CIO Advisorapac
Close
  • home
  • Conference
  • Newsletter
  • Subscribe
  • Whitepapers
  • News
  • about us
  • Agile
  • Artificial Intelligence
  • Augmented and Virtual Reality
  • Backup and Storage
  • Banking
  • Big Data
  • Blockchain
  • BPM
  • Cloud
  • Contact Center
  • Cyber Security
  • Data Analytics
  • Data Center
  • Digital Marketing
  • Disaster Recovery Services
  • EdTech
  • Emerging Technology
  • Enterprise Mobility
  • Enterprise Security
  • Financial
  • Healthcare
  • Human Capital Management
  • Human Resource
  • IBM
  • IoT
  • ISP
  • IT Service Management
  • IT Services
  • Logistics
  • Marketing Technology
  • Mobile Application
  • Oracle
  • Payment And Card
  • Payroll
  • Procurement
  • Risk Management
  • Robotics
  • RPA
  • Supply Chain
  • Telecom
Menu
  • Specials

  • Backup and Storage
  • BPM
  • Data Analytics
  • Digital Marketing
  • Disaster Recovery
  • Human Resource
  • ISP
  • Procurement
  • Mobile Application
Specials
×
news

Subscribe to our Newsletter

news

Subscribe to our mailing list for the latest articles, news, and exclusive insights.

Thank You for subscribing with us. We sent you an email regarding this.

news
SUBSCRIBE

loading
  • Home
  • Cyber Security
Editor's Pick (1 - 4 of 8)
left
What Organizations are Mistaken about Cybersecurity?

Osman Faiz, CIO, Standard Chartered Bank (Singapore)

Technology and Business Conscience Collision

Winston Benedict, CIO, Dentsu Aegis Network ANZ

Innovation and Change, the Challenge of Getting It to Stick

Ross Forgione, CIO, Johnson Winter & Slattery

Security: From the Back Room to the Boardroom

Bret Arsenault, VP & CISO, Microsoft Corporation

Digital Warfare

Dr. Dale A. Lambert, Chief, Cyber and Electronic Warfare Division, Defence Science and Technology (DST) Group, Department of Defence

What has changed in the last 20 years?

Ajoy Ghosh, Chief Information Security Officer, icareNSW

Game of Pawns: Security lessons from the latest HBO hack

Alex Manea, Chief Security Officer, BlackBerry

Importance of Security

Adam Cartwright, Head of Cyber Security, ANZ

right

Need of the Hour: An Effective Cybersecurity Leader

By Ashutosh Kapse, Head of Cybersecurity, IOOF Holdings

Tweet
content-image

Ashutosh Kapse, Head of Cybersecurity, IOOF Holdings

Cyber risks have taken centre stage in the corporate world. It is estimated that, more than 80 percent of organizations have now included, Cyber risk, as one of the Top Five risks in their risk register.

In Australia, a number of initiatives have been launched by the Government. This includes the ASIC/ASX cyber security survey, creation of the Cybersecurity minister and strategy, and the enactment of Mandatory data breach regulation. Australian organizations are no different from their peers around the globe where cybersecurity has become the key risk of concern for Boards and executive managers.

Interestingly, some recent surveys have produced contrasting results. A Ponemon institute research showed that, amongst more than 400 organisations that were surveyed, 67 percent board members reported they had only “some” or minimal knowledge of cybersecurity. The same research suggested that 70 percent Board members were confident that they clearly understood security risks. When posed the same question to the technical staff, 57 percent IT Staff thought that their board did not have requisite knowledge to understand cyber risks. In another survey which polled nearly a thousand professionals in the US (conducted by ISACA) 82 percent boards recognised that cyber security is a business problem which needs the attention of the board. But in the same organisations, only 1 in 7 (14 percent) CISOs reported to the CEO and had a seat at the executive leadership table.

