top of page

AYMAN ELSAWAH

CYBERSECURITY ESSENTIALS FOR STARTUPS

A definitive guide to creating, establishing, and growing your cybersecurity program at any size SaaS startup. Whether you're a small shop or a high-growth B2B startup, this class will teach you how to prioritize your security decisions.

After taking this course, you'll have the knowledge and understanding required to manage cybersecurity at most B2B SaaS startups. You'll learn everything from managing security basics to working with engineering, people teams, sales, and legal, as well as hiring and growing your team.

Startups are a different beast from the corporate world. They have their own culture and varying degrees of energy. As a security practitioner, you must learn to speak their language—otherwise, you won't make friends and might burn out in frustration.

This course will guide you on how to start securing your company's and users' data, how to iteratively mature your cybersecurity practices, and what you need to know about compliance and regulations—and when.

Oh, and this course is FULL of war stories so enjoy!

We will cover the following topics and more:

  • Introduction

  • Cybersecurity 101 (Review)

    • Types of Controls

    • Governance, Risk, and Compliance

    • Accountability

  • Building Security Culture

    • Startup vs Corporate approach

    • Emotional Intelligence

    • Security Education and Awareness

  • Technical Security Initiatives

    • Corporate Security

    • Infrastructure Security

    • Product Security

  • Managing Compliance

    • SOC 2

    • ISO 27001

    • Approach

    • Working with auditors

  • Cybersecurity Insurance

  • Driving Security Initiatives

    • Communication

    • Understanding the Business

    • Risk Register

    • Roadmaps

  • Growing Your Security Team

    • Org Chart Examples

    • Building Lean

    • Security Interview Questions

    • more

PHACK students will also get access to The Security Cafe, a private community for experienced security professionals.

Minimum Course Requirements:

Security mindset2 and willingness to learn and drink from the firehose!

Target Audience:

This course is designed for mid-career security practitioners who want to expand their knowledge of security management in modern B2B SaaS companies or similar environments.

The target audience includes:

  • Security Managers

  • Compliance Managers

  • Aspiring Heads of Security or Deputy CISOs

  • First Security Hires

If you have compliance management experience and want to deepen your understanding of corporate or infrastructure security, this course is for you. Similarly, if you're a technical security professional looking to learn more about Governance and Compliance Frameworks like SOC 2 or ISO 27002, you'll find value here.

This comprehensive course will help you bridge knowledge gaps and prepare you for security management roles.

Trainer Biography:

Ayman Elsawah is a seasoned cybersecurity leader with over 20 years of experience in the field. He specializes in building and scaling security programs for high-growth startups and established enterprises alike. As the founder of Cloud Security Labs, Ayman shares his expertise through training, advisory services, and public speaking engagements.

Throughout his career, Ayman has held key security positions at companies such as Masterclass, Justworks, and Casper, where he implemented robust security measures from the ground up. His approach combines technical acumen with a deep understanding of business needs, allowing him to create security strategies that protect assets without hindering growth.

Ayman is passionate about educating the next generation of security professionals and helping organizations navigate the complex landscape of modern cybersecurity. He regularly contributes to the security community through his blog, podcast, and social media presence, where he shares insights on topics ranging from cloud security to compliance frameworks.

Known for his "No BS" approach to security, Ayman advocates for practical, effective solutions that align with business objectives. His expertise spans various areas including cloud security, DevSecOps, compliance (SOC 2, ISO 27001, and more), and security program management.

You can find Ayman online on LinkedIN, Twitter/X, YouTube. His personal website is: https://coffeewithayman.com/

bottom of page