Jamil Jaffer: You should run towards risk. [Strategy] [Career Notes] - CyberWire Daily

Summary4 min read

CyberWire Daily Summary: Jamil Jaffer – "You Should Run Towards Risk"

Release Date: June 29, 2025

In this compelling episode of CyberWire Daily, N2K Networks engages in an in-depth conversation with Jamil Jaffer, Senior Vice President at IronNet Cybersecurity. Titled "You Should Run Towards Risk," Jaffer's discussion encapsulates his extensive journey through technology, law, and cybersecurity, offering invaluable insights into risk management and career development within the cybersecurity landscape.

1. Personal and Professional Background

Jamil Jaffer begins by sharing his rich cultural and professional heritage. Coming from a family that immigrated from East Africa, Jaffer's father exemplified resilience by moving to the US with minimal resources yet securing positions at prestigious institutions like the University of Toronto and UCLA. This upbringing instilled in Jaffer's strong work ethic and passion for technology.

"I come from a family where my dad came to the US with a few hundred dollars in his pocket... Both my mom and dad gave me that work ethic." [01:20]

Jaffer reminisces about his early engagement with technology as a child of the '80s, highlighting his first computer—a Tandy TRS 80 Color Computer—and his active participation in the Rainbow Computer Club in Santa Monica. This early exposure paved the way for his eventual career in technology support roles during his college years at UCLA.

2. Diverse Career Trajectory

Jaffer's career trajectory is marked by a unique blend of technology, law, and government service. After obtaining a degree in Political Science from UCLA, he ventured into computer support, assisting departments like the Life Science and Athletics divisions. His technical prowess led him to work on political campaigns and for Congressman Bob Goodlatte of Virginia, known for his pivotal role in advancing strong encryption laws.

Transitioning to law, Jaffer attended the University of Chicago Law School, subsequently working for a federal judge, a law firm, and the Justice Department. His tenure at the National Security Division post-9/11 was particularly noteworthy, where he integrated cyber domain expertise to combat terrorism and espionage alongside agencies like the FBI and NSA. This period was crucial in developing his capabilities in identifying and mitigating cyber threats.

"I was able to take my knowledge and skills in the cyber domain and apply them in a very real practical way to helping identify terrorists, identify spies and the like." [04:45]

Jaffer's experience extends to the White House Counsel's Office during the Bush administration, where he contributed to the comprehensive national cybersecurity initiative. His subsequent roles with the House Intelligence Committee and the Senate Foreign Relations Committee solidified his expertise in cyber information sharing legislation.

3. Leadership at IronNet Cybersecurity

Currently, Jaffer serves as the Senior Vice President at IronNet Cybersecurity, a position he has held for nearly seven years—the longest tenure in his diverse career. He emphasizes the company's mission centered around collective defense, collaborating with industry leaders like General Alexander and Bill Welch, the new co-CEO.

"IronNet Cybersecurity has been the longest job I've ever had at almost seven years. It is three times more than the longest job I ever had before this." [06:10]

Jaffer's leadership philosophy revolves around fostering teamwork and addressing complex cybersecurity challenges through unified efforts. His background in law has transitioned into a focus on business leadership, aiming to steer IronNet towards innovative solutions in the cybersecurity arena.

4. Embracing and Running Towards Risk

A central theme of Jaffer's discussion is his distinctive approach to risk. Contrasting with the typical risk-averse nature of the legal profession, Jaffer advocates for embracing risk as a catalyst for success and growth.

"I like risk. I think risk is something that a lot of people shy away from... If you're passionate about something, you love it, you should run towards risk." [05:30]

He encourages individuals, especially those passionate about cybersecurity, to not fear risks but to actively pursue challenges. According to Jaffer, encountering and overcoming risks leads to personal and professional development.

