A

This episode is brought to you by.

B

Chiefaiofficer.Com Most companies know AI can slash costs and free up teams, but they get stuck on the first step. Chiefaiofficer.com can identify your highest value, use cases, train your people and build the workflows that do the work for you. Book your free private 15 minute executive briefing by going to chiefaiofficer.com and scheduling a call. You'll leave with a clear, no jargon roadmap for your goals. Now enjoy the show and a quick.

A

Note before we start this episode. Starting August 29th through October 29th, we're actually taking our AI executive immersion on the road. This is a free half day in person, no fluff workshop for executives of lower middle market and above sized companies. You'll leave with a 90 day plan, a simple AI policy and guardrails, and a personal AI stack that gives you hours back every week. If you'd like to bring your executive team at no cost, go to chiefai officer.comroadshow to see the dates and locations where we'll be. Seats are limited to keep it hands on. Hopefully this is an opportunity for us to meet in person and for you to learn exactly how we're teaching busy executives to take advantage of AI in their role and across their companies. Now let's start the episode. Welcome to Using AI at Work. I'm your host Chris Daigle. Each week we'll be learning how today's business owners, entrepreneurs and ambitious professionals are getting more done with smart use of tomorrow's tech. Let's get started. Hi everybody. Welcome to Using AI at Work. And today is a topic that I have a lot of personal interest in with our guest, Oren Michaels. He's the founder of Barn Door AI. And Oren, before we get started, if you don't mind, maybe take a moment and just kind of share kind of what your background has been and how you arrived here today.

C

Yeah, my background is I was trained as an engineer but haven't really written code in a very long time. I'm more of an entrepreneur, a serial entrepreneur. I started a company in 2006 called Mashery, which was a platform for API management, which is AI with the P inside it. And that is that was a means of connecting companies together and building, you know, new ways for companies to do business with each other. And what I found after building that company, I, you know, sold it to Intel. It was a good exit. Was working on advising a lot of companies and I noticed as the AI thing started happening, yeah There was a lot of questions around how you can get AI to really be an effective tool for enterprise deployment. And there was a lot of conversation around how it just wasn't happening yet. That I felt that there was a lot of similarities to what we saw back in the API days that yes, it's a technology, but you really have to look at a business first and how do companies actually do work? How do people work in companies and how can AI make them more productive and more effective at actually doing their jobs? And I felt there was not really an approach being taken for that that was, that was bearing fruit. So I started barn door to build what, what we believe was necessary for AI to be an effective tool in the enterprise.

A

So, and again, as I referenced earlier, we kind of focus on the non technical discussion related to generative AIs application in business and producing more, faster, better quality, blah, blah, blah. One of the things that we've noticed a lot with clients recently, very eager, like the market narrative is accelerated to the point to where I don't think, I think they're aware that sitting on the sidelines is no longer an option. But the number one thing that they're concerned about is the security angle, the governance angle and sort of thing. And that's just with using like chat GPT business.

C

Sure.

A

But you guys are actually focused on almost the next step of AI. So can we talk a little bit about that?

C

Yeah. I mean, what chat interfaces do very effectively, they basically suggest things humans should do. They give you a lot of information and you say I need to do this thing and here's my context and here's this. And if I'm good at prop engineering, I give it a bunch of stuff and it says great, you should do these things. And what agentic AI of course wants to be is let's skip the step of telling me to do the things and actually have the AI go do those things. Right. But what is scary of course is that AIs are, they have a pretty large blast radius, right? They, they can cause a lot of trouble very, very quickly. And, and also you know, the fact that, that a user asks an AI to do something if they don't do it exactly right or even if they do do it exactly right, there's oftentimes the AIs will go off and do things that weren' right. And so we sort of treat this, we like to say that, you know, these AI agents sort of show up to work as a really enthusiastic intern. They don't necessarily have all the context they don't have all of the knowledge and they, they really need to be sort of monitored and watched and given gently increasing levels of authority, responsibility and access as they sort of prove themselves to be worthy of that. And that's kind of how we manage new employees and people who maybe have a lot of education but don't yet have all the context in our company.

A

So in 2023 we launched our business which was primarily focused on upskilling non technical business professionals on the use of generative AI, specifically ChatGPT in their business. We were early 2024, I thought for sure. I mean, because I was seeing the impact it was having thought for sure 2024 was going to be the year and for us it wasn't. Now this, this year that's changed. It's the acceleration of, of interest in adoption has certainly grown. But that's just like chat interface with Chad GPT, you guys are focused on like agents.

