CISO - Board Room

Every rookie salesperson worth their weight in Ramen noodles knows the answer to this question –what is your company/product’s “Unique Selling Proposition” (USP)? A USP is the one thing that sets companies and products apart from their competition. A strong one can take a company on a breathless up and to the right growth trajectory seeming to defy gravity…think Google. A weak USP can take a company on a gut wrenching descent from the summit of Mt. GushMore straight down the drain and into the corporate sewer system…think Sears.

Fast forward to the not too distant future. This reoccurring scene begins playing out in the board rooms of America’s most successful companies. Those who have been enjoying the majestic view from atop Mt. GushMore for many years. But, overnight the view has changed dramatically…unthinkably…catastrophically. As dazed board members are briefed by the shell-shocked and sleep-deprived Chief Information Security Officer (CISO) on the cyber attack that now threatens the company’s very existence, one of the more reserved board members asks Mr. CISO a question that leaves him looking like he’d just met Sasquatch on his summit descent —

What is our Unique Security Selling Proposition™ (USSP™)?

Stunned silence. Mr. CISO struggles to compose himself. Other board members look at each other trying to figure out who will say what next. No one seems to know if it’s a serious question or just a lame attempt to bring some comic relief to the dire situation. To everyone’s amazement, Mr. CISO finds strength to rally from a inner reserve he never knew he had.

“You just might be on to something, sir. This horrible experience has exposed a hidden weakness that would inevitably be exploited. Now that it has been…now that we know it exists, we can turn that weakness into a strength. Perhaps even our greatest strength…our Unique Security Selling Proposition™.”

CISO - Chief Information Security Officer

The air is now slowly but surely returning to the board room. Every member is laser-focused on the man waving the laser pointer like a maestro conducting an orchestra. One by one, heads begin to cock sideways as they do in those “ah ha” moments when revelation breaks through and resignation begins to recede.

“Today is a dark day for our company, but it doesn’t have to be “D Day”. I own this failure and you would be completely justified in firing me here and now. In fact, that’s exactly what I expect you to do. But before you do, consider how we can use this failure as a stepping stone to a level of success that we could not possibly achieve but for having failed as we have here today.”

At this point, some board members are skeptical that Mr. CISO is simply trying to save his job. Most however, are intrigued by where he’s going with this. The chairman, keenly sensing the magnitude of the moment, breaks it down in a way that everyone understands.

“So, Mr. CISO, every one in this room will be relentlessly hounded by the media for weeks after this disastrous breach. What would you suggest we tell them?”

Well aware that the next words he speaks will undoubtedly determine if Mr. CISO spends next week job searching or crafting his company’s USSP™, he confidently looks the Chairman squarely in the eye and says,

“Tell them that we will be the most information secure company in our industry in less than one year from today. Tell them that we see events of the last 24 hours as a major investment in the ever brighter future of our company. By the end of the month, we will be unveiling our Unique Security Selling Proposition to the marketplace, along with plans for new products and services enabling us to deliver on our USSP promise. And finally sir, tell them that your CISO has assured you that we will deliver on that promise.”

One by one board members rise from their seats to applaud Mr. CISO. The last to rise is the reserved member who asked the question that will soon be asked in every board room around the country. As he ruminates upon the answer to his question, he knew it begged a more obvious one —

Why wait until cyber disaster strikes to form your company’s Unique Security Selling Proposition™ (USSP™)?

We specialize in retained searches for InfoSec Execs like the CISO in the story above. If you need help, you can reach Brad at 317-691-6169 or