Matt joins a startup
06/27/22 • 22 min
This episode of the Cloud Security Today podcast is a little different from the others because this time host Matthew Chiodi gives the interviewer’s seat over to Yousuf Khan and they talk about an exciting new development in Matt’s career.
Matt announces a big career move and talks about how he’s hoping to fix some of the biggest problems in SaaS security today. He tells Yousuf about his new role and the fresh approach that his new company is bringing to the field. At the end of the episode, they discuss working in a start-up environment and give advice to anyone considering working in a start-up.
If you enjoyed this episode, subscribe, or follow Cloud Security Today wherever you get your podcasts.
Timestamps
[0:28] Matt introduces the topic for today’s episode
[1:50] Exciting news from Matt about his latest career move
[5:10] Matt explains one of the biggest challenges in app security today
[7:25] How have we managed app security up to now?
[9:20] So how does Cerby work?
[11:32] Matt’s new role at Cerby and an outline of his first few months
[12:50] Why Matt likes working in a start-up environment
[14:05] How Matt became interested in Cerby
[16:20] What’s next for Cerby?
[18:10] The advice that Matt would give to anyone looking to join a start-up
[20:40] Yousuf adds his thoughts about working for a start-up
Episode Links
Ridge Ventures
Yousuf Khan's Linkedin Profile
Cerby's website
Matt's Linkedin Profile
This episode of the Cloud Security Today podcast is a little different from the others because this time host Matthew Chiodi gives the interviewer’s seat over to Yousuf Khan and they talk about an exciting new development in Matt’s career.
Matt announces a big career move and talks about how he’s hoping to fix some of the biggest problems in SaaS security today. He tells Yousuf about his new role and the fresh approach that his new company is bringing to the field. At the end of the episode, they discuss working in a start-up environment and give advice to anyone considering working in a start-up.
If you enjoyed this episode, subscribe, or follow Cloud Security Today wherever you get your podcasts.
Timestamps
[0:28] Matt introduces the topic for today’s episode
[1:50] Exciting news from Matt about his latest career move
[5:10] Matt explains one of the biggest challenges in app security today
[7:25] How have we managed app security up to now?
[9:20] So how does Cerby work?
[11:32] Matt’s new role at Cerby and an outline of his first few months
[12:50] Why Matt likes working in a start-up environment
[14:05] How Matt became interested in Cerby
[16:20] What’s next for Cerby?
[18:10] The advice that Matt would give to anyone looking to join a start-up
[20:40] Yousuf adds his thoughts about working for a start-up
Episode Links
Ridge Ventures
Yousuf Khan's Linkedin Profile
Cerby's website
Matt's Linkedin Profile
Previous Episode
MITRE + Cloud
As the world of cloud security continues to progress at high speed, new challenges and threats arise and morph on a constant basis. The MITRE Corporation is a body tasked by the US government with solving some of the largest threats in cybersecurity and beyond, and we are very lucky to welcome Tracy Bannon to the podcast today, who is the Senior Principal and Software Architect & DevOps Advisor at MITRE. Tracy opens up about her career journey leading up to her current position, what drew her into the work at MITRE, and how the simplicity of the solutions-focused mission has embedded her loyalty and passion within the organization. The conversation also goes some way into exploring the potential and limitations of zero trust, and what it actually means to make progress towards safer environments. Along the way, our guest makes some interesting and quite unique arguments for why words matter, and why change is healthier through a philosophy centered on building. So to catch it all in this fascinating conversation, make sure to join us on Cloud Security Today!
Key Points From This Episode:
- Tracy unpacks a brief history of FFRDCs and their role as objective technology advisors.
- The two main areas of Tracy's work at MITRE; digital transformation of software factories, and data centricity in data environments.
- Understanding MITRE's practical application and validation of the principles of zero trust theory.
- Weighing the validity of the negative reputation that developers have when it comes to security.
- Issues with the terms DevOps, DevSecOps, and SecDevOps, and the overloading and rushing that often happens on security teams.
- Why Tracy prioritizes 'culture building' over 'culture change' when thinking about progress.
- Leading teams, modeling behaviors, and realistic expectations for human error.
- Tools and safety nets in the cloud-native approach; Tracy's perspective on how much value to assign to these.
- Why the mission at MITRE initially piqued, and subsequently retained, Tracy's interest!
Tweetables:
“It’s not a recipe. It's not five things you have to do. It's understanding the principles and then applying them, being able to audit them, and validate consistently that they're happening. MITRE does both sides of that.” — @TracyBannon [0:07:44]
“Our job is not to land and expand. It’s impact. At all costs, it's to make impact. If it's one person, or a half of that person, it's really defined by the ability to keep the US safe.” — @TracyBannon [0:09:39]
Links Mentioned in Today’s Episode:
The Software Architect Elevator
The future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Next Episode
Zero trust with no FUD
In today’s episode, the Creator of Zero Trust, John Kindervag, joins Matt on the show to discuss implementing Zero Trust in your organization. While at Forrester Research in 2010, John developed Zero Trust, promising adequate and effective protection of an organization’s most valuable assets.
Today, John talks about the driving force behind Zero Trust, the concept of the Protect Surface, and Kipling Method Policies. Why is trust a vulnerability? Hear about Zero Trust, Shadow IT, and get John’s recommended resources.
Timestamp Segments
· [02:20] About John.
· [05:29] How does John define Zero Trust?
· [07:45] Why is trust a vulnerability?
· [09:56] The Protect Surface.
· [12:32] Kipling Method Policies.
· [17:22] The roadmap to Zero Trust at scale.
· [22:56] It’s the inspection that matters.
· [28:26] Zero Trust in the Cloud.
· [31:33] Shadow IT.
· [38:54] Tracking specific metrics.
· [40:58] John’s resource recommendations.
Notable Quote
"We can never stop cyber attacks from happening, but we can stop them from being successful.”
Relevant Links
Recommended Reading:
The Zero Trust Learning Curve.
Antifragile, by Nassim Nicholas Taleb.
On Grand Strategy, by John Gaddis.
Winning in FastTime, by John Warden.
LinkedIn: https://www.linkedin.com/in/john-kindervag-40572b1
ISMG: https://ismg.io
The future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Cloud Security Today - Matt joins a startup
Transcript
**NOTE: Generated via ML. Expect crazy stuff to be translated by an imperfect algorithm that may have never actually been said by the host or guest :-) ***
Narrator (00:02):
This is The Cloud Security Today Podcast where lea
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/cloud-security-today-215519/matt-joins-a-startup-24120967"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to matt joins a startup on goodpods" style="width: 225px" /> </a>
Copy