November 2, 2024 • 48 mins
In this special election episode, we sit down with Gov. Rick Snyder, an entrepreneur, a former VC, and a leader whose career is unique in depth and breadth, spanning both the public and private sectors.
Rick Snyder initially made his mark as COO of Gateway, where he helped the company grow revenue from $600 million to $6 billion to IPO. He then co-founded venture firm Ardesta, which stands for “spark” in Greek. After two fund cycles, he transitioned from business to politics, serving two terms as Governor of Michigan. Post-governorship, Rick Snyder returned to the entrepreneurial world, co-founding SensCy, a cybersecurity company focused on helping small and medium-sized businesses defend against growing digital threats.
Drawing from his experience in both public office and tech entrepreneurship, our episode with Rick Snyder brings unique insights into the intersection of technology, government, and cybersecurity. We speak with Rick about cybersecurity, its importance in elections, and what startup founders need to keep in mind when selling to the public sector. In addition, we cover the importance of securing small and medium-sized businesses, and what startup entrepreneurs should do to develop personal resilience.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Sid Trivedi (00:04):
Welcome to Inside the Network. I'm Sid Trivedi.
Ross Haleliuk (00:08):
I'm Ross Haleliuk.
Mahendra Ramsinghani (00:10):
And I am Mahendra Ramsingani.
Sid Trivedi (00:12):
We've spent decades building, investing, and
researching cybersecuritycompanies.
On this podcast, we invite youto join us inside the network,
where we bring the bestfounders, operators, and
investors building the future ofcyber.
Mahendra Ramsinghani (00:30):
Today, in this election special episode of
Inside the Network, we welcome aunique entrepreneur whose career
spans multiple domains, publicas well as private. Rick Snyder
is the former 2 term governor ofMichigan, and now a co founder
of a company called Sensei,which is short for Sensible
(00:51):
Cyber. A visionary entrepreneur,a seasoned venture capitalist,
and a transformative publicservant, Governor Snyder's
career is a master class in itsdepth and impact. He first
rocketed to prominence as achief operating officer of
Gateway Computers where heorchestrated a staggering
(01:11):
tenfold growth from 600,000,000in revenues to over
6,000,000,000. Managing 13,000employees and completing a
successful public offering.
He then went on to co foundArdesta, a venture fund whose
name means spark in Greek. It'sfitting metaphor for Snyder's
(01:31):
ability to ignite innovation andgrowth. But it was his next move
that truly sets him apart.Transitioning from the boardroom
to the campaign trail, Snyderran for governor of Michigan
with the unforgettable slogan, 1tough nerd. For 2 consecutive
terms, he steered the state ofMichigan with a laser focus on
(01:55):
fiscal responsibility, jobcreation, and technology driven
progress.
Now in a full circle back to hisentrepreneurial roots, Snyder
has co founded Sensei, a rapidlygrowing cybersecurity startup,
which has secured over a 100customers in his 1st year of
operations. In full disclosure,my investment firm Secure Octane
(02:20):
is an investor in CEDSCI. As wenavigate an increasingly complex
digital landscape and a highlycharged political climate,
Governor Snyder's unique blendof technology savvy, savviness
and governance experiencecouldn't be more relevant. He
brings unparalleled insightsinto this critical intersection
(02:44):
of technology, governance,politics, and cyber security.
With the election season uponus, there is no better person to
speak about this crucial role ofcyber security and, of course,
there is no better person tospeak about startups and
building companies as well.
Let's get started.
Sid Trivedi (03:03):
Welcome, Governor Snyder, to Inside the Network.
Rick Snyder (03:06):
Well, Sid, it's great to be with you, and please
call me Rick. I mean, I was inpublic service, and I got called
a lot of names. So Rick is apretty positive way to represent
things rather than the formalversion. So let's keep it
simple. It's great to be withyou.
Sid Trivedi (03:20):
Well well, I I will try to I'll I'll just try to
call you Rick in that case. Wewon't use any of the the more
complex names you've had overthe over the years as governor.
Well, Rick, we're gonna gothrough a couple of different
things, you know, in yourjourney. We'll start with cyber
and its importance in elections,which is certainly a
conversation right now in kindof the political environment.
(03:43):
We'll talk a little bit aboutyour journey with Sensei, your
newest startup, and then we'lltalk broadly about
entrepreneurship, fundraising,capital, and other topics.
So let's start with cyber andthe importance on on elections,
and maybe let's just start withkind of your background. Rumor
has it that you are the youngestpartner at a CPA firm.
Rick Snyder (04:03):
Well, let me put it to you this way. I'm 66. I'm on
my 5th career, and the reasonwhy is I'm a nerd that doesn't
play golf. So what are you gonnado? So I've had a very varied
career during my lifetime.
I was at Cooper's and Lybrand inthe eighties, which is now
PricewaterhouseCoopers. I was atax partner and then an m and a
(04:23):
partner. And I made partner in 6years. That was pretty cool. In
the nineties, I actually went togateway computers and I was the
number 2 guy there working forTed Waite.
That was a blast. That was thegolden era of PCs. So we grew
from 600 people to 13,000. Wegrew from 600,000,000 to
6,000,000,000 in revenue. Wewere became a fortune 500
(04:44):
company.
Just incredible. So that was ablast. And then Ted wanted to
move the company to California,and my family and I moved back
to Michigan. So in the 2000s, Idid venture capital. Not as good
as you do, Sid, but I wastrying.
I had $200,000,000 venture firmslargely doing the toughest work.
We were doing university techtransfer for most of our
engagements and trying to buildan industry in Michigan, and we
(05:06):
built some cool companies. Andthen around 2009 or so, looking
at Michigan, it was a disaster,our state. We are 50 out of 50.
So my wife called me out andchallenged me to run for
governor, and I ran.
The interesting part, you mightfind this interesting, is I
would meet people that said, doyou know if you apply the margin
error, you could be a negativenumber, in the polling? So I
(05:28):
call my early supporters themargin error club and it proves
good democracy still works. Igot elected for 2 terms and did
that during the 20 tens and then8 years. There are term limits
in Michigan. I was out of a job,and what else do you do?
You go do a start up. Andcybersecurity is a passion I've
had my whole life. One thing Itell people, I've been the
(05:49):
beneficiary of amazingtechnology for 30, 40 years.
People find it hard to believeit's been going on that long,
but it has. And I view if you'regonna take be a beneficiary of
that technology, it's importantto be equally responsible about
the scary things, the negativethings, and that's
cybersecurity.
So I'm pumped up. I view it as away to keep on giving back and
(06:10):
to do it in a young company tohelp the public because we have
a calling in our company to makesmall and medium sized
organizations safer. It's a goodcause. We need to do more.
Sid Trivedi (06:21):
Rick, I was, you know, it's it's funny. You've
had these kind of 6 differentcareers, and most folks after
they finish their, you know,their journey as governor, they
would typically go into aspeaking circuit or retire.
Obviously, you don't play golf,but many would go and take off.
But you chose not just a path tokind of, you know, a very
(06:43):
traditional path of going on thespeaking circuit or starting
some type of nonprofit or doingsomething that candidly would be
less work. You chose an a veryactive path, which is being a
founder and going into acategory like cyber, which is a
a category with a lot offounders and a lot of
cybersecurity companies, over4,000 from what we know, at
(07:04):
least.
Why did you choose that path? I mean, you talked a
little bit about your personalpassion for cyber, but you could
have gone and spoken about cyberat conferences instead of being
a founder.
Rick Snyder (07:13):
Yeah. No. I appreciate that. Well, first
thing I'll tell you, this goesback to starting companies and
the venture capital and allthose days. Starting a company
is not a fully rational act.
You gotta be a little bit crazy.And what do I mean by that is
it's it's about seeing somethingthat other people don't see
because if other people saw it,it'd already be done. And when
you look at cybersecurity,you're right, Sid. And and you
(07:35):
know this, the although you guysknow this probably better than I
do, there's a tremendouslysuccessful cybersecurity
industry out there. The issue isis that industry was built
largely for enterprise.
It was built to handle largeorganizations, and it does it
well. And how does it work isyou build some incredible
technology product that tends tobe fairly specialized that then
(07:59):
these big organizations havereally smart people that are
cybersecurity experts or ITexperts. They know how to source
them, buy them, implement them,use them, and they're still
getting hacked. There are abouta half 1000000 of those
organizations in the UnitedStates, big enterprises. So then
the question comes, what aboutthe 6,000,000 small and medium
sized organizations in thiscountry?
(08:22):
They're largely sitting ducks,that are living on borrowed
time. If you and we've got thedata to back that up, to show
how risky it is out there forthese organizations. Who's there
to help them? So I view this asa real calling. This is a way to
go help people make them safer.
And it's something that's badlyneeded in our nation. It's
(08:43):
needed in the world. And so wesaw something. I had some great
cofounders. Let's let's be thosecrazy people and go do something
about it.
So what the heck? We've foundedSensei, which is short for
sensible cyber to, bring it tosort of I I don't want, cyber
people to take it wrong, butthey think of most of us like
we're from Mars, that we don'tspeak normal language because we
(09:07):
use all these acronyms. And ourgoal is to do it in plain
language with regular people.
Sid Trivedi (09:12):
You know, I think the one thing you said about
when you started this comment onon startups, it reminded me of
another episode we had withMarty Roche, the founder of
Sourcefire, where he said, we dothese things because, not
because they were easy, butbecause we thought they were
easy. And I think that'sprobably the best way to put it.
Rick Snyder (09:31):
No. It's true. You gotta be you just go for it. And
this is the this is what makesthe, you know, an entrepreneur a
real entrepreneur is do you havethat personality profile to
persevere, not to be deterred?Because there's no organization
that there may be a start outthere that was the perfect one
that hit everything right andhad everything happen, but
stuff's gonna happen.
(09:52):
And the real question is, how doyou respond? And I also like to
say is, are you used to thatfast paced environment where you
have to do everything frommaking the strategic decision to
go make the copy? And a lot ofpeople aren't suited for those
kind of environments either. SoI I love doing start up stuff.
And, again, I'm willing to signup to say I'm a nerd, but I'm
also a little crazy.
Ross Haleliuk (10:13):
Yeah. Talking about stuff happening,
cybersecurity is increasinglybecoming more and more vital in
ensuring the integrity of theelections, critical
infrastructures, and publicservice. You pioneered an
interesting partnership calledthe Michigan model, which was
widely shared by all the statesby the National Governors
Association. Could you share thegenesis of this innovative
(10:35):
program?
Rick Snyder (10:36):
Sure. So when I became governor, this was back
in 2011. Cybersecurity was notbeing done very much or very
well by state government or bygovernment, period. And so I
thought we needed to dosomething about it. And so we
started a significantinitiative.
Actually, 2 of my cofounders andsince I were part of that, David
(10:56):
Behan was, chief informationofficer for the state of
Michigan, and then Dave Kellystood up and ran the cyber
command for the Michigan StatePolice. So we collectively said,
we wanna make Michigan the best.We wanna be that role model, and
we did. And it's really cool.The National Governors
Association, if you go ask themodel for good state government,
they'll talk about us.
(11:17):
But it was about first well, Ishould say it's 2 or 3 levels.
One level was hardening thestate government itself, doing
all those good practices,following the National Institute
of Standards and Technologycybersecurity framework, and we
did that. One fun story I'llI'll tell you is, so we started
cyber awareness training, and itwas the famous one. David would
be traveling around, and hewould be doing follow-up, and he
(11:39):
had found cabinet directors,people running huge departments
saying, you know, they hadn'tdone their cyber awareness
training. And so David said, whydidn't you do it?
And they'd say, hey. I'm toobusy. And David would say, well,
the governor finished his. Andthey said, well, I'll get mine
done. So that's the kind ofculture we brought to state
government, but we also wentbeyond state government.
We went out to the industry. Wewent out and brought together
(12:01):
the infrastructure companies,the utilities, all those
companies in Michigan. Webrought together health care,
and we brought togetherfinancial services. And we
brought them in councils wherewe could have open discussions
about how we could help them bebetter in each one of those
areas. And we actually passed alaw to allow better sharing for
information because thesecompanies were worried about
(12:22):
sharing too much with the statebecause of FOIA, the Freedom of
Information Act.
We actually made it so we didn'thave to disclose everything that
if we learn something, we couldbe that party sharing it with
other parties to get goodinformation out. And I think
that was very forward looking.We also created something, and
I'll give you the far out one.We created the, cyber civilian
(12:43):
corps, because the question isis if we had a massive cyber
attack in the United States,would we have the resources to
respond? And the answer is no.
We would not have enough peopleto do what needed to be done. So
I said, how would we handle thisif it was a non cyber incident?
Well, the answer is you'd callit the National Guard. So I
said, let's build a group likethe National Guard that are the
(13:06):
citizen cyber warriors. So weactually created this group
because and I went to thefederal government to say, can
you make this part of theNational Guard?
They laughed at me. But can wecreate something to do that? So
we actually created a core ofindividuals, and we passed a law
to give them some immunity sothey could work on companies in
the right situations withoutworrying about legal liability.
And we trained them up, and theywere so excited to help, and
(13:29):
they're there to be called outif we had a massive cyberattack
to go help other parties. Isn'tthat how should we we should act
as Americans helping oneanother?
And it's interesting now.Congress has now sort of taken
up this idea. They forgot whereit came from. This goes back to
2012. But I hope, eventually,the federal government will
figure it out and add it to theto be a component of the
(13:51):
National Guard.
Mahendra Ramsinghani (13:52):
I think that's the classic advantage
that you get when you havesomebody who's been a chief
operating officer of a publiclytraded company and a VC stepping
into the role of a governor.You're able to think about how
these public privatepartnerships can come together
effectively. Our next questionsort of leads into this balance
of regulation and cybersecurity.On one side, we see the
(14:17):
standards that NIST propagates,which are very helpful to all of
us. But on the other side, wealso hear in the industry that
some of these regulatoryoverhang is punitive, it is too
heavy handed.
And how can that balance bestruck between not being too
heavy handed yet beingefficient? In fact, I remember,
when your first term was inprogress, you had announced over
(14:42):
a 100 different outdated lawsthat were affecting the industry
that needed to be cleaned up. Soif you had a whiteboard and you
had to strike the right balance,what are some things, you you
would recommend that, should bedone?
Rick Snyder (14:57):
Yeah. Great question, Mahendra. And we did.
We got over rid of over 2,000regulations. And we do need to
do more in our country.
We all know that on this call.So what I would suggest is is
the NIST program of coming upwith standards is a good idea.
Requiring things to be done isnot a great idea generally. And
(15:17):
I'll give you a greatillustration in another context.
The first bill I signed asgovernor was called MEEP.
How's that for another acronym?It was the Michigan
Environmental Assurance Program.And what it was was for the
farmers in Michigan. And if youwanna get a group of farmers
mad, tell them you're gonnaregulate them. Same thing with a
bunch of cyber entrepreneurs orIT entrepreneurs.
(15:39):
You're you're gonna get them madif you try to regulate them. But
what we did is we came up with aset of voluntary standards that
we could certify them on andthat they could use that
voluntary standards that wecould certify them on and that
they could use that in theirmarketing and go tell people
about how they'd met certainstandards. And the farmers loved
it. Again, we didn't have toforce them. They wanted to do it
because they knew their thesewere better practices.
(16:02):
These were good, smart things todo. And if you drive around
Michigan, you'll actually see awhole bunch of signs that are
these MEEP signs saying they'vebeen certified in this area,
certified in that area. So thisis a problem with government is
too often there's attitude is wegotta prescribe things for
people. We gotta tell them whatto do rather than saying, how
can we come up with common sensestandards and get more people to
(16:24):
help one another achieve thosegoals? So I think there's a much
better positive path to say,let's get on board and do it for
the right reasons and let peopletake credit for doing good
things that are helping othersand helping make themselves
safer.
Ross Haleliuk (16:37):
Rick, when you're talking about the things you
did, it surely sounds like it'seasy to get different parts of
the government to talk to oneanother and to work together.
But we also know that that's notquite true. So I'm curious. What
would you say the startupfounders need to know about
partnering and working with thegovernment in order for them to
be successful at what they'retrying to do?
Rick Snyder (16:57):
The first thing you have to do is sort of put
yourself in their shoes. Again,you're you're talking a big
cultural gulf there. And theillustration I'll give you is I
mentioned how I did venturecapital, and I was doing
university tech transfer deals.And that's really tough. And one
of the reasons a lot of dealsnever happened is you had, like,
fast moving entrepreneurialpeople ready to go, and then you
(17:19):
go talk to an attorney at auniversity.
And I can tell you that a lot oftimes us fast moving
entrepreneurs coming in to talkto this university attorney
would say something that was sooffensive to that university
attorney, you would show up onthe bottom of their stack fairly
quickly, and you'd never knewwhat you said that was wrong,
(17:41):
rather than putting yourself intheir seat and coming up with a
mutual way to benefit, to comeout ahead of doing that and
understand where they're comingfrom. So the same thing's true
of any situation of put yourselfin the position of the person
you're trying to interact withand look for that win win. If
you get on that parameter wherethey view it as a win lose, you
know, you're in trouble,particularly if it's a
(18:03):
government regulator. So the mymodel is always what's the win
win because that's building arelationship. If you have a win
lose, that's a transactionthat's not sustainable.
And and working with thegovernment, you may not even
have a transaction or get out ofthe gate.
Sid Trivedi (18:18):
Rick, obviously, this is a unique time period. We
have a a a very big electionseason. And certainly on
November 5th, here in the UnitedStates, citizens will go out and
vote. You you've held publicoffice. You have a perspective,
and talked a little bit aboutthe Michigan model.
But just for the public, howconcerned should the public be
(18:39):
about the likelihood of nationstate threat actors trying to
influence the elections usingcybersecurity? And broadly, how
concerned should the public beabout the potential for cyber
warfare, which is very differentto kind of like a hacker coming
in and stealing a little bit ofmoney here and there.
Rick Snyder (18:58):
Yeah. We should be concerned. It is a real issue.
It's not something to, beparanoid about, but we do need
to do more and we need to bethoughtful about it. Generally,
our election system is verygood, very safe.
The last election was very goodand very safe, regardless of
what anybody says. One thingthat really makes it work is the
distributed nature of thesystem. It is very distributed.
(19:21):
I mean, you're talking down toprecincts or talking about
townships or counties orvillages that are independent of
one another that you can do agood job. That also presents the
challenge though because theydon't understand cybersecurity.
So that's where we need to worktogether to make sure they have
some good practices. But to dowide scale stuff would be
(19:43):
extremely difficult from acybersecurity attack side. And
you're right, sir. It's notgonna come from the the cyber
criminals. It's a nation stateissue.
If you and I actually havetalked about this before. I
wrote a piece once. If you areactually going to do a cyber
attack in the most efficientfashion as a bad nation state
(20:03):
looking at us, is what youshould do is go find 2 or 3 of
the swing precincts orcommunities. You would go to
Michigan, Pennsylvania, Georgia,you know, like in those
elections where, you know, theelection's getting decided in
these places, and you wouldspecifically target them and
(20:23):
mess with their results and tryto get that out. You would
actually publicize the fact thatyou messed with them because
then you would create thiscreeping thing to say all the
other ones are okay, but theones the swing ones that decide
the election are biased.
That's the greatest threat froma pure cybersecurity point of
view. So what I would say,again, we can't do every place
(20:45):
in the country. We shouldprioritize those swing places as
the places that deserve thegreatest attention and need the
greatest amount of help because,again, they don't have the
resources on their own. So Iwould focus on that from a
cybersecurity side. The biggerissue in our elections is not
pure cybersecurity.
It's misinformation, and that'swhat we're seeing today. And
(21:07):
that is a really scary thing.The amount of misinformation,
you know, is not what we reallydo as cyber people. But if
people ask me what's my greatestconcern or threat to elections,
it's misinformation more than acyber hack at this point. But,
again, I would go back and tryto figure out those swing
districts and do whatever elsemore we could help them.
Ross Haleliuk (21:26):
There are indeed many problems when it comes to
cybersecurity. And the good newsis that despite everything that
you're hearing on the dailybasis about, you know, the
elections and then thecybersecurity around the
elections, there are manyentrepreneurs working very hard
on trying to solve a lot of theproblems we are discussing here.
And one of the companies, we wewe get to talk about today is is
(21:49):
the company you are leading, isSensei. Sensei provides a FICO
like score to measure thecompany's cybersecurity health.
Tell us more about thisapproach.
We know that cyber threats areconstantly evolving. And given
that, how does this score adapt?And why do you believe the
business owner should startcaring?
Rick Snyder (22:07):
Yeah. Thank you for asking, Ross. I'm very proud of
how we created the Sensei score,because it's easily
understandable, and it's basedon the best framework. It's
based on this. So one of mycofounders, Dave Kelly, actually
went through the framework andbroke it down into bite sized
chunks to say, let's make theseinto a questionnaire.
(22:30):
So we have 39 questions,collects over a 100 and some
data points. But to make itreally work, we build an
algorithm to go with that. Weassign points to each one of
those items, and we did it basedon our experiences. So that's
where our know how came in. So,for example, you get more points
for cyber awareness trainingthan for, you know, how you do a
backup.
(22:51):
So we assign these points. Andto make it understandable, we
build it on a 1,000 point scale,and we made it like a credit
score. So like you said so theway I describe it is if you're
800 or better, we tell peopleyou're in the safer zone. If
you're 6 to 800, you're in theimproving range. If you're below
600, you're on borrowed time.
You're in the red zone. And Iusually say you have three main
(23:13):
choices. You can stream starwars, learn the force. You can
go to religious services, or youcan get help from somebody like
us, or get help because you needhelp. So the wild part of that
is is we originally did that.
The Sensei score was created aspart of our normal solution. We
do a wraparound service for anannual subscription for our
(23:34):
clients. And to start thatprocess, we were doing the score
and then building a health plan.The score is so cool. We broke
it out and said, we'll do ascore for anyone for free.
So you can go to a Senseiwebsite and do a score unguided
if you'd like, if you knewenough. We prefer to do guided
because a lot of times peopledon't even understand all the
questions. But we've collectedseveral 100 scores and did a
(23:57):
report about that. So to giveyou an idea, after doing
hundreds of scores so this isstatistically significant for
the United States, fororganizations. The average score
was 488.
That's scary. It's interesting.Our average client score was 333
because we had clients that knewthey needed help. But only 5
(24:18):
only about 6% of companies are800 plus, 25% are between 6 and
800, almost 70%, 69% are below600. The United States is in
serious trouble.
Sid Trivedi (24:31):
And on this topic, I mean, obviously, you published
these survey results. What werethe top cyber challenges for
businesses and what were some ofthe misconceptions that have
continued to prevail?
Rick Snyder (24:43):
Yeah. The issue is the missing pieces are fairly
pervasive. I mean, a lot ofthese are actually back to the
basics. I mean, passwords,complex passwords, multifactor
authentication are missing fromthese organizations. One of the
ones that scare me the most, andit's more on the response and
recovery side, but it reallyillustrates the point because we
do a lot, you know, on thedetection prevention identify
(25:05):
side.
But the lack of incidentresponse plans is really scary.
I mean, it's in the 60 somepercent range of organizations
that don't have an incidentresponse plan. And let me tell
you the way I go to people, Isay, okay. Do you have a fire
evacuation plan in yourbusiness? Yes.
If you're the central part, theMidwestern part, do you have a
(25:26):
tornado plan, sheltering plan?If you're unfortunately, that is
terrible, what Helene and allthis. Do you have a hurricane
plan? Yes. And they'll say, doyou have an incident response
plan for a cyber attack?
And then you like to ask people,what's the most likely of those
three things to happen? It's thecyber attack. And then it's easy
to point out to them. And,again, I always question the
(25:48):
data to some degree, but I'lluse the general industry norm,
is if you don't have an incidentresponse plan, you're down for
22 days. If you have a goodincident response plan, you'll
be back up within 1, 2, or 3days.
What a difference. I mean,what's gonna happen to your
business in those 3 weeks? Imean, you may not be in business
still. So this goes to the pointabout how poorly prepared we are
(26:10):
and why we need to help oneanother.
Mahendra Ramsinghani (26:12):
Governor, when you started since I
Rick Snyder (26:14):
think there was Richnell, Mahendra. You're
you're going back to governor.
Mahendra Ramsinghani (26:17):
Sorry. Sorry. You know, I lived in
Michigan. Once a governor,always a governor. I have to
somehow snap that, synapse in mybrain, but I'll try.
Let me drag it. When you startedSenSci, you had this notion of
RPA, you know, which was Ithought was very refreshing.
(26:39):
Maybe you can define what RPAmeans for our audience, and then
I have a follow-up question,which, I'll come to that.
Rick Snyder (26:44):
Yeah. So RPA actually goes back to when I
became governor because I havethis attitude, this positive
attitude about solving problems,and people would keep on bugging
me. What's this all about? Youdon't criticize anyone. You're
not calling anyone names.
You're not blaming anyone else.You you're just out working
trying to solve a problem. Andso I didn't know what to do. So
(27:05):
being an accountant, I did thebest marketing I could. I came
up with a name for it.
And the name I came up with wasrelentless positive action. So
what is relentless positiveaction? It's no blame, no
credit. What's the problem?What's the solution?
And be relentless in pursuit ofsolutions, which in the
government context was reallyimportant because you don't get
everything you want. A lot ofit's compromised negotiation,
(27:26):
and I view it as, yeah, be happyif you got 50% of what you're
shooting for because you can gowork on the next 50 next time.
Mahendra Ramsinghani (27:33):
In fact, I do remember during your 2nd
term, there was a televiseddebate you had with one of the
lead candidates who wascompeting for the governorship.
And during that entire debate,you never put any blame. And
after that televised debate wasover, I remember a lot of us
saying, That is a model debate,or at least how a model
(27:53):
candidate should behave. Ofcourse, things have gone in a
very, very different directionover the years. But using
relentless positive action incybersecurity, which the
industry uses this other acronymcalled FUD.
If you talk to the CISOs or thebuyers, most of the salespeople,
practitioners, try to use fear,uncertainty, or doubt. And the
(28:15):
seesaws are constantly in thisstate of mind of what's the next
thing that's going to happen tobe. This product salesperson is
using all kinds of pressuretactics. Speak to us about the
culture and how this culturalshift needs to occur.
Rick Snyder (28:29):
Yeah. Because a lot of it is too often people look
at cybersecurity as a binaryproposition. It's like you'll
buy this whole suite of packagesand you'll be safe. And if you
don't buy this, you're unsafe.No one is safe.
I clear that up with peopleright out of the gate. Anybody
that uses the word safe in asales pitch or any context for
cybersecurity is full of it. Youcan be safer. And using
(28:53):
relentless positive action tosay is overnight, you're not
gonna be able to do all thethings you should. So I'll go
back to our score.
If you have a score of 333, youdon't flip a switch and you're
at a 1,000. The question is,what are the most important
things you do next to be safer?And how do you approach that in
a fashion that's reasonable,rational, aggressive? Because,
(29:14):
again, you don't wanna bepassive about this, but how do
you start moving in that the theright direction? And every step
you take, you're gonna be saferby doing additional activities
on that path.
So get on the path to beingbetter off. I tell people, who
often people think aboutcybersecurity as a technology
issue? It is not. Technology isa critical important to it. But
(29:36):
I say the number one prioritywhen I talk to someone, I'm
trying to get them to go from apassive or a non culture to an
active cybersecurity culture.
If you have an activecybersecurity culture, you're on
the path of being safer. Andwhat I tell people, I
understand. It's not the onlyday cybersecurity for most
(29:56):
people, we're not normal people.We're a little weird. We're in
the cyber world here, is the dayyou get hacked, and then it's
gonna consume your life.
So I said, I never want it to beyour top priority, but it needs
to be a priority where you'reactively working on being safer.
That's RPA.
Sid Trivedi (30:12):
I wanna move things from from SENSA and talk a
little bit aboutentrepreneurship in more general
terms. And you flagged howyou've had this wide array of
experiences, these kind of 6careers across both the private
sector and the public sector.You've been a founder. You've
been a VC. You've been a CEO ofa multibillion dollar public
company.
(30:33):
You've been governor. Whatadvice do you have for younger
founders who are starting thisjourney and particularly
starting it during a complextime in the world? I mean,
there's just so many thingsgoing on. There's the
macroeconomic situation. There'sgeopolitical unrest.
There's obviously civil unrestthat we have in the country.
(30:53):
What advice do you have justbroadly for founders on how to
navigate the environment?
Rick Snyder (30:59):
Yeah. I'd give them 3 things. First, recognize it's
a team sport. And it's alwaysinteresting to me that when you
go to universities and colleges,they talk about their
entrepreneurship programs. And Ithink a lot of them are
mistargeted.
And what do I mean by that? Theyget caught up in this sole
founder thing that there's thispersonality that and, again,
(31:22):
it's wonderful to have that andit does work. But if you look at
all those situations, typically,there's an a few other people
that are with them that don'tget the credit the same way,
don't get the attention, peopledon't recognize them, but it
wouldn't happen without them. Soit's teamwork to find the right
team of because everyone well,not everyone recognizes it, but
(31:44):
you have a certain skill set.You need those complimentary
skills in a start up, in all thedifferent areas to be successful
usually.
So teamwork's the first thing.The second one is the planning
model. I don't believe intraditional planning. My model's
vision engage accelerate. If youdo traditional planning, you're
gonna die of old age before youget it implemented.
(32:06):
So it's a common sense visionand you go. You engage and learn
out what's going on in the realworld. Pilots, you know, beta
customers, alpha customers, findout what's really going on. And
after you have some experience,stop and adjust to what that
real world experience is. Andthat again, if I ask each one of
(32:27):
you, how often have you seen anearly business mile shift once
they've actually started doingthis alpha beta stuff and
learned that we thought themarket was here, but to make it
work, we had to step back andmove it to the right or left or
up or down.
And then once you have that,then you accelerate, then you
go. So that's the other thing.The third thing is and people
(32:48):
underestimate this, and nooffense, you guys are great
capitalists. Getting the capitalis critical, but they tend to
underestimate the firstcustomer. And it's about showing
real commercial use of whatyou're doing.
So when I do economicdevelopment program, I have been
doing economic development for along time. We had to strengthen
the capital network in Michigan,but we did a really cool program
(33:11):
called Pure Michigan BusinessConnect. And what we did is we
went to the big companies inMichigan and said, can we get
you to change how you're doingthings instead of doing your
normal procurement process thata young startup never could
adapt to and you'd never givethem the time of day and figure
out how to put it in easy termsand give them a shot at doing
that work. And we didn't have topay them a lot of money. I mean,
(33:35):
they understood the principleand they did it.
And literally, it led to1,000,000,000 of dollars of
extra sales in Michigan, but itwas that first customer for a
lot of young companies. Becauseonce you have that, then it's
easy much easier for you guys todecide to invest in someone if
they can see, you know, you'veproven it out with this customer
and it's a reputable one and youwanna go.
Ross Haleliuk (33:54):
Yes, Rick. Getting that first customer is
definitely a critical milestone.In fact, probably much more
critical than even raisingcapital. And yet fundraising is
still incredibly important. Youhave been a VC yourself, and now
back on the other side of thetable raising, capital for a
startup.
How has the experience been foryou? And what advice would you
Rick Snyder (34:16):
Is it happy hour yet? Are there cocktails now
available for this discussion?
Ross Haleliuk (34:22):
Not yet. Not yet.
Rick Snyder (34:24):
So no. You're on the other side of the world, and
it it's a challenging world, andyou gotta get used to being told
no. I mean, that's part ofdefining an entrepreneur. A lot
of people would quit. So ifyou're gonna go out and do this,
you gotta assume you're gonnaget 20, 30, 40 nos from getting
that first yes and be ready forthat and learn from the getting
(34:49):
those nos.
Every time somebody tells youthat, you're gonna learn
something about what they thinkof your business model and how
you need to adapt that. So it isa challenge. One of the jokes
given my history is a lot oftimes when I I was doing
venture, I I ended up becomingchair of the board. And the
reason was I wasn't smarter thananybody else. But since I'd been
on the founder side and I was onthe VC side, I wasn't I could do
(35:12):
universal interpretation, youknow, like that translator
thing.
Because if you think about it,the founder CEO generally took
the money, but didn't love theirVCs very much. And didn't like
the fact they had people comingin telling them what to do. At
least in their perception, theywere being told what to do. And
if you're the venturecapitalist, you're going there
(35:33):
that I'm giving this personreally good advice. I've done
this 10 times, and they're notlistening to me.
And it's very frustrating. Andit was like, here's the steps
you need to take. We know how tobuild companies. We know how to
do all this. We know how tohopefully make you wealthy if
you we work together.
And it's like, they're going,this guy is driving me nuts or
this woman's driving me nutsbecause they're not listening.
(35:54):
So I found it really valuablehaving been on both sides that I
could go to one side or theother and say, let's just notch
it back a couple steps. Let'sstep back a little bit, and now
let's let me explain to you whatit looks like from their side.
