How do you lead a great security team to overall mitigate risks across the entire enterprise? To find out, we talk to Ellen Benaim, Chief Information Security Officer at Templafy. In her role, Benaim is responsible for overseeing company-wide information security and governance program and ensuring the entire organization follows necessary protocols to keep the enterprise secure. Her background includes risk management, cybersecurity and information privacy.
Security magazine: Let’s talk about leading a great security team. How do you get started?
Benaim: Having the right technical qualifications and knowledge for a security role is important - but really, anyone who is submitting for a role on a security team likely has those. So it goes beyond just looking at experience and really honing in on the character of that person - will they be a good fit with the company culture? How will they work within our team? At Templafy, we are a really collaborative team and work together often on large projects, so it’s very important that if we’re bringing on new members, they add to the supportive and motivational environment we’ve built.
Security magazine: What is the importance of emotional intelligence in security ( and security leadership)?
Benaim: Security is a concept that needs to be understood across the entire organization for it to work. So, while a potential cyberthreat can be managed from a technical perspective, it’s crucial to be able to explain it in a manner that can be understood by those without that tech background. That’s why it’s important to prioritize having emotionally intelligent teammates on the security side - there needs to be a clear bridge between the department and the rest of the enterprise, and that requires understanding how to best communicate about security across the organization. Not only will this close the understanding gap, but it will also instill the importance of security into the company culture.
Security magazine: Is encouraging diversity in hiring important?
Benaim: The mission of a security department within a company is to mitigate risks across the organization. Bringing in different perspectives, approaches and facets of intelligence - including emotional - will only help ensure that this is being monitored and safeguarded every direction.
Security magazine: Should you always look for the “perfect fit,” or rather cultivate learning opportunities once hired?
Benaim: As mentioned, experience and knowledge about security is of course important when seeking out an addition to the team, but it’s not the end all be all for evaluating their fit. Not only is it important to seek employees who will add to the sense of support on your team, but it’s also crucial to find those who are intellectually curious and will prioritize continuing their education in the space. Security tech is constantly advancing, and so are the methods of cybercriminals. As a security leader, it’s critical we understand that no prospective employee will be the perfect fit because of this evolving nature of the industry; that said, it’s also that it’s our responsibility to cultivate those learning opportunities for our team.