383- Rebuilding executive trust after $1.2M ransomware demand w/Ray Martin

Host: Phil Howard

Guest: Ray Martin

Phil Howard: All right. We are live, Mr. Martin. welcome to the show. learner restorative achiever. Competition belief. Those are your five things on LinkedIn. Maybe we just start off with your past, man. well first of all that is a Bruins rink. So that's near and dear to my heart. I think we talked last time about you know, I went to Colorado State University. We gave Ray Bourque a few titles. That was kind of a fun time going to college at the time, being a kid from Worcester. Worcester, mass. So, obviously you're a hockey fan. So let's start with the most important stuff.

Ray Martin: yeah. No big, big Bruins fan. Born and raised in Rhode Island. the irony of the whole thing is I was a goalie growing up, so my favorite player of all time was Patrick Roy. So being a Bruins fan And my favorite player playing for the Canadiens for the early part of my childhood was a little tough. But, when he got traded to Colorado, it was fun watching them, especially some dark time for the B's then. So cheering them on and win the Cup, and Ray Bourque going over there and winning one with them, was fun. And obviously watching the massacres when they played the Red wings, was time. So that was my prime watching those. But no, it's always great. huge hockey fan. Still am. I love going to the games. And obviously, being a Boston sports fan, my senior year and then through my college years and during the twenty years of the title runs, couldn't be a better time to, enjoy that.

Phil Howard: You were smashing. We're already smashing Stereotypes see it. People are cool and do sports and sports.

Ray Martin: So it's interesting how I fell into the IT role for sure, especially with my background. And I graduated.

Phil Howard: Tell me the story. Gotta know. Yeah.

Ray Martin: Yeah. So I, grew up obviously the internet boom and computers and everything and kind of got my hands into it. again, hockey kind of ruled my world growing up. played juniors, bounced around. So I was a little older when I graduated, twenty four when I graduated, two thousand and nine. So right after the recession and fell into a job, really tracking small tools and putting barcodes onto tools with a construction company. And, it's just entering into a system, into a small database there. And really as a contract job, they gave me a year to do that, and I completed that in about six months or so. And I was still looking for things to do while I was under the contract. and they got me into purchasing materials and working up what they called the yard there. And while I was up there, I just took care of the IT issues up there fixing printers, helping everyone with their computers up there. just basic troubleshooting stuff I learned how to do in college. I had a communication studies degree out of there. But again, just things you do growing up working on a computer, my brother was the tech kid in my family. so learning from him, he actually worked at the company as well. That's kind of how I got my foot in the door. But as those months passed by, the I t director got wind of, there was no issues in the yard on the IT side. when he asked my brother down there, what was going on, he's like, oh, Ray's taking care of everything up there. he got wind of that and, asked, does he want a job on our support desk and kind of where my career was going, which was really nowhere up there. my boss at the time wanted me to get a CDL license and, drive trucks and deliver, great career, but wasn't for me. I jumped at that opportunity, and went down there and, started my career in it. And that consisted of sitting in the basement in a cage, key to get in, key to get out, setting up blackberries and building computers and really learning it one on one, from scratch. So learning it on the job is really how I built my career. I wanted to obviously get out of the basement, get out of, the cage and expand my, wings. And construction has always been in my family. my grandfather, my father worked in the HVAC side. so I was familiar with job sites and I really wanted to get out into the field. So an opportunity popped up where we didn't have it out in the field, and my previous employer was really spread out at the time throughout New England. So I worked with my director of it and kind of negotiated something like, hey, how can I get out and support our teams out in the field more and be a presence for it out in our project sites? And we basically came up with a plan where I would visit, our sites and be on site support for them. so I spent a lot of time in the car traveling and kind of started locally through, jobs that were an hour or two hours away a day. I'd get in my car, drive, and spend the day. and that was really how many?

Phil Howard: It just I'm just thinking of the, contractors that I've dealt with over the years, even just from like a small business perspective. How many contractors still kind of drive around with a big crew of guys and zero technology.

Ray Martin: So I would say our subcontractors that work with us, it's very, very limited. very few of them have help. That company. There's a lot of danger there, for us and that's a big concern for us. Right? We can protect our side of the house, as much as we can, but that's, we're very vulnerable, on their side. And that's a challenge, right? We we got to protect them as much as us. we can put as many, best in class antivirus and email filters, and we can train our users. but on the other side, we're collaborating with our partners all the time, and, they're on the wild and they're using Gmail accounts and third party accounts, and they're very, vulnerable out there in the market. And we see them getting hacked all the time. And it's it's scary on that side of the world. the bigger players, the dimeo's, the consiglio, the shamans of banes, they all have pretty, pretty solid IT teams and tech stacks that are protecting them. They know the value and the harm it can cause if they get attacked. But the smaller sides, the subcontractors, it's very, very scary on that side of the world.

