Cloudflare TV

How I Launched This Company

Presented by Aliza Knox, Peter Yared
Originally aired on 

How I Launched This Company explores the path of entrepreneurs and innovators in the Asia-Pacific region. From challenges faced to lessons learned, we will join them on their journey as they share how they got to where they are today.

Join us this week as we meet with Peter Yared, Founder and CEO of InCountry .


Transcript (Beta)

Okay. We are live, Peter. Hello, everybody. I'm Aliza Knox. I run Asia for Cloudflare, and today we are extremely lucky to have Peter Yared with us for part of the series on how I launched this company.

He's a serial entrepreneur. InCountry is his sixth company, so he may talk to us about some of the others, but we'll focus on InCountry today.

So before we do anything else, Peter, can you just tell us what InCountry does?

Hi, Aliza. Thanks for having me on. I'm a big fan of Cloudflare and customer.

What we do at InCountry, it's interesting because Cloudflare, one of the key products is a CDN, and in some ways, InCountry is an inverse CDN.

So typically, with a CDN, you have an origin where you have a bunch of content.

I was a CIO at CBS, one of the networks in the US, and we would put our content out in a bunch of different points of presence so that anybody could get it quickly.

With InCountry, what we do is we enable companies to store regulated data in up to 90 countries in the world.

So they store the data in 90 different places, and they can manage it centrally.

So in some ways, instead of having one origin that goes out to a bunch of places, we've inverted that model, and we've done it because of all the emerging data regulation laws that you have in various countries that require that the data be in the country.

And the reason the governments are saying this is so that they can manage the jurisprudence and jurisdiction of the data.

That's interesting.

I know it's something we come up against a lot with our clients, with their need to actually store the data in the country, whether they're a financial company or a healthcare.

And I look forward to hearing about how you service those different verticals.

But before we talk more about that, do you want to give us a bit of a background and maybe even just throw in the names of some of the other things you've started?

But I think six companies is pretty amazing. And I know you've had a fascination with computers for a long time.

So tell us about how you got to where you are.

Well, it's fun for me. I started programming computers when I was nine years old, and that was a long time ago in the late 70s and early 80s.

And back then definitely wasn't cool to be doing computers, but I just loved them and programmed them.

And I was fortunate to just be part of all these different waves of computing.

And so I started a project, I called it adding client server technology to an existing computer language.

And then the people that built that published it and then bought it from me.

And then a friend of mine turned me on to Java in 1995.

And so I ported my client server environment to that and became part of the Internet wave in the 90s.

And that company was acquired by NetDynamics and then Sun Microsystems.

And then at Sun Microsystems, I worked on things like distributed infrastructure, and then also network identity.

So one of the first systems to let people do single sign-off.

So you know how you can show up somewhere and log in with Google that didn't exist in the 90s and even early 2000s.

And then I left Sun and started a company in open source around the LAMP stack, which was the big wave of running large grids of computers, all running cheap software.

That company was acquired by VMware. And then I started a company. The idea was to do these little apps that could do things.

And very quickly, it turned into Facebook launches platforms.

We did a bunch of social marketing. And that company was bought by Sprinklr, by a company called Tiger Logic and then Sprinklr.

Then I had another company where I was at CBS, one of our big customers at Transpond.

And I redid their whole cloud stack there and took them into the cloud, which was a fun project.

It was like number six or seven on the Internet at that point in terms of scale and size.

And we realized, we brought in all this modern software, and we realized nobody used it.

Even I wouldn't use it. I would email people and be like, hey, could you look this up in Omniture for me?

And then it's more like, oh, there's got to be a problem there.

So we started a company that would get the little pieces you need out of all this legacy and even new software and created this employee experience layer.

So you could submit for PTO without having to go into an ancient HR system, which made the customer happy.

They didn't have to buy a new HR system.

And the millennial employees happy because they'd never have to go use PeopleSoft or Workday or whatever.

And we sold that company to Citrix.

And now I get to be part of this wave of super distributed computing worldwide, as well as data regulation and privacy.

So it's fun for me. How do you keep coming up with these ideas?

