Leading CyberSecurity as a CISO at the Enterprise Level

People take on CISO roles for different reasons. Some do it because they feel they are good at doing it, or they value providing a service like that to an organization, or they see it as a challenge. Sometimes people do it because it’s seen as an entry into organizational leadership v. staying in the cube farm. Maybe you get paid more than you were used to, or because you got recruited from elsewhere to build a function.

Power, money, intellectual challenge -- these are all different sets of values that led you to become a CISO. All of them are valid reasons to enter the role. Regardless of why you started, once you’re in the CISO role you discover quickly that your authority is limited, but your capacity to influence is very broad.

Your motivations also reflect where you spend your time, what you think is important, and how you maintain your competence. For example is this job like a true crime movie or spy novel? What role do you want to play? Your program will be successful because in your role you have influenced others to support and champion the role of cybersecurity.

Regardless of your motivations, here are key questions for CISOs:

1. What type of cybersecurity incidents have you handled in the past? What worked, what would you do differently now, and why?
2. Once cybersecurity is everyone's business, how do you maintain your influence edge as the go-to person for cybersecurity in the organization?
3. Looking to the future, what do you see as on-the-horizon cybersecurity threats, and how are you preparing for them?

Getting cybersecurity right requires changing yourself as a leader. We at Pythia Cyber want to get you to think about how you could sharpen your influence and bring it to bear on important cybersecurity challenges. You can watch our video discussion for more information on our YouTube channel.