In many cases, a cybersecurity leader is expected to think and act like a leader but may not be given the same visibility, responsibility, resources, or opportunity within the organization to do so. Further, cybersecurity leaders often find themselves in the security leadership role without sufficient leadership training or preparation, having been designated for the position on the basis of being the most technical person in the department or the individual with the most experience in firewalls and networking (two technical realms often associated with cybersecurity). Regardless of how a cybersecurity leader finds himself/herself in the position, it is an opportunity to truly make a difference at an organization. Cybersecurity leaders with the right mindset, passion about the position, fearlessness, and a willingness to work hard have a great chance of success.
My book, Risky Business: Cybersecurity Leadership the Right Way, shares relevant, practical, and actionable insights from one cybersecurity leader to another. This is not a technical book, because the most important parts of a security leader’s job are not technical. The book leverages a career’s worth of experience as a security leader and a concise, impactful communication style to provide you with a guidebook to success as an InfoSec professional. Some of you may think that your role doesn’t require you to be a leader yet. But everyone can be a leader, in their own way, in any situation.