top of page

6 Ways To Lead Information Security By Example


One of the responsibilities of an information security leader is to inspire other people to do the best that they can do for the benefit of the business.


Here are seven ways of leading the information security function by example …


Get down and dirty – As an information security leader, you can’t lead from the sidelines. You need to be involved in the work and know the ins and outs of your business and the wider business. Working alongside your team helps build trust while expanding your own skills and knowledge. Working along side your peers in the wider business ensures information security aligns to the business and its objectives.


Listen to your team – With the right training, your team should be able to offer plenty of advice, from technical configuration to supporting monthly executive reporting. Listen to them and get regular feedback. When applicable, use that feedback to improve your information security services.


Watch your words – Always be mindful of what you say and who is listening. Support all team members and give individual guidance in a private setting.


Always be positive, calm and patient - Setting the example isn’t the just a means of influencing others, it’s the only way of influencing others. You need to be the person other people expect you to be. You are not going to win it in a minute – it’s a long-term project. Be patient.


Don’t micromanage – Once you’ve communicated the vision, value and goals, step back. You don’t need to control every aspect. Empower you team to take ownership, support that ownership but also give them support and direction where they need may need it.


Take responsibility for team mistakes – Good leaders take responsibility for the team, even if it was their team member who made the mistake. Call it out quickly, act rapidly to address it, ensure that similar future mistakes are engineered out where possible.


Meet your own high standards - Don’t ask a subordinate to do something you are not willing to do. If your team can’t take personal calls during business hours, you don’t take them either.

bottom of page