Yaron Levi, CISO of Blue Cross and Blue Shield of Kansas City, knows that even “in-demand” information security professionals need a certain mindset to advance their careers.
That’s why he assembled and moderated a CISO panel on career development at SecureWorld Kansas City.
The audience in the room seemed to skew younger than a typical session on information security, but not by much.
Approaches to help your career in information security
Panelist Sara Flores, CISO at UMB Bank, says a key skill for managers, directors, and all types of leaders in cybersecurity is learning to creatively ask for buy-in and support from the business.
“If you ask once and they tell you no, then pause, and go back later to ask again. You can do this in a creative way that could make a difference.”
She often makes simple graphics, and we’re pretty sure she said one of them featured an exploding rocket. She suggests using graphics that anyone can understand to tell the story of a security challenge or solution.
Panelist Cindi Carter, who is Deputy CISO at Blue Cross and Blue Shield of Kansas City, says it is helpful to realize that you cannot be awesome at everything and you can strategize around that challenge.
“Find your wheelhouse, where you really shine, and you will do well with that. Then surround yourself with people who are strong in other areas,” Carter says. That combination of skill sets will deliver what the organization needs.
What Information Security leaders like about their careers
The panelists also spoke about why they love their roles in cybersecurity and key considerations that may help you decide if you want to turn your cybersecurity role into a cybersecurity career.
Panelist Gary Johnson, Sr. Director of Cybersecurity and IT Infrastructure at Kansas City Power & Light, says you may be in security but you’ll actually have to learn and know more about your organization than most other roles require.
“It’s one of the few spots in the business where you can be involved in almost every part of it because security is crucial in so many areas,” he says.
And Carter says you must be flexible. “Change is challenging. And security is like a moving target, so make sure you are able to deal with and work through frequent changes.”
At SecureWorld’s regional cybersecurity conferences, we continually hear about three key areas of change from InfoSec leaders: changing technology, changing security roles, and changing adversaries and attacks.
However, there is one change you may really like, if you plan to make cybersecurity a career.
The practice of cybersecurity, and the InfoSec leaders who drive it, are more prominent than ever before.
Sara Flores, CISO of UMB Bank, summed this up quite nicely toward the end of the Kansas City panel.
“We’ve become part of the value proposition for our organizations, and that is exciting.”