We have all heard the phrase ‘don’t judge a book by its cover’ but when are we going to apply the same rule to recruitment? I am not talking about judging a candidate by their appearance, culture, religion, age or anything that could possibly discriminate against them; in fact, I am not talking about how we perceive candidates at all but rather how today’s top talent judge potential opportunities far too quickly. Holding job titles in such high-regard, they are missing out on their perfect opportunity by failing to read job descriptions and organisations are partly to blame. We are all admirers of great job titles, take Sandwich Artists at Subway and the countless ‘gurus’ we have on LinkedIn as examples of that but looking closer to home in the Finance World, we are having the same conversations and its debilitating our top talent. Candidates are getting so caught up in job titles that they aren’t even entertaining a job description and be it a result of keeping up appearances or working as a coping mechanism to filter extensive search results, its hindering their and your success. Take a Financial Controller for instance. They are no longer purely transactional but commercial and strategic in the same way Finance Directors are now expected to be engaging and approachable leaders. Roles change but job titles haven’t and while I would encourage every candidate to be open-minded in their search, organisations need to be mindful of the role they are advertising or rather, how they are advertising the role. Hiring managers are fantastic at looking at a professional’s CV and looking beyond the buzzwords – identifying key achievements over titles and seeing adaptability and competencies first and foremost. Unfortunately, candidates aren’t following the same thought-process and looking straight to a job title that may not carry the term ‘senior’ and it’s an instant no. It’s a problem elevated by the start-up culture we find ourselves in which offers huge job titles for smaller responsibility. A CFO in a start-up for instance may be a Head of Finance within a larger firm and on the reverse, a Financial Controller within a corporate may find themselves as a Senior Business Partner in a smaller organisation, contributing to one of the many reasons professionals move to the disruptive world of work. For instant growth. With this in mind, a professional heading back into the corporate world would no longer appreciate a smaller title as despite being a side-step to their current role, the job title doesn’t match their progression. I met with a FTSE 50 organisation recently which is a microcosm to the organisational issue we find ourselves facing. A hugely attractive business that entices great talent across the board but attracting and retaining financial talent is an issue for them and it’s clear to see why. The Financial Controllers manage the Senior Business Partners who in another company would be a Head of Finance and then on the reverse, the Finance Business Partners who sit underneath them would otherwise be known as Analysts. The organisational structure almost has it that you come in on a fantastic title and digress as you grow which matters more to the professionals filling the role than they realise. Ultimately my advice is simple. If you are a candidate embarking on a new search, be open-minded, look beyond the job titles and present your CV around your key achievements and not former titles. For organisations, its fairly simple too: consider how your future talent pool may react to a role and what flexibility might need to be on the table for it to work. I’d like to hear from you – have you turned down your dream role due to a title or, do you think titles are depriving you of your best talent?
05 Dec 2019
‘Women in Business’ is a phrase coined to the equality movement and marks a huge step-change in supporting female professionals around the world. Whether it’s Women in Finance, Women in Cyber or Women in Tech – it’s a term used to build a support network for professional women around the world and while it can be great, it’s not always used for good. Dominated historically by the loudest voices, ‘Women in Business’ can be found plastered across stages at conferences, trending daily on LinkedIn and dished up alongside lip-service to serve organisations wanting to appear as more inclusive and unfortunately it’s working.. or, at least it did. The overdone phrase is now met with public mistrust, frustration and even resentment mirroring the hijacking of the Feminism Movement that was once cheered and not ignored. We’re on a mission to change that. Change the way the phrase is used and perceived by restoring its original purpose and use it for good. Starting with the very women in our own network, we are using ‘Women in Business’ to engage, encourage, empower and inspire female professionals who have a voice but are being prevented from using it. Our Having a Voice at the Table event series brings together the UK’s leading women from different business disciplines, colour codes, backgrounds, skill-sets, strengths, weaknesses and opinions about womanhood and just about everything else. We don’t talk about inequality, diversity, talent attraction, ticking a box or discrimination – negative or positive discrimination. Essentially, we don’t discuss anything that ‘Women in Business’ events might often be associated with and instead