The Security Job Profile Project

In the mid 90’s when I was in my later years of school in Victoria, my peers and I were all given a thick book from our careers adviser called a VTAC Guide (Victorian Tertiary Admissions Centre). Each university and TAFE course had a place in the book - title, description, what skills would be gleaned and then a host of ‘real world’ vocations that you could take on once you had your qualification in your hot little hand.

Read More

CIO’s seeking security story tellers

In talking to CIO’s while researching my upcoming book, I’ve been noticing a pattern forming across sectors and countries. In responding to my questions, many CIO’s have said that when hiring security leaders, they are looking for story tellers who are inspiring, uplifting and influential. And while these words don’t always appear on a job description, they are certainly used to describe an ideal security leader.

Read More

How will you prepare for your next presentation to the Board?

With the global cyber events of recent weeks and months, I wonder how many Boards have met with their security leaders for the first time or after a long hiatus between updates. Are security leaders nervously waiting outside board rooms all over the globe for an impromptu meeting which brings that fated question “have we done what we can to address the potential impact of [insert latest breach here]”?  (I’m secretly hoping they no longer ask ‘are we secure’ given this is impossible to achieve).

Read More

Top 7 qualities of an Information Security Leader

In the security industry, like any other, there a few traits that should be on your list of non-negotiables when it comes to hiring a leader. The Information Security leader is one of the key roles in business today and is not a hire that you can afford to get wrong.  Here are the top 7 qualities to look for, in no particular order (except the first one)…:

Read More

Is your business fluent in security?

As security leaders, what if we could show the business that the things we care about and the things they care about are the same? Things like doing the work they love, making a difference to someone, protecting the reputation of the business and heading home to their families at the end of the day feeling comfortable in the knowledge their effort has made a difference. Fundamentally, they are made of the same things that we are – they are just at a different stage on the security journey with a different attitude to risk when it comes to achieving common business goals.

Read More

The end of fear-based messaging

‘There is no terror in the bang, only in the anticipation of it’. Alfred Hitchcock said that…. He knew a thing or two about evoking fear. Fear is often used to will people into taking action that they otherwise wouldn’t – for example fear-based messaging has been used for years (who knew that before Listerine, no one was worried about bad breath…no one). When it comes to fear-based messaging… security is no exception.

Read More

A Christmas Tale

It’s been the Christmas season for a while if you believe the elevator music, the tinsel draped around store doorways and the brief pause in hot-cross bun sales.

It’s a time of year when projects are due to close, budgets are under pressure and there are more parties than you can poke a stick at. All these things, and probably more, have got data loss written all over them….

Read More