When I made the decision to join Todyl as the Global Head of Threat & Intel Architecture, I knew I was embarking on something special. While I could've started sooner, I had commitments to fulfill in my previous role. But now that I'm here, I want to share why I chose Todyl and what excites me about this company's vision.
Before joining Todyl, I was the Chief Architect of Threat Intelligence at IBM Security, where I led the X-Force Threat Intelligence and Detection Engineering programs. I spent years building pipelines, data lakes, and analytics to produce threat content and infuse it into various integration points, such as firewalls, IDS/IPS, EDR, SIEM, SOAR, XDR—you name it. During that time, I realized that the key to effective cybersecurity isn't just about building actionable detection and analytics but also about having access to the right data. And that brings me to my first key point:
Over the years, I learned that data is the true differentiator in cybersecurity. You can develop sophisticated detections and analytics, but without the right data sources, it's impossible to validate and refine to make those solutions truly effective. Whether it's data from network visibility, endpoint telemetry, SASE, SIEM, XDR, or SOAR, the strength of your security lies in the quality and breadth of the data you can access.
Todyl's approach to security stands out because its comprehensive solution brings unparalleled real-world visibility, which ultimately makes its solutions more impactful. That alignment with my philosophy was one of the main reasons I decided to join the team.
Before joining Todyl, I believed that my experience working with large enterprises and CISOs would allow me to bring "enterprise use cases" to Todyl's customers. But, upon further reflection, I realized that enterprise-specific threats make up less than 3% of all threats in the cyber landscape. Most of the incidents enterprises face are the same commodity threats that affect SMBs—malware, phishing, spam campaigns, etc.
The reality is that enterprises and SMBs share a remarkably similar attack surface. The idea of unique "enterprise use cases" is largely a myth. What enterprises need is not unique use cases but a higher level of security maturity—better detection coverage, reduced dwell times, and faster response times. At Todyl, I want to help elevate security maturity for all our users—from SMBs to enterprises.
One of the things that struck me most during my interview with John was his statement that Todyl sees the real world. This is a critical distinction. It's not about focusing solely on large enterprises as "big targets," but understanding that SMBs, which make up 95% of global businesses, provide real-world visibility that allows us to stay ahead of emerging threats.
When we protect SMBs, we gather valuable telemetry and insights that directly inform our detection and analytic capabilities. That's why I'm so excited about Todyl's mission—because protecting SMBs helps us see and protect the real world. And once again, it's about data—visibility into the vast majority of the threat landscape allows us to develop solutions that truly make a difference.
One of the core values at Todyl is the drive to be the best. For me, achieving the security maturity required by enterprises is only the starting point. Large enterprises often face compromises due to the complexity of their IT infrastructures. Their SOC teams may struggle with detection inefficiencies or overlook low-risk incidents due to limited bandwidth. In contrast, SMBs have simpler environments, which allows us to create security solutions that are not only comprehensive but also more efficient. Todyl's modular approach to security drastically reduces the complexity of threat management, providing SMBs with security that is leaner, faster, and more effective.
Ultimately, I joined Todyl because I believe in its mission and vision. When we bring the security maturity required by enterprises to SMBs, we gain access to the data that will set us apart from our competitors. It's not just about knowing how to secure organizations; it's about taking meaningful action to protect them.
I strongly believe that everyone, regardless of size or budget, deserves the best possible cybersecurity. My work with Quad9, where we developed one of the most effective, freely available security solutions on the Internet, reinforces my belief that cybersecurity is not a privilege. Just as clean water and safe neighborhoods shouldn't be reserved for those who can afford them, neither should top-tier cybersecurity. Why should a doctor's office, school, or daycare be less protected than a Fortune 500 company?
I'm excited to be part of this journey and look forward to working with the team to deliver world-class security solutions that truly make a difference.