POPULARITY
Do we have your permission to share this episode of Screaming in the Cloud with you? Sonrai CTO and Co-Founder Sandy Bird is back on the show to help Corey break down the woes that come with granting permissions in the world of cloud security. As they catch up, the pair touch base on how automation can create major headaches, what goes into navigating the minefield of granting permissions, and if the future of adoption patterns is as grim as Corey predicts. Sandy also answers one of Corey's long-time questions: how do you pronounce “Sonrai?” Who knows? Maybe Corey will finally learn how to say it properly...Show Highlights:(0:00) Intro(0:30) Breaking down Sonrai's name(1:45) Sonrai sponsor read(2:25) Getting alerts vs. fixing the root of the problem(4:50) The problems with granting permissions(7:34) The dangers of automating permissions(10:10) "Where do I make this change, and how do I enforce it?" (13:46) The security concerns that come with tagging automation(16:12) Sonrai sponsor read(16:53) Properly deploying permissions access(21:16) Woes of running reporting in the middle of the night(23:21) Are adoption patterns getting worse?(29:01) Where you can find more from Sonrai SecurityAbout Sandy BirdSandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert., Sandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert.LinksSonrai Security: https://sonraisecurity.com/Sonrai Security free trial: https://sonraisecurity.com/trial/Sonrai Security demos: https://sonraisecurity.com/demo/Sonrai Security learning resources: https://sonraisecurity.com/resource-library/Sonrai Security blog: https://sonraisecurity.com/blog/Sonrai Security ACCESS Virtual Summit: sonrai.co/access-on-demandSponsorSonrai Security: https://sonraisecurity.com/
Send us a Text Message.Are your cloud environments secure, or are they silently exposing you to threats? In this gripping episode, we sit down with security industry giant Sandy Bird from Sonrai Security. Sandy draws from his rich 20-year career, from founding Q1 Labs to his pivotal role as CTO of IBM's security division, to share invaluable insights. We uncover the evolution of cloud security, focusing on the intricate challenges of AWS IAM (Identity and Access Management). Sandy discusses how Sonrai Security is leading the way in transforming IAM with advanced analytics, helping teams effectively manage complex AWS privileges.Machine identities in cloud environments can be ticking time bombs. Sandy breaks down how developers might unintentionally create vulnerabilities that bypass traditional firewalls, making systems susceptible to external threats. With startling statistics on the number of forgotten cloud identities, we explore the enormous task of tracking these identities and the steep learning curve faced by new IAM security professionals. The conversation also covers the often non-intuitive nature of AWS permissions and API calls, adding another layer of complexity to security management.AWS environments are unique and bespoke, posing significant challenges. We discuss the intricacies of AWS certifications, the numerous traps in exam questions, and the importance of a centralized permissions firewall that offers guardrails while allowing developer freedom. Sandy introduces the idea of a 14-day trial for a cloud permissions firewall in a monitor-only mode, providing a risk-free opportunity to understand its benefits. Tune in to discover how innovative solutions are shaping the future of cloud security and why a permissions firewall could be a game-changer for your secure cloud operations.Free Trial: https://sonraisecurity.com/trial/Sonrai Security Website: https://sonraisecurity.com/LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576/Sonrai Security Sonrai prides themselves on being able to reveal every over-privileged identity and all pathsDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the Show.Affiliate Links:NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902 Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastYouTube: https://www.youtube.com/@securityunfilteredpodcastTikTok: Not today China! Not today
Send us a Text Message.Episode SummaryOn this episode, Sandy Bird, CTO and Co-Founder of Sonrai Security, joins the show to discuss identity security in the Cloud. Prior to Sonrai Security, Sandy co-founded Q1 Labs, which was acquired by IBM. He then became the CTO and helped IBM Security grow to $2B in revenue.Today, Sandy talks about his journey in cybersecurity and how to manage and eliminate dormant identities. Why should listeners be concerned about zombie identities? Hear about the permissions attack surface and where to start implementing zero trust policies.Timestamp Segments· [01:41] Getting into cybersecurity.· [03:48] Key lessons from IBM.· [08:40] Zombie identities.· [12:53] Is it possible to manage and eliminate dormant identities?· [16:17] Tying the process into a CI/CD pipeline.· [21:01] The Dirty Dozen of Cloud Identity.· [24:13] The permissions attack surface.· [27:00] Zero Trust best practices.· [30:08] Creating nett new machine identities.· [33:17] Prioritizing identity misconfigurations.· [35:15] Sandy's mentors and inspirations.· [37:37] How does Sandy stay sharp? Sound Bites"Nothing is a straight path in starting companies in your career.""Zombie identities are identities that were part of previous projects and never get cleaned up.""Fix the low-hanging fruit first, such as getting rid of zombie identities and locking down sensitive identities." Relevant LinksWebsite: sonraisecurity.comLinkedIn: Sandy BirdQuantifying Cloud Access: Overprivileged Identities and Zombie Identities
On this Featured Guest episode of Screaming in the Cloud, Corey is joined by Sandy Bird, Co-Founder and CTO of Sonrai Security. The two discuss the current state of cloud permissions security, and Sandy details the company's breakthrough Cloud Permissions Firewall which promises fast and scalable cloud least privilege all with one click. Corey and Sandy also talk about bunk AWS tools in this space, the insanely high “zombie” population in the cloud, and how Sonrai works for companies of all sizes.Highlights:(00:00) Welcome to Screaming in the Cloud with Corey Quinn(00:50) Sponsored Ad(01:32) Exploring Sonrai Security's Mission and Challenges(03:38) Introducing the Cloud Permissions Firewall Concept(05:59) Comparing Cloud Providers' Permissions Models(09:49) Sponsored Ad(10:12) Addressing the Zombie Identity Problem(16:44) Scaling Solutions for Different Company Sizes(20:10) Navigating Cloud Security Challenges(23:38) Innovative Approaches to Permission Management(25:27) Optimizing Permission Requests with Statistics(27:04) Improving Cloud Security with Permissions on Demand(35:15) Concluding Thoughts and ContactAbout Sandy: Sandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert.Links referenced: Sonrai Security Website: https://sonrai.co/screaming-cloud Free 14-Day Trial: https://sonrai.co/screaming-trialSandy's LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576/* Sponsor Sonrai Security: https://sonrai.co/screaming-cloud
A bonus episode of The Cloud Pod may be just what the doctor ordered, and this week Justin and Jonathan are here to bring you an interview with Sandy Bird of Sonrai Security. There's so much going on in the IAM space, and we're really happy to have an expert in the studio with us this week to talk about some of the security least privilege specifics. Background Sonrai (pronounced Son-ree, which means data in Gaelic) was founded in 2017. Sonrai provides Cloud Data Control, and seeks to deliver a complete risk model of all identity and data relationships, which includes activity and movement across cloud accounts, providers, and third party data stores. Try it free for 14 days Start your free trial today Meet Sandy Bird, Co founder of Sonrai Security Sandy is the co-founder and CTO of Sonrai, and has a long career in the tech industry. He was the CTO and co-founder of Q1 Labs, which was acquired by IBM in 2011, and helped to drive IBM security growth as CTO for global business security there. Interview Notes: One of the big questions we start the interview with is just how has IAM evolved – and what kind of effect have those changes had on the identity models? Enterprise wants things to be least privilege, but it's hard to find the logs. In cloud, however *most* things are logged – and so least privilege became an option. Sonrai offers the first cloud permissions firewall, which enables one click least privilege management, which is important in the current environment where the platforms operate so differently from each other. With this solution, you have better control of your cloud access, limit your permissions, attack surface, and automate least privilege – all without slowing down DevOps2. Is the perfect policy achievable? Sandy breaks it between human identities and workload identities; they're definitely separate. He claims, in workload identities the perfect policy is probably possible. Human identity is hugely sporadic, however, it's important to at least try to get to that perfect policy, especially when dealing with sensitive information. One of the more interesting data pieces they found was that less than 10% of identities with sensitive permissions actually used them – and you can use the information to balance out actually handing out permissions versus a one time use case. Sonrai spent a lot of time looking at new solutions to problems with permissions; part of this includes purpose-built integration, offering a flexible open GraphQL API with prebuilt integrations. Sonrai also offers continuous monitoring; providing ongoing intelligence on all the permission usage – including excess permissions – and enables the removal of unused permissions without any sort of disruptions. Policy automation automatically writes IAM policies tailored to access needs, and simplifies processes for teams. On demand access is another tool that gives on demand requests for permissions that are restricted with a quick and efficient process. Quotes from today's show Sandy: “The unbelievably powerful model in AWS can do amazing things, especially when you get into some of the advanced conditions – but man, for a human to understand what all this stuff is, is super hard. Then you go to the Azure model, which is very different. It's an allow first model. If you have an allow anywhere in the tree, you can do whatever is asked, but there's this hierarchy to the whole thing, and so when you think you want to remove something you may not even be removing it., because something above may have that permission anyway. It's a whole different model to learn there.” Sandy: “Only like 8% of those identities
