Misinformation Wars: The Executive Playbook for Crisis Comms with Tom Wentworth
Description
How can lessons from cybersecurity lead to revelations about communicating under pressure? Join Staffbase SVP & GM David Maffei as he sits down with Tom Wentworth, CMO at incident.io, to unpack the biggest challenges leaders face in modern crisis communications. In this high-stakes episode, they explore why fear is the #1 silent killer in leadership communication, how executives can own the narrative during a crisis, and the cybersecurity lessons every business must learn to protect their reputation.
With firsthand insights from the CrowdStrike crisis, Boeing’s PR disaster, and AI’s growing role in corporate risk, Tom shares why clarity beats complexity and how the right communication strategy can save your brand from catastrophe. Whether you’re a CXO, marketer, or crisis manager, this conversation is packed with actionable takeaways on building trust, preventing misinformation, and using AI to stay ahead of threats. Tune in now and discover how to lead with confidence when the stakes are high.
==========
Selected People, Places & Things Mentioned:
- incident.io
- MasterCard and Recorded Future deal
- Recorded Future
- MasterCard
- Cold Plunging
- Boeing 737 MAX Crisis
- CrowdStrike
- CrowdStrike outage explained
- Heathrow Airport
- George Kurtz
- Delta Air Lines
- McAfee
- Log4j Cybersecurity Incident
- Elon Musk
- Tim Cook
- OpenAI
- DeepSeek AI Model
- NVIDIA H100 Chips
- PagerDuty
- Cursor AI
==========
Follow the hosts and guests:
David Maffei: https://www.linkedin.com/in/davidmaffei/
Tom Wentworth: https://www.linkedin.com/in/twentworth/
Join the You’ve Got Comms newsletter: https://insights.staffbase.com/join-the-comms-club
Follow Staffbase:
LinkedIn: https://www.linkedin.com/company/staffbase/mycompany/
YouTube: https://www.youtube.com/c/Staffbase
About Staffbase:
Staffbase is the fastest-growing, most experienced employee communications platform provider for enterprise companies seeking to inspire diverse, disconnected, and distributed workforces. Staffbase is on a mission to empower communicators worldwide with a platform that equips companies aspiring to reach every employee with communication that inspires them to work together to achieve business outcomes.
Headquartered in Chemnitz, Germany, Staffbase has offices worldwide, including Berlin, London, New York City, Sydney, and Vancouver.
Learn more at staffbase.com.
Transcript
David Maffei: Hi, and welcome to a brand new Aspire to Inspire Podcast episode. My name is Dave Maffei, and I’m the SVP and GM for the Americas at Staffbase. Today, I’m joined by Tom Wentworth, a seasoned marketing and cybersecurity leader who has spent his career tackling high-stakes challenges in the security-conscious industries. As Chief Marketing Officer at Recorded Future, the world’s largest threat intelligence company, Tom helped scale the brand through the rapid growth and led to a $2.65 billion acquisition by MasterCard. Now as the CMO at incident.io, he’s focused on helping organizations manage crises in real time before they spiral into chaos.
In this episode of the podcast, we’ll discuss fear as a barrier to communication and why leaders struggle to be transparent when the stakes are high. We’ll talk about what every executive communicator must understand about cyber threats and corporate risk today and into the future. And we’ll talk about the crisis playbook for managing communications in moments of uncertainty. Tom, thanks so much for joining me today.
Tom Wentworth: Thanks, Dave. What a great introduction.
David Maffei: Now, before we get into the juicy topics, I know you are a fellow cold plunger. So I’m going to ask you, I know it’s only about 10 degrees Fahrenheit out and there’s snow on the ground, but did you start your daily routine today with a cold plunge?
Tom Wentworth: Yes, and to be very clear, you were the one that forced me into cold plunging. It was not a decision I made by myself. But, yeah, this morning I spent 2 hours and 30 seconds at 47 degrees. And to be very candid, I hate every second of it, but I only do it because I don’t want to give you the satisfaction of knowing that you’re a better cold plunger than I am.
