June 24, 2025 • 52 mins
Anurag Lal discusses the critical importance of quantum-resistant encryption for enterprise messaging and the urgent need for organizations to prepare for the coming quantum computing revolution that will render current encryption methods obsolete.
• Anurag's extensive background in technology from Apple to Sprint and participation in the National Broadband Task Force
• How mobile messaging has infiltrated enterprises without proper security consideration
• Consumer messaging apps were never designed to be secure, controlled by IT, or regulatory-compliant
• What "true end-to-end encryption" means and why most platforms claiming it actually decrypt messages in transit
• The concept of "Q-Day" - when quantum computers will break current encryption methods
• Biden administration's executive order mandating quantum-resistant encryption by 2028
• How cyber capabilities have been weaponized by nation-states, creating unprecedented threats
• AI-powered phishing attacks becoming increasingly sophisticated, including voice cloning
• The importance of implementing quantum-proof encryption now rather than waiting
• Netsphere's approach to quantum-resistant security for enterprise messaging
Find Anurag on LinkedIn (Anurag Lal) and learn more about Netsphere at netsphere.com
Chapters
00:00 Introduction and Background of Anurag Lal
05:52 Netsphere: A Solution for Secure Enterprise Messaging
12:08 The Importance of Encryption and Quantum Security
18:03 Apple's Approach to Security and Personal Experiences
28:34 Security Perspectives: Apple vs. Android
35:46 The Urgency of Quantum Security
43:10 Access Control: The Weakest Link in Security
49:42 AI in Phishing: A Real-World Example
PodMatch Automatically Matches Ideal Podcast Guests and Hosts For Interviews
Digital Disruption with Geoff Nielson
Discover how technology is reshaping our lives and livelihoods.
Listen on: Apple Podcasts Spotify
Follow the Podcast on Social Media!
Tesla Referral Code: https://ts.la/joseph675128
YouTube: https://www.youtube.com/@securityunfilteredpodcast
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:01):
How's it going?
Anurag, it's great to get youon the podcast.
You know we've had this thingon the books or in the making
here for a little bit, and I'mreal excited for our
conversation today.
I think it's going to be reallyinteresting.
Speaker 2 (00:15):
As am I.
Joe, thanks for having me onthe podcast, and I know we've
been trying to do this for awhile.
Glad to finally be able to doit.
Speaker 1 (00:22):
Yeah, absolutely.
So you know why don't we startwith your background, right?
How did you get into IT?
What did you see about theindustry or the area, right,
that interested in it?
Interested you enough in it toget you into this area?
Now you're, you know, on thesecurity side.
What was that journey like?
Speaker 2 (00:43):
Yeah, so you know, without dating myself, I've been
around, you know, dealing withtechnology way before the
internet.
But the fortunate thing for mewas I had the distinct privilege
of being associated with somegreat technology organizations
Everything from Apple to Sprintto British Telecom and then,
(01:03):
along the way, was associatedwith a couple of really
successful startups, all ofwhich dwelled on technology.
A lot of them dwelled intocommunications, inherently
focused into mobile and wireless, and, more importantly, on
security.
And then, along the way, I hadagain the honor to be part of
(01:24):
the United States NationalBroadband Task Force, which was
President Obama's way of makingsure that we as a country had a
broadband plan that we couldleverage across industries and
across technologies as a meansto move our country's agenda
forward, both economically andsocially.
So that was an absolutelyamazing experience.
(01:46):
Most recently here in my currentposition, we are in the
business of delivering reallycompelling messaging platforms
to customers across the globe.
We have mobile operators as ourcustomers as well.
They leverage our platform toenable services for their own
subscribers.
But today we'll be spendingmost of our time talking about
our enterprise business, whichkind of leveraged the heritage
(02:08):
we brought to the table from thecarrier business and allowed us
to build up platformspurpose-built for the enterprise
, so that the enterprise couldsecurely and with control,
leverage the strength and thecapability that mobile messaging
brings to bear.
And so that's essentially whatwe are currently doing, and I'm
really excited about not onlywhere we're headed, but really
(02:32):
the opportunity that lies aheadof us.
What is the problem that you'retrying to solve?
And I think that's a great wayof getting into the depth and
breadth of this challenge thatwe all face.
Going back to about, I think, 92, 93, 94, short message services
(02:53):
, or short message system thatwe refer to as SMS today, they
started proliferating acrossmobile phones.
As mobile phones proliferated,sms started to become really
important and popular.
And then, fast forward to theadvent of the iPhone in 2007,
all of a sudden, we had thesesmart devices on our fingertips
(03:13):
and people found sending mobilemessages as a very efficient
means to communicate.
Come Gen Zs and Gen Xs, theybrought all of that into the
enterprise.
And as mobile messagingencroached into the enterprise,
not because people preferred touse it, which they did, but also
it gave them the means to bemore productive and allowed them
(03:34):
to be brief in theircommunication but get the same
job done.
You know, we've seen data thata mobile message essentially
gets opened within 15 minutes ofit being received on the
receiving end.
Right, email takes much longer.
Email is much more detailed andsometimes, you know, can get
lost in the whole realm of spamand other means and don't get
(03:56):
the same response that a quickmobile message would get.
Now, all of that was great tillwe saw that there wasn't really
a platform that had beenpurpose-built for the enterprise
.
It's great to use mobilemessaging within the enterprise
as long as you're not sharinganything that is intellectually
important to you or isproprietary to the organization.
(04:18):
And in most cases when you arecommunicating for a company or
on behalf of a company, all ofthose do apply.
And then when you put that outin the consumer realm, you also
put that out in the open,because none of the consumer
brands or platforms were everbuilt to be enterprise ready,
(04:38):
and by enterprise ready I meanthey were never built to be
secure.
They never promised security.
They were never built to becontrolled by the IT
organization, never promisedthat.
They were never built to besecure.
They never promised security.
They were never built to becontrolled by the IT
organization, never promisedthat.
They were never built to helpyou stay in regulatory
compliance of your obligations.
They never said that, and so wefelt that there was an
opportunity for us to go out andbuild a platform for that
(05:00):
particular purpose, and that'show Netsphere came about.
So it is actually built onthose four pillars that I
mentioned security, control,regulatory compliance and then,
finally, a range of productivityfeatures that are built within
the platform to provide a levelof convenience to the end user.
Speaker 1 (05:18):
So it's like an app, you know, like Signal or
something like that, thatprovides enhanced security for,
you know, messaging and probablya whole host of interactions
that you can have within moderntechnology now.
Speaker 2 (05:33):
Yes, I think you can compare it to Signal.
We refer to it more as aplatform than an app because it
has a lot more than even Signaloffers.
In fact, if the US governmentwas using our platform when they
ended up using Signal and hadwall plans getting posted when
they shouldn't have been posted,that wouldn't have happened if
they would have leveraged ourplatform.
So that also describes theproblem really well.
(05:54):
People like mobile messaging.
They go out and start usingtheir own platforms without
being fully aware whether theyaddress some of the other
challenges they need to be awareof, and then they get
themselves in trouble.
But, you know, should they useNetsphere, all of that does not
happen and they get the benefitof all of that without putting
themselves and theirorganization at risk.
Speaker 1 (06:16):
Yeah, it's interesting.
You know, I've done some workwith the government earlier on
in my career and it's alwaysinteresting because it's, like
you know, 95% of the governmentis on technology that is just so
antiquated, you know and notnot saying that signal's
antiquated or anything like that, right, like I use signal every
day, but you know, just just asimple text message.
(06:39):
You know, if I were to like textone of the employees there like
they wouldn't, they wouldn'treceive it, or if they did
receive it, they wouldn't beresponding to it.
It would be like a very longprocess for any of that to take
place, which is it's frustrating, right, because you always
think, at least from like thetechnology side of it, that hey,
(06:59):
like, the government isprobably on like the top of the
line stuff, right, thegovernment is probably on the
top of the line stuff, right.
And then we have Elon Musk andDoge go in and they're saying
this entire payment system isbuilt on 70s technology, that
someone literally has to put apunch card into a machine.
I'm probably exaggerating alittle bit, but it doesn't
(07:22):
surprise me at all, right,because I've been saying it to
other people the whole time andpeople like just think he
doesn't know what he's talkingabout.
I'm sitting here like no I'veI've seen these ancient
mainframes.
I've talked to the guys thatthese companies are still
existing based on this contract.
Right, and like it's crazy.
Speaker 2 (07:42):
And like it's crazy Now and I totally agree with you
In my opening remarks mentionedthat I had the distinct honor
of working for the government.
I was part the broadband taskforce was actually part of the
Federal CommunicationsCommission, and so I had a
firsthand opportunity to look atthe way the government operates
and the government systems andthe government technologies.
And you know don't get me wrongthe government is full of very,
(08:06):
very smart and motivated people.
But the job of you know,overwhelming of kind of
overhauling the platforms thathave been deployed within the
government infrastructure is solarge, especially trying to keep
pace with the innovation whichis accelerating exponentially,
and now with AI, that innovationis going to be driven even
(08:28):
faster.
So just trying to keep up isthe challenge.
It's not that the intention isnot there and the monies don't
exist, but the intention isthere.
It's just the challenge is solarge and that's what creates
the actual problem that I wasreferring to and you kind of
referred to it as well is whenpeople are within an environment
(08:51):
and they want to use certaintechnologies that they are not
necessarily getting from theirown IT organization, they will
go out and take the least pathof resistance and find their own
solutions, and that's true evenin the private sector we saw.
I've spoken to so many ITmanagers and for them to try to
keep pace with what their endusers want becomes a big
(09:13):
challenge, and they do theirbest to deliver in all time.
So mobile messaging was one suchproblem and it kind of
encroached into the realm.
And when it encroaches intoyour realm, it has the means to
compromise security of yourenvironment.
And that has become that muchmore prevalent now that we are
(09:34):
in a post-COVID world where wesaw cyber attacks increase
exponentially.
And in most cases these attackswould originate in some kind of
phishing mechanism and thatphishing came to you through
email or through SMS or someother means to get to you right,
and so we as end users becamethe weakest link.
So that's why we came up withNetsphere.
(09:56):
We believed that people wouldwant to continue to use mobile
messaging, but till they didn'thave a platform that was
enterprise ready, they would puttheir entire environment to
risk.
And so once netsphere isdeployed, it's the, it's the
best of all worlds, and inessence they get the solution
they're looking for, they areproductive, while at the same
point of time we help theenterprise to stay secure so
(10:20):
it's.
