Greylock's Sarah Guo On The Technologies That Will Enable Digital Transformation

 early-stage investor with an emphasis on B2B applications, infrastructure, FinTech, cybersecurity, artificial intelligence, augmented reality, and healthcare. 

In this interview, we cover several of her areas of emphasis. We also notes her method of evaluating entrepreneurs prior to investing in their companies. She also offers thoughts on the state of women in venture capital, as a trailblazing female leader.

(To listen to an unabridged podcast version of this interview, please click this linkThis is the 36th interview in the Tech Influencers series. To listen to past interviews with the likes of bestselling author Michael Lewis, Reid Hoffman, former Mexican President Vicente Fox, Steve Case, Craig Newmark, Stewart Butterfield, and Meg Whitman, please visit this link. To read future articles in this series, please follow me on on Twitter @PeterAHigh.) 

Peter High: You are a General Partner at Greylock Ventures. Could you talk about the areas you invest in and how you choose them?

Credit Greylock

Sarah Guo: We have a relatively small team at Greylock, and there are areas in which people have stronger theses. That said, there are macro-beliefs that we share as a team, and [we] organize them [from] the apps layer down. There is an explosion of software happening today, and I believe we are relatively early in the current generation of software innovation. It is not just about moving a few ERP or CRM systems to the cloud. We are going to see more categories that matter in SaaS than there were in the traditional enterprise software world, which I find extremely exciting. I am personally interested in financial software, which has traditionally been a conservative area. FinTech innovation is something that is naturally networked and could be better handled in software workflow, and we are still early in this transition.

High: What are some other examples of categories you are currently involved with?

Guo: First, you have that core software innovation, and I believe there is going to be category creation beyond what is traditionally thought of as ERP or even productivity. There are many secondary effects to this explosion of innovation that is currently taking place. If we are in this persistent best of breed world, how do you integrate everything, and how do you manage and use all of those APIs? Moreover, we have to determine how we are going to secure a world where end-users are in hundreds of different apps and how identity for all those aspects will be managed. Some of these aspects are already beginning to play out, and we are extremely lucky to be investors in Okta. That said, the integration and the security landscape is not yet done.

Robotic process automation [RPA] is an area that is white-hot right now. RPA tends to be in areas such as connecting software workflows across many different systems. In the old on-prem world, RPA was used for your custom processes for accounts payable in your configuration of SAP. While I do not believe RPA is necessarily the solution, some sort of automation that goes across different pieces of software and automates the mundane ones will be interesting. I believe we are early in that automation, and we are likewise early in the enabling pieces because the adoption of the apps also has to happen.

Separate from what is happening on the app side, every large company is trying to go through a digital transformation, which I view as building software-oriented experiences that are better for the company’s end-customer. To do that more effectively, companies are undertaking a massive re-platforming of the enterprise. This involves trying to get to a more agile set of infrastructure and implementing cloud, micro-services, and new languages, frameworks, and practices around software delivery. We are interested in investing in this area.

High: There oftentimes tends to be some co-opetition between some of the FinTech players. How do you think about the value proposition these companies have when they have that co-opetition in mind?

Guo: We have an executive briefing program, and many technical leaders come and talk to us. They want to learn how to bring partnership and innovation into their companies, and they want to talk about what is happening in terms of their competition. The other day, somebody said to me, "We do not want to be Netflixed or Ubered." Greylock will invest in the enabling technologies for enterprises and areas that are more vertical direct attacks. I do not believe these companies get confused as to who they are. To succeed in the enterprise side, you have to be extremely customer-centric so that you can build a product that is good for the customer and end-user to begin with. The likelihood that you are going to want to cannibalize that business once you have built something useful for them is not high, and it is not something I have seen at Greylock.

There are many other areas that companies can pursue to expand within that customer base, and there are other services that can be offered. For example, we have FinTech companies, and we have companies that offer software to financial services firms. Blend is an example of a company that helps large financials create a digital on-demand mortgage origination experience. I do not believe they are going to get mixed up into the different models even though they may offer more value for that end-user in different ways.

High: Security is an area where you have particular depth. You are currently on the board of Obsidian Security, and you were previously on the board of Demisto. One of the challenges for the modern-day tech executive is that the threat landscape is so complex and constantly evolving. How do you think about the different lanes associated with security?

Guo: Roughly one thousand vendors attended RSA this past year, and it is truly hard for any security team to consume that successfully. Of the many opportunities for new companies in security, we primarily focus on the subset of problems and market opportunities. We look at areas that are going to be significantly bigger in five years as a problem set. We have to be a part of companies that offer something that is not simply another solution or vendor that has to be added to the stack. Instead, these areas are going to be significantly more important, or they are going to replace something people already have. Several of the security companies that we have recently announced investments in have had that secular shift. If five percent of their security team used to care about application security for the apps they build internally, that could jump to over 20 percent five years from now. We invest in Sqreen, which is a company that does application security management, and we are lucky to be a part of AppDynamics. Their view is that if companies are going through a digital transformation, application security as one lane is going to become much more important, and it has to work in a modern way.

There are secondary effects when you have this massive explosion of software. Obsidian is all about understanding activity and identity in all of your applications. This includes Office365, Workday, or Salesforce, where there is extremely sensitive data. It is not just the infrastructure that matters, it is additionally about the employee or contractor actions in these systems. We believe that is a secular growing problem, and identity in all of these applications is going to become a new additional perimeter. While you do not own those applications, you need some type of control. The first step for us is to identify the changes in the landscape that are dramatic. This includes enterprises building applications or enterprises adopting such huge amounts of SaaS critical to their core business that they need security to react to it. We rarely invest in a company simply in response to one individual innovation because that is not a big enough change to warrant a new vendor. We think more about innovation in the business landscape, other areas the CIO might care about that security needs to react to, or innovations in some sort of architecture. Some problems are simply too big in the industry for us to solve, so we will not take full responsibility for that fragmentation in security.

We encourage our companies to live in customer environments in a way that makes customers successful. Portfolio companies’ messaging, positioning, and integration should recognize that the large company likely has a limited number of headcount in security and likely a couple hundred tools already. If you are customer-centric as a product founder and CEO, you understand that, and you look to make it easy for them to consume in the sea of other tools they have.

For a long time, the innovation engine in security has been about younger startups. It is an area of constant acquisition, and the area's pace of change is fast. Because of this, it is quite hard for large vendors to keep up. On a pure headcount basis, security teams deal with more products than other teams in technology. I believe it is going to be a competency for security teams to be great at dealing with a fragmented landscape and constant innovation. I believe that is true in the overall technology organization, but it is especially acute in security. The promise of Demisto and what they could do for their customer base was about dealing with the secondary effects of the rapid explosion in innovation. A big concept of Demisto was around integrating all the products a company had and automating some of the workflow across them so that the security team did not need to learn every new product.

High: I am hearing you say that the pace of change and the need to remain current is more difficult for the behemoths that are growing these portfolio companies. Part of what you are saying is that the problem with engaging with these companies is that as they get larger, their size and scale works against their ability to pivot and seize new opportunities. Am I hearing you correctly?

Guo: Absolutely. There are large security vendors that are competent organizations that I have a great deal of respect for, but security is an area of technology where 50 percent good enough is not sufficient. For example, good luck telling a CEO that you blocked 50 percent of a tax. Part of it is simply the structural problem. I believe everybody deserves the best software at good value across the entire technology organization and corporation. That said, you could get by with 20 percent less usable software if there are good benefits to centralization and integration of data in some software ecosystems. In security, the challenge is that some of the large security and systems vendors have not integrated their large number of products well. You do not get the benefit of aspects working together magically, and as I mentioned, if it is only 50 percent effective, that is not good enough.

High: Where do you believe we are in the adoption of artificial intelligence [AI]?

Guo: I believe we are just beginning to discover the different bottlenecks to enterprise adoption, and RPA is an interesting entry point into broader automation within the enterprise. From studying a bit of startup in business history in the technology field, I have learned that there are eras of core technological and infrastructure innovation, and products and consumption gets absorbed after that. We have had this amazing era of innovation in core ML, and I believe the large consumer internet companies whose entire business could get boiled down to a single algorithm or two moved the bottom line adopting ML faster than others. For example, if a company shows you this photo instead of a different photo in your feed, you are more likely to continue looking at the social network, which leads to more ad inventory. These consumer companies had a great deal of data, a ton of relatively modern infrastructure, great engineers, and financial incentive to get that algorithm to be as fast, adaptive, and accurate as possible. It is complicated to boil down most businesses to that one algorithm, and people's infrastructure is not as unified as an internet built in the last 10 or 15 years. Because of this massive investment in ML and the advancement from both the consumer internet companies and the academic community that has happened over the last five years, the rest of the business and technology ecosystem can reap the benefits.

