Facebook Linkedin
  • About us
  • Advisory Board
  • Careers
  • Write for CISO MAG
  • Editorial Calendar
Search
Thursday, July 10, 2025
  • About us
  • Advisory Board
  • Careers
  • Write for CISO MAG
  • Editorial Calendar
Facebook Linkedin
CISO MAG  - News and Updates| Cyber Security Magazine CISO MAG | Cyber Security Magazine
Cisomag banner-Essentials
CISO MAG  - News and Updates| Cyber Security Magazine CISO MAG  - News and Updates| Cyber Security Magazine
  • About us
  • Advisory Board
  • Careers
  • Write for CISO MAG
  • Editorial Calendar
Home Interviews “CISO is key to inspiring a change of heart around security”
  • Interviews

“CISO is key to inspiring a change of heart around security”

By
CISOMAG
-
October 29, 2019
Facebook
Twitter
Pinterest
WhatsApp
    Auth0

    Joan Pepin is the CISO and VP of Operations for Auth0. She is responsible for the holistic security and compliance of Auth0’s platform, products, and corporate environment, as well as end-to-end engineering, management, and operation of their Private SaaS product line.

    She brings 20 years of experience to the role, with a career that has spanned a wide variety of industries, including healthcare, manufacturing, defense, ISPs, and MSSPs. Previously, Joan served as Business Information Security Officer (BISO) at Nike, Inc, CISO, and VP of Security at Sumo Logic, and held different positions at Guardent/Verisign/Secureworks organization.

    Joan also holds a patent for developing a methodology to assess whether a communication contains an attack. She is also a well-recognized thought leader and has spoken at major events, such as RSA, WhiteHat Security Summit, and Forrester Security Summit, and is frequently called upon for her expertise and commentary in Cloud Security and Compliance in large-scale and DevOps/CI environments.

    In an exclusive interaction with Augustin Kurian, Joan spoke about trends in identity management space, the need for IDaaS, and about several initiatives taken by Auth0.

    Auth0 recently launched a Bug Bounty Program to reinforce the company’s strong security ethos. A Bug Bounty program at an IdaaS company is something new. Tell us about this program.

    Our main focus here at Auth0 is providing our customers with the best resources and solutions possible to protect critical user data. We are excited to launch a private bug bounty program to Auth0 customers to achieve this mission. We take the privacy and protection of our customers’ data very seriously and are dedicated to investing the time and resources into ensuring we adhere to the highest standards.

    The bug bounty program will run on Bugcrowd as an expansion of our Responsible Disclosure Program. The bug bounty program was launched earlier this month with 25 global researchers who have been specifically targeted and invited by Bugcrowd, and we expect that number to grow significantly in the coming months.

    There is a myth about Mac and Apple devices being more secure than Windows or Android. Auth0 recently enabled ‘Sign In With Apple’ with Out-of-the-Box Integration. Tell us a bit about it considering recent news reports about Apple devices not being too secure. How does this new SIWA feature benefits users?

    From a security standpoint, the new SIWA (Sign In With Apple) feature benefits users by providing a more secure and streamlined way to log into apps on iOS devices. At a high level, SIWA provides users with a frictionless app sign-in process as they are able to utilize Touch and/or Face ID instead of typing in a password. In addition, instead of utilizing personal details such as emails, birth dates, etc. like other social sign-in options, SIWA hides user emails behind a temporary one that’s used on an app-by-app basis. This keeps key identifying data safe from a variety of applications that could potentially compromise it. In terms of what this looks like for developers, Apple is requiring that all application products that utilize third-party social login within its App Store ecosystem include its SIWA feature by April 2020. Auth0 implemented its beta integration with SIWA back in June, and has iterated alongside Apple’s changes, announcing general availability at the end of September 2019. The integration provides customers with a simple toggle option to integrate the feature into their app – eliminating the need for any recoding on the backend.

    Tell us a bit about your partnership with Energie Baden-Württemberg AG (EnBW). How does Auth0 enable a seamless customer experience?