Can they come to you in the shower? Do you sit around and think about, what am I going to do next?

And how does your background maybe help you with that?

I think you lived in different places, as well. Well, with this company, yeah, I lived in five different countries growing up and spoke three different languages.

My mother's American, so I don't have an accent. In English, at least Americans, I don't.

We moved to the States when I was 14 or 15. And what that enabled me to really see is that different countries approach things differently.

And in the US, of course, we have a lot of multiculturalism, but really, it's a melting pot.

Everybody, at some point, coalesces on a common culture. But when you go to other countries, they operate the way they operate.

And I'm sure you're very familiar with operating in Asia for so many years.

And so one of the insights I had, and a lot of these are just sort of insights on a trend.

And so one of the insights I had was the American way of doing software and cloud was it's much more efficient to put everything in one place.

But you go to various countries, and their citizens are not happy with how their data is being treated internationally.

And that was sort of the collision that I saw coming four or five years ago.

And this is even before like a Brexit or all these populist kinds of things.

There's like a real underpinning to it, which is you hear a lot about email addresses being exposed.

But people really, really care about their financial data, their banking data, their health data, their payment data.

And governments increasingly are regulating that.

And multinational companies have to be really aware of it.

And for whatever reason, if McDonald's wanted to set up a restaurant, chain of restaurants in Sri Lanka or wherever, of course, there's no doubt that they would have to follow the restaurant regulations, the labor regulations, how the front door works regulations, tax regulations, everything has to be done the Sri Lankan way.

But for whatever reason, up until about two years ago, they could buy 10 Big Macs and get one for free and do whatever they wanted with the data.

And data is like one of the most important things, but it just wasn't regulated by governments.

Everyone just thought, oh, it's just like this nebulous thing that doesn't matter.

But it does matter and governments are regulating it. So I don't know, I just had that insight that there was like this infinite mismatch, if you will, between how U.S.

companies and large SaaS vendors were rolling out their software and what the people in governments were going to want.

And that's why I solved that problem.

And tell me a little bit, you know, a lot of people who will watch this or are watching it now are either entrepreneurs or people have been on the tech side.

So tell us a bit about the tech stack and how you built this without giving away your secret sauce.

Oh, for sure. And, you know, it's interesting because we did it in an iterative way.

And, you know, what I had to tell the team, because we built the team really quickly and early, is we're not WeWork.

And this is even before WeWork sort of imploded.

But what WeWork did was they went out and they signed leases worldwide and did all these build outs.

So hugely capital intensive with the hope that they could rent slices of their infrastructure out to customers down the line.

And so what we did is we did sort of a lightweight lean model to building a global cloud.

So we would enter markets very, very lightweight, rented hosts, things like that.

And then as we got more traction in specific markets like Saudi Telecom, eventually we would get up to a co-location facility where we would build out our own infrastructure and points of presence.

So on the infrastructure side, we had a tiered model where we lever up as needed.

And then the software side, you know, I've been doing distributed computing for a long, long time.

And this one actually gave me a headache.

Because, you know, we have two points of presence in each country, they replicate data between themselves.

And then there's an aggregate cloud on top of that.

And then, you know, of course, it's not just storing the data in the country.

A lot of times it can only be viewable in the country. So how do you get data into a browser when it's somebody else's SaaS app like Salesforce?

So you have to use JWT off, you know, and then sometimes we go on local processing.

So of course, we have to add serverless functions, you know, which I think, you know, Cloudflare has workers, right?

So you know, the infrastructure challenges around that.

But we did all of that with like the security and compliance of a bank.

It's sort of rated like this 30 -40% drag, you know, on everything. So it took us a while to build out the infrastructure and get all the certifications in place.

But you know, in our first year, you know, we were lucky we all came together as a team, everybody understood the importance of the compliance side of this, it's really what we're selling.

And we're able to get soft to type to PCI DSS to store payment data, which is not trivial, you know, HIPAA, health data, and we're very close to announcing ISO 27001 series as well for this year.

And then local compliance, like FZ152 in Russia, you know, so it's like, you know, it's, it's been a fun, it's been a fun project.

So how did you build the team?

I remember you telling me that you built it in an unusual way. And it, you know, even pre COVID, it was much more distributed than a normal startup.

So talk a little bit about that, maybe.

Yeah, the Silicon Valley pattern, which I've done a few times is, you know, everybody's in an office in the Bay Area, right.

And, and, you know, my last company, we found it extremely challenging to attract technical talent versus a Google or Facebook, you know, and so at that company, you know, we're fortunate we had a couple contractors that were in Prague in the Czech Republic, and they were building up their own startup, but working for us on the side, you know, as contractors, and then their startup wasn't going that well.

So we basically acquihired them, and then built a 90 person team around the two of them.

It was a front end person and a back end person, just incredible. And we mentored, you know, internal leadership there all the way up to a 90 person organization.

And I found that to be really fun. I mean, like, there's a lot of travel back and forth to Europe, you know, because I do believe in FaceTime.

And so for me, a distributed company, I do believe in offices, you know, and people being together and being able to talk with each other, not necessarily there every day and every second, to foster talent, to mentor people, you know, to get the team cohesive.

But it's very difficult to do that in the Bay Area. And so we were really lucky with that.

Within country, you know, our joke is, it's not just the name of the company, it's the thesis, right?

And a big portion of our business is in Russia, and UAE, and Saudi Arabia, and places like that.

So we built up an engineering team in Russia, in Rostov-on -Don, we have 30 people there in an office, InfoSec and compliance team in Minsk, with 20 people.

And then we have, you know, another set of people in Kyiv, we have people in in UAE, we have an office there with two people, you know, the sovereign ballpoint of Abu Dhabi, Mubadala is one of our investors, and we're building up in Singapore, right?

So we're hoping to have our office there and a couple staff, you know, at the end of the year.

So we're pretty excited about that. You know, in the US, you know, we did get up to, you know, a little bit over 10 people in San Francisco, and now people have just spread, you know, we shut down our office, I'm actually here calling you from Miami, you know, where, you know, six or seven months ago, if I called, you know, my investors, hey, I'm moving to Miami, it'll be out of your mind.

And everyone's like, enjoy the beach.

So it's kind of interesting to have offices elsewhere, and none in the US right now.

So the bulk, it sounds like the bulk of your people are outside the US.

Yeah. And, you know, we had challenges hiring Americans, and people in the US that could really relate to how things work globally.

If you're like, hi, I'd like to hire somebody who's really good at marketing, but then also knows terms like GCC, AZN, and OECD.

You know, in the Bay Area, it just doesn't really happen.

And so we've been able to find just incredible global talent in the other talent centers that are available, right?

So, so UAE, Singapore, even Eastern Europe, Kyiv has a great, remarkable talent pool of people who are global thinkers, you know, understand how to operate internationally.

So, so that's where we've grown.

So that's interesting, because you mentioned in a prior company, that you built a center in Prague, but not in this one.

So is this one about you, and you also mentioned, you have an investor in UAE, so in the sovereign wealth fund, how are you choosing the offices this time?

Is it about where regulation is the strictest?

Like, how does, how does, say, the choice of Minsk compare with having chosen Prague before?

So regulation is the strictest in the GCC, so the Persian Arabian Gulf region, depending on which side you're on, that's what you would call it, in AZN, in China, and in Russia.

Those are the key markets for us, and we call them pairings.

So it would be like health data, UAE, finance data, Saudi Arabia, right?

Everything data, Russia. So those are our key markets, and, you know, and it's twofold.

It's either a company that's in that country that wants to run Salesforce or ServiceNow, right?

Or, you know, Zendesk, they want to run the best cloud software, but they can't, because the, those companies don't want you to sort of, don't have a data center, you know, sitting in Saudi Arabia, let's say.

And then the other one is multinational companies, right?

You're running clinical trials, you're a pharmaceutical company, you now have to store patient data in 15 different countries, right?

You know, many of the aforementioned regions. So for us, it's critical that we have local staff in those countries, and it's very funny, like in InfoSec reviews, you know, usually if you have Russian staff, it's a red flag.

We're like, but this is the reason you hired us, right?

We have people on the ground in Moscow that know how the data regulations work.

They used to work at Yandex, you know, so, so yeah, so for this company, we definitely were very, you know, very strategic about where we place staff, so that we'd have folks on the ground that spoke the language, understood how things work, but we're also capable of being part of a global organization.

So it's interesting, because you mentioned a bunch of countries and the pairings.

You also mentioned that there's a fair amount of restriction in China, but you didn't mention China as a place to put people.

Is there any reason for that at this point? Is it just too early?

Or you're going to do that from Singapore? You know, we had some staff in Hong Kong, actually.

But it seems that most people want to do business right now in Singapore, across Asia.

So we actually have a partnership in China that we're going to be announcing shortly, where, you know, we're going to be working with one of the key hosting providers in the PRC.

You know, the data regulations there, you know, are pretty stringent.

And so our approach is rather than us hosting the data, and getting an ICP license and all of that, the hosting provider will let the customer, the end customer, who's already operating in China, right, you're a pharmaceutical company, you're selling drugs, you're a car manufacturer, so they already have every other license, they rent the servers, we manage the interface from our hosting partner, we manage the interface from Salesforce or ServiceNow, you know, workday through to their facility, you know, so then we're not actually owning the infrastructure.

So part of this is learning how each market works.

And originally, for China, we were going to hire new staff, get our own servers, all of that stuff.

And we realized, you know, for that market, it's just not realistic, you have to work with a local provider, and then add value on top of that.

So it's interesting, because this is all so timely, right, regulations are going up, and you've clearly seen this something else that's, you know, everybody talks about right now that's timely is COVID.

So has COVID affected your business at all, one way or the other either, you know, obviously, some of us, you know, we're in security, it's probably made it even more relevant.

Obviously, if you're an airline, it's made it tougher.

Has this affected in country at all? What's interesting, because we are a global company.

So we were able to see this coming.

So for example, I was in Singapore for a week of January when COVID hit in Sentosa, a hotel down the street, you know, and every day, we saw more and more masks.

And by the time we were at Shandy getting out, everybody had one but us. It's funny, you know, my coworker had given me them, and I'd left them on the hotel room desk.

We're like, oh, we messed up, you know. So we saw the softness hit Asia quick, you know, then we saw it hit Europe, then we saw it hit the US, you know, and definitely there was like an oh, crap moment.

But what emerged very, very quickly, and you know, we operate in all over the world, is the days of if you were a financial institution, being able to say, come on down to the branch, we're over.

Everyone got caught, you know, if they were not online and cloud enabled. So what we saw as a sudden acceleration, and I know your business has seen it, a business is going, oh my gosh, we have to accelerate our digital transformation.

And a lot of that is we have to bring in modern software.

And you know, top of the list is always like the best of breed software.

And then a lot of regions in the world, people are limited from using it.

So we definitely, first we saw this global softness from region to region.

And then we saw an acceleration in certain regions. And now we're seeing it worldwide.

So what, how are people dealing with the data localization requirements before they found you?

Most people, one, they were still running on-premises software.

So they would still run on-premises. So if you were in, you know, the PRC, you're in Malaysia, you're in Indonesia, you're, you know, and you're a bank and you want to offer online services, you know, you're a health provider, you want to use a customer service system, you know, a lot of times due to regulatory constraints, they had to run on-prem, you know, and they were just waiting, hoping that one day they'd be able to run in the cloud.

And if they did get cloud software, they'd have to use hack solutions like Cassidy's, cloud access security brokers, which was just like a proxy that tries to catch the data before it leaves.

It doesn't really work very well. It slows everything down. Fragile, you know, Salesforce would do an update.

Boom. Also next day, nobody can access their data.

It was really frustrating for customers. So there'd be solutions like that.

And then also we ran into a lot of homegrown people would, you know, find facilities on their own, secure them, do OFAC checks, network them in, you know, and then build APIs themselves, right.

To, to their own software. So that's how people were doing.

There's a lot of DIY and sort of hack solutions. And we're doing like, we're offering very deep integrations, you know, that are relatively chunky.

