7 communication mistakes CSOs still make

Is your security message getting lost because you are making one of these seven common errors? Veteran security pros share what they've learned about effectively raising security's profile.

. What's this?

By , Senior Editor

March 23, 2011CSO

For many years, we heard security professionals lament the way they are perceived. Terms such as "the place where good ideas go to die" and "the department of no" weren't uncommon just a few years ago when referring to the security function.

But that is changing—slowly, according to many security leaders. Still, as risk mitigation efforts, and the people behind them, get a better rep, challenges still exist when it comes to conveying security's message to company leadership, and staff users as well.

Learn to communicate effectively!

CSO spoke with three infosec veterans to learn what effective communication looks like in an organization where security lives in harmony with the rest of the company. Here they tell us what NOT to do if you want to get everyone on board with what you're trying to accomplish.


Failing to convey security's vision

Lorna Koppel, Director of IT Security with Wisconsin-based manufacturing firm Kohler Company, has been in security for decades. After some time in the military, and a degree in atmospheric sciences, she found herself increasingly interested in IT security as the world became more computerized.

"Things were so much simpler then. The threats were not as complex and as targeted," she recalled. "Now our jobs are more complicated because we have to still deal with all the noise and threats that are automated, but we also need to be prepared for the more complex and advanced methodology."


Also read 5 steps to a strategic security plan


For Koppel and her team these days, that means there is a delicate line that needs to be straddled between how security is handling current threats, and what it plans to be doing in the future.

"We've spent a lot of time looking at our vision. Where are we going? What is our strategy?" said Koppel. "It's really hard for security people because we are reactive. We can get caught up just fighting the fire. But we also have very clear projects."

She said she strives to always maintain a relationship with her team that requires them all to be forward thinking.

"I think the mistake some people fall into is dealing with latest. Let me deal with what's my plate now. Then I'll fit in the proactive stuff. But you get analysis paralysis. You don't make any progress on making life better for the company or yourself. How do you catch that soon enough so you don't waste a lot of time NOT making life better?"

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER