A conversation with Benjamin Corll, vice president of cybersecurity and data protection at Coats. One of a series of security leadership profiles prepared by Cybersecurity Collaborative in conjunction with SC Media. Cybersecurity Collaborative is a membership community for cybersecurity leaders to work together in a trusted environment. Find out more here.
About Benjamin Corll: Benjamin Corll is vice president of cybersecurity and data protection at thread manufacturer Coats Group. He is an advisory board member of VigiTrust and was a local mentor for the SANS Institute. Corll has been in IT since 1994, when he began his career managing token-ring networks while serving in the U.S. Marine Corps. He earned an Associates Degree from Wake Technical Community College and completed the Chief Information Security Officer Program at Carnegie Mellon University - Heinz College of Information Systems and Public Policy.
What makes a successful security leader?
No. 1: understanding and aligning to the business. We’re here in our business to identify and communicate risk. We have to know our environment, our threats, our risks, and how to properly communicate that to our organization.
As a leader, we also have to take care of our team(s). This is getting them the tools and support that they need in order to be successful. We may run the organization, yet we truly work for them. Our success is largely dependent on the security team(s) being successful. And we also have to guide, mentor, and build up our team. Succession planning is important. Give people the opportunity to succeed and even to fail. This will give them the confidence to grow, hopefully within the organization, yet it may also be they grow and go lead a team at another organization, which is OK as that means you have a great advocate at another organization which can share some insights and perspectives.
What internal and external priorities should today’s security leaders focus on?
Identify and report risk. Don’t sell FUD (fear, uncertainty, and doubt). And focus on the basics before trying to tackle the advanced threats.
Also, look at your backups. Verify them. Test them. Don’t become the next statistic or headline having to pay a ransom to get your data back from the bad guys.
And focus on your people. It’s a hard market. In order to keep people, we have to invest in them. There is always more work to do. So carve off time to train, to grow, to mentor them. And don’t overwhelm people with too much work. Set an example and don’t send emails at 9:30 at night as they’ll feel obligated to respond. If you need to send that message for your own (so you know it went out) then set a delayed delivery for normal working hours for those who are receiving it. This is especially true on the weekend. Set a culture where people feel comfortable stepping away from the devices.
Then keep your eyes open. What’s going on? This is both internal and external. What trends do you see? How is it impacting or likely to impact your organization?
Talk to other teams in your company. What are they seeing? What might that indicate?
And then review how many incidents are being reported. Do people know to (and how) report incidents?
How can cyber leaders work with corporate peers to win buy-in from c-suites and boards of directors?
Partner together. The CISO office truly can be known as the office of “know.”
Use the tools to produce information that can give insights to the other teams. Help them look like rockstars. Help drive improvements in their KRIs and KPIs. Help them and they’ll return the favor and be huge advocates for you. And when it comes time for budgeting and trying to get new tools, they’ll be supporting you.
Also, use external examples. An incident from a supplier or business partner can be used as a great example for the board or c-suite. This isn’t just some random company; this is a trusted one. One that the board or execs have a relationship with and can reach out and talk to. Make sure they are aware there was an incident and then have an open conversation how your organization is setup to defend against that type of attack. And since the security team isn’t always going to be informed of these events, build this relationship with the rest of your partners in the business so they inform you if/when the other companies do have a breach.
And don’t be afraid to market and announce your successes!
Why did you join Cybersecurity Collaborative?
Cybersecurity Collaborative offers a peer-to-peer network that gives me access to dozens of other CISOs, the ability to reach out with specific problems and get support from other security leaders, and access to templates/documents.
And to have a way to serve our community and give back.
What is most valuable about your membership with the Cybersecurity Collaborative?
Networking. And it doesn’t hurt to have the ability to build the personal brand by being able to lead webinars and author the documents for the collaborative.
