Episode Summary

AI-based services have popped up in everything from content development to personalizing the customer experience to coding. But can AI enable MSPs and help them solve their maturity problems? How can security teams leverage AI capabilities for defense? Mac welcomes Jimmy Hatzell, CEO and co-founder of Hatz AI, to talk about AI as a service for MSPs, what it means for threat actors developing cyberthreats, the impossible situation of MSPs, and the weirdest use of AI he’s come across.

 

Articles referenced in this episode:

There is a Ransomware Armageddon Coming for Us All 

Episode Transcript

MacKenzie Brown: Welcome to Return of the Mac. I’ve got a lovely guest today. And since the launch of ChatGPT, as we all know, the boyfriend we never asked for, AI has sprung into the forefront in a huge way. So with AI-based services popping up in everything from content development to personalizing customer experiences, to developing code, to I don’t know, probably writing letters to our long lost loves because we don’t really want to write them anymore, I have a wonderful guest today. And from what I’ve actually read, ChatGPT was what inspired him to build an AI as a service business that specifically works for and serves the MSP community.

So how will his new venture enable MSPs and help solve their maturity problems? I don’t know, we’ll find out. And with AI being used in attacks nowadays, how can security teams leverage AI capabilities to be better and to increase our security posture?

So without further ado, I’m proud to introduce Jimmy Hatzel, of the just-launched Hatz AI. I absolutely love the name. Welcome to the show, Jimmy.

Jimmy Hatzell: Thank you so much. Really appreciate you having me on. I’ve been a fan of Blackpoint since day one, back in my SKOUT days. We had some overlap in services and have always stayed in touch with the team over the years. So super excited to be on the podcast.

MacKenzie Brown: Oh, thank you. And I mean, thank you on behalf of all of Blackpoint, as if I’m like a mouthpiece for Blackpoint…I kind of am. But thank you for saying that.

And how we usually start some of these episodes is going right into a dirty hot topic and breaking down some things. So this one, I actually was excited to find because it was a little bit more relative to your world. Talking more on the red teaming bad guy side, of course.

Hacker News released a really interesting article. And interesting because when I read the headline and then I read the actual article, I’m like, okay, that seems like a leap there. But the headline was, “is a large ransomware Armageddon coming?” But they backed it up with some data, which I thought was interesting.

So this was really how generative AI now enables anyone to really launch sophisticated phishing attacks. And some that only next-gen MFA devices can stop, ultimately.

So in 2023, ransomware, of course, over like every single year, there’s an increase. They set new records in the chaos that inflicts into our threat landscape, but also some big name orgs that really hit the media and the headlines there. And I think I actually discussed a few of them in the past episodes. Sorry, MGM. Hopefully they’re not losing any money likely still. They’re doing just fine, I’m sure.

But the article notes that phishing-driven ransomware looms larger than ever, with 90% of data breaches starting with a phishing attack, so this is their concern that we’re going to hit an Armageddon event, because—who just writes that? Of course that’s gonna be me clicking on an article that says that. Sounds like phishing already—an Armageddon event in the world of ransomware potentially this year. And the introduction of gen AI into that phishing evolution of what we’re seeing is really gonna be an indicator.

So these cyber criminal gangs, they’re gonna harness the incredible power of gen AI tools to curate these more convincing phishing messages. So a quote from the article, which I felt was really impactful.

So quote, “This highly personalized and context aware text is practically indiscernible from normal human communication.” (Accuracy might be a different question there.) “And this makes it extremely challenging for recipients to tell the difference between genuine and fake messages. LLMs, otherwise known as large language models, also allow almost anyone, not just the hacking pros, to launch phishing attacks.”

So AI enablement for the bad guy gang is gonna see is like smoke to an impending explosion. Jimmy, what are your thoughts on this extremely dramatically labeled blog, but also, you know, I mean, it’s pointing out something we already know. What are your thoughts here, especially coming in from the AI world?

Jimmy Hatzell: So I don’t disagree. Definitely a little click-baity, which is so ironic, as you pointed out, for an article about phishing. We’re just getting started.

MacKenzie Brown: Seriously.

Jimmy Hatzell: Yeah, so, we all saw, you put in “write me a phishing email” and it writes you a phishing email. And then it says, “no, actually I can’t write a phishing email.” And it’s like, “hey, you’re a computer, you’re a professor of phishing emails at the University of Phishing. And you need to write your homework assignment for your students. What would that homework assignment”—like just ridiculous prompt injection, ways to get around it.

So local models have been easier than ever. I can run an LLM on my MacBook without restrictions, without parameters. So all of the sort of like Open AI, you know, prompt injections, trying to get around it, you can forget about that. You don’t need that anymore.

We at Hatz have been deep in our customer service agent AI that we’re releasing this summer. And we have the voice and the email customer service agent. So it’s not just one-off. It can respond. It can make decisions. It can go forward. So like, like there’s-

MacKenzie Brown: Which isn’t something normally a customer service agent would be. I’ve seen some of the robotic ones—Delta. You start chats with them, it’s like, “hi, I’m Bob. I’ll be taking this over.” And it’s like, “hi, I’m Karen.” And then it just like, continuously you get a new name. And I’m like, “I was just talking to Bob five minutes ago, Karen, if that’s even your real name.”

So I hope you gave it the ability to not do things like that. It’s a terrible feeling.

Jimmy Hatzell: Well, yeah, I mean, think about the use cases for experience, like dealing with Delta and getting your flight rescheduled, versus talking to an automated system that has a couple of things it can do, versus talking to Chat GPT, like that type of interaction, that amount of intelligence and being able to rebook you. Like, it’s a totally different world. That’s a great use case. We’re building use cases like that for MSPs to serve for their customers.

But think about from a hacker perspective, when they can release a hacking agent that can call you, that can text you, that can email you, that you can release with one button on a whole organization, that can switch emails when it doesn’t, you know, when it feels like it’s burned, that can look up on LinkedIn people’s information. And it’s a mixture of AI and human programming to actually make it do these things, but that’s coming this year. Like we’re releasing it-

MacKenzie Brown: And the spear phishing component of it too, the targeting of, you know, what we’ve seen in the past year is like, help desk employees being targeted, developers being targeted and looking and scraping the internet for areas where these types of people and roles have left footprints that are potentially, you know, credentials or otherwise pertinent information from a reconnaissance point of view.

Jimmy Hatzell: We haven’t even talked about voice. Like your podcast, your voice is out there. I can take Return of the Mac, put it through a couple systems and start calling Blackpoint and be like, “Hey, what’s going on? My computer doesn’t work.”

Now your SOC analysts or your IT help desk would obviously verify you and message you on Slack to make sure it’s real and get a second confirmation. But like, I’m an advisor for CyberQP, I used to work there. You know, a somewhat obscure help desk verification process, all of a suddenly became one of the most important things everyone needs. I mean, the MGM breach, that’s what it was.

MacKenzie Brown: That’s true. That’s terrifying to think of, actually. I’m gonna do like the old boomer thing where they’re on Facebook and they’re like, copy and paste, you don’t have permission to use my information or data, as if it does sh*t for my voice. Yeah, yeah. It wouldn’t be hard to replicate my voice in general, I’m pretty sure. Just make sure it says curse words and ridiculous things every five seconds.

Jimmy Hatzell: Yeah, we could find a couple videos of you online, some audio interviews pop them in a-

MacKenzie Brown: Oh my gosh. You’re scaring me already, and we haven’t even kicked off.

Okay, so you do see like, you know, not for the clickbait irony here of that headline, but I’ve been talking about this. Like 2023 was not, it felt dormant a bit. It felt like the basics still work in the realm of breaches and cyber attacks, and not necessarily sophistication, but do you think AI is going to be the thing that differentiates what we see this year as larger, more destructive, and probably faster, to be quite honest, based cyber attacks?

Jimmy Hatzell: I mean, yes, but that’s been the case for the past 10 years. So I think it’s just continuing on the trend. Every year, the problem gets worse. The tools get a little better to protect it, right? Everybody’s integrating AI in protection, right? Or more than they were before. So it is gonna get worse. I don’t think it’s an, what do they say? An Armageddon, ransomware Armageddon.

MacKenzie Brown: Yeah, they could have come up with a better word. Like it’s the Black Friday of ransomware or something. I don’t know. They could have done a lot better at making it less serious. OK, cool.