C

Yeah. Well, think about it. That ChatGPT is, I think part of the reason it took longer than you expected is that the chat interface and the concept of do it, of chatting in that way isn't a natural workflow for most people in most jobs. One of the jobs that really is a natural workflow is coding. Like in coding you have a problem with your code, you take your code to a smartPhD that happens to be your CTO, you say, here's my code, please fix it. You know, help me fix this and make it run better. And so as, as engineers began developing these LLMs and these interfaces into it, that became a very natural thing because it was kind of natural to how the engineers worked. But most of us in most business jobs don't start our day chatting with a PhD about what we might think about doing. We actually sit down and we access some tools, we access some data, we do things to that perhaps we create a work product and give it to our boss. But that is a different thing than this constant chat. And so if you just hand a chat interface that looks kind of like a Google search box to your average employee, they don't really know what to do with it. And as you know from what you do, it's just not that simple. You have to give context, you have to really, to gain that kind of benefit. It's kind of like managing a, you know, a human employee that doesn't necessarily have much context but has a lot of intelligence and, you know, sort of is there to help. And people needed to understand the possibilities of what to do with that. And really see examples of it. And I think with the agent thing we're kind of in that same situation right now where people need to really look at companies that are succeeding and getting, getting actual value from agents doing things. And if you start seeing what happens in businesses that are kind of like yours or jobs that are kind of like yours, then you'll be able to start, start putting that to work in your own context.

A

How would you. I guess we should probably start it here, but how would you define an agent?

C

An agent, it's essentially what we talked about before, but it's, it's. An agent takes action rather than merely suggesting action. Right. So an agent in a very basic sense an agent not doesn't just read and tell you something, but it actually takes, it can write back to things, it can perform actions, it can, you know, or a human, it can click on things, it can write things, it can delete things, it can insert things, it can do those various things. So going back to the API world and for the non technological technical audience, API Application Programming Interface. It's basically an open pipe into and out of a computer or a software or product that allows you to programmatically so it allows one computer to read and potentially write into that piece of software. And it's how you know your mobile apps book a hotel room on a mobile app. That app talks through an API to the hotel system. Books. Right. So, so in that example, a non agentic thing, a read only thing would be tell me the hotel rooms that are available and, and look at my schedule and look at my, when I'm traveling and look at the weather and recommend a resort for me to go to. That would be a, something you could probably do with, with your average chat interface. But then if it's going to be, and then use my credit card to book the hotel. Well now we're starting to get into the realm of, of an agent actually taking action.

A

So the, the, the, the word, the vocabulary of agents has been around, you know, familiar with it and at least the concept of it, the, the performance and application like delivering the result of what I thought it could do. Getting better for sure. Are, are you finding that we are still in a like a super nascent stage?

C

Very much. And, and you know, you, you think about these agents. Each of the agents have means by which people will tell them what to do. Right. Some of them require you to really kind of know how to code. Others are more plain English. But then the agents typically then are talking to some AI model behind the scenes that's actually sort of helping tell it what to do. Right. So there's that level of complexity and then as with humans, some agents are better at some things than other agents are. Right. And so there's no sort of one size fits all. The big AI companies are all wanting to be the only AI you will need. And so they're now saying, okay, we're agenta great, so that's fine. But they may not be the best tool. Most of us who use tools for a living realize that the universal tool isn't really a thing and you really want to have the right tool for the job. And so trying to get a tool that's intended to be the everything tool, do very specific things is always going to be kind of difficult to do. So I think what we're going to be seeing is purpose built tools that initially will handle fairly narrow tasks, but do them incredibly well. And then as creative people start seeing some of these things that are happening, they'll say, well, if you can do that and that and that, well, how about this thing over here that, that we, the humans can't even really do much at all, but we can maybe get agents together to, to, to succeed at. And I think that the, the innovation is, a lot of the innovation is going to come from folks, not necessarily, you know, Joe over in finance grabbing an agent to create a finance report, but people who are really fundamentally very good at, at solving business problems with technology, figuring out how they can do so more efficiently and effectively using these new agentic tools.

A

So we're kind of going stream of thought here because this is a topic that I'm, I'm eager to master because of the demand from clients, or at least the expectations from clients when it comes to this word agent, you know, people. And, and when Chat GPT 3.5 came out, there was this narrative in the market about it's going to be taking jobs. Chad, GPT is not going to take anybody's job. Right. However, an AI powered agent is really what they were fearful of.

C

Right? Like, like they're fearful of the concept of it. But yeah, so, so I would say ChatGPT is not taking jobs necessarily, but it is certainly changing how work gets done in a way that in theory certain kinds of jobs can be done with fewer people, but that's what technology has always done. Industrial revolution picketed Excel, didn't put all the accountants out of work just because Excel came to exist. Right. It just gave them tools. We probably have more accountants today than we did back when Excel was first brought out. So I think that here you have, you still have a level of how do you take the humans who are, who, who are doing the creative thinking and coming up with the ideas and saying I want to build this kind of business and giving them tools to do so more effectively, more efficiently, less expensively, faster, et cetera, and really removing a lot of the rote elements of work that really are kind of someone saying the sort of soul crushing, repetitive work as opposed to the actual true thought work.

A

So I can train a human how to use chat gbt. I can tell them, hey, don't put this in there because of data issues and things like that. And the human still has the discretion before they hit enter.

C

Absolutely, absolutely right.

A

To be able to review the policy or the guidelines. And there's still, the business owners are still fearful about that leading issues. And you mentioned blast radius earlier with agents that, that human discretion isn't present before the document.

C

There's two things that the agents don't show up with. One is a conscience, what you call it a discretion. And the other is a fear of being fired. Right. Agents have neither of those two things. And so if you have employees who have no conscience and no fear of being fired, problems will happen. Right? Yeah, right. And so how do you then choose to manage those folks in a way that will still allow them to be effective? Well, you can't really drill inside their brains and see what their intentions are, but you can watch what they try to do and watch what they succeed at doing and see if that makes sense in the context of what you're asking them to do. And that's essentially the product that we built is a means of saying, okay, I have tasked this agent with doing these things on behalf of that employee who has certain roles and access that they can have. And now I have full visibility. As the agent goes off and tries to do things, I'm watching it. It's attempting to access that record, it's attempting to write this thing, it's attempting to pull data from over here. And if those actions are consistent with what we are expecting the agents to do, then we will start allowing those actions to take place when the agent attempts it. But if you start seeing the agent attempting to do things that are outside the context, like having an employee who is supposed to work in this part of the company and they're randomly overlooking at stuff over there that might be a problem and you probably want to take a look at that and see what's going on. And, and so it's it's really that mentality that we have to, that we have to, to bring to bear here.

A

You know, we were just in Orange county working with some clients and they had some, some questions about the introduction of AI and it was fearful questions, but it was, I had this realization that it doesn't matter how scared you are, if you want to compete like the arms race has begun, do this.

C

You have to do this, you have to do this.

A

The challenge, I guess would be those frameworks for the control, the observation, the measurement, the.

C

Absolutely.

A

And that's where Barn Door specializes.

C

That's correct, right, yeah.

A

What constitutes a viable framework for governance at the agentic level?

C

Well, so it's context, right? So if you're talking about humans again, they come with the conscience and they come with a fear of being fired. So you have that, but you still say, okay, we have a company, we have probably some kind of an identity access management system that says a person who has this job description and is named this and is at this level in the company gets to do these things. And there's systems that exist to do that. That's one element with the agent. So with an agentic question, it's okay, you have, you're doing it on behalf of this person and they have certain rights. Then the next question is, well, what is the agent? And is that agent an agent that we trust to be doing certain things? What system are they trying to access to do this? Again, agentic things, both read and write to things you use salesforce to Gmail to data stores, to notion to whatever it might be. Right. So what are they trying to access? What specific task are they trying to do? We might say, well, based on all these things, we're okay with agents updating certain fields in this record, but we're not okay with them deleting them. We're not okay with that. You know, so there you start sort of narrowing down and you know, an agent working on behalf of the VP of Sales might be allowed to change the value of an opportunity, but working on behalf of an SDR is not. Right. So all these different elements of context or sort of vectors that come to a, a central point and the intersection of that point is either yeah, that's okay for the agent to do, or no, it's not. And, and so it's, it's that kind of, of decision making process that, that has to exist for each thing that an agent tries to do.

A

Okay, so, so that's helpful that you would essentially map the permissions that a human would have over into.

C

But it's the agent. But it's generally a subset of that. Because then you say okay, but the agent. Because of the power of an. In many ways, you know, the power to do much more, much more quickly than a human. You then further limit it based on how you see each particular agent attempting to do things or not.

