Podcast thumbnail for Scaling Cyber

Scaling Cyber

Claim This Podcast

by Scaling Stories from Cyber's Next Generation

18 episodes
Updated Daily
Accepts GuestsHas SponsorsLocation 🇪🇺

Podcast Overview

Where cybersecurity founders and leaders from all over the world share their journeys of growth, challenges, and global expansion. <br/><br/><a href="https://scalingcyber.substack.com?utm_medium=podcast">scalingcyber.substack.com</a>

Language

🇺🇲

Publishing Since

10/9/2025

1 verified contact email on file for Scaling Cyber

Pitch yourself as a guest, propose sponsorships, or reach out directly to the host.

Recent Episodes

Episode thumbnail for How to Build a Cybersecurity community of 80000 members? The story of Women4Cyber Foundation

April 29, 2026

How to Build a Cybersecurity community of 80000 members? The story of Women4Cyber Foundation

<p>Europe’s cybersecurity talent gap isn’t just a technical problem. It’s a human capital problem — and one that became dramatically more urgent in 2025, when geopolitical shifts quietly pulled the financial rug out from under the continent’s most active cybersecurity community builder.</p><p><strong>Anett Mádi-Nátor</strong>, President of the Women for Cyber Foundation and Managing Partner at CyEx.hu, joined Scaling Cyber to discuss what it takes to build and sustain an 80,000-member community across 35 countries — and how the foundation navigated its most challenging strategic pivot to date.</p><p>The Journey: From COVID Startup to European NGO Unicorn</p><p>Women for Cyber launched in 2019 — just before COVID — with a diverse portfolio of community initiatives. Rather than dictating what the community needed, the team ran what Anett describes as a form of “targeted market research”: launching multiple programs, watching what resonated, and doubling down accordingly.</p><p>The answer was clear: education, training, and mentorship. Not advocacy. Not events alone. Practical, bottom-up capacity building.</p><p>Today, Women for Cyber manages 2,500 active mentees through a structured six-month matching program — run by just 1.5 staff members, supported by digital platforms. Fewer than 15 people run the entire foundation.</p><p>The Market Shift: When US Funding Disappeared Almost Overnight</p><p>In 2025, a seismic shift hit Women for Cyber’s funding model. With new US political priorities deprioritizing DEI globally, American corporate donations — which had made up 95%+ of W4C’s income — collapsed to below 50% within months.</p><p>The foundation’s response was not to scale back. It was to restructure.</p><p>New European corporate partners stepped in. And in doing so, Women for Cyber’s funding crisis became a microcosm of a much larger story: Europe realizing it needs to build its own cybersecurity capacity — independently, urgently, and at scale.</p><p>“When one door closes, another opens,” Anett notes. “And for Europe, that door is opening now.”</p><p>Why This Matters Beyond Diversity</p><p>The conversation reframes the “women in cyber” issue entirely. This isn’t a fairness argument — it’s a strategic one.</p><p>With cybersecurity talent demand outpacing supply across Europe, excluding 50% of the potential workforce isn’t just inequitable. It’s a security risk. Women for Cyber’s model — inclusive, bottom-up, non-profit — has proven more effective at community building than well-funded institutional programs precisely because it operates without corporate compliance constraints and channels everything back into the mission.</p><p>Anett also challenges assumptions about where the gender gap actually lives. It’s not primarily in entry-level roles or even founders — it’s in corporate boards and C-suites, where cybersecurity leadership (regardless of gender) is still underrepresented at the highest decision-making levels.</p><p>What’s Next: Cyber Resilience, AI, and Going Local</p><p>For 2026, Women for Cyber is pivoting its portfolio toward two new frontiers: cyber resilience (a broader, more operational frame than traditional cybersecurity) and AI-enabled capacity building.</p><p>The foundation is also leaning harder into local chapter activation — recognizing that physical, local communities are now stronger than purely digital ones in a post-COVID world.</p><p>The next annual conference will be held in Brussels in September 2026 — a symbolic move to the heart of European institutions.</p><p>Key Takeaways for Cyber Founders & Leaders</p><p>* <strong>Community-led beats consultant-led.</strong> W4C never hired external consultants. Everything came from internal teams and the community — and that’s why it scaled.</p><p>* <strong>The DEI funding shift is a cybersecurity story.</strong> The pullback of US support for diversity initiatives has direct, material consequences for European cyber capacity.</p><p>* <strong>The real gap is in boards, not entry-level.</strong> For leaders focused on inclusion, the most impactful change happens at the top of established organizations.</p><p>* <strong>Local chapters > central programs.</strong> European companies should connect with their national Women for Cyber chapter first — local community building has the highest ROI.</p><p>* <strong>Operational efficiency is a competitive advantage.</strong> 2,500 mentees, 1.5 staff. The model is replicable and worth studying.</p><p>* <strong>Cybersecurity is never a one-person show.</strong> Anett’s closing line: “It’s always a team effort.”</p><p>About the Guest</p><p><strong>Anett Mádi-Nátor</strong> is President of the Women for Cyber Foundation, Europe’s largest cybersecurity community with 80,000+ members and 35 national chapters. She is also Managing Partner at CyEx, a CEE-based cybersecurity company. A recognized leader in European cyber policy and capacity building, Anett is driving Women for Cyber’s strategic pivot toward cyber resilience and AI-enabled education for 2026.</p><p>About Scaling Cyber</p><p>Europe’s cybersecurity talent gap isn’t just a technical problem. It’s a human capital problem — and one that became dramatically more urgent in 2025, when geopolitical shifts quietly pulled the financial rug out from under the continent’s most active cybersecurity community builder.</p><p>Anett Mádi-Nátor, President of the Women for Cyber Foundation and Managing Partner at CyEx, joined Scaling Cyber to discuss what it takes to build and sustain an 80,000-member community across 35 countries — and how the foundation navigated its most challenging strategic pivot to date.</p><p><strong>Subscribe:</strong> <a target="_blank" href="https://scalingcyber.substack.com/">Substack</a> | <a target="_blank" href="https://open.spotify.com/show/6ya2wXnAocJvzDfGkAjH8t">Spotify</a> | <a target="_blank" href="https://podcasts.apple.com/us/podcast/scaling-cyber/id1840151010">Apple Podcasts</a> | <a target="_blank" href="https://www.youtube.com/@ScalingCyberPodcast">YouTube</a></p> <br/><br/>This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit <a href="https://scalingcyber.substack.com?utm_medium=podcast&#38;utm_campaign=CTA_1">scalingcyber.substack.com</a>

Episode thumbnail for The Channel Is King: How Mateusz Wepa Is Building Cybersecurity Distribution from Scratch in Central Europe

April 22, 2026

The Channel Is King: How Mateusz Wepa Is Building Cybersecurity Distribution from Scratch in Central Europe

<p>Most cybersecurity founders obsess over their product. <strong>Mateusz Wepa</strong> obsesses over something else entirely: the channel.</p><p>And in less than two years, that obsession helped him build IITD’s Polish operation from 5 people to 12, a growing network of dedicated partners, and a reputation for being the most responsive distributor in the market.</p><p><strong>Guest Journey</strong></p><p>Mateusz Wepa came up through the world of technology sales and distribution — from his early days at Dagma, where a senior mentor taught him that every email gets answered within two hours, to managing teams across multiple European countries. That discipline — consistency as a form of trust — became the foundation of everything he’d later build at IITD.</p><p>When IITD decided to enter Poland, they made an unconventional bet: instead of placing one or two business developers to see what happens, they launched with five people from day one — a sales lead, a technical expert, a marketing specialist, and a product manager. The goal was to be fully local, fully committed, and fully capable from the start.</p><p><strong>The Key Insights</strong></p><p>Trust is a mathematical equation. Mateusz defines trust simply: consistency over time. Partners don’t need you to be perfect, they need you to be predictable. Pick up the phone. Answer emails. Show up. Do it long enough, and you earn a place in their comfort zone.</p><p>You don’t need the best product. You need the best channel. He uses his experience with ESET as the example: not the best endpoint product in the world, but the best-distributed one in Poland. The market share follows. Channel excellence consistently beats technology excellence in the mid-market.</p><p>Identity is the new front line. CrowdStrike’s own data shows that over 80% of attacks use no malware at all. Threat actors don’t hack in, they log in. This is reshaping the conversation around identity protection, Active Directory security, phishing simulation, and AI data exposure.</p><p>American vendors struggle to let go. Most US vendors have never needed distribution at home. When they try to scale to markets that don’t speak English, they face a paradox: they need to hand over control to a local partner, but struggle to trust one. The ones that figure it out scale. The ones that don’t stall.</p><p><strong>Why It Matters</strong></p><p>Poland is the sixth-largest economy in the EU. The Baltics are fast-growing, cyber-aware markets. And Central and Eastern Europe represents a significant untapped opportunity for cybersecurity vendors, if they’re willing to invest properly.</p><p>IITD’s model — small team, deep expertise, total local commitment — is a blueprint for how to enter these markets the right way.</p><p><strong>Scaling Lessons</strong></p><p>* Start with local presence, not remote support. Language, culture, and in-person relationships define trust in CEE markets.</p><p>* Don’t fall in love with your technology. The market will tell you where the value actually is.</p><p>* Pick a smaller, committed distributor over a large one that won’t prioritize you.</p><p>* Identity security is the most pressing emerging category in the Polish market right now.</p><p>* Consistency — in response times, follow-through, and partner enablement — is your most durable competitive advantage.</p><p><strong>Key Takeaways for Cyber Founders & Leaders</strong></p><p>* <strong>Channel > Product.</strong> A good product with a great channel will outperform a great product with an average channel, every time.</p><p>* <strong>Trust = Consistency over Time.</strong> Be predictable. Be responsive. Be there.</p><p>* <strong>Invest in the market, not just in a contract.</strong> A distribution agreement is not an investment. MDFs, events, enablement, and local presence, that’s investment.</p><p>* <strong>Don’t assume size equals commitment.</strong> A large distributor with 50 products won’t fight for yours. A focused one with 10 will.</p><p><strong>About the Guest</strong></p><p><a target="_blank" href="https://www.linkedin.com/in/mateusz-wepa/"><strong>Mateusz Wepa</strong></a> is Country Manager Poland at <a target="_blank" href="https://iit-d.pl/"><strong>IITD</strong></a> (Intelligent IT Distribution), a cybersecurity value-added distributor operating in Poland and the Baltics. With a career spanning technology sales, channel management, and multi-country team leadership, he has spent the last two years building one of Poland’s most focused and fastest-growing cybersecurity distribution operations.</p><p><strong>About Scaling Cyber</strong></p><p><a target="_blank" href="https://scalingcyber.bridgerwise.com"><strong>Scaling Cyber</strong></a> spotlights cybersecurity founders and ecosystem leaders outside the traditional US/Israel hubs, surfacing the real stories behind building global cyber companies.</p><p><strong>Subscribe:</strong> <a target="_blank" href="https://scalingcyber.substack.com/">Substack</a> | <a target="_blank" href="https://open.spotify.com/show/6ya2wXnAocJvzDfGkAjH8t">Spotify</a> | <a target="_blank" href="https://podcasts.apple.com/us/podcast/scaling-cyber/id1840151010">Apple Podcasts</a> | <a target="_blank" href="https://www.youtube.com/@ScalingCyberPodcast">YouTube</a></p> <br/><br/>This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit <a href="https://scalingcyber.substack.com?utm_medium=podcast&#38;utm_campaign=CTA_1">scalingcyber.substack.com</a>

Episode thumbnail for SaaS Doesn't Mean Secure. Lukasz Jesis Built Two Companies to Prove It.

April 15, 2026

SaaS Doesn't Mean Secure. Lukasz Jesis Built Two Companies to Prove It.

