Interview: Shopify CISO Andrew Dunbar on Securing an E-Commerce Giant
Interview: Shopify CISO Andrew Dunbar on Securing an E-Commerce Giant
https://www.infosecurity-magazine.com/interviews/interview-shopify-ciso-andrew/
Publish Date: 2026-06-24 09:45:13
Source Domain: www.infosecurity-magazine.com
Andrew Dunbar, Chief Information Security Officer (CISO) at Shopify, discussed in an interview with Infosecurity Magazine, how the company manages cybersecurity as it continues to grow and innovate. Since joining as one of Shopify’s first hundred employees in 2012, Dunbar has risen to lead the cybersecurity operation for an organization that has grown significantly to approximately 8,000 employees, supporting a variety of retailers globally. His primary responsibility extends beyond just safeguarding Shopify’s internal systems to ensuring the security of its platforms assisting retailers in building and maintaining their websites. Dunbar emphasizes the importance of an “engineer first” approach, integrating AI into cybersecurity efforts to democratize compliance and enhance security capabilities across the company. He stresses the blend of AI with innovative security measures, alongside a robust bug bounty program enriching the cybersecurity framework. The article highlights the ongoing challenges posed by AI-enabled attacks, which necessitate a shift in the defensive strategies relying heavily on AI to stay ahead of evolving threats.
Key Points:
– Andrew Dunbar’s journey at Shopify showcases the company’s transition from a startup to a major e-commerce platform under the leadership of CISO Dunbar.
– The integration of AI within Shopify’s processes has transformed its cybersecurity approach, enabling broad-based utilization and enhanced security efficiency.
– Shopify’s bug bounty program is pivotal in identifying vulnerabilities, benefitting millions of merchants, and fostering innovation through diverse security researcher collaborations.
– New challenges brought by AI in cybersecurity call for advanced defensive measures, driven by AI to counter highly personalized and malicious AI-based attacks.
– Expertise in curiosity and active engagement are highly valued skills for individuals in cybersecurity roles to drive ongoing innovation and safeguarding efforts at Shopify.
