Cyber Security District cover art

Cyber Security District

Cyber Security District

Written by: Cyber Security District
Listen for free

The interview podcast for cyber security professionals and for those who aspire to become one. We interview industry experts to get to know the latest trends, real life war stories and everything you need to know about this exciting industry.Copyright 2024. All rights reserved. Careers Economics Personal Success Politics & Government
Episodes
  • You Can’t Patch Your Way Out of This | Mahdi Abdulrazak & Kim van Lavieren, Dawnguard | Cyber Security District
    Jul 17 2026

    What if your infrastructure was built secure from minute one and stayed that way?

    In this special one year anniversary episode of Cyber Security District, host Jeroen Prinse sits back down with Mahdi Abdulrazak (CEO) and Kim van Lavieren (CTO) of Dawnguard, a security automation platform that turns approved security architecture directly into deployable cloud infrastructure as code.

    One year in, having just closed a pre-seed round and raised €6.3 million in total funding and opening a new office in New York, Dawnguard is making a bold bet: that the only real answer to modern cyber threats isn't better detection or faster patching, it's building systems that are resilient by design from the very start.

    Mahdi and Kim have both led security teams inside large organisations and lived through the same recurring nightmare: architecture locked in too early, security reviews arriving too late and a list of 50 findings that nobody has time to fix before the product ships. Dawnguard was built to break that cycle, with a collaborative canvas that lets teams design, validate and deploy secure infrastructure in minutes, with continuous drift detection to make sure it stays that way.

    One year on, we look back at how far that idea has come and what's next as the company expands.

    Key Takeaways:

    • You cannot patch your way out of agentic AI attacks, the only answer is building more resilient systems from the start
    • The hardest translation in security is from policy to architecture, ambiguity and contradictions there cascade into every layer below
    • Context is the missing ingredient in most security tooling: secure or insecure is a binary lens that doesn’t reflect reality
    • Drift detection only works when you know what was approved in the first place, that’s the advantage of integrating into the design lifecycle
    • Security decisions still belong to the business and engineers, Dawnguard removes the friction, not the ownership
    • The shift from protection to resilience is already happening: it’s not if you get breached, it’s how contained the blast radius is
    • European founders can compete, but capital conviction from investors matters as much as capital volume

    Timestamps:

    00:00 – Introduction

    00:15 – Meet Dawnguard

    00:48 – One year in: what proved Dawnguard was solving a real problem

    01:30 – How customers are using the platform today: discover, design, deploy, monitor

    03:20 – The shift-left moment: when architecture gets locked in and it’s already too late

    05:15 – why organisations overestimate their resiliency requirements

    06:15 – What Snyk, OPA and Sentinel leave unresolved

    08:30 – Guardrails vs. findings: preventing vulnerabilities instead of just reporting them

    09:30 – Policy to architecture to code to production: where is the hardest translation?

    11:00 – The Mythos era: agentic AI and why patching is a losing strategy

    12:50 – The shift from protection to resilience

    15:00 – Blast radius reduction and the holistic trade-off view Dawnguard provides

    16:45 – Drift detection: how Dawnguard tells a legitimate change from a malicious one

    18:20 – Prompting redesigns for cost, sustainability, and resilience

    20:00 – Bringing guardrails into the developer IDE in real time

    22:25 – Who owns the security decision?

    25:45 – European digital sovereignty: what it concretely means for Dawnguard

    27:55 – Raising €6.3 million from European funds in year one

    29:10 – What excites Mahdi and Kim most about the road ahead

    30:40 – Final message: what CISOs should be doing differently a year from now

    Connect with the guests:

    Mahdi Abdulrazak: https://www.linkedin.com/in/mahdiabdulrazak/

    Kim van Lavieren: https://www.linkedin.com/in/kim-v-0645931b4/

    Website: https://www.dawnguard.io/

    Follow Cyber Security District:

    Jeroen Prinse on LinkedIn: https://www.linkedin.com/in/jprinse/

    Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/

    Website: https://www.cybersecuritydistrict.com/

    All channels & newsletter: https://beacons.ai/cybersecuritydistrict

    Show More Show Less
    31 mins
  • From Ethical Hacker to Serial Founder | Francisco Nina Rente | Cyber Security District Podcast
    Jun 16 2026

    What does it take to build a cybersecurity company not once, but twice from the ground up?

    In this episode of Cyber Security District, we sit down with Francisco Nina Rente, one of Portugal's most accomplished cybersecurity entrepreneurs. Francisco started his journey as a teenager tinkering with computers and quickly found his way into ethical hacking and open-source security communities. That curiosity became a career, which then led to a company.

    His first venture grew from a university incubator into a 250-person operation delivering services across 22 countries, before being acquired by a global security group. After years scaling that business from the inside and taking on roles as country manager, CTO and board member, Francisco stepped away to build again.

    This time, the mission is clearer: help organisations stop just detecting threats and start truly recovering from them. Art Resilia was born out of a conviction that the market was shifting from cybersecurity to cyber resilience, and Francisco positioned the company right at the centre of that shift.

