Ping: Jane Scott Norris

Jane Scott Norris

Future CISOs owe a debt of gratitude to people like Jane Scott Norris. Not only is this government veteran a trailblazer as the Department of State's first CISO, but longer than most, she's been outspoken on the need for security managers to learn the businesses they serve. While a technology background is vital, it's not surprising that Norris also thinks more diplomatic skills, such as marketing, speaking, writing and project management,...

are important for CISOs.

Should future CISOs be business people? IT people? Both? I think you need a mix of skills. You definitely need to understand the business you're in. I've been in IT in the state department for almost 20 years, but, having served overseas a lot, I think I understand our business fairly well. That is imperative. Do CISOs really need to learn to speak the language of business? Is that the must-have skill? You need to speak in plain English and not be wed to all those techie acronyms. You need marketing skills; you talk to a lot of people and you've got some good ideas, but if you don't have the marketing skills, you're never going to get things sold. You also have to be able to make your case quickly and easily. In my area, if you can't make your case in one page, you're never going to get in the door.

Would you suggest taking classes to hone those skills? Sure, why not? Go to Toastmasters to learn your speaking skills. So many people in our business, if they come up through the IT world, are not very good at public speaking, writing or project management. Those are skills I encourage.

@exb

More information from SearchSecurity.com

Learn about the business drivers for creating an incident response plan.

Visit our resource center for tips, news and expert advice on incident response.
@exe

How many CISOs have this mix of skills? Most of the successful ones do. Many of us were involved in Y2K, and I think that was the first time that I understood how important the business side of things was. That was my crusade-- "Hey this isn't an IT problem, it's a business problem."

Do many still work in isolation as solely an IT person? There are purists out there, and that's great. We need them. But are they going to make the next level? I don't really think so, not if you're going to be locked into that kind of thinking.

Read the complete interview at searchsecurity.com/ismag

This was first published in April 2006

Dig deeper on Security Industry Market Trends, Predictions and Forecasts

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close