Software Sundays

The Pope’s Warning, Europe’s $75B Bet & Tech Fueled Housing Crisis | SS #31

Kevin Dowdy Season 1 Episode 31

Share episode

Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.

0:00 | 57:37

This week on Software Sundays, KD explores how artificial intelligence is reshaping society, economies, and opportunity around the world.

We begin with the Vatican’s growing concerns about AI and the impact advanced technology may have on human dignity, work, and decision-making. As governments, institutions, and global leaders pay closer attention to AI, the conversation is moving beyond innovation and into questions about responsibility and long-term societal impact.

Next, we examine SoftBank’s proposed €75 billion investment in AI infrastructure across France and what it signals about the global race to build sovereign AI capabilities. KD discusses the growing demand for cloud, platform, security, networking, and reliability engineers as countries seek greater control over their technological futures.

We also break down how new wealth generated by the technology sector is contributing to rising housing costs in major markets like San Francisco, and why participation in the technology economy may become increasingly important for individuals and families seeking economic mobility.

In this episode’s Q&A, we cover how to choose the right tool for a project, the differences between dynamic and static testing, why software estimates are often wrong, how Known Exploited Vulnerabilities (KEVs) fit into cybersecurity programs, and why the technology industry creates so much wealth.

We close with a reminder to stay focused on your own mission, avoid distractions, and build the future you want to create.

Join BLI University: https://discord.gg/jRkGnQaDVq

Connect with Kevin Dowdy: https://www.linkedin.com/in/kevinldowdy

RSVP for I Self Express Walk: https://www.eventbrite.com/e/i-self-express-too-10th-annual-self-esteem-awareness-walk-tickets-1982640223279?aff=oddtdtcreator

CHAPTERS:

00:00 Introduction to Software Sundays Builders
00:29 The Pope's Stance on AI and Human Dignity
03:53 The Need for Mindful AI Development
06:35 SoftBank's Investment in AI Infrastructure
09:28 The Future of AI and Infrastructure Development
12:28 Opportunities in Sovereign AI and Global Talent
14:52 The Impact of Tech Wealth on Housing Markets
17:52 The Importance of Competing in Tech
19:09 Choosing the Right Tools for Development
26:30 Dynamic vs. Static Testing in Software
31:46 Challenges in Estimating Software Project Timelines
40:00 Understanding Known Exploited Vulnerabilities
45:05 Wealth Concentration in the Tech Industry
51:02 Mindset for Success in Tech
55:08 Community Announcements and Closing Thoughts

Build Learn Impact is on a mission to help you create wealth, opportunity, and ownership through technology.

#SoftwareSundays #ArtificialIntelligence #AI #Technology #SoftwareEngineering #CyberSecurity #TechCareers #Housing #TechIndustry #Innovation #Leadership #CloudComputing #Engineering #BuildLearnImpact #KEV #ThreatIntelligence #SoftBank #Vatican #FutureOfWork

DISCLAIMER: This is not professional advice. The views expressed are my own or those quoted. Consult your own legal, business, or tax advisors before making decisions based on this episode.

Build Learn Impact is on a mission to help you create wealth, opportunity, and ownership through technology.

Introduction to Software Sundays Builders

SPEAKER_00

Welcome to Software Sundays Builders. I'm your host, KD, and this is a space for high-level conversations about technology and the impact that it has on our community. I want to make sure that you can walk away with the tools that will allow you to grow your income, become an owner, and help with shape what happens next in the world. If this is your first time tuning in, you are in the right place. And if you've been rocking with us for a minute, it is great to have you back. Let's jump in. So, first on the news is

The Pope's Stance on AI and Human Dignity

SPEAKER_00

the Pope joins the voices against artificial intelligence. Recently, the Pope, Leo XIV, released his Magnifica Humanitas, where he outlined his desire to protect human dignity and agency in the age of AI. And his thoughts are that the technology is threatening to replace people and professionals and in a many social roles. And that's going to have a negative impact on the spiritual growth and the future development of society as a whole. He kind of sees the unleashing of AI in an uncontrolled manner as the fall or the beginning of the fall of man, and he actually compared it to our Tower of Babel from the Bible, if you're familiar. But basically, this is his thoughts around saying that we need to have a way, an idea, a framework for how we are managing AI and the impact that it's having on our people, our societies, our communities. Because right now, the speed at which it's developing and the way it's developing without the controls, without any type of guardrails, is going to cause more harm than good over time. And the surprising part about uh his speech and his writing was that Christopher Olah, one of the co-founders of Anthropic, actually agreed that the companies developing AI for profit need to have informed critics who will be able to tell these labs exactly when they are doing something wrong, exactly when they are failing. So it's an understanding that even from the people building many of these technologies and these tools, that yes, you can't just have developers building in the vacuum. There needs to be people that understand the human aspect and the human impact that's going to actually exist, that's going to be created. And if you don't have those conversations, those voices actually present when the development is happening, then we're going to lead definitely to more uh you know, more pain inside of society, more inequality, more uh danger, like all of these negative things that happen when you just don't have those perspectives that you need. But one of the most interesting parts about just seeing and hearing these comments and these thoughts is that we're starting to move away from the novelty that AI created when it was first released, or at least when this generative AI wave was first started. Like that's starting to peel away. And what's being left is a reality that people are finding a hard time accepting. And a reality that individuals, governments, and now even religious organizations are starting to pay more attention to because the impact

The Need for Mindful AI Development

SPEAKER_00

of AI is not going away, right? It's not like we're seeing anything slow down in the AI space. We're actually seeing the technology continue to improve and actually get better faster. And that change is something that it seems like no one is really ready for. No one has understood exactly how to prepare for it or prepare people for it, the general population for it. And that is no longer acceptable. At this point, we need to make sure that no one is getting left behind as these technologies continue to progress and as they continue to change the way we work, the way we live, the way we play. Like this is not a it was never a game, but it's on at this point, there are plenty of people paying attention to the industry that are basically calling for a pause, calling for us to be more mindful about what we're building and how we're doing that. So I thought it was very timely. Like it's definitely the right time for these types of conversations to be had. It probably should have been happening earlier on, but it's it's an it's the right time now because we've seen enough of the development. Like we've gotten really far with AI and how the different labs have improved these models. Now it's almost like a stabilization arrow. Now we have to see, all right, now that we have these technologies, these tools available, how do we actually integrate them into our society in a healthy manner? That integration is going to require more conversations, more understanding, more communication between the different people that are involved, different institutions that are kind of splitting the power in the space. But as a builder that is either building AI applications or using AI while they're building, you have to be mindful about the impact that the system that you're creating is going to have. And there's always going to be a trade-off. So you need to be aware and mindful of what that trade-off is, what you are giving up in order to build the thing that you are seeking to build. And at least I have a thought, a sense of what that future is going to look like when your project has actually been deployed and released and continues to build. Additionally,

SoftBank's Investment in AI Infrastructure

SPEAKER_00

Softbank plans to invest up to $75 billion inside of French AI data center. Softbank is one of the VC firms that puts a lot of money and capital into companies that are considered infrastructure bets. They make very significant bets in companies like OpenAI, where they have made uh significant bets inside of companies like AI, inside of data centers in Ohio, and even other companies that grew to become unicorns. So the things that they're betting on are likely to be important and likely to be valuable and hold value for the next 10 to 15 years, maybe even more. So I thought it was interesting that they're considering an investment into France, the country, and their AI and their you know, their digital infrastructure, because I don't hear much in terms of innovation from that region, from the EU, Europe as a whole. I don't hear much of the changes or development innovation happening from that side of the world. So it's very interesting to see that this type of investment is going to be made. And so I'm very curious to see how it plays out. One of the most interesting things that I'm not totally sure about like what that means is the fact that most of the investment, at least 45 billion of it, is targeted to be complete or have been invested by 2031. And that's five years from now, and eight years since ChatGPT was first released.

SPEAKER_01

There is basically what I'm seeing is that there's plenty of room left inside of the AI revolution, but in the build-out, especially for the hardware layer.

SPEAKER_00

Like we're still seeing a need for GPUs, we're still seeing a need for memory, we're still seeing a need for power. And a lot of that infrastructure has not been built yet. It's being invested into today, but a lot of those plans and those projects take years to actually complete. So I've seen a lot of plans and targets projections that specifically call out 2031. I think we're still very early into what is going to come from these products. Think about the fact that the models we're using today were all trained starting

The Future of AI and Infrastructure Development

SPEAKER_00

months ago with the infrastructure that was available months ago, with the data that was available months and years ago, right? When we get to 2031, when we get to even 2029, those models will have been built on the infrastructure that is being deployed today. A lot of this infrastructure has been specifically tuned to train AI models, LLMs. And a lot of this infrastructure is being specifically developed in order to run these models. So we might see efficiency gains, we might see significant improvements in the capabilities of these models, all from the infrastructure changes that are happening today. So it's almost like the long tell changes, we haven't even really seen what actually will come from those. So that's very exciting to see. It's definitely one of those things that I think about when I think about what's left with AI, what's left to continue to build. Like, even if you think about the applications that are being integrated with AI, a lot of those applications are recently becoming available. So we haven't even seen the impact they're going to have in the economy in terms of efficiency, productivity gains, or even just the ability for people to do more because they have better tools available to them. So the next I think by the time we get to 2031, that's going to be such an interesting time to be alive to be, you know, seeing what's happening and what's going on. And another interesting point inside of this story is the fact that sovereign AI and investments inside of local regions are becoming a big opportunity for everyone to keep an eye on. If you're seeking an opportunity or some type of position outside of the US, we're going to start seeing those companies, those uh regions actually starting to need the talent. They're starting to need uh data engineers, they're starting to need cloud security engineers, uh, cloud engineers, platform engineers, all of these engineering roles, these high-level tech roles, they're all going to, we're gonna need more of them as soon as we get more data centers. Because the data centers are a resource. Now, to actually get the value from that resource, you need all of these different specialized roles. So that's a great opportunity for people that are looking to kind of expand their careers or their business outside of the US. Right now, a lot of the again, innovation kind of is led from the US side. But if you're you know willing, if you are able and are you know able to take that risk to go across the pond, go across the border

Opportunities in Sovereign AI and Global Talent

SPEAKER_00

and go find another opportunity in a different country like France, like India, like these other countries that are looking for their own sovereign AI infrastructure and looking to develop that, you'll likely see a lot of success in these areas. And that's a great thing. Uh, part of the story that's not told when people talk about the build out of the AI infrastructure, and they talk about a lot of jobs being lost, but they always miss, they always forget the amount of human expertise and amount of human talent and energy that is still required to make these investments valuable. And that's going to help democratize the access to opportunities to everyone across the globe, especially if we start to see these build-outs continue to happen in different areas, different regions. It won't just be centralized and localized to you know one tight community.

SPEAKER_01

And something very exciting to keep in mind.

SPEAKER_00

And even speaking on the centralization of access to technology and the opportunities that those create, one of the problems of too much concentration of this wealth and this technology is the fact that new wealth from tech is actually starting to drive housing costs and make it more unaffordable, unaffordable for certain people. So there was a story that says San Francisco rents have increased more than 20% in the past year, and there are still homes that are selling significantly above asking price and even getting cash offers. Some of those rentals are getting renters that are saying, Hey, I'm going to put down a year's worth of rent up front. That's making it much more difficult for everyday people not inside of tech to actually compete in those markets. It's and in a time where the general feeling, the general uh thought, the general

The Impact of Tech Wealth on Housing Markets

SPEAKER_00

summary is that the economy is struggling and that people are not, you know, having enough money to make ends meet, especially when you know cost of inflation is rising still pretty high, like it's becoming a difficult environment, especially these areas, they're becoming difficult environments for people to you know create opportunities for themselves to actually compete if they're not in tech. And so when you think about some of those jobs that I mentioned platform engineers, cloud engineers, network engineers, like those are the roles, those are the fields where the wealth is being concentrated. They are getting most of the money because most of the value inside of the economy is going into tech today. And so, again, that concentration among you know workers in these roles, founders of these AI companies like OpenAI, like Anthropic, like all these other startups, and investors who are providing that initial capital when so much of the wealth is going to them and they're being able to still compete inside of these local markets and they're competing with each other with significantly more capital, it makes it more difficult for the broader market, the broader community to actually see, hey, this is what I can go do, this is uh the apartment that I can go rent, and it's having actual effects in people's lives. Like we haven't we're seeing it inside of housing, but that same condition, that same reaction can happen with food prices, it can happen with other assets like vehicles, it can happen with anything where you're seeing a large concentration of the or a smaller concentration of the value and the wealth going to one community and them being able to control exactly where that fund where those funds are going. So it's something to keep in mind, it's something that I think everyone should be understanding because right now, if you are not a part of tech, you're going to have a very difficult time accessing the opportunities that could be available to you or that are available to the people that are operating inside of the tech industry. And that's going to create a barrier for you. So if you really want to build wealth, if you want to be part of the community that is still able to afford the things they need to afford, that's still able to live a life in comfort and peace, then you have to be willing and ready to compete in the tech industry. That means you have

The Importance of Competing in Tech

SPEAKER_00

to learn the skills that are required. You have to learn to understand data, you have to learn to understand cybersecurity, you have to learn about technology and how those systems work on a distributed and global scale. Because if you're choosing to ignore how important AI is, if you're choosing to ignore how important cybersecurity and technology is, you're going to put yourself and honestly your bloodline at a very severe disadvantage for the next lifetime, probably. We are discussing the biggest changes that are happening behind the scenes with a community of builders that are helping to drive that revolution. So if you want to secure your seat, let's do that today.

SPEAKER_01

So we're going to jump into the QA section now. How do you pick the right tool for the job?

SPEAKER_00

So the right tool really depends on what you are building and what resources you have

Choosing the Right Tools for Development

SPEAKER_00

available at the time. Because everything is going to be a trade-off. You're going to either have time available, you're going to have money available, you're going to have the energy to learn.

SPEAKER_01

So you have to consider those trade-offs before you even decide what the right tool is.

SPEAKER_00

Because if you have a lot of time and you can spend more time planning the prop the perfect solution, then you can go do some research to find out what the best tool is. And that research is going to take you time. It's going to take you reading through documentation, it's going to take you going through and testing and comparing actual results that you've tried. So that's a very time-consuming process. But if you don't have any time, if you're trying to build something out that needs to be deployed today or this week or this month, and you need to get it out, you might and you have a lot of money, you can just hire someone who actually has those skills and that experience, and they can be the one that finds the best tool. But if you're looking at a project and the turnaround is very quick, then usually the best tool is the tool that can allow you to get started and get the problem solved the fastest. And that may not be the most efficient solution. But a lot of the times, if you can get far enough, if you can get something out the door quick enough, then you can figure out how to optimize that solution later. So it's really not about picking the best tool because you don't have to stick to that tool forever. You have to solve the problem today. And once it's in a stabilized uh status, once you have the solution and you have some documentation in place on what the solution took, once you have some actual test results that say, this is where I see a challenge with the current solution, and this is where I think it can be improved. Once you have that actual experience, then you can start looking at other tools that might be a better tool or the better solution, the best fit. But you don't want to spend too much time uh trying to find the best tool or the most perfect solution because you're gonna lose the opportunity that you had. Maybe that could have been losing a client or losing a you know early place in the market. If you spend too much time, you will lose that benefit that you could have had if you just moved a little bit faster. So a lot of the times, picking the best tool or picking the tool that solves the problem that you're experiencing right now that fixes the pain is going to be the thing that is worth focusing on over any other optimization. That you could do. Because again, you can always adopt a better tool later once you have the resources available.

SPEAKER_01

Like recently, I was building a report for a client.

SPEAKER_00

And we're we're trying to track, well, we're not even trying, we're we are tracking the remediation efforts for the application security program. There are too many vulnerabilities right now inside of their portfolio of applications to count. And a lot of those vulnerabilities are going to require significant efforts from our team to actually remediate. And so we've had to figure out how to prioritize those vulnerabilities to help give a more focused uh target to these teams. Some of that reporting that I'm building and generating is designed to help do just that. And I got an ask that was like, I need today to get some data. I need today, or I need some data available today to tell me what the status is on these applications. And honestly, I think the reporting part would be a lot easier with a tool like Power BI. But based on my own experience and familiarity, I actually chose Python as the tool to do most of the heavy lifting. And most of the heavy lifting being the processing, the uh cleaning of the data that I'm gathering. And then even in the enriching of that data I'm doing with Python. But I defaulted to Excel for actually generating the reports because Excel has pivot tables that just makes it easier to actually show the data that we're talking about and you know, divide it cleanly and in a well understood format. But once I have some time, probably sometime this week, and because I have the process documented now on what data is necessary, uh, you know, what problems I've run into gathering that data and even where I'm getting the data from, what the actual target output needs to look like. I have all of that ready. So it's gonna be much easier for me to go practice and play around with another tool to see how to get that tool to get the output that I want. But it's definitely a better tool because it can automate way more of the process. Today I'm still needing to do some manual work to pull data from different sources because I haven't done that with Python. But and there are some like ownership access requirements that just are much easier to get done inside of the Microsoft ecosystem versus trying to build that uh integration myself with Python. Access management is one of those real problems that are usually go wherever the access is easiest for you.

