Leveling Up Security In Big Organizations With Geoff Kershner

Bringing large organizations in line with modern security practices can be a tricky task, especially when they don’t understand how valuable security is to the business and your customers. Today we speak with Geoff Kershner, Chief Security Officer at Medallia, who brings 25 years of experience to bear on leveling up the security of big organizations. After sharing highlights from his career, Geoff talks about the shift from consulting to running Medallia’s security team. We then dive into what their security team looks like and Geoff explains his security philosophy. We discuss how Geoff integrates security into Medallia’s engineering teams through security champion programs and the benefit that upskilling their security practices has for employees. Considering the often hybrid nature of their work, Geoff details how Medallia’s security champions function both workflow-wise and in terms of their role expectations. Focusing on more specifics, we ask Geoff what he looks for in new hires, how his security and developer teams work together, and how product and cloud security are managed. We also touch on how Geoff evaluates security tools and how leveling up security requires being able to adapt your security message to bring your organization along with you, instead of combating them. With a treasure trove of experience, our discussion with Geoff is filled with insights. Tune in to hear more about growing security within big organizations.