The research suggests that although visibility at board level has increased, requisite organizational structures (to support cyber risk mitigation) are still lagging. I believe that is a result of a combination of factors such as

a. Cybersecurity as a domain, being new, has no specific standard format to follow in terms of implementing structures and allocating responsibilities

b. There is an inherent shortage of resources and the problem is more exacerbated at senior levels

c. Lack of depth of cybersecurity knowledge at Board level

The apparent disconnect and a gap in trust needs to be closed if the cyber threat is to be tackled effectively. Organizations must realise that, in order to have a mature cybersecurity posture, they need transformational leadership in their cybersecurity area.

An executive/manager in charge of cybersecurity in an organization has the unenviable task of influencing the Board as well as impacting the security culture across the organisation


An executive/manager in charge of cybersecurity in an organization has the unenviable task of influencing the Board and the executive leadership group as well as impacting the security culture across the organisation. Cybersecurity leader does not necessarily need in depth technical skills, but certainly needs dynamic leadership skills.

What does transformational leadership in Cybersecurity mean?

If you are a Board member/Executive manager looking to hire a Security manager or you are a security manager looking to rise to the challenge, in addition to technical understanding of security, I would focus on getting/ developing the following skills.

• Great communicator and story teller: Only a great communicator can influence effectively at the board and executive level as well end users from various business units with varied amounts of technical knowledge.

• High Emotional Intelligence: A highly developed emotional intelligence is needed in order to foster enduring internal relationships with peers, business unit leaders, and technical staff. EI is a critical trait as it will influence collaboration, teamwork, crisis management, and more.

• Big-picture thinking: “Being able to see the forest for the trees…..” A security manager usually comes from a technical background and technical engineers are very good at focussing on the minutiae which is necessary to solve technical problems. Security on the other hand is very much connected with being able to see the bigger picture and the context. Security leader needs to have a big-picture thinking to be successful.

• Business Acumen: A security leader has a very important part to play in business planning, strategic planning, and ensuring security and risk is built into all business processes. Most importantly the person needs to be able to frame security challenges into business opportunities, ultimately, security leader need to balance dollars with risk.

• Ability to lead cultural change: Organizational culture sets the tone, the framework, and the operational context for security to operate. Implementing a mature security posture has a lot to do with successfully leading culture change in an organization. Ultimately security leader must create a positive security culture.

• Personal integrity: For the security leader the foundation of success is built on how he/she can engender trust of various parts of the organisation in the security processes and security programs being put in place. Trust starts with the security leader and hence he/she must exhibit greatest of personal integrity in everything the person says and does.

• Execution- Ability to get things done: Security leader must be results oriented. At the end of the day, soft skills and communication and integrity and EI are all good, but the security manager must have the ability to execute and complete tasks and projects successfully. Security leader must find ways to say “yes” to internal stakeholders and make security an enabler and not a roadblock.

• Be a team builder: Good leaders build good teams. The security leader needs to be a “servant leader” and build a team of specialists with multi-dimensional skillsets and attracting the best talent to the organisation. Successful security program needs people with right mix of talent, technical skills and interpersonal skills working as a cohesive unit.

Read Also

Digital Warfare

Digital Warfare

What has changed in the last 20 years?

What has changed in the last 20 years?

Game of Pawns: Security lessons from the latest HBO hack

Game of Pawns: Security lessons from the latest HBO hack

Importance of Security

Importance of Security

Featured Vendors

  • Cloudera: Turning Complex Data into Clear Insights
    Cloudera: Turning Complex Data into Clear Insights
  • Feezmodo Consulting: Devising Long-Term IT Strategies
    Feezmodo Consulting: Devising Long-Term IT Strategies
  • OneAsia: Intelligent Cloud Infrastructure Adoption
    OneAsia: Intelligent Cloud Infrastructure Adoption
  • Consultel Cloud: Simplifying Cloud Migrations
    Consultel Cloud: Simplifying Cloud Migrations

Cyber Security Special

Copyright © 2019 CIO Advisorapac. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy |  Sitemap

follow on linkedinfollow on twitter
This content is copyright protected

However, if you would like to share the information in this article, you may use the link below:

https://cyber-security.cioadvisorapac.com/cxoinsights/need-of-the-hour-an-effective-cybersecurity-leader-nwid-606.html