If a CISO has never been asked “what keeps you up at night,” either no one knows he’s a CISO or everyone knows he’s a lousy CISO and doesn’t bother asking. Ideally, a CISO has the right programs, processes, and people in place so that he can sleep at night. This is every CISO’s goal. Once the fundamentals have been addressed and everyone in the organization knows what to do, how to do it, and when to do it, the CISO can prepare for tomorrow rather than worry about today. Then the pressing question asked of CISOs becomes not “what keeps you up at night,” but instead “what gets you out of bed every morning.” This new question represents a new mindset. The CISO is no longer focused on securing things but on securing the organization. That doesn’t mean the job gets easier but rather more strategic, and every CISO aspires to be more strategic.
I recently sat down with Alan Levine, the long-time CISO for Alcoa, to discuss some of the lessons he’s learned in his career. In this video, Alan shares the difference in perspective that ultimately separates a tactical CISO from a strategic one.
CISO Perspectives is a blog series featuring conversations with chief information security officers from different industries. Each blog features a unique perspective on a variety of topics pertinent to the CISO profession and career. Visit our CISO Perspectives page for more blogs and videos.
*** This is a Security Bloggers Network syndicated blog from Cyber Security on Security Boulevard – Accellion authored by Joel York. Read the original post at: https://www.accellion.com/blog/instead-of-asking-a-ciso-what-keeps-you-up-at-night-ask-this-instead/