Gong’s Jack Leidecker on Balancing Innovation and Security

In this episode of Ahead of the Breach, Casey speaks with Jack Leidecker, CISO at Gong, who shares his extensive experience in cybersecurity, emphasizing the importance of proactive measures to enhance organizational security. He discusses the value of hiring offensive security professionals to identify vulnerabilities and strengthen defenses. 

Jack also highlights the need to balance rapid innovation with effective security practices, ensuring that development teams can work efficiently without compromising safety. Additionally, he provides insights on building a robust security program from scratch, stressing the significance of aligning security initiatives with business goals. 

Topics discussed:

• The necessity of implementing proactive security strategies to identify and mitigate potential vulnerabilities before they can be exploited.
• The importance of recruiting creative and offensive-minded security experts is discussed, as they can effectively challenge existing security measures and identify weaknesses.
• The need for organizations to balance rapid technological advancements with robust security practices to protect sensitive data and systems.
• How to develop a comprehensive security program, focusing on aligning security initiatives with overall business objectives.
• The value of regular penetration testing and security assessments to ensure that organizations remain vigilant against evolving threats and vulnerabilities.
• The importance of understanding the specific needs of the business to tailor security measures that effectively support organizational goals.
• The significance of being able to quantify the impact of security initiatives to demonstrate their value to stakeholders and secure necessary resources.
• The value of conducting red team exercises, as they provide a more creative and realistic approach to testing an organization’s defenses.
• The necessity of cross-departmental collaboration to foster a culture of security awareness and ensure that security practices are integrated throughout the organization.
• The importance of communicating security needs and strategies effectively to stakeholders is highlighted, ensuring that security is prioritized at all levels of the organization.