Article

Interview with Taylor Monahan on Building a Security Conscious Team at MyCrypto from Hiring to Culture


In this interview, we talked to Taylor Monahan, CEO of MyCrypto, about something different from our usual focus on Asia. Security is one of the most important features of a blockchain. But consumer and wallet security on the user front is equally important when building a dApp.

GCR and GBIC partnered up to interview Taylor Monahan, CEO of MyCrypto. Joyce Yang from GCR and Richard Lee from GBIC asked Taylor for her best practices on how to instill a high-security-aware culture in her company. Her answers are practical and refreshing so be sure to check it out below. 

Here are the topics that we covered in this interview:

  • What is MyCrypto and how did it get started?
  • Demand for Crypto Wallet Businesses and its Correlation with the Market 
  • On Hiring
  • On Managing a Team and Creating a Cohesive Culture in a Decentralized Environment
  • MyCrypto’s Decentralized Team
  • Instilling a Security Conscious Team at MyCrypto from Hiring to Culture
  • The Problem with Security Control in a Company related to Digital Currency
  • On MyCrypto’s Fundraising Experience
  • Taylor’s Advice for New CEOs



What is MyCrypto and how did it get started?

Joyce Yang

Taylor, welcome to GCR and thanks for this interview. Can you tell us a little more about MyCrypto?

Taylor Monahan

Yeah. Thank you so much for having me. So MyCrypto is an Ethereum wallet. So it’s a way for you to sort of interact with the Ethereum Blockchain and send your cryptocurrency around. If we want to go a bit more high level for those people who don’t necessarily know what crypto is, basically there’s like Bitcoin and there’s Ethereum and they all sort of fall into these crypto currencies which are like decentralized money, it’s basically digital goal, it’s all these words. And what our product enables you to do is similar to maybe, like Venmo or your online banking application. You can go in, you can view your balance, you can send your funds around, but there’s these other assets called tokens which are another whole thing that we can go down if we want to, but essentially, it’s similar to your online banking experience, but everything is you know revolutionary and its cryptocurrency and it’s a Blockchain and it’s all those exciting new technologies. 

Joyce Yang

How did you get started with the company? 

Taylor Monahan

So I have been in the space for a couple years, and when Ethereum launched, there was no way to interact with the Blockchain, there’s no way to see your balance or to send your funds from one place to another or to sort of open a new account. The only way to do that was via command line which is like that hacker terminal thing that you see in the movies, and I wasn’t comfortable. Personally, I wasn’t comfortable sending money via command line. So we put together this very simple interface that basically allows a person to take these actions that they’re going to want to take, but do so with like a familiar user interface. So we have things like buttons and we have warnings if you screw something up. And if you type in the address incorrectly, it’ll tell you like “Hey, that doesn’t look like a proper address, maybe you want to try that again.” And from there, we kind of like just threw it out to the world and it caught on and people started using it and people started giving us feedback and telling us if things weren’t clear, and they started requesting features, and it just really grew organically from there. There were so many people that had the same problems that we were having, and so in the early days it was really easy to you know, if I built this product for myself and it solves my own problems, it turned out that it would also solve all these other people’s problems. And it was a very unique start I think. I often referred to sort of my journey as I accidentally started a company because it was definitely not very well thought out or intentional, but it’s a really awesome adventure. 

Richard Lee

And how long ago was that? 

Taylor Monahan

So Ethereum launched in August of 2015, so it’s been just over 3 years now. I’ve been sort of following the crypto Bitcoin space since 2013. And obviously the space is very new relative to most technologies. 

Demand for Crypto Wallet Businesses and its Correlation with the Market 

Richard Lee

And do you think I guess like the growth of the company has been following like the growth of digital crypto in general? So you saw I’m sure like last year, you must have done a huge spike and had to really kind of go pedal to the medal for it. 

Taylor Monahan

Yeah, so this industry is definitely dominated by sort of the hype cycles and the bubbles and the booms and the busts. And if anyone has heard about crypto, they usually hear about the massive amount of money that people could potentially make. And unfortunately, for the people that are building on this technology, our growth is tied to what the market is doing. And so when the market goes flying upwards to the “moon” as they say, the amount of users using our products also accelerates equally. And that sort of exponential growth, especially if you’re not prepared for it can catch you really off guard, and all you can do is put out the biggest fire first and do the best you can and hold on and hope for the best. And definitely, 2017 was a wild rise, 2018 has been much calmer. And so now, I think we’re sort of diving deeper into what the technology is capable of and making sure that our products are robust and they are designed well and they have the average user in mind, and all the things that we sort of feel that were lacking during 2017, we’re now adjusting it in 2018.