That's, it's really interesting. So how do, I guess it makes me wonder, how did the regulators, if they had all these DIY mix of on-prem, home -built, how are the regulators actually checking?

It's interesting, you know, and it's how the regulators check a lot of things, right.

Is they depend on auditors. They depend on, you know, basically honesty.

It's not, you know, most companies are not like Google and Facebook where, you know, they're like, man, we know we're out of compliance and we'll just pay the 300 million Euro fine and laugh about it.

You know, when you're talking to like large pharmaceutical companies, you know, large financial institutions, you know, mostly they have pretty stringent compliance teams that are running around and making sure they're compliant.

And for a lot of these countries, when you want to do something like we're going to offer online banking, we're going to offer digital payments.

You have to get regulatory approval and the IT infrastructure is part of that approval process.

Well, how are you storing the data? Where's it going to be? How are you protecting our consumers' information is part of getting a payment license in Jordan, for example, or in Pakistan, you know?

So the regulatory compliance aspect of, you know, the financial services, health businesses is really, really tied, you know, to where the data is stored and the regulators make it part of the approval process.

And have you had interactions with the regulators as part of the in-country?


So this is, you know, for us, like my joke, you know, we're in the country.

For us, we are partnering with local hosting providers. We're partnering with local systems integrators.

We have local legal counsel and we make efforts to meet with the local regulators, you know, everywhere from the Philippines to Singapore, to the Saudi Arabian Monetary Authority, you know, UAE, the ADGM, Abu Dhabi General Market has a digital privacy arm, you know, and these are all very sophisticated regulators actually that know everything to ask.

And for us, we want to figure out where they're going and we partner with them.

We're not about helping people get around the regulators.

We're all about finding out not just what the regulations are, but the intentions of the regulations.

And a lot of times we have customers ask us, well, what are we supposed to do in this market, right?

And we can provide guidance.

Yeah, that's, you're probably farther ahead than some of your multinational customers understanding what needs to happen in each country.

So Peter, let's switch a little bit to you and building the company.

Did you, are you a sole founder?

Did you partner with anybody else to build in-country? This company, I was the, I was the sole founder.

I had it as a side project for a couple of years, but actually my partner in it, the chief architect, Mark Reiser, I'd done two companies with before.

So he was in it from the very beginning, you know, and usually, you know, he does the projects and kind of moves on, but this one we sucked him in.

And so he's actually on it full-time and has been. So I'm really excited about that.

And then we built an executive team around that and staff under that.

So in your, and if I look back at your six builds, have they been mostly solo or you said Mark's been an architect?

Yeah, what you'll see is a combination.

So a lot of times, you know, I have the idea and I tinker, and then I'm like, okay, I want to do this.

And then I bring Mark on to do a prototype.

That's the last three companies. My last company, Sappho, I was really fortunate.

I was able to partner and co-found with Fuad Elnagir, who was the chief strategy officer at CBS Interactives.

We worked there doing the transformation there together, and we did Sappho together.

And that was, you know, you know, co-founder relationships, they have their ups and downs, you know.

Is it better by yourself?

You know, I work in a founder-led company where, you know, two main founders still running it.

There's a great balance. You know, we've had some entrepreneurs on where they're one of three, a couple of those, mostly one of two, and then occasionally on their own.

So I'm just curious for the entrepreneurs who are listening, how you find it?

Because I guess it's a little bit lonelier when you're by yourself, but then you don't have to worry.

Yeah, there's pros and cons to the two approaches, right?

When you're by yourself, you know, in some ways you can move faster, but it is lonely.

And then you have gaps, right? And a lot of people don't know their gaps, so they don't know how to fill them.

And then when you have co-founders, there's more alignment.

You know, ideally there's different areas of responsibility and like healthy ways to get alignment between them, you know.

But, you know, all founder relationships at some point are a little fractitious, you know.

And then people make up, right? And I mean, at Sappho, Fuad and Agra and I, we were like friends, we had a great time.

And at the end, we're almost in each other's throats, right?

And then we sold it, made a lot of money. And then, you know, last week I was in San Francisco, we took a walk together, right?

