Unicorn CISO

Pedro @ 33N

Unicorn CISO covers discussions with CISOs from tech unicorns, working on the frontier of cybersecurity while balancing business speed.

Episódios

  1. Mandy Andress (CISO Elastic)

    -5 dias

    Mandy Andress (CISO Elastic)

    We sit down with Mandy Andres, CISO of Elastic, to map how AI is reshaping security programs and why business fluency matters as much as technical depth. We dig into visibility, identity sprawl, agent behavior, and what CISOs can do right now to manage risk at machine speed.  • Mandy’s path from accounting and auditing to security leadership  • Elastic’s security scope across enterprise, product security, and SaaS infrastructure  • Why visibility and asset management stay the hardest foundational problem  • Shadow SaaS turning into shadow AI and the return to DNS, endpoints, and data lineage  • Non-human identities, API keys, and lifecycle controls as AI agents multiply  • Data protection choices for LLM usage using endpoints, proxies, and guardrails  • Applying AI to the SOC first and then expanding into vulnerability management and GRC  • Balancing faster AI adoption with risk trade-offs and business objectives  • Least privilege becoming least agency with agents and unpredictable action paths  • Automated penetration testing and continuous validation without humans in the loop  • Threat themes ahead including credential exposure and shifting exploit patterns  • Startup advising, conflicts of interest, and staying transparent  • Practical advice for CISOs on ambiguity, risk decisions, and continuous learning  • Talent growth through reskilling, automation, and focusing humans on judgment

    34 min
  2. Diogo Guerra (SVP Engineering Feedzai)

    8/06

    Diogo Guerra (SVP Engineering Feedzai)

    We talk with Diogo Guerra about building fraud and risk platforms at global scale while keeping engineering speed high and security standards uncompromising. We dig into why security leadership sits close to engineering at Feedzai, how they operationalize threat modeling, and where AI helps or hurts productivity.  • Diogo’s scope across engineering, security, IT, and cloud operations for a 190-person organization  • Feedzai’s focus on transactional fraud, anti-money laundering, and identity intelligence using behavioral and device analytics  • Why SaaS responsibility and tier-one bank expectations raise the security bar  • Balancing developer velocity with open source risk using context-driven vulnerability management  • Rapid mitigation playbooks across thousands of servers without stopping delivery  • Nonnegotiable security gates including threat modeling before major production changes  • Bringing AI into the full development lifecycle with shared context and curated skills  • A small architecture group distributing AI setups and productivity patterns across teams  • Managing token cost, model choice, and avoiding lock-in as AI usage scales  • How Gen AI amplifies social engineering scams and why identity signals matter  • What agentic commerce could mean for fraud detection and cyber-fraud convergence

    32 min
  3. Ritesh Patel (CISO Just Eat Takeaway)

    25/05

    Ritesh Patel (CISO Just Eat Takeaway)

    We talk with Ritesh Patel about building security that keeps up with product velocity without becoming a blocker. We dig into AppSec, Third-party risk, fraud, and a practical four-part framework for AI security that holds up under real-world pressure. • Building a CISO “tool belt” through a nonlinear career across ops, engineering, risk, and incidents  • Defining security as a business capability tied to trust and outcomes • Managing pace and agility in a consumer tech marketplace without becoming the department of no • Bmbedding AppSec into platforms so teams ship secure-by-default  • Engineering for the masses while detecting exceptions fast • Treating supply chain security as an ecosystem problem that needs better visibility and real-time signals • Focusing on identity and access as the perimeter, including OAuth scope control  • Reframing fraud and account takeover as a shared trust problem across teams • Applying a four-phase AI security model: build safe, run safe, defend with AI, control agentic AI • Separating AI-first vendor value from AI-washing and chatbot wrappers • Using NIS2, DORA, and other frameworks to improve risk posture, not just pass audits

    31 min
  4. Patrick Blanc (CISO Nexthink)

    4/05

    Patrick Blanc (CISO Nexthink)

    We talk with Patrick Blanc about what it takes to secure a fast-growing B2B company whose product includes a privileged endpoint agent deployed at massive scale. We dig into why fundamentals beat hype, how productivity shortcuts quietly create the biggest risks, and how we frame security to customers and the board without losing speed.  • Patrick’s career path from banking and consulting to CISO roles and security leadership at Google DeepMind  • Why privileged endpoint agents raise reliability and trust stakes for enterprise customers  • How identity and access management fits alongside endpoint security and defense in depth  • Using compliance as a baseline trust signal while preparing for deeper customer audits  • The hidden risk of productivity workarounds and the shift with agentic AI tools  • Tool sprawl as a security problem and the value of secure-by-default standards  • Emerging segments like IDE-integrated AI code security and the push to reduce alert noise  • Practical ways to communicate cyber risk to a board focused on growth and resilience  • Preparing for a faster external attack surface by tightening fundamentals like patching

    31 min
  5. Nuno Teodoro (ex-VP Cybersecurity at Solaris)

    4/05

    Nuno Teodoro (ex-VP Cybersecurity at Solaris)

    We talk with Nuno Teodoro about how a hands-on security leader builds real defenses inside a cloud-native bank while regulators, auditors, and the business all demand speed. We dig into what changes when a fintech becomes a bank, how to use compliance to fund security maturity, and why AI-driven fraud is raising the stakes. • career path from computer engineering to application security and penetration testing • shifting from consultancy to leading security inside companies across telecom, insurance, and fintech • difference between VP of Cybersecurity and CISO roles across the three lines of defense • selecting vendors through hands-on POVs and POCs instead of only RFPs • protecting customer funds as the core cybersecurity goal in regulated banking • balancing compliance work with risk-based security priorities • navigating major frameworks and regulations like PCI DSS, SWIFT, ISO 27001, ISO 22301, PSD2, and DORA • using regulatory requirements to justify investments and close real security gaps • scaling security culture in a cloud-based AWS bank while managing control expectations • friction points in secure software development life cycle and blocking risky pull requests • communicating cyber risk to the board through business impact and clear narratives • focusing on DORA implementation plus the rise of AI-enabled fraud and account takeover threats

    33 min
  • 5 episódios

Sobre

Unicorn CISO covers discussions with CISOs from tech unicorns, working on the frontier of cybersecurity while balancing business speed.

Informação

  • Autoria
    Pedro @ 33N
  • Anos em atividade
    2 mil
  • Episódios
    5
  • Classificação
    Para todos
  • Copyright
    © 2026 Unicorn CISO
  • Site do programa
    Unicorn CISO
  • Fornecedor