SPEAKER_01

But so far, the solution was the fastest thing, Python.

SPEAKER_00

But over time, the best long-term solution is going to be something like Power BI because it automates more of the work, it makes it much easier to schedule the ongoing operations of generating that report. But again, I needed a few days to actually settle with the process, settle with what I needed in terms of context before I could go and implement the best tool for the job. Because again, the job, the goal is to get far enough to buy yourself time so you can optimize later. And sometimes it's still gonna be difficult if you don't ever get that downtime or that you know time available to actually go and solve some of your problems, but there's always a chance when you have something to work with to start.

SPEAKER_01

What are the differences between dynamic tests and static tests?

SPEAKER_00

So dynamic tests are tests that you run with the application, or I'll say dynamic tests

Dynamic vs. Static Testing in Software

SPEAKER_00

are tests that test the software by running the application itself, running the code. So that will test the actual logic based on some specific input, some specific variable, some specific state. That's going to be your test with unit, like your unit test, your integration test, your performance testing, security testing, even user acceptance testing. You're trying to make sure that this input actually leads to this output and that nothing unexpected happened in between. That's going to be your dynamic test.

SPEAKER_01

And usually the type of test that you are running is going to determine how the scope of that test is designed to uh function because you may have a system that relies on different applications, different components. The best dynamic test are going to test each of these components individually before you start testing them together to make sure that everything is working appropriately and help you uncover any types of bugs.

SPEAKER_00

Like if you find a bug, you're going to have to run a dynamic test to actually identify where the cause of that bug is. And you're going to have to provide some input. That's likely the input that caused the failure or the scenario that caused the failure to actually determine what the issue was. So a lot of times dynamic tests are going to be more time consuming. They're going to require more effort from the tester and more experience from that tester. And they're going to require you to have a better understanding, a more in-depth understanding about the system that is under consideration. Because you have to understand why something is happening the way it is. You have to understand the business logic a little more clearly than you would if you were just doing a static test. And a static test is going to be a way to validate that software is working or that software is correct without running the software. That's going to be a peer review. So if you think a pull request andor a walkthrough of the code with other people, that's going to be static test. You don't need to run the code to show someone or that this code is supposed to do this. You don't need to run the code to identify that a this function is too large, or this function is difficult to understand. So your static testing tools are going to identify and inspect things like unused variables, dead code, uh infinite loops, incorrect syntax, and even dependencies for or dependencies with vulnerabilities that are known. Those static tests are going to be the early and easiest way to kind of eye check your code and the software because it doesn't require you to spin up any resources to run the application. So you don't need any database costs, you don't need any uh you know any significant time. It does take some experience to actually read and understand what a standard looks like inside of your code base, right? If you're saying that a function from a syntax and clean code perspective should look like this, you need to have some experience writing clean code to understand and identify when there's a difference or deviance, but that doesn't require you to build the application, which in some languages can be pretty time-consuming, especially if you're making a bunch of changes. Doesn't require you to wait for the function to proceed, right? Let's say you have a batch function that is only available to run once a day. In order for you to actually test that application or that system, you have to wait for the specific time that the function would normally be available. Unless you are testing it in a more isolated environment. That type of dynamic testing is always going to require more time from you and your team just because of the different components that are required to get it done correctly. But in any type of software program or technology program, you need to be doing both. Dynamic testing and static testing are both net both necessary to determine and create quality software. Without doing either, you're going to put your users and your organization at a very significant risk.

SPEAKER_01

Why is estimating software projects timelines so difficult?

