What does it take for a CISO to successfully come out of a data breach without any dents in their reputation? One expert says it’s personal branding.
Headspace CISO Jameeka Green Aaron is a post-breach CISO. However, a quick Google search of Green Aaron—whose career spans over two decades with leadership roles at companies such as Nike and Okta—won’t immediately reveal this fact. Green Aaron told IT Brew that this is “intentional.”
“The reason that I have done that is that I want you to know that I’m a post-breach CISO,” Green Aaron said. “It means I’ve got some chops and that I can do this job really well and that I can take you through an incident and we can come out on the other side of it.”
She added that while the ability to successfully navigate a breach is often used as a “litmus test” to evaluate CISOs, that’s not the only value she brings to the table. Green Aaron has “an opinion about a myriad of subjects,” from non-human identities (think API keys and OAuth tokens) to being a Black woman in the industry—areas that have both become part of her personal brand.
“In many cases, CISOs hit the headlines when their companies have been breached,” Green Aaron said. “That’s not the only thing that you want the world to know about you, right?”
IT Brew caught up with Green Aaron to discuss how CISOs can build a meaningful personal brand.
The conversation below has been edited for length and clarity.
Is personal branding something that CISOs should be thinking about every day, alongside their day-to-day responsibilities?
I think you can think about it every day alongside your day-to-day responsibility. There’s a ton of stuff out there that we can have a perspective on and I think it’s helpful when [the perspectives] are close to what you do. If you want to be organic and you want to be a thought leader in this space, people have to believe you. Oftentimes, when you see folks trying to build their brand, they just kind of strike out. They go to a brand strategy team and they help craft this brand for them and you go, “That’s interesting. Do they really believe in that?” And I think that’s what makes people follow you or not follow you.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Do CISOs looking to establish their brand need to hop on TikTok or LinkedIn as part of the process?
I don’t think it’s just social media. Yes, you leverage social media, I think you should be interacting with LinkedIn, but that’s one part of it. TikTok is one piece of it. I think when you think about your brand strategy, it’s a multi-pronged strategy where you’re interacting in different ways. And so, I’m not just interacting on LinkedIn, I’m also interacting in person. I’m doing things like this. I’m interviewing and interacting with people in different ways so that my voice is heard in different ways. I think it’s important that with your brand, you’re telling a well-rounded story about yourself.
What are some tips you would extend to CISOs looking to perfect their brand?
It’s really important when you’re thinking about your brand strategy, it’s focused on who you really are and what your strengths are. If you’re not a good public speaker, then until you get to become one, you should probably not do as much of that. But you should be working on it because it’s a big part. Your voice is a big part of it. And really, your brand is a representation of your voice.