"Is that Charlie?" booms a voice. "It's been years. Man, great to see you!"
If you travel with Charlie (not his real name or details), that greeting echoes out from every level of the working world: executives, managers, security guards, gardeners and frontline workers.
Before settling on a career in the information security team, Charlie worked at a variety of positions in the company because he found them interesting. Now he's the most respected security architect in the organization --when someone has a question, a challenge or concern, they reach out to Charlie. His security team does the same.
Charlie has a deep understanding of the business (better at times than the business's own understanding), plus he knows all about the company's technology and security. Almost instinctively, he assesses the impact and potential impact that security decisions have on the people he has served with, people who still seek him out. His insights bring people together and steer them to choose and implement solutions that increase security, reduce risk and are embraced by the business.
At the pinnacle of a successful security career, Charlie is the embodiment of a simple proverb:"Dont judge a man until you've walked a mile in his shoes."
Charlie climbed physical ladders, pulled cable, turned switches and dials and gained a firsthand understanding of the company in a way that few others have. Even people with comparable tenure lack the depth of knowledge he has gained and the strength of relationships he has built.
Charlie is an outlier in security today. Trained as an engineer, he took the path of meeting and working with others; he learned the language and embraced the norms. More than just fitting in, Charlie belongs.
For most security professionals, the demands and pace of change, the complexity, and the universal time crunch often lead to tunnel vision with a hyper-focus on implementing and using controls to reduce risk. The current environment makes it too easy to ignore the valid and important perspectives of others in favor of just getting the job done.
A checking-the-box approach seldom increases security or reduces risk. Worse, it harms otherwise impressive security careers.
By forgetting about the people we serve, or simply not taking the time to understand them, we rush to judgment about their capabilities, which leads to frustration, anger and sometimes miscommunication that damages credibility and shortens careers.
To build a better approach for a strong and lasting security career, simply change your shoes.
Seeing the situation from another perspective is the best way to learn. Here are three ways, both formal and informal, to try on a different pair of shoes:
Start a job rotation: Engage in a formal policy of learning and working in different jobs. This is a great way to learn how the business of the company works.
Sign up for CIO Asia eNewsletters.