Video

Technically Speaking, Episode 2: Cybersecurity, Data Privacy, and AI

Published:


Share this video:
Facebook Logo
Twitter Logo
LinkedIn Logo
Share Email Logo

This interview has been edited for clarity.

Asa: 

Do you think current privacy restrictions go too far? How do you think companies can strike the right balance between data privacy and innovation? 

Mike: 

It’s interesting, right? I think we are headed in a positive direction. Privacy activists are happy that governments and other entities are taking privacy seriously. Really for the first time in the last five years.

I think there’s often a disconnect from reality when regulations are put into place. When you put one regulation in place for every single type of business in an entire jurisdiction, there are going to be cases where the legislation doesn’t make a ton of sense for that business. 

Obviously we need to be in compliance. We can’t afford to be deliberately out of compliance. But what does compliance actually mean for us? How do we ensure that we’re still able to be competitive, and in some ways, use that compliance to our advantage to be competitive? 

There’s a balance for sure. I don’t think they’re mutually exclusive.

Asa: 

On that note about data privacy, how does your team approach data protection and privacy compliance? 

Mike: 

So the information security team at Salesloft is actually responsible for privacy, but we’re not alone in that fight. We are working extremely closely with our marketing team, our sales organization, our engineers, our product team, our infrastructure team, and maybe most importantly our legal team.

Our legal team has the training and expertise to be able to read legislation and understand how that impacts our business. So, when you think about our sales motion, for example, there’s a lot of technology involved in that process, and there’s a lot of data that flows through our systems. For us, that means ensuring that the configurations in our systems — the way we work with our legal team to get interpretations of the law that are accurate — that put us in compliance. That has to translate into process as well. 

So that requires us to work with  risk owners across the business. It requires a true village to be able to remain in compliance and have that compliance be meaningful for our business.

Asa: 

Well, Mike, I think what you’re talking about from an innovation and a competitive standpoint really feeds into this next question. How have your feelings about AI changed or developed in the last six months? 

Mike: 

The Salesloft platform is a tool that has used AI for years. We firmly believe that there are some things that machines are good at, but they’ll never fully replace  the human element of sales. Over the last six months, I think the most disruptive kind of event has been this advent of large language models and generative AI. 

We recognize that generative AI is a really, really important technology for the sales industry. But for security leaders, when we see an emerging technology, we just think of how it can be exploited by adversaries. So, that is the first thought that we had on our team internally about generative AI. At the same time, it is an important technology. It’s a technology that security teams can use to their advantage as well.

On a personal level, I’ve had a little bit of a shift away from this being a scary new technology. I still believe that. But now I’m more understanding the importance of it for our business, for our industry, and then also, again, the kind of the advantages that it brings to a security team to be able to even use it to detect threats, for example.

Asa: 

A term I hear coming up a decent amount at Salesloft is “explainability in AI.” Can you tell me more about that? 

Mike: 

Look, again, machines are good at some things. Humans are good at lots of things. And one of the things that humans are really good at is understanding reality. So if a machine says, “This is a thing that you should go do,” it helps for a human being to be able to understand why

Why are you suggesting this? What are the data elements that went into this being recommended for me?  That way, I can make a decision as to whether that’s actually the best thing right now for the deal that I’m in, for example.

Asa: 

Things that make the Chief Information Security Officer skin crawl. Things that keep you up at night. What are some of those emerging cybersecurity threats that you see becoming a bigger concern? 

Mike: 

I think we’re going to see a continued focus from adversaries on identity infrastructure. So, if you look over the last year plus, incidents at LastPass and Okta — and obviously those companies have a really tough job.

They are under constant pressure facing their targets for adversaries. I think we’re going to see a continued focus there. Then I also think generative AI is a useful tool for adversaries. We as human beings, as security teams, are going to have to adapt to make sure that our organizations are resistant and resilient. Resistant to and resilient from attacks that involve generative AI.

In the first three episodes, join Salesloft security leader Mike Meyer for an inside look at why we keep seeing CISOs in deals, what’s on security’s mind during the sales process, and what’s ahead of data protection.

Salespeople keep seeing security leaders in deals. That’s how the trend is trending. But to go a level deeper, we need to talk about threats in the cybersecurity landscape — that means learning about data protection in sales and how the emergence of AI plays a role.

In Episode 2 of Technically Speaking, Salesloft VP of Technology and Information Security Mike Meyer and Senior Sales Director Asa Winchester go over the balance between innovation and privacy, including using security to your advantage. Plus, they share what teams within your organization should compose your compliance village. 

Check out the rest of the series

The days of traditional security threats being physical are long gone. But these modern data, cybersecurity, and AI threats don’t have to make us fearful. With the right compliance village in place and a healthy dose of caution and training, your company can handle any new security risks that pop up, which is perfect because in the third interview between Asa and Mike, they explore the security risk that comes with product innovation. Check it out below. And if you missed their first interview on CISOs in the buying committee, go back and watch that one. You can also watch more episodes below or by visiting our Resource Center.