Critical skills for IT and InfoSec leaders

13.08.2015
This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  

You've held a technical role in IT or information security (InfoSec) for a number of years, and now you'd like to move into a leadership role. Maybe even become a CIO or CISO. Good for you! There's a need for good people in those roles.

Stepping into a leadership role, however, requires new soft skills you may not have acquired while sitting in front of a console or racking machines in a data center. Skills like building influence and alliances within the organization, and communicating effectively to senior executives. Sometimes technical people feel more comfortable debugging a complex program than selling an IT strategy to the board of directors.

I consulted with Wisegate, a community of IT and InfoSec practitioners and leaders, to get their guidance on how to be an effective leader. The pointers below come from the Wisegate e-book, A CISO Handbook to Effective Leadership & the Art of Influencing People, which assembles the wisdom of members who have ascended through the ranks to become the company leaders they are today. (Note: The link opens a PDF.)

It helps to have a strong technical background so you are well versed in the issues of your new leadership role, but you can't underestimate the value of the soft skills. A recent survey of Wisegate members ranked collaboration, strategic thinking and influence as the most important skills for security leaders.

Wisegate points out that IT and information security officers often lack executive authority over the rest of the organization, so they need to foster cooperation and collaboration in order to get things done. One member says, "It’s necessary to build alliances within the organization so that you build a rapport with these people, and understand what’s important to them. As soon as you start supporting them, they’re going to turn around and support you.”

The community provides the following tips for being successful at using your influence:

Remember your college days when you didn't have much interest in those mandatory English classes with their required essays and speeches Well, try to dust off those forgotten communication skills because they are important to being a company leader. For example, you might be asked to go in front of the board to explain why the company needs to make a strategic investment in a new technology. The board won't want to hear the bits and bytes of the technology, but will want to know how it will help advance the business.

Having "been there, done that," the Wisegate member provide these tips on communicating with business people:

The Wisegate e-book provides a lot of good advice for new tech leaders, like how to find other people to elevate into leadership roles, opportunities for development, weighing the importance of certifications, and more. Check out the e-book for yourself at http://www.wisegateit.com/resources/downloads/CISO-softskills-handbook.pdf.

Wisegate takes the concept of a social network and puts it on steroids. This is a by-invitation-only community of IT and InfoSec practitioners and leaders who share with and learn from each other. There's no influence from vendors, analysts or other "blah-blah" people who aren't actively involved in providing or directing IT and IT security services for their own organizations. Members exchange their experiences in group discussions and one-on-one settings. It's one place where the members can pose a question and get answers from others who have already walked that path. For more information go to www.wisegateit.com.

(www.networkworld.com)

Linda Musthaler

Zur Startseite