57. Vijay Balasubramaniyan, Co-Founder and CEO of Pindrop Security: The Voice Behind Cutting-Edge Security

Hello, everyone, and welcome to another episode of the security podcast of Silicon Valley. I'm here today with a spectacular, amazing guest, Vijay Balasuramanian. You got it right. Thank you.

All the gratitude in the world. You are the CEO and co-founder of Pindra, a security startup. Well, I mean, it was a startup, but now it's actually quite a successful, thriving business. Before then, you were part of IBM, you were part of Google, you were part of Intel, it looks like.

You did your graduate school at Georgia Institute of Technology. And I imagine that a lot of that has been focused on communications and security in general. Do you think of yourself as a security person? I do.

But, you know, the interesting thing is I think of myself as a security person and a voice person. And it's one of those strange combinations where all of my previous background before I came to do security at Georgia Tech, and I did my PhD in security at Georgia Tech, was focused on voice. At Siemens and Intel, I was working on voice. And that time, I'm going to date myself, it was software for old landline switches.

And then at Google, I worked on voice over IP devices. So the more modern Google chat, Google Hangouts. And then when I did my PhD at Georgia Tech, it was marrying that voice background with security, which is interesting because a lot of folks in security focus on the digital side of things. Very few focus on the voice.

And so that brought a very unique flavor to what I did since then. It's incredible. When I was in graduate school, I did graduate studies in University of Minnesota, which is where I'm from, Minnesota. And I remember there was a research paper that came out, and it was all about internet privacy was the big thing that I was focused on at the time.

And I worked on the Tor network with Roger Dingledine, and this paper came out, and it pointed out that even with encryption on the line, that you could distinguish which language was being spoken on top of the encrypted data flow of a digital call. And I just thought that was the coolest thing in the world. That's Fabian's paper. That is one of, that's an incredible paper.

Fabian, I know Fabian well. He loves what we do at Bindrop. And for a brief moment, I think he was at Georgia Tech as well. But it's an incredible paper.

Did you work with Fabian? No, we both interacted because he was a big fan of the Bindrop paper and what we figured out there. But, you know, his paper was, again, super eye-opening because they figured out, because of the variable bit rate that a lot of these audio systems use, just the length of the encryption is revealing in what you're saying. Initially, it started off with you using what languages are people speaking.

That was the first thing that they cracked. And then they started cracking words in that language. So the fact that you could encrypt something, but you're saying how I, you could actually crack because voice is variable, right? And yeah, his work was incredible.

But the beautiful thing, again, and this is why I love Fabian's paper, is he combined with a researcher who was actually a linguist. So the researcher was a linguist. So he had all of this background in linguistics and how we say things. And that plus security made an incredible paper.

And, you know, that's why I love that paper, because we have a common kinship there. I come from a very different background than security, but then made security my own, much like Fabian done it with his researchers. Amazing. And let's give credit where credit is due.

You're the co-founder and CEO of Pindrop Security. You've been doing this for, oh, what, 13 years now. I think that's incredible. Usually people hear co-founder and CEO, and you have to put that into perspective for Pindrop because that's a mark of success.

So congratulations. Thank you. It's funny. It's obviously a great team that we've had, but we've also had a lot of incredible things go our way, right?

We've had lots of things not go our way as well, but we've had a lot of things go our way, including the notion that when I started Pindrop back in 2011, 2012. I remember every time I would go try to raise a round, the common refrain was, you're doing this in voice. Oh, does that mean a phone call? Oh, the phone call is dead.

Like no one cares about a phone call. And I remember TechCrunch articles talking about phone calls being dead. And from that point, then came the Alexa. And that created.

After that, I remember it took me like six months to raise my first round. And then our series D we raised in six weeks. And one was a million dollar round. The other was a $90 million round.

And those two things took like the $90 million round took six weeks. And that was largely because voice has become so important for people because that's what makes us human. And if you look at a lot of the generative AI revolution, they talk about voice assistants being the next frontier, right? Alexa started off the promise, but couldn't quite, like you can ask an Alexa for weather and stuff like that.

When I had my son chat with, I had my son chat with the latest chat GPT-40. And he was like, initially, why am I chatting with this thing? It's like an Alexa. And I was like, yeah, but you ask your Alexa for weather and ask it to play music.

Can you have a conversation? And he said, no, I can't have a conversation. And then he had a conversation with chat GPT-40. And he now asks me almost every day, hey, can I have a chat with chat GPT-40?

And I'm like, okay, I don't know where the security of this thing is. So I'm really not going to have too much of your voice out there. But the point is, he really enjoyed the conversation. And that's the future, right?

So we've had a lot of great tailwinds as well. And that's why we've continued on that journey for as long as we have. Yeah, absolutely. I think it's one of the most natural ways that we communicate as humans is through our voice.

That's exactly right. And if you're Indian like me, you can speak a mile a minute. I have to slow myself down for a lot of these podcasts. But, you know, if I was speaking naturally, I'd be like, and the average is you speak about four times faster than you type.

So it's just, if you want to get a lot of fidelity out, as well as content out together, that combination voices the natural channel. Well, it's just so much more rich of a communication channel as well. You get the emotion, you get the intonations. Our brains are almost hardwired to detect sentiment that's underneath the words, that's in between the words.

It's mostly unspoken. It's not the semantic meaning. It's a much higher level of communication as well. It's lost on text.

It is. You can do your lols and you can do the emojis, but those only get you so far. We have a pretty big Slack culture. And so, yeah, we realize that a lot of times where we've completely miscommunicated on Slack, which completely gets fixed by a simple phone call.

So many times something is going not the way that you expect it. Quick phone call solves all of those issues. You can feel the other person almost right there in the room with you. So share with us, how did you initially get into cybersecurity?

Was there something that kind of piqued your interest or something that happened? Is there a story there that you'd like to share? Yeah, it's interesting. My brother worked in security.

And when I was coming here to do my PhD, there were a lot of opportunities, right? Like, where do we go? But because my brother worked in security and loved it, right? And he would tell me about what an incredible cat and mouse game it is.

Something that's as dynamic as security, like you can never say, okay, you've solved a problem, right? Like, it's always whatever is your best solution is always going to get beaten because you have a very smart adversary on the other end. Right. So listening to him got me interested.

And when I came to Georgia Tech, I didn't know this at that point in time when I first started. But I started seeing what an incredible school Georgia Tech was for security. And so that combination of my brother being in security and the school that I joined being so strong in security, then started saying, okay, you know what? This is a space that I need to play in.

And then I met my professor whom I did my PhD under, who was a security professor. And I can tell you how I got into the area that I got into. But that then brought the entire combination and cemented it. Older brother?

Older brother. Exactly. We're all trying to emulate the best of our brothers. So yeah, my older brother was in security.

He still is. He still is. Is he there? Is he there?

Pintrack with you now? No. No. Okay.

All right. Yeah. We have a very strong, let's not get the family involved, at least in the first gig that I'm doing, right? Because there's all of these other emotions.

So yeah, we are strict. No family involved in the company. That's fair. No, that's that.

Yep. A hundred percent. I mean, who knows? Maybe it could have been a family business too.

I, you know, that all of that stuff sounds good. No. Life is better with brothers. I have two brothers.

One is a, like a brother. I grew up with a blood brother back in Minnesota and I have a chosen family brother. Nice. California too.

Have you followed anything from anything that they do? Oh, absolutely. Like security, coin, all, like all of the above. So yeah, I just, I was a little bit too skeptical on the Bitcoin side to really make it count.

But that's okay. We look up to our brothers and there's a lot of good there. We do. I happen to be an older brother.

So a lot of looking up comes in this direction. But I have to share with you, even as an older brother, a lot of looking up goes back, you know, because you just get to a point. It doesn't matter who's older. So tell me about Pindra.

What do you guys do better than everyone else in the world? Yeah. So, you know, there's several things that we do better, but at the core of what we do, multi-factor authentication on voice channels really well, better than anyone else. And we do deepfake detection or fraud detection on voice channels better than anyone else.

And with respect to deepfake, for example, we've been doing this for now eight years, way before it became hot. I got first patents on deepfakes back in 2015. We are the ones who discovered the deepfakes in Anthony Bourdain's documentary two years back. So at that point in time, it was a cool party trick.

And now it's become one of the biggest tailwinds for Pindra because generative AI, we believe that deepfakes is the next frontier for security because fundamentally generative AI has brought into question what is human and what is machine. Yeah, that's an important and very interesting question. And touching on some of the recent news, I know your team just launched a report that highlights the current stage of fraud and deepfakes. Was there anything that really jumped out at you that you found surprising?

Yeah, there's several things that jumped out of us. One is in general, because we play in voice, just the massive increase of fraud coming in the voice channels. Over the last couple of years, it's grown by 50%. And a large reason for this is a lot of fraudsters who used to get easy money back in the day from PPP loans and unemployment now don't have the government giving you free money.

So they're trying to figure out ways in which they can steal money. And social engineering people is one of the easiest ways to make money. And so we're seeing a massive increase in fraud across a whole bunch of verticals. But combine that with just the number of data breaches that have happened, they are using the call sent to actually automate a lot of information that they get from the data breaches.

And what I mean by that is, hey, I have a social security number, but I don't know that social security number. I know that social security number belongs to John. I don't know where does John bank with? Where does he have his healthcare records?

And so being able to use the call center to say, punch it in into all of the top 10 banks. And if one of them say, welcome back, John, your account balances, so on and so forth. I can then go ahead and know John banks with bank number one and then take over his account. So we're seeing the data breach world and the data breach world itself is crazy because data breaches have gone up by 78%.

There have been 3000 data breach incidents in 2023 and there were 1800 in 2022. So that combination of data breaches and the influx in contact center or voice fraud is one big finding. The second finding is the sophistication of attackers using generative AI. We, back in 2020, we used to see one deepfake attack a month at our customers.

So it used to be one a month and we'd look at it, we'd thwart it. In this year, every day, there is a deepfake attack per customer. So that number has gone from one a month to one a day per customer. So what that means is a 450% increase in the number of deepfake attacks just in the first four months.

And the year is not even over, right? The 450% is if you compare just the first four months with all of last year. And so that's the second big thing that fraudsters are using deepfakes and generative AI to create their attacks or to increase their sophistication in a level of scale that we've not seen before. And so that's the second big.

Let me pause. Any questions on either of these findings? No, that's incredible. I was just going to ask if like Pindrop has the ability to detect which model or maybe like models are being used to generate these things.

If you can identify, hey, all of these are coming from the same place. And then all of these other ones are also look like they're coming from the same place, maybe because they have a similar fingerprint of some kind. Yeah. No, that's exactly what we do.

One of the things that's really powerful at Pindrop is we have the world's largest consortium of these bad actors. In fact, if you come to Pindrop, every conference room is named after a bad actor that we've got. So we have, yeah, we have Pepe and Chicken Man and Giraffe Man. Giraffe Man is a fraudster who uses generative AI.

And the reason he's called Giraffe is when we analyze his audio, we analyze his audio and we're like, OK, the only person who could have produced this audio is someone with a seven foot long neck and their vocal cords are thrashing between that seven feet. And so that's why he's called Giraffe Man, because there's no human who could have that anatomy. But what ends up happening is because we have this consortium, we're not only able to identify, OK, which where are these fraudsters coming from? So are they coming from West Africa or Eastern Europe or Philippines or things like that?

But we're also able to identify the tools that they're using. And this is where it's incredible. Two years back when we were detecting the deep fakes in these occasional events that would happen, there used to be one voice cloning software. It used to be the software called Liarbird.

At the end of last year, there were 120 AI apps that you could use to clone your voice. And by March, by the end of March this year, the research team gave me the number that are 358 AI apps that you can use to clone your voice. There's an explosion of these systems that fraudsters can use. But one other cool thing that we can do at Pindrop is identify which AI app was used to clone a voice because each of these AI apps leaves behind a telltale sign that of how inhuman they are.

And we saw this in live action. So I don't know if President Biden, he was impersonated in a deep fake in the Republican primaries asking Republicans not to vote. Right. So the first case of election interference.

And the ones who discovered that it was 11 labs that was used to create Biden's deep fake. And then 11 labs saw our blog and then shut down the actor who actually was perpetrating this attack. And then a month later, it came out. He said, yeah, I was using 11 labs.

We were the ones who actually discovered the app. But a big part of what you say is not only identifying which attackers are coming, where are they coming from? But now, more recently, what AI app are they using? So that AI application, if they didn't know that they were being used to perpetrate fraud, they can go shut down these accounts and things like that.

