Introducing: The Security Advocacy Specialist Superbadge

When it comes to protecting your organization and data, anyone can be the first line of defense. Check out our new Security Advocacy Specialist Superbadge, created to empower admins and developers to get involved in the security conversations at their organizations.
Introducing: The Security Advocacy Specialist Superbadge

At Salesforce, we don’t just build security into everything we do. We see it as our job to give customers the tools, training, content, and education they need so that we can all be better at keeping data private and secure. That way, we can focus on innovation and growing stronger together. The latest way we’re doing this? Our new Security Advocacy Specialist Superbadge!

Last year, the Security team set out to better understand our customers' experience with securing their Salesforce data.

Our research revealed a treasure trove of interesting information — including the fact that many Salesforce admins and developers felt under-supported and under-resourced when it comes to maintaining a high level of security in their Salesforce orgs. The research showed that too much of the burden is being placed on admins and developers, and there isn’t a clear bridge of communication between the folks owning Salesforce day-to-day and their security leaders/CISOs.

We immediately wanted to help find a way to empower admins and developers to get involved in the security conversations at their organizations. The best way to do that? Become a security advocate!

You might rightfully be thinking, “what is a security advocate?” According to NIST (the National Institute for Standards and Technology), cybersecurity advocates are “security professionals for whom promoting, educating, and encouraging adoption of security are major components of their jobs, part of their personal identity, and integral to their career advancement.” Examples of advocates can include: 

  • Security awareness professionals working within organizations
  • Security researchers who promote the use of security technologies
  • Consultants who work to convince their clients to implement security measures
  • I’d also argue: Salesforce practitioners

Salesforce practitioners (those in charge of maintaining Salesforce, like admins and developers) can — and should — fit into the security advocate role. After all, admins are the first line of defense when it comes to securing Salesforce. And there are many benefits for admins and developers who take on this role. Becoming a security advocate will:

  • Set your future self up for success. When you make your Salesforce implementation more secure, it automatically reduces the likelihood of a breach. This alleviates the burden potential breaches place on companies and employees, and you’ll sleep better knowing you’ve taken steps to secure your Salesforce data. 
  • The more proactive about security you are, the less likely you'll need to be reactive. Thinking strategically now will save you time, energy, and budget in the long run. 
  • This is a huge career growth opportunity! NIST has said that cybersecurity advocates are an emerging job function naturally occurring in companies, and “In many cases, advocates juggled multiple responsibilities, starting their advocacy by taking on informal roles in a part-time capacity.” Don't miss this opportunity to put this in-demand skill on your resume!

To understand how, and why, you should become a security advocate at your company, we launched the new Security Advocacy Specialist Superbadge. This Superbadge will help you learn how to be an effective security advocate within your organization by understanding the threat landscape, understanding threat modeling, developing security strategies and advocating for the short and long term needs associated with keeping your Salesforce data secure.

Histórias recomendadas