Presumably you’ve heard of IQ (Intelligence Quotient) and EQ (Emotional Intelligence), so let’s start a conversation about SQ (Security Intelligence). Not threat intelligence or anything like that, but rather one’s knowledge and understanding level of information security, the risks it is designed to combat, and the impact when failing to follow through.
Many information security professionals would score in a comfortable zone of SQ, but what about the business leaders in their organizations who make the ultimate decisions regarding supporting and sponsoring internal security strategies and the budgets to realize these strategies. When their SQ is low, this could inadvertently result in poor investment decisions with devastating impact.
This subject is offered as an opener for a dialogue on the topic. In your opinion, is this a real issue? Does something needs to be done to support security leaders in the trenches?
Having been a security leaders in the field, and supporting other CISOs for many years now, I for one think we as a collective community inside the ISLF could do great things by collaborating and putting together an executive educational tool kit for CISOs.
What are your thoughts?