And understand this back to thatearlier point about how do you
do the win win and how do youlearn to give trust to people?
(36:15):
How do you initially learn togive trust?
Because the only way you buildtrust is by giving trust that's
got reciprocity to it, that'sgiven back. So when you're doing
this board thing or you're doingthis dance, it's like, don't
think about win or losses. It'slike, I'm not trying to get the
best terms for my VC because Idon't want them they gotta win
too and vice versa. It's like ifI'm negotiating with this
(36:36):
founder, I don't wanna squeezethem so hard that they feel
they're gonna lose. That's a badanswer.
So how do you come up with winwins, and then how do you build
this trust relationship? Becauseonce you build that, then things
go a lot more smoothly.
Ross Haleliuk (36:48):
Yes. And, Rick, having been on both sides, what
advice would you have for theinvestment community?
Rick Snyder (36:53):
Try to find old guys like me. They have been
around because a lot of cases,it's like people just lack the
experience. And, again, thetemperament to understand people
mean well. I mean, anytime Iwork with anyone, I don't assume
somebody's a bad person. I mean,there are some bad people out
there, but you sort through thempretty quick.
(37:14):
And learn to have the experienceof maturity to just not
overreact too quickly and tolisten and learn and be better
for it in terms of going throughthat process. One quick story
I'll share with you from the VCside, when I always did it, we
literally because we wereworking with university
professors. I would literallygive them a list of the best
(37:34):
attorneys in town in the areathat they were in to represent
them. Because my nightmare doinga deal was for the person on the
other side to have a crummyattorney. I mean, somebody that
didn't know how to deal, thatdidn't understand things because
the problem was is that wastheir trusted person.
And if they're getting badadvice, there's nothing I can do
about it. So they alwayswondered, why would I do that?
(37:56):
It's like, no. I want you tohave somebody really smart,
really good, really experiencedon the other side because
they're gonna help you navigatethrough this, and things are
gonna go a lot better.
Mahendra Ramsinghani (38:05):
One of the things you talked about, Rick,
was, going through challengingtimes, how you take 20, 30, 40
noes from every investor as youraise capital. And if you widen
the aperture in your career as achief operating officer of a
publicly traded company, in yourrole as 2 term role as governor,
you know, as a VC, there havebeen lots of ups and downs. I
(38:28):
remember once when I visitedyour office, I saw some shiny
stones that were kept along thelegs. And you talked about how
you used that as one of yourtechniques to disengage. Talk to
us about some of your techniquesof building your emotional
resilience, that, that ouraudience would care about.
Rick Snyder (38:45):
Yeah. So I'll I'll give you a couple illustrations.
When I was at Gateway, weactually had a activist hedge
fund come after us for seats onthe board and everything else.
That was stressful. The coolpart is is you can actually go
do a do a web search.
You'll find the activistinvestor joined our board. And
today, he'll talk about how goodit was and how well we worked
(39:06):
together because that goes backto win wins and building trust.
He didn't know everything goingon in the company. Once we got
him in, I could explain more tohim and we worked things out,
and he was a value add in termsof that process. When I was
governor, my honeymoon ended myfirst budget.
We had a multibillion dollardeficit in our state. I had to
come out with a budget that cuta lot of people. I had 100,
(39:28):
thousands of people out on theyard by the capitol calling me
names. That's why Rick is apretty good choice these days.
And so I had a lot of protests.
And but always what helped meget through that was
understanding that's freespeech. They have the right to
do that. There are 100 or 1000,but I represent 10,000,000
people, and they're representingtheir interest. I'm here to
(39:49):
represent all those people, soyou had to put it back in the
big picture. So in the startupcontext, the other thing I would
say, and we talked a little bitabout it, is when you run into
that wall, when you run intothat challenge or you're all
stressed out, don't just keepwalking into the wall.
I always recommend people take acouple steps back and change the
focal point. Broaden your basein the focal point and look at
(40:12):
it, and you may see an open doorthere that you didn't see
because you are so busy walkinginto the wall. The last one I'll
give you is a test I I've sharedwith my kids. I call it the 5
year rule. And what's the 5 yearrule?
Is to think about life in 5years and ask yourself the
question, how material is thisin my life 5 years from now, not
(40:32):
today? And almost anything youdeal with will be in a much
better perspective. It may lookterrible today. You may think
your life is over. But in thebig picture 5 years from now,
it's like, did you eat crow?
Did you have a mess? Did youmess up? Did something go wrong?
But 5 years later, hopefully,you're bigger better and
stronger for it, and you'velearned something.
Mahendra Ramsinghani (40:52):
You know, one of the interesting
dimensions of your startupjourney as a CEO has been, the
fact that, you're now on thepublic affairs advisory board of
$100,000,000,000 company, calledPalo Alto Networks. So these are
wide spectrums. On one side, youhave a startup. On another side,
you have a very large company.How do you navigate this kind of
(41:14):
a spectrum, and what are somewin wins that you can develop in
this kind of a scenario?
Rick Snyder (41:19):
Yeah. Well, the cool part is I'm a nerd. I love
to learn about everything. So itit actually complements one
another. Because, again, they'revastly different, and we're in
vastly different markets.
We don't really compete. They'reenterprise. We're small and
medium sized organizations. Butwe have a common interest,
cybersecurity, and how tocommunicate that. Because,
(41:40):
again, I I sort of mentionedthat early on is to most of the
world, we're weird people.
We're aliens. We're like fromMars. We speak a strange
language. We use acronyms. It'stough to understand stuff.
But by working with them, howcan we make people safer? That's
the point to never forget.Again, what's the vision? And
the vision is a safer world.They're a huge success story.
(42:02):
They've done tremendously wellat it. I'm hoping I can give
them good insight on how theycan particularly do that in the
public sector. So it's an honorto work with them. And then at
the same time, I'm hearing howthey're handling these huge
issues, where how artificialintelligence is affecting
things, how all these otherhighly sophisticated things are.
We're back in sense, I we'rehoping to get somebody not to
(42:25):
reuse a password in many cases.
So they sort of complement oneanother, and I think that's how
you'd be better and stronger isby broaden your portfolio.
Sid Trivedi (42:34):
As we wrap things up, Rick, you've talked a lot
about, you know, advice forfounders, advice for VCs,
general advice for the public.What advice do you have for the
cyber industry? And if there'sone thing you could change, what
would that be?
Rick Snyder (42:49):
I think it's working hard to communicate to
real people more effectively andto get the concept about we're
not trying to terrify you, butyou can't ignore this. And we're
not trying to tell you thisshould dominate your life
because it shouldn't. Itshouldn't be your top priority.
But if you don't put it on yourlist, if you don't do something
(43:11):
about it, you're at real risk.And sooner or later, you're
gonna get hit.
And we don't wanna see thathappen. The second part of that
is once you define that to them,we also need to work harder
about giving them a rationalpath to get through it. And,
again, this is simple steps.That's where the sensei score is
cool because we can sort of say,yeah, start with some policies,
(43:32):
start with cyber awarenesstraining, start with doing this
or that. You don't have to doeverything to be all the safer
package day 1.
But let's get you taking, youknow, steps towards that path
because once they see the valueof that, it works.
Ross Haleliuk (43:47):
Artificial intelligence seems to be
everywhere. How do you see thefuture of cyber shaping up?
Rick Snyder (43:52):
Yeah. AI is the most hype term known to man
currently. The cool part isbeing a proud nerd. I have to
share. I this is where I'm aproud nerd is I was going into
places talking about AI 10 yearsago, and I did it on purpose
because I thought people I justwanna see their reaction and
they go, wow.
That sounds really cool. Theydidn't even know it meant
artificial intelligence backthen. Now most people have
(44:14):
figured that out. But it'sthere's a huge hype bubble
that's going on, but there'shuge substance to artificial
intelligence. So it's thatnormal adoption wave.
It's overreaching. It will clearout, but things are really gonna
change because of artificialintelligence. In the cyber
context, I describe as an armsrace. The bad guys and the good
(44:35):
guys are both gonna use it. Thebad guys, in some ways, have an
advantage because they're gonnago on offense first while we're
figuring out defense.
But we need to both beparticipating in it. The easiest
illustrations is for them towrite a cool phishing email used
to be hard. It was brokenEnglish. It didn't make sense.
Now it's like you think you'rein Shakespeare or something if
(44:56):
they wanted to make it soundlike that.
So that's a real problem. But togive you an illustration how
we're using it in Sensei, wejust launched our first AI tool,
which is to basically help docyber alerts to our clients.
We've inventoried their systems.It's all these 0 day events, and
the threat feeds have all thescary stuff going on. We were
trying to use humans to match itall up and then send them
(45:17):
remediation steps.
We now have an AI tool we builtwith another young start up
partner to basically look at thethreat feeds, look at our
inventory of our clients, matchthem up, and then go to the
remediation database, pull thatin, and put it all together, and
then still have a human reviewit because AI does screw up and
get it out. So that's gonna makeus much more efficient in
(45:39):
helping make our clients safer.So both sides need to be using
it, and it will it is an armsrace.
Mahendra Ramsinghani (45:45):
So, Rick, if you have to do this all over
again, you've been a founder, aninvestor, VC, and a governor. If
you had to pick one of those 3,which one would you pick?
Rick Snyder (45:53):
Well, what I'd say, Mahindra, I'd give you two
answers, and the reason is is Ibecame I was a much better
governor because I'd done thoseother roles. Because too often,
political people spend theirwhole life in politics. And I
think I had a chance to learnabout where most people are
coming from, what it takes torun a business, what it takes to
start a business. That was ahuge advantage, and I understand
(46:14):
basic economics. That helps alot too.
So but what if you gave me achoice today, I'm having fun
being a founder. But publicservice would probably be the
one that stands out the most,and the reason is is I had an
opportunity to help 10,000,000people that are my friends,
families, people around me. Andthat's a special thing that you
(46:35):
have an opportunity just to gohelp people. But Sensei is among
about as close to that as youget, because we talked about
what small and medium sizedorganizations are doing are not
doing in cyber, and I got acompany making people safer.
Mahendra Ramsinghani (46:48):
You know, with 6,000,000 businesses, an
average of, let's assume, 10employees per per business, you
know, that's a that's a wide netthat you're casting up from
10,000,000 to 50, 60,000,000possibly. So thank you,
governor, Rick. I could helpmyself. So, you know, in
closing, we have had severalguests. They come from
(47:12):
backgrounds that are largelyserial entrepreneurs.
Our audience tends to learn fromthem and how they build good
startups. This is our first andprobably the last guest that has
such a wide range of experiencein startups, in venture capital,
2 separate funds that you ran of$100,000,000 each, probably had
a portfolio of maybe 40, 50companies that you managed very
(47:34):
successfully, and then a 2 termgovernor. So thank you for your
years of service, your wisdomand experience that you've
shared with us today. I'm sureour audience will benefit
tremendously. Thank you.
Rick Snyder (47:46):
Thank you.
Sid Trivedi (47:48):
Thank you for joining us Inside the Network.
Ross Haleliuk (47:51):
If you like this episode, please leave us a
review and share it with others.
Mahendra Ramsinghani (47:56):
If you really, really liked it and you
have some feedback for us, wrapit on a bottle of Yamazaki and
send it to me first.
Sid Trivedi (48:06):
No. Don't do that. Mahendra gets too many gifts
already. Please reach out byemail or LinkedIn.
Welcome to Inside the Network. I'm Sid Trivedi.
Ross Haleliuk (00:08):
I'm Ross Haleliuk.
Mahendra Ramsinghani (00:10):
And I am Mahendra Ramsingani.
Sid Trivedi (00:12):
We've spent decades building, investing, and
researching cybersecuritycompanies.
On this podcast, we invite youto join us inside the network,
where we bring the bestfounders, operators, and
investors building the future ofcyber.
Mahendra Ramsinghani (00:30):
Today, in this election special episode of
Inside the Network, we welcome aunique entrepreneur whose career
spans multiple domains, publicas well as private. Rick Snyder
is the former 2 term governor ofMichigan, and now a co founder
of a company called Sensei,which is short for Sensible
(00:51):
Cyber. A visionary entrepreneur,a seasoned venture capitalist,
and a transformative publicservant, Governor Snyder's
career is a master class in itsdepth and impact. He first
rocketed to prominence as achief operating officer of
Gateway Computers where heorchestrated a staggering
(01:11):
tenfold growth from 600,000,000in revenues to over
6,000,000,000. Managing 13,000employees and completing a
successful public offering.
He then went on to co foundArdesta, a venture fund whose
name means spark in Greek. It'sfitting metaphor for Snyder's
(01:31):
ability to ignite innovation andgrowth. But it was his next move
that truly sets him apart.Transitioning from the boardroom
to the campaign trail, Snyderran for governor of Michigan
with the unforgettable slogan, 1tough nerd. For 2 consecutive
terms, he steered the state ofMichigan with a laser focus on
(01:55):
fiscal responsibility, jobcreation, and technology driven
progress.
Now in a full circle back to hisentrepreneurial roots, Snyder
has co founded Sensei, a rapidlygrowing cybersecurity startup,
which has secured over a 100customers in his 1st year of
operations. In full disclosure,my investment firm Secure Octane
(02:20):
is an investor in CEDSCI. As wenavigate an increasingly complex
digital landscape and a highlycharged political climate,
Governor Snyder's unique blendof technology savvy, savviness
and governance experiencecouldn't be more relevant. He
brings unparalleled insightsinto this critical intersection
(02:44):
of technology, governance,politics, and cyber security.
With the election season uponus, there is no better person to
speak about this crucial role ofcyber security and, of course,
there is no better person tospeak about startups and
building companies as well.
Let's get started.
Sid Trivedi (03:03):
Welcome, Governor Snyder, to Inside the Network.
Rick Snyder (03:06):
Well, Sid, it's great to be with you, and please
call me Rick. I mean, I was inpublic service, and I got called
a lot of names. So Rick is apretty positive way to represent
things rather than the formalversion. So let's keep it
simple. It's great to be withyou.
Sid Trivedi (03:20):
Well well, I I will try to I'll I'll just try to
call you Rick in that case. Wewon't use any of the the more
complex names you've had overthe over the years as governor.
Well, Rick, we're gonna gothrough a couple of different
things, you know, in yourjourney. We'll start with cyber
and its importance in elections,which is certainly a
conversation right now in kindof the political environment.
(03:43):
We'll talk a little bit aboutyour journey with Sensei, your
newest startup, and then we'lltalk broadly about
entrepreneurship, fundraising,capital, and other topics.
So let's start with cyber andthe importance on on elections,
and maybe let's just start withkind of your background. Rumor
has it that you are the youngestpartner at a CPA firm.
Rick Snyder (04:03):
Well, let me put it to you this way. I'm 66. I'm on
my 5th career, and the reasonwhy is I'm a nerd that doesn't
play golf. So what are you gonnado? So I've had a very varied
career during my lifetime.
I was at Cooper's and Lybrand inthe eighties, which is now
PricewaterhouseCoopers. I was atax partner and then an m and a
(04:23):
partner. And I made partner in 6years. That was pretty cool. In
the nineties, I actually went togateway computers and I was the
number 2 guy there working forTed Waite.
That was a blast. That was thegolden era of PCs. So we grew
from 600 people to 13,000. Wegrew from 600,000,000 to
6,000,000,000 in revenue. Wewere became a fortune 500
(04:44):
company.
Just incredible. So that was ablast. And then Ted wanted to
move the company to California,and my family and I moved back
to Michigan. So in the 2000s, Idid venture capital. Not as good
as you do, Sid, but I wastrying.
I had $200,000,000 venture firmslargely doing the toughest work.
We were doing university techtransfer for most of our
engagements and trying to buildan industry in Michigan, and we
(05:06):
built some cool companies. Andthen around 2009 or so, looking
at Michigan, it was a disaster,our state. We are 50 out of 50.
So my wife called me out andchallenged me to run for
governor, and I ran.
The interesting part, you mightfind this interesting, is I
would meet people that said, doyou know if you apply the margin
error, you could be a negativenumber, in the polling? So I
(05:28):
call my early supporters themargin error club and it proves
good democracy still works. Igot elected for 2 terms and did
that during the 20 tens and then8 years. There are term limits
in Michigan. I was out of a job,and what else do you do?
You go do a start up. Andcybersecurity is a passion I've
had my whole life. One thing Itell people, I've been the
(05:49):
beneficiary of amazingtechnology for 30, 40 years.
People find it hard to believeit's been going on that long,
but it has. And I view if you'regonna take be a beneficiary of
that technology, it's importantto be equally responsible about
the scary things, the negativethings, and that's
cybersecurity.
So I'm pumped up. I view it as away to keep on giving back and
(06:10):
to do it in a young company tohelp the public because we have
a calling in our company to makesmall and medium sized
organizations safer. It's a goodcause. We need to do more.
Sid Trivedi (06:21):
Rick, I was, you know, it's it's funny. You've
had these kind of 6 differentcareers, and most folks after
they finish their, you know,their journey as governor, they
would typically go into aspeaking circuit or retire.
Obviously, you don't play golf,but many would go and take off.
But you chose not just a path tokind of, you know, a very
(06:43):
traditional path of going on thespeaking circuit or starting
some type of nonprofit or doingsomething that candidly would be
less work. You chose an a veryactive path, which is being a
founder and going into acategory like cyber, which is a
a category with a lot offounders and a lot of
cybersecurity companies, over4,000 from what we know, at
(07:04):
least.
Why did you choose that path? I mean, you talked a
little bit about your personalpassion for cyber, but you could
have gone and spoken about cyberat conferences instead of being
a founder.
Rick Snyder (07:13):
Yeah. No. I appreciate that. Well, first
thing I'll tell you, this goesback to starting companies and
the venture capital and allthose days. Starting a company
is not a fully rational act.
You gotta be a little bit crazy.And what do I mean by that is
it's it's about seeing somethingthat other people don't see
because if other people saw it,it'd already be done. And when
you look at cybersecurity,you're right, Sid. And and you
(07:35):
know this, the although you guysknow this probably better than I
do, there's a tremendouslysuccessful cybersecurity
industry out there. The issue isis that industry was built
largely for enterprise.
It was built to handle largeorganizations, and it does it
well. And how does it work isyou build some incredible
technology product that tends tobe fairly specialized that then
(07:59):
these big organizations havereally smart people that are
cybersecurity experts or ITexperts. They know how to source
them, buy them, implement them,use them, and they're still
getting hacked. There are abouta half 1000000 of those
organizations in the UnitedStates, big enterprises. So then
the question comes, what aboutthe 6,000,000 small and medium
sized organizations in thiscountry?
(08:22):
They're largely sitting ducks,that are living on borrowed
time. If you and we've got thedata to back that up, to show
how risky it is out there forthese organizations. Who's there
to help them? So I view this asa real calling. This is a way to
go help people make them safer.
And it's something that's badlyneeded in our nation. It's
(08:43):
needed in the world. And so wesaw something. I had some great
cofounders. Let's let's be thosecrazy people and go do something
about it.
So what the heck? We've foundedSensei, which is short for
sensible cyber to, bring it tosort of I I don't want, cyber
people to take it wrong, butthey think of most of us like
we're from Mars, that we don'tspeak normal language because we
(09:07):
use all these acronyms. And ourgoal is to do it in plain
language with regular people.
Sid Trivedi (09:12):
You know, I think the one thing you said about
when you started this comment onon startups, it reminded me of
another episode we had withMarty Roche, the founder of
Sourcefire, where he said, we dothese things because, not
because they were easy, butbecause we thought they were
easy. And I think that'sprobably the best way to put it.
Rick Snyder (09:31):
No. It's true. You gotta be you just go for it. And
this is the this is what makesthe, you know, an entrepreneur a
real entrepreneur is do you havethat personality profile to
persevere, not to be deterred?Because there's no organization
that there may be a start outthere that was the perfect one
that hit everything right andhad everything happen, but
stuff's gonna happen.
(09:52):
And the real question is, how doyou respond? And I also like to
say is, are you used to thatfast paced environment where you
have to do everything frommaking the strategic decision to
go make the copy? And a lot ofpeople aren't suited for those
kind of environments either. SoI I love doing start up stuff.
And, again, I'm willing to signup to say I'm a nerd, but I'm
also a little crazy.
Ross Haleliuk (10:13):
Yeah. Talking about stuff happening,
cybersecurity is increasinglybecoming more and more vital in
ensuring the integrity of theelections, critical
infrastructures, and publicservice. You pioneered an
interesting partnership calledthe Michigan model, which was
widely shared by all the statesby the National Governors
Association. Could you share thegenesis of this innovative
(10:35):
program?
Rick Snyder (10:36):
Sure. So when I became governor, this was back
in 2011. Cybersecurity was notbeing done very much or very
well by state government or bygovernment, period. And so I
thought we needed to dosomething about it. And so we
started a significantinitiative.
Actually, 2 of my cofounders andsince I were part of that, David
(10:56):
Behan was, chief informationofficer for the state of
Michigan, and then Dave Kellystood up and ran the cyber
command for the Michigan StatePolice. So we collectively said,
we wanna make Michigan the best.We wanna be that role model, and
we did. And it's really cool.The National Governors
Association, if you go ask themodel for good state government,
they'll talk about us.
(11:17):
But it was about first well, Ishould say it's 2 or 3 levels.
One level was hardening thestate government itself, doing
all those good practices,following the National Institute
of Standards and Technologycybersecurity framework, and we
did that. One fun story I'llI'll tell you is, so we started
cyber awareness training, and itwas the famous one. David would
be traveling around, and hewould be doing follow-up, and he
(11:39):
had found cabinet directors,people running huge departments
saying, you know, they hadn'tdone their cyber awareness
training. And so David said, whydidn't you do it?
And they'd say, hey. I'm toobusy. And David would say, well,
the governor finished his. Andthey said, well, I'll get mine
done. So that's the kind ofculture we brought to state
government, but we also wentbeyond state government.
