S4E18: Resilient Cyber w/ Joseph Lewis

Cybersecurity & Servant Leadership

Author

Chris Hughes
May 19, 2023

In this episode, Chris Hughes and Dr. Nikki Robinson chat with Joseph Lewis, Chief Information Security Officer (CISO) for the Centers for Disease Control and Prevention (CDC). Joseph shares insights into his leadership style, especially his focus on servant leadership, and how it impacts his role in cybersecurity. They discuss the unique challenges of leading a large cybersecurity team in a global public health organization, the importance of soft skills in leadership, and the evolving role of a CISO in aligning cybersecurity with business goals.

Key Highlights:

  • Servant Leadership Philosophy: Joseph explains the core principles of servant leadership, where leaders focus on supporting their teams to maximize their impact on the organization. He emphasizes inverting the traditional hierarchy to empower front-line employees, who interact directly with customers.

  • Cybersecurity and Business Alignment: Joseph stresses that cybersecurity should be seen as a business enabler, aligning with the organization's mission rather than being a barrier. He encourages shifting from asking "how do I get an authorization to operate?" to "how can we securely develop and support mission goals?"

  • Importance of Soft Skills: Joseph and the hosts discuss the importance of communication, empathy, and relationship-building in cybersecurity leadership. Joseph believes soft skills are crucial for translating technical risks into business terms and fostering collaboration across the organization.

  • Challenges in the Federal Space: Leading cybersecurity for a massive public health entity like the CDC presents unique challenges, such as managing fast-changing technological requirements and unfunded mandates. Joseph highlights the importance of modernizing cybersecurity efforts by integrating new requirements into ongoing development processes.

  • Cyber Resilience Definition: Joseph defines cyber resilience as the ability to demonstrate and provide value to the business through cybersecurity, making it an essential part of mission success rather than an obstacle.

  • Investing in People: He emphasizes the importance of continuous investment in the technical and personal development of his team, ensuring they are equipped to handle emerging threats while fostering a culture of growth.