Keith Trawick is the CIO of Stretch Zone, a practitioner-assisted stretching franchise with more than 420 locations across the country and another 75 to 80 expected to open this year. He joined the organization as employee number one when it made the move from boutique wellness service to scalable franchise brand roughly 12 years ago, helping build the technology infrastructure from the ground up in a category that did not exist before Stretch Zone created it. With a career rooted in subscription-based, member-centric businesses, Keith brings a systems-first perspective to the intersection of AI adoption, franchise operations, and the very human challenge of bringing hundreds of independent business owners along on the journey.
Here’s a glimpse of what you’ll learn:
- What it means to build technology for a franchise category that did not exist when you started and how that shapes the systems-first philosophy Keith still operates from today
- Why Keith believes the service Stretch Zone delivers is AI-resilient at the front line and where the real AI opportunity lives on the back end
- How machine learning in security tools is the unsung hero of the current threat environment and why traditional patching alone cannot keep pace with machine-speed attacks
- Why Keith is deploying AI voice agents for inbound and outbound calls across the franchise network and the data foundation problem that has to be solved first
- How he is partnering with SoundHound on voice and Blend on middleware to build an agentic system that respects compliance requirements across hundreds of independently owned locations
- Why outcome-based pricing for AI tools makes more sense than hourly labor for a franchise model and what that calculation looks like in practice
- Why the organizations that wrote off AI after a bad ChatGPT hallucination experience are going to have a very hard time competing from here
In this episode…
Keith opens with an origin story that reframes what technology leadership looks like when you are building the category, not just the company. Stretch Zone did not have a Google Business Profile category to select when it launched because no such category existed. Nobody knew what getting stretched meant. Keith joined as employee one with the franchise growth model and has spent 12 years building the systems infrastructure that allows more than 420 independently owned locations to deliver a consistent, brand-defined member experience without micromanaging the owners running those businesses. That tension, between brand consistency and franchise autonomy, runs through every technology decision he makes, and it is the lens through which he evaluates every AI initiative the organization is now pursuing.
The security section of this episode is where Keith gets most animated, and with good reason. He draws the machine learning versus LLM distinction with a water-in-the-boat analogy that lands harder than most technical explanations do. Traditional patching is reactive by design: the boat manufacturer notifies you of a defect, you patch the hull, done. But zero-day vulnerabilities exploited at machine speed do not wait for the notification cycle. What Keith wants is a system that detects water in the boat as it arrives, identifies where it came from, and addresses it before the hole is officially documented. That is what machine learning tools like Darktrace are doing in practice, and Keith makes a direct case that behavioral AI understanding what is normal for each user, each application, each network pattern, and flagging deviation from that is the only defensive posture that makes sense when the attack pace has crossed from human speed to machine speed.
The voice agent initiative is the most concrete and forward-looking section of the episode. Keith is mid-implementation, weeks away from beta testing at targeted locations, and he is candid about exactly how complicated it is to deploy agentic AI responsibly across a franchise network. The technology problem, building an AI that can handle inbound member calls and make outbound follow-ups within the right guardrails, required choosing partners with deep expertise rather than assembling something from YouTube tutorials and automation harnesses. SoundHound handles the voice side. Blend handles the middleware and data layer. But what took the most work was building the data foundation underneath it: a consistent definition of what a member actually is across 420 locations where 100 different owners might give 250 different answers to that question. Keith is clear that the agentic capability is ready. The last mile is compliance, making sure outbound call campaigns are registered, approved, and respectful of each state's quiet period rules across hundreds of independently owned businesses. That is the problem he is solving in real time, and the fact that he is talking about it before the rollout rather than after makes this episode particularly valuable for anyone who is contemplating the same move.
Resources mentioned in this episode
CyberLynx Website
Keith Trawick on LinkedIn
Stretch Zone Website
Darktrace Website
Sentinel One Website
Sponsor for this episode...
This episode is brought to you by CyberLynx.com
CyberL-Y-N-X.com.
CyberLynx is a complete technology solution provider to ensure your business has the most reliable and professional IT service.
The bottom line is we help protect you from cyber attacks, malware attacks, and the dreaded Dark Web.
Our professional support includes managed IT services, IT help desk services, cybersecurity services, data backup and recovery, and VoIP services. Our reputable and experienced team, quick response time, and hassle-free process ensures that clients are 100% satisfied.
To learn more, visit cyberlynx.com, email us at help@cyberlynx.com, or give us a call at 202-996-6600.
Check out previous episodes:
Why the Credit Union Peer Network Is a Security Advantage Banks Cannot Buy with Nico Stein - Ep 217
Deepfakes, Demos, and the Real Cost of a False Sense of Security with Chris Pacifico - Ep 216
AI Is Draining the Grid: Behind-the-Meter Power Solutions with Tony Uttley - Ep 215
Transcript:
Keith Trawick
CIO
Stretch Zone
Matthew Connor: Matthew Connor here, host of the Cyber Business Podcast. Today we're joined by Keith Trawick, CIO at Stretch Zone. Keith, welcome to the show.
Keith Trawick: Hey, thank you for having me. Glad to be here.
Matthew Connor: Thanks for being on. Before we get too far in, a quick word from our sponsors. Hackers are getting smarter — is your security keeping up? Cyberlynx sells industry-leading, AI-powered cybersecurity solutions that detect threats in real time, so you know about an attack before the damage is done, not after. Learn more at cyberlynx.com. And now back to our show.
Keith, for those who aren't familiar, can you tell us about Stretch Zone and your role there as CIO?
Keith Trawick: Sure. Stretch Zone started about 25 years ago with a really personal origin story from our founder. He was able to help his grandfather rehabilitate from a serious physical health event and return to a full, active lifestyle — and it all centered on movement and mobility. What a lot of younger people don't fully appreciate is that as you age, being able to tie your shoes, pick something off a shelf, play with your grandkids, or get through a round of golf pain-free makes an enormous difference in quality of life.
From that beginning, he was working with celebrity trainers and in high-end wellness circles. Then about twelve years ago, we decided to turn it into a brand and grow it. I came in as employee one on the growth side, and today we have around 420 locations with another 75 to 80 expected to open this year.
What made the early days particularly interesting is that this was essentially a category creation. If you've never had a massage, you have some frame of reference from TV and movies. But if I say "do you want to go get stretched?" — most people genuinely have no idea what that means. When we were setting up our Google business profiles, there wasn't even a category to select. Going from an idea to the first stores opening to where we are today has been quite a journey.
Matthew Connor: That's remarkable growth. Is this franchise-based or corporate-owned?
Keith Trawick: Predominantly franchise. We have some corporate stores, but the biggest validation of the model is that most of our growth comes from existing franchisees opening their second, third, and fourth locations. Once someone is truly in and having success, they come back for more — that's the best validation a franchise can ask for.
Matthew Connor: Let's dive into the CIO side of that. How do you support franchisees with their systems at that scale?
Keith Trawick: Most of my career has been in organizations built around members rather than just customers — subscription-based, recurring revenue, personal services. In a business like Stretch Zone, it's deeply member-centric. People join, they get services, they manage their memberships.
The core system of record in this type of ecosystem is what we call a member management system. In health, wellness, and fitness, there are a handful of established players that provide that layer — appointment booking, payment processing, time clocks, the core operational functionality. We want those systems to do what they do well.
Where we focus is building on top of that layer — the place where the member and the organization actually meet. Things like a mobile app and a customer portal where people can manage their memberships the way we want them to. Early on, without those layers, we were constantly hearing from franchisees that the member management system was "broken" or "didn't work." The reality was that our business rules weren't correctly mapped to what the system could and couldn't do. For example, we needed rules around how many future appointments a member could hold at once — because people would book slots weeks out and forget, which blocked availability for other members. Once we rolled out the mobile app and owned those touchpoints ourselves, a lot of those complaints disappeared.
Matthew Connor: Was the app custom-built or built on a platform?
Keith Trawick: Custom-built. I think it's very difficult for vendors to deliver truly brand-specific functionality and workflows — they have to be all things to all people, and that's not fair to expect from them. When we have very unique needs, my strong preference is that we own those member touchpoints. That way we control the messaging, the experience, and the business rules we need to enforce.
Matthew Connor: And looking at where AI fits into your world — you're in a fairly AI-resilient business, right? The actual service is delivered by a human, and I don't think humanoid robots doing assisted stretching is on the near-term horizon. But what about the back end? Operations, security, customer interaction?
Keith Trawick: You're right that the core service delivery is going to remain human for a long time — and I'm fine with that. It's a feature, not a bug. But the back end and member-facing operations are absolutely where we're focused with AI right now.
One of the areas specific to our model is that the service is entirely relationship-driven. When you have a problem with how that service is being delivered, the faster you can identify it and either coach the person up or make a change, the better your business performs. We're using AI to synthesize member reviews, surface patterns, and pinpoint where issues exist much faster than we ever could manually.
On the security side, I want to spend a moment here because I think this is where things get really exciting and genuinely important. Machine learning has been underappreciated for years — and now that LLMs are front and center, everyone defaults to thinking that's what "AI in security" means. But LLMs and machine learning serve very different purposes.
LLMs are fantastic for things like AI-assisted SOC work — having a language model analyze a security event and produce a human-readable explanation of exactly what happened. SentinelOne and CrowdStrike are doing really impressive work there. But on the detection side, what I think is genuinely the future is what you see in products like Darktrace: machine learning that builds a deep behavioral understanding of your environment. It knows that Keith doesn't write emails at 2 AM — or that Keith always writes emails at 2 AM and is never up at 7 AM, so when that pattern shifts, something's wrong. When an application starts doing something it's never done before, it stops it. That kind of intelligence is what you need when you're facing zero-day vulnerabilities being discovered and exploited at machine speed before any patch exists.
The old model was: wait for the manufacturer to publish a vulnerability, then patch it. That doesn't work anymore. You need systems that detect anomalous behavior in real time — not because they know the specific exploit, but because they know what normal looks like and something has deviated from it. That's how the good guys win this fight. We can't keep showing up with a sword when the other side has automatic weapons.
