Skip to content

The Importance of Data Care with Ron and Cyndi Gula

Co-Founders of Gula Tech Adventures and the Gula Tech Foundation
The cybersecurity industry depends on innovation and innovators but faces a talent shortage. In this episode of the Forgecast, Forgepoint Co-founder Alberto Yépez speaks with Ron and Cyndi Gula, Co-founders of Gula Tech Adventures and the Gula Tech Foundation. Ron and Cyndi are a power couple with a mission to get more people involved in cybersecurity. They discuss innovation, education and outreach, developing cybersecurity leaders, and the importance of philanthropy.

Episode 2

October 2, 2023

Ron and Cyndi Gula have been at the forefront (and behind the scenes) of cybersecurity for over 20 years, investing in dozens of cyber startups and non-profits after founding and scaling their multibillion-dollar network security company, Tenable. Gula Tech Adventures, the venture capital firm they co-founded in 2017, supports cyber startups, nonprofits, thinktanks, and other investment firms. Today, Ron and Cyndi are focused on key priorities in the industry: cyber innovation, community outreach, and providing meaningful opportunities for new generations of cybersecurity leaders.

“We don’t have enough people in this industry. We’ve got to have better tools… we’re encouraging more people to innovate.”

Cyndi Gula Co-Founder and Managing Director, Gula Tech Ventures

About Ron and Cyndi Gula

Ron and Cyndi Gula are co-founders of Gula Tech Adventures (GTA), a venture capital firm that focuses on cyber technology, cyber policy, and recruiting new talent to the cyber workforce. Since 2017, GTA has invested in dozens of cyber startups and funds and has supported numerous cyber nonprofits and projects.

From 2002 to 2016, Ron and Cyndi founded Tenable Network Security. Together, they grew the company to 20,000 customers, raised $300 million in venture capital funding, and grew revenues to $100 million- leading to an IPO in 2018. Prior to Tenable, Ron was a cyber industry pioneer who developed Dragon, one of the first commercial network intrusion detection systems, and participated in some of the United States’ first cyber defenses while serving with the U.S. Air Force, the U.S. Department of Defense, and the National Securiy Agency. Cyndi was President of Network Security Wizards which she helped grow to a successful exit 18 months after its founding.

Ron and Cyndi are now actively engaged in the community through the Gula Tech Foundation’s competitive grant process for cybersecurity nonprofits.

Episode Highlights

Transcript

0:24 Introduction

Alberto Yépez [AY]

Hello and welcome. My name is Alberto Yépez, and I’m going to be your host this afternoon. I’m honored to have both Cyndi and Ron Gula as our main feature for the Forgecast. So where do I begin? This is a power couple in cybersecurity. They’ve done it all. They have started companies and successfully scaled them and found exits. They are currently investing in startups and funds. They are also helping our community by being philanthropists and helping a lot of nonprofits to increase awareness and diversity – an intentional purpose of our cyber industry – and now trying to drive a lot of policy. Therefore it is a pleasure to have you both. Thank you for taking the time to share with our community.

Ron Gula [RG]

Glad to be here. How’s it going?

AY

It’s going great. It’s only going to get better because Cyndi and you are going to be adding some insights that a lot of people may not know about. Why don’t we get started. A lot of people wonder, how you’re a couple and have been able to work together pretty much all your lives. How did it all begin? How did you get to know each other and decide to be partners in life? Maybe we’ll get Cyndi’s perspective.

1:47 The Meet Cute

Cyndi Gula [CG]

Well, believe it or not, it was a blind date. Ron and I met on a blind date in Syracuse, New York. My background, I’m a glass engineer by schooling, and I worked at Syracuse China, and my now sister-in-law and I were friends and she set us up on a blind date because we were both engineers and we both like Star Trek. Thank goodness for Trek.

AY

Absolutely. Live long and prosper. Ron, what was your view?

RG

Well, I wanted to impress her. So, I had to tell her where I worked, which was the National Security Agency.

CG

I actually said, “Where do you work?”

