Long before I became a cybersecurity manager, I was an individual contributor. I took a lot of mental notes about what I liked and saw that it worked well for teams to thrive and thrive. I have also experienced, lived and survived more difficult situations, where a manager did not understand his team 100% and, therefore, could not inspire them, let alone overcome daily challenges.
In the years since I moved into the role of People Manager, I have been able to put into practice the lessons I have gleaned. Building a diverse security team it was very exciting and satisfying for me. I want to share what I have personally learned and tested, because security teams have an important role to play in any organization. The faster and better it is at the security team works togetherthe greater the direct impact on the ability to protect the organization.
Three management tips
Here are some things I learned:
1. Hire for diversity and quickly align with team culture and processes.
Even before a job requirement is written, managers must reach out and develop their networks in innovative ways. I have a habit of checking out different posts and people on LinkedIn and joining other platforms to connect with security professionals around the world. Initially, when I reach out, the intention is to find out about what people are passionate about and share stories and tips. Later, when an opportunity becomes available, it’s much easier to tap into the contacts and connections you’ve already established.
Building a team begins with hiring, but once the team begins working together, it’s critical to create a common language and set of expectations and processes. This way, the team can work quickly towards a common goal and avoid communication problems. Especially for heterogeneous teamswhere the goal is for each person to bring their own different experiences, unique perspectives and distinctive ways of solving problems, having common communication channels to share updates and collaborate ensures team members can spend more time doing what they love to do without worry about team dynamics.
2. Build trust for every single person on the team.
We must accept that working in security is often very stressful and demanding. Managers play an important role in helping to create trust and openness so that every single person on the team can be themselves. How can we do it?
-
Meet with team members regularly in group settings and also in one-on-one meetings. As a manager, you can openly model sharing context and knowledge. When a change occurs, be the first to update the team and share what you know about why it is happening and the desired outcome for the change. It is during times of change that anxiety may be higher than normal, and having regular points of contact and sharing information more frequently can ease the spikes.
-
During meetings, share with your team the impact of their work on the organization. Managers must be deliberate and thoughtful in sharing feedback from other organizations and leaders. Don’t assume your team knows their impact. Most of the time, team members are busy with their daily routine. Get into the habit of lifting your head and taking a moment to share and celebrate victories.
3. Help your team members build careers in cybersecurity and stay excited about innovation.
Of course, it is up to each of us to take responsibility for our own careers. As managers, we may know this well, but not all members of our team know this. Our role is to remind and encourage each of them to learn and actively pursue roles and responsibilities that will keep them excited and help them in their careers. By embracing innovation, they will grow and stay motivated. Additionally, ensure that each individual has respect, ownership, and responsibility. These are the essential elements of building trust and giving everyone the space to try new things, especially if they are out of their comfort zone.
I’m a big believer in growing leaders within organizations. If you have team members who enjoy mentoring and managing others, provide opportunities and experiences for them to try their hand at management. Once they’ve taken a few steps toward their goal, guide them and provide insights into what you’ve learned and what’s worked well for you and the teams you’ve managed.
In my experience, these guidelines work well for new, small teams, but are essential for larger teams experiencing rapid growth and change. I hope you can try some of these tips and share what has worked well for your teams with others in your network. Together, we’re improving what it means to be a cybersecurity professional who is part of amazing, diverse teams.