Subscribe
Subscribe
A Successful Security Strategy Is All About Relationships. Here’s How to Build Them.
Security efforts are not limited to security teams. High impact strategies need to engage everyone from employees to the board of execs, DevOps teams and IT. Learn how how to become not just an effective partner but a trusted advisor across an organization.
https://www.humanlayersecurity.com/blog/relationship-framework-for-security-leaders/
Your Legacy Phishing Solution Isn’t Enough to Protect Your Organization
CISO Josh Yavor explains why legacy phishing solutions aren't effective in preventing successful attacks, and what you can do about it.
https://www.humanlayersecurity.com/blog/human-layer-security-vs-legacy-solutions/
9 Things I’ve Learned Writing Phishing Emails
Ethical hacker, Craig Hays, explains why copywriting, timing, and context are all essential "ingredients" in crafting a phishing attack.
https://www.humanlayersecurity.com/blog/9-things-i-learned-writing-phishing-emails/
Employee Burnout Will Probably Cause Your Next Data Breach
Understanding how stress impacts cybersecurity behaviors could significantly reduce the chances of people’s mistakes compromising company’s security.
https://www.humanlayersecurity.com/blog/employee-burnout-causes-breaches/
Stateful Machine Learning is Our Best (And Only) Bet
Traditional machine learning methods that are used to detect threats at the machine layer aren’t equipped to account for the complexities of human relationships and behaviors across businesses over time. There is no concept of “state” — the additional variable that makes human-layer security problems so complex.
https://www.humanlayersecurity.com/blog/stateful-machine-learning/
How Easy Is It to Phish?
You don't have to be tech savvy to become a "hacker". This blog outlines how to create a phishing campaign, and was designed to help security leaders protect their organizations.
https://www.humanlayersecurity.com/blog/how-to-create-a-phishing-campaign/

Read More

Explore Human Layer Security.

Learn About Our Mission
Subscribe to our newsletter
Explore Me
Read More
Blog Blog

A Successful Security Strategy Is All About Relationships. Here’s How to Build Them.

Josh Yavor
09.22.2021
Share

Illustration by Calum Heath

The role of the CISO and other security professionals has changed. Instead of focusing purely on IT and infrastructure, security leaders are now responsible for communicating risk, enabling individuals and teams, and influencing change at all levels of the organization.

But, that’s easier said than done…especially when research shows less than 50% of employees (including executives) can identify their CISO.

The key? Building relationships with the right people.

We have a framework that can help you not just build the right relationships, but also support your overall communication strategy. Introducing Relationship 15.

What is the Relationship 15 Framework?

The Relationship 15 Framework is a personal development tool that helps you map the core strategic relationships you need to forge and foster to be successful.

How can this framework help security leaders?

As we’ve said, the role of the CISO has evolved. But, in many organizations, they still don’t have a seat at the table.

The question is: who can help get you there? Who can help boost your credibility, bolster your influence, and support your key initiatives?

To name a few…CEOs, GCs, CFOs, and the board. The list goes on. But credibility, influence, and support have to be earned, and you have to leverage people outside of your cybersecurity bubble.

Patricia Patton – the former Global Head of Professional Development at Barclays and Executive Coach at LinkedIn – has decades of experience helping business leaders and politicians forge better relationships.

To her, it’s easy to see why CISOs and other leaders in the industry would leverage a framework like Relationship 15.

“This framework gives you the opportunity to be intentional about the relationships you want to build and be proactive in making connections versus repairing broken relationships. This helps build trust, which is essential for security leaders who absolutely must build trust with the rest of the business,” she said.

3 steps to map out your Relationship 15

  1. Look inwards. Think about your role, your strengths and weaknesses, and the businesses’ objectives. Before you move on to step two, pause and embrace the notion that relationships really matter. The goal of this exercise isn’t to build perfect relationships overnight, but to help you align, influence, and succeed in partnership with others.
  2. Identify 15 people who you need to cultivate relationships with to succeed.  Remember, though, that “success” is multi-faceted. There are people who will help you succeed, people who will help your team succeed, and people who will help the business succeed. We recommend choosing five people for each of these three categories (hence the name Relationship 15!).  Note: these people shouldn’t be limited to your department, your sphere of influence, or even your organization. And, don’t forget to include your peers and mentors.
  3. Create a plan to build these relationships. Scheduling regular catch-ups and creating seamless feedback loops will both help, but you have to be intentional. These relationships aren’t purely transactional and it’s not all about you. Both parties need to show up, demonstrate their value, share their expertise, listen to understand, and respond empathetically. Top tip: Consider your own communication style and take the time to understand everyone else’s. This free assessment is a good place to start.
Share this Article

Who’s in your Relationship 15?

At Tessian Human Layer Security Summit on March 3, an incredible panel of women discussed Relationship 15 in depth. We asked who they’d include in their security taskforce to help influence change, reduce their organization’s risk, and drive business objectives.

Here’s what they had to say.

Gaynor Rich, Global Director of Cybersecurity Strategy and Transformation at Unilever

  1. Data Privacy Officer(s)
  2. Chief Compliance Officer(s)
  3. Audit and Risk Manager(s)
  4. The Board
  5. Executives and key stakeholders within Unilever’s supply chain
  6. Other men and women in similar roles

Annick O’Brien, Data Protection Officer and Cyber Risk Officer

  1. Chief Information Security Officer
  2. Heads of Departments across the organization
  3. HR Director(s)
  4. Internal communications team(s)

Now, It’s you (and your teams!) turn…

Who within and outside of your organization can you build a relationship with to ensure:

  • You succeed
  • Your team succeeds
  • The business succeeds

Carve out some time to fill out the Relationship 15 Framework template and start sketching out a roadmap to strengthen your connective tissue with each person.

Think about the impact. If your team of 5 each identifies 15 people, you’ll have a network of 75 people to learn from and lean on.

Have you found this useful? If so, share your Relationship 15 with us on LinkedIn and make sure to pass on the template to your peers.

Josh Yavor

Chief Information Security Officer, Tessian
Josh is CISO at Tessian, leading information security, threat intelligence, and security research. Most recently he served as CISO for Cisco Secure and led cloud security for Duo Security, with earlier stops at Facebook, Oculus, and iSEC Partners. Josh is an aspiring woodworker and recovering middle school teacher.

Related Content