Reddit’s Matt Johansen on renouncing superhero culture and what comes next after “shift left”

Matt Johansen, Head of Software Security at Reddit and a guest on The Future of Security Operations podcast, discusses his extensive experience in cybersecurity, emphasizing the importance of scrappiness, overcoming the sunk-cost fallacy, and moving beyond superhero culture in security teams. He shares insights from his career transition from Bank of America to Reddit, highlights lessons learned from the 2014 Sony hack, and stresses the significance of automating incident response to enhance efficiency. Johansen also touches on mental health in security, advocating for work-life balance and moving past imposter syndrome. He underscores the necessity of cross-team collaboration, particularly with legal teams, to streamline incident response, and highlights the benefits of documenting every step in the process. Ultimately, he promotes development practices that blur the line with security practices, advising aspiring security professionals to demonstrate their passion and knowledge through proactive learning and contributions to open-source projects.