Journey to Cybersecurity Success with Mark Burnette

As new technologies, threats, and vulnerabilities continue to shape the security landscape, organizations need the right people leading the charge. On August 16, 2023, Mark Burnette, the Shareholder-in-Charge of LBMC’s Information Security practice and previous TedTalk presenter, shared insight into how strong leadership can shape the future of your organization's security. Here some of the top tips from this webinar:

Know the place of security

A looming problem or risk factor to a cybersecurity leader might be one small part of a CEO’s business concerns. C-suite teams and department leaders are usually balancing a number of business priorities, while cyber leaders are often laser focused on preventing and protecting against security issues. How do you ensure that leadership hears you when you’re talking about cybersecurity and that it isn’t only a consideration when it’s a pain point? Burnette recommends that security leaders make it their goal to inform and educate on how cybersecurity underpins everything and is strongly linked to an organization’s future success.

Communication needs context to succeed

What’s the best way to communicate - and get attention for - cybersecurity issues with business leadership? Context. Leaders need to understand how to align security goals with overall business goals. How will this potential security issue impact the business at large? If you can underscore business initiatives by making a case that cybersecurity helps protect all other investments of time and resources, you can position yourself and the security organization as empowering business needs with the necessary information to make informed decisions about risks. Make the link between security resilience and future business continuity through data so that the relationships between security and the rest of the organization is clear. You also need to manage down - that is to communicate effectively to the teams you lead and manage. Make sure that you can link the daily work that people do to the security goals that support business goals so that everyone can feel a sense of ownership.

Build a strong foundation

There are two main factors that Burnette says are key to success. The first is communication - specifically being able to communicate potential risks and offer strong solutions. Through consistent, proactive, and actionable insight, security leaders are able to gain a bigger seat at the C-suite decision-making table, which helps to ensure the future success of the whole business. And secondly, Burnette says business acumen is another key to successful security leadership. While the security leads may have the best perspective on the security issues, do they have a clear grasp on the business issues and priorities? Clear ties between the cybersecurity objectives and business goals will help build trust between security leadership and other organizational leads. Security leaders need to commit to understanding the roadmap of the entire organization to make their best recommendations and have the most influence. Learn more about how to develop a successful security leadership strategy by watching the whole webinar here.