98b Constitution Street, Leith, Edinburgh, EH6 6AW


Joanna Goddard, commercial growth strategist, is a highly respected business consultant based in the UK

CISO Secrets – Mastering The Art of Security Transformation with colleagues who don’t understand it

There’s a head banging CISO epidemic, and I believe I can help >_

CISO’s everywhere are increasingly banging their heads off virtual walls and as a result CISO turnover is rapidly hitting an epidemic.  In 2019 Www.govtech.com reported that 46% of IT pros who wanted to leave their jobs do so because of an absence of IT security prioritisation from executives or upper management. In 2023 the challenges have simply increased, as reported by ETCIO.

In summary, CISOs have quite a fight,” says Agnidipta Sarkar, Group CISO ..

Read more at:

For the organisations at large this ironically heightens the security risk level as change and vacancies cause instability in people and process. For the CISO’s themselves the rise in career fallout and mental health issues is fast diminishing the reward stakes of what was once providing the lure of high salary and gurus status pull power.

For business development and commercial growth this is a disaster!

What is the root cause?

The root cause is that the rapid evolution of digital threat, pigoened wholed as IT Security and Cyber Security, is masking the required need for a balanced risk mitigation approach. An approach which includes people and process as well as tech in equal measure. It requires more than just the CISO to take the reins of change.

Data is the new oil – it’s helping but it’s not enough

A few years ago the phrase ‘data is the new oil’ was coined, and momentum gathered that security needed more than tech. CISO’s welcomed the wave of new interest and media coverage as it helped support their internal battles for understanding. Yet, it still wasn’t enough for broader board room adoption. Understanding remained a barrier. 

Real World Security in a digital era – the challenge is on

For effective Real World Security in a digital era, people and process must align and work in tandem if any organisation is to mitigate security risk.

The dance of digital transformation has laid the path

Penetrating board rooms, required an ability to translate deep technical knowledge into business plans and risk mitigation as it is understood in arenas such as health and safety and diversity. Finding translators has become a bold and brave new approach for tech companies which few have yet to adopt. This however, is how I ended up as a ‘Woman in Cyber’, IT Security, the Dark Web and the oilfield that is data. A woman who came from a world of Lawyers, Accountants and Stand Up Comics. The link? Since 2010, having worked with the upmost discretion I have worked my own undercover operation across numerous company board members, Partners and Trustees. Taking commercial plans and new waves of learning such as digital marketing, and translating the need to know, the risk and opportunity in commercial terms and cracking the code of understanding to enable growth. 

The era of security transformation is underway

When I began my Security career chapter in 2018, I focused on the board room education, opening the door of broad understanding and coaching the techies in the art of jargon free consultation. The result has been an astonishing rush of appetite for more. With workshops for the IOD across the UK and private sessions with business leaders to provide them with a structured to approach influencing their peers to move security up the board room agenda. 

The CISO surprise

It is however, my new circle of friendship with CISO’s that has taken me by surprise. Learning quickly how trapped many are feeling with the weight of the security world on their shoulders, and yet only part of the remit and tools to do the job. The fact is, Real World Security requires business leaders across all aspects of the business, it requires people and process, boards and business leaders engaged. There is no ‘compliance’ goal with a game over point to be reached. Real World Security requires a security transformation process that is regularly revisited and developed to ensure resilience and growth plans are aligned with risk and protection. With IOT and AI sweeping agendas for operational efficiencies and Marketing data mining, the time is now to get Security Transformation structured within your business. If you aren’t adopting such new technology and coupling it with governance and risk management, you can be assured your supply chain is. This in turn is demanding a whole new skills set for CISO’s. How to translate, how to influence, how to measure ‘no tech impact’ and return on investment. The list is evolving. It’s one I’m passionate about supporting and welcome more engagement. 

‘Shall we play a game?’

CISO’s secrets – you’re invited

The art of security transformation is the new secret weapon to success. So before you hit search on the vacancies bulletin board out of frustration with your leadership teams, join me. Let’s play a little game changing together. [‘Shall we play a game?’ See techies, I’m learning!]

Join me to explore and share tips on effective game changing engagement amongst your non technical business colleagues. CISO Secrets is especially tailored for CISO’s, CTO’s, CIO’s and IT Directors. If your remit falls across any of the roles and you find yourself heading toward that brick wall, please connect with me. I can teach you nothing about tech or security, but how to educate and influence others to get it, that I can. I do however collaborate with some of the country’s leading security and IT specialists so when we need to talk tech in the process we can with the help of my colleagues.

CISO Secrets is a private network for individuals within a variety of tech and information security roles that face the challenge of influencing organisational leaders that have little understanding of the security world. Mastering the art of security transformation. Including but not exclusive to CISO, CTO, ITD, CIO

Join The CISO Secrets Linekdin Group or connect with me if you'd like to register your interest https://www.linkedin.com/groups/12295343/

Join The CISO Secrets LinkedIn Group https://www.linkedin.com/groups/12295343/