We went out to the industry. Wewent out and brought together
(12:01):
the infrastructure companies,the utilities, all those
companies in Michigan. Webrought together health care,
and we brought togetherfinancial services. And we
brought them in councils wherewe could have open discussions
about how we could help them bebetter in each one of those
areas. And we actually passed alaw to allow better sharing for
information because thesecompanies were worried about
(12:22):
sharing too much with the statebecause of FOIA, the Freedom of
Information Act.
We actually made it so we didn'thave to disclose everything that
if we learn something, we couldbe that party sharing it with
other parties to get goodinformation out. And I think
that was very forward looking.We also created something, and
I'll give you the far out one.We created the, cyber civilian
(12:43):
corps, because the question isis if we had a massive cyber
attack in the United States,would we have the resources to
respond? And the answer is no.
We would not have enough peopleto do what needed to be done. So
I said, how would we handle thisif it was a non cyber incident?
Well, the answer is you'd callit the National Guard. So I
said, let's build a group likethe National Guard that are the
(13:06):
citizen cyber warriors. So weactually created this group
because and I went to thefederal government to say, can
you make this part of theNational Guard?
They laughed at me. But can wecreate something to do that? So
we actually created a core ofindividuals, and we passed a law
to give them some immunity sothey could work on companies in
the right situations withoutworrying about legal liability.
And we trained them up, and theywere so excited to help, and
(13:29):
they're there to be called outif we had a massive cyberattack
to go help other parties. Isn'tthat how should we we should act
as Americans helping oneanother?
And it's interesting now.Congress has now sort of taken
up this idea. They forgot whereit came from. This goes back to
2012. But I hope, eventually,the federal government will
figure it out and add it to theto be a component of the
(13:51):
National Guard.
Mahendra Ramsinghani (13:52):
I think that's the classic advantage
that you get when you havesomebody who's been a chief
operating officer of a publiclytraded company and a VC stepping
into the role of a governor.You're able to think about how
these public privatepartnerships can come together
effectively. Our next questionsort of leads into this balance
of regulation and cybersecurity.On one side, we see the
(14:17):
standards that NIST propagates,which are very helpful to all of
us. But on the other side, wealso hear in the industry that
some of these regulatoryoverhang is punitive, it is too
heavy handed.
And how can that balance bestruck between not being too
heavy handed yet beingefficient? In fact, I remember,
when your first term was inprogress, you had announced over
(14:42):
a 100 different outdated lawsthat were affecting the industry
that needed to be cleaned up. Soif you had a whiteboard and you
had to strike the right balance,what are some things, you you
would recommend that, should bedone?
Rick Snyder (14:57):
Yeah. Great question, Mahendra. And we did.
We got over rid of over 2,000regulations. And we do need to
do more in our country.
We all know that on this call.So what I would suggest is is
the NIST program of coming upwith standards is a good idea.
Requiring things to be done isnot a great idea generally. And
(15:17):
I'll give you a greatillustration in another context.
The first bill I signed asgovernor was called MEEP.
How's that for another acronym?It was the Michigan
Environmental Assurance Program.And what it was was for the
farmers in Michigan. And if youwanna get a group of farmers
mad, tell them you're gonnaregulate them. Same thing with a
bunch of cyber entrepreneurs orIT entrepreneurs.
(15:39):
You're you're gonna get them madif you try to regulate them. But
what we did is we came up with aset of voluntary standards that
we could certify them on andthat they could use that
voluntary standards that wecould certify them on and that
they could use that in theirmarketing and go tell people
about how they'd met certainstandards. And the farmers loved
it. Again, we didn't have toforce them. They wanted to do it
because they knew their thesewere better practices.
(16:02):
These were good, smart things todo. And if you drive around
Michigan, you'll actually see awhole bunch of signs that are
these MEEP signs saying they'vebeen certified in this area,
certified in that area. So thisis a problem with government is
too often there's attitude is wegotta prescribe things for
people. We gotta tell them whatto do rather than saying, how
can we come up with common sensestandards and get more people to
(16:24):
help one another achieve thosegoals? So I think there's a much
better positive path to say,let's get on board and do it for
the right reasons and let peopletake credit for doing good
things that are helping othersand helping make themselves
safer.
Ross Haleliuk (16:37):
Rick, when you're talking about the things you
did, it surely sounds like it'seasy to get different parts of
the government to talk to oneanother and to work together.
But we also know that that's notquite true. So I'm curious. What
would you say the startupfounders need to know about
partnering and working with thegovernment in order for them to
be successful at what they'retrying to do?
Rick Snyder (16:57):
The first thing you have to do is sort of put
yourself in their shoes. Again,you're you're talking a big
cultural gulf there. And theillustration I'll give you is I
mentioned how I did venturecapital, and I was doing
university tech transfer deals.And that's really tough. And one
of the reasons a lot of dealsnever happened is you had, like,
fast moving entrepreneurialpeople ready to go, and then you
(17:19):
go talk to an attorney at auniversity.
And I can tell you that a lot oftimes us fast moving
entrepreneurs coming in to talkto this university attorney
would say something that was sooffensive to that university
attorney, you would show up onthe bottom of their stack fairly
quickly, and you'd never knewwhat you said that was wrong,
(17:41):
rather than putting yourself intheir seat and coming up with a
mutual way to benefit, to comeout ahead of doing that and
understand where they're comingfrom. So the same thing's true
of any situation of put yourselfin the position of the person
you're trying to interact withand look for that win win. If
you get on that parameter wherethey view it as a win lose, you
know, you're in trouble,particularly if it's a
(18:03):
government regulator. So the mymodel is always what's the win
win because that's building arelationship. If you have a win
lose, that's a transactionthat's not sustainable.
And and working with thegovernment, you may not even
have a transaction or get out ofthe gate.
Sid Trivedi (18:18):
Rick, obviously, this is a unique time period. We
have a a a very big electionseason. And certainly on
November 5th, here in the UnitedStates, citizens will go out and
vote. You you've held publicoffice. You have a perspective,
and talked a little bit aboutthe Michigan model.
But just for the public, howconcerned should the public be
(18:39):
about the likelihood of nationstate threat actors trying to
influence the elections usingcybersecurity? And broadly, how
concerned should the public beabout the potential for cyber
warfare, which is very differentto kind of like a hacker coming
in and stealing a little bit ofmoney here and there.
Rick Snyder (18:58):
Yeah. We should be concerned. It is a real issue.
It's not something to, beparanoid about, but we do need
to do more and we need to bethoughtful about it. Generally,
our election system is verygood, very safe.
The last election was very goodand very safe, regardless of
what anybody says. One thingthat really makes it work is the
distributed nature of thesystem. It is very distributed.
(19:21):
I mean, you're talking down toprecincts or talking about
townships or counties orvillages that are independent of
one another that you can do agood job. That also presents the
challenge though because theydon't understand cybersecurity.
So that's where we need to worktogether to make sure they have
some good practices. But to dowide scale stuff would be
(19:43):
extremely difficult from acybersecurity attack side. And
you're right, sir. It's notgonna come from the the cyber
criminals. It's a nation stateissue.
If you and I actually havetalked about this before. I
wrote a piece once. If you areactually going to do a cyber
attack in the most efficientfashion as a bad nation state
(20:03):
looking at us, is what youshould do is go find 2 or 3 of
the swing precincts orcommunities. You would go to
Michigan, Pennsylvania, Georgia,you know, like in those
elections where, you know, theelection's getting decided in
these places, and you wouldspecifically target them and
(20:23):
mess with their results and tryto get that out. You would
actually publicize the fact thatyou messed with them because
then you would create thiscreeping thing to say all the
other ones are okay, but theones the swing ones that decide
the election are biased.
That's the greatest threat froma pure cybersecurity point of
view. So what I would say,again, we can't do every place
(20:45):
in the country. We shouldprioritize those swing places as
the places that deserve thegreatest attention and need the
greatest amount of help because,again, they don't have the
resources on their own. So Iwould focus on that from a
cybersecurity side. The biggerissue in our elections is not
pure cybersecurity.
It's misinformation, and that'swhat we're seeing today. And
(21:07):
that is a really scary thing.The amount of misinformation,
you know, is not what we reallydo as cyber people. But if
people ask me what's my greatestconcern or threat to elections,
it's misinformation more than acyber hack at this point. But,
again, I would go back and tryto figure out those swing
districts and do whatever elsemore we could help them.
Ross Haleliuk (21:26):
There are indeed many problems when it comes to
cybersecurity. And the good newsis that despite everything that
you're hearing on the dailybasis about, you know, the
elections and then thecybersecurity around the
elections, there are manyentrepreneurs working very hard
on trying to solve a lot of theproblems we are discussing here.
And one of the companies, we wewe get to talk about today is is
(21:49):
the company you are leading, isSensei. Sensei provides a FICO
like score to measure thecompany's cybersecurity health.
Tell us more about thisapproach.
We know that cyber threats areconstantly evolving. And given
that, how does this score adapt?And why do you believe the
business owner should startcaring?
Rick Snyder (22:07):
Yeah. Thank you for asking, Ross. I'm very proud of
how we created the Sensei score,because it's easily
understandable, and it's basedon the best framework. It's
based on this. So one of mycofounders, Dave Kelly, actually
went through the framework andbroke it down into bite sized
chunks to say, let's make theseinto a questionnaire.
(22:30):
So we have 39 questions,collects over a 100 and some
data points. But to make itreally work, we build an
algorithm to go with that. Weassign points to each one of
those items, and we did it basedon our experiences. So that's
where our know how came in. So,for example, you get more points
for cyber awareness trainingthan for, you know, how you do a
backup.
(22:51):
So we assign these points. Andto make it understandable, we
build it on a 1,000 point scale,and we made it like a credit
score. So like you said so theway I describe it is if you're
800 or better, we tell peopleyou're in the safer zone. If
you're 6 to 800, you're in theimproving range. If you're below
600, you're on borrowed time.
You're in the red zone. And Iusually say you have three main
(23:13):
choices. You can stream starwars, learn the force. You can
go to religious services, or youcan get help from somebody like
us, or get help because you needhelp. So the wild part of that
is is we originally did that.
The Sensei score was created aspart of our normal solution. We
do a wraparound service for anannual subscription for our
(23:34):
clients. And to start thatprocess, we were doing the score
and then building a health plan.The score is so cool. We broke
it out and said, we'll do ascore for anyone for free.
So you can go to a Senseiwebsite and do a score unguided
if you'd like, if you knewenough. We prefer to do guided
because a lot of times peopledon't even understand all the
questions. But we've collectedseveral 100 scores and did a
(23:57):
report about that. So to giveyou an idea, after doing
hundreds of scores so this isstatistically significant for
the United States, fororganizations. The average score
was 488.
That's scary. It's interesting.Our average client score was 333
because we had clients that knewthey needed help. But only 5
(24:18):
only about 6% of companies are800 plus, 25% are between 6 and
800, almost 70%, 69% are below600. The United States is in
serious trouble.
Sid Trivedi (24:31):
And on this topic, I mean, obviously, you published
these survey results. What werethe top cyber challenges for
businesses and what were some ofthe misconceptions that have
continued to prevail?