You have TensorFlow and all these open-source frameworks, research papers that are continually published about better model architectures, and new discoveries in ML. People have recognized how valuable ML can be, and more people understand how to work with it. There are significantly more people coming out of college with an ML degree than there were just a few years ago. This is going to open doors for the rest of the business community to take advantage of ML. We are starting to see what the bottlenecks to enterprises getting value out of ML are, and we are discovering that there is an end-to-end developer stack for ML applications that is missing. Further, the data that people have for ML is not exactly in the form that they need it to be in. Being able to take tagged input data and translate it into outputs is going to be applicable across numerous different fields. However, people do not have that tagged and labeled data. Zeroing in on where the bottlenecks are and people developing ML applications is the next step. Greylock could be investing in ML native horizontal applications that try to do more work for us based on the data in those applications. Vertical ML native applications, which is the same idea, get deeper into a vertical workflow, they use different data, and they understand different business problems. I believe we are still early in all of it.

High: Some hypothesize that as we are developing virtual workers, we need to evaluate them the same way we evaluate employees. This involves seeing which are making us better and firing those who are not. Have you put any thought into this?

Guo: The RPA vendors tend to use the robot as a human replacement analogy, and I believe that idea holds in some ways but not in others. In this analogy, you are offloading tasks from humans. If you have a strong RPA, you can reduce headcount and restaff to higher-value tasks. However, the bots that people currently have in RPA deployments are not all that intelligent, and they do not learn well. Humans do learn well, and there is nothing to measure yet. This will become a more interesting concept as the products in this automation area progress. People are realizing that with an accounts payable process, for example, what they think is eight steps is instead 134 steps across six different financial systems. 25 percent of this is exceptions to what the core process is, and the people in accounts payable are great at handling all of those exceptions. While you can put in a bot to offload the repetitive work they are doing, that is being handled statically. I would likely measure an RPA effort based on how much of the process I could get coverage of, how many exceptions there are, and how much maintenance there is. While bots are definitely valuable to the business, they are not all that sophisticated in their ability to adapt to application or process change. Hopefully this management and visibility into bot performance will be an interesting opportunity five years from now.

High: How do you remain informed in topics as dynamic as the ones we are talking about? Further, how do you get a read on the changing landscapes and test your hypotheses?

Guo: First, I scope the problem. You cannot know enough about everything. I view myself as T-shaped, so I want to have a relatively comprehensive framework of the macro of what is happening in technology, especially in the enterprise landscape. Within that, there are certain areas that I am especially excited to dig deep into with entrepreneurs, and I spend a great deal of time with customers and practitioners. The reality with the enterprise technology space is that there is not much high-quality content that you can easily consume. These are learnings you cannot just learn and take. Instead, you have to get them from practitioners, entrepreneurs, and people who have lived in that environment. At any one time, I likely have three or four thesis areas where I believe something is missing in the market. I likely came to the beginning of that conclusion by talking to a smart practitioner or entrepreneur about an area and getting to an adjacent idea or problem that they were trying to solve. I love working in enterprise technology because it is essentially problem-solving. Unlike the consumer side where you are more of an anthropologist and instinctual product person, on the enterprise side, you are just trying to understand different organizations, what is changing in the landscape, and what your most important problems are. I care about next-gen infrastructure and problems in DevOps, I care about security and problems I believe are secular, and I care about back-office software from automation in RPA to financial ERP in the cloud. If you scope down the set of elements that you are proactively interested in from a thesis point of view, you can go meet all the companies, you can talk to practitioners about it, and you can read. As I said, I do not believe there are great sources for this stuff.

High: Can you talk about some of the hypotheses you are currently working on and how they translate with the companies you are investing in?

Guo: I will mention two different companies that we invest in that ride on the next generation infrastructure of trends, which I think of as a change in architecture. One company is Docker. Everybody has heard of containers, microservices, and the agility and multi-cloud capabilities these give you. We are involved in a company called Cato Networks, which I consider the AWS for networking. As you have more remote workers, as your environment gets more distributed, and as you have more SaaS applications, piping all your traffic and users back to your data center for security controls and your infrastructure stack is just impossible. You have to do something smarter at the edge and in a distributed way, and that has not been handled for enterprises. Cato is solving that architectural change for enterprises. Everybody has more data stores, so streaming architectures are here to stay. This is immensely interesting from a data processing, data movement, and data storage perspective.

The area of DevOps is not a solved one. Everybody is trying to figure out how to deliver software faster and better in distributed systems with microservices, and the pipeline problems around software delivery are huge. You can have different expectations around stability and code coverage in all these areas, or you might be trying to figure out how to invest different development resources in different areas. These trends are not a panacea, and secondary effects are huge. When large companies commit to developing software faster, we look at the individual problems they face and if there are opportunities for new vendors surrounding that.

High: Your parents are entrepreneurs, so entrepreneurship is in your blood as well. How has your experience with them colored your career, especially as a venture capitalist?

Guo: My parents are tech entrepreneurs, and working with them on Casa, a networking infrastructure company, was one of my earliest work experiences. As a kid, I was lucky enough to be around parents and friends who said, "You are nine years old, build a Linux box." Not everybody has that experience. Working with a bunch of people inspired me in terms of the joy of building technology products. Early on, I had the belief that small teams with a better product idea, great execution, and a great deal of persistence can win against huge vendors and bring something better to the world.

From a young age, I learned about the importance of customer-centricity in entrepreneurs. Some early customers were the first funders of Casa Systems before VCs were. Being bootstrapped and being customer-funded is a less popular way to go in Silicon Valley. That said, the actions that enterprise companies take can be incredibly important to a customer. Those are your closest partners, so I look for entrepreneurs who act that way. I obviously believe in early-stage venture capital and the Greylock product, and I love my job, but I believe there are many ways to build a great company.

Working on Casa gave me a huge amount of empathy for how hard the entrepreneurial journey is. Not every part of Casa was easy, and I believe you need to live it to truly believe that. Having that empathy for the entrepreneur is certainly part of Greylock's ethos. I personally tend to be excited about people who have a combination of some sort of unique product vision. I am drawn towards people who are thoughtful and committed to learning as a first principle. I am likewise excited by those who can recruit others to the cause. Lastly, I enjoy working with people who have a bias to action because if you do nothing, nothing is going to happen. Having that willingness to work and operate at a certain pace is important.

The founders that I and Greylock work with vary substantially. We invest in three-time founders of successful enterprise software companies, total outsiders, and recent dropouts from Brown. The whole range exists, so we are looking more for capability, insight, and personal chemistry with people. You want to sign up for a five or 10-year marriage with a company if you have a concentrated portfolio. If you do not love the company, you are not likely going to go to bat for those founders to help them recruit executives and onboard their early customers. All of those features matter, especially when we have so little data at the early stages to make decisions in terms of revenue or usage. I am largely an early-stage investor, and that has been the core of the Greylock practice for a long time. The personal chemistry and the interest in what people are doing truly matters.

High: You became a general partner at Greylock last year, and you are a woman in a field where there are not many women. Could you talk about that accomplishment and the state of the union of women in technology and venture capital?

Guo: I hope women reaching the general partner position is not noteworthy in a few years. The venture industry is extremely network-oriented, and the pools that people tend to recruit from are the founders and executives they have worked with and people from other investment firms. None of these fields are currently diverse. There are pipeline, judgment, and support issues. However, I believe a great deal of progress has been made over the past few years, and I am optimistic for the future. The industry owes a huge debt to the work that Aileen Lee and the All Raise has been doing to change the court of public opinion about the level of diversity that is acceptable and productive in technology and venture. Further, they have taken on practical initiatives to further that agenda. I am excited to be a part of that, and I think the world of that organization.

I believe the rest of the industry needs to make active moves on this, and the people who figure it out faster than others are going to have a significant business advantage. The VC world does not reflect the world of the users and buyers that they are trying to serve. We think about leaders in the enterprise of different departments, of IT, or consumers and consumer purchasing power. As far as I can tell, that is far more female and far more color diverse than VC currently is. How can we expect to make great decisions about technology that is going to change the world if we are not reflecting the world we are part of?

Peter High  is President of  Metis Strategy , a business and IT advisory firm. His latest book is  Implementing World Class IT Strategy . He is also the author of  World Class IT: Why Businesses Succeed When IT Triumphs .  Peter moderates the Technovation podcast series. He speaks at conferences around the world. Follow him on Twitter @PeterAHigh.

">

Greylock Partners General Partner Sarah Guo has entrepreneurship in her blood. Her parents started a networking infrastructure company, Casa, and she got involved in the business before graduating from high school. Seeing the trials and tribulations of her parents journey has helped her empathize better than most with the entrepreneurs who she collaborates with.