He said, “Oh, I could tell you, but I’d have to kill you.” That’s the real story. From that standpoint, I got to know the NSA, that there was such an agency. When he finally said the National Security Agency, I said, “What is that?” I had no idea. In Syracuse, there wasn’t a lot of understanding outside of the commercial arena. It took a little while and then I got homework. He said, “Well, do you want to know why I read The Cuckoo’s Egg?” Since he couldn’t tell me, what he was doing, I got homework. It’s a good thing he’s funny.

3:52 The National Security Agency and The Beginnings of a Partnership

RG

It was funny because in that book, you know the whole “Cliff Stoll Cuckoo’s Egg”? I read that when I was in the Air Force, before I got to the National Security Agency. But the people from the National Security Agency in that book I sought out and I asked to go work there as my last tour in the Air Force. So I guess we could thank Star Trek and Cliff Stoll for our marriage.

AY

By being there, a lot of the creative juices and innovation got started and that’s what it led to you guys being entrepreneurs because you’ve got such a wonderful infrastructure. Some people never leave the NSA because it’s such an environment where you do a lot of good for our nation. But how did the whole entrepreneurship thing start?

RG

The NSA and a lot of the intelligence community, the DOD, they’re very entrepreneurial. They have these amazing programs that they birth and put into process and support our warfighters and defend the country. But it’s not like they teach you how to do venture capital or how to market your products and that sort of thing.

One thing the NSA taught me was that I understood technology and bureaucracy and how hackers worked and vulnerabilities work. I ended up in the private sector after serving in the Air Force. I was at this company called U.S. Internetworking, and I was using a product called ISS Realsecure. ISS in many ways was kind of like the Tenable and the first source fire and stuff like that.

But I had an idea and I came home one day and I said, “Cyndi, I got this idea to do a network intrusion detection system. Can you help run the company?”

I eventually ended up working for her.

CG

I said, well, you know what? After going through engineering school and passing all of that, I saw all the businesspeople and they seemed to be having a really good time at school and not necessarily hard classes. I figured it couldn’t be that hard. We got an accountant and got a lawyer and started our first company, and that was in 1997 and we had that acquired in 18 months.

RG

Without raising any venture capital and without knowing anything about bankers, venture capital, product, life cycles, anything like that. It was very much customer-focused, customer-led growth. It was a really fun time.

CG

We had six employees and we got bought by Enterasys Networks, which is a hardware company, and we were a software company. So we learned a lot with Square Peg Round Hole – that they didn’t understand the software – and we learned a lot about hardware and how to sell it. It really did help us understand the broader market and the difficulties that our customers had buying products.

AY

We always talk to entrepreneurialism saying you always should start a company or invest with the exit in mind. This is probably true in your case, because you bootstrapped your company, you were doing this for the right reasons. I guess the inbound probably was something you were not planning, that, is that correct?

RG

It was really interesting. So you know how coming out not having a reputation, just having the product to kind of standby when you went to a conference state, they would put our product next to like the Cisco product and the ISS product and other products that were out there. We would constantly get lines at the booth. We got a bit of a reputation for that. So shortly after that was the MSSPs. So for example, the guy who runs Tenable now, Amit Yoran, he ran and founded Riptech and Dragon, which is our network ISS product was the main sensor that they were using and that added a lot of legitimacy. We’d been kind of aware and working with the MSSP market since the late nineties, which is just crazy interesting.

AY

How long do you spend in the acquired company? In what roles do you play?

RG

I think my official title was the Vice President of Intrusion Detection Engineering, which I thought was neat and nobody else knew what that was. But I end up serving two years on a three-year earnout and left to start Tenable.

8:11 Starting the $3 Billion Company: Tenable

CG

I always give myself the title of Special Projects or Director of Special Projects when I want to exit a company. I think I was Director of Special Projects and I do believe our first son was born and actually our second son was born at that time. That’s why I left Enterasys. But then when he left to start another company and we started talking about that and what it was and ultimately became Tenable, I got it again. We started it together.

RG

One thing I’ll just add before we talk about Tenable is, when you have that exit in mind, I like to tell entrepreneurs, it’s more than the money. It’s a lot more than the money. We learned so much going into Enterasys, right? We learned about facilities. We moved to an amazing office. We learned about two tier channel distribution. We learned about international support teams like the Ireland team. We were working with an Irish support team in the early 2000s. That just put us way ahead as far like a learning curve of how to run companies and I think the list goes on and on. I think the number one thing I think about half of the company, Enterasys, they’re still involved with us today, either at Gula Tech Adventures or working with a portfolio company of ours. So, you know, lifelong friends. And that’s what I think every entrepreneur should be looking out for.

AY

It’s interesting because if I do the math correctly, you started Tenable around 2000, right?

RG

2002.

AY

Many people, given our current market conditions, have never seen markets cycles. Many entrepreneurs they think always gloom and doom. You started the company not only after the bubble burst in 2000, after September 11, we thought we were going to come back, and we went down again.

But what a great environment to start a company. We keep on telling entrepreneurs this is the best time to do that by maybe sharing a little bit about how Tenable came about and how do you rose above the noise and started to get the right traction.

RG

Yeah, so I think there’s two stories, one I’ll tell and it’s a pretty straightforward one is that it wasn’t the Ron and Cyndi show. We had a lot of great people and the main co-founder, the original first one was Jack Hopper. Jack was on the M&A team of Enterasys. As I spent my two years at Enterasys, I developed a relationship with Jack. He got married to a woman in Washington DC, and was moving down there. I think one day there either he said or I said, “Hey, wouldn’t it be great if we started a company together. What kind of company would we start?”

I said, “Well, the whole time we were sniffing packets with Dragon, we were basically seeing ways that the hackers broke in. Wouldn’t it be nice to help people more proactive, but I’m going to set Cyndi up here. When we started that company, Jack and I spent a good bit of time going out fundraising and we were not successful. Cyndi very, very early, basically ran the company with profitability in mind. Every penny had to count.

11:20 Network Security Wizards: Garnering the Right Customers

CG

Yes, we hired based on our sales and at the time, both of our companies benefited from universities. Our first company, Network Security Wizards, was the first company, our first customer was Harvard. Harvard University was extremely exploratory, and they were very good at taking small company startups and integrating them and utilizing them. One of the best things that came out of that was an amazing relationship. When we started Tenable, Johns Hopkins University was actually our first customer.

Again, it really allowed us to grow and create the product with a customer side by side saying it would be really nice if you did this. Oh, we could put that in there. It’d be really nice. You could do this. They started to become Q/A in certain ways, but also a really good partner, so we were producing what the customer wanted and not just in theory, what we thought that the customer wanted. It really does so much for a startup to have that relationship. And then they become really good advocates of yours. And then they tell two friends and then they tell two friends. In the beginning, it really was the reputation that we had built with Dragon, the intrusion detection system, and then on top of that, the collaboration that we have and listening to the customers and just allowing them to be part of our journey too.

AY

Key points you just said customer-driven innovation, because a lot of times entrepreneurs have a great idea and try to build something that they think the customer wants and in my own experience as well, for me – and also the way we work with many of our portfolio companies is working with key customers. They become design partners and they can tolerate the product not being complete and have bugs and eventually help you achieve the right fit. And then besides being an advocate, they become reference accounts. Interesting that in my first company, Brigham Young University was my first customer and I remember it was like a $65,000 check. That I still to this day have with the mark. We bootstrapped our company. We have a lot of parallels in our careers. I started my company with my wife as well. And then anyway, Brigham Young was our core customer and then super sophisticated and they really brought in a lot of credibility to do that. So that was one key thing, customer-driven innovation. Universities is a great partner to work together.

As you evolved, tell us a little bit about the inflection points and the eventual outcome that you guys had.

RG

So I’ve got a couple and I’m sure Cyndi has a has a couple too. We raised a lot of money. We did a $50 million raise from Accel Partners. We did another $300 million raise from Insight Capital and Accel as well. But the story I tell people is that the company was so profitable, all of that money was secondary. When I talk to founders, I say, look, if you run a really good company and you’re nailing your product growth and you’re nailing your customer’s needs, you’re probably going to be making money.

The question is, is that if you’re going to go public someday, you can’t go public owning 100% of the company, right. So you have got to do that. But we really enjoyed that because we were able to bring all the employees into a room, have a meeting, tell them that we raised $50 million in secondary, then explain to them what secondary stock was and then have hugs and tears. So that was a big inflection point for us.

