"Because information security is permeating organizations in different ways that were never expected, the message and the vision for information security is one that has to be conveyed," said Kushner "Not just to the parties in the know--but also to the parties who have been ambivalent and have ignored security."
And that takes someone with leadership ability, he said.
Even if you are not in a leadership role now, you can build this skill in your current position. Leadership takes many forms, said Kushner.
"You can be an early-stage person who does a bang-up job on a project. That is leadership. Rolling out a software package or tool for a compliance issue can be a chance to take the lead. Or you can be a person who has the ability to convey thought leadership to build momentum throughout the organization to build a culture of security," he advises. "Leadership is something we can't always describe, but when you see it, you recognize it."
Sign up for CIO Asia eNewsletters.