Does knowing security technology prepare you to manage cybersecurity in an organization?
My experience has told me the answer is no.
You may be a solo security engineer, a level 1 analyst, a manager, or a CISO. No matter the case, having leadership skills is a crucial part of the job.
It’s been my experience that technical people spend lots of time researching and learning specialized skills but forget to acquire interpersonal management skills.
Navigating problems, good or bad managers, company politics, and resource restraints require leadership and decision-making.
So what are some of the required skills?
Develop a vision
What is the goal of your security program? What are you trying to accomplish? Why are you doing it?
Document and share the vision and ensure it aligns with business goals and objectives. Many people call this setting your intent and defining a clear path for your cybersecurity strategy. Create a plan with goals and deadlines to hold yourself and your team accountable.
Check your ego
This is an Extreme Ownership key point and a pet peeve of mine in the security industry. You must check your ego at the door and accept that you do not know everything. None of us do!
Cybersecurity is ever-evolving, and there will always be someone with more information or skills than you. That is not just okay, but awesome!
Build a sense of ownership
You must take ownership, drive change, and continually improve. Take responsibility, which also means accept failure when it occurs--and it will. You will not always know the outcome but must recover and move on. Leadership and ownership are on everyone, not just people in charge. Own it, but empower others to take ownership as well.
Focus on culture
Focus on the right outcomes and build safety around mistakes. Mistakes will happen. Track you and your team’s performance, learn from them and take action to adjust and grow. Develop a culture of acceptance and foster learning.
Build relationships across your organization at all levels. Investing time in getting to know those outside your direct managers and peers will help improve trust and motivation in others.
Know your strengths and weaknesses
Focus on your strengths and find assistance with weaknesses. Find a mentor, friend, or co-worker who has expertise in an area you don’t; then be open-minded and learn. Constantly self-evaluate, accept feedback, learn, and grow.
Build a sense of urgency
Meaningful change requires urgency. Act promptly and effectively, share data, and show the gravity of concerns. Creating a narrative that shows how an event occurs, metrics, and why change is needed increases understanding and promotes urgency.
Long ago, the theory was that someone was “born” with an innate ability to be a leader. Over time, studies have shown that leaders had specific traits and behaviors that helped them succeed in their job or as a manager. While some people are natural-born leaders, I believe leadership is teachable.
At Datashield, we do a monthly book club, which includes a management or leadership book and a technical book. Reading is a critical component I place on my managers; without study, you will remain what you are.
Below is a list of some books helpful for building great leaders:
First Break All the Rules by Marcus Buckingham
Extreme Ownership: How U.S. Navy SEALs Lead and Win & The Dichotomy of Leadership: Balancing the Challenges of Extreme Ownership to Lead and Win By Jocko Willink & Leif Babin
The Culture Code: The Secrets of Highly Successful Groups by Daniel Coyle
Leading Change by John Kotter
Leadership and Self-Deception by The Arbinger Institute
Start with Why: How Great Leaders Inspire Everyone to Take Action by Simon Sinek
Are you looking to grow your career in cybersecurity?
We're looking for leaders. Check out our open careers here.