bring powerful women together and encourage them to tell their stories. Be it balancing motherhood with leadership, finding your authentic self and staying true to it, finding ‘me time’ or finding a mentor, we discuss how to use our downfalls as women to become more successful and so far, it’s been brilliant. Over the course of two events we have heard from four exceptional women who shared their stories of leadership and womanhood. Xenia Walters, Group CFO of SDL opened our first ever Women in Business event. She spoke about the power balance in the Board Room and at home with her husband a successful executive and two children who see them both as equal, she also spoke about building a work ethic aged seven and using your weaknesses as strengths. She stressed the importance of an Executive Coach to help you stop and reflect and spoke of having it all, as a myth. Elona Mortimer-Zhika, CEO of IRIS Software Group joined Xenia at our first event and advocated the vitality of choosing meritocracy over positive discrimination, how it can often be lonely at the top and how as a leader who is also a mother, finding the balance between being great at work and great at home; and also great to herself, is a huge struggle. She also discussed how finding friends at the school gate was her saviour in balancing work and motherhood with ‘me time’. Our second event which took place just this week saw CFO of the Ambassador Theatre Group, ShanMae Teo, discuss climbing the ranks through a heavily male-dominated Private Equity industry and using her current position to promote equality not just for women but for men too – encouraging her male peers and reports to do the ‘admin’, go to the doctors appointments and the school pick-ups because while helping him to be a better father, you’re helping a woman on the other side of the fence who gets to stay at work a little longer. We also heard from Author and Executive Coach Joanna Kane who spoke about the wake-up call that changed her life. Working harder than anyone else, she believed to be a successful woman she needed to work tirelessly and became ill in the process – this she describes as the leading moment to the thing that changed her life, offered her a second career and gave her the inspiration to help other women move forward in their lives with more clarity, conviction and joy. These events not only allow women who may be silently struggling to ask for help and resonate with the powerful speeches delivered by these four exceptional women, it also offers them the chance to interact with a group of passionate women under Chatham House Rule – a safe space to discuss challenges they may also be facing, what holds them back and what they are committed to changing. Our interactive workshop allows these phenomenal women to truly self-reflect and ask themselves what is holding them back from an astounding year ahead and build a tool-kit to help them get there. Two events, 80 women and a whole lot of positivity is the start to reclaiming the term ‘Women in Business’ and I’m confident we are making a dent in the professional world – a dent that is sure to empower women in business everywhere.
14 Nov 2019
Eight weeks ago, I moved to Hong Kong and it already feels like home. Having spent seven years working across the UK IT Recruitment Sector I decided it was time for a change and so I packed a bag and said goodbye to Cardiff. I was expecting to undergo some transitionary period; a culture shock you could say, but with a thriving social scene, diverse culture and millions of people from all walks of life on your doorstep, it was an easy move. There was however, one difference and that was the contract market in Hong Kong. It remains to be behind anything I have ever seen in the UK and despite there being a huge skills shortage with more positions than people, the contracting market is frowned upon and contractors are thought of as professionals unable to get a permanent role rather those seeking career diversity. What also struck me as strange was the fact that contractors in Hong Kong receive the same salary as those in permanent employment which removes the financial reward that comes hand-in-hand with the Interim world of work in the UK and removing the attraction to it as a result. While I understand the benefits of permanent employment, I also see the necessity for contract work - especially in the technology and digital world where a variety of cultures means for an abundance of Hong Kong narrative speakers and a real language barrier. I’ve found that international businesses in the tech space are absolutely fine, the likes of Facebook, Netflix and Google. But, it’s the local businesses that are really suffering. If these employees were contractors, coming in to complete a programme or implementation and then leaving it would be fine but these are permanent employees, not able to communicate with their employers. The biggest issue is that local businesses in desperate need of technological help are putting their needs on hold to find the perfect person with the technological and social competencies but it’s slowing them down and depriving them of the top tier of technical talent. While this issue appears not to be a new one, I am keen to speak to my new network in Hong Kong to hear your views on contracting and see if you are open-minded to hiring on an Interim basis to fill the skills-gap?
24 Oct 2019
There are two types of Finance Transformation professional - Specialists and Generalists. Specialists are often given niche titles, like P2P Global Process Owner and S4HANA System Implementation Lead, and a set of very specific responsibilities. Alternatively, generalists see themselves as all-encompassing Finance Transformation professionals with a broad experience of doing a bit of everything in every arena, whether that be for example, a system implementation, shared service centre set up or process improvement project. While there is a clear divide between the two types of professionals, what there isn’t is an understanding of which one is the best and as an organisation, which is more desirable. I have posed this very question to many of my clients and it seems they too are torn. Some show a preference for specialist professionals who can come in with a wealth of knowledge about a niche subject while others reap the benefits of a generalist who brings the benefits of a diverse and varied career path and can likely turn their hand to any project thrown at them. While many remain undecided, I’m keen to hear your opinion of what the optimum Finance Transformation professional looks like and what experience they bring to the table. Are they specialist, are they generalist, have they started their career as a specialist and branched out into other areas or have they over time narrowed down their focus to one specialism after climbing the ranks as a generalist? I had this very conversation today with Finance Transformation Director in my network. Despite spending his 30-something years as a Finance Transformation professional in different pockets of transformation projects, he will only hire specialist people into his team. His experience is so varied in fact that its quite unbelievable but while he has developed a great understanding of Finance Transformation programmes over the years, his worry is that his successors will merely be a Jack of all trades in this space and a master of none. This made me wonder, is he being too selective by assuming the next generation of leaders haven’t followed his exact path or, has he got a point? In my opinion, a diverse career history is not only a vital attribute of every professional but it also makes for a better leader with more adaptability, leadership skills, stakeholder engagement capabilities and a general understanding of how different finance transformation projects operate. On the other hand, I understand that if you have a specific need you would naturally opt to hire a person with the exact career profile and is hedging a bet on someone’s similar competencies asking too much of our clients? It’s a risk but is it worth the risk and worth staying open-minded for someone with a diverse skill-set to bring to the role? I’d like to hear from you. What makes for the better Finance Transformation professional – a generalist, a specialist or, both?
21 Oct 2019
Zeeshan Tayyeb has spent almost two decades working as a Finance Director, CFO and COO for both multi-million pound corporate and start-up organisations. Having transitioned between established and disruptive companies for some time, he discusses finding his happy medium within Private Equity and how despite working longer hours, he found greater job satisfaction working in a start-up - but, are they less forgiving? I think if you look at corporate companies; due to their age or the sheer amount of time and money that has gone into their development, they have institutionalised practices which are hugely beneficial to professionals starting off their careers. These types of environments provide a safe starting place to know and understand what good practice looks like while receiving guidance from experienced professionals. You also have training programmes, room for learning, budget for development and allowances for mistakes. You learn to understand how things can go wrong as a result of a bad decision and learn how to avoid failure knowing what the consequences are. You are not going to repeat your mistakes in the corporate world as there are boundaries and structures in place to direct you and tell you that you were wrong, but you can fix it. Smaller organisations are less forgiving and a small mistake could be life or death for them. When transitioning from a larger organisation to a smaller one, a frustration both I and colleagues of mine on the same journey have faced is the speed. A smaller organisation is more agile, it takes less time to make big decisions and becomes easier to chop and change if things aren’t quite going to plan. It’s a lot more flexible in that way which can be a fantastic thing but there is definitely an adjustment period to be had. The downside of working for a leaner organisation is that you run the risk of not having your key people. The benefit of working within a corporate is the processes and people that exist to help you; which are especially beneficial for transactional services, but the same thing just doesn’t exist within a start-up. Although frustrating, this can be of real benefit to you if you join from a corporate background with the ability to implement the day-to-day methodology needed to automate and utilise a small workforce. On the reverse, moving from a career where you have only worked in start-ups into the corporate world can be difficult. In my experience, it’s much harder to transition and you would need a specific skillset whether it’s speed, agility or a niche talent that can differentiate you from others. You also need to prepare yourself for the different politics, pace and processes that exist within a corporate environment. I think the nature of how training in the two types of organisation works means that senior finance people deriving from corporate backgrounds are ultimately more experienced. They are often second to the CEO and the person everyone within the company looks to for guidance and knowledge. In a corporate role, learning is constant as you not only constantly evolve yourself to meet the growing needs of the company, but you also get to mentor a great deal of people, work alongside group CFOs and Managing Directors who are all on a learning path themselves. For full access to Zeeshan's interview and the rest of our exclusive interviews in our white paper 'Are you too corporate for a start-up?' follow the download link below. Download our white paper
