Show Notes:'ve-learned-about-successful-security-leaders/


Contact Me:

Twitter: @justinfimlaid


I traveled to 7 cities this week.  It was a little intense to say the least.  Luckily I had some awesome company with me which made the trip a little easier. While in Austin I was listening to the cover band the Spazmatics and I was talking to a friend about the Pwned Podcast.  We were kicking around ideas for content, so out of Austin Texas, this weeks question – what is single commonality I see amongst successful security leaders.

One commonality I see among successful security leaders. It's their ability to build relationships within a security organization.  They are able to get their peers and other folks in the organization to pick up the security gauntlet to enable the security program.  They are also able to get their organizational cohorts to self select the correct security decisions when no one else is looking. 

I was pretty fortunate early in my career that someone much smarter than me taught me about the “Not invented here” stance by many people.  The idea of Not Invented Here is someone's general resistance to an idea because it wasn't their own, and they no matter what believe their ideas are better. 

From Wikipedia “The reasons for not wanting to use the work of others are varied, but some can include a desire to support a local economy instead of paying royalties to a foreign license-holder, fear of patent infringement, lack of understanding of the foreign work, an unwillingness to acknowledge or value the work of others,jealousy, or forming part of a wider turf war. As a social phenomenon, this philosophy can manifest as an unwillingness to adopt an idea or product because it originates from [somewhere else].”


What I learned from
this is sometimes arguing with someone who has this not invented here stance
matters less because it's while you may win the argument now, that same person
will try to prove in the long term while you were wrong and look to sabotage, perhaps
indirectly, your success.

I digress a little
bit, but my point is that successful relationship builders can see the bigger
picture don't get meyered down in petty arguments of singular facts.  Rather concensus, and doing things together
as a team, is the most important thing.

As I look back over
my career, I can clearly connect some realtionship dots.  One thing I always did was take care of the
vendors who took the time to visit me. 
See when I was a CISO, I lived in northern VT, and get anyone to leave
Boston to make a 3 hour drive was amazing. 
Now, I wasn't always a buyer, but One thing I would always do is make it
worth their drive by taking them out to dinner, spending time with people,
learning about their personal life. 
Nothing lasts forever – and when I left my job, it was those vendor
realtionships that helped me start NuHarbor Security.

Now I'm on the
Vendor side, I realized the Vendor community is a WAY WAY bigger network than
security professionals who perform security within a company.  The vendor network is big and they talk to
everyone.  They're an amazing network to
draw on if you ever needed help.  I often
see security professionals treat the vendor community fairly harsh, and vise
versa.  But really, we're all fighting
the same battle and we have a lot of commonalities.  If we accept that we're better together.

So my answer this
week to what is a single commonality I see amongst successful security
leaders.  It's their ability to build
long-term relationships with internal cohorts as well as develop external
partnerships with outside organizations. 
These are the individuals I see excel in the their carrer.