Thursday, February 14, 2013

Jeff Snyder's Weekly Look Into What Makes a CISO / CSO Successful

I’m always looking for new ways in which I can use my position to bring value to the security profession.  When I refer to my position, I’m simply referring to the position I occupy sitting between security, risk, compliance and privacy professionals and those who hire security, risk, compliance and privacy professionals.  I constantly learn from the individuals I’m fortunate to work with every day so I’ve been thinking about how I can pass on some of what I learn for the benefit of others.
A couple of weeks ago I came up with the idea to leverage my position for the good of those who one day aspire to become CISOs or CSOs.  For that matter, current CISOs or CSOs who are struggling might benefit from the advice of their most successful peers. 

The idea is pretty simple.  I’ve begun reaching out to CISOs and CSOs to find out what they think the secret to their professional success is so I can share their secrets with those who wish to one day be a successful CISO or a CSO. 

I hope you find this information to be helpful.  I’ll try to post a new success secret every week.
How the CSO of a Global Management Consulting Firm creates success
"Many factors go into being a successful CSO, the secret to success is the CSO’s ability to transform an organization’s culture to one that embraces change and embeds risk assessment and mitigation strategies into the business model. 
This transformation begins with the CSO’s demonstrated commitment to understand the organization’s business strategy, operations and his / her ability to foster effective relationships.  The next step involves the alignment of current and planned security, compliance and risk mitigation strategies with the business model.  Collaboration and development of solutions that demonstrate value are vital to bringing change and acceptance. 
The security organization’s philosophy should be hinged on the identification of risks and articulation of proportionate solutions that support business operations and bring value.  The culture of the organization and tone at the top will provide the framework for the CSO to script the security strategy.  One size does not fit all. 
The commitment and support received from executive leadership and the Board is dependent on the CSO’s ability to align risk mitigation strategies and security programs with operations, foster strategic relationships, influence and communicate effectively. "'s Security Recruiter Blog