6 Ways to Engage, 5 Key Qualities of CISOs, & 4 Actions Leader Take – BSW #216
In the Leadership and Communications section, 6 ways to spur cybersecurity board engagement, 5 key qualities of successful CISOs, and how to develop them, 4 Actions Transformational Leaders Take, and more!
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
When the security industry talks about a data breach, often the first question asked involves the state of the victim’s network security – not the breach of data. Why is this? It’s because organizations have their security priorities backward, and that needs to change.
Some of the world’s biggest businesses use this approach to increase efficiency in their company. But its principles are rarely applied to cyber security. With cyber security teams increasingly stretched and attacks increasing, it’s time for that to change.
1. It’s time to truly understand cyber risk
2. Risk mitigation becomes the focus
The key elements of Lean Six Sigma: Define, Measure, Analyze, Improve, and Control.
Corporate boards' subpar cybersecurity literacy and security leaders' lack of business acumen have resulted in missed opportunities to align security and business objectives, leaving enterprises open to potentially catastrophic cyberthreats. ESG offered six recommendations for advancing cybersecurity's standing in the C-suite and boardroom and throughout the enterprise.
1. Educate boards
2. Adopt a CISO-to-CEO reporting structure
3. Foster a cybersecurity culture
4. Formalize the cybersecurity program
5. Prioritize critical assets and initiatives
6. Hire BISOs
So, what can security leaders do to make sure they're prepared and hone their skills ahead of the next inevitable threat? Now, they can test themselves and their knowledge at a new website, 'The CISO Challenge' (https://ciso-challenge.com/?utm_source=thn).
Today, business success is directly intertwined with the success of information security. Therefore, the modern CISO needs a unique set of qualities to align effective data security strategy, process, and practice with various business needs and requirements.
1. A modern CISO speaks the language of the business
2. A modern CISO is a collaborator
3. A modern CISO is emotionally intelligent
4. A modern CISO has strategic focus
5. A modern CISO is tenacious
In a changed, post-pandemic environment, employees, customers, and investors have high expectations for the companies they work with. They expect companies to play a more prominent role in tackling systemic issues like climate change and social inequality, and they expect leaders to be effective, authentic, and compassionate. Leaders who want their organizations to meet this moment and succeed long-term need to move away from the status quo and change their approach to how they’ll lead the necessary transformations.
The following four strategies, based on our collective experience in leading transformations over the last 25 years, will help leaders increase their chances of success.
1. Practice New Mental Models
2. Work the Edges of the Organization
3. Share Leadership More Systematically
4. Make Empowerment Live Up to Its Promise
In the leadership and communications section, 8 Questions to Ask Before Selecting a New Board Leader, How Cybersecurity Leaders Can Build Employee Trust—And Why It Is Important, 7 rules to communicate the business value of IT, and more!