Meet Jessica Hable: In cybersecurity, ‘you always need to be ahead of the curve’

Jessica Hable is a cybersecurity professional, so we know her work by the things that don’t happen: The data breach that was avoided. A thwarted ransomware attack. Cloud vulnerabilities that were mitigated. As Manager of Cybersecurity Architecture and Engineering, Hable leads projects and initiatives intended to increase controls across RTD. While the Cybersecurity team does not work directly with customers, its members support the technology that moves them – and the impacts of their efforts are real. An attack affecting communication or the functionality of vehicles could have a direct effect on life and safety.

“I find it very rewarding to work at RTD,” said Hable, who joined the agency close to three years ago. “We reach and support the whole Denver community and surrounding areas. That’s millions of people! There's a treasure trove of opportunity here to improve our processes while making things more secure and protecting against cyberattacks. It’s an honor to be a participant and key player in paving this path for us.”

Said RTD Cybersecurity Director Tim Coogan, who first worked with Hable at Denver International Airport, “Jessica is very passionate about her work at RTD – you see that in her hard work and commitment. That passion of hers is infectious and contributes to the positive development of our division’s value-aligned culture. She also is a master collaborator, a true team player who is excellent at reaching across the aisle to partner with other enterprise stakeholders to increase RTD’s cybersecurity posture.”

For those who are unfamiliar with this area of work, cybersecurity is the art of protecting networks, devices and data from unauthorized access or criminal use, and the practice of ensuring confidentiality, integrity and availability of information. Hable began her career as an IT auditor and enjoyed interviewing others to learn how different organizations approach their work. She sought an area that was more technical – and found that in her current profession.

“Cybersecurity seems like that area where it's always changing and you always need to be ahead of the curve,” Hable said. “It’s a fascinating field to me, and there's a lot that you can do with it.”

Hable came to RTD as Manager of Cybersecurity Operations, with a heavy focus on incident response. Over time, she began managing agency consultants and crossed over into some of the projects and initiatives that are inherent in her current role. Coming to the agency, she said, “There are a lot of complexities with the systems and how they work. We have a lot of vendors, and there are a lot of intricacies. When you’re in cybersecurity, you influence everything.”

Making gains, Hable said, requires working closely with others and understanding that “we're playing the long game. It's not about changing things overnight. You can change a setting overnight, but you can't change a mindset overnight.”

How do you move the security needle at a large organization?

“With any of our projects and the changes associated to them, we have to break it up into phases, and we’ve been really successful with this approach,” Hable said. “This helps us to be as frictionless as possible, meaning it lowers impacts on the service desk and RTD’s resources. It also helps us to identify potential issues with a smaller scope, and we can easily revert or correct course. Breaking it up into phases really helps us establish trust within the organization, which allows us to continue to move forward with our initiatives, inching RTD closer to a more robust security posture.”

Cybersecurity is important for any organization, Hable said – especially a public transportation provider like RTD. “There's a lot of ransomware out there, and it's hitting in critical infrastructure,” she said. “We need to be prepared for that. We're preparing for the event in all of what we're doing, and we're doing a lot of great things.”

Hable’s work requires her to consider how disparate parts are connected to the whole, which individuals need to be involved, and what requirements or steps are needed to reach a desired result. Most important, she said, is thinking about how people and teams will be affected by her team’s work.

“I’m most interested in identifying solutions to make processes more smooth while keeping a security mindset,” Hable said. “Sometimes I don’t know what that solution is, but we research and work with different groups to find the solution.

“I’m a very curious person, and I love learning. Cybersecurity is an interesting landscape and it’s always changing, so we as security professionals are always learning and adapting. We play a key role in informing and training others at RTD.”