Yashvier was featured in the March 2025 Feats of Strength Magazine
Yashvier (Yash) was first interested in cybersecurity when he took a cryptography course in college, getting him excited about problem solving and the impact of hiding information. After completing his undergrad, Yash decided to further his education in security by attaining his Masters in Security Informatics from Johns Hopkins University. This degree positioned him well for a strong career trajectory in the security industry.
Yash began his security career at a consulting firm where he gained deep technical skills, working across various Fortune 500 clients. He then moved to Box for over three years, where he strengthened his skills in application security, penetration testing, vulnerability management, and much more before taking on product security roles at Twilio. While at Twilio, Yash moved from manager, to senior manager to interim director of product and infrastructure security managing a large global organization. He had a unique opportunity to help the organization achieve hyper-growth while maintaining strong security maturity. After almost 4 years at Twilio, he moved to his current organization, Sendbird, as their first CISO, to build out their security program. Sendbird is an omnichannel AI agent and communication solutions platform.
BUILDING A STRONG PROGRAM
As the CISO of Sendbird, Yash oversees all aspects of security, compliance & IT. One of his first responsibilities was to take somewhat disparate areas and fuse them together under the security umbrella to create a cohesive security organization with a unified vision. His goal was to build out the program with transparency and trust and to not only ensure security reflected the business goals but that security became embedded into the corporate culture and eventually make security a key differentiator for the business.
He comments, “It was intimidating but exciting to transition into a CISO role at Sendbird. I always love taking on roles where there is some level of unknown to it. I was tasked with building a team and building on the security foundation they had started to establish. It has been really rewarding to help the company get to where they are now. The team and program have grown from almost nothing and have experienced a lot of maturing.”
To build the program, Yash first established strong communication and working relationships across the business, evangelizing for security while ensuring he aligned with the corporate goals. He says, “While it wasn’t really starting from scratch, all the parts of security were in different areas of the organization, so I brought them together under one organization and ensured they shared one vision. From the start, I had to make sure the company understood that security is here to enable the business and protect Sendbird’s customers. The key was building strong relationships and making sure there was alignment across the board.”
Yash believes building relationships across the business takes time, and is not something you can do in a few hours or a few days, it requires effort to grow on both sides. He is a believer that if you go to someone with a security related ask, it better not be the first time they are seeing or hearing from you. You must ensure that a relationship has already been established. He comments, “Security should never be the hammer. It must be a collaborative approach to understand what you can do together and then work towards that common goal. Build over a foundation you’ve established over time.”
ARTIFICIAL INTELLIGENCE
Artificial intelligence is a primary focus for Yash and his team. They are working to ensure that the organization has the necessary tools and procedures to maintain its pace with the advancements in AI. He remarks, “We have been using AI internally for some time now, and we are diligently continuing to build on that maturity. The most difficult aspect is ensuring that we remain ahead of any knowledge gaps. His team is dedicating time to learning about AI’s capabilities, potential legal issues, applications for our organization, and more. We strive to thoroughly understand new technologies before establishing policies and procedures. This presents a significant challenge due to AI’s novelty and rapid rate of change. Ultimately, I want to ensure that we can continue to utilize AI responsibly.”
To ensure that security remains a facilitator for the business in regard to AI, Yash initiated communication about the value with executives early. He explains, “We obtained the ChatGPT enterprise license early to position us ahead of the curve; we also have Zoom AI & Google Gemini enabled for the company.” His team reviews terms and conditions surrounding AI features of SAAS platforms like Zoom, GSuite or Slack to confirm that their data is not being used for training LLMs and that they have control over their data, ensuring that the use of these features maintains the security and privacy standards that Sendbird upholds.
LEADERSHIP STYLE
“I like to hire smart people who want to do the right thing,” says Yash when discussing his leadership style and approach to building a strong team. He works with each team member individually, helping them set achievable goals and providing the resources to accomplish whatever goals they have set. He is a big believer in personal growth to make sure each individual on his team is moving in the right direction for their career. He strongly encourages his team to work towards their goals, but does so without micromanagement, he is rather there when they need him and always available.
To continue to grow and learn, Yash reads as many books as he can, some that help him with leadership ideologies or management styles, and some specific to security. Podcasts also help him stay up to date. One of the most important sources of knowledge for Yash is relying on his peer community to bounce ideas off of, including any current challenges or program hurdles. Having a strong network of peers is incredibly valuable.
INVESTING IN NEW TECHNOLOGY
Yash says, “We don’t start with the question of asking ourselves what product we need, we start with what capability do we need.” Next, we evaluate our current technology stack to ensure that we do not already possess a solution that could address our challenge. Subsequently, we conduct extensive research, examining open-source options versus purchasing enterprise software; this is the classic build-versus-buy evaluation. If we decide to purchase, we must consider whether to procure a new offering from an existing vendor or to invest in a new vendor. We assess if the vendor is best in class for this particular feature or if it offers multiple capabilities; cost is also a factor. Additionally, we consider how well the solution integrates with our existing technology stack. We then conduct a proof of concept with three to four vendors that offer the capability that aligns with our needs. Throughout this process, we ensure that we consult with different groups of people who will be impacted by this technology investment and make sure we have their buy-in . For instance, if we are implementing a new endpoint security tool for our fleet of laptops, we select a diverse group of individuals across the company and during POC monitor if their laptop performance is being impacted. Once we have gathered sufficient data, we make an informed decision based on what will provide us with the most value.”
Subscribe
Stay up to date with cyber security trends and more