Eric Near
Two decades in the trenches (from infrastructure to strategy) reimagined through the lens of Disruptive Empathy.
Goodlettsville, Tennessee, United States
Actions
With two decades of experience spanning infrastructure, strategy, cybersecurity, and leadership, I explore the intersection of Emotional Intelligence and the technical world. As a neurodivergent writer, I advocate for human-centric systems that respect both our cognitive differences and the history of the Internet.
Area of Expertise
Topics
The Human API: Scaling Security Without Breaking People
In the early days of Web 1.0, we viewed the internet as a digital frontier (a place where you could build a world from scratch with nothing but a Geocities account and a dream). Back then, security was an afterthought because we were all just trying to get the lights to stay on. Fast forward to the modern startup landscape, and we’ve swung to the opposite extreme. We treat security as a series of bureaucratic hurdles that "slow down" the shipping cycle, or worse, a weaponized set of policies used to shame the first engineer who forgets to rotate their API keys.
At times, the modern "security stack" often feels like a sensory nightmare of Slack notifications and mandatory training videos that don't actually teach us how to be safe. We talk about "move fast and break things," but we rarely talk about the emotional cost of being the person who "breaks" the company's reputation.
This session is a 30 minute deep dive into why your Information Security strategy will fail if it doesn't account for the "Human API." We are going to look at the intersection of startup velocity and emotional intelligence. I’ll share why most Phishing simulations are actually counter-productive (they build a culture of resentment rather than a culture of vigilance) and how to design a security posture that feels like a feature, not a bug.
We’ll look back at how Open Source communities handled trust in the 90s and apply those lessons to the high-pressure environment of a Seed Round or a Series A. If you want to build a resilient company, you have to stop treating your employees like vulnerabilities and start treating them like your most sophisticated defense layer.
Attendees will walk away with a framework for Social Engineering defense that doesn't rely on fear. We will explore how to build "psychological guardrails" into your DevOps workflows and how to communicate risk to a neurodiverse workforce without triggering burnout. We’ll also look at how to leverage the history of the Internet to build trust in decentralized, remote-first teams.
Surviving (and Thriving) During a SOC 2 Audit
If you've ever stared down a SOC 2 audit for the first time, you know the feeling: a sudden flood of evidence requests, a spreadsheet that seems to multiply overnight, and the creeping suspicion that your entire organization is one missing policy away from a findings report that nobody wants to write.
Here's the thing. SOC 2 doesn't have to be a crisis. It just usually feels like one.
After spending two years in the trenches helping MSPs guide their clients through compliance programs, and personally overseeing the process that earned Galactic Advisors multiple SOC 2 Type II reports, I've seen what separates the organizations that survive an audit from the ones that actually build something durable from it.
This session is a candid, experience-first walkthrough of what a SOC 2 audit actually looks like from the inside. Not the marketing brochure version, but the version where someone asks you for 18 months of access logs at 4pm on a Friday. We'll talk about how to build evidence collection habits that don't require a fire drill, how to communicate audit requirements to a team that didn't sign up to be compliance officers, and how to use the Trust Services Criteria as a blueprint for operational maturity rather than a checklist for auditors.
We'll also get honest about the emotional weight of the process. Audits create anxiety. They surface gaps. They can make a well-run organization feel like it's held together with duct tape. I'll share the frameworks that helped me (and the teams I worked with) reframe the audit as a strategic asset instead of a bureaucratic tax.
Attendees will walk away knowing how to scope a SOC 2 engagement without over-committing, how to keep internal stakeholders aligned throughout the audit cycle, and how to turn a clean report into a trust-building tool for clients and partners.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top