Trust Engineering: Building Security Leadership at Early-Stage Startups

Name: Trust Engineering: Building Security Leadership at Early-Stage Startups
Duration: 31 min
Description: Being the first security hire at a startup is fundamentally different from enterprise security — it is a business leadership role that happens to do security. Mike Privette's "trust engineering" framework provides five concrete steps for building credibility and influence before attempting to build a security program, flipping the conventional model on its head. ---

Mike Privette

BSidesSF 2025 — Here Be Dragons · Day 2 · Main

Being the first security hire at a startup is fundamentally different from enterprise security — it is a business leadership role that happens to do security. Mike Privette's "trust engineering" framework provides five concrete steps for building credibility and influence before attempting to build a security program, flipping the conventional model on its head. ---

AI review

Privette knows his lane and works it well. The trust engineering framing — security leader as business diplomat first, technical practitioner second — is pragmatic advice for first security hires who keep getting fired for doing their jobs too well. Doesn't pretend to be more than it is.

Watch on YouTube