On Hiring

Joyce Yang

Yeah, that’s great, and thank you for that introduction. I think generally, you guys at MyCrypto have a certain scalability that most other companies haven’t experienced because your business is so correlated with the market. And you’ve experience kind of hiring as well as management that I think other companies are still going to catch up on because they’re now kind of heads down building and kind of scaling there. So what we’d love to hear from you is your experience in kind of going through the entire scaling of the company. And maybe with, how did you hire in the first place, what were the resources you used when you first started out? That’s obviously a pretty hard thing to do, especially within a new space and people are still experiencing that now. 

Taylor Monahan

So when I first started hiring, it was like we started hiring too late. Because the entire world was on fire and I was like answering all the support tickets and trying to still build the product and like actually write code and manage the community interactions and debug things and all of the above. And so it’s like quite embarrassing to look back on, but here’s the real raw scoop on how we first hired. Around 3 am one day when I was like absolutely just completely drained and overwhelmed and realize like I cannot do this by myself and I’m never going to have time to write the perfect job posting and put it out and recruit in that way. So I literally just stream of consciousness like wrote a big long Reddit post and posted it to our Ethereum. Basically, a call to anyone that would be down to help us in any skills mostly like development skills because we definitely needed like some more hands and eyes on the code base. And surprisingly we got a phenomenal response and I ended up interviewing probably 10-12 different candidates and then I hired I think 3 of those from that initial sort of pool. And I hired based on my gut, I never really hired anyone before. So here I was like all my choice, I’d given input at previous companies on who I thought the best candidate was, but I never like led an interview before, I never thought about it. And so I hired people that were passionate about this industry, who had a multitude of talents. So they weren’t just necessarily a developer, but they also we’re sort of game to other things within the company. I didn’t limit myself to only people located in Los Angeles, because at the time, I was just working out of my house, I still work out of my house. And so they were people all over the globe that I interviewed, and I really looked for…. Like I think I ultimately hired the people that I sort of clicked with the most, and was able to have like good conversation with, because I knew that if I can converse with them and have open communication with them, especially in a remote environment, and that they would be gamed to help out wherever we needed help, that those were going to be the most valuable people to me at the time. Some of those people were great and stuck with us for a long time, some lasted about 2 weeks before they were like “oh, this isn’t for me.”

Richard Lee

This is probably back when it wasn’t like just a bunch of scam post or post about what they’re expected to do like…. 

Taylor Monahan

Yeah, this is when our Ethereum…

Richard Lee

…the real community back then.

On Managing a Team and Creating a Cohesive Culture in a Decentralized Environment

Taylor Monahan

Yeah, it was still a real community, and that’s why if you wanted to reach out to developers, technically minded people, people who are game to build in this ecosystem, our Ethereum was the place to go. So that’s where the job worked. I will say this, it worked out surprisingly well given that I had literally no experience hiring before that. Today, we do things a little bit differently. We still source passionate people and people that have game to do more than one thing and add value in a variety of ways. And one of the things that I actually dedicate a lot of my time and effort to is figuring out how the team works together, especially in the remote environment, so it’s almost more about not necessarily hiring, but once they’ve been hired, how do we make sure that they are like the most successful or the best version of themselves. In this industry, a lot of the people are very young, so there’s a lot of the little things that we teach people about how we communicate better every single day, how do we make sure that the channels are always open? Where do you guys want to go in your lives? Where do you see yourself in 2 years, 5 years, 10 years? Especially with the younger demographics, they don’t necessarily…. Like we have to accept that they’re not assuming that they’re going to be with our company for 10 years. Ten years is like literally an infinite amount of time to them. So how do I keep them as happy as possible while they’re here? And how do I also set them up for success in the larger world? And I think that’s an interesting approach. Not a lot of people talk about take that approach, but I do want everyone that works for us, I want them to be successful with us, but also like where their lives take them, I want to make sure that I prepare them for that world. 

Joyce Yang

Those are my generally previously best managers who I worked with. So I definitely think you’re doing it right and I think that’s something that’s probably not talked about as often, just that advantage of centralized team which will less prevalent in the Blockchain world. So we’ll love to hear just any advice or findings that you found useful and effective, as well as the strategies.

