NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Videos
    • Glossary
    • Infographics
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

3 Powerful Strategies for CISOs to Boost their Organizational Influence

February 22, 2021

  • Blog
  • Archive
  1. Home
  2. Blog
  3. 3 Powerful Strategies for CISOs to Boost their Organizational Influence

In recent years, the CISO role has rapidly been propelled to prominence amongst the C-suite, underpinned by relentless cyber-incursions, intense regulatory security, and the undeniable correlation between cyber-resilience and long-term business and stock performance. Unfortunately, this rapid shift also continues to expose the soft underbelly of most cyber executives, whose technical competences are ill-suited to drive complex change, overcome deeply entrenched cultural inertia, and navigate powerful political establishments.

Study after study shows that success at the top requires CISOs to influence key power brokers, communicate with impact, and rapidly accelerate transformation. Based on my experiences as a virtual CISO and training cyber leaders from dozens of countries who go through the Cyber Leadership Institute, there are three powerful strategies CISOs can wield to effectively enlist the support of senior stakeholders and the board.

1. Like any other important life endeavor, effective stakeholder management requires extreme prioritization and focus. Simply put, not all stakeholders are created equal. CISOs can leverage the classic stakeholder management framework, which classifies stakeholders into four quadrants based on their organizational influence and vested interest in the cyber transformation agenda. CISOs must spend more time nurturing deeper relationships with the High-Influence / High-Interest group, such as the CEO, CIO, CRO, and the Board of Directors. These vital stakeholders can sustain, derail, or even kill the cyber-transformation agenda. Thus, it's crucial for CISOs to tightly manage these critical stakeholders and keep them highly engaged. The CISO must seek these key stakeholders' perspectives from the outset and build a cyber-resilience strategy tightly pinned to corporate goals. When key stakeholders feel engaged, they will go the extra mile and throw their full weight behind the cyber-transformation program.

2. One of the most potent leadership influencing tools is often hidden in plain sight: The universal principle of reciprocity. According to Robert Cialdini, a globally acclaimed psychologist in the field of influence, "People are obliged to give back to others the form of a behaviour, gift, or service that they have received first." CISOs can get important stakeholders on their side by simply giving more than they take. By actively supporting key stakeholders during key decision-making forums, volunteering direct reports to help deliver critical deadlines or simply buying small birthday gifts, those stakeholders are more likely to say “yes” when the CISO requires their support.

3. The CISO role is relatively straightforward: You commit to delivering a set of capabilities within a specified timeframe. You deliver your promises and then inform the Board and the executive team what you have accomplished. But CISOs must actively resist the temptation to rush into execution. Instead, they must acquaint themselves with the lay of the land, technical constraints, and other risks that can derail their mission. Attempting to boil the ocean is a common CISO miscalculation that comes back to bite at a breathtaking speed. When the CISO promises a Lamborghini and delivers a Toyota Corolla, their credibility goes flying through the window. Constantly apologizing for missed deadlines and miscalculations projects a tone of indecisiveness and weakness. Credibility is the currency of the CISO; once it flies through the window, it's tough to recover. Equally important, the CISO must resist the urge to sugar-coat risks because long term credibility depends on the CISOs courage to do what is right, not what is easy.

When done right, influence and persuasion are potent tools for CISOs to gain direct access to the Board, earn a set at the leadership table, and find deeper meaning in their roles. As Sharmila Devi wrote in the Financial Times, "Leadership is no longer synonymous with management. Leadership has to deal with how to influence and drive performance."

For a deeper exploration of this topic, tune into my on-demand webinar: Rising CISOs: How Cyber Leaders Can Effectively Influence Executives and Boards.


Photograph of Phil Zongo

Phil Zongo, CEO and Cofounder the Cyber Leadership Institute

Phil Zongo is a multi-award winning cybersecurity executive, keynote speaker and bestselling author. Some of his career highlights include:

🔹 Author of The Five Anchors of Cyber Resilience, a best-selling strategy book that provides practical guidance to business executives.

🔹 Author of The Gift of Adversity, an intriguing memoir to be published in 2021.

🔹 2017 winner of ISACA International’s Best Book/Article Award, one of ISACA’s highest global honours, which recognises individuals for major contributions to publications in the field of cybersecurity and IT governance. 2016 winner of the ISACA Sydney’s first-ever Best Governance Professional of the Year Award.

🔹 2020 Global Top 100 Most Influential People of African Descent (MIPAD - New York) - 4th Industrial Revolution Category. MIPAD is a unique global list that identifies high achievers of African descent globally in support of the International Decade for People of African Descent (2015-2024), proclaimed by the UN General Assembly Resolution 68/237.

🔹 2019 Semifinalist - The Wharton Executive Entrepreneurship Acceleration Program Business Plan Competition, which features dozens of entrepreneurs globally.

🔹Nominee - Australian Information Security Association (AISA) - 2019 Cyber Security Professional & 2020 ISC2 Asia Pacific Senior Cyber Security Professional of the year awards

🔹 Winner of 2018 Zim International (Australia) Outstanding Achievement Award, African Australian NSW 2018 Outstanding Performance Award, 2019 Appreciate Africa Asia Outstanding in Business Award (Beijing, China), accolades that recognise achievements that far exceed the norm.

🔹 Delivered cutting edge insights to thousands of professionals and business executives across high profile conferences, diving deep into important global trends such as cyber resilience, digital transformation, cloud computing, artificial intelligence, etc.

🔹 My thought leadership has been distributed to more than 180 countries and has been featured in several newspapers and well-regarded magazines.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

IDSA Report: 2022 Trends in Securing Digital Identities

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Infographics
  • Podcast
  • Videos
  • Webinars
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.