7 tips to becoming a successful CISO

  • You don’t have to reinvent the wheel

    While success is gauged different in every job, there are similar strands that run through each opportunity. Todd Bell, who is an international expert and leading speaker on preventing security breaches for new start-ups to Global Fortune 500 companies, looks back at his years in the security industry and offers up these seven tactics that will help you stay atop the field. As a CIO & CISO, Bell has made a global impact for safeguarding millions of consumers information around the globe when utilizing his established enterprise security architecture and finding security vulnerabilities within an enterprise. He is also the architect & inventor of the Bell Security Enterprise Security Architecture method that streamlines cybersecurity controls as a virtual overlay onto an existing company infrastructure without having to move any systems.
  • Find a mentor—don’t try to figure everything out on your own

    A great place to look is your LinkedIn contacts and find experienced CISOs that have been in their position for at least three years. These individuals tend to have solid executive experience and can be a great resource to help you be successful with your own career.
  • Learn your business and how every department works

    Everyone you work with will respect you for taking the time to understand their business, the challenges they are faced with and you will find opportunities to help them with common agendas that may be aligned with your agenda. It is a great opportunity to build your brand within your own company and be humble when you meet with the other functional executives. Be likeable. This will pay dividends when you need a favor to push your cybersecurity agenda.
  • Spend more time with your CIO and “walk a mile” in their shoes

    You will start to see why you mostly report into the CIO function and how your decisions have a dramatic impact on the company and the CIO’s agenda. Learn to be an ally with the CIO. I also recommend stop trying to report into the CEO of the company because you have an issue with the reporting structure with the current CIO reporting structure. Get over it, and work with your CIO. This is your most important relationship you will have within your company as the CIO can help your career or break your career within the company. Don’t underestimate the power of the CIO, even if you do report into the CEO.
  • Take the time to read and learn from a variety of business books

    You are now swimming with sharks and you need to bring your political “A” game to the table if you expect to be taken seriously and want to survive.
  • Cybersecurity exhaustion

    Be careful not to “overplay your hand” with a large cybersecurity agenda that creates “cybersecurity exhaustion” that makes the impression your job is to tell everybody else what they are doing wrong in their own jobs. You don’t want to look like the IRS department within your company, because nobody likes working with the IRS.
  • Be the trusted adviser within your company

    Your job is to help others, not tell them what they are doing wrong or what they should be doing.
  • Ask for help

    Deloitte & Touche, LLP just developed the CISO Transition Lab to help accelerate a CISO’s performance. This is a program that is designed to help you thrive within your business. Also, many universities offer short summer executive programs ranging from one week to a couple months that can expand your current business knowledge of how a business functions. You have to find a way to function within your business and not be the techno geek that wants to protect everything within the company.
Show Comments