Taylor Monahan

Absolutely. So this is something that is talked about or at least my answer is something that’s talked about a lot. It’s this big culture word, right? And I definitely undervalued culture especially in a remote environment. The way I underestimate it, I undervalued it, I didn’t dedicate enough resources to it early in the company. But I also didn’t really fully understand what culture meant. And what I’ve come to realize is that culture is kind of like each individual has whatever makes them tick. Why they’re passionate, why they work every single day, whatever they’re aiming for or hoping to achieve in the short term in the long term, like whatever makes them tick, that’s on an individual level. And then sort of my main job is to make sure that you take all these individuals and you create a cohesive team that also has the same sort of motivations or the things that make them tick, but on an organization wide level. And culture is not ping pong tables or you know, the means that you post and slack. Like culture is how do all these people come together every single day to reach common goals, to have fun while they do it, to grow personally and professionally. That’s sort of the culture. And especially in a remote environment, it can be very difficult to not lose that culture or not have culture at all. So some of the things that we have found work are just like me personally, I have to like talk and slack all the time, because most of our communication is via Slack, it’s typing. And if I was offline or if I set a precedence of not actively engaging or responding quickly, then everyone else will follow that pattern. We also found that making sure that as much conversation as possible happens in like sort of the public channels rather than like private channels or DM’s, that also is super important because one of the benefits that slack provides over your traditional office environment is other teams within the company, even if they’re not like…. So for example, our support team, even though they don’t write code on our core product, them being passively aware of what’s happening is like one of the huge benefits of having slack. So when we set up slack originally sometimes we…. Okay, you’re on the support team therefore you need to be in the support channels, but we didn’t necessarily add them to the development channels and stuff like that. What we realized is that everyone should be everywhere, and we should also encourage the developers to be aware of what’s happening with support and give insight or answer questions or whatever and vice versa. So you know, a support person is encouraged to maybe point out a bug in a development channel or ask why certain choices were made or whatever it may be. And then another thing that we implemented that really I think made…. I mean, you’d have to ask my team. I think it made a huge difference, it makes me feel better. We implemented an All Hands meeting which is on Friday mornings and it’s everyone, it’s a no agenda call, and we basically just videos on and we sit around and we talk about what we’ve done, we talked about the industry, we talked about news, we talk about whatever drama is happening on Twitter, sometimes we talk about our plans for the weekend. I try to keep it like a very light hearted no agenda call and allow people to just learn about each other and learn about whatever it may be. And I think those have been really valuable because you realize that this person is not a username that’s like on this other side of this computer screen, like they’re a real person that has interests outside of this job that they do or interests outside of Blockchain. Some people are more introverted, some people are more extroverted and all of these conversations help us connect better as we sort of work together via typing communication the rest of the time.

Richard Lee

Yeah, I feel like that seems kind of like a company lunch or like a company… like a decentralized company, right? All Hands, where everyone can talk about stuff that’s not related to work and kind of learn about each other more, which ultimately build more like trust and like cohesiveness. And they can definitely reflect on the overall company performance. 

Taylor Monahan

Exactly. 

Richard Lee

I mean, it’s interesting that you guys have that. And then does everyone in like a similar time zone or are you guys all over?

MyCrypto’s Decentralized Team

Taylor Monahan

So we are all over the globe. So I’m located in Los Angeles, we have a few other people here in LA, then we have people in Texas, Ohio, Canada, Netherlands, UK, Croatia. I think we have like… we’re pretty all over the place. And so when I say that All Hands meetings are on Friday mornings, they’re on Friday mornings for me. They’re throughout the entire day for everyone else. Luckily, the guys that are over in Europe you know, we scheduled calls as early as possible Los Angeles time so that it’s in sort of the afternoon or evening for the Europeans, and that works out pretty well. There’s definitely some times where I’m waking up far earlier than I want to, and they’re probably staying up for later than they want to, but we do make it work and we try to limit sort of the…. Like we don’t typically hop on calls or do a lot of meetings besides like our core check in meetings and then all hands meetings. Obviously we’ll randomly hop on calls if we want to clarify something and I encourage that, but I don’t overwhelm myself or my team with like endless meetings. 

Richard Lee

Yeah, technically like the advantage right? Like you just have like the inefficiency, just like too many meetings so…

Joyce Yang

Yeah, I used to have meetings only with agendas, and I’m like no agendas, no meetings. I’m like you have to almost do that.

