Adding business value. Getting a seat at the table. Running security like a business. Aligning security with the organization. These are the contents of the Holy Grail of security leadership. Everybody talks about them. Everybody wants them. But most security leaders view them as the stuff of legend – great for motivation, but unattainable in reality.
The industry as a whole has a grasp on the issues and many organizations have worked in recent years to help security leaders develop individual skills that get them closer to these goals, step by step. There is an abundance of magazine articles, certifications and seminars with that aim, and industry associations continue to partner with business schools to help security leaders better understand business. Still, few manage to capture the designations of “business enabler,” “executive influencer,” “security aligner.” What’s missing?