Startup Nation's Most Expensive Lesson - #0078, Giora Gil-Ad

Inside AI's New 'Build vs. Buy' Dilemma - #0079, Daniel Zahavi

Every boardroom in the world is having the same conversation right now. A vendor pitches an AI product. Someone on the executive team then asks the question that has become the most disruptive five words in enterprise software: “Can’t we just build it?” Increasingly, the answer appears to be yes. The barrier to generating a working prototype has collapsed. With the right prompt and an afternoon with plenty of coffee, a modest technical team can produce something that looks convincingly like the product they were just quoted six figures to buy. And so, the logic follows: why pay for what you can build yourself? Daniel Zahavi thinks this instinct represents the peak of the current AI hype cycle and that the correction will be painful for the companies that followed it. Born in Kermanshah, Iran, in 1985, he immigrated to Israel at the age of 15, studied electrical engineering at the Technion, and earned a doctorate in Information Theory, the mathematical field underpinning modern large language models. During IDF service, he held one of the highest security clearances in the military, working on projects touching the Prime Minister’s Office and the Intelligence Corps, before going on to develop drone interception systems and offensive cyber capabilities. He has now co-founded Arito, an AI analytics platform for finance and revenue teams, which raised $6 million in seed funding last month. When Zahavi talks about commercial survival, there is biographical weight behind it. His defense technology business was blocked from export by Israel’s own Defense Ministry: a working product that couldn’t reach its market. He knows what it costs to build something that turns out not to be deployable. That experience sharpens his read on the ‘Build vs. Buy’ trap now playing out in enterprise AI. “Right now we are at the very top of that hype cycle that everyone believes that they can build whatever they need themselves easily,” he told me. “The amount of people that know exactly what they need and what they want is not very high. The portion that knows exactly how to describe that in very high resolution so that you can actually get what you need is even lower.” Building anything genuinely useful with AI requires a clear understanding of the actual problem, and the ability to specify it with enough precision so that a model can act on it reliably. Most organizations have neither. They have a vague sense of the pain and a vocabulary borrowed from demos. But that produces impressive prototypes and disappointing production systems. But the main point is what happens after launch. “Writing the code is only the first part,” he added. “Maintenance is a way, way bigger part of creating it the first time. I’m not even talking about security and privacy. A lot of the actual challenge continues afterwards.” This is the consideration in the ‘Build vs. Buy’ debate that goes ignored. The prototype is cheap, but maintenance is not. And unlike a purchased product, where maintenance, iteration, and accountability belong to the vendor, the self-built version belongs to whoever built it, permanently. Finally, Zahavi frames this as the difference between tools that produce what he calls “one-off artifacts” and tools that compound value over time. Asking an LLM a question and getting an answer is a one-off artifact, easy to replicate, easy to replace. But to build a system that learns how a specific finance team defines its metrics, tracks how those definitions evolve across fiscal years, and surfaces anomalies against that institutional context in real time is something much harder to build in a weekend or ‘vibe-code’. “The only question that they need to ask themselves is: ‘Are they creating continuous long-term value for their customers and not just a one-off thing that can be solved easily?’ Because if it’s a one-off thing, then the chances of them being replaced by an AI prompt [are] very, very high.” The hype cycle will correct. For Zahavi, who has spent a career building things in environments that were actively trying to stop him, like war zones, military bureaucracy, or the Defense Ministry that blocked his exports, the question of what survives hostile conditions is not theoretical. You can watch the entire conversation above, or you can watch a snippet of this particular topic below: Get full access to The Spiro Circle at www.thespirocircle.com/subscribe [https://www.thespirocircle.com/subscribe?utm_medium=podcast&utm_campaign=CTA_4]

Startup Nation's Most Expensive Lesson - #0078, Giora Gil-Ad

Last week, I heard a number that should terrify every founder raising a Series A. Between 50% and 60% of Israeli tech startups that reach round A never make it to round B. Think of it: You’ve pitched, hustled, and convinced initial investors that your idea is worth betting on… yet statistically, you’re more likely to flame out before the next round than not. The reasons are messier than most founders want to admit. It’s not always the product or market. A lot of the time, it comes down to one hire. The first real sales leader you bring in to crack the US market. Get it right, and you’re soaring your company to new levels. But get it wrong, and you’ll be burning through runway while pretending everything is still fine. This week on The Spiro Circle, I spoke with Giora Gil-Ad about the most dangerous (and weirdly emotional) hire in Startup Nation - the first serious US sales executive. That’s exactly the world he operates in. As the founder of CQ Global, Giora specialises in one very specific, very high-stakes moment in a company’s life: finding the sales exec who will either unlock the US market or become a very expensive lesson. In our conversation, Giora puts the cost of a wrong VP hire at somewhere between $1.5 and $2 million, once you account for the salary, the team members who follow them out the door, the deals that slipped through the cracks, and the months of momentum lost. But the money is almost the easy part to quantify. What’s harder to measure is the founder who starts second-guessing themselves. The team morale evaporates, or investors start asking harder questions. A bad hire can cost confidence, and in the early startup space, confidence is everything. So what does getting it right actually look like? According to Giora, it starts with founders being honest about what they actually need, and accounting for cultural, business, and personal needs along the way. You can learn more about this whole area in the episode above. Get full access to The Spiro Circle at www.thespirocircle.com/subscribe [https://www.thespirocircle.com/subscribe?utm_medium=podcast&utm_campaign=CTA_4]