That's a great public service as well. Thank you. There's no reason that you have to scan the web for deep fakes and alert the public when it impacts things like our democracy. Right.

Yeah. They're doing it anyway. Yeah. We felt we had to do it because we were worried.

That was the first case of election interference. And it happened in an election year in January. Right. Like it didn't even take the first month to happen.

And it's been incredible because that's then allowed us to interact with the New Hampshire attorney general who had to handle this. And so we've gone and spoken to all of the attorney generals on how they have to be prepared. We're going to go speak at the secretaries of state conference. But we think this is important.

Right. And this is where I like the Pindrop mission has continued to grow. Right. Like originally it was catching fraud and protecting people's bank accounts.

But, you know, one of the things that the New Hampshire AG said is, how does it feel to protect the nation's democracy? And he meant it as a thank you to us and the incredible team at Pindrop. But this is what I remind folks at Pindrop, right? Like what we're doing, our mission has constantly grown.

And it's just incredible to be part of Pindrop because of this wonderful mission that we have. Now, that's incredible. And thank you. Great.

Yeah. For all the skeptics out there, do you, I mean, this is maybe a little bit of leading questions for you too, is I could imagine maybe some people have bumped into some deep fakes and maybe could claim, oh, I could detect that. Oh, like a human should be able to notice like this is an inconspicuous voice or whatever, or very subtle, like something feels off or feels funny. Is there, are there studies out there that compare the detection rates of Pindrop's detection versus just a human being asked to distinguish between fake and real voices?

Yeah, I do. At the New Hampshire, we were at the Attorney General Symposium. And so with Attorney General, the New Hampshire Attorney General, John Formella, we took his permission and created two versions of him. One, something that he actually said, and the other, which was a version of deep fake.

And if you're interested, outside this podcast, I'll play it to you and see whether you can check what is real and what is a deep fake. Sure. The deep fake challenge. Yes, yes.

If you're interested, I can play it to you right now and you can see if you can detect it yourself. But 40% of the people in the audience got it wrong. And one of the things is when studies have been done on humans and their ability to detect deep fakes, in particular, it depends on the medium, but on voice, they have an accuracy of 30. So really poor.

Two out of three times, they get it wrong. Rob's accuracy, on the other hand, is like 99% with a 1% false positive. And the interesting thing is, that's just not our claim. We had this NPR reporter who took different clips and each of them are like five seconds long.

So really small clips as well. Ran through a whole bunch of deep fake detection vendors who claimed 90% plus accuracy. We ended up in that study at 96. 0% accuracy.

So we're the only ones in that study who actually claim a 90% plus accuracy and actually ended up having one there. The next closest vendor got half of the deep fakes wrong. So again, it's not like a 50% accuracy right here. Exactly.

And that's the thing, right? Like, and a part of this is because we've been doing this for so long that our deep fake detection data set is now 20 million strong. Like we have a deep fake detection data set that's 20 million strong. We have fake prints of about 350 plus AI apps.

So we have been doing this for a really long time. And we now have to protect eight of the top 10 banks, five of the top seven insurances. Their red teams constantly are trying to beat our systems. So over time, we've built up our accuracy.

And we've learned what attackers do with all of what they throw at us on a daily basis. We are pretty proud of our accuracy, but it is really hard for a human to detect this. It is damn near impossible. Yeah.

Yeah. That's the gist that I have gathered too. And that's great that you've set up a feedback cycle where you're protecting customers, you're protecting real people, things that matter. And from that protection, you're actually getting exposure to the latest and greatest threats out there, which feed back into improving the detection mechanism even more.

So yeah. And it's one of the reasons we introduced a deep fake warranty as well. Right. One of the big things is one, we are very confident of our accuracy.

That's why we don't think the warranty is going to be invoked as often. Right. Right. But the point is any security vendor who says they're 100% sure of their capabilities is lying.

Right. And so we know there are going to be situations where we're going to get beaten. We're going to pay out a warranty as a result of that. Now, that's to be, to your point, the incredible loop by which we learn, oh my God, we got beaten.

So we need to get better. And then we improve. And that's the way to incent everyone such that we continue to keep ahead while at the same time, the warranty serves almost like a bug bounty program for us. Yeah, that's incredible.

