• United States



Security leaders need to ask this question to get the success they seek

Jan 05, 20164 mins
IT Leadership

Security leaders that adjust their mindset and get the answer to this question set themselves up for a successful future

New year. Old priorities?

For many, this is a time of resolution. A chance for reflection. Perhaps even an effort to improve resolve. As suggested by others, doing what we’ve always done gets us what we’ve always gotten. From another perspective, what got us where we are today might not be what we need to get us where we’re going.

Are you ready for a change? Looking for a more successful year?

Focus on security breaches continues to grow. Executives and boards are paying attention. Yet many are struggling to make the connection and advance the conversation.

Getting it right requires a shift in mindset.

And it starts by stepping back and asking a single question: “What happens when breach happens?”

Asking the question now helps you make better decisions all year long. It’s the start of the dialogue and relationship you need for success.

Adjust your mindset to anticipate breach

Last year I introduced the mindset of “anticipate breach.” It actually started with this slideshow on the 5 questions to ask before a breach happens. But then I wrote about it here, and provided this slide show at the end of the year.

Slide 7 suggests the question that gets the process started:

The easiest way to get started is to ask, “what happens when breach happens?”

Often the first answer is “nothing.” Or a shrug and puzzled look. We spent a lot of time in security exploring and understanding threats. We know attackers explore and exploit just about anything they can get their hands on. This is your chance to do the same (read more about how here).

This is a chance to learn. Find out how the system/solution works. Explore what would create problems. Investigate how you could evidence that. What is the signal to look for? What is the damage? Are there steps we can take?

Ask before a breach happens

Get comfortable asking “what happens when breach happens?”

It’s that simple. This is a deceptive question. The key to the question is to ask the question before a breach happens. Akin to the notion of ask early, and ask often.

Maybe even something like a mantra… “but what happens when a breach happens?” Or even “if a breach happens, what would you like to see happen?”

The question is less about the asking, and more about the answer. Set aside notions of right and wrong. Instead, just experience them as they are.

Learn what is important to others. Find out how the systems and processes work. Ask insightful questions. Listen to the answers. Document and draw out what you learn.

Do this on a regular basis to shift your mindset and those around you. It gets people to question the “what if” scenario. Then work together to define the expected or ideal responses. Figure out what is possible and include others in the solution.  

Let the answer(s) guide priorities

If everything is a priority, then nothing is a priority.

The key to success is aligning your assets and efforts with what matters most to the company. Learning what is important provides the insight needed to make better decisions. Finding out how it works guides the right solutions to protect systems and information.

Collaborating on what happens when a breach happens allows the right responses. You get insight and cooperation on building the resilience needed for success.

To get the change you seek, start your new year off with different priorities.

Shift your mindset and guide the others around you on a journey. Help them shift their thinking by asking and answering this single question. The answers hold the power to change your entire year.

It sets the stage for your success as a security leader.

What are you waiting for?


Michael Santarcangelo develops exceptional leaders and powerful communicators with the security mindset for success. The founder of Security Catalyst, he draws on nearly two decades of experience of success advancing security in variety of operational roles. He guides leaders and teams on the best next step of their journey.

More from this author