SlideShare a Scribd company logo

Chief Information Security Officer - A Critical Leadership Role

Brian Donovan
Brian Donovan

Ninety-four percent of CxOs in a recent IBM Survey believe it is probable their companies will experience a significant cyber security incident in the next two years. It is not a matter of ‘if’ it will happen, but when. Businesses are therefore focused on developing effective strategies and governance frameworks to mitigate the risk and reduce the damage of the inevitable cyber security breaches they face. However, to be effective those strategies and governance frameworks need to be supported and executed through great leadership by Chief Information Security Officers and their senior teams. Our just released white paper highlights three key leadership challenges faced by Chief Information Security Officers.

Leadership & Management
1 of 22
Download to read offline
Chief Information Security Officer A Critical Leadership Role
2 Copyright ​Copy this the right way ​You have permission to post this, email this, print this and pass it along for free to anyone you like, as long as you make no changes or edits to its contents or digital format. Please pass it along and make as many copies as you like. We reserve the right to bind it and sell it as a real book. ​. We care but you’re responsible ​ ​So please be sure to take specialist advice before taking on any of the ideas. This book is general in nature and is not meant to replace any specific advice. Donovan Leadership disclaims all and any liability to any persons whatsoever in respect of anything done by any person in reliance, whether in whole or in part, on this e-book. Disclaimer
“Victorious warriors win first and then go to war, while defeated warriors go to war first and then seek to win.” ​~ Sun Tzu, The Art of War ~
Leadership is critical 05 Table of contents Challenges faced by information security leaders06 Challenge 1 Accountability vs. authority 08 Challenge 2 Proactive vs. reactive 09 Challenge 3 Technical expert vs. leader 11 Moving up the influence curve 22 13 14 Stages of influence What’s next? 20 21 About Donovan Leadership Contact us
5 Leadership is critical Ninety-four percent of CxOs in a recent IBM Survey believe it is probable their companies will experience a significant cybersecurity incident in the next two years. Businesses are therefore focused on developing effective strategies and governance frameworks to mitigate the risk and reduce the damage of the inevitable cyber security breaches they face. However, to be effective those strategies and governance frameworks need to be supported and executed through great leadership capability at the Chief Information Security Officer or equivalent level. Leadership Governance Strategy introduction
6 Challenges faced by information security leaders introduction 1. Accountability vs. authority 2. Proactive vs reactive 3. Technical expert vs. people leader Chief Information Security Officers and equivalent roles, along with their leadership teams, are being presented with an increasing range of leadership challenges. The three main leadership challenges faced by senior information security leaders are as follows:
“Cybersecurity issues are no longer limited to the IT department; instead, they threaten every aspect of the organization and pose a significant threat to ongoing business continuity and reputation.” ​~ Securing the C-suite – IBM 2016 ~
8 Accountability vs. authority ​Information security is now a prominent function. Boards, CEOs and C-suite executives are becoming more acutely aware of the reputational, business and customer risk of data breaches. Notable instances of breaches for example at Target, Sony, US Office of Personnel Management and many other large scale examples has led to a greater focus on the strategic role of the Chief Information Security Officer. ​CISOs have to deal with the complexity of the organizational structure of modern companies. They face wide-ranging points of risk exposure that are owned and operated by different parts of the business. CISOs have to know how to respond once breaches have been identified, determine what data has been taken, how critical the data is and the recovery procedures for that data. However, the problems are often in the ‘white spaces’ of organisations which means it may be unclear whether it is a business, IT or information security accountability. ​ Challenge 1 “The CISO can do everything right and still lose their job.” ‘The Security Team of 2020,’ Trusted Impact
9 Proactive vs. reactive ​The growing extent of the threat landscape is well documented. Information security leaders are grappling with increasing dependence on digital and technology innovation which brings with it an ever increasing range of security threats. ​Information security leaders are being put under the spotlight to develop and execute strategies and good governance for dealing with the threats that businesses face. To be effective, the strategy and governance processes must encompass prevention, detection and recovery. ​However, there is little available time to meet this strategic challenge of aligning to the future needs of the business while they are reacting to the growing list of day-to-day urgent issues. ​CISOs need to move from a passive role of simply reporting on problems to a proactive role of influencing their key stakeholders to take action to address identified issues. Challenge 2 "CSOs must be organizationally skilled– in carving out the security budget, in influencing other verticals within the company, and in earning the trust of top executives." The Rise of the Chief Security Officer: What It Means for Corporations and Customers
10 Trusted Advisor Information Security Leaders Board C-suite CEO BUs Vendors Government IT Dept. Employees Regulators 3rd Parties IS Team Board It is critical that information security leaders shift their role from traditional gatekeeper to being a trusted advisor for their key stakeholders
11 Technical expert vs. leader ​Most senior information security leaders have come from a strong technical background. They have typically built their reputation on being great technical problem solvers. Often, the reward for being a great subject matter expert is to be thrust into leadership. But there is usually little support or development for the transition from solving technical problems to producing results through people. ​The CISO’s role is analogous to a physician and patient. They cannot force you to do anything but they can nudge you to take action and co-ordinate a team of resources to help you take those actions. ​This paper delivers a model for building the influence of information security leaders with their key stakeholders. It will support them to deliver business results beyond what they thought was possible. By implementing some practical steps for transforming their leadership, they will also build their own brand as game-changing leaders. ​ Challenge 3 “It’s leadership. It’s setting the right direction. There are a lot of people who have grown up in the tech world, and their instinctive reaction is “What’s the tool I need to buy?” when, in fact, managing human behavior is the ultimate objective.” Bob West, Lessons from the Target Breach
12 Technical expert vs. leader Career Advancement Time Problem solving Subject matter expert Learning Reinvention Leadership Influence Challenge 3
13 Moving up the influence curve Information security leaders need to move up the influence curve to meet the challenge of being a trusted advisor to their key stakeholders. We have found that leaders are able to multiply their leadership potential as they move up the influence curve. See following pages for an explanation of the stages.
14 Stages of influence Stage Focus Leadership Potential Service The focus at the service stage of the influence curve is on relinquishment X 16 Inspiration Leaders at the inspiration stage of the influence curve are able to make the future vision so present for others that it is clear what action needs to be taken today X 8 Performance Leaders at the performance stage on the influence curve are able to make big commitments and elicit big commitments from those around them X 4 Permission Leaders at the permission stage of the influence curve are focused on causing great leaders around them X 2 Position At the position stage on the influence curve the focus is on reinvention of your key strengths X 1
15 Stages of influence Position At the position stage on the influence curve, the focus is on reinvention. You have the title and the business card, but now it is time to reinvent your key strength(s). Your strength is what got you here and it will be what takes you to the next level. For CISOs, this is often about reinventing your inherent problem solving strength. For example, by shifting from solving technical problems to solving strategic issues. Zenger Folkman research concludes, "...that great leaders are not defined by the absence of weakness, but rather by the presence of clear strengths." In their Extraordinary Leader study, they found that leaders with 1-3 key strengths were placed in the 60-80th percentile in their leadership effectiveness. Leaders at this level accelerate their leadership potential x 1
16 Stages of influence Permission Leaders at the permission stage of the influence curve are focused on causing great leaders around them. The breakthrough required at this stage is the ability to cause results through others. This ability to cause results is distinct from being a great subject matter expert and a prodigious 'doer.' “Leaders don’t create followers; they create more leaders.” - Tom Peters - Most of us have had the experience that someone believed in us more than we believed in ourselves at that stage of our career. It is that ability which doubles your leadership potential and produces bigger results. CISOs who surround themselves with a great team of technical problem solvers and give them permission to be great leaders accelerate their leadership potential x 2.
17 Stages of influence Performance Leaders at the performance stage on the influence curve are able to make big commitments and elicit big commitments from those around them. A characteristic of game-changing leaders is the ability to commit to achieving stretch results. They are able to move outside their comfort zone to achieve their objectives. We have all had the experience of taking on a big commitment, whether it be moving countries, taking on a big new role, delivering a stretch result etc. In the process you find a new level in your leadership that you did not realise you had. CISOs who can make game- changing commitments to stretch objectives and elicit big commitments from others build their leadership potential x 4.
18 Stages of influence Inspiration Leaders at the performance stage of the influence curve are able to make the future vision so present for others that it is clear what action needs to be taken today. Leaders at this stage have the ability to articulate a vision and bring others along on the journey so that they also own the vision. Recent research by Culture Amp supports the view that employees want leaders who can ‘provide a vision that people believe in and are motivated by.’ When Martin Luther King delivered his “I have a dream” speech, he was able to make his vision for equality so present that people could see the action that they needed to take. Leaders at this level accelerate their leadership potential x 8
19 Stages of influence ​Service ​The focus at the service stage of the influence curve is on relinquishment. ​Leaders at this level have become aware that the vision is bigger than them and the focus is on relinquishing control to others. ​They are able to confidently relinquish control because they have already coached, supported and empowered others around them to be great leaders. ​Relinquishing control enables them to achieve two things. The first is to free themselves up to move on to the next game-changing vision. Second, they are able to empower others to extend their vision beyond what they originally envisaged. Leaders at this level accelerate their leadership potential x 16
20 What’s next? Redefining your key strength Causing your team Forwarding the action Honouring your commitments You Action Conversations Others If you are ready to build your influence and deliver game-changing results then the Donovan Leadership coaching program for information security leaders is for you. The six month program covers the following core curriculum: • Setting a stretch result to be achieved in six months • Redefining your key strength • Causing results through your team • Influencing your key stakeholders • Creating opportunities to forward your objectives • Communicating in a way that forwards action • Honouring your commitments and holding others to account • Acknowledging your accomplishments and creating what’s next for you
About Donovan Leadership Brian Donovan is the founder of Donovan Leadership. He is a dedicated advocate of powerful and practical leadership. His commitment to the field is informed by 40 years’ experience in the technology sector, as a senior executive in Telstra and as CEO of the IT Skills Hub. He is an executive coach, facilitator and speaker. He has helped countless technology leaders transform from technical experts into leaders who succeed. He is able to draw from his practical experience as a senior executive to assist his clients to build their influence with their key stakeholders. His programs enable leaders to achieve stretch results and to make the difference they are committed to making. Donovan Leadership has a client list that reads like a roll call of Australian industry’s best and brightest.
​contact information ​For more info, please contact us at: ​+61 418 552 723 brian@donovanleadership.com ​www.donovanleadership.com thank you

