of things that have particularly informed the Secureframe strategy other than those, like, explicit requests from customers that you mentioned? Yeah.

So, obviously, I do have to, you know, keep confidentially in Yeah. Of course. Obviously, I do have to, you know, keep confidentiality in in mind. But, what I will say is, we are definitely seeing, you know, an increased demand for all sorts of security frameworks, and just increased demands on the, you know, existing ones that, people have been abiding by for quite a while, like SOC two, ISO. We're seeing a lot more interest in federal frameworks like CMMC, FedRAMP.

I think that is, you know, definitely becoming more and more of a trend. Yeah. I think the biggest thing is just that, you know, customers actually care a lot more about security than they have in the past. I think that's just becoming more and more evident with all the data breaches and things coming out, and people wanna be way more proactive about it. And it's not really as time consuming or as difficult as people think to just get the baseline functions in there.

Yeah. And and look, I can share with the audience from our own perspective, and I think as you said earlier, a lot of our audience is kind of founders in the cybersecurity industry. Starting the journey early, starting it before you have a whole lot of established processes so you can understand where there are established, best practices around how you might wanna do something, getting all of your documentation and all of your quote unquote ducks in a row at an early stage makes the whole process a lot less painful. And I think, you know, compliance is one of those things we didn't really go into it deeply at the beginning of the conversation, but it is something that has historically had a reputation as being a very painful process. And being a spreadsheet exercise that nobody wants to do and that you take up once a year, maybe twice a year if you had a mid year review, but, you know, a lot of this can be done in a lot better way nowadays.

So that's that's really interesting to hear. And I certainly, hearing about the rise of the federal frameworks, I think is really good because historically in the technology industry, there's always been a perception that the federal government has always trailed behind the broader industry. Right? Yeah. No.

Definitely. I think it's becoming, you know, more and more, prevalent, you know, for every company to, you know, have these, you know, minimum security and compliance standards in place. Yeah. Shifting gears for a little bit. I mean, we talked about you guys have a lot of data at the back end, a lot of lessons learned from customers probably across a wide range of industries and geographies.

I'm curious, one of the things that, you know, with a lot of data, the natural inclination right now at this point in time as we're recording is, well, what AI stuff are you doing with that data? And I don't wanna, you know, go deep into things that you're doing that might be kind of confidential, but, you know, what impact are you seeing AI have on customer requests, customer requirements around security and or compliance? Yeah. Yeah. That's a great question.

So I would say, you know, right now, you there's a lot of features that we've implemented within Secureframe that utilize AI. So one thing that, you know, we've done is implement, AI remediation. So, essentially, if there is a, you know, configuration that we find that isn't correct, we will actually give you an AI response that says, hey. Here's the AWS CLI command or appears the, here's a way to update your Terraform files, or here's some instructions on how to actually fix, you know, what needs to be remediated. And we personalize it towards the specific misconfiguration that, you know, we were able to scan in your account.

So that's one thing that we've seen a lot of utilization on that's been extremely, extremely helpful, I think, to our customers. Another thing that we've kind of done is, we've added co pilots, you know, throughout the product, and these are all things that you can also turn on and off if you don't, you know, you know, want your, you know, data being sent to, you know, an LLM. We, of course, have followed kind of all the, you know, best practices around securing, you know, all that data and, you know, how it is, you know, accessed and read. But, yeah, we've added co pilots throughout the product so that it's easier to fill out forms around risk assessments. We'll give you, you know, really strong suggestions on what to do, and that's made the quality of the risk assessments and the amount of time people have taken on them, you know, to be significantly less.

So, there's a lot of, you know, ways we're using it there. We've also added, you know, updated functionality around our security questionnaires product so, that we can provide, you know, better answers when you might not have had any previous security question or anything, you know, from your past to answer security questions. So we generate, you know, the best possible response. And, you know, if it looks good, you check it off. It adds to your knowledge base.

So we're using AI in, you know, a lot of ways across the product. And, you know, in 2025, I think, you'll see a lot more from us on that side. Awesome. And and, you know, shifting away from the Secureframe lens on it, what's your personal view on what are some of the most exciting or maybe most scary upcoming impacts of AI on security? Yeah.

I mean, a lot of this, you know, remains to be seen. I think the landscape is evolving so quickly. It's, you you know, it's hard to predict where all this stuff will land. But I I I I do have some hot takes. So I think Alright.

One of that yeah. I mean, why why not? Let's share them on the Internet. So, I I think one of my hot takes is that AI will make privacy way, way more difficult. Maybe that's not a super hot take.

But, when powerful AI agents can piece together data trails instantly, you know, can surface all sorts of information from the web, it's going to make it a lot harder to to stay private, especially once your data has been harvested. You know, deleting stuff off the Internet is already hard. Deleting it, you know, from a model that's been trained on the Internet, and cost billions or hundreds of millions of dollars to train maybe today, that that's gonna be really difficult. So, I think, that's one thing that I think will require a lot of thought. How do we, you know, maintain personal anonymity or privacy?