The Clock Is Ticking on Encryption - #0077, Itamar Sivan

I’ll be honest: I entered into this most recent conversation for The Spiro Circle knowing almost nothing about quantum computing. I said as much to my guest, Itamar Sivan, co-founder and CEO of Quantum Machines, before we even started recording. That’s alright - most people don’t really understand it, he told me. Even scientists used to laugh at the idea that quantum computing would ever be commercially viable. But then, about halfway through our conversation, he said something that piqued my curiosity and made me put down my notes. The threat isn’t that quantum computers will simply ‘make things faster’. It’s that they’ll make things possible that are currently impossible. And one of those things is breaking the encryption that protects everything - and keeping cryptographers up at night. He cited potential examples as banks, messages, the NSA, and Bitcoin. “Quantum computers are not interesting because they’re going to take problems we solve today and solve them faster,” Sivan told me. “But rather they will take problems today we deem as impossible and make them possible.” The mechanism is an algorithm called Shor’s algorithm, [https://en.wikipedia.org/wiki/Shor%27s_algorithm] which can factorize enormous numbers at speeds no classical computer could approach. Modern encryption is built on the assumption that factorizing very large numbers is effectively unsolvable. But by taking away that assumption, the entire architecture collapses. “Something that would take a hundred thousand years might be solvable at the scale of minutes,” he told me. Quantum Machines (QM) is a Tel Aviv-based company that has raised $280 million to build the orchestration layer running quantum processors. Founded in 2018, customers include academia, national labs, and the private sector. What struck me was that he raised this before it exploded as a mainstream story. At the time of our recording, he flagged that a newly published paper [https://decrypt.co/resources/what-q-day-quantum-threat-bitcoin-explained]suggested quantum computers would need far fewer qubits to break encryption than previously thought. “We’re still digesting it. If they’re right, we’re going to see some big changes in the world in a few years.” And almost as an aside: “One of the claims is that it will be able to break the underlying encryption used for Bitcoin. Just that itself could be a big impact.” Research published between May 2025 and March 2026 [https://thequantuminsider.com/2026/04/28/why-2026-matters-quantum-security/]shows that breaking widely used cryptographic systems may require far fewer quantum bits than previously thought. Estimates dropped from around 20 million physical qubits in 2019 to under one million by 2025. Papers from Caltech and Google in early 2026 prompted one Bitcoin security researcher to estimate a 10% chance that a quantum computer recovers a Bitcoin private key from an exposed public key by 2032 [https://decrypt.co/362856/google-quantum-paper-boosts-odds-of-bitcoin-q-day-by-2032-researchers-warn]. In April 2026, a researcher successfully broke a 15-bit elliptic curve cryptography key using publicly accessible quantum hardware — a 512-fold improvement over the previous public demonstration just months earlier. Google has already set a 2029 deadline [https://www.coindesk.com/tech/2026/03/28/here-s-how-bitcoin-ethereum-and-other-networks-are-preparing-for-the-looming-quantum-threat] to migrate its own authentication services to post-quantum cryptography. The so-called “harvest now, decrypt later” threat (adversaries collecting encrypted data today, waiting for quantum capability to mature before cracking it) means the clock is ticking, even though many still believe their things will be protected for many more years. Sivan’s broader point, the one I kept coming back to, is that quantum won’t replace the computing infrastructure we’ve built - but instead plug into it. It means the vulnerabilities we’ve built into that infrastructure travel with us. “Not a question of if,” he told me as we finished. “A question of when.” I didn’t know much about quantum computing before this conversation. But I think I know enough now to think that answer should concern all of us! Watch a 5-minute preview of our conversation on this topic, here: Get full access to The Spiro Circle at www.thespirocircle.com/subscribe [https://www.thespirocircle.com/subscribe?utm_medium=podcast&utm_campaign=CTA_4]

The Future of Cybersecurity May Look Like Swarms of AI Hackers - #0076, Shahar Peled

