Back in the 19th Century, famed industrialist Andrew Carnegie spoke on the importance of putting people first. He believed success of any organization relied on finding the best people for the job. Fast-forward to 2017 – and what was true then is even more relevant today. All winning organizations have one thing in common: great strategies supported by the most qualified, rock star professionals.
Not a day goes by without a story on the latest IT security threat. Businesses experience 4,000 ransomware attacks each and every day. No business is immune to cyber threats, with up to 93 percent of all phishing e-mails now labeled as ransomware. Recently, members of the FBI estimated 7,000+ US businesses were victims of phishing scams by 2013 alone – with losses ringing up to an estimated $750 million.
For any CIO, CSO, or CTO, the first instinct is to focus on the right tools. Zeroing in on tier-one intrusion detection systems, packet sniffers or even managed security services, industry leaders can remain proactive as threats change. And while a range of solutions and services exist, highly effective strategies are founded on more than technology. At the very core of leading security organizations is an experienced staff executing strategies and tools.
Security leaders often become so focused on protecting the business, they sometimes forget who actually RUNS the business. While security tools are more than abundant, highly qualified security talent is very hard to find. Strong employees are the impetus behind innovation – working to help developers write more secure code, proactively address potential threats, and even automating incident detection and response. Security organizations keep the business safe by investing in people and encouraging the free flow of ideas. I’ve found the best leaders focus on a few core areas:
- Challenging Employees: Threats are always evolving, and so should the organization. It’s essential to challenge employees each and every day – questioning the status quo and exploring alternatives to meeting security benchmarks. Encourage staff to develop their own security benchmarks, and explore ways to improve. Measurement is critical.
- Customer-Centric: It’s a common phrase – the customer is always right. Whether referring to external customers or internal audiences, cybersecurity should be considered a service. Security leaders must keep that in mind at all times, always seeking input and collaboration. Encourage teams to avoid saying “no” and make it easier for everyone to get work done.
- Rewarding Hard Work: It goes without saying, but security organizations are under intense pressure. It’s not uncommon for employees to work late, come in early, and continuously search for new solutions. Consider building a reward system recognizing the best employees. Investments in continuous education must be ongoing, as learning benefits both employees and the company.
In this digital world, business is moving at unprecedented speeds. And while technology is critical to orchestrate cybersecurity strategies, your rock star team of security personnel make the technology work. Don’t have cybersecurity expertise in-house? Please contact one of our cybersecurity experts – or feel free to contact me directly in the comments section below – to continue the conversation.