It’s not often you hear a COO or CPO talking about security. But maybe it should be. A collective approach is most effective against the onslaught of modern threats, after all, and thus security really should be everyone’s responsibility. “It has to be that even your executive team feels like they own security,” says James Simcox, COO and CPO at Equals Money, in a recent conversation for our Executive Exchange series.
For Simcox, embedding security into operations is about empowering staff through initiatives like “Security Champions,” where employees across departments gain valuable training and compete to win badges. He also advocates for a proactive approach to AI tooling — like standardizing on a vetted tool early on — to defend against shadow AI and remove the temptation for employees to bring in a bunch of unapproved tools.
For product builders, integrating a secure-by-design philosophy into the product roadmap is the key to accelerating innovation rather than acting as a late-stage blocker. “Developers like to work quickly, and they can sometimes think that security can slow them down,” says Simcox. “But Equals Money embeds security into the culture, and so our developer team understands that great security can actually speed things up. We avoid the pitfall some companies experience where they build a feature, get to the point of release, and only then do they realize it doesn’t meet the security standards of the organization.”
Watch the full video above to learn more about how to build a culture of security, manage shadow AI, and balance friction within the customer experience.