David Maffei: Tom’s an exaggerator. He did not spend two hours.
Tom Wentworth: Oh, sorry. 2 minutes and 30 seconds.
David Maffei: He would have died. I was slightly higher. I was at 50 degrees this morning, but I went for 5 minutes. So I’m not sure which one of us is on top, but I feel good about us starting our day with a cold plunge. And now we’ll dive into the juiciness of talking about cybersecurity and the impact that communication can have on that. So I guess where we can start is, obviously you led marketing at Recorded Future during a period of massive growth. And after working in the cybersecurity and crisis management world, where fear and uncertainty are constant, I guess talk to the audience about what you’ve learned about how fear impacts leadership communication.
Tom Wentworth: Yeah, I think fear is one of the biggest silent blockers in leadership communication. When leaders are afraid, whether it’s fear of backlash, looking ignorant, or not being liked, they hold back from saying what needs to be said. I think especially in high-stakes environments, and you named a couple, cybersecurity incidents are high stake, site reliability incidents, and my current world at incident.io. are high stake. That leads to dangerous silence. Nothing kills communication faster than inappropriate silence. Warnings go unspoken. Critical feedback remains unsaid to leader, worries about the reaction.
I think overcoming this starts with acknowledging the fear. It’s okay to be afraid. I’ve been in those situations. I know you’ve been in those situations. The best leaders that I’ve worked with admit when a situation’s tough, when they don’t have all the answers. And I think honesty builds credibility. So rather than letting fear shut down communication, use it as a signal to prepare, use fear with a purpose, and focus on the importance of the message rather than the discomfort of delivering it.
David Maffei: I think that makes a lot of sense. And obviously, there’s different levels of executives across the different types of industries that serve customers. And I guess if you had to put a pin on like the number one mistake that C-level executives make when they think about communicating risk to their employees or to their customers, where would you put that pin? How would you think about that?
Tom Wentworth: Yeah, I’ve got a few. I think the first one is waiting too long to respond. When executives play ostrich or bury their head in the sand, hoping an issue will go away and it doesn’t, I think silence breeds speculation. If you don’t speak up quickly, the narrative will get written for you. Obviously, your job as a leader is to control the narrative. So you’ve got to respond quickly. I think you’ve got to respond clearly. When you overload communication with data and jargon, audiences are going to get confused. It’s appealing to say, “For all these very technical reasons, here’s why something bad happened,” but that’s not the style of communication I think that works.
I think stakeholders want clarity, not an information dump. I think people who fail to acknowledge emotions, we talked about this, risk creates fear, uncertainty, and often anger. So a rational explanation without empathy will often fall flat. Leaders should acknowledge the human side of it before pivoting directly to the solution. And then lastly, I think inconsistent messaging. If employees hear one thing, customers hear another, you lose credibility. I think you’ve got to align internally first, something I know you care deeply about at Staffbase, then figure out how to tell the story externally.
A great example of what not to do, remember Boeing 737 Max crisis? That was probably something that could have been handled better. They were slow to acknowledge fault. They were defensive in the messaging. And I think that eroded trust that still has hurt Boeing to this day.
David Maffei: No, without question. And a brand in the example of Boeing that you could argue was one of the untouchable brands, right?
Tom Wentworth: 100%.
David Maffei: A brand that led consumers to feel trust and to feel like it’s a brand that everyone knew and felt comfortable with and it can be eroded very quickly.
Tom Wentworth: Yes, you and I both fly a lot. And I’ll be honest, if I have a choice on a plane, I’m going to fly an Airbus over a Boeing. And I think a lot goes back to the brand damage that occurred as a result of that poor communication.
