- GitHub has hired Mike Hanley its first-ever chief security officer, the company announced Wednesday.
- A veteran of Cisco and security startup Duo, he aims to make open source GitHub projects more secure.
- In an interview with Insider, Hanley outlined his plans to “move left” and grow GitHub’s security team.
- Visit the Business section of Insider for more stories.
GitHub has hired Mike Hanley as its first ever chief security officer, the company announced Wednesday.
Hanley will be tasked with overseeing internal security at the Microsoft-owned firm, as well as helping to guide developers who use the world’s biggest open-source repository to better secure their software. Developer security is currently a booming trend as companies increasingly rely on open source software and adopt more applications hosted in the cloud.
“The vast majority of the commercial products that you use probably have open source code written by a community that lives on GitHub,” Hanley said in an interview with Insider. “Making sure they can trust the integrity of the code they’re developing on GitHub is really critical to raising the tide of security across the entire ecosystem.”
By helping developers better secure their code, he essentially aims to improve the security of the tech industry overall.
Hanley previously served as chief information security officer at Cisco. Before that, he was vice president of security at the startup Duo, which specializes in multifactor authentication and endpoint security.
In both those roles, Hanley said he grew accustomed to balancing the need for security with businesses’ interests in speed — an objective he aims to carry out at GitHub. Part of that mission will hinge on a push to “move left,” a term for eliminating vulnerabilities as early as possible in the creation of software so that developers don’t have to worry as much about security down the line.
“We want to eliminate as much friction as possible in the software development process so that security just happens — it’s not something developers need to be experts in,” Hanley said. “We want developers to be experts at the projects that they’re working on and the things that they’re trying to create.”
Hanley’s move to GitHub comes as major tech firms are making investments to securing their code, including Google, which recently hired two full-time engineers tasked with open source security.
Hanley will grow GitHub’s existing security team, he said, and plans to hire a slate of new security engineers in the coming year.
“I’m fortunate to already be inheriting a good-sized team here at GitHub that already has a tremendous amount of capabilities,” he said. “We’ll be making pretty significant investments in hiring a number of new people into the team over the course of the next several quarters.”