A

Okay, helpful. Where would you suggest companies that are, I guess, have adopted more than perhaps their competitors and they're ready to take it to the next level and really explore agentic application within their business? Where would be some of the areas where the trial and error would be less risky that you would suggest they get started?

C

Well, if you, if you sort of look at all the various, I'm sure you know, you've had various guests talk about this, but you look in each area of a company, right? And depending on the area of the company, there are different tasks and different things that people need to get accomplished where they can do it better, stronger, faster. So if you look at marketing, right? Marketing has not just automation tools, but there's a lot of ways where you can really use agents to automate the process of managing and running, let's say campaigns or doing a lot of. We're using them. For instance, I have a bunch of investors in my company, I have agents that sort of go through their portfolios, go through certain context we know of for what makes a good customer prospect for us, does some research on the web and basically helps me create things where I can go to my investors and say, please use this to make this context, this introduction to that CEO, right? So, so low risk, low risk, right. But it's actually accomplishing things and it, and they can actually generate these messages and send them on fairly low risk, right? Higher risk would be actually, you know, but you know, we do this already. If you advertise on Google, you're saying to Google, here's you know, $5,000 and it's an agent that's going place in those ads, right? So whether you like it or you may not be running that agent, but an agent is doing that for you, right. That is entirely automated through AI and through an AI that actually takes action, right? So, so you're, most of your listeners are probably already using some form of that, whether they, whether they think of it that way or not, right? So then you know, again, finance another element. There's a lot of repetitive work that happens and that you can sort of spot check afterwards to make it, make sure it's been correct. But you know, I, I have I, I think the days of waiting, 30 or 45 days after a month or quarter ends to have reporting is going to become 30 or 45 minutes and then 30 or 45 seconds. Right. It just seems a lot of that is very repetitive work that you can create and work in that way. So if you sort of go through each of these things, there's a, there's a company actually along the board of IT that redlines contracts. Right. You get a contract and you either redline it or you get the red line back at your sales team and you say what you can and can't accept. And that's an AI workflow that it's low risk. It's not going to destroy, you know, reams and reams and reams of data overnight, but it is going to accelerate, hopefully accelerate revenue. Right. So looking at the places, it's also look at the things that are kind of needing to get done repetitively in order for you to be successful at whatever you're trying to do, but that are not requiring the brain power of the executive doing it. And let's try to make those things happen more quickly.

B

I hope you're enjoying the episode. Did you know that while you're listening to this, competitors are already boosting EBITDA with generative AI? If you're still stuck in pilot mode, margin and market share are leaking every quarter. ChiefAIOfficer.com guides executive teams through the three moves they need to be doing. Identifying the top AI plays that will lift revenue or slash cost within 90 days. DE risk adoption with team training, airtight governance and change management.

A

Best practice.

B

And then building and Deploying production grade AI powered tools. No extra headcount, full ROI. Tracking the results. Operators at scale. Generative AI cut process costs 22% last year. Let's talk. Claim your free private 15 minute executive briefing by going to chiefaiofficer.com and walk away with a board ready roadmap slots fill fast, so lock yours in now. Enjoy the rest of the episode.

A

So does barn door come in once the agentic architecture has already been developed and then introduce the governance layer or are you guys actually being involved from the idea?

C

Ideally, we want to be involved beforehand, hence the company's name. You want to have the barn door closed before the horses all get out and bad things happen. Right, but so there's a protocol that has been brought forth in the last six months called MCP Model Context Protocol and it's a fancy, you know, acronym for how AIs and agents talk to systems that are out there, whether it's, it could be Salesforce, it could be notion or it could be internal personal stuff. Right. So that protocol is very, very effective. However, it does not come with any security. Right. There's no, it's, it's essentially the pipe and the language and the conversation but no rules. And so if you're going to make use of this protocol, MCP to have your, whether it's your chat or your agents interact with these back office systems that you're using in your company, you need to have the visibility and the management and the governance or else bad things are going to happen. So if you're contemplating anything that uses MCP and most people are at this point, they sort of say the S in MCP stands for security and there is no S in mcp. Right? So, so you need some means and sellers. There's there, there are some sort of ham handed ways of doing this where it's just, okay, well we'll see what the agent is and if we like the agent, we'll let it in. Well that's, that's, that's only part of the context and the human is part of the context. And what you, so all these things context together again sort of meet in the middle to determine what the, you know, what you should and should not be allowing to happen in each of these times.

