“Technical expertise is an imperative, but it’s insufficient.”
That’s according to a well-researched presentation at the 2017 RSA Conference called The Five Secrets of High-Performing CISOs.
“Great tech chops won’t solve the problem, you have to get out of the tech realm, and drive information security thinking and best practices into the guts of the business – that’s infosec leadership.”
But how exactly do effective CISOs do that?
The first step is learning to lead without the authority, according to the presentation. This requires gaining “command of the facts.” That’s the process through which CISOs determine things like the location of critical assets, who owns those assets, and analyzes the associated risks – and then developing a case over time to help business leaders understand the impact of cyber risk.
It’s one of five secrets the research suggests say effective CISOs possess. Those five secrets are as follows:
1) Effective CISOs learn to lead without authority.
2) Effective CISOs embrace the role of change agent.
3) Effective CISOs don’t wait for an invitation.
4) Effective CISOs build a cohesive unit not just proficient individuals.
5) Effective CISOs recognize the journey is long.
We previously published a blog post about that session – Security Leadership: 5 Habits of Highly Effective CISOs. It’s been among the most read pieces for many months. That tells us there’s demand for such information, so we’ve transformed that post into an infographic with credit to the original presentation.
Here’s a look at infographic with the 5 Essential Habits of Highly Effective CISOs:
If you enjoyed this post, you might also like:
What is Bro? And Why IDS Doesn’t Effectively Describe It [Overview and Resources]