What happened
Philip Martin has joined Uber as Chief Information Security Officer (CISO).
Martin joins the ride-hailing company from Coinbase, where he served as Chief Security Officer beginning in April 2016. At Coinbase, he led a global team of more than 250 employees responsible for cybersecurity, Trust & Safety, physical security, technology governance, risk and compliance, and business resilience across the company’s consumer and enterprise businesses.
Before Coinbase, Martin built and led incident response and security engineering teams at Palantir Technologies.
He also helped develop virtual infrastructure at Amazon’s A9 earlier in his career.
Martin’s background also includes a decade in the U.S. Army, where he served as a counterintelligence agent and Arabic linguist in tactical and strategic roles in the United States and overseas.
In a LinkedIn post, Martin said he was drawn to Uber because few companies are responsible for real people moving through the real world at Uber’s scale. He said security at Uber protects not only data, but also trips, riders, drivers, couriers, and people in motion.
Who is affected
Uber customers, drivers, couriers, employees, partners, and security stakeholders are affected by the leadership appointment.
The appointment is especially relevant because Uber operates a global platform involving real-time mobility, delivery, payments, identity, location data, enterprise systems, and physical-world operations.
It is also relevant to security teams watching leadership moves among companies where cybersecurity, trust and safety, business resilience, and real-world user protection overlap.
Why CISOs should care
This appointment is notable because Uber’s security environment extends beyond traditional enterprise data protection. Its platform connects digital systems with real-world transportation and delivery activity involving riders, drivers, couriers, payments, location data, and operational availability.
For CISOs, Martin’s background at Coinbase is relevant because it combines cybersecurity with Trust & Safety, physical security, technology governance, risk and compliance, and business resilience. That combination maps closely to companies where security failures can affect both digital accounts and real-world operations.
His experience at Palantir, Amazon’s A9, and the U.S. Army also reflects a mix of incident response, security engineering, infrastructure, and counterintelligence work. Those areas are important for large-scale platforms facing fraud, account abuse, cyber threats, insider risk, operational disruption, and targeted attacks.
The appointment reinforces a broader trend: CISO roles at major technology platforms increasingly require responsibility across cyber risk, user trust, operational resilience, and safety-sensitive business workflows.
3 practical actions
- Review security leadership alignment with operational risk: Uber’s environment includes riders, drivers, couriers, trips, payments, and location-based services. CISOs should ensure security programs are aligned not only to data protection, but also to real-world operational impact.
- Connect Trust & Safety with cybersecurity programs: Martin previously led cybersecurity, Trust & Safety, physical security, governance, risk, compliance, and business resilience at Coinbase. Organizations with large user platforms should ensure fraud, abuse, cyber defense, physical security, and resilience teams share signals and response processes.
- Prioritize resilience for platforms tied to real-world activity: Uber’s services depend on continuous, trusted digital operations. CISOs should evaluate incident response, identity controls, business continuity, third-party risk, and crisis communications for systems where outages or compromises could affect people in motion.
John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.