Speaker 1 (10:20):
You know, from what you're describing to me it kind
of sounds like it's anextrapolation of Apple's user
space tiered architecture right,where everything is kind of
sandboxed off and what you'reinteracting with on your phone
actually isn't able to interactwith the layer down which is,
you know, probably like thingslike the phone dialer right, or
(10:45):
you know, the drivers that areinstalled, the OS and stuff like
that.
So it sounds like it's like asecured sandbox environment
within.
You know the potential sandboxenvironment because I believe
Android also, you know, saysthat their user space is
sandboxed off now, but I don'tknow how true that is.
So it sounds like it's its ownuser space is sandboxed off now,
(11:06):
but I don't know how true thatis.
So it sounds like it's its ownuser space.
So how does that interact witha potential like MZ catcher
right that you would encounter?
I mean, allegedly they're allgone, but you know China used to
have MZ catchers in theirairport terminals, right, as
soon as you get off the plane,your phone connects to this MZ
(11:28):
catcher, downloads all of yourdata.
It has everything.
It doesn't even technicallybreak your phone's security.
How does it interact with asituation like that?
Have you looked at somethinglike that?
Speaker 2 (11:40):
Absolutely, and that was one of the things that we
wanted to make sure that at anygiven time and I think the
sandbox is a great way ofdescribing it Any given time
when you are within theNetsphere sandbox, your data is
kept secure.
So if there is an MZ catcherand it's secure, because one of
our strongest pillars that we'vekind of built this platform on
(12:02):
was encryption and trueend-to-end encryption, and I'll
describe that, the reason I saidtrue.
But to answer your questiondirectly in the context of MZ
Catcher, we aren't immune to theMZ Catcher, but if they were to
extract Netsphere data as itwas going back and forth or
pulling it off of the device,they would get a bunch of
gibberish and there's nothingthey could do with that.
(12:24):
So that was what we were tryingto accomplish.
It's difficult to sometimes beimmune to the communication
layer that is being compromised,right, but if the layer is
carrying information that isgibberish to you, there's
nothing you can do about it.
And that's why not only are weend-to-end encrypted, we are now
(12:45):
quantum proof and in the samecontext of China, if you may, or
other nations who are nowleveraging cyber.
Cyber, essentially, has beenweaponized, right, and with it
being weaponized.
In the old days, it was somemafia entities or some rogue
folks who were trying toleverage cyber as a means to
(13:07):
enrich themselves.
Now we see that states haveweaponized cyber as a means to
engage in warfare.
And what are they after?
It's data, any and every kindof data.
We believe data is the nextmost valuable commodity, more
valuable than even gold, if youmay, because of the nature of
(13:27):
the information it carries.
So when we developed ourplatform, we wanted to make sure
it was end-to-end encrypted,and what I mean by true
end-to-end encrypted is mostpeople who claim to have, or
most platforms who claim to have, end-to-end encryption.
They decrypt the informationalong the way for various
reasons For addressing reasons,for information storage reasons,
(13:50):
for, if they're inspecting thedata for their own marketing
reasons Means we know of a verylarge company that has a
messaging app called WhatsApp.
Right, and sometimes you wonderhow they figure out what you're
looking for when you had justmentioned it on an encrypting
conversation.
Speaker 1 (14:06):
Quote unquote encrypted Allegedly encrypted.
Speaker 2 (14:09):
On WhatsApp, right?
So we wanted to make sure therewas true end-to-end encryption.
So at no way along the path asour data goes from the
originating site to theterminating site or the
receiving site is that datadecrypted.
It's only decrypted by the useror the receiver the legitimate
user and the receiver and wehave multiple means of making
(14:29):
sure that that happens.
And then we said, okay, we wantto make sure that we aren't
susceptible, or at leastessentially we aren't
susceptible, to quantum threats,even though quantum computing
is some ways off.
Now we don't know that for surebecause we have all these state
actors also investing billionsin making sure they are the
first ones with a platform suchas that.
(14:52):
We also have the private sectordoing the same If quantum could
potentially be a threat.
You started seeing decrypt Imean harvest now decrypt later,
attacks where data was beingharvested and is being kept, so,
even though it was encrypted,to be decrypted later.
So we wanted to make sure ourplatform did not fall into that
(15:15):
kind of a trap, and so that'swhy we upgraded our platform to
quantum encryption and today weproudly state that we are
quantum proof to quantumencryption.
And today we proudly state thatwe are quantum proof and that
it's an assurance to ourcustomers who come from finance,
healthcare, first responders,government, other entities,
technology companies.
It's an assurance to them thatwhatever they're communicating,
(15:36):
leveraging our platform fortoday, will remain safe even in
a quantum world.
Speaker 1 (15:43):
Yeah, it's fascinating, you know, you
brought up right, how, even likeyour modern, you know, message,
right, let's say, I'm messagingsomeone from my iPhone and they
have an iPhone, right, and I'mgetting that blue, the blue text
box that everyone loves so much, right, and it's really it's
(16:03):
because Apple, you know, marketsit as hey, that's fully
encrypted and everything elselike that right, like it's
completely secure and it's goingdirectly from phone to phone.
You know, there's nothing toworry about or whatnot, when in
all actuality, it has to bedecrypted at some point in time.
And the reason why it has to bedecrypted at some point in time
(16:24):
is because the federalgovernment can come in and go
and subpoena Verizon to say, hey, I need all the messages off
that phone, everything that wassent through your network from
this device to whatever otherdevice, right.
And because we need to, youknow, track this person.
They're a terrorist or whatever.
It might be right.
Whatever the situation is, notonly do they have to give up
(16:51):
that data, but it has to be in areadable format, you know.
And even if it's not in areadable format, the government,
you know, 9.5 times out of 10,they're breaking whatever was on
there so that they could get inand see it, which, you know, I
feel like a lot of people don'trealize, don't realize that or
don't understand it.
Right, it's like it's.
It's secured to a point.
Right, it's secured against anadversary that doesn't have
(17:15):
unlimited funds, that doesn'thave unlimited manpower and time
.
Right, it's secured againstsomeone like myself.
Right, time.
Right, it's secured againstsomeone like myself.
Right, like what are the oddsthat I'm actually even going to
spend the time to try, and youknow, break that sort of
encryption or whatnot?
Right, and if I could, Iprobably wouldn't be doing this
podcast, I'd be giving talksaround the world or something
(17:35):
like that.
Right, but it's, it'sfascinating.
You know, I'm interested in thepost quantum side of it, right,
and so I'll give you a littlebackground.
I'm sure my listeners areprobably tired of hearing me
talk about it at this point.
Right, but I'm getting my PhDin utilizing the Zero Trust
Framework to securecommunication satellite
(17:57):
infrastructure to prepare it forpost-quantum right.
So that entails taking therequirements of post-quantum
right.
So that entails, you know,taking the requirements of
post-quantum encryption.
What does that look like?
Okay, can we put that onto asatellite?
Yes, we can.
We have, you know, the rightresources and hardware and
whatnot.
Well, can we secure thathardware with zero trust, right?
(18:19):
Zero trust being a frameworkthat everyone knows it's been
around for a while, it's verywidely deployed and used.
You know, it's a good frameworkoverall.
Can we take something that weknow and kind of use it to
protect ourselves from thefuture?
Right, because we're kind ofgoing into our uncharted
territory right now with theadvent of AI, with, you know,
(18:41):
quantum encryption, with quantumcomputers.
Right, all of these things arekind of combining or colliding
together in a way that, oncethey reach a certain point that
maybe only five people on theplanet actually know what that
point is, once they reach thatpoint, it's completely
unstoppable, right, and it'slike you're either going to have
(19:03):
you're either going to beprepared for post quantum or
you're not, and if you're not,you're going to be obsolete,
right, because all of your datais already going to be out there
.
You'd have to start from literalzero just to be able to say my
data, my services secure, right,and so we're starting to see
(19:23):
companies actually put like postquantum cryptography and
whatnot, on their own roadmapsand saying like, hey, we need to
amplify our spend, amplify theresources that we have around
this Because, you know, if thisquantum AI actually turns into a
real thing, chase Bank, if theydon't have post-quantum
(19:44):
encryption already deployed ontheir devices securing your data
and whatnot, there's nothingholding back an AI that's
powered by a nation state actorfrom using it in a malicious way
.
There's literally nothing youcan do.
Speaker 2 (19:59):
And you're absolutely right there.
You can do, and you'reabsolutely right there.
But before I comment on whatyou had to say with regards to
quantum, I do want to talk aboutthe backdoor per se that you
mentioned in the realm ofgovernments having access to
some of the messages going backand forth.
I'm privy to how that processworks because, as I mentioned to
you at the start, we alsoprovide our platforms to mobile
(20:21):
operators, who then use that toenable their own subscriber base
with feature functionality.
So I know exactly how thatprocess works.
But I did want to acknowledgeApple for a second.
Apple does take a very, veryresponsible position when it
comes to encryption and securityand your data, and if I was to
single out one organization, Iwould single Apple out for that
(20:43):
very purpose.
They have actually even pushedback to a lot, even against the
United States government, whencalled upon to share information
that may not necessarily belongto them.
So that's a very importantpoint that I did want to make.
Again, I'm not taking sides,I'm just pointing out the
obvious, which is alsorecognized and acknowledged by a
(21:03):
lot of other people within theindustry.
Now, continuing on to yourcomment about quantum, I could
not agree with you more withregards to the quantum threat
and how real it is.
In fact, the Bidenadministration, on their last
day, or the last week, they setout an executive order that
stated that everybody needs toaccelerate and ensure that they
(21:27):
are deploying a level of quantumencryption prior to, I think,
2032 or 2035.
Which, if you really look at it, is not that long ago.
I mean not that far away.
And everybody's referring tothis as Q Day, is referring to
this as Q-Day.
Q-day essentially is the daywhen quantum computers become
available, whether with a goodparty or a bad party, and have
(21:53):
the means to start using quantumcomputing as a means to decrypt
your information.
Right, I compare Q-Day to Y2K,with a couple of differences.
Right, y2k, we knew exactlywhen that was going to happen.
It was going to happen midnightof December 31st 1999.
And we also knew, for the mostpart, what we had to do to our
systems to make sure that theclocks actually continued on
past that midnight gong, if youmay, right.
(22:15):
But in the context of Q-Day, wehave no idea about, one, when
it's going to happen and, two,what the impact potentially
could be.
What we do know is what we needto do to ensure that we are
protecting our environments, andthat's why deploying systems
and platforms that are quantumproof are so important today,
(22:37):
because nobody has any idea whenQDA is going to happen.
You know, technology tends tosurprise, and I wouldn't be
surprised that there would besome state actor that has a lab
out there where they're pumping,you know, billions, if not
trillions, of dollars to be thefirst one out with a quantum
platform.
And then you introduce even abigger problem or a bigger
(22:57):
challenge, where you talk aboutquantum AI, which really could
go into the scary realm Again ifyou're not doing anything about
it, because, as we know,innovation in the AI field is
really moving at an amazing pace, and a lot of that is really
entirely dependent on the GPUpower that you're able to deploy
(23:21):
in your environment to pushforth your LLMs, et cetera,
right Now.
Can you imagine a you know, acomputing environment that makes
your GPUs as we know them todayirrelevant because they are
essentially so powerful?
What would that do to theapplication layer which is
(23:42):
essentially running your LLMsright Now?
How does that evolve and whatcould that potentially be?
You know what impact could thatpotentially have to you?
And so that's a next stepoutcome of quantum computing.
But you know I always tellpeople focus on the here and now
.
And the here and now really ismake sure you're not buying into
(24:03):
any platform that is notquantum proof and is not quantum
ready.
And then do a complete reviewof your internal systems.
And you know, even in thecontext of government, even if
you have legacy systems, thereare means to ensure that they
are also made quantum proofright.
So make sure, once you do anaudit of your systems internally
(24:25):
and at the periphery, make surethat you are deploying a
quantum based strategy.
Again, if it's mobile messagingyou're concerned about, come
talk to us.
You know Netsphere is theretoday, it's available now, it's
being deployed extensivelyacross the globe and we offer
the service globally.
So come talk to us and we'd behappy to talk to you and set you
(24:47):
up with a quantum safecommunication platform, if you
may.
Speaker 1 (24:54):
Yeah, you know.
To circle back to your commentwith Apple, I'm actually a huge,
huge Apple fan.
I really, you know,unfortunately, like I try to,
you know, be like, you know,agnostic or whatever the term is
right towards technology, tryto really, like, view it with an
open mind.
But I always go back to, likewhen I was getting my master's,
(25:16):
and in one of the classes, youknow, is mobile security, where
you learn about the security ofAndroid and iPhone, right, and
then the lab is you're going topick a vulnerability, you're
going to deploy it, see how faryou get on the device, right,
you know, I tried for probably36 hours to get into an iPhone
and I couldn't, you know, via aBluetooth vulnerability.
(25:38):
It just would not work, nomatter what I did.
And then I go and I switch toan android, right, and I'm in
with root within 30 minutes.
Right, I'm a terrible hacker.
Like, I'm real bad.
You know like it's, I can fireup cali linux, but, man, if it's
beyond that, you know we're,we're in a world of hurt over
(25:58):
here.
Right, android was no problemat all and it just showed me
right there, like, oh they, youknow they, both parties claim
that they care about security,but obviously one actually does,
you know.
And then you see the thingswhere you know apple has
completely gone against what theus government wanted, what the
(26:19):
european government wanted,right, with getting backdoors
into their devices andencryption and everything and
one.
It's really eye-opening to seea government actively say we
want a backdoor into yourdevices, into your software.
Makes me think also that theyprobably already have one in
(26:40):
Android.
Right, if they're not askingGoogle or Android for the same
thing over there, right?
Like, if it was a problem forthe government on that platform,
they would have said it.
Right when they said it withApple.
And so for Apple to push backthe way that they did and
they're just like hey, you canfind me, whatever you want, we
(27:00):
can go to court, doesn't matter,I have a whole bank full of
cash ready to go just for this.
Like, doesn't matter, you'renot getting your back door.
It makes me believe you knowthat it's a lot more secure by
default than any other deviceplatform out there.
You know, I'm not trying to likeput it up against NetSphere or
(27:21):
anything like that, but I'mtotally on board with your
comments with Apple, it's likeyou know, we're also going into
uncharted territory, right, likewe've never seen this
convergence of AI and quantum.
Both things, both areas, havebeen around, you know, since,
like the 80s or the 70s, right,like I had on someone from
(27:43):
NVIDIA talking about you couldargue you know, ai and its most
crudest terms and form wasaround in the 50s even and,
which is interesting to hear himyou know describe that.
Right, but we've never reallybeen in a situation with both
industries where they're at sucha inflection point.
(28:03):
Right, but we've never reallybeen in a situation with both
industries where they're at sucha inflection point, right,
where it's like, if wait aminute, this AI over here is
doing all these different things.
Right, and AI is different froman LLM, but I think LLM is kind
of shed light on thecapabilities and the potential
of AI, right, Like they're sovery closely linked that really
(28:26):
only you know nerds like myselfand you would actually be able
to say, well, an LLM isn't quitean AI right, based on whatever
right.
But for most people, for 95% ofthe people, if I go ask my wife
, she's going to say, hey, chadGPT is an AI right, like that's
what it is.
So it's getting more visibility, more attention than ever and
(28:49):
we're also at this inflectionpoint where the technology for
quantum and ai are like catchingup to what everyone has been
saying for decades.
You know, that's whateveryone's been warning about.
And now we're, we're in asituation where, literally, you
know, like I'm hoping my iPhone,they're, they're preparing
(29:11):
something in the background,right, for iPhone 20 or whatever
it might be, to have postquantum encryption capabilities.
Right, because you know thisdevice that I rely on pretty
heavily, that I I mean it wouldtake such a significant event
for me to get off of an appledevice at this point that, like
(29:32):
it's, like, guys, I'm hopingyou're preparing, like everyone
else is saying, and to yourpoint too, with the biden
administration, I think theyactually moved up the date to I
think it was 2035.
And I think they moved it up tolike 2028 or something like
that.
Like they, you know, I meanthat's how dire the situation
(29:54):
really is, because now, everyone, you know when they, when, when
the government changes thetimeline, like that, you know
that they probably have some youknow genius in a basement
somewhere that alreadyaccomplished it, and they're
like the genie's out of thebottle in this room.
We can't keep it in this roomfor that long.
You know it's going to escapeat some point.
(30:16):
Yeah.
Speaker 2 (30:18):
But, you know, on behalf of the government's case.
You know, to a certain extent Iunderstand the need of a back
door from their perspective,because they're also tasked with
keeping their citizens safe,right, whoever the government
entity is.
I think the challenge comesabout when, within the
government, the checks andbalances fail and guess what?
There is abuse and misuse ofthat information, and that's
(30:42):
when it all starts to fall apart.
And that's why Apple basicallytook the position, and Apple
always engineered with securityin mind.
That's the way we have, as wellas the first step, and Apple
said listen, it's not my data, Idon't have control over it, so
I can't give it to you.
And, in fact, the way we builtNetsphere 2 is similar, where,
even if law enforcement comes tous saying, hey, listen, we need
(31:06):
access to data from XYZ, wedon't have access to that data
because it does not belong to us, the keys don't.
We don't own the keys.
Every customer has keys totheir own data and those keys
are now obviously quantum proofbecause, honestly, that data is
not ours.
We are not in the business ofproviding data right.
And so that strong positionaround security has kept Apple
(31:27):
in good stead, and Android wasforced to follow, because people
started becoming aware of theimportance of that and I think
Android is playing catch up.
But since the platform and theoperating system was never
developed to start with that inmind, you know they've kind of
done some band-aids to get usthere.
So that's why, you know iOS,when compared to Android, has a
(31:51):
distinct difference, and Itotally agree with you that.
You know Apple and you knowGoogle and others, I'm sure, are
in the process of coming outwith a quantum chip set of some
sort to augment their A22 chipthat they're planning to roll
out.
I think WWDC was talking abouthow they progressed from A1 to,
(32:13):
I think, a18 or something or theother.
And the point being is,everybody realizes the
importance of data security nowand now.
With data security.
Quantum is that much moreimportant.
But the government themselvessaying, hey, do it now, we're
already in 2025.
2028 is in three years, guys,so it'll take you some time to
(32:36):
get it done.
So you should be making thosedecisions here and now, and
that's what people need tounderstand.
You can't have your head in thesand and think this is going to
go away, guess what.
This is one thing that is notgoing away and this is one thing
that is definitely going toimpact how you conduct your
business, so you might as welltake action today.
Speaker 1 (32:57):
Yeah, yeah, it's a fascinating time Can we talk
about, like Microsoft recentlymaybe a month ago at this point
came out or announced the Willowquantum chip, right.
Speaker 2 (33:14):
And Google announced Vicker.
I think Different, but similarRight.
Speaker 1 (33:19):
What's the?
You know what's the purpose ofthese quantum chips.
Is it doing a key exchange,like a QKD key exchange?
Is it like what's going on inthat chip?
Do you know?
Maybe you're not the bestperson to ask, right, but maybe
you may know.
Speaker 2 (33:36):
No, no Again.
What I do understand is thatthis is really a part of
progressive R&D for them to getto a point where they can
leverage quantum as a computingplatform that goes across the
board, right, and so it's partof an evolutionary cycle.
(33:56):
They may not be real world usesof these chipsets, but I think
that they're very, veryimportant proof points to be
delivered, and what it alsoshows is that there is real R&D
being done.
You know, the private sectorhere in the US tends to be
fairly open in announcing theiraccomplishments, but I can bet
you there are other folks andorganizations that are not
(34:19):
announcing what they're up to.
But if Microsoft, based ontheir environment and budget,
can get to this point, which ison the road to a full quantum
computing platform, if you may,there are others who may be at
this point or at a differentpoint.
So that is something thatvalidates our collective
argument that we've beendiscussing now for some time on
(34:41):
this podcast is that it's realand we are seeing proof points.
So you better start takingaction for it.
Speaker 1 (34:47):
Yeah, yeah, it's fascinating.
Where do you see you knoweverything going right, moving
forward with the Bidenadministration, having that, you
know that bullet point, thatitem, right?
Everyone needs to start movingtowards this.
Are you seeing the industry, ormore companies you know, kind
(35:08):
of come up and start focusingmore on this problem?
Because I'm thinking ofcompanies like D-Wave, right,
that apparently, or allegedly,they have created something
that's more consumer-centric forquantum computing.
I don't know how valid that is,I don't know how many customers
they may have right, but itseems like quantum is becoming
(35:30):
more easy to use, it's moreaccessible than it ever has been
before, right, and that's kindof like the evolution with
technology.
So where do you see all of thisgoing and how does it impact
your platform?
Moving forward right, likewhat's the next iterations that
you're seeing down the pipelinethat you're preparing for?
Speaker 2 (35:52):
Yeah, no, we obviously see that quantum
itself is going to reallymaterialize sooner rather than
later.
And then we've seen threeseparate categories of
organizations who are reallyinvesting in quantum and who are
moving at different speeds.
