teissTalk: Testing your EQ - using emotional intelligence to retain talent and reduce cyber risk

On 26 April, teissTalk host Jenny Radcliffe was joined by Simon Goldsmith Director - Information Security, OVO as lead guest; and Rodney Julius, Chief Information Security Officer, Interpath Advisory; and Paul Baird, Chief Technical Security Officer, UK, Qualys.

Views on news

The increasing importance of emotional intelligence and other skills required to work with different stakeholders are placing new demands on CISOs. Therefore, technical-only CISOs have become a thing of the past and replaced by a role that’s explicitly relied on to address risk in a much broader, holistic way for organizations.” In the absence of opportunities to meet your colleagues face-to-face, empathising with them has become harder. Empathy is also key  for security experts to understand that not everyone in the business is as invested in cyber security as they are. EI, although mostly seen as a positive skill, can be a strategic tool for manipulation and social engineering as well. Often, the corporate culture, the environment and the language used can turn even empathic people unemphatic. As there has been no emphasis on EI up until now, security experts who have been in the field for a long time had to pick up their EI skills on the fly learning from the positive and negative examples of their bosses. In stressful situations, when we tend to forget about learnt behaviours, exercising EI will become much harder. Consequently, CISOs with higher stress tolerance are likely to be higher achievers in terms of EI. 

EI taking centre stage among CISO skills

The most widely accepted definition of EI is Daniel Goleman’s: Emotional intelligence is the area of cognitive ability that facilitates interpersonal behaviour. It takes self-awareness and self- regulation, as well as the ability to manage relationships and motivate others. What EI is certainly not about is being nice.  In Turn the ship around, L. David Marquet says, if someone as a leader retains the central control for decisions, they won’t be able to match the pace that the business is moving at and, therefore, will need to give control away. To achieve that, your teams need to be competent and have clarity regarding the objectives of the business. CISOs are in a unique position as they have touchpoints across the whole business and therefore need to have a good understanding of how the business functions. Security is now where IT was ten years ago trying to work closely, as well as align with the business. CISOs, as they have more communications with the board, increasingly double as translators.