What it takes to be a transformational CISO

The skills and traits of effective change leaders.

A businesswoman looks into the distance amid abstract technology, colleagues in background.
AlphaSpirit / Getty Images

Brian Kelly, back when he was CISO of Quinnipiac University, felt the pressure to take a different tack.

Like most security chiefs, Kelly found himself working with limited resources while facing expanding responsibilities and threats.

He saw then the need for change, believing that he could better contend with those dueling pressures and improve the organization’s security posture by transforming the cybersecurity function from a rigid operation rooted in compliance to a more flexible one grounded in understanding and reducing risks as they emerge.

The shift, he says, meant big changes for both the organization and him as its leader.

“For me, I had to be more open to alternatives, and I had to be open to a gray area, understanding that security is not always black and white. I had to listen, collaborate, learn from a community, be more adaptable, and I had to be strategic around the institution’s goals,” he says. “It started a transformational way of thinking.”

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.