Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

CISO Strategy

The Communication Imperative for CISOs

One of the potential upsides for security leaders as a result of the COVID-19 pandemic, is a renewed focus on cybersecurity and business resiliency. Seemingly overnight, your expertise, resourcefulness and dedication became recognized as integral to shifting your business to become distributed and digital. Now’s the time to take advantage of all the attention and step up your communications skills, so you can:

One of the potential upsides for security leaders as a result of the COVID-19 pandemic, is a renewed focus on cybersecurity and business resiliency. Seemingly overnight, your expertise, resourcefulness and dedication became recognized as integral to shifting your business to become distributed and digital. Now’s the time to take advantage of all the attention and step up your communications skills, so you can:

• Demonstrate the value you and your teams are providing during the crisis

• Collaborate more effectively to improve security operations, even when teams are working remotely 

• Educate the organization on how you mitigate cyber risk on a daily basis

Let’s take a closer look at each. 

Demonstrate. The best days for security technologies and teams are when they aren’t seen – when they’re doing their jobs to secure the business, employees and customers, without impacting productivity and user experience. Although you’ve been in the spotlight, that doesn’t mean that your executive team and Board really understand the work that happened largely behind the scenes. I’m sure you’re familiar with the phrase, “Tell them what you’re going to do, do it, and then tell them what you did.” Now that you have leadership’s attention, use the opportunity to bring them along the journey. Explain the unique challenges the company faced, how you and your team overcame them, the value delivered, lessons learned, and how to continue to improve security operations. Afterall, you know that the next disruption isn’t too far behind and there is no such thing as preparing too early.

Collaborate. How you communicate with your team has changed – at least in the near term, if not permanently. With employees working from home, you can’t tap an analyst on the shoulder to assign them a task or walk down the hall to get an update on an investigation. You’re geographically dispersed, but you still need the ability to work effectively with team members and across teams. A single, online collaborative environment that fuses together data, evidence and users enables individual team members and different security teams to access the intelligence they need to do their jobs as part of their workflow, and actively share learnings or directly communicate with each other. As a security leader, you can benefit from this collaborative environment as well. You can oversee investigations remotely, observing the analysis as it unfolds and directing action when and how you need to. With a “virtual shoulder tap” you can break down projects and assign tasks to specific individuals, coordinate tasks between teams, and monitor timelines and results. Even when analysts are working remotely, you can continue to coordinate investigations and remediation.

Advertisement. Scroll to continue reading.

Educate. Boards are maturing in their understanding of cybersecurity and asking more detailed questions. They don’t just want to know if the latest threat pertains to the organization, but in what ways and how you know that. Start thinking now about the information and capabilities you need to help you communicate in a simple and clear way. For example, if there is a new vulnerability or threat in the news, the CEO may ask: “What is it?”, “Does it pertain to us?”, or “How are we impacted?”.  You need to be able to answer in a clear and concise manner. This involves understanding external data on the threat, identifying events and associated indicators from your own internal systems and correlating the two for context and relevance to your environment. With this information you can explain, in a format that is easily digestible for people who don’t live and breathe security, whether or not they should be concerned about a recent attack that made the headlines. Simple explanations help put their mind at ease, whether the news is good, (e.g., “The latest ransomware attack is taking advantage of a vulnerability we’ve already patched, so this isn’t a threat to be concerned about.”) or not so good, (e.g., “Internal data and events indicate some evidence of potential malicious activity, so we’re taking steps to contain it and are now remediating the affected systems.”)  

As we look to the remainder of 2020 and where we should focus our attention, I encourage security leaders to take advantage of one of the few silver linings of the pandemic – a renewed appreciation for the role of security experts. Put communications at the top of your priority list, not only to showcase the value your department provides, but to lay a foundation of knowledge and trust that will likely pay dividends when budgeting season rolls around. 

Learn More at SecurityWeek’s CISO Forum (Virtual) Event on Sept 23-24, 2020

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Valtix.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

U.S. Marine Corps and SAIC CISOs Discuss the Differences Between Government and Private Industry

CISO Conversations

SecurityWeek examines the role of the virtual CISO in a conversation with Chris Bedel and Greg Schaffer.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Conversations

In this edition of CISO Conversations, SecurityWeek talked to two vendor CISOs: Chris Morales, CISO at security and analytics firm Netenrich; and Laura Whitt-Winyard,...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Conversations

While the BISO might appear to be a new role, it is not – and understanding its past provides insights into its present.