CG

At the beginning of the company, when we had the four of us sitting down, it was Renaud Deraison, Jack Huffard, Ron and me and we were figuring out how to structure the company and I said with our first company we actually got dinged a lot being called the Mom and Pop shop because I owned the majority and Ron owned it and we’re married and it did create some barriers that I didn’t think that needed to exist. I said, I don’t have to be listed as a founder and but I will do all the business stuff and be right there. So that’s how we started Tenable at that point. It was a little funny because Renaud was still in Paris, I was employee number three – working through with getting him across the pond.

RG

There was another really big inflection point that is going to be dated now for Tenable is that we owned the Nessus® open-source vulnerability scanners so Renaud Deraison was the author of that, and I say owned on purpose because it became a responsibility, it became a competitive advantage. It also became a tool that we in the early 2000s as we were signing deals and indemnifying our customers, that if they got sued for using our open-source software, we were on the hook for paying, right? So we eventually closed-sourced Nessus®, which again is a dated concept versus now. I always tell people this story because I felt every company that we’ve dealt with, there’s some sort of religious barrier or third world third rail that they don’t want to touch something that they don’t want to do that if they did, it could go somewhere else. Like Tenable today, very committed to auditing and not fixing things. They don’t remediate, they don’t patch, they don’t do that. But they do really focus on discovery. And there’s a lot of purity in that. But I see a lot of companies try to do too much or not take that second step that could get them to the to the next level.

AY

I think another key learning there is open source projects that are a great way to drive community and get one option but eventually understand the potential liability you’re signing up for in the concept of owning is you have to have the author as a contributor in your team and you have to have the difference between what is the enterprise or commercial product versus that. But eventually, in your case it was interesting. Maybe a separate podcast vodcast topic, because how do you bring those liabilities? You know, enclose them in that sense. There are many, many cybersecurity companies that were created within open-source projects and have been very successful in adoption.

RG

Well, just for 2023, just replace the word open source with artificial intelligence and we’re right back where we were.

18:03 Gula Tech Adventures

AY

No kidding. Let’s move on. So now you exited. You decided to find a new chapter for the two of you. I would imagine that’s how Gula Tech Adventure started, right? Maybe share a little bit of your thinking because you could have gone and run the next company because now you’ve done two that there one should be easier, right?

RG

Cyndi’s been on a roll naming things. So why don’t you talk about that?

CG

Well, we had done some investing prior to formalizing anything, and we realized that we really do like that small company growth, helping people to avoid some of the mistakes that we made or that we could see. It really started to resonate with us and that we wanted to help the startup community in cyber. We looked at a lot of things, some like Mach37, incubators, that type of thing and realized that if we had an incubator here and we decided to invest in one or two of the companies in a cohort that that would not reflect well on the ones we didn’t invest in and so we chose investing versus incubating. So now we try to be friends with all the incubators and supportive, and we just need more and more. When we decided that we knew we were going to be in venture capital but were like, you know what’s going to be more than that, it just inherently is so and we said “Gula Tech” but needed another word.

Why call it Gula Tech Adventures? Because we knew it was going to be an adventure. We knew there were other things other than just the startup community that we wanted to be in the community itself, we wanted to be part of that ecosystem. Then what we could do outside of that to help the community and to help the policymakers get more involved in the industry.

AY

Gula Tech numbers in terms of the companies you invested in or just a just ballpark?

RG

I think we’ve made about forty-five investments over the past five years. That doesn’t count. We did some fund bonds like we’re happy to be LPs with Forgepoint. So it gives us more perspective, especially coming out of Tenable, not knowing everything that we knew before we sent on the adventure here. But we also had a lot of exits. We’ve had a lot of exits in ’21 and ’20, and they are listed on the on the web page. There’s a personal story for every one of those exits. Was it the founders, it was time for them to sell? Was it a good return? Are they on their way to IPO? Companies like Huntress are just killing it, defending almost 3 million endpoints in small business. So that’s one we’re doing in cooperation with Forgepoint, JMI and Sapphire now so it’s an adventure.

