Opposites Distract: Successfully Confronting the IT / C-Suite Struggle | Zinc [Insurance]
  • Broadview Heights Ohio
  • Thursday, May 6, 2021
  • 36°F

Opposites Distract: Successfully Confronting the IT / C-Suite Struggle

For today's business, things have reached critical mass. Not only are we seeing data breaches at every turn, but we're also finding fractured camps at their root—'civil war' within an already raging 'cyber war.' If this sounds familiar, take heart—big problems, both real and perceived, can be worked through and neutralized. It comes down to communication, to going beyond department lines, and focusing on common goals. After all, we're talking about the success not just of a company, but of each and every member.

"It's actually a lot easier to achieve an objective when you're heading in the same direction." —Jeffrey Evans, head of global digital marketing, American Express

Hung Up on Tech-nicalities

All too often, an insular approach within departments is the fault line that can lead to large scale rifts. In fact, out of the 24,000+ IT and business professionals surveyed in Tripwire and Ponemon's 2013 study:

  • 64% of IT employees either don't communicate security risks with senior executives, or do so only when a serious security risk is uncovered
  • 47% say that collaboration between IT and the C-suite is poor, nonexistent or adversarial

Worse still, for those who were proactive in sharing information:

  • 61% say that communication occurs at too low a level for it to make an impact
  • 59% lament that negative facts are filtered out before news reaches senior executives and the CEO

Obvious problems—So what's the root cause? A majority of respondents say that "the information is too technical to be understood by non-technical management." A 2014 Websense / Ponemon study produced similar sentiments, with 48% of surveyed IT professionals listing executives' "sub-par understanding of security issues" as a major communication killer. This is starting to look like a blame game. So just what is expected of both IT and the C-suite if they hope to prevail?

IT's Personable Business

Let's start by admitting that IT professionals, whatever their position, often feel tragically misunderstood. And at times, worse than that—ignored and under-appreciated. Now, while the communication gap is totally understandable, things don't have to be this way. And thankfully, these "opposites" aren't doomed to forever be at odds; though it will take efforts on both sides of the field. First, let's focus on actionable tips that IT folks can use to break down the divide:

  • Do no harm.
    Waiting to disclose critical security pitfalls is not just dangerous, it threatens the company's reputation and bottom line. Early analytics, pinpoint diagnoses and clear explanation can go far to win the C-suite's support.
  • Find the baseline.
    Learn what keeps decision makers up at night, and tailor your plea for pumped up security around what matters most—hit home. Help the C-suite to recognize how heavily they rely on the company's technology: e.g. reports, email and client data.
  • Drop the fancy talk.
    Jargon and highfalutin techie-speak has no place in a business meeting. Instead, communicate in readily understandable terms—the language of motivation. Demonstrate that you're more than a tech expert, you're a shrewd business professional.
  • Get inventive.
    To avoid miscommunication, work with management to create a cross-department cyber "risk language." This technique can be a powerful tool to fight intelligently in today's 'cyber war.'
  • Be real.
    Your goal is to motivate listeners to action, so relatability is huge. And by not assuming off-putting airs, you can really get to the heart of the matter, and of your audience.
  • Know your 'frenemies'.
    Department heads and managerial staff are NOT your enemies—You're all in this together, remember? True, management and the C-suite will have varied security priorities, so speak to these differences, and groom your team to specialize in cross-departmental learning.
  • Make it practical.
    So you have a great persona, and you tell the matter like it is, but when it comes to cost projections and budgeting needs, nebulous talk will undo all the good—and fast. Instead, clearly show how your ideas will affect the company's pockets—both the bottom line, and protection against loss.
"Smart CIOs bring a high level of business acumen to the table and understand that investments in technology must be grounded in a clear explanation of the business value they will deliver." —David Axson, managing director, Accenture Strategy, Finance and Enterprise Performance

It could be easy to be caught up in the "no cost is too much for security" argument. And theoretically, you'd be right. But by putting essential system updates in business terms, you're appealing to the broader needs of the company, and to the baseline of the group that you're hoping will jump on board. That's not selling out, it's actually a really smart move. Because the endgame is the same, regardless of where you sit: Stabilize, secure, and safeguard—from trade secrets and company reputation, to precious client data.

Decision Maker's Mark

Thankfully, timing is prime for both sides to reach out. Media exposés have made us hyperaware of cyber threats, and we're seeing a natural shift among decision makers to view IT maintenance and implementation as an under-tapped source of protection and innovation. And research is bearing this out. A Raytheon / Ponemon survey conducted among IT professionals in various pockets of the globe found growing cyber security awareness among the C-suite to be a "megatrend" for 2015. Reaching through the next three years, "advanced training, more attention from senior leaders and maturing technologies" are positive changes that will effect heightened cyber security readiness. Another happy stat: 64% of surveyed IT leaders see the next three years bringing across-the-board improvements to organizational security. Now that's a feeling to build on. Two birds, one stone, big win for both sides.

So while IT professionals are building bridges to reach middle ground, how can you, as a company decision maker, work toward collective success? Here are some specifics:

  • Dig deep.
    Ask yourself: 'Do I really understand the top cyber threats facing my business, and the risks involved? Do I view technology updates as investments in the business?' Honest answers could betray an opportunity to build knowledge.
  • Step up.
    Data breach hype has shifted attention and responsibility. This is big time, and as a decision maker, you're sitting squarely in the middle of the fray—so own your role, and take pride in doing it right.
  • Be intentional.
    Effective communication is already key to your position, so keep a good thing going and deliberately express your confidence in IT staff. And if you miss the mark? Do damage control. Stay in touch, be aware, and you'll keep the lines open.
  • Lead the pack.
    Leading others is what you do. And in this cyber war we're all fighting, it's your example that can reshape company culture to be more responsive to IT suggestions and cyber threats.
  • Share the load.
    Cyber criminals are hoping—and betting—that communication is compromised, defenses are down. Prove them wrong! Building—and training—an interdepartmental team of representatives to detect and communicate sector-specific cyber risks will raise colleagues to the challenge.

While no one's looking for you to be an IT expert, all eyes will be looking at your attitude toward IT matters. Because like it or not, 'trickle-down' happens. And in the ever shifting tide of cyber responsibility, how you handle company security will make a statement, and set the tone for management and staff. But here's the plus—you're no stranger to responsibility. In fact, you rock it, each and every day. So embrace the fact that your company's reputation and ultimate success have a lot to do with how seriously you take IT suggestions. And allow that reality to educate and inform your decisions.

"The best way to avoid miscommunication is to over communicate - early and often." —Tim Ritters, CFO, PureStorage

Re-Viewing Our Focus

Deep breath, we can do this. Because at the end of the day, it isn't about who flexed their muscles more successfully, but how departments came together as a team to combat a common foe. And underneath all the apparent frustration, the truth is that both executives and IT experts are fundamentally interested in what's best for the company.

So whether ours is a business- or tech-centric lens, let's shake things up with a healthy paradigm shift. And as we try to work out our biases and blind spots, we'll come to realize that each others' attempts to better the company are both viable, and valuable. Let's embrace the differences that support a dynamic business, and keep in mind that, while we may be working from different angles, it's all toward the same goal: Protection.

You can share this post!

Renters 101: Back-to-College Insurance Basics

Vicarious Liability

Terms & Conditions

These Terms & Conditions govern your use of this website; your use of this website indicates your acceptance of these Terms & Conditions in full.

Kindly note that the information and content provided on this website does not constitute professional advice. Although we do our best to keep everything on this site correct and up-to-date, we do not guarantee the completeness or accuracy of any information provided on this website. Improvements and/or changes in the products, services and/or programs described on this website may be made at any time without notice. We must also advise that hypertext links to other websites do not constitute an endorsement, nor do we guarantee any information provided by those sites.

While we do love when users share what they find on our website, it may be used or shared only for personal purposes. The information and content provided on this website is owned or licensed by Zinc, and should not be used or disseminated for any profit or gain.

While using this website, please be aware that no insurance coverages can be bound and no amendments, supplements, or modifications can be added to your policy, new or existing, unless and until you have received a written binder from us or your insurance company.

For users outside of the US: We make no claims that the content on this web site is appropriate or may be downloaded outside of the United States. If you access the site from outside the United States, you do so at your own risk and are responsible for compliance with the laws of your jurisdiction.

Even though we work hard to ensure the security and safety of our website and its users, we cannot and do not guarantee that this website will operate error-free, nor that this website and its server are without computer viruses or other harmful material. If your use of this website or material from it results in any costs or expenses, we will not be responsible for those costs or expenses. This website and its materials are provided without any warranties of any kind, to the fullest extent permitted by law.

Please bear in mind that we will not be liable for any losses or damages arising under these Terms & Conditions or in connection with this website, whether arising in tort, contract, or otherwise – including, without limitation, any loss of profit, contracts, business, goodwill, data, income, revenue or anticipated savings.

Finally, if for any reason any portion or provision of these Terms & Conditions is ruled to be unenforceable, that provision will be enforced to the maximum extent permissible so as to affect the intent of the Terms & Conditions, and the remainder of the Terms & Conditions will continue in full force and effect.

Request a Quote

Uh oh! Something seems to be amiss. Please check your entries and try again.

Transmission Received

Thanks for getting in touch! You'll receive a confirmation email shortly.