In partnership with

Welcome back to Forests Over Trees, your weekly tech strategy newsletter. It’s time to zoom-out, connect dots, and (try to) predict the future.

Here’s the plan:

• Tech News Takes — super-short analysis and commentary

• Tool of the Week — tools you’ll find useful

• Strategy Tips — strategy nuggets (for business and life)

Anduril’s Ecosystem Beats Microsoft

Plus: Safety goes open source; Phishing tests backfire

⚡ Tech News Takes ⚡

Big firms band together for online child safety

• What’s up: The Robust Open Online Safety Tools (ROOST) initiative launched earlier this week at the AI Action Summit in Paris. ROOST is a nonprofit collaboration between major tech firms and philanthropies—including Google, Discord, and Roblox —to develop free, open-source AI safety tools. With $27 million in funding, ROOST aims to provide AI-powered safety infrastructure to organizations of all sizes, with a focus on child protection and countering online harm.

• So what: This is a win-win. First, having the best companies in the world create safety tools together means that the tools will be pretty good. When it comes to CSAM and other harmful online behavior, we’ll all feel safer knowing that a Justice League of our biggest tech firms are banding together to push back. Second, making these tools open source and available to all means that startups and other smaller firms will adopt them too, rather than spending the time/effort to build their own tools (which may or may not be as effective…). We talked last week about make or buy decisions, and this is just another example. If we make this a cheap/free “buy” for all firms, it’ll be more widely adopted, making our internet even safer.

Anduril and the Army Partner-Up (Again)

• What’s up: Anduril — the defense tech company — plans to take over Microsoft’s $22B contract with the US Army to produce mixed reality headsets. If approved by the Dept of Defense, Anduril will lead hardware and software development, and Microsoft’s Azure will remain the preferred cloud provider. Even outside of this contract, Anduril is on a roll, recently announcing partnerships with OpenAI and Palantir, and in the middle of raising another round at a $28B valuation.

• So what: This is fascinating. I’ve been following this Army<>Microsoft deal for years, but the last anyone heard was that: 1/ their Hololens headsets were making soldiers sick during testing and 2/ there was huge pressure on Microsoft to figure out a fix. So let’s talk about takeaways for the major players. For Microsoft, it’s probably a relief to be out of the hotseat. But this also aligns nicely with CEO Satya Nadella’s new approach of re-focusing on monetizing existing businesses rather than spending endlessly on AI, R&D, and exploratory tech (ex. letting Oracle step in with OpenAI for Stargate). For Anduril and its founder Palmer Lucky (who founded Oculus and later sold it to Meta), working on headsets for the military just makes sense. For the Army, Anduril’s solution integrates better with their existing tech thanks to Anduril’s Lattice OS. The platform connects data and hardware for Anduril and other trusted partners (Palantir, etc.).

Phishing tests aren’t working

• What’s up: While phishing tests have been a standard cybersecurity practice for years, research suggests they aren’t super effective. A 2021 study of 14,000 corporate workers found that phishing tests, combined with voluntary training, actually made employees more susceptible to attacks (they had false confidence after the trainings). And more recently, a 2024 University of California San Diego study found that phishing tests led to just a 2% reduction in phishing success rates.

• So what: At first, I was shocked by the data! But it makes sense if you think about it — expecting 100% of your employees to be cybersecurity experts… constantly alert to threats and sniffing out all trickery… just isn’t realistic. Do we expect our recruiters to be finance experts? Our engineers to be marketing experts? Of course not. Instead, we should be prioritizing systems and tools that help us avoid such threats. Plus, even if we (as employees) are getting smarter about identifying phishing, the volume is going way up thanks to AI, creating more opportunities to screw-up. McKinsey reported that since 2022, phishing attacks are up 1,265%!

🛠️ Tool of the Week 🛠️

Create, Publish & Earn with Synthflow AI Voice Agents Marketplace

• Discover templates for routine/repetitive tasks like lead qualification and managing appointments.

• Publish your own Voice AI solutions to help businesses thrive—and earn commissions.

• Access custom actions that automate CRM updates, appointment scheduling, and more.

Build Your AI Agent Now

🧭 Strategy Tips 🧭

Today’s strategy tip is all about ecosystem strategies.

Specifically, we’ll discuss Anduril’s Lattice OS and ecosystem strategy, using the framework to unpack the news about their new Army contract.

What is an Ecosystem Strategy?

An ecosystem strategy is when a company builds a platform that connects multiple products, services, and partners. And instead of merely selling a single product, they become the essential infrastructure others rely on.

A strong ecosystem is built on three pillars:

1. Platform Ownership – Controlling the core infrastructure everything connects to (ex. Apple iOS powers iPhones, apps, and services).

2. Network Effects – More users and partners increase the platform’s value (ex. Android benefits as more developers build apps).

3. A Competitive Moat (Over Time) – Widespread adoption locks in users and makes switching difficult (ex. Microsoft Office became the enterprise default).

If you get it right, your ecosystem will attract:

• More partners (who want access to the customers that trust you)

• AND more customers (who want to use those partners’ tools)

For my visual learners, ze visual!

And if we bring it back to Anduril, their Lattice OS perfectly fits the framework.