The Many Emotions of a CISO
Lee Parrish
Vice President & Chief Information Security Officer | Author | Boardroom Qualified Technology Expert (DDN) | CIO | Infrastructure Leader | Human Resources | Combat Veteran USMC
One of my favorite quotes comes from Dr. Martin Luther King Jr:
“The ultimate measure of a man is not where he stands in moments of comfort and convenience; but where he stands at times of challenge and controversy.”
Refreshing this quote from a different era to include both men and women, (and for the purposes of this article: the CISO) his words can help highlight one of the most important attributes our role demands – remaining calm across multiple scenarios.
The ability to identify and regulate our emotions (and those of others) as we navigate through our day, whatever happiness or challenge it brings, helps the CISO to be optimally effective for a number of reasons.
Effective Decision Making
When a CISO is calm and assured, she can identify the feelings of others and make more empathetic decisions. Her ability to understand the different needs of stakeholders, and those of her team, helps her to consider all angles of an issue, which leads to more impactful decisions. The CISO is making solid choices without allowing personal needs or emotions to cloud the decision.
Your Team is Watching
During a response to an incident, your team needs to know that you are stable, calm, and focused on the response. A CISO who is excited and emotional can transfer these traits to his team. I’ve heard it called “having a steady heart rate” – whatever description you choose, a CISO who remains calm during the storm instills confidence in his responders that their leader is focused, and everything will ultimately be okay.
The Adversary is Watching
Like your team, the adversary is closely watching you, but their intent is to look for clues on your response. Do you perform knee jerk, reactive tasks? If so, you may tip your hand to the bad guy who will inevitably fold up tents and move somewhere else in your network, adding delays to your response. It is much better for the security executive to follow normal processes while they work up a response that is calm and measured.
Whether it is times of great excitement and exhilaration, or intense frustration, the true security leader will work to identify and control their emotions to be maximally effective and to convey confidence to their team.
> Lee Parrish
Successful InfoSec = People, Processes, and Technology (In that order!)
3 年Great post, Lee! Sent you a connection request.
The Human API | Vendor Relationships | InfoSec
5 年The meme though. Oh my. I bet you slay at poker.?
VP, Deputy Chief Information Security Officer | Boardroom Qualified Technology Expert (DDN), Keynote Speaker
5 年Well said, Lee Parrish