Senior Director

Clari + Salesloft has appointed Peter Liebert as Chief Information Security Officer following the companies' merger in December 2025. Liebert will report directly to CEO Steve Cox and lead unified security strategy across the combined company. Liebert brings 26 years of experience, including 15 years focused on cybersecurity. He previously served as Vice President of Cybersecurity at Vista Equity Partners, overseeing cyber risk across approximately $100 billion in SaaS assets, and as CISO for the State of California. He is also an RSA Conference CSO of the Year award recipient. The appointment reflects the scale of supporting thousands of organisations worldwide through Clari + Salesloft's AI-driven Predictive Revenue System. The company serves major clients including Adobe, IBM, 3M and Zoom.

How AI in sales is evolving: insights from Salesloft London event. One of the standout themes at SalesLove London 2025 by Salesloft was the strength of customer advocacy. Hearing directly from users about how they incorporate tools into their sales processes offered valuable real-world perspective. There's no substitute for hearing real people share what's working for them in practice. These stories cut through the noise and remind us that while technology evolves rapidly, the outcomes it enables are what ultimately matter. For anyone exploring AI in sales or the broader world of sales technology, the message was clear: tools are only as effective as the thinking and execution behind them. The real role of AI in sales today. As expected, AI in sales was a central theme throughout the event. Much of the discussion centred around automation, process efficiency, and reducing the day-to-day admin that often slows teams down. But beyond the product sessions and demos, what resonated most was the growing recognition that balance is essential. AI can transform the speed and quality of sales execution, but only when implemented thoughtfully. When teams rely too heavily on automation, there's a risk of unintentionally weakening the very capabilities that define strong selling. Why strategic thinking can't be automated. Across the industry, there's a rising awareness that if AI handles too much of the process, salespeople risk losing critical skills, including: If sellers rely exclusively on AI to write emails, prepare outreach, or summarise engagements, the long-term impact could be a de-skilling of sales talent and an increase in generic, undifferentiated messaging. The takeaway is simple: AI in sales should enhance human thinking, not replace it. Where AI in sales genuinely adds value. When used intentionally, AI strengthens performance in several high-impact areas: The message woven through many sessions was clear: AI should accelerate relevance, not remove the human element behind it. Why face-to-face still wins. Beyond the sessions, the opportunity to meet peers, partners, and prospects in person was invaluable. The informal conversations throughout the day - and the connections formed during the evening gathering - reinforced the continued importance of human interaction. In a world increasingly shaped by AI and automation, these moments of genuine connection matter more than ever. They spark ideas, build trust, and open doors in ways digital interactions often can't replicate. For all the progress being made with AI in sales, real conversations remain one of the most powerful tools in the seller's toolkit. Final thoughts. SalesLove London 2025 highlighted both the excitement and the responsibility that come with the rise of AI in sales. The event reaffirmed a few timeless truths: * Customers influence buying decisions in a uniquely powerful way * AI accelerates performance, but it can't replace commercial judgement * Human-led selling - rooted in curiosity, insight, and connection - still drives the greatest outcomes At durhamlane, we're committed to building AI solutions that empower salespeople, not overshadow them. I'm looking forward to sharing more about Jordy and how we're using AI to support smarter, more effective selling. If you're exploring how to integrate AI in sales into your strategy - or want to understand what's working for teams today - let's talk.

Salesforce: some customer data accessed via Gainsight breach. The highly publicized data breaches earlier this fall of Salesforce customers that was linked to Salesloft's Drift application is coming back to haunt the cloud services giant. Salesforce executives reported late this week that they had identified "unusual activity" connected to applications published by Gainsight - whose platform helps companies manage their customer relationships - connected to Salesforce, and installed and managed directly by customers. "Our investigation indicates this activity may have enabled unauthorized access to certain customers' Salesforce data through the app's connection," they wrote in a notice. At the time of the Salesloft-related breaches, Gainsight confirmed that it was one of the companies compromised by the Salesloft-related campaign, which involved the threat group ShinyHunters using stolen OAuth tokens for the Drift chatbot application, which was integrated with Salesforce. Starting in August, the bad actors were able to steal sensitive information, such as passwords, Snowflake tokens, and Amazon Web Services (AWS) access keys, from Salesforce customers' instances. 'Like a Russian nesting doll' "This is like a Russian nesting doll: Salesloft gets breached, which exposes Gainsight, which compromises 200-plus Salesforce customers," said Denis Calderone, co-founder, chief operating officer, and chief revenue officer for AI solutions and cybersecurity company Suzu Labs. "You might know you're using Gainsight, but do you know Gainsight integrates with Salesloft? That visibility gap is where these cascading breaches live. We've been warning clients about this scenario for years, that the SaaS integration trust chain is almost always longer and more complex than anyone realizes." Ferhat Dikbiyik, chief research and intelligence officer at security firm Black Kite, echoed Calderone, noting the Salesloft Drift campaign and Gainsight in response disconnecting the Drift app and confirming that only data at the customer relationship management (CRM) layer - including business contact information and some Salesforce case text, had been accessed. "Fast-forward to today, and we're seeing the same playbook again: OAuth tokens + over-permissioned apps + integrated vendors = a perfect attack chain," Dikbiyik said. "This isn't about one vendor or one platform. This is about how modern SaaS ecosystems operate: wide, connected, and often over-trusted." Hundreds of Salesforce users affected. Obsidian Security analysts wrote that more than 700 companies were impacted by the Salesloft campaign, and almost another 300 reportedly have been hit through the Gainsight supply chain attack. In its notice, Salesforce said that once the malicious activity was detected, it revoked all active access and refresh tokens associated with Gainsight-published applications connected to Salesforce and temporarily removed the applications from its AppExchange cloud marketplace while the investigation into the incident continues. "There is no indication that this issue resulted from any vulnerability in the Salesforce platform," the vendor wrote, adding that it's notified known customers that have been affected. "The activity appears to be related to the app's external connection to Salesforce." Gainsight yanks app from HubSpot. For its part, Gainsight said Google's Mandiant unit is helping with the investigation, adding that its app has been pulled temporarily from the HubSpot Marketplace and its Zendesk connector access has been revoked. The decision to pull the app from HubSpot was a "precautionary measure. This may also impact OAuth access for customer connections while the review is taking place. We will work with HubSpot on re-listing after thorough review. No suspicious activity related to HubSpot has been observed at this point." Austin Larsen, principal threat analyst for Google Threat Intelligence Group (GTIG), wrote in a LinkedIn post that the unit had "observed threat actors, tied to ShinyHunters, compromising third-party OAuth tokens to potentially gain unauthorized access to Salesforce customer instances. ... Adversaries are increasingly targeting the OAuth tokens of trusted third-party SaaS integrations. We saw this recently with the campaign targeting Salesloft Drift, and we are seeing it again now." ShinyHunters threatens more. DataBreaches.net communicated with a spokesperson for ShinyHunters, who confirmed the threat group was responsible for the Gainsight campaign and said that "it's unfortunate that this is probably the 3rd of 4th large-scale campaign against Salesforce by the same group again." The spokesperson also said the group plans to launch another dedicated leak sight if Salesforce doesn't comply with demands it gives the company. DataBreaches.net wrote that the spokesperson said "The next DLS will contain the data of the Salesloft and Gainsight campaigns, which is, in total, almost 1000 organisations. Only actual companies, mainly Fortune 500 will be listed or things I feel would be worth it. From the Gainsight campaign the large companies were: Verizon, Gitlab, F5, Sonicwall, and others." A long tail. Defenders need to understand that the Gainsight campaign shows how easily one campaign can lead to others, according to cybersecurity pros. "This incident demonstrates how long the tail of a supply-chain vulnerability can be," said John Carberry, chief marketing officer and "solution sleuth" at cybersecurity firm Xcape. "Technically, Salesforce did the right thing by removing all Gainsight-related tokens and removing the apps from the AppExchange, but for customers, this highlights an unsettling reality. Even if the core platform isn't vulnerable, over-privileged third-party apps can still gain access to your CRM crown jewels." Lydia Zhang, co-founder and president Ridge Security Technology, said that "the message for defenders is that patching the initially 'broken' door isn't enough. You must thoroughly inspect every part of your environment to ensure the attackers cannot reuse access from a prior breach to open new doors."