CISO Leadership Summit Recap
Published On: December 7, 2015
CISOs Focus on Leadership, Strategy, and Carving a Space in the Boardroom at K logix’s first CISO Leadership Summit
Twenty-four CISOs from across New England came together at the Langham Hotel in Boston to spend the day collaborating, solving challenges, and encouraging each other to embrace their opportunity to take a higher-level, more strategic position in the Boardroom.
Leadership and Perseverance in the Face of Challenges and Doubts
James Bradley, author of the New York Times best-selling work Flags of our Fathers, set the tone for the event. Bradley’s father was one of the soldiers pictured raising the American flag during the WWII Battle of Iwo Jima, the most reproduced image in history. Bradley decided to tell his father’s story and his book was finally published after four years and being turned down 30 times. His perseverance paid off, as Flags of our Fathers eventually spent 46 weeks on the NY Times Best Sellers and later turned into a movie by Clint Eastwood. He believes the biggest factor in his success was his clear vision and determination. He had a story he knew should be told, and he was committed to finding a way to tell it. Security leaders can learn from his struggle and commitment as they struggle to educate the company and the Board on the value of their efforts.
Not a Sprint, Not a Marathon, a Journey
Michael Santarcangelo, a featured editorialist for CSO Magazine and a Security Leadership Consultant, led the leadership workshop. He reminded CISOs that security leadership is neither a sprint nor a marathon, but instead a journey. Santarcangelo stated that because security requirements are ever-evolving, the security leader cannot focus on a finish line, rather he or she must focus on the journey. Part of the journey is defining “value and vision” and communicating that to the organization. CISOs today need to understand their value to the business and be able to translate that value into a vision for how security can positively impact the company’s goals. As the moderator for the event, Santarcangelo kept everyone focused on leadership and communication. Strong business communication skills are necessary to take a leadership position beyond the IT department.
Breakout Roundtables Gave CISOs the Chance to Share Challenges and Successes
CISOs Collaborating with CIOs. This roundtable spoke about trust and alignment when working with CIOs, and other business leaders in general. Trust is one of the most important factors in any successful CISO/CIO relationship because the two must work closely together on nearly every project.
Finding the Right Talent. Everyone at the roundtable was in agreement – there is a talent shortage in the security industry. CISOs emphasized hiring someone with a clear mission and vision that can be articulated during an interview. It is important to showcase how your organization is innovative in order to attract talented professionals. Also, making your plans for hiring known to the community allows for a broader talent pool.
Security Awareness Training. This roundtable spoke about how CISOs have shifted training from a corporate focus to a more personal one, as they realized the message of security awareness resonates better with employees when it impacts their personal life. CISOs invest training hours in topics like cyber bullying and how to protect your home in the age of the Internet of Things. CISOs also discussed the challenges of creating security awareness programs that are multi-cultural and will work in offices across the globe, with barriers of different languages, customers, and behaviors.
Making an Impact on the Business. This roundtable discussed understanding their role in the Boardroom and the need to clearly articulate their impact on the business. A common theme was emphasizing the importance to first establish trust with the Board to facilitate open and productive communication. CISOs need to find at least one ally to gain mindshare of the rest of the Board. Parallel to communication is strategizing to ensure security directly aligns
with the organization’s business objectives, which creates a solid foundation for positive interactions.
Subscribe
Stay up to date with cyber security trends and more