Matthew Connor: A hundred percent agree. And on the operational AI side — you mentioned outbound calling and appointment follow-up. That's a fascinating use case. Can you walk us through how you went about building that?
Keith Trawick: Yeah. So if you spend five minutes on YouTube or X, you'll see a thousand tech influencers claiming they can set up a voice agent in an afternoon. And there's a whole range of vendors — particularly in the 2025 wave of automation tools, the n8ns and Zapiers of the world — who say they can handle it. But when you actually dig in, it's not that simple. How do you handle prompt injections? How do you apply security and guardrails? And when you lock it down enough to feel comfortable with it, you've often constrained it to the point where it's really just rule-based automation and you've lost the agentic quality entirely.
I think we're now crossing that threshold where you can actually have both. For us, the technical side — understanding voice, routing the request, calling the right tools — is actually the more tractable problem. The harder challenge is the data foundation. I use this example all the time: if I put 100 fitness facility owners in a room and ask them to define what a "member" is, I'll get 250 different definitions. Cancellation rules, freeze policies, booking windows, service tiers — all of it varies. Before you can deploy a useful AI agent, you have to build a consistent, well-mapped data layer so that agent has the right context to operate correctly. You cannot have a non-deterministic AI interacting with inconsistent systems and expect reliable outcomes.
The infrastructure partner we're using is a company called Blend, and we're working with SoundHound on the voice side. SoundHound is a publicly traded company with deep expertise in voice recognition and agentic systems, and the Blend layer connects to our member management system and provides the necessary context. We're genuinely close — our biggest initiative right now is getting that data layer consistent so we can confidently deploy.
The other major challenge that doesn't get enough attention is compliance. Outbound calling and texting is heavily regulated. Quiet periods vary by state. Individual franchisees need their campaigns registered and approved. Texas recently passed legislation with very specific rules around outbound contact. Those rules are not static — they change. Making sure we're compliant across hundreds of franchise locations, each operating as an independent business in different states, is genuinely the hardest last-mile problem we've been solving.
Matthew Connor: That's a really valuable walkthrough for people considering the same path. And I love that we're having this conversation while it's in progress rather than after the fact — it gives other operators a real sense of what the actual challenges look like versus the polished demo.
Keith Trawick: Exactly. And I think the ROI case here is actually very compelling. I'd much rather pay a higher per-call rate on an AI system that delivers a successful outcome than pay a $15-20 per hour employee to sit at a front desk for eight hours and make 10 or 12 calls. Beyond cost, there's the quality control argument — the AI says the right thing within the right guardrails, every time, at every location. The Big Mac has to be the same Big Mac everywhere. A location that adds their own ketchup isn't wrong about liking ketchup; they're just no longer serving a Big Mac. Consistency is the brand.
Matthew Connor: The self-driving car analogy applies perfectly here too. A few years ago it was a drunk toddler. Now it's a teenager who just got their license. Not fully trusted, but increasingly capable. And the comparison that matters isn't "is it perfect?" — it's "is it better than the alternative on average?" When I'm watching a 19-year-old on their fourth shift make an outbound recall call, sometimes the AI wins.
Keith Trawick: Exactly my point to our franchisees. Is someone going to detect an AI voice and be uncomfortable? Maybe. Are there people who prefer a human? Absolutely. But if I know with certainty that the call will be made, that the right message will be delivered within the right guardrails, and that it won't cost me $18 an hour for eight hours regardless of call volume — that's a business decision worth making. We're at that inflection point.
Matthew Connor: And for organizations that are hesitant because of early ChatGPT hallucination experiences — I think that hesitation is going to become really costly over time. The companies that don't get on the bus are going to struggle to compete.
Keith Trawick: One hundred percent. And I want to be clear that I don't think the answer is mass layoffs — that's been the wrong read on a lot of the tech company workforce reductions. Most of that was bloat accumulated during an overcorrection in hiring, and it's being trimmed. That's different from AI making jobs obsolete. The vast majority of businesses I know that have implemented AI have their teams working harder than ever, not because AI is failing but because things that were previously impossible are now possible, and now there's a whole new category of work to do. My team is in full sprint right now.
What I do think will change is the nature of work. The roles that exist primarily to move information from one place to another — the meeting about the meeting, the status update on the status update — those are going to go, and they probably should. The people who thrive will be the ones who can do things and use these technologies. And our job as leaders is to bring people with us through that transition, not just optimize for ourselves. A business owner who doesn't know how to transfer a call on their phone system doesn't need a lecture on harnesses, agents, and guardrails. They need a partner who meets them where they are and helps them take the next step.
Matthew Connor: Well said. And I'm genuinely excited to have you back once you've got the voice agent beta up and running to hear how the numbers actually landed. Keith, this has been a fantastic conversation. Before we go, can you tell everyone where they can find out more about you and Stretch Zone?
Keith Trawick: Sure. The website is stretchzone.com — you can learn about the brand, find locations, and actually book a session. We have some nice AI-driven functionality in there for booking and member management, so it's worth checking out. And I'm on LinkedIn — feel free to connect and reach out.
Matthew Connor: Fantastic. Until next time.
Keith Trawick: Thank you so much.