How to Motivate Action and Win Lasting Support for Your Latest and Future Cybersecurity Projects

By Eiwe Lingefors, Vice President of Cybersecurity, 2U Inc.

Eiwe Lingefors, Vice President of Cybersecurity, 2U Inc.

Over the past decade, the field of cybersecurity has virtually exploded into a complicated and sometimes confusing collection of disciplines and must-have solutions. As a cybersecurity leader with more than 20 years of experience leading teams, designing distributed systems, and managing data centers and cloud infrastructure, I do my best to stay on top of this rapidly changing landscape.

"When approaching your stakeholders or leadership with a new endeavor, it’s crucial to provide information and context that is meaningful and calibrated to your audience"

It can be overwhelming at times–and if it’s daunting for a practitioner in the field, imagine what it’s like for the people you need to convince that it is in their best interest to spend money on a new cybersecurity project, such as your clients, boss, or other stakeholders. This challenge is certainly not unique to cybersecurity, but it is one that continues to plague many in this field. After years of experiencing the frustration involved, I am ready to share some of the lessons I’ve learned in hopes that it also brings you success when it comes to creating buy-in among your stakeholders.

The Curse of Knowledge

When approaching your stakeholders or leadership with a new endeavor, it’s crucial to provide information and context that is meaningful and calibrated to your audience. Do the best to educate your audience so that there is a real, shared understanding of what you are asking to spend resources on.

More importantly, don’t lose sight of why you want to do it. Due to the Curse of Knowledge, it is easy to assume that the people you are communicating with already know why. Be aware of this cognitive bias and take time to start with “why” rather than focusing on the “what” or “how” of the project.

Start with “Why”

You may have heard of this concept from Simon Sinek’s Ted Talk and book: “Start with Why.” The concept is often applied to organizations, but I implore you to use it when thinking about your team and the projects on your roadmap.

In my experience, you will have better luck creating lasting support if you start with “why.” Spend more of your energy reaching a shared understanding of why you are trying to do something rather than how. Even better, if you can tie your “why” to the broader guiding principles of your team, institution, or organization, you can create lasting trust.

Fear Doesn’t Work

Resist the temptation to use fear to get a project off the ground. Sure, fear is a powerful motivator if you need to get something done exactly once. However, chances are you’re planning to work with your stakeholders again and will need their support on an ongoing basis.

To motivate action, you can manipulate or inspire. Using the threat of experiencing a breach as a motivator is a form of manipulation by fear. Instead, motivate your stakeholders into action by inspiring them through educating and selling them on your values, vision, and your “why.”

Focus on People

Lastly, remember to put people first. Make sure your team knows and believes in your “why” and your mission. Humans are innately driven by core values. Make sure you staff your team with people that believe in your mission: they are your catalysts and the educators that will teach the other people in your institution or organization about what you are trying to accomplish.

Back to Basics

With all of the previous things said, don’t lose sight of the basics. Much has been written elsewhere about getting back to basics, but it can’t be said enough. There is a vast selection of applications and service offerings out there that offer solutions for every conceivable problem. However, all of the artificial intelligence and machine learning in the world isn’t going to help if the basics are not covered.

Make sure you have foundational controls and a good patch management practice in place. Assess and be aware of your risk. Change your culture to consider cybersecurity as a top priority in every part of the organization: from the CEO to the intern. Implement and regularly test an incident response plan. Mandate the use of multi-factor authentication.

Putting It Into Practice

The next time you find yourself needing buy-in from somewhere that has been challenging in the past, use this as a guide. A change in perspective–whether it’s yours or someone else's–is a powerful tool for inspiring action.

Weekly Brief

Top 10 Security Solution Companies - 2018

Read Also

Artificial Intelligence- The Catalyst for the Most Significant Change to Education in Generations

Artificial Intelligence- The Catalyst for the Most Significant Change to Education in Generations

Dr. Clare Sullivan, Visiting Professor, Law Center, Georgetown University; and Managing Director, Cyber SMART
The Key to a Successful Strategic Technology Plan: Relationships

The Key to a Successful Strategic Technology Plan: Relationships

Camedra Jefferson, Ed.D., Director of Instructional Technology, Yes Prep Public Schools
Election Cyber Security - Considerations for Educational Institutions

Election Cyber Security - Considerations for Educational Institutions

David V Creamer, CTO-CISO, St. Petersburg College
The Ever-increasing Significance of Mobile Learning

The Ever-increasing Significance of Mobile Learning

Allen Taylor, Chief Technology Officer, Marshall University
The Emerging Landscape of AI Decision-Making

The Emerging Landscape of AI Decision-Making

Sanjiv K. Bhatia, Ph.D., Professor and Computer Science Graduate Director, University of Missouri–St. Louis
Artificial Intelligence: Wonders and Perils of XXI Century Plastics

Artificial Intelligence: Wonders and Perils of XXI Century Plastics

Eitel J. M. Lauría, PhD, Professor and Director of Graduate Programs at School of Computer Science & Mathematics, Marist College