Jason McNew is an Air Force veteran, who previously worked for the White House Communications Agency, and Camp David, for 12 years, where he held one of highest security clearances known as the “Yankee White”.
He holds four degrees, including a Master’s in cyber security from Penn State. Jason is a member of the Infraguard, a private and public partnership with the FBI, and currently sits on CompTIA’s Channel Advisory Board.
He is now based in the private sector as founder and CEO of Stronghold Cyber Security, helping businesses be up to date on their cyber security. Stronghold Cyber Security (SCS) service includes risk management, vulnerability assessments, consulting, and compliance.
Tell me how your product was created.
Jason McNew: SCS was created out of equal parts inspiration and necessity; at age 43 I found myself roiled in over-qualified un-employability.
I spent a large chunk of my IT and security career working in buildings with no windows, surrounded by barb wire and machine guns – high security stuff in places like Camp David and the White House. I am also an Air Force veteran, and vets tend to be security minded as well. So, I am bringing a very unique perspective to the private sector.
How had your previous career lent you the skills for this role?
Jason McNew: When I was at White House Communications Agency, I never specialized in one area of IT – I would be terminating fiber one day, and banging code the next. Having worked in all areas of IT, in highly secure environments, taught me an enormous amount about every aspect of cyber security.
During my first six years in the Air Force, I was an aircraft mechanic, which requires perfect attention to detail. There is no tolerance for failure at all. Later on, I retrained into computer and communications, which eventually landed me at the White House Communications Agency.
Again, requires perfect attention to detail, and no tolerance for failure whatsoever. At Camp David, I had to work with a lot of demanding people who had very diverse backgrounds, so I got very good at translating “geek speak” into approachable, non-smarmy terms. This experience has been very useful when explaining complex cyber security problems to executive teams.
What’s something people learn after hiring you?
Jason McNew: We put a lot of emphasis on keeping our customers directly involved from start to finish, in the cyber security process. That way, they can make better security decisions going down the road. We try to make sure that everyone is smarter about cyber security after they work with us.
The old saying goes “Give a man a fish, he eats for a day. Teach a man to fish, he eats for life.”
I have always taught people to fish. For example, one cyber security framework we deal with a lot has 110 individual controls in it. We’ll take an entire day to go through the controls one by one with the customer’s IT, operations, HR, executive people all present. It’s a collaborative, iterative process that aims to reduce organizational risk born out of IT.
The goal is always to improve the security culture of the company, to mirror that of the safety culture that all businesses already have. For example, if you told someone to stack a pile of chairs in front of a fire exit, they would tell you that you are crazy. Why? Because of safety culture – training, posters, and so on.
We want to get businesses and their employees to that same level with security – that people would never even consider leaving their computer unlocked, or using the same password across sites, just as they would never even consider stacking chairs in front of a fire exit. So this is what I mean by helping customers learn to make better decisions.
What was one of your biggest work challenges, and how did you overcome it?
Jason McNew: Starting a company from nothing whatsoever – no name, no website, no products or services, and no customers, and then making it cash flow positive is a huge and risky undertaking. However, we (my wife Gennie and I) did exactly that in 9 months flat, which in hindsight, is pretty remarkable. This also required going with no household income during that time, so we relied on our savings to get by. Also, we borrowed nothing.
We ended up hiring a marketing firm that caters to technology companies. They don’t do marketing for you necessarily, so much as they teach you the basics of marketing, and provide some canned tools and templates to market with. As a lifelong tech guy who was always very solutions focused, sales and marketing do not come naturally to me at all. The takeaway for other CEO’s is that if sales and marketing is outside of your comfort zones, bring in outside help – but only after a lot of research. You’ll need a marketing firm with real knowledge of your type of business.
What advice would you give other entrepreneurs?
Jason McNew: Mainly to just stay focused, and stick with it. Expect a lot of failures, but understand that the successes will be rich and sweet. Tenacity, flexibility, and creativity are key. One other thing I learned that surprised me, was don’t be afraid to reach out to “friendly competitors”, and definitely look for peer groups of other business owners similar to yours. I have been very surprised about how much small business owners will help each other.