Security & Assurance

Cloud security starts with our security

Netskope

Security

Founded and built by industry veterans with decades of success in enterprise security, Netskope has taken information security and compliance very seriously since day one. As the cloud security leader serving the world’s largest and most valuable customers, we have directed significant resources to ensure that our data centers, hardware, software, and processes are secure, redundant, meet the most rigorous standards, and deliver the high performance even our most stringent customers require. Our Global Cloud Infrastructure and data center hosting providers employ state-of-the-art physical security controls and we regularly engage independent auditors to ensure the highest level of compliance with best-of-breed frameworks and standards.

Netskope has an established Information Security Committee that regularly convenes to review Netskope product engineering, security operations, and personnel processes against a comprehensive set of industry frameworks and standards. Should you have any questions or concerns, don’t hesitate to reach out to us at security@netskope.com.

Meet our Security Experts

Jason Clark

Chief Strategy Officer

Jason Clark

Chief Strategy Officer

Jason brings decades of experience building and executing successful strategic security programs to Netskope. He was previously the chief security and strategy officer for Optiv, developing a comprehensive suite of solutions to help CXO executives enhance their security strategies and accelerate alignment of those strategies with the business. Prior to Optiv, Clark held a leadership role at Websense, where he was a driving force behind the company’s transformation into a provider of critical technology for chief information security officers (CISOs). In a prior role as CISO and vice president of infrastructure for Emerson Electric, Clark significantly decreased the company’s risk by developing and executing a successful security program for 140,000 employees across 1,500 locations. He was previously CISO for The New York Times, and has held security leadership and technical roles at EverBank, BB&T and the U.S. Army.

Sean Cordero

Head of Cloud Strategy

Sean Cordero

Head of Cloud Strategy

Sean brings more than 18 years of information security and IT experience to his role at Netskope. Prior to Netskope, Cordero served as Senior Executive Director, oCISO, at Optiv, where he provided executive-level advisement to the company’s Fortune 100 clients. Cordero has been a key driver in the cloud adoption space; since 2011 he has led creation of the industry standard control framework for cloud security, the Cloud Security Alliance’s (CSA) Cloud Controls Matrix (CCM). For his contributions to cloud security and adoption, the CSA awarded him the 2013 Ron Knode Service Award for North America and he was inducted in 2016 by the CSA as an Inaugural Research Fellow.

Lamont Orange

CISO

Lamont Orange

CISO

Lamont has more than 20 years of experience in the information security industry, having previously served as vice president of enterprise security for Charter Communications (now Spectrum) and as senior manager for the security and technology services practice at Ernst & Young. Prior to joining Netskope, Orange was CISO for Vista Equity Partners/Vista Consulting Group. He was responsible for managing the cybersecurity programs and development of cybersecurity talent within the Vista portfolio, which included more than 50 companies. Prior to Vista, Lamont was Information Security Officer for Websense. In that role, he was responsible for developing, maintaining and socializing the company’s internal security program.  He was also responsible for working with current and potential customers demonstrating security of the solutions and the connection to the overall security ecosystem.

Neil Thacker

CISO, EMEA

Neil Thacker

CISO, EMEA

Neil is a veteran information security professional and a data protection and privacy expert well-versed in the European Union General Data Protection Regulation (EU GDPR). He holds more than 20 years of experience in the information security industry with 15 years experience as a leading security practitioner for organisations like Deutsche Bank, Swiss Re and Camelot Group before spending the past five years as Deputy CISO for Forcepoint. Thacker is a member of the ENISA Threat Landscape stakeholder group where he contributes to the EU agency program alongside CERTs to position the threat landscape, offer mitigation advice and threat analysis innovation. He is also co-founder and board member of the Security Advisor Alliance, a not-for-profit organisation formed to help security leaders in their role, engage and support interest in the infosec industry and offer advice and tools to move organisations towards improved risk and data-centric strategies.

Vladimir Klasnja

Director, Cloud Architecture Services
 

Vladimir Klasnja

Director, Cloud Architecture Services
 

Vladimir Klasnja is a seasoned technical leader with significant experience in enterprise, security and cloud architecture. Klasnja focuses on incorporating his passion for strategic thinking with creating holistic solutions to satisfy complex business requirements. Klasnja leverages his experience to help security executives achieve success within their respective organizations with respect to cloud architecture and digital transformation.

Prior to joining Netskope, Klasnja oversaw Optiv’s Data Protection and Privacy Program, was a member of the Executive Advisory Group, and led the organization’s Cloud Security practice.

Before Optiv, Klasnja spent eight years at Emerson Electric, where he was a key leader in enterprise architecture, driving strategic innovation for user experience, mobility, security and cloud.

Klasnja is a member of St. Louis 630 Cyber, where he enjoys mentoring cyber security startups. He is also active with the Security Advisory Alliance (SAA), helping to drive future generations of cyber security professionals.

Klasnja earned his BA in economics from the University of Belgrade and holds a technical degree in Automatics/Robotics.

Nathan Smolenski

Director, Enterprise Strategy
CISSP, CISM, CISA

Nathan Smolenski

Director, Enterprise Strategy
CISSP, CISM, CISA

Nathan is a Cyber Security & Technology leader with over 18 years of experience across financial services, management consulting, executive search, insurance and software industry verticals. Nathan is highly experienced in digital transformation, leadership enrichment, organizational development and the modernization of enterprise security programs and architectures; enabling businesses through consumable service-based delivery capabilities. Nathan maintains a contemporary view of technology and cyber security and is a strong believer in process and technology innovation to drive transformational change.

Nathan currently serves as director on the enterprise strategy team at NetSkope, the leader in cloud security, focused on digital transformation of cyber security programs, security research initiatives, and the evolution of cloud security architectures; while helping to further drive success for NetSkope and its customers.

Prior joining the NetSkope team, Nathan served as the Head of Technology Security Strategy and Engineering for the NY Life Insurance Company; as well as previous roles as the VP/CISO of Spencer Stuart, a world leader in executive search and management consulting, the CISO of Zurich North America, and the CISO of 21stCentury Insurance. Nathan maintains the CISSP, CISA and CISM designations, was a 2016 nominee for ISSA & InfraGard’s Chicago CISO of the Year, and serves as a member of the Rutgers University cyber security program advisory board.

James Robinson

Deputy CISO
 

James Robinson

Deputy CISO
 

Robinson is a seasoned professional with nearly 20 years of experience in security engineering, architecture and strategy. He develops and delivers a comprehensive suite of strategic services and solutions that help executives change their security strategies through innovation.

Before his time at Netskope, Robinson was the VP third-party risk management at Optiv, where he worked as a core contributor around strategic internal initiatives including threat management, risk management, third-party risk management, vulnerability management and data program protection. Prior to Optiv, he was the security architecture and strategy officer for Websense. He also previously served as product security officer for Emerson Network Power, a division of Emerson Electric Company, where he built the company’s first product security organization, including program and reference models, which were later adopted by Emerson Electric’s CTO office.

He has held positions of increasing responsibilities with other Fortune 500 companies such as Anheuser-Busch and State Farm insurance where he ran one of the most successful penetration testing engagements in the company’s history.

Throughout his career, Robinson has helped companies plan, build and run security programs, and he has developed solutions for network architecture and application security, penetration testing, incident response, security and risk assessment, forensics and investigations and product security. He attended Webster University where he studied business and management and holds a number of technical certifications.

Compliance

AICPA SOC 1

AICPA SOC 1

Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance. Learn More.

To request for a copy of our SOC 1 Report, please contact us.

AICPA SOC 2

AICPA SOC 2

Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance. Learn More.

To request for a copy of our SOC 2 Report, please contact us.

AICPA SOC 3

AICPA SOC 3

Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance. Learn More.

Click here to view a copy of our SOC 3 Report.

ISO 27001

ISO 27001

The International Organization for Standardization 27001 Standard (ISO 27001) is an information security standard that ensures office sites, development centers, support centers and data centers are securely managed. These certifications run for 3 years (renewal audits) and have annual touch point audits (surveillance audits).

To request the ISO 27001 certification, please contact us.

ISO 27018

ISO 27018

The International Organization for Standardization 27018 Standard (ISO 27018) covers privacy protections for the processing of personal information by cloud service providers.

To request the ISO 27018 certification, please contact us.

CSA STAR

CSA STAR

The CSA Security, Trust and Assurance Registry (STAR) encompasses the key principles of transparency, rigorous auditing, harmonization of standards, with continuous monitoring. STAR consists of three levels of assurance, which currently cover four unique offerings all based upon a succinct yet comprehensive list of cloud-centric control objectives in the CSA’s Cloud Controls Matrix (CCM). CCM is the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing.

Click here to view our CSA STAR self assessment.

Privacy Shield

Privacy Shield

For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.

The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.

TRUSTe

TRUSTe

TRUSTe has assessed Netskope for compliance with the TRUSTe Privacy Certification. For more detail about our TRUSTe certifications, please click here.