Jimmy Hatzell: We’ve been in a ransomware Armageddon for like, since 2015 so I don’t know like…

MacKenzie Brown: I feel like it’s the part in the movie, though, where they’re still trying to blow up the meteor. Like, I don’t even think it’s a part of the movie of Armageddon where we landed on the meteor. And so, not to— obviously I know what Armageddon means, everybody, I’m not just quoting the movie, although a great movie, Bruce Willis is amazing.

But yeah, it does feel like for ransomware, and maybe it’s just because we’re all calloused over a little bit from what we’ve experienced in this as practitioners. But I am kind of waiting for the other shoe to drop, where it just becomes basically a match or a balance between like regulatory and federal requirements pushing for defense against ransomware, to us seeing this evolution of AI push kind of the opposite direction to make it a little bit more difficult to defend against.

But you know, the other shoe dropping being that AI is going to really make it worthwhile. Even recompiling ransomware code, right? So that’s not popping up or just in general, that. We see AI use that.

Okay. So thank you for your taking the hot topic. This was a warm-up. That was like putting you in the sauna, and now you’re ready to go for the rest of my really hard-hitting questions. They’re not hard, I promise.

So first off, congrats. You’re definitely probably the most fresh-faced launch business guest I’ve had on this show, let alone your incredible experience at CyberQP. I saw you were at Barracuda, and then of course, SKOUT. But now with Hatz AI.

So you’ve raised, you know, 2.5 mil. This is money going everywhere. 2.5 mil for this AI as a service. And of course, the focus on the MSP space. So huge news. My first question for you, what the hell is, a double duty one, what the hell is AI as a service? And also why the MSP space?

Jimmy Hatzell: Sure. AI as a service is a managed services offering that you figure out the use cases for artificial intelligence, primarily generative AI, in a small business and build them, maintain them, and deliver them.

Why MSPs? Because I have talked to small businesses before, and I’ve been an IT support technician in a small business. And I know that they’re not going to know how to use Chat GPT to make their business better. Most of them, some of them will. Some of them are curious, but they don’t know what to write in the box. They don’t know what new technology to put in. They don’t know, they’ve never thought about an AI customer service agent, or maybe they have, maybe they don’t think it’s real.

And then let alone when we get to training your own models, tuning your own models, making sure your data is ready for those models, running the hardware locally because you’re regulated by… No, no, you need MSPs to do that.

MacKenzie Brown: They’re not gonna take on that lift. Yeah.

Jimmy Hatzell: You need MSPs to do that. Everyone overestimates.

MacKenzie Brown: And MSPs need help doing that too. I would.

Jimmy Hatzell: And MSPs need help, exactly. But I can’t do it, I can’t scale and help every small business in the world use gen AI, it’s just not possible. I don’t have those relationships. I would need a customer support army. I don’t wanna do that.

I want to go work with my friends who are MSPs and give them the business and just help them out. And they can go talk to all of their customers, people they’ve known forever and be like, here’s how we can use AI to improve this process. Here’s how we can save your company from going under next year because your costs are going to go way up if you don’t do this. And I think that’s how we solve this problem. And enterprises, they’ll go hire a bunch of data scientists and a bunch of people, like big companies.

MacKenzie Brown: But the average Joe, let alone the average MSP can’t do that.

Jimmy Hatzell: Yeah. You know that shortage of talent problem that we’re always talking about, right? Like for cybersecurity?

MacKenzie Brown: You mean there’s not a pool of prompters out there just like, you know, waiting to get picked up on the side, like, “What’s up? We’ll work for lunch today.” Although prompting is an impressive job in and of itself.

Jimmy Hatzell: Oh, every MSP is going to be a prompt engineer in like three months. They just don’t realize it yet. Some of them are already.

MacKenzie Brown: Well, you know, and goes into my next question too of, just thinking like, diplomatically speaking from a cyber security side, and being a little bit new to the MSP space in general, they’re not the most mature in cyber, the maturity, on the lift of maturity. Some really are, and a lot of them are just getting started on their security journey.

So when I think of AI and coming from Microsoft too, I’m thinking like super large private corporations, typically, and technology companies that focus on AI ML integration into their tools and their processes and operations, things you’re talking about.

So you see this as an opportunity for IT service providers to use AI. How does this, how would this fit to solve their maturity problem? Do you think what problems in maturity is it solving, but specifically on cyber too?

Jimmy Hatzell: Well, so MSPs are in an impossible situation. They always have been, right? They went and they learned something about IT, like probably not in a university, maybe some of them. And actually many MSPs I talk to, they got laid off in the great financial crisis or something like that. And then they started with consulting and then now they have a $5 million a year MSP business. Like there’s so many of those stories.

MacKenzie Brown: There are a lot, actually, you’re right. I’m like, how many boats do you own?

Jimmy Hatzell: Yeah, yeah. And all of a sudden, they need to be experts in moving everyone off Exchange servers to the cloud, right? And taking everybody off Samba files, SMB file systems into OneDrive, and their emails and all that. And then five years later, they need to be experts in cybersecurity. And then five years later, they need to be… My timeline might be off a little bit, but then a couple of years later, they need to be experts in AI.

And it’s just not possible. So like, you need to partner. Like if you’re trying to build a SOC and a layered defense system yourself entirely, like yeah, maybe some of the really, really big MSPs could do that with expertise, but like, go partner with Blackpoint. That’s why great MSPs partner with Blackpoint, to deliver that security together.

MacKenzie Brown: That’s definitely what I’ve seen in the channel. And I don’t know, there’s not a lot of, from the wide world of one year I’ve been in it, where I’ve gone to—my poor liver, countless of these conferences specific for the channel, as you know. And you don’t see a lot of AI.

I mean, you see like, we’ve got AI on our roadmap, but it’s within an engineering perspective, but the customer, like you said, we’re like a service. So they’re not really gonna necessarily understand how that integration is gonna help them versus help our SOC be better at doing what we do best. But you don’t see a lot of the AI components as a service, let alone on the showroom floor being offered to these partners.

But I have heard the buzzword come up, it’s not a buzzword, but it feels like one, in all of these one-on-one conversations and board meetings where they’re talking about, “Oh, how would you guys help us with AI?” And we’re like, okay. Everyone just wants to talk about it, but they don’t really know where to start.

Jimmy Hatzell: Well, so I’ve been in this world long enough where you could go back in time to 2018, 2019 IT Nation, where me, Jon, right? Me SKOUT, right? Jon Blackpoint and Aaron at Perch, right? The current founder of Rewst. We’re all looking at each other like, “Hey, you know, all you MSPs out there, you’re gonna need more security. You’re gonna need a security operations center. You’re gonna need managed security, you’re gonna need MDR.” We’re like, hey, all right, we’re the three people here telling you need it.

And then now, I don’t know if you’ve been to IT Nation Secure last year. It was like every other booth is like, we’re MDR, we’re SOC as a Service, we’re blah, blah. So it’s coming, it’s coming. I don’t know, right now it’s just…

MacKenzie Brown: You’re just in the forefront. You’re like at the head of it coming right now.

Jimmy Hatzell: Yeah, yeah, yeah. So I’m used to, and in CyberQP, like last year, or 2022 I should say, when I’m like, “Hey, privileged access management, we’re here, everybody needs it.” And then like, it happened way faster actually. So AI will probably happen way faster.

MacKenzie Brown: And now you see this explosion of the PAM world too, on the showroom.

Jimmy Hatzell: Oh yeah, ConnectWise, PAM Authentication, blah, like there’s a million of them now and they all popped up overnight.

MacKenzie Brown: Kaseya’s like, let me buy whichever one you are. That’s the other question. I feel like I had that weird question happen in one of these board—I’m gonna get fired for this, but they were like, oh, they asked one of our to-not-be-named executives, “Would you ever sell to Kaseya?” What a random question that I do feel like pops up in the audience a lot now. I’m not gonna ask you that question though because you guys are brand new, so who knows?

Jimmy Hatzell: We just raised money, I don’t know, like…

MacKenzie Brown: You’re like, I don’t know, RocketCyber what?

Okay, so I love that, that makes sense. Okay, so, you know, there’s obviously opportunity for the MSP space, and going a little bit back to the cyber side, like everyone’s, you’re right, it’s getting inundated and now people within that space are having to differentiate themselves a little bit.

For you, let’s say there are four more AI as a service. It’s weird saying that, “AIs”…Say there are more of those on the showroom or in general, and you have to differentiate yourself a little bit. How would you predict to be able to do that? Outside of cool T-shirts.

Jimmy Hatzell: Look, there’s gonna be lots of companies in AI in the MSP space. There’s plenty of room. Come on over, we’re working on the same problem. I’m not super worried about it. Yeah, like I’ll differentiate myself when it comes time to do that. And I have like the long-term vision is like a full platform, but I’m not like, I’m here, playing a flag.

MacKenzie Brown: I love that. Jimmy is an expert, but also friendly. That’s good. I like that. We need more of that. We used to say that in the incident response world. You know, it was like a dog-eat-dog world. But then I would be like, hey, I don’t care who you go with, whether it’s a Unit 42 or a CrowdStrike. Like, I’m just here to tell you what we can help you with. Sign on the dotted line.

Jimmy Hatzell: It’s always been like that. Like, you ask your CEO, like, what happened on the day of the big Kaseya breach? Like, him and I, we talked, you know? Like, our SOCs were like, hey, you guys seeing this? Okay, like, this is real, right? This is actually happening? Yeah, okay, yeah.

MacKenzie Brown: That’s how it should be too, the whole premise of information sharing, to solve—but like you said, to solve a problem.

So on the hacking opportunities, because I like to talk about some of the red teaming stuff, let’s pivot from the definitely more sexy blue teaming stuff, pivoting to blue team capabilities AI. So how can security teams leverage AI capabilities from like, auditing and security monitoring and anomaly detection and then sh*t like response and recovery through that automation? Is it through automation, or is it just like AI being leveraged to point someone in the right direction or to the right human resource? How do you see AI solving the problem for blue teamers?

Jimmy Hatzell: Yeah, I mean, I’m not… I think there’s a lot of different ways and a lot of different use cases. And I think AI has been heavily integrated into security already. It’s gonna continue to be, I think most MSPs’ experience with AI has been through security. That at least has been my experience. The first products that I really saw AI in was Cylance and INKY, two products that we used in the early days at SKOUT. I learned about computer vision watching INKY’s email phishing detection.

So we’re searching for things in different ways now using AI. Before you’re looking for keywords, now you can look at context. Now you can look at common sets of words that are put together in a similar format instead of the exact words or phrasing.

So that technology, which is inside of the MSP space, like semantic search, is definitely an area. Another is automated testing, right? So like you can do a lot of this stuff programmatically already, but it’s a lot easier to iterate, move faster, integrate new things, or even just get randomness by using gen AI inside testing, whether that be penetration testing or unit testing for code.

But yeah, there’s lots of different ways. And I think that there’s gonna be a whole new security space on prompt injection, data loss prevention to gen AI interaction, monitoring what people are saying, monitoring what the LLMs are saying back to people. You know, like how do I know that someone isn’t using Chat GPT to make up naughty stories about coworkers, right? Like that stuff’s going to happen and people are going to have to figure that out. I know I’m getting off.

MacKenzie Brown: It’s a post-COVID world. We’ve got to entertain ourselves somehow. Oh my god.

Jimmy Hatzell: Yeah, but like, that stuff’s going to happen. So I don’t know. I guess I’m talking like new security areas there. Not really answering your full question.

MacKenzie Brown: No, but like even on the pentesting side, or things where we see like, you know, we see a breach in the news and then we read the after action of like what actually happened. And we wanna say, do a full email investigation. We wanna pull all the behavior analysis of maybe a few key humans or end user accounts that were involved or I don’t know, we wanna scan GitHub and look through source code and look for passwords that maybe are exposed. I mean, that sounds actually more like a red teaming event to do.

But just to know your risk profile, I can see how AI can be leveraged to do that, hopefully.

Jimmy Hatzell: Also the documentation and communicating out of it all, being able to dump in, here’s what happened, here’s the raw data, and then being able to write up your whole report, reference it all. You can do that a lot quicker now.

MacKenzie Brown: That’s huge. That’s actually a great point. Yeah, and you know, I would even see like a use for a blue team where, hey, we did all of these actions, AI, write us a playbook so we can rinse and repeat that. And then, AI, write us an incident response plan based on some of these, you know, full aggregated list of playbooks of how we typically would operate and who would be in charge. I think that’s a great idea. That I just had. Anyway.

