83. How small companies can make their security doable (with Phil Howie)

What if your first security hire wasn’t a person, but a simple, guided program that made sense to everyone in your company? In this conversation, Sidekick founder and CEO Phil Howie breaks down how SMBs can build a security and privacy practice from the ground up—long before they can afford a full internal team. We cover the reality of compliance vs real security, working with MSPs, the role of design in security tools, and how founders should think about AI, governance, and future regulation. If you’re a founder trying to grow in regulated markets, this one’s for you. Phil: https://www.linkedin.com/in/philhowie Sidekick: https://www.sidekick.co Jon: https://www.linkedin.com/in/jon-mclachlan/  Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich/  YSecurity: https://www.ysecurity.io/  🔒 Sponsored by YSecurity Closing a big deal and getting hit with a vendor questionnaire, SOC 2 request, or pen test requirement? That's exactly what we handle. YSecurity embeds a team of security engineers with backgrounds from Apple, Uber, Microsoft, Robinhood, and Brex directly into your company. No full-time hire, no bloated retainer. You set a monthly cap and we handle everything. Book a free strategy call and we'll tell you exactly where you stand. 👉 Book your free call: 30 Min Meeting | YSecurity.io | Cal.com 👉 Learn more: YSecurity | On-Demand Cybersecurity Team for Startups — SOC 2 in 5 Months