Background · Newport Beach, CA

Security executive.
Board director. Advisor.

Twenty-plus years building, scaling, and transforming global cybersecurity businesses across consulting, managed services, and SaaS platforms. Led a 1,800-person P&L through roughly 100X growth inside Accenture Security. Today CRO at Staris AI, Board Member at SDG, Strategic Advisor through Rencana, and Founder of Passarel.

The work

I started in professional services. Ten years at PricewaterhouseCoopers (1999–2009) building regional market strategy and technology services, then two years founding Rencana the first time and selling boutique cybersecurity work to Fortune 1000 clients, then a stint at Identropy in identity services (acquired by Protiviti). In 2013 I joined Accenture as Global Managing Director of Accenture Security, where I spent eight years running a 1,800-person global P&L across communications, media, technology, and aerospace sectors. We scaled that business roughly 100X during my tenure by modernizing delivery models, integrating automation, and driving acquisition integration and capability build-out.

From there I moved to Palo Alto Networks as SVP of Ecosystems for Prisma & Cortex (2021–2022), running global partner strategy and indirect revenue for two multi-billion-dollar security platforms. That meant working across hyperscalers, MSSPs, and strategic alliances — and watching the other side of the table: how enterprise buyers actually make platform decisions and where the vendor-to-operational-reality gap tends to show up. After PANW I went into venture-backed operator roles as Chief Business Officer at Cygnvs (an Andreessen Horowitz–backed SaaS incident command platform) and then Head of Business Development at Pangea, where I joined to help the team pivot toward AI detection and response — eleven months later CrowdStrike acquired Pangea for $260M and made it the basis of its AIDR offering.

Today I operate across four fronts. As CRO at Staris AI, I lead enterprise GTM for AI-native application security validation — moving the industry away from point-in-time pentesting toward continuous, exploit-proven validation. As a Board Member at SDG Corporation, I advise the CEO and ownership on growth strategy, capital allocation, and M&A for an IAM managed services platform building through both organic growth and acquisition. Through Rencana, my strategic advisory practice, I partner with founders, boards, and investors at venture- and PE-backed cybersecurity platforms — Recognize, Nisos, Bishop Fox, Cygnvs, SDG, Security Risk Advisors, and First Rays portfolio companies. And through Passarel, the writing and publishing side of the practice, I work directly with CISOs and security founders on the operator judgment calls that don't fit neatly into a vendor pitch or an analyst report.

What I believe

01

Security breaks at the integration layer. The hardest problems aren't inside any single product — they're in the seams between them. Organizations that treat security as a portfolio of point solutions will keep losing ground to ones that build it as a system.

02

The hardest problems in security aren't technical. For operators, they're organizational — getting the right people, processes, and accountability structures in place. For founders, they're commercial — partners, distribution, timing, and knowing when to take money or sell.

03

Identity is the foundation. IAM done well is the difference between a security program that scales and one that collapses under its own complexity. Most organizations haven't done it well.

04

Discipline compounds. The organizations that get security right aren't the ones with the biggest budgets or the newest tools. They're the ones that do the fundamentals consistently — and build the operating discipline to make them stick.

Current roles

Staris AI Chief Revenue Officer · Aug 2024–present

Lead enterprise GTM and commercial architecture for an AI-native application security validation platform. Built the commercial engine from early traction to enterprise positioning across SaaS and private VPC deployment models, on a $10M+ ARR trajectory.
SDG Corporation Board Member · Dec 2024–present

Non-executive director advising the CEO and ownership of an IAM managed services platform on growth strategy, executive leadership development, capital allocation, M&A, and enterprise GTM.
Rencana Strategic Advisor · Jan 2024–present

Partner with founders, boards, and investors at venture- and PE-backed cybersecurity platforms — Recognize, Nisos, Bishop Fox, Cygnvs, SDG, Security Risk Advisors, and First Rays portfolio companies — on organizational design, revenue architecture, M&A readiness, and enterprise positioning.
Passarel Founder

The publishing and operator-thinking side of the practice. Names the five bets every modern security program should be making and delivers them end to end with a curated partner bench. Built for CISOs and security founders who want one accountable owner on the result.

