this is the archive page

How to efficiently search for executive technical talent

Finding the right executive talent to manage a rapidly evolving technology environment is proving to be one of the most significant challenges facing the enterprise in this age of digital transformation.

The fact of the matter is, those who are qualified for senior-level IT jobs have spent the bulk of their careers overseeing the static, silo-laden infrastructure of the on-premises data center and have only recently come to grips with the scalability and availability of the cloud. In short order, however, both of these environments will become steeped in artificial intelligence, system autonomy, and a host of other technologies that will not only remake data infrastructure itself but also business processes, services, and perhaps the entire business model.

This puts the enterprise in an unstable position when it suddenly finds itself without a key player since it can leave a major gap in day-to-day operations or even bring key processes to a standstill. With the business at risk, then, the faster you can fill that job with a qualified candidate and then transfer the necessary knowledge, the faster you reduce the severity and duration of the situation.

Attributes technically-inclined executive talent should have

The problem that most organizations encounter is that the pool of candidates possessing the right experience and leadership skills is limited. Ideally, you need to find not just a good manager but a technology visionary with the following skillsets:

  • Communications. When working with non-technical executive leadership or front-line employees, the candidate must be able to translate complex technology solutions in ways that are both relatable and compelling. Likewise, they must be able to understand the needs and concerns of others as they relate to the mission of the organization.
  • Foresight. The ability to seek out mission leaders and champion new initiatives, even in the face of internal blowback, is essential. This skill must apply not only to new deployments but in supporting ongoing programs as well.
  • Deep knowledge. Tech leaders should have a broad knowledge of technologies and technology initiatives and should be fully versed in the impact they will have on legacy operations and future goals. The ability to determine risk and evaluate risk ownership is also a key attribute.
  • Leadership. Mentoring, monitoring, and managing both individuals and teams is a crucial aspect of the job. Successful project management is also required, as is longer-term strategic thinking.

Laying out the requirements for top technical talent is one thing, actually finding qualified candidates is quite another. A typical mistake is to rely on internal HR and other sources to locate and vet candidates when there are specialized consultants and staffing services that can tap a far wider range of resources to acquire senior-level candidates.

CBTS provides access to top executive talent

At CBTS, we provide quick access to top executive talent with all of the skills needed to take control of demanding technical environments. Since we are at heart a technology company, we understand the technical needs of our clients and what it takes to achieve success in an increasingly competitive landscape.

Our subject matter professionals prescreen all potential candidates to ensure they are experts in their respective fields and maintain all the necessary training and certifications. We also provide a range of staffing solutions, from temporary placements to maintain operations while permanent hires are being vetted, to the transition of the temp executive to full-time status should they turn out to be the right person for the job. Either way, the enterprise saves time and money during the appointment process and lessens the risk of a bad hire or termination.

Conclusion

Despite all of the advanced technology that has come to bear on the modern business model, the most valuable enterprise asset remains its human talent, particularly those at the top of the organizational structure. Vacancies at this level must be filled quickly but not carelessly. By turning to outside help like CBTS, organizations will find that they can satisfy both demands with a temporary hire in conjunction with a thorough, professional candidate search.

For information on how CBTS can help with your staffing needs, please visit: https://www.cbts.com/consulting-services/it-staffing-and-consulting/.

How to build a Cyber Risk Program

Digital Transformation is defined as the process of exploiting digital technologies and supporting capabilities to create a robust new business model which is led by executive management or at the board level. But is it also an opportunity to build a security strategy to align cyber risk to desired business outcomes?

According to IDC (Source – Worldwide CISO Influence Survey 2018), business leaders and CISOs view information security as vital to competitiveness of products and services while protecting the interests of their customers.

Areas an Enterprise Cyber Risk Program should cover

When an organization promises to deliver the value of digital business to customers, it’s often the case that security is not at the table when critical decisions are being made. Without security representation at the right time, organizations are exposing themselves to business critical risks that could severely damage their brand.

As organizations continue to expand their digital footprint, an Enterprise Cyber Risk Program should be an integral part of the plan and should cover the following four areas:

  • Understanding and protecting your data.
  • Securing your applications.
  • Ensuring appropriate access.
  • Identifying and responding to incidents.

Questions to consider when building an Enterprise Cyber Risk Program

Here are some questions to consider as you build your program:

  1. What is your most critical and sensitive data? Where does it reside and how should you classify and protect it?
  2. With 90% of exploits being attributed to code defects in applications, how are you securing what has become the main entry point to your environment?
  3. How do you assure that the right people and things have the right access to the right data at the right time?
  4. It’s easy to monitor for security incidents that you are looking for, but how do you detect the ones that you have missed and drive them back into your automated detection and response processes?

CBTS can help you

If you would like to discuss in more detail, please email security@cbts.com.

 

Related Articles:

The key to strong security programs

Create your data breach response plan

Three steps to enhancing security solutions

Cybersecurity Awareness Month: the Essential Security Practice

I’ve spent more than half of my 23-year IT career in security. In seeing shifts from standalone viruses to networked worms to state-sponsored attackers and ransomware, I’ve heard folks say periodically that we’re failing as an industry. “Look at all the breaches,” they say, “we’re obviously having no impact, we need to rethink everything we’re doing.”

To which I say, frankly, that view is nuts. Totally bonkers.

Effective prevention, detection and response is the goal of information security

Of course, the number of breaches we see, the volume of lost records, and the degree to which certain threat actors can act with impunity inside certain networks, is always alarming. The practitioners I know don’t see that as a hopeless situation, but instead as an opportunity to which they will rise. The fact is, we’ve had a clear positive impact. I know that, because no threat actor can do whatever they want on any network they want. Attacks are stopped every day. Breaches are detected, cleaned up, and improvements are made every week.

Think of it like law enforcement: The goal of law enforcement isn’t to stop crime, because you’ll never stop all crime. It’s not possible. It’s not even a reasonable goal that any police officer aims for. The goal is to minimize crime and allow law enforcement to protect as much as they can.

The information security industry has a similar goal: It’s not possible to guarantee an organization won’t suffer a breach. However, organizations can commit to doing their best to stop opportunistic attacks. When a breach does occur, the organization can commit to a complete and effective response.

Use October to re-commit your organization to cybersecurity awareness

I’ve been reminded recently, though, where our most challenging work will continue to reside, and that is in improving the cybersecurity awareness of the non-technical folks in our midst.

Fraud, business email compromise, and e-mail account compromise are still plaguing many organizations.

The Internet Crime Complaint Center noted recently that in the last three years we’ve seen over $26 billion dollars lost to these attacks.

Technical controls can help, but the most important step we can take is educating individuals about the types of attacks that they can expect to see and how to report them.

Our partners Proofpoint and Cofense have some great resources available to help address this threat. I know we can continue to make our organizations more secure as we work together, equipping our customers with the tools and practices to protect themselves and their assets.

Happy October, and Happy Cybersecurity Awareness Month!

 

Related Articles:

Understanding the “attacker mindset” in security

Three steps to enhancing security solutions

Create your data breach response plan