07 Oct 2019
For some time, we have been talking about the evolution of the Finance Professional. No longer numbers-driven and chained to a desk but more commercial, strategic and influential. While we once saw a sharp contrast between Transactional and Commercial Finance Professionals, they have equally become commercially-savvy and approachable, able to influence stakeholders and translate ‘finance’ into a language the workforce understands. But this progression of the Finance Professional is merely a microcosm of the massive changes taking place in the industry as the Finance space evolves with the changing times, technology and political climate. Robotic Process Automation (RPA) is one example of the technology revolutionising the Finance Transformation space but it’s not just tech taking over. The current political and economic climate is clouded with uncertainty meaning the traditionally temporary marketplace is making a move to Perm. Organisations are now seeking a Finance Transformation professional on a Permanent basis to cut costs and minimise disruption in longer-term projects but it isn’t landing well with the professionals they need to succeed. Transformation professionals thrive in the dynamic world of Interim work. They enjoy the diversity, the financial reward and the flexibility – three things not regularly associated with permanent employment. I met with a Transformation Director at a FTSE 20 company recently and she spoke about this feeling of freedom. The freedom to move from project to project, influence the business in such a short space of time and utilise new technology in new ways – something she wouldn’t be able to achieve in a permanent role and it made me question the longevity of this 'move to perm'. While technology revolutionises the Finance space and uncertainty reshapes the recruitment trends that sit within it, I’d like to hear from you. How have you seen the industry evolve and what change is on the horizon?
26 Sep 2019
Sarah Harvey is the Commercial Finance Director at O2 (Telefonica UK). In less than three years, she has moved out of Practice and joined the Telefonica network where she has held an impressive three roles including CFO of giffgaff and Head of Financial Planning and Analysis at O2. Like many established finance professionals, Sarah started her career at one of the Big 4 accounting firms but; unlike most, progressed to Director before making the move into Industry. Sarah spent ten years in PwC’s Capital Markets Team but despite never considering Industry as an alternative career path, after attending a meeting at O2, she instantly felt at home. SLIDING DOORS I loved PwC and I loved my clients but I simply wasn’t sure if Partner was right for me in the end. Practice gives you an amazing wealth of business knowledge and stakeholder experience and despite being happy there, I don’t think in my mind I really thought enough about what I was aiming for. Everyone is ambitious and the aim of their career within Practice is to get to Partner. Making Director was a progression of delivering great client experiences, winning work and executing projects but again, it wasn’t a conscious decision of mine toprogress to Director, it was just a natural consequence of hard work and good attitude. I was working towards Partner for some time as, without thinking, I assumed that is what I wanted but I found it was changing the way I was thinking about things and found that while I was certainly learning a lot from it, it was an extremely stressful process. I wasn’t looking to move into Industry, I was on a great career trajectory but I started to wonder if it really was my end goal, given the fact I had never thought about anything else. Many people leave Practice once they qualify, others leave at different points after qualifying but after 18 years in Practice, I wasn’t sure I could do anything else. Then I had a meeting at O2, walked into the building and felt like it was a place I could thrive. I ended up asking them for a job. No planning or real thought behind it other than respecting the brand, really liking the people and an instinct which led to a job offer and leaving PwC, all in a quick time frame. Looking back, I wasn’t sure how I was brave enough to do it but I left PwC, heavy-hearted to leave a place I loved and fairly scared about what I was going to find in the outside world but feeling very happy to end up somewhere so unexpected and wonderful. FINDING YOUR USPThe benefits of Practice are that you meet so many different people and work on so many different projects that time flies and you are constantly learning. You are given a real opportunity to get in there quickly, build internal and external relationships and thrive in intense deal environments which build a real skill of getting on a person’s agenda and building relationships. But, you do find yourself in an organisation with a lot of people with a very similar skillset so it’s really hard to find your USP. As a Director, we all have to be great at winning work, forming strong relationships and providing high quality work. In industry, your job is your job alone and no-one else; at least not at the same time, can do that for you. You don’t chop and change, you are doing the same role but within a role you can have a real breadth of experience - and while you are not constantly learning from new clients, you are evolving your role and feel a sense of belonging with and responsibility for the business. An equally valuable but different path. You build up a real level of experience by working in a number of different roles, even in the same industry, and we are now witnessing a growing trend where professionals enjoy and expect to move between functions and roles fairly regularly. People want a wider breadth of skills and that all-important career diversity. I was surprised by the level of diversity I was able to achieve in Industry - I started off at O2 then went to giffgaff as the CFO and now I’m back at O2 on my third role in three years having learnt plenty in each one. FINDING YOUR PLACE OUT OF PRACTICEI had very little telecoms experience before coming to O2 because I was a capital markets specialist - what I brought was a specialism to whichever industry needed it, I was sector agnostic and I liked it that way because it gave me such variety. I think, except for Financial Services, which would be a hard industry to learn from scratch, it is less about the industry and more about the type of function or role you want to go into. For me, the FP&A role at O2; which was my first role out of Practice, was all about understanding what the business was doing and crafting that into a story that the business and shareholder would understand. It was a skill I could take into most industries because the principles are sector agnostic. I don’t think I’d have gone into a commercial finance role straight away; I needed a central business role, preferably involving story-telling, where I could work with lots of different stakeholders. KEY LEARNINGS I realised that I’m braver than I thought, in terms of stepping out of what was a really solid and growing career to do something completely different. I also realised that the skills I learned in Practice were incredibly valuable. You bring something a bit different to Industry and what I have learned is that spending time in a finance function rather than with clients is equally as rewarding, as something is always changing so I still get breadth and excitement. I have never regretted the move nor regretted not moving sooner.My main aim is to be happy in my career. I was happy at PwC and I am happy now. I don’t feel the need to unpick the paths I have taken but rather reflect on the opportunities that arose and the career that followed. I’m glad I was brave enough to act on gut instinct. For full access to our white paper - Is there a right time to move into Industry? Please follow the download link below. Download our white paper
25 Sep 2019
Organisations seeking financial talent often have a picture painted of what they want their future talent pool to look like - their competencies, qualifications and educations. But, while we hear about the specific requirements for an ACA, ACCA or CIMA qualified professional, how many organisation actually understand what each has to offer and why each is a benefit in its own right? Take the CIMA for example. The Chartered Institute of Management Accountant qualification offers Management Accountant skills, spanning across 173 different countries and produces more commercial, strategic thinking and adaptable finance professionals – able to understand business objectives as a whole and not just straight finance. Then there’s ACCA. Perhaps thought of as the least prestigious out of the three due to its flexible training offering, giving professionals the ability to qualify online in their own time. The Associate Chartered Accountant has some 586,000 members and is now the fastest-growing qualification in the UK. While thought of as self-study and therefore not as esteemed, this type of flexible qualification gives some of the world’s most exceptional talent a chance to re-train, second time graduates for instance or, returning parents, lawyers, marketeers or HR professionals looking for a second chance in their careers. ACA on the other hand is deemed top of the hierarchy. It is the professional qualification from the Institute of Chartered Accountants in England & Wales (ICAEW) and is considered the hardest due to its some 15 exams, even thought to lead to dismissal in the Big Four if failed. But which type of qualified professional is right for your business? There are certainly different qualifications for different roles but it does depend a lot on the business. A lot of FTSE listed companies for instance, look for ACA qualified people from the Top Ten Accounting Practices because professionals here have to audit FTSE businesses. This allows them to have an already ingrained understanding of the model, the size and the growth of the business. It also depends a lot on the type of role you are recruiting for. A Reporting role as an example is a very technical mandate and would arguably best suit an ACA qualified professional as they are detail orientated and have experience in analysing large data sets. A Commercial Finance role on the other hand would perhaps sit best with a CIMA qualified person – someone who is both strategic and able to influence the wider business. An ACCA may seem bottom of the list but this actually works well for companies with smaller budgets and professionals looking to return to work after absence or re-train in a new vocation. It also allows for greater career diversity, and an individual who is dynamic in their thought process. I advise organisations on the different types of candidates available to them depending on their requirements but one thing is standardised across all qualifications and mandates and that’s personality. Finance professionals can no longer rely on their analytical and numbers-driven competencies, they now need to be personable, approachable, likeable and able to translate ‘finance’ into a language the whole business understands. I would be keen to hear your thoughts on the three qualifications. Are you qualified in one of the three and do you have a favourite?
23 Sep 2019
Alan Jenkins is the Head of Advisory Services at 2|SEC Consulting. He has some 30 years of experience across all aspects of security, particularly Cyber and Enterprise Security Risk Management. Alan started his career in the Royal Air Force and has subsequently held multiple Cyber Security roles, including as the first CISO for Babcock International Group in 2013. He has also worked for organisations including IBM Security, Atos Consulting, CSC and T-Systems. A NATURAL PATH I see my progression into Cyber Security as natural rather than accidental. I’m a security generalist and haven’t done anything but security in my adult life. I joined the Royal Air Force when I was 18 because I liked aircraft and wanted to be a pilot. I hadn’t thought of doing anything else since I was seven until I ended up with a navigation scholarship aged 16. Unfortunately, the RAF decided that my eyesight wasn’t up to scratch for me to fly. This forced a deviation from my dream and I then went to university as study electronic systems engineering but my heart wasn’t in it. What it did do however was give me the time to find something that I really wanted to do and that led me to join the RAF Police as a Provost Officer. I subsequently spent much of my service on security duties until 2001 when I made a deliberate decision to get into computer network defence and information assurance – of course, we didn’t call it Cyber in those days. So, in 2002, I joined the Ministry of Defence’s stand-up CERT team as the Intelligence lead, working with Other Government Departments and Allies in the then new world of response to computer incidents. Having started in physical security, looking after nuclear weapons and so on, I worked my way up through Security on Operations at home and overseas into Information Security. That’s what drew me towards Cyber– old principles applied to a new domain. REACHING THE BOARD FOR THE FIRST TIME My role at Babcock was as CISO; in fact, I was the first Group CISO at Babcock. I was initially only responsible for Cyber-related matters but subsequently picked up the broader security coordination task across the Group as we made progress with our Cyber improvement. I relished it. It was a significant career step as it was the first time that I was at the pinnacle of security capability; I wasn’t reporting to a higher level in another company - this was my first UK-based outfit and part of the attraction to me was that it put me into direct contact with the Board for the first time. I had to up my game – I’m not saying that I got it right straight away but after some years in the game, you know how to hone your craft and apply good practice. It was genuinely a new role, it wasn’t head of IT Security, it was a CISO role and that’s something Babcock did right. A PROTECTIVE MINDSETWhile I progressed through the different facets of security, for me, the mindset remained on protection. However my nature and environment fashioned me, protecting an enterprise, it’s people and assets. That’s what has always appealed to me. I would say over the three decades I have been working within the space, the industry hasn’t progressed enough. People still don’t have all the answers to Cyber; many think it’s only a technology problem. That’s not to say it isn’t but it isn’t the only problem. The technology space is perhaps where we have made the most progress but just thinking Cyber is about technology or defending IT infrastructure actually misses most of the problem. It brings us back to the HR debate: how do we develop the people? That’s where the greater problem lies. PEOPLE, PROCESSES AND TECHNOLOGYThese are three things to keep in mind always. You can’t attack one pillar in isolation to the other two; simplistically, you have to tackle all three in concert - if you don’t, the weakest or lowest hanging fruit will be the thing to trip you up. If you don’t bring the people along for the ride, if you don’t optimise the process flows to minimise human interactions and integrate the technology effectively, your technology investment will not deliver full value to the enterprise. THE VIRTUAL CISOSmall and Medium Enterprises (SMEs) need someone to offer a vision, to map out where the business is at with their Cyber Security and figure out what is right for that organisation at that time - this has to be aligned with the business strategy. This is what they should look for from a CISO but, I do not believe SMEs need a CISO permanently. Firstly, SMEs can’t afford them – fully capable CISOs are rare, expensive and demand exceeds supply. Secondly, having developed and delivered that vision piece – they no longer need a full-time CISO. What they need is for someone to drop in occasionally, increasingly referred to as a Virtual CISO (vCISO). I and others have been developing this concept for some time now: I liken it to that of the Flying Doctors – the vCISO drops in from time to time to review the agreed road map with the business check on progress, check the implementation plan is still right for that business and adjust as necessary while also being on call for remote consultation as the need arises. SMEs really need to look carefully at the cost/benefits and determine what they get for their money. It could be a virtual CISO, a temporary or an Interim CISO for a fixed term: an SME simply doesn’t always need a full-time incumbent. The SME needs expertise and guidance on call but once