What does it take to build a security program from scratch, in a company without any existing security initiatives in place? To answer this question, we spoke with Jadee Hanson, Code 42’s CISO, whose builder mentality translates into everything she does.
Q: How did you first become interested in the cybersecurity industry?
A: I was always very interested in technology in high school and I had a mentor that saw my interest. He was the technology coordinator for our entire school district, and I worked for him a few days a week. We would buy all sorts of different computer parts and then assemble the lab’s computers. He taught me the basics for everything that falls under the information technology umbrella.
After graduation, I worked for Deloitte in their enterprise risk services team. Deloitte was on the leading edge of cyber risk. I was doing pen testing when companies didn’t know what a pen test was. It was a great opportunity that transitioned me from IT into cybersecurity and spurred a deeper interest in the industry that never went away.
Q: What was it about the industry that attracted you to it?
A: What I found fascinating with cybersecurity was this notion of the bad guy—an adversary trying to do something bad to a company. In cybersecurity, the mission is to figure out how to protect against those adversaries.
Another appeal was that at the time, people didn’t really understand what cybersecurity was. I was the first to raise my hand for any cybersecurity engagement.
“I think I was naturally drawn to the industry because it was new, which allowed me the chance to build programs from scratch. My mentors commonly describe me as a builder, with the ability to take something from nothing and build a robust process and program around it.”
Q: How did this mentality as a “builder” help you as you progressed in your career?
A: When I worked at Target, I got to leverage many of the skills I had in building programs. We built risk functions, security operations functions, and training awareness functions. All of these different functions needed to be in place in order to have an effective security program.
Then, when I started at Code 42, there was a lot to do, a lot to change and a lot to build, so this was my next project, essentially.
Q: Your ability to see gaps and build solutions seems to carry into your life outside of work. Can you tell me a bit about how you started your nonprofit, Building without Borders?
A: I first visited the Dominican Republic in 2004 with my husband, but then when I came home, I had kids and got busy. In 2010, however, I went back with my sister on a mission trip. There we built houses, met families, and ran a children’s program. Coming home, though, I realized it wasn’t enough—I couldn’t just go there once a year and not do more.
“I realized there was this major problem, and there was something I could do about it.”
As of now, we’ve built 39 houses there and have initiated a healthcare program as well as food delivery. It’s been really rewarding to see the change in the community and the people there. They now feel supported and hopeful, not abandoned.
Q: How do you think companies could encourage more people, specifically women, to enter the industry?
A: We have to start encouraging participation at the next generation of workers. One of the ways we do this at Code42 is through a partnership with Girl Scouts. We house Girl Scouts here to get their STEM Badge or Cybersecurity Badge. In fact, we’re the first company within the River Valley region of Girl Scouts to host the Cybersecurity Badge. They’re not all going to choose a career in cybersecurity, but the thing that we’re trying to do is make sure that the younger generation knows and believes that if they do want to choose this career path, there’s a place for them.
Q: What advice do you have for anyone interested in starting a career in the cybersecurity industry?
A: Confidence is key. You know your worth, and you know what you can do, so be confident in who you are and what you bring to the table.