Phil Howard: And I mean, just from an advice perspective as like a if you were to speak to all of the contractors and small business owners out there that are whatever framers building houses, jack of all trades guys and everything, what layer of technology would you suggest that they have or use, and would it benefit them and would it make their lives easier and better, even though they may be technology adverse, as many are.

Ray Martin: Yeah. I mean, I would partner up with an MSP at their level. and get on your base package of Microsoft three hundred sixty five and protect your email. That's there in our business, that's their primary source of communication. protect that level. Everything's coming in there. we're letting them into our systems. So, you know, we're controlling that aspect of everything. but if they can handle that piece and, have somebody that's updating their computers, windows ten, end of life, everybody on that side is still using it. Somebody's going to patch their network and manage that. I would highly recommend, even if it's, I think they're afraid of the cost and what that's going to impact and they're going to spend, tens of thousands of dollars on it. I don't I don't think the cost impact is going to be as high as they think they are. So, stop going to your buddies, sons and IT guy at a company. Maybe you can come look at my computers quarterly and update them. it's so much damage that can be done to your reputation, your company, and you can be out of work through a cyber attack.

Phil Howard: I was just even thinking of being just more efficient and just how you pay your guys efficiency, time and materials, ordering and receipt orders and receiving and counting parts and different things like that, that probably just goes out the window. I'm just wondering if there there's got to be something there. Organizing, scheduling. A lot of times people's schedules are all over the place. I can't make it this week because we're we're getting killed with a foundation over here and blah, blah, blah, and, forecasting business results in the future. And yeah, I'll get to John Smith. I'll get to your, new house, in January of two thousand twenty seven, something like that. you get a lot of that stuff.

Ray Martin: Yeah, there's thousands out there you can sign up with that are SaaS based that are going to help your company. But you need someone on your team that's going to speak that language and look out for you on that side. you build your vendor relationships there and you trust your partners. Again, we offer any tool that we put on our stack, we invite our vendors into that are going to help them with that exact scenario and bring them in that allow them to schedule we, use things like voyage control that help you automate your scheduling to our site and that automates that, your tickets, your scheduling. We use products like Claire Story there that your physical filling out of your your TNM slip. That's paper. You can't read that that's all digitized now and that's automatically sent via email. Tracked up logged. There's no question on the work that's supposed to be performed if it's approved or not. Like, those questions are now eliminated. everything's logged in. that ties into our master PMIs system with Procore. Everything's logged. we have a master system of record. Now, all those questions. Our scheduling software tracks everything there. They have access into that. They can track that. It's, you know, those tools we provide out to our partners so you can loop in there. from my seat as a CTO, I'm more concerned about the security of what they may introduce into our environment. So I want them protected on that side. we're going to protect the tools that we give you. We're going to give you everything to streamline that project. we're coming in and everything as a partner. from the client side, the owner side of the job. Our side is a construction manager, general contractor, and then our partners as a subcontractor. We want that to be as seamless as possible all the way through the course of construction.

Phil Howard: So construction companies, large ones, are notorious for being very cost conscious just from the. It's just due to the nature of your job. I mean, you order tons of things. It's like we gotta watch bottom Line here and there. So I would assume that security in the construction world and in the IT world oftentimes does not get the budget that they need right away until said disaster happens, which I don't know, you might have a little bit of experience with some of that stuff.

Ray Martin: Yeah. For sure.

Phil Howard: So it's like, you know, I don't need to wear my face mask until I get a hockey puck in the teeth or something. I don't know.

Ray Martin: Yeah. We've, been through two ransomware attacks here at Demio. one under my leadership and one before I got the job here, which probably why I got the job here, in two completely different outcomes.

Phil Howard: Okay. The first let's go through let's go through. Outcome one was obviously a bad one when you weren't there. I just have a feeling.

Ray Martin: Yeah. I'll come one. systems weren't in place. things got encrypted. things weren't recovered. end of the day, I can't speak too much more on top of that, but I know it wasn't. It wasn't good, and forced us or forced the company at the time to really transition quickly into new systems. and it really broke and fractured the trust between operations leadership and the IT department. so when I stepped in to the role here, really, I was young, thirty year old kid, taking over, that department, and stepping into something that, trust was really fractured And fortunately enough for me, leadership had that trust in me, which which really helped. But from the other side.