embarked on their capability improvement journey, they don’t need a CISO for 240+ days a year because they won’t provide that ROI. The CISO will be tracking progress, reporting and simply, I don’t believe you need that person every day of the week. The business is inevitably focused on whatever line of business they are in; the CISO has to talk to the business but, the business doesn’t always have time to talk to the CISO. The Board doesn’t meet every day of the week nor even weekly but the CISO should bein attendance on a routine basis, not reporting by exception - with bad news! THE IDEAL CISOTo be that all-important leader - and that in itself is different to a manager – the CISO needs to be able to come in and sell a vision. That vision has to be linked to; and supported by, the business and the CISO needs to be able to communicate that message to the Board in their business language, not in technical jargon. The CISO should have expertise around programme management rather than project as it’s often a series of activities, many in parallel. The CISOs role is to articulate and sell that vision and make sure there are success criteria in there, the measures of success of that criteria, with a link to fiscal targets; whether that’s spend targets or return targets, and what are you getting for your money. This is still a huge weakness for us. The ROI for Cyber investment is not good: there is stuff happening in this space but it’s still not mature and not yet universal in use as a result. Enterprises need to think carefully when looking to hire that ‘Ideal CISO’. It’s not just a label and then letting them get on with it. If you’re looking to appoint a CISO, whether to work as an Interim or on a full-time basis, then they need to be connected with the business, not just IT. Perhaps controversially but I don’t think the CISO should report to the CIO. It’s not all about IT, they’re often rebadged Heads of IT Security and that’s not all that the business needs from the role. After all, the CISO often calls out the CIO for taking on too much risk as they prioritise availability.If the CIO’s main function is to keep the lights on, availability will also govern the CISOs priorities. Security often needs to look much harder than IT to know what was the root cause of an Incident. It’s all about understanding and prevention. Most often, the security function is there to do the thinking that the business doesn’t do, it’s almost a mindset piece, looking out for the things that can go wrong. I have found that there’s too much optimistic thinking and not enough pragmatic thought about untoward things happening whether by accident or design, i.e someone overstretched cutting a corner to get the job done rather than some more malicious motivation. Security is there as a check and balance, not there to slow the business down but to give more thought about what is happening and how to prevent it or reduce the impact and that’s often not the priority of the CIO. Hierarchies and divisions of responsibility need to be right between the roles but an SME or smaller company doesn’t always have the luxury to afford this. This is where a virtual CISO becomes helpful and offers a perspective that they wouldn’t usually get, providing this is positive and aligned with their business needs. It’s also hard to learn from others if you spend 30 years in the same company.A CISOs role is to make sure all of the day-to-day roles come together to secure their business in a cohesive manner. Security is a horizontal activity, not merely a vertical one in the IT space: it’s also everyone’s responsibility! In an ideal world, we wouldn’t need a Cyber department as the workforce would all protecting the business. Then there is Security’s Achilles heel – the good are most often playing catch up with the bad. We have to get more pro-active rather than the more usual reaction to events after they have occurred. Security is neither an art nor a science, it has to be a hybrid function. For full access to our white paper - The Evolving Role of the CISO - please follow the download link and join the conversation, should we segregate IT and Cyber Security? Do we need 'flying doctors' rather than in-house security and is Cyber Security - everyone else's responsibility? Download our CISO white paper
16 Sep 2019
In our recent white paper; The Evolving Role of the CISO, we interviewed Roy Whitehead – an established security professional with two decades of experience at the likes of Barclays, British Energy, Volvo, Jaguar Land Rover, British American Tobacco and Thomas Cook. He describes himself as damming in his opinions towards most CISOs - comparing them to ‘heads of level folk’ and explores the idea that they are far too junior to be tackling a role that protects the security of an organisation. He raises the argument that security is the most important aspect of any organisation and therefore requires a more senior level of CISO who have a far more diverse career history across IT and business management. This got me thinking. What does constitute a great CISO? For me – a great CISO's characteristic falls into five categories; Experience. From the technical experience to the hands-on, this is vital for a great CISO. They should be well equipped with the knowledge and understanding of how to use different platforms and how to manage different functions.Likeability and Communication. As a CISO, you need to be not just