I started a series where I depict the meaning of the CISO acronym to me starting with the article “The C in CISO is for Connecting” followed by “The I in CISO is for Influence” and “The S in CISO is for Service, for Servant Leadership.”. Today I close the series with what the O means to me, which I hope many agree it stands for Organizational Savvy.
As a leader in of your organization’s leadership team and someone delivering a program that will impact the organization in different ways, a CISO must understand the way the company operates; its culture; its customers; its key players; and really to wrap it all up together, the company’s “Why”; or what I call “the ways of the force”. Want to be an influential leader in the organization? “This is the way”.
One of the key traits we always point out that cybersecurity professionals must have is curiosity and that applies to the CISO as well. Be curious about why the company does what it does, how they do it, who does it. Without the understanding of the intricacies of the company it will be hard to build and deliver a program that is aligned with the strategic objectives of the organization and that is supported by the leadership team.
There are many ways to go about this process and a lot depends on your leadership style and also the culture of the company. Here are some approaches that have worked for me in my career:
The are many ways to accomplish this. The point is that you really want to put a lot of effort and most of your time on understanding your company if you want to contribute to the overall mission of it, which is your ultimate goal as a leader anyway. Do understand that this process takes time. In my experience it takes around six months to start getting to know the organization and a couple years to be completely comfortable with the corporate culture but that should not slow your progress down as long as you collaborate with others and accept that you need help to develop a security program that is aligned with your companies goals. “This is the wat” to influence and deliver value to your organization.
I hope you enjoyed this series and that it helps you in your CISO and leadership journey.