Tech Icon Spotlight:
Luke Shoberg
Member of Technical Staff, Latacora; Former CISO, Sequoia Capital
Quick links
Luke Shoberg shares insights on his journey as a security leader, balancing security with innovation, and staying adaptable in a rapidly changing landscape.
When does one become a technical leader? For Luke Shoberg, it was the first time his name was added to a policy document that was shared with regulators: “There’s something about being put in the hot seat with a third party like that which is really exciting. While I was glad to get the job title, it was the individual responsibility that I found more empowering.”
With 25 years leading technology and security efforts at Redpoint Ventures, Sequoia Capital, and Latacora, Shoberg has seen firsthand how the role of a technical leader extends far beyond mastering technology. Riviera Partners spoke with Shoberg to gain his insights into balancing security with innovation, adapting leadership strategies, and aligning technical decisions with business goals.
Embrace gray
Shoberg was first drawn to tech development thanks to its methodical nature; code either works or it doesn’t. But as he rose through the ranks and began to focus on security, he realized tech is rarely black or white.
“When you get to leadership, there are many answers, and you realize the edge cases aren’t as uncommon as you once thought,” Shoberg said. “The right solution isn’t always the one that is technically correct. You also have to consider the business context. You can be super secure, but then your innovation metric is going to be really low.”
While no business can afford to be cavalier about security, Shoberg cautions the companies he advises to consider their technical security requirements within the context of their business environment. Instead of being a security leader, he strives to be a business leader who happens to lead through security.
“As a technical leader, you have to be attuned to the demands of the business. If you’re not speaking to your other executives, your boss, and the board, your recommendations are going to be totally discounted.”
The right solution isn’t always the one that is technically correct.”
Putting team ahead of technology
Many first-time technical leaders get where they are thanks to their technical skills. But while it’s your technical skills that get you into management, that’s not what you’re there for.
“My blind spot was around delegation. I didn’t realize how much I needed to let go and hand off to other people. When I started to do that, that’s when I began to see changes in the organization and in the satisfaction of the people who reported to me,” Shoberg said. “You realize quickly the work that needs to be done, and the implications of failure, and you see it’s impossible to do the work yourself. That’s when you have to learn how to hire and grow and manage a team.”
“Having access to professional coaching, mentors, and peers who can share their war stories is incredibly beneficial. I eventually got to the point where when I am interviewing someone and they feel like a peer, I know I’m having the right conversation. I want to hire people who I’m going to learn from. It’s exciting when you bring people on board and you feel like, ‘I can’t believe this person actually agreed to work with me.’”
I want to hire people who I am going to learn from. It’s exciting when you bring people on board and you feel like, ‘I can’t believe this person actually agreed to work with me.’”
Secure is in the eye of the beholder
As the global CISO at Sequoia Capital, Shoberg was responsible for implementing and overseeing the firm’s security program. He now uses his experience as a CISO to help startups stay secure without hampering innovation.
“With SOC 2, GDPR, CCPA, and the like, there’s much more awareness about the need for security, along with the need to stay out of the headlines and off regulators’ radars. No one wants to be negligent, but at the same time they can’t overcommit to safety over product development or revenue growth,” he said.
One thing holding security back at every level of business is a lack of agreement on what a best-in-class security program looks like.
“Security is still inconsistent across organizations and very much choose-your-own-adventure,” Shoberg said. “While there are best-in-class solutions for particular aspects of security or risk, we still don’t have an industry-standard template of what a security program should look like.”
Security is still inconsistent across organizations and very much choose-your-own-adventure.”
Stay curious
As a leader, long-term success requires staying curious and adaptable. Technical leaders must be ready to challenge their assumptions, learn new skills, and embrace change.
“I have some gray in my beard, and what was true in 1998 about securing an organization or deploying technology is no longer true in 2025,” Shoberg said. “If you’re not always revisiting your priors, taking in new data, and talking with peers, you’re not going to be a success. Technology is moving. The business is moving. You have to move as well. You have to be intentional with it, and lean into your curiosity.”
If you’re not always revisiting your priors, taking in new data, and talking with peers, you’re not going to be a success. Technology is moving. The business is moving. You have to move as well.”