understood and appreciated but liked too. This is how you get buy-in from non-security personnel. Rather than sitting in an ivory tower and speaking a different language, CISOs must be accessible and remove the jargon from every conversation to ensure their demands are understandable to key stakeholders. Over time, their relationship with the board can become more transparent as executives learn to put more trust into the strategies, suggestions and requests made by the CISO in return. Starting from scratch. In my experience, a CISO that has built a function from bottom-up is usually a great one. The ability to mature a security function in the public sector for instance, where all stakeholders are risk adverse, bureaucratic and dismissive of security as an integral business principle – that is impressive stuff.Getting your hands dirty. Decent CISOs aren’t always derivative from that environment but the same qualities can be recognised in a professional who has been able to open or expand a security function without using a managed service provider for instance. A person who is happy to get their hands dirty and get stuck in with the hands-on technical requirements. Ability to Align Security with Business Goals. A great CISO knows they are not there to control the business, but there to enable the business to do what they need to do in the most secure way. Great CISOs align their strategies with their firm’s mission values and understand how to communicate with business leaders in ways that are culturally aware, whilst enabling those leaders to make effective decisions. More importantly, a great CISO will always be playing a balancing act between what is good for security and what is good for the business.In the paper, Roy describes his ideal CISO as a person equipped with a plethora of security qualifications, the ability to liaise, negotiate and conversate with non-security professionals and also, have experience in senior management roles in as many industries as possible. For me, it’s simple. To be a great CISO you need a blend of security and general management experience – enabling you to build and maintain a security function while getting stakeholder investment, employee engagement and credibility throughout the organisation. For full access to Roy's and our other contributors interviews, please follow the download link to our white paper below. Download our Cyber white paper
06 Sep 2019
We recently hosted an event for women in business and it was magical. Of course, my colleagues came back from the event and told us about how successful it was in empowering, engaging and inspiring the audience but I can tell how truly extraordinary it was by the feedback I still get today. A Finance Director in my network contacted me this morning having read our 'Having a Voice at the Table' white paper and said that one quote really resonated with her. It was by newly promoted CEO of IRIS Software Group, Elona Mortimer-Zhika. Speaking of her former promotion from CFO to COO, Elona said; "My job is no longer to know the answers but to ask the right questions and connect the dots” and this truly resonated with her. She said; "This is something I’ve recently seen first-hand by sitting around the table with my seniors and executives where they do listen and take counsel as the accept they don’t have all the answers. "This idea of being master of everything is a myth and I’m so relieved to read it reinforced by others. It is a message that not many leaders or mentors openly share!" This was a perfect reminder of why we produce the content that we do and why we host such magical events. For your copy of our white paper - Having a Voice at the Table - please get in touch. Download our white paper
05 Sep 2019
There seems to be so many comparisons and unanswered questions within the Finance Transformation space. Do you need to be qualified or just have an aptitude for change? Should you be data driven or more commercial? And now, should you derive from Core Finance or Change Management? I have seen more and more Finance Transformation Directors landing key roles despite coming from a Change Management background and it’s great to see career diversity in action, but equally, there are still some organisations that prefer a professional who has taken the more traditional finance route and I’m keen to discover which is the preferential profile. I recently met with a Finance Transformation Director in the Media industry who started her journey to Finance Transformation in the Change space. From Business Analyst to Project Manager of a CRM implementation to the Programme Management of an HRIS project, she would on paper seem like the perfect fit to lead a Finance Transformation but found it incredibly difficult to be accepted without a finance background or experience. She did go on to land a Head of Finance Transformation role, gained valuable experience and is now an in-demand thought-leader in this space. This left me questioning whether a finance background in experience is necessary or if it was the result of frequent push-back and stigma? Are we so focused on internal mobility and career diversity within sectors that we fail to see how adaptable those around us can be? I’m keen to hear your thoughts - Should a Finance Transformation Leader have a background in Finance or does experience in Change transformation programmes quantify as being just as relevant experience?
22 Aug 2019