Former Salesforce exec joins Zoom as CISO

Dive Brief:

  • Jason Lee is joining Zoom as chief information security officer starting Monday, the company announced Wednesday. 
  • As CISO, Lee will oversee Zoom’s product and application security, and network and system security, a company spokesperson told CIO Dive in an email. He will report to Chief Operating Officer Aparna Bawa. 
  • Lee is leaving his roles as SVP of Security Operations at Salesforce, according to his LinkedIn. He previously served in security engineering and development roles at Microsoft.

Dive Insight:

Zoom is ending its 90-day security and privacy plan, which it put in place following highly publicized flaws in March. The company issued a “feature freeze” for the duration of the 90 days, ending in July, as it reevaluated weak spots in its platform. 

Because of Zoom’s missteps,” CEO Eric Yuan is pivoting the platform toward a privacy- and security-first mindset, he said. 

During the 90-day period, the company cultivated an advisory board of outside CISOs, including Alex Stamos, Facebook’s former chief of security. Last week, Yuan announced the company would offer end-to-end encryption to all customer tiers, consumers and business.

Though some organizations banned Zoom’s use, the company is a leader alongside Microsoft and Cisco on Gartner’s Magic Quadrant for Meeting Solutions. 

Zoom’s mass adoption in March highlighted flaws frequently slip under the radar. The company initially had a “sub-par encryption scheme” for meetings, though its template was standard compared to other competitors. 

However, for companies wrapped up in maintaining business continuity, Zoom’s value outweighed its flaws and the platform’s business grew. Zoom’s revenue increased 169% year-over-year and its business customer base grew 354% YoY, according to its Q1 2021 earnings

As the company is working to bolster internal capacity, Lee is taking on every aspect of security. Data protection, offensive security, and identity and access management round out his responsibilities as CISO, according to the spokesperson.