Summary
In the inaugural episode of SecOps Confidential, host James Berthoty sits down with Patrick McKinney (VP of Security, Invisible) to break down how to build and scale a security operations program. They cover when companies should move beyond “CTO-owned security,” how to approach tooling organically without overbuying, and how MDR and emerging AI SOC platforms can reduce operational burden while improving investigation speed and access to data. Patrick shares practical guidance on tying security spend to revenue retention, sales enablement, and risk, plus how to think about open-source vs. SaaS, vendor transparency, and the evolving SOC tool landscape as AI accelerates change.
Show Notes
- The practical triggers for standing up a formal SecOps program
- How to sequence tooling decisions without “$500K worth of tools” on day one
- How to justify security budget with revenue retention, sales cycle impact, and risk framing
- Open-source vs. SaaS tradeoffs (including the often-ignored operational overhead)
- When (and whether) to off-board MDR as internal maturity grows
- Why AI SOC value is often analysis quality and investigation speed, not just headcount reduction
- What vendors can do to earn trust: transparency, proof, realistic promises, and fast time-to-value
