William Hill CISO: Think more like a marketer

'When we're talking to the board, we are marketing our product to our customers'

Getting the board to support security initiatives is a perennial challenge, but in order to succeed, CISOs and security managers need to borrow some tricks from the marketing trade.

That's according to Killian Faughnan, the group CISO for betting company William Hill.

Speaking at London's InfoSecurity Europe convention, Faughnan highlighted the challenges that security professionals can face when obtaining buy-in, and how treating it like a marketing exercise can help overcome them.

"What we're doing when we're talking to the board is we're marketing a product to our customer," Faughnan said. "Security is our product."

Advertisement - Article continues below

He stressed that while security often things about 'the board' as a single, homogenous entity (more akin to the Borg), board members are all individuals with their own distinct attitudes and priorities. As such, he said, understanding what motivates each individual board member can be the key to getting your message across.

"Board members are people too... they're not homogenous institutions. The board isn't an individual; it's a collection of people who have different views on what success looks like. They have different goals, different ambitions [and] different objectives," he said. 

One of the common traps that security personnel fall into when selling to the board is the temptation to overcomplicate their pitches. In particular, Faughnan warned against overloading slide decks with infographics, graphs and data, stating that if there's too much concentrated information, board members often glaze over.

Advertisement
Advertisement - Article continues below

"Part of knowing your customer is that you should know they only have 15 minutes. Even if you've got a half-hour slot, by the time you get 10 to 12 minutes in, they're responding to email or doing something else, because these are busy people."

Advertisement - Article continues below

"Data has its place," he said, "but that place is mostly in your dashboards... because your job is to take that data and cut it down to something meaningful.

Faughnan's advice was to keep pitches short and sweet. He recommended picking the three most important messages you want to deliver, simplifying them as much as possible, and focusing on those. The ideal slide deck, he said, consists of one slide: a block of green, yellow or red, depending on how well the company's security posture is.

"Obviously, we're never going to get to one slide," he admitted, "but we should be aiming for it."

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/cloud/355098/ibm-dedicates-supercomputing-power-to-coronavirus-researchers
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020