The heart of tech is coming to the heart of the Mediterranean. Join TNW in València this March 🇪🇸

This article was published on August 20, 2017

Why security leadership is essential for your company

Why security leadership is essential for your company
Anas Baig
Story by

Anas Baig

Anas Baig is a Cyber Security Journalist & Tech Reporter. He has been featured on major media outlets including TheGuardian, Lifehacker Anas Baig is a Cyber Security Journalist & Tech Reporter. He has been featured on major media outlets including TheGuardian, Lifehacker Australia, CIO, ITProPortal, Infosec Magazine, Tripwire and many others. He writes about online security and privacy, IoT, AI, and Big Data. If you’d like to get in touch, please send an email to [email protected] or follow him on Twitter @anasbaigdm.

Nobody needs to be told how the internet’s growth is giving way to new opportunities and opening new doors — but what exactly are these new possibilities?

Security leadership is one of many new opportunities, but it’s often not taken seriously enough because. Most of the new phenomena created by the internet’s growth aren’t easily attained, not do they offer brilliant results instantaneously.  However, what most people do not realize is that there is more to security leadership than meets the eye.

Understanding security leadership

Security leadership is exactly as what the name implies. Simply put, the term is used to describe a leadership style which is all about security, which more specifically functions in an organization as a detractor that would ensure eventual growth and success.

Now the real question you need to be asking yourself is what type of security leadership is required in your organization. But then again, a more accurate question would be regarding the characteristics that make up a true security leadership. Keeping this in mind, some defining three characteristics to look out for are as follows:

1) Planned influence

A security leader needs to know how to deliver the right message, especially to the right people. This includes planning about what kind of messages need to be delivered to the top brass or the employees in general.

2) Leadership planning

One’s authority and status has little to do with being able to lead. Leading a team is not simple, and it requires extensive planning. For this reason entirely, it is wise to spend a considerable amount of time on getting things right. Rushing into things will make things much more difficult, not to mention complicated. It is all about being effective and productive at the same time.

3) Understanding the dynamics of an organization

Even though a security leader may know everything there is to know about security, it will be of little importance if he/she does not understand the dynamics of the organization they are a part of. Also, being on top should not always be a priority, but it should not be ignored either.

Qualities of successful security leaders

Apart from the characteristics that make a true security leader, there are certain qualities that also need to be looked into for a successful security leader.

It is worth noting that a successful security leader is in no way the same as a true security leader, as the two are entirely different concepts. Simply put, a true security leader is one who fits the description in its truest form. Whereas, a successful security leader is one that is able to provide the desired results and so much more. With that out of the way, let’s take a look at the qualities of a ‘successful leader’.

1) Is trustworthy

A successful security leader will create a high-trust environment, since security is after all about what you can/cannot trust in the first place. Said leaders are able to clearly express their expectations and hold people accountable.

They do not necessarily resort to a heavy hand and instead prefer to create a good and secure environment for everyone, which is not the case with amateur security leaders that trust nobody.

2) Is practical

Successful security leaders are quite practical, which means they focus on threats that are potentially dangerous to their organization. For this reason, they build appropriate strategies that considerably reduce the chances of these threats to occur or impact the organization at all.

3) Craves feedback

In order to build a strong security practice, it is imperative for a security leader to gather as much feedback as they possibly can. This involves a lot of testing and evaluation of different practices and controls.

Successful security leaders are able to analyze and evaluate security with the help of detailed, thorough and independent testing. Additionally, they see as every penetration audit or test as a way to mature and improve.

4) Respects risks

Most security leaders have a constant relationship with failure. These leaders tend to take risks lightly. Even though risk is a part of the job, they may not respect them.

Successful leaders are able to view risks properly, after which they make assessments based on good data. These leaders work to first understand and then contain and manage risks via practical and tangible controls. In the case of unsuccessful leaders, they are more concerned about the discomforts caused by dealing with risks.

Security leaders are up-to-date with almost all IT aspects

In this day and age, security leaders cannot afford to be out of touch with current and trending IT aspects along with new laws, like the recent anti-privacy bill that was passed in the US.

The increase in popularity of the Internet of Things has made it necessary for security leaders to be as much knowledgeable as they can be in order to deal with issues that can potentially affect the IT structure of the enterprise they are responsible for. The greater their wealth of knowledge, the greater their chances of expanding their horizons and the enterprise’s as well.

Cyber Security companies illustrate how security leaderships are essential to their survival. There is no denying the fact that these companies in question does deal in online security and anonymity in the first place, but it still manages to faithfully portray how the leadership can negatively or positively affect the companies.

As long as the security leadership plays its cards right and focuses on developing new technologies and techniques to deal with cyber-related issues, the companies will continue to prosper, which it currently is.