CISOs Must Help, Not Hinder, Business Success
It’s no longer enough for CISOs to be cybersecurity experts.
A successful CISO, one that thinks strategically and has a seat at the executive table, knows exactly what’s going on in every business unit, according to Jay Gonzales, CISO of Samsung Semiconductor.
Gonzales is an inaugural member of Accellion’s CISO Advisory Board. He provides valuable insight into the challenges and opportunities inherent with the CISO role in general and the manufacturing industry in particular.
Gonzales urges CISOs to familiarize themselves with every aspect of the business. “Most of your time should be spent trying to understand the business, where it currently is and where it wants to go.” Why? If CISOs know what’s going on in every business unit, they’ll know where the roadblocks are and how to get around them.
It’s not enough, however, to simply attend departmental meetings and hear each business unit’s challenges. Instead, CISOs must be willing to roll up their sleeves and help. In fact, Gonzales recommends approaching every day, every meeting, and every task with one goal: help the business run more efficiently. On the surface, this may not sound like a traditional responsibility for CISOs. In this current business climate, however, unless you’re a part of the solution, then you’re a part of the problem.
What can a CISO do to help a business run more efficiently? Gonzales offers some specific questions every CISO should ask themselves to better understand the business and identify areas where they can help:
- How is each department running?
- What are the processes?
- What’s working?
- Where are the problem areas?
- What are the dynamics within each department?
- How can I grow those relationships?
- How can I bring the department heads together and help make the business run more efficiently?
- What resources do I have?
Once you’ve answered these questions, Gonzales advises “document what needs fixing and prioritize the list.”
Rest assured, CISOs benefit directly from such altruistic behavior. When CISOs help department heads solve complex business problems, they solidify their reputation as a team player, build strong relationships with senior management, and set proper expectations that together unlock the secret to CISO success. Gonzales has learned firsthand that, as a CISO, “it’s a lot easier to implement changes when everyone knows you’re there to help them achieve their goals.”
Once again, it’s no longer enough for CISOs to be cybersecurity experts. The rapid rate of change in a competitive business environment makes it easy for CISOs to get caught flat footed unless they’re aware of all the challenges and opportunities. If CISOs understand the business requirements and communicate what they need to do and why they need to do it, they’ll get the support needed from business unit leaders, senior management, and the board of directors.