CyberWire Daily - Jadee Hanson: Cybersecurity is a team effort. [CISO] [Career Notes]

Starting point is 00:00:00 You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security. Thank you. Learn more at zscaler.com slash security. Hello, my name is J.D. Hanson. I am a CIO and I was really interested in technology. I ended up working for free for the technology coordinator at my high school just because I was really interested in learning more. And he took time to kind of teach me everything he knew.

Starting point is 00:02:03 We used to buy computer parts from different places to save some money and then we would assemble the computer parts for our school labs. That sparked kind of an interest at a really early age. Obviously didn't know exactly what I wanted to be professionally at that time, but definitely knew I wanted to do something with technology. I went to college at the University of North Dakota. I ended up thinking maybe I wanted to be a software developer and took a number of classes thinking my major would be computer science. I then switched to computer information systems, just a bit of a thinking my major would be computer science. I then switched to computer information systems, just a bit of a tangential degree, but had a little bit more of the business

Starting point is 00:02:51 focus to it and ended up graduating from there after packing everything in in three years. When I was in college, I was probably, you know, two women to, you know, 30 in some classes. So very, very small representation. Certainly even smaller representation in the software development side. When I switched to be more of that computer information systems where you had a bit more of the business side, that's where we saw a few more of the business side. That's where we saw a few more women in some of my classes. Certainly not a degree that has a high degree of women getting it at the time anyways. I got out of school. I was initially offered my first

Starting point is 00:03:39 cybersecurity job at Microsoft. I did accept it, but at the same time I accepted it, I got engaged and made kind of that personal decision to live in the same city as where my fiance at the time was living. And so I was back on the job hunt. I ended up turning down the Microsoft job and I joined Deloitte in their enterprise risk services organization. And this was very much kind of the entry to everything computer controls as well as cybersecurity. So I like to joke when I first started at Deloitte, I was doing pen test work for companies. And when nobody in the world really even understood what a pen test was, now lots of people understand what it is. and it's more of a common term, but at the time it was not very wide known.

Starting point is 00:04:33 I joined Target at the very kind of early stages of them building out their cybersecurity program. Got to spend, you know, a good chunk of time in each of the functions that are part of the security program, ended up going through the very large scale target breach, stayed on for a bit longer. Code42 is such a fun place to join. I joined in 2016. They were at that time, got a round of funding to build out their security products. So really excited to be part of a company building software to support the security teams that I've been part of for so many years. risk. And that was a function that I led. And so to come to Code42 and be part of their journey and building out their insider risk solution was really appealing to me. That's one of the things that I help with here at Code42. So in addition to my CIO job and my CISO job, I also get to spend a fair amount of time with the product management team, sharing insights and knowledge of what worked from an insider risk perspective.

Starting point is 00:05:53 You know, at Cofre too, I mean, I'm so proud of the work that we're doing in this space. We had, you know, over 3,000 people join the Insider Risk Summit. We believe that in security, the only way to win this is to win together. It is absolutely a team sport. And there is so much happening in the insider risk space, given our increase in collaboration software that we use every day, more and more people just moving jobs and taking data with them when they leave. It's this portion of security that sometimes is overlooked in an organization that we feel really strongly about that companies need to kind of shine a light there and basically just be aware of what's going on within their organization. The utopia for me and my team is to get to a spot where the team is just firing on all cylinders and being really proactive about what's coming and what's changing.

Starting point is 00:06:51 My job is to make sure I'm there, make sure I'm removing roadblocks, make sure I'm supporting them in a way where we get the funding that we need for the things that we need to deliver, but ultimately get out of their way so they can do the brilliant job that they do every day. My current boss is an incredible mentor for me, and he's one of the reasons I'm actually at Code42. He's just an amazing leader and somebody that I've watched and have taken so many great learnings from in my every day. I try really hard to do things that might scare me every day. I have a background image on my desktop and it says, be brave enough to suck at something new and so I try really hard to take on something new or drive a differing opinion or a differing idea. I don't know that I have any sort of like specific tactic in that regard other than just taking a minute and thinking about it and asking opinions throughout the company for kind of what we should do next.

Starting point is 00:08:11 You know, in a lot of cases, young women might be a little bit more apprehensive for joining a career in cybersecurity or a career in technology. or a career in technology, if they don't see people at certain levels that look like them or that act like them, they might think, hey, this isn't for me. And my advice would be like, if you're interested in it, it's for you. If you're having fun doing it, it's for you. Get involved and then stay curious throughout your journey.

Starting point is 00:08:41 I've heard from too many young adults that have convinced themselves that this isn't the space for them. I truly believe it's because they don't have a mentor that looks like them or acts like them in this space. And I guess I would tell lots of young women, you can love fashion and you can love cybersecurity. And that is 100% okay. I hope that the team

Starting point is 00:09:08 doesn't even see me, just sees what the team has done collectively. I don't think that there's really any one leader that has come in and that leader did it. It's always the team overall that has contributed. I hope that people look back to say, wow, like what a great team was built. And gosh, the team delivered so much during that time. I guess I would say that I wouldn't really expect anyone to remember specifically what JD did, but what the team did. And now, a message from Black Cloak.

Starting point is 00:09:57 Did you know the easiest way for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home. Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives. Because when executives are compromised at home, your company is at risk. In fact, over one-third of new members discover they've already been breached. Protect your executives and their families 24-7, 365 with Black Cloak. Learn more at blackcloak.io.

CyberWire Daily - Jadee Hanson: Cybersecurity is a team effort. [CISO] [Career Notes]

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.