Achieving Security Goals

Achieving your personal goals can be already a serious challenge for one in the day to day activities. However, when it comes to achieving corporate security goals, you might feel things are impossible to achieve. People who will complain, executives and middle managers who don’t provide resources, or being unable to find the right people get change initiated. Sure, changing a company might anything but easy. But as always, a clear plan can help!

What, why, when

Start your plan with a clear definition on what you want to accomplish. Determine why it is beneficial for the organization and when you achieved the goal. After you would finish, is it then considered to be done, or just the beginning of something new?

Personal gain

Since most changes will have a central or personal gain, or both, consider what it will bring to you. Also if the goal is short or long term oriented. Additionally is the experience, or the outcome of the change, well suited for (re)using in a later stage of your career?

Friends and Foes

First of all, determine your biggest supporters. Whatever idea, program or project it might be, you need supporters. Consider what they have to offer, including their network of influence.

Additionally you could think about the biggest enemies of your idea. Why would they dislike the idea or why does it make their life harder? What would help them to get convinced to support the idea after all?

The money

Within the corporate environment, almost nothing can be done without some amount of money. Usually it’s clear who can or wishes to sponsor the idea. But also consider if there are more sponsors, or maybe even some volunteers to join. Think about the alternative methods to have people joining, like incentives, rewards or pride.


If you wouldn’t like the change happen to you, then be careful to perform the idea or activity. Threat others with respect, be open and honest about the possibilities or the limitations. You have chosen the field of security and we all knew it wouldn’t be easy. That doesn’t mean that we can’t do right and make things better!

Have any golden tip to share? Use the comments below.

This post Achieving Security Goals was initially published on The Next CISO.

*** This is a Security Bloggers Network syndicated blog from The Next CISO authored by Michael Boelen. Read the original post at: