Expert Series: How Rock and Roll Taught a Startup Founder to Prioritize Cybersecurity – Digital Nova Scotia – Leading Digital Industry
Expert Series: How Rock and Roll Taught a Startup Founder to Prioritize Cybersecurity

October 31, 2022

Welcome to our new Expert Series!

These guest blogs are written by leaders in our sector, sharing their expertise and insights through the DNS platform. This edition has been written by Darren Gallop, CEO & Founder of Carbide.

Having spent over a decade touring and performing in Canadian punk rock bands and running my own record label, I was well versed with the music industry – including the frustrations many performers and managers felt when it came to touring logistics. To address the gaps I was seeing, I founded Marcato, a SaaS company that helped artists and their managers handle tours and all the associated logistics. 

The business quickly became the go-to platforms for some of the most popular music festivals in the business including Coachella, Bonnaroo, and Outside Lands.

You wouldn’t believe our excitement when a UK-based global festival expressed interest in our platform – it was a massive potential deal. As it turned out, this festival was owned by a multinational corporation—one with enterprise-level expectations for how their third-party partners managed data security and privacy. The parent company required clear, concrete proof that we met their strict security and privacy standards – meaning the informal and unstructured methods our team had used in the past to reassure clients of our security simply wasn’t going to cut it.

When we failed to be able to deliver that proof, the seven-figure deal that was Marcato’s entry into the big leagues vanished in an instant. 

The moment was a trajectory-altering turning point: While me and my team turned our attention to closing the identified gaps (I even took the time to get certified in information security), the company lost valuable time building market share in a competitive space. Marcato eventually repositioned itself, but it was never the same.

These events resulted in one of the most significant “Ah hah” moments in my life – prioritizing security from the onset of your company could be a competitive differentiator and the key to closing more deals, faster. 

I looked around me in the startup community and this didn’t seem to be common knowledge. I became intent on helping others avoid the same fate- and Carbide was born.

Carbide is a SaaS platform, backed by a team of security and privacy experts, making enterprise-class security and privacy accessible to fast-growing organizations. Carbide helps founders just like me build security and data privacy into their organizations from the start.

Even though my failure in the music festival industry caused an exciting trajectory change into security and privacy – I’m passionate in helping other startup founders learn from my mistakes and avoid the same fate.

Here are a few tips I always recommend to my fellow entrepreneurial leaders:

  • It’s never too early to think about security.

It may not seem like a priority in comparison to funding and your go-to-market strategy, but implementing security controls into your business’s DNA at the very beginning will save you money and time as your company begins to scale.

  • Robust security drives healthy growth.

Inadequate security can prevent you from entering various markets and regions, and may also flag you to regulators. A commitment to security early-on will build trust with companies wanting to do business with you.

  • Begin with documented best practices.

Knowing what regulatory and legal standards apply to your unique business will not only help you adhere to the right protocols early, but you’ll be able to answer questions that regularly come up in contracts or vendor questionnaires within your industry more easily.

  • Don’t wait. Security only gets harder.

Don’t wait until you scale to implement security compliance. Trying to retrofit your systems to adhere to security frameworks—or worse, having to rewrite source code—will cost you time, money, resources, and even the trust of your partners and customers.

Cybersecurity is more critical for startups and high-growth companies than it was when I first got started in this industry. Today, it is absolutely critical – not only for defending your organization from the constantly evolving threat landscape, but also for driving business and enabling you to meet growth goals. Take it from someone who’s learned the hard way – don’t let a poor security posture be the reason you miss out on your next big deal.

Interested in contributing your expertise to this series? Reach out to Caitlin!