¶ Chuck Todd's introduction
This episode of the Chuck Todcast is brought to you by Wild Grain. Wild Grain is the first bake from frozen subscription box for sour dough breads, artisonal pastries, and fresh pastas, plus all the items conveniently baked in twenty five minutes or less. Unlike many store brought options, Wild Grain uses some simple ingredients you can pronounce and a slow fermentation process that can be a lot easier on your belly, little gut health there right, and richer in
nutrients antioxidants. There's also no preservatives and no shortcuts. The Wild Grain boxes are fully customizable. In addition to their variety box, they have a gluten free box, a vegan box, and a new protein box. I will tell you I have done the gluten free box. I have done it a second time. I have also used the code, the todcast code. If you use the promo code toodcast at checkout, you get thirty dollars off. I've already used it as a gift to somebody else who loves this bread. It
is hard to find good gluten free bread. It is fantastic. They give you step by step instructions.
I really dig this.
There is nothing like having an artesion bakery in your freezer. Right now, Wildgrain is offering my listeners thirty dollars off your first box plus free cryissants for life. Come on when you go to wildgrain dot com slash podcast to start your subscription today. That's thirty dollars off your first box and free croissants for life when you visit wildgrain dot com slash podcast, or simply use the promo code podcast at checkout. This is a sponsor I absolutely embrace,
so use that code. Hello there, I'm Chuck Todd and welcome to another episode of Sunday Night Tonight. It's a one topic deep dive on artificial intelligence, and maybe the simplest way to frame the AI debate right now is this, Americans are being asked to trust a new technological revolution at a moment when they're not entirely convinced the last one worked out so well.
Think about it.
Search engines once felt empowering, social media once felt connective. Online marketplaces once felt simpler and more useful. But over time, many of those same technologies became harder to trust, distorted by algorithms, advertising, misinformation, polarization, and the constant incentive to
monetize our attention. So when Selagon Valley tells the public, don't worry, this next technological leap will change everything for the better, it's understandable that many of us respond with a little skepticism, or maybe a lot of skepticism, because AI isn't some distant concept anymore. It's already shaping classrooms, workplaces, financial systems, warfare, and even the information we consume every day,
¶ Miriam Vogel joins the Chuck ToddCast
which raises two very different but deeply connected questions. One, how do we protect consumers from AI? And two how do we protect country from AI? So tonight we're going
¶ Equal AI's mission is to establish AI guardrails
to explore both sides of this challenge.
Miriam Vogel joins me. First.
She chairs the National AI Advisory Committee and leads an organization called Equal AI that's focused on governance, fairness, and consumer trust. She's trying to answer the question how do we build guardrails around AI before the technology outruns the
public's confidence in it. Then I'll be joined by and Newburger on the issue of global security, because while Miriam Vogel is trying to make sure AI doesn't discriminate against you when you apply for a mortgage, and Newburger is trying to make sure that same technology isn't used by a foreign adversary.
To shut down the bank.
Altogether, it's the same technology, it's two completely different battlefields, and somewhere between innovation and regulation, between opportunity and fear, is the question governments around the world are now struggling to answer in real time, how do you govern a technology that evolves faster than governments themselves. Tonight's conversation comes
to you from the Unconventional Diner. It's one of Washington's great neighborhood spots, known for taking classic American comfort food and giving it an inventive twist, which trankully feels like
¶ American consumers are extremely skeptical of big tech
the perfect backdrop for a conversation about technology trying to reinvent itself in our everyday life.
So let's get started. Very in Bogo. It's nice to see you.
Let me start with tell me a little something about what equal AI is supposed to be.
So we created equal AI seven and a half years ago because we saw the emergence of AI. We saw that there was a deep enthusiasm starting to root across the country and the globe, but without a lot of understanding of the potential risks and the need for guardrails, and so we created it that time more of a temporary place where companies, policymakers, lawyers, other key stakeholders could align on guardrails. How do we make sure that this
¶ Tech companies need to address users' concerns & questions
really serves people? How do we contain risks and make sure that we can optimize use. So flash forward seven and a half years, it turns out we have not gone out of style in terms of meeting the big place to align on guardrails and best practices.
The American electorates skepticism and AI seems very rational to me. When you look at Web one point zero search and commerce, the user experience at first was great, then the.
User became the product.
Social media, the initial launch seemed great, building up communities. Then what happened algorithms, the user becomes.
The product, and so we don't like social media.
We're more frustrated than ever with how the regular old Internet works, how Amazon or any of the online commerce marketplaces work.
And so to me, it's very rational.
They look at AI and, oh, great, yet another way that just is going to exploit us.
I think you're absolutely right. We bring a lot of tech baggage to this conversation, and I think There's another layer of a problem here, and that's that we're not listening to people we're expecting them to adopt AI. We're talking about you say we.
Who do you feel like you're speaking for when you.
Say week leadership in general, corporate leadership, policymakers, I think civil society. I think we all need to do a better job of listening to people.
Know.
We've published a book in October called Governing the Machine where we outline nine categories of risk, and each of those categories is very meaningful, and we need to be taking those into account when we're talking about how people and why people should be using AI. So if your concern is privacy, we can't dismiss that. We need to talk about how we're going to address your privacy concerns
before we can expect you to be using it. I think we need to be doing a better job of having a nuanced conversation where first of all, we're telling people how we're using AI. Too many people don't know
¶ Less than 1% of companies have strong AI governance policies
that they have been using it all day, every day, unlocking their phones, meeting their news feeds, scrolling through social media. When to let people know that they are using it, then we need to let people know what safe use looks like. We need to be establishing what the frameworks are that companies and organizations are putting in place so they know who to trust and what trustworthy governance looks like.
All of this makes sense, except it doesn't look like anybody in the industry is even remotely thinking about this. Whether it's Open AI, whether it's Plowed, whether it's the other Gemini, whether it's Rock everybody. I mean, when you look at the amount of money being invested in infrastructure to build out even more AI, that means there's a whole bunch of investors looking to get their money extract profits out of this. Nobody seems to be worried about guardrails.
In fact, I look at the whenever a new update concept, it feels like, you know, there's how we so powerful. We're not sure we can you know, we're not sure that the new cybersecurity can handle it. It's like a marketing ploy, not actually a serious attempt to add actually doing baby steps.
