Blog

The HuntBi Mastermind, Communities of Excellence, is a group of professionals just like you who are ready to start measuring and tracking their own improvement as security and technology leaders. I am passionate about helping IT and physical security and cybersecurity leaders to become better versions of themselves, and help them to turn their operations into a well-oiled machine, always audit-ready.

Communities of Excellence is new. It is envisioned to fuse IT and security with performance excellence in the field. I am proud to be spearheading the advancement of the Communities to make more resilient leaders and more resilient organizations.

Learning within the Communities of Excellence is continuous, in small or large doses, as you like. The learning is almost entirely online and asynchronous. Meaning, growth happens at everyone’s own pace, while still being part of an active and interactive community of peers. Here’s how it works.

Grow skills continually with instruction and guidance of esteemed faculty including luminary CSOs, Executive Coaches, Life Strategy Coaches, Professors of Management, and more. Every month there is more content available to the community members, and every day that they log in, they collaborate and share ideas freely with the community.

The large community is broken into smaller Birds of a Feather groups. For example, there’s one for young leaders, called Innovators. There’s another one for mid-career professionals, called Diplomats, turning experience into statesmanship. (If you are my age and want to turn your next decade into your best decade, you can up your game in this group.) And one for up-and-coming CIOs called Maze Runners. Make your own. We can have these groups for every industry or niche. No limit.

Is this feeling good? Do you see how leadership training merged with security management best practices could benefit yourself and your team?

A Community of Excellence is kind of like an ISAC, an Information Sharing and Analysis Center… but for leadership. Instead of the FS-ISAC, or the HealthCare-ISAC, this is the Leadership-and-Employee-Engagement-ISAC.

Have you ever sent valuable employees – our have you yourself attended — a five-day seminar somewhere where everyone drinks through a firehose and retains little if anything once they return to the backlog of work on their desk. No, you already know that real learning and real improvement come from consistency, absorbing bits at a time, and practicing what you learn with feedback from mentors and peers.

Therefore, I urge you to join me today in the Communities of Excellence, and start a process of continuous learning and continuous improvement of every aspect of your security and IT operations with the help of experienced mentors and your peers.

Ask us how to join!

The path from security director to respected executive is perilous. Some never make it. However, any manager who demonstrates consistent cleverness and understanding of the business, will generally grow in rank and influence. There are many ways to show this savvy. Some security professionals are adept at law enforcement and investigations; others are more political, with relationships among executives; some have excellent presentation skills.

In my 30 years in the security industry, with the last 15 focused on mentoring security and technology leaders, I’ve found that savvy has a practical application. The security manager with the most well-run business unit usually has the most influence.

These 5 “savvy” skills are the building blocks to executive leadership, but don’t come naturally to most people. In fact, business schools don’t explicitly teach them. Neither do security training courses. They are skills developed by trial and error by the greatest leaders and summarized and organized for security leaders here.

Skill 1 Set Clear Positive Goals

You’ve heard it I’m sure. You ask a security professional to explain the value of security, and they’ll often say something like, “Well, just think of all the bad things that would happen if we didn’t do it.” It comes with the profession, this idea that security is about keeping bad things from happening. Trouble is, if that’s the main metric, success cannot be measured.

In security, positive goals are valuable tools in the leader’s toolbox for creating an excellent security operation and for being recognized as a leader. Your peers in the security profession don’t usually set positive goals. Most prefer negative goals. “We need to have fewer breaches, no PII (personally identifiable information) lost, lower costs, no bad press about security,” etc.

Positive goals take you forward. Higher. When senior executives and board members ask you about your goals, be sure you tell them goals that make the business better, more agile, or stronger, such as measurably improved response times, happier employees, or passed audits.

The very best and most resilient companies boast goals like: Be “Always Audit-Ready”

I believe this one goal, in particular, is one of the best a security leader can have. Being continually ready for any audit or assessment means you are proud of your operation and ready for scrutiny. And since audits are snapshots of a moment in time and are usually out-of-date the next day, having an “always audit-ready” stance means your operation is continually adapting, continually learning, continually improving.

Perhaps you are wondering why I don’t suggest a goal such as “Be always security-incident-ready.” Two reasons. A security incident is a type of audit. A test of the quality of your operation. So is every inquiry by an internal or external assessor. So, Audit seems to be the better word. Second, the four fundamental categories of security (see Comments below include one that answers the important questions of “What’s happening?” and “Is it working?” Therefore, Audit again seems to be the best word. But what do you think?

Steve Hunt helps security professionals like you to excel on the path to growth and improvement