A

Has the, I guess the prevalence of MCP accelerated interest and demand from your customer profile?

C

Absolutely, absolutely. And for two reasons. One is that the positive of it is that it really allows go back to how people do their job. Right? It allows programmatically allows an AI or an agent to access all the tools and the systems and the data that the humans were doing in their jobs and accessing their jobs. So that was one element that really the existence of MCP is really accelerating the move to agents. But the flip side is that since there's lots and lots and lots of MCP servers out there and they're not terribly secure at this point, there's a lot of fear that if you start hooking up random MCP servers to any agent you want that you will suffer data leaks, you will suffer prompt injections. There are all these, you know, all these horribles that can happen if you don't have governance and visibility into what's going on. And so every single customer call we have, one of the first questions is how do you deal with and manage around unsanctioned MCP traffic where people, yeah, they're, well, mean, they just want to get their jobs done but yeah, but there are, there need to be governance on that in order to keep unintended consequences from happening. This is a really interesting thing around AI and around agentic in particular. But really all AI. When you think about security for AI, if you think about cyber security in general, it's usually this concept of the nefarious actor is trying to get in and steal your stuff. Whereas with AI, most of the security issues are around well intentioned people in your company trying to get their job done and not necessarily knowing the consequence of saying to an AI, go do this. And so it's really the security thing has to be there, but it is more than merely securing yourself from intentional bad actors.

A

So just out of curiosity, you mentioned earlier that when you're on the phone with clients, what roles are typically represented on that call on the client side?

C

So it's interesting at this point you have a great name for your company. Chiefai officer.com. that is a thing, Right. I actually spoke at a conference for an entire conference for chief AI officers, which I don't think such a conference existed a year ago. Right. So there is often that role. But what I usually say, it's the person in the company. Everybody has a mandate to figure this out. So there's someone in the company where the CEO said to that person, you go make AI happen. And I want to see real results and ROI from it. Every company has a person, the CEO has said that to that person. It could be a cio, it could be a ciso. We're seeing HR people having that role. We're seeing sometimes it's just a line of business person, maybe a CRO or a product. You know, it happens if the company's big enough, they have an innovation group, but there's some place where that is happening. Right. So they have an issue. Then there's usually someone on the call who's actually from a line of business person. Because you think about it like your CIO and your ciso, they don't have an, an AI need. Right. They don't care either way. Generally it's not going to change their lives. They're not the one who are being told unless you use AI, you're not going to hit your number, you're not going to sell. So someone needs that to happen. So they or someone on their team is usually on the call. And then there's usually. Because this is sort of a mix of security, traditional, you know, security with a capital S security as well as this other issue that we just talked about. But there's usually someone from the infrastructure slash security realm who is on the call as well because they, they need to be satisfied that whatever you're doing here is actually going to be a secure situation. So it's usually a group of folks that sort of meet those various Personas, generally starting with whoever is sort of leading the charge on coming up with, with, you know, AI wins for the company.

A

Let's, let's say a client engages with you guys. How quickly are you able to start to introduce the result that Barn Door brings into their efforts?

C

It's really quick. I mean the deployment is very simple and you know, software is a funny thing and enterprise software is a funny thing. The concept of integrating these things, particularly since there's a protocol like MCP that is established, right. We drop our proxy and it can come in, you know, it's containerized, we'll get know there's the geeky stuff. But the bottom line is it's very simple to drop in. And then we simply, we know we have an interface and we spin up, you know, a new, a new client for it. You know, Salesforce was a big early place where the concept of, you know, implementing a new customer was, you know, you enter the customer's name and say go, and you have a customer. Right. So software platforms have evolved to a point where that part is all pretty, pretty easily done.

A

This governance again, the fear of the unknown for at least the clients. And we focus on like lower middle market and we don't really mess with enterprise. So it's a different conversation. There's people probably wearing multiple hats that you guys don't encounter necessarily at the enterprise level. They may not know what a good governance framework or policy looks like.

C

Right.

A

Do you guys advise them on the development of it?

