Compliance Without Chaos: Meiran Galis, CEO @Scytale

Security compliance is a major roadblock for startups—time-consuming, costly, and complex. But what if it didn’t have to be? Meiran Galis, CEO & Founder of Scytale, reveals how startups can automate and streamline compliance without breaking the bank. He shares his journey from EY to building a startup, explains why AI will transform compliance and gives candid advice on startup growth. Tune in for insights on SOC 2, ISO 27001, AI regulations, and scaling with confidence.

This transcript was generated automatically by AI. If you find any mistakes, please email us.

Meiran
0:00:00
And to be honest, many times they don't care. They just need to sign this deal and then these customers come to them and ask them if they have SOC 2 compliance and they are totally clueless about what the heck is SOC 2. Everything sounds so complicated, you know. They just want to sign this deal and now suddenly they need to do

Meiran
0:00:26
in order to get software as soon as possible.

Music
0:00:29

Announcer
0:00:32
Hello, everyone.

Announcer
0:00:33
You're listening to Cloud Next, your go-to source for cloud innovation and leaders insight, brought to you by GlobalDots.

Ganesh
0:00:41
Security compliance can be a huge barrier to growth for many startups, with processes that are not only time consuming, but also costly, slowing down progress and preventing companies from scaling. But our guest today, Mehran Ghalis, is on a mission to change that.

Ganesh
0:00:58
As the founder and CEO of Skytale, Mehran has been leading the charge in revolutionizing how startups navigate the complex world of security compliance. I'm Ganesh D'awesome, solutions architect at GlobalDots. And in today's episode, we'll hear about Mehran's journey,

Ganesh
0:01:13
the gap he saw in the compliance market and how Skytale helped

Meiran
0:01:16
startups overcome these challenges. Mehran, before we start, what should people know about you? Tell the listener a little bit about yourself. I'm based in Tel Aviv. I love to watch the NBA. In my free time, I also love to read some stuff about security compliance. I have one dog and a girlfriend and a beautiful girlfriend and you know that stuff that's usually not in the menu. So that's a little bit about myself.

Meiran
0:01:46
But I started my journey at the security compliance base almost 30 years ago at EY, at the technology risk department. I've been doing this for a couple of years and I just saw the massive growth with startups and technology. And the fact that enterprise were looking to trust these companies, but they've been looking for proper systems or certification. And this is where I identify some gaps that I guess we might be going to talk about

Meiran
0:02:22
them. I definitely think so and well done for managing to maintain a relationship

Ganesh
0:02:22
and a dog and some hobbies whilst being a founder because I'm pretty sure it's all consuming and you don't have so much time for those things and it's not every day I know it yeah and it's not every day we get to sit down with the founder so it'd be nice to take this opportunity to learn a little bit about your journey, what sent you down this path, obviously you mentioned EY, and what advice would you give to someone who wants to start their own company?

Meiran
0:02:57
I'd say just do it. It might be a cliche, but you can always find reasons why not to do it because you might need to get more experience, maybe it's not the right time because you're getting married or you start something new. And you find reason to just postpone. And what I find with many of my friends that want to start their ventures is that they're postponing, in my opinion, sometimes from the wrong reasons. They just have some concerns about the future and they think they are not professional enough

Meiran
0:03:32
or didn't get enough experience. And it's never going to be perfect. You just need to embrace the imperfect and understand that it's okay and just don't take, don't be afraid to take responsibility. I think that's a critical part. Now I started my journey four years ago and four years ago and three days. I always wanted to be an entrepreneur.

Meiran
0:04:02
I was doing a couple of stuff in my studies at the university, but then I started to work at EY, the technology risk department. I was doing security audits, working mainly with the tech industry, many startups, mid-market enterprises, companies that were acquired by Google and Salesforce, Checkpoint and Money.com and this kind of company. So you know, every company has a different ecosystem, different old child, different culture and different challenges.