AY

You have taken it upon yourselves to educate the community by saying this is what you must have in a pitch. You’re providing, you know, VC 101 or how do you think about building your company, but you wanted to take it to the next scale. I think a little bit comes with what you tried to do now with the Gula Tech Foundation because you had a lot of objectives.

RG

Coming out of the NSA, I thought I was probably the smartest person in cyber. Then doing intrusion detection like tracking hackers I thought I still had that title. Then running Tenable, I thought, “Holy cow, right? Site license at the DOD for 20,000 organizations worldwide. Wow.” But we just keep learning. A couple of years into Gula Tech Adventures, we really wanted to start giving back to the community both in terms of time and content. We have a YouTube channel we’ve been putting out a lot of videos on cybersecurity on: I call it VC 101. Some of it’s as simple as pitch docs. I’ve got the thing I want your pitch deck to have five slides. What problem do you solve, how do you solve it? Right. Show me some, some proof that I should believe you, right? What’s your ask? What do you do with the money? And then, what’s your version of success? I’ll go through somebody’s pitch deck and not hear that. I’ve heard people use this in the Pentagon. I’ve heard people that’s there’s people, you know, how to pitch. There’s a lot of stories on that that are similar, but I call it the five-slide pitch dark. But at the same time, when we start talking about public policy, we start talking about philanthropy with the foundation we’ll talk aboutin a minute…

21:46 Educating and Giving Back

RG

We’ve got a really interesting view when it comes to how do you get more people in the workforce. What’s the role of the government in defending the country? How do you know you’re done with cyber if you’re a Cisco? We spent enough money. So, we’re trying to put out, you know, these short 5-to-10-minute videos where it’s a bit of a talking head, but they’re quick and they’re easy to watch.

There’s always a good take away from it and they’ve been popular there. Over on our Gula Tech YouTube channel, Gula Tech Adventures on YouTube. So, thanks for asking about that.

CG

As far as the foundation, a lot of the work that we’re doing commercially to protect banks and the banks are doing and large organizations and enterprises- we’re spinning our wheels if we don’t get the public and other people involved in their own cybersecurity activity. But it is a game.

RG

It’s a zero sum game.

CG

That’s not it. It’s what cybersecurity is, that’s it. Cybersecurity is a team sport, but what we were missing is the public. With the foundation, we wanted to get more people in to cyber cybersecurity. So how do we do that? And that’s really been the exploring path of the foundation because we look at investing in nonprofits the same way we invest in startups for profits and that grant funding. Sometimes it’s the initial grant that gets them going.

23:40 Data Care, Not Cybersecurity: Garnering People into the Industry

CG

But one of the things that came out of that, I kept getting asked, “Cyndi, how do we get more women in cybersecurity?” I said, “Stop calling it cybersecurity, because what it sounds to me is you put the entire world on your shoulder, you put your hoodie on, and you march downstairs, and your parents’ basement and you work alone.”

It was such a revelation that that’s absolutely not what this industry is. I came from an industry. I learned it by osmosis. But it is so great to be all in the same mission of defending all of these people and all of the activity online. But I said, why don’t we start calling it data care, similar to the way that health care pivoted, or the medical field pivoted to health care. Once that happened, people started saying, Yeah, you know what?

I have a personal responsibility for my health. I can eat better, I can sleep longer, I could do things, improve my health, that it’s not just my doctor’s visit or my dentist visit that’s going to take care of me. That was a big push because we found preventative activity was much easier to deal with than reactive. I think right now we’re kind of at that inflection point now with cybersecurity industry. We built the plane while we were flying it. We’ve gotten to a point where now it’s a lot more integrated. The public is actually paying attention and they’re getting personally impacted. So now if we invite them into the industry and tell them why we’re doing all this work, it’s their data and they have a personal responsibility to help protect that data. We can talk more about the data versus the technology. If I start talking about encryption or other technology, generally, the layperson eyes glaze over and they stop paying attention to what we’re saying. But if we’re saying your data, you could demand more protection of your data. We can do a lot more regulation around data care than we can about technology, because technology is moving so fast and innovation is going so fast, we don’t really have time to get everybody on board. They have to start taking some responsibility themselves.