And we're good friends.

And it's like a family almost, right? And siblings, right? You're always going to be tied to those people.

And you do have to try to make it work and make a huge effort, right?

But there is time spent on that. And some people don't enjoy spending that time, especially technical people, right?

They don't want to spend a lot of time talking to people.

But it can be really useful, right?

To have co-founders. Well, so especially when you don't have co -founders, but even when there's two of you, I know, you know, I warned you, I wanted to ask you, where do you go for advice, right?

You're obviously incredibly insightful, smart, confident, you know, six companies under your belt.

It's amazing.

But still, there must be times when you want to ask somebody's opinion. So how do you do that as an entrepreneur?

It's weird, because you know, this shift happened.

And I guess it happens to everybody as they get older, you know, what, 45?

You know, people started asking me for advice all the time. Also, you know, I'm supposed to be the guru.

But you know, I have gaps in my knowledge. And so generally in relationships, and I know a lot of people think like this, but I'm like, okay, you know, I know x about y, and you know, z about y.

And if your z is bigger than my x, and usually it's more experience, more data, things like that, I want to know, right?

I don't have ego about it, you know, and actually, we met because I was struggling trying to build our Asian business, right?

And Melissa Guzzi from Arbor, our investor in Singapore, was like, Oh, my God, you're gonna meet this woman, she knows everything.

And you do. And so I just want to sponge that kind of information.

You know, because, you know, there's things I don't know.

But there are things, sadly, at this point, and at this age, and mainly from making mistakes, that I don't know more about certain things than others, right?

And it's funny, when people ask advice, I'm like, well, given these sets of inputs, you know, there's a 98% chance of this output, you know, and it's probably a negative output, and then people still do it, right?

Because everyone has to learn for themselves the hard way a lot of times, right?

You know, for our startup, because we scaled it up really, really fast.

You know, I had, you know, we went from, from, you know, six people to 80 people in like, eight months, right?

And there was like, one out of four turn, it was really bad, we have to optimize.

But remember, in our all hands, I would have this slide. And it was from like this anthropologist that studied primates, right?

And there's a certain type of intelligence where you learn from other people.

And the way it was, the primate has a rock, and it can crack the nut open and get to the meat of the nut, right?

And, and, you know, there's a set of primates that can't learn from others, right?

One, one primate is like, hitting the nut and eating the insides, and another one is trying to, you know, break it open with its teeth, and other ones like, rubbing it up against the tree, right?

So there's a special type of intelligence where you're like, oh my gosh, look at that primate, he just cracked open the nut, I should do that too with a rock, right?

So we would show that slide, you're like, please learn from the people who are here, they've already been here for three months, four months, they're not stupid, you know, they've learned something, don't show up here, and then try to repeat what they just did.

And it works sometimes, and it doesn't work other times.

But you know, I try not to be the, the rock, you know, the person who doesn't see the rock, I mean, I, and it happens sometimes, you know, the problem is, when you get successful, you have hubris, and you're like, oh, I was good at x, so of course, I'm going to be good at y, or I'm going to be good at z.

And sadly, I have like, really good intuition. So I can look at things externally, even not as an expert and predict where they're going sometimes.

But I do try to find people who know more than me about certain things.

And I love it. I love to learn from people and from things. So last question, we're almost out of time.

And maybe you've already said it in terms of looking for people who know more than you.

But I wanted to just for you to share one to two tips for budding entrepreneurs, things you think would be the most important.

So this is back to what you said, now that you're the grand old man of startups.

What are one or two things you might tell people who are on their first startup who might be younger or might be older, but just haven't done it before?

Well, you know, the primary thing is startups are two people there, or three people really their ideas, markets and people, right?

And so what's the idea? What's the market?

And then who are you, right? Like, why you and you have to find the magical combination of those three things.

And then also have awareness about what you're weak at.

I see a lot of like really great people targeting markets they have no idea about.

And sometimes it works. A lot of times it doesn't. Thanks, Peter.

I think we're going to have to wrap it up. So I got it. The people, the idea and the market.

Great to have you on. Thanks again.