Internationally recognized cybersecurity leader Dan Lohrmann learned how to get to “yes” the hard way when he was the chief information security officer at the state of Michigan. 

Teri Takai, who was chief information officer at the time, wanted WiFi in all of the state’s conference rooms, and Lohrman said he was ready to go to battle to get the project canceled because WiFi was not very secure at the time. 

After asking everyone but him to leave the room, “She said to me: ‘Dan, if that’s your answer, you can’t be the CISO in Michigan.” 

Takai had visited the state’s automakers, which all had WiFi in their conference rooms. She told him, “They know something you don’t know,” and she gave him a week to figure out how he was going to do it, or he was going to resign. 

Besides being shocked at the statement (they’re still friends, he relayed during the CISO Stories podcast), his office called the automakers to figure out how the state was going to undertake the project. Two years later, the state won an award from the National Association for State Chief Information Officers for the project. 

“The bigger lesson for me was you can’t just say no — you can’t cancel the project — you gotta get to yes,” he said, adding that he learned that CISOs have to be enablers.

Listen to episode 23 of CISO Stories: “CISO Business Enablement: Getting to ‘Yes’ as a CISO

As a top Michigan government technology executive for 17 years, Lorhmann was national CSO of the Year, Public Official of the Year and a Computerworld Premier 100 IT Leader. He is currently CSO & chief strategist at Security Mentor, where he advises global and local corporations and governments on cybersecurity and technology infrastructure strategies and security culture change. He has been a keynote speaker at security conferences from South Africa to Europe and Washington, D.C. to Moscow.