AY

Yes, I think that’s a very key concept. And I know Jen Easterly and Anne Neuberger really love the concept because they say this is not just a technical field. There are analysts, there are program managers, there are operations managers. This is everybody’s responsibility. I love seeing that term being used more and more so great coining of the right term.

27:01 The Gula Tech Foundation

So tell me more a bit more about the foundation- I know you’re about to do awards. And so how does it work? I think you’ve done six awards by now or and then typically they get celebrated and announced around industry forums and maybe some people on the Forgecast may not necessarily know about all that.

RG

When we started getting into Gula Tech Adventures, we knew we wanted to be philanthropic and we didn’t really want to just be, hey, do a meeting with Ron and Cyndi and make everybody pitch us because there’s a lot of problems.

We want to be very purposeful. We had this big idea about doing a competition where we would pick a topic because of course cybersecurity is so broad and we didn’t have the term data care yet, but we would pick individual topics. Some of them would be social in nature, some of them might be things like education, educating the public, (CG: “governance”) and we would basically put up a million dollars of our own money to do a competitive grant. That million dollars would be distributed across the winners and in order to help us pick these the winners we enlisted about 25 people (CG: “30”) on the grant committee, including Alberto. Thank you very much for that. We have a real process. We do a little bit of vetting and always make sure that everyone is a US based nonprofit. The grant committee does pick the winners and we try to do a little bit more than just give them the money. But what we found is that the winners have gone on to get more engagement from the government, maybe grants from DHS, maybe jobs at DHS. Kirsten Todt used to be on our grant committee and then she was Chief of Staff for Jen Easterly for a while, and it’s been great. What do you think about some of the winners?

CG

Yes, the the topics have been really enlightening for everybody, I think. That was one of the things when you’re thinking about, well, I’d like to be philanthropic. We didn’t know what we didn’t know. We didn’t know what was out there. We didn’t know who was doing the work and what ideas people had. It’s been a lot of fun to learn about all over the country what different people are doing. Like one of the winners has a card game for K through 12, so K through two, three through five, and then older. And it’s like magic, at each gathering and they’re like, “Oh, here’s my server. Well, I’m going to play my firewall card to protect the server.” It’s a really great way to introduce the ideas, the network, the technology in a very fun and understanding way.

Again, inviting people into the industry in a way that they are more welcoming than “thou shall you should regulation cybersecurity warrior” kind of mentality. We’ve had a lot of fun just interacting and seeing the success of our foundation winners.

RG

We’re all recording this in in August of ’23 we’re going to be announcing the winners of our most current grant in October ’23, which is Cybersecurity Awareness Month.

Clearly, we’re behind schedule because this will be Data Care Awareness Month, but the focus is the National Cybersecurity Strategy. There are five pillars in that we’re focusing on pillars one and two, a nonprofit that helps protect the critical infrastructure and disrupt and foreign threat actors, ransomware groups, that sort of thing. We’ve got a lot of great candidates. Alberto, we will be putting the voting package in front of you very shortly.

AY

Thank you. I know what a great multiplier effect because you’re not just you can be philanthropic and give to an individual or a team, but you’re saying let’s look at organizations that their core mission and objective in life is to create that and they need to be to have that multiplier effect. You’re inspiring many of us to follow through, and I can see this becoming a much bigger movement to make sure you increase the diversity.

I know you did it with more African-Americans and neurodiverse and the topics is sometimes we don’t even talk about or what we talked about. We don’t do anything about it in these great to find organizations that are for purpose and mission in life is to help the community.

RG

Anybody who’s watching, if they want to go to Gula.tech/foundation, we list some of the Grant Award ceremonies to every grant that we’ve done, some of them on Zoom during COVID, some of them were at the RSA Conference. We really appreciate our partnership with the RSA, letting us able to do it there. We list all the winners and we have links to them and they’ve all gone on to continue to do great. Thanks.

AY

They are looking for volunteers. Sometimes, like at Forgepoint, we have our own objectives and are very active in ESG and that social and governance component. We also look for groups to get engaged and involved and to having an impact. So I encourage everyone listening to the podcast to get engaged in that way.

Reflecting back, you’ve been involved in high impact organizations that have key ingredients for success and you have worked together. Can you reflect upon what is your secret and what you can share with people on what makes high impact organizations succeed? What are the key elements that you think everybody should really focus on?

CG

From my standpoint, I was always building the foundation. Respect is so important to me. So, I always respected not only servicing the customer and enabling the customer to do that. I always enable the employees to do their jobs. I just really want people to know what the expectation is and deliver on that expectation and as best possible so that they can achieve their goals. Whether that a customer or an employee, somebody that works with us in so that made it a lot easier for the two of us to work together because again, having an engineering background and knowing I didn’t want to code, I could spend my time on our legal sales operations, all the fundamental pieces of the business. And that’s really important as well. Sometimes we see founders that are so “hands on the keyboard” and so entrenched in the product itself that they don’t understand that the business is not the product that the business is the people that you luckily have been able to convince to come work with you and to take care of them and then deliver that product and supporting the customer’s need. And that the customers’ needs are more than yours when it comes to features and solutions.

RG

Husband and wife team are both engineers. It’s more about having the correct solution than trying to have the right solution. So being right not necessarily always the goal. It’s like, okay, let’s figure out what really works here. Of course, communication. I definitely agree with that. That’s very, very important. But none of that works without cigars and a little bit of bourbon. (CG: “Or wine.”) And I think we’ve had a good bit of of that. And then on the communication day, more than once we have gotten into a meeting where someone was talking to Cyndi or talking to me and well, I told Cyndi yesterday and I’d be like, you know, not Cyndi. Actually, Cyndi does not Ron, you know.

I think there were a lot of assumptions that when we go home, when we were at Tenable or Network Security Wizards, somehow we would continue to work. And even at Gula Tech Adventures, once it’s family time or dinner time, it’s probably not time to talk about the latest round or the latest crisis or opportunity with one of the companies.

AY

Yeah, I would say that, you know, your bourbon and cigar gatherings are legendary and I’ve been blessed to have been able to partake in many of those and I highly recommend them. To your point, you say always take the time to smoke a good cigar and just the conversation ensues. Some people like to play golf. You can play golf with cigars, but I’m not sure how do that. But I can see the method to the madness.

I guess the last question to bring this to a close is, so what is next? I know you’ve been writing this book with all these chapters. Is there a next chapter that you guys have in mind?

CG

Well, it was funny because when you introduced us, you said we’ve done it all. And I was going to say, well, no, actually we haven’t done it at all. And that’s the fun of it. And then really, again, doing this with my spouses is great because we get to enjoy the idea together.

RG

Spouse. I thought you were my girlfriend.

CG

No. We are (RG joins in) “voluntarily related“.

37:04 Closing

RG

There’s still a lot of work to do. You know in 2023 we’ve got the National Cybersecurity Strategy that this administration has done very clear about getting into effect but it’s going to take a while. It’s going to take a long while. And a lot of people outside of cyber realize that cyber is not their number one important thing, which is one of the reasons we’re pushing data care. I mean, right now the economy’s down a little bit. We’re seeing entire security teams basically let go and whatnot. We do need to have more innovation. We don’t have enough people in this industry. We’ve got to have better tools.

We are not going to stop what we’re doing, and we’re encouraging more people to innovate and join. If we can help them, we’re happy to help.

AY

Well, thank you very much for all your contributions to the industry. And you know, and in it always being trailblazers, a lot of people will follow. Obviously I executive speak for everyone at Forgepoint that we really enjoy the relationship with you – it is multi-dimensional because we share deal flow, we have a common perspective of what’s needed. To your point, we’re just in the early innings and there’s a lot of work to be done and to the degree we feel very privileged in the position that we’re in to work with amazing entrepreneurs. We have been entrepreneurs where we know nothing goes in a straight line, then just having the resilience in people on the sidelines, who can encourage you to continue to move forward is something that sometimes is rare and especially in the investment community. Thank you for what you do and hopefully we will have you as guest on a following episode of the podcast.

RG

Thanks for all the work you guys are doing for the community, in particular veterans. You guys do a lot of work there and we’re very happy to share.

CG

Looking forward to the next cigar with you.

AY

Me too. Thanks again and have a great rest of the week. We appreciate it.