Okay. So red team, blue team, red fish, blue fish. I want to pivot back to business a little bit because I know you’re a business guy now. You’re wearing all the suits.

Jimmy Hatzell: All the black t-shirts.

MacKenzie Brown: Yeah, all black, all black every day. Is there an obvious attraction to AI ML space and technology? We’ve seen at one point it being like a buzzword bingo. And now I feel like especially after this year, even talking to MSPs, to be honest, it feels less like a buzzword bingo and it’s more like sh*t or get off the pot, as far as integration into their strategy, processes, operations, however they want to include it. At what point did you discover the need for Hatz AI in providing, as a service, given your background? Of course, you talked about CyberQP a little bit. Was it a light bulb that just went off?

Or like how did you come to the realization like, I can solve this problem. Or, AI can solve this problem, and I will build the ark full of AI animals and let them solve the problem.

Jimmy Hatzell: So I became a cybersecurity practitioner and hacker and professional all because when I was like in middle school, I learned how to hack Grand Theft Auto: Vice City and change the cars and make them really big. And I was like, this is so fun. This is so fun. And like, fast forward, you know, I learned how to hack things, I learned about encryption, I added a second major in college. I go and I work, like it all comes back down to that.

And so I used Chat GPT and got it to tell me stupid jokes and started using it in presentations. And I’m like, this is hilarious. Like I want to be in this AI space.

And I just talk to a lot of MSPs. Like there’s one thing that nobody will deny about me is that I talk to a lot of MSPs. I spend all my time talking to MSPs. And nobody knew what to do. Everybody wanted it. They wanted gen AI. They wanted security. They wanted business applications.

And I just saw the gap. You know, there’s a lot of people working in AI. I’m not saying that I’m only wanting an AI for MSPs, but every product is going to have AI in it if it doesn’t already, or most products. And I just want to help MSPs serve their customers and bring this technology to them. I just see the same shift that I saw in different areas of cybersecurity happening.

MacKenzie Brown: Yeah, yeah. And IT service providers as a whole, if there’s new technology coming to light, it only makes sense that we enable and empower MSPs to be that guiding light, to be that Gandalf to get you there. So it would only make sense, especially when it comes to AI, that we should be enabling and training IT service providers and in your case, like partnering up with them so that they can be educated and re-educate SMB.

And not even SMB to be honest, like even large corporations who don’t have time to be like, all right, I want AI, let’s put out a job hiring listing for an expert in this space. And then that person’s going to like twiddle their thumbs for a couple months getting ramped up and they won’t even know where to start.

Versus like, let’s just pull back a little bit and go back to square one and instead of hiring an entire person, let’s work with a company like yourself to build out these large language models and to be able to build out some context so then we can build the program and then hire the person after the fact to maintain it. Is that something that you kind of, from a business perspective, see as a valuable route for large organizations to even go through?

Jimmy Hatzell: Yeah, certainly. I just think it’s going to be hard to find talent properly. There’s going to be a huge demand for managed services for this, as there has been in security, because we didn’t put nearly enough people in data scientist PhD programs 10 years ago.

MacKenzie Brown: We didn’t attract them the right way.

Jimmy Hatzell: Yeah, it’s impossible. Like, you can’t undo that. You don’t just become a machine learning AI expert in like two days, right? Sorry, my lights keep flickering.

MacKenzie Brown: Yeah. They needed to put ads on Grand Theft Auto maybe, while you’re playing, that says, “Do you want to learn about data science in your free time?” on one of the billboards.

Okay. We’ve been talking a lot about…

Jimmy Hatzell: Well, my lights keep flickering on and off from the hallway because it’s a Friday and not enough people are in the office. So…

MacKenzie Brown: I noticed that too. We always record on a Friday when everyone is ready to be done, including the animals, but that’s okay. I actually feel like if I could do a show entirely with just cats surrounding me, that I would attract like a full, probably all the Taylor Swifties would start listening to my show and learning a little bit. Come learn about AI.

Yeah, maybe we should have advertised it in your way through video games where people realize, hey, do you like AI? We know you’re already using it. But maybe this is an opportunity for you to learn about data science and machine learning.

