Sign up to save your podcasts
Or
Share What OpenClaw Going Sideways Reveals About How Humans Interact with Technology
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
What OpenClaw Going Sideways Reveals About How Humans Interact with Technology
Alex Yampolskiy walked back into my studio, sat down, complimented the pillow, and then spent the next hour telling me things that kept me up that night.
It hasn't been long since our first conversation. But in the weeks between sessions, an open-source AI agent called OpenClaw went viral and then went sideways. Tens of thousands of people rushed to install a personal AI assistant that connects to their email, calendar, WhatsApp, and terminal. Almost nobody thought about security before they hit deploy.
SecurityScorecard's research team scanned the entire internet and found over 40,000 exposed instances. No authentication. No encryption. Named in ways that let you identify the person and the company they worked for. Hackers found them before the organizations did.
In this episode, we unpack what OpenClaw reveals about how humans interact with technology and why the problem is much bigger than one tool.
AY explains why people click first and think second in the digital world, even though they'd never walk into a dark alley without looking over their shoulder. He describes AI agents as ephemeral interns with root access who disappear before you can fire them. He walks through why the speed of exploitation has dropped from days to microseconds and why human-speed defense against machine-speed offense is no longer viable.
We get into territory that most cybersecurity conversations avoid. AY is blunt about AI budgets exploding while security budgets stay flat and what that means for CISOs being asked to govern technologies they had no say in adopting. He tells me that most third-party risk programs operate one day a year, leaving 364 days where nobody is verifying anything.
He walks me through Security Scorecard's maturity framework from static, point-in-time assessments to continuous monitoring to threat-informed detection and response and is honest about where most organizations actually sit on that curve versus where they think they sit. The gap between those two points is where the real risk lives.
He makes the case that compliance and security are best friends, not twins, and that the forcing function of regulation is often the only thing that unlocks budget. He explains why the Ukrainians deliberately hacked their own infrastructure before the Russians could. And he says, plainly, that if you can't afford the secure tools, you accept the risk. No soft landing.
Listen in and enjoy.
A special thanks to our friends at Security Scorecard for partnering with us to tell this story.
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit audience1st.substack.com
View all episodes
By Dani Woolf
5
66 ratings
Alex Yampolskiy walked back into my studio, sat down, complimented the pillow, and then spent the next hour telling me things that kept me up that night.
It hasn't been long since our first conversation. But in the weeks between sessions, an open-source AI agent called OpenClaw went viral and then went sideways. Tens of thousands of people rushed to install a personal AI assistant that connects to their email, calendar, WhatsApp, and terminal. Almost nobody thought about security before they hit deploy.
SecurityScorecard's research team scanned the entire internet and found over 40,000 exposed instances. No authentication. No encryption. Named in ways that let you identify the person and the company they worked for. Hackers found them before the organizations did.
In this episode, we unpack what OpenClaw reveals about how humans interact with technology and why the problem is much bigger than one tool.
AY explains why people click first and think second in the digital world, even though they'd never walk into a dark alley without looking over their shoulder. He describes AI agents as ephemeral interns with root access who disappear before you can fire them. He walks through why the speed of exploitation has dropped from days to microseconds and why human-speed defense against machine-speed offense is no longer viable.
We get into territory that most cybersecurity conversations avoid. AY is blunt about AI budgets exploding while security budgets stay flat and what that means for CISOs being asked to govern technologies they had no say in adopting. He tells me that most third-party risk programs operate one day a year, leaving 364 days where nobody is verifying anything.
He walks me through Security Scorecard's maturity framework from static, point-in-time assessments to continuous monitoring to threat-informed detection and response and is honest about where most organizations actually sit on that curve versus where they think they sit. The gap between those two points is where the real risk lives.
He makes the case that compliance and security are best friends, not twins, and that the forcing function of regulation is often the only thing that unlocks budget. He explains why the Ukrainians deliberately hacked their own infrastructure before the Russians could. And he says, plainly, that if you can't afford the secure tools, you accept the risk. No soft landing.
Listen in and enjoy.
A special thanks to our friends at Security Scorecard for partnering with us to tell this story.
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit audience1st.substack.com