Guo focuses on enterprise technology companies, typically operating as an early-stage investor with an emphasis on B2B applications, infrastructure, FinTech, cybersecurity, artificial intelligence, augmented reality, and healthcare. 

In this interview, we cover several of her areas of emphasis. We also notes her method of evaluating entrepreneurs prior to investing in their companies. She also offers thoughts on the state of women in venture capital, as a trailblazing female leader.

(To listen to an unabridged podcast version of this interview, please click this linkThis is the 36th interview in the Tech Influencers series. To listen to past interviews with the likes of bestselling author Michael Lewis, Reid Hoffman, former Mexican President Vicente Fox, Steve Case, Craig Newmark, Stewart Butterfield, and Meg Whitman, please visit this link. To read future articles in this series, please follow me on on Twitter @PeterAHigh.) 

Peter High: You are a General Partner at Greylock Ventures. Could you talk about the areas you invest in and how you choose them?

Credit Greylock

Sarah Guo: We have a relatively small team at Greylock, and there are areas in which people have stronger theses. That said, there are macro-beliefs that we share as a team, and [we] organize them [from] the apps layer down. There is an explosion of software happening today, and I believe we are relatively early in the current generation of software innovation. It is not just about moving a few ERP or CRM systems to the cloud. We are going to see more categories that matter in SaaS than there were in the traditional enterprise software world, which I find extremely exciting. I am personally interested in financial software, which has traditionally been a conservative area. FinTech innovation is something that is naturally networked and could be better handled in software workflow, and we are still early in this transition.

High: What are some other examples of categories you are currently involved with?

Guo: First, you have that core software innovation, and I believe there is going to be category creation beyond what is traditionally thought of as ERP or even productivity. There are many secondary effects to this explosion of innovation that is currently taking place. If we are in this persistent best of breed world, how do you integrate everything, and how do you manage and use all of those APIs? Moreover, we have to determine how we are going to secure a world where end-users are in hundreds of different apps and how identity for all those aspects will be managed. Some of these aspects are already beginning to play out, and we are extremely lucky to be investors in Okta. That said, the integration and the security landscape is not yet done.

Robotic process automation [RPA] is an area that is white-hot right now. RPA tends to be in areas such as connecting software workflows across many different systems. In the old on-prem world, RPA was used for your custom processes for accounts payable in your configuration of SAP. While I do not believe RPA is necessarily the solution, some sort of automation that goes across different pieces of software and automates the mundane ones will be interesting. I believe we are early in that automation, and we are likewise early in the enabling pieces because the adoption of the apps also has to happen.

Separate from what is happening on the app side, every large company is trying to go through a digital transformation, which I view as building software-oriented experiences that are better for the company’s end-customer. To do that more effectively, companies are undertaking a massive re-platforming of the enterprise. This involves trying to get to a more agile set of infrastructure and implementing cloud, micro-services, and new languages, frameworks, and practices around software delivery. We are interested in investing in this area.

High: There oftentimes tends to be some co-opetition between some of the FinTech players. How do you think about the value proposition these companies have when they have that co-opetition in mind?

Guo: We have an executive briefing program, and many technical leaders come and talk to us. They want to learn how to bring partnership and innovation into their companies, and they want to talk about what is happening in terms of their competition. The other day, somebody said to me, "We do not want to be Netflixed or Ubered." Greylock will invest in the enabling technologies for enterprises and areas that are more vertical direct attacks. I do not believe these companies get confused as to who they are. To succeed in the enterprise side, you have to be extremely customer-centric so that you can build a product that is good for the customer and end-user to begin with. The likelihood that you are going to want to cannibalize that business once you have built something useful for them is not high, and it is not something I have seen at Greylock.

There are many other areas that companies can pursue to expand within that customer base, and there are other services that can be offered. For example, we have FinTech companies, and we have companies that offer software to financial services firms. Blend is an example of a company that helps large financials create a digital on-demand mortgage origination experience. I do not believe they are going to get mixed up into the different models even though they may offer more value for that end-user in different ways.

High: Security is an area where you have particular depth. You are currently on the board of Obsidian Security, and you were previously on the board of Demisto. One of the challenges for the modern-day tech executive is that the threat landscape is so complex and constantly evolving. How do you think about the different lanes associated with security?

Guo: Roughly one thousand vendors attended RSA this past year, and it is truly hard for any security team to consume that successfully. Of the many opportunities for new companies in security, we primarily focus on the subset of problems and market opportunities. We look at areas that are going to be significantly bigger in five years as a problem set. We have to be a part of companies that offer something that is not simply another solution or vendor that has to be added to the stack. Instead, these areas are going to be significantly more important, or they are going to replace something people already have. Several of the security companies that we have recently announced investments in have had that secular shift. If five percent of their security team used to care about application security for the apps they build internally, that could jump to over 20 percent five years from now. We invest in Sqreen, which is a company that does application security management, and we are lucky to be a part of AppDynamics. Their view is that if companies are going through a digital transformation, application security as one lane is going to become much more important, and it has to work in a modern way.

There are secondary effects when you have this massive explosion of software. Obsidian is all about understanding activity and identity in all of your applications. This includes Office365, Workday, or Salesforce, where there is extremely sensitive data. It is not just the infrastructure that matters, it is additionally about the employee or contractor actions in these systems. We believe that is a secular growing problem, and identity in all of these applications is going to become a new additional perimeter. While you do not own those applications, you need some type of control. The first step for us is to identify the changes in the landscape that are dramatic. This includes enterprises building applications or enterprises adopting such huge amounts of SaaS critical to their core business that they need security to react to it. We rarely invest in a company simply in response to one individual innovation because that is not a big enough change to warrant a new vendor. We think more about innovation in the business landscape, other areas the CIO might care about that security needs to react to, or innovations in some sort of architecture. Some problems are simply too big in the industry for us to solve, so we will not take full responsibility for that fragmentation in security.

We encourage our companies to live in customer environments in a way that makes customers successful. Portfolio companies’ messaging, positioning, and integration should recognize that the large company likely has a limited number of headcount in security and likely a couple hundred tools already. If you are customer-centric as a product founder and CEO, you understand that, and you look to make it easy for them to consume in the sea of other tools they have.

For a long time, the innovation engine in security has been about younger startups. It is an area of constant acquisition, and the area's pace of change is fast. Because of this, it is quite hard for large vendors to keep up. On a pure headcount basis, security teams deal with more products than other teams in technology. I believe it is going to be a competency for security teams to be great at dealing with a fragmented landscape and constant innovation. I believe that is true in the overall technology organization, but it is especially acute in security. The promise of Demisto and what they could do for their customer base was about dealing with the secondary effects of the rapid explosion in innovation. A big concept of Demisto was around integrating all the products a company had and automating some of the workflow across them so that the security team did not need to learn every new product.

High: I am hearing you say that the pace of change and the need to remain current is more difficult for the behemoths that are growing these portfolio companies. Part of what you are saying is that the problem with engaging with these companies is that as they get larger, their size and scale works against their ability to pivot and seize new opportunities. Am I hearing you correctly?

Guo: Absolutely. There are large security vendors that are competent organizations that I have a great deal of respect for, but security is an area of technology where 50 percent good enough is not sufficient. For example, good luck telling a CEO that you blocked 50 percent of a tax. Part of it is simply the structural problem. I believe everybody deserves the best software at good value across the entire technology organization and corporation. That said, you could get by with 20 percent less usable software if there are good benefits to centralization and integration of data in some software ecosystems. In security, the challenge is that some of the large security and systems vendors have not integrated their large number of products well. You do not get the benefit of aspects working together magically, and as I mentioned, if it is only 50 percent effective, that is not good enough.

High: Where do you believe we are in the adoption of artificial intelligence [AI]?

Guo: I believe we are just beginning to discover the different bottlenecks to enterprise adoption, and RPA is an interesting entry point into broader automation within the enterprise. From studying a bit of startup in business history in the technology field, I have learned that there are eras of core technological and infrastructure innovation, and products and consumption gets absorbed after that. We have had this amazing era of innovation in core ML, and I believe the large consumer internet companies whose entire business could get boiled down to a single algorithm or two moved the bottom line adopting ML faster than others. For example, if a company shows you this photo instead of a different photo in your feed, you are more likely to continue looking at the social network, which leads to more ad inventory. These consumer companies had a great deal of data, a ton of relatively modern infrastructure, great engineers, and financial incentive to get that algorithm to be as fast, adaptive, and accurate as possible. It is complicated to boil down most businesses to that one algorithm, and people's infrastructure is not as unified as an internet built in the last 10 or 15 years. Because of this massive investment in ML and the advancement from both the consumer internet companies and the academic community that has happened over the last five years, the rest of the business and technology ecosystem can reap the benefits.

You have TensorFlow and all these open-source frameworks, research papers that are continually published about better model architectures, and new discoveries in ML. People have recognized how valuable ML can be, and more people understand how to work with it. There are significantly more people coming out of college with an ML degree than there were just a few years ago. This is going to open doors for the rest of the business community to take advantage of ML. We are starting to see what the bottlenecks to enterprises getting value out of ML are, and we are discovering that there is an end-to-end developer stack for ML applications that is missing. Further, the data that people have for ML is not exactly in the form that they need it to be in. Being able to take tagged input data and translate it into outputs is going to be applicable across numerous different fields. However, people do not have that tagged and labeled data. Zeroing in on where the bottlenecks are and people developing ML applications is the next step. Greylock could be investing in ML native horizontal applications that try to do more work for us based on the data in those applications. Vertical ML native applications, which is the same idea, get deeper into a vertical workflow, they use different data, and they understand different business problems. I believe we are still early in all of it.

High: Some hypothesize that as we are developing virtual workers, we need to evaluate them the same way we evaluate employees. This involves seeing which are making us better and firing those who are not. Have you put any thought into this?

Guo: The RPA vendors tend to use the robot as a human replacement analogy, and I believe that idea holds in some ways but not in others. In this analogy, you are offloading tasks from humans. If you have a strong RPA, you can reduce headcount and restaff to higher-value tasks. However, the bots that people currently have in RPA deployments are not all that intelligent, and they do not learn well. Humans do learn well, and there is nothing to measure yet. This will become a more interesting concept as the products in this automation area progress. People are realizing that with an accounts payable process, for example, what they think is eight steps is instead 134 steps across six different financial systems. 25 percent of this is exceptions to what the core process is, and the people in accounts payable are great at handling all of those exceptions. While you can put in a bot to offload the repetitive work they are doing, that is being handled statically. I would likely measure an RPA effort based on how much of the process I could get coverage of, how many exceptions there are, and how much maintenance there is. While bots are definitely valuable to the business, they are not all that sophisticated in their ability to adapt to application or process change. Hopefully this management and visibility into bot performance will be an interesting opportunity five years from now.

High: How do you remain informed in topics as dynamic as the ones we are talking about? Further, how do you get a read on the changing landscapes and test your hypotheses?

Guo: First, I scope the problem. You cannot know enough about everything. I view myself as T-shaped, so I want to have a relatively comprehensive framework of the macro of what is happening in technology, especially in the enterprise landscape. Within that, there are certain areas that I am especially excited to dig deep into with entrepreneurs, and I spend a great deal of time with customers and practitioners. The reality with the enterprise technology space is that there is not much high-quality content that you can easily consume. These are learnings you cannot just learn and take. Instead, you have to get them from practitioners, entrepreneurs, and people who have lived in that environment. At any one time, I likely have three or four thesis areas where I believe something is missing in the market. I likely came to the beginning of that conclusion by talking to a smart practitioner or entrepreneur about an area and getting to an adjacent idea or problem that they were trying to solve. I love working in enterprise technology because it is essentially problem-solving. Unlike the consumer side where you are more of an anthropologist and instinctual product person, on the enterprise side, you are just trying to understand different organizations, what is changing in the landscape, and what your most important problems are. I care about next-gen infrastructure and problems in DevOps, I care about security and problems I believe are secular, and I care about back-office software from automation in RPA to financial ERP in the cloud. If you scope down the set of elements that you are proactively interested in from a thesis point of view, you can go meet all the companies, you can talk to practitioners about it, and you can read. As I said, I do not believe there are great sources for this stuff.

High: Can you talk about some of the hypotheses you are currently working on and how they translate with the companies you are investing in?

Guo: I will mention two different companies that we invest in that ride on the next generation infrastructure of trends, which I think of as a change in architecture. One company is Docker. Everybody has heard of containers, microservices, and the agility and multi-cloud capabilities these give you. We are involved in a company called Cato Networks, which I consider the AWS for networking. As you have more remote workers, as your environment gets more distributed, and as you have more SaaS applications, piping all your traffic and users back to your data center for security controls and your infrastructure stack is just impossible. You have to do something smarter at the edge and in a distributed way, and that has not been handled for enterprises. Cato is solving that architectural change for enterprises. Everybody has more data stores, so streaming architectures are here to stay. This is immensely interesting from a data processing, data movement, and data storage perspective.

