Episode Summary

For most founders, cybersecurity feels like something to worry about “later.” But what if ignoring it now could kill your business before it even gets off the ground?

In this episode of Pick My Brain, Cole Cornford, founder of Galah Cyber, joins Alan Jones to unpack the real security risks early-stage startups face, and why they’re not always the ones you expect. Forget hoodie-wearing hackers: the bigger risks might be your Instagram account, your payments funnel, or the invoices sitting in your inbox.

Alan and Cole explore how to think about attack surfaces without jargon, when frameworks like ISO and SOC 2 actually matter, and why introducing just the right amount of friction can save you from catastrophic mistakes. They also talk branding, talent, and how Galah’s bright pink approachability helps win the right kind of customers.

If you’re building a B2B SaaS startup or scaling towards enterprise clients, this episode will help you avoid costly security missteps and focus on the protections that really matter.

Time Stamps

01:40 – Cole’s childhood dream: video games, Team Fortress, and eSports sponsorship

05:22 – Why Galah Cyber’s mascot is a pink galah (and not a scary hawk or snake)

07:36 – The three buyer journeys in cybersecurity: proactive, reactive, and compliance-driven

09:29 – What “attack surface” actually means, minus the jargon

10:08 – Who counts as a “threat actor”? From clumsy insiders to international hackers

12:07 – The overlooked risks: protecting marketing funnels and payment channels

14:20 – Why adding friction to payments can stop scams

16:09 – The opportunity cost of over-investing in security too early

17:28 – What ISO and SOC 2 certifications mean (and when founders should care)

19:25 – When enterprise customers will demand compliance

19:42 – Where founders should go for security advice that actually makes sense

21:08 – MFA (multi-factor authentication): better than nothing, even if it’s just SMS

21:25 – Why approachable branding makes Galah stand out in a serious industry

Resources

🙋🏻‍♂️ Cole Cornford: https://www.linkedin.com/in/colecornford/

🛡️ Galah Cyber: https://www.galahcyber.com.au/

🔒 Secured Podcast: https://www.galahcyber.com.au/podcasts/

Sponsors:

Pick My Brain is supported by our wonderful sponsors:

🦙 Vanta automates up to 90% compliance, getting you audit-ready quickly and saving you up to 85% of associated costs. Join 10,000 global companies like Cipherstash, Handle and Indebted that use Vanta to build trust and prove security in real-time.

Get 10% off - http://dayone.fm/vanta/brain

💰 Standard Ledger is your all-in-one finance team for startups. From bookkeeping and payroll to R&D claims and fractional CFO support, they help founders stay on top of their numbers and make smarter decisions. Ready to scale?

Book your free chat at https://dayone.fm/standard

The Day One Network

Pick My Brain is part of Day One, the podcast network dedicated to founders, operators & investors.

To learn more, join our newsletter to be notified of new and upcoming shows. The only content we create is content that will help Australian founders.

Mentioned in this episode:

Vanta PMB May 2025_01

Standard Ledger