C

Sure. But they, they actually probably do know what it is because one way or another, let's say they run Salesforce, right? You're running Salesforce. You have someone administering that, that instance of Salesforce who has decided that this group of people are allowed to do these things, but that group of people are not allowed to do those things. That administration and managing that for each of the pieces of software and tools that you use, that's a known set of issues that comes into the enterprise. And so what's interesting about this move to the agents is it's essentially just that on steroids. So you have that set of issues plus the issues that are inherent with having, you know, these, these very powerful workers that show up without a conscience and a fear of being fired. And so really the, the advice we give that maybe is a little bit different, but it's kind of, it's an extension of how these companies always, always done it before is start small. And you know, start with start. Start by saying no, see what they try to do, and, and then gradually give more and more, you know, access. Keep things narrow until you truly trust them. And if you're going to have new use cases where you're, where you haven't necessarily deployed it, perhaps create a different Persona around that so that you, you basically, oh, we've got this new use case. Okay. Once again, we're going to start small and gradually let it, you know, let it move out. So, yeah, we definitely have folks who know how to, you know, engage with, with our customers and help them do that. We just, it's really comes down to what is the culture of the company in question in terms of how open and trusting they are.

A

So the typical client that you guys work with is enterprise.

C

Yeah, it's usually it ties into an enterprise access management system like an Okta or a Microsoft Entra or something. Right. So our customers are large enough to use something like that, which means they have roles, they have levels. So it's usually hundreds or thousands of employees, not a dozen. Right. Because if you have a dozen employees, you probably aren't running something like that.

A

Right.

C

And your biggest issues are not really around. You kind of have an eye on what everybody's doing. So I would say that the size range really starts in the hundreds.

A

So for those clients that are listening or those listeners who are listening to this podcast and have probably already maybe gotten started with the agentic side, but didn't necessarily think about the barn door element of it. What would be some advice for them? The same. Start small.

C

Start small. Definitely. I mean, I think it's, it's. And, and just, you know, again, you think about how you bring a new employee on. Right. So if you have a, you just hired this young person straight out of college with lots of excitement and lots of energy, and you're going to give them something to do and then you're going to go look and see how it went, then if that went well, you'll give them something else to do and maybe you'll start letting them come up with things to do on their own. But no one succeeds in business without keeping an eye on exactly what's going on and testing things and then seeing how they turn out. That's kind of how we do it.

A

Okay, so that's not too scary.

C

No, no, it's not. It's, it's. I think it's a lot of it comes down to understanding the difference between. And Jensen Huang at, at Nvidia said at the conference of that, he said, you know, you, you have your, what he called your biological workforce that sort of managed by HR and you now have this agentic workforce that's managed in his mind by it. I think it's a little more complicated than that, but essentially it's a different workforce. Try to understand the differences between how the humans work and how the AIs work. And if you understand that difference, it's kind of like understanding the difference between a person with this set of training who works in finance versus that set of training who works in marketing. Right. And, and the more you can think of it in that terms, the more comfortable as a manager you should be in managing this workforce and getting value out of it.

A

So you mentioned that it's a little more complicated than just having the IT team handle that. Is that because the agents are mimicking human?

C

Well, partly, but it's also because we're going back to. It's not just traditional cybersecurity with a capital S. So you take your go to the enterprise, right? You have a security person. Usually that's a title of CISO or something like that. They are an expert in true security or people attacking your systems, people hacking it, all that kind of stuff. They are not an expert in what happens if someone uses this particular function of Salesforce and misuses it. They're not an expert in what happens if a person does this thing to a bunch of pages in notion and what that's going to mean. And so they don't know what. It's not in their remit to be the expert on each of the things you're operating. So you then have a different person. Maybe it's a Salesforce administrator or you know, a someone who manages that particular piece of software. They also have certain things that they need to enforce that's different than the true security person. And then there's another level which is okay, but you're part of the team that's allowed to know about that secret client project that we're doing and everybody else isn't. Well, okay, well, that is a different level of quote, security, right, that you kind of have to deal with. And so it's that kind of management. And again, if you're managing the humans well, we show up with conscience. So it's like, oh, the company culture is don't go Looking at projects that aren't yours. Okay, well I'm not going to do that because they're going to fire me if I do. Right. Well, we have to enforce that if it's an agent.

A

So whereas it would be with Capital S security as a focus, they're perhaps more focused on outside intentional malicious efforts. And with the ejectic side, it's accidental or internal, typically. I mean, of course they're also the.

C

And also that other part. Yes, it's, it's.

A

Yes and interesting. So for the clients that you're working with, that, that are like in motion with agentic deployment, Just out of curiosity, where, where are they seeing the biggest wins? Like, like what are some of the anecdotal examples you've seen?

