Happy New Year! Yeah – I know this isn’t really cybersecurity-related, but I wanted to start out this new year with topics that are absolutely vital to success in this field - teamwork and leadership. I’m quite sure most IT and cybersecurity teams aren’t a team of just one person. Even if you are the only one doing IT work in your organization, you still have management, customers, and stakeholders who rely on you for information and advice.
When I was in the Navy, a common saying was:
“Keep your priorities, your mission, and your team. Keep your team informed. Bring everyone home alive.”
We worked on the flight decks of aircraft carriers – one of the most dangerous jobs on the planet! We in the squadrons operated with the attitude that the team and our aircrew are everything, and we had each other’s backs, especially on the flight deck. Even the crews from other squadrons, the equipment handlers, aircraft fuelers, tractor drivers, and the flight deck directors, people we didn't even know, watched out for us, and we for them.
I have found that saying to be true, even in the civilian world. We have a mission – keep our organization’s users, data, and technology safe. We have a team – those we work with, those we work for, and those who are our customers and stakeholders. And communication is ALWAYS the key to success! But I will translate “Bring everyone home alive” in the civilian world to mean make sure that your teammate’s heads are in the game by making sure that they are properly trained, help to ensure that they have an instilled attitude of continual learning, and care enough about them to see to it that their lives outside of work are balanced and their personal worlds are taken care of. Keep your upper leadership “alive” and successful (and not falling on their own swords) by giving them the correct information and advice needed to make sound decisions.
The “Recognized” Team Leader:
You don’t have to be a “designated supervisor” to be a leader. In fact, you don’t even need to be officially “designated” as a Team Leader to be a leader. What I mean by that is that leadership is not what’s written on a piece of paper. Leadership is an attitude and recognized behavior, and not just some “designation” that shows up in a job description. In my over 40 years of being in the military and civilian workplace, I have known plenty of “supervisors” who are designated as such, but don’t leave the confines of their desk. And I have known plenty of regular worker-bees who are leaders even if their official job titles and paystubs don’t say so. A leader is the one who is recognized by their colleagues and teammates as the one who knows the job, can make a decision, and isn’t afraid to get their hands dirty. A leader is recognized by their customers as the one who can get the answers and meet their needs quickly. A leader is recognized by those above them as that “trusted advisor” who will help them make sound decisions.
Taking Action:
Whether you are the supervisor or not, you can be a leader who instantly recognizes what needs exist, knows what must to be done to meet those needs, and then takes action. That action can mean offering assistance to a colleague (even if the issue at hand is not really your job), being a mentor to help train team members, or stepping in and taking on the task yourself. The leader who most often takes the appropriate action is the one who is paying attention and has situational awareness of not only their immediate technical world but the periphery activities and other issues that may affect them. Taking action also means being able to not only make the decision but take ownership of that decision. No one makes the right decision 100% of the time. But a leader recognizes when the decision wasn’t the right one and takes ownership for correcting their own mistakes.
Be a Trusted Advisor:
Supervisors and managers have a lot on their plates and don’t necessarily know every single piece of technology and minutia that the worker-bees deal with daily. Cybersecurity is an extremely broad and deep field and requires a significant amount of specialization in some cases, to get the job done. Incident handlers, for example, do not often deal with information assurance audits. Information assurance auditing professionals do not deal with the day-to-day nuts and bolts of technical security. But a Chief Information Security Officer (CISO) will often be responsible for the work of all these teams and will rely heavily on information from the trenches to make decisions that will keep the entire organization secure. While the supervisors and managers are looking for answers and trying to understand the numerous technologies so that they can make sound decisions, the leader in the team steps in, is able to articulate the situation, gives their management options, and helps with the decision making by giving good and timely advice.
Leadership is just as much a key aspect of cybersecurity as technical knowledge and competence. Whether you are a designated supervisor or not, you may be a leader. If you are that “trusted advisor” and the one who takes the team with you on the job and in the trenches, then you are a leader. If you are the one whom the management people come to for answers, then you are a leader. If you don’t care who gets the credit, but care more about what can be accomplished, then you are a leader. If you are keeping everyone around you informed, then you are a leader. And finally, if you care about the success of others and the success of your organization as much as your own success, then you are definitely a leader. Leadership is not a designation – leadership is an attitude.
No comments:
Post a Comment