The Truth About Cybersecurity and Privacy

Full transcript

Ai's scary phishing game

Welcome back to the podcast, guys. Today, we are joined by David Morse from DeleteMe. David, welcome to the podcast. Thank you, Nicolas. It's been an interesting journey so far. Sure. For anyone meeting you for the first time Right. What pulled you into the privacy and security world? Well, actually, I I've been in I've been in the IT world, Nicholas, for about thirty plus years, and that makes me really old. But I started in channels, working in distribution many, many years ago. And I've been actually in the cybersecurity world where I joined Carbon Black probably about ten years ago before VMware acquired them in the endpoint detection and response game as well as managed detection and response players. And recently, I had a a opportunity to work at a password credential management vendor and just as of with DeleteMe, joined a privacy play because what's happening in the cybersecurity world, for those of you following along all the craziness that's happening in our world today, cybersecurity without privacy is not really cybersecurity. So the unique opportunity that I saw here in joining DeleteMe is where that line starts to blur privacy with cybersecurity.

Mhmm. You mentioned that cybersecurity can't really exist without privacy. Right. When you say that, what do you actually mean? Well And could you give a concrete example? Absolutely. So if anyone's following the AI game out there today, it is scary. So the capabilities of AI today, it's allowing for malicious actors and hackers to no longer they're not breaking in anymore, Nicolas. They're logging in. And the amount of PII, personally identifiable information, that's out there with data brokers is scary, and it's sold as a product. So whatever you do, whatever I do, it is a product for data brokers to sell to people, whether they have malicious intent or not. So what happens in today's environment is a user who is a human being has their private information out there where someone who runs an AI script based upon your frequent flyer shopping information, based upon your cell phone, anything you can think of of PII, and they will be able to run a phishing, vishing, smishing, any type of phishing campaign

to go after you and figure out what makes you tick. How do you have your password set up? What are you inside of an organization? And we've had many clients who have been breached due to someone within, let's say, lower within an organization that has clicked on a malicious campaign, which was created phenomenally with AI capabilities, and sat there and watched all of their basic private information and managed to hack them by logging into their accounts. So it's a scary world that that we live in today. So if every human being is a potential attack surface in terms of their PII and we work at organizations, how do you make sure that you reduce that attack surface? And that's where delete me comes in. It's a preemptive, proactive approach to reducing your human attack surface so there's less ways to log in as a malicious actor with at your job, at your house, into your bank account, whatever the case may be. Mhmm. David, you also launched a partner program and PRM portal, and you anchored it around keeping things simple. Correct. When you say simple,

Protecting the elderly online

what does that look like for a partner in the, let's say, first week? Great question. So in the IT world, and and you've interviewed a few people, Nicolas, our partners many times sell 50 to a 100. I had a meeting with a partner the other day. He has 800 vendors that wanna work with him. Can you imagine logging into 800 different portals and understanding 800 different it's ridiculous. It's crazy. So what we did at DeleteMe, we actually created a partner portal and a program that if you're 10 years old, you will understand. It's so simple. All you do is log in. We have a deal registration opportunity where we give incremental and very aggressive discounts for partners. All they have to do is fill in some basic information, submit, and they're done. We have two other tabs for collateral. So you can see all of our sales collateral, and then there's another element to it where it's cobrandable. That's it, my friend. No more complexity. When you just log in, you can deal reg an opportunity, learn about what we have and what we do, and you can turn on cobrandable

stuff to add your logo to to some content to share with your customers if you want. Not a mess. Nothing more. That is exciting. Well, it has to be because of all of the the like I said before, our partners need simplicity. If I create friction for them, they will never work with me. So a lot of what we do, like, for example, in our deal reg program, partners get in 30% for every deal reg that they bring to us. So it's an incremental 30% discount. If they join as a managed service provider with us, which we also have in our program, they get a contractual 32% discount because they have to provide some level one, level two support, but we really do all the heavy lifting. So it's all set there for them, and they can just self-service, and off they go. They don't need to really have contact or friction with us. We, again, try to make it simple and easy for our partners. Mhmm. When it comes to the vendors, they a lot of the time, think that partners just need a deck and a commission plan. If you're talking to,

let's say, a Sharp MSP or MSSP leader, what do they really need first to confidently sell privacy? Is it messaging or packaging? That's a great question. Maybe proof points? That that that is a fantastic question because I think what we tend to miss in the vendor world is no partner's gonna care to work with us if we don't help them understand how to make money with us. So if you reduce their friction and you show them where the money and revenue is coming from and how it's easy to to position, that is where you can help them understand how to because remember, right, partners have service offerings, especially MSPs. They already have a bundled service that they put their logo and brand on, and they go to market with it. If I'm adding complexity and it's just too hard to manage and it's it's too expensive, it'll never fly. So that's where the simplicity and no friction comes in. I think what's interesting coming from the EDR world of endpoint detection and response, having worked at Carbon Black and vmwareandcom

system for a few years. You you find a world where everyone is focused on after the proverbial caca has hit the fame. You understand that expression, Nicolas? Where after things explode is where a lot of the cybersecurity players focus on. Now I'll do threat hunting. I'll see what's happening, etcetera, etcetera. When you start to talk to partners about the preemptive, the proactive side of things, This is how you can reduce that human attack surface that malicious actors are leveraging and using to create these phenomenal AI campaigns with bots, etcetera. It's it's really crazy what's out there. But having them understand that is not hard. Having them understand where to put it in their service offering at a aggressive price and where there's no friction for their customer is where that sweet sauce is, where we need to really have a strategic conversation with the partners of, hey. You might have to charge your customer a little more, but look at all the reduced friction and PII out there, the potential attack surface that we would be eliminating upfront. That's what we do. Mhmm. When, let's say, a customer hears privacy,

a lot of them, including me, mentally file it under legal or compliance. Good question. How do you sort of position it so it lands as a real security priority without putting up all of this fear and being too dramatic? Well, I think you're finding that because that line of cybersecurity and and and, by the way, cyber insurance over the top with privacy is blurring, there is, I I believe, very soon a compliance issue with that. Just like cyber insurance companies wanna make sure that you have an EDR play out there. Like, what are you running? Having a PII removal tool, in in the world I live in today, I see that it's very focused on top level executives, almost the executive security groups that are kind of running PII removal, but it's an it's an issue across an entire organization. Everyone, I think, has to be wary, especially in today's world, Nicolas. I mean, I'll give you a personal example. My mother takes phone calls that you know are scams, but she's elderly. So she will give someone her password if they say, I'm calling from Microsoft. I need to help you.

So these types of things affect everybody, especially with the way campaigns are being built that are so efficient and so effective. You it doesn't look like that old email from the prince of Nigeria asking for $5,000, and he'll wire you 2,000,000. Right? Those days are over with misspellings, etcetera. You get a real email with your bank letterhead. Perfect. Something that is interesting for you. For example, click here, and you'll get an extra $500 in your checking account if you do etcetera. Like, these things are looking very professional. So compliance and legal, to go back to your thing, is you do have a part of that, but you also have it where it's just making sense if you're in the cybersecurity business of reducing that human attack surface and just keeping your customers safe. It's crazy that there are these cruel people that will just take advantage of older people. Well and, Nicholas, that's that's the low hanging fruit. Right? You can run an

AI bot script now for a certain target market of a certain target age that frequent certain types of stores or whatever they do and just run it and run it and run it and send it to as many people as you want. If you just get one or 10%, it can bring you in I mean, you have government agencies in some nations that entire departments are funded like this. Like, North Korea is famous for this kind of stuff. A whole other level of cyber piracy, if you will, and just making sure that they it turns into a profit center for an organization or country. I I think on the compliant Sorry. Go ahead. Right? I'm I have another question for you, but you can finish what you No. I I was started. Just gonna mention one thing that we do at DeleteMe that's kind of a little different and unique, and I think it what separates us a little bit is while we leverage technology to do our PII removal for our customers,

there's a human element to this because data brokers are in the business, and there are thousands of them throughout the world that sell our information as product. And they they do not want to give up their product. But we as individuals in, like, Europe, you have GDPR. In Brazil, you have data protection laws as well. Here, you do as well. So they have to abide by the laws and eliminate and take down your PII. So we have an entire human element of what we call our privacy advisor teams that actually follow-up, especially in our higher end packages for VIPs and platinum level. And that's a little differentiator where it brings back to the compliance and legal thing. This is something where the legal teams or the HR organizations love a little check mark there to make sure that, okay. Not only are we doing technological advances of running the capabilities from an AI perspective, for example, removing PII, but there's also that human element. I'll stop talking. I'm curious. Let's say that I'm a new partner, and I'm generally interested in being a client for DeleteMe. Okay. What

do you want me to do in week one? What do you equip me with? K. And what should I never have to chase you for? Well, we would just have you register on our partner portal, and you'd be contacted by one of me or my myself or my team. And we would set you up right away and walk you through a thirty minute presentation and our solution because it is simple. DeleteMe was consumer birth. So we came out of the consumer world where it's very easy to understand and how to position. You go into a dashboard. You you understand what you're looking at right away, and our team does all the heavy lifting on the back end. So from a partner perspective, you need to log in, create a partner portal. We would send you an agreement to be part of our actual formal program, and we would go ahead and set you up in thirty minutes showing you how easy it is to do business with us. If you wanna be a reseller, that's pretty much the way to go. If you decide to be an MSP,

we then would spend an extra maybe another thirty to forty minutes in showing you how the parent tenant is created, how you can manage your customers underneath in a parent child relationship in multitenancy, and you can then start to understand a little bit better of, you know, what you can do to deploy licenses to new customers, how to work with us on that end. Giving you access to our portal, I've already shared with you that it's so simple. They can figure all that out themselves. But I I I always like to let our new partners know that for their first two or three deals, we will definitely hold your hand and make sure that you are 100% comfortable. And by then, usually by the second deal, the partner's already like, this isn't that hard. I got this. I'm good to go. Every good partner program has some kind of flywheel. Right? Something that compounds. In your mind, what are the moving parts of a partner flywheel that works? And when do you usually see the flywheel break when teams try to scale it?

Oh, when you say the flywheel, I'm assuming you're talking about the customer cycle and where we might have leads. Is that what you're you're getting on with? Right? Right. Okay. Yeah. I I think what this is what's interesting with DeleteMe. We've been going after b to b customers now for probably about three to four years only. The company's been really focused on the consumers. We've been in business fifteen years, and we're the de facto leader in this PII removal stuff. So if we see new opportunities coming in from customers and we see the opportunity of them going through a partner or so, what's happening now with us is we're we're actually working with our sales teams to really guide them and push them and incentivizing them to ask the questions to custom hey. Are you working with a partner? Who do you source your SaaS solutions from? Who do you source your services from? And that started to generate quite a bit of traction since I've joined. I've been now at DeleteMe for almost, I wanna say, five months now, and we've just been adding on new partners with our current with our program,

with bringing on new customer opportunities for them. Something you're kind of hinting towards, I think, Nicolas, is my leader and myself and the rest of our team, we've been working on a lead generation program. Like, how do we get them tied to our partners? That's something we have in the pipeline. It's not out yet, but we're starting to also look at, you know, deals that have closed lost or sometimes customers, they go silent. Getting a partner involved in those cases sometimes can be very helpful because it's not the vendor trying to sell the vendor solution. It's the partner figuring out what's going on in there. And it's it's working quite well because it's a different avenue. We we go through the front door. Partner can go through the window, the back door, up through the ceiling, whatever. But it's it's it's turning into a very solid way to work with partners. Mhmm. That's very interesting approach with the partner Mhmm. Instead of you. If there are people that want to check you out or learn more actually about partnering with you, where should they go? Real simple. Partners.joindeleteme.com.

And you could put that in the chat or whatever you want, but that's the easiest way to do it. Right from there, you could also email us at partners@joindeleteme.com. And we'll we'll get we usually respond two to three hours. We'll get back to you with so let's set up a call, and let's figure things out. Great. David, thanks for joining us. My pleasure. And thank you guys for watching. Thanks for having me. Nicholas.