Last week the news broke that Bob Lord would be joining Yahoo! as their new Chief Information Security Officer (CISO). He starts his new role in 2 weeks.
Bob is a former colleague from Twitter who helped prepare us for the IPO in November 2013. He's wicked smart and knows more about security & compliance than nearly everyone on the planet. He also happens to be wonderful human being who is a delight to work with.
When I heard the news about Bob's new role, my first reaction was to congratulate Marissa Mayer for making such a great hire. My second instinct was to invite Bob to visit the Bigcommerce Engineering team before he started work at Yahoo. He was gracious enough to accommodate my request.
I asked Bob to speak to our team about IPO-readiness, including topics such as: InfoSec, AppSec, PCI, SOX, limits on production access, cautionary tales on phishing & social engineering. Typical stuff.
Thankfully, Bob ignored my specific request and instead gave us a higher-level talk about human behavior and motivating organizations to be security-minded. It's a far more interesting presentation than what I had envisioned, and is a testament to the type of thinking that Bob will bring to the CISO-role at Yahoo.
Bob joined Twitter 4 years ago, and he appropriately entitled his presentation "Things I Wish Someone Told Me in 2010." It's a fascinating talk that articulates the need for all organizations to have a holistic approach to security.
We've recorded the presentation which we've posted to the BigEng YouTube channel:
I'm thankful to Bob for speaking to our team and I know he's going to make a huge impact on Yahoo!