Cyber Threat Intelligence Podcast Season 1 - Episode 12 (Pedro Kertzman & Jason Chan)
What does cybersecurity look like when you're protecting the world's largest streaming service and content studio? Jason Chan, who built and led Netflix's security team for over a decade, takes us behind the scenes of securing one of the most transformative companies in modern history.
From Netflix's humble beginnings as a DVD-by-mail service to its evolution into a global streaming behemoth operating in 200+ countries with hundreds of millions of subscribers, Jason shares the security journey that paralleled this remarkable business transformation. At the heart of Netflix's approach was strategic storytelling—creating a clear picture for both technical and non-technical stakeholders about not just what needed protection, but who the company needed protection from.
The threats Netflix faced were as unique as its business model. Account takeover schemes where compromised credentials were resold on international black markets. Content protection challenges to prevent pre-release leaks of shows and even physical-digital security concerns around protecting high-profile people like the Obamas. Through it all, Jason's team developed a pragmatic approach focused on preventing the most catastrophic outcomes: service unavailability and data breaches.
Perhaps most remarkable was Netflix's commitment to open-source security. At a time when most companies guarded their security practices closely, Netflix released groundbreaking tools that shaped today's security landscape—including Security Monkey (the first cloud security posture management tool) and Fido (an early security orchestration platform). As Jason explains: "We're not going to compete on security, we're going to compete on entertaining the world."
Whether you're building a security program from scratch or leading a mature team, Jason's insights on prioritization, vendor partnerships, and community collaboration offer a masterclass in effective security leadership. Subscribe now to hear the full conversation about securing one of the world's most innovative companies during its remarkable transformation.
Thanks for tuning in! If you found this episode valuable, don’t forget to subscribe, share, and leave a review. Got thoughts or questions? Connect with us on our LinkedIn Group: Cyber Threat Intelligence Podcast—we’d love to hear from you. If you know anyone with CTI expertise that would like to be interviewed in the show, just let us know. Until next time, stay sharp and stay secure!