Sure, image isn’t everything. But in security, projecting the right image helps get the job done. The article’s idea is to explore the role of appearances in security and determine how the profession needs to make itself over in order to get its message heard.<\/p>\n","protected":false},"excerpt":{"rendered":"
“There is an element of appearances to security, and I don’t mean this in an unfavorable way,” says the famously unflappable de Becker, who has guarded his image as closely as the Hollywood stars he is hired to protect. “Precautions that are expected to deter often draw some of their effectiveness from appearing to be this or that.”<\/p>\n
Once an assortment of stereotyped “geeks” and “guards” who’d been promoted up a few tax brackets, CSOs are now struggling to become—and be recognized as—businessmen and women who take a strategic view of risks across the enterprise.<\/p>\n
On the first level are CSOs themselves—you—who are learning that to be taken seriously as executives, you have to act like your peers from other parts of the business. Just look at what eBay’s Howard Schmidt, one of the country’s most prominent CISOs, has done to his look over the years.<\/p>\n
Closely tied with the CSO’s personal image is a second level: how other business executives and their staffs view the security department and its leader. Michael Assante, CSO of American Electric Power, is candid about the kind of forethought that goes into this transformation. “I knew that image was going to be an important part of being able to have success,” says Assante, who two years ago became the first person at AEP to have control over both corporate and information security.<\/p>\n
“Image is 100 percent important,” says Schneier, author of Beyond Fear and a prominent observer of the security industry’s evolution. If you don’t deal with everything around the politics and socialization, you never get to the actual security.”<\/p>\n
In other words, it’s not style over substance.<\/p>\n
http:\/\/www.csoonline.com\/read\/120104\/image_intro.html<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-70","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/70","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=70"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/70\/revisions"}],"predecessor-version":[{"id":2557,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/70\/revisions\/2557"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=70"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=70"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=70"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}