January 26, 2021

Episode 116 - Start-Up Secure with Chris Castaldo

by Hacker Valley Studio

Show Notes

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Chris Castaldo, Chief Information Security Officer at Crossbeam and author of Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit. Throughout his career, Chris noticed that the same cybersecurity related problems surface but there are many different ways to solve them.

Chris has always been passionate about startups and has plans to one day start his own company. While going through lists of top 10 books for startups and entrepreneurs he didn’t find any that mentioned how to do cybersecurity at a startup. This a significant gap for startups, not baking in cybersecurity early results in expensive rework 4-10 years after the startup is founded. This led to Chris writing Startup Secure - his goal was to create a guide and methodology for startup founders to avoid the expensive mistake of not baking cybersecurity into the startup in the beginning.

As the episode progresses, Chris highlights the difference in challenges for startups that are B2B (Business-to-Business) vs B2C (Business-to-Consumer). Cybersecurity startups must weigh the risks of building a product and building a secure company. It’s easier to implement all of the security controls offered by a solution when the startup is 20 employees or less because there is less impact on users and business functions. When cybersecurity startups are selling to organizations with cybersecurity teams, the startup is asked tough questions. For example:

  • What is your vendor review process?
  • Is your startup leveraging cloud security controls?
  • What is your privacy policy?

 

As a cybersecurity professional, Chris emphases the importance of networking with other professionals. There is an increase in virtual conferences and adoption of LinkedIn. Asking questions to the leaders in the field and providing mentorship to others both provide a significant impact while cultivating your career. Chris also highlights the importance of following up on conversations to build relationships and securing opportunities. 

When transitioning from engineer to CISO, Chris found that being intentional and purposeful with his time was impactful in his transition. He developed these skills by reading books about stoicism. He found that focusing on “the right thing to do” was tough because of constant distractions but being purposeful was the solution to distraction. Instead of focusing on all the things that were on his plate he would break down his goals into smaller chunks and give them his undivided attention for a specific amount of time.

 

Moments During This Podcast:

0:00 - Intro

1:57 - Chris Castaldo on Hacker Valley Studio Podcast

2:47 - Chris’ start in cybersecurity as a red team member

3:50 - Why did Chris write his book Startup Secure

6:58 - Challenges of implementing cybersecurity at a startup

9:56 - What excites Chris about cybersecurity

13:35 - How do you immerse yourself in learning about cybersecurity?

17:33 - Surprises when transitioning from engineer to CISO

22:43 - Core tenants of solving hard problems

25:53 - Protecting the crown jewels at an organization during a breach

33:38 - Advice on sharing knowledge with the world

 

Links:

Pre-order Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit

Learn more about Chris Castaldo and connect with him on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Read more

Listen Now

test
Episode 116 - Start-Up Secure with Chris Castaldo

January 26, 2021 Hacker Valley Studio

00:00:00

Recent Episodes

January 31, 2023
by Hacker Valley Studio

In this episode of the podcast, Maril Vernon joins Ron and Chris and discusses the importance of breaking down silos between cyber teams and inspiring individuals to drive their own careers in cybersecurity. Maril has been a key player in promoting t...

January 24, 2023
by Hacker Valley Studio

In this episode of Hacker Valley Studio, Rob Wood, Chief Information Security Officer (CISO) at CMS, discusses the challenges of data silos within organizations. Rob explains that security teams often operate in silos, with different departments focu...

January 17, 2023
by Hacker Valley Studio

Taylor Lehmann, Director of Office of the CISO at Google Cloud, has made it his mission to make healthcare and life sciences more secure and strategic for everyone. Joining our security podcast this week, Taylor talks about how security and strategy ...

January 10, 2023
by Hacker Valley Studio

Maxime “Max” Lamothe-Brassard, Founder of LimaCharlie, brings a tech-focused community perspective and a history of working at Google to the Hacker Valley security podcast this week. Inspired by the internal motivation to empower others and build wha...

January 3, 2023
by Hacker Valley Studio

Brian Haugli, Founder and CEO of SideChannel, brings his CISO expertise to the security podcast this week for a discussion about strategy and leadership in cybersecurity. Working alongside CISOs and fractional VCISOs, Brian has seen his share of lead...

December 20, 2022
by Hacker Valley Studio

Allison Minutillo, President of Rebel Interactive Group and Host of the Rebel Leadership podcast, joins the Hacker Valley team this week to talk about her journey from individual contributor to company leader. With a leader’s mind and a rebel’s heart...

December 15, 2022
by Hacker Valley Studio

Cody Wass, VP of Services at NetSPI, brings his near-decade of experience to the pod to talk about longevity, development, and leadership. It’s no secret that cybersecurity is in need of people. Cody’s journey from intern to VP at NetSPI has shown hi...

December 13, 2022
by Hacker Valley Studio

Brad Liggett, CTI Intel Engineer Manager at Cybersixgill, puts on his improv hat and joins the pod ready for anything. After COVID pressed pause on daily life, Brad kept himself sane and gained some new skills by returning to his improv roots (a hobb...

December 6, 2022
by Hacker Valley Studio

Richard Rushing, CISO at Motorola Mobility, brings his decades of experience to the show this week to talk about leadership, communication, and perhaps most importantly of all: prioritization. After joining Motorola through a startup acquisition, Ric...

November 29, 2022
by Hacker Valley Studio

Kenneth Ellington, the Senior Cybersecurity Consultant at EY and Founder of the Ellington Cyber Academy, achieves his goal of being on the Hacker Valley Studio this week. From working at Publix in college to becoming an online course instructor, Kenn...