In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Chris Castaldo, Chief Information Security Officer at Crossbeam and author of Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit. Throughout his career, Chris noticed that the same cybersecurity related problems surface but there are many different ways to solve them.
Chris has always been passionate about startups and has plans to one day start his own company. While going through lists of top 10 books for startups and entrepreneurs he didn’t find any that mentioned how to do cybersecurity at a startup. This a significant gap for startups, not baking in cybersecurity early results in expensive rework 4-10 years after the startup is founded. This led to Chris writing Startup Secure - his goal was to create a guide and methodology for startup founders to avoid the expensive mistake of not baking cybersecurity into the startup in the beginning.
As the episode progresses, Chris highlights the difference in challenges for startups that are B2B (Business-to-Business) vs B2C (Business-to-Consumer). Cybersecurity startups must weigh the risks of building a product and building a secure company. It’s easier to implement all of the security controls offered by a solution when the startup is 20 employees or less because there is less impact on users and business functions. When cybersecurity startups are selling to organizations with cybersecurity teams, the startup is asked tough questions. For example:
As a cybersecurity professional, Chris emphases the importance of networking with other professionals. There is an increase in virtual conferences and adoption of LinkedIn. Asking questions to the leaders in the field and providing mentorship to others both provide a significant impact while cultivating your career. Chris also highlights the importance of following up on conversations to build relationships and securing opportunities.
When transitioning from engineer to CISO, Chris found that being intentional and purposeful with his time was impactful in his transition. He developed these skills by reading books about stoicism. He found that focusing on “the right thing to do” was tough because of constant distractions but being purposeful was the solution to distraction. Instead of focusing on all the things that were on his plate he would break down his goals into smaller chunks and give them his undivided attention for a specific amount of time.
Moments During This Podcast:
0:00 - Intro
1:57 - Chris Castaldo on Hacker Valley Studio Podcast
2:47 - Chris’ start in cybersecurity as a red team member
3:50 - Why did Chris write his book Startup Secure
6:58 - Challenges of implementing cybersecurity at a startup
9:56 - What excites Chris about cybersecurity
13:35 - How do you immerse yourself in learning about cybersecurity?
17:33 - Surprises when transitioning from engineer to CISO
22:43 - Core tenants of solving hard problems
25:53 - Protecting the crown jewels at an organization during a breach
33:38 - Advice on sharing knowledge with the world
Learn more about Chris Castaldo and connect with him on LinkedIn.
Learn more about Hacker Valley Studio.
Support Hacker Valley Studio on Patreon.
Follow Hacker Valley Studio on Twitter.
Learn more about our sponsor ByteChek.
Nick Lantuh, CEO of Interpres Security, joins Ron Eddings on the mic at Hacker Valley’s “On the Big Screen” event to talk about how Nick’s previous career experience have given him unique insight into the cyber...
In this episode, Host Ron Eddings is joined by Vishal Dixit, Co-founder & CTO at Graphus Inc., and Sven Bechmann, Senior Product Manager of Email Security at Kaseya to dig into how phishing attacks are evol...
In this episode, Andrew Forgie takes us on his journey from his early days as an Apache helicopter mechanic in the military to his current role as a regional sales manager in cybersecurity. Andrew shares his t...
In this episode of Hacker Valley Studio, we dive into the inspiring journey of Zinet Kamal, an immigrant from Ethiopia who has carved a niche for herself in cybersecurity. Despite starting her journey with limi...
In this episode, Host Ron Eddings catches up with repeat guest, Gary Hayslip, CISO at SoftBank Investment Advisors and co-author of CISO Desk Reference guide. Gary explains that the varied nature of his current...
In this episode, Host Ron Eddings and guest Or Eshed, CEO of Layer X, discuss how changes in IT infrastructure, employee behavior and malicious tech have created an era where browser security is a must. Or deta...
In this episode, Host Ron Eddings talks with guest Isaac Clayton, Senior Research Engineer at NetSPI. Ron and Isaac discuss the importance of ASM for organizations of all sizes, the challenges of asset identifi...
In this episode, Host Ron Eddings dives deep into crafting a resilient cybersecurity approach with guest speaker Bill Bernard, VP of Security Strategy at Deepwatch. Bill discusses the necessity of understanding...
In this episode, we’ll take a walk down memory lane. Hacker Valley looks back to 2023 to bring you some of the best clips with great advice and insight into being more creative, reflective, and resourceful with...
In this episode, Host Ron Eddings, discusses new tactics of adversaries with Director of Threat Research at Sysdig, Michael Clark. Michael digs into the cloud and shares trends about the AMBERSQUID operation an...
Are you the best kept secret in cybersecurity? Let's change that by partnering together for podcast ads, social campaigns, and your next event or keynote. Send us your details to get started.