Taylor Monahan

It’s a huge role, it’s like one of the biggest roles like you never have a meeting without an agenda. And I was like sitting there one day, I think it was like definitely a direct response to something happening in slack where I was like “I feel like we need to know each other better or like get to know each other better or be more informal.” I was like this interaction feels very robotic and I feel like I don’t know some of the team members. And I was like maybe there is value in having a no agenda meeting, and maybe the agenda is just to talk, which is not really a meeting I guess, because if I were to get on a meeting, that was trying to accomplish a goal. And if there was no agenda, then that would probably you know, it can be derailed very easily. But when you sort of say the agenda is to have no agenda and talk it, it ends up working out quite well. 

Joyce Yang

Yeah, that’s really interesting. And now I’m thinking you know, in our old jobs, we used to have the past HR surveys and how do you make company culture, how do you make your experience and employees feel fulfilled. I love to see this for decentralized companies and kind of have employees see results. That’s why they’re coming there. But moving on, we can talk about security which I think it’s something that’s really a big deal and what we really care about as well. I want to learn more from you as well. Just from a high level, how did you start having to worry about these things? How do you start implementing security practices into the team?

Instilling a Security Conscious Team at MyCrypto from Hiring to Culture

Taylor Monahan

So back when it was like just me and the original cofounder, so there was just two of us, we had been in crypto for a while. And when you’re kind of in this crypto scene, you have to be secure. So if you’re not secure, you get your crypto stolen. And because we’ve been in the space, it’s just sort of a natural evolution where you have a very small amount of crypto and you’re not very careful with it and you probably lose some of it whether it’s getting stolen or losing the private key or not backing up properly or something. And over time, you get better and better and you can invest in things like hardware wallets or air gapped computers or other fancy sort of mechanisms to keeping yourself secure. But that’s more like on a personal level, and then when we started the company and the company started growing, we actually found ourselves sort of the target for attackers. And that’s a very different situation to be in, because when you’re just a random person holding crypto, one of the best pieces of advice is like don’t tell anyone else that you hold a lot of crypto or any crypto for that matter because it avoids having a target being painted on your back, it just like eliminates a whole bunch of these risk factors. When your public face though, when I’m on this podcasts, when people know my name, I’m posting on Reddit, I’m building a product, all these things, suddenly you find yourself to basically have a target pain and on your back. And so as the company grew and as the amount of users that we had grew, I realized that this target was getting bigger and bigger, and it was terrifying. And I was always very privacy minded, and I was always very security minded, but I wasn’t very good at it, and I didn’t take it seriously. I basically realized that if I didn’t get ultra-paranoid and go like sort of full OCD on the situation, that we were going to be in trouble because one little mistake, one little opening, a hacker or an attacker will just sneak right in, that’s what they do. And so I sat down and it took me a good amount of time, and we still update it always, but I wrote down every sort of best practice that anyone had given me, that I had personally learned, that I’d seen. I mean, you see people make mistakes on Reddit, you learn from those mistakes. And then I talked to a lot of security researchers and security engineers and people that do this for a living. And then as we grew the team, I realized that “Okay, I can be ultra-paranoid and I can be ultra-educated and I can have perfect adherence to security” which there isn’t a thing by the way, but like I can try, I can aim for that. But every person that I hire, if they don’t have that same level of diligence, then that’s a potential opening, that’s a potential attack vector. And so I took sort of everything that I learned and have written down and all of this stuff, and we organized it in this sort of like, just broadly we have like a security policy which goes over like what we believe security is and at what point it is. And then we have this thing called the security action item list. And when you join the MyCrypto, before the contracts are necessarily even signed, you are fully aware of the security action item list and you just start from the top and you go down it.

Joyce Yang

Do you mean before the employment contract is signed?

Taylor Monahan

Yeah I mean, it’s like they have been sort of in tandem, but I found that it works better if they are…. I found that people on that people, if they see this security action list and they go “I’m not really into this” then it’s probably better that nobody signs a contract and we just sort of go our separate ways. You know, it’s not necessarily that they’ve completed the list before the contract is signed, but I definitely like people to be aware of our adherence to security before we’ve like fully committed to each other because it really is…. 

Joyce Yang

Yeah, can you just kind of give some examples? I’m curious.

