By — Gary Hinson — on LinkedIn
SuperCISO’s superpowers: Visionary cartographer: scan the horizon and map out the information risk…
SuperCISO’s superpowers:
Visionary cartographer:
Change catalyst:
Team-builder and inspirational leader:
Rock:
Smooth-talking diplomatic facilitator:
Swamp-avoiding corner-cutting road-hump-flattening soot-juggler:
Empathetic relationship builder:
Guardrail installer:
Culture cultivator:
Sage:
Unless you really are superhuman, you can’t expect to do all those things (and more) exceptionally well … so a more pragmatic approach starts with self-awareness and a personal/career strategy. One possibility is to run a SWOT analysis on yourself:
- What are your Strengths as a person – not just the areas where you clearly shine and the achievements you are most proud of, but the things likely to be brought up in your eulogy?
- In what areas are you comparatively Weak? What causes you the most stress or grief? What parts of the job would you prefer to shy away from, given the choice?
- Where are your Opportunities to grow, develop, mature and flourish? In career terms, what would take you to “the next level”? Are there things you can plan and prepare for?
- What about the Threats, the things (or people or situations …) that might derail you from your path to ultimate success?
Hinson tip: if you find this process confusing and awkward, discreetly seek the assistance and guidance of close colleagues, friends and family members. Google for HR tools and techniques such as the Myers-Briggs approach. Take a cold, hard, dispassionate look at your own CV: if you were tasked to appoint your own replacement before leaving the organisation, would your CV pass muster? What might raise concerns among the interview panel? Which aspects beg questions? Issues from your past will naturally dissolve over time, but perhaps you can address them more proactively to speed-up the dissipation, for example through self-study, training or seeking out chances to make and demonstrate progress. Making a genuine effort will highlight matters to bring up (or avoid!) at annual bonus appraisal or interview time so there’s a pay-off to aim for. Literally.
As career advice goes, that’s all very well … but in essence it applies to almost any management position, so what’s different about the pragmatic CISO?
- Pragmatism in this area involves acknowledging that, with the best will in the world, we cannot all reach and stay at the very top of our game all the time. When the going gets hard, we may struggle, stumble, perhaps even fall … which is when the value of preparation, resilience and contingency thinking comes into play. Being sacked or made redundant, for instance, is as much an opportunity to seize as an issue to overcome.
- Optimism is another aspect. Pragmatism typically involves tolerating higher information risks in the interest of not overly constraining the business. Keep your natural paranoia in check by cutting some slack for information risk owners who elect to accept risks that you, personally, would not. As a competent professional advisor, your job is simply to make sure the risk owners are well informed and understand the risks – and for that you are accountable. If they decide to overrule your advice for business reasons, they are accountable for their decisions – and fair enough: they understand the business context better than you. Maybe, in fact, they are correct.
- Teamwork is another part of the solution. If you admit to being comparatively weak in, say, constantly scanning the horizon for emerging risks, it might just be the very thing that someone in your team, a colleague elsewhere in the organisation, or an external advisor might excel at – so work with them. If they are junior to you, taking on the additional responsibility may be an excellent opportunity for them, and a chance to deepen your relationship.
if you are interested in Super CISO topic, this link and references may be of interest… to explore further.
The CISO Mentor: Pragmatic advice for emerging risk management leaders
