CYBERSECURITY FOR BUSINESS

Chapter 1 – Cybersecurity is (Not) an IT Issue

Chapter 2 – Effective Cybersecurity Principles for Boards of Directors

Chapter 3 – Structuring for the Digital Age

Chapter 4 – A Modern Approach to Assessing Cyber Risk

Chapter 5 – The Role of HR Functions in Scaling Cybersecurity and Building Trust

Chapter 6 – Cybersecurity and the Office of the General Counsel

Chapter 7 – Cybersecurity Audit and Compliance Considerations

Chapter 8 – Cyber Supply Chain and Third-Party Risk Management

Chapter 9 – Technical Operations

Chapter 10 – Crisis Management

Chapter 11 – Cybersecurity Considerations During M&A Phases

Chapter 12 – Developing Relationships with the Cybersecurity Team

Chapter 12 - Developing Relationships with the Cybersecurity Team

summary

In this chapter, we’ve described how information security teams need to work with their customers and stakeholders to establish a risk management framework based on the company’s defined risk profile by implementing the strategic risk concepts of risktascity. Furthermore, we have discussed that although managing risk is a critical element of all cybersecurity programs, there are other factors which are equally essential to increasing maturity. The other factors include building and sustaining the right relationships, both inside and outside of the company; establishing a culture of cybersecurity—a mental model of safety for all members of the company, not just the information security team; focusing on performance measures that both demonstrate the contribution that the information security team has to achieving strategic business outcomes as well as ensuring that the information security team is invested in personal growth and wellbeing; and the role of the CISO in cementing the tone from the top related to customer intimacy, empathy, respect, engagement, inclusion, development, and continuous improvement. An information security team will be constrained in its effectiveness if it focuses only on securing the enterprise at the expense of important business outcomes and experiences. In this context, developing emotional intelligence and empathy in our cyber warriors will exponentially improve cohesion and continuity and significantly reduce derision, distrust, distain, and cultural declination.

  • JR Williamson | Chief Information Security Officer, Leidos
Key Ideas
  • Relationships are essential for all successful organizations and tend to flourish within a healthy culture where personnel wellness, morale, inclusion, and mutual respect exists. This is particularly true for the cybersecurity team.

  • There is no one right way to build relationships and culture; different organizations and different business processes require different strategies and assessment depending on inputs like size, industry, and value.

  • Organizations are in the cybersecurity fight together and should be establishing relationships with each other to generate cohesiveness and build a collective consciousness of new and emerging threats.

  • A cybersecurity professional with empathy and emotional intelligence will be far more efficient at building the necessary relationships inside and outside their organization then one without.

  • The Chief Information Security Officer (CISO) of an organization should have clear and consistent communication with the board in order to convey the health and maturity of the cybersecurity team in addition to operational performance and risk management.

Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity

Read More

Join ISA

Terms & Conditions | Contact Us

CONTACT

| 703-907-7090

| admin@isalliance.org

| 2500 Wilson Blvd, #245
Arlington, Virginia 22201
USA

HELPFUL LINKS

Contact 
Calendar 
Board of Directors 
Media 
Team

ABOUT

ISA provides cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press.

SEARCH