Update: Building Cyber Collective is no longer accepting applications. The initiative ended as of June 1st, 2023.

In this special edition of the newsletter, I am excited to announce the launch of the Building Cyber collective. It’s a selective community where we connect experienced professionals and industry leaders with cybersecurity startup founders looking for advice. Startups get a roster of advisors they can reach out to; advisors can be proactive about helping startups as well (all interactions are double opt-in). 

The Problem

As a product leader, I know firsthand how hard it is to build cybersecurity products and craft a compelling go-to-market strategy in the industry. And I am not alone. Shortly after I started writing Venture in Security, I was fortunate to connect with hundreds of early-stage founders, and have deep conversations with tens of them (with some - as a friend, with others - as an advisor). It became painfully apparent that startups lack the ability to access expertise across many areas - product, go-to-market strategy, sales, engineering, fundraising, and operations, to name a few. Founders also have a hard time connecting with security professionals to validate their assumptions, ask questions, and figure out what to build. 

On the other hand, when I talk to security leaders & senior professionals about getting involved with startups, I often hear that 

a) they just don’t know where to get started, 

b) they want to help but they don’t want to be sold to, 

c) there are so many companies and ideas that you almost need someone to be a buffer, 

d) they don’t have time to browse the internet hoping to find an interesting company that needs the kind of help they are ready to provide. 

I hear the very same words from experts in security, product, engineering, marketing, sales, and others. There are a few accelerators and incubators able to bring a broad range of professionals and connect them with startups. While they know how to do this really well, they tend to only be accessible to very early-stage ventures, and most importantly the vast majority of cybersecurity founders do not go to incubators. 

I see launching the Building Cyber collective as a way to solve both of these problems. 

The Solution

For advisors, industry leaders, and senior professionals, we want to make it easy to get involved with companies that fit their areas of interest. Whether you are a security professional, a CISO, a marketer, an engineering, product, sales, finance, design, or operations professional, a later-stage founder, an ex-founder, or anyone in between who can help early-stage cybersecurity startups, you will be able to do it easily. 

For startups, we want to make it easy to access the advice they need, when they need it, and for however long they need it. Whether you are tackling API, code, endpoint, cloud, network security, or anything else, you should be able to find people who can help advance your cause.

Aside from pairing advisors with startups, we are building a community where people can connect, collaborate, and co-create together. We are still working on defining how to structure our collaboration with investors and encourage investors to submit expressions of interest, so that we can shape it together. 

We do all this as a free, grassroots initiative, with no strings attached. 

How it works

Applications for the first round of invitations are open until January 17th, 2023 (for both advisors & startups). 

Detailed information about the format, how it works, eligibility criteria & link to the application can be found on the website. We are attempting to do something new, so there will surely be many iterations, lessons learned, and adjustments. Here is the tl;dr how it will work when we launch; I am sure things will change as we go. 

The first iteration of the program will focus on established cybersecurity ecosystems. We have opened the application process to startups and advisors. For the initial launch, we are looking for applicants based in the US, Canada, UK, EU, and Israel. While this may sound limiting, we have to start somewhere, and opening the floodgates to the whole world will make it a mess, and not valuable to those who join. Anyone who applies from other countries will be put on the waitlist until we expand.

Bring together startups and advisors. Folks who are approved will be invited into an online community - a place to collaborate, interact with others, ask questions, and share experiences. There will also be a library of useful resources. Spoiler alert - it will not be a Slack workplace; we have selected a platform that is better suited for effective collaboration. 

All interactions are double opt-in. Approved startups will get the ability to browse all Building Cyber advisors and request introductions; advisors can do the same with startups. All interactions are double opt-in. This means that if, say, a GRC startup reaches out to a CISO, a security engineer, or a marketer who is exclusively interested in DevSecOps, the advisor will simply say “not interested” & everyone can go on with no hard feelings. 

You have the freedom to shape our involvement in the way it makes sense to you. Advisors are free to put as little or as much time into Building Cyber startups as they wish. All engagements are ‘opt-in’: you either volunteer or are asked if you are interested and available to help with a specific item. You can always say yes or no, giving you the ability to select to do only work that you personally find rewarding and impactful. Same for startups - it’s a flexible format, so do what makes sense to you. 

No blunt sales pitches, no exceptions. We know it is hard for early-stage startups to find leads, and we empathize with that. However, it is not the problem the Building Cyber collective is solving (in any case, not directly). We want to connect professionals willing to share their experience building something great with security startups that really need this experience. We are purposefully designing the community in such a way that eliminates the possibility of sales outreach, and there will be zero tolerance for those who choose to spam other participants of the collective. 

Do I qualify? 

We expect that folks who join as advisors will be senior security leaders, experienced security professionals, sales, marketing, product, engineering, operations, finance, fundraising, and other experts with some experience in cybersecurity. 5+ years of professional experience is highly encouraged but we will make decisions based on the complete profile, not solely the number of years a person has been at the job. As one smart person once said, “for some people 10 years of experience is 1 year repeated 10 times”. No experience in cyber? No problem- please apply & explain why you are interested in getting involved. 

We expect that startups who join us will be at least at the MVP stage, or actively working on an MVP. We want to see that you are serious and actively pushing your venture forward. We won’t disqualify everyone else but will keep folks at the idea stage on the waitlist for the future. 

Check out the Building Cyber FAQ section for detailed information & eligibility criteria. 

How can I help? 

First thing first: if you want to get involved as an advisor, join as a startup, or express your interest as an investor, please apply (applications for the first round of invitations are open until January 17th, 2023):

• For advisors

• For startups

• For investors

As this is a grassroots initiative, we need help getting the word out. Please share it widely with cybersecurity founders, CISOs, security engineers, marketers, growth and sales professionals, and others with the right experience and willingness to help. 

Have something else in mind? Please contact us or reach out on LinkedIn. 

Will anything change for me as a Venture in Security subscriber?

Yes, but not a lot (and only good stuff!). You can expect to see even more articles geared to help cybersecurity startup founders to grow their ventures. I will continue to do what I have been doing, and will also start curating more content centered around cybersecurity startups, fundraising, and growth. Occasionally, I will also update you about the progress we make with the Building Cyber collective. 

More than ever before, I ask you to share this with your friends, community leaders, and people in your networks. Let’s make the future of cybersecurity happen together.