Q. I’ve been at a manager level for a while now and I want to get to the next level. My boss is great but she is busy and doesn’t have time to coach me. What’s my best plan of attack?
1. Act like a leader. Coaching, managing and influencing should go up, down and laterally for maximum benefit. I recently heard one of the world’s most respected security leaders explain that he was “coached up” by a respected subordinate. Your service level agreement to excel should include an agreed developmental plan. If that is not in the cards presently, look elsewhere…but don’t abandon ship without a plan.
2. Anticipate your manager’s needs and their manager’s needs in context. What is their preferred method of communication? Ask. In person, voice, e-mail and text messaging all have adherents. Most of us demonstrate a learning bias. Some are visual. Others like to listen. A few of us may still need to read and re-read for comprehension. I personally benefit from tight blended media with a bulleted executive overview. Trusted administrative support personnel and lieutenants know these preferences. Get to know them. Let them know your intention to be a better helper.
3. Support your organizational culture, values and mission...and enable them. Delivering options relevantly, within the strategic plan, differentiates highly successful leaders. Your 10K acumen should be a given in a publically traded organization. Search online for the 10K for of your favorite company if you are not in the private sector. The discussion of global risk can be a north star for aligned mitigation planning and executive leadership engagement.
4. Start with board-level risk and unified protection. When stakeholders realize you think strategically, and are collaboratively helping them to design risk mitigation for the most consequential people, process and asset risks, your value perception grows.
5. Help build cross-functional programs, not territory. Unified risk protection requires collective knowledge, resource and will. Our ability to influence peer risk mitigation groups before, during and after a critical incident is consequential to collective performance.
6. Tell, show, do, and measure. Differentiate with metrics and operational excellence. Early anomaly detection and response for evolving risk is not likely without having a data centric view of your landscape. Expectations must be shared solution providers and services. Program and personnel development investment and re-investment are unlikely without the persuasive business case or ROI story.
7. Communicate persuasively without hyperbole or exclamation marks. Share your data. Take the emotion out and build in confidence. Resist promoting a critical event to a crisis if it is not absolutely necessary. Frame your answers in the form of questions. Probe. Begin with YES and qualify responsibly. Credit and promote others whenever possible and be accountable for shortfalls.
8. Understand the duties and differences of a First Responder and a Valued Partner. Take care of yourself so that you can care for others. Develop your replacement. Mentor. Force multiply. Look for a manager that cares about you. Know your monetized net contribution and teach others how to calculate theirs.
9. Be prepared to move or accept a new assignment.
10. If you have not done so, explore your options as a Next Generation Security Leader.
11. If we can help you personally, be a squeaky wheel. If you can improve our collective thinking,contact me at: firstname.lastname@example.org
Additional Resources to Consider:
Answer provided by Francis D'Addario, Security Executive Council Emeritus Faculty member.