Taylor Monahan

Yeah, so this is the thing that people have to understand about cryptocurrency. It is that because we’re dealing with digital money, and because we’re dealing with money that’s essentially is almost anonymous, the ROI for an attacker to get access to an individual’s private keys and therefore their money or our infrastructure or implement a phishing site that people click on it and other private keys on or a scam, so those…. I don’t know if anyone’s on Twitter, but like there’s all these crypto giveaway scams and they’re just like everywhere. They’re very classic scams, they’re like send us 0.1 Ethereum and we’ll send you 1000 Ethereum in return. And believe it or not, people fall for that. And the reason that all of these sort of scams exists and there’s all these people that are trying to find the little hole in your infrastructure whatever it is, is because if they do, if they win, they win this sort of anonymous money that they can then go and do whatever they want with. And that ROI is very different than say like a data breach. Even if it’s a data breach of Facebook or a data breach on I don’t know like Ashley Madison, what they do with that data…. The ROI isn’t as direct like “Okay, so maybe you can sell these data profiles, maybe you get some credit card information and maybe 1%, or 0.1% of them work and you can buy something, but there’s also this risk that if you buy something off Amazon and ship it to your house, then they’ll find you. And you know, crypto is not the same, it’s like if you get our money, you have the money; period, end of conversation. So once we establish that these attackers will go to great lengths to infiltrate basically anything, whether it’s the company, you as an individual, the users of our site, etc. Then you basically just have to go through every single sort of online account that you have and cryptocurrency account and your Facebook account, and you basically just start from the top. So we typically have people start with Google accounts, because those are sort of the most pervasive. I think most people listening probably have multiple Google accounts, some of them are old, some of them are secured by very weak passwords. And Google also makes it a little bit difficult to properly set up two factor authentication because they really want you to use your phone number. And one thing that we’ve learned is that using a phone number is not really a secure way of doing things. And so this security Action List basically teaches people, okay, you’re going to go into every single Google account that you have, you’re going to change the password, you’re going to make sure it’s strong, you’re going to enable two factor using Google Authenticator which is an application on your phone, it’s not your SMS, it’s not some other method that’s not as secure like this is. And then it’s also you know, there’s some like privacy minded things. So you know, do you really need this account? Are there things that you should delete out of this account? Do you have that old google plus profile sitting around somewhere with all of your personal information on it? And the same applies for Facebook, the same applies for Twitter and all of these different things. And then one of the things that we really have to have people understand is that because we’re in a remote environment and because crypto is something that has this tendency to take over people’s lives, we’re not making people just take these steps on their work related accounts. You have to secure sort of your entire life, because if you’re using Reddit to sort of answer questions or be a public persona and represent the company, but you also use it just on your phone to browse things, there’s no separation. And so therefore like your Reddit account needs to be secure; period, end of conversation. And I think most people understand that. I mean, I think the older generation may not, but we don’t really have like a work life separation in this industry, so we’re just going to secure everything. And yeah, it’s definitely one of the…. I mean, it’s different because most of the times, like my IT guy in my last job was always like you know, please don’t email plain text passwords around. 

Please really, please don’t, I’m like we’re still dead. Like in our company, if you were to do that, honestly if you just like slack me a plain text password or something that was securing any account, I would probably terminate you on the spot. Because it’s not necessarily that one password, it is that attitude. And if you start getting lacks about it and you start getting lazy you just slip up, they will take advantage of that and then our company and our product and our users, and the larger community is all going to be affected by the fact that you were lazy for half of a second one day. And it sucks to live in that sort of environment, but once you just establish that this is what you’re going to do and this is how you live, it’s way easier and it feels kind of good. Its kind of like working out, like it feels good. You’re like okay, this sucks but also like I’m confident and I’m happy about this at the same time. 

Richard Lee

How do you get that like mindset across to like other people in the industry? I know that’s a Number 1 priority for you guys. But for a lot of projects or companies out there, we always hear about like the hacks once it’s like too late. So besides just kind of learning from mistakes, how do you get that mindset across people?

Taylor Monahan

You have to, you have to. 