David Maffei: Yeah and I think this leads us into — when you think about obviously the world that you have lived in and continue to live in, cybersecurity is this nearly ten trillion dollar issue in the world today. But beyond cyber threats, every company, every enterprise out there is facing these internal crises, whether it’s layoffs or transformations or cultural shifts or economic uncertainty. What communication lessons from cybersecurity would you say apply to broader business crises of which candidly, over the last five years, there’s been a lot of?
Tom Wentworth: Yeah, there are some things that we’ve done in cybersecurity that are directly applicable to crisis communication at large. The biggest one is being prepared. In cybersecurity, there’s this concept of tabletop exercises, which are essentially simulations of something bad happening, a breach, ransomware attack. So these tabletop exercises essentially provide a real day in the life simulation of when something terrible happens through how are we going to resolve the incident? How do we communicate about the incident? How do we notify stakeholders about the incident? So being super prepared.
I think everybody should run tabletop exercises, whether to your point, it’s a PR issue, it’s a layoff, it’s getting hit by ransomware, supply chain failure, prepare for it. Run a tabletop exercise, run a simulation, go all the way through, other than just pushing the button on hitting send to an email database or pushing send on a press release, get all the way to the end state. That’s going to help you be much more prepared for the inevitable happening. I think you’ve got to go be able to communicate clearly and frequently. In cyber incidents, it’s super easy to have jargon heavy messaging.
You can get into multiple levels of depth about this nation/state use this malware, running this exploit, targeting these types of organizations. No one cares. As we talked about earlier, clarity beats complexity. There are people that need to hear about the specific details, but communication should be focused on clarity. I think you want to have regular factual updates to prevent misinformation. It is incredibly easy for incidents to spiral out of control when the narrative isn’t communicated properly. So I think regular updates is super valuable. In the case of my current world at incident.io, where we help companies resolve cybersecurity incidents but we also help them manage site reliability issues like site goes down, site is slow.
The same thing. A big part of managing any type of incident is just regular factual updates. You don’t need to spend, you don’t need to sell, you don’t need to market. And doing that consistency builds a lot of trust. And I think you’ve got to own the narrative early. I’ll talk about an example of a company that does really well in a second. But if you don’t tell your story, someone is going to tell your story for you. You should be, as a leader, proactive in framing what happened and what’s being done about it. Just again, every second matters in an incident.
David Maffei: Yes, I couldn’t agree with you more. And I know you and I have talked about this a lot over the years. I think there’s this natural inclination with leaders who have trouble with communicating to want to stay in the shadows or are so fearful of where that fear will take them. But the longer you let that play out and the longer you stay in the shadows, the worse it gets on every level, every time without question.
Tom Wentworth: 100%.
David Maffei: We talked a minute ago about the impact that Boeing had on the way that you think about flying the broader market, the communication failures and the connectivity between that, and cybersecurity and that and just overarching communication downfalls. I’d love if you give me an example of the way a leader communicating so poorly internally at a business can make things worse. Give me an example of thinking about how C-suite isn’t communicating externally but to their own workforce and how having the erosion of that trust and the lack of communication internally can be just as negative as what we just talked about with Boeing externally.
Tom Wentworth: I’m going to give you an example of some good and some bad. Maybe the biggest cybersecurity incident — I’m going to ask you, what’s the biggest cybersecurity incident ever?
David Maffei: Jeez, I don’t know. You tell me. I’m not sure.
Tom Wentworth: CrowdStrike, July, 2023. Right?
David Maffei: Yes. Correct.
Tom Wentworth: So CrowdStrike, very widely deployed cybersecurity giant, former competitor of mine, had a major global outage. I was in London at the time in Heathrow. I get on a plane — I’m on a plane from Sweden connecting back to Boston. I land in Heathrow and it is absolute chaos. Everything is down. CrowdStrike’s agent have crashed. So everything from being able to check into flights to the flight departure and arrival information is just gone. So this was a moment of crisis, probably like no company has ever experienced before. This took down airline, banks, hospitals, more.
And I’m really impressed with George Kurtz, the CEO, how he handled this crisis. It was a masterclass, in my opinion, in crisis communication. So George became the face of this. He didn’t delegate this to somebody else. George stepped into it immediately. He immediately clarified that this was a software bug and not a cyber attack. That was super critical because had this been a cyber attack, that would have potentially sent a pretty terrifying message to the world that the world’s largest cybersecurity company itself isn’t immune from cyber attacks. So that prevented unnecessary panic.
George provided regular updates as the fix rolled out. He communicated the status to stakeholders. He did it across every channel from major media. George was on television, he was on news networks, but he was also communicating out via email and on social media. So in face of this massive issue, probably the biggest outage ever, George did lots of things right. I think George could have improved a couple of things. Initially, he talked about solutions and what they were doing to resolve the said incident, but he didn’t apologize.
And if you’re somebody — I remember famously, I think Delta Air Lines was a big CrowdStrike customer and they had to go on to every single terminal and patch it. They were going into everything in an airport and having to go upgrade the software, thousands of devices. Just a tremendous amount of 24/7 work forever. Maybe say sorry, George, like, “Hey, sorry about that.” So I think while he did acknowledge the disruption, maybe could have apologized a little bit more quickly. And I think also having a little bit more empathy for the customers, CrowdStrike has a huge footprint. Almost every organization uses CrowdStrike. I think they could have had a little bit more empathy to the customers who are dealing with, like we just talked about.
So I think CrowdStrike, in the grand scheme of things, did a fantastic job and should be the model for what all organizations do. Immediate communication, CEO as the face of the incident, regular factual updates, but maybe just a little bit more empathy.
David Maffei: Yeah, no, makes sense. I think that’s one of those days that probably everyone remembers where they were.
Tom Wentworth: You think about we were — I don’t own CrowdStrike stock, so I can’t comment on this, but I was assuming this stock was going to crater and it was going to be this incident that would stick with CrowdStrike forever. Back to the Boeing example, I think the way the communication was handled gave investors lots of confidence. It was a dip on their stock price, but CrowdStrike has clearly recovered. Contrast that with Boeing that still feels the impacts of its poor crisis communication. I think from a public company perspective, do this wrong, there are massive financial consequences, do it right, maybe you can mitigate those.
David Maffei: I think out in the market, I think you’ve seen if you turn the focus inward, I think you’ve seen, the amount of turnover that’s happened with organizations like Boeing who have had these incidents and have then not handled them correctly, it puts a little bit of a stain. There’s something about accountability and ownership that I think people that work for a large enterprise want to be able to say, “I’m a little bit proud about the fact that, yes, we had a problem. Maybe I was part of this problem, but we owned it and we fixed it.”
And I think that when you look at what’s the sort of fallout or the post-sort of aftermath with CrowdStrike, you haven’t seen a lot of that. They haven’t laid off a bunch of people. There hasn’t been this massive turnover. To your point, the stock’s recovered. And so you saw that communication played a pretty significant role in not only averting the crisis, but actually allowing them to recover maybe in a stronger way than before. This was the biggest issue in potentially cybersecurity history and they came back in less than a few months better than they were before, compared and contrasted with other things historically, it’s almost shocking. Really, really, really good point.
Tom Wentworth: It happened one time before, a company called McAfee, the first generation of sensors on devices had a similar issue. Ironically, George Kurtz also worked at McAfee when that happened and was responsible for the communication. I think it was the biggest incident in IT history, not just cybersecurity history. And yeah, I think the communication — there were every vendor that CrowdStrike competed with. There’s this notion of what we think of as ambulance chasing in cybersecurity. When something bad happens, every salesperson and every competitor calls that company and says, “Hey, I see you’re using CrowdStrike. You are down. I can sell you a better version.”
It’s a terrible thing to do, by the way. And the way that CrowdStrike handled it, I think, made them relatively immune to that type of ambulance chasing. Again, communication is such an underrated financial instrument, I guess. The types of things that you can provide a Staffbase, being proactive in communication can have significant bottom-line impact.
