shadow it

We've had amazing unicorn CEOs recently on this podcast but today's a first. Wade Foster, CEO and co-founder of Zapier grew his company to a $5B valuation in 2021 on a $1.3M raise in 2012. Let that sink in. The power of product-market fit and listening to your customers is impossible to overstate.

Wade and his co-founders Bryan and Mike launched Zapier in 2012 as part of the YC S12 batch.

The company has grown to more 800 employees in 40 countries and the product is used by 2.2M businesses and integrates more than 5,000 apps that have been used to create more than 25 million zaps, or automated workflows.

Listen and learn...

1. Wade's humble path from an internship in Columbia, MO... to a $5B unicorn
2. A simple problem: the Zapier origin story
3. The Zap that started it all...
4. Voice-first Zaps? Maybe!
5. The future of the "citizen developer"... no-code interfaces + enterprise security
6. Why all the new GenAI apps will create more need for Zaps
7. The Zapier LLM architecture
8. How to find product-market fit... from an expert
9. Creating a company that's a verb: how "Zapier" got its name
10. Wade reflects on his success and the entrepreneurial journey
11. What's ahead for Wade and Zapier

References in this episode...

1. Vijay Tella, Workato CEO, on AI and the Future of Work
2. Amr Awadallah, Vectara CEO, on AI and the Future of Work
3. ChatGPT for the enterprise: what's included

On this week’s episode, we delve into a topic that’s a bit closer to home for us at TTLP and bedigital: IT software and licensing. Combining bedigital’s expert software services and our TTLP mission statement to uncover the stories of the biggest names in tech, this week’s guest is a leader in the software management space. 

Phil Hames, MD at The Business Software Centre (TBSC), joins Gareth to discuss his entrepreneurial journey and how he’s riding the wave of the Software-as-a-Service evolution. Phil and his team at TBSC utilise their expertise to help customers optimise their software usage in a quick and cost-effective way, ensuring that companies make the most of their SaaS. With an innovative focus on cybersecurity within Microsoft 365, TBSC’s unique products and services mean that they’re leaders in the software management industry. 

Having been in this field since the 80s, Phil’s career has been shaped by the rise of SaaS and his career journey to forming TBSC has proven that he truly is an expert in the space. Want to smarten up your knowledge on SaaS? Then this is the perfect episode for you! 

Time stamps 

• What does good leadership mean to Phil? (02:04)  
• Setting up a software company (02:46) 
• The evolution of Software-as-a-Service (09:95) 
• The future of SaaS (11:55) 
• The cybersecurity threats that are slipping through the net (14:33) 
• What is Shadow IT? (16:42) 
• Starting out as an entrepreneur (20:08) 
• What is Smarter SaaS? (24:04)  
• Phil’s outlook on AI (32:54) 
• Advice to 21-year-old self (36:15) 

Book recommendation- The Strangest Secret, Earl Nightingale  

The Strangest Secret: Amazon.co.uk: Nightingale, Earl: 9781603865579: Books 

This week in InfoSec (05:54)

With content liberated from the “today in infosec” twitter account and further afield

18th July 2011: Microsoft Hotmail announced that it would be banning very common passwords such as "123456" and "ilovecats".  

https://twitter.com/todayininfosec/status/1416957326205100035  

27th July 1990: The case of United States v. Riggs was decided. Robert J. Riggs (Prophet) had stolen the E911 file from BellSouth, then co-defendant Craig Neidorf (Knight Lightning) had published it in Phrack. The file was neither valuable nor confidential. 

https://twitter.com/todayininfosec/status/1287768573310533633

Rant of the Week (16:59)

VirusTotal: We're sorry someone fat-fingered and exposed 5,600 users

VirusTotal today issued a mea culpa, saying a blunder earlier this week by one of its staff exposed information belonging to 5,600 customers, including the email addresses of US Cyber Command, FBI, and NSA employees.

The unintentional leak was due to the layer-eight problem; human error. On June 29, an employee accidentally uploaded a .csv file of customer info to VirusTotal itself, said Emiliano Martinez, tech lead of the Google-owned malware analysis site.

"This CSV file contained limited information of our Premium account customers, specifically the names of companies, the associated VirusTotal group names, and the email addresses of group administrators," Martinez wrote in a Friday disclosure.

"We removed the file, which was only accessible to partners and corporate clients, from our platform within one hour of its posting."

The employee had this list in the first place because the customer data was "critical to their role," we're told.