C

If you think about when we look at jobs and the things we want to quote Automate. Unquote. Right. The low hanging fruit are some of the really, really obvious ones. It's like you have people spending a lot of time doing repetitive efforts in financial reporting, in marketing and things. So, so certainly it starts with those and, and you see a lot of quick wins there, but it's also spotting anomalies and, and really looking at how people, you know, looking for patterns, whether it's in customer data or interaction data with users, if you're a software company and trying to discern from that the ways that you can better serve your customers. And I think that if that anything you can do, you start with, okay, let's get efficient at things that we're currently inefficient at. But to me, just speeding up human processes is not as interesting as learning and managing things that by their nature humans aren't particularly good at doing. And this sort of goes back to your, your concept. They're not here to take your jobs, they're frankly here to do jobs that we don't know how to do anyway.

A

Or want to do.

C

Or want to do. Exactly.

A

So many questions here because this is a level of, of conversation on the topic with somebody who's got a level of experience with the topic that I just don't interact with much. I'm typically dealing with clients who, they're good at their business and their job and that sort of thing. But they really don't have much of a foundation when it comes to understanding the paradigm of AI. So you mentioned a word earlier, Automate. In my experience, there's been a lot.

C

Of.

A

Lumping automation and agents in together.

C

Yeah. And we had a thing a few years ago called Robotic Process Automation, rpa. It was yes, it was a thing, briefly. And it stopped being a thing. Right. And it stopped being a thing for a couple reasons. Ones that was kind of janky. It didn't really work very well. Right. But the other thing is that some agents are still trying to do this where they say, okay, I'm going to watch how you move your cursor and what you do on the screen and I will mimic that in a browser. And again, just making, making faster work of what we humans are already doing in an inefficient web browser interface is not all that interesting. Yeah, right. And that's not fundamentally changing what companies can do and how they do it. So let's use a much bigger example. In the very early days of Google advertising, you went and you decided what keywords you were going to get and you bid on them and you had these big spreadsheets you'd upload with all your keywords. And I remember that I was an early advertiser for Google. And you know, you did all these things and you were sort of guessing what, what. Right. And now you give them a dollar amount and you say advertise and it will do a way better job than we humans, you know, lacks all of our prejudices. It just like goes out and does what's effective. And, and I think it's that same kind of concept. So the early versions of automating that were, let's make it more efficient, blah, blah, blah, and, and that, and then it turned into, no, let's just totally reimagine how this thing is done.

A

That's kind of where we are. Agents versus. Yeah, obviously you're paying attention to the space. What are some of the forecasts that you're seeing as far as the impact of agents on, I guess global economy, industry specific industries, anything like that?

C

You know, I think in general there are always the early adopters who are getting particularly good at doing things. So you know, you have a, there's a company called Crewai that is that. There's a. They're an agent provider. And I believe that they have said that if not all, nearly all of the Fortune 500 have people using their agents doing something. Now you think back to Amazon web services when EC2 came out and you had cloud computing for the first time for real. Initially you didn't have Amazon going to big companies and saying buy my cloud, Bing. What you had was people within these companies plunked down their credit cards because they were tired of waiting for servers. Right. And they needed a server in there and their data center, people at their company. So well, that'll be six months to get a server up. And all this cost me like, well, forget that, I'm just pointing down my credit card. And Amazon of course gathered that data and they would eventually go to the CIO of these companies and say you should have a cloud deal with us. The CIOs. Well, we have our own data center, we don't need you. And AWS would say, well, you know, you have 30 different people in your company that are already using us and maybe you want to be able to manage that. Right. That was sort of how that, that kind of made it into the enterprise. You know, in the early days of, of mobile email you had the BlackBerry and initially that was considered unsecure. So the sales guys would go out and get and you know, spend their own money having a BlackBerry because they needed that to close business. And then eventually they would come and have a corporate thing. Right. So, so you see a lot of areas where in these, in companies large and small, individuals are, are figuring out ways to become more efficient to, you know, to look really smart and look really capable because they're getting a lot more work done than perhaps their peers are. And it kind of happens from the ground to the ground up. Not from this mandate from the top to that we are going to have agents. So I think that it's a long winded way of saying that. The predictions, it's going to be this level of efficiency or that I think the easiest way is to say it's going to be huge. Right. In the same sense that most companies don't really run their own data centers anymore. And they used to, and it used to be you'd walk through a colo system and you have every cage was some other company that was. And now we don't do that anymore. Right. So it just these kind of major transitions to SaaS, to cloud, to, and now to LLMs and then to agentic AI, they're just massive. And I think that, I don't think we gain a lot by attempting to put a number on it other than it makes us feel good. We're guessing it's a big number.