David Maffei: Yeah, and one of the other things, and this, whether it’s six times or eight times, it’s fairly well documented that misinformation spreads six to eight times faster than truth. And when you’re in a crisis situation, from your perspective, how can leaders, how do they ensure that their employees, their customers, their stakeholders, their shareholders, everyone that’s involved, how do they hear the right message first when we live in this time where a lot of the first messages we hear basically about everything, from what we hear on the news to what I hear from my 14-year-old son, the first message is often not actually the right message? How do you control that in a business like incident.io or in your historical businesses?
Tom Wentworth: Yeah, I think you’ve got to flood the world with real-time accurate information. I think, again, this is what George Kurtz did very successfully. It would have been incredibly easy for the CrowdStrike incident to be positioned as a cybersecurity hack. North Korea, Russia, Iran, China took them down. But by being fast, even when all the information wasn’t available, putting out a statement, providing, or promising regular updates through all the different channels that you have. I think you have to be where your audience is. So social media is probably the most real time, but also dangerous channel, as you know, for obvious reasons.
If misinformation is spreading on social media, you’ve got to engage there. You can’t just, “Issue the press release” and wipe your hands and I’m done with it. You have to be on there counteracting misinformation through official channels, whether it’s through George himself or through the CrowdStrike X handle, addressing potential misinformation. I think employees need to hear the comms first. So I think that it’s also really important to have a way to communicate to internal stakeholders. Again, something we think about at incident.io often, it’s not just about external communication, it’s rallying internal people.
Not everybody has to have incidents of the scale of CrowdStrike, but if your site goes down and it’s impacting 100 customers, I want my account managers and salespeople to know that, “Hey, your 100 customers were impacted. You should be proactive in reaching out to see how we can help.” It’s something that we believe pretty strongly in at incident.io. So make sure you nail the internal comms first, make sure you’re where your customers are, regardless of those channels, and make sure you’ve got a plan for providing regular factual updates.
One of the simple things in my world are status pages. So we have status pages that as incidents happen, whether they’re severe or minor, we make it really easy to communicate factual updates through these status pages so organizations can be able to transparently communicate with their stakeholders. Very simple thing, very powerful thing, but it’s those types of updates that I think prevent brands from being destroyed. I think another cybersecurity vulnerability that was pretty successful is Log4j was another big one, one of the top sort of 10 ones of all time. And I think that one could have very clearly gone wrong direction, lots of factual communication rescued that from being potentially way worse than it was.
David Maffei: No, no. Super helpful. Let’s pivot a little. I want to pull on the marketing threads of your career. One of the things in the, now close to 20 years that I’ve known you that I think you probably do better than most is storytell. You’re an incredible storyteller. I want to talk about how storytelling operates in this world that we live in and that you live in terms of thinking about how persuasion and inspiration can operate in this world of uncertainty. Obviously, you’ve led marketing organizations in these deeply technical industries back in your Interwoven days, all the way now to where you sit at incident.io where these companies often rely on facts and statistics and product features and demos.
Tell me, why do facts alone fail to inspire action when you’re talking about technology and when you’re talking about moving things forward?
Tom Wentworth: I think people want to understand the why. I think facts don’t often convey the why. I think facts are super important. So I think you have to have — back to the CrowdStrike, pick whatever your favorite example is. I don’t think you want to have any sort of speculation from a comms perspective. If a situation is evolving, which they almost always are, sticking to facts first just helps make sure that people aren’t taking the worst possible — they’re not expanding it to the worst possible case, hypotheticals, that’s super important. Being able to say things clearly like, “Hey, we’re looking at this and we’re going to have an update for you in four hours,” and then being held accountable to the four hours is super important.
But the narrative after, what rescued CrowdStrike was, George’s communication during the incident was all the things we talked about. It was factual, it was regular, it was consistent across every channel. But afterwards, it was the storytelling of how are we going to change as a company that wasn’t the factual part that helped CrowdStrike earn its continued trust. I think of it as trust equity. It took CrowdStrike 10, 15 years to build up trust equity. Your brand is trust, especially in cybersecurity. And that can erode instantly. So the storytelling makes some sense to me after you get through the incident. And the storytelling has helped what? Helps convince people to not dismiss that trust equity you’ve built up over months, years, decades, et cetera.
So I think the time for storytelling isn’t during an incident. The time for storytelling is the lessons that we’ve learned that are going to help us get better in the future. You’re never going to eliminate cybersecurity or site reliability incident, that’s not a thing. No one should try to optimize for that, it’s not possible. But what you can do is consistently get better at how you communicate incidents and then how you evolve and learn from incidents over time. That’s where marketing and storytelling comes in.
David Maffei: Yeah, it’s fascinating. And in this world of marketing and storytelling, you’re telling these stories internally to rally the troops and get your workforce behind the message and the inspiration and the drive of what you want to commit to your external customers and to your external story. Then you’re delivering that externally and then all the extra groups around. Whether it’s investors or shareholders or alumni or whatever it is, there’s so many different avenues and places that you can go. How do you, as an expert storyteller, which you are, how do you think about helping leaders or how should leaders think about training themselves to be better storytellers?
Especially those leaders who may not be naturally good communicators or naturally good at storytelling. What do you say to a marketing person who’s a really good operational marketer and the difference and the glass ceiling for them to break through is to become a really good storyteller? What do you say to that person?
Tom Wentworth: First of all, I’m not sure if calling me a good storyteller is a compliment or not. I’ll take it as one. It could also mean I’m a good BSer, I guess, but I’ll take your intentions as positive. I think there are three things. I think it’s a skill that can be developed. Not every — George Kurtz at CrowdStrike was a technical guy. He had to be taught how to do this. So it’s live crisis drills, simulating real scenarios. Every organization should plan for the worst, whether it’s a cybersecurity incident or liability incident, what happens when something really bad happens, go through an end-to-end exercise.
Figure out all the different touchpoints, all the different stakeholders, all the different channels, and make sure that you role play every single one of those. So I think it’s something that has to be practiced. I think getting media training for executives, you can tell which executives have gone for media training and which ones haven’t. Elon Musk has not gone through media training, but someone like Tim Cook or George Kurtz has very clearly gone through media training. There are some fundamentals of communication that media training will just prepare you for that can’t be faked.
So I think it’s really important to put execs through media training. If you’re going to put them as the face of a crisis, give them some tooling to be able to do that. Essentially, the key part behind media training is just not to go off the script. And I think you can see what happens when people do and don’t go on the script all the time. And then I think having feedback loops. So as you are preparing for crisis comms, I think you have to have opportunities to refine the messaging. I don’t think you can have too many people involved. Crisis comms can’t be something where you democratize the comms across everybody, but it is something that does require some feedback loops. So I think it’s good to have a team of people that you as an executive can rely on for candid feedback to make sure what you put out to the world is going to meet your expectations.
David Maffei: And I also think, and I’m curious if you agree with this, there’s also the humane side of this too. Because you can go through all this training, which I completely agree with you on, and you can take all the sort of God-given talents you have for being able to public speak and combine that with the training and the coaching, but people have to also feel a sense of genuineness in terms of what you’re delivering, because whether it’s employees or it’s people publicly on social media, at a conference, if it comes off as too trained or too corporate or too rehearsed, the authenticity of the message you’re delivering, I think starts to get diluted, right?
Tom Wentworth: I think it’s better — if I were to err on one side, I would err slightly towards being a little bit more stick to the script than being human. I think the best leaders can pull off both. I think Tim Cook of Apple is somebody who very rarely goes off script, but still can come across as a human being. I think where companies get into trouble is where you wing it, where you haven’t been prepared, where you tell a reporter or someone in the media — that’s really where you see these spiral out of control, where you drop some sort of soundbite that is not the soundbite that you had rehearsed for because you tried to improvise something in real time to come across as a human. There are significant dangers there, especially if you’re at a public company where there are serious consequences.