SPEAKER_00

So if you've worked on

Challenges in Estimating Software Project Timelines

SPEAKER_00

any large software project, you may have found that most of the targets are not often met. And in order to meet those targets, either the scope is significantly reduced, or we expect to blow past the target. And that's really because when you're building something that never existed, while you're discovering the actual requirements or constraints and risks at the same time, it's going to be very difficult to give an exact target. It's going to be very difficult to say that this is exactly what we're going to do and when we're going to do it because you don't even know for certain that that is what's going to happen because you haven't done it before. So it's easier to say and give a target than to actually meet that target later. And unfortunately, a lot of teams are used to doing just that. If there is some planned work or planned activity that you do daily, you can say uh you can give a reasonable expectation that, hey, this will take this much time because you have calculated how long it took to do that in the past. And you have some historical reference to base that timeline and decision off of. That's not very straightforward, and that's not something that you can just give a timeline on or an accurate timeline on too easily. So I would say that even also one of the most important considerations that many estimates don't take in consideration is the organizational effort and the fact that you have to do change management whenever you're making a change or you're planning some type of change. You have to align that with the current business processes and the current people in place and the current technologies to make sure everything still works after your change. And then you have to document that change. And that documentation could be diagrams, it could be run books, it could be anything that is required to make sure that other people understand what is happening and you increase or decrease your bus factor risk. And then other things that could expand the timeline, include requirements gathering, which could add weeks to a project because now you have to go have conversations with people and you have to get buy-in, you have to get alignment with people that have different schedules, they have different uh priorities, they have different things that they're working on. But you, in order for you to move your part of the project forward, you have to make sure that you understand and have some alignment with that. So, this is a very challenging part of technology service management and making sure that you know applications are released on time or development work is being done on time, as well as just making sure that any initiative or effort is actually getting the appropriate focus that it needs.

SPEAKER_01

A lot of the times, if you give an estimate, there's I guess there's two ways to think about it.

SPEAKER_00

You can go through giving an estimate and kind of just give the a tighter deadline for yourself and your team, and that can help put a fire under everyone's behind to get them moving faster. That can work. Still likely to blow past that timeline or that estimate, that ETA. Still likely to go blow past it, but sometimes having a tight deadline can get people to move a little bit faster. If you do give your team a more accurate or more likely deadline that is a little bit farther out, a little bit more, gives you a little bit more cushion, there's a potential that people will end up dragging their feet until the last minute. Procrastination is real, and that will happen in a person's individual's life, but it will also happen in a team or an organization if you don't have some controls in place and some ways to keep people accountable to those timelines. But definitely an important thing to remember with estimating that the easiest way to give an accurate estimate is to give estimates on the parts that you can own completely. Whenever you have a system that relies on other third parties, whether it could be a different team or a different organization completely, those projects are always going to require more time and more energy because you have to get alignment, you have to get buy-in, you have to have those conversations, and those conversations always require more cycles than you can expect because just syncing people up is difficult. Everyone has their own priorities and responsibilities, and again, it's easier to say, hey, I can do this amount of work in this much time because I have done it before. So though that's the thing to focus on. If you can get enough reps inside of the operation or inside of the technology, inside of whatever the thing is that you're planning for, you can get enough reps to more accurately be able to say, I know this task will take this much time, and I know this task or this activity, this project will take this much energy, this many people. Usually the best way to give a more accurate estimate for that is to just have done it so many times that you can actually call on that experience and that wisdom to say, hey, I know the type of lift that this is, and that's more likely to give you a more realistic timeline versus just guessing and thinking that you don't need to do the research. But builders should always plan thoroughly and be realistic about the things that they control and things that they cannot. You never want to give an estimate that is too far from what you can actually accomplish. Because whenever you blow past a deadline or a timeline, it's going to make it more difficult for that client or that team or that stakeholder to trust you in the future because you have messed up and it just makes that relationship a little bit more difficult. So always focus on increasing the accuracy of those estimates to make sure that everyone is on the same page about what can actually be accomplished with the time available.

SPEAKER_01

What are known exploited vulnerabilities?

SPEAKER_00

So known exploited vulnerabilities, Kevs are security vulnerabilities that have been confirmed to actively be exploited by attackers in the real world.

Understanding Known Exploited Vulnerabilities

SPEAKER_00

So the Cybersecurity and Infrastructure Security Agency, CISA, keeps a list of vulnerabilities that have actually been used and used to target organizations. And that list can include vulnerabilities inside of vendor software, uh, open source software, or any other technologies that have a CVE attached to them. But it's basically a way for the world to understand that these vulnerabilities are being used to actually compromise systems that are in production. So that can give you an understanding of what the actual threat environment is for you and your organization, versus saying, hey, we have these vulnerabilities, but these vulnerabilities may not all be worth prioritizing, especially considering that only some of them are going to be used by attackers, and others are going to be fine, not like moving forward. So if you think about the Kev list as the intersection between vulnerability management and threat intelligence, because we're going beyond just saying this weakness exists, we're saying this weakness exists, and there is a person today that is going to go exploit that weakness and take advantage of that weakness inside of an organization like ours. So that gives you something that you can focus on. Because a lot of the time in cybersecurity, teams are overwhelmed with the amount of alerts, the amount of vulnerabilities, the amount of things that they have to prioritize and focus on. When you're looking at a vulnerability list and it says 10,000 or 50,000 or 100,000 or even more vulnerabilities, you can't look at all of those as a priority. Like can't you can't give them all the same priority. So when you look at a Kev list, then you can say, hey, I'm going to prioritize the vulnerabilities that are most likely to be used. And that can help you make a more manageable list when you're developing your cybersecurity program or you're creating a priority, or you're trying to figure out what I should focus my engineers on this week, given our limited resources, limited time, limited just everything available to actually manage these resources. So it can definitely help you reduce risk without the added stress that you could potentially have on your team. Because the goal is not to prioritize every vulnerability in your system. Like again, you can potentially see millions of vulnerabilities depending on how large your application is and how distributed that system is. And a lot of them are usually going to be duplicates too. But that more manageable list that you can use to prioritize is going to make your job a lot easier. And even thinking about the exploited vulnerabilities, TSI keeps a list, but also the OWASP top 10 is another example of exploited vulnerabilities, right? Like if you're thinking about the tactics, techniques, and procedures that attackers are actually running, they're going to run say those attacks usually use and are added to the OWASP top 10. Right? These are the top 10 vulnerabilities or categories of vulnerabilities that an attacker is most likely to. Go exploit. Again, it's these types of vulnerabilities are going to indicate more risk. If your job is to limit and minimize the risk to the organization, you should prioritize the vulnerabilities that are more risky. Not more severe. You may have a more severe applic of application vulnerability, but it may not be as risky because it's not a part of the OWASP and it has never been exploded in the wild. So it might just be something that you can wait till later. They all need to be remediated. But we don't have to do it this month. We have other things we can do this month that are worth more energy.

SPEAKER_01

How is there so much wealth in the tech industry?

SPEAKER_00

So even going back to the concentration of wealth inside of areas that are more tech adjacent,

Wealth Concentration in the Tech Industry

SPEAKER_00

like San Francisco. The tech industry has always and will always accumulate and concentrate most of the wealth inside of the economy, inside of the world, and just in general. One of those reasons is the high profit margin available in technology. So if you're building any type of software application, the cost to serve that first customer to build the app, to build the automation, to build the thing is going to always be high. It's going to be whatever your development costs are and the time available or necessary to build it. But once you have that product or that system, that solution built out, every customer after that first one becomes infinitely cheaper to service because you already have the product. You're serving this product, this digital product, to one person or a million people usually cost the same. Where every meal that you provide to a customer is going to require a specific amount of funds to service and deliver that meal to that customer, to that new customer. So each new customer is going to cost you relatively the same amount. We don't have that problem inside of tech, which creates very high profit margin. Additionally, tech companies are selling products to every industry on earth. And that makes it one of the most resilient sectors because you're always going to need those sectors to exist, but they're always going to need the tools and technologies that they rely on to do their jobs and to operate those businesses. So there's some resilience in there, there's some long-term value inside of technology, especially the more you think about the infrastructure and the hardware layer and those aspects that really cannot be replaced by anything. And then because of the high profit margin in technology and the high growth and the long-term value of technology, most of the time investors are going to overindex on technology companies and pour significant amounts of investments into those companies, whether they are profitable or not. So there's always going to be investment into technology which allows those companies to grow faster and innovate more than other industries are able to innovate and kind of get those benefits. So if you're thinking about getting wealth in tech, remember that experienced engineers are always going to be able to command a high salary because the technology industry is generating so much value for the world and society as a whole. So if you know what you're doing, if you have actual experience maintaining distributed systems, if you have actual experience securing applications, if you have actual experience being responsible for a system that is supporting millions of customers, then you are something you are someone valuable to the tech industry, and that value is going to be well compensated. And that could be well compensated in salary, like fixed income, or it could be well compensated in terms of equity and the amount of uh skin in the game that you get from working inside of a company that is growing and getting you know bigger over time. But the amount of value that is created from technology, especially when you have a well-executed idea, is going to be immeasurable. And that's why you start seeing the high concentrations of wealth inside of tech companies and the people that are attached to those companies. So if you want to get your finances right, if you want to make sure you are securing that bag for yourself now and in the future, definitely figure out what angle you can get into tech because it doesn't always have to be engineering, there are other spaces and roles that are tech adjacent, but figure out what piece that you can get inside of the tech industry to give you the most long-term value for you.

SPEAKER_01

And quick mindset rest uh structuring today.

SPEAKER_00

Uh something to think about is don't worry about what everyone else is doing because you have your own mission, you have your own goals, you have your own objective,

Mindset for Success in Tech

SPEAKER_00

and you have to put that above everyone else, right? The people around you may not agree with the things that you're doing, they may not understand why you're making every decision that you're doing, but you have to have immense confidence in what you are doing and what you are building in order to ignore those voices. And I'm not saying to completely ignore every perspective that exists around you. You don't want to put yourself inside of an echo chamber that allows you to, you know, miss out on the things that you need to be focused on or miss out on the things that could help prevent you from making a mistake. But you have to remember that the things that's good for everyone else may not be good for you. You understand what you want, you understand what your goals are, and you are intelligent enough to structure a plan that can get you from where you are to where you want to be. And as long as you have that plan in place, you have that why established, and you are being clear about where you are today, then you're gonna be fine. So if even if you're doubting a decision that you've made, you're you should remember that you're the only one responsible for the outcomes in your life. You are the only one that's going to feel the impact of the losses or the wins or any failure that you happen to go through. So no one's out, no one else is gonna take that the same way you take it. No one else is going to have the regrets that you have when you feel how you feel about it. So remember that. Remember that you can't, you're you're never gonna live through someone else. So it's never worth following what everyone else is doing, it's never worth being too concerned about what's happening all around you because that's not gonna save your life. That's not gonna be the thing to change your life, that's not gonna be the thing to make you happy. You gotta focus on your goals. And if you focus on your goals and the things that you want, they're going to decrease, not totally removed, but it'll lower the chances of you doing or not doing the things that you know you should be doing because of you know fear of judgment or even a desire to be down. Some people are not where they want to be in life today, not because they aren't good enough, not because they don't know what they need to get done, but because they wanted to be doing what everyone else is doing because they thought they wanted to be cool to every these other people. Even if you're cool to them, it doesn't matter because in a few years, when you haven't done the things that you wanted to do, when you haven't hit the goals and the milestones that you wanted, you're not even gonna be cool to yourself. And that's gonna be a very difficult situation to be in because you have to live with yourself with that decision no matter what. So, again, focus on you, block out noise, not even the haters, the noise, block out the noise and the things that you think people want of you, and really just go uh blondes on attacking your goals and the things that you want in your life. Before we get out of here, quick announcements. Uh, one, it is pride month tomorrow, June 1st, so the entire month of June. So, everyone in the community, uh, you know, happy pride month. Enjoy your you know, celebrations and the likes. Um, happy birthday to my cousin Hassan Sunny, uh West Side Forever, right? Um, love you, Couso, and I hope you are feeling good at your big age. You said you are um well you're half a fit, you're half of a hundred, but we will definitely see what's going on in the next 10 years. So I want

Community Announcements and Closing Thoughts

SPEAKER_00

to see you still here, still happy, still healthy in the next uh decade and even more. So let's really get you to 100. Uh happy birthday to my grandmother. Uh, love you very much. Thank you for all the you know the love that you put into me. I hope you are feeling great. It's great to see you with us, healthy and happy and moving about, especially considering some of the challenges that you've had in the in the past. So uh definitely love to see you, grandma.

SPEAKER_01

Um and you know, we're gonna definitely uh have a good time.

SPEAKER_00

Also, the I Self-Express 210th annual self-esteem awareness walk is happening on June 20th. Uh, the Build Learn Impact crew will be in the building. I will be there speaking some motivation and wisdom into the community. Uh, so stay tuned for that. I will put the art the link to RSVP inside of the uh description. But definitely check us out there. And New York Tech Week is happening starting this week from the 1st to the 7th. So if you are in the area, um if you are interested in the tech industry, whether you're a founder, an engineer, a recruiter, or an investor, uh definitely check out some of the events happening and see how you can you know get more connected with the people around you and find that partner or that team that will help boost you and drive you to the next level. So a lot of that um happening this week is going to be very exciting. I will be attending a few of those events, shaking a few hands and learning some things along the way. So I look forward to seeing all of y'all. Um, and that's all we have for this week. Happy Sunday. Enjoy your week, be great, be happy, be healthy. I hope everything that you are desiring to build, you build and you enjoy the fruits of that project and that creation that you brought into this world. So I'll see y'all all in the next week. Uh peace out, and I will see you. Peace.