Recommended

Roles and responsibilities of a CISO
Roles and responsibilities of a CISORoles and responsibilities of a CISO
Roles and responsibilities of a CISO
EC-Council
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
Priyanka Aash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Daniel P Wallace
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certification
danb02
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 

Recommended

Roles and responsibilities of a CISO
Roles and responsibilities of a CISORoles and responsibilities of a CISO
Roles and responsibilities of a CISO
EC-Council
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
Priyanka Aash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Daniel P Wallace
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certification
danb02
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security Strategy
Andrew Byers
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Ian-Edward Stafrace
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
AbdalrhmanTHassan
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
Atlantic Training, LLC.
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
Fahmi Albaheth
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
Sophos
 
Cyber security and AI
Cyber security and AICyber security and AI
Cyber security and AI
DexterJanPineda
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
Paige Rasid
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoD
Pranav Shah
 
Security operation center
Security operation centerSecurity operation center
Security operation center
MuthuKumaran267
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Denis kisina
 
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationInformation Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your Organziation
Seccuris Inc.
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
Surya Bathulapalli
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
EY
 
8. operations security
8. operations security8. operations security
8. operations security
7wounders
 
English Conversation
English ConversationEnglish Conversation
English Conversation
jay6688
 
Sop for security
Sop for securitySop for security
Sop for security
Ruchi Khanna
 

More Related Content

What's hot

Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security Strategy
Andrew Byers
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Ian-Edward Stafrace
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
AbdalrhmanTHassan
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
Atlantic Training, LLC.
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
Fahmi Albaheth
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
Sophos
 
Cyber security and AI
Cyber security and AICyber security and AI
Cyber security and AI
DexterJanPineda
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
Paige Rasid
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoD
Pranav Shah
 
Security operation center
Security operation centerSecurity operation center
Security operation center
MuthuKumaran267
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Denis kisina
 
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationInformation Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your Organziation
Seccuris Inc.
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
Surya Bathulapalli
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
EY
 
8. operations security
8. operations security8. operations security
8. operations security
7wounders
 

What's hot (20)

Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security Strategy
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
 
Cyber security and AI
Cyber security and AICyber security and AI
Cyber security and AI
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 
Cybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoDCybersecurity Metrics: Reporting to BoD
Cybersecurity Metrics: Reporting to BoD
 
Security operation center
Security operation centerSecurity operation center
Security operation center
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
 
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationInformation Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your Organziation
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
8. operations security
8. operations security8. operations security
8. operations security
 

Viewers also liked

English Conversation
English ConversationEnglish Conversation
English Conversation
jay6688
 
Sop for security
Sop for securitySop for security
Sop for security
Ruchi Khanna
 
Workplace Safety And Security Hotel.Ppt
Workplace Safety And Security Hotel.PptWorkplace Safety And Security Hotel.Ppt
Workplace Safety And Security Hotel.Ppt
Faheem Ul Hasan
 
Security training module
Security training moduleSecurity training module
Security training module
pagare_c
 
SOP of Security supervisor
SOP of Security supervisorSOP of Security supervisor
SOP of Security supervisor
Capt Rajeshwar singh
 
[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?
InterQuest Group
 
Mobile-First SEO - The Marketers Edition #3XEDigital
Mobile-First SEO - The Marketers Edition #3XEDigitalMobile-First SEO - The Marketers Edition #3XEDigital
Mobile-First SEO - The Marketers Edition #3XEDigital
Aleyda Solís
 
Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)
a16z
 

Viewers also liked (8)

English Conversation
English ConversationEnglish Conversation
English Conversation
 
Sop for security
Sop for securitySop for security
Sop for security
 
Workplace Safety And Security Hotel.Ppt
Workplace Safety And Security Hotel.PptWorkplace Safety And Security Hotel.Ppt
Workplace Safety And Security Hotel.Ppt
 
Security training module
Security training moduleSecurity training module
Security training module
 
SOP of Security supervisor
SOP of Security supervisorSOP of Security supervisor
SOP of Security supervisor
 
[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?
 
Mobile-First SEO - The Marketers Edition #3XEDigital
Mobile-First SEO - The Marketers Edition #3XEDigitalMobile-First SEO - The Marketers Edition #3XEDigital
Mobile-First SEO - The Marketers Edition #3XEDigital
 
Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)
 

Similar to Chief Information Security Officer - A Critical Leadership Role

VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
njhceo01
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability Management
Mighty Guides, Inc.
 
