←back to Blog

Pursuing a Cybersecurity Career?

Career in Cybersecurity is not just the technical aspect alone.

Understanding the Organization’s Management Model is essential.

I recently wrote this article about a leading consulting firm launching an internal training academy to develop their consultants’ skills so that their consultants have the ability to think both business and technology.

I applaud the move, as many of us recognize the challenges in today’s work environment. A common problem is that employees, particularly young practitioners, find it difficult to comprehend and align with the expectations of their leaders, and vice versa. This issue often stems from a lack of understanding of the organization’s management model. I have been into many companies throughout my career but none will tell you which organization’s management model they practice. You need to be experience enough to determine the management model that is practice by them.

Organization’s Management Model

Let me take this extract from this book Fast/Forward by Julian Birkinshaw and Jonas Ridderstrale, the authors define various management models used since the industrial age. The bureaucratic model has been the standard since the industrial age, followed by the emergence of the meritocratic model during the information age. Recently, the adhocracy model has gained traction. Organizations may use a mix of these management models, so it’s important to understand the prevailing model for effective transformation. This understanding will help business consultants and employees understand how decisions are made, how coordination occurs, how leadership functions, and how organizational culture shapes employee motivation.

How does this Management Model impact business operations?

First and foremost, most organizations will not brief to their employee their management models they practice. It takes an experience person to view the organization structure to determine the management model being used by the organization. Most especially younger employees may not fully grasp or have enough experience to understand these management styles. Furthermore, it needs a different mindset to adapt to and engage with the organization. Therefore, as long as you are engage or work in the organization, it’s important for everyone to understand that different management models will demand different mindsets from them.

For instance, smaller and larger organizations, will operate differently. For a smaller organizations, they might have a smaller, or more generalized team and individuals employee handling multiple tasks and roles. On the other hand, a large organizations will have more specialized roles and they probably have the luxury to work only on a specific task and role. But for a cybersecurity practitioners and other professionals will need to tailor their strategies to the organization’s size and culture so that they can align with the organizational goals.

How does the management model impact Cybersecurity Practitioners?

In today’s landscape, the demand for cybersecurity practitioners is exceptionally high and roles became very critical for some industries. This is due to the prevalence increase of cyber threats, the ongoing digital transformation, regulatory requirements, and the need for business continuity.

For someone in the cybersecurity landscape or pursuing a career in cybersecurity, understanding the management model is essential. This knowledge helps them assimilate and align their strategies and actions with the organization’s overall structure and culture. It enables them to effectively communicate with leadership, integrate security practices into business processes, and navigate organizational dynamics. By tailoring their approaches to the management model, practitioners can enhance collaboration, ensure compliance, and more effectively protect the organization’s assets and information, aligning with its broader operational framework.

Today, the role of cybersecurity is in high demand but also quite challenging for both employers and employees. Therefore, organizations must determine and define their management model so that they can strategize and structure their cybersecurity setup effectively. Ultimately, everyone in an organization should understand the management model and business ecosystems, not just the technical aspects alone.

Which Management Model does your organization practice today?

Bureaucratic Model

A Bureaucratic Organization appreciate structure, compliance, and clear communication.

  • Understand and Adhere to Policies and Procedures
  • Clear Documentation and Reporting
  • Effective Communication Up the Chain of Command
  • Focus on Compliance and Risk Management
  • Leverage on Established Processes and Protocols
  • Promote a Culture of Security Awareness
  • Engage in Continuous Improvement
  • Build Relationship and Collaboration

Meritocratic Model

A Meritocratic Organization focuses on skills, performance, and results.

  • Demonstrate Expertise and Excellence
  • Deliver Measurable Results
  • Seek Continuous Learning and Professional Development
  • Take Initiative and Innovate
  • Build a Strong Professional Reputation
  • Collaborate and Share Knowledge
  • Communicate Effectively
  • Seek Feedback and Adapt
  • Align with Organizational Goals
  • Leverage Performance Metrics

Adhocracy Model

An Adhocracy Organization embrace flexibility, foster innovation, taking initiatives, and collaborate across all disciplines.

  • Embrace Flexibility and Adaptability
  • Foster Innovation and Creativity
  • Take Initiative and Ownership
  • Collaborate Across Disciplines
  • Communicate Effectively and Transparently
  • Develop a Broad Skill Set
  • Focus on Rapid Response and Agility
  • Encourage a Culture of Experimentation
  • Leverage on Technology and Automation
  • Cultivate a Risk-Tolerant Attitude