How to make your security team more business savvy

CISOs are finding ways to inject more business skills into their teams through recruitment, training and staffing strategies that broaden workers’ horizons — strategies that they say are paying off with stronger security and better aligned risk management.

team management / teamwork strategy
Metamorworks / Getty Images

Myrna Soto has witnessed throughout her career the significant impact that business-minded security professionals can have on security success, so much so that she created a new position — the business information security officer (BISO) — during her tenure as global CISO with Comcast.

These BISOs cultivated relationships with business unit leaders to better understand the processes, transactions, initiatives and objectives that made their departments — and the company as a whole — tick.

The BISOs had to be more than technically astute and security minded to do well in their roles, and they had to be more than good communicators and fast learners. They had to understand business terms and principles, too.

To make sure they did, Soto embedded them within the business units for tours of duty and found other ways to sharpen their business acumen.

“If we did nothing other than that, we still would have gotten a tremendous value because that really opened those security professionals’ eyes to business needs and perspectives,” Soto says.

To continue reading this article register now

7 hot cybersecurity trends (and 2 going cold)