Phil Howard: Let's just talk about that. Let's just talk about that for a second. Because how did you do that? Because there's a lot of I mean, thirty year olds, a grown adult. I mean, you said kid, but like, yeah, most people think like, oh, if you have a C level, you're, you're a certain age or something like that. But that doesn't mean, I don't know, there's plenty of billionaires that are there. Well, there was a handful I guess, in their twenties. But but my point is, that there's other. You're not the first CTO that that I've interviewed that was maybe young. Right. And this was a while back anyway. So what was it that helped deliver that level of confidence? Because I think that might help a few people listening.

Ray Martin: Yeah. So I just look back of what I know now, ten years ago, and what it took to get there. But I was very ambitious when I took the seat and really saw the potential. and when I stepped in and I saw where it came from and what the tools I was using at my previous company, I saw the path and I said, okay, day one, I know there's a path and I know I can get us there. I know we can modernize this infrastructure and and we can get there. And I was like, this can be easy. We can do this and jump. And when I got in the seat, I realized it wasn't going to be as easy as, okay.

Phil Howard: Why?

Ray Martin: Let's go. Let's jump in and do this. There's a lot of, I don't want to call it politics that went into play, but there was a lot of convincing, to go through from just a team that didn't understand and didn't know. there was a lot of teaching that went into play. And, how do I know my data is safe up in the cloud, questions.

Phil Howard: Okay, So let's let's knock out the, common ones. So I'm assuming we had data on prem. And we wanted to migrate to the cloud. That's what it sounds like okay. So that's a typical all right. How do you how do you knock that one out.

Ray Martin: Yeah.

Phil Howard: The it's kind of an older one. But I'm sure there's still people out there that are like, no, I want to keep my exchange server. No.

Ray Martin: Yeah. The easiest the light bulb that went off the, head and I convinced him at that point was I was like, okay, our systems are down eighty percent of the time. Do you want the person who's in charge now? And this is before I get the job fixing the system, or do you want a team on Microsoft side of the house assisting you, getting those up and running? Because that's what you'll get when you move? Or do you want a system with your vendors that you're partnering with? Do you want a full team of professional engineers helping you migrate that and get that up in the cloud. Do you want your data protected and multiple data centers across? Do you want your system down in your data center, but your teams out at the job sites to still be up and working accessible? Do you want to be able to work from home and still have access to your email? Do you want all these benefits?

Phil Howard: Keep going, keep going because we're gonna make a nice little we're going to make a nice little infographic out of this. Let's keep going. Keep going.

Ray Martin: So and just kind of negotiating.

Phil Howard: Do you want your customers to look at you cross eyed because you're so old? Yeah.

Ray Martin: So it's just seeing the benefits of that and not being exposed to that before. And once they kind of realize that it was okay. That makes.

Phil Howard: But there's a cost difference. You have to go from you have to go from a CapEx to an OpEx. Correct. So they have to you got to sell them on the hey, we're not going to do this by this metal box and depreciate it over five years from now on, we're going to pay a much larger bill every month.

Ray Martin: Correct.

Phil Howard: How do you do that? Because we have to. There's no other way.

Ray Martin: Yeah. No, it was just. It was the downtime. It was like, I can't have people not working eighty percent.

Phil Howard: You said eighty percent of the time. Is that even possible?

Ray Martin: It was bad. It was.

Phil Howard: That's one day out of five. That means, hey, out of the five working days, We're working one day.

Ray Martin: It was so bad, you couldn't get two, three things to work. Like you would come in and the internet would be down, but the email servers were up, but you couldn't get your email because the internet was down in the building. And then you get your the internet up, and then the exchange server was down in the building. So then nobody had access to your email. And that was an everyday occurrence. And again, not to harp too bad on the person who was there before, but by the time I was able to get things up and running, say eleven o'clock during the day, we'd be operational through the rest of the day until said network engineer came in at night. For whatever reason. We didn't work nights, but would undo what I did in the morning to continue on what he was working on at night. Undo what I did so then I'd have to be back in six o'clock in the morning to undo. It was a terrible working environment.

Phil Howard: that's ridiculous.

Ray Martin: That. And then finally, leadership was like, all right, we're going to the cloud, and then we push that, and that fixed that issue. And it was like, okay, we're up. We're running. Now. Let's get to the next thing and let's move from there. and then the value was, oh my God, we're working.

Phil Howard: I can look at what we can do.

Ray Martin: Up all week in two years.

Phil Howard: That's crazy. It's absolutely insane.

Ray Martin: And it was again this. I'm sorry. This was, ten years ago. and we haven't run into those issues and stuff, but that was that was a huge win and a huge build of trust for the Department of Operations. And you're starting to rebuild that going forward.

Phil Howard: that's absolutely insane.

Ray Martin: It was.

Phil Howard: But it happens.

Ray Martin: It does.

Phil Howard: It's still happening. There's someone out there listening right now. Well, after we released this, someone will be listening to this. I'm like, oh, yeah, I remember that. Lotus notes there's always the one that I remember. Lotus. We're still on Lotus Notes. That was only like six years ago, I think, which is ridiculous. we're going to go to exchange. It's like we're on Lotus Notes. We're going to go to exchange on site. Oh, no. No. Yeah. okay. So what was the difference between, ransomware attack A and B?

Ray Martin: Yeah. So after attack one, one of the goals for me to come in and design a system that would be, prepared for attack to, not it's not a matter of if you're going to, are you going to get hit? It's when you're going to get hit with ransomware. so we still had legacy systems, hardware systems.

Phil Howard: On ransomware attack one. Did anyone pay any money out?

Ray Martin: No. Did not.

Phil Howard: Okay. What was the ransom? Just out of curiosity.

Ray Martin: I'm not sure. On one. I'll tell you what. It was on two. Okay. I was involved on that one. I'm sure it was a million plus dollars for one. okay, so on two, we were hit again. And just a little background on the environment. we were migrating. we're getting ready to replace our legacy systems, our end of life. Sign the contract with Nutanix. we have a small environment. Wasn't too much. sign the contract, and we're getting ready for a new system to come in. And before it came in, we were hit with ransomware again. fortunately, ninety percent of our workload was in the cloud. we had one, say device that was kind of a legacy. That really is what got encrypted. Had a bunch of archived data on it. No. Personally identifying really some old drawings and data wouldn't really need. But with the ransomware really did to us on on our IT team was, crippled our domain controllers, crippled our backup servers, had a lot of rebuilding we had to do there. fortunately for us, what we did and the way we set up the environment and again, kind of dating myself is we had a store simple setup. and then what we did from the store, simple setup is we sent our backups to a, another Azure tenant, completely separate from our accounts and stuff. And we had another set of our backups that were going there as well from the storsimple. So when they went and deleted our backup jobs and destroyed our Veeam situation, it didn't go out to that Azure tenant where we had a clean set of backup. So those weren't impacted. So when we rebuilt everything, and got that spun back up, we're able to do a clean set of backups from that Azure tenant and rebuild our environment back in there. so that saved us, that saved all our data and our servers, and we're able to bring everything back up, and really only lost maybe half a day worth of data at that extent. then there's device that was encrypted. we had a clean set of that backup data, even though we haven't access that within years. but we did recover that as well. going in and talking to we had the Conti ransomware, if you remember that one. That's what we got hit with. log in to torrent browser. Download that. Open up the chat window, upload the ransom note. they send back a file of some decrypted files saying that they can restore it. they say, okay, send me one point two million dollars in Bitcoin will restore your files. I think I sent them back. I was like, I'll send you ten grand so I don't have to go through the trouble.

Phil Howard: yeah.

Ray Martin: They said, and I said, all right, well, this conversation's over. And that was the end of the conversation, and we went back.

Phil Howard: And take ten grand. Man. Yeah, that would have been a quick hit for them. Ten grand.

Ray Martin: Yeah. So that was that was that was that and, brought it back up still a lot of time, to recover everything. We, we worked about one hundred hours straight. Straight out, to bring it back up. But again, the way we were set up our job sites zero impacts. Everybody was still working. our teams within the office were up and working. our critical applications that still ran on prem. we had them up and running, less than twenty four hours. so they were back up and running and there's just little things, that we brought back up slowly in the back end. and, knock on wood, we were good to go. the the interesting part of that whole story was probably a couple weeks before the ransomware came in. I met with my boss, and we were running through scenarios. If we got hit with ransomware, how would they come in? And it's like, most likely you're going to come in through phishing email. Somebody's going to click on it. these, we had a couple applications that were legacy applications that we had to decommission. they had cached admin credentials in them and basically I said it's going to move laterally. It's going to grab the credential here. that's our weak point of exposure. And really, the way I outlined it was exactly the way the ransomware came through and navigated its way across the system. And I told him I was like, I did not deploy this ransomware across the system. I said, but word for word, the way I told you it came in is how it came in and spread across through.

Phil Howard: But dude, did your executive management even understand? Anyways, even if you told them, like, hey, this was the way, would you know what I mean? It's kind of like, how do you gain that? obviously you gained that trust and you're able to say, hey, this is how it happened. We're prepared and this is what's going to happen over the next. What do you say, one hundred hours to one hundred hours. How what was it, two weeks or something? How long did it take to fix everything?

Ray Martin: we worked nonstop through that week. We were there, probably stopped a few hours a night and we just grind it through it, and got through it from. I think it hit on a Thursday night and we went through the weekend and we were done by that following Friday. we walked out of the office around noontime or so.

Phil Howard: unscathed.

Ray Martin: Yeah. Just ran through the biggest glass of scotch I think I've ever had in my life. It was awesome. but he, my boss, since he's been through it so recently, he was very in tune and very involved on what we were buying, why we were buying it, how it worked. he probably wasn't in the the weeds as much as how it worked, but he did want to understand. And he wasn't afraid to make the investment into what we were purchasing. which is, why it held up. why we continue to make the investment? and we learned from it, and we put in, more security features, throughout the years as well. multi-factor authentication. EDR tools. The CIM environment. you name it. We're constantly improving and looking for upgrades. using you know, AI is a huge topic now. how do you use that in your cybersecurity posture? we're looking at tools there, how AI is tied into our antivirus tools and detecting ransomware across the board. it's very and well.

Phil Howard: This brings us to the conspiracy section of the show. So there's got to be some conspiracy theories that you buy into that are tied into either security, drones flying over the state of new Jersey or AI.

Ray Martin: So I two of those drones fly over my house. I took a picture of them, too.

Phil Howard: So I turned on, like, I like I made the mistake of, like, opening up like X. I guess I'm still calling it Twitter one day and I was like, what is going on? Like there was just like this endless stream of like, drones over new Jersey. I was like, why is it always new Jersey? It's always new Jersey. It's like all the patents, like ninety eight percent of all the patents come out of new Jersey. All the weird alien drones are flying over new Jersey, I guess what is going on? But, any conspiracy theories that are real?

Ray Martin: No.

Phil Howard: Two people get some people either get really offended at this point. Like, no.

Ray Martin: Like my favorite, my favorite conspiracy theory is, and I don't buy into it, but is the, flat earth conspiracy theory and the documentary that's out there bending the curve. I think it's on.

Phil Howard: Prime.

Ray Martin: On Netflix is probably my.

Phil Howard: Favorite.

Ray Martin: one.

Phil Howard: So every experiment.

Ray Martin: Every experiment they perform proves that the Earth is round. But they, perform the scientific method, but they do it backwards. And that's my favorite part of, those conspiracies.

Phil Howard: so if you had to buy into one part of the flat earth theory, then what would be the most realistic? Because the flat Earth Dave or whatever his name is the guy Flat Earth Dave, he's like, actually not far from you. I believe he lives in Connecticut. And then, I don't know. I mean, like, don't have any. Bravo. Be your spokesperson. I'm sorry, Eddie, I love you, but I mean tenth planet jiu jitsu. All of it. I love you, man, but you can't have, like, a bunch of stoner MMA dudes talking about flat earth. It's just making you look really bad. You got to get some, like, physicists and scientists and some no name guys that have actual credentials and stuff. Maybe a couple Einstein, right hand guys. You got to get some people on there other than Eddie Bravo, Eddie Bravo. You're not. I mean, you're just. I mean, I get it, but you're just. You can't be the Flat Earth spokesperson. person.

Ray Martin: Yeah. I don't know. I, I don't know if there's anything I can buy into it. I, I just go outside and look up and see everything's a globe and round and looking, at telescope and, you know.

Phil Howard: Alright, we'll get some comments from you.

Ray Martin: Like, I don't know if it was flat, we would, gravity works and you'd be climbing up mount Everest with every step you take. It's I don't know, it's just fascinating.

Phil Howard: Static electricity or something to them. Remember they went over the grid. They they hit on the gravity in that one. Yeah. That one's, let's. We'd have to pick a we'd have to pick a simpler one. Like, I don't know.

Ray Martin: The ice would.

Phil Howard: Go to the moon. The ice. Part of the flat Earth. We can't go past, like, whatever the line is. You ever tried to go past the whatever, whatever degree, like ladder line or whatever they like to talk about?

Ray Martin: Yeah. You can see Chicago on the other from Ohio or across.

Phil Howard: I do find the being an extra line of sight wireless. Fixed wireless guy. I do find the line of sight argument to be the strongest, because there is a salt flat somewhere down in like South America or something that when it rains and creates like an inch of water, that's like a glass reflection. I'm pretty. I'm almost positive you can see past the whatever, even if it's past six miles. What's the curvature of the Earth? I think it's like every six or seven miles is the curvature. You shouldn't be able to see past like that does. But that doesn't mean the Earth is flat. It just means that it could be bigger than we think it is like that. I'll buy it could be that. Or it could be like, or it's like, on a wobble or something like this. That's. Yeah, that was too. So anyways, flat earth. But so you did watch it though. It did somehow, someone got you with that with the helium balloons and stuff. I do think it's possible. I do wonder how Elon On is getting, less than twenty five milliseconds of latency into the upper atmosphere for satellites. That's that's very impressive. That should not be doable.

Ray Martin: We do use them. We do use them on some of our job sites.

Phil Howard: But according to these guys, what was the movie again? I already forgot.

Ray Martin: Bending the curve.

Phil Howard: Bending the curve. It's. Yes, of course we're using helium balloons. That's how it's being done. You're not going up to a satellite. You're going up to a helium balloon, which is much closer in the upper atmosphere. So that would that would explain the latency. Yes. Okay. So this is the transition to AI. So the transition to AI is everyone wants to hear about security layering techniques, which we kind of already banged that one out. I mean at least we banged out the unfortunately you were one of the ones that's like we don't get the budget until there's a ransomware attack.

Ray Martin: Yeah.

Phil Howard: So. Okay. I would I would love to see someone get the budget for security without a ransomware attack. And there's someone out there that can answer that question. But the other one that's that's everyone wants to hear about is real AI use cases that actually do something versus kind of this, hype scale level of AI where we have to have AI. Everyone's pushing us to have AI. If we don't have AI, we're not, there's this like, frenzy right now. Do you guys have any AI implemented that is doing something that's moving the needle on KPIs?

Ray Martin: Yeah. So we're we're in the crawl stage of our, our AI, and actually just sent out a pretty interesting survey to our team to, to kind of get everybody's temperature in really helping define our culture. Where we are today with AI. Are people scared of it? Are they willing to use it? and it's it kind of aligned with our company culture. we're builders first. Yep. And there's a not a hesitation to use it, but our team wants to use AI if it's if it's practical, if it's going to help with mundane repetitive tasks. and a lot of the interesting responses I got is they don't want to lose the knowledge transfer from our older generation to our younger generation, and they don't want to see our younger generation just rely on AI to teach them how to build which I thought was pretty interesting. And the other things I've seen there, and what we're starting to build in is we're taking a vendor, Approach, kind of based on the company we are and the tools we have. And, I just came back from Houston at a Groundbreak conference and they released a Gentic AI within their platform. And it was very interesting on kind of their, you know, eighteen month journey with AI. And the way they were going to release it first was they're like, okay, we're going to build, seventy five to eighty percent of these AI agents for the companies to use. And then we'll let the companies build twenty percent of them from there. And the product kind of never got released. And what they released this year, and we were lucky we got into the beta a little bit beforehand, is they flipped the script because when they released their agents, they realized the first group of beta weren't using them. And when they went back and they asked why, they said, well, your agent doesn't really fit my business need or how we would use them. So they opened up, they flipped it around. They said, okay, well, we're going to open up the agent builder first and we're going to give you some guidelines how to build them, but we're going to let you build the agents and we're going to help you along the way. So now the agent builder is open and it's just kind of got released to our team and we put our first community on them. We're starting to use them. So now we can build these custom AI agents in, our biggest investment into software really to fit the way we want to use them, which I thought was pretty impressive. they're not that.

Phil Howard: Were you the one that I was talking to with with adoption, where you're talking, it may have been someone else, but we were talking about AI adoption, and, someone was saying that more of the you're kind of talking about a hybrid, actually, which is interesting, but there's there's kind of like build your AI agent from scratch yourself and build your AI tools yourself. Then there's the, find a vendor that's selling something that's in alignment with what you're trying to do, which is probably difficult to do because there's eight billion people out there doing that, and you're getting swamped with a bunch of people trying to sell you AI, something that's not even they think you need it, but you know you don't need it. And then there's this kind of hybrid thing, which is what you just mentioned, which I like.

Ray Martin: Yeah. So where again, it's changing so fast. So we're we're in the middle like my LinkedIn page. I'm sure you know people listening. The same thing is loaded. Everybody's in that hype cycle like our AI tool does this does that. And it's an AI to everything. But it's like all right, well let's do what we need it to do. Is it really going to fit? And I think that's the power of what's been released through, Procore AI Agent Builder, I think is going to be really powerful for us because that's where our data lives. Our team will have access in there, and they can build it within the workflows, within the tools that they're using every day. And it's easy enough for them to start building these things. and then based on the survey results I got, I have an understanding of what our teams are using. They're using ChatGPT or they're using Gemini using the what gen AI tools do they use? What's their how comfortable are they in there? And it's like, okay, well now where am I going to go to. What type of enterprise agreements do I want? How do I want to protect the data going out there? Like you know. Yeah.

Phil Howard: How are you protecting that? That the kind of the AI. shadow AI.

Ray Martin: Yeah. So right now that's what we're trying to get our hands on. we have our AI policy drafted up and ready to go out to the teams. We wanted to get those those results first back. but what you've shared with me in the past? with, I believe it's called app dev.

Phil Howard: Yeah. Devs AI. So we have a,

Ray Martin: something like that is extremely powerful where, it's it's compliant. you can monitor the chats. where your data lives. it's not going out into the public domain. Like that's where we need to be with it.

Phil Howard: we should have a soundbite for that. We should have a soundbite for that. Greg, where's our where's our AI soundbite? So. Yeah. So our partner so our part one of our partners that helps fund this podcast, devs AI which app Direct purchased is the only enterprise kind of AI aggregator that I know of that's out there. So. all the usual suspects, open AI grok. Claude, what am I forgetting? The the Chinese one. I gotta remember all these. It's like. It's like fifty plus. It's like fifty plus that are in secure data centers and will give you Soc2 compliant, will give you in writing that all of your data is not being learned by the systems, but you can control in one platform and write your own agents or have agents written for you as well, and kind of pick and choose which LMS you want it using. There's a there's another big there's kind of another big, release coming out too, just for like come from the coding perspective, because it's like a whole nother thing is like the vibe coders and the real coders out there. And what aspect do I have? But if you want to be able to control all of your end users and give them access to LMS and be able to see what they're doing, not have the LMS learning on your company data, have it secure and give it access to a multiple or single source of truth of your company data, and know that it doesn't have access to that learning it, then this is a real option. So yeah, Greg, my producer, let's throw in a devs AI, bullet point there for anyone that's interested that wants, that wants to you can just I think it's thirty dollars a user too. to. So when you think about it, it's thirty dollars a user for like unlimited tokens. Like just shy of unlimited tokens. We can't make it. There has to be a stop gap somewhere because there's always going to be, like a someone that's going to take advantage of that. But for for everyone listening, it's it's unlimited per user. So thirty dollars per user, you're going to get access to open AI cloud, grok, Gemini. all of that which would normally be somewhere around like two hundred and fifty, two hundred and forty dollars per user. Anyway, so anyone interested, reach out to the show. We'll have a, something in there, a soundbite or something in here. But but yeah. So I thought you guys mentioned last time something about counting like toilet part fixtures and different things like this and other things that are kind of like endless mundane tasks that normally are kind of by hand and take, take people a long time. This is kind of like the use cases that I think most people are using AI for right now in a, in a realistic standpoint to eliminate labor. And, yeah, tasks that normally humans are doing in the past.

Ray Martin: Yeah. So we're looking at products like toggle AI, on screen takeoff with that boost takeoff, built in AI tools. So we're evaluating those, same thing. Looks at the drawing. you set the parameters around there, identify kind of do the takeoff, save our estimators, you know, hours out of their day on doing that. So, we haven't pulled the trigger on one of those yet, but, we're constantly evaluating those tools.

Phil Howard: are they able to give you a good, like, POC or anything like that?

Ray Martin: Yeah, the boost with OST hasn't been as good, but Total's been great, with their POC, back and forth, so there's just, Yeah. I don't know why we haven't pulled the trigger yet, to be perfectly honest with you, but, uh.

Phil Howard: So cool.

Ray Martin: It's, Yeah. Toggle the POC with them. they've been great. the boost is they've only kind of given us five sheets, and their trial has been kind of weak, to be honest with you.

Phil Howard: I'm giving you the final word, man. what do you have to. I mean, to to all the other IT leaders out there. I mean, we're in kind of. We're in an interesting space right now. We're in a big change. Not that in technology changes is the constant, but this is kind of a this is an interesting, interesting environment right now. What do are we climbing out of this it hiring freeze, lowering wages or do we need to be more prepared for this, new age? And how do we survive?

Ray Martin: Loaded question.

Phil Howard: I mean, are you are you sleepless at night worrying about it in the future, or are you like, nah, screw this, who cares? I mean, technology is always going to be changing, you know?

Ray Martin: I mean, I'm sleepless at night. Every night I got a five year old and a and a baby on the way, so I'm preparing. but no, I think there's going to be a whole slew of jobs that are not created yet through AI. the way I look at AI and what's coming, it's going to change the way people work. It's, the next revolution with within the space. I'm not sure if you listen to Simon Sinek, but, one of the nights I was up, I jumped on and, what's his thoughts on AI? And I thought it was interesting. One of the things he said is, when the Industrial Revolution came through it, took away blue collar jobs. this AI revolution is going to, take away white collar jobs, and those blue collar jobs are going to be safe. But you also, expanded on that thought, which I thought was really interesting. He goes, you're going to see a change, in his use him for the example. He said, in my world, right now The writer is key. the writer, generates his scripts, his speeches, his narratives. And that's really powerful there in the editors kind of, lower on the totem pole, lower salary. So now he can have ChatGPT or gen AI write what he's going to talk about. And so the value of that writer is going to move down. But the value in the editor is going to go up. So you're going to see a shift in, in those jobs and the value you go. So from the owners of these companies it's going to be a net zero spend, but it's going to be where they're going to focus their money. They're going to focus it on the editor now because it's going to be more value in that position. So I think you're going to start seeing that across the board.

Phil Howard: okay. So the editor is going to have how is the editor going to have more value I would think. AI could do that easily.

Ray Martin: Uh, those are those are his words, not mine.

Phil Howard: But I'm just, I would think the AI can't do is create new ideas.

Ray Martin: That was his next point too. He said, you know, AI is constantly, always looking in the past, right? It's not going to be able to. He's writing a book on friendship. That's his next book that's coming out. AI is not going to be able to write that book. That's in his mind. It's not going to be able to reach through it into his head and produce what he's thinking, what his what his next book's going to be about. AI can do predict on the future and stuff like that, but it's constantly looking into the past for its information, at least in his world.

Phil Howard: the other thing that I heard someone say that was mind blowing and I totally skipped slipped my mind of who it was, but, it was talking about how it's it's an LLM so that it's in the definition itself. It's it's a language learning model. So it learns from language. But how many humans learn from body language or visual or audio or I guess it could learn from audio because it can listen, I guess until I don't know how much unless like AI is in my glasses and walking around and learning from everything that I visually see as well. And how, I mean, I guess maybe it is to some standpoint how often I mean, it's going to know from how quick you scroll things on media and stuff, but if you could actually get in your head and see everything that you look at and how you visualize it on a daily basis, that could be pretty wild. Someone's going to someone's got to be doing that. Put them in the, the lenses and the glasses and stuff like that.

Ray Martin: Yeah. It's going to be interesting. Like back to the software using Procore within their, their photo feature on the camera. It's going to start tagging up everything it sees within the camera for that into their safety. So it'll recognize that somebody's in there, their PPE, their protective equipment. is that an excavator on site? let's see a picture and say, okay, the guardrail is not up. That's a fall hazard. And then the AI is going to go through the tool and create observations and safety hazards and identify that and bring it into the safety engineer, into the superintendent and identify those right away just from somebody snapping a photo on the site. Like, those are really powerful tools for us. it's going to identify, team installs a window and there's a leak coming through the window. And they think it's a the product's bad. Well, somebody entered the daily log that day and it was pouring rain that day and silicone that day. Silicone when it's pouring rain. But they didn't pick up on that. But the I went through and found the daily log that day and issued that. Well, it's not a product defect, it's the silicone was that day. So like little things like that that we're not catching now AI is going to assist and enhance us. You know, moving forward I think those tools are really powerful.

Phil Howard: Some insurance underwriters like that's a good point. We're going to get to catch all these things. awesome. It's been a pleasure. Been a pleasure having you on the show. we could we could have continued that conversation forever. I was thinking about.

Ray Martin: Thank you for having.

Phil Howard: Me. Interior decoration and how we decorate houses and stuff like this. I mean, just you could just be like, hey, I like this, this and this and this, and it should be like, all right, go buy this product here. Go get this product here and go get this here and we'll whip it all together. I mean, there's gotta.

Ray Martin: Be at your door on Tuesday.

Phil Howard: Yeah. Ray, thank you so much. And, I guess the best for you. And no more ransomware attacks and only, AI adoption in the future at is the way to go in the best for you.

Ray Martin: I appreciate it, Phil. Thank you so much.