So anything that does maybe slip through, you're going to put your money where your mouth is and you have your customers back. I think that's perfect. If you fast forward into the future, and I'll let you decide how much into the future we would like to time travel here. But what does success look like for you and your team at Pindrop?

Yeah. So, you know, one of the things that we've always been excited is a future where we get to being human again. And we at Pindrop, right, like we have offices really close to Georgia Tech. When I walked down the streets at Georgia Tech, now as compared to when I was going to school and even when I went to university, there's a very different thing in the sense most people are buried in their phones.

They're not even looked up. Like, and I often see people on collision paths with each other. And at the last minute, they're like, oh, shucks. And, oh, no, the real world is bumping into me.

Oh, a human. Oh, no. Yes. And the thing is that I'd love people to start looking up, right, and start more human.

And I think a big part of being more human is a lot of the interfaces that we, that got created because you couldn't quite capture our God-given capabilities as well with algorithms. Go away, right? Like we have the keyboard, we have the mouse, we have all of these things. Zoom and conferencing has brought them back in a big way, right?

Like I was talking to one of our customers and he was like, hey, I'd like to start having everyone have vocal passwords. And I was like, why would you do that, right? I don't speak to my computer very often. And he's like, what are you talking about, Vijay?

I'm always on my computer speaking to it. I'm not speaking at it, but I'm speaking to it largely because I'm on a conference call eight hours a day. So all it requires is a paradigm shift where as I'm speaking, it naturally authenticates me and identifies me. And that was the aha moment for us that, yeah, we are, I mean, like at least for me, I'm eight hours on some conferencing system.

It's Teams or it's Zoom or it's Google Meet. And so the fact is that if we can start being as naturally human as we are, I'd love for Pindrop to be that security solution that makes us human. And that means not just saying, okay, I can identify you by your voice, but also make sure that it's not a machine on the other end trying to impersonate you. And so I'd love that to be the future where, you know, if you remember the StarTech, right, you're actually speaking to devices and the devices are completely comfortable holding a conversation with you, taking your ambiguous directions and making them concrete, right?

Oftentimes you don't know what you're thinking, but if there is a system that says, oh, are you thinking about this? Because there's so many other people who've thought about a similar thought, but have executed it this way, it would be incredible to live in that world and us being the security solution of choice in that world. That's awesome. We do live in that world.

That's what GPT is. GPT and all of the models, you can speak to the thing and it speaks right back to you. At a level that's a little bit deeper than the Alexas and the series that are out there. It's not just doing stuff on the phone anymore.

So Pete, is there an app in the Zoom store that I can download and it's going to continuously do a background verification on all of the participants in the video? Yeah, that is the next frontier, right? Like we've always been an enterprise company. So we've been protecting enterprise and people's bank accounts, people's healthcare records.

One of the big things, if I look into the future, I'd love for us to also protect the consumer, not just the app on the Zoom store, but if you look at a lot of what's happening right now, the fastest growing scam, according to the FTC and folks like that, is the grandparents scam, where your grandparents get a call from either their son or their grandkids saying, hey, I'm in trouble. Can you wire $3, 000? And they've become so programmatic at this right now that attackers are focusing on a county, attacking all the elders in that county. And then they're attacking them over Friday, Saturday, Sunday.

And then you're getting horror stories on Monday morning from the local police officers there saying, oh, there are seven elders for whom anywhere between $20, 000 to $200, 000 has been stolen. So that world is very scary. And when you're a grandkid, you clearly have a TikTok video that's 10 seconds long. And right now, a lot of these voice cloning apps require five seconds of your audio to completely impersonate you.

So I do think that's where protecting consumers, be it your grandparent, be it your parent, be it individuals on a Zoom call. I think making communication safe would be a place where I'd love to get to. It requires us to partner with some of these big carriers or big handset manufacturers. And that's not an easy linear path, man.

So we're working on it. But I'd love to get there. Yeah, I understand completely. For all of our listeners out there who are entrepreneurs themselves, anyone that's in that fintech space knows that there are requirements that are placed on financial institutions to protect people against fraud.

And I imagine that maybe some of the B2B business that you scoop up and yet that you execute on comes from some of those requirements. Absolutely. KYC, Know Your Customer, which protects against money laundering and all of this crazy stuff, which then goes to feed all of this nefarious activity elsewhere in the world, is a big reason, is because you have to know your customer. And it's one of the reasons we get business there.

