Meet Mark Adams, Adobe’s new chief security officer
Mark Adams joined Adobe as Chief Security Officer, leading the vision for security at Adobe & working closely with IT, Product and Legal teams.
Mark Adams recently joined Adobe as chief security officer, reporting to Adobe chief technology officer and chief product officer for Document Cloud, Abhay Parasnis. In this critical role, Adams will lead the vision, strategy, and direction for security at Adobe. He will work closely with key cross functional teams such as IT, Product and Legal, to continue to drive and maintain processes to help protect Adobe and our customers.
We had a chance to talk with Mark about his background and new role.
What was your first job?
Image source: Celina Oseguera.
Aside from managing a frozen yogurt shop in my teenage years (yum!), I’d have to say my first real job was working in return merchandise repair at a Novell reseller. I was responsible for testing computer hardware (mostly motherboards and hard drives) that failed in customer servers and documenting what components needed repair. Shortly into the role, I found out that there was no database to track all the various broken components. As a budding computer science student, I got ambitious and broke out my Turbo Pascal compiler to write the company an inventory management system. I learned two major lessons from that job. First, trying to organize chaos is hard but it can be quite rewarding. Second, never try to write an enterprise application in a legacy language like Pascal…it warrants a lot of therapy. Joking aside, this opened my eyes to the potential of a long-term career in technology.
I went on to complete my major in computer science at California State University Fullerton — thereafter, I worked in software development, IT operations and engineering. From there, I found that security was somewhat of a common thread in my work and it quickly turned into a passion. In my 25-year career, I’ve had the opportunity to work across various industries — helping secure everything from educational institutions and real estate to financial services and gaming tech.
What attracted you to Adobe?
Adobe is an iconic company that leaves a lasting impact on every person who uses its solutions — including myself. Our company’s revolutionary technology, global scale, and diverse customer base — not to mention the unique and epic company culture — are what inspire me and drives my passion to help build on the amazing programs that are already in place.
I have long admired Adobe for its innovative approach to security. It’s exciting to join this remarkable team and build on an incredibly strong foundational culture that centers on building security into everything we do — from design to deployment. If we do that well, Adobe can continue to do what it does best — deliver stand-out digital experiences to our customers.
What surprised you most about Adobe in your first week(s) here?
Two things really stood out for me in my first few weeks. For starters, I was surprised to find just how similar the Adobe company culture, team dynamic, and workplace experience is to my previous employer, Blizzard Entertainment. I suspect much of this comes from both companies putting their employee’s well-being first, being intentional to support the importance of diversity and inclusion, and valuing collaboration across all disciplines (creative, engineering and business). It’s fantastic!
Second, the fully remote onboarding experience has turned out to be easier in some respects and more challenging in other areas. I wish I’d written down my initial predictions…I’m pretty sure my guesses would have been way off. For example, I’d have guessed that building relationships and getting to know co-workers over video conferencing would have been far more difficult. As it turns out, it’s actually working out quite well. True, it’s all done over virtual pixels, but I can tell that connections are being made and friendships are starting to develop. Likewise, I wouldn’t have known a thing about video conference fatigue. I’ve learned a few lessons about not scheduling 10 hours of back-to-back calls (ouch!). Overall, the experience is working quite well but I suspect there’s a book deal out there for someone who wants to document the definitive work-from-home survival guide. If anything, it could serve as a bit of cathartic humor for all of us.
What is your leadership style like?
Image source: Celina Oseguera.
My own personal work style is mostly that of a strategic thinker — I love data points and dialogue, so I ask a lot of questions, that’s the easiest way for me to learn and absorb information.
In terms of leadership style, it’s always been important to me to maintain and build upon a strong team culture to empower everyone. I am truly motivated by the teams’ work and mission, and I look to each person to be a leader — which means someone who can run their business, if you will, bringing solutions and sharing their voice. I also want my team to have fun and not to forget to share some good jokes along the way!
Cybersecurity is constantly changing — how do you keep learning? How do you see the industry changing in the next 3-5 years?
Being in an industry that is constantly evolving, staying ahead of the latest trends comes with the territory. I spend a lot of time reading and talking to my peers in this space, and in doing that I find pieces of insights and best practices. I also like to attend security events throughout the year and hear directly from security professionals on their latest research and findings.
Some of the most interesting (and scary) trends emerging in the security world involve the use of artificial intelligence (AI) and hacking. Several years ago, ‘commercial hacking for hire’ began to evolve from small groups of isolated specialists to fully organized businesses. These “companies” have evolved to add sales staff, quality assurance testers, program managers, and customer service representatives. They’ve evolved into a multi-billion dollar industry. No joke…if you’re not happy with the malware you purchased, you can call their customer service team to request a refund. Recently, these same groups have started looking for ways to weaponize machine learning (ML) and AI. They’re starting to use AI to analyze their proprietary vulnerability databases to custom craft attacks based on known industry vulnerabilities and target companies’ exposed services who haven’t installed the latest updates. They’re using ML to create malware that’s much stealthier, understand their targets patch habits, and mimic trusted system components. The next 3-5 years is going to be a particularly challenging time for the security industry as we look to stay ahead of these evolving trends.
Coming from a gaming company, do you have any favorite games?
Image source: Celina Oseguera.
Being an avid gamer for most of my life, I’ve had the opportunity to play some awesome games.
I also tend to play on any device handy — PC, console (PS and Switch), and mobile. I’ve never really thought about it but picking just a few favorites is harder than it sounds. For the short list, I’ll go with The Bard’s Tale (retro-OG), Hearthstone (mobile), Zelda Breath of the Wild (Switch), and Witcher 3 (PC).
My passion for gaming doesn’t stop there — I’ve also been credited in 11 games. These include Firefall, Destiny 2, Overwatch, World of Warcraft, and several others by way of working at Blizzard Entertainment. Game development is a fascinating pursuit that involves one part science, one part art, and whole lot of sweat. I know many people at Adobe are passionate about the creative process, it truly is a fantastic labor of love.
What is an interesting fact about you that not many people know?
I played very minor league baseball for the Yankees. From an early age, I lived and breathed baseball — it was a passion. As a pitcher, I was fortunate enough to have a respectable fastball/slider. I say “respectable” because it seemed fast to the 17-year-old me, but it didn’t take long for me to realize the awesome talent and power of a true major league hitter. I seem to recall getting whiplash from a few homeruns they hit off me (not kidding) and trading in my glove for a computer science degree. All joking aside, I wouldn’t trade those memories for the world.
What does success look like to you after a year?
I’m a big believer in starting from square one and learning the “why” behind what I’m looking at. This includes spending the time to understand not just the current state of Adobe’s security program but gaining an understanding of the decisions that went into its structure. A security program is a reflection of more than just governance needs or technical controls, but it also includes a wide range of business, product, and culture decisions. Understanding how we came to the current model is key towards helping craft an effective next generation program. Year-one success for me includes understanding the nuisances of today’s security program, establishing trusted relationships across Adobe, and publishing a roadmap that significantly evolves our security capabilities while staying true to Adobe’s mission and values.
Best advice you have given or been given?
I’ve been married for 25 years and I was fortunate to get to know my wife’s grandfather. He was an executive at a well-known Bay area department store chain, and he’d offer me advice from time to time. The last advice I remember him giving me: “You always need to walk the floor and get to really know your team. They know more about what’s really going on than you ever will.” That advice has proven invaluable over the years and it’s also lead to quite a few lifelong friendships.