Richard Lee

To prevent more hacks, right? If some exchanges in Japan could get hacked, so…

The Problem with Security Control in a Digital Currency Company

Taylor Monahan

Yeah. No I mean, so one of the things that people have to understand is that it’s the people that got hacked, right? Whenever we like look at them and we’re like “how did you get hacked?” And a lot of times people like to blame and people like to be like “well, that was stupid.” Like you should have had more tests or you should have done this or you should have…” Well, it doesn’t really matter what the cause was, because ultimately they all have the same sort of thing which is someone somewhere at some point in time either missed something or made a mistake or slipped up and it was probably like a split second. It was like one little line of code or one little thing that accidentally got pasted somewhere where it shouldn’t have been pasted or one thing that everyone thought nobody was using, but they were using it. And by the way, it was securing all of her their funds in their wallet or whatever you know, but they all have this similarity where it’s this very little thing that ends up having these huge widespread effects. And instead of saying okay, make sure that we never make this exact same mistake, we have to say that we are all fully capable of making little mistakes. And if we’re not careful, we will all make little mistakes and they will have a lasting drastic effect on the company. And one of the ways that we can avoid making these little mistakes is being ultra-paranoid or all the time. And that sort of paranoia has to come from the top, but it also has to be then shared by all the individuals on the team. And even people who joined our team that weren’t necessarily paranoid before, they slowly become more paranoid and suddenly they’re sharing tips or they’re cringing at something their mom did. And one thing that that we do is we have like a dedicated channel in Slack, it’s called security talk. And we post incessantly about every bad thing that ever happens anywhere. And it helps it helps fuel that paranoia, because if every single day at some point in your day, you watch…. And it’s not just cryptocurrency, right? It’s everything in the world, it’s like it’s always getting hacked. So every single day, we find an article and we share it with each other, and then we read it. Your brain is like not really thinking about security for a minute and you’re like we’re pretty good, and then you’re like, Oh my God. Like it snaps you back to that reality and you just you know, once you’ve established that sort of culture and the adherence and you know, I think that I will say this. I did not think that being secure was like fun, I did not think that reading about hacks this fun, like I’m not that type of person. But I will tell you the way that people attack things and sort of the hacks and the way that a small little mistake here can escalate to have these really lasting consequences, it’s really interesting. And if you start reading those sorts of new stories and start following it, even if you’re not necessarily like a technical person, it’s fascinating, endlessly fascinating and it can teach you how to be better and more aware of your personal security, but also just like more aware that little things lead to big things everywhere in life. And like all we can do is do the best that we can. 

Richard Lee

And do you think it’s more of like a knowledge thing or like a laziness thing? Because I think from my perspective, I know maybe like storing something like a password on ledger books for example, rather than like a bunch of paper wallets over like a bunch of different regions. The ledger might not be like best practice, but it’s just kind of easier or storing them online for example, right? But is it more like a laziness or like do I want to spend that extra 10 seconds or a minute to implement this practice to ensure 100 percent that I’m secure. 

Joyce Yang

Yeah, following up with that, what advice do you have for folks who don’t have this Slack channel where they create paranoia?

Richard Lee

Every company should have. Yeah. 

Joyce Yang

How do you do it? What do other companies do? What kind of resources do you use? How do you go about training that? 

Taylor Monahan

Yeah, so to go back to the question of “Do I think it’s sort of knowledge or laziness?” I think it’s both. So I think like for example, when I first got in this industry, I didn’t realize that your phone number is not secure. I assume that two factor authentication via SMS was a perfectly fine way of doing things. And by the way, for like 99% of people in this world, it probably is. Because an attacker isn’t necessarily going to attack your phone. But if you’re running a company especially in the cryptocurrency space or you’re a public face or if you’re giving a talk or if you’re posting on Reddit and you’re being a troll like you know, anything, they will like basically just take your phone number and then they have all of your two factor access. And so this is a good example of originally it’s the knowledge that I didn’t know that this was a name, I didn’t know that hackers could just take your phone number and then they would have these services send codes to the phone number that they now control and log into your accounts, I didn’t know that. Now, once you do know that, so once you are educated by this, then comes the actual hard part which is you can’t ever let yourself sign up a new account and take like the default route of having your two factor codes linked to your phone number. You have to sort of go through these extra steps. And so it’s not really a knowledge education thing or a laziness thing, like it’s both. You have to be both knowledgeable and educate yourself, but you also once you know these things, you can’t let yourself get lazy. And so the way that I personally sort of stay up to date on the latest in security and second stuff is Reedit and like Twitter. So I follow people that are sort of security researchers or that tweet a lot about certain hacks or bad things that happen all over the world. And then also like, I have the Google news app which is Google controlling our lives. But it’ll basically generates like a feed of news items that are relevant to you. So if you do that, you can basically add security topics to it. Also, if you just like Google a whole bunch of like the Ashley Madison hack, the Facebook hack, the rise and hack, the whatever it is, Google knows you, so they’ll just start giving you that news within that app which obviously if your privacy minded you might not want Google doing, but I’ve accepted that Google is our overlords. And it pains me some days, but if it’s going to deliver my personalized news to me, I’m kind of okay with it on the other hand. 

