Cybersecurity for startups: build trust and reduce risk

Salesforce’s Didier Vandenbroeck shares a pragmatic playbook for early-stage SaaS security from an M&A perspective. Drawing on 50+ acquisitions and hands-on startup experience, he explains why trust is your core currency, which basics matter most at each stage, and how security choices directly impact diligence, deal terms, and valuation.

Key themes include: 

1. Trust first, culture always
   In SaaS, trust is the currency - slow to build, easy to lose. Treat customer data like a bank deposit: don’t lose it, don’t abuse it. Make security everyone’s job. 

2. Stage‑appropriate defenses that move the needle
   Focus on the real threats for startups: opportunistic attackers and ransomware. Build on four axes: code, cloud, detection and compliance. 

3. Code hygiene and identity basics
   Use memory‑safe languages, automate patching/dependency updates, secure pipelines and  enforce MFA. 

Key takeaways:

• Build a security culture early: make reporting easy, avoid blame, and treat data like money in a bank.

• Good security makes compliance easier, not vice versa. 

• In diligence, be candid and prepared - invest early in a clear security program to protect valuation 

Tune in to the full session to learn how to apply these insights.