Rick Snyder (24:43):
Yeah. The issue is the missing pieces are fairly
pervasive. I mean, a lot ofthese are actually back to the
basics. I mean, passwords,complex passwords, multifactor
authentication are missing fromthese organizations. One of the
ones that scare me the most, andit's more on the response and
recovery side, but it reallyillustrates the point because we
do a lot, you know, on thedetection prevention identify
(25:05):
side.
But the lack of incidentresponse plans is really scary.
I mean, it's in the 60 somepercent range of organizations
that don't have an incidentresponse plan. And let me tell
you the way I go to people, Isay, okay. Do you have a fire
evacuation plan in yourbusiness? Yes.
If you're the central part, theMidwestern part, do you have a
(25:26):
tornado plan, sheltering plan?If you're unfortunately, that is
terrible, what Helene and allthis. Do you have a hurricane
plan? Yes. And they'll say, doyou have an incident response
plan for a cyber attack?
And then you like to ask people,what's the most likely of those
three things to happen? It's thecyber attack. And then it's easy
to point out to them. And,again, I always question the
(25:48):
data to some degree, but I'lluse the general industry norm,
is if you don't have an incidentresponse plan, you're down for
22 days. If you have a goodincident response plan, you'll
be back up within 1, 2, or 3days.
What a difference. I mean,what's gonna happen to your
business in those 3 weeks? Imean, you may not be in business
still. So this goes to the pointabout how poorly prepared we are
(26:10):
and why we need to help oneanother.
Mahendra Ramsinghani (26:12):
Governor, when you started since I
Rick Snyder (26:14):
think there was Richnell, Mahendra. You're
you're going back to governor.
Mahendra Ramsinghani (26:17):
Sorry. Sorry. You know, I lived in
Michigan. Once a governor,always a governor. I have to
somehow snap that, synapse in mybrain, but I'll try.
Let me drag it. When you startedSenSci, you had this notion of
RPA, you know, which was Ithought was very refreshing.
(26:39):
Maybe you can define what RPAmeans for our audience, and then
I have a follow-up question,which, I'll come to that.
Rick Snyder (26:44):
Yeah. So RPA actually goes back to when I
became governor because I havethis attitude, this positive
attitude about solving problems,and people would keep on bugging
me. What's this all about? Youdon't criticize anyone. You're
not calling anyone names.
You're not blaming anyone else.You you're just out working
trying to solve a problem. Andso I didn't know what to do. So
(27:05):
being an accountant, I did thebest marketing I could. I came
up with a name for it.
And the name I came up with wasrelentless positive action. So
what is relentless positiveaction? It's no blame, no
credit. What's the problem?What's the solution?
And be relentless in pursuit ofsolutions, which in the
government context was reallyimportant because you don't get
everything you want. A lot ofit's compromised negotiation,
(27:26):
and I view it as, yeah, be happyif you got 50% of what you're
shooting for because you can gowork on the next 50 next time.
Mahendra Ramsinghani (27:33):
In fact, I do remember during your 2nd
term, there was a televiseddebate you had with one of the
lead candidates who wascompeting for the governorship.
And during that entire debate,you never put any blame. And
after that televised debate wasover, I remember a lot of us
saying, That is a model debate,or at least how a model
(27:53):
candidate should behave. Ofcourse, things have gone in a
very, very different directionover the years. But using
relentless positive action incybersecurity, which the
industry uses this other acronymcalled FUD.
If you talk to the CISOs or thebuyers, most of the salespeople,
practitioners, try to use fear,uncertainty, or doubt. And the
(28:15):
seesaws are constantly in thisstate of mind of what's the next
thing that's going to happen tobe. This product salesperson is
using all kinds of pressuretactics. Speak to us about the
culture and how this culturalshift needs to occur.
Rick Snyder (28:29):
Yeah. Because a lot of it is too often people look
at cybersecurity as a binaryproposition. It's like you'll
buy this whole suite of packagesand you'll be safe. And if you
don't buy this, you're unsafe.No one is safe.
I clear that up with peopleright out of the gate. Anybody
that uses the word safe in asales pitch or any context for
cybersecurity is full of it. Youcan be safer. And using
(28:53):
relentless positive action tosay is overnight, you're not
gonna be able to do all thethings you should. So I'll go
back to our score.
If you have a score of 333, youdon't flip a switch and you're
at a 1,000. The question is,what are the most important
things you do next to be safer?And how do you approach that in
a fashion that's reasonable,rational, aggressive? Because,
(29:14):
again, you don't wanna bepassive about this, but how do
you start moving in that the theright direction? And every step
you take, you're gonna be saferby doing additional activities
on that path.
So get on the path to beingbetter off. I tell people, who
often people think aboutcybersecurity as a technology
issue? It is not. Technology isa critical important to it. But
(29:36):
I say the number one prioritywhen I talk to someone, I'm
trying to get them to go from apassive or a non culture to an
active cybersecurity culture.
If you have an activecybersecurity culture, you're on
the path of being safer. Andwhat I tell people, I
understand. It's not the onlyday cybersecurity for most
(29:56):
people, we're not normal people.We're a little weird. We're in
the cyber world here, is the dayyou get hacked, and then it's
gonna consume your life.
So I said, I never want it to beyour top priority, but it needs
to be a priority where you'reactively working on being safer.
That's RPA.
Sid Trivedi (30:12):
I wanna move things from from SENSA and talk a
little bit aboutentrepreneurship in more general
terms. And you flagged howyou've had this wide array of
experiences, these kind of 6careers across both the private
sector and the public sector.You've been a founder. You've
been a VC. You've been a CEO ofa multibillion dollar public
company.
(30:33):
You've been governor. Whatadvice do you have for younger
founders who are starting thisjourney and particularly
starting it during a complextime in the world? I mean,
there's just so many thingsgoing on. There's the
macroeconomic situation. There'sgeopolitical unrest.
There's obviously civil unrestthat we have in the country.
(30:53):
What advice do you have justbroadly for founders on how to
navigate the environment?
Rick Snyder (30:59):
Yeah. I'd give them 3 things. First, recognize it's
a team sport. And it's alwaysinteresting to me that when you
go to universities and colleges,they talk about their
entrepreneurship programs. And Ithink a lot of them are
mistargeted.
And what do I mean by that? Theyget caught up in this sole
founder thing that there's thispersonality that and, again,
(31:22):
it's wonderful to have that andit does work. But if you look at
all those situations, typically,there's an a few other people
that are with them that don'tget the credit the same way,
don't get the attention, peopledon't recognize them, but it
wouldn't happen without them. Soit's teamwork to find the right
team of because everyone well,not everyone recognizes it, but
(31:44):
you have a certain skill set.You need those complimentary
skills in a start up, in all thedifferent areas to be successful
usually.
So teamwork's the first thing.The second one is the planning
model. I don't believe intraditional planning. My model's
vision engage accelerate. If youdo traditional planning, you're
gonna die of old age before youget it implemented.
(32:06):
So it's a common sense visionand you go. You engage and learn
out what's going on in the realworld. Pilots, you know, beta
customers, alpha customers, findout what's really going on. And
after you have some experience,stop and adjust to what that
real world experience is. Andthat again, if I ask each one of
(32:27):
you, how often have you seen anearly business mile shift once
they've actually started doingthis alpha beta stuff and
learned that we thought themarket was here, but to make it
work, we had to step back andmove it to the right or left or
up or down.
And then once you have that,then you accelerate, then you
go. So that's the other thing.The third thing is and people
(32:48):
underestimate this, and nooffense, you guys are great
capitalists. Getting the capitalis critical, but they tend to
underestimate the firstcustomer. And it's about showing
real commercial use of whatyou're doing.
So when I do economicdevelopment program, I have been
doing economic development for along time. We had to strengthen
the capital network in Michigan,but we did a really cool program
(33:11):
called Pure Michigan BusinessConnect. And what we did is we
went to the big companies inMichigan and said, can we get
you to change how you're doingthings instead of doing your
normal procurement process thata young startup never could
adapt to and you'd never givethem the time of day and figure
out how to put it in easy termsand give them a shot at doing
that work. And we didn't have topay them a lot of money. I mean,
(33:35):
they understood the principleand they did it.
And literally, it led to1,000,000,000 of dollars of
extra sales in Michigan, but itwas that first customer for a
lot of young companies. Becauseonce you have that, then it's
easy much easier for you guys todecide to invest in someone if
they can see, you know, you'veproven it out with this customer
and it's a reputable one and youwanna go.
Ross Haleliuk (33:54):
Yes, Rick. Getting that first customer is
definitely a critical milestone.In fact, probably much more
critical than even raisingcapital. And yet fundraising is
still incredibly important. Youhave been a VC yourself, and now
back on the other side of thetable raising, capital for a
startup.
How has the experience been foryou? And what advice would you
Rick Snyder (34:16):
Is it happy hour yet? Are there cocktails now
available for this discussion?
Ross Haleliuk (34:22):
Not yet. Not yet.
Rick Snyder (34:24):
So no. You're on the other side of the world, and
it it's a challenging world, andyou gotta get used to being told
no. I mean, that's part ofdefining an entrepreneur. A lot
of people would quit. So ifyou're gonna go out and do this,
you gotta assume you're gonnaget 20, 30, 40 nos from getting
that first yes and be ready forthat and learn from the getting
(34:49):
those nos.
Every time somebody tells youthat, you're gonna learn
something about what they thinkof your business model and how
you need to adapt that. So it isa challenge. One of the jokes
given my history is a lot oftimes when I I was doing
venture, I I ended up becomingchair of the board. And the
reason was I wasn't smarter thananybody else. But since I'd been
on the founder side and I was onthe VC side, I wasn't I could do
(35:12):
universal interpretation, youknow, like that translator
thing.
Because if you think about it,the founder CEO generally took
the money, but didn't love theirVCs very much. And didn't like
the fact they had people comingin telling them what to do. At
least in their perception, theywere being told what to do. And
if you're the venturecapitalist, you're going there
(35:33):
that I'm giving this personreally good advice. I've done
this 10 times, and they're notlistening to me.
And it's very frustrating. Andit was like, here's the steps
you need to take. We know how tobuild companies. We know how to
do all this. We know how tohopefully make you wealthy if
you we work together.
And it's like, they're going,this guy is driving me nuts or
this woman's driving me nutsbecause they're not listening.
(35:54):
So I found it really valuablehaving been on both sides that I
could go to one side or theother and say, let's just notch
it back a couple steps. Let'sstep back a little bit, and now
let's let me explain to you whatit looks like from their side.
And understand this back to thatearlier point about how do you
do the win win and how do youlearn to give trust to people?
(36:15):
How do you initially learn togive trust?
Because the only way you buildtrust is by giving trust that's
got reciprocity to it, that'sgiven back. So when you're doing
this board thing or you're doingthis dance, it's like, don't
think about win or losses. It'slike, I'm not trying to get the
best terms for my VC because Idon't want them they gotta win
too and vice versa. It's like ifI'm negotiating with this
(36:36):
founder, I don't wanna squeezethem so hard that they feel
they're gonna lose. That's a badanswer.
So how do you come up with winwins, and then how do you build
this trust relationship? Becauseonce you build that, then things
go a lot more smoothly.
Ross Haleliuk (36:48):
Yes. And, Rick, having been on both sides, what
advice would you have for theinvestment community?
Rick Snyder (36:53):
Try to find old guys like me. They have been
around because a lot of cases,it's like people just lack the
experience. And, again, thetemperament to understand people
mean well. I mean, anytime Iwork with anyone, I don't assume
somebody's a bad person. I mean,there are some bad people out
there, but you sort through thempretty quick.
(37:14):
And learn to have the experienceof maturity to just not
overreact too quickly and tolisten and learn and be better
for it in terms of going throughthat process. One quick story
I'll share with you from the VCside, when I always did it, we
literally because we wereworking with university
professors. I would literallygive them a list of the best
(37:34):
attorneys in town in the areathat they were in to represent
them. Because my nightmare doinga deal was for the person on the
other side to have a crummyattorney. I mean, somebody that
didn't know how to deal, thatdidn't understand things because
the problem was is that wastheir trusted person.
And if they're getting badadvice, there's nothing I can do
about it. So they alwayswondered, why would I do that?
(37:56):
It's like, no. I want you tohave somebody really smart,
really good, really experiencedon the other side because
they're gonna help you navigatethrough this, and things are
gonna go a lot better.
Mahendra Ramsinghani (38:05):
One of the things you talked about, Rick,
was, going through challengingtimes, how you take 20, 30, 40
noes from every investor as youraise capital. And if you widen
the aperture in your career as achief operating officer of a
publicly traded company, in yourrole as 2 term role as governor,
you know, as a VC, there havebeen lots of ups and downs. I
(38:28):
remember once when I visitedyour office, I saw some shiny
stones that were kept along thelegs. And you talked about how
you used that as one of yourtechniques to disengage. Talk to
us about some of your techniquesof building your emotional
resilience, that, that ouraudience would care about.
Rick Snyder (38:45):
Yeah. So I'll I'll give you a couple illustrations.
When I was at Gateway, weactually had a activist hedge
fund come after us for seats onthe board and everything else.
That was stressful. The coolpart is is you can actually go
do a do a web search.
You'll find the activistinvestor joined our board. And
today, he'll talk about how goodit was and how well we worked
(39:06):
together because that goes backto win wins and building trust.
He didn't know everything goingon in the company. Once we got
him in, I could explain more tohim and we worked things out,
and he was a value add in termsof that process. When I was
governor, my honeymoon ended myfirst budget.
We had a multibillion dollardeficit in our state. I had to
come out with a budget that cuta lot of people. I had 100,
(39:28):
thousands of people out on theyard by the capitol calling me
names. That's why Rick is apretty good choice these days.
And so I had a lot of protests.
And but always what helped meget through that was
understanding that's freespeech. They have the right to
do that. There are 100 or 1000,but I represent 10,000,000
people, and they're representingtheir interest. I'm here to
(39:49):
represent all those people, soyou had to put it back in the
big picture. So in the startupcontext, the other thing I would
say, and we talked a little bitabout it, is when you run into
that wall, when you run intothat challenge or you're all
stressed out, don't just keepwalking into the wall.
I always recommend people take acouple steps back and change the
focal point. Broaden your basein the focal point and look at
(40:12):
it, and you may see an open doorthere that you didn't see
because you are so busy walkinginto the wall. The last one I'll
give you is a test I I've sharedwith my kids. I call it the 5
year rule. And what's the 5 yearrule?
Is to think about life in 5years and ask yourself the
question, how material is thisin my life 5 years from now, not
(40:32):
today? And almost anything youdeal with will be in a much
better perspective. It may lookterrible today. You may think
your life is over. But in thebig picture 5 years from now,
it's like, did you eat crow?
Did you have a mess? Did youmess up? Did something go wrong?
But 5 years later, hopefully,you're bigger better and
stronger for it, and you'velearned something.
Mahendra Ramsinghani (40:52):
You know, one of the interesting
dimensions of your startupjourney as a CEO has been, the
fact that, you're now on thepublic affairs advisory board of
$100,000,000,000 company, calledPalo Alto Networks. So these are
wide spectrums. On one side, youhave a startup. On another side,
you have a very large company.How do you navigate this kind of
(41:14):
a spectrum, and what are somewin wins that you can develop in
this kind of a scenario?
Rick Snyder (41:19):
Yeah. Well, the cool part is I'm a nerd. I love
to learn about everything. So itit actually complements one
another. Because, again, they'revastly different, and we're in
vastly different markets.
We don't really compete. They'reenterprise. We're small and
medium sized organizations. Butwe have a common interest,
cybersecurity, and how tocommunicate that. Because,
(41:40):
again, I I sort of mentionedthat early on is to most of the
world, we're weird people.
We're aliens. We're like fromMars. We speak a strange
language. We use acronyms. It'stough to understand stuff.
But by working with them, howcan we make people safer? That's
the point to never forget.Again, what's the vision? And
the vision is a safer world.They're a huge success story.
(42:02):
They've done tremendously wellat it. I'm hoping I can give
them good insight on how theycan particularly do that in the
public sector. So it's an honorto work with them. And then at
the same time, I'm hearing howthey're handling these huge
issues, where how artificialintelligence is affecting
things, how all these otherhighly sophisticated things are.
We're back in sense, I we'rehoping to get somebody not to
(42:25):
reuse a password in many cases.
So they sort of complement oneanother, and I think that's how
you'd be better and stronger isby broaden your portfolio.
Sid Trivedi (42:34):
As we wrap things up, Rick, you've talked a lot
about, you know, advice forfounders, advice for VCs,
general advice for the public.What advice do you have for the
cyber industry? And if there'sone thing you could change, what
would that be?
Rick Snyder (42:49):
I think it's working hard to communicate to
real people more effectively andto get the concept about we're
not trying to terrify you, butyou can't ignore this. And we're
not trying to tell you thisshould dominate your life
because it shouldn't. Itshouldn't be your top priority.
But if you don't put it on yourlist, if you don't do something
(43:11):
about it, you're at real risk.And sooner or later, you're
gonna get hit.
And we don't wanna see thathappen. The second part of that
is once you define that to them,we also need to work harder
about giving them a rationalpath to get through it. And,
again, this is simple steps.That's where the sensei score is
cool because we can sort of say,yeah, start with some policies,
(43:32):
start with cyber awarenesstraining, start with doing this
or that. You don't have to doeverything to be all the safer
package day 1.
But let's get you taking, youknow, steps towards that path
because once they see the valueof that, it works.
Ross Haleliuk (43:47):
Artificial intelligence seems to be
everywhere. How do you see thefuture of cyber shaping up?
Rick Snyder (43:52):
Yeah. AI is the most hype term known to man
currently. The cool part isbeing a proud nerd. I have to
share. I this is where I'm aproud nerd is I was going into
places talking about AI 10 yearsago, and I did it on purpose
because I thought people I justwanna see their reaction and
they go, wow.
That sounds really cool. Theydidn't even know it meant
artificial intelligence backthen. Now most people have
(44:14):
figured that out. But it'sthere's a huge hype bubble
that's going on, but there'shuge substance to artificial
intelligence. So it's thatnormal adoption wave.
It's overreaching. It will clearout, but things are really gonna
change because of artificialintelligence. In the cyber
context, I describe as an armsrace. The bad guys and the good
(44:35):
guys are both gonna use it. Thebad guys, in some ways, have an
advantage because they're gonnago on offense first while we're
figuring out defense.
But we need to both beparticipating in it. The easiest
illustrations is for them towrite a cool phishing email used
to be hard. It was brokenEnglish. It didn't make sense.
Now it's like you think you'rein Shakespeare or something if
(44:56):
they wanted to make it soundlike that.
So that's a real problem. But togive you an illustration how
we're using it in Sensei, wejust launched our first AI tool,
which is to basically help docyber alerts to our clients.
We've inventoried their systems.It's all these 0 day events, and
the threat feeds have all thescary stuff going on. We were
trying to use humans to match itall up and then send them
(45:17):
remediation steps.
We now have an AI tool we builtwith another young start up
partner to basically look at thethreat feeds, look at our
inventory of our clients, matchthem up, and then go to the
remediation database, pull thatin, and put it all together, and
then still have a human reviewit because AI does screw up and
get it out. So that's gonna makeus much more efficient in
(45:39):
helping make our clients safer.So both sides need to be using
it, and it will it is an armsrace.
Mahendra Ramsinghani (45:45):
So, Rick, if you have to do this all over
again, you've been a founder, aninvestor, VC, and a governor. If
you had to pick one of those 3,which one would you pick?
Rick Snyder (45:53):
Well, what I'd say, Mahindra, I'd give you two
answers, and the reason is is Ibecame I was a much better
governor because I'd done thoseother roles. Because too often,
political people spend theirwhole life in politics. And I
think I had a chance to learnabout where most people are
coming from, what it takes torun a business, what it takes to
start a business. That was ahuge advantage, and I understand
(46:14):
basic economics. That helps alot too.
So but what if you gave me achoice today, I'm having fun
being a founder. But publicservice would probably be the
one that stands out the most,and the reason is is I had an
opportunity to help 10,000,000people that are my friends,
families, people around me. Andthat's a special thing that you
(46:35):
have an opportunity just to gohelp people. But Sensei is among
about as close to that as youget, because we talked about
what small and medium sizedorganizations are doing are not
doing in cyber, and I got acompany making people safer.
Mahendra Ramsinghani (46:48):
You know, with 6,000,000 businesses, an
average of, let's assume, 10employees per per business, you
know, that's a that's a wide netthat you're casting up from
10,000,000 to 50, 60,000,000possibly. So thank you,
governor, Rick. I could helpmyself. So, you know, in
closing, we have had severalguests. They come from
(47:12):
backgrounds that are largelyserial entrepreneurs.
Our audience tends to learn fromthem and how they build good
startups. This is our first andprobably the last guest that has
such a wide range of experiencein startups, in venture capital,
2 separate funds that you ran of$100,000,000 each, probably had
a portfolio of maybe 40, 50companies that you managed very
(47:34):
successfully, and then a 2 termgovernor. So thank you for your
years of service, your wisdomand experience that you've
shared with us today. I'm sureour audience will benefit
tremendously. Thank you.
Rick Snyder (47:46):
Thank you.
Sid Trivedi (47:48):
Thank you for joining us Inside the Network.
Ross Haleliuk (47:51):
If you like this episode, please leave us a
review and share it with others.
Mahendra Ramsinghani (47:56):
If you really, really liked it and you
have some feedback for us, wrapit on a bottle of Yamazaki and
send it to me first.
Sid Trivedi (48:06):
No. Don't do that. Mahendra gets too many gifts
already. Please reach out byemail or LinkedIn.
Popular Podcasts
Bookmarked by Reese's Book Club
Welcome to Bookmarked by Reese’s Book Club — the podcast where great stories, bold women, and irresistible conversations collide! Hosted by award-winning journalist Danielle Robay, each week new episodes balance thoughtful literary insight with the fervor of buzzy book trends, pop culture and more. Bookmarked brings together celebrities, tastemakers, influencers and authors from Reese's Book Club and beyond to share stories that transcend the page. Pull up a chair. You’re not just listening — you’re part of the conversation.
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com