Governance & Risk Management , Incident & Breach Response , Security Operations
Profiles in Leadership: Marcel LehnerRunning 'Hearts and Minds' Campaign to Push Information Security Management Uptake
When Marcel Lehner was hired to be the CISO of MM Group in Vienna, his mandate from the board of directors was to better embed information security throughout the organization.
See Also: Demystifying Managed Detection and Response Services
To do that, "you need to have a lot of energy," as well as network not just with other CISOs but also practice excellent "internal networking," he says. Lehner says he devoted months to selling his strategy internally, not least to the IT teams located at MM Group, which is Europe's largest producer of carton board and folding cartons, but which has manufacturing plants around the world.
"When you start out at a new company, the most important step is to get people into your boat, to get them into your vision, into your strategy, and to communicate," Lehner says. "As a CISO I would say you don't have to only be a techie guy, you also have to be a bit of a storyteller and also a little a bit of an economic guy, so you have different roles in your job."
In an interview with Information Security Media Group as part of the CyberEdBoard's ongoing Profiles in Leadership series, Lehner discusses:
- Making the business case for having an information security management framework and system;
- Lessons learned from becoming one of the first Austrian manufacturing companies to achieve ISO 27001 certification;
- The security promise of artificial intelligence, greater automation and consolidation of tools.
Lehner is CISO of the MM Group. He is an experienced cybersecurity executive who's previously worked at such organizations as Austria's postal service, IBM and Siemens. Lehner has a passion for driving sustainable outcomes, change and continuous improvement by constantly delivering innovative security programs, managing risk and improving global and complex organizations' cybersecurity posture.
CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.