How do we manage that in the future? I think another thing, that's gonna become, you know, more and more obsolete is password based security, and we're already seeing this. You know, AI can, you know, guess and brute force credentials, you know, you know, much more easy and easily than they have been in the past. And, you know, we're seeing, you know, new password requirements and things like that. But, there's so many data breaches where they're stealing these passwords.

They're reused. There's only so much you can really do, and I think, pass keys and, you know, some of the passwordless authentication strategies that we're seeing become, you know, come into the marketplace today are gonna be, you know, the requirement or the baseline. I think passwords will probably be gone, you know, in maybe two to three years, from the vast majority of these applications. So we'll we'll see, you know, what happens there. I also think that, you know, we need a lot more, you know, white hat AI agents and start ups working on that.

I I there's gonna be a lot more, you know, autonomous, you know, AI attacks, that we're gonna need to defend against. And these things are not easy to defend against. They're evolving so quickly. I think one area I've seen a lot of startups, you you know, start to attack is, like, the, you know, the stock management teams, that are constantly scanning your logs, patching systems, neutralizing threats. Like, there are so many things to review.

I think that is one of the first areas, in security where AI agents will have significant impact, and we're already kind of seeing it left and right. So, that that's gonna become much, much more important. The one I'm personally most scared about is just, like, how human emotions are essentially being hacked for a profit. Right? AI is already excellent at, you know, AB testing things.

We're starting to see, you know, deep fakes of people, becoming, you know, better and better and harder to detect. Yeah. So, you know, I think AI is going to be able to understand, like, real time sentiment, emotion, and be able to persuade humans to do things that, be able to persuade humans and, you know, socially engineer us in much more effective ways than the past. So I think that's something that, you know, is gonna require more than just, some security awareness training to combat. Yeah.

It's really interesting, this last point in particular, and I wanna come back to a couple of the other ones in just a second. But this last point about kind let's say kind of, playing with human emotions in a way that is data driven is really interesting because, recently we had a guest on to talk about kind of the state of AI and cybersecurity as a narrow focus of the conversation. And one of the things we talked about on there was, some of the ethical guardrails that have been put on a lot of the LLMs, right, the generative AI models that we're all playing with nowadays. And if you go to one of them and you say, like, hey, write me a phishing email, it will tell you, hey, I can't do that, Dave. Right?

You know, the the kind of classic 02/2001 Space Odyssey. I'm afraid I can't do that whenever they anyway, we digress. But you know they've got these guardrails on them for particular use cases, but when you frame it differently, you can often get the same result and perhaps the same kind of desired content by asking a set of questions in a different way. And that example that you gave of let's say like AB testing things is actually really compelling because I can certainly easily see a scenario where I go and I say, hey, craft me two emails that try to convince somebody to buy a product and then I just keep going down that path and iterating little by little. And, you know, with a few prompts and a few rewrites, it doesn't seem like it would be very hard to get that to a place where I could quite potentially convince somebody to buy a fraudulent product or a non existent product.

And I could see that being applied across content on websites. I could see that being applied across emails, obviously, text messages, any kind of outreach, LinkedIn messages, what have you. So that that point in particular really I I is something that I would also, you know, share your concerns on. I wanna come back to one of the the first hot takes that you gave there which was around kind of the lack of privacy or the potential loss of privacy because of this, and and that's something that we've been watching firsthand. You know, we do API security here, and that gets put in front of, web applications and things like that.

We see a huge rise in the number of AI agent crawlers. We do intercept a lot of non API traffic, standard HTTP traffic, and analyze that as well. And so we see those user agents coming from these, third party AI services, and they're rising rapidly. When they get to a point where they're not only kind of cruising through a website, but they're starting to understand the application structure, and then potentially, if there are unauthenticated endpoints that it can issue queries to that then actually, like, fetch data out, it becomes pretty easy to see a scenario where this AI crawler not only crawls the structure of your application but gets all the data inside the application as well, all, let's say, like all the content from your CMS or things like that. And and so that concern around privacy, I can also totally, foresee as well.

Yeah. Yeah. We're good we're gonna have, a a lot of things to think about in this new AI era. And, you know, just to kind of put more of a word to what you're saying, like, I think what people typically call, you know, the model breaking that you're talking about is jailbreaking the model. Jailbreaking.

Yeah. You know, almost every time, you know, a new model comes out, you know, within a, you know, a day or so, probably a couple hours, there's someone who's figured out how to jailbreak it, and, you know, get it to, you know, say things that, you know, it's not supposed to. Right? So I I think that stuff is gonna be really complicated. And I I think you also bring up a good, you know, point around, hey.

Write me a persuasive email, and I would take that, you know, a level further. And, you know, this is you know, I think we're using this in a positive way at Secureframe right now. But, you know, what we do is when a, you know, new lead comes to our website, we, you know, do all this research on them. We figure out, hey. What why has their company been in the news recently?

Are there any interesting blog posts that could give us an indication of why they may have reached out? Do they have a security page or any certifications already? You know, how long have they been in business? Who's the person reaching out to us? Are they a former customer?

