Beyond The STIG: What Does 'Security Leadership' Really Mean?
Red Hat News, February 28th, 2023
In the world of product security and compliance, there's no shortage of leadership, at least on the surface. But 'leadership' doesn't necessarily mean the same thing across individuals, companies or industries. Practically, what traits should a leader in IT security exhibit? What should they be doing.or not doing? And why do these specific actions matter?
Just like the nature of leadership itself, there isn't an objective answer here. Red Hat (and I personally) have been deeply involved with software and systems security for decades, which puts us in a good position to explain what security leadership means in our eyes. Unsurprisingly, given the open source nature of Red Hat, I feel that you can't be confident in a claim of security leadership without participation as a starting point.