Cybersecurity

Building the cybersecurity talent you need today to guard against tomorrow’s threats

Do you have the cybersecurity leadership you need for the future?

Every 39 seconds, a hacker attacks. And less than 40% of global organizations believe they are ready to counter these attacks. So, they continue investing in information security products and services, while they should be focusing on their people.

Almost all (95%) of cyber breaches result from human error, whether it’s losing a device, sending an email to the wrong addressee or opening a phishing email. Organizations need to shore up their human resources before adding more technological tools; what they need is cyber-ready talent.

Our cybersecurity consulting practice brings together a team of advisors who leverage their experience and expertise across information technology, national security and professional services to meet our clients’ unique cyber and information security talent needs. Our consultants understand the threats and vulnerabilities facing an interconnected global economy that’s increasingly reliant on information systems, so we’re qualified to develop strategies that enable you to counteract them.

Click to read video transcript

Transcript for cybersecurity video

Speaker: General Bill Mayville

Hello, I'm General Bill Mayville. I'm a retired Army officer and a senior advisor to Korn Ferry for leadership, technology, and cybersecurity. I want to talk to you about the importance of leadership and leader development in the cybersecurity field. I've spent a career developing and training leaders as a former commanding general, as the director for operations for the Joint Chiefs, and as the former vice commander at US Cyber Command. And I've seen firsthand the impact of good leadership on business operations. I spent a career in leveraging technology to achieve successful outcomes. But from my experience, I know that it's ultimately great leadership and not solely great tools that determines whether organizations are successful. That's particularly true for winning strategies to reduce cyber vulnerabilities and improve cyber defenses.

The greatest opportunity for growth and development among emerging cybersecurity professionals is learning how to succeed in ambiguity and when authority is blurred. At its core, cybersecurity is a conversation about risk and the consequences of getting it wrong. And it is really the mastery of soft skills and persuasion, listening, and effective communication that enable cybersecurity professionals to be effective leaders and guardians of their companies. It's hard for cybersecurity specialists to move the needle in enterprises. Cyber leaders have to be leaders everywhere. They have to be player coaches for their teams, possess strong business acumen, and understand business operations to be effective cross-functional, and they have to be board ready.

Businesses need cybersecurity professionals who are comfortable with uncertainty, who can lead balanced approaches to risk, and create teams that are solutions-oriented. The Cyber Leadership Development Program at Korn Ferry brings together high potential future CISOs from across industries for a five-month leadership development experience. Program is tailored to cyber professionals and supports participating organizations in building their pipeline of future leaders. It weaves together personal assessments, mentoring, coaching, small cohort leadership training. Participants grapple together with leadership dilemmas individually and together, and they explore how to elevate and strengthen their business impact as cyber professionals.

Leadership development for cyber professionals is important as they face unprecedented challenges in protecting the organization's brand, services, and customer trust. It's no longer enough for cyber leaders to rely solely on their technical skills. In the face of constant cyber threats, they need to possess the skills to deliver at the enterprise level as well. My view on leadership is that it's not a title or a reward, but an obligation to serve causes that are greater than oneself. And I want to see leaders in cybersecurity, where the stakes are so high, be more than just strong functional leaders, but enterprise leaders who can drive for results, who possess the skills to shape and influence, who together with their peers can keep their enterprise secure and offer solutions that make sound business sense and move the value of their organizations forward.

How we can help

We offer a suite of solutions that address the technology risk journey. Our portfolio includes a range of talent solutions that address cybersecurity concerns, from recruiting top cybersecurity leaders to developing your internal bench of talent. We also help your executives and board align their talent, organizational capabilities, and culture to defend against emerging cyber threats.

Here are some of the challenges we can help you address:

Developing leaders to drive cyber awareness and accountability

Cybersecurity strategies need to be driven from the top—starting with C-suite leaders and the board members. But high-caliber leaders are scarce and in high demand. More importantly, the role of cybersecurity is also changing—particularly at the executive level. We help you identify leaders capable of leading change in your organization. Here’s how:

  • Identify and develop the leadership traits, beyond tech savvy and problem solving, that are essential to drive change
  • Show leaders how to drive more productive cyber and technology discussions
  • Teach leaders how to lead diverse populations from across the organization on a consistent journey toward better cyber risk management

Identifying, attracting, developing and retaining core cyber talent

To address cyber threats, the right talent has become just as important as the right cyber wall. But too few companies consider whether their talent has the expertise needed to make the right decisions to protect their organization. Here’s how we help:

  • Identify the skills and character profiles of the talent you need to transform your organization
  • Give busy hiring managers the metrics and other data they need to make informed hiring decisions
  • Apply state-of-the-art people analytics to measure and assess the cyber readiness of your talent at every level

Removing key structural barriers to reduce cyber risk

Structuring an effective cyber organization requires balancing your mission and the execution of that mission. The best solution depends on your organization’s structure, culture and leadership. We develop strategies tailored to your organization that:

  • Optimize performance management and rewards systems to incentivize better cyber behaviors
  • Break down silos and create fluid teams to drive circulation of the right cyber information
  • Structure processes for a more agile response to technological disruption

Developing organization-wide cyber literacy

There’s no such thing as being 100 percent secure from cyber threats. Day-to-day business practices—for example, using cloud computing services and having interconnected devices that are part of the internet of things—are potential vulnerabilities that criminals could exploit. While firewalls and security protocols help, you need to educate your staff on the potential risks and how to mitigate them. Here’s how we can help:

  • Develop a purposeful, strategic vision to elevate organizational values and establish rules for organizational behavior
  • Create alignment among disparate teams to short-circuit the silos that contribute to cyber risk
  • Lead change management initiatives to address risk culture throughout the organization