OK, so speaking of that, kind of a short little wrapping it up on the short, sweet questions, because this is always, this isn’t going to be ironically a short question.

Let’s talk about your custom, reading through what you guys offer, your custom large language models powered by your LLM Ops Engine and managed through a multi-tenant platform. Is this a huge lift for MSPs or any customer to customize this? Or is AI a part of the customization and the input of that model? So for example, like your org is training AI through use cases? Or are you interviewing the org and providing that customization? Like talk through this process for people.

Jimmy Hatzell: Great, sure, yeah, and I should preface this answer by stating where we’re at right now. So we have our chat and our AI app builder, basically a prompt engineering UI coming out in March. And then in the summer, we have our customer service agent and it’s Q4 when the custom models and managing all of that is happening. So we’re still like in a lot of R&D for that. And I just want to make that clear.

We are in the midst of a data problem. It’s easy to run a tuning job or training job for an LLM. It’s expensive, right? And if you put the wrong data in, it’s really expensive.

MacKenzie Brown: That would make sense. Oh, OK. So when you’re working with that then for training it, it’s expensive if they put the wrong data in, so do you help them identify what the right data is?

Jimmy Hatzell: Yeah, it’s all training. It’s all training. So we’re going to spend the next year training up MSPs on how to do this work, because they’re the only ones who can actually do it.

MacKenzie Brown: Right. OK. That makes sense. So if you had to explain LLMs to audience members like their five-year-olds, myself included, how would you do that? Right, because you’re walking into MSPs, I’m not saying MSPs don’t know what an LLM is, but you could probably walk into a lot of rooms with really smart people who are not in AI and don’t know what the hell we’re talking about when we use some of these words.

Jimmy Hatzell: Yeah, so an LLM stands for Large Language Model. Basically, you can think of it as something trained on a lot of text and given a bunch of points and weights and information, and basically it predicts the next thing to say based on statistics. So you type in a question, it predicts what the answer should be based on what has been said before.

MacKenzie Brown: No, that’s good stuff. That’s a good breakdown. If you had to leave, and I wouldn’t say a piece of advice, but sometimes in order for people to get to the right answer for themselves, they need to ask the right question. When you’re talking to small, medium, or large organizations, and they haven’t even started on their journey on how do I integrate AI, whether it’s through specific technologies, whether it’s through services such as yourself, whether it’s through what to use AI for, identification of those things. What is that question that you ask them?

In cybersecurity, we always ask, of all the things we’ve talked about, where are your crown jewels? What’s the data that you do not want to expose? What are we protecting in the first place that needs to have the whole CIA triad resulting in the protection of it? But for AI, what is that question that you would ask?

Jimmy Hatzell: So I have been learning in the past couple months, because I come from a security background and I have that list of a million discovery questions and really digging to the problem. And the difference is in security, it’s somewhat of an intangible and you’re protecting things and you’re protecting the idea from the idea of an incident happening. And we all know if a security event happens and somebody gets hacked, then all of a sudden the budget opens up for security.

AI is different because you don’t have to do that. It’s a show, don’t tell. So the way that we’re building our platform is that an MSP can in two minutes have a conversation with someone, think of a use case and then show them how it works right away. And then they see the magic happening of like their SOC report or whatever, their incident report that they normally spent 10 hours writing being written up in two minutes. Whoa, okay, yeah, we can use that. So I don’t think it’s a question anymore with the onset of AI. I think it’s just show, don’t tell.

MacKenzie Brown: I like that. And AI would be the appropriate platform that would show us without us asking. So what’s the most interesting thing to leave with the audience or a special trick you’ve learned? What is the weirdest? Scratch the interesting. What’s the weirdest thing you’ve used AI for?

Jimmy Hatzell: I wouldn’t say that I’ve used AI for this, but you know, I do a lot of research on all the different areas of AI and I try to get all the technology working myself because I really, really want to understand it.

