As the government pay gap grows larger with the private sector, where will the next generation of government cybersecurity leadership come from? What's the best background to enable success? Who should consider government cybersecurity roles? The public and private sectors are battling a growing list of global cyberthreats. With more data breaches, cyberattacks targeting critical infrastructure and new Internet of Things vulnerabilities, the competition for competent cybersecurity increases.
As we get set for another NCAA Men's Division I Basketball Championship game tomorrow night, there are many media stories about the different approaches taken by college sports leadership to achieve their program goals. What is clear is that the chemistry of these winning basketball teams starts with the coaching staff. Further, the tone and vision starts with the head coach.
There are numerous examples of top coaches that build winning programs and traditions. Now the reality, the best college basketball coaches are also expensive.
And when it comes to hot careers in technology fields, there is no role in greater demand right now than security executives with winning track records. Whether discussing a Chief Information Security Officer (CISO), or Chief Security Officer (CSO) or Director of IT Security, the best talent has become much more expensive over the past few years – with total pay package gaps widening even further between the public and private sectors.
Cyber-Leadership Strategies Seen
What’s being done in the public sector to address these problems? I have seen various cybersecurity strategies taken by governments; some are more successful than others. Here are a few winners and losers. First, the bad ideas. ...
Don’t Do This – You Will Fail Eventually
Moral of the story: Hire someone who is qualified and passionate about security – even if they need to grow into their new role at first.
Winners - Do This to Help Succeed
Getting Personal: Steps You Can Take Toward a Government Security Leadership Role
Given the title of this blog, I know that some readers are likely aspiring cybersecurity leaders in government. I’m especially glad you’re reading this.
Let me start this section by saying that not everyone has what it takes to be a government cyber leader who is successful. And yet, just as Tom Izzo, the well known basketball head coach at Michigan State was once on the hot seat and is now heading into the NCAA Hall of Fame, so many unknown security and technology professionals persevere through adversity to become successful executive government leaders who make a positive difference for society.
First, it takes the right training to become a security professional. While degrees and certifications don’t necessarily ensure you will excel as a security professional, they certainly help. I also find that technology pros who have a good experience running enterprise infrastructure within government often make excellent security leaders – if they have a passion and an “eye of the tiger” for cybersecurity.
Second, an understanding of technology processes, procedures and how government actually works (behind the scenes) is a huge asset. For example, hands-on experience with emergency management can help security leaders in table-top exercises, incident management and a long list of budgeting areas.
Third, I encourage young security pros to join a good government security team that will help them develop their skills and experience. Government jobs offer diverse opportunities that are generally not available in the private sector until much later in your career. Besides the service to the community, the breadth and depth of challenges and opportunities to grow are truly unequaled – if you find a boss who believes and invests in you.
Fourth, find a helpful mentor. Read this article for more details on this essential topic.
Fifth, when you do enter the security leadership ranks as a manager or supervisor or other new supervisory role, learn from the mistakes of others.
A few times a year, I think back and thank God for my years in Michigan government security and technology leadership. I ponder various career decisions I made along the way, such as the decision to stay in government and not jump to the private sector in 2011 for a variety of personal and professional reasons. Here’s what I wrote at that time:
“My main reasons for staying in government include a new Governor who is serious (and passionate) about cybersecurity, a desire to limit travel, a real chance to make a positive difference and reinvent cyber in Michigan government (again), opportunity to work with DHS and other top global leaders in cyber, difficulty in moving (houses aren’t selling in Michigan), our local extended family that is a great support for me, my wife and kids, a helpful, challenging church community that is hard to find and ‘the government need’ is great.”
I have no regrets about that decision, despite far less pay. In fact, I wrote these seven reasons to consider taking a government cyber job three years later.
Bottom line, don’t just look at your immediate paycheck. Treat your career the same way as your wise investments. Invest in continuing education for life. Build skills that will last.
And reach for the stars!
Could you be the next Alex Rogan? (Watch this ...)