Events , Infosecurity Europe 2023 , Infosecurity Europe Conference

Why Security Leaders Need to Have a 'Broadness of Skills'

Security Analyst Paul Watts on How the CISO's Role Is Connected to the Business
Paul Watts, distinguished analyst, Information Security Forum

Security is about more than technology, said Paul Watts, a distinguished analyst at the Information Security Forum. It's also about people and process, he said, with the ultimate goal of adding value to what the business is trying to do.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

Watts said his advice to security leaders - a term he said is more inclusive than "CISOs" - on how to achieve this goal is: "Put yourself in the business's shoes. Be curious. Listen. Learn." He said security leaders should pursue a "broadness of skills" rather than just focusing on the technology needed to add and remove security controls and meet regulations. Security leaders should be aware of costs and risks, he said - and if a business is in a situation where it needs to take on more risk, the security leader should support that.

In this video interview with Information Security Media Group, Watts also discussed:

  • How adding creative people to the security team can help connect security to the business;
  • Why security leaders need to learn the language of business;
  • The need to market cybersecurity careers to future leaders as being about more than just pen testing.

Watts (FCIIS, CITP, MBCS, CISSP & CISM) has worked in information technology for over 28 years, 17 of which have been as a security executive and CISO in a range of sectors including financial services, retail, critical national infrastructure, food and beverage, data analytics and market research. He serves as a distinguished analyst at the Information Security Forum, working with and supporting CISOs from over 420 Member organizations worldwide, and leading the forum's research and advisory track for security leadership and strategy. He also serves as a non-executive director in the education sector.

About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.