So, you know, I I I've spent a lot of time in sales and marketing, and one of the things that always has been, you know, very perplexing to me is just lead scoring. I think Yeah. I I don't know how familiar you are with it, but I think Oh, yeah. Lead scoring is, you know, like, it it obviously has a need, and it makes sense why we do it, but I think it is gonna be the first thing to go in this AI, you know, era. Like, I'll just tell you, we've removed all our lead scoring systems because the you you know, when you build these lead scoring systems, you're like plus 10 points for attending a webinar, plus 10 points for visiting a blog post, and some of the stuff that you link in an email.

Yeah. Exactly. It's not as actual as you think. So what we've done is we kind of have an AI agent process all this information, ask ask, you know, qualification questions, scan a customer's website, and we use, you know, the the data that's coming out of the AI agent, instead to kind of evaluate whether, you know, it should go to a certain territory, a certain person, or if there's certain information that we can ascertain to, you know, persuade them to purchase Secureframe. So I I think lead scoring is gonna be, you know, a thing of the past.

I hope it is. Yeah. Again, the opposite, like, it it could be really hacked for a profit too. Yeah. Yeah.

Yeah. Well, I will certainly echo the sentiment about hoping that it is a thing of the past. I think it is a super painful exercise, often with high levels of inaccuracy, by the way. And and, you know Oh, yeah. It it's so easy to mistake curiosity for qualification in the sales process, and that is, you know, very often not the case.

There there's so many other things that go into it for anybody who works in b to b sales. I'm sure you you'll echo this sentiment, and you're probably nodding along to our conversation right now. We're getting close to time, but I wanna kinda finish with a couple of follow-up questions. Number one is coming back to this kind of intersection of AI and cybersecurity sorry, AI and compliance and some of the stuff that Secureframe does, are you seeing a demand for, kind of AI reg AI based regulatory frameworks like ISO 42,001 or some of the EU regulatory frameworks around AI usage? Yeah.

That's a great question. I think we definitely get a lot of people inquiring about it or asking about it or asking us to go through, you know, what exactly, it entails and what the benefits are. I I I won't go as far as say saying, like, we've seen mass adoption. Right? I've seen maybe a couple of these companies like Synthesia announce, like, ISO, forty forty two thousand and one, which is kind of one of the more popular AI frameworks and how they got compliant with it, but I'm not seeing, you know, mass adoption of these things.

And I think that's, you know, right now because it's very early in the space. And, you know, there are all these debates going on right now about are we over regulating AI before there's really anything to regulate. You know, I'm not gonna step in on that argument today, but I I, you know, I think that that's definitely playing a factor too. Yeah. Yeah.

And then I guess just, you know, just share it with our audience, many of whom are, like I said, you know, cybersecurity entrepreneurs or people building and running their own cyber companies of various shapes and sizes. What would be some of the tips that you've shared from, you know, a pretty successful journey up to this point of Secure Frames Life to be sure? What are some of the things you learned along the way? Positive, negative, anything you'd really wanna share? Yeah.

I think the most import I I think the most important part is, getting this stuff done, you know, early. The later you do it, the more work it is. So the moment you have a need, get it done get get your kind of baseline security stuff in place as early as possible. It doesn't take as long as people think, and it's quite simple. And you never wanna be in a position where you're reacting to a security breach or a security issue.

They're happening, you know, more and more. And Oftentimes, the the vendors that they're trying to exploit are the smallest ones or what might be perceived as the weakest link in the chain. So you really have to be careful at all levels. And, you know, my recommendation is just to, you know, get ahead of it early. You know, use something like Secureframe.

We're always happy to chat with a new customer. Shameless plug. All good. Yeah. Exactly.

Yeah. Yeah. Yeah. Yeah. Well, awesome.

Aside from Secureframe.com, if anybody wants to reach out and connect with you, learn more about any of the things that we talked about today, what's the best place for them to reach out? Yeah. Definitely just go on our website, secureframe.com. You can also, you know, always email me. I'm just firstname@secureframe.com, and, you know, always happy to speak to folks in the industry.

Awesome. Awesome. And last question for us to to kinda wrap things up here. What are the things right now in early twenty twenty five that keep you up at night, that keep you concerned? Oh, that's a great question.

You know, I sleep pretty well at night. I try to get my eight hours in, and I highly recommend it to all entrepreneurs. Yeah. So I I won't say I sleep poorly or anything, but, I I will say the thing I'm, I'm looking at the most is, you know, how, you know, how can we best utilize AI and, you know, what are the things that are really important in an AI first world for secure frame to be doing. That's, you know, what I spend a lot of my, you know, uptime thinking about.

Yeah. Fair enough. Well, Shravnitha, thank you so much for taking the time to join us here on Modern Cyber. To our audience, please do us a favor. Rate, review, like, subscribe, all that good stuff.

You know what to do there. Share the episode with somebody that you know. And if you know somebody who should we should have here on the show, please reach out. We're always taking new guests. And for now, I will say thank you one more time for joining us for today's episode.

Talk to you next time on the next episode of Modern Cyber. Bye bye.

Protect your AI Innovation

See how FireTail can help you to discover AI & shadow AI use, analyze what data is being sent out and check for data leaks & compliance. Request a demo today.
Request Demo

This site uses cookies

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Got it!