Security Through an Investor's Eyes

Security Through an Investor's Eyes

Most cybersecurity conversations happen with practitioners—the people building and defending the systems. This one is different. Jeffrey Fidelman, CEO and Founder of Fidelman & Company, sits on the other side of the table:, the one with the checks. With a background at Morgan Stanley and HSBC and a firm that helps startups and emerging funds raise capital, Jeffrey brings an investor's lens to security. We dig into how cybersecurity actually shows up in due diligence, what a company's security posture signals to a serious investor, and the gaps that quietly kill deals. He explains why founders who frame security as a cost center may be hurting their own fundraise—and how to talk about it as an asset instead.

Security is a progress not a purchase

Most business leaders approach cybersecurity the way they approach every other operational problem: buy the right tool, check the box, move on. It's a reasonable instinct — and in most areas of business, it works. But cybersecurity doesn't behave like other purchases, and the companies that learn this the hard way usually learn it during a client questionnaire, an insurance renewal, or an incident they weren't prepared for. In this solo episode, we dig into why the purchase mindset feels so right — and why it consistently falls short. You'll hear why a tool isn't a control until it's configured, monitored, and owned. Why static security is decaying security. And why the right question isn't "are we secure?" but "are we improving — and can we demonstrate it? "We'll walk through what continuous improvement actually looks like in practice, the rhythm of a mature security program, and the clear signs that tell you whether your organization is in process mode or still stuck in purchase mode. You'll also get five diagnostic questions every leader should be able to answer about their security program. If you can't answer them quickly, you have a starting point. If you can, you're already ahead of most of your peers. Whether you run a five-person firm or a five-hundred-person company, this episode is about shifting how you think about security — from something you buy to something you practice.

Business Adoption of AI

In this episode of the podcast we talk to Bobby Tahir. Bobby has a broad knowledge of technology as a multi-company CTO both for Private Equity and their Portfolio Companies. Bobby has a blog and podcast at Technocratic | Substack [https://newsletter.technocratic.io/]

Incident Response Planning

In this episode we talk about responding to an incident response process. We talk to Chris Loehr, a leading incident responder.

Protecting Customer Data

We work on protecting our computers, mobile phones and even our accounts with MFA, but we forget about how to project the actual data.