Secure Ventures with Kyle McNulty

Leigh:  CEO and Founder of TallPoppy, helping protect people from online harassment and related hacks Social impact driven, evidenced by her time with the ACLU Premier tech company resume including Slack, Microsoft, and Heroku Check out the episode for our discussion on Leigh's transition from tech to the ACLU to TallPoppy, the overlap between online harassment and targeted hacks, and the responsibility companies have in protecting their employees in their personal time. Links: Schneier's site with Public-Interest Technology resources: https://public-interest-tech.com/ The TechCongress Fellowship: https://www.techcongress.io/ TallPoppy Jobs: https://www.tallpoppy.com/careers Blu Cyber Summit: https://www.blucybersummit.com

Gal: Co-founder and CTO at Authomize - now in his fifth run as a founder! Founded Cyvera which sold to Palo Alto for $200 million Founded Hexponent which was acquired in just 8 months Founded and led Intel's software security division where he oversaw 120 people Listen to the episode for more! We discuss consulting as a way of marketing your start-up, Gal's legacy as a founder, and the technical challenges in building Authomize. Enjoy!

Marc: CEO of Devo, valued at $1.5B in late 2021 Previously COO of Logmein, valued at over $4B when they were taken private in 2020 Co-founder and CEO of IBM's Security business unit (8,000 people) MBA from Wharton Listen to the episode for our discussion on the formation of IBM security, the challenges with taking over a company and team during COVID, and current market conditions in the security space as told by a CEO that lives and breathes this market.

Tim: CEO of DomainTools for over a decade Previously started four start-ups in a single year Ex Wall Street and ex Silicon Valley Listen to the episode for our discussion on breaking into the technology industry, choosing organic vs. accelerated growth, and leveraging advisors for sound strategy. https://www.returnonsecurity.com/newsletter/ https://www.domaintools.com https://www.domaintools.com/resources/podcasts

While the Ukraine/Russia conflict lasts, there is increased uncertainty about what the future holds. In this episode, Karim Hijazi (CEO and Founder of Prevailion) and I discuss the cyber conflict in full. Precedent in previous cyber war, how the cyber conflict has unfolded so far, how attackers (both directly and indirectly involved) are responding, and what might unfold in various escalation paths.  His first episode on Secure Ventures was episode #2, and you can find it on whatever app you are using to listen to this one! Some additional reading material based on what we discussed: Ukrainian Hacktivists: https://www.wired.com/story/hacktivists-pandemonium-russia-war-ukraine/ Russian DDoS: https://venturebeat.com/2022/03/07/ukraine-weve-repelled-nonstop-ddos-attacks-from-russia/ India's Predicament: https://www.cbsnews.com/news/india-pressure-condemn-russia-ally-ukraine-invasion/

Scott: CEO of BV Systems, a family owned security business for over 50 years Started working in security in 6th grade Published author Fellow podcast host Listen to the episode for our discussion on his contributions to the family business since childhood, the physical security needs of today, and his contributions back to the community across a variety of media facets.

Philippe: - Founder and CEO of CrowdSec, the "Waze of Security" - 5-time entrepreneur - Entered cybersecurity after meeting his childhood hero who hacked video games Listen to the episode for the full story behind his introduction to the field, the factors that make a business idea feasible, and how crowdsourced cybersecurity can revolutionize the industry. https://crowdsec.net

With me in this episode is Jesper Zerlang. After bouncing around from founder to sales to wealth management, he came in to LogPoint to replace the original founder and has since driven incredible growth. In our conversation we dive into the SIEM competitive landscape, the benefits and challenges of a European grown company, and much more. Jesper: CEO of LogPoint, a Security Incident Event Management (SIEM) company headquartered in Copenhagen Ex-COO at a Danish Wealth Management company, Griffin Holding A/S CEO of his first start-up in 1992! https://www.logpoint.com/en/

Johanna: Two decades of cybersecurity consulting experience Tested the viability of starting her own consultancy through a three month engagement and never looked back Nicknamed "the Storm" Listen to the episode for our discussion of consulting principles, the relevance of customer industries for cybersecurity consulting, and growing a consultancy through word of mouth.

Uri: - Financial crime and fraud detection expert with 20+ years of experience - CEO and Co-founder at Biocatch - product was used by major banks like Citi, HSBC, and Barclays - Previously head of RSA Identity Protection Group - Six month stint as interim CEO at Funtactix, where one of his tasks was to go from level 1-40 in World of Warcraft Listen to the episode for a breakdown of the evolution of financial crime over the last two decades as attackers responded to new defensive measures, and how Uri played a key role in developing technology to gain the upper hand as the defense. https://www.biocatch.com/

Lane: Senior Vice President of Presales Systems Engineering at Arctic Wolf Previously Systems Engineer at Code42 Security Operations Enthusiast https://arcticwolf.com/

Harshil: - Co-founder and CEO at Tromzo - Co-founder of SVCI (Silicon Valley CISO Investments) - Previously Senior Director of Security at Medallia Listen to the episode for our discussion on starting a company in stealth, organizing CISOs as investors, raising money with only an idea, and more. https://www.tromzo.com/ https://www.svci.io/

AJ: Co-founder and CEO at ByteChek - "making compliance suck less" Founding Board Member of the National Association of Black Compliance and Risk Management Professionals LinkedIn Top Voice in 2020 SANS Instructor Listen to the episode for our discussion ranging from his dreams to be in the NBA, his experience with compliance challenges, and his revelation that startup founders do not necessarily have to be geniuses. https://www.bytechek.com/

Shawn: - Chief Information Security Officer (CISO) at World Fuel Services - Previously the first CISO at US Marine Corps Intelligence - Advisor in the startup ecosystem Listen to the episode for our discussion ranging from analogies between motorcycles and cybersecurity risk management, growing a cybersecurity team, and specific differences between working in government and the private sector.

Craig: 2(!) Master's degrees in Math Ex Principal Security Engineer at Raytheon Mach37 accelerator graduate with HyperQube Listen to the episode for our discussions around pursuing academia, automating security consulting, and the traditional problems with spinning up cyber ranges. https://hyperqube.io/

Corey: - Security professional for 25 years - Employee #12 at Cylance - Advocate for culture emphasis, including time as Chief Experience Officer Listen to the episode for our discussions around the structural challenges with security services, the value of customer success and retention teams in the absence of services teams, and the dynamics around security monitoring for nascent security teams. Links: cyvatar.ai

Troy: Creator of Have I Been Pwned? Creator of the Troy Hunt blog Host and producer of the Troy Hunt Weekly Updates podcast Pluralsight course author Microsoft Regional Director and MVP Never finished a college degree

Al: Three-time startup builder including Picmonic (Acquired), Medumo (Acquired), and now Safebase. Two-time Y Combinator graduate and Harvard Business School alumni Past VC at Comcast Ventures and Investment Banking at Mooreland Partners Poker enthusiast SafeBase: "The Interactive Security Portal" - SafeBase is a security resume for your organization to share key cybersecurity certifications and capabilities with customers in a streamlined fashion.

Sudesh: Serial entrepreneur having developed start-ups across several technical industries 30+ years in networking and cybersecurity At one point considered professional basketball (listen to the episode for more) KAPALYA: KAPALYA empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application. Recently received a $250,000 grant from the NSF for anti-ransomware capabilities Launching a crowdfunding campaign in the coming months (stay tuned by following Secure Ventures on Twitter and LinkedIn!) Links: https://www.kapalya.com/ https://finance.yahoo.com/news/kapalya-awarded-competitive-grant-national-124400465.html

Achiad: Bootstrapped Validize from idea to revenue, and he still has yet to take outside investment Incredibly involved in the Israeli cybersecurity ecosystem including being a Cyber Security Advisor for Start-up Nation Central, a board member for the Israel Export Institute, and the head of business development for the Ariel Cyber Innovation Center Originally studied Economics! Validize:  Validize connects global cybersecurity solution purchasers with the innovative products in the Israeli market. The platform’s technology enables Validize's partners to quickly add pre-screened Israeli cybersecurity solutions to their portfolio, receive prioritized channel pricing, and immediately open new opportunities.  https://www.validize.io/