Meiran
0:04:38
And then I understood that there are some stuff that are very different and the pains are pretty big between an enterprise and a startup. But there are also many things in common. And for startups, it's very difficult to manage things on scale because first they don't have time. They are very price sensitive. They don't have enough resources or knowledge. And to be honest, many times they don't care. They just need to sign this deal. And then these customers come to them and ask them if they have SOC 2 compliance, and they are totally clueless about what the heck is SOC 2.

Meiran
0:05:15
You know, so they're just asking all their friends, they're looking at Google, and then they understand, okay, it's kind of an attestation report, and I'm gonna have an external audit process. Everything sounds so complicated, you know, to just want to sign this deal,

Meiran
0:05:30
and now suddenly they need to start going reverse engineering on understanding what they need to do in order to get SOC 2 as soon as possible. So just for all the audience that doesn't know what SOC 2 is, SOC 2 stands for Service Organization Control.

Meiran
0:05:51
And in simple words, it's an attestation report. It's like a certification, but not really, because there is an auditor's opinion in that. It's a report of about 50 to 100 pages where companies get in order to prove for their business partners or their customers that they can trust them. So it's essentially, it's a third party CPA firm will come and attest the company and will track their security, their privacy, availability, confidentiality

Meiran
0:06:30
and processing integrity. And it's been under race because enterprises want to work with startups, but they want to bring innovation into their organization. But you know, they have all of these compliance and security and legal requirements where they need to reduce their risk to an acceptable level. And one effective tool to reduce the risk is to ask their company, their vendors to have SOCTO report. And this is what SOCTO is all about. So as long as you see more

Meiran
0:07:04
startups selling more into the United States and Europe, these startups need to prove that they are compliant. And that was my space. I was writing the kind of the beginning of massive growth in, you know, the golden age of cloud innovation and startups. And I just understood that startups need to move fast, be clueless, and they need to sign that deal. So I just started the blog because I was thinking, just let's access information for all of these startups and entrepreneurs that needs to learn more about security compliance and privacy compliance and SOC too.

Meiran
0:07:48
And let's see what's happened. So I used to just write blogs over the weekends. And soon there was one investor that was somehow reached out to my blog and he was enthusiastic into that space. And then someone introduced him to me and you know, one thing led to another. We had a meeting and then we had another meeting and then I told him my idea and things just moved fast to the point where I started CyTel.

Ganesh
0:08:21
Great story. It's not very often you hear that somebody came to somebody to build a company. So, you know, the founding story is quite interesting that you were approached for this opportunity because usually it's definitely not that way. And I really admire the advice to people to just go in there and get it done.

Ganesh
0:08:42
It's not advice I would am taking myself. I'm more of an excuses man for sure. But I heard there was a quote from Richard Branson, and if someone gives you an opportunity, you don't know how to do it, say yes, and then work out how to do it later.

Ganesh
0:08:59
And I think, you know, just a great piece of advice to somebody if you have an opportunity that comes towards you. So kudos to you for jumping on it and taking the gamble. You mentioned, you're welcome. You mentioned that the, obviously you found this gap, startup companies,

Ganesh
0:09:17
they need to be compliant. It's a whole nightmare. The whole certification process, all ISO, SOC 2, whatever. So then once you saw that gap, how did you approach creating a solution that combined automation and the human touch?

Meiran
0:09:32
You know, it's funny, because in the early days, I was only thinking about the technology. I wasn't thinking at all about how I'm going to bring new customers, design partners. It wasn't even in my mind. I was thinking the only main problem is going to be how I'm going to build a platform that can automate the process. And I just met, I was just kind of a domain expert because that's what I was doing for a couple of years and I was very curious about this. So I just kept learning more and more.

Meiran
0:10:08
And when I started Scytl, I just thought, okay, it makes sense based on my experience that they need to do that and that and that. And this is the most painful part in the process. So in other words, I was thinking, let's just build a nice dashboard, something like more sophisticated Excel, even though it wasn't in no way more sophisticated than Excel, you know, and it also wasn't more beautiful than Excel.

Meiran
0:10:38
But it was something that I could at least manage the bare minimum on it. And on the other end, I know that I need to give maximum value at minimum time. And I was thinking, okay, so what's the end customer looking for? Are they looking for a compliance automation platform? Or are they looking for someone to take this pain out of their mind and out of their plate? And I was more into the second part.

Meiran
0:11:06
You know, I just want to take SOC 2 out of their mind. And in the early days, there was like 100% consulting because I need to get the job done and 0% automation because there was no platform. There was not a CTO in the company. So actually I signed my first customer one and a half months after I started. It's a company from the United States and I was working now even faster to find the

Meiran
0:11:34
chief technology officer. And in the meanwhile, I was just designing the platform logics and I was building mockups. The fact that I studied information systems was kind of helpful to me in the early days because I can understand the basic and communicate effectively with the CTO. And that was the early days. There was not really any guidance or a blueprint.

Meiran
0:12:03
You know, I was just doing what I thought make the most sense and can give value to my customers. And, you know, things just led to another. I understand, okay, we need to build this and this and this. And we've been like on the one end all over the place. You know, when I'm looking at the mock-ups

Meiran
0:12:23
I've been doing in the first quarter of the company. I remember when the CTO came and joined me, after like three and a half months, I was telling him, look, Tom, you need to do A, B, C, D, E, F, and G, and you have like two months. And he was looking at all the mock-ups and all the entity relationship diagram, and he says, all right, no problem. You know, just to believe and think that everything is possible and find someone that is opportunistic enough and is always looking on their half full side of the glass, that's critical because you

Meiran
0:13:07
want optimistic people next to you and not people that are going to work. You want to stay away from these people. You know, you need to have this belief that it is going to work. And I just think it's critical for like many, many industries, many people and many, many things they're doing, but especially for those that start in a startup. That's great advice. I totally echo that. In fact, I would even go one step further and say no matter how genius someone is in the team, if they're highly negative, the impact is so much that you should just get rid of

Meiran
0:13:50
them. And I've certainly worked in environments before where a certain technical person was deemed to be irreplaceable and no matter what temper tantrums they had or how they behaved that they were it was okay to be there but I think it's not okay actually if and especially if you're in a startup type situation like you were you need full positivity because there's enough constraints on you as it is without without negative minds. So go on. I'm just thinking you know, really small talk, but on the other end, it was so negative. People couldn't stand, could not stay in the room next to him. They, they

Meiran
0:14:38
kind of didn't want to come to job because it was so stressful in the room. And when people will share what's, what we plan to do, it was all always like saying why it's not gonna work and why it's so complicated and it's gonna take so much time it's impossible and you know this is kind of the point where I understood it's not always about finding the smartest person that you can find you need to find the smartest and the nicest person because if it's genius but people just stay with this person in the room it's just making things so much more complicated.

Meiran
0:15:17
And the spiking the eyes and people to have like firing the eyes and build the startup vibes, it's so critical for the success, at least in my view, because you want people that give it all, that really care, that really challenge you, challenge the status quo,

Meiran
0:15:34
that don't afraid to ask questions if it's not the vibe so this might be a problem you know and he wants to treat this problem as soon as possible so it's not always about being the smartest but in some cases it's also being the nicest you know. That's good to hear, I made a career out of being a nice guy who wasn't that smart so you know that's good news for me. We talked about your, it's a combined automation, but with a human touch. Like that's what you're building. How do you balance these two elements when you're looking to provide an efficient and

Ganesh
0:16:13
scalable solution?

Meiran
0:16:15
Look, there are a couple of stuff that we've been doing since then. It's been four years. If in the first day there was like 100% consulting, 0% automation, today it's more about 70 to 80% automation and 20 to 30% consulting. So what we really want to do is to allow our customer to automate almost to get nearly close to 100% and to use our consultants, which by the way, they are real people and not AI.

Meiran
0:16:51
I'll speak about AI and how we incorporate this in the product soon. But use these people more on the strategic perspective to really help our customer walk on the big stones, on the big problems, to advise them. Okay, you want to implement AI into your development, into your operations. That's the policy that you should be working on. You know, that's the way, the procedure that you need to build.

Meiran
0:17:16
You want to add new vendors, you want to hire new people, contract those globally. What's the proper way that you need to do that and how you can build it in a scalable way? Because maybe today you are like five or 10 people and maybe next year you're gonna be 100

Meiran
0:17:33
and maybe in like three years you're gonna be 1,000. All over the world. So you need to build to think on scalability all the freaking time. Um, and understand that it's not going to be perfect. Uh, it's never is, and it's always like continuous improvement. And for us, how I combine both consulting and technology is understand

Meiran
0:17:57
that people want to use technology where it counts in humans, where it matters. So I'll be a focus on the big stones. This is one thing. The second thing is the consulting team. I came from a wide, it's a consulting firm. So, you know, build a proper knowledge base

Meiran
0:18:14
and share thriving folders and trainings and guidance for the team. And also on the technology aspect, what we do is we digitize compliance. That means that let's take, for example, web application penetration testing.

Meiran
0:18:31
We started this one as a service, just in order to help our customer reduce costs. And after a while, like literally this quarter, we built a phenomenal feature that help our customer to manage end-to-end penetration testing throughout the platform.

Meiran
0:18:49
So we've been doing that in order to increase the value for customers because today they get in this test back on a PDF file and think on the eyes of a VPRND, if you get some file, then you need to start to copy paste to open tickets in your ticketing system, IBGIRA or Monday or whatsoever. And it's kind of so manual. And then many important stuff just fall between the chairs. And what we do is we continuously working on increasing value for customers. So first we digitize, second we automate, and third we add in AI in order to give proper insights

Meiran
0:19:30
and projections for our customers. And that's our strategy. Makes perfect sense. You said there was a little caption in there that I loved and it was Technology where you need it, but people where it counts. I thought if you could repeat it, I think it was really great Technology where it counts and humans where it matters The technology where it counts and humans where it matters. That was a very beautifully succinctly put so I very much like that and

Meiran
0:19:55
you know we I've worked in this industry in this software space for a little while so I obviously see the benefits of it and and in my previous life I have to go through ISO audits and painful really painful really painful so I definitely see I know the value of these things. These smaller companies, they have to go through this. Why has it become such a significant challenge and why is it being that they

Ganesh
0:20:37
can't win these customers across? I think I know but I'd like to hear more from you.

Meiran
0:20:40
I think it's kind of a security to diligence mechanism where companies companies just want to have in order to reduce their risk, their reflected risks for working with these startups. Let's take just an example. I have an example because it's so simple and so straightforward. So let's say that you are Chase Bank or Bank of America and you do want to bring innovation to the bank. There are so many cyber security companies in Tel Aviv and great startups in Europe. And let's say that they want to utilize one of the solutions.

Meiran
0:21:18
It's a really cool and promising startup. 20 people. They really need the solution. They want to have it. But, you know, this startup is going to get some information, some data, might ask for some access for the bank systems. And, you know, now we're just increasing the risk because there is some new attack vector where Ackers can use in

Meiran
0:21:43
order to arm the disorganization. So in order to reduce the risk to the acceptable level, they will ask the startup and their vendors to have ISO 27001, the startups needs to build proper policies, procedures, standards, guidelines. They need to raise the awareness among the company employees that they're going to go for an external audit by a professional auditor. They will need to

Meiran
0:22:22
work on their information security management system and prove about 90 or 100 controls. So, you know, it's taking the company to more of a mature level and prepare them when they want to work with these enterprises. For me, compliance doesn't mean that you're doing so much about bringing so many innovative tools for your cyber security protection. But it means that at least you're not keeping the door open and you're even locking the door, you know, so now your fortress is more protected.

Meiran
0:23:01
You can always take the extra mile when it comes to security. But security, like security, you need to look at security more like security in depth. It's like having an onion and you have so many layers on the onion. So security is very similar. You just want to add more layers for your security stuff. And in the early days for these startups, it's worth talking because they are on survival mode. They need to build a beautiful, effective product. They need to maybe raise money.

Meiran
0:23:41
You know, they need to do so many other stuff, build department, marketing, sales, support, product, R&D, HR, what not. And for them, security compliance like ISO 27 was FASA 1, SOC 2, GDPR, it's not that it's only requested from their customer.

Meiran
0:24:00
It's actually part of their go-to-market strategy. They know that in order to sign deals, they need to get compliant and stay compliant. And I've seen this also with startups that want to get their product into marketplaces like AWS marketplace or Zoom marketplace, startups that are raising their A round and building their go-to-market into the U.S., then this is requiring them to build also

Meiran
0:24:30
a compromised go-to-market strategy because if they're gonna sell into the U.S. or Canada or the U.K., they need to be in compliance with the relevant regulations and requirements from the market actors. So, you know, this is where it catch,

Meiran
0:24:46
like startups, why they need to get compliance. So it's way more than of a go to market tool for them than really increasing their security. It's just the added value, you know, if it makes sense. Makes perfect sense. And, you know, Lord only knows that when, when you're in full blown startup mode and you talked about, you know, making, making mock-ups when you already had a customer, which is just crazy,

Meiran
0:25:14
you know, just to be running at such speed like that. Security and certifications and blah, blah, they're the last thing, you know, that's definitely when you're running at a thousand miles an hour, that's the last thing. And, you know, until there was pieces of software

Meiran
0:25:31
like this that were helping people, you had to actually hire a person to come in and do that. Very laborious, very expensive. So yeah, it makes perfect sense. You touched a little bit on AI. I wanted to definitely give you a small forum to talk about that. So what does that look like in your tool? You know, first, you cannot have any session or podcast without speaking a little bit at least about AI. You know, the AI and DI are the letters that needs to be everywhere.

Meiran
0:26:03
It's in every conference, every webinar. And, you know, it's make like perfect sense. It's really the future. I guess it's you had the opportunity to use OpenAI, GPT, ChedGPT, Cloud, these different variety of AI tools. And it's clearly what's the upsides and the downsides, mainly the upsides of using AI. No one really

Meiran
0:26:28
think about what's the downsides, at least not at the moment. And, you know, I've been reading research that companies invest in somewhere between 97 to 99% from their R&D budget on development of AI tools, products, but not on safety mechanism for AI. They invest like somewhere between zero to 3% on safety and 97 to 99% on building profitable products. And if you just try to imagine the future

Meiran
0:27:04
when you think that AI products become more and more intelligent over time, you can just look at Chad GPT-4, it's more intelligent than Chad GPT-3.5, right? And that's a trend that is just going to keep going. So when we're going to get into a position where AI is so sophisticated, and maybe at the singularity level, where it can just take autonomous decisions and it can push humanity in a

Meiran
0:27:34
It's more, might be more of a deeper discussion, you know, I just find it really interesting. But I do think, and we already see that, governments, institutions, entities, promoting more of the AI regulation, which I find critical for safety, for protection, for defense, and just to make sure that we control AI and AI does not control us. For me, it's like, if you've been using Google Maps or Waze, I remember when I was in America as a child,

Meiran
0:28:10
we were taking the, I think the 90 or 95 route from in the East Coast, from New York all the way to Key West and I was navigating with a map. That's what I had, I had a map. Today, if you ask me that I need to go somewhere, I just write it down on Waze, click on the link and the car takes me there. As

Meiran
0:28:30
of today I'm driving, maybe in five years I don't even need to drive. And it's just the way it is. And for me, AI is like Waze for your brain. You start putting emails in chat GPT, writing, I don't know, not only on the professional aspect, also on the personal aspect. And the only way, effective way that I can find and also research can find at least at the moment is to enforcing these mega giant technology companies to invest more budgets

Meiran
0:29:08
into safety mechanism and to governments to build regulations. And at Citel, we are building technology and we're building supporting frameworks, AI frameworks that exist to help companies to get compliant when implementing AI into their company and into their products. And, you know, it's super interesting to see. We're continuously learning more and more about the process. Everyone is eager and hungry to consume knowledge about AI because it's a very massive trend. It's an amazing technology.

Meiran
0:29:45
For me, it's like the cloud revolution, the next cloud revolution. If we had the cloud in the last decade, where you see startups, software companies everywhere. So today, this decade is going to be all about AI. AI is going to be like the cloud service provider of this decade. You're just going to see that every company is going to implement AI products and AI logic in their platforms.

Meiran
0:30:13
So we're going to see startups based on AWS and then using AI technology from different companies. And Cytel is helping all of these AI startups and big enterprise to get compliant and stay compliant with ISO 42001. It's a new AI management system with AIEU Act, with AI NIST Act and more regulations that's coming and also incorporating AI modules and features in our product again to increase value for our customers. We do find and believe that there are many ways that

Meiran
0:30:54
our customers can benefit from AI. This is what we're doing on this path to really save time and increase the quality for our customers. Very interesting. I'm not surprised at all that the enormous amount of money is being spent on AI, but very little on the security and protection. That's very typical of human nature. You know, the airbag, people had to die in horrendous ways before the airbag came into the car. The web application firewall came after the internet had exploded, you know, and it is necessity is the mother of invention

Meiran
0:31:41
and I think until it gets to the point where it's necessary we probably won't get around to those things or they'll they'll stay in their infancy but it's uh it's definitely something that has to happen you can even already see people using it as an attack vector so it's a it's going to be very it's definitely going to be an interesting couple of years that is for sure it won't be boring watching it unfold. I'd like to ask you one more question before we let you go and it's dubbed the DeLorean question by the CISO of Expel but if you could go back in time and give yourself one piece of advice professional advice

Meiran
0:32:19
what would it be and you can't say buy bitcoin because that's not allowed. Maybe buy Apple shares?

4
0:32:27
No.

Meiran
0:32:28
I'd say, you know, embrace positive pressure and maybe focus on finding a proper VP of HR because eventually people is everything and you want to find these talents that really believe in what you believe and going to be out there because the best computers, the best software, you know, it doesn't really

Meiran
0:33:00
help if you don't have people to manage the process. So focus on the people, try to be very supportive and try to do the maximum to really focus on finding these talents, you know, put the time, like go drink coffee with people, like navigate away into really perfect the people. And when hiring a VP of HR, maybe in the early days, you don't necessarily want to focus on the VP, but you do want to focus on the HR, someone that can lead the human resource in your organization, the recruitment process, that's critical.

Ganesh
0:33:38
That's a really nice way to end the episode, especially talking like the future of everything is AI, but then people are everything. And I think that's a really nice message to come out on. Marianne, it's been a real pleasure having you on. Thank you so much for your insights.

Meiran
0:33:57
And yeah, really great having you. Thank you again, Ash. Thank you very much.

Ganesh
0:34:01
This episode was produced and edited by Daniel Ohana and Tom O'Morvinson, sound editing and mix by Bren Russell. I'm Ganesh The Awesome. And if you're ready to deep dive and start transforming the way you approach cloud practices and cybersecurity strategies,

Ganesh
0:34:15
then the team and myself at GlobalDots are at your disposal. We are cloud innovation hunters and we search the globe looking for the future tech solutions so we can bring them to you. We've been doing it for over 20 years.

Ganesh
0:34:29
It's what we do. And if I don't say so myself, we do pretty well. So have a word with the experts, don't be shy, So have a word with the experts, don't be shy, and remember that conversations are always for free.

Related Content

  • Rethinking IT Security to Build Resilience for the Modern Threat Landscape
    Cloud Security
    Rethinking IT Security to Build Resilience for the Modern Threat Landscape

    The recent two decades have changed how applications are built, delivered, and used. We used to have isolated networks with predictable entry points, but today, that has been replaced with a dynamic, interconnected web of APIs. The consequence of this is the dissolution of the traditional security perimeter. Today, protecting a single network boundary doesn’t […]

  • Cybersecurity Without the Buzzwords: Nir Rothenberg, CISO @Rapyd
    Cloud Security
    Cybersecurity Without the Buzzwords: Nir Rothenberg, CISO @Rapyd

    Forget buzzwords. Nir Rothenberg, CISO at Rapyd, brings brutal honesty about what cybersecurity work really looks like. From lessons at NSO to scaling security in a global fintech, Nir shares why doing the basics right—patching, prioritizing, and partnering well—is what truly matters. We also cover AI, burnout, and building strong teams in a multi-cloud world.

  • CloudHub 2025: Tech Leaders on Vetting, Scaling & Staying Ahead
    Cloud Security
    CloudHub 2025: Tech Leaders on Vetting, Scaling & Staying Ahead

    Recorded live at CloudHub 2025, this episode brings real-world insights from security and DevOps leaders on the challenges of cloud security, solution vetting, and balancing innovation with risk. Featuring Alex Nayshtut (Cellebrite), Einat Shimoni (Lusha), Sagi Levanon (Wotch Health), Anna Lerner (SolarEdge), and Alon Krispin (Allot). Join us for a candid discussion on how today’s tech leaders navigate the ever-evolving cloud landscape.

  • Closing the Gaps in API Security: How to Build Visibility and Protection for Modern Enterprises
    Cloud Security
    Closing the Gaps in API Security: How to Build Visibility and Protection for Modern Enterprises

    APIs may be your organization’s greatest enabler, but without proper context, they can become its Achilles’ heel. APIs power modern digital ecosystems, connecting applications, enabling seamless machine-to-machine communication, and driving operational efficiencies. However, as APIs become the backbone of enterprises, they also represent an expanding attack surface — one that traditional Web Application and API […]

  • What are the biggest business worries in 2025?
    Cloud Cost Optimization
    What are the biggest business worries in 2025?

    No matter their industry or profession, practically every business in the UK and around the world has concerns for the year ahead. Whether it’s employee retention, rising costs, or simply finding new customers, each and every business owner has to make crucial decisions around these fears in order to successfully lead their company forward. However, […]

  • From 2024 to 2025: The Evolving DDoS Threat Landscape
    Cloud Security
    From 2024 to 2025: The Evolving DDoS Threat Landscape

    The numbers from the DDoS landscape tell a troubling story. In Q3 2024, DDoS attacks reached unprecedented levels, reaching a record-breaking Tbps and billion packet-per-second attack. These hyper-volumetric campaigns tested the resilience of global networks against attackers who are becoming faster, smarter, and more resourceful. They also became a wake-up call for IT leaders who […]

  • Universal ZTNA: How Does it Compare to Traditional ZTNA?
    Cloud Security
    Universal ZTNA: How Does it Compare to Traditional ZTNA?

    How will you protect your network as cloud-first strategies and hybrid workforces redefine the modern business landscape? While Traditional Zero-Trust Network Access (ZTNA) solutions laid the foundation for secure access, Universal ZTNA is rewriting the rules. Imagine a solution that unifies your security policies across all environments, simplifies management, and scales easily. That’s Universal ZTNA. […]

  • How eBPF Enhances Threat Detection and Cloud Observability
    Cloud Security
    How eBPF Enhances Threat Detection and Cloud Observability

    Cloud-native environments are growing more complex and distributed. This growth makes security and performance observability even more critical to modern DevSecOps strategies. Enter eBPF (Extended Berkeley Packet Filter), a revolutionary technology that can run sandboxed programs in a privileged context such as the operating system kernel, which enables enhanced: Its ability to extend kernel capabilities […]

  • Rotating Pen Test Vendors Isn’t the Best Approach: Here’s Why
    Cloud Security
    Rotating Pen Test Vendors Isn’t the Best Approach: Here’s Why

    How do organizations ensure their penetrating testing remains insightful and free from complacency? For many years, the answer was vendor rotation — the practice of changing pen test vendors every few years. But does this approach still make sense today? While it once served a crucial purpose, the administrative burden it creates can be significant. […]

  • Security Enables!: Rory Alsop, Head of Tesco Bank Information Security and Cyber Risk
    Cloud Security
    Security Enables!: Rory Alsop, Head of Tesco Bank Information Security and Cyber Risk

    Can security be more than a gatekeeper? Rory Alsop, Head of Information Security & Cyber Risk at Tesco Bank, reveals how integrating security into Agile workflows transforms it into a business enabler. He explores cloud migration challenges, managing supply chain risks, aligning with evolving global regulations, and using metrics to prioritize critical vulnerabilities. Rory also shares insights on fostering collaboration, improving operational resilience, and the role of the community in advancing cybersecurity practices.

  • Is Your Architecture Ready for Kafka? Yaniv Ben Hemo, CEO @Superstream
    Cloud Infrastructure Design
    Is Your Architecture Ready for Kafka? Yaniv Ben Hemo, CEO @Superstream

    When does your architecture outgrow REST APIs? Yaniv Ben Hemo, Co-Founder & CEO at Superstream, joins us to unpack what Kafka actually is, when you need it, and why it’s often misunderstood. From real-time user experience to scaling microservices and optimizing for cost—not just performance—this episode is a practical guide to understanding Kafka’s role in modern data strategy and how Superstream is helping companies get more from it.

  • Weak Defences: The Most Hackable Sports Passwords
    Web Security
    Weak Defences: The Most Hackable Sports Passwords

    We get it. Thinking of another password that you haven’t used before can be frustrating – especially when we have to change or update our passwords so regularly. But while it might be tempting to use your favourite sports teams and clubs as passwords, it’s a risky move for your cyber security.  Using unique passwords […]

  • Solving Network Security Issues for Rapidly Growing Global Businesses
    Web Security
    Solving Network Security Issues for Rapidly Growing Global Businesses

    Introduction Ryohin Keikaku is a global manufacturing and retail company that handles everything from product planning to sales for products known as “Mujirushi-Ryohin” in Japan and “MUJI” overseas. To keep pace with its rapid expansion—adding 100 new stores annually in Japan—and its growing global presence, now spanning 225 locations across 20 countries, including 50 stores […]

  • Optimizing Cloud Costs: Ido Kotler, Co-Founder & CPO @ Pelanor
    Cloud Cost Optimization
    Optimizing Cloud Costs: Ido Kotler, Co-Founder & CPO @ Pelanor

    Cloud cost allocation is broken—but why? Ido Kotler, Co-Founder & CPO of Pelanor, reveals why traditional FinOps tools fail and how a smarter, data-driven approach can fix them. We dive into the power of eBPF for cost visibility, the challenge of multi-tenant environments, and how effective altruism shapes Ido’s leadership. If you're scaling in the cloud, this episode is packed with insights on cost efficiency, accountability, and decision-making.

  • 4 Common Kafka Installation Errors – And Proven Steps to Avoid Them
    Cloud Cost Optimization
    4 Common Kafka Installation Errors – And Proven Steps to Avoid Them

    Apache Kafka is the platform of choice for real-time data processing, but getting it up and running can feel like an uphill battle.  With high throughput and fault tolerance, companies like Spotify rely on this distributed streamlining platform to deliver seamless services for over 600 million global users – supporting everything from log aggregation and […]

Amplify Your Cloud Security

Technology, security threats, and competition all change rapidly and constantly. Your security stack must, therefore, be ahead of every emerging threat and, just as importantly, enable full-speed business processes by reducing friction in critical workflows.

Achieve this with GlobalDots’ curated solutions:

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services