So I would lean towards being more conservative, but I think that if you can pull off both, what are — I think again, CrowdStrike did a great job with this. That’s the best way to mitigate damage from crisis.
David Maffei: Great, great. Really, really good intel. All right. One of the things that I think is also important for us to discuss, and you and I have had a lot of discussions over the last couple of years about this, is just as we look forward, the future and artificial intelligence, and what does that mean in the world of cybersecurity and this next era of corporate risk and how all of that comes together. Obviously, AI is starting to, or has begun, or is transforming so many areas of this world right now, cybersecurity being one of them, incident response being one of them, marketing certainly being one of them. Where do you see the biggest opportunities? Where do you see the biggest risks now into the future? The future meaning like next week, the future meaning a year from now. What do you see when you take AI and you lay it across this world that you live in today?
Tom Wentworth: Yeah, I think the answer is there are great opportunities and great challenges. From a cybersecurity perspective, every threat actor in every country, and there are a few countries that are notorious for, Russia as an example, there are very little negative consequences for a threat actor in Russia. The government doesn’t come down on them, so they are encouraged, whether directly or indirectly, to do what they do. AI has helped threat actors in Russia, in China, and North Korea execute their attacks faster. They can build exploits faster. They can identify targets faster. So it has significantly helped them run campaigns.
On the other side, of course, AI has helped the defenders be able to better respond and predict those attacks. So in cybersecurity, you will not find a vendor that is not trying to figure out how AI can help them process more information faster to respond. So it’s this constant cat-and-mouse game. In my world of incident response, the great thing about AI is it lets you look at massive data sets. You can never eliminate incidents, but if you can identify incidents faster, respond faster, respond more intelligently, huge value there. So being able to look at these large data sets and maybe not play the role of a site reliability engineer where the AI is taking — it’s a humanoid thing.
It’s the idea that a person with AI is a better site reliability engineer is something that we are driving towards an incident.io. and I think every day we get closer to that vision. So there are tremendous opportunities with AI. I think the problem is going to be that it’s going to enable the good guys and the bad guys, and it’s just going to make the stakes even higher. I worry a lot about, especially from a cybersecurity perspective, the tooling — the person who owns the best model is going to win. And will that be a nation-state? Will that be a threat actor? Will that be a private organization like OpenAI? We’ll see. But as we saw from China a couple of weeks ago with their DeepSeek model, nation-states want to own these capabilities for sure.
David Maffei: Yeah, I mean it seems like every day we look at the news and there’s more and more new things to process and think about. If you have your crystal ball and you think about the biggest business risk that exists for companies like Staffbase or companies like incident.io, or even companies like Recorded Future in 2025, what do you think that is? You look into the crystal ball, what does that look like?
Tom Wentworth: Yeah, I think right now we’re in the early days still. I think we’re finding the right places to insert AI into our businesses. There are some very obvious use cases. We have a co-pilot at incident.io that’ll sit on every incident call with you and pull out key facts, key next steps, just summarize everything you’re talking about in the context of an incident so that now you just have eliminated a bunch of manual work. That’s a very valuable use case we can deliver to our customers. I think people like you and I, sellers, engineers, marketers, should all be finding ways to inject AI into our day-to-day workflows. I think the people that aren’t embracing AI aggressively are going to be left behind at this point. I think that’s just the reality of the world that we live in.
So I certainly encourage myself and my team to be early adopters. And I think that’s a mentality shift that has to happen across business. I think the business risk is an organization who is really good at adopting new AI technologies can move faster than one that isn’t. I think the stakes are higher. Look at DeepSeek versus Meta. Meta has spent $80 billion on NVIDIA H100 chips. DeepSeek has apparently spent $6 million on training. Even some of the most well-capitalized companies in the world can be put at risk, like that is a huge change. Seems pretty significant to me.
David Maffei: Yes, without question. Your point around people like us and others embracing AI in our day-to-day, I think is very relevant and it’s very real. It seems to me in my day-to-day, I am continuing to run into people who are either unaware or afraid of introducing AI into their day-to-day. And they tend to be people who are still of the mindset that AI is here to take their job, as opposed to being here to allow them to do their job more efficiently. I’m just curious your thoughts on that, which I’m sure you have plenty.
Tom Wentworth: What do you think? Let’s start with you. I want to hear your take.
David Maffei: I had a very interesting conversation with someone about six months ago. Someone six months ago said that the really productive workers in their workforce, they wanted to empower with AI because it would take someone who was working 40 or 50 hours a week, and they would continue to work 40 to 50 hours a week, and they would produce 60, 70, 80 hours worth of work. And they said that that was the sort of glass-half-full perspective. The glass-half-empty perspective is the people that are pretending to work 40 to 50 hours a week, but they’re only working 20 to 30 hours a week, and they’re saying, “Jeez, I can use AI and only work 10 hours a week.” That’s the glass half-empty side of this.
So I think for me, what I see is that the high performers in our business and in my network are using AI as a means to be more productive, to go faster, to execute more quickly, and to do even more than they were already doing at a level where they were already performing at a high level. It seems like those lower performers are using AI as a means to perform at an even lower level and to use it to become even more lazy. So in a way, that’s actually not even interesting because it actually makes a ton of sense with the mental archetype of how that flow goes through. So that’s what I’m seeing, and I’m actually not surprised by it.
Tom Wentworth: I think that AI has made it possible for companies like mine, we’re a Series A startup, pretty small, but because we’re early adopters of AI across our engineering team, our sales team, certainly our marketing team, we can move faster. And there’s a little bit of a negative connotation. I have people in my marketing team who sometimes apologize for doing their job with AI, and I’m like, “No, thank you. You’re doing a fantastic job. The output of the work that you’re delivering, whether you came up with those incredible headlines or something else, it doesn’t matter.” The output you’re delivering is what you’re hired to go do.
If you’re an engineer, you’re using Cursor to write better code because you don’t remember how to do that bubble sort from your CS class 20 years ago, that’s great. You’re going to ship things faster. So it’s the great democratizer that lets companies like mine compete with our much bigger competitors like PagerDuty because those companies aren’t moving fast. They’re the ones who, generally speaking, are using AI to do less work, not more. So if you can keep the DNA of a startup and use AI to power and do better work faster, it’s what lets companies break through and compete.
I think the DeepSeek versus meta example is really interesting. You can train a model at $6 million versus $80 billion. It’s a pretty fast way to disrupt an industry. So I’m bullish on that. I don’t know if it’ll be that way forever, but that’s certainly the mindset that I think companies should adopt.
David Maffei: Yeah, very interesting. All right, last question from me. This has been great, I really appreciate your time. Go back in the Wayback Machine. You’re starting your career today. You are so much more knowledgeable now than you were then. What would you do differently? Give me one thing that you would do differently based on everything today versus that first day you went to work some 20-plus years ago.
Tom Wentworth: Yeah I really wish I had gone into sales. For a little bit, I would have been terrible at it. But I really wish at some point, I think the selling — I think what you learn as a seller or as a sales leader like you are gives you a set of life skills. It lets you deal with stress in a way, negotiation, interpersonal things, forecasting. I really wish I had taken a shot at that. I wouldn’t have been very good at it, but I would have loved to have learned how to do some of the things that sellers like you can do. I guess my career’s not over, so maybe someday I can try that challenge. But yeah, I wish I’d spent more time carrying a quota.
David Maffei: That’s great. Tom, thank you so much. Tom Wentworth from incident.io, thank you so much. I’m Dave Maffei, and this was another episode of Aspire to Inspire. We’ll see you in another episode soon. Thank you so much.
Tom Wentworth: Thanks, Dave.