Justin Berman has one of the most important jobs at Dropbox.
As head of security, he oversees the company’s cybersecurity strategy, its defenses and works daily to keep its more than 600 million users’ data private and secure.
No pressure, then.
Berman joined the file storage and workspace giant a year ago during a period of transition for the company. During its early years, Dropbox was hit by a data breach that saw more than 60 million user passwords stolen during a time where tech giants were entrenched in a “move fast and break things” culture. But things have changed, particularly at Dropbox, which made good on its promise to improve the company’s security and also went far beyond what any Silicon Valley company had done before to better protect security researchers.
In this series, we’ll look at the role of the CSO — the chief security officer — at some of the biggest companies in tech to better understand the role, what it means to keep an organization secure without hindering growth and what advice startups can learn from some of the most experienced security professionals in the industry.
We start with Berman, who discussed in a recent interview what drew him to the company, what it means to be a security chief and what other companies can learn from Dropbox’s groundbreaking security policies
This interview has been edited for length and clarity.
TechCrunch: You’ve been at Dropbox since June. Before this you were at Zenefits, Flatiron Health and Bridgewater. What brought you to Dropbox?
Justin Berman: First and foremost, I think the people here are amazing. And I think the problems I get to solve here are not the ones that a lot of security leaders find themselves solving. Because the company has had a historical commitment to security, privacy, and trust and risk, I’m not coming in and having to boot the culture of security from the ground up. That culture already exists. And the question we ask ourselves is how do we use that culture to do the right level of things as opposed to just doing as much as possible where you might slow down the business?