Last October, when it was announced that Bobby Leibrock would become the next CFO of IBM subsidiary Red Hat, finance team members no doubt understood that the open-source developer was coronating not just any IBM veteran but a strategic finance executive who for years had been entrenched along the front lines of IBM's software acquisition activities. Leibrock's M&A resume began around 2006, when IBM acquired content management software developer FileNet for $1.6 billion. “They asked me to be what was known as a ‘product pricer,' a role that involved figuring out how to merge FileNet's portfolio into ours from a pricing standpoint,” explains Leibrock, who notes that along the way he would frequently find himself seated across the table from the acquired company's management while he stared down at a list of pricing-related questions. Fast-forward to IBM's acquisition of security intelligence software developer Q1 Labs in 2011 and Leibrock's appointment as CFO of the new security software unit that IBM established to house its newly acquired security offerings. “IBM would buy some 12 to 15 software companies a year, and while the security software sector wasn't the biggest involved, it was strategic in that it connected IBM's identity security with its data security portfolio,” recalls Leibrock, who adds that his 19 years at IBM remained largely inside the software lane and seldom if ever crossed over into the tech company's hardware or professional services businesses. Thus Leibrock's call to leadership wasn't immediate, and his career appetite seems to have been driven perhaps not so much by titles as by challenges. Still, as he advanced upward within IBM, the CFO path began to come more into focus. Reports Leibrock: “I wasn't always planning to be a CFO, but from having had the opportunity to sit across from CFOs, I sort of learned what I wanted to be as a leader through observing both the good and the bad.” –Jack Sweeney
In this episode, we talk to Sonja about her long and successful career in venture capital, including becoming the youngest GP at Menlo Ventures and investing in companies such as TheRealReal, Q1 Labs and many more. Sonja walks us through how Broadway Angels, an investment group made up of women, came about and what her experience has been being the only woman in many rooms. Finally, she shares some advice on how to break into and navigate VC as an aspiring female investor.
In this episode, Marc talks with Sonrai Security's Brendan Hannigan, on how he went from security guard on a Jack Nicolson movie set, to cybersecurity CEO. Trained as a coder, learn how his early days at Forrester Research honed Brendan's skills in understanding marketplace fit and fueled his passion to go out and start building things. Brendan went on to lead Q1 Labs until they were acquired by IBM, where he joined as the GM of the newly formed IBM Security. That journey lead him to his current role, CEO of Sonrai Security, where he and his team are changing the way organizations secure the cloud. You'll also learn about: Why the complexities of being a Cyber CEO haven't changed in decades The origins of the term security intelligence The fulfillment of saying "OK sure, I'll try that" Why CISOs may not need to "shift left" but they have to shift somewhere
Host Mark Leger has been absorbed by books about successful Maritime entrepreneurs over the past few months, interviewing the authors of books on K.C. Irving and the founders of Radian6 and Q1 Labs, companies that sold for more than a combined $1-billion in the last decade. On this episode, Mark chats with Tareq Hadhad of Peace By Chocolate in Antigonish. Tariq and his father Isam lost the family business, a chocolate factory bombed during the war in Syria, but have since rebuilt it in Nova Scotia. Their perseverance and optimism in the face of great challenges are chronicled in a new book by Halifax journalist Jon Tattrie.
On the September 25 episode, host Mark Leger chatted with Gordon Pitts about “Unicorn in the Woods”, his new book about the creation and eventual sale of cybersecurity firm Q1 Labs and social media company Radian6, which together sold for more than a billion dollars. On this episode, Mark chats with new Propel CEO Kathryn Lockhart and Peter Moreira, business journalist and owner of Entrevestor, about nurturing “baby unicorns” too. Mark chats with Kathryn and Peter about the region's emerging success stories, the challenges and opportunities of Covid-19 for the tech sector, and how to create a “baby unicorn farm.”