But the same things will have to start migrating to communications and other areas. Because, man, like it is a scary world out there. And I have seen really strong, even security professionals, false cam to security social engineering. Oh, absolutely.

I mean, because we love, there's people in our lives that we love. And when they call us in need, we want to show up to them. And that's very human. And that's beautiful.

But it's also a vector that we can fall victim to if we're not, if we don't have a technology, like the technology that you have at Pindra, constantly like looking in green lighting, like, yep, that's a human. That's a machine. Right. That would be exactly the way we'd like to roll it out.

Right. Like you have the peace of mind that you're speaking to a human and not a machine and definitely not a fraudster. Exactly. Or fast forward into the world where there's not Terminators walking around, but, you know, there's like Boston, dynamic Boston machines.

And they have very cunning facial expressions. And you have a conversation that you bump into someone on the street. Oh, it's actually a machine that you're talking to. Very Blade Runner.

That world is not, that world is not far off. I think that people don't, generally, we don't realize how quickly the world is about to change. It is. And to what extent?

It is. But I will say that the notion of killer robots, man, there's a lot of, there's a lot of great stuff that's happening on the software side of things. But hardware is still incredibly hard. Machines do even have basic abilities to do some very basic stuff they struggle with.

And until that gets cracked, I think I was on a panel with the CEO of Boston Dynamics and he was like saying, I know exactly how good our systems are. And this notion of killer robots is like super far-fetched. Oh, yeah. I didn't mean, I didn't mean like killer robots.

And as in like the Terminators, that's just like the very lifelike human, like humanoid. And things like that. No, for sure. Yes.

Yeah. Yeah. I don't subscribe to the, oh, the technology is going to revolt and the human race is going to be at risk. Because I think that's a little bit alarmist and kind of funny.

It makes for a good movie, but that's about it. Exactly right. There's so many steps there. And there are so many signals that are going to come to you that this is just a pure leap of faith and a flight of fancy.

Exactly. Okay. So share with us what's been the absolute best day that you've had at Pindrop so far. Oh, I think the absolute best day that I've had at Pindrop is actually customer days, right?

Like we invite customers and there was this one customer who came in and he was talking about a Pindrop alert. Just like you talked about the red and green that comes on your phone. There's a red and green that comes to these call center agents. And he talked about one of these days on a Saturday that an account gets a red and they immediately transfer it to a fraud analyst.

They shut down the call and then they call the customer because all their identity has been compromised. The fraudster knew all their answers. And they found out that the person was born in 930. And she was this old lady.

This was a retirement savings. And she was thanking the fraud analyst profusely saying, thank you very much for protecting my account. And they said, even if it had gone down to zero, we would have, we have this 250K reimbursement. So we would have protected your 90K.

And she was like, you're saying that, but if it had gone down to zero, I'd have had a heart attack because my husband's no more. And I wouldn't know what to do. And it's stories like that that make best days at Pindrop. We have this channel now on Slack called Customer Anecdotes.

And they're filled with either an individual's retirement, someone's school tuition, a 529 account that we protected, or an insurance agent's $32 million book of business. Like it varies. And those make great days for me at Pindrop. Like every time I read a story like that, and or in this particular case, we actually heard the customer talk about it.

We actually have a t-shirt at Pindrop that says, writing code, fighting crime, hell yeah, that came out of that one day. We all heard the story. And that makes a great day at Pindrop. It's incredible.

That's really special. No, thank you for sharing. I think that technology that improves the lives of humans is always so important to get back to the human impact. See, I would make a horrible CEO of that company because I would just want to give it away for free to everyone immediately, all the time, everywhere.

It's a crat stall to being able to build a successful business around. Yeah, you have incredibly talented people. And I quickly realized that in order to hire the number of people we need at Pindrop, the altruistic side of me doesn't quite account for all the incredible talent that we have. Okay.

So maybe you would be willing to share a more vulnerable side and share with us what's been the most challenging day that you've had so far at Pindrop. Yeah. Yeah. So, you know, one of the things is when we started Pindrop, we were largely on-premise because we quickly got some of the biggest banks, insurance companies, healthcare providers as customers.