A

Yeah, that's a good answer. So you referenced something earlier and for those that are listening, it might not have the impact of, of the statement may not have landed with you, but essentially what, what you were describing as kind of the entry point for this in most companies would it fall under kind of the shadow usage idea?

C

And that's, and that's part of why we're being asked by so many to, to have, you know, to help them solve the sort of unsanctioned MCP issues because, you know, there are a lot of, there is a lot of this going on and, and the risk is high. And you know, you, when you give people the opportunity to sort of connect directly into the innards of anything, you know, that's kind of scary.

A

Absolutely. And, or we're getting to the end of the time here, but I do want to get your opinion when this episode is being recorded. OpenAI's agents or agent.

C

Yep.

A

Was released, I guess maybe last week. What is your, what's your perspective on? Because my challenge is that people use the words casually like the automation and, and sometimes AI is not even involved, but they call it AI just because it's an automation and that sort of thing. What is your perspective on agent actually qualifying as an agent? And second, the, the, the risk associated with using that in particular?

C

Well, you know, if, if, if something actually takes an action or rights, it's an agent. So, you know, call it that. I don't, I don't spend a lot of time worrying about, you know, people misusing the term. But I think that the bigger thing is that every one of these companies, whether they're the foundational model folks or they're the, the, you know, the agent cloud forms like accrue, all these folks are basically saying, we've got the agent to do what you need and it is way too early to pick a winner. I don't think you ever will pick a winner because I don't believe that there will be one agent to rule them all any more than my toolbox in the garage only has one tool in it. Right. So you're going to have a bunch of different platforms and concepts of how to, how to create agents, how to manage agents, how to, you know, all this sort of stuff. And what you don't want is every time a new one comes along, you don't want to have a lot of friction to try it and see how it works and see if it's the right thing for some subset of your, of your, your activities. Right. You know, the, the lovely thing about employing AI agents instead of humans is if a better one comes along, you don't feel bad firing the old one. Right. And it's not like, oh my God, but fading suits kids, right? So you can, you can be pretty heartless and say, well, you know, I liked that one before, but I like this one better now. And so I would Say I would be less concerned with, you know, OpenAI now says they have an agent. Is that the agent? Well, it's an agent and I'm sure it's going to be really good at some things and I'm sure it's going to be really terrible at other things. And, and that's the nature of how these things come into being.

A

Oren, like, very privileged to have you on the call.

C

Thanks for having me.

A

The. The conversation was certainly outside of my league.

C

I think it was. I think it was a great conversation. I really appreciate it.

A

My pleasure. I learned a lot and it kind of opened my eyes. I didn't realize that MCP was the risk that it was. Everybody's excited.

C

It's very exciting. Well, and also, it didn't exist six months ago. It was what, November, December, it popped up. It was. It hasn't been around for very long and it's already been iterated on three or four or five times. The standard keeps changing. So, you know, what is MCP today? Well, not what it was two months ago.

A

Yeah. And we've got some of our builders using it actively. I need to go and evaluate indeed, indeed security elements behind what they're doing. So, Orin, for those listening who want to continue the conversation or learn more from you guys, I'm sure you're putting out some incredible content and related to the subject. Where can they find out more about.

C

We are at Barn Door AI and I am Orin at Barndor AI. Welcome to email me and I'd love to hear from you from anybody listening. Awesome.

A

So we'll make sure that those are in the show notes for sure. But I have no doubt that I'm going to be seeing you and what Barn Door is doing. It's. It's even more in demand, especially after this podcast episode with some of the questions I ask. But again, fantastic what you're doing. Thank you so much for being here and I look forward to hearing big wins from Barn Door in the future.

C

I do too.

A

So, everybody, thank you so much for being on the episode, everybody today. We'll have the latest one released soon and go use AI. Thanks for tuning in to Using AI at Work. Don't forget to subscribe for more conversations about how to use AI at work and a special thank you to our sponsor, Chief AI Officer for empowering businesses with AI education and training. Visit their website for a free AI Readiness Assessment and AI Strategy Guide to help you get started using AI at work. That's www.chiefai officer.com. so thanks to our producer Evan Desolier for making this episode possible. Follow us on Twitter at the handle using AIAWORK and visit www.usingaiatwork.com for free resources to help you harness AI in your role.