To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Arts Dave Lewis, 1Password Dave Lewis
Content provided by Dave Lewis, 1Password and Dave Lewis. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Dave Lewis, 1Password and Dave Lewis or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Chasing Entropy Podcast by 1Password « »
Chasing Entropy Podcast 23: Cybersecurity Meets M&A with Cole Grolmus

36:00
 
Play
Playing
Share
 

MP3Episode home
Manage episode 509291652 series 3662462
Content provided by Dave Lewis, 1Password and Dave Lewis. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Dave Lewis, 1Password and Dave Lewis or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

In this episode of Chasing Entropy, I sit down with Cole Grolmus, founder of Strategy of Security, to explore the often-overlooked world where cybersecurity and mergers & acquisitions (M&A) collide.

The Journey to Strategy of Security

Cole shares his path from early sysadmin roles in Iowa to a decade at PwC, where he worked on large-scale cybersecurity transformations. Along the way, he blended business acumen with technical expertise, ultimately founding Strategy of Security to bridge the gap between practitioners and the commercial side of the industry.

M&A and Cybersecurity: Where Risk Meets Value

The conversation dives deep into the realities of cybersecurity in M&A:

  • The real “gotchas” - Rarely do deals fall apart solely due to security issues, but identifying problems early can shape budgets and integration strategies.
  • Integration challenges - From identity platforms to logging, customer management systems, and vendor contracts, successful acquisitions depend on planning for forward-looking integration, not just current posture.
  • Reasonable assurance - Much like audits, due diligence can only go so far. Complete certainty is impossible, and security leaders must manage risk with contingencies like holdbacks and clawbacks.

The AI Wild West

Cole and Dave touch on the rising role of agentic AI in enterprises. Whether it’s ephemeral developer tools or standing customer-facing agents, the lack of maturity and consistency makes integration during M&A even more complex.

Advice for Security Leaders

For CISOs facing M&A, Cole emphasizes:

  • Have a playbook - Not all M&A is bad, but leaders must prepare to handle inherited risks.
  • Factor M&A into your vendor strategy - The cybersecurity industry itself is consolidating rapidly, with billion-dollar deals becoming common. Vendor stability (or lack thereof) is now a core risk to manage.
  • Pay attention to the business side - As careers progress, understanding the industry landscape matters as much as technical defenses.

Key Takeaway

M&A in cybersecurity isn’t just about dollars and deals, it’s about managing complexity, risk, and people. Whether you’re a CISO preparing for an acquisition or a practitioner navigating vendor shakeups, the ability to translate between business imperatives and technical realities is critical.

  continue reading

28 episodes

#Arts #Dave Lewis, 1Password #Dave Lewis
Artwork

Chasing Entropy Podcast 23: Cybersecurity Meets M&A with Cole Grolmus

Chasing Entropy Podcast by 1Password

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 509291652 series 3662462
Content provided by Dave Lewis, 1Password and Dave Lewis. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Dave Lewis, 1Password and Dave Lewis or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

In this episode of Chasing Entropy, I sit down with Cole Grolmus, founder of Strategy of Security, to explore the often-overlooked world where cybersecurity and mergers & acquisitions (M&A) collide.

The Journey to Strategy of Security

Cole shares his path from early sysadmin roles in Iowa to a decade at PwC, where he worked on large-scale cybersecurity transformations. Along the way, he blended business acumen with technical expertise, ultimately founding Strategy of Security to bridge the gap between practitioners and the commercial side of the industry.

M&A and Cybersecurity: Where Risk Meets Value

The conversation dives deep into the realities of cybersecurity in M&A:

  • The real “gotchas” - Rarely do deals fall apart solely due to security issues, but identifying problems early can shape budgets and integration strategies.
  • Integration challenges - From identity platforms to logging, customer management systems, and vendor contracts, successful acquisitions depend on planning for forward-looking integration, not just current posture.
  • Reasonable assurance - Much like audits, due diligence can only go so far. Complete certainty is impossible, and security leaders must manage risk with contingencies like holdbacks and clawbacks.

The AI Wild West

Cole and Dave touch on the rising role of agentic AI in enterprises. Whether it’s ephemeral developer tools or standing customer-facing agents, the lack of maturity and consistency makes integration during M&A even more complex.

Advice for Security Leaders

For CISOs facing M&A, Cole emphasizes:

  • Have a playbook - Not all M&A is bad, but leaders must prepare to handle inherited risks.
  • Factor M&A into your vendor strategy - The cybersecurity industry itself is consolidating rapidly, with billion-dollar deals becoming common. Vendor stability (or lack thereof) is now a core risk to manage.
  • Pay attention to the business side - As careers progress, understanding the industry landscape matters as much as technical defenses.

Key Takeaway

M&A in cybersecurity isn’t just about dollars and deals, it’s about managing complexity, risk, and people. Whether you’re a CISO preparing for an acquisition or a practitioner navigating vendor shakeups, the ability to translate between business imperatives and technical realities is critical.

  continue reading

28 episodes

#Arts #Dave Lewis, 1Password #Dave Lewis

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play
icon
Help/FAQ | Advertise with Us
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play