Massive growth in Zoom’s customer base as a result of the COVID 19 pandemic brought new business – but also new challenges and security requirements. Establishing a CISO Council gave those customers a voice and a seat at the table, writes CISO Jason Lee.
Executives have a history with the “ivory tower” — a notion that some leaders cut themselves off from the rest of the world as they fervently work on pressing matters. It’s both a cliche and occasionally accurate. With a full plate of responsibilities and the weight of success on their shoulders, leaders can inadvertently become isolated from the rest of their organization.
From my experience, the best work stems from relentless collaboration and a constant feedback loop. It comes from the opposite of isolation — from building a community you trust.
Collaborating with a community was particularly vital when I joined my current company. As our customer base broadened in the wake of the COVID-19 pandemic, so did the use cases for our platform, with enterprises, educational institutions, healthcare organizations, and more adapting and modernizing their services via our technology.
Spotlight: COVID, Cloud Sovereignty and Other 2022 Trends with DigiCert
But with new use cases came new security requirements, and we had to find new ways to remain nimble and innovate. We needed to identify the right features for protecting a growing customer base with ever-evolving needs, and do so on a global scale.
We knew our internal perspectives weren’t going to be enough to address the magnitude of this responsibility. We needed to tap into the power of the security community for support and a new point of view.
Mobilizing a CISO council
Collaboration across the security industry is one of the most effective ways to implement best practices and anticipate customer needs. That’s why we launched our CISO Council last year — to establish an ongoing dialogue about privacy, security, and technology, share ideas, and learn what the landscape needs from us as a provider. Consisting of customers from various industries, the CISO Council meets regularly to discuss product strategy and Zoom’s wider security program.
Four Signs You’re Ready for a Virtual CISO
By fostering a real-time feedback loop consisting of trusted customer voices, you can make better-informed decisions as a company — decisions that directly address customer needs and preferences. Meeting on a regular basis also encourages real-time feedback and can help you stay on top of emerging threats and evolving preferences and behaviors.
Identifying your ecosystem
While we were able to establish our own CISO Council, that’s not the only format for creating an ecosystem of support and feedback. There’s no one-size-fits-all way to gather external perspectives. But there are a few key principles that you can follow to build your own security community tailored to your needs:
- Maintain a customer-centric mindset: Every innovation should start with the customer — the problems they face, the goals they’re hoping to achieve. When identifying feedback sources and trusted stakeholders for your ecosystem, remember to start with existing customers or organizations in relevant industries.
- Learn from those in similar positions: While your company is unique, there are also many organizations out there that have been or are currently in similar situations. Is your company experiencing sudden growth or attempting to break into a new market? Someone may have just recently overcome that hurdle. Identify the CISOs and other security stakeholders who are in companies facing similar challenges; they can share their own experience and relevant insights.
- Prioritize meaningful feedback: Feedback is essential for sustainable growth. Without input from the right stakeholders, you may waste precious resources building misguided or unneeded features. Identify the kind of feedback you need — and at which stage in production you need it — to ensure you’re making informed decisions and are heading in the right direction.
New IoT Security Regulations on Tap in U.S., U.K.
Strength in numbers
The security community is defined by its passion for protecting the public, and it’s a passion that binds its members together. By tapping into that network, you can gain the perspective and support that’s essential for tackling challenges and tailoring security strategies to customers’ needs.
We’re all better when we work together. An ecosystem of experts can help you build a sustainable foundation for success, resulting in intentional innovation and happier customers.
Pingback: State of Modern Application Security: 6 Key Takeaways For 2022 – Raymond Tec