Well, you're not wrong. A report last year from McKenzie said that over eighty eight percent of companies are using AI in at least one pivotal function that was a year ago. It's probably a much higher number now, but at that point only a third had any AI governance
¶ Some companies are working hard towards AI best practices
in place. The World Economic Forum had a report earlier this year that said only less than one percent of companies have strong AI governance frameworks in place. So you are correct that it is not something we're seeing a lot of our hearing a lot about. Although I have the privilege of working with companies that really do prioritize AI governance, so I can tell you the good news is there is alignment across industry for companies, for leaders
that care about AI governance. You'll not see a lot of distinction between what those best practices are across the companies and organizations that have strong AI governance frameworks. You'll see visibility into how they're using AI. You'll see accountability from the top. It has to start at the top, but then across divisions so people understand who's the point person, what they should be looking for. You'll see not just AI principles, but operationalization.
I feel like you're describing what a company that might adopt an AI platform into their business and integrate it,
¶ State vs. federal regulation for tech companies & AI
that they may be taking care in trying to do these things.
That's not who I'm talking about. I'm talking about.
The purveyors themselves, whether it's Open AI, Anthropic Google, with Gemini or ix whatever we're calling the elon of musk operation these days. What evidence that there is any interest in good governance in those far entities.
I can tell you the ones that I work with so in our Badge program for senior executives, in our agentic AI summit we had this week, we have some of the best minds at Google, Deep Mind, at AWS and Amazon Microsoft who are being very intentional about their governance frameworks. You can look online to see what they've implemented.
¶ Why are companies pushing back against state level regulation?
You can talk to their senior executives who will be very well versed in what they are doing intentionally and across their companies to make sure they have strong governance in place. But I don't want to dismiss the deployer role because most of their applications that will have access to and that we're currently using, are from those large companies small companies that are using AI who also have a key role in making sure that it's safe.
If the industry is so concerned about governance, why are they fighting Why are they fighting state based regulation? Why is it so important to them to convince the Trump administration to do whatever it takes to prevent.
What many of us refer to as the laboratories of democracy.
In state government's figuring out a way to protect consumers.
From a state level.
Yeah, and it's a fair question. I think, first of all, there's nuance in what different companies are and are not pushing for. But to your question about state versus federal I'm a former general counsel, so I have sympathy into how hard it is to respond to a patchwork of laws. I think it's in everyone's best interest that there're certainty and clarity, not just across the country, but across the globe.
I mean, we're talking about AI. It doesn't have boundaries, and users across the globe are going to need that it's safe and lawful. So the war we have clarity and certainty and uniformity, the easier it is to be compliant.
I understand that. But if you have a dysfunctional Congress, it is not a functioning body of government. They're at war with each other. You have a we don't have a federal government interested in these safeguards, So why step on the state governments from Trump.
I can't speak to that. What I can say is I do personally have some great experience of good things happening, the very thoughtful, proactive things happening in the government space. So for instance, at our agentic AI summit this week, we got to talk with the Acting Secretary of Labor
¶ Most of AI regulation will come down to the courts
who's being very forward thinking and proactive about preparing the workforce and employers for an AI economy. They have an AI literacy framework. Most people don't know what AI literacy is, and so they've broken it down for employers so they can adopt and learn from this framework. They have text based AI literacy tools, and that's really important because when we're thinking about AI literacy, not every American has access to Wi Fi, and so if you have an application online,
many people will not have access to it. So they've created a digestible text based program where people can get a ten minute overview and introduction to AI. That will not make everybody AI ready workforce in terms of being an end and neuro computer scientists, but at least gets people over the hump of knowing what AI is and how they're using it.
I feel like we're trying to do multiple things here.
That sounds like we're on the education side, how to get people up to speed, how to get people comfortable with using if it was like trying to teach me a body, he's a personal computer. Well, what about the consumer protection side? And that's where it seems as if the industry is petrified of any attempt at a regulation that's consumer protection because they say, well, that's stepping on our ability to be able to either beat China in the AI race or keep up with China.
You're right, we need to have our eye on the state houses and the congresses across the globe to understand what new laws are coming down. But we also should not lose sight where I think most of this plays out, and that's in the courthouses. I think most of how AI is regulated will come down to how courts are citing,
¶ We need more certainty of expectations from AI companies
how current laws on the books will be applied to AI use. We have three chapters in the book on how different countries across the globe have laws currently in place that will be impactful. We've seen it play out in IP and copyright that will only increase in the years to come. We've seen it in several other privacy areas and so forth. I think we can expect.
All eminating out of Europe.
Right we have no way of case law here in the US as well. For sure, I think will increasingly see towards law consumer protection laws, contract laws where we'll be deciding who has liability because the lawyers are catching on to this and they will make sure that there is liability for those that are taking their eye off the ball in terms of safety and what the negative risks and impacts could result in.
Let's assume we had a functioning, feral legislative branch that was going to look at this not as seeing which side is going to contribute the most amount of money to their mentor, because that's the other part of this. All of the AI associated super PACs I think are sort of warping the conversation on regulation. Let's assume we didn't have this political cloud hanging over what would what is a recommendation of what first step regulation.
Would look like with AI bodels and what.
Entity in the government is best equipped to regulate these ais.
It's a great question. I think there's more. We need more certainty on what the expectations are out of companies. We need to understand The basic question with AI use that we always need to be able to answer, which is for who could this fail? We need to make sure that AI deployment are designed around thinking about what the human use cases are and what the actual application are. And I think there's a role for every agency and government. They're all going to be using AI personally if they're
not already. We know there's an executive order mandating it's being used across agencies as well as the oversight, but I don't want to lose sight of the other ways
¶ AI is a disruptor, we can't pretend it won't be everywhere
that this is where leadership is popping up. So with Equal AI, we've been doing an AI literacy tour across the country to listen to people, to hear what they're seeing, what they're worried about, but also to elevate leadership. What it looks like when AI leadership is what it looks like when we have AI leadership. So for instance, we've
been to Tennessee, We've been to Arizona. We're having conversations and cities across the country where we're seeing mayors who are using it for smart traffic management, creating resource hubs so that small businesses are in touch with academics, training, our next gen, but also getting small businesses AI ready. I think there's a lot of tools that we have now at our disposal where we have foundations of leadership, and so we just need to understand what does that
look like. You know, at ASU where they are leaning into AI USE, they're giving students the capabilities of generative models and that even how will I am teaching augentic AI used to their students. So I think we actually have a lot of opportunities for leadership that we shouldn't be overlooking.
I hear you, but this I mean talk about scattershot like we just described, seems the scatter shot and frankly,
¶ Are we ready for AI to make decisions without humans in the loop?
and again I'm liking you'd like defend all of these and and I don't. I don't mean to try to put you on the defensive, but it does appear to be that it's all scattershot, and it's really those that have the ability to to maybe even curiosity to be first movers and to learn this stuff. We'll do it, but we I mean, it does feel as if this is way ahead of anny guardrails that are even remotely ready to be used.
You know, I think you're getting at something check that we need to be prepared for AI is a disruptor, and I think we need to look at this as a disruption for good. We can't operate in silos anymore.
¶ Good governance means leadership must take responsibility for AI
AI connects us all and makes us all dependent on one another to ensure that we know how each other fit into the use cases. We can't imagine that only within our company are we going to be impacted by our AI use We can't imagine only within our state. There's overlap across boundaries when we're talking about AI, and so we're going to have to break silos. We're going to have to rethink culture in organizations where you can't just you know, pinpoint which agency or which department is
in charge of AI. It is across organizations, it is across states, and you're right, it's dissipated. It's not the way we're constructed. But we're going to have to rethink that's.
Talking about it.
I guess, agentic AI, do you really think we're ready for AI to make decisions without a human interface.
I think there are a lot of concerns about the state of readiness with agentic AI because of the statistics we talked about that if less than one percent of
¶ If agentic AI without a human was outlawed, how would companies respond?
companies have strong AI governance in place, they are not prepared for AI deployment, let alone agentic AI deployment. I mentioned we had an agentic AI summit this week where we were looking at what is the optimal use cases of a dentic AI. What does it look like if we get this right. We looked at challenges, We looked at the map between where we are today and how we will need to prioritize the steps to get to the optimal end state. And you could only do this
if you have strong governance in place. And again, I think we need to break down what we mean by governance. You know, too many people think it's a government responsibility
or a stop gapped innovation. We really need to understand that governance is something that leadership needs to be held accountable for and take ownership of whatever your organization is because you're going to be using AI, and we need to be realizing that it is the norms, the culture, the practices that build trust and really unlock the benefits of this innovation.
Is you know, and this could happen because of the populist backlash that I think is coming right now with AI.
Right some of it has to do with what I talked about with social.
¶ We're seeing tremendous investment without the ROI so far
Media, Others will be fear of AI job displacement, and you can just feel that there is certainly exploitable anger out there in our politics that you could see if Congress passed the law next that said no AIP, you cannot use agentic AI.
Period.
There has to be a human interface at the very very end, whether it's confirming a purchase, confirming a decision, that it cannot be.
Left only to.
The AI platform.
What would the industry say to something.
I think it would say that you're a little late because it is being deployed. So we cannot slow down innovation. We can speed up governance. That's our only option. Governance is the seatbelts in a car. It's the speed limits. It's knowing there's a doometer. We wouldn't get in a car if we wouldn't if we weren't sure that we
¶ AI will scale at an exponential rate
had these.
The industry bought seatbelts literally until the debts piled up. I mean, are we going to have the industry fight regulation literally until there are what we have right now with social media, a pile up of lawsuits that hey, they made a defective product.
Well that's why we need to have more of alignment on what these best practices are, What are the safeguards that everyone should be adopting when they're you using AI, because then we know what it looks like to be doing this well. I think at the end of the day, we've seen time and again that people will not adopt innovation. I mean, look at the ROI on investment. You see tremendous investment in AI. We're not seeing the ROI for
¶ We're seeing gender and regional gaps in AI adoption
many companies, and I'm very convinced, and the data show it's because they don't have governance in place and because they haven't taken the time to deploy AI literacy.
Is there anything to be learned as as we try to catch up on governments governance with AI, about.
What we didn't do with social media?
Yeah, there's a lot of lessons to be learned. Where to begin, We need to first of all understand the pace we are. We moved quickly with social media. I think that innovation was adopted with record speed. For our past innovations, usually it takes decades for adoption. That happened in a pretty integrated way within a decade. Within less
¶ The public needs to be empowered with knowledge of AI's upside
than that, AI will continue to scale at a pace that is exponentially higher than that, So I think any comfort people can take in waiting should be disabuse. There's no opportunity to wait. AI is being used in our daily life every day. It is being used in our workplaces, and so there needs to be a clear path towards ensuring its safety and ensuring there's more agency, more people
understand why and how to use AI. I mean, we're seeing these very problematic adoption gaps, not just across the fifty percent of the US that is not interested in adopting AI, but we see a gender gap in age gap, education and wealth, and even a regional gap where in the middle of the country there's more anxiety towards AI than on the coasts. These are all understandable. It's communities that have deep concerns that need to be heard and addressed before they're going to be willing to use AIA.
Have you had any luck with the AI.
Platform companies in understanding what they have or do you feel like they're just in a hurried anyday.
I think there's several conversations going on right now. There's
¶ The five best practices for AI adoption
certainly that competition once amongst one another, with amongst.
Us open AYE trial, it's not reassuring to watch all of this sort of dirt get circulated out, but you're just sitting there going it's just a bunch.
Of people trying to make more money off of us.
Again, this doesn't feel like anybody's actually been concerned about what the technology.
Is going to do to the public.
Well, I think the more we can do to empower the public, policymakers, lawyers to understand what good outcomes look like, the better off we are. I think you know it's in.
You're right.
It's an interesting look into what's happening under the hood. But again, people have agency here and there's many yders across the spectrum. Journalists have brought it to account many of the AI use cases that have been problematic, and that's where you see changes. So the more there's clarity in what good looks like and the more we're able to pressure test what some of these problematic outcomes look like,
the more we can have our expectations in place. But again, I wouldn't lose sight of some of the forces, the market forces we have in place, whether it's ROI or the litigation we're seeing increasingly in the courts. Last year there was a the AI Index report. They said there was a six times increase in litigation over sixty years. I'm curious to see how much exponentially higher that is.
Now, all right, let's try to let's try to end on. Give me some best practices of entities out there that do seem to be prioritizing governments.
When you're seeing governance, there's at least five overlapping indicators. There's visibility. Most companies have not done a survey to
¶ Employees and consumers will see how AI errors play out
understand where they are using AI across enterprise.
You think there's some companies their CEO doesn't even know where, yeah, AI is being deployed.
It was a very problematic study out a year ago where they looked for at HR uses of AI, which is one of the most predominant use cases of AI. They surveyed the global companies and about eighty eight percent of the chief HR officers confirm their using AI in HR functions. At those same companies, about sixty two sixty four percent of CEOs indicated they were using AI and their HAAR functions. Forty eight percent of general counsels indicated
the same. So, yes, I think there is a huge problem of people not knowing, not having visibility into how.
AIS is inside their own.
Inside their own companies. We can do this in our own homes too. Second of all, you have to have accountability. You have to have someone in your C suite who cares about this, who takes ownership of this, who make sure that there's the budget. But even equally important is that there's alignment across dvice. Too many people think that this is the innovations of the past where you can assign it to one department, and AI doesn't work that way. AI is in every news media.
¶ Transparency will be key to safe AI deployment
Will have a digital team. It's like all media is on digital. I remember thinking that back then. So, yeah, there's such an AI team. It's like saying you're going to have a deskot you.
Got it, you got it. You have to have that C suite level buy in and interest. But then you also need that because a lot of this is going to play out in the front lines. Your employees, your consumers are going to find some of the errors play out, and you need them to know who to report them to and that it's safe to be reported up.
The play is the realistic first regulation, then just simply transparency.
Transparency. I think that's a complicated issue because it has to be stated in such a way that could be understood meaningfully.
Take surveillance pricing.
I know New York State passed the law about surveillance pricing that if it was done with AI, it had to be set how to say, so New York does this regulation. But even if you got to know it was a good example to wash the post, it had to put a little disclaimer that they were using surveillance pricing on their subscription services. And somebody who lived in Oklahoma got that warning even though Oklahoma didn't have that law.
New York State has that law.
But it felt like, well, all right, that's a case where transparency at least is a way to at least give the consumers something.
Transparency is a start, but we don't want the human fatigue of checking I'll accept the cookies so I can get quickly to the website of where I want to go,
¶ Anne Neuberger joins the Chuck ToddCast
And we don't want it to be written in a way that they can't understand. So I think absolutely transparency is key. Where are you using AI? What have you tested for? I mean, let's talk about in the medical use cases, which are some of the most exciting use cases of it. If you're going to tell me that your cancer detection is eighty eight percent successful. I need to know for whom I need to know if that
is true for the patients that you're talking to. Was were they appropriately represented in the satisfaction rate and the success rate of that product? For whom could this fail?
¶ What should AI global governance look like between superpowers?
How are we going to get most regulation due to court fights rather than due to legislation?
Is that true? Is that real mean? And what that means is civil litigation.
I think in the short term there's a lot happening in the courts that people should not overlook, a lot that will impact their use, their rights, their company. That if they are not keeping their eye on what's happening across the country and frankly across the globe in the courthouses, they're missing a lot of the liabilities they will be walking into if they do not have good governance in place.
Well, I'll say this, if you're a legislator and you're watching this, get our booked, because it does sort of in a very thought in a good way, layout sort of how garden You're trying to figure out what grdros to build and I feel like your book does sort of layout.
Okay, if you want to do this, Cardrail, this is the way to do it. Thank you, check Ary, appreciate.
You saying that, thank you so much for having me.
Well.
This episode of the Chuck Podcast is brought to you by ship Station. When your company is growing fast, order fulfillment can make or break your success. Ship Station's intelligence driven platform brings order management, rate shopping, inventory and returns,
¶ AI is different than nuclear regulation because it's developed privately
warehouse systems, and comprehensive analytics all in one place, saving customers fifteen hours per week on fulfillment and guess what time is money? So with shipstation, everything you need to manage getting orders to customers is in one place. You connect to over two hundred sales channels instead of five to seven disconnected tools, you've got one. Shipstation compares rates across all major global carriers, United States, Postal Service UPS
and fed X, including your own discount rates. That's pretty good if you have them to find you the best shipping option on every order and discounts up to ninety percent off set up time saving automation. Ship Station picks the best carrier, finds you the best rate, prints labels in bulk, sends tracking updates, and you're done. One million
¶ Was it a mistake to let the private sector spearhead AI development?
businesses have trusted ship station trust me. I have a little side hustle on sports cards.
I think I've mentioned it a few times.
The most annoying part is the shipping and if stuff's convoluted, you can't get it done. And that's the beauty of shipstation is it essentially streamlines that shipping process. So try shipstation free for sixty days with full access to every feature I just talked about. No credit card is needed. You go to shipstation dot com and you use the code podcast to get those sixty days for free. Sixty days gives you plenty of time to see exactly how much time and money you're going to be saving on
every shipment. So that's shipstation dot com.
Toodcast.
Shipstation dot com use the code toodcast. All right, you have transitioned from governments into the private sector. Still in the AI space, let's talk about AI security, especially we've got this China summit coming up between She and Trump and apparently AI governance is now going to be on the agenda. So let's start there. What should global AI governance look like between superpowers and how? And is nuclear
¶ Cybersecurity concerns and risks
proliferation or non proliferation the model?
So, first of when we think about AI security, there's really two lenses to think about it through. One is the risk that AI brings, for example, in accelerating the depth and speed of cyber attacks.
And the second is the risk of AI.
If models are not secure, if models can be poisoned and of themselves. And then if they're embedded into whether it's a decision about whether to loan somebody money or a.
Decision about we're in the electricity.
Grid, thank you so much. One optimizes, then they bring additional risks. So we think about it in.
Both of those lenses.
And to your point about global governance, it's the question we used to have often about cyber governance.
What are the rules in the room? How can countries use these dual use technologies.
They're both defensive they help us secure infrastructure, for example, and they're offensive they help between countries. They may be used offensively in the context of a crisis or conflict to destabilize infrastructure. So what should the rules that they will be when fundamentally there are no borders of the rules.
Well, it's similar to nukes, right, we had nuclear energy
¶ Cryptocurrency helped criminals evade detection & enforcement
and one set of rules versus nuclear weapons, right, positive and negative.
It's very different in that it is a private sector developed technology that's broadly available, versus nukes that are primarily developed by governments with very strict rules around.
For the funny you say that, I've talked to I have a retired general friend of mine who is obsessed with the fact that he thinks AI never should have been allowed to be developed with the private sector first, that there always should have been like with nuclear technology, where it was essentially government driven with academic research and sort of bringing the private sector into the government sphere and the internet itself private sector into the government sphere.
¶ Every ransom payment encourages more cyber attacks & ransomware
It's too late to go there now with AI. But was that a mistake?
You know?
The power of the American innovation system is that we have the laws, the financial markets, and the investment in R and D that happens in the private sector. That means technology, drug R and D, drugs is primarily coming out of the private sector. Yes, there's some investment from government, but it's mostly there. So I think the strength of our system is that innovation comes out of the private sector.
So should have could a? I think it's just it's it.
Doesn't matter what the philosophy is.
We are where we are, so so let's talk about you talk about cyber and a global and you try you develop something in the Biden.
Administration having to do with at least coming to a collective agreement on rants.
Explained absolutely, because it is gold apply for AI, right, it's.
An interesting approach. You're right to apply to AI. You know.
So in the past we would often think about the big risk of cyber as espionage. We talked for years about how China was growing at strategic technology sector by stealing intellectual property from America. And you know, governments have
¶ Cyber threat intel was shared across governments
been trying to steal each other's secrets.
Whether as human assets is five. But if we say that moved to digital because it's so much easier. You don't have to get a guy into a as old as a country.
Bad borders on countries, it exactly.
I'm sure the feudal lords were also spying on each other, and it's.
So much easier in cyberspace.
You don't have to get a human past a fingerprint check into a country. So that was the way we looked at it. It changed with the advent of two things. One is cryptocurrency and the second a criminal ecosystem that essentially built out cyber tools and that enable them to use those tools to disrupt companies, infrastructure, hospitals around the world and get.
Paid for it easily.
It's the so called dark web, the dark.
Web plus the financing right, because the dark web is a way that people can just communicate outside the formal
¶ Governments extended rules for fiat currencies to cryptocurrencies
Internet ecosystem. Essentially, as you know, every IP address has a matching mean that makes it easier for us to find Amazon dot Com without necessarily knowing its Internet.
For right, everybody's address exactly right.
On the Internet dark web, there's just the addresses without the to who it is, so people have to know where they're going. What changed in ransomware, to your point, was that you had a criminal ecosystem that now had a way to move money outside traditional banking systems. And in many ways, while there are rules around cryptocurrency anti money laundering done by the Financial Action Task Force, they
are not implemented around the world for various reasons. So as a result, you would have these safe and some countries provided safe haven. So Russia, for example, looked away or quietly enabled criminals with some ties to their.
¶ Governments had to disincentivize ransom payments
Korea.
There was a whole sort of access of maybe unfriendly countries to.
The West that were doing this right exactly, and those actors ended up disrupting infrastructure to get paid a ransom, and in many cases, like when you think about Britain's National Health system, disrupted the operations of hospitals.
So to them, they're ready to pay.
So the debate became while for one entity paying a ransom could be the fastest way to get back online, every payment fuels the ecosystem, right, So overall we're enabling these attackers to do more and more of these attacks. It's essentially incentivizing them. So in the last administration, we
formed something called the Counter Ransom Initiative. We said, we need a way to coordinate among countries to put it in place the practices, getting countries to implement anti monitor laundering rules for cryptocurrency, disrupting the operations of these ransomware attackers, and fundamentally in each of our countries, trying to put
¶ Goal was to help companies recover without paying a ransom
in place policies to not allow ransoms.
How hard is it though, to get I mean, does that need to be like a again? Does that look like a treaty like we have with nuclear weapons and what we have with biological weapons?
Is that what this would eventually look like?
So it's a really good question.
On the positive side, we formed the Counter Ransom Innership that grew to eighty countries, and we had working groups that did things like countries sharing with each other threat and so if a particular technique was used against the hospital in the UK, that was shared across the governments so that another country would then inform their hospitals keep
an eye out for that, protect against this. In that way, that was successful because it was sensitive sharing and it expanded it to more countries than had ever been shared
¶ Both companies & government should share burden of security
together before. A second success was in training countries and how to look for cryptocurrency money laundering. Cryptocurrency enables cheaper and faster transactions for all kinds of people, people sending remittances back home, for example, but it also enables payment
of ransoms quickly. So we among different countries who had more sophisticated systems, we trained other countries, and we could also use more offensive capabilities to say if a given country is not acting, it can be put on a gray list, to say other countries say we're not going to do business with you, because you really need to. The stick is essentially doing routine business transactions, not in cryptocurrency.
Nobody wants to be on a grade list which says they're not following the rules of anti money laundering because it puts their entire financial system under question. As well as another stick, which is sanctioning some of these exchanges that were moving a preponderance of illicit money. One was called Tornado dot Cash, and we did the first ever sanctioning of that entity to say.
We're going to bring the traditional rules.
Of enforcing the rules for banks to cryptocurrency virtual asset service providers. So we extended the traditional rules for fiat currency to cryptocurrency. So that's where it worked.
Where didn't it work yet.
And I guess actually a third one where it worked is the governments agreed that no governments would pay ransoms.
That was the third way.
We got agreement and a public statement saying we all agree, And the public statement was important because then we called
¶ AI is being framed as an arms race between U.S. and China
ourselves accountable. Where we had more trouble was a fierce debate about what countries do to actually disincentivize ransom payments by private sector actors. In the US, it was a fierce policy debate. What we wanted to do was say we would announce in six months that ransom payments were not permitted unless a permission was requested from the Department of Justice for a national security emergency.
Could be illegal.
It would be yes, essentially, so I paid.
A ransom, charges would be brought against the person that paid the ransom.
Or if you wanted to pay a ransom, you'd have to come to the Department of Justice and they might see that. For example, if a hospital wanted to pay a ransom. What we wanted to do the goal of
¶ AI drug development should be an international win-win
this was not only to disincentivize paying ransoms, but to incentivize putting in place the cybersecurity practices that enabled entities to recover without paying a ransom. What do I mean if you have a good backup, if you've encrypted your data so even if the attackers get it, they can't use it to blackmail you, that they have a bunch of sensitive medical information or your client's wire.
Instructions that's sensitive.
So a few practices like that help a company recover without having to pay a ransom.
And what we want to.
Do was essentially say, Okay, in six months, the easy out of a ransom payment is going away.
Come on, folks, do what you need to do so you can recover without.
It, So.
That puts the burden on the company to have as most the most up to date security possible.
In theory, I get it. On the other hand, you know.
Is it should should that fall on the company or should that fall on the governments?
¶ The arms race framing applies to national security applications
That is one of the core policy debates in cybersecurity. Now to that point, there was responsibility for each and I think when you think about the physical world, to your point, when you walk into a large corporate building, there are guards there that are paid for, you know, by the owners of the building, but you then have a police department if they're right, so you have both with rules, and I think that's very similar in cyber space.
So in the case of governments, you know, we were conducting at that point offensive cyber operations to disrupt the infrastructure of these criminals around the world. We were working with governments around there were a number of coordinated attempts to arrest people. So we'd share quietly, you know, the names of people and if they got on a plane, they went on vacation, or they tried to you know, enjoy their illicit gains.
In Duvine, you know, they'd be arrested.
Among the members of the counter ransomware initiative were law enforcement cooperation and finally, government, like I said, created forums like that for information sharing, released advisories, and took those steps. But on the private sector side, there is the pretty in this case, basic steps like have backups, encrypt your data, make yourselves a harder target that when we think about the physical world, is very.
Much the equivalent in the digital world.
Let's go back to so one of the one of the reasons that the industry has fought regulation in these early days of AI adoption has been with this idea that we're in a race with China, and yet at the same time that there's no cooperation on how governments use for particularly how they weaponize AI. We could be in a We've already seen some asymmetric warfare successes thanks
¶ The speed of innovation is so fast, a race feels unwinnable
to AI for you know, essentially a smaller country being able to you know, operate with the with the bigger countries. What do you envision is realistic in trying to have some sort of AI red funk between China and the United States. I mean, is that what we're looking for here?
So first, let's unpack the race with China, because I think you're right that term is used a lot, and we should ask what does that really mean. So from an AI perspective, there is AI that's helping in the fields of drug discovery.
I mean they're currently drug trials. You can accelerate.
The should be a border there should be borderless. One would think might competition.
Because today, unfortunately, there are more diseases than there are vaccines for than there are drugs for. So that would be something where if it brings down the cost of drug production enables trialsity faster, that's a win for all of us.
So in that case, I think the race is a race that's arm in arm.
How do we make the most of this technology for the benefit of mankind. Similarly, there's many kinds of positive uses of AI. Frankly, there's positive use of AI for cybersecurity.
¶ Advantages in AI race will be measured in months, not years
It's hard to build secure code. Using AII that's trained on more secure code or on some malicious practices can then help ensure that code is generated securely against known threats and then can be tested as well before deployed.
That's again a win win for all of us.
There's the discussion of a race is essentially adoption of the most capable AI in national security fields, for example, in intelligence collection in for sample, in China, here's where an authoritarian country has an edge over a democracy. China has millions of cameras deployed around the country.
Chinese technology is deployed around the world.
They're going to probably surpass us on facial technology simply because of their system of government.
¶ There's no good military to military comms between U.S. & China
Exactly, and I don't think we would trade our system of government. On the other hand, let's recognize that an American human spy traveling around the world is at greater risk as China trains facial recognition models. Then a reverse case, a Chinese spy would be because the US both did not, and we should talk about that. US technologies, let's say, in strategic areas like telecommunications, were overcome by the Chinese playbook.
So if you go around the world, it's Wahwick, it's not ericson right, It's certainly not Motorola, which was or put out of business.
We attempted the United States to try to hamstring Huawei, just failed.
So let's come back to that, because I want to make sure I answer the prime you know. It's so when we talk about the race, that's where we mean in deployment of AI and national security areas like intelligence like by the military, where AI can make a difference crisis.
I mean, you know it's funny. It's this is race, but you know it's always funny, and there's sometimes the arrogainst the west right where we assume that the other side is to see the potential advantage or disadvantage.
If they if they allow.
But with AI, the speed of innovation and frankly the speed with which you could counter the innovation is all happening so fast it feels like an unwinnable race. Meaning even if you think you there's no finish line. You may be here and in other country's here, but they may do this because we've seen these we've seen the AI models.
They all leap each other.
Who's to say Chinese is a Chinese deepline model isn't going to do the same thing.
So that's exactly the way to think about your question about governance, because I think when we think about AI for all the positive use cases, let's arm in arm for the benefit of humanity, when we think about the case of AI deployed in military in weapons, that's where harkening back to your question around nuclear technologies, they had the same back and forth. Right, we were attempting to detect Soviet nuclear submarines, they were attempting to detect ours, and.
Generally we would have a flywheel.
Whereas our own detection technologies improved and became more sophisticated,
¶ Does government have any chance to effectively regulate AI?
we deployed better stealth on our own subs as well to protect against theirs. Now, clearly the pace of tech was far slower in nuclear technologies, so we could have a.
Five year advantage a ten year advantage, it seems with this at best you're lucky to have a.
Five month ANOW and the degree of depth, potentially of incorporation of AI into military decision making can be significant. Now, I want to be clear and say military culture around the world is generally more conservative. These are people who are trained in the laws of war. These are people who know what it means to lose a life, and they also know that any technology use on offense it's likely to come back to that you have to defend against as well. So it's not as if I think
¶ It took a major cyberattack for government to figure out cybersecurity
military communities anywhere around the world rush to deploy a new technology that's not fully understood. With that said, that is where as China and the US talk discussions about how will we incorporate AI into our military decision making and most importantly, if there is a misunderstanding, how do we communicate. One of the troubling things about US China relations is that we haven't had a military.
To red phone. We don't have the exactly you know, the metaphorical right exactly.
And in the past, with our last peer adversary, the Soviet Union, we had both a military red phone and a political line.
¶ Government took existing regulations and updated them for digital age
So to the Check podcast is brought to you by Soul. So if you love that end of the day unwined but hate the hangover, Soul's out of Office is for you. These sparkling THCHC drinks and gummies give you the same relaxed social feeling without the alcohol, without the calories, and without the crash. Soul is a wellness brand that believes feeling good should be fun and easy. Soul specializes in delicious hemp derived THCHC and CBD products designed to boost
your mood and help you unwind. Their best selling out of Office gummies were designed to provide a mild, relaxing buzz, boost your mood, and enhance creativity and relaxation with five different strengths.
You can tailor the dose to fit your vibe.
So also has a variety of products specifically designed to help you get a better night's rest, including their top selling Sleepy Gummies, a fan favorite for deep, restorous sleep. Look, I have made no secret, I am a believer in this stuff, in cannabis and hemp derived. I do not partake in alcohol. For the most part, I think this stuff is a lot safer than alcohol, a lot less addictive than alcohol. And yes, I have to say I love these drinks. It is the glass of wine and
you know after work, that's what this is. So no hangover and no excess calories like this. I'm a big fan. So bring on the good vibes and treat yourself to Sold today. Right now, Soul is offering my audience thirty percent off your entire order. Go to getsol dot com and use the word toodcast that's getsold dot com promo code podcast for thirty percent off. And yes, I too, am a customer. Yeah, but we didn't get it until
after we had almost a convertation. Like it took a crisis to create those safeguards.
And to be clear, the US has attempted to put that in place. The onus is really the Chinese have not wanted to put it in place, and the concern really is that as a result, as each of us start to deploy AI and sensitive areas, there is the opportunity for miscommunication. There isn't necessarily the channel to resolve it.
¶ Existing regulations can also be updated to regulate AI without legislation
And that's where discussions among leaders are important, as well as putting in place the detection technology so that we and and really the intelligence capability is to try to understand how competitors are using AI in their own ecosystem so we can be aware as well and know and try our best not to misinterpret. But an ideal world, that's where you want the governance simply.
We go to a larger issue. You're now in the private sector.
There has been hard always stays in the national security.
I hear you, I hear you. There is this, There is.
There is The industry is petrified of any regulation at the moment. And I am cranky cinical reporter who says tech industry, you you you gave us social media and totally destroy the information ecosystem and we're suppos to trust
¶ Should there be an FDA for AI models?
you with AI. The industry, I feel like is not fully self aware as to how they have brought up. The skepticism that is out there about the technology exists because of essentially their bad behavior and the lack of lack of regulatory for any sort of significant regulation coming from government.
And now we're jumping to it I entirely new technology. This feels this feels like.
This just feels like government has no chance to sort of get its monitories.
It is always a hard area to think about how to regulate a technology that's evolving so quickly. And I think there are some lessons we can learn from cyberspace and some that are very new. What do I mean, As you said, the US government failed to put in place regulations for cyberspace for a decade. The last attempt was a Lieberman Collins bill in twenty fifteen that's failed. After the Colonial pipeline incident, the President turned to me and said.
And how is this happening?
How can it be that we have one major pipeline, one major oil and gas pipeline supplying the entire East coast,
¶ There needs to be a balance between innovation and regulation
only one, and a group of ransomware attackers sitting in Saint Petersburg can can conduct an attack that leads the company to take it offline, and as you know, that led to you know, americans at gasoline stations.
One of the things we learned is never.
Tell Americans please don't line up and get your gas all will be well, because then they immediately will go refill their pumps.
And at the time we realized we.
Were reflected on the President's question and said, you know, let's do a scrub and see are there regulations that already exist that apply. And what we found was that in pretty much every sector of critical infrastructure there were old safety regulations that could be reinterpreted for the digital age.
What do I mean?
Railroad signaling systems already had regulations to ensure that when they were mechanical, the mechanical box was properly secured. Who could have access to that, who could have the key?
¶ Laws trail tech. Need to find regulation that protects the public
So we worked with TSA, who's the regulator for all railroads, took those regulations and updated them for the digital age to say, you know, you need multi factor authentication, not a password because everybody's passwords have been compromised. You need to ensure you have a monitoring system for your signaling system.
And initially there was some pushback from the.
Sector exactly as you said, and we realized that we had failed to properly engage them. So we invited the fifty seven railroad CEOs in the country to come in and we gave them briefings on the security threat, and we said, here are the security things that we think
are needed. Let's have a discussion of that right balance of costs and impact, because if the threat is here and railroad signaling systems here, we can't jump here in one leap, but we can jump here, show the impact, show how we're reducing the cost of an attack, which is significant, and then do that in degrees. We did it for pipelines, we did it for ports, we did it for airports. We did it for water systems using
existing regulators and existing regulations. And I think there's a lot we can learn from that because there's no one size fits all. I've visited water systems in San Jose. Securing those water systems so Americans have safe water is very different from securing an oil and gas pipeline. And the regulators know their sectors well and know what's reasonable in terms of the cost burden for impact in terms
of driving down the threat. So I just to close on that I think there's some lessons to be learned in the case of AI, right Like, for example, if
¶ AI will transform defensive cybersecurity
you think about people are worried that AI is used to determine if you or I should get alone, and they want to make sure that the data that's trained on is not biased and that the recommendation is explainable. So a human looking at it can say, why trust chock, why not trust in? There are existing regulations that do that.
They have to be.
Updated for the use of AI, many of them or they exist so many are adequate. That needs to be done for every sector. And then going back to the first question you asked me that talks about the risk AI brings separately, there are approaches we need to do to make sure the AI models that are deployed are safe themselves.
So this gets back to you, we don't you know, we still don't regulate algorithms.
Algorithms.
Many companies believe their algorithms are this proprietary thing, and
¶ AI can double check defensive cyber infrastructure at scale
we don't know whether it's being used for predatory practices. For because it's an algorithm that could make that decision about a mortgage or about a loan. Sometimes after the fact, maybe a civil lawsuit is brought and then you can somehow claim that they violated the law. I get that the law is there eventually, but is there a proactive way to essentially, hey, we've got a new algorithm that's it's going.
To help us.
Get through these mortgage applications faster. Let's make sure it's approved by the government the same way we would approve a new drug before it was circulated on the market, sold as a as a as a pharmaceutical, you know, answer to some disease.
It's a good question.
And the big difference I think between an AI model or an algorithm, to your point, and a drug is one changes so continuously and one takes time to develop and test.
It has IP protection attacked, I.
Admit, but I you know, actually the speed of prescription drugs is going faster. I mean, I could make an argument that FDA and drugs AI models.
You know, why shouldn't there be an FDA or AM And I think it's.
I think to your point, there's a tension between the innovation and regulation, right because regulation often is slow to adapt to adapt to changing technology. And in fact, I think, frankly, if you look at the difference between the European Union and the United the States. European Union is a country that puts regulations first, an innovation second.
I get it, and it's what's the line. Yeah, well, right now, there's no line, And I think we're not even attempting any of them because the industry has got aggressive politically and has got essentially made a political bargain
¶ We need to prepare our defenders, China's models are 6 months behind
with this administry.
And I think there's a balance between the how we approach AI models themselves and then how do we approach when they're deployed in sectors where regulations exist, Like, for example, we'll just go use our loan example again.
So if somebody is deploying an AI model.
To determine who gets a loan, there are regulations around explaining how a decision is made coming out of an algorithm or model, and around what data that's trained on, So that you need transparency on the data it's trained on and explainability of how that decision is made. That exists in that sector. It doesn't exist in every sector, and that's really what we need. We need the transparency on the data models trained on to see is it trained on data that fundamentally was.
Do we need new law in the books for this.
I usually default to say, given that laws trail tech by such a long time, are there ways that we
¶ Companies will need help to patch and update their infrastructure
can achieve what we want, which is protecting the population from a new technology's most significant risks in a way that's also adaptable and changes quickly. And I think there to your point, looking at the AI models and saying, what is the delta harm they bring to different areas, and then what's the best way to control against that harm?
What's what's needed?
Look, a month ago, Anthropic came out and said, our new AI model is so powerful, we're.
Not sure that.
Current cybersecurity infrastructure is going to be able to defend against people deciding to use our model to potentially attack.
And there's a part of me that says, so why release the model? Like should this?
But again, there's no law in the books that says they can't release the model.
¶ The government has a very key role to play in AI cybersecurity
So yes, And you know that's a fierce debate in the cybersecurity community.
How much of that was Anthropic marketing and all that I saw.
Debate, I think it is enough.
It's no different than claiming that your prescription drug, if it works properly but for longer.
Than four hours, call a doctor. Was that a side effect.
Was that a marketing gold Well, you know, so it's so interesting.
I've had the privilege of leading teams conducting offensive operations and I also, as you know, led defensive head of cybersecurity and essay and then let this work at the White House, and I will say that I really believe AI models will transform cybersecurity on defense. But it's a painful path there, and that's what we need to control for what do I mean it is far easier.
To attack than to defend.
An attacker has to find one way in a defender has to be checking every door, window and ceiling.
Job in America's homeland security, yeah, because.
N is not going to happen, and being a SISO is a really tough job.
¶ Government has to clearly identify where the cyber risks are
I mean, there's often discussions in that community around just how difficult, how much people know exactly this, et cetera.
It's terrible.
Now, what AI allows is attackers to jiggle every doorknob continuously and at scale. So it really does enable attackers. But what allows defenders to do if they're doing the same thing, if they're jiggling every doorknob in their infrastructure in advance and at scale, and AI then helps generate patches or controls to compensate that can be significant. Today, the model's capabilities on generating patches, et cetera need to be better.
They're there, but they need to be better.
So the approach that said, let's get the core companies producing digital infrastructure that everyone uses to use the models to find and fix vulnerabilities and deploy them via existing patches is a smart one because it starts locking down common infrastructure. What's missing today and what we need is that in all of our critical sectors. Hospitals are a good one, there's also a stack that rides on top of the core infrastructure and that is often what's used
to compromise a hospital to disrupt its operations. That's missing, and I think that's what we need to be able to say, within each sector, what does the stack look like? And in some cases those are stacks that aren't updated and secure them quickly.
Is government behind or industry being obstinate?
Government needs to be doing convening and I see the power of government convening is significant when you bring everybody around the table and you say, look, we can regulate this or these are the things we.
Need to see you get done.
Particularly when companies are out there saying this is such a powerful weapon, this is so concerning, Well, then act it out.
Then work with.
Us in team to ensure that we can equip defenders to be ready, because, let's be honest, Chinese open source models followed by six months and that's a threat that's significant.
So we have a window of time for models, for frontier model companies to be working, and frankly, for government to be helping convene the open source and the open source community to be getting access to the models because, as you know, open source, unlike a Cisco or Microsoft, is developed often by anyone, but broadly deployed in our infrastructure. So I think that's starting. You see, the White House
has been bringing companies together. You see Project Last Wing, you see opening eyes approach to say we'll approve people because we.
Wanted to know your customer.
We want to know are you a SISO, are you a head of cyber or AI for a country who's setting strategy, and if so, will come up with ways to have you use the model in a way that's safe and doesn't broadly distribute it. But the race is on, and to be clear, even though you know I do believe it's going to be a game changer on cybersecurity.
We've got to ensure that models are in the hands of defenders quickly, and we've got to keep the pressure on companies that build digital infrastructure to be getting those patches out and figuring out for infrastructure that is difficult to patch.
You know, it's not so easy to just push a patch on a manufacturing plan.
You know, it sometimes has side effects that we can use AI, for example, to simulate those patches to ensure that they're working right, to give users more confidence to deploy them. So there's a lot that needs to get done.
You're outriting a lot that we need to do.
Color me skeptical that we have the current governmental infrastructure to respond in the ways that maybe the public needs it to respond.
You know, the first step is saying here's where we need to go. The second step is rally a community. The nice part is there are lots of people across the tech community are ready to roll up their sleeves and can be self organizing on this too.
But you're right, governments, and yet we're all watching as voyeurs this elon musk Open AI trial and it doesn't give a lot of confidence in some of these companies.
You're right that the role of government inconvening, and I do believe the White House has been doing convenings, bringing companies together and trying to get action out of them. And in fact, companies are moving in. I've talked to a number of companies participating in glass Wing.
They're doing the work, they're building.
The patches, they're planning to get them out to customers, pressing them.
On psychically, initial models are not the trustworthy enterprise. It's one thing for Microsoft, JP, Morgan, some of these companies to be responsible with how they're using these models, but it feels like the companies that are making the models don't. Necessarily they seem to be more a bit self absorbed.
There's a tension between the commercial value and the national security risk, and typically, you know, government makes that determination. What's so different here is the tech is coming out of the private sector, and it is important that government come out and clearly say here's where national security risk is significant. Here's an approach that insures we still lead on innovation, but we drive down the risk to an acceptable level.
Along the way.
And you've got a big job it's like with trying to bridge this divide.
It's a large community, and you know, I always believe with tech, there's nothing wrong with tech that can be fixed.
With the threat, I will say this, I think there's government is skeptical, a tech is skeptical of government, and yet they have to work together in world fits.
I very much agree with that, and I think quite frankly those relationships. When I think back to the Snowden period, the divide between Washington and Silicon Valley was incredibly sharp, and that came from a sense that government surveillance wasn't farnollowing laws and policies of the country as a democracy.
And frankly, you know, at the.
Time, I after that, I was asked to be NSA's first chief risk officer, and I remember flying back and forth across the country and seeing how sharp the divide was. Folks in the national security community were saying, why don't people trust us? We're the good guys here, and folks in the private sector were like, Okay, how does this intelligence community work and doesn't really respect my values? And it took a series of conversations, you know, over the last decade to heal that.
I think we're at the same place.
Now where you Well, it's funny you bring up values.
What are the values of these companies? I don't know sometimes and are they our values? I think there's some concern about that.
But this is just the beginning, it is indeed, and thanks for your time.
Thank you.
Thanks