Mia Kralowetz
Mia Kralowetz is a security leader at Upside, where she rebuilding a security program from the ground up—with empathy, AI, and just enough chaos. A career changer who once managed retail stores, ran finance and compliance teams, and worked as a life coach, she found their way into security through a love of tinkering and a desire to understand how things work.
Her first security project was featured in a coworker's talk in Proving Ground talk six years ago, and since then, she's focused on DevSecOps and pentesting. Today, she's passionate about using security to build trust, not fear, and about enabling teams instead of blocking them—especially in environments marked by distrust, resource constraints, and rapid change.
This is her first time at BSidesLV as a speaker—and it feels like a full-circle moment.
Session
Security teams love policies, frameworks, and well-intentioned controls—but when those efforts lack product or business context, they’re often just… theater. In this talk, I’ll share what happened when I joined a security program driven by compliance rather than clarity, and how that led to friction, rework, and wasted energy. Through real-world examples from a fast-moving startup, I’ll walk through how we started rebuilding trust with teams who didn’t want to work with us—by first learning how our product actually worked and what the business actually needed. You’ll leave with questions every security team should be asking their product counterparts, tactics for embedding security into the roadmap without slowing it down, and ideas for transforming from checkbox-driven blockers into true partners. Whether you’re leading a program or just trying to get un-ghosted by your engineers, this talk will help you make security relevant, respected, and real.