F5. Why CISO's Are Not Working Out At Corporations
Thursday, June 6, 2019
11:15 AM - 12:15 PM
It's a fact, companies don't like the cybersecurity department because they are seen as the "anti-business department," the "department of no," and the department that IT doesn't want to invite to enterprise architecture meetings because "cybersecurity is concerned about changes and always throws a monkey wrench at new technology ideas."
Key takeaways are leadership principles of how to be more effective as a CISO:_x000D_ _x000D_ 1. Invest in relationships with executive peers_x000D_ 2. Have the cybersecurity team sit with the rest of IT and not in a separate section_x000D_ 3. Run the cybersecurity department like an internal consulting organization to support the business by helping the business be successful._x000D_ 4. Removing "NO" from your corporate vocabulary and become a solutions leader of how you can solve challenges_x000D_ 5. Changing the overall "Police Officer" perception of the cybersecurity department and seek opportunities to support the business_x000D_ 6. Stop treating the business like a bunch of two-year children and telling them how much the suck at their jobs with vulnerability findings_x000D_ 7. Increasing operational effectiveness through steadfast leadership, taking the time to learn the entire business, getting out of your comfort zone, and working with the CIO for a career track_x000D_ 8. Preparing for your next job within your company_x000D_ 9. Seeking ways to have cybersecurity be a part of the corporate brand to build customer trust and show greater value to the enterprise_x000D_ 10. When making purchasing decisions, look beyond cybersecurity and see who else in IT you can help benefit through smart relationship building