CyberWire Daily – Episode Summary: Avi Shua: Try to Do Things by Yourself

Release Date: February 9, 2025

Introduction

In this episode of CyberWire Daily, hosted by N2K Networks, the spotlight is on Avi Shua, CEO and Co-founder of Orca Security. Avi delves into his personal journey in cybersecurity, the evolution of security solutions, and the philosophy driving Orca Security's innovative approaches in the industry.

Avi Shua’s Journey into Cybersecurity

Avi Shua begins by sharing his early fascination with cybersecurity, ignited at the age of 13. He recounts his high school experience, where he actively sought ways to navigate and potentially breach the school’s network. This early intrigue set the foundation for his career trajectory.

Avi Shua [01:31]: "Excited about cybersecurity since I was 13 years old... it was clear to me that I'm going to get into cybersecurity since then."

His commitment deepened when he joined the Israeli army's elite intelligence Unit 8200 at 18, where he not only received advanced cyber training but also transitioned into a teaching role, mentoring the next generation of cybersecurity experts.

Avi Shua [01:45]: "I became the teacher of one of the courses... it all started that way."

Building Expertise at Check Point

After his military service, Avi spent over a decade at Check Point, a leading cybersecurity company. He progressed from a team leader to a group manager, eventually spearheading the development of Check Point's sandboxing solutions. His tenure culminated in a role as Chief Technologist, where he focused on identifying and fortifying choke points in cybersecurity.

Avi Shua [03:30]: "Security is all about choke points... the only way to do something which is so radically different is by starting a company."

Avi emphasizes the traditional choke points in cybersecurity: the network and the cloud. While network security often relies on physical devices to monitor traffic, cloud security requires a fundamentally different approach due to its dynamic and scalable nature.

Founding Orca Security

Recognizing the limitations of existing solutions, Avi founded Orca Security to address cloud security from a novel perspective. He critiques conventional security products for being theoretically sound but practically cumbersome, often resulting in low deployment rates and inadequate protection.

Avi Shua [05:20]: "There is so much time in cybersecurity when companies build solutions that look good on paper but are not consumable... attackers can always go to the areas that are not deployed."

Orca Security's mission is to simplify security management and reduce friction within organizations. By making security tools more user-friendly and easier to deploy, Orca ensures comprehensive coverage, thereby minimizing potential attack vectors.

Leadership Philosophy and Organizational Growth

As a leader, Avi outlines his dual focus: executing the company's vision and ensuring that all operational aspects are uniquely managed within Orca. He believes in fostering an environment where employees are empowered to solve problems independently, fostering innovation and personal growth.

Avi Shua [06:45]: "If you're just getting started, you need to be excited by that. It's not something you do if you don't love it... Take the time and do things for yourself."

Avi advocates for a hands-on approach, encouraging team members to understand the intricacies of vulnerabilities and limitations. This philosophy not only enhances individual expertise but also contributes to the creation of robust and effective security solutions.

Addressing Real-World Security Challenges

A central theme in Avi's discussion is the importance of practicality in cybersecurity solutions. He critiques the industry's tendency to prioritize theoretical robustness over real-world applicability, leading to security products that are underutilized in actual deployment scenarios.

Avi Shua [06:10]: "We are reducing friction in the organization... they can do their job and become real security practitioners."

Orca Security focuses on developing tools that integrate seamlessly into existing infrastructures, ensuring high adoption rates and effective threat mitigation. By eliminating unnecessary complexities, Orca empowers security teams to concentrate on proactive defense measures rather than grappling with cumbersome technologies.

Conclusion

Avi Shua's insights provide a compelling look into the evolution of cybersecurity from both a technical and leadership perspective. His emphasis on self-reliance, practical solutions, and reducing operational friction underscores Orca Security's commitment to advancing the cybersecurity landscape. For professionals and enthusiasts alike, Avi's journey and philosophies offer valuable lessons in innovation and effective security management.

Notable Quotes:

• Avi Shua [01:31]: "I knew it's retroactively looking at it. It was a high school network, it's not secure by definition, but it was still something that excited me..."

• Avi Shua [03:30]: "Security is all about choke points... the only way to do something which is so radically different is by starting a company."

• Avi Shua [06:10]: "We are reducing friction in the organization... they can do their job and become real security practitioners."

• Avi Shua [06:45]: "If you're just getting started, you need to be excited by that. It's not something you do if you don't love it..."

This summary encapsulates Avi Shua's comprehensive discussion on cybersecurity, his professional journey, and the innovative strategies employed by Orca Security to address contemporary security challenges.