Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

5 Minutes With

5 minutes with Jason Lee, Zoom CISO: Top 4 cybersecurity trends for 2022

By Maria Henriquez
SEC_Web_5Minutes-Lee-0222_1170x658.jpg
February 3, 2022

Security sits down with Jason Lee, Chief Information Security Officer (CISO) at Zoom, to discuss his top four cybersecurity predictions for 2022.


Security: What is your background? What are your current roles and responsibilities?


Lee: I have 20 years of experience in technology and specialize in information security and operating mission-critical services. In college, I started out pursuing a degree in finance, but I also enjoyed hacking as a hobby. After taking several computer science courses in college, I double majored in finance and computer science, combining my passions for both areas of study. Looking back at my career, I consider the path I took to be fairly “traditional.”


I started my career at Microsoft, and that’s where my interest and passion for security ignited. My next role was at Salesforce, where I was SVP of Security, where I headed up a team of more than 300 security professionals who delivered critical end-to-end security operations to customers and employees. These solutions included company-wide network and system security, incident response, threat intel, data protection, vulnerability management, intrusion detection and identity and access management. 


Then in June of 2020, I joined Zoom as CISO. Zoom was experiencing rapid growth at the time, and most of my new colleagues were working remotely. As a result, my primary focus has been to protect critical information, including customer data, employee data, and source code. I’m also responsible for educating and arming employees with security best practices to ensure they’re prepared for and protected against security threats. 

 

Security: How has cybersecurity evolved during your career?


Lee: Since my first security role, I’ve realized that the most important aspect of cybersecurity, in general, is thinking about the bigger picture. In security, you always need to be thinking ahead about what might come down the pipeline. This includes looking at third parties related to the business, assessing how to best manage any risks and making sure vendors are also secure. 


In 2021, the world experienced new cyberattacks and lessons learned when it comes to cyber vulnerabilities. Remote work has made people and organizations more susceptible to attacks, which has exponentially increased the importance of thorough cybersecurity program assessments and business continuity and disaster recovery plans. Experts are continuously working to make educated guesses based on the market in order to help businesses be proactive, not reactive, when building their cybersecurity plans.


Cybersecurity used to be a nice-to-have, but now, companies recognize that it’s a must-have. They can’t rest on their laurels when it comes to security. Threats have become more advanced and attackers more experienced, so a proactive security strategy, not reactive, is necessary. 

 

Security: What are the most significant cybersecurity trends you expect to see in 2022? 


Lee: 1. To adapt to hybrid working environments, more companies will drive to adopt the Zero Trust security model. Conversations around protecting the hybrid workforce from risk will lead security professionals to adopt modern tools and technologies, like multi-factor authentication and the Zero Trust approach to security. I believe that companies need these tools to make sure their employees can get work done as safely as possible from wherever they are — commuting, traveling, or working from home — and that all of their endpoints are secured with continual checks in place.

 

2. Security leaders will step up their protections against third-party risks. In security, you always need to be thinking ahead about what might come down the pipeline. From SolarWinds in December 2020 to Colonial Pipeline and Kaseya in 2021, our industry saw a distinct increase in supply chain attacks. CISOs and CSOs will need to make sure their vendors are also secure. This includes looking at third parties related to the business and assessing how to best manage any risks.

 

3. More public technology companies will create dedicated cybersecurity committees on their boards of directors. One of the most impactful things we did at Zoom this past year was to institute a three-person committee on our board dedicated to cybersecurity matters. Having security industry experience at this level is incredibly valuable, allowing us to readily address concerns and issues in industry shorthand. While this approach is still relatively new, it has been incredibly beneficial, and I wish we had done it sooner. And I’ve heard peers express strong interest in recreating this approach at their own companies, which leads me to expect this will be a priority for organizations in the new year.


4. The security hiring boom will continue. We know that cybersecurity professionals are a hot commodity across industries due to more available jobs than trained applicants. In fact, the U.S. Bureau of Labor Statistics reported that employment for information security analysts is projected to grow 33% from 2020 to 2030. At Zoom, we expect to continue to hire highly-qualified security professionals throughout 2022. I believe we’ll see the cybersecurity talent pool grow as more professionals choose to enter the field due to increased demand and, in many cases, the ability to work from anywhere.

 

Security: How should organizations prepare for these trends/threats?


Lee: As the distributed workforce continues to be the norm, it is increasingly challenging for IT to keep up with every employee as they share information around the globe on both personal and company-issued devices. This is where an effective endpoint data protection strategy is critical. This begins with the deployment of comprehensive mobile device management (MDM) strategy, which allows IT to manage and secure all employee mobile devices. 


Also, with the increase in ransomware attacks, more organizations are putting an emphasis on both external initiatives such as third party risk management programs to help assess a vendor’s risk profile, and internal initiatives like multi-factor authentication and a zero-trust architecture with Just-in-Time (JIT) access to help minimize an organization’s attack surface.


Another critical element to an organization’s comprehensive security strategy is its employees. Investing in employee education is one of the most effective ways to increase an organization’s security by arming teams with up-to-date training and education on any phishing or ransomware attacks that are circulating. Regular training sessions and refreshers have to be put in place so that all employees recognize their responsibility for keeping the business secure. 


Lastly, organizations should automate where they can.

KEYWORDS: cyber security risk assessment risk management third party security zero trust

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Jason Lee

    Jason Lee named CISO at Zoom

    See More
  • 5 mins with Soroko

    5 minutes with Jason Soroko - The importance of zero trust during COVID-19

    See More
  • 5mw LaCous

    5 minutes with Mira LaCous - Trends in biometric security

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing