“When I joined my most recent company, it was my relationship building with business units, legal, privacy, compliance, and corporate security that made the difference. The first thing I did when I arrived there was meeting with the "players". It was amazing how much the “players” did not know about protecting information and how regulations played into the grand scheme. I guess that's why I ended up there.What you just read is one Chief Information Security Officer’s point of view when asked what has made him successful in his career and at the CISO level. I've asked this CISO to share his thoughts regarding what he looks for when recruiting to fill information security jobs and risk management jobs. If he shares these thoughts, I'll share his answers in a future Secruity Recruiter Blog post.
The challenge with relationships is that they are like plants. To have a plant flourish, it needs proper care and feeding. You first need to plant the seed which is as simple as putting the thought in a person's head about what could happen to the company's brand and image if they had a breach or regulatory violation. As that thought grows, you need to carefully watch it and help the person understand the evolving landscape (i.e., the headliner of the day). The continuous heads ups regarding headlines are like fertilizer. It sure can make a plant grow faster.
Over time if you ignore the plant or deprive it of water and sunlight, it can die or grow in ways and directions that you may not want. And then when weeds enter the picture, if you don't pluck the weeds (i.e., noise makers) the plant can be over taken and all the hard work of raising the plant goes away.
The battle with information security is not in technology alone. It's the lack of rational risk- based thinking. Also, the inherent fear of brand damage clouds people's judgment. Don't get me wrong, I'm not advocating that people shouldn't be fearful, but rather, like all business decisions, they need to assess the risks against the costs. And they must realize that there are no guarantees in security just like there are no guarantees in launching a new product or service. In short, it comes down to the art of risk management.”
Tuesday, November 23, 2010
Conversation with a Financial Services Chief Information Security Officer
President of SecurityRecruiter.com and JeffSnyderCoaching.com. SecurityRecruiter.com is an executive search firm specialized in information security recruiting, cyber security recruiting, corporate security recruiting, physical security recruiting, converged security recruiting, IT risk management recruiting, enterprise risk management, global compliance recruiting, global privacy recruiting and business intelligence recruiting.
Through JeffSnyderCoaching.com, I provide Resume Writing, LinkedIn Profile Optimization, Personal Branding, Personal Marketing, Strengths Coaching, Emotional Intelligence Coaching, Career Coaching, Leadership Coaching, Executive Coaching, Coaching for Entrepreneurs and aspiring Entrepreneurs, Career Transition Coaching and more.
My clients include Fortune 500 clients crossing many different different industry boundaries including but not limited to Banking, Financial Services, Hospitality, Gaming, Insurance, eCommerce, Oil & Gas, Retail, Entertainment, Media, Software, Consumer Products, Hospitality, Mining, Security Consulting, Telecommunications and more.
My Security Recruiter Blog is home to information that security, risk, compliance, governance and privacy professionals need to grow their security careers and is updated weekly.
My recent public speaking activities include:
- CISO Forum and ISSA of Los Angeles
- CSO Roundtable for ASIS
- North Texas ISACA in Dallas, TX
- Information Security Leadership Forum, Dallas, TX
- ISSA in Denver, CO
- National CISO Forum of ISSA in Las Vegas
- ISSA in Colorado Springs
- EVANTA in Phoenix
- A private training session to train computer sales people in Denver to leverage LinkedIn to drive their sales business opportunities.
- I speak on leadership, career and overcoming adversity topics.
Testimonials of my recruiting work are found on the Security Recruiting Testimonials page of SecurityRecruiter.com. Testimonials for my coaching work are found on the Coaching Testimonials page of JeffSnyderCoaching.com.
I have a rather large and growing LinkedIn network with nearly 30,000 direct connections.