Ayman Elsawah
Fractional CISO, Public Speaker, Author, Podcast Host, Coffee Nerd
Actions
Ayman is a Fractional CISO with specializations in DevSecOps, Identity and Access Management (IAM), SOC 2, and Security Program Management. He works with cloud based organizations with a focus on Pre-IPO B2B SaaS Companies. Ayman has a strong record of helping Founders, Executives, and Engineering Leadership with reducing friction for Enterprise, while improving security beyond industry standards.
Graduates of his vCISO program include Justworks and Masterclass, where he helped manage security on an interim basis and lead/assist with the hiring and interviewing of security leaders.
Area of Expertise
Topics
Cybersecurity Essentials For Startups
A definitive guide to creating, establishing, and growing your cybersecurity program at ANY size SaaS startup. Whether you are a small shop or a high growth B2B startup, this class will teach you how to prioritize your security decisions.
SOC 2, ISO, Oh My - Demystifying Compliance For Startups
Can i just buy SOC 2 compliance? How long will it take me? Why does it take so long? Can I just buy a tool?
These and so many other questions are what I've faced when coaching company's with their journey.
After this session you will come away more confident about approaching compliance, understand your options, and have a clear path when to prioritize it and how to incorporate it into your planning.
Compliance is not something you can simply buy or rush through. It requires a thorough understanding of your company's specific needs and risks, as well as a commitment to implementing the necessary controls and processes. While there are tools available to assist with compliance, they are not a one-size-fits-all solution. It's important to approach compliance as a strategic initiative and allocate the necessary time and resources to ensure its successful implementation.
Additionally, compliance is not a one-time event. It's an ongoing process that requires continuous monitoring, evaluation, and improvement.
This will be a tool agnostic talk.
We'll go over, among other things:
- What’s the difference between SOC 2 and ISO?
- What are all the things I have to do?
- What’s the difference between SOC 2 Type I and Type II
- What’s the MINIMUM I need to do for SOC 2?
- How much is it going to cost?
- How do I actually get it done?
- I will share my approach towards getting it done efficiently
- Will I still have to fill out questionnaires after I’m “compliant”?
- Spoiler: Yes, but I’ll teach you how to negotiate
- Once I pass the audit, am I done?
- Spoiler: No
Attendees will also get access to a sample spreadsheet of controls for SOC 2 and ISO.
Cybersecurity Startups For Non-Security People
This is a preview of a full course
Due to time constraints, attendees will get a choice to pick from the following modules based on interest and demand.
A definitive guide to creating, establishing, and growing your cybersecurity program at ANY size SaaS startup.
Whether you are a small shop or a high growth B2B startup, this class will teach you how to prioritize your security decisions so as not to impact your growth and business goals.
This course is geared for those ultimately responsible for security at your organization, whether you are the founder, CXO, or VP of Engineering.
Cybersecurity 101
Building Security Culture
Understanding Compliance Frameworks
Cybersecurity Operational Fundamentals
Governance & Risk
Product Security
Incident Response & Disaster Recovery Planning
Building a Security Team
Students will receive access to:
- Baseline Playbooks
- Sample Information Security Budgets
- Year One Infosec Roadmaps
- Sample Org Charts
- Additional books and material
A detailed syllabus is available as well.
Ayman Elsawah
Fractional CISO, Public Speaker, Author, Podcast Host, Coffee Nerd
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top