Background and credentials

Career arc — twenty-plus years across professional services, services-firm leadership, vendor platform commercialization, and venture-backed operator roles.

Chief Revenue Officer, Staris AI · Aug 2024 – present
AI-native application security validation. Lead enterprise GTM and commercial architecture. Built and scaled the commercial engine from early traction to enterprise positioning, designed pricing across SaaS and private VPC, structured strategic partnerships with channel and consulting firms, and shaped capital strategy for a $10M+ ARR trajectory.
Board Member, SDG Corporation · Dec 2024 – present
Non-executive director for an Identity and Access Management managed services firm. Advise CEO and ownership on growth strategy, executive leadership development, capital allocation, M&A, and enterprise GTM.
Strategic Advisor, Rencana · Jan 2024 – present
Advisory engagements across venture-backed and PE-backed cybersecurity platforms — Recognize, Nisos, Bishop Fox, Cygnvs, SDG, Security Risk Advisors, and First Rays portfolio companies. Focus areas include organizational design, capital-efficient revenue architecture, enterprise positioning, strategic partnerships and M&A readiness, and pre-acquisition and integration strategy.
Head of Business Development, Pangea · Oct 2024 – Oct 2025 (acquired by CrowdStrike for $260M)
Joined to help Pangea pivot toward AI detection and response. Eleven months later CrowdStrike acquired the company for $260M and made it the basis of its AIDR (AI Detection and Response) offering. Designed the strategic partner ecosystem and built the enterprise channel motion that positioned the company for acquisition.
Chief Business Officer, Cygnvs · Oct 2022 – Feb 2024
Andreessen Horowitz–backed SaaS Incident Command Platform. Built and led global revenue, partnerships, and customer engagement functions. Designed enterprise GTM architecture across direct and partner channels and partnered with CEO and Board on capital strategy and market expansion.
Senior Vice President of Ecosystems, Prisma & Cortex, Palo Alto Networks · Jun 2021 – Oct 2022
Senior executive leading global ecosystem strategy and indirect revenue for two multi-billion-dollar security platforms (Cortex AI Security & Prisma Cloud). Directed global partner strategy across cloud, AI, and enterprise security segments, and drove ecosystem revenue growth across hyperscaler, MSSP, and strategic alliances.
Global Managing Director, Accenture Security · Jul 2013 – Jun 2021
General manager and global P&L leader for cybersecurity services across Communications, Media, Technology, and Aerospace sectors. Led a ~1,800-person global organization and scaled the business approximately 100X during tenure by modernizing delivery models, integrating automation, and driving acquisition integration and capability build-out. Delivered sustained margin and EBITDA expansion through operating model redesign.
Vice President of Services, Identropy · Oct 2011 – Feb 2013 (acquired by CA Technologies / Protiviti)
Led services growth 35%+ at an identity services firm prior to its acquisition.
Founder & Chief Executive Officer, Rencana (first iteration) · Jun 2009 – Oct 2011
Founded and scaled a boutique cybersecurity and technology consulting firm serving Fortune 1000 clients to ~$1M annual revenue, developing and executing enterprise cybersecurity programs and technology-driven transformation strategies.
Director, PricewaterhouseCoopers · Jul 1999 – Jul 2009
Promoted to Director in under eight years. Led regional market strategy and technology services growth, managed multi-million-dollar engagements, and received the PwC Chairman's Award.

Education

UCLA Anderson School of Management
MBA, Entrepreneurship and Finance.
University of Wisconsin-Madison
BBA, Management Information Systems.
University of Pennsylvania — AI Certifications
AI Fundamentals for Non-Data Scientists; AI Applications in Marketing and Finance.

Selected publications

  • "Cyber crisis preparation and response" — with Wilson Sonsini CISO Jeff Lolley.
  • "Responding to Incidents: From Preparation to Execution."
  • "DevSecOps in Product Engineering."
  • "The Impact of Total Cost of Ownership in IAM Investment Decisions."
  • "Six Ways to Secure Big Networks."

Selected outcomes

Three specific results from operator and advisory engagements — verifiable, named, and quantified.