    Key Takeaways:

    • Cyber resilience is about recovery, not just defence
    • Focus beats opportunity-chasing, especially in the early days of a startup
    • The Commonwealth of a team always comes before individual interest
    • Trust-based security communication outlasts fear-based selling every time
    • Knowledge remains the core differentiator, even in the age of AI

    Timestamps:

    00:00 – Introduction 01:20 – From a family computer to a hacker mindset 04:00 – First paid gig: penetration testing for hardware 05:30 – Building Portugal's first incident response team at university 09:00 – Selling trust, not fear: early media and awareness work 11:00 – Scaling to 22 countries and finding the right investors 15:30 – The acquisition: joining a global security group 20:00 – Growing into CTO and leaving on his own terms 22:00 – The idea behind Art Resilia and reading the market shift 24:30 – The name: "The Art of Resilience" 25:00 – Where Art Resilia stands today: 50 people, 4 countries 27:00 – Why the Netherlands and Benelux? 28:00 – Lessons from 20 years of building: focus, people, pragmatism 33:00 – Culture, remote work, and hiring for values first 40:00 – What's next for Art Resilia in 3–5 years 43:00 – AI in cybersecurity: tool or transformation? 45:30 – Advice for young professionals entering the field 52:00 – Final message to CISOs: protect both business confidentiality and individual privacy

    Connect with the guest: Francisco Nina Rente: https://www.linkedin.com/in/frente/ Website: https://www.artresilia.com

    Follow Cyber Security District:

    Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/

    Website: https://www.cybersecuritydistrict.com/

    All channels & newsletter: https://beacons.ai/cybersecuritydistrict

    Show More Show Less
    55 mins
  • Automating the Boring Parts of Cybersecurity Consulting | Leslie Clement & Erie Berhitu, Clember AI | Cyber Security District
    May 26 2026

    What if you could clone your best cybersecurity consultant and put them to work on five engagements at once?

    In this episode of Cyber Security District, we sit down with Leslie Clement and Erie Berhitu, co-founders of Clember AI, an EU-first, AI-native platform built to automate the repetitive, time-consuming work that holds cybersecurity consultants back. Both Leslie and Erie spent years grinding through the same manual loops at major consultancy firms document analysis, gap assessments, risk reports, roadmaps before deciding enough was enough.

    Rather than build another consulting firm or hire more headcount, they built a platform. Clember AI now enables security consultants to run five or more client engagements simultaneously, with consistent, high-quality output every time. And they did it entirely bootstrapped, no VC, no investor pressure, just product-market fit and a clear-eyed vision of where cybersecurity consulting is heading.

    In this episode, we explore:

    • How a company getting hacked on day one of the job launched Leslie’s career in cybersecurity
    • The year-long frustration that led Erie and Leslie to build Clember AI instead of another consulting firm
    • Why they chose to stay bootstrapped despite investor interest and why they don’t regret it
    • How Clember AI automates the full consulting lifecycle: document ingestion, gap analysis, risk translation, and reporting
    • Why consistency across junior and senior consultants is a bigger deal than most firms admit
    • The shift from hourly billing to monthly retainers and how Clember keeps consulting firms “interesting” to clients year three and beyond
    • Their vision: becoming the Datasnipper of cybersecurity consulting
    • Why embracing AI is non-negotiable for CISOs and why helping early-stage startups matters for the whole industry

    Timestamps:

    00:00 – Introduction

    00:15 – Meet Leslie Clement and Erie Berhitu

    01:40 – How Erie got into cybersecurity (and why it wasn’t exactly planned)

    02:45 – Leslie’s rough first day: getting hacked with no tech team

    04:00 – The shared frustration that sparked Clember AI

    06:10 – Why they chose to build a tech firm instead of a consulting firm

    08:30 – The first product concept: automating the questionnaire

    11:20 – Who Clember AI is actually for: cybersecurity consultancy firms

    14:00 – Billable hours vs. scale: how Clember changes the math

    17:30 – The shift from hourly billing to monthly retainers and staying interesting in year three

    22:00 – Will AI kill traditional consultancy? Leslie and Erie’s take

    25:10 – How Clember works: document ingestion, gap analysis, risk translation, roadmaps

    29:00 – Consistency across consultant seniority levels

    31:30 – Hiring technical talent as non-technical founders

    34:00 – Staying bootstrapped despite VC interest and why pivoting was easier without investor pressure

    38:30 – What made Clember appealing at an early stage

    41:00 – The hiccups: work-life balance, family, and knowing when to step away

    44:30 – Gut feeling vs. rational decision-making as founders

    48:00 – The vision: Clember as the Datasnipper for cybersecurity consulting

    51:30 – What’s next: new markets, sales hires, and scaling customer success

    54:00 – Data privacy and security by design inside Clember

    57:00 – Final message to CISOs: embrace innovation, and back the startups

    Connect with the guests:

    Leslie Clement: https://www.linkedin.com/in/leslie-clement/

    Erie Berhitu: https://www.linkedin.com/in/eberhitu/

    Website: https://www.clember.ai/

    Follow Cyber Security District:

    Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/

    Website: https://www.cybersecuritydistrict.com/

    All channels & newsletter: https://beacons.ai/cybersecuritydistrict

    Show More Show Less
    48 mins
adbl_web_anon_alc_button_suppression_t1
No reviews yet