You have a bunch of startups,and the startup ecosystem here
(36:15):
in the United States is very,very rich, based on the fortune
that we have in our country ofgaining access to venture
capital and otherentrepreneurship capital that
allows ideas to kind of bewatered, if you may, and to
flourish.
So we've got a bunch of verycompelling startups who are
(36:37):
doing a lot of amazing work inthe quantum realm.
We have established companies,and Microsoft you mentioned
Google.
Ibm as well has recentlystarted pushing and talking
about quantum as well, in thecontext of AI as well.
So we have much moreestablished companies who are
allocating R&D dollars againstit.
And then we have these nationstates that are obviously
(37:02):
investing a lot of money.
We know that right.
I think the Biden administrationdata point is just one.
They obviously have access tosome information that got them
concerned enough for him to sign, or for the president at that
time to sign, an executive ordersaying, hey, guess what, I'm
going to pre-pawn that date,right?
(37:29):
And then it is driven morebecause now cyber is really
weaponized, as I said earlier inthe podcast and when it gets
weaponized, the exponentialinnovation that takes place
because of state actors who arenow believed that they're
dependent on the success of thatrealm, drives innovation that
much faster, and to a pointwhere we essentially could lose
(37:49):
control of that innovation cyclebecause it could move so
quickly, right.
And so we at Netsphere have toconstantly be aware of that, and
that's why now, when wedeveloped the platform, we felt
encryption and security had tobe number one, right.
And so not only have we showedup the platform with quantum
(38:09):
proof encryption, we've alsomade sure that we've developed a
surround on the platform thatprovides best practices for an
enterprise to ensure that theyare, you know, managing their
internal communications in amanner that is in line with what
we refer to as quantum proof.
(38:29):
The quantum proof happens at thelayer of encryption, as I'm
sure you know right.
So we want to make sure thatour platform delivers a holistic
quantum proof experience, notjust at the encryption layer,
but also at the policy layer,leveraging zero trust as a
mechanism as well.
So we've built in a whole bunchof features that allow us to do
(38:53):
that, and obviously we areconstantly looking at what else
do we need to do.
What else do we need to do tokeep the platform secure?
Authentication is a very, veryimportant aspect of access, and
so we're constantly kind ofraising the bar on that as well.
So holistic, quantum proofplatforms, I think, are more
important, and I think that'swhat we're trying to deliver
(39:16):
with NetSphere as well.
Speaker 1 (39:19):
Yeah, that's a really good point, you know, because
it's going to get to the pointwhere the only way that you're,
you know, breaking a quantumsystem right is via access
authorization.
You know, are you, are youcracking the account?
Are you getting access to theMFA token?
What does that look like?
(39:39):
And so, you know, we're focusedon quantum right now, probably
because it's an emerging area,that we've never seen it expand
and grow like this before.
Right, security, all the otherpillars and domains of security
(40:02):
are still going to matter.
They're still going todefinitely play a role in
whatever platform is claiming tobe, you know, quantum resistant
or quantum proof, right, so tospeak.
So it's it's fascinating to seehow that is even going to
change and evolve over time.
Right, I feel like I feel likethat area will probably even lag
behind a little bit.
(40:23):
Right, Because, you know, maybenot for your solution, because
you're already thinking that way.
Right, but for organizations,you know, just thinking about
how different organizations work, they would probably start
shifting their focus, like theyare right now, towards quantum,
kind of forget about the basicsof, you know, iam and network
(40:45):
security, right, and justoverall.
And then they'll have to playcatch up, you know with that in
those areas as well.
So it's it'll be fascinating.
You know like there's always anews article every day, right,
saying these are the top fivejobs that are going to be
eliminated by AI and whateverelse.
You know like within 12 months,we're not going to have any
(41:06):
developers anymore.
I've seen that you know, within18 months we're not going to
have any like low level securitypeople anymore, and it's kind
of like, yeah, if that were tohappen we would be back in the
(41:31):
seat within six months, right,because the company is no longer
going to be functioning Likeand that's guaranteed.
Speaker 2 (41:37):
And everybody has to remember, as we are working
collectively to shore up oursystems, you know the bad actors
are also leveraging all thesame technologies to see how
they can get through to oursystems, right?
I'll give you a small example.
Five, seven years ago, when youwould get a phishing email or
even a phishing text, it wouldbe a disjointed message.
(41:58):
It was very obvious that it hadbeen written or put together by
an entity that didn'tunderstand English as their
first language.
It had grammatical errors andyou would laugh at it and not do
anything about it.
Now these phishing attacks arebecoming so sophisticated.
I recently got a couple ofemails which were so amazingly
(42:20):
doctored and came through as ifthey were actually coming from
Amazon, and the reason that ishappening is because the bad
actor is actually leveraging AIto develop these mechanisms,
including the messages.
Right, and regardless of wherethey're originating.
The sophistication is comingthrough the use of AI, and that
(42:44):
is really a great example of howwe need to constantly be aware
of everything that's going onaround us, because the bad
actors are also using the sametech to get at us right.
And access is always the weakestlink.
And again, I keep coming backto NetSphere is, you know, today
(43:05):
, phishing?
You know, on email you'reslammed with spam constantly.
Because it's an openenvironment, you know, netsphere
actually keeps it closed andencrypted and so we don't have
spam on platforms such as ours,and so we are able to keep the
door, front door closed.
The employees are the weakestlink, not because they are.
It's just because these attackshave become so sophisticated
(43:28):
that people, when they're doingtheir job, they see something
come through, they don't payattention to it, they click on
the wrong link and boom, you'vecompromised your environment.
So I think access is very, veryimportant and knowing the fact
that also, you know, the badactors are leveraging some of
the same technologies requiresus to really constantly
re-evaluate everything we'redoing.
(43:49):
But there is no, you know,argument with regards to not
doing quantum proof.
That's real, real and presentdanger that you have to react to
.
Speaker 1 (43:59):
So, you know, recently, at my nine to five, we
had a threat actor that wasusing AI to fish, you know, my
CFO to try and get him to send$20 million to an account or
whatnot, right?
So you know, they sent theemail and the email was
formatted properly.
(44:19):
It looked like it was comingfrom the CEO.
It just looked, it lookedperfect, right, there's.
There's nothing that would haveraised an alarm or anything
like that, because, especially,he's done it before.
He's done it for the CEO beforefor a couple other times.
So he was used to this kind ofrequest.
But you know, he followed theprocess that we already set up
(44:43):
internally, right?
So follow up with a phone call,get on the phone, confirm that
it's the CEO.
Well, the attacker was using anAI algorithm that mimicked the
CEO's voice, which is very muchout there, right, you do
earnings calls once a quarter,right, and the CEO is talking.
You're getting their voice,their voice pattern and
(45:06):
everything like that.
So they replicated the CEO'svoice, so it sounded exactly
like him, came from his, youknow, personal cell phone, like
you would expect, and everything.
And the only thing that stoppedit, right there was the fact
that we had, like, a final layerof security, a final layer of
(45:29):
authorization, and they couldn'tanswer that challenge question?
Right, because it's kind of anoff the wall one.
It's not related to anyone'sbackground.
It's like you either know theanswer or you don't.
You know, and they definitelydidn't, and that was the only
thing that caught him up, right,like that was the only thing
that stopped that attack fromeven happening.
(45:49):
Was that final piece?
Right, and you have thisadvanced ai that's mimicking a
voice, that's sending off thisemo that looks perfect.
Right, all these other thingsare lining up, except for that
one person with the brainbetween their ears that said we
need one more thing.
Right, because I heard aboutthis AI replicating voices over
(46:10):
here.
If he does that, he'll get pastthe second layer of
authentication, but he probablywon't be able to replicate it
over here.
Right, and so it took thatperson, not an AI, it took that
person to say we need this otherthing that saved us.
You know 20 million.
Because when it starts at 20million, you know, and you're
like, oh, send me.
You know 60, right, send me 80,whatever it is, what's to stop
(46:35):
it?
Right, because now it'smatching up in your own brain.
Speaker 2 (46:39):
So, joe, what you just described is essentially
that last step that youdescribed was when you requested
an encryption key.
So that was essentially in yourback and forth, that was your
encryption key, and so it meansI have gotten so many requests,
my employees have gotten so manyrequests.
Hey, this is Anurag, do me afavor, just go out to the Apple
(47:02):
store and buy $5,000 worth ofApple gift cards I need it
urgently and come back and sendthe numbers to me, right?
And these requests are comingon publicly available messaging
platforms and email.
And you know, my people saythey respond simply, they said
you know what?
We're happy to do that, anurag,just send me a message on
(47:23):
Netsphere and right there thewhole thing breaks down and
that's the power of encryption.
And you know, at some point intime I'd love to demonstrate to
you.
You know how our systemgenerates that key, because it's
in the settings.
You can actually see this key.
It's in the settings.
You can actually see this key,and I'll show you the difference
between pre-quantum andpost-quantum keys, making it
(47:49):
that much more difficult in theback and forth for anybody to
decipher it.
And that's the beauty ofplatforms such as ours.
But you created that sameplatform with your process,
right, and the last step in theprocess was hey, give me the key
.
And the key was a randomgenerated key, which is what we
do and that's what you did too.
It was not related to anybodyor anything else, and they
weren't able to deliver it andoff you go.
(48:11):
Now, the only flaw in yoursystem was that key was stored
probably somewhere that somebodycould gain access to it.
But in encryption and also in apost-quantum world, those keys
are generated randomly at thatpoint in time and then reset
themselves every six seconds,which again makes it that much
more difficult for anybody togain access to.
(48:31):
And that's why it's soimportant for people to get onto
these encrypted platforms andask the question is it truly
encrypted or it's encrypted?
And there's availableinformation out there that allow
you to kind of get past theinitial marketing data to get to
the bottom line on how and whatencryption a platform's using.
(48:52):
We share that very openly withour prospects as well.
That's when they realize thatyou know what they're buying
into is a very mature andwell-developed platform.
Speaker 1 (49:00):
Yeah, yeah, absolutely Well, you know,
anurag, we've been going foralmost an hour now and we're
unfortunately at the top of ourtime, but you know it's been a
fantastic conversation.
It's been very engaging, very,you know, thought-provoking and
whatnot, and you know we're kindof shedding light on an area
(49:20):
that isn't very well known yetby most people, right?
So it's always helpful to kindof go through it and dive in and
what's out there, what'sproviding actual security?
Speaker 2 (49:31):
Now, I really enjoyed our conversation as well.
I actually did not realize wewere at it for an hour, but yeah
, it's an exciting time.
It's an exciting realm, afast-moving realm, if you may,
and we're excited about beingable to participate in it and
contribute to it as well.