<p>Most companies assume their data is safe because it lives in the cloud. Most engineering teams assume their source code is protected because it’s on GitHub. Most CISOs don’t think about DevOps data until an auditor asks — or until something goes wrong.</p><p>Lukasz Jesis thought about it before most people did. And it led him to build two of the most focused data protection companies coming out of Europe today.</p><p>Founder Journey</p><p>Xopero was founded in 2010 in Gorzów Wielkopolski, Poland — a mid-sized industrial city far from any traditional tech hub. The ambition from day one was to build a Polish product company that sold globally in cybersecurity, at a time when almost no one in Poland was doing it.</p><p>Lukasz and his team grew Xopero deliberately: targeting the mid-market sweet spot (500–1,000 employees), building a flexible platform that works across hardware appliances, SaaS, and software — all with the same experience. No specialist required to deploy it.</p><p>The real turning point came from an internal question. What would happen if Xopero lost its own source code? The team said it was “protected somehow.” That answer wasn’t good enough. Digging deeper revealed a gap no one was properly addressing: the backup and security of DevOps ecosystems — GitHub repositories, Azure DevOps pipelines, CI/CD metadata, intellectual property.</p><p>GitProtect was born.</p><p>The Key Insights</p><p><strong>SaaS ≠ Security.</strong> Cloud vendors provide services, not data protection guarantees. The shared responsibility model puts full accountability for data recovery on the customer — but most organizations haven’t internalized this. GitProtect exists to close that gap.</p><p><strong>Category creation requires education.</strong> When GitProtect launched, the market didn’t know it needed the product. Early conversations were met with “why would I back up GitHub?” Today, the inbound has flipped: customers arrive already convinced, looking for the best solution — not a reason to buy.</p><p><strong>Two products, two strategies.</strong> Xopero competes in a known market (backup and recovery) against funded giants like Veeam and Acronis — as a disciplined challenger focused on European mid-market. GitProtect creates a niche and leads it globally, with the US as the primary growth market. Both lines are growing at 100%+ year over year.</p><p><strong>Certifications are GTM accelerators.</strong> ISO 27001, SOC 2, and similar attestations are not just compliance exercises. They shorten procurement cycles — especially in the US — and signal that a cybersecurity vendor can be trusted to protect others.</p><p>Why It Matters</p><p>Poland’s IT market spends over $50 billion annually. Almost none of it goes to Polish companies. Lukasz calls this “the trap” — a market large enough to seed serious growth, but historically captured almost entirely by US vendors.</p><p>That’s changing. Digital sovereignty awareness is rising across Europe. And companies like Xopero and GitProtect are proving that innovation in cybersecurity doesn’t require a Silicon Valley zip code or a Tel Aviv address.</p><p>Scaling Lessons</p><p>* Define your target group precisely. You cannot build the best product for everyone. Win on the battlefield you define.</p><p>* Follow your customers, not the full market. Xopero protects 80–90% of critical assets — at the highest possible quality — rather than chasing 100% coverage at lower depth.</p><p>* Go where your talent leads you. Lukasz’s first international hire for the DACH region was an experienced, hungry leader — someone whose drive matched the company’s pace.</p><p>* Build culture before scale demands it. At 120 people growing toward 170, the hardest challenge is not product or sales — it’s transmitting core values through layers of new hires.</p><p>* Governance is the next frontier. Auditors are no longer asking “do you have backups?” They’re asking which data is backed up, how, and who verified it.</p><p>Key Takeaways for Cyber Founders & Leaders</p><p>* SaaS services are not data protection. The shared responsibility model places full ownership of data recovery on the customer.</p><p>* Category creation requires patience. GitProtect spent years educating the market before inbound demand flipped.</p><p>* Certifications (ISO, SOC 2) are not just compliance — they are competitive advantages in enterprise procurement, especially in the US.</p><p>* The fastest deals often come after incidents. Be ready to move quickly when a customer has a live problem.</p><p>* Poland and Central Europe are serious cybersecurity markets — both as talent pools and as emerging ecosystems worth watching.</p><p>About the Guest</p><p><a target="_blank" href="https://www.linkedin.com/in/lukasz-jesis/"><strong>Lukasz Jesis</strong></a> is Co-Founder and CEO of <a target="_blank" href="https://xopero.com">Xopero</a> Software and <a target="_blank" href="http://GitProtect.io">GitProtect.io</a>, headquartered in Gorzów Wielkopolski, Poland. Xopero is a unified backup and disaster recovery platform for mid-market enterprises, and GitProtect is the leading DevOps data protection platform focused on source code, repositories, and the broader engineering ecosystem.</p><p>About Scaling Cyber</p><p><a target="_blank" href="https://scalingcyber.bridgerwise.com"><strong>Scaling Cyber</strong></a> spotlights cybersecurity founders and ecosystem leaders outside the traditional US/Israel hubs — surfacing the real stories behind building global cyber companies.</p><p><strong>Subscribe:</strong> <a target="_blank" href="https://scalingcyber.substack.com/">Substack</a> | <a target="_blank" href="https://open.spotify.com/show/6ya2wXnAocJvzDfGkAjH8t">Spotify</a> | <a target="_blank" href="https://podcasts.apple.com/us/podcast/scaling-cyber/id1840151010">Apple Podcasts</a> | <a target="_blank" href="https://www.youtube.com/@ScalingCyberPodcast">YouTube</a></p> <br/><br/>This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit <a href="https://scalingcyber.substack.com?utm_medium=podcast&#38;utm_campaign=CTA_1">scalingcyber.substack.com</a>

18 total episodes available

Deep-dive analytics for Scaling Cyber

Frequently asked questions

Have a different question and can't find the answer you're looking for? Reach out to our support team by sending us an email and we'll get back to you as soon as we can.

What is Scaling Cyber?

Where cybersecurity founders and leaders from all over the world share their journeys of growth, challenges, and global expansion. <br/><br/><a href="https://scalingcyber.substack.com?utm_medium=podcast">scalingcyber.substack.com</a>

How often does this podcast release new episodes?

This podcast updates daily.

Where can I listen to this podcast?

This podcast is available on 4 platforms including Apple Podcasts, Spotify, and more. You can also use the RSS feed directly.

Does this podcast accept guests?

Yes, this podcast regularly features guests.

Legal Disclaimer

Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.

All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.

We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.

While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at hey@podengine.ai for prompt review and appropriate action, which may include content removal or proper attribution.

By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.