Sep 30, 2021 • 32M

Adam Markowitz of Drata on Why Startups Can't Hide From SOC 2 Anymore

Open in playerListen on);

Appears in this episode

Ripple Ventures
Join your host, Matt Cohen, Founder & Managing Partner at Ripple Ventures for weekly conversations with leaders in the startup ecosystem discussing the truth about investing, building and running startups.
Episode details

Data security is a huge concern, and a way to prove you take data security seriously is by obtaining a SOC 2 certificate. When obtained, SOC 2 is the gateway to larger enterprise contracts for SaaS companies, but the process of obtaining it can be labor-intensive, costly, and confusing. Drata was born to help streamline this process. We talk with Adam Markowitz, co-founder and CEO of Drata, to talk through SOC 2 and what Drata does for its customers.

About Adam Markowitz:
Adam is a former aerospace engineer who worked on rocket engines for NASA’s next-generation space launch vehicle as well as the Space Shuttle Main Engine. He went on to be the founder and CEO of Portfolium (Acquired by Instructure – 2019), proudly serving millions of students and grads from over 3,600 colleges and universities. He co-founded Drata in 2020 and recently closed a $25M Series A with GGV Capital, SVCI - Silicon Valley CISO Investments, Okta Ventures, Cowboy Ventures, and Leaders Fund.

In this episode we discuss:

01:58 What does SOC 2 Compliance and why is it so hard to achieve?

05:03 The SOC 2 process with and without Drata

06:48 Why SOC 2 is a growing concern for startups

08:22 Is SOC 2 standard for B2B companies?

09:53 What’s the first thing you should know if you’re asked for a SOC2 report?

12:12 The difference between SOC 2 Type I and SOC2 Type II

13:07 What the best case turnaround time for a SOC 2 Type I report

13:48 Why many companies do a SOC 2 Type I on the way to get a SOC 2 Type II

14:43 What type on content is in a SOC 2 report

16:43 How founders should think about SOC 2 requests from clients

18:25 How can startups instill a culture of cybersecurity

20:59 Who should manage the SOC 2 process at smaller startups

23:07 What Drata does to help simplify and automate the SOC 2 process

26:13 What is the overlap between SOC 2 and HIPPA

27:23 When is the right time to add a CISO position to a startup?

28:50 Drata’s traction and recent Series A financing

Fast Favorites
Masters of Scale

Ted Talks


Hybrid/Remote work

Extreme Ownership: How the US Navy SEALs Lead and Win by Jocko Wilink

Relentless: From Good to Great to Unstoppable by Tim Grover and Shari Wenk

Follow Matt Cohen and Tank Talks here!

Podcast production support provided by Agentbee.Agency