    Using Auth0, customers of EnBW as well as its subsidiary, Yello, will be able to access several digital services quickly and securely with a single login, including on the customer portal, “My EnBW” and the EnBW mobility+ app. Auth0’s cloud-based identity solution helps EnBW consolidate its previously decentralized login interfaces and simplifies the authentication process for customers. This not only increases EnBW’s efficiency in managing identity for several million customers but also improves the customer experience. Not to mention, Auth0 complies with all GDPR regulations – keeping EnBW compliant, and stores data regionally in the Amazon Web Services (AWS) data center in Frankfurt.

    Where do you think the future of identity management is heading? Are you seeing new attack surfaces that are emerging?

    With the pace of digital innovation and the sheer number of touchpoints and devices that need to be secured, there will always be an urgency around staying vigilant to prevent breaches and the compromise of any data.

    As such, I do believe that the CISO at every organization has a responsibility to ingrain a culture of security and educate employees that security is not an inconvenience. The CISO is key to inspiring a change of heart around security. They have the unique opportunity to be security educators and illustrate best practices in an open and approachable way. Strong leadership skills are essential for winning the budget and asking the hard questions in the boardroom, as well as ensuring security is a top priority across all areas of the business.

    Augustin Kurian is part of the editorial team at CISO MAG and writes interviews and features. 

     

    • TAGS
    • Auth0
    • Bug bounty program
    • Bugcrowd
    • EnBW
    • GDPR
    • Joan Pepin
    • Sign In With Apple
    • SIWA
    Facebook
    Twitter
    Pinterest
    WhatsApp
      Previous articleAviatrix Raises US$ 40 Million to Accelerate Growth
      Next articleAdobe’s 7.5 million Creative Cloud Accounts Exposed
      CISOMAG
      CISOMAG
      https://cisomag.com/

      RELATED ARTICLESMORE FROM AUTHOR

      Harness Your System, Free Decryptor, federal government, cybersecurity
      Features

      Harness Your System, No More a ‘Whack-a–Mole’

      Illegal Crypto mining
      Interviews

      ‘Illegal Crypto Mining is a Huge Drain on a Nation’s Power Resources’

      Trend Micro
      Interviews

      ‘Rushing into Digital Transformation Creates Security Challenges’



      Cyber Career Starter Scholarship

      Latest Issue is Out!

      Ciso mag jan
      cciso_sidebar
      boxbanner

      FOLLOW US FOR MORE UPDATES


      CYBER SHOTS
      Quick, punchy updates on Cyber trends, news and links to free resources. Only via Telegram and Signal. Join the groups now!
      Click Here Click Here
      Cybersecurity News and Updates, Magazine
      CISOMAG is the handbook for Chief Information Security Officer (CISO)s, CXOs, and every stakeholder of safe internet.
      Contact us: [email protected]
      Facebook Linkedin

      EVEN MORE NEWS

      CyberSecID Conference 2025 (CSID2025)

      July 4, 2025

      World AI Show – Indonesia

      July 4, 2025

      Cyber Security Expo Europe

      June 19, 2025

      POPULAR CATEGORY

      • News2554
      • Threats1657
      • Features592
      • Partnerships215
      • Governance191
      • Startups161
      • Upcoming Events122
      • Terms of Use
      • Privacy Policy
      • Advertise with us
      • Contact Us
      • MASTERCLASS
      © CISOMAG 2024
      We Care
      Ensuring that you get the best experience is our only purpose for using cookies. If you wish to continue, please accept. You are welcome to provide a controlled consent by visiting the cookie settings. For any further queries or information, please see our privacy policy.
      Do not sell my personal information.
      Cookie SettingsAccept
      Manage consent

      Privacy Overview

      This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
      Necessary
      Always Enabled
      Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
      CookieDurationDescription
      cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
      cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
      cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
      cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
      cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
      viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
      Functional
      Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
      Performance
      Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
      Analytics
      Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
      Advertisement
      Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
      Others
      Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
      SAVE & ACCEPT
      MORE STORIES
      Upcoming Events

      CyberSecID Conference 2025 (CSID2025)

      CISO MAG - July 4, 2025 0
      Date: July 9-10, 2025 Location: Shangri La, Jakarta, Indonesia CyberSecID Conference 2025 (CSID2025) is a premier gathering of security professionals from...