Just in case you felt it was only you as the CISO who had an overwhelming amount of stuff to do, it’s not. This mind map on the Security Advisor Alliance site should bring that message home.
And this is the best quote:
The initial branches could also be expanded to include many other priorities for a CISO.
Yeah, no wonder you can’t see the forest for the trees. So what do you do? You could try to be Pragmatic to get things going. You need to make sure you are setting the expectations properly about what you will do – and more importantly what you won’t. Also be very candid about the resources you will need for success.
So take a look at the mind map and note the things you are doing now (perhaps not as well as you need to) and the things that have been on the list for a while, which you never seem to get to. Clear you mind and then be honest with yourself about whether your priorities are aligned to achieve successful outcomes for your organization.
If so you should feel good. For maybe 5 minutes – then get back to work. This list doesn’t get done by itself. If not, it’s probably time to blow up what you have been doing. Doing the same stuff and expecting different results is crazy. So take the opportunity to recalibrate and communicate new priorities, and start tracking them.
Yes, easier said than done. But in the face of an overwhelming number of tasks and responsibilities, you need to prioritize fiercely and make sure your limited time is spent on the stuff that matters. Starting right now…
Photo credit: “71/365 – Uh-oh” originally uploaded by Josh Connell