For those who don't know: VirusTotal allows netizens to – among other things – upload files, or submit a URL to one, and the site runs the material through various malware-scanning engines to see if anything malicious is detected or identified. Premium subscribers can also download uploaded samples, and thus that's how the uploaded .csv file of customer info was accidentally leaked.

https://www.bbc.co.uk/news/uk-politics-66333488

Billy Big Balls of the Week (24:01)

Crooks pwned your servers? You've got four days to tell us, SEC tells public companies

Public companies that suffer a computer crime likely to cause a "material" hit to an investor will soon face a four-day time limit to disclose the incident, according to rules approved today by the US Securities and Exchange Commission.

The SEC proposed the changes last March, and on Wednesday the financial watchdog voted to adopt the requirements [PDF]. The rules, which take effect 30 days after being signed into the Federal Register later this year, will require publicly traded firms to openly disclose in a new section (Item 1.05) of Form 8-K any cybersecurity incident that has a material impact on their business. 

Companies must make this determination "without reasonable delay," according to the new rules. If they decide a security breach is material, then they have four days to submit an Item 1.05 Form 8-K report detailing the material impact of the incident's "nature, scope, and timing," plus any impact or likely impact on the business. Those 8-K forms are made public by the SEC.

It is that time of the show where we head to our news sources over at the Infosec PA newswire who have been very busy bringing us the latest and greatest security news from around the globe!

Industry News (30:05)

Booz Allen Pays $377m to Settle Government Fraud Case

Cyber-Attack Strikes Norwegian Government Ministries

Industry Coalition Calls For Enhanced Network Resilience

Dark Web Markets Offer New FraudGPT AI Tool

Group-IB Founder Sentenced in Russia to 14 Years for Treason

SEC Wants Cyber-Incident Disclosure Within Four Days

Supply Chain Attack Hits NHS Ambulance Trusts

NCSC Publishes New Guidance on Shadow IT

OpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI

https://www.outkick.com/robot-pizza-start-up-shuts-down-because-they-couldnt-keep-cheese-from-sliding-off/

Tweet of the Week (42:02)

https://twitter.com/hilare_belloc/status/1683797122628321280

Come on! Like and bloody well subscribe!

Find out how a researcher uncovered a secret German intelligence agency using an Apple AirTag, and how Ozzy Osbourne's (yes, you read that right) NFT project turned into a scam – all in this episode’s Watchtower Weekly. 

We also invite Kolide CEO and founder, Jason Meller, to discuss user-first endpoint management, empowering the end-user, and creating a culture of security. 

Plus, Anna gets revenge in Ridiculous Requirements: Capital City edition! 🏙

🏰   Watchtower Weekly

• Mandatory Olympics iOS and Android apps are spying on athletes for China
• Ozzy Osbourne’s NFT project shared a scam link, and followers lost thousands of dollars
• Apple's AirTag uncovers a secret German intelligence agency

🎙  Guest Interview –  Jason Meller from Kolide

• Visit kolide.com
• Follow @jmeller on Twitter
• Follow @kolide on Twitter
• 📚Jason's book: Honest Security
• 1Password shadow IT research
• 1Password guide to creating a culture of security

🚫  Ridiculous Requirements!

The game where we work together to come up with passwords (not advised) that fit the honestly ridiculous requirements.

🗣  1Password Forum

Want to ask us a question or chat about today's show? Join the discussion in the 1Password Forum!

📲   Follow Us…

• Visit 1Password.com
• Check out our blog
• Tweet us @1Password
• Find us on Facebook or Instagram

❤️   Review Us...

If you're loving the show, please leave us a review on Apple Podcasts or wherever you listen to podcasts.

Jeffrey Tefertiller has been a leader in IT service management for 25 years. In his experience, he's led an ITSM company, worked in-house leading process initiatives, and owns an ITSM consulting practice. In addition, he has written six books so far––everything about ITSM practices. 

He is a seasoned IT professional who has successfully led geographically diverse teams, large and small. Jeffrey is a strong believer in using analytics and metrics to measure success and opportunities for improvement.

Jefferey spoke to us about the importance of the SaaS governance process and elaborated the best practices to implement to have a successful SaaS Governance. He also added the need to have SaaS management platforms in this SaaSified world. Finally, he highlighted the effectiveness of SaaS management platforms and how valuable they can be for organizations. 

Sethu Meenakshisundaram and Chaithanya Yambari are the co-founders of Zluri, the SaaS management platform. Zluri is their second venture, before which they were a part of the founding team at Knolskape and helped it scale across 30 countries.

Sethu is one of the cofounders of Zluri, the SaaS management for IT teams. He leads revenue operations and customer success as part of his role. He’s passionate about quizzing, board games, and photography. His retirement plan is to operate a board game bistro in one of the touristy spots of Southeast Asia.

Chaithanya is also one of the co-founders of Zluri and leads the tech team. An avid tech enthusiast, he is often found testing various softwares and smart devices or attending conferences to update his knowledge and expertise. When not exuding his passion for technology, Chaithanya has traveled to over 28 countries across the globe already. Being professionally trained in baking, he spends his weekends trying to dabble a new recipe.

Both of them speak on why the idea of starting up arose and their experience of building Zluri. They speak about various challenges that rapid SaaS adoption can put forth and share their learnings on managing 32 million SaaS usage transactions through Zluri.

Visit us at www.zluri.com to see how we can help you get started with managing your SaaS.

David Foxen, who has been in the field of SAM since the age of 18, is the founder of SAM Beast Consulting Ltd, which focuses on helping customers implement and mature successful IT Asset Management functions. He has successfully implemented IT Asset Management, Software Asset Management, and Hardware Asset Management for many organizations. He is also an ITAM content creator for the ITAM academy, which focuses on creating content related to ITAM, SAM, and software licensing. He has helped companies save a lot of money through contract negotiations, internal audits, and optimizing existing assets.

David speaks about his passion for ITAM and SAM and how he developed an interest in the industry. He also talks about the changes ITAM has undergone in the last 12 years of his career. He also highlights how the SaaS landscape has made our lives easier and gives valuable insights into managing SaaS applications.

Visit us at www.zluri.com to see how we can help you get started with managing your SaaS.

Jeremy L. Boerger started his career in the Information Technology Asset Management (ITAM) industry, helping businesses build and rehabilitate successful software and hardware asset management practices. His strong knowledge in the field made him author the book “Rethinking Information Technology Asset Management” which iterates on best standards for ITAM teams. He goes around the globe to speak on ITAM at various conventions and symposiums. He founded Borger Consulting LLC in 2016 to help businesses realize the potential of fully functioning ITAM and SAM programs.

Jeremy speaks about his Y2K experience and the struggles he dealt with on-prem software. He also speaks about Shadow IT, the advantages and challenges of the cloud, and how ITAM has helped organizations break through the challenges.

Visit us at www.zluri.com to see how we can help you get started with managing your SaaS.

Aravind R is a versatile and seasoned IT professional with more than 25 years of industry experience. He currently heads IT for a business unit of a major multinational that has got 60K employees and $35B in revenue. He has played a significant role in taking key IT initiatives from building & managing ERPs to Transformation & Data-Driven strategies in his career.

Aravind speaks to us about how SaaS has changed the software procurement process, its advantages, and challenges that he has experienced so far. He also shares his valuable insights on the latest and best practices to manage SaaS and derive the most from these applications.

Visit us at www.zluri.com to see how we can help you get started with managing your SaaS.

In the very first episode of season six, co-hosts Bill Mariano and Rob Hellewell, introduce themselves and welcome listeners back for another season of Law & Candor, the podcast wholly devoted to pursuing the legal technology revolution.

To kick things off, Bill and Rob begin with Sightings of Radical Brilliance, the part of the show where they discuss the latest news of noteworthy innovation and acts of sheer genius. In this episode, they dive into a recent article from ITPro.com that discusses the increase in insider data breaches with the remote work shift. 

For the guest speaker segment of the show, Bill and Rob bring on Jerry Bui of Lighthouse to discuss cellular 5G and how it could lead to more fraud and misconduct risk via the following key questions:

• How does 5G lead to fraud and misconduct? 
• What insider threats are there (i.e. shadow IT, encrypted messages, etc.)?
• What about outsider threats (i.e. outside of IT’s purview, data breaches, hacking, etc.)?
• How does this impact compliance programs? 
• How does one overcome 5G challenges? 
• Are there other recommended best practices related to this topic?

The episode wraps up with key takeaways. If you enjoyed the show, subscribe here, rate us on Apple and Stitcher, join in the conversation on Twitter, and discover more about our speakers and the show here.

Related Links

• Blog Post: Adopting a Compliant & Defensible Remote Collections Strategy
• Blog Post: Prevent IP Theft During a COVID RIF - Don’t Let Your Trade Secrets Depart with Employees
• Podcast Episode: Data Preservation in the World of Ephemeral Data, Mobile Devices, and Other New Challenges in Forensic Technology

About Law & Candor

Law & Candor is a podcast wholly devoted to pursuing the legal technology revolution. Co-hosts Bill Mariano and Rob Hellewell explore the impacts and possibilities that new technology is creating by streamlining workflows for ediscovery, compliance, and information governance. To learn more about the show and our speakers, click here.

• Get a free eBook from O'Reilly media or use promo code PCBW for a discount - 40% off Print Books and 50% off eBooks and videos
• CloudHealth Website
• CloudHealth Blog
• Joe’s Blog

• Joe’s “Cloud” Predictions for 2017

• Get a free book from O'Reilly media or use promo code PCBW for a discount - 40% off Print Books and 50% off eBooks and videos
• Gina's Blog
• Spanning Backup for SaaS Applications