PODCAST · technology
Unicorn CISO
by Pedro @ 33N
Unicorn CISO covers discussions with CISOs from tech unicorns, working on the frontier of cybersecurity while balancing business speed.
-
2
Diogo Guerra (SVP Engineering Feedzai)
We talk with Diogo Guerra about building fraud and risk platforms at global scale while keeping engineering speed high and security standards uncompromising. We dig into why security leadership sits close to engineering at Feedzai, how they operationalize threat modeling, and where AI helps or hurts productivity. • Diogo’s scope across engineering, security, IT, and cloud operations for a 190-person organization • Feedzai’s focus on transactional fraud, anti-money laundering, and identity intelligence using behavioral and device analytics • Why SaaS responsibility and tier-one bank expectations raise the security bar • Balancing developer velocity with open source risk using context-driven vulnerability management • Rapid mitigation playbooks across thousands of servers without stopping delivery • Nonnegotiable security gates including threat modeling before major production changes • Bringing AI into the full development lifecycle with shared context and curated skills • A small architecture group distributing AI setups and productivity patterns across teams • Managing token cost, model choice, and avoiding lock-in as AI usage scales • How Gen AI amplifies social engineering scams and why identity signals matter • What agentic commerce could mean for fraud detection and cyber-fraud convergence
-
1
Ritesh Patel (CISO Just Eat Takeaway)
We talk with Ritesh Patel about building security that keeps up with product velocity without becoming a blocker. We dig into AppSec, Third-party risk, fraud, and a practical four-part framework for AI security that holds up under real-world pressure.• Building a CISO “tool belt” through a nonlinear career across ops, engineering, risk, and incidents • Defining security as a business capability tied to trust and outcomes• Managing pace and agility in a consumer tech marketplace without becoming the department of no• Bmbedding AppSec into platforms so teams ship secure-by-default • Engineering for the masses while detecting exceptions fast• Treating supply chain security as an ecosystem problem that needs better visibility and real-time signals• Focusing on identity and access as the perimeter, including OAuth scope control • Reframing fraud and account takeover as a shared trust problem across teams• Applying a four-phase AI security model: build safe, run safe, defend with AI, control agentic AI• Separating AI-first vendor value from AI-washing and chatbot wrappers• Using NIS2, DORA, and other frameworks to improve risk posture, not just pass audits
-
0
Patrick Blanc (CISO Nexthink)
We talk with Patrick Blanc about what it takes to secure a fast-growing B2B company whose product includes a privileged endpoint agent deployed at massive scale. We dig into why fundamentals beat hype, how productivity shortcuts quietly create the biggest risks, and how we frame security to customers and the board without losing speed. • Patrick’s career path from banking and consulting to CISO roles and security leadership at Google DeepMind • Why privileged endpoint agents raise reliability and trust stakes for enterprise customers • How identity and access management fits alongside endpoint security and defense in depth • Using compliance as a baseline trust signal while preparing for deeper customer audits • The hidden risk of productivity workarounds and the shift with agentic AI tools • Tool sprawl as a security problem and the value of secure-by-default standards • Emerging segments like IDE-integrated AI code security and the push to reduce alert noise • Practical ways to communicate cyber risk to a board focused on growth and resilience • Preparing for a faster external attack surface by tightening fundamentals like patching
-
-1
Nuno Teodoro (ex-VP Cybersecurity at Solaris)
We talk with Nuno Teodoro about how a hands-on security leader builds real defenses inside a cloud-native bank while regulators, auditors, and the business all demand speed. We dig into what changes when a fintech becomes a bank, how to use compliance to fund security maturity, and why AI-driven fraud is raising the stakes.• career path from computer engineering to application security and penetration testing• shifting from consultancy to leading security inside companies across telecom, insurance, and fintech• difference between VP of Cybersecurity and CISO roles across the three lines of defense• selecting vendors through hands-on POVs and POCs instead of only RFPs• protecting customer funds as the core cybersecurity goal in regulated banking• balancing compliance work with risk-based security priorities• navigating major frameworks and regulations like PCI DSS, SWIFT, ISO 27001, ISO 22301, PSD2, and DORA• using regulatory requirements to justify investments and close real security gaps• scaling security culture in a cloud-based AWS bank while managing control expectations• friction points in secure software development life cycle and blocking risky pull requests• communicating cyber risk to the board through business impact and clear narratives• focusing on DORA implementation plus the rise of AI-enabled fraud and account takeover threats
We're indexing this podcast's transcripts for the first time — this can take a minute or two. We'll show results as soon as they're ready.
No matches for "" in this podcast's transcripts.
No topics indexed yet for this podcast.
Loading reviews...
ABOUT THIS SHOW
Unicorn CISO covers discussions with CISOs from tech unicorns, working on the frontier of cybersecurity while balancing business speed.
HOSTED BY
Pedro @ 33N
CATEGORIES
Loading similar podcasts...