Security Experts:

The Communication Imperative for CISOs

One of the potential upsides for security leaders as a result of the COVID-19 pandemic, is a renewed focus on cybersecurity and business resiliency. Seemingly overnight, your expertise, resourcefulness and dedication became recognized as integral to shifting your business to become distributed and digital. Now’s the time to take advantage of all the attention and step up your communications skills, so you can:

• Demonstrate the value you and your teams are providing during the crisis

• Collaborate more effectively to improve security operations, even when teams are working remotely 

• Educate the organization on how you mitigate cyber risk on a daily basis

Let’s take a closer look at each. 

Demonstrate. The best days for security technologies and teams are when they aren’t seen – when they’re doing their jobs to secure the business, employees and customers, without impacting productivity and user experience. Although you’ve been in the spotlight, that doesn’t mean that your executive team and Board really understand the work that happened largely behind the scenes. I’m sure you’re familiar with the phrase, “Tell them what you’re going to do, do it, and then tell them what you did.” Now that you have leadership’s attention, use the opportunity to bring them along the journey. Explain the unique challenges the company faced, how you and your team overcame them, the value delivered, lessons learned, and how to continue to improve security operations. Afterall, you know that the next disruption isn’t too far behind and there is no such thing as preparing too early.

Collaborate. How you communicate with your team has changed – at least in the near term, if not permanently. With employees working from home, you can’t tap an analyst on the shoulder to assign them a task or walk down the hall to get an update on an investigation. You’re geographically dispersed, but you still need the ability to work effectively with team members and across teams. A single, online collaborative environment that fuses together data, evidence and users enables individual team members and different security teams to access the intelligence they need to do their jobs as part of their workflow, and actively share learnings or directly communicate with each other. As a security leader, you can benefit from this collaborative environment as well. You can oversee investigations remotely, observing the analysis as it unfolds and directing action when and how you need to. With a “virtual shoulder tap” you can break down projects and assign tasks to specific individuals, coordinate tasks between teams, and monitor timelines and results. Even when analysts are working remotely, you can continue to coordinate investigations and remediation.

Educate. Boards are maturing in their understanding of cybersecurity and asking more detailed questions. They don’t just want to know if the latest threat pertains to the organization, but in what ways and how you know that. Start thinking now about the information and capabilities you need to help you communicate in a simple and clear way. For example, if there is a new vulnerability or threat in the news, the CEO may ask: “What is it?”, “Does it pertain to us?”, or “How are we impacted?”.  You need to be able to answer in a clear and concise manner. This involves understanding external data on the threat, identifying events and associated indicators from your own internal systems and correlating the two for context and relevance to your environment. With this information you can explain, in a format that is easily digestible for people who don’t live and breathe security, whether or not they should be concerned about a recent attack that made the headlines. Simple explanations help put their mind at ease, whether the news is good, (e.g., “The latest ransomware attack is taking advantage of a vulnerability we’ve already patched, so this isn’t a threat to be concerned about.”) or not so good, (e.g., “Internal data and events indicate some evidence of potential malicious activity, so we’re taking steps to contain it and are now remediating the affected systems.”)  

As we look to the remainder of 2020 and where we should focus our attention, I encourage security leaders to take advantage of one of the few silver linings of the pandemic – a renewed appreciation for the role of security experts. Put communications at the top of your priority list, not only to showcase the value your department provides, but to lay a foundation of knowledge and trust that will likely pay dividends when budgeting season rolls around. 

Learn More at SecurityWeek's CISO Forum (Virtual) Event on Sept 23-24, 2020

view counter
Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Valtix.