EP201 Every CTO Should Be a CSTO (Or Else!) - Transformation Lessons from The Hoff

This interview podcast features Chris Hoff, LastPass's Chief Secure Technology Officer, discussing his experience rebuilding LastPass's infrastructure and security after a significant incident. The conversation begins with a discussion of Hoff's unique title and its implications for integrating security into technology development. The main focus is on the complete rebuild of LastPass's infrastructure, moving from on-premises data centers to a cloud-native architecture, including the adoption of new security measures like MFA YubiKeys and managed endpoints. Hoff emphasizes the importance of a cultural shift alongside the technological transformation, highlighting the collaborative effort and the unexpected 40% performance increase achieved. The podcast concludes with a discussion of the complexities and simplicities of cloud adoption, suggesting a three-year timeframe for a less crisis-driven approach to such a transformation.