The story of Chasing Polaris blog
This is Chasing Polaris - Wickey's blog.
The story of this blog:
Earlier 2023, I started a project called “Chasing Polaris” to find some useful insights, myself reflection and inspirations from distinguished people who successfully found their Northstar at my spare time. Later on, I start to write what I learn, what I do and what I want to say here.
Chasing Polaris For executives, founders, and investors navigating the intersection of AI, cybersecurity, and capital.
Who writes this
I’m Wickey Wang, a cybersecurity and compliance practitioner, early-stage AI and Cybersecurity investor, and writer based in Silicon Valley.
By day, I work at the intersection of enterprise security, AI, and emerging technology. I hold a CISA certification, am a Six Sigma Green Belt, and have contributed to frameworks and standards at ISACA, the Cloud Security Alliance (CSA), and the World Digital Technology Academy (WDTA), including the CSA AI Control Framework and the Generative AI Application Security Testing Standard. By night (and weekends), I invest in what I study.
Selected investments Agentive (YC23, AI Audit) · Culminate (AI Security SOC 2024 RSA Launchpad finalist three) · Aligned.ai (2023 Fortune 50 AI Innovator, AI Safety) · Codelock (Supply Chain Security)
I also co-host Innovator Coffee, a podcast featuring AI founders, researchers, and investors from YC, Stanford, leading VC firms and beyond.
What this newsletter is about
Every two weeks, I publish one piece that earns your 20 minutes.
The format rotates across three types of writing:
Company Teardowns - Deep dives into cybersecurity and AI companies: their business models, moats, strategic bets, and what investors and operators can learn from them. Past subjects include Wiz, Zscaler, Vanta, CrowdStrike, ServiceNow, Fortinet, and Figma.
Investor POV - What I’m seeing in deal flow, how I evaluate AI cybersecurity startups, and where I think the market is headed. Written from the perspective of someone who has sat on both sides of the table.
Signal vs. Noise - Sharp takes on AI security threats, enterprise AI risk, market predictions, and the questions that CISOs, CTOs, and founders are actually losing sleep over.
Why subscribe
Most writing about cybersecurity is either too technical for business leaders or too shallow for practitioners. Most writing about AI investment is either hype or hindsight.
This newsletter sits at the overlap: written by someone who has reviewed the frameworks, evaluated the startups, and spent time in the rooms where decisions get made, from RSA conference floors to pitch judging panels in Silicon Valley.
If you’re a CISO deciding how to position AI security to your board, a founder figuring out how to break into the enterprise security or AI market, or an investor trying to separate real signal from category noise, this is for you.
Selected professional contributions
CSA AI Control Framework (contributor) CSA AI Control Framework
WDTA Generative AI Application Security Testing and Validation Standard (contributor)
CSA Cloud Security Alliance GRC whitepaper (co-author)
CSA Cloud Security Alliance whitepaper on Governance Risk Management compliance and cultural aspect
ISACA AI/ML Framework (reviewer) AI/ML framework Blockchain framework
I was also featured by ISACA for the emerging tech and leadership contribution
Co-author, two books on Generative AI Cybersecurity First One & Second One
Behind the Scenes: Pitch Judging in the Heart of Tech at Silicon Valley
Start here
New to the blog? These pieces represent what this newsletter is about:
Company Teardowns →
Cyber Talk-1 - From Zero to Wiz: The Fastest Cloud Security Exit in History
Cyber Talk-2 From VPN Killer to Zero Trust Platform: The Zscaler Evolution
Cyber Talk-3: Vanta — How a compliance startup cut audit time by months and cost by 90%
Cyber Talk-4 Beyond Endpoints: How CrowdStrike Reinvented Cyber Defense
Cyber Talk-5 ServiceNow’s History and Next Chapter with cybersecurity acquisition
Cyber Talk-6: Fortinet’s Silicon Moat — $0 to $6.8B with the same founder
AI & Investor POV →
Inside RSA: Two days, AI everywhere, and what it actually means
The 100 AI Cybersecurity Startups to Watch (2021–2024)
10x Productivity and the Vault Key: The Leadership Playbook Behind the Clawdbot Mania
How to Use AI to Learn - Cybersecurity in Mind Edition
Behind the Scenes: Pitch Judging in the Heart of Tech at Silicon Valley
The AI Talent Wars Are Escalating - from Windsurf’s Split Deal to Meta’s Billion-Dollar Hiring
Founder & Executive Interviews →
Chasing Polaris-People 01: Nurturing Two Trees in Your Career to Navigate the Winds of Change
Chasing Polaris-People 02: How to Apply Management Thinking to Achieve a Work-Life Balance
Chasing Polaris-People 03 Rethink the infrastructure of the cloud in the era of AI
Chasing Polaris-People 04 AI Revolution on the Search Engine
Chasing Polaris-People 05 A Long-Termist in the Venture Ecosystem
I am also a frequent guest in Techstrong Gang, a weekday show and podcast with a panel of IT industry editors, analysts and thought leaders discussing tech trends, from DevOps, cloud computing, cybersecurity to AI and other innovations, hosted by industry veterans.)