Episode #4 is live with Tech Impact CEO, Cathy Simpson.We're talking about innovation in the region with CEO of NBIF, Jeff White and President & CEO of Innovacorp, Malcom Fraser. Jeff White is the lead visionary at NBIF. He’s a technology industry veteran, and a seasoned corporate financing expert. He has worked with some of our region’s biggest start-ups: Radian6, Q1 Labs, and Genesys Laboratories Canada and was co-founder and COO of East Valley Ventures. That experience gives Jeff a unique perspective to see and understand the growth potential in New Brunswick’s start-up and research innovation sectors. As a bonus, he’s very passionate about it too!Malcolm Fraser is president and CEO of Innovacorp, based in Halifax, Nova Scotia. In this role, Malcolm oversees Innovacorp’s work to find, fund and foster innovative Nova Scotia start-ups that strive to change the world. Malcolm joined Innovacorp in October 2017. He was a leader in Canada’s digital sector for the previous 20 years, earning recognition and awards for innovation, management and community leadership.We hope you enjoy the show - Cathy Simpson, CEO, TechImpactWelcome to our new podcast, TechTalks! The podcast series designed to educate, inspire, and engage new conversations about technology and how it is an enabler for our economy, building our talented workforce, creating growth in our IT sector, and attracting talent in our post-secondary institutions.The podcast will create new connections between employers, students, entrepreneurs, investors and our business community.Our podcast content will appeal to the business community, students, entrepreneurs, investors, and IT professionals. Our topics will vary from deep dives into specific technology to discussions on the benefits of digital transformation for business productivity and growth.When it comes to students, we're not just talking engineering and computer science. We want to appeal to ALL students as they think about careers in the digital world and consider the employability skills they need for today’s workplace.Did you know?1. Digital technology firms contribute $6.1 billion to Atlantic Canada’s economy.2. Over 43,000 people are employed in the digital industry labour force.3. 463 digital technology firms exist in Atlantic Canada.4. This industry is innovative, export-focused, and attracts a majority of the region’s venture capital.5. There is more demand than supply of talent; we aren’t producing enough graduates to fill the current demand for new workers.6. Availability of labour is the number one challenge for digital technology firms.Our informative and entertaining podcast series will provide insight into current opportunities within Atlantic Canada’s digital technology sector and can be found on all of your favourite podcast platforms including Apple, Spotify, Google Podcasts, Amazon Music and more.Our goal is to inform our listeners of the opportunities available and the importance of technology as we build for the future during and after the pandemic. We’ll demonstrate the importance of the tech industry to the local economy and show there is a place for all educational backgrounds.TechTalks is hosted by TechImpact CEO, Cathy Simpson. It's produced by Matt George, is engineered by Zachary Pelletier and is part of the Unsettled Media Podcast Network.
Fifteen years ago, journalist and author Gordon Pitts wrote “The Codfathers”, a book about regional business tycoons like the Irvings, McCains and Sobeys. He's back now with “Unicorn in the Woods”, a book about the region's tech titans. The story revolves around the creation and eventual sale of cybersecurity firm Q1 Labs and social media monitoring company Radian6. Gordon joins Mark Leger to talk about his page-turner, a compelling story about the founders, and how they grew globally competitive companies out of Saint John and Fredericton and influenced a generation of tech entrepreneurs across the Atlantic region.
Gordon Pitts is the author of the book "Unicorn in the Woods: How East Coast Geeks and Dreamers Are Changing the Game."As tech investors the world over search for elusive unicorns (start-ups valued at over $1 billion), acclaimed business journalist Gordon Pitts asks whether there can be a place for high-tech innovation and unicorn-like value creation outside of major urban centres, whether in Atlantic Canada, rust-belt New York, or Northern Ontario.Journeying back to the origins of Radian6 and Q1 Labs — two New Brunswick companies that sold for a combined $1 billion — in the basements and offices of a group of geeks and dreamers, Pitts tells a story of two remarkable companies and the legacies that continue to this day. But theirs was not a simple tale of overnight success; there were sellouts and firings, comebacks and vindication, and still unfulfilled promise.What's on the It's the Economy, Stupid blog this week? Subscribe and learn!We want to hear your voice! If you want to be featured in our Q&A segment, send a text or audio question to our social or matt@unsettledmedia.com- we'll shout you out by name. Subscribe to the Unsettled Newsletter. You'll get multiple posts per week breaking down timeless principles from the world's best minds. Every post includes tools, product recommendations, strategy lessons, must-watch videos, must-read articles and the best stories from the worlds of culture, business & tech.This podcast is produced by me, Matt George. Is engineered by the great Zachary Pelletier, and is part of the Unsettled Media Podcast Network.
Join Sal's Investment Syndicate: Click Here As a venture capitalist Fred Bamber helped build such successful companies as Interleaf, Q1 Labs and Volt Server. Now working as an angel investor Fred is invested such exciting companies as SQZ Biotech, Pixability, ViralGains and Streamroot (exited). In his self-effacing and modest way, Fred reveals deep wisdom gained from 75 investments in his career as a VC. Topics include: Fred Bamber Finds His Career Path Avoiding the Military Draft Led Him to Work for His First Startup Fred Bamber & Friend Found a Venture Fund – Consulting vs. Venture Capital IPOs Then & Now Investment in Interleaf Makes His First Fund a Success! Two Ways of Connecting in the World of Venture Capital – Via Success & Via Failure Several Losing Investments in Companies Seeking to Exploit the Piezoelectric Effect Themes In Angel Investing – Investing in Brand New Fields i.e. White Spaces ‘…Oracle has a huge go-to-market cost, and engineering is a tiny bit of it.’ Technology Causing Convergence of Consumer & Enterprise Businesses Startups with Jeff Weiss - The Perils of Being Early – Early Augmented Reality (AR) Rich Lane & Reflection Technology – Augmented Reality-like – Projecting Text into the Eye Progress of Technology Is Painful – “Thread Across The Ocean” by John Steele Gordon Michael Lewis & Drama in Business – Paul English & “A Truck Full of Money” Paul English Finds His Inner Entrepreneur after Interleaf Robert P. Smith & “Riches Among the Ruins” – Not Made for Working In Large Companies VCs Should Be Humble Fred Bamber Talks About His Investment in Volt Server Uber & Washington, D.C. Cabs Peter Thiel’s Critique of Entrepreneurship – “We Were Promised Flying Cars and We Got 140 Characters” SQZ Biotech & Massachusetts Materials Technology What Fred Bamber Looks For In a Startup – Technology, Coachability, Tenacity, Openess – VC vs Angel Startups Should Report Frequently – Reports Should Tie In to Previous Reports i.e. Close the Loop Angel Investor Should Be Father Confessor without the Ave Marias Bettina Hein & Pixability – Example of Determination Combined with Openess Beth Marcus’ Test For Listening Fred Bamber’s Suggestion of the Perfect Number of Angel Investments in a Portfolio Why Sal Daher Is Invested In About 42 Companies The Role of a Board of Directors – Father Confessor Fred Bamber’s Favorite Pivot – Q1 Labs (IBM) Fred Bamber Also Like Streamroot’s Pivots Q1 Labs Pivot Runs Counter the Received Wisdom of Startups Needing a Narrow Focus to Succeed “Crossing the Chasm” by Geoffrey A. Moore “Why Knowledge Matters” by E.D. Hirsch, Jr.
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-securing-a-cloud-migration/) You're migrating to the cloud. When did you develop your security plan? Before, during, or after? How aware are you and the board of the cloud's new security implications? Does your team even know how to apply security controls to the cloud? Check out this post for the basis of our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and sponsored guest Sandy Bird, CTO and co-founder, Sonrai Security. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing, and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. Thanks to this week's podcast sponsor, Sonrai Security. Identity and data access complexity are exploding in your public cloud. 10,000+ pieces of compute, 1000s of roles, and a dizzying array of interdependencies and inheritances. Sonrai Security delivers an enterprise cloud security platform that identifies and monitors every possible relationship between identities and data that exists inside your public cloud. On this episode of Defense in Depth, you’ll learn: You can't just migrate to public cloud and secure things like you secure your on-premise servers and applications. You have to think cloud-native in all security decisions. Cloud migrations intensify the focus between data and identity. "Security as an afterthought" is never a good plan. Those who succeed build security into the migration. Don't let IT broker a deal to migrate to cloud and then bring in cyber after the fact. In the cloud, knowing where your data is one step, securing the data is another. There's a multitude of variances with data. There are the API controls on data, who has access through those APIs, is the data cloned or cached, and how are permissions being adjusted to that data? Start by knowing who and what should access your data and build your controls from there. The people side of securing cloud migration is critical. If your staff is not properly trained, a single mistake can be extremely expensive. Speeds in the cloud, especially if you've got a DevOps and CI/CD approach, can make problems move at lightening speed. There's a need for automation and to continuously monitor your controls and coverage. Get ahead of problems. DevOps learned the fail fast technique, but also the ability to recover quickly. If security wants to play as well, they have to develop the same strategy and tools.
Tom has worn many hats in his time at BitSight, including EVP of Sales and Marketing, COO and CEO. In this episode, he walks us through how to navigate relationships with founders as an incoming CEO, how to use content marketing in an enterprise market, and how to think about go-to-market strategy for a global business. Tom Turner is CEO and President of BitSight. Tom has extensive security industry experience, and has helped build category-defining companies. Prior to joining BitSight, Tom was a founding member of the executive management team of IBM Security Systems, a new division within IBM Software group that was created on the heels of the Q1 Labs acquisition. Formerly, he was Senior Vice President of Marketing and Channels at Q1 Labs. Before joining Q1 Labs, he served as Director of Marketing for endpoint security at Cisco Systems. Tom also served as VP of Marketing at Okena, Inc., where he helped pioneer the intrusion prevention market and led the company to its successful acquisition by Cisco. 1:36 Tell us about your company 2:17 How did you become the CEO at BitSight? 4:34 What is it like to be a CEO of a business where the founders are very engaged with the company? 5:52 How do you manage instances where you disagree with the founders? 7:06 Tell us a bit more about your choice to take on the VP of Sales role during a transition in leadership 9:32 What is it like to find enterprise sales talent in the Boston market? 12:00 What is it like to be in a business where you have to create a new market? 13:41 How do you find the ideal profile of a customer for your product? 14:57 How should a founder or CEO think about marketing spend for a new enterprise product? 16:30 Tell us about your decision to host a customer conference and how do you measure its success? 18:55 In thinking about your go-to-market strategy, how did you decide between selling to large companies versus mid-market customers? 22:31 How are the support models different for the two types of customers? 23:49 What are the challenges in being a globally distributed company? 27:01 What did you learn about fundraising for a rapidly scaling company? 30:06 What is your favorite book or piece of content that would be useful to our listeners? 31:11 Who is a founder or business executive that you respect and why? 32:05 What’s something you believe that other’s generally don’t?
Tom has worn many hats in his time at BitSight, including EVP of Sales and Marketing, COO and CEO. In this episode, he walks us through how to navigate relationships with founders as an incoming CEO, how to use content marketing in an enterprise market, and how to think about go-to-market strategy for a global business. Tom Turner is CEO and President of BitSight. Tom has extensive security industry experience, and has helped build category-defining companies. Prior to joining BitSight, Tom was a founding member of the executive management team of IBM Security Systems, a new division within IBM Software group that was created on the heels of the Q1 Labs acquisition. Formerly, he was Senior Vice President of Marketing and Channels at Q1 Labs. Before joining Q1 Labs, he served as Director of Marketing for endpoint security at Cisco Systems. Tom also served as VP of Marketing at Okena, Inc., where he helped pioneer the intrusion prevention market and led the company to its successful acquisition by Cisco. 1:36 Tell us about your company 2:17 How did you become the CEO at BitSight? 4:34 What is it like to be a CEO of a business where the founders are very engaged with the company? 5:52 How do you manage instances where you disagree with the founders? 7:06 Tell us a bit more about your choice to take on the VP of Sales role during a transition in leadership 9:32 What is it like to find enterprise sales talent in the Boston market? 12:00 What is it like to be in a business where you have to create a new market? 13:41 How do you find the ideal profile of a customer for your product? 14:57 How should a founder or CEO think about marketing spend for a new enterprise product? 16:30 Tell us about your decision to host a customer conference and how do you measure its success? 18:55 In thinking about your go-to-market strategy, how did you decide between selling to large companies versus mid-market customers? 22:31 How are the support models different for the two types of customers? 23:49 What are the challenges in being a globally distributed company? 27:01 What did you learn about fundraising for a rapidly scaling company? 30:06 What is your favorite book or piece of content that would be useful to our listeners? 31:11 Who is a founder or business executive that you respect and why? 32:05 What’s something you believe that other’s generally don’t?
The Twenty Minute VC: Venture Capital | Startup Funding | The Pitch
Mike Hirshland is the Co-founder of Resolute Ventures, one of the leading pre-seed and seed stage funds of the last decade having recently announced their new $75m Fund IV. In prior funds they have the likes of OpenDoor, Mixmax, Greenhouse, AppZen and more incredible companies. As for Mike, prior to founding Resolute, he founded Dogpatch Labs, the community which helped launch over 350 companies including Instagram. Before Dogpatch, Mike was a partner with Polaris Venture Partners from 1999-2011, where he was the original seed investor behind Automattic, Q1 Labs (acquired by IBM for $600 million), Quantcast and KISSmetrics. In Today’s Episode You Will Learn: 1.) How Mike made his way from a legal clerk in the US Supreme Court to founding his own venture firm in the form of Resolute Ventures? 2.) What does Mike mean when he says Resolute invest at the "old seed stage?" What stage of development and traction are the companies at this stage? Why does seed investing out of a $Bn fund not make sense to Mike? What are the acceptable vs unacceptable risks at this stage? 3.) How does Mike think and assess portfolio construction today? How many lines in the portfolio is enough to be sufficiently diversified? How does Mike think about ownership given his thesis on diversification? How does Mike assess his own price sensitivity today? How does Mike think about loss ratio within the portfolio today? 4.) What are the ideal attributes of the founder/VC relationship to Mike? Is it right for the investor to also be friends with their founders? What can founders do to really build and deepen relationships with investors both during and outside of official fundraises? Where does Mike often see founders making mistakes here? 5.) How does Mike think about the right time to establish a board? What does Mike advise founders in terms of board composition in the early days? How does Mike look to build a sense of "board intimacy" with his founders? Why does Mike believe that there is a "counter-productivity to boards at seed"? Items Mentioned In Today’s Show: Mike’s Fave Book: A Little Life As always you can follow Harry, The Twenty Minute VC and Mike on Twitter here! Likewise, you can follow Harry on Instagram here for mojito madness and all things 20VC.
As a venture capitalist Fred Bamber helped build such successful companies as Interleaf, Q1 Labs and Volt Server. Now working as an angel investor Fred is invested in such exciting companies as SQZ Biotech, Pixability, Streamroot and ViralGains. In his self-effacing and modest way, Fred reveals deep wisdom gained from 75 investments in his venture capital career. Here are some of the topics covered: Fred Bamber Finds His Career Path Avoiding the Military Draft Led Him to Work for His First Startup Fred Bamber & Friend Found a Venture Fund – Consulting vs. Venture Capital IPOs Then & Now Investment in Interleaf Makes His First Fund a Success! Two Ways of Connecting in the World of Venture Capital – Via Success & Via Failure Several Losing Investments in Companies Seeking to Exploit the Piezoelectric Effect Themes In Angel Investing – Investing in Brand New Fields i.e. White Spaces ‘…Oracle has a huge go-to-market cost, and engineering is a tiny bit of it.' Technology Causing Convergence of Consumer & Enterprise Businesses Startups with Jeff Weiss - The Perils of Being Early – Early Augmented Reality (AR) Rich Lane & Reflection Technology – Augmented Reality-like – Projecting Text into the Eye Progress of Technology Is Painful – “Thread Across The Ocean” by John Steele Gordon Michael Lewis & Drama in Business – Paul English & “A Truck Full of Money” Paul English Finds His Inner Entrepreneur after Interleaf Robert P. Smith & “Riches Among the Ruins” – Not Made for Working In Large Companies VCs Should Be Humble Fred Talks About His Investment in Volt Server Uber & Washington, D.C. Cabs Peter Thiel's Critique of Entrepreneurship – “We Were Promised Flying Cars and We Got 140 Characters” SQZ Biotech & Massachusetts Materials Technology What Fred Looks For In a Startup – Technology, Coachability, Tenacity, Openess – VC vs Angel Startups Should Report Frequently – Reports Should Tie In to Previous Reports i.e. Close the Loop Angel Investor Should Be Father Confessor without the Ave Marias Bettina Hein & Pixability – Example of Determination Combined with Openess Beth Marcus' Test For Listening Fred Bamber's Suggestion of the Perfect Number of Angel Investments in a Portfolio Why Sal Daher Is Invested In About 42 Companies The Role of a Board of Directors – Father Confessor Fred's Favorite Pivot – Q1 Labs (IBM) Fred Also Likes Streamroot's Pivots Q1 Labs Pivot Runs Counter the Received Wisdom of Startups Needing a Narrow Focus to Succeed “Crossing the Chasm” by Geoffrey A. Moore “Why Knowledge Matters” by E.D. Hirsch, Jr.