Jason Chan is a seasoned cybersecurity veteran and former VP of information security at Netflix. Following his departure from the streaming giant, he has garnered faith from several startups as a cybersecurity advisor for a host of startups, including Sentra, an Israeli cybersecurity company set on helping organizations regain control and secure their data on the cloud; and Torq, an Israeli tech startup developing a platform that handles information security threats via code-free automation.
Chan spoke with the Jerusalem Post and elaborated on the future of digital transformation, the evolution of the modern cybersecurity industry and what a cybersecurity advisor actually does.
What’s on the day-to-day “Cybersecurity Advisor” agenda? What does your work look like?
"I work with about 12 different startups, and the vast majority of those are startups in the cybersecurity space that are looking for guidance or input on product-market fit and things like that. Then I have a few startups I work with that are trying to build out a security program, and they need some guidance and advice there. So those are the two main sorts of engagement models.
"In terms of what that looks like day to day, it's typically introducing founders to [businesses] that might be interested in either purchasing or providing feedback on the startup’s product; or providing feedback on a product’s progress and [its trajectory]. I wouldn't say it’s quite like product management, but almost like trying to be the voice of the customer in a [fairly] consistent way."
"In terms of what that looks like day to day, it's typically introducing founders to [businesses] that might be interested in either purchasing or providing feedback on the startup’s product; or providing feedback on a product’s progress and [its trajectory]."
Jason Chan
So what is the voice of the customer asking for or saying in terms of today’s business-to-business cybersecurity environment?
"Companies are becoming more and more digital and entrenched in tech, so what you have to manage just keeps getting bigger and bigger. At the same time, security threats aren’t going anywhere. So really the voice of the customer is asking ‘how do we procure and integrate solutions that provide a sense of leverage for our teams - meaning that they can put a little bit into it, but get quite a lot out of it.’"
How has the cybersecurity field evolved during your career in the space?
"The biggest [development] has been digital transformation. Cloud was the first leg on that journey, with companies migrating to the cloud and really recognizing the benefits they can have in terms of velocity and efficiency; security teams are really also able to leverage those mechanisms to get a lot more efficient, a lot more automated.
"The second stage of digital transformation is organizations really recognizing that their ability to extract value from the data they have is sort of fundamental to their ability to compete. Whether it's through things like analytics, or in a more advanced way, things like machine learning or AI, they recognize that [extracting value from data is] really the key to success.
"Because of this, there’s now this proliferation of data stores and data infrastructure. The problem of managing data and enterprises is really multi-dimensional: it certainly [touches on] security and privacy, but also legal, regulation, retention, backups and all. That was a problem we certainly spent a lot of time on during my time at Netflix. Because there were so many [facets], it was difficult to determine who the right person to run with was.
"This is a great opportunity for security teams to step into that void and move into a place of leadership when it comes to the responsible use of data that really unlocks the business value that companies are looking for."