EP 57 — Clari’s Steve Lukose on Using SLAs as Benchmarks for Businesses


In this episode of the Future of Application Security, Harshil speaks with Steve Lukose, Vice President of Security at Clari, about how security is becoming a business enabler rather than just an organization. 

Steve explains why SLAs will become one of the benchmarks for security experts to use, but that it won’t necessarily be for all aspects of security. Still, they’ll be a great tool to help security organizations plan ahead for their next steps. 

They also discuss the importance of cross functional collaboration, why your team should build relationships outside of the group, and how regulatory bodies are driving change. 

Topics discussed:

  • The importance of building relationships within your team and outside of it.
  • Why SLAs will become a benchmark for security leaders to use for planning their next business steps.
  • How security leaders can work with their teams, partners such as engineers, and stakeholders to make sure they stay on track and keep focus.
  • How product managers can help facilitate projects by understanding what each stakeholder needs.
  • How security transcends barriers by becoming a business enabler, shifting from a restrictive function to one that supports and enhances organizational objectives and growth.
  • The importance of cross functional collaboration.
  • How scrutiny from regulatory bodies such as the SEC is driving change.

Guest Quotes: 

“So when I look across a business, you benchmark certain indicators that are important. So in customer success, it’s MPS scores, it’s response time for issues. In SRE and engineering, it’s about availability. What is our success rate? What is our failure rate? Do we have budgets around that? What does it look like around different aspects of the portfolio? Are certain services doing better than others? Security should be rolled up in certain business metrics like that as well.”

“You have to build relationships with folks, whether it’s on the cloud teams, whether it’s product managers. And I think that’s an area where it is a little bit less traditional.”

“So it’s important for our product folks to know them. I think the decision making is across the board, but you got to work with these stakeholders so they understand what the asks are. We can’t expect them to just know.”

“So I think the changes that the SEC did, things that our customers are asking for, a lot of it is going to go back to basics. Are we doing the blocking and tackling well? Are we doing the fundamentals well?” 

“There’s a lot of process that you can change and tweak the scale better, but it’s also, the tooling you have helping you look broadly and then also roll that up into something that stakeholders can use.” 

Listen to more episodes: 

Listen on Apple 

Listen on Spotify

Rate this article

Recent articles

Solving the Challenges of Engaging with Developers

On a recent episode of the Future of Application Security podcast, Chad Girouard, AVP Application Security at LPL Financial, talked about some of the challenges to overcome...

Read more
What’s Caused the Need for Software Supply Chain Security

On a recent episode of the Future of Application Security podcast, Dave Ferguson, Director of Technical Product Management, Software Supply Chain Security at ReversingLabs, explained why the...

Read more

Ready to Scale Your Application Security Program?

Sign up for a personalized one-on-one walkthrough.

Request a demo

[email protected]

Request a demo