Richard Lee

It’s just so convenient, right?

Taylor Monahan

It’s so convenient, it’s terrible. 

On MyCrypto’s Fundraising 

Richard Lee

So I’m going to switch gears and kind of talk about like scaling and growing more specifically in terms of like fundraising. So I know you guys have been around for quite a while, especially in the crypto space. So how did you guys do your initial fundraising? Like what kind of was like the thought process over time? 

Taylor Monahan

Yeah. So initially like early days, we basically just kind of split our time between paid jobs. So we had clients that we were freelancing for, and building websites for. And that sort of subsidized this fun side project that turned into this huge company. And then obviously, that doesn’t last forever, so we actually took a rather strange route for a crypto company and we did a very traditional series around just this past spring summer. And we did it so typical, like we did it so traditional. I found investors that were part of the crypto scene who had experience with a lot of crypto companies, who had experienced with non-crypto companies, who would be our champion, who would tell me the things that I wasn’t looking out for and how I should do certain things and what things I should keep on my radar. And so for those that don’t know, the biggest sort of phenomena that happened in 2017 was these ICOs. And ICOs are basically… it stands for Initial Coin Offering. But the sort of crypto way of raising money is that you come up with an idea for a product or a project, you write out sort of a specification, it’s called a white paper, of like what this product is going to do and what you hope to accomplish. And you generally make a lot of promises and you have a roadmap and all those things. And then you create this token, and some tokens fit more naturally into the original vision of the product, and some don’t fit as nicely. But you create this token that’s going to somehow add value to your product, but also is going to gain value. And then to fund yourself, you basically sell these tokens, you sell the promises in the light paper, you sell your roadmap, you sell these to random people all over the globe. They’re not necessarily investors like they’ve invested in cryptocurrency, but they’re not necessarily venture capitalists, they don’t invest in other companies, they’re not credited or anything like that. It’s I guess more similar to like a Kickstarter type experience where you have a lot of people throwing a little bit of money. The difference is with Kickstarter, the individuals give the money to the project, the project then usually gives like maybe a free sample in return or whatever. With these tokens, you have these tokens. And then the entire sort of environment changes because now these tokens are traded openly on the market immediately, and so they have liquidity. And so the people that are investing in your Kickstarter probably like want to see your vision come to reality hopefully, maybe get like that backpack or whatever out of it at the end of the day. The people that are investing in your…. it’s hard to even call it investing in your company. The people that are buying your token are not necessarily invested in your company. They are looking to make money off of selling this token on the open market, and they can do so immediately. So that’s my perspective on tokens. You can go read about them to get other people’s perspectives, but….

Richard Lee

We love that. Right. 

Taylor Monahan

Yeah. And the way I looked at it is this. Is that the advantage of doing ICO and this token mechanism is that you gain hopefully a strong community of people that are hopefully going to use your token and promote your product and all of these things, but you don’t necessarily have people that are truly invested in you and you don’t necessarily have people that can help you. So when you do a more traditional fundraising, hopefully your investors or people that have experience and have watched other companies go through the challenges that basically I think every company goes through. You have their resources, you have like our investors help immensely with recruiting, they help immensely. If I’m struggling to figure out how someone else did something or why I’m not doing something the right way, when you do it ICO, you don’t necessarily have that because your sort of investors are essentially random people on Reddit and Twitter who want the price of the token to go up. So that’s one reason that we opted for the traditional round, and it’s something that I hope companies in this space are weighing a bit more heavily if they are making decisions about fundraising. What are you ultimately trying to gain? Because it’s not only about the money, capital is not going to be your limiting resource, it’s never the limiting resource. It’s always whether it’s people or talent or experience or overcoming the obstacles that will be in your way. Those are those eliminating resources, so figure out how to get from point A to point B. And then as a secondary thing, figure out where or what mechanism you’re going to use to get the capital to get there. 

Richard Lee

And then I guess like how have you guys leveraged your investors? I know the round just closed several months ago. What are some ways that you guys were able to utilize like their experience or maybe other portfolio companies, crypto companies they’ve invested in?

Joyce Yang

What’s the difference between working with crypto-native investors and non-crypto – native investors?

