In the initial post of this new series on the challenges faced by Cybersecurity leaders today, we looked at current facts and trends as well as the added stressors from the Great Reorganization.
With attacks increasing 135% in 2023 and the addition of burnout and stress issues of frontline managers who lack training and development, in this post we’ll look at the root cause of Cybersecurity leader failings and outline a path to success.
Here is the old mindset CISO pitch: “Why should you choose our expert team?”
- We are your BEST choice!
- We can get you a roadmap to success.
- Follow our directions and you will be fine.
- Can’t you see our instructions are so clear!?
- Just take this one piece missing in the puzzle.
- Take these 4 steps to glory, and you will win.
- Trust me, I know which is the right choice.
The same old thinking brings the same old results!
What is the path to success?
The new Cybersecurity professional must add new skills to face the challenges of the 21st century and look for talent that can meet these challenges. These professionals must have skills beyond the technical realm.
A new mindset will lead to new results:
- Solve for the problem’s root cause, not the symptoms.
- Apply critical thinking to actively listen to your stakeholders (there are plenty of proven techniques out there).
- It is about continual, lifelong learning.
- Bring everybody in, and listen to all stakeholders, including the contrarians.
- It is their project, our success.
- Share the credit and make your stakeholders shine. How rewarding it is to watch them succeed!
- Show your stakeholders they can do it.
- Forget the mistake and focus on the lesson. Create a safe environment to learn from failure (there are good frameworks out there).
In a 2021 survey by PwC, more than half of executives surveyed said they planned to add full-time cybersecurity personnel over the next year.
Studies reveal that hiring is tough in the cyber labor market. In the US 50% fewer candidates are available than are needed.
What are executives looking for? Analytical skills, communication skills, critical thinking and creativity. This corresponds with the expanded role of the CISO – one who not only is a tech leader but also works with colleagues in the C-Suite to add value overall.
System Thinkers think system wide.
- They are thorough and inclusive
- They are skilled at analyzing and optimizing
Team Players synergize collaborative efforts.
- They achieve goals through communication and trust
- They arrive at optimal solutions
Technical and Social skills are critical for effective stakeholder engagement.
- They bring technological understanding to recognize threats
- They allow communication between tech and non-tech people to develop solutions
Civic Duty ensures values align with country and company.
- Individuals’ contracts worded to protect organization
- Encouragement of loyalty to the values of the larger entity
Continual Learning drives the march for technological advancement.
- Keep up with constant change
- Learn anew and take on challenges
Communication is key for supporting cybersecurity across the organization.
- Support prevention and compliance
- Explain clearly how systems work and why they matter
In the next post in this series we’ll consider next steps and the road ahead!
- New Manager Preparedness
- Guiding Cybersecurity from the Boardroom Publisher: TAG Cyber, a division of TAG Infosphere, Inc., 45 Broadway, Suite 1250, New York, NY 10006. Copyright © 2023 by TAG Infosphere, Inc. All rights reserved. This publication may be freely reproduced, freely quoted, freely distributed, or freely transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system without need to request permission from the publisher, so long as the content is neither changed nor attributed to a different source.
- NACD: 2023 Director’s Handbook on Cyber-Risk Oversight