So I really appreciate youtaking the time and having me on
the podcast, joe.
Speaker 1 (49:51):
Yeah, absolutely.
Well, before I let you go, howabout you tell my audience you
know where they could find youif they wanted to connect with
you and where they could findyour company if they wanted to
learn more?
Speaker 2 (50:09):
Yeah, find me on LinkedIn.
I'm on LinkedIn.
So, anurag LalA-N-U-R-A-G-L-A-L, and my
company is NetsphereN-E-T-S-F-E-R-Ecom, come check
us out.
I think we have a fairly decentdescription of what we do and
how we do it and, if it helpsyou guys, we'd be happy to work
with you guys and deploy ourplatform within your environment
.
Speaker 1 (50:25):
Awesome.
Well, thanks everyone.
Go and check out the links thathe just said.
It was a fantastic episode.
Hope everyone enjoyed it Cool.
How's it going?
Anurag, it's great to get youon the podcast.
You know we've had this thingon the books or in the making
here for a little bit, and I'mreal excited for our
conversation today.
I think it's going to be reallyinteresting.
Speaker 2 (00:15):
As am I.
Joe, thanks for having me onthe podcast, and I know we've
been trying to do this for awhile.
Glad to finally be able to doit.
Speaker 1 (00:22):
Yeah, absolutely.
So you know why don't we startwith your background, right?
How did you get into IT?
What did you see about theindustry or the area, right,
that interested in it?
Interested you enough in it toget you into this area?
Now you're, you know, on thesecurity side.
What was that journey like?
Speaker 2 (00:43):
Yeah, so you know, without dating myself, I've been
around, you know, dealing withtechnology way before the
internet.
But the fortunate thing for mewas I had the distinct privilege
of being associated with somegreat technology organizations
Everything from Apple to Sprintto British Telecom and then,
(01:03):
along the way, was associatedwith a couple of really
successful startups, all ofwhich dwelled on technology.
A lot of them dwelled intocommunications, inherently
focused into mobile and wireless, and, more importantly, on
security.
And then, along the way, I hadagain the honor to be part of
(01:24):
the United States NationalBroadband Task Force, which was
President Obama's way of makingsure that we as a country had a
broadband plan that we couldleverage across industries and
across technologies as a meansto move our country's agenda
forward, both economically andsocially.
So that was an absolutelyamazing experience.
(01:46):
Most recently here in my currentposition, we are in the
business of delivering reallycompelling messaging platforms
to customers across the globe.
We have mobile operators as ourcustomers as well.
They leverage our platform toenable services for their own
subscribers.
But today we'll be spendingmost of our time talking about
our enterprise business, whichkind of leveraged the heritage
(02:08):
we brought to the table from thecarrier business and allowed us
to build up platformspurpose-built for the enterprise
, so that the enterprise couldsecurely and with control,
leverage the strength and thecapability that mobile messaging
brings to bear.
And so that's essentially whatwe are currently doing, and I'm
really excited about not onlywhere we're headed, but really
(02:32):
the opportunity that lies aheadof us.
What is the problem that you'retrying to solve?
And I think that's a great wayof getting into the depth and
breadth of this challenge thatwe all face.
Going back to about, I think, 92, 93, 94, short message services
(02:53):
, or short message system thatwe refer to as SMS today, they
started proliferating acrossmobile phones.
As mobile phones proliferated,sms started to become really
important and popular.
And then, fast forward to theadvent of the iPhone in 2007,
all of a sudden, we had thesesmart devices on our fingertips
(03:13):
and people found sending mobilemessages as a very efficient
means to communicate.
Come Gen Zs and Gen Xs, theybrought all of that into the
enterprise.
And as mobile messagingencroached into the enterprise,
not because people preferred touse it, which they did, but also
it gave them the means to bemore productive and allowed them
(03:34):
to be brief in theircommunication but get the same
job done.
You know, we've seen data thata mobile message essentially
gets opened within 15 minutes ofit being received on the
receiving end.
Right, email takes much longer.
Email is much more detailed andsometimes, you know, can get
lost in the whole realm of spamand other means and don't get
(03:56):
the same response that a quickmobile message would get.
Now, all of that was great tillwe saw that there wasn't really
a platform that had beenpurpose-built for the enterprise
.
It's great to use mobilemessaging within the enterprise
as long as you're not sharinganything that is intellectually
important to you or isproprietary to the organization.
(04:18):
And in most cases when you arecommunicating for a company or
on behalf of a company, all ofthose do apply.
And then when you put that outin the consumer realm, you also
put that out in the open,because none of the consumer
brands or platforms were everbuilt to be enterprise ready,
(04:38):
and by enterprise ready I meanthey were never built to be
secure.
They never promised security.
They were never built to becontrolled by the IT
organization, never promisedthat.
They were never built to besecure.
They never promised security.
They were never built to becontrolled by the IT
organization, never promisedthat.
They were never built to helpyou stay in regulatory
compliance of your obligations.
They never said that, and so wefelt that there was an
opportunity for us to go out andbuild a platform for that
(05:00):
particular purpose, and that'show Netsphere came about.
So it is actually built onthose four pillars that I
mentioned security, control,regulatory compliance and then,
finally, a range of productivityfeatures that are built within
the platform to provide a levelof convenience to the end user.
Speaker 1 (05:18):
So it's like an app, you know, like Signal or
something like that, thatprovides enhanced security for,
you know, messaging and probablya whole host of interactions
that you can have within moderntechnology now.
Speaker 2 (05:33):
Yes, I think you can compare it to Signal.
We refer to it more as aplatform than an app because it
has a lot more than even Signaloffers.
In fact, if the US governmentwas using our platform when they
ended up using Signal and hadwall plans getting posted when
they shouldn't have been posted,that wouldn't have happened if
they would have leveraged ourplatform.
So that also describes theproblem really well.
(05:54):
People like mobile messaging.
They go out and start usingtheir own platforms without
being fully aware whether theyaddress some of the other
challenges they need to be awareof, and then they get
themselves in trouble.
But, you know, should they useNetsphere, all of that does not
happen and they get the benefitof all of that without putting
themselves and theirorganization at risk.
Speaker 1 (06:16):
Yeah, it's interesting.
You know, I've done some workwith the government earlier on
in my career and it's alwaysinteresting because it's, like
you know, 95% of the governmentis on technology that is just so
antiquated, you know and notnot saying that signal's
antiquated or anything like that, right, like I use signal every
day, but you know, just just asimple text message.
(06:39):
You know, if I were to like textone of the employees there like
they wouldn't, they wouldn'treceive it, or if they did
receive it, they wouldn't beresponding to it.
It would be like a very longprocess for any of that to take
place, which is it's frustrating, right, because you always
think, at least from like thetechnology side of it, that hey,
(06:59):
like, the government isprobably on like the top of the
line stuff, right, thegovernment is probably on the
top of the line stuff, right.
And then we have Elon Musk andDoge go in and they're saying
this entire payment system isbuilt on 70s technology, that
someone literally has to put apunch card into a machine.
I'm probably exaggerating alittle bit, but it doesn't
(07:22):
surprise me at all, right,because I've been saying it to
other people the whole time andpeople like just think he
doesn't know what he's talkingabout.
I'm sitting here like no I'veI've seen these ancient
mainframes.
I've talked to the guys thatthese companies are still
existing based on this contract.
Right, and like it's crazy.
Speaker 2 (07:42):
And like it's crazy Now and I totally agree with you
In my opening remarks mentionedthat I had the distinct honor
of working for the government.
I was part the broadband taskforce was actually part of the
Federal CommunicationsCommission, and so I had a
firsthand opportunity to look atthe way the government operates
and the government systems andthe government technologies.
And you know don't get me wrongthe government is full of very,
(08:06):
very smart and motivated people.
But the job of you know,overwhelming of kind of
overhauling the platforms thathave been deployed within the
government infrastructure is solarge, especially trying to keep
pace with the innovation whichis accelerating exponentially,
and now with AI, that innovationis going to be driven even
(08:28):
faster.
So just trying to keep up isthe challenge.
It's not that the intention isnot there and the monies don't
exist, but the intention isthere.
It's just the challenge is solarge and that's what creates
the actual problem that I wasreferring to and you kind of
referred to it as well is whenpeople are within an environment
(08:51):
and they want to use certaintechnologies that they are not
necessarily getting from theirown IT organization, they will
go out and take the least pathof resistance and find their own
solutions, and that's true evenin the private sector we saw.
I've spoken to so many ITmanagers and for them to try to
keep pace with what their endusers want becomes a big
(09:13):
challenge, and they do theirbest to deliver in all time.
So mobile messaging was one suchproblem and it kind of
encroached into the realm.
And when it encroaches intoyour realm, it has the means to
compromise security of yourenvironment.
And that has become that muchmore prevalent now that we are
(09:34):
in a post-COVID world where wesaw cyber attacks increase
exponentially.
And in most cases these attackswould originate in some kind of
phishing mechanism and thatphishing came to you through
email or through SMS or someother means to get to you right,
and so we as end users becamethe weakest link.
So that's why we came up withNetsphere.
(09:56):
We believed that people wouldwant to continue to use mobile
messaging, but till they didn'thave a platform that was
enterprise ready, they would puttheir entire environment to
risk.
And so once netsphere isdeployed, it's the, it's the
best of all worlds, and inessence they get the solution
they're looking for, they areproductive, while at the same
point of time we help theenterprise to stay secure so
(10:20):
it's.
Speaker 1 (10:20):
You know, from what you're describing to me it kind
of sounds like it's anextrapolation of Apple's user
space tiered architecture right,where everything is kind of
sandboxed off and what you'reinteracting with on your phone
actually isn't able to interactwith the layer down which is,
you know, probably like thingslike the phone dialer right, or
(10:45):
you know, the drivers that areinstalled, the OS and stuff like
that.
So it sounds like it's like asecured sandbox environment
within.
You know the potential sandboxenvironment because I believe
Android also, you know, saysthat their user space is
sandboxed off now, but I don'tknow how true that is.
So it sounds like it's its ownuser space is sandboxed off now,
(11:06):
but I don't know how true thatis.
So it sounds like it's its ownuser space.
So how does that interact witha potential like MZ catcher
right that you would encounter?
I mean, allegedly they're allgone, but you know China used to
have MZ catchers in theirairport terminals, right, as
soon as you get off the plane,your phone connects to this MZ
(11:28):
catcher, downloads all of yourdata.
It has everything.
It doesn't even technicallybreak your phone's security.
How does it interact with asituation like that?
Have you looked at somethinglike that?
