In an insightful article on SC Media.com, Max Metzger asks the question, could soldiers, sailors and spies make better Chief Information Security Officers? He looks at how business has long co-opted the language of the military to promote leadership, fight adversity, work as a team, and achieve difficult goals - and asks how much more relevant are actual military skills and thinking for a CISO fighting a live opponent?
He interviews four veterans in the article:
- Chris Pogue, CISO at Nuix, an American veteran who enlisted in 1996 and went into the field artillery.
- David Venable, vice president of cyber-security strategy at Masergy, and a six-year veteran of the US Air Force and the National Security Agency.
- Brett Wahlin, an independent cyber-security professional and former CISO at Hewlett Packard Enterprise, who spent several years as a counter-intelligence agent in the US military.
- Ewan Lawson, senior fellow for military influence at the Royal United Services Institute, an RAF policeman and since 2002 has held a variety of roles as commanding officer of the UK psychological operations group and within the Joint Forces Command, developing cyber-warfare capabilities.
Key quotes from the article:
- Chris Pogue told the journalist that in the security industry, “you're really doing the same sorts of things you would do in the military, with just a different set of information.” He added: “The job of information security, runs in close parallel to that of a combat soldier.”
- David Venable agreed, he said being in the military “creates a mindset on which you can easily build an infosecurity career”.
- Brett Wahlin, said he continues to rely on military experience in others and former military people tend to make up a good deal of the teams he works with. He said: “Much of the understanding that benefits an information security role, you gain from from the military doctrine that is instilled no matter what role you actually take in the military.”
- Ewan Lawson said: “Military-trained information security professionals tend to have a better initial understanding of the concepts that are native to security and may even hold data in a more sacred position than a civilian counterpart.”
To read the article in full, click here.