Reuven: Previously head of Israel's cybersecurity red team Got a blank check offer for his first job in the private sector (listen to the episode for the story) Was mistaken for a janitor on his first day of college Has grown Cyesec 100% YOY and is targeting 250% this year in part due to a $120MM funding round earlier this year CYE: CYE brings a fact-based approach to organizational cyber defense, managing real business risks and optimizing the cybersecurity investment. CYE serves as a trusted advisor to medium-sized and Fortune 500 companies in multiple industries around the world. https://cyesec.com/index.html

Bruce:  Creator and content producer for popular security blog Schneier on Security (see first link below) Renowned author with over a dozen books Lecturer at Harvard Has a wikipedia page (I'm not quite there yet...) His site: https://www.schneier.com/ His paper on AI+Hacking: https://www.belfercenter.org/publication/coming-ai-hackers His Wikipedia page: https://en.wikipedia.org/wiki/Bruce_Schneier

Hugo: Started his career in pharmacology and now has over a decade of sales experience across several disparate industries Born in Mexico, he spent the majority of his sales career focused on Latin American expansion Similar to Alex/Archis who discussed Polyverse at a Johnny Rockets, Hugo and his co-founder Jesus first discussed rThreat at another classic chain, The Cheesecake Factory. rThreat: Breach and Attack Simulation (BAS) tool focused on understanding security posture Incredibly strong team of advisors well-known in the space

Alex: 17 year tenure at Microsoft including Bill Gates' Technology Advisor Has started 5 companies Angel investor Board member on several companies CEO at Polyverse Archis: Previously a software developer at both Microsoft and Amazon Won a computing competition in India Board member at the Center on Contemporary Art CTO at Polyverse Polyverse: Provide continuous protection to Linux systems from memory-based attacks through operating system controls.

Ike: Almost 50 years of experience in tech Tenures at Apple, MIT, SAP, Cisco and more 20 patents Way more knowledgeable than me about computing (and most things...) TidalScale: Rethinking the problem of big data computing by scaling up rather than out through a powerful supercomputer

Michael is the CEO of Virta Labs, a healthcare security company building a platform for medical device management. He also founded his own consultancy to help start-ups acquire funding through traditional and non-dilutive mechanisms like government grants. He’s especially well-versed in the financial and legal aspects of startups which are tricky for so many founders.

With me in this episode is Eric Cole. Eric is the CEO and Founder of Secure Anchor Consulting, where he has provided guidance for companies of all sizes and the Obama administration. He is also an established author who will have a total of 8 published books after the release of Cyber Crisis at the start of June. In the episode we dive into the common themes between entrepreneurship and authorship, and how he became successful in both. Pre-order the book now on Amazon: https://www.amazon.com/Cyber-Crisis-Protecting-Business-Threats/dp/1950665836

The average professional's experience with cybersecurity generally involves phishing training, and that is a brutally dry introduction. Oz Alashe at Cybsafe is working to revolutionize the world of security training, and he won't stop until he has influenced training across the globe. Listen to this episode for his embarrassing icon that influenced his joining the UK paratrooper regimen and his outlook for the future after raising $8 million earlier this year.

Pete is a guru in the entrepreneurship space. He is currently acting as VP of Business Development for two different companies and CEO of his own consultancy, all while acting as an advisor and board member for several others. Pete is a clear "people person", and his stories of innocent connection followed by subsequent business opportunities are incredulous. Tune in to hear about his recipes for success for start-ups that sometimes go against commonly accepted ideas.

As Wayne put it, security companies are often boring. To his credit, ThreatQuotient is far from it. The company has grown to over 100 employees since Wayne founded it with his coworker, Ryan Trost, back in 2013. The team has raised over $50 million in funding, and some portion of that has gone toward adopting three rhinoceroses, the company's logo and official mascot. On this episode, Wayne discusses his burning desire to become a founder before he succeeded with ThreatQuotient, the time commitment in a new venture, and the decision to step down from CEO in order to let the company continue its incredible growth trajectory. Enjoy!

While episodes so far focused on the stories of founders, in this episode I interview the hosts of the Extreme Uncertainty podcast, Mike Ravenscroft and Mike Leffer, who are prominent venture capitalists in the security space. The episode includes a glimpse into the untraditional routes into VC as well as several tips for founders looking for funding and idiosyncrasies of the security market when looking at potential investments. This is one of my favorite episodes so far, as it provides additional background as to the struggles of every founder I have interviewed on the show. Their podcast can be found by searching "Extreme Uncertainty" wherever you listen to Secure Ventures, or on LinkedIn at https://www.linkedin.com/company/extreme-uncertainty/.

Vladi has been through the gamut of cybersecurity roles including experience with the military, teaching, consulting, product, and entrepreneurship. After quickly rising through the ranks of Israel's cyber security arm, he entered the private sector where he gave up his free time for several years as he worked in consulting during the day and on coursework at night, including founding a security program at his alma mater shortly after graduating. Now, Vladi is leading Lightspin in the red-hot cloud security space with a novel approach to defense through graph visualization. His company has been growing rapidly, and incredibly he has done this while keeping an even balance between men and women despite the male-dominated field. 

Sam is the youngest guest to join the show so far, having started his company Kasada while he was still a teenager. After experience working in the Australian Signals Directorate (ASD) in high school, basically the NSA of Australia, Sam decided to forgo college ("university" for the Australians) in favor of going directly into the security world. Shortly after, he founded Kasada, which is built around a bot deterrence platform that presents complex quantitative challenges that cost attackers thousands in compute resources. Kasada has seen explosive growth, as it received funding from the CIA's venture group in its 2019 Series A, received a Series B in 2020, and now has over 50 employees.

After an early stint in the Air Force Reserves and then as an Algorithm Engineer, Guy's career then transformed after business school. He transitioned into Business Development, where he led the APAC expansion for Runcom Technologies and later Algosec. He was mentoring in an Australian cyber security accelerator, CyRise, when we was recruited by one of his mentees and now his Co-Founder. After a successful pivot, SecureStack is focusing on its product CloudBuilder, which enables secure templates for cloud deployments so the application attack surface can be rapidly reduced. SecureStack was recently named one of the top 20 cybersecurity firms to watch in 2021 by Forbes. 

After starting his career in the music industry including the creation of his own music festival, Festivus, Dean has woven a fascinating career out of his deep marketing expertise. With the new privacy regulation across the globe over the last several years, marketing efforts have become reliant on privacy compliance for effectiveness. Invisit is streamlining privacy compliance to ensure companies maximize the value of their marketing campaigns.

After a tongue-twisting liberal arts degree with two majors and two minors, Chrissa went on to pursue her dream of becoming a doctor. After a series of stints in healthcare, she found a passion for healthcare technology where she could influence a much wider landscape within healthcare. Her company, Patientory, is providing secure storage and access to consumer healthcare data through a mobile application so individuals can take ownership of their medical records.

From an early start in material sciences to serial product lead and strategist to trusted adviser in healthcare, Balaji has developed a fascinating career tackling each of his interests. While the healthcare industry is receiving more attention than ever, his company MedStack is simplifying healthcare security by providing an automated platform for deployment and infrastructure management.

In the wake of the recent SolarWinds incident, never has Karim Hijazi been so busy. Karim started his career in photography and then quickly transitioned into starting his own security consultancy. Since then, he has had numerous interesting events including a public battle with Lulzsec in 2011. Now, his company Prevailion is in the spotlight more than ever due to its novel approach to supplier security.

Ari Jacoby went to college thinking he would enter politics, but he soon found the entrepreneurial itch. Many years later, he has now led four successful exits as he embarks on his first venture into security, Deduce. Deduce is democratizing account takeover detection and prevention capabilities, such as notifications after logins from a new location, so smaller businesses can leverage similar functionality to that at major technology companies such as Apple, Facebook, and Google.