Adam Markowitz of Drata on Why Startups Can't Hide From SOC 2 Anymore
Audio is streamed directly from the publisher (api.substack.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Data security is a huge concern, and a way to prove you take data security seriously is by obtaining a SOC 2 certificate. When obtained, SOC 2 is the gateway to larger enterprise contracts for SaaS companies, but the process of obtaining it can be labor-intensive, costly, and confusing. Drata was born to help streamline this process. We talk with Adam Markowitz, co-founder and CEO of Drata, to talk through SOC 2 and what Drata does for its customers.
About Adam Markowitz:Adam is a former aerospace engineer who worked on rocket engines for NASA’s next-generation space launch vehicle as well as the Space Shuttle Main Engine. He went on to be the founder and CEO of Portfolium (Acquired by Instructure – 2019), proudly serving millions of students and grads from over 3,600 colleges and universities. He co-founded Drata in 2020 and recently closed a $25M Series A with GGV Capital, SVCI - Silicon Valley CISO Investments, Okta Ventures, Cowboy Ventures, and Leaders Fund.
In this episode we discuss:
01:58 What does SOC 2 Compliance and why is it so hard to achieve?
05:03 The SOC 2 process with and without Drata
06:48 Why SOC 2 is a growing concern for startups
08:22 Is SOC 2 standard for B2B companies?
09:53 What’s the first thing you should know if you’re asked for a SOC2 report?
12:12 The difference between SOC 2 Type I and SOC2 Type II
13:07 What the best case turnaround time for a SOC 2 Type I report
13:48 Why many companies do a SOC 2 Type I on the way to get a SOC 2 Type II
14:43 What type on content is in a SOC 2 report
16:43 How founders should think about SOC 2 requests from clients
18:25 How can startups instill a culture of cybersecurity
20:59 Who should manage the SOC 2 process at smaller startups
23:07 What Drata does to help simplify and automate the SOC 2 process
26:13 What is the overlap between SOC 2 and HIPPA
27:23 When is the right time to add a CISO position to a startup?
28:50 Drata’s traction and recent Series A financing
Fast FavoritesPodcastMasters of Scale
Newsletter/BlogTed Talks
GadgetAirpods
TrendHybrid/Remote work
BookExtreme Ownership: How the US Navy SEALs Lead and Win by Jocko Wilink
Relentless: From Good to Great to Unstoppable by Tim Grover and Shari Wenk
Follow Matt Cohen and Tank Talks here!
Podcast production support provided by Agentbee.Agency
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit tanktalks.substack.com