What is the most important advice you can give the next generation of security professionals and CISOs?
Sort By:
Oldest
CISO in Healthcare and Biotech2 years ago
Be curious, be emphatic, lead with the "why" and never say "no", only "maybe...if the risk can be minimized or the right controls are in place."CIO/CISO in Healthcare and Biotech2 years ago
Focus enough time on learning to translate the technical aspects of what you do (using risk as the key arbiter) into language that your C-Suite peers and board members can understand. The technical controls have become much more mature in the past 5 years, the real challenge is preparing to talk on the same language level as your peers in other business unitsCISO in Software2 years ago
Always have a training and growth plan with dedicated time allocation and structure to stay current on trends, technologies and processes.CISO in Finance (non-banking)2 years ago
Don't be afraid to fail and truly learn from those experiences.
A good balance of both technical skill and business acumen is what a CISO needs to succeed. You have to earn the respect of your cybersecurity rank and file, but you also have to be able to translate technology talk for the board and C-suite. You have to speak their language and that doesn't come naturally; it’s something you have to learn. Some CISOs see themselves as pure business people and will never have the respect of their actual cybersecurity ranks. But that's a mistake, because in the face of a real emergency, those people won’t be that effective. So my advice is: don't limit yourself in terms of your perspective. It's great to have the business perspective, and it's great to have the technical perspective, but this role is unique in that you need both.