ACUACandUJurnalSummer_14_FinalWeb
ACUACandUJurnalSummer_14_FinalWebACUACandUJurnalSummer_14_FinalWeb
ACUACandUJurnalSummer_14_FinalWeb
LaDonna Flynn
 
How do you become a leader in the tech industry_.pdf
How do you become a leader in the tech industry_.pdfHow do you become a leader in the tech industry_.pdf
How do you become a leader in the tech industry_.pdf
Anil
 
MGT 4600 FINAL EXAM1. Answer all questions. The entire final .docx
MGT 4600 FINAL EXAM1. Answer all questions. The entire final .docxMGT 4600 FINAL EXAM1. Answer all questions. The entire final .docx
MGT 4600 FINAL EXAM1. Answer all questions. The entire final .docx
ARIV4
 
Wisegate_GeekSpeak_LG
Wisegate_GeekSpeak_LGWisegate_GeekSpeak_LG
Wisegate_GeekSpeak_LG
Brian T. O'Hara CISA, CISM, CRISC, CCSP, CISSP
 
The CEO Report_Oxford Univeristy & Heidrick & Struggles
The CEO Report_Oxford Univeristy & Heidrick & StrugglesThe CEO Report_Oxford Univeristy & Heidrick & Struggles
The CEO Report_Oxford Univeristy & Heidrick & Struggles
Niren Thanky
 
Finding a strategic voice
Finding a strategic voiceFinding a strategic voice
Finding a strategic voice
IBM India Smarter Computing
 
Insights from the IBM Chief Information Security Officer Assessment
Insights from the IBM Chief Information Security Officer AssessmentInsights from the IBM Chief Information Security Officer Assessment
Insights from the IBM Chief Information Security Officer Assessment
IBM Security
 
10 Questions for the C-Suite in Assessing Cyber Risk
10 Questions for the C-Suite in Assessing Cyber Risk10 Questions for the C-Suite in Assessing Cyber Risk
10 Questions for the C-Suite in Assessing Cyber Risk
Mark Gibson
 
Norman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondNorman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respond
Lydia Shepherd
 
CISO Interview Question.pdf
CISO Interview Question.pdfCISO Interview Question.pdf
CISO Interview Question.pdf
infosec train
 
7350_RiskWatch-Summer2015-Maligec
7350_RiskWatch-Summer2015-Maligec7350_RiskWatch-Summer2015-Maligec
7350_RiskWatch-Summer2015-Maligec
Christine Maligec, CRM-E, CRIS
 
Module 17 - Crisis leadership.pptx
Module 17 - Crisis leadership.pptxModule 17 - Crisis leadership.pptx
Module 17 - Crisis leadership.pptx
caniceconsulting
 
Winds of change: The shifting face of leadership in business
Winds of change: The shifting face of leadership in businessWinds of change: The shifting face of leadership in business
Winds of change: The shifting face of leadership in business
The Economist Media Businesses
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
Scott Smith
 
Developing people in a time of digital disruption
Developing people in a time of digital disruptionDeveloping people in a time of digital disruption
Developing people in a time of digital disruption
Juan Chamorro
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
John Budriss
 
Liderazgo transformational genérico (1)
Liderazgo transformational genérico (1)Liderazgo transformational genérico (1)
Liderazgo transformational genérico (1)
Universidad Santo Tomas
 
Leadership in a crisis responding to the coronavirus outbreak
Leadership in a crisis responding to the coronavirus outbreakLeadership in a crisis responding to the coronavirus outbreak
Leadership in a crisis responding to the coronavirus outbreak
Graham Watson
 

Similar to Chief Information Security Officer - A Critical Leadership Role (20)

VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability Management
 
ACUACandUJurnalSummer_14_FinalWeb
ACUACandUJurnalSummer_14_FinalWebACUACandUJurnalSummer_14_FinalWeb
ACUACandUJurnalSummer_14_FinalWeb
 
How do you become a leader in the tech industry_.pdf
How do you become a leader in the tech industry_.pdfHow do you become a leader in the tech industry_.pdf
How do you become a leader in the tech industry_.pdf
 
MGT 4600 FINAL EXAM1. Answer all questions. The entire final .docx
MGT 4600 FINAL EXAM1. Answer all questions. The entire final .docxMGT 4600 FINAL EXAM1. Answer all questions. The entire final .docx
MGT 4600 FINAL EXAM1. Answer all questions. The entire final .docx
 
Wisegate_GeekSpeak_LG
Wisegate_GeekSpeak_LGWisegate_GeekSpeak_LG
Wisegate_GeekSpeak_LG
 
The CEO Report_Oxford Univeristy & Heidrick & Struggles
The CEO Report_Oxford Univeristy & Heidrick & StrugglesThe CEO Report_Oxford Univeristy & Heidrick & Struggles
The CEO Report_Oxford Univeristy & Heidrick & Struggles
 
Finding a strategic voice
Finding a strategic voiceFinding a strategic voice
Finding a strategic voice
 
Insights from the IBM Chief Information Security Officer Assessment
Insights from the IBM Chief Information Security Officer AssessmentInsights from the IBM Chief Information Security Officer Assessment
Insights from the IBM Chief Information Security Officer Assessment
 