And back in 2011, 2012, cloud wasn't as big as it was right now. So they wanted to do everything on-prem. So until 2018, we were largely an on-premise company. And then we started shifting to the cloud because Amazon rolled out Amazon Connect.

And we were like, man, the cloud is happening before our eyes. We need to get there. Right. But what ended up happening is in order to get sensitive call traffic to the cloud is not a sponsor.

So there was a point in time, John, when we would sign up customers and we would not be able to figure out how to get sensitive call audio into the cloud, into our cloud, because we had to depend on carriers. And we were rolling out new products at a point in time. And a lot of these mechanisms were very nascent. So customers were like, we don't believe in the security of stuff's going in transit.

So we had a churn rate of one in four customers dollar-weighted leaving Pindra. Wow. And now we have a churn rate from the 25%. Right now, our churn rate is 4%.

Like it's really low. The industry best practice is under 10%. We're at 4% right now. Back in 2020, when the pandemic was raging, we had the pandemic and we had a churn rate of one in four dollar-weighted losing.

We were losing customers at that rate. I was awful. Like I thought we were going to die. Right?

Because if you think about it, right? If one in four customers that you sign up are leaving, you've essentially cut off any new thing coming. Like outrunning that level of churn is really hard. 25% growth rate just to maintain flat line.

Exactly. Right? Like you have to counteract all of that. Right?

Even if you're growing at 25%, you're growing at zero then because you've lost all of those customers to churn. And so it was awful. And I thought I was going to lose Pindra up at that point in time. And then we've slowly figured out how to make stuff get to the cloud.

We slowly figured out how to build the right partnerships. We slowly figured out how to become much more stronger security-wise on the cloud. I was about to say, you must have made a huge investment in security. Huge investment in security.

Huge investment in real-time security mechanisms of low latency, getting to the cloud, building all of this infrastructure with carrier companies. Lots of stuff. May I ask real quick? Was an end-to-end encryption component involved in some of that?

It had to be end-to-end right from the get-go. But the problem is, not only does it have to be end-to-end, carriers have to build TLS networks between, yeah, lines between you and the cloud. Right? Because if it's the carrier not doing it, you're depending upon some third-party or some third-party box sniffing traffic.

Right. And I don't want some third-party box sniffing sensitive traffic on my networks. Right? Exactly.

And it really has to be every single call. And there's like passwords and social security numbers and secret answers. So it not only had to be encrypted, but it had to be encrypted by the right third parties, which is carriers and what are known as CCAS providers. And so until everybody matured their level of security along with us, it became really hard.

And that required the entire industry to mature up. But it was baptism by fire. Like we had to, that was when we had to do multiple rifts at Pindrop. Right?

And I remember walking everybody. So the worst day was actually when I did this. I think it was 15%. We had to let go 50% of the company.

And at that point in time, we were still, the pandemic hadn't quite hit. I walked out. I told my head of HR that I'm going to walk everyone out. And so I walked out with people who were shouting at me, people who were crying.

And the worst were people who didn't say a word. Because at Pindrop, we have one in four employees as PhDs. So these were people who had 4. 0 GPAs, had never failed once in their lives.

And it had just been told they were out of the job for no fault of theirs. So they were walking in complete silence with me. And I knew it wasn't their fault. But because they didn't know.

I mean, like when you're, when you always put it up on yourself, you're like, what did I do wrong? And I had to keep telling them it wasn't their fault. It was just my shitty positions. And man, that day was awful.

Because think about it, right? Like when you're walking out 50 people out the door. A company that you've built. Yeah.

Yeah. And you're doing that over two days, every hour. It was awful. It was the worst experience.

But it taught me how to be a more measured CEO. It sounds, it sounds very challenging. And thank you for sharing. And I could imagine, even when it's not someone's personal fault, when things like that happen, it's, it, there's emotions involved.

And we're human. And we do feel things. And the things that we feel, they reflect where we've been in life. And we're, with the things that we care about.

And I think of the motion as signal. It's data. It tells us like what we care about. We do care about doing a good job.

And we do care about contributing to a vision and being part of a group. And even if it's no fault of our own, it's just sort of the business climate. Those can be very challenging. All the, all the props in the world for walking out with the folks that it just wasn't viably viable in terms of the business.

But you know what? Even if you have to walk out 15%, the 85%, it's one of those really difficult moments of being a business leader we have to deal with. But it's for the 85% that you didn't walk out. And all of your customers as well, too.

The funny thing is we have several of those 15% who we were then able to hire back a year later, 18 months later. And they came back because of that final personal connection that I had with them saying, I'm going to do everything to find you a job. And I'm sorry, but, you know, pin drop will not survive. We don't make these cuts.

Of course. Yeah. Yeah. Yeah.

No, that's huge props to you as a leader. One of the, one of the pieces of my leadership style is a loyalty to people, not to companies. Even when I'm running the company, it's not to the, not to the companies. It's to the people in those companies because companies, they will come and go.

And what is a company besides just a collection of people gathered around a common vision to make the world a better place? And it's like you, you share that as well. Yeah. Thank you.

If you had an opportunity to meet a younger, vicious VJ, would you? And would you have any advice for your younger self? Yeah, it is over time, right? Like one of the things I've realized is most problems, you either out hire, out innovate, or out execute your way out of a problem.

And you have to decide which is it, right? Oh, we're struggling with engineering. We're piling on too much debt. Oh, we need to hire, and we don't have the right skills on the cloud.

We need to hire the right head of engineering. So that's, so in each of these situations, what I've found is, it's one of these three things, right? Like you have a crazy competitor, you have to out execute them. You have a brand new cloud.

There's no one who's figured out how to take sensitive call audio to the cloud. When you're sniffing traffic and doing it in real-time latency, you have to out innovate yourself out of that problem. And so in each of these cases, it's one of these three things I've found. And I'd love to go give that mental model to my earlier self.

Because when I was early on, I'd see a problem, and I'd have no mental models on how to solve the problem. So I'd be like, ad hoc, let's throw whatever is, let's throw whatever on the wall and see what sticks. And I think there are all of these great mental models. The one that I really like now is this one.

I always think about things in this way. And there are obviously exceptions to the rule, but there is a lot of stuff that follows this. It's incredible. No, it's always an interesting question to ask folks.

Yeah, it is. No one ever says that they would not meet their younger self. But even if you had mentioned that, I think that you have turned into, and all of the things that have happened to you have shaped an incredible human being. It's somewhat of a leading question.

But I also think that there's a piece to it that you are just perfect exactly the way that you are as well. No, thank you. Appreciate you saying that. It is a lot of mistakes along the way and a lot of great mentors taught a lot of these things to us.

It's a powerful tool to be able to learn from our mistakes, no matter where we are. If this is a somewhat leading question, and we'll see how it lands. But we have a lot of entrepreneurs that listen to this show. And as I'm sure that you're well aware, entrepreneurs are always sniffing around and trying to hunt for the next big thing.

Would there be anything out there that you would love to see that you might actually pay money to use that solves just a nasty pain point that you have that just is constantly nagging you is almost like a splinter in the back of your mind that you wish someone would just go out there and fix it already? Yeah, it's security for my kids. Security for your kids. Yeah, I think this world is just getting crazier and crazier, man, with the combination of social media and how much ease access there is.

Everything has a browser, like being able to make sure my son grows up well and grows up with that humanness in him and isn't dopamine crazed as well as at the same time understands what it is to be connected to people from all like the Internet and social media. It's opened up horizons like in a crazy way, but it's also opened up horizons in bad ways. So the thing that I'm constantly worried about now as I see my son being this incredibly curious individual is what are the security mechanisms for him as he grows up, right? I want him to be a kid first and not have to grow up to be an adult too quickly.

I'd love a security company to solve that for me. I've seen the solutions. They're OK. They're clunky.

They're kludgy, but nothing's created. Nothing hits the spot quite yet. OK, well, I appreciate that. And all of our listeners, I'm sure, appreciate it as well.

Thank you so much for the time today, Vijay. It's an absolute honor and a great pleasure. Thank you for sharing honorable moments with us, for really opening it up. And I have to say, it's incredible what you've built there at Pindra Security and a very warm and authentic thank you.

No, thank you. I thought this was a great session, John. You asked some incredible questions and it made me reflect a lot. But thank you.

And it's a great team at Pindra that deserves the credit. And thank you to all of our listeners for tuning in to another episode of the Security Podcast of Silicon Valley, a YCQ production. I'm your host, John McLaughlin. And stay tuned for another episode.

Thank you, everybody.