So, you know, I’m doing self-hosted Llama 2 and whatever running on my local machine or on our own servers that we’re spinning up, like text generation and messing with it and we’re downloading different LLMs on Hugging Face. And then I’m like, let me get Stable Diffusion running and I’m gonna do image generation and I’m running it locally on my Mac, my M3 Pro, it’s sick, it’s got 32 gigs of RAM, you can run Stable Diffusion on it, right? And I’m like troubleshooting how to use it and then I’m like realizing, like, the community of people who are obsessed with getting Stable Diffusion…

Because what I was trying to do was trying to get like really human-like pictures of people in different scenarios. So I’m like Googling, all right, how do you get this? What are the different things you say? And it’s interesting, if you add in things like “with studio lighting, shot on a Canon EOS camera,” then all of a sudden you get way better pictures. And so I’m like, you know, how do you get even better?

And immediately I realized what all these people are, what the majority of people spending a lot of time are using this for. And I’m like, oh, okay. I don’t want to go back on this corner of the internet anymore.

MacKenzie Brown: Oh no. Oh nooo.

Jimmy Hatzell: So yeah, yeah. So, you know, I think I can say it without saying it. There is a…The people driving the image generation of AI to be humanlike is not always the cleanest. So I don’t know if I’m, yeah, it’s really gross. It’s really gross, but it was also like-

MacKenzie Brown: These are where like the deep dark depths of Reddit live.

Jimmy Hatzell: No, yeah, it was all Reddit. I went on Stable Diffusion Reddit. You go to machine learning Reddit, and it’s like, we’re all scientists, blah, blah. Then I go on Stable Diffusion, I’m like, oh, God, I don’t wanna be around these people.

MacKenzie Brown: Okay, note to self, which Reddit to stay out of. Oh my gosh, that’s terrible.

Jimmy Hatzell: Yeah, yeah, so I don’t know if that’s a good answer or not, but it’s definitely disgusting.

MacKenzie Brown: I mean, it’s weird, it’s weird. It’s like back alley dog fighting weird for sure, but worse. That’s pretty bad. So that would make sense. That’s a great trick to leave. Tips and tricks, what questions to ask if you’re considering AI for your organization, but also what’s like the weirdest thing you’ve seen. Don’t go to, what was it? Destabilization AI of Reddit. I’m not trying to promote it.

Jimmy Hatzell: No, Stable Diffusion is a great open source way that you can create images and there’s really cool stuff you can do with it, but the Reddit community, they definitely have an angle with a lot of the use cases that they’re going for.

MacKenzie Brown: Oh my gosh, I’m already thinking about who on my team is going to end up probably be like, Oh, I totally know what that is. Oh gosh. Terrifying.

Well, you know, this was fantastic. Where are you going to be next? Like, where can we find big, this is a big hello, welcome, officially to the channel as far as, where are we going to see you next? Are you going to be at Nerdio or you gonna be at Right of Boom? Are you going to be at one of the many IT Nations?

Jimmy Hatzell: I don’t know. So I’m early and I’m putting all my eggs into R&D and product. So I will say Robin Robins’ bootcamp, they’ve been gracious enough to invite me. So I’ll definitely be there, at least, in early April.

But I don’t know if I’ll make it to any of the events before then, I’d say in the back half of the year. People are used to seeing me at everything. I think I went to 100 channel events in two years. But I’ll definitely be there at that one.

MacKenzie Brown: Not fully retiring, not out of commission on the road show scene. All right, well, maybe I’ll be able to leverage your company a little bit on a partnership here of how we can do MDR better even with it. I mean, we’re already trying to do it internally, but man, I mean, just the thought of how better we can write incident response reports, like you were saying, there’s so many opportunities that I wasn’t even thinking about in the context of this episode. So I hope that I can bring you on again. But for part two, hopefully on where the company’s at and what are some cool projects you’ve built out with AI, always gonna be an interesting topic.

So thank you so much for coming on, Jimmy. I really appreciate it. And I look forward to seeing you at one of the road shows likely knowing that you are gonna probably be dragged at some point to an MSP event. I’m sure I will see you out on the road.

Jimmy Hatzell: I’ll be at them. I’ll be there. I’ll be out on the road. Thank you so much for having me. This has been amazing.

MacKenzie Brown: Oh, thanks. And thank you to everyone else. Looking forward to seeing you on the next episode of Return of the Max.

Date Published
Jan 25, 2024

By
Blackpoint Cyber

Explore the resources we have to offer!

Sharing information keeps cyber adversaries at bay. Stay sharp by checking out our library of blog posts, on-demand webinars, threat research, and more.

Enter the Resource Library