The Man Who Rewrote the Cybersecurity Playbook
He did not start in security. He started in history. Specifically, Russian history, in Ukraine, before the internet was much of anything and before "cybersecurity startup" was a viable career path. Ross Haleliuk has one of those careers that makes sense only in retrospect - a series of pivots that look like a straight line once you zoom out far enough.
At 22, he packed up and moved to Canada. Vancouver. He learned English properly, picked up business analysis, moved into project management, wandered through fintech, co-founded a B2B edtech company, and eventually landed in cybersecurity. He did not land gently. He landed with the kind of enthusiasm that produces newsletters, bestselling books, angel syndicates, and community organizations - all simultaneously.
The newsletter came first. "Venture in Security" launched on Substack with a simple premise: the cybersecurity industry is massive, complex, and opaque, and there is almost no serious analysis written specifically for the people trying to build within it. Not for hackers. Not for enterprise CISOs. For builders - founders, product managers, investors, and operators who need to understand the business before they can navigate it.
Ross understood that market because he was inside it. As Head of Product at LimaCharlie, a cybersecurity infrastructure company, he had spent years watching founders make the same expensive mistakes - not because they lacked technical talent, but because nobody had written down the playbook. So he wrote it.
You need to talk to customers and ask questions in such a way that the answers don't just confirm your biases, but instead help you gain a unique understanding of your problem space.
- Ross Haleliuk, on customer discovery"Cyber for Builders: The Essential Guide to Building a Cybersecurity Startup" landed in January 2024 and immediately hit Amazon's #1 in Cloud Computing. The 4.8-star rating from 100+ reviews tells you this was not a rushed cash-in. The book features forewords from Caleb Sima and Jeremiah Grossman, contributions from 50+ entrepreneurs, operators, investors, and thought leaders, and covers everything from understanding investors to why cybersecurity startups fail. It won Book of the Year at the SANS Cybersecurity Difference Makers Awards. That is not a small thing.
But the book is almost a byproduct of the method. Ross is a researcher first. In 2022, he analyzed over 800 cybersecurity products from more than 600 vendors to produce a product-led growth market map that ran on TechCrunch. That kind of work - unglamorous, granular, and genuinely useful - is what built his audience. By the time the book came out, 21,000 people were already reading his newsletter every week.
The community work runs parallel. Building Cyber Collective has connected more than 220 founders, advisors, and investors through a double opt-in system. No strings attached. Free. The Venture in Security Angel Syndicate, which Ross co-leads, is the world's first angel syndicate designed exclusively for security practitioners investing their own capital - not a fund with a 10-year exit clock, but practitioners who understand the problems they are solving from the inside out.
The future will be people-focused and product-led.
- Ross Haleliuk, investment thesisIn June 2024, he moved from Vancouver to San Francisco. The timing was deliberate. Building a stealth cybersecurity startup requires proximity to the people and capital that make such things possible. He is now co-founder and CEO of that company - the specifics kept quiet for now, as is appropriate for anything still in formation.
What makes Ross unusual in the security world is not just the output volume - though it is considerable - but the cross-disciplinary range. He writes about product-led growth, angel investing, go-to-market strategy, industry dynamics, and founding psychology. He has been interviewed on Forgepoint Capital's Forgecast, the CISO Tradecraft podcast, Illumio's Segment podcast, Cyber GTM Talk, and a dozen others. Regular contributor to VentureBeat, Dark Reading, SC Media, and the World Economic Forum.
His published perspective on the current market is refreshingly direct: "There is no open opportunity in the market in 2025 and one has to go with what they know." That kind of honesty - which cuts against the relentless optimism typical of startup media - is exactly why people read him. He earned the audience by being accurate, not by being encouraging.
He describes himself as "super active on LinkedIn" and, almost as an afterthought, notes that his Twitter/X account exists but is essentially unused. This is a man whose primary medium is the long-form newsletter and the deep conversation - not the take machine. The newsletter's email engagement rate sits at 20-100 unique clicks per article, with LinkedIn shares driving 5K to 50K views. The archive runs to 70+ deep-dive posts.
The trajectory from history student to cybersecurity's most-read operator-analyst to stealth startup CEO reads like something a novelist would construct if they wanted it to feel implausible but earned. What is consistent across every phase of his career is the same instinct: find the thing that nobody has documented properly, and document it properly. The industry owes him a debt it mostly does not know it owes.
The Key Chapters
Venture in Security launched on Substack and grew to 21,000+ subscribers purely through research-driven content. Zero paid acquisition. All signal, no noise.
"Cyber for Builders" hit #1 on Amazon in Cloud Computing, won Book of the Year at SANS Difference Makers Awards, and has become required reading for anyone building in security.
Co-founded the world's first angel syndicate exclusively for security practitioners. Members invest their own money. No fund dynamics. No 10-year exit pressure.
Building Cyber Collective has 220+ founders, advisors, and investors. Double opt-in matching, free to participate, built on the principle that knowledge flows both ways.
Analyzed 800+ products from 600+ vendors to produce a single market map for TechCrunch. That kind of exhaustive work became the foundation of his credibility.
Currently co-founder and CEO of a stealth cybersecurity startup, operating out of San Francisco. Details under wraps - which is how it should be at this stage.
What He Has Built
What Ross Says
"The future will be people-focused and product-led - companies that design growth loops and enable shorter time-to-value will win."
"There is no open opportunity in the market in 2025 and one has to go with what they know. Familiarity is the edge."
"Cybersecurity in 2024 is incredibly competitive - finding original angles is hard despite apparent unsolved problems."
"Ask questions in such a way that the answers don't just confirm your biases, but instead help you gain a unique understanding of your problem space."
The Timeline
Things Worth Knowing
Started his career studying Russian history in Ukraine - possibly the most unlikely origin story for Silicon Valley's most-read cybersecurity analyst.
Calls himself "super active on LinkedIn" while describing Twitter/X as essentially dormant. In an era of hot takes, he chose the long form.
The Venture in Security Angel Syndicate has no 10-year exit pressure. Practitioners investing their own money on their own terms - structurally different from traditional VC.
"Cyber for Builders" features 50+ contributors - making it as much a curated anthology as a single author's vision. Crowdsourcing credibility, not just content.
His newsletter hit 21K subscribers with zero paid advertising. Pure compounding quality. The newsletter marketer's ideal outcome, achieved by an operator who was not trying to build a newsletter business.
Moved to San Francisco in June 2024 specifically for proximity to capital and talent. One of those decisions that looks obvious only if you are serious about what you are building.