News of Note: Building Bridges for Business and Beyond

One of my CISO friends and I met recently to catch up and discuss the current cybersecurity challenges and priorities at the organization he moved to six to eight months ago. His company is fully embracing cloud services and trying to wed these with some existing on-prem operations. However, they’re also tackling many common problems that crop up during the migration of business applications to the cloud (either as they currently exist or with a few simple changes – lift-and-shift migration) or the complete building of needed apps in the cloud (cloud-native migrations).

These common areas of focus that are getting his and his team’s attention include identity and access management, data security and visibility, vulnerability management, shared responsibility, Zero Trust strategy implementation, and more. Another one high on his list, though, is how to confront these and other technical cloud-related complexities while maintaining effective and protected on-prem operations given an obvious lack of cloud-specific knowledge and experience on his and other technical teams. He is up-skilling those who need more technical acumen on this front while also seeking to add some additional pros to his team that have some cloud know-how. As well, he’s engaged in a bit of a team restructure as he looks to consulting services to provide support where gaps exist.

In tandem with these moves, he also has given high priority to building bridges among the wider C-suite – well beyond leaders in the company’s technical divisions, such as CIOs and CTOs. By building stronger relationships with those leaders whose teams leverage cloud services for the successful, uninterrupted operation of the business, he’s been able to establish executive champions across the organization to help support and meet resourcing, staffing, educational development, and other vital needs. When raised with the CEO or CFO, not every request is granted, of course, but as most in his company’s C-suite gain more and more of an understanding of the organization’s dependence on their ever-evolving cloud infrastructure, its associated security needs, and the complexities of its operations and oversight, the support given to his team has become that much more steadfast and more easily and swiftly obtained.

That’s a good thing in helping to maintain the organization’s overall cyber resiliency posture and compliance with regulatory requirements, while at the same time businesses are seeking to maintain or even grow revenues amidst lingering financial difficulties. And while building ties across the organization’s leadership is a crucial common-sense play for any new executive leader, it requires a great investment of time, patience, persistence, empathy, affability, humility, and more. Now, in hybrid workforce environments plagued by still tumultuous but maybe growingly optimistic economic and socio-political times, marshaling any of these needed traits can prove a bit tough.

For CISOs like my friend, supporting other CxOs and their teams in executing their own specific mandates to build or expand needed products and services that are underpinned by more efficient processes is hugely helpful. This support, its reciprocal benefits, and the resulting team-building, is driven home during quick Zoom touchpoints, regular stand-ups, necessary one-on-one meets, the odd business or informal in-person hang, executive/C-Suite catch-ups, and at industry events with team members and industry buddies face-to-face.

The globally spread-out CSA team gathers in-person and virtually like everyone else these days. Additionally, many of us attending the RSA Conference in San Francisco this year are looking forward to meeting up during our 14th CSA Summit during the event on April 24th. We are covering a slew of topics at our one-day summit, including ways to stay mission critical in the cloud, lessons learned during Zero Trust implementations, establishing practical understandings of shared responsibility with CSPs, and more. After that, we’ll be meeting with CSA Corporate Members, partners, and other industry buddies to plan for additional events like our annual SECtember conference in Seattle later this year, discuss outputs for our various initiatives (our Zero Trust Advancement Center, CxO Trust, the Financial Services Initiative, and more), talk shop, and even share personal news.

After all, building those mutually beneficial business relationships not only helps with our day-to-day professional lives, but also frequently leads to steadfast personal friendships that can last a lifetime.

See you in San Francisco!