Speaker 2 (11:40):
Absolutely, and that was one of the things that we
wanted to make sure that at anygiven time and I think the
sandbox is a great way ofdescribing it Any given time
when you are within theNetsphere sandbox, your data is
kept secure.
So if there is an MZ catcherand it's secure, because one of
our strongest pillars that we'vekind of built this platform on
(12:02):
was encryption and trueend-to-end encryption, and I'll
describe that, the reason I saidtrue.
But to answer your questiondirectly in the context of MZ
Catcher, we aren't immune to theMZ Catcher, but if they were to
extract Netsphere data as itwas going back and forth or
pulling it off of the device,they would get a bunch of
gibberish and there's nothingthey could do with that.
(12:24):
So that was what we were tryingto accomplish.
It's difficult to sometimes beimmune to the communication
layer that is being compromised,right, but if the layer is
carrying information that isgibberish to you, there's
nothing you can do about it.
And that's why not only are weend-to-end encrypted, we are now
(12:45):
quantum proof and in the samecontext of China, if you may, or
other nations who are nowleveraging cyber.
Cyber, essentially, has beenweaponized, right, and with it
being weaponized.
In the old days, it was somemafia entities or some rogue
folks who were trying toleverage cyber as a means to
(13:07):
enrich themselves.
Now we see that states haveweaponized cyber as a means to
engage in warfare.
And what are they after?
It's data, any and every kindof data.
We believe data is the nextmost valuable commodity, more
valuable than even gold, if youmay, because of the nature of
(13:27):
the information it carries.
So when we developed ourplatform, we wanted to make sure
it was end-to-end encrypted,and what I mean by true
end-to-end encrypted is mostpeople who claim to have, or
most platforms who claim to have, end-to-end encryption.
They decrypt the informationalong the way for various
reasons For addressing reasons,for information storage reasons,
(13:50):
for, if they're inspecting thedata for their own marketing
reasons Means we know of a verylarge company that has a
messaging app called WhatsApp.
Right, and sometimes you wonderhow they figure out what you're
looking for when you had justmentioned it on an encrypting
conversation.
Speaker 1 (14:06):
Quote unquote encrypted Allegedly encrypted.
Speaker 2 (14:09):
On WhatsApp, right?
So we wanted to make sure therewas true end-to-end encryption.
So at no way along the path asour data goes from the
originating site to theterminating site or the
receiving site is that datadecrypted.
It's only decrypted by the useror the receiver the legitimate
user and the receiver and wehave multiple means of making
(14:29):
sure that that happens.
And then we said, okay, we wantto make sure that we aren't
susceptible, or at leastessentially we aren't
susceptible, to quantum threats,even though quantum computing
is some ways off.
Now we don't know that for surebecause we have all these state
actors also investing billionsin making sure they are the
first ones with a platform suchas that.
(14:52):
We also have the private sectordoing the same If quantum could
potentially be a threat.
You started seeing decrypt Imean harvest now decrypt later,
attacks where data was beingharvested and is being kept, so,
even though it was encrypted,to be decrypted later.
So we wanted to make sure ourplatform did not fall into that
(15:15):
kind of a trap, and so that'swhy we upgraded our platform to
quantum encryption and today weproudly state that we are
quantum proof to quantumencryption.
And today we proudly state thatwe are quantum proof and that
it's an assurance to ourcustomers who come from finance,
healthcare, first responders,government, other entities,
technology companies.
It's an assurance to them thatwhatever they're communicating,
(15:36):
leveraging our platform fortoday, will remain safe even in
a quantum world.
Speaker 1 (15:43):
Yeah, it's fascinating, you know, you
brought up right, how, even likeyour modern, you know, message,
right, let's say, I'm messagingsomeone from my iPhone and they
have an iPhone, right, and I'mgetting that blue, the blue text
box that everyone loves so much, right, and it's really it's
(16:03):
because Apple, you know, marketsit as hey, that's fully
encrypted and everything elselike that right, like it's
completely secure and it's goingdirectly from phone to phone.
You know, there's nothing toworry about or whatnot, when in
all actuality, it has to bedecrypted at some point in time.
And the reason why it has to bedecrypted at some point in time
(16:24):
is because the federalgovernment can come in and go
and subpoena Verizon to say, hey, I need all the messages off
that phone, everything that wassent through your network from
this device to whatever otherdevice, right.
And because we need to, youknow, track this person.
They're a terrorist or whatever.
It might be right.
Whatever the situation is, notonly do they have to give up
(16:51):
that data, but it has to be in areadable format, you know.
And even if it's not in areadable format, the government,
you know, 9.5 times out of 10,they're breaking whatever was on
there so that they could get inand see it, which, you know, I
feel like a lot of people don'trealize, don't realize that or
don't understand it.
Right, it's like it's.
It's secured to a point.
Right, it's secured against anadversary that doesn't have
(17:15):
unlimited funds, that doesn'thave unlimited manpower and time
.
Right, it's secured againstsomeone like myself.
Right, time.
Right, it's secured againstsomeone like myself.
Right, like what are the oddsthat I'm actually even going to
spend the time to try, and youknow, break that sort of
encryption or whatnot?
Right, and if I could, Iprobably wouldn't be doing this
podcast, I'd be giving talksaround the world or something
(17:35):
like that.
Right, but it's, it'sfascinating.
You know, I'm interested in thepost quantum side of it, right,
and so I'll give you a littlebackground.
I'm sure my listeners areprobably tired of hearing me
talk about it at this point.
Right, but I'm getting my PhDin utilizing the Zero Trust
Framework to securecommunication satellite
(17:57):
infrastructure to prepare it forpost-quantum right.
So that entails taking therequirements of post-quantum
right.
So that entails, you know,taking the requirements of
post-quantum encryption.
What does that look like?
Okay, can we put that onto asatellite?
Yes, we can.
We have, you know, the rightresources and hardware and
whatnot.
Well, can we secure thathardware with zero trust, right?
(18:19):
Zero trust being a frameworkthat everyone knows it's been
around for a while, it's verywidely deployed and used.
You know, it's a good frameworkoverall.
Can we take something that weknow and kind of use it to
protect ourselves from thefuture?
Right, because we're kind ofgoing into our uncharted
territory right now with theadvent of AI, with, you know,
(18:41):
quantum encryption, with quantumcomputers.
Right, all of these things arekind of combining or colliding
together in a way that, oncethey reach a certain point that
maybe only five people on theplanet actually know what that
point is, once they reach thatpoint, it's completely
unstoppable, right, and it'slike you're either going to have
(19:03):
you're either going to beprepared for post quantum or
you're not, and if you're not,you're going to be obsolete,
right, because all of your datais already going to be out there
.
You'd have to start from literalzero just to be able to say my
data, my services secure, right,and so we're starting to see
(19:23):
companies actually put like postquantum cryptography and
whatnot, on their own roadmapsand saying like, hey, we need to
amplify our spend, amplify theresources that we have around
this Because, you know, if thisquantum AI actually turns into a
real thing, chase Bank, if theydon't have post-quantum
(19:44):
encryption already deployed ontheir devices securing your data
and whatnot, there's nothingholding back an AI that's
powered by a nation state actorfrom using it in a malicious way
.
There's literally nothing youcan do.
Speaker 2 (19:59):
And you're absolutely right there.
You can do, and you'reabsolutely right there.
But before I comment on whatyou had to say with regards to
quantum, I do want to talk aboutthe backdoor per se that you
mentioned in the realm ofgovernments having access to
some of the messages going backand forth.
I'm privy to how that processworks because, as I mentioned to
you at the start, we alsoprovide our platforms to mobile
(20:21):
operators, who then use that toenable their own subscriber base
with feature functionality.
So I know exactly how thatprocess works.
But I did want to acknowledgeApple for a second.
Apple does take a very, veryresponsible position when it
comes to encryption and securityand your data, and if I was to
single out one organization, Iwould single Apple out for that
(20:43):
very purpose.
They have actually even pushedback to a lot, even against the
United States government, whencalled upon to share information
that may not necessarily belongto them.
So that's a very importantpoint that I did want to make.
Again, I'm not taking sides,I'm just pointing out the
obvious, which is alsorecognized and acknowledged by a
(21:03):
lot of other people within theindustry.
Now, continuing on to yourcomment about quantum, I could
not agree with you more withregards to the quantum threat
and how real it is.
In fact, the Bidenadministration, on their last
day, or the last week, they setout an executive order that
stated that everybody needs toaccelerate and ensure that they
(21:27):
are deploying a level of quantumencryption prior to, I think,
2032 or 2035.
Which, if you really look at it, is not that long ago.
I mean not that far away.
And everybody's referring tothis as Q Day, is referring to
this as Q-Day.
Q-day essentially is the daywhen quantum computers become
available, whether with a goodparty or a bad party, and have
(21:53):
the means to start using quantumcomputing as a means to decrypt
your information.
Right, I compare Q-Day to Y2K,with a couple of differences.
Right, y2k, we knew exactlywhen that was going to happen.
It was going to happen midnightof December 31st 1999.
And we also knew, for the mostpart, what we had to do to our
systems to make sure that theclocks actually continued on
past that midnight gong, if youmay, right.
(22:15):
But in the context of Q-Day, wehave no idea about, one, when
it's going to happen and, two,what the impact potentially
could be.
What we do know is what we needto do to ensure that we are
protecting our environments, andthat's why deploying systems
and platforms that are quantumproof are so important today,
(22:37):
because nobody has any idea whenQDA is going to happen.
You know, technology tends tosurprise, and I wouldn't be
surprised that there would besome state actor that has a lab
out there where they're pumping,you know, billions, if not
trillions, of dollars to be thefirst one out with a quantum
platform.
And then you introduce even abigger problem or a bigger
(22:57):
challenge, where you talk aboutquantum AI, which really could
go into the scary realm Again ifyou're not doing anything about
it, because, as we know,innovation in the AI field is
really moving at an amazing pace, and a lot of that is really
entirely dependent on the GPUpower that you're able to deploy
(23:21):
in your environment to pushforth your LLMs, et cetera,
right Now.
Can you imagine a you know, acomputing environment that makes
your GPUs as we know them todayirrelevant because they are
essentially so powerful?
What would that do to theapplication layer which is
(23:42):
essentially running your LLMsright Now?
How does that evolve and whatcould that potentially be?
You know what impact could thatpotentially have to you?
And so that's a next stepoutcome of quantum computing.
But you know I always tellpeople focus on the here and now
.
And the here and now really ismake sure you're not buying into
(24:03):
any platform that is notquantum proof and is not quantum
ready.
And then do a complete reviewof your internal systems.
And you know, even in thecontext of government, even if
you have legacy systems, thereare means to ensure that they
are also made quantum proofright.
So make sure, once you do anaudit of your systems internally
(24:25):
and at the periphery, make surethat you are deploying a
quantum based strategy.
Again, if it's mobile messagingyou're concerned about, come
talk to us.
You know Netsphere is theretoday, it's available now, it's
being deployed extensivelyacross the globe and we offer
the service globally.
So come talk to us and we'd behappy to talk to you and set you
(24:47):
up with a quantum safecommunication platform, if you
may.
Speaker 1 (24:54):
Yeah, you know.
To circle back to your commentwith Apple, I'm actually a huge,
huge Apple fan.
I really, you know,unfortunately, like I try to,
you know, be like, you know,agnostic or whatever the term is
right towards technology, tryto really, like, view it with an
open mind.
But I always go back to, likewhen I was getting my master's,
(25:16):
and in one of the classes, youknow, is mobile security, where
you learn about the security ofAndroid and iPhone, right, and
then the lab is you're going topick a vulnerability, you're
going to deploy it, see how faryou get on the device, right,
you know, I tried for probably36 hours to get into an iPhone
and I couldn't, you know, via aBluetooth vulnerability.
(25:38):
It just would not work, nomatter what I did.
And then I go and I switch toan android, right, and I'm in
with root within 30 minutes.
Right, I'm a terrible hacker.
Like, I'm real bad.
You know like it's, I can fireup cali linux, but, man, if it's
beyond that, you know we're,we're in a world of hurt over
(25:58):
here.
Right, android was no problemat all and it just showed me
right there, like, oh they, youknow they, both parties claim
that they care about security,but obviously one actually does,
you know.
And then you see the thingswhere you know apple has
completely gone against what theus government wanted, what the
(26:19):
european government wanted,right, with getting backdoors
into their devices andencryption and everything and
one.
It's really eye-opening to seea government actively say we
want a backdoor into yourdevices, into your software.
Makes me think also that theyprobably already have one in
(26:40):
Android.
Right, if they're not askingGoogle or Android for the same
thing over there, right?
Like, if it was a problem forthe government on that platform,
they would have said it.
Right when they said it withApple.
And so for Apple to push backthe way that they did and
they're just like hey, you canfind me, whatever you want, we
(27:00):
can go to court, doesn't matter,I have a whole bank full of
cash ready to go just for this.
Like, doesn't matter, you'renot getting your back door.
It makes me believe you knowthat it's a lot more secure by
default than any other deviceplatform out there.
You know, I'm not trying to likeput it up against NetSphere or
(27:21):
anything like that, but I'mtotally on board with your
comments with Apple, it's likeyou know, we're also going into
uncharted territory, right, likewe've never seen this
convergence of AI and quantum.
Both things, both areas, havebeen around, you know, since,
like the 80s or the 70s, right,like I had on someone from
(27:43):
NVIDIA talking about you couldargue you know, ai and its most
crudest terms and form wasaround in the 50s even and,
which is interesting to hear himyou know describe that.
Right, but we've never reallybeen in a situation with both
industries where they're at sucha inflection point.
(28:03):
Right, but we've never reallybeen in a situation with both
industries where they're at sucha inflection point, right,
where it's like, if wait aminute, this AI over here is
doing all these different things.
Right, and AI is different froman LLM, but I think LLM is kind
of shed light on thecapabilities and the potential
of AI, right, Like they're sovery closely linked that really
(28:26):
only you know nerds like myselfand you would actually be able
to say, well, an LLM isn't quitean AI right, based on whatever
right.
But for most people, for 95% ofthe people, if I go ask my wife
, she's going to say, hey, chadGPT is an AI right, like that's
what it is.
So it's getting more visibility, more attention than ever and
(28:49):
we're also at this inflectionpoint where the technology for
quantum and ai are like catchingup to what everyone has been
saying for decades.
You know, that's whateveryone's been warning about.
And now we're, we're in asituation where, literally, you
know, like I'm hoping my iPhone,they're, they're preparing
(29:11):
something in the background,right, for iPhone 20 or whatever
it might be, to have postquantum encryption capabilities.
Right, because you know thisdevice that I rely on pretty
heavily, that I I mean it wouldtake such a significant event
for me to get off of an appledevice at this point that, like
(29:32):
it's, like, guys, I'm hopingyou're preparing, like everyone
else is saying, and to yourpoint too, with the biden
administration, I think theyactually moved up the date to I
think it was 2035.
And I think they moved it up tolike 2028 or something like
that.
Like they, you know, I meanthat's how dire the situation
(29:54):
really is, because now, everyone, you know when they, when, when
the government changes thetimeline, like that, you know
that they probably have some youknow genius in a basement
somewhere that alreadyaccomplished it, and they're
like the genie's out of thebottle in this room.
We can't keep it in this roomfor that long.
You know it's going to escapeat some point.
(30:16):
Yeah.
Speaker 2 (30:18):
But, you know, on behalf of the government's case.
You know, to a certain extent Iunderstand the need of a back
door from their perspective,because they're also tasked with
keeping their citizens safe,right, whoever the government
entity is.
I think the challenge comesabout when, within the
government, the checks andbalances fail and guess what?
There is abuse and misuse ofthat information, and that's
(30:42):
when it all starts to fall apart.
And that's why Apple basicallytook the position, and Apple
always engineered with securityin mind.
That's the way we have, as wellas the first step, and Apple
said listen, it's not my data, Idon't have control over it, so
I can't give it to you.
And, in fact, the way we builtNetsphere 2 is similar, where,
even if law enforcement comes tous saying, hey, listen, we need
(31:06):
access to data from XYZ, wedon't have access to that data
because it does not belong to us, the keys don't.
We don't own the keys.
Every customer has keys totheir own data and those keys
are now obviously quantum proofbecause, honestly, that data is
not ours.
We are not in the business ofproviding data right.
And so that strong positionaround security has kept Apple
(31:27):
in good stead, and Android wasforced to follow, because people
started becoming aware of theimportance of that and I think
Android is playing catch up.
But since the platform and theoperating system was never
developed to start with that inmind, you know they've kind of
done some band-aids to get usthere.
So that's why, you know iOS,when compared to Android, has a
(31:51):
distinct difference, and Itotally agree with you that.
You know Apple and you knowGoogle and others, I'm sure, are
in the process of coming outwith a quantum chip set of some
sort to augment their A22 chipthat they're planning to roll
out.
I think WWDC was talking abouthow they progressed from A1 to,
(32:13):
I think, a18 or something or theother.
And the point being is,everybody realizes the
importance of data security nowand now.
With data security.
Quantum is that much moreimportant.
But the government themselvessaying, hey, do it now, we're
already in 2025.
2028 is in three years, guys,so it'll take you some time to
(32:36):
get it done.
So you should be making thosedecisions here and now, and
that's what people need tounderstand.
You can't have your head in thesand and think this is going to
go away, guess what.
This is one thing that is notgoing away and this is one thing
that is definitely going toimpact how you conduct your
business, so you might as welltake action today.
Speaker 1 (32:57):
Yeah, yeah, it's a fascinating time Can we talk
about, like Microsoft recentlymaybe a month ago at this point
came out or announced the Willowquantum chip, right.
Speaker 2 (33:14):
And Google announced Vicker.
I think Different, but similarRight.
Speaker 1 (33:19):
What's the?
You know what's the purpose ofthese quantum chips.
Is it doing a key exchange,like a QKD key exchange?
Is it like what's going on inthat chip?
Do you know?
Maybe you're not the bestperson to ask, right, but maybe
you may know.
Speaker 2 (33:36):
No, no Again.
What I do understand is thatthis is really a part of
progressive R&D for them to getto a point where they can
leverage quantum as a computingplatform that goes across the
board, right, and so it's partof an evolutionary cycle.
(33:56):
They may not be real world usesof these chipsets, but I think
that they're very, veryimportant proof points to be
delivered, and what it alsoshows is that there is real R&D
being done.
You know, the private sectorhere in the US tends to be
fairly open in announcing theiraccomplishments, but I can bet
you there are other folks andorganizations that are not
(34:19):
announcing what they're up to.
But if Microsoft, based ontheir environment and budget,
can get to this point, which ison the road to a full quantum
computing platform, if you may,there are others who may be at
this point or at a differentpoint.
So that is something thatvalidates our collective
argument that we've beendiscussing now for some time on
(34:41):
this podcast is that it's realand we are seeing proof points.
So you better start takingaction for it.
Speaker 1 (34:47):
Yeah, yeah, it's fascinating.
Where do you see you knoweverything going right, moving
forward with the Bidenadministration, having that, you
know that bullet point, thatitem, right?
Everyone needs to start movingtowards this.
Are you seeing the industry, ormore companies you know, kind
(35:08):
of come up and start focusingmore on this problem?
Because I'm thinking ofcompanies like D-Wave, right,
that apparently, or allegedly,they have created something
that's more consumer-centric forquantum computing.
I don't know how valid that is,I don't know how many customers
they may have right, but itseems like quantum is becoming
(35:30):
more easy to use, it's moreaccessible than it ever has been
before, right, and that's kindof like the evolution with
technology.
So where do you see all of thisgoing and how does it impact
your platform?
Moving forward right, likewhat's the next iterations that
you're seeing down the pipelinethat you're preparing for?
Speaker 2 (35:52):
Yeah, no, we obviously see that quantum
itself is going to reallymaterialize sooner rather than
later.
And then we've seen threeseparate categories of
organizations who are reallyinvesting in quantum and who are
moving at different speeds.
You have a bunch of startups,and the startup ecosystem here
(36:15):
in the United States is very,very rich, based on the fortune
that we have in our country ofgaining access to venture
capital and otherentrepreneurship capital that
allows ideas to kind of bewatered, if you may, and to
flourish.
So we've got a bunch of verycompelling startups who are
(36:37):
doing a lot of amazing work inthe quantum realm.
We have established companies,and Microsoft you mentioned
Google.
Ibm as well has recentlystarted pushing and talking
about quantum as well, in thecontext of AI as well.
So we have much moreestablished companies who are
allocating R&D dollars againstit.
And then we have these nationstates that are obviously
(37:02):
investing a lot of money.
We know that right.
I think the Biden administrationdata point is just one.
They obviously have access tosome information that got them
concerned enough for him to sign, or for the president at that
time to sign, an executive ordersaying, hey, guess what, I'm
going to pre-pawn that date,right?
(37:29):
And then it is driven morebecause now cyber is really
weaponized, as I said earlier inthe podcast and when it gets
weaponized, the exponentialinnovation that takes place
because of state actors who arenow believed that they're
dependent on the success of thatrealm, drives innovation that
much faster, and to a pointwhere we essentially could lose
(37:49):
control of that innovation cyclebecause it could move so
quickly, right.
