Communication can be a crucial skill for all leaders in an organisation, no matter their seniority. This is doubly true for security officers. Communicating clearly works on multiple levels. Security leaders and CISOs need to be able communicate clearly their strategies – including instructions, plans for responding to incidents, and policies. They must also communicate to C-level the importance and value of strong defenses.
For CISOs and other security leaders, this latter skill is crucial but often overlooked or not prioritized. A webinar entitled “How you can ace your Infosec deck will discuss the value of communicating clearly with managers and provide key strategies for doing so. The webinar will feature a conversation with vCISO and Cybersecurity Consultant Dr. Eric Cole, as well as Norwest Venture Partners General Partner Dave Zilberman.
Security leaders must demonstrate the importance of tasks and decisions as well as how security threats impact on the mathematics.
From tactics to strategy
One of the biggest differences in communicating to a security team or organization and communicating with management is the scale on which decisions are judged. Security leaders tend to be focused on tactical issues – how their organization can defend itself. This perspective focuses on daily decisions, processes, plans for incident response, and immediate effects.
For security leaders, this is essential. Leaders must have the ability to deal directly with threats that arise on a daily basis. Without a strategic perspective, tactics are nothing. Even the most detail-focused security leader has a plan for how the overall protection of their organization looks. The strategic view of security abstracts all the details while keeping the eye on the bigger picture.
Bridging communication gaps
Unlike security professionals who get lost in the day to do their jobs, C-level and boards are focused on strategic aspects. CISOs need to be able communicate the importance of their work effectively. They must translate their tasks, policies and decisions into broader organizational impact.
This includes not only the work being done, but also the risks and threats that could create issues for an organization. The board members may not be as concerned about how the organization is protected but more with what these strategies are having an impact on the company.
The conversation will cover:
- How InfoSec Leaders can quickly move communications from the tactical to the strategic viewpoint. A security leader must be able to communicate complex cybersecurity strategies in a more general sense, and put them into the context of the organization’s success.
- How to convert complex security realities into easily digestible and actionable insights. The best presentations are not about the nitty gritty. They offer insights and interpretations of the meanings and their impact on an organization.
- How to leverage security knowledge to align cybersecurity priorities with business and commercial goals. It’s easy to think that security and business success can be diametrically opposed. But, it is not. Good security decks can help align business goals with cybersecurity goals in ways that improve both.
- How can security leaders provide a real, pragmatic answer to the question: “how secure are we?” At the end of the day, the board really cares about how secure an organization is, and less about how they get there. This means that security leaders must look at their efforts and provide a transparent and frank accounting of the risks and how well prepared they are to face them.
You can register for the webinar here.