The Role Of Flexibility In Success With Geoff Belknap artwork

The Role Of Flexibility In Success With Geoff Belknap

The Secure Developer

July 19, 2021

An initial passion for networking and telecommunications led today’s guest on a journey into the world of security. After gaining experience building security from the ground up in a few companies, he is now working as the chief information security officer (CISO) at LinkedIn.
Speakers: Geoff Belknap, Guy Podjarny
**Geoff Belknap** (0:00)
The CEO is not the main person that shoulders risk for the organization. If you interviewed 100 CEOs, I don't think any of them would say, it's my job to own all the risk for the organization. They would say it's their job to clear all the obstacles and make sure that people have what they need to succeed.
And I think about security in a similar way. I want to remove roadblocks from people.

**SPEAKER_2** (0:22)
Hi, you're listening to The Secure Developer. It's part of the DevSecCon community, a platform for developers, operators, and security people to share their views and practices on DevSecOps, DevSec collaboration, cloud security, and more. Check out devseccon.com to join the community and find other great resources.
This podcast is sponsored by Sneak. Sneak is a Dev-first security company, helping companies fix vulnerabilities in their open-source components and containers without slowing down development. To learn more, visit sneak.io, s-n-y-k dot i-o.
Welcome back to The Secure Developer. On today's episode, Guy Podjarny, founder of Sneak, talks to Geoff Belknap, chief information security officer at LinkedIn. With more than 20 years of experience in security and network architecture. Previously, Geoff was the chief security officer at Slack, responsible for physical and information security. He has held numerous technical leadership roles in the financial services and telecommunications sector. Currently, Geoff serves on the board of the Bay Area CSO Council. Geoff has a bachelor of science in business management from West Governors University, and is actively involved as advisor to a number of startups on cyber security and policy. He is a member of the CSIS Cyber Policy Task Force for US and international cyber security policy.
We hope you enjoy the conversation, and don't forget to leave us a review on iTunes if you enjoyed today's episode.

**Guy Podjarny** (2:01)
Hello, everyone. Welcome back to The Secure Developer. Thanks for tuning back in.
Today, we're going to talk about security at scale and how do you make it work with someone who I'm fortunate to actually have for the second time on the podcast, which is a rare profile, and that's great, and that's Geoff Belknap, who is the CSO at LinkedIn. Geoff, thanks for coming on to the show. Again, clearly, I haven't sort of chased you away sufficiently in the last session.

**Geoff Belknap** (2:25)
Thanks for making the mistake of having me on twice. Let's see if we can go for a third one after this.

**Guy Podjarny** (2:30)
Let's see, you know, one step at a time.
Geoff, we have a whole bunch of kind of interesting topics to talk about from scale security and how do you measure it and know you're doing it right and how does that work in a large organization. Before we dig into all of those, can you tell us a little bit about what is it that you do and maybe like a little bit of the path that got you into security? I believe you kind of came in through the network routes and I don't know if it's evolved or devolved into security after that.

**Geoff Belknap** (3:00)
Yeah, yeah. I think, well, I sort of got here accidentally, but where is here? I am the chief information security officer at LinkedIn. So I'm the senior most executive responsible for information security at LinkedIn. So everything is my fault, although in actuality, not quite everything. But I'm responsible for product security or application security or security operations organization. So hunting and finding bad people doing bad things on our environment, governance risk and compliance and customer vendor security, things like that, cloud security, infrastructure security, et cetera. Which is interesting because I got here because I was really passionate about networking and telecommunications. So before I started in security, I had a career for, I don't know, 10, 15 years doing sort of network and telecommunications architecture, and that stuff was always really interesting to me. But like a lot of people, when I was young, I wanted to be a cop or a firefighter or I think a helicopter pilot or something like that. And sometimes we never let go of our sort of basal childhood instincts. And there was a point in my career where I had an opportunity to join a network security startup.
And what they were doing was a company called Salera Networks. They were recording packet traffic off the wire and sort of slicing it and dicing it and doing security stuff with it. And that was very interesting, because I was doing a lot of that stuff with a network perspective, and applying security to it was obviously very appealing to me. And I got an opportunity to learn what the security space was all about, what the problem space was, what the industry was all about. And that was really fascinating for me and really just sort of drew me in.

40 more minutes of transcript below

Feed this to your agent

Try it now — copy, paste, done:

curl -H "x-api-key: pt_demo" \
  https://spoken.md/transcripts/1000651996090

Works with Claude, ChatGPT, Cursor, and any agent that makes HTTP calls.

From $0.10 per transcript. No subscription. Credits never expire.

Using your own key:

curl -H "x-api-key: YOUR_KEY" \
  https://spoken.md/transcripts/1000529349849