A Path For Security Professionals To The C Suite

Security professionals are a smart, resilient group. Whether it is dealing with the constant barrage of threats from hackers, software vulnerabilities, privacy concerns, and compliance activities, security professionals are generally in a constant state of learning from on the job experience, technical books, journals, and conferences. However, I have often wondered how many security professionals have an opportunity to reach the C Suite. Certainly, the CISO position has increased in importance and relevance over the last several years, but I am not sure it is a path to the CEO role. There is also no generally accepted reporting structure for the CISO – is this a technical position reporting to the CIO, a financial position reporting to the CFO, or a strategic position with a line to the Board?

Part of the problem is that the security professional often speaks a language that is hard to translate into business terms. While the number and types of software vulnerabilities may be interesting to the security professional, she/he has a hard time aligning this data with an increase in top line results. Being able to articulate that data security can have a profound, positive impact on the business is hard. Certainly, most Boards today understand that bad data security practices can bankrupt a company, however they are not “on the hook” for bad quarterly results.

Additionally, successfully securing the company means that bad things are avoided or mitigated. If you are successful, nothing bad happens. If you are unsuccessful, the world crumbles. Either way, celebrating success is generally difficult or impossible based on the way most companies celebrate other business success. I think this offers an opportunity for the industry to look at a different way to manage success for the security function, but I also believe it means security professionals need to broaden their education and experience as they think about their careers.

Enter the new Penn State iMBA scholarship for IT security professionals. It is the first of its kind scholarship focused specifically for the IT security professional to help support an MBA. Prevalent and The Santa Fe Group helped to fund the scholarship which will be available starting 2018. Here is the official press release.

While the value of a business degree is sometimes questioned, my personal experience in the iMBA program at Penn State was extremely valuable. It offered me the ability to continue my education while continuing to work and ultimately start Prevalent. It also helped provide me with the tools I needed to help think differently about strategy, management, HR, accounting, and technology integration. It offers security professionals an opportunity to better manage their career path to the C suite and continue to pursue life-long learning objectives. I hope other security companies will consider donating to the scholarship and make this a very meaningful way to enhance the community.

Thanks to everyone that made this possible and please let us know if you are interested in learning more about the program!