The End of the Department of No

Moderator: Andy Yolevich, Business Information Security Officer, Paranoids @ Yahoo!

In today's fast-moving digital landscape, security can no longer afford to be the department of "No." This talk introduces a modern approach to embedding security into the fabric of the business—one that challenges the traditional tension between security and innovation. Drawing on our experience building a Business Information Security Officer (BISO) program and reimagining "Security as a Product," we'll explore how strong relationships, shared ownership, and intentional alignment with product teams have transformed how risk is managed. When security becomes a trusted partner, not a gatekeeper, teams build more secure, resilient, and user-conscious products—not in spite of security, but because of it.