What goes around, comes around: answer the call
The next stop was with one of my own mentors, Raj Samani, chief scientist at Rapid7, who has provided me with insight for more than 17 years. His advice: “Seek trusted advisors … ultimately the CISO must think strategically and not become mired in the tactical day-to-day decisions. Develop a risk ownership model for your enterprise and find people with integrity and who you can trust.”
“We so often question the motives of others –I’ve been in this position,” Samani says. He also observed that “not every call has to be a sales call — engage, learn, and share. I have reached out to my mentors to help me discuss situations and strategy. When your colleague calls, answer the phone, and give advice. In the end, we are all trying to prevent the same set of risks from becoming reality.”
Security can be an especially high-stakes and quickly evolving field, which makes a good community of mentorship incredibly valuable,” says Gary Barlet, field CTO at Illumio. “There’s no question that having mentors (and being a mentor yourself) is essential. To find mentors or mentees, CISOs and CIOs can turn to networking groups for security professionals, leadership within their organization, and friends of friends. I found that I needed different mentors at different points in my career, and sometimes, the best mentors come about organically.”
Barlet said he would like to see more mentorship between business and organizational leaders in the same peer group. “That’s how security leaders will be able to achieve the goals and build the resilience they’re striving for. For security teams to be successful, the whole organization, and particularly leadership, needs to be brought in — and this starts with mutual respect and a solid understanding of the function.”
“Mentorship in the cybersecurity field is an invaluable tool in both an individual’s and an organization’s maturity. CISOs who have been through the wringer have considerable wisdom to share about everything from ransomware remediation to dealing with recalcitrant CFOs,” shared Craig Burland, CISO of Inversion6.
He cautioned, however, that challenges exist in organizing mentorship, “The first is very human. Finding a good mentor is a very organic and personal process. Personalities have to click and career trajectories have to be complementary. The second issue is about secrecy. Many of the circumstances where a CISO needs guidance are highly confidential, fast-moving, and intense.”