Taylor Monahan

Okay. So we’ll start with…. So recruiting people and basically being tapped into the sort of the crypto community, but it’s a different level. I talk with other founders and we talk about certain things, but I don’t necessarily ask other founders if they recently lost anyone on their team that they’d be willing to give us or whatever. But just being sort of tapped in from a different perspective, the investors just generally hear things or they have people that maybe aren’t currently in the crypto industry but are looking to get in. One thing that I didn’t realize about investors because I initially thought that they just give you money and then they go off. No, they want to help. And so asking them for advice, asking them to…. Specifically, I was having a lot of trouble trying to figure out how to make decisions. Like I didn’t trust my gut, I wasn’t trusting my gut. I wanted to figure out like “hey, how do other people make product decisions, or big companies make decisions?” And so that’s one of the questions that I asked of our investors, and some people gave me their advice, and some people gave me the experience of other portfolio companies. And some of them were like “Hey, you should really talk to this this guy over here because he’s been making product decisions for 15 years and he’s a genius at it.” And so I was able to have a conversation with him and ultimately I learned and I’m better and our company is better for that. So those are some little ways. So the difference between crypto investors and non-crypto investors are non-crypto investors, you have to explain what crypto is to them because they don’t get it. 

I think every investor that we have does have a slightly different perspective, but the ones that aren’t in crypto are… how do I say this? They have a tendency to give me advice that also gently reminds me that crypto is a very niche part of this world and that 99% of the world still doesn’t know what crypto is, and like “Hey you don’t have to reinvent every single wheel.” I know we’re trying to disrupt the financial industry, I know we’re trying to do all these revolutionary things, but you’re still are going to have the same problems with things like internal communication and building that culture and recruiting. Like these are not new challenges, and therefore you can learn from any company and any experience, from anyone. This isn’t crypto exclusive and maybe just stick to doing things the traditional way instead of trying to reinvent the wheel. I think that’s been probably the biggest, most prominent piece of advice that I’ve gotten. 

Richard Lee

I think it’s time we’re wrapping up.

Advice for New CEOs

Joyce Yang

One last question before we go. I’m super curious talking to a lot of obviously very smart people in the industry who are running companies, who and what resources that you’ve gone for, that you found to be super smart for you.So say for example security, right? Is there anyone you even go to for resources?

Taylor Monahan

So specifically with security, his name is Ryan McKeon. He has been a…. Let’s see, he did security at Facebook, he did security at Coinbase, he is just this such a dominant force in the security industry but also obviously in the crypto industry. And he’s the one where when I’m stuck or my team is stuck, or I want ears or eyes on something, he’s the one that I lean on. And so more broadly, I think that there’s never a sort of one size fits all solution for any sort of problem or thing that you’re trying to accomplish in a company. But I will say that having like heart to heart conversations with people or saying “Hey, I need help or Hey, I need your advice” is one of the most powerful things that you can do as a leader of a company. Because people will give you more information and more raw information and be able to better help you just infinitely more than say reading endless blogs well. Like a single half an hour conversation with someone is going to give me more real information that more perfectly addresses my concerns, than say like googling well. And this applies for everything, whether it’s security, whether it’s recruiting, whether it’s the legal regulatory side of things, it’s all the same. And I think that’s one thing that I try to get sort of better at every day, is knowing that I don’t have all the answers, and therefore it’s not necessarily the most important thing for me to pretend that I have all the answers, but that my real skill is knowing how to get the answer. And so saying things like “Hey, I need help or can you do this? Or do you know anyone who….” Those phrases, they…. I think I used to think that they showed maybe weakness and I wanted to like pretend that I had this whole thing figured out, but the amount that I’ve learned when I say, I don’t know and I need help, it makes me and my company and my team so much better for that. 

Richard Lee

If  any listeners would like to reach you or have questions, would you like to share I guess a Twitter handle or…

Taylor Monahan

So Twitter is definitely my go to because it forces me to be concise. So at MyCrypto is the primary Twitter, I’m always on there. And then if you go to [mycrypto.com], that’s like our main product, but if you scroll all the way down to the footer, we have like all of the social media that you could ever want. So whether you like to connect on Facebook, if you want to read like our Medium blogs, if you want to go to our Reedit, we have a Discord chat, we got it all. So no matter what thing you prefer, they’re all in the footer on [mycrpto.com]. 

This interview was conducted in late October, 2018

0 comments on “Interview with Taylor Monahan on Building a Security Conscious Team at MyCrypto from Hiring to Culture

Leave a Reply

%d bloggers like this: