The Many Roles of the CISO as Viewed as ‘Star Trek’ Characters

August 27, 2019
| |
5 min read

With the upcoming release of the latest “Star Trek” series, “Star Trek: Picard,” we’ve been reflecting on the many characters that graced the screen during the hit prequel series, “Star Trek: The Next Generation.” Looking back at the most central characters, each brought their own unique set of skills and expertise to the Enterprise. This range of capabilities mimics the multifaceted role of today’s chief information security officer (CISO).

Digging a bit deeper reveals several real-world lessons that security leaders can apply to their daily lives. There are two exceptions to this exercise. The first is Dr. Beverly Crusher, since her character was primarily focused on the well-being of the humanoid crew, one of the few tasks that hasn’t yet been assigned to the CISO. The other is the legendary Captain Picard himself, because CISOs aren’t yet captaining the ship.

You may not be able to pilot a starship quite yet, but the examples of these other beloved Star Trek characters could help you figure out how to become a CISO with the right blend of talents to navigate beyond the known cyber universe.

Lt. Worf — Prepare Your Incident Response

It’s easy to see how the role of CISO parallels that of Lt. Worf. Standing at the ready, Worf monitors dashboards and long-range sensors for indications of potential trouble ahead. The CISO, much like Worf, needs to be on top of the enterprise’s defenses and sensors. As the saying goes, use peacetime wisely, which Worf puts to good use when he runs regular scans and tests of the ship’s incident response systems.

Should a response be required, Worf uses clear and direct language to communicate with the rest of the bridge’s leadership about their options and the result of their actions, similar to how a CISO should act during a security incident. Worf’s presence on the bridge might have been questioned at first — after all, why would someone from a planet far away from Earth’s known business universe be given a permanent post on the bridge? — but his sharp analytical skills and ability to direct effective countermeasures has saved the ship more than once.

Advice for security leaders: Channel your inner warrior and prepare for anything, but realize that sometimes, the best response is a diplomatic one, not a military one. Work on empathy and communication skills.

Lt. Cmdr. Geordi La Forge — Ensure Business Technology Is Resilient

Organizations today are nearly completely reliant on the proper functioning of technology. Think about it: Could your organization do business without networks and computer systems? Ships like the Enterprise also depend on technology to accomplish their mission objectives — in fact, the Enterprise is a model of the integration of IT and OT — but someone has to keep an eye on all that technology.

That’s where Lt. Cmdr. Geordi La Forge shines for his ability to provide deep insights into the ship’s systems. Geordi has the technical chops and the scientific mindset required to get to the root cause of issues. Whether it’s a broken warp-core reactor, malfunctioning dilithium crystals or strange electromagnetic signals, Geordi analyzes, repairs and tests the ship’s systems to ensure it’s capable of carrying out mission objectives and is resilient enough to withstand whatever it will encounter on the way.

While an increasing number of CISOs have left their technical roots behind — or came from an ever-increasing array of other fields — the ability to get to the bottom of issues is key, and so is the ability to translate deeply technical concepts into metaphors that leadership will be able to grasp.

Advice for security leaders: Use your skill set to shed light on things that are of strategic importance, but are hard for others to comprehend. Realize that even a small misalignment can have dramatic consequences, so develop tools to check configurations and improve visibility into the health of key systems.

Lt. Cmdr. Data — Connect the Security Dots

The show simply wouldn’t have been the same without the peculiar, yet fascinating character of Data. Not only was Data extremely good at interfacing with computers and all things electronic, but his positronic brain also allowed him to deal with the vast quantities of information coming across the ship’s sensor network and avoid getting distracted by more trivial matters.

For all of Lt. Cmdr. Data’s limitations stemming from his nonhuman nature, his ability to think differently and consider all angles has saved the Enterprise many times. Of course, he worked hard to improve his ability to read the subtext of human behaviors, which helped him improve his interactions with the rest of the crew, especially leadership.

Advice for security leaders: Tap into your strengths to help identify and connect the dots that matter in this increasingly connected digital world. Work through the awkward moments to achieve better results.

Counselor Deanna Troi — Tap Into Your People Skills

One of the more human-centered characters on the show, Counselor Deanna Troi spent her time probing and resolving intellectual and emotional misalignment of her fellow executives. Counselor Troi’s key skills are obvious, especially in contrast to the rest of the Enterprise’s leadership: empathy, communication, negotiation, resolution.

Without her ability to communicate between silos, negotiate acceptable paths forward, and use empathy to help others feel at ease and listened to, the Enterprise would have met a dire fate more than once. While other leaders on the ship sought to solve technical, scientific and tactical issues, Counselor Troi employed a human-centered approach to achieving resolution.

Advice for security leaders: Tap into your people skills to observe, listen and communicate. Be ready to listen before offering solutions, and to negotiate when security and privacy problems appear. Remember that you’re on a team, and together you can find a way ahead.

Cmdr. William Riker, aka No. 1 — Act as a Trusted Adviser

Wherever the captain was, you were also likely to find his No. 1, Cmdr. Will Riker. Although Riker’s role was often to carry out Captain Picard’s directives, he also acted in an advisory capacity, even if only as a sounding board for the captain. For many CISOs, being a strategist and an adviser means walking in No. 1’s shoes, being right there with the rest of leadership, helping them reason out the risk implications of their choices, advising them on alternatives, and yes, often just simply carrying out their wishes.

Advice for security leaders: Work to find your place on the leadership team. Remember that sometimes, you may start out as a strategist and trusted adviser before assuming more responsibility.

Enterprise Computer — The Voice of Reason?

Admit it: If you were asked to name the characters on the Enterprise, few of you would have mentioned the Enterprise Computer. Yet the enterprise’s computer was both the voice and the ears of the ship. There were few places on the ship where you would not have been within shouting distance of the ship’s computer. Similarly, it was always there when you needed it, whether it was responding to a simple query about the weather, how far to our destination given our current speed or, in the heat of battle, just how much shield percentage was left.

If you had a question, the ship’s computer was always there ready to answer. But the ship’s computer was also always listening, always aware of happenings up and down the command chain and always ready to provide the latest status of key risk and performance indicators.

It’s this ability to have an “ear to the ground” that serves CISOs well today. A CISO in the dark means an organization in the dark. For CISOs, cultivating the ability to listen and be in the know is a critical skill as the pace of change continues to speed up. Waiting for the next monthly executive meeting or the next quarterly board update simply isn’t wise when the ship is moving at the speed of light.

Advice for security leaders: Much like the ship’s computer, be present, be in the know and be ready to help.

The CISO as the Perfect Blend of Star Trek Characters

As life imitates art, organizations today are embarking on a digital transformation journey that is likely to take them far from the known cyber universe. Much like the Starship Enterprise, organizations must rely on a broad range of tools and talent to accomplish their mission and live another day.

As our world is increasingly dependent on IT, OT and data, CISOs are key to helping the captain steer the ship toward the solar winds of profit while avoiding the plethora of environmental obstacles and sentient attacks that seem to appear around every corner.

Christophe Veltsos
InfoSec, Risk, and Privacy Strategist - Minnesota State University, Mankato

Chris Veltsos is a professor in the Department of Computer Information Science at Minnesota State University, Mankato where he regularly teaches Information ...
read more