As cybersecurity threats grow in complexity and scale, so does the importance of resilient leaders who can think critically, adapt quickly, and build solutions that can stand the test of time. During a recent Lunch & Learn hosted at SecurityScorecard’s New York City headquarters, CEO and Co-Founder Dr. Aleksandr Yampolskiy and students from Columbia University’s Technology Management Graduate Program, led by technologist and entrepreneur Cristina Dolan, explored what that looks like in practice.
In an open and unscripted conversation, the group delved into startup life, investor rejection, product validation, and company-building. The session offered actionable insights into entrepreneurship, product-market fit, hiring, and long-term leadership. To stay ahead, students were urged to …
As cybersecurity threats grow in complexity and scale, so does the importance of resilient leaders who can think critically, adapt quickly, and build solutions that can stand the test of time. During a recent Lunch & Learn hosted at SecurityScorecard’s New York City headquarters, CEO and Co-Founder Dr. Aleksandr Yampolskiy and students from Columbia University’s Technology Management Graduate Program, led by technologist and entrepreneur Cristina Dolan, explored what that looks like in practice.
In an open and unscripted conversation, the group delved into startup life, investor rejection, product validation, and company-building. The session offered actionable insights into entrepreneurship, product-market fit, hiring, and long-term leadership. To stay ahead, students were urged to focus not just on building products, but on solving meaningful problems by transforming customers and leading with humility in the face of constant change.
“A powerful question to ask is who do you want your customers to become? How is what you do going to transform your customers into better customers?” — SecurityScorecard CEO and Co-Founder Dr. Aleksandr Yampolskiy
How To Hire, Build, and Think Like a Founder
Dr. Yampolskiy led the students through a discussion on why experience alone isn’t enough when building high-performing teams. What matters most is hunger, resilience, and self-motivation.
He encouraged those looking to lead to develop a third ear through their career: “Two ears to hear what’s being said, and the third ear to observe what’s not being said.” The ability to observe what goes unsaid and read dynamics, ask better questions, and spot early signals of misalignment or opportunity will set teams apart from the competition.
Taking chances to experiment early and often will also make all the difference, he added. The most successful innovations don’t come from grand strategy decks but from rapid, cheap iteration.
The mindset true leaders need to adopt now is to “fail fast” in order to innovate faster than the competition.
“A lot of the time companies overvalue big, grandiose, business ideas, but they undervalue cheap, quick experimentation. Then you see which things failed and which things succeeded,” he shared. “Then you double down.”
How To Know When You Have a Startup Idea That Will Stick
Students explored how to recognize early signs of product-market fit, and why lukewarm reactions from investors can sometimes be a positive signal.
Dr. Yampolskiy urged the students to consider a key lesson from his founding journey: That in charting a new path, investors’ reactions may be less than enthusiastic, even when your idea is valuable. He emphasized if they face lukewarm interest in their startup ideas, it just may be a sign they are creating something worthwhile and ahead of the pack.
“Usually great ideas are not obvious to too many people,” he said.
A useful framework emerged: If no one reacts, you may be too early. If reactions are mixed, you might be onto something new. And if everyone says yes immediately, you might be too late.
When asked how early-stage founders can validate their ideas, the advice was direct: Focus on identifying a painful JTBD (“job to be done”), understand what it costs your target users in time, stress, or money, and test whether someone would actually pay to solve it.
He advised those interested in launching to avoid focusing on product alone. Differentiating themselves by proving to investors that they have the vision and execution abilities to deliver results is just as important.
“Early in the market you want to look for visionaries, people who want to take a chance on a new idea,” said Dr. Yampolskiy, an angel investor. “Investors are going to know that your product is broken, but they’re going to take a chance on you. You’re going to convince them that you have the vision.”
Raising Capital, Building a Product, and When to Quit Your Job
Building interest in your product in the early days is not always about making the perfect pitch deck and presentation, but rather, finding investors that will help build leverage for you, Dr. Yampolskiy advised.
One good rule of thumb is to think about giving investors the “fear of missing out,” he added. What worked for SecurityScorecard was exactly that. After several rejections and adjusting his pitch deck time and again, he succeeded finally with one investor’s backing. Gaining just one investor is often what builds urgency for other investment teams.
“I went to all the others who were ghosting me and said, look, you’re missing out. The round was about to close. And all of a sudden they’re rushing to invest, because there’s a very powerful fear of missing out,” he shared.
Companies cannot afford to stop thinking about product-market fit after the early stages, he cautioned. Organizations that will succeed in the 21st century are those that never believe they have achieved a permanent product-market fit. Companies, product managers, and leadership need to continuously reassess product-market fit as market changes emerge, he advised, or otherwise risk being disrupted.
Staying Ahead of AI, Cyber Threats, and The Expanding Attack Surface
Dr. Yampolskiy flagged three macro trends and emerging threats to consider moving forward, given the Columbia students’ coursework in cyber risk and resilience:
- The proliferation of risk in the Internet of things (IoT) and connected devices: “Everything from fridges to medical devices is now online, and often unsecured.”
- The democratization of cyber weapons, with AI making it easier for low-skilled attackers to cause harm.
- The overemphasis on perimeter defense, rather than organizational resilience and continuous vendor ecosystem monitoring.
Students were challenged to think beyond traditional controls and view cybersecurity through a systems lens. Risk doesn’t stop at the firewall, and it isn’t only about AI-driven threats. Risk flows through vendors, cloud platforms, supply chains, and unseen dependencies.
Building For The Future Wherever You Are
Toward the end of the session, one student asked whether the mindset of a founder is fundamentally different from that of a leader inside an established company. The answer: Not if you’re doing it right.
Students were reminded that everyone works for someone, whether it’s customers, investors, employees, or all of the above. What matters is how you show up, with radical ownership, curiosity, the willingness to act on what you learn, and the willingness to dig beyond the surface of challenges you confront. Whether founding a startup or rising within an organization, those qualities define strong leadership.
The closing message was a guiding question for students to return to throughout their career:
“A powerful question to ask is who do you want your customers to become? How is what you do going to transform your customers into better customers?”
As the attack surface expands and the threat landscape changes, the future of cybersecurity and entrepreneurship will belong to those who lead with resilience, experiment without ego, and stay obsessed with solving the right problems.
For SecurityScorecard media inquiries, contact us here.
You can learn more about Columbia University’s Technology Management program here.