Addressing a Common CISO Challenge: Being a Student of the Business
Demetrios Lazarikos (Laz)
April 18, 2022
So many times, I’ve personally struggled with the successful alignment of security to business objectives. Part of this challenge is that many companies (and teams) are moving at the speed of innovation, leaving security to come in behind them to plug the holes and clean up a potential mess. Looking at the issues more holistically, another opportunity that I see regularly is that security leaders may be excluded from strategic discussions during critical business planning and decision activities; security will never get ahead of the curve following this dysfunctional model (please see last month’s blog on Connecting Your Cybersecurity Program Budget to Your Organization’s Business Objectives).
You are not alone. I realize that every team, industry, and business is different; however, I’ve found many of us have encountered these same challenges. This common realization amongst CISOs leads us all down a path to do something about it. Many of us find we struggle with making that connection to the business at the same time as our business peers.
Seeing this need, Blue Lava decided to find a way to empower each other as security leaders by working on standard methods to understand the alignment between business and security. This desire to share a proven approach with all of you is why Julia Tran, Art Coviello, and I created the Blue Lava MasterClass.
What is the Blue Lava MasterClass
The Blue Lava MasterClass is a set of invite-only, limited-capacity sessions that bring together experienced leaders from the business and security communities. To date, Julia, Art, and I have delivered key learnings to a number of attendees and we’re thrilled to have Frank Kim, Faculty Fellow & Curriculum Director at SANS, join us for our next session. During these private, off-the-record sessions, we collaborate with attendees on use cases, scenarios, and mapping experiences to the challenges we all face in our role as a security leader.
One primary goal with the Blue Lava MasterClass is to promote teamwork and partnership around an effective multi-disciplined strategy to support the business. As a result, security becomes an enabler while supporting and protecting business growth.
Why We Created the Blue Lava MasterClass
Throughout my career, I’ve found that many security leaders have asked for assistance in tackling the issues associated with connecting business objectives to security programs and vice versa. Our reality today is that a great deal of security information is reported in technical terms resulting in a lack of understanding by the business. When you last presented to the Board or Executive Staff – what was their response to the data you provided?
Blue Lava realized that a new approach requires a common language and consistent metrics when communicating and reporting to our executive peers, leadership teams, and the Board.
What You’ll Walk Away with from the Blue Lava MasterClass
We recognize that your time is valuable. Our mission with the Blue Lava MasterClass is to deliver and empower you with proven strategies to consider for your security program management.
When you join us for the in-depth presentations and engaging conversations, you’ll get to hear about topics such as:
- Experiences from the field – lots of lessons learned
- Aligning your security program to your business objectives (not one size fits all)
- Understanding the journey – there is no silver bullet
There are numerous challenges that have already been artfully solved by some of the most notable business leaders and CISOs in the industry. We will continue to bring these security and business leaders together – to you – as we strive to help us all overcome some of the difficulties, we’re all facing in this increasingly-demanding role of the CISO.
I personally invite any security professional keen on establishing a partnership with the business, to take the next (and any future) Blue Lava MasterClass so you can bring the information presented during these sessions straight back to your operational and leadership teams. We’re all students in life, on a journey of continuous learning. I look forward to seeing you for one or more MasterClass as we become students of the business to overcome common CISO challenges, together.
Please join us for our upcoming Blue Lava MasterClass and gain insight into the countless benefits others have already absorbed and implemented throughout their businesses. Frank Kim and I will be leading the discussion on November 17, 2020, at 10am Pacific, 11am Mountain, 12pm Central, 1pm Eastern.
Click here to learn more about this event and register.
Laz has 30+ years industry experience, is a 3x CISO, the Co-Founder of Blue Lava, and is a globally-recognized authority in Information Security. He welcomes your feedback and can be reached at: laz at bluelava dot io.