Zoom announced on Wednesday that it has appointed Jason Lee as its chief information security officer (CISO).
Lee, who will take on the role of Zoom’s CISO on June 29, has 20 years of experience in information security and operating mission-critical services. He most recently served as senior vice president of security operations at Salesforce, and before that he worked at Microsoft as principal director of security engineering.
At Zoom, Lee has been tasked with “continuing Zoom’s path of putting the security and privacy of its users first by ensuring that the frictionless and easy-to-use platform remains secure.” He will report to the company’s chief operating officer, Aparna Bawa.
“Zoom is on an incredible journey of growth and I am thrilled to bring my experience of running world-class security organizations to the company. Ensuring that customers trust our products is of the utmost importance and I look forward to working with the team to continue instilling security into the DNA of Zoom,” Lee said.
Lee’s appointment as the CISO of Zoom is part of the video conferencing company’s 90-day plan to improve security and privacy, which came under scrutiny after its popularity soared as a result of the coronavirus pandemic.
This plan also includes revamping the company’s bug bounty program and rolling out true end-to-end encryption for meetings. Zoom has released a draft of its end-to-end encryption design and it recently announced that free users will benefit as well, not just paying customers as the company had initially planned.
Zoom initially argued that it wanted to be able to assist law enforcement investigations and free users were the most likely to be involved in illegal activities.
Zoom previously created a CISO Council, which includes CISOs from major companies such as HSBC, Ellie Mae, and NTT Data. The Council also has an advisory board whose members include representatives of VMware, Uber and Netflix.
The company has also hired Alex Stamos, Facebook’s former CSO, as an outside advisor tasked with helping implement better security controls and practices.