Gili Raanan of Cyberstarts: AI will double all of human technology within 25 years — and that's the threat

beat QQQ over the last five years by a lot. I had no idea. Uh, and

let's give it up for International Business Machine.

And they keep going back and forth. But let's give it up for IBM and let's give it up for our guest for our next guest from Cyber Starts.

How do I pronounce this thing?

Let's bring him in to the TVP Ultra.

Well, what's going on? Great to meet you.

Help me pronounce your name. I don't want to get it wrong.

Gily Gilly.

Hey, John. Hey, Georgie.

Thank you so much for taking the time to join us. How you doing?

I'm doing great. I'm speaking for you with you from Miami. We just finished uh

Cool.

the first day of our annual conference, Cyber Sparks.

Yeah,

we had a lot of fun, lots of uh terrific guests uh and and speakers. We we just had Nikesh Aurora from Palo Alto Networks, Joe K, CEO of Crowd Strike.

We love my friend from Seoa Capital Flush. uh the founders of Whis, a small company that you might heard of just completed a tiny acquisition last week.

Yeah,

congratulations to to to you on that one.

Yeah,

great great outcome. Uh yeah, what what is what what are people talking about? What is what is top of mind for everybody at the event? Well, the the whole idea of Cyber Sparks is to bring together the top 300 leaders in cyber security. So you've got here about a 100 executives you know CEOs and founders of the top cyber security companies in the world and uh the top uh practitioners you know chief information security officers of Fortune 500 companies and the whole idea is to work together and talk about what's next and how we can work together in order to deal with what's upcoming and there's lots of risk and you know an expanding threat vector. Uh you you probably talk a lot about artificial intelligence and the new capabilities that it brings uh in your show but with every technology wave you know think about internet think about cloud there are new risks introduced so we kind of spend couple of days together to talk about you know the future of cyber security

is there do you think there's more uh more fear or excitement around the technology shift because there's obviously this new kind of uh new threat vector, but at the same time that creates opportunity for the industry for product expansion. And so uh it's go time from a business standpoint to kind of meet meet the threat. Uh but also I'm sure some people in the room are a little bit scared of what's coming.

I think there's mostly uncertainty about where this thing is going. uh you know what we've seen in the past 12 months is accelerating and there's there are so many things that we simply don't know you know I wish I could stand here and give you all the answers but in a room we had uh a lot of conversation around the uncertainty on one hand and the pressing need to make some decisions about safeguards to make sure that you know the Arnold Schwartzenegger Terminator movie

you know doesn't become a mild a mild story relative to the reality in in 10 years and I think that what we are going through right now we call it or I call it technological doubling you know if you think about technology um used by us as as a as a race as human you know and you think about you know what we have today as the the 100% and let's say the zero is the invention of writing like like 4,000 years ago when we lived in caves and started to write in order to accumulate knowledge so we can build tools then the 50% is probably at the point in time of the invention of the uh steam engine which allow us to build machines that would perform tasks too difficult for man. So the last doubling took 170 years. The next doubling would take place in the next 25 years. That means that all of us, all the three of us and everybody who listen to or watch the show are the first people that would witness technology doubling within their lifespan.

That never happened. That's the acceleration.

No living person have seen doubling of technology. And you know what? When you just follow the curve, you know the curve I just described to you, that means that in, you know, 25 years, we'll be at 200%, but in 100 years, we'll be at 2,000%. This is just math. It's it's not a prediction. This is this is just following the math. Meaning that people that would live a 100red years from now would look at our technology in a very same perspective. We look at the technology used by our ancestors living in a cave drawing something on a wall. That's exactly the same. So we are going through a a a radical change uh in technology that we have never experienced and that would require dramatically different type of thinking about you know safeguarding uh the uh new capabilities. So because this is enormous opportunity ahead of us you know AI would change everything about healthcare. It would change everything about education. So there's an enormous opportunity conditioning under the condition that we can control it and that we are not losing. So that was the core of the conversation.

Yeah. What what is uh what is the shape of the cyber security threat landscape right now? It feels like there's entirely new capabilities. When I think about like a fishing attack with a deep faked voice on the phone, that's like you could I guess you could get a an impersonator, but it's a it's it's sort of a new threat area. But then there's also just like hammering a coding model to spam a whole bunch of like SQL queries or SQL injections like all the old stuff but just multiplied. Like where where are you seeing the biggest new threats emerge or what are people discussing on on that front? It's all over the map just because of what you said because it it becomes very asymmetric even more asymmetric than we used to see because

the guys on the offense you know threat actors

they have a huge advantage because they can simply take code and and just apply it for new attacks while the pace of adoption of AI tools and machines

within for defenders within large organizations within the enterprise is significantly slower. So that makes you know that puts AI in the hands of the bad guys much faster than it puts it in the hands of the of the good guys. And if that's if that would be the case for long, then the bad guys would win. And the bad guys today are really bad. You know, you look at

state sponsors attacked and you know, everything that going on in the world and that's that's a real risk. Is there a bit of like a white pill here in the sense that because there's a lag between open- source capabilities and proprietary systems and then you also have the big frontier labs, Deep Mind, OpenAI, Anthropic, like they're definitely running agents over their user bases and their APIs to know, hey, this person just spent $5 million on our API and it's all cyber attack related prompts. like let's maybe turn them off or figure out what's going on over there. They have a huge incentive to sort of uh you know control their customer base so that their customer base is not using these tools maliciously. The hackers sort of wind up on the lagging edge, not on the frontier. But all of the cyber security companies like Palo Alto Networks, like uh Crowdstrike, like the folks that you've had at your conference, um they maintain access to the frontier and so they're always fighting with a bigger weapon. Is is that sort of the equilibrium we should expect here?

That's a great question. And and by the way, we did have today the two the two top cyber security experts at Antropic, you know, the head of security and the head of product security.

Yeah.

You know, sharing uh the road map and thoughts about about the upcoming capabilities

of of anthropic and and and other you know platforms. Uh I think the answer to that is our continuous um uh investment in innovation in the space. We you know it's not just about whis

uh that I mentioned

or or or Sierra you know those are large uh you know established uh startups. Yeah.

Uh but we we did uh we did have uh one company going out of stealth last week Onyx Security. All they do is agent security. We had today a major launch out of stealth for another company surf AI which takes care of you know or leverages AI to to complete tasks much faster for organization. So there's definitely uh there'll be a battle between machines machines that are used by threat actors and machines that are used by uh the good guys. And we obviously uh our job in this world is to identify the best teams, the best talent and help them build and utilize AI so we live in a in a in a safer, better world. And and that's that's the plan.

What's the what's the general sentiment from guests around the actual competitive threat of the labs releasing various agents and security focused products? Obviously, they feel threatened when they announce new products because they tend to send the the stock price down uh or they have over the last month. But, uh is there real sense that this is a threat uh the labs could threaten their business models or is it more just um kind of frustration with with how the market perceives the threat? we always overestimate the uh impact of disruption in the short term and we always underestimate it on the long term. So I I think that what we would see here is that in the next two years the frontier guys you know they have different focus and different priorities. So their impact on cyber security companies would relatively be low but in five seven years I I I think that they they are they have a chance to to take over and and I think that we would see three cohorts three groups of uh competitors um you would see the traditional cyber security platforms you know the Palo Alto the whis the the crowd strike of the world you'd see the cloud providers you know Google Amazon Microsoft and there'll be a third group which is uh the AI platforms and you know we shall see who would hold keys for cyber security and you know that's you know if you if you ask me the same question 12 months ago I would not even mention the third the third group so it's really hard when technology moves a deep space it's really hard to make predictions and I'm not afraid of making a fool of myself. I I I do that almost every day. But but making predictions right now is is is guaranteed to make fool of yourself.

I was just going to ask you for another prediction, but I guess I'll table it for next time. Uh thank you so much for

I can sh I can share you with you the predictions I made today in in a in closed room but the pred you know

maybe I'll start with the predictions I made 12 months ago you know 12 months ago I told the room that my prediction and and keep in mind it was really pre the big wave of AI I told them that I I expect to see a million dollar ARR company a million dollars in revenues company

with a single employee within two years.

Yeah.

And I told them that I expect to see a $100 million uh revenue company with less than 100 employees within two years. I was wrong twice cuz those two things materialize in less than 12 months. You know, we've seen we've seen base 44 with uh one founder

who reached uh $3.5 million ARR before acquired by weeks and we have seen cursor reaching $und00 million of ARR with less than 20 employees. So things are accelerating and and and and therefore the predictions I made today were uh that I anticipate that uh we would see Fortune 100 company uh with a security a cyber security group of less than 10 employees. Keep in mind that today those companies employ thousands of employees. So I believe that we would see AI uh making huge impact on cyber security and would turn cyber security from a profession into function

that would be a major shift in the market.

Yeah,

makes sense. Well, uh thank you so much for taking the time to come chat with us and we will

looking forward to see how these predictions play out.

We'll make predictions all day long. risking risking here risking it all to

we're we're in the random prediction off-the- cuff business and uh I completely agree with you. It's it's uh it's extremely hard to make predictions that uh hold for any amount of time