This is the second post in a five-post series that introduces a set of free tools to help risk management leaders gain internal alignment for a new cybersecurity initiative. The tools are designed to help make getting buy-in easier and faster.
For a quick introduction to the full suite of tools, check out the post linked above. You’ll get an overview of each tool and why they exist.
Today we’re taking a focused look at one of the tools – the Stakeholder Benefits Guide.
Very few cyber risk management initiatives are going to be approved and funded by a single person. In order to have your initiative implemented, you need other people’s buy-in from across the organization. You need them to voice support for you.
To get that, each stakeholder has to see how your initiative benefits them personally. We created this Stakeholder Benefits Guide as a template to help you figure out how each of your stakeholders benefits from your initiative.
Throughout the spreadsheet tool, we’ve used the SecurityGate.io platform as an example for thinking about every person and team who will be impacted by your initiative. The guide shows how each person/team benefits, and – this is very important – how they will know they’re benefiting. To gain buy-in from your stakeholders, you’ll need to be able to describe how they will be able to measure the benefit.
- Is time saved?
- Costs reduced?
- Revenue increased?
- Something else that matters to them personally?
Use the guide as a thinking exercise. Imagine yourself in each person’s role one at a time. Think about the context of their role at your company. Their responsibilities. The people they report to. Things they hate about their job and things they love about it. How are they measured in their role? How does your initiative impact the way they’re measured? If you get stuck, we have a short blog post with a few examples of personas you may encounter within your company. Take a look and use the guide to record all the ways your idea helps them.
Later, you’ll come back to this guide and use these as talking points for gaining their support. The approval of your initiative will depend almost completely on your ability to describe how each stakeholder benefits. Spend some time here and you’ll have a much easier and faster time gaining approval.
Ultimately, this tool and the ones mentioned above are for speeding up the whole process of risk management. We need to be able to move faster so we can protect what matters and improve the organization’s ability to be operationally resilient.
As you’re going through these exercises, don’t hesitate to contact us for help. We’re happy to make ourselves available for you and always happy to share from our experience.