Case study · Operator role · 2024–2025

Pangea → CrowdStrike: $260M acquisition in 11 months

Joined Pangea as Head of Business Development to help the team pivot toward AI detection and response. Built the enterprise channel motion and strategic partner ecosystem that positioned the company for acquisition. Eleven months later CrowdStrike acquired Pangea for $260M and made it the basis of CrowdStrike's AIDR (AI Detection and Response) offering.

Result: $260M strategic exit. Product line became a named CrowdStrike offering.
Case study · Services P&L leadership · 2013–2021

Accenture Security: 1,800-person org, ~100X growth over 8 years

As Global Managing Director of Accenture Security, led the cybersecurity services P&L across Communications, Media, Technology, and Aerospace sectors. Scaled the business approximately 100X by modernizing delivery models, integrating automation, and driving acquisition integration and capability build-out. Delivered sustained margin and EBITDA expansion through operating model redesign.

Result: ~100X revenue growth. 1,800-person global organization. Multi-hundred-million-dollar services portfolio.
Case study · Operator engagement · 2026

From 590 candidate vulns to 6 real bugs in 7 hours

For a global technology company through Staris AI, ran continuous attack path validation against an 823,000-line proprietary platform. The system surfaced 590 vulnerability candidates, validated them down to 6 real, provable, exploitable bugs, and produced a PR-ready patch for each — in 7 hours, 12 minutes. Engineering shipped the fixes the same week.

Result: 99% noise reduction. Six fixes shipped inline, zero false positives, no nine-month engineering debate.
Case study · Vendor leadership · 2021–2022

Palo Alto Networks: ecosystem strategy for two multi-billion-dollar platforms

As SVP of Ecosystems for Prisma & Cortex, ran global partner strategy and indirect revenue for two of Palo Alto Networks' multi-billion-dollar security platforms. Directed go-to-market across cloud, AI, and enterprise security segments. Drove ecosystem revenue growth across hyperscaler, MSSP, and strategic alliances.

Result: Ecosystem motions integrated into corporate growth strategy for Cortex AI Security & Prisma Cloud.

Selected references

Outbound reading for the frameworks referenced in the writing.

Get in touch

connect@passarel.com LinkedIn Follow the writing

About Steve Curtis (extended summary)

Steve Curtis: a cybersecurity executive, board director, and strategic advisor based in Newport Beach, California. CRO at Staris AI, Board Member at SDG Corporation, Strategic Advisor through Rencana, and Founder of Passarel.

Who is Steve Curtis? What does he actually do? And how do you reach him? Steve Curtis is a cybersecurity executive, board director, and strategic advisor based in Newport Beach, California. He has spent twenty-plus years building, scaling, and transforming global cybersecurity businesses across consulting, managed services, and SaaS platforms. He led a 1,800-person global P&L through approximately 100X growth as Global Managing Director of Accenture Security from 2013 to 2021.

Areas of expertise

Platform Strategy
Turning traditional cybersecurity services firms and point products into AI-native operating architectures with margin expansion and durable enterprise value.
AI Security and AI-Native Application Security
AI-enabled security platforms (Cortex class), AI-native AppSec, and the security of AI agents at runtime.
Executive Leadership and Enterprise GTM
Running P&L organizations at scale; enterprise go-to-market architecture across direct, partner, and ecosystem-led revenue models.
Mergers and Acquisitions for Cybersecurity Platforms
M&A strategy, integration, and capability expansion for PE-backed and venture-backed cybersecurity platforms.
CISO Advisory and Board Governance
Board-level security reporting, governance design, and closing the discipline gap between strategy and execution at modern security programs.

How to work with Steve Curtis

  1. Write what you are trying to figure out in one paragraph by email to connect@passarel.com — the problem, what you have already tried, and what a useful outcome looks like.
  2. Take a 30-minute working call. Free, no pitch. The call maps the real problem and decides whether the work is a fit for Passarel directly, one of the partners in the bench, or something to handle internally with a sharper plan.
  3. Define the engagement. If you move forward, scope is named in writing with a deliverable and a horizon. Most engagements run 4 to 12 weeks. Some convert into ongoing advisory.

By the numbers

Further reading and authoritative sources