And so we at Netsphere have toconstantly be aware of that, and
that's why now, when wedeveloped the platform, we felt
encryption and security had tobe number one, right.
And so not only have we showedup the platform with quantum
(38:09):
proof encryption, we've alsomade sure that we've developed a
surround on the platform thatprovides best practices for an
enterprise to ensure that theyare, you know, managing their
internal communications in amanner that is in line with what
we refer to as quantum proof.
(38:29):
The quantum proof happens at thelayer of encryption, as I'm
sure you know right.
So we want to make sure thatour platform delivers a holistic
quantum proof experience, notjust at the encryption layer,
but also at the policy layer,leveraging zero trust as a
mechanism as well.
So we've built in a whole bunchof features that allow us to do
(38:53):
that, and obviously we areconstantly looking at what else
do we need to do.
What else do we need to do tokeep the platform secure?
Authentication is a very, veryimportant aspect of access, and
so we're constantly kind ofraising the bar on that as well.
So holistic, quantum proofplatforms, I think, are more
important, and I think that'swhat we're trying to deliver
(39:16):
with NetSphere as well.
Speaker 1 (39:19):
Yeah, that's a really good point, you know, because
it's going to get to the pointwhere the only way that you're,
you know, breaking a quantumsystem right is via access
authorization.
You know, are you, are youcracking the account?
Are you getting access to theMFA token?
What does that look like?
(39:39):
And so, you know, we're focusedon quantum right now, probably
because it's an emerging area,that we've never seen it expand
and grow like this before.
Right, security, all the otherpillars and domains of security
(40:02):
are still going to matter.
They're still going todefinitely play a role in
whatever platform is claiming tobe, you know, quantum resistant
or quantum proof, right, so tospeak.
So it's it's fascinating to seehow that is even going to
change and evolve over time.
Right, I feel like I feel likethat area will probably even lag
behind a little bit.
(40:23):
Right, Because, you know, maybenot for your solution, because
you're already thinking that way.
Right, but for organizations,you know, just thinking about
how different organizations work, they would probably start
shifting their focus, like theyare right now, towards quantum,
kind of forget about the basicsof, you know, iam and network
(40:45):
security, right, and justoverall.
And then they'll have to playcatch up, you know with that in
those areas as well.
So it's it'll be fascinating.
You know like there's always anews article every day, right,
saying these are the top fivejobs that are going to be
eliminated by AI and whateverelse.
You know like within 12 months,we're not going to have any
(41:06):
developers anymore.
I've seen that you know, within18 months we're not going to
have any like low level securitypeople anymore, and it's kind
of like, yeah, if that were tohappen we would be back in the
(41:31):
seat within six months, right,because the company is no longer
going to be functioning Likeand that's guaranteed.
Speaker 2 (41:37):
And everybody has to remember, as we are working
collectively to shore up oursystems, you know the bad actors
are also leveraging all thesame technologies to see how
they can get through to oursystems, right?
I'll give you a small example.
Five, seven years ago, when youwould get a phishing email or
even a phishing text, it wouldbe a disjointed message.
(41:58):
It was very obvious that it hadbeen written or put together by
an entity that didn'tunderstand English as their
first language.
It had grammatical errors andyou would laugh at it and not do
anything about it.
Now these phishing attacks arebecoming so sophisticated.
I recently got a couple ofemails which were so amazingly
(42:20):
doctored and came through as ifthey were actually coming from
Amazon, and the reason that ishappening is because the bad
actor is actually leveraging AIto develop these mechanisms,
including the messages.
Right, and regardless of wherethey're originating.
The sophistication is comingthrough the use of AI, and that
(42:44):
is really a great example of howwe need to constantly be aware
of everything that's going onaround us, because the bad
actors are also using the sametech to get at us right.
And access is always the weakestlink.
And again, I keep coming backto NetSphere is, you know, today
(43:05):
, phishing?
You know, on email you'reslammed with spam constantly.
Because it's an openenvironment, you know, netsphere
actually keeps it closed andencrypted and so we don't have
spam on platforms such as ours,and so we are able to keep the
door, front door closed.
The employees are the weakestlink, not because they are.
It's just because these attackshave become so sophisticated
(43:28):
that people, when they're doingtheir job, they see something
come through, they don't payattention to it, they click on
the wrong link and boom, you'vecompromised your environment.
So I think access is very, veryimportant and knowing the fact
that also, you know, the badactors are leveraging some of
the same technologies requiresus to really constantly
re-evaluate everything we'redoing.
(43:49):
But there is no, you know,argument with regards to not
doing quantum proof.
That's real, real and presentdanger that you have to react to
.
Speaker 1 (43:59):
So, you know, recently, at my nine to five, we
had a threat actor that wasusing AI to fish, you know, my
CFO to try and get him to send$20 million to an account or
whatnot, right?
So you know, they sent theemail and the email was
formatted properly.
(44:19):
It looked like it was comingfrom the CEO.
It just looked, it lookedperfect, right, there's.
There's nothing that would haveraised an alarm or anything
like that, because, especially,he's done it before.
He's done it for the CEO beforefor a couple other times.
So he was used to this kind ofrequest.
But you know, he followed theprocess that we already set up
(44:43):
internally, right?
So follow up with a phone call,get on the phone, confirm that
it's the CEO.
Well, the attacker was using anAI algorithm that mimicked the
CEO's voice, which is very muchout there, right, you do
earnings calls once a quarter,right, and the CEO is talking.
You're getting their voice,their voice pattern and
(45:06):
everything like that.
So they replicated the CEO'svoice, so it sounded exactly
like him, came from his, youknow, personal cell phone, like
you would expect, and everything.
And the only thing that stoppedit, right there was the fact
that we had, like, a final layerof security, a final layer of
(45:29):
authorization, and they couldn'tanswer that challenge question?
Right, because it's kind of anoff the wall one.
It's not related to anyone'sbackground.
It's like you either know theanswer or you don't.
You know, and they definitelydidn't, and that was the only
thing that caught him up, right,like that was the only thing
that stopped that attack fromeven happening.
(45:49):
Was that final piece?
Right, and you have thisadvanced ai that's mimicking a
voice, that's sending off thisemo that looks perfect.
Right, all these other thingsare lining up, except for that
one person with the brainbetween their ears that said we
need one more thing.
Right, because I heard aboutthis AI replicating voices over
(46:10):
here.
If he does that, he'll get pastthe second layer of
authentication, but he probablywon't be able to replicate it
over here.
Right, and so it took thatperson, not an AI, it took that
person to say we need this otherthing that saved us.
You know 20 million.
Because when it starts at 20million, you know, and you're
like, oh, send me.
You know 60, right, send me 80,whatever it is, what's to stop
(46:35):
it?
Right, because now it'smatching up in your own brain.
Speaker 2 (46:39):
So, joe, what you just described is essentially
that last step that youdescribed was when you requested
an encryption key.
So that was essentially in yourback and forth, that was your
encryption key, and so it meansI have gotten so many requests,
my employees have gotten so manyrequests.
Hey, this is Anurag, do me afavor, just go out to the Apple
(47:02):
store and buy $5,000 worth ofApple gift cards I need it
urgently and come back and sendthe numbers to me, right?
And these requests are comingon publicly available messaging
platforms and email.
And you know, my people saythey respond simply, they said
you know what?
We're happy to do that, anurag,just send me a message on
(47:23):
Netsphere and right there thewhole thing breaks down and
that's the power of encryption.
And you know, at some point intime I'd love to demonstrate to
you.
You know how our systemgenerates that key, because it's
in the settings.
You can actually see this key.
It's in the settings.
You can actually see this key,and I'll show you the difference
between pre-quantum andpost-quantum keys, making it
(47:49):
that much more difficult in theback and forth for anybody to
decipher it.
And that's the beauty ofplatforms such as ours.
But you created that sameplatform with your process,
right, and the last step in theprocess was hey, give me the key
.
And the key was a randomgenerated key, which is what we
do and that's what you did too.
It was not related to anybodyor anything else, and they
weren't able to deliver it andoff you go.
(48:11):
Now, the only flaw in yoursystem was that key was stored
probably somewhere that somebodycould gain access to it.
But in encryption and also in apost-quantum world, those keys
are generated randomly at thatpoint in time and then reset
themselves every six seconds,which again makes it that much
more difficult for anybody togain access to.
(48:31):
And that's why it's soimportant for people to get onto
these encrypted platforms andask the question is it truly
encrypted or it's encrypted?
And there's availableinformation out there that allow
you to kind of get past theinitial marketing data to get to
the bottom line on how and whatencryption a platform's using.
(48:52):
We share that very openly withour prospects as well.
That's when they realize thatyou know what they're buying
into is a very mature andwell-developed platform.
Speaker 1 (49:00):
Yeah, yeah, absolutely Well, you know,
anurag, we've been going foralmost an hour now and we're
unfortunately at the top of ourtime, but you know it's been a
fantastic conversation.
It's been very engaging, very,you know, thought-provoking and
whatnot, and you know we're kindof shedding light on an area
(49:20):
that isn't very well known yetby most people, right?
So it's always helpful to kindof go through it and dive in and
what's out there, what'sproviding actual security?
Speaker 2 (49:31):
Now, I really enjoyed our conversation as well.
I actually did not realize wewere at it for an hour, but yeah
, it's an exciting time.
It's an exciting realm, afast-moving realm, if you may,
and we're excited about beingable to participate in it and
contribute to it as well.
So I really appreciate youtaking the time and having me on
the podcast, joe.
Speaker 1 (49:51):
Yeah, absolutely.
Well, before I let you go, howabout you tell my audience you
know where they could find youif they wanted to connect with
you and where they could findyour company if they wanted to
learn more?
Speaker 2 (50:09):
Yeah, find me on LinkedIn.
I'm on LinkedIn.
So, anurag LalA-N-U-R-A-G-L-A-L, and my
company is NetsphereN-E-T-S-F-E-R-Ecom, come check
us out.
I think we have a fairly decentdescription of what we do and
how we do it and, if it helpsyou guys, we'd be happy to work
with you guys and deploy ourplatform within your environment
.
Speaker 1 (50:25):
Awesome.
Well, thanks everyone.
Go and check out the links thathe just said.
It was a fantastic episode.
Hope everyone enjoyed it Cool.
Popular Podcasts
United States of Kennedy
United States of Kennedy is a podcast about our cultural fascination with the Kennedy dynasty. Every week, hosts Lyra Smith and George Civeris go into one aspect of the Kennedy story.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.