In a previous post, I talked a bit about why security leaders like their jobs. Overwhelmingly, most cited the increasing importance of protecting their enterprises against the rising sophistication of hackers as the reason behind their professional fulfillment. Though surprising initially considering how contentious this issue has been in the past couple years, we found that these executives not only liked the challenge but also found great pride in combating internal and external threats to their organizations.
As part of our research, we also asked security leaders what their greatest achievement was thus far. Given that many of these executives have been in the security field for quite some time, the diversity of responses was not a surprise; however, there was definitely a common thread.
Typically, security leaders found pride in either effectively training the workforce or optimizing business processes through a variety of approaches but all with the express purpose of securing the enterprise against any threats, hacker or otherwise.
Building a secure workforce
Several notable achievements centered on raising awareness of how important having a protected enterprise really is, especially in industries such as Financial Services, where a data leak could have serious consequences.
One way to help avoid this is to ensure that employees are taking measures not to put information at risk. One security leader in Banking successfully deployed a cross-functional team responsible for creating an integrated security approach that encompassed everything from access management to compliance, establishing a security precedent within his organization.
This proudest moment highlights executives’ commitment to ensuring that their most valuable asset – data – is adequately handled and protected. What better way to achieve that than to raise awareness among the most powerful asset within the enterprise, its people?
Securing business processes
Other security leaders took on a slightly different approach to safeguarding the enterprise by optimizing existing business processes. A CISO in Insurance associated his proudest moment with his efforts to modernize an existing IT program that wasn’t up to recent technology standards and thus was not sufficiently combating growing threats.
Similarly, a Chief Information Officer in Transportation took a hard look at what type of security measures his company promised to customers when selling certain offerings and sought to provide more secure hosting and processing, resulting in longer-term customer contracts and business growth.
This CIO’s proudest moment was similar to that of a security leader in Telecommunications, whose greatest achievement included delivering comprehensive security for his company’s first ever cloud offering. Other security executives attribute their proudest moments to instances when programs and policies they have implemented passed the “security test” in the form of audits. Since at times customers are the ones who put pressure on companies to participate in audits, it’s no surprise that for some executives, their proudest moments were related to leading the organization through successful audits – especially if it was the first time.
Creating a secure enterprise
Whether securing the workforce or the business, all these executives share the common goal of protecting their organizations against increasing internal and external threats. It’s reassuring that leaders in security are constantly looking for ways to better equip themselves and their workforces to combat security challenges but more importantly that they find great professional and personal pride in securing the enterprise.