Description

Hosts Dave Johnson and Ben Baker sit down with Tim Chase, Global Field CISO at Orca Security, to demystify one of cybersecurity's most intriguing and often misunderstood roles. With over 20 years in information security—from manual penetration testing in 2002 to leading cloud security programs and now evangelizing cutting-edge technology—Tim shares the real story of what tech evangelism means, how to break into the field, and why listening matters more than talking. 

Key topics & timestamps

Defining tech evangelism (4:00 - 6:07)

• Not just talking about products—educating on industry trends and challenges
• Sitting at intersection of marketing, sales, and product teams

The guiding philosophies of effective evangelism (8:03 - 11:21)

• Drawing on personal CISO experience to stay authentic
• Putting yourself in the audience's shoes before prescribing solutions
• Listening as much as talking—learning never stops in cybersecurity

Tim's journey from practitioner to evangelist (12:52 - 20:53)

• Started in AppSec to cloud security to evangelist
• The path was convoluted but intentional at each stage

Why connections alone don't make good evangelists (21:25 - 25:16)

• Hiring for rolodex depth is a short-term strategy that fails
• Executive presence and communication skills matter more
• Speaking CISO-to-CISO changes the entire conversation dynamic

The art of adding value without being preachy (25:16 - 28:36)

• Cybersecurity professionals don't want product pitches—they want help
• Executives struggle with "Is this just me?" moments—evangelists provide perspective
• Positioning your company as thought leaders, not just vendors

Breaking into tech evangelism (33:10 - 35:48)

• Find your preferred communication medium and start there
• Stretch yourself in areas where you're uncomfortable
• Learn how good sellers ask discovery questions

What's happening at Orca Security (38:11 - 39:48)

Key quotes

"A tech evangelist to me is just someone that sees what's going on in the industry. They've got the history, they've been in it long enough that they can really kind of educate others... to tell them kind of what you're seeing and where they should be focused." - Tim Chase

"One of the ways that you can get security leaders to pay attention is if they know that you've walked in their shoes before. I've literally seen the face and the conversation change when I introduce myself and they realize I'm not an SE or a seller—I'm a practitioner." - Tim Chase

"Let the sellers sell, and let me evangelize. They've got their process and they're respected for what they do, but let me just talk about the problem." - Tim Chase

Helpful links

• Orca Security
• (Blog) Where to start your cloud security program by Tim Chase
• (LinkedIn) Tim's response to Tom Alcock

Production Credits

• Co-hosts: Dave Johnson and Ben Baker
• Producer: Ben Baker
• Sponsor: Expel Security

Connect

• Follow Expel (follow us on LinkedIn, X, and YouTube)
• Rate and review on your favorite podcast platform