The End of Twilight

Despite how prepared we were from a cybersecurity perspective, the last few months have been exhausting. For those who suddenly shifted to fully remote work, the loss of Twilight Time – those hours where we could mentally transition between work and home life – has been stark. But in a field that would demand 24-hours of our day, cybersecurity leaders have to be as intentional and proactive about our time, as we are about security strategies.

Assume the Policy Positions

As senior members of the Executive team, CISO’s have political influence – of course collectively in our professional associations – but also across the organizations and industries where we work. We are responsible for the information assets of huge cohorts of stakeholders across industries – and have a meaningful role to play in the public discourse. If we leave advocacy primarily to our vendor / partners or “big tech”, we risk common sense safeguards becoming partisan issues.

Cybersecurity Authenticity

Security Awareness programs focus on training employees to protect corporate information and systems. We are asking staff to put on a “cybersecurity hats” at work – which we don’t care if they remove the moment the leave the office. To have real behavior change, cyber security awareness needs to be an authentic part of employee’s lives. CISO’s should be advocating “whole life” cybersecurity to really engage staff and reduce risk.