Blog: Kevin Henry - 5 tips for the CISO managing a virtual workforce

Meet Kevin Henry:

Your instructor has probably taught more IT-Security students than anyone else in the world and helped thousands of people prepare for the examination. As the former co-chair of the ISC2 CISSP CBK, he will provide you with valuable insight into the do's and don'ts of Security training and provide tips on how to plan your training roadmap. 

Learn more about Kevin here

The Virtual Workforce

The virtual workforce is here – something we have discussed for many years and something that some companies have tried – but now it is forced on us. Whether it is good or bad is immaterial – it is a fact of life for the next time period at least.

So how does a CISO manage a virtual workforce?

A team that cannot be as closely monitored or controlled as a staff that sits in the office. First of all, working from home is easier for some people than for others. Some people work well in isolation, they find it better in order to focus in a distraction-free environment.

Some people have good routine and discipline and they can manage their time and productivity easily. But others are lost without the interaction (and support) from their co-workers. It may be hard for them to get motivated and there are plenty of distractions that can draw them off. 

I was in a virtual meeting last week and one of the parents was drawn away by a two year old that needed attention and was glad to be able to reach out to their parent when needed. Another person in the meeting experienced power and communications loss several times due to the overloading of infrastructure. 

We all have to be understanding in this time. We should encourage routine and structure. Scheduling regular Virtual meetings first thing in the morning can be good to have people start their day off – after all we all know that getting started can be the hardest challenge of each new day! Maybe we need some music to start the brain and lighten the spirits!

What about security?

Security is another challenge. Now we have many people working from home that are accessing sensitive data. There have to be policies and guidelines to help people know how to protect their data. Be sure to communicate frequently with staff – as the manager we need to manage – be there – provide reassurance and guidance. We need to reach out to our staff and not wait for them to reach out to us. Learn to know your staff and be responsive to their needs.

These are a few points that you want to consider:

• Recent research from Arctic Security and Team Cymru shows that the number of infected organizations (including the public sector) has more than doubled since January. There is a good reason to believe that this is because more people are working from home and connecting to their offices from compromised end point devices or are attached to insecure networks. It could be a good idea for a CISO to prescribe secure configurations and standards for devices and networks used by remote workers.
• Remote workers can suffer burnout since they cannot ‘get away’ from the office and are drawn back to the office to get a job done. Remind people to have a good work and life balance.
• Keep in touch – not just via email or text, but interact as humans – some social discussion can be good. Have ‘water cooler’ talks and just catch up on how things are going.
• Be flexible with time. Many parents are juggling child care and schooling with their work. Many conference calls have a small child approaching a parent in the middle of a business call. Be sensitive to that and allow some freedom to adjust working hours and tolerate interruptions – many of which cannot really be avoided.
• Address the elephant in the room. Money/employment. Provide assurances, where possible, about job security and continued employment. Stress is caused by a sense of a lack of control over a situation. People are worried and there are no definite answers in many cases – so try to address that major concern of finances for your staff if you can.

This will be a tough time for many – loss of structure, financial stress, unemployment or reduced employment. But together we can all get through this – and be better for it in the end; Let’s be a team, be there for each other and encourage and support each one. 

Never stop learning – never stop trying!

You may also be interested in these 1-day Masterclasses with Kevin:

You´re invited to join this live learning experience in a virtual space where you will get full access to insights and innovation from the true authorities.

We think you´re going to love these - Learn more and book directly on the links below:

Security - with Kevin Henry

Live Virtual Masterclass: CISSP Overview

Live Virtual Masterclass: CCSP Overview

Live Virtual Masterclass: CISA Overview

Live Virtual Masterclass: CISM Overview

Come alone or bring your team for a strengthened direction with a tangible impact - but, don´t wait too long to book - seats are obviously very limited for this unique experience.