"Risk is your friend. You're going to be successful at it. And if you're not successful and you struggle, you're going to pick yourself up, dust yourself off and get better." [05:50]

5. Advising Aspiring Cybersecurity Professionals

Jaffer passionately advocates for careers in cybersecurity, highlighting the industry's robust demand and unparalleled employment rates. Citing a 0% unemployment rate over the past decade, he underscores the field's dynamic and ever-growing nature.

"Cybersecurity could not be a more exciting environment to get into. It is a rare industry that had a 0% unemployment rate for the last decade." [06:45]

He advises career switchers and students to pursue cybersecurity if they possess genuine interest and passion. Jaffer shares his own transition from law to cybersecurity as a testament to the field's accessibility and the vast opportunities it presents.

"I'm a career switcher, right? I'm a lawyer... I made a hard switch. There's a ton of jobs, there's a ton of opportunity." [07:00]

6. The Essence of Collective Defense

Jaffer's vision for IronNet is deeply rooted in the concept of collective defense. He believes that uniting diverse talents and perspectives is crucial in tackling sophisticated cyber threats. His goal is to lead by example, fostering an environment where collaboration and innovation thrive.

"It's all about bringing together people to reach a common mission. That's what IronNet's about as a company, this idea of collective defense." [07:10]

He aspires to be remembered as someone who relentlessly pursued solutions, united teams, and achieved meaningful outcomes in the cybersecurity domain.

Conclusion

Jamil Jaffer's narrative offers a profound blend of personal resilience, professional versatility, and strategic foresight in the realm of cybersecurity. His advocacy for embracing risk and his unwavering commitment to collective defense provide inspiring guidance for both seasoned professionals and newcomers aspiring to make their mark in the cybersecurity industry.

Note: The timestamps referenced correspond to the sections of Jaffer's discussion within the podcast episode.

Loading summary

Transcript3 lines

[00:02]
A
You're listening to the Cyberwire network, powered by N2K. And now a word from our sponsor. Spy Cloud Identity is the new battleground and attackers are exploiting stolen identities to infiltrate your organization. Traditional defenses can't keep up. Spy Cloud's holistic identity threat protection helps security teams uncover and automatically remediate hidden exposures across your users from breaches, malware and phishing to neutralize identity based threats like account takeover, fraud and ransomware. Don't let invisible threats compromise your business. Get your free corporate Darknet exposure report@spycloud.com cyberwire and see what attackers already know. That's spycloud.com cyberwire.
[01:05]
B
Jamil Jaffer I'm senior vice president at Ironnet Cybersecurity for strategy, partnerships and corporate development. If you want the full detailed title. I come from a family where my dad came to the US with a few hundred dollars in his pocket. He didn't have a job. He had a bachelor's degree. Yes, but from the University of EAS Africa. Dar Es Salaam. Right. We're ethnically Indian, but three generations of my family grew up in East Africa. My dad got a job working first at the University of Toronto, then he moved to LA and, and got a job at ucla. And he sort of, he was one of these people who just walked in and, and said look, you want to hire me, I'm going to work my butt off for you and I'm going to do good things. And both my mom and dad gave me that work ethic. I was, I'm a child of the 80s. And so in 1984 I got my first computer. It was a Tandy TRS 80 color computer, the so called Trash 84K of onboard RAM, 4 kilobytes. We upgraded to 16 kilobytes, me and my dad and we were the talk of the Rainbow Computer club in Santa Monica. What are you gonna do with 16k of onboard ram? Oh my God, it's so much memory, right? But I paved way through college doing computer support. So I did computer support at UCLA for the life science department, for the athletics department. I crawled through ceilings running 10 base T cable and doing fiber punch down blocks. So I've always had sort of technology in my heart. Even though I did government, I did politics, I did law for a while. So this has always been a part of, you know, what I've been into. I went to UCLA for college, PolySci E con but did all that computer support stuff. I had a chance to go work on some campaigns and on Capitol Hill for a great congressman from Virginia, Bob Goodlatte. People might remember him because he was the one that freed up the sale of strong encryption that really has allowed us frankly to use the kind of strong encryption we need on our web browsers and the like to really protect our financial transactions. Then I went off to law school at the University of Chicago. I worked for a federal judge, I worked at a law firm, I worked at the government at the Justice Department. And then I had this amazing opportunity to go work at the newest division at the Justice Department, the National Security Division. This is a division created after 911 to bring together the counterterrorism, counter espionage people and the people that did foreign intelligence surveillance. And at this time the real new way of doing foreign tell as now we've all started talking about post Snowden, right was on in the cyber domain. So I was able to take my knowledge and skills the cyber domain and apply them in a very real practical way to helping identify terrorists, identify spies and the like. Working with our lawyers and our operators, the FBI and the NSA to really engage in some really cool operations, some of which have now been declassified. And then I had a chance to go work at the White House Counsel's office and the Bush administration there I had a chance to work on President Bush's comprehensive national cybersecurity initiative. Then went back to being a regular workaday lawyer. Sort of got tired of that pretty quick and ended up going to House Intelligence Committee where I worked on the cyber information sharing legislation for Mike Rogers and then the Senate Foreign Relations Committee. And now and now iron it now. And by the way, that sounds like a lot of jobs. It has been a lot of jobs. Ironnet Cybersecurity has been the longest job I've ever had at almost seven years. It is three times more than the longest job I ever had before this. So I've loved it here. We're having a great time with General Alexander and the whole team. Bill Welch, our new co CEO. It's been an awesome time and really pumped about what we're doing as we start thinking about what's next in the next iteration for ironnet Adversity has happened in life, but you gotta, you gotta run at those things to me, you know, I like risk. I think risk is something that a lot of people shy away from. A lot of lawyers are very risk averse and that's why I describe myself as a recovering lawyer because I think risk aversion is a mistake for people who are driven and smart and excited about what they're doing. Frankly, if you're passionate about something, you love it, you should run towards risk. Risk is your friend. You're going to be successful at it. And if you're not successful and you struggle, you're going to pick yourself up, dust yourself off and get better. And so I look at a lot of my friends and colleagues and say, hey, you've got amazing opportunities. Are you having a challenge? Great, run at it. If you fail, get up, dust yourself off and run at it again. Cybersecurity could not be a more exciting environment to get into. It is a rare industry that had a 0% unemployment rate for the last decade. I don't think there's any other industry in the space where there's that kind of low unemployment rate because there's an over demand for people and under supply. And so if you're thinking about getting to cybersecurity and you want to change your career or you want to go get a degree or you're a young person thinking about what should I do in college? If you're excited about this, and I think really, you really got to be passionate about it, you got to be into it. If you're into it, you want to do it, make the leap, do it. There's a ton of jobs, there's a ton of opportunity. I'm a career switcher, right? I'm a, I'm a lawyer. I was in the government. Yeah, I had cyber elements in my background. You know, the technology stuff I did growing up and the technology stuff I did as a lawyer. I made a hard switch. When I came to iron it, part of my deal was, I'm not going to do any legal work for the company. And I said, look, you know, I want to be a leader in the business space. I've been a lawyer, I've been there, done that. It's all about bringing together people to reach a common mission. That's what ironnet's about as a company, this idea of collective defense. That's what I'm about as a person. Right. If you can bring people together and solve a common problem, I think that's what it's all about and that should be the goal. And run hard at things and just have fun. I want people to think that here was a guy who ran hard at problems, didn't shy away from tough problems, worked hard on them, brought people together to find a solution and, and got things done. If people could say that about me, I'll be happy at the end of the day.
[07:20]
A
Did you know Active Directory is targeted in 9 out of 10 cyber attacks? Once attackers get in, they can take control of your entire network. That's why Semperis created Purple Knight, the free security assessment tool that scans your active directory for hundreds of vulnerabilities and shows you how to fix them. Join thousands of IT pros using Purple Knight to stay ahead of threats. Download it now at sempras.com purple-knight that's sempras.com purple-Knight.