Imagine the scene: A developer at a large financial institution merged a routine code update. Nothing alarming yet, just a minor change that, on its own, meant little. But Terra Security’s AI agents were watching. AI agents flagged the change, verified a potential vulnerability, and then did something a human penetration tester probably wouldn’t have done. They kept looking. Eventually, they found two more vulnerabilities nearby, each individually insignificant. But they spotted a pattern and connected all three together. “1+1+1 = 1,000,” said Shahar Peled, co-founder and CEO of Terra Security. The result was a Remote Code Execution (RCE), a cybersecurity vulnerability that allows an attacker to run malicious code on a target system or server from a remote location. It is considered one of the most critical vulnerability classifications of its type. The customer found out from their vendor, not from an adversary. Founded in 2024, the Tel Aviv and New York-based startup has raised $38 million across a rapid Seed and Series A, and counts Fortune 100 enterprises among its customers. Its core product is an agentic offensive security platform where swarms of AI agents are trained to think and act like “ethical hackers”, running continuously across a company’s attack surface. The traditional model of penetration testing (hiring an external team once or twice a year to probe for weaknesses) was never designed to catch what Terra caught in that unnamed financial institution. “Until 2025, it happened on an annual basis mostly,” Peled explained. “Once a year, you hire someone externally to work for a week or two weeks... The reason you couldn’t do it continuously is that you couldn’t really train software to hard-code how adversaries think and act.” But AI has changed all that. Terra Security’s agents scan for known vulnerabilities and simulate the reasoning of an attacker, chaining together findings and verifying whether a vulnerability is actually exploitable rather than merely theoretical. But Peled is careful not to overclaim, and beat me to my own next question. “Are AI agents today better than any ethical hacker in the world? They’re not,” he said. “They don’t yet possess the creativity of the best ethical hackers. But they can be more scalable than anyone in the world. They can run continuously. They never sleep. They’re already better than the vast majority of ethical hackers in the world.” With AI, there are no longer cyberattackers who wait for annual review windows. Adversaries now use tech to find entry points faster, adapt in real time, and strike before defenders can patch. A point-in-time test is, by definition, already outdated the moment it concludes. Terra’s idea is that continuous, AI-driven offensive security is the only architecture that matches the pace of modern attacks. The chained vulnerability Peled mentioned in our conversation was only catchable because an agent was watching the moment the code changed - and not six months later, when a consultant finally showed up. “I still see too many organizations that say, ‘Okay, now we have AI in offensive security’,” he concluded, and as a slight warning to CISOs still budgeting for annual pen tests. “[They say] ‘I want to do the same thing I’ve done before, just faster, better, cheaper’. And that scares me.” Get full access to The Spiro Circle at www.thespirocircle.com/subscribe [https://www.thespirocircle.com/subscribe?utm_medium=podcast&utm_campaign=CTA_4]

Employees Are Leaking Corporate Secrets Through ChatGPT - #0075, Itamar Golan

There’s a new security risk out there, and it’s come to be known as The Shadow AI Problem. It suggests that the next major corporate data breach may not come from a sophisticated nation-state actor or a phishing campaign, but rather from an employee asking an AI chatbot to read or summarize sensitive company data. That’s the reality Itamar Golan has spent the last two years building a company around. As co-founder and CEO of Prompt Security (acquired by SentinelOne earlier this year for $250 million), he has become one of the voices warning of the gap between how fast enterprises are adopting AI and how little they understand about where their data is going. According to him, most CISOs focus on traditional attack vectors, but the real risk is employees pasting IP addresses into unauthorized tools. Prompt Security’s platform now detects nearly 20,000 distinct AI applications operating across enterprise environments. Golan clarified that the figure isn’t plugins or product variants, but 20,000 separate entities. “Today, essentially almost any SaaS application, website, native application running on your endpoint… we are converging towards a landscape where any one of those will be an AI application by itself,” he told me. The Spiro Circle is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. The visibility problem is one thing, but the training problem is another. Prompt Security’s research found that roughly 40% of AI applications [https://prompt.security/blog/smarter-ai-security-true-risk-management-goes-beyond-blocking-ai], when surveyed at the configuration level, are set by default to train on the data they receive. “Not only has confidential data leaked out of your organization,” Golan explained, “it’s now potentially becoming part of the model’s brain.” Details like corporate strategy, personnel data, or legal documents will be available for everyone to see - and there is no obvious retrieval mechanism once embedded in a model’s training run. The sectors most exposed are also the typically traditional ones that are now moving fastest to catch up: Financial services, insurance, and legal firms are adopting AI precisely because it performs exceptionally well on their core workflows. “They find themselves in this very tricky situation,” he told me. “On the one hand, they are adopting AI the fastest, and the potential gain is immense, but the risk of making a mistake is so big as well.” It is a distinctly Israeli problem to be working on. Golan mentioned that when he surveyed the security stacks of Fortune 500 CISOs while building Prompt, he found that around 60% of the tools on their lists were built by Israeli companies. Startup Nation has given the world Check Point, CyberArk (acquired by Palo Alto Networks), and Wiz (acquired by Google). Now, Prompt Security, as part of SentinelOne, is trying to secure the AI layer that sits above all of them. “We cannot stay blind,” Golan concluded. “We must admit that our employees are using hundreds or thousands of AI applications. A big portion of those are able to train on the data we are sharing with them.” Acknowledging that reality, he argues, is the first step to acting on it. Get full access to The Spiro Circle at www.thespirocircle.com/subscribe [https://www.thespirocircle.com/subscribe?utm_medium=podcast&utm_campaign=CTA_4]