Growth Profiles: How Google’s VP of Security Helps Protect The Future for Entrepreneurs

An interview with CapitalG General Partner Gene Frantz and Royal Hansen, Google’s VP of Security and CapitalG Advisor

At CapitalG, growth starts with our people — teams, advisors, and exceptional founders who can overcome today’s challenges for a better tomorrow.

As part of our ongoing Growth Profiles series, today I’d like to introduce you to Royal Hansen, Google’s VP of Security and CapitalG Advisor. In his own words, you’ll hear Royal’s thoughts on his work at Google, the future of cybersecurity and how your team can prepare for the future. Enjoy!

You’re VP in charge of cybersecurity at Google. What has been the hardest part of the job? The most gratifying? The most surprising?

The most gratifying and also the hardest part of my job is getting to tackle security challenges on a massive scale. Google plays an important role in so many different security and safety questions, defending against phishing, malware, identity theft, APTs and DDoS attacks to name just a few. It’s such a privilege to have the opportunity to help billions of consumers and thousands of enterprises stay secure — and to get to do all of it as part of one job.

The most surprising part of my job has been realizing just how many brilliant people work here! Google has the most employees of any company I’ve worked at during my career — more than Fidelity, Goldman and Amex. It’s amazing how they’ve brought so much talent and experience together.

Tell us about your typical work day at Google.

I am very lucky that I get to work on exciting and challenging projects on a daily basis, but time is always the biggest challenge.

On most days, I meet with my security teams to figure out how to keep employees and users secure and explore ways to improve internally. I also carve out time to help the companies I advise and the employees and professionals I mentor. And I read and respond to emails. Lots and lots (and lots) of emails.

There are tradeoffs in the face of complexity around almost every corner.

In your opinion, what will be the most significant shifts in the cybersecurity landscape in the next 5 years?

Cybersecurity is moving at a rapid pace, so shifts are taking place on a monthly and even daily basis. That said, I think the following three shifts will be among the most significant to unfold in the coming years:

1. Enterprises are going to see dramatic improvements to their security infrastructures as cloud computing continues to be adopted at an accelerating pace.
2. One-off security solutions and challenging infrastructure implementations will be a thing of the past. Companies will focus their energies on securing “data as a service” and connecting their critical applications via collections of secure APIs.
3. While there will continue to be fierce demand for security professionals, the most in-demand among them will be the people who gain deep industry-specific knowledge and design domain-specific controls.

What advice do you have for startups as they’re scaling their security infrastructure and policies? Is the advice different for enterprise startups than for consumer startups? Early stage vs. late stage?

My broad advice is the same for startups as for enterprises: simplify, and think about manageability. Heeding this advice will pay enormous dividends in the hygiene of their technical infrastructure and in their ability to monitor.

Execs from startups of all stages need to realize that some critical decisions in your early days become almost impossible to reverse, so from the beginning of your company lifecycle, adopt a security framework that scales.

Startups looking to sell to enterprises also need to think critically about how they can become a seamless part of the ecosystem — not a new hurdle to adopt.

You’ve provided mentorship to a number of security start-ups; what kind of engagement is the most fulfilling and interesting to you?

I’m most interested in working with founders who are improving safety and security for society as a whole. Those sorts of opportunities can present themselves in many forms, but that potential social impact is far more important to me than the team itself or the company’s growth prospects.

You’ve held senior roles at a number of Fortune 100 companies like American Express and Goldman Sachs. What was it about working at Google that motivated you to join two years ago?

The incredible team at Google and the important role that Google plays in society make this hands-down the best place to do security in the world.

What are you most proud of your team accomplishing this past year?

We’ve hired over a thousand people in the last 12–18 months. In the current security market in which top-tier talent is all too rare, it’s amazing to me that the team has managed to recruit so effectively. Their success in this area is a testament to both the caliber of the team and the scope of the opportunity here at Google.

Six fun facts about Royal:

1. What surprises people most about you? What I like to read
2. Favorite book: The Emigrants by W.G. Sebald
3. Favorite podcast: Talking Politics
4. Favorite vacation: Rome
5. Personal silver lining to the pandemic: Getting my boys together with their cousins
6. Most unusual hobby or accomplishment: Arabic language study

For more growth perspectives, stories, and insights, follow CapitalG here.