Founded in 2018, Crossbeam is a partner ecosystem platform that helps companies build valuable partnerships. Crossbeam allows companies to find overlapping customers and prospects while keeping their data private and secure.
Before using Tines, the Crossbeam team didn’t implement much automation. The vast majority of their daily tasks and processes were run completely manually, which proved time-consuming and created various problems. Chris Castaldo, Crossbeam CISO, discusses why automation was so badly needed for their security operations, and how Tines has enabled the wider team to optimize their workflows and cut out repetitive work.
The Crossbeam security team is made up solely of Chris. This means that all security operations at Crossbeam are implemented and maintained by him. He contracts a small boutique engineering firm called SecureCoders to help with scripting for certain operations. Additionally, Crossbeam doesn't have a SIEM, so there’s no support in that capacity to triage every alert that comes in.
Before Tines, Chris completed almost all of his tasks and processes manually. Anything that was automated required code, which was less efficient than Chris needed. Aside from being CISO, Chris is on the executive team and has a host of responsibilities outside of security operations. Instead of focusing on the wider business objectives and OKRs, much of his time was spent on repeatable tasks and weeding through alerts.
It was impacting a lot of things because I was working in the business and not on the business.”
Chris Castaldo, Crossbeam, CISO
One of Crossbeam’s primary OKRs is annual recurring revenue (ARR). Chris explains that having to work on near-impossible travel alerts on a day-to-day basis, while perhaps defending existing revenue, does not contribute to new revenue. Those kinds of tasks take Chris out of “being able to work on the things that only I can work on. Only I can represent the company on a call with a customer CISO to answer security or privacy questions. I have to consider where my time is best spent. It’s definitely not best spent deduplicating and prioritizing alerts.”
Initially, Chris had three main reasons for seeking a solution with automation capabilities:
Mitigate bloat in their tech stack: Crossbeam had a very complex process when it came to security set-up and onboarding of new employees. The business didn’t want to keep purchasing more enterprise-level tools in an attempt to make the process more efficient – conversely, this was just growing their tech stack and making integration between each tool more difficult. Chris knew they needed a solution to make integration of their tools, and therefore employee onboarding, easier.
Reduce friction between security and commercial teams: Chris found he was becoming a “bottleneck” when it came to important business processes such as closing new deals. He explained, “We’re all sitting and waiting for me to click a button so they can do their security review and it’s holding everything up. That’s a really bad spot to be in.”
Improve work-life balance: As the sole security team member, Chris’ work-life balance was being negatively impacted because he struggled to find time to take PTO because his days were so full up with manual, time-consuming tasks.
Chris first discovered Tines years ago, shortly after our CEO, Eoin Hinchy, first posted on LinkedIn about an idea for a new product he was going to build. The way Eoin described Tines – building-block programming that didn’t require developers to build code – instantly appealed to Chris. Chris reached out to Eoin to share his interest and kept tabs on the development of Tines since then, considering himself a “day one fan” of the product.
When the time came for Chris to find a vendor with SOAR capabilities for Crossbeam, Tines sprung to mind. Chris had a 12-week onboarding period with Tines, and he found the experience to be easy, and that it “got him to value very quickly.” While he was building quickly, Chris opted to continue outsourcing more complex builds to SecureCoders so he could focus on his executive responsibilities.
The SecureCoders team, who had never used Tines before, now recommend the platform to other clients as a preferred solution due to the accessibility and intuitive design. Tines enables both them and myself to be far more efficient and effective not only as it relates to security operations workflows, but we’ve also extended it for broader business workflows.”
Chris Castaldo, Crossbeam, CISO
Crossbeam offers a transparent public trust portal for prospects and customers to conduct their security reviews, where mutual disclosure agreements are required. In one of Chris’ first Tines stories, he put new Crossbeam users in the driver seat, allowing them to facilitate their security review without him as a bottleneck. The Tines workflow sends the Crossbeam user a direct message with a one-click button to start their security review.
Another business case is how Tines has helped Chris create a better culture of security within Crossbeam by “getting everyone into a security mindset. We’re building a Tines story that will read our Jamf instances and post a congratulations message on Slack to champion the people that get the latest patches and security updates first.” This makes the wider team more aware of security processes, encourages them to engage more, driving a better security posture for the business.
Crossbeam leverages Tines beyond security to support other business functions such as their SOC Type II compliance and ISO/IEC 27001 certifications. These certifications require annual training across the team.
The organization tried to be mindful of employee experience and time by allowing people to go at their own pace with the training. However, this created some issues with their audits – namely, whether or not people finished the training within the required audit period. The ask from the business was a streamlined way for them to know who had completed the training by what date and who had not. The platform they use for training is complex to use and does not provide Crossbeam with that information. However, it has an API.
Chris had SecureCoders create a Tines story that pulls the training data from this platform, then sends a message to the relevant manager to inform them of all their direct reporting employees’ training statuses every Monday. Now the managers can see exactly where their team stands with training, if they’re on track to complete training, or if anyone needs extra support. Chris explains that the whole organization values this workflow because beforehand there was “basically zero visibility. There is just so much you can use Tines for that’s not just security. It opens up so many additional possibilities. We’ve got lots of different use cases that are outside of security.”
Chis discussed some of the top ways Tines improves operations at Crossbeam:
Focus: regain focus for broader business responsibilities
Time-savings: additional bandwidth gives way for high-impact work
Share ROI: report to the business via the time-saved calculator exactly how much time is saved with Tines
New operational capabilities: Chris explained that“Tines is creating capabilities in our operations where they did not exist previously.”
Break software silos: ability to extract greater value from new and existing products organization-wide that were less flexible when it comes to integrations
Limitless possibilities: Crossbeam has yet to run out of ways for how they can use Tines. This allows for future-proofing because Chris feels they’ll “never run out of steam with Tines.”
Chris’ favorite story so far is their SafeBase workflow, which is a use case for the wider business. The story is used for sales leads and automates a process that was previously very manual and took Chris about 20+ hours or half a work week each quarter, but now it only takes minutes.
The team has a Slack channel called ‘Bluebirds’ where warm leads that come from somewhere in the business are shared – the lead might come from an event, or an intro that the Crossbeam founder had. When a new request for access to the Crossbeam security trust portal on SafeBase is received, the Tines story kicks off and posts the account to the Bluebirds channel. If there is a representative in Salesforce assigned to that account, it will tag them and provide any new context about the account, for instance if they downloaded the SOC 2 or Pentest from Crossbeam. Alternatively, if there is no representative assigned to an account, it will alert the team so that somebody can reach out.
Chris and the wider team plan to delve into what else they can automate, and what processes can be improved as a result. The plan is to remove repetitive work from the wider team’s schedules so they can operate more efficiently.