10 Questions for the C-Suite in Assessing Cyber Risk
10 Questions for the C-Suite in Assessing Cyber Risk10 Questions for the C-Suite in Assessing Cyber Risk
10 Questions for the C-Suite in Assessing Cyber Risk
 
Norman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respondNorman Broadbent Cybersecurity Report - How should boards respond
Norman Broadbent Cybersecurity Report - How should boards respond
 
CISO Interview Question.pdf
CISO Interview Question.pdfCISO Interview Question.pdf
CISO Interview Question.pdf
 
7350_RiskWatch-Summer2015-Maligec
7350_RiskWatch-Summer2015-Maligec7350_RiskWatch-Summer2015-Maligec
7350_RiskWatch-Summer2015-Maligec
 
Module 17 - Crisis leadership.pptx
Module 17 - Crisis leadership.pptxModule 17 - Crisis leadership.pptx
Module 17 - Crisis leadership.pptx
 
Winds of change: The shifting face of leadership in business
Winds of change: The shifting face of leadership in businessWinds of change: The shifting face of leadership in business
Winds of change: The shifting face of leadership in business
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
 
Developing people in a time of digital disruption
Developing people in a time of digital disruptionDeveloping people in a time of digital disruption
Developing people in a time of digital disruption
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
 
Liderazgo transformational genérico (1)
Liderazgo transformational genérico (1)Liderazgo transformational genérico (1)
Liderazgo transformational genérico (1)
 
Leadership in a crisis responding to the coronavirus outbreak
Leadership in a crisis responding to the coronavirus outbreakLeadership in a crisis responding to the coronavirus outbreak
Leadership in a crisis responding to the coronavirus outbreak
 

Recently uploaded

innovation in nursing practice, education and management.pptx
innovation in nursing practice, education and management.pptxinnovation in nursing practice, education and management.pptx
innovation in nursing practice, education and management.pptx
TulsiDhidhi1
 
Ganpati Kumar Choudhary Indian Ethos PPT.pptx
Ganpati Kumar Choudhary Indian Ethos PPT.pptxGanpati Kumar Choudhary Indian Ethos PPT.pptx
Ganpati Kumar Choudhary Indian Ethos PPT.pptx
GanpatiKumarChoudhar
 
Sethurathnam Ravi: A Legacy in Finance and Leadership
Sethurathnam Ravi: A Legacy in Finance and LeadershipSethurathnam Ravi: A Legacy in Finance and Leadership
Sethurathnam Ravi: A Legacy in Finance and Leadership
Anjana Josie
 
The Management Guide: From Projects to Portfolio
The Management Guide: From Projects to PortfolioThe Management Guide: From Projects to Portfolio
The Management Guide: From Projects to Portfolio
Ahmed AbdelMoneim
 
Team Building and TUCKMANS MODEL Explained
Team Building and TUCKMANS MODEL ExplainedTeam Building and TUCKMANS MODEL Explained
Team Building and TUCKMANS MODEL Explained
iampriyanshujaiswal
 
Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...
Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...
Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...
dsnow9802
 
All the Small Things - XP2024 Bolzano/Bozen
All the Small Things - XP2024 Bolzano/BozenAll the Small Things - XP2024 Bolzano/Bozen
All the Small Things - XP2024 Bolzano/Bozen
Alberto Brandolini
 
20240608 QFM019 Engineering Leadership Reading List May 2024
20240608 QFM019 Engineering Leadership Reading List May 202420240608 QFM019 Engineering Leadership Reading List May 2024
20240608 QFM019 Engineering Leadership Reading List May 2024
Matthew Sinclair
 
Impact of Effective Performance Appraisal Systems on Employee Motivation and ...
Impact of Effective Performance Appraisal Systems on Employee Motivation and ...Impact of Effective Performance Appraisal Systems on Employee Motivation and ...
Impact of Effective Performance Appraisal Systems on Employee Motivation and ...
Dr. Nazrul Islam
 
Stuart Wilson the teams I have led - 2024
Stuart Wilson the teams I have led - 2024Stuart Wilson the teams I have led - 2024
Stuart Wilson the teams I have led - 2024
stuwilson.co.uk
 
Addiction to Winning Across Diverse Populations.pdf
Addiction to Winning Across Diverse Populations.pdfAddiction to Winning Across Diverse Populations.pdf
Addiction to Winning Across Diverse Populations.pdf
Bill641377
 
12 steps to transform your organization into the agile org you deserve
12 steps to transform your organization into the agile org you deserve12 steps to transform your organization into the agile org you deserve
12 steps to transform your organization into the agile org you deserve
Pierre E. NEIS
 
Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...
Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...
Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...
Alexey Krivitsky
 
Strategic Org Design with Org Topologies™
Strategic Org Design with Org Topologies™Strategic Org Design with Org Topologies™
Strategic Org Design with Org Topologies™
Alexey Krivitsky
 
Myrna Story of Leadership and Management
Myrna Story of Leadership and ManagementMyrna Story of Leadership and Management
Myrna Story of Leadership and Management
Waleed Kamal
 
Chart--Time Management.pdf How to time is spent
Chart--Time Management.pdf How to time is spentChart--Time Management.pdf How to time is spent
Chart--Time Management.pdf How to time is spent
spandane
 
Comparing Stability and Sustainability in Agile Systems
Comparing Stability and Sustainability in Agile SystemsComparing Stability and Sustainability in Agile Systems
Comparing Stability and Sustainability in Agile Systems
Rob Healy
 
一比一原版(QU毕业证)皇后大学毕业证如何办理
一比一原版(QU毕业证)皇后大学毕业证如何办理一比一原版(QU毕业证)皇后大学毕业证如何办理
一比一原版(QU毕业证)皇后大学毕业证如何办理
8p28uk6g
 
Enriching engagement with ethical review processes
Enriching engagement with ethical review processesEnriching engagement with ethical review processes
Enriching engagement with ethical review processes
strikingabalance
 
Conflict resololution,role of hr in resolution
Conflict resololution,role of hr in resolutionConflict resololution,role of hr in resolution
Conflict resololution,role of hr in resolution
Dr. Christine Ngari ,Ph.D (HRM)
 

Recently uploaded (20)

innovation in nursing practice, education and management.pptx
innovation in nursing practice, education and management.pptxinnovation in nursing practice, education and management.pptx
innovation in nursing practice, education and management.pptx
 
Ganpati Kumar Choudhary Indian Ethos PPT.pptx
Ganpati Kumar Choudhary Indian Ethos PPT.pptxGanpati Kumar Choudhary Indian Ethos PPT.pptx
Ganpati Kumar Choudhary Indian Ethos PPT.pptx
 
Sethurathnam Ravi: A Legacy in Finance and Leadership
Sethurathnam Ravi: A Legacy in Finance and LeadershipSethurathnam Ravi: A Legacy in Finance and Leadership
Sethurathnam Ravi: A Legacy in Finance and Leadership
 
The Management Guide: From Projects to Portfolio
The Management Guide: From Projects to PortfolioThe Management Guide: From Projects to Portfolio
The Management Guide: From Projects to Portfolio
 
Team Building and TUCKMANS MODEL Explained
Team Building and TUCKMANS MODEL ExplainedTeam Building and TUCKMANS MODEL Explained
Team Building and TUCKMANS MODEL Explained
 
Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...
Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...
Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...
 
All the Small Things - XP2024 Bolzano/Bozen
All the Small Things - XP2024 Bolzano/BozenAll the Small Things - XP2024 Bolzano/Bozen
All the Small Things - XP2024 Bolzano/Bozen
 
20240608 QFM019 Engineering Leadership Reading List May 2024
20240608 QFM019 Engineering Leadership Reading List May 202420240608 QFM019 Engineering Leadership Reading List May 2024
20240608 QFM019 Engineering Leadership Reading List May 2024
 
Impact of Effective Performance Appraisal Systems on Employee Motivation and ...
Impact of Effective Performance Appraisal Systems on Employee Motivation and ...Impact of Effective Performance Appraisal Systems on Employee Motivation and ...
Impact of Effective Performance Appraisal Systems on Employee Motivation and ...
 
Stuart Wilson the teams I have led - 2024
Stuart Wilson the teams I have led - 2024Stuart Wilson the teams I have led - 2024
Stuart Wilson the teams I have led - 2024
 
Addiction to Winning Across Diverse Populations.pdf
Addiction to Winning Across Diverse Populations.pdfAddiction to Winning Across Diverse Populations.pdf
Addiction to Winning Across Diverse Populations.pdf
 
12 steps to transform your organization into the agile org you deserve
12 steps to transform your organization into the agile org you deserve12 steps to transform your organization into the agile org you deserve
12 steps to transform your organization into the agile org you deserve
 
Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...
Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...
Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...
 
Strategic Org Design with Org Topologies™
Strategic Org Design with Org Topologies™Strategic Org Design with Org Topologies™
Strategic Org Design with Org Topologies™
 
Myrna Story of Leadership and Management
Myrna Story of Leadership and ManagementMyrna Story of Leadership and Management
Myrna Story of Leadership and Management
 
Chart--Time Management.pdf How to time is spent
Chart--Time Management.pdf How to time is spentChart--Time Management.pdf How to time is spent
Chart--Time Management.pdf How to time is spent
 
Comparing Stability and Sustainability in Agile Systems
Comparing Stability and Sustainability in Agile SystemsComparing Stability and Sustainability in Agile Systems
Comparing Stability and Sustainability in Agile Systems
 
一比一原版(QU毕业证)皇后大学毕业证如何办理
一比一原版(QU毕业证)皇后大学毕业证如何办理一比一原版(QU毕业证)皇后大学毕业证如何办理
一比一原版(QU毕业证)皇后大学毕业证如何办理
 
Enriching engagement with ethical review processes
Enriching engagement with ethical review processesEnriching engagement with ethical review processes
Enriching engagement with ethical review processes
 
Conflict resololution,role of hr in resolution
Conflict resololution,role of hr in resolutionConflict resololution,role of hr in resolution
Conflict resololution,role of hr in resolution
 

Chief Information Security Officer - A Critical Leadership Role

  • 1. Chief Information Security Officer A Critical Leadership Role
  • 2. 2 Copyright ​Copy this the right way ​You have permission to post this, email this, print this and pass it along for free to anyone you like, as long as you make no changes or edits to its contents or digital format. Please pass it along and make as many copies as you like. We reserve the right to bind it and sell it as a real book. ​. We care but you’re responsible ​ ​So please be sure to take specialist advice before taking on any of the ideas. This book is general in nature and is not meant to replace any specific advice. Donovan Leadership disclaims all and any liability to any persons whatsoever in respect of anything done by any person in reliance, whether in whole or in part, on this e-book. Disclaimer
  • 3. “Victorious warriors win first and then go to war, while defeated warriors go to war first and then seek to win.” ​~ Sun Tzu, The Art of War ~
  • 4. Leadership is critical 05 Table of contents Challenges faced by information security leaders06 Challenge 1 Accountability vs. authority 08 Challenge 2 Proactive vs. reactive 09 Challenge 3 Technical expert vs. leader 11 Moving up the influence curve 22 13 14 Stages of influence What’s next? 20 21 About Donovan Leadership Contact us
  • 5. 5 Leadership is critical Ninety-four percent of CxOs in a recent IBM Survey believe it is probable their companies will experience a significant cybersecurity incident in the next two years. Businesses are therefore focused on developing effective strategies and governance frameworks to mitigate the risk and reduce the damage of the inevitable cyber security breaches they face. However, to be effective those strategies and governance frameworks need to be supported and executed through great leadership capability at the Chief Information Security Officer or equivalent level. Leadership Governance Strategy introduction
  • 6. 6 Challenges faced by information security leaders introduction 1. Accountability vs. authority 2. Proactive vs reactive 3. Technical expert vs. people leader Chief Information Security Officers and equivalent roles, along with their leadership teams, are being presented with an increasing range of leadership challenges. The three main leadership challenges faced by senior information security leaders are as follows:
  • 7. “Cybersecurity issues are no longer limited to the IT department; instead, they threaten every aspect of the organization and pose a significant threat to ongoing business continuity and reputation.” ​~ Securing the C-suite – IBM 2016 ~
  • 8. 8 Accountability vs. authority ​Information security is now a prominent function. Boards, CEOs and C-suite executives are becoming more acutely aware of the reputational, business and customer risk of data breaches. Notable instances of breaches for example at Target, Sony, US Office of Personnel Management and many other large scale examples has led to a greater focus on the strategic role of the Chief Information Security Officer. ​CISOs have to deal with the complexity of the organizational structure of modern companies. They face wide-ranging points of risk exposure that are owned and operated by different parts of the business. CISOs have to know how to respond once breaches have been identified, determine what data has been taken, how critical the data is and the recovery procedures for that data. However, the problems are often in the ‘white spaces’ of organisations which means it may be unclear whether it is a business, IT or information security accountability. ​ Challenge 1 “The CISO can do everything right and still lose their job.” ‘The Security Team of 2020,’ Trusted Impact
  • 9. 9 Proactive vs. reactive ​The growing extent of the threat landscape is well documented. Information security leaders are grappling with increasing dependence on digital and technology innovation which brings with it an ever increasing range of security threats. ​Information security leaders are being put under the spotlight to develop and execute strategies and good governance for dealing with the threats that businesses face. To be effective, the strategy and governance processes must encompass prevention, detection and recovery. ​However, there is little available time to meet this strategic challenge of aligning to the future needs of the business while they are reacting to the growing list of day-to-day urgent issues. ​CISOs need to move from a passive role of simply reporting on problems to a proactive role of influencing their key stakeholders to take action to address identified issues. Challenge 2 "CSOs must be organizationally skilled– in carving out the security budget, in influencing other verticals within the company, and in earning the trust of top executives." The Rise of the Chief Security Officer: What It Means for Corporations and Customers
  • 10. 10 Trusted Advisor Information Security Leaders Board C-suite CEO BUs Vendors Government IT Dept. Employees Regulators 3rd Parties IS Team Board It is critical that information security leaders shift their role from traditional gatekeeper to being a trusted advisor for their key stakeholders
  • 11. 11 Technical expert vs. leader ​Most senior information security leaders have come from a strong technical background. They have typically built their reputation on being great technical problem solvers. Often, the reward for being a great subject matter expert is to be thrust into leadership. But there is usually little support or development for the transition from solving technical problems to producing results through people. ​The CISO’s role is analogous to a physician and patient. They cannot force you to do anything but they can nudge you to take action and co-ordinate a team of resources to help you take those actions. ​This paper delivers a model for building the influence of information security leaders with their key stakeholders. It will support them to deliver business results beyond what they thought was possible. By implementing some practical steps for transforming their leadership, they will also build their own brand as game-changing leaders. ​ Challenge 3 “It’s leadership. It’s setting the right direction. There are a lot of people who have grown up in the tech world, and their instinctive reaction is “What’s the tool I need to buy?” when, in fact, managing human behavior is the ultimate objective.” Bob West, Lessons from the Target Breach
  • 12. 12 Technical expert vs. leader Career Advancement Time Problem solving Subject matter expert Learning Reinvention Leadership Influence Challenge 3
  • 13. 13 Moving up the influence curve Information security leaders need to move up the influence curve to meet the challenge of being a trusted advisor to their key stakeholders. We have found that leaders are able to multiply their leadership potential as they move up the influence curve. See following pages for an explanation of the stages.
  • 14. 14 Stages of influence Stage Focus Leadership Potential Service The focus at the service stage of the influence curve is on relinquishment X 16 Inspiration Leaders at the inspiration stage of the influence curve are able to make the future vision so present for others that it is clear what action needs to be taken today X 8 Performance Leaders at the performance stage on the influence curve are able to make big commitments and elicit big commitments from those around them X 4 Permission Leaders at the permission stage of the influence curve are focused on causing great leaders around them X 2 Position At the position stage on the influence curve the focus is on reinvention of your key strengths X 1
  • 15. 15 Stages of influence Position At the position stage on the influence curve, the focus is on reinvention. You have the title and the business card, but now it is time to reinvent your key strength(s). Your strength is what got you here and it will be what takes you to the next level. For CISOs, this is often about reinventing your inherent problem solving strength. For example, by shifting from solving technical problems to solving strategic issues. Zenger Folkman research concludes, "...that great leaders are not defined by the absence of weakness, but rather by the presence of clear strengths." In their Extraordinary Leader study, they found that leaders with 1-3 key strengths were placed in the 60-80th percentile in their leadership effectiveness. Leaders at this level accelerate their leadership potential x 1
  • 16. 16 Stages of influence Permission Leaders at the permission stage of the influence curve are focused on causing great leaders around them. The breakthrough required at this stage is the ability to cause results through others. This ability to cause results is distinct from being a great subject matter expert and a prodigious 'doer.' “Leaders don’t create followers; they create more leaders.” - Tom Peters - Most of us have had the experience that someone believed in us more than we believed in ourselves at that stage of our career. It is that ability which doubles your leadership potential and produces bigger results. CISOs who surround themselves with a great team of technical problem solvers and give them permission to be great leaders accelerate their leadership potential x 2.
  • 17. 17 Stages of influence Performance Leaders at the performance stage on the influence curve are able to make big commitments and elicit big commitments from those around them. A characteristic of game-changing leaders is the ability to commit to achieving stretch results. They are able to move outside their comfort zone to achieve their objectives. We have all had the experience of taking on a big commitment, whether it be moving countries, taking on a big new role, delivering a stretch result etc. In the process you find a new level in your leadership that you did not realise you had. CISOs who can make game- changing commitments to stretch objectives and elicit big commitments from others build their leadership potential x 4.
  • 18. 18 Stages of influence Inspiration Leaders at the performance stage of the influence curve are able to make the future vision so present for others that it is clear what action needs to be taken today. Leaders at this stage have the ability to articulate a vision and bring others along on the journey so that they also own the vision. Recent research by Culture Amp supports the view that employees want leaders who can ‘provide a vision that people believe in and are motivated by.’ When Martin Luther King delivered his “I have a dream” speech, he was able to make his vision for equality so present that people could see the action that they needed to take. Leaders at this level accelerate their leadership potential x 8
  • 19. 19 Stages of influence ​Service ​The focus at the service stage of the influence curve is on relinquishment. ​Leaders at this level have become aware that the vision is bigger than them and the focus is on relinquishing control to others. ​They are able to confidently relinquish control because they have already coached, supported and empowered others around them to be great leaders. ​Relinquishing control enables them to achieve two things. The first is to free themselves up to move on to the next game-changing vision. Second, they are able to empower others to extend their vision beyond what they originally envisaged. Leaders at this level accelerate their leadership potential x 16
  • 20. 20 What’s next? Redefining your key strength Causing your team Forwarding the action Honouring your commitments You Action Conversations Others If you are ready to build your influence and deliver game-changing results then the Donovan Leadership coaching program for information security leaders is for you. The six month program covers the following core curriculum: • Setting a stretch result to be achieved in six months • Redefining your key strength • Causing results through your team • Influencing your key stakeholders • Creating opportunities to forward your objectives • Communicating in a way that forwards action • Honouring your commitments and holding others to account • Acknowledging your accomplishments and creating what’s next for you
  • 21. About Donovan Leadership Brian Donovan is the founder of Donovan Leadership. He is a dedicated advocate of powerful and practical leadership. His commitment to the field is informed by 40 years’ experience in the technology sector, as a senior executive in Telstra and as CEO of the IT Skills Hub. He is an executive coach, facilitator and speaker. He has helped countless technology leaders transform from technical experts into leaders who succeed. He is able to draw from his practical experience as a senior executive to assist his clients to build their influence with their key stakeholders. His programs enable leaders to achieve stretch results and to make the difference they are committed to making. Donovan Leadership has a client list that reads like a roll call of Australian industry’s best and brightest.
  • 22. ​contact information ​For more info, please contact us at: ​+61 418 552 723 brian@donovanleadership.com ​www.donovanleadership.com thank you