In today’s world, critical security insights are integral to conduct business smoothly. Several entrepreneurs and leaders have taken steps to remediate deficiencies and transform business decisions. However, it is not easy to deliver 100% transparent, accurate, and comprehensive solutions in a timely fashion.
Aleksandr Yampolskiy is a true trailblazer in the cybersecurity space. As the CEO and Co-founder of SecurityScorecard, he founded the company to create necessary systems and meet unexpected needs. As an innovator, he invested his efforts to merit the idea and methodology to “score any company around the world.”
All this was possible because of his unwavering conviction and a growth mindset. “You have to be challenging yourself to grow, because the type of leader you have to be when you’re a company of 20 vs 200, or even 400 is a totally different leader. Metaphorically, you have to fire yourself, reinvent yourself, and challenge yourself to be better than yesterday,” he adds.
Planting the seeds of cybersecurity
Aleksandr’s journey has been incredible thus far. But he grew up in a humble household where his interests and humility shaped his younger years. “We used to pick up furniture from the streets of Brooklyn because we didn’t have anywhere to sit down,” he recollects. His upbringing enabled him to solve a lot of problems through hard work and perseverance.
One such instance was at the age of 12. His curiosity was nudged by a computer game, Prince of Persia, that was brought to him by his friend. He realized that this game was infected by a virus that damaged his computer. “I became interested in figuring out how viruses worked. How do they make computers misbehave and how can you take over a computer?” he recalls.
This sparked Aleksandr’s interest in technology and security and encouraged him to delve more into cybersecurity. He wanted to protect systems and prevent people from fiddling with them. Later, he earned a Ph.D. in cryptography and set himself up into the field of cybersecurity.
After he received his PhD, he didn’t want to stay in academia. So, he went into the industry to build the systems for companies like Microsoft and Oracle. Further, this guided him to build authentication systems for Goldman Sachs.
His relentless ambition and experience pushed him to become a CISO at Gilt Groupe where he met some of his business partners, and cofounder. “It’s there that we really came up with the idea for SecurityScorecard. We’ve been running and scaling the company for the last seven years and trusted by some of the biggest brands in the world,” he says profoundly.
Cracking the safe Scorecard
Cyber insurance is becoming a must-have, and SecurityScorecard is helping to quantify risk for underwriters. Initiated in 2014, the company pioneered the concept of security ratings to measure and quantify risk. Today, this company holds prominence in over half of the fortune 500, many of the world’s most recognizable brands and government agencies, and measures almost 12M companies around the world. Clearly, in Aleksandr’s words, “we are the undisputed leader in this space.”
His promptness to start SecurityScorecard is derived from an interesting analogy. He says, “If you drive a car, you have the speedometer. At a doctor’s office, you have a scale. But with cybersecurity, there weren’t any indicators or KPIs to know how well you’re doing. You’re completely flying in the dark.”
During his stint at Gilt Groupe as the Chief Information Security Officer (CISO), he enlisted many different tools and technologies to help evaluate the organization, and the vendors. But he had no indicators and KPIs to measure the results.
This was a big revelation to him. He realized that as the market moves to the cloud and reliance on third-party vendors increases, all of the information is dispersed everywhere. He says, “You could be doing a great job protecting your data within your walls. But what if your law firm was hacked, or Dropbox, or Salesforce? The sensitive data you trusted to a vendor would be stolen, and there was no proactive measurement to gauge the security posture of your vendors. There were no standard KPIs.”
This is when he felt that he had to embark on that journey to make the world wide web a safer place, by standardizing the way to measure the security posture. “We needed a common language to grade every company’s cyber health,” he adds.
As the CEO and co-founder of the company, Aleksandr invests a lot of his time recruiting the right people to build the right team. He asserts, “At least 40 percent of my time is spent on finding and recruiting the right people, convincing the candidates to come work for SecurityScorecard, and figuring out how we create the right culture within the company. Another 30 percent of my time is spent on strategy and direction.”
Additionally, he considers it important to spend a good chunk of his time with the customers. The same belief is reinstated in the company as a core value — customer centricity. “I spend a lot of time talking to customers, alliance and strategic partners to ensure that we’re pointed in the right direction and have the right priorities,” he concludes.
His insightful lessons & practical advice
One of the many learnings for Aleksandr Yampolskiy has been the thought of investing early into the right processes and infrastructure, like recruiting and engineering. “Ultimately, it’s all about people. I spent a lot of time coaching the B-players to be A-players, instead of starting with A players,” he shares candidly.
He emphasizes on the need to hire the best suited talent for your venture. “The people you need when at $10M revenue are different at $20M, and $100M. You have to have the right people for the right stage. Don’t hire the people you need today; hire the ones you need 6 months from today. If you’re feeling the pressure, you’re not empowered with the right team,” he asserts.
At the end of the day, he believes, “it’s not about more people, it’s about hiring amazing people. They are who made the company what it is today.”
As an angel investor and advisor to over 15 companies like Scythe, Cyware and many others, Aleksandr also has compelling advice to offer. “When a lot of companies are early, they are chasing customers without having the right foundation (people, process and platform) in place. When you’re at an early stage: build the foundation. When you’ve matured: focus on the customer,” he suggests.
Invariably, he stresses on the need to find balance and not burn yourself out with work all the time. He recommends spending time with family and friends, just like he indulges in creative and fun pursuits with his kids, Ben and Maya by hiking, traveling, making art and creating experiences together. “It’s incredibly important to take time for life, not just business,” he adds.
Powering through virtual safe spaces
The future of SecurityScorecard looks promising and significant. “We’re already beating our competitors 70% of the time head-to-head, and our churn is incredibly low. We see more companies switching to us,” he observes. Gradually, Aleksandr is thrilled to launch additional products on top of the leading platform that he has created.
Moreover, he envisions scorecards to become the de facto standard and language for boards of directors, insurance, risk managers to communicate and measure security. Ultimately, making the world a safer place.