The area of DevOps is not a solved one. Everybody is trying to figure out how to deliver software faster and better in distributed systems with microservices, and the pipeline problems around software delivery are huge. You can have different expectations around stability and code coverage in all these areas, or you might be trying to figure out how to invest different development resources in different areas. These trends are not a panacea, and secondary effects are huge. When large companies commit to developing software faster, we look at the individual problems they face and if there are opportunities for new vendors surrounding that.

High: Your parents are entrepreneurs, so entrepreneurship is in your blood as well. How has your experience with them colored your career, especially as a venture capitalist?

Guo: My parents are tech entrepreneurs, and working with them on Casa, a networking infrastructure company, was one of my earliest work experiences. As a kid, I was lucky enough to be around parents and friends who said, "You are nine years old, build a Linux box." Not everybody has that experience. Working with a bunch of people inspired me in terms of the joy of building technology products. Early on, I had the belief that small teams with a better product idea, great execution, and a great deal of persistence can win against huge vendors and bring something better to the world.

From a young age, I learned about the importance of customer-centricity in entrepreneurs. Some early customers were the first funders of Casa Systems before VCs were. Being bootstrapped and being customer-funded is a less popular way to go in Silicon Valley. That said, the actions that enterprise companies take can be incredibly important to a customer. Those are your closest partners, so I look for entrepreneurs who act that way. I obviously believe in early-stage venture capital and the Greylock product, and I love my job, but I believe there are many ways to build a great company.

Working on Casa gave me a huge amount of empathy for how hard the entrepreneurial journey is. Not every part of Casa was easy, and I believe you need to live it to truly believe that. Having that empathy for the entrepreneur is certainly part of Greylock's ethos. I personally tend to be excited about people who have a combination of some sort of unique product vision. I am drawn towards people who are thoughtful and committed to learning as a first principle. I am likewise excited by those who can recruit others to the cause. Lastly, I enjoy working with people who have a bias to action because if you do nothing, nothing is going to happen. Having that willingness to work and operate at a certain pace is important.

The founders that I and Greylock work with vary substantially. We invest in three-time founders of successful enterprise software companies, total outsiders, and recent dropouts from Brown. The whole range exists, so we are looking more for capability, insight, and personal chemistry with people. You want to sign up for a five or 10-year marriage with a company if you have a concentrated portfolio. If you do not love the company, you are not likely going to go to bat for those founders to help them recruit executives and onboard their early customers. All of those features matter, especially when we have so little data at the early stages to make decisions in terms of revenue or usage. I am largely an early-stage investor, and that has been the core of the Greylock practice for a long time. The personal chemistry and the interest in what people are doing truly matters.

High: You became a general partner at Greylock last year, and you are a woman in a field where there are not many women. Could you talk about that accomplishment and the state of the union of women in technology and venture capital?

Guo: I hope women reaching the general partner position is not noteworthy in a few years. The venture industry is extremely network-oriented, and the pools that people tend to recruit from are the founders and executives they have worked with and people from other investment firms. None of these fields are currently diverse. There are pipeline, judgment, and support issues. However, I believe a great deal of progress has been made over the past few years, and I am optimistic for the future. The industry owes a huge debt to the work that Aileen Lee and the All Raise has been doing to change the court of public opinion about the level of diversity that is acceptable and productive in technology and venture. Further, they have taken on practical initiatives to further that agenda. I am excited to be a part of that, and I think the world of that organization.

I believe the rest of the industry needs to make active moves on this, and the people who figure it out faster than others are going to have a significant business advantage. The VC world does not reflect the world of the users and buyers that they are trying to serve. We think about leaders in the enterprise of different departments, of IT, or consumers and consumer purchasing power. As far as I can tell, that is far more female and far more color diverse than VC currently is. How can we expect to make great decisions about technology that is going to change the world if we are not reflecting the world we are part of?

Peter High  is President of  Metis Strategy , a business and IT advisory firm. His latest book is  Implementing World Class IT Strategy . He is also the author of  World Class IT: Why Businesses Succeed When IT Triumphs .  Peter moderates the Technovation podcast series. He speaks at conferences around the world. Follow him on Twitter @PeterAHigh.

I am the president of Metis Strategy, a business and IT strategy firm that I founded in 2001. I have advised many of the best chief information officers at multi-billion...