When you start a new security leadership role, it can be daunting to know where to begin. There are lots of people, lots of security threats, and lots of business processes. It's tempting to want to jump in with both feet, but try to resist this urge. Going in with preconceived ideas of running or fixing things will inevitably lead to misunderstandings, ruffled feathers, and a lack of trust. Instead, take the time to learn the company, listen more than speak, and build relationships to help create the scaffolding that will support you in the future.

In the beginning, you're trying to answer a simple question: what will it take for you to be successful?

What's on Fire?

Sometimes, before you even walk in the door, you might notice things that need immediate attention. Perhaps they've never had a security leader before, and you can see that they need basic blocking and tackling, such as multifactor authentication for critical systems, vulnerability management for internet-facing assets, or basic asset inventory. Perhaps they are missing some critical security thing ...