One tip for security managers to keep teams fulfilled | Guest Cicero Chimbanda

Today on Cyber Work Hacks, my guest is Infosec Skills author and teacher Cicero Chimbanda. Chimbanda's Skills path concerns building the soft skills needed to succeed as a Cybersecurity Manager. For today’s Hack, Chimbanda tells us his best tip for Security Managers to keep their security teams fulfilled and connected. As we speak, many companies are entering their Q2, and Chimbanda has great advice for taking Q1’s successes (or not) and using the framework to reinforce the connection between the team and leadership, as well as being a conduit moving between each.

Here is some excellent advice for today's cybersecurity managers and those yet to come in today’s Cyber Work Hack.

0:00 - Succeeding as a cybersecurity manager
2:48 - One great tip for cybersecurity managers
6:14 - Implementing change as a cybersecurity manager
8:56 - Meeting calendars and managing cybersecurity roles
11:05 - Outro

– Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at infosecinstitute.com.

Chris Sienko: 

Okay, today, on Cyber Work Hacks, my guest is InfoSec skills author and teacher, cicero Chimbanda.

Chris Sienko: 

Now, cicero's skills path concerns building the soft skills needed to succeed in the role of cybersecurity manager. So for today's hack, cicero tells us his best tip for cybersecurity managers to keep their security teams fulfilled and connected. As we speak, many companies are entering their Q2 and Cicero has great advice for taking Q1 successes or not successes, and using the framework to reinforce the connection between the team and leadership and being a conduit that moves between each of them. There's some excellent advice for cybersecurity managers of today and for cybersecurity managers yet to come. So to keep it here for today's CyberWork Hack.

Chris Sienko: 

Hello and welcome to a new episode of Cyber Work Hacks. The purpose of this spinoff of our popular Cyber Work podcast is to take a single fundamental question and give you a quick, clear and actionable solution or a new insight in how to utilize InfoSec products and training to achieve your work and career goals. So for today's hack, my guest is my longtime friend and InfoSec instructor and collaborator, cicero Chimbanda. Now, cicero has been a guest on CyberWorks several times discussing his specialty, which is the soft skills needed to be an effective cybersecurity manager, so I'm hoping you can go back to our YouTube page or our podcast page and look up Cicero's past episodes, because they're all great. So today I'm going to be talking with Cicero about a series of hacks for security managers and the security managers who are yet to come. So today's hack is very straightforward, so I'm just going to get into it. So, first off, cicero, thank you for joining me today on CyberWorks Hacks.

Cicero Chimbanda: 

Thank you, Chris.

Chris Sienko: 

That's great, yeah, great, to have you back. Absolutely so, cicero, this is going to be a different kind of hack today. It's answering a single question, but it's kind of an open-ended one. So I hope you'll indulge me. Cybersecurity managers have a lot of obligations to their company. They have to keep them secure, they have to keep the methods and tech they use relevant and up-to-date and in line with budgets and, importantly, security managers need to manage their security team. So, based on your teaching and personal experience, what is your one biggest tip for security managers that they can implement immediately that will keep their security team more fulfilled, cohesive and, in general, feeling like they're a vital part of the security team and the company?

Cicero Chimbanda: 

Chris again, thank you again for having me. I think it's a great question, a key question, and I don't know when your audience will listen to this, but I will make it universal. I think, first of all, staying strategic. I think that's always key Not being lost in the weeds, but one thing that one can do right now we're ending, we've just ended Q1 and we're beginning Q2. And one of the ways to stay strategic in your role as a security manager is to always I like to call it the head and tails. You know, if you look at a coin, you got a heads and tails and it's a look in and look out. That's how I look at it. And so looking in, and Q1 just finished how I look at it. And so looking in and Q1 just finished.

Cicero Chimbanda: 

I think one thing as a manager, you want to make sure you're tracking your people's strategic projects. So how did it go the first Q quarter? Okay. Now, if you're in a different quarter, you could do the same, depending on what quarter, and just making sure that your team they're not facing any roadblocks if there's projects associated, Giving constructive feedback to your team. And I think one other thing is revisiting the training for your year. Making sure that your team has looked into what are the training courses they're going to take, what conferences they're going to go into, conferences they're going to go into if they're going to do anything this year. So making sure that your team feels like, hey, you are behind their strategic initiatives. So that's a looking in within your team, but you also want to make it relevant to the business, as you asked, and that's to look out, and that's to look out. So Q1 is finished, Q2 is about to begin.

Cicero Chimbanda: 

No-transcript embed myself into their meetings, bring a couple of my senior members with me and to communicate hey, here's what we're doing as a cybersecurity. These are big initiatives. This is how it's going. We're just finished Q1, giving them a sense of, hey, we are working on your behalf. But number two, asking the question and listening to the business units how is it going? How are we doing as a cybersecurity department or organization? Because we don't want to just be again the no department. We want to be the enablement and the secure. We want to make sure that they know we are aligning our projects to their business initiatives. So that's really a key component of what I would say one can do right now.

Chris Sienko: 

Yeah, I think that's a really great point, and especially, I think, because we don't really think about it all the time. But Q1 starts right after. You know what, for a lot of people, is kind of a holiday year reset, and you're you know the first quarter is spent. You're sort of working your way back up to it. So as you start Q2, it's important to see what was happening in this sort of odd times or whatever, and how you can be sort of this two-way conduit. You're making sure that you know your team's goals are being, you know, communicated to the leadership and leadership's goals are being communicated to the team. So I think that's a really great insight and a really great sort of focusing mechanism for you at this point in your journey. So, if any, are there any challenges in implementing a change like this? What do you think are the challenges in getting this started?

Cicero Chimbanda: 

Great, great, again, great topic. So I think the first one is there's going to be negative dynamics. You know, whenever you're asking to, you know, unravel or lift up the leafs, you're going to find something, and so negative dynamics are going to come up in your teams. There's going to be some conflict resolution. You're going to have to play that mediator in your team. So you want to get rid of all those obstacles at the beginning. Don't wait till they surface and they become a problem. So if you ask the questions, how's it going, how are things going with the teams, if there's smaller groups or project teams that are working for the first time, just asking those questions, so those dynamics will come up. Just be ready to address them. The other one is one thing that I love.

Cicero Chimbanda: 

People can get lost under specific rules as they're hitting in the ground. You know some people might overreach, they might get off of their lane, they might not be in their lane. So it's a good time to reaffirm people's roles and responsibilities. Hey, remember, yes, you're doing this, you're getting caught up on the day-to-day mundane, but remember your role is you're an administrator for this appliance. Your role is for training the users, for user awareness. Your role is. So reaffirming people's roles and responsibility can help them stay in their lane. So reaffirming people's roles and responsibility can help them stay in their lane. And then, lastly, I would just say people sometimes may be timid, may not be, may be insecure. So empowering your employees, reaffirming that you are behind them, and so those are the things that I would say. These are some obstacles that might surface as you are unraveling these questions.

Chris Sienko: 

Those are great things to watch out for. Is there a first step that you could take to make this process get underway today, after you're watching this podcast?

Cicero Chimbanda: 

Schedule the meetings Calendar.

Cicero Chimbanda: 

If you got calendary, like my good friend Chris has, you know, start putting out in your calendar when you want and you know when you want to meet with your team individually, collectively, and when you want to get on the calendars of the business units. Business units are busy, they have speakers. So I actually just did that two weeks ago and I got myself an agenda of my strategic business units. They got me lined up, they gave me the topic I'm bringing in. So just get in the calendar of your business units. They got me lined up, they gave me the topic I'm bringing in. So just get in the calendar of your business units and get your employees in your calendar.

Chris Sienko: 

Yeah, that's a great prompt, obviously. So you have a hard date in your calendar. It's time to make action there. So, as I said at the top of the episode, cicero has a learning path on InfoSec skills pertaining to security manager soft skills. So, cicero, what will Inf?

Cicero Chimbanda: 

Yeah, I'll start off with the strategic. We're talking about being strategic, so, as soft skills, we use the model which is STS, which stands for strategic security. So we want to make sure we're staying relevant with the business units and an industry focus, whatever industry health care, financial, government or even non-for-profit if you're a non-for-profit, so stay strategic. The other thing you'll learn is the T, which stands for trust. Trust is to understand the rules of the road, the course. I just finished running a half a marathon over the weekend. I like to run and thank you, and it was a course that I've run before, but they changed the course, so I needed to make sure I looked at the course before I ran. I didn't, you know, and it's the same thing in our industry, rules change. You know, the government regulatory, so we need to stay of what the rules are. And then, lastly, the S is stability the rules are. And then, lastly, the S is stability. You'll learn how to make sure your cybersecurity is aligned, to make sure your company stays stable.

Chris Sienko: 

Love it All right, that's a great summary there. So, Sushant and Banda, thank you for providing our listeners with your management and leadership insight. This is great to talk to you again. Thank you, Chris, and thank you all for watching this episode. Now, if you enjoyed this video and felt it helped you, I hope you'll share it with your colleagues and on your forums and your social media accounts, and please like, subscribe.

Chris Sienko: 

If you have a place to review, please review our show on your podcast feed or your YouTube page. Just type in Cyber Work InfoSec into any of them and we'll pop up like magic. We're actually surprisingly easy to find, despite the very universal keywords, but there's plenty more to come for learners of all levels. So if you have any topics that you want us to cover, just drop them in the comments below. But until then, I will see you next time. And for Cicero Chimbanda and I, happy learning. Hey, if you're worried about choosing the right cybersecurity career, click here to see the 12th most in-demand cybersecurity roles. I asked experts working in the field how to get hired and how to do the work of these security roles so you can choose your study with confidence. I'll see you there.

How does your salary stack up?

Ever wonder how much a career in cybersecurity pays? We crunched the numbers for the most popular roles and certifications. Download the 2024 Cybersecurity Salary Guide to learn more.

placeholder

Weekly career advice

Learn how to break into cybersecurity, build new skills and move up the career ladder. Each week on the Cyber Work Podcast, host Chris Sienko sits down with thought leaders from Booz Allen Hamilton, CompTIA, Google, IBM, Veracode and others to discuss the latest cybersecurity workforce trends.

placeholder

Q&As with industry pros

Have a question about your cybersecurity career? Join our special Cyber Work Live episodes for a Q&A with industry leaders. Get your career questions answered, connect with other industry professionals and take your career to the next level.

placeholder

Level up your skills

Hack your way to success with career tips from cybersecurity experts. Get concise, actionable advice in each episode — from acing your first certification exam to building a world-class enterprise cybersecurity culture.