780 TechTues
Breaking News, Business & Finance

IT Tuesdays: the 8 Principles of Security Leadership

by Scott Cullen
written by Scott Cullen

During last month’s IT Nation Secure Conference, Ian Thornton-Trump, the chief information security officer at Cyjax, a threat intelligence company based in the UK, shared the eight principles of security leadership.

He reported that according to Comparitech, a pro-consumer website providing information, tools, reviews, and comparisons to help its readers improve their cyber security and privacy online, if measured as a country’s economy, cybercrime is predicted to inflict damages totaling $6 trillion USD globally in 2021 and would be the world’s third largest economy after the U.S. and China.

Following are the eight principles of security leadership that Thorton-Trump outlined in his presentation:

  1. Achieve personal and professional security competence. Complexity is the enemy of security.
  2. Embrace personal and professional security improvement.  Know your infrastructure and the cycles of your business.
  3. Accept personal responsibility for security. Rhetoric about cyber war needs to be toned down otherwise that might spur more countries to take action.
  4. Set a personal example of being secure – i.e., secure customer authentication (SCA).
  5. Ensure everyone knows the meaning and intent of the security program. Explain why there is a  need for a security program and what, where, and how your organization will protect against threats. This needs to be based on a realistic threat model.
  6. Embrace security improvement opportunities. You can always do more.
  7. Make sound and timely security decisions. Make a call, even if it’s the wrong one. “At least you made a call,” noted Thornton-Trump. Seek out help. You need information to make decisions. If you don’t have that information, they won’t be rooted in reality or could be the wrong decisions.
  8. Never ignore a security incident. Inform your supervisor and/or security operations. Learn from your mistakes and do not punish the guilty.

Access Related Content

To become a subscriber, visit www.thecannatareport.com/register or contact cjcannata@cannatareport.com directly. Bulk subscription rates are also available.

You're viewing IT Tuesdays: the 8 Principles of Security Leadership, in a text-only format to view this issue in all its entirety please download it from our Past Issues page

Related Articles

Monday with Mark 2.12.26, office technology

Office Technology News, April 27 – May 1,...

zofiq chattech ConnectWise

ConnectWise Advances AI Leadership with Agentic AI

Monday with Mark 2.12.26, office technology

Office Technology News, April 13 – 17, 2026