end-point
ANALYSIS
to be able to count on their fellow leaders to deliver against security goals and objectives that feed into the organisation ’ s overarching business goals .
Communicating downwards
Downwards communication is arguably the most important type of communication , especially when it comes to bringing teams along on the journey or getting them galvanised behind certain ambitions . There are many people within the security function – analysts most prominently – who don ’ t want to spend their days looking through incident log files . Rather than doing this monotonous monitoring , analysts are usually far more interested in providing their organisations with deep-level insights that can help them unearth potential weak spots in their defenses or breaches that have already happened .
By engaging with the parts of the workforce who have a genuine interest in delivering solutions to keep businesses safe and make them go faster , CISOs can help contribute to greater staff retention – which is increasingly difficult in a highly competitive market . This , in turn , leads to better outcomes through more workforce consistency . A CISO who knows how to communicate goals downwards and ensure a team is excited about delivering against them is one who is going to have better staff retention in the immediate and long term .
The bigger picture
The role of the CISO was forged at a time when organisations needed someone to be responsible for the IT security ‘ stuff ’. As technology has evolved and become central to business success , so has the responsibility and required skillset of the CISO . With less focus on tools , threats and even risk management than ever before , for the successful modern CISO , nothing is quite as important as figuring out how to make their business more efficient , connected and therefore better performing , through stronger communication . Similarly , where once understanding technology was core to the role , today ’ s CISO needs a more consolidated awareness of the business as a whole and the ability to engage in dialogue about it .
The CISO job has always required people who are flexible , adaptable and passionate about security . But in today ’ s world , it is as much about business leadership and communication as it is about the security aspect itself . In a forward-thinking organisation , if a CISO cannot understand and talk business , they have little to no chance of effectively selling business priorities central to their mission to the board , nor of getting the rest of the organisation bought into the actions required to achieve them .
74 WWW . INTELLIGENTCISO . COM