“Security isn’t funny but it can be fun” and “information security doesn’t have to be hard” the mantras of my guest today Thom Langford – your virtual Chief Information Security Officer with a big, friendly but serious personality.
Thom is always ready to engage, he does a combination of being serious in the same breath as pointing out truths and irony with humour and dry wit – not an easy mix to pull off, and he admits that, until people get to know him, occasionally some people don’t get his brand of fun or might find it intimidating.
As the former Chief Information Security Officer of Publicis Groupe, Thom was responsible for all aspects of information security risk and compliance as well as managing the Groupe Information Security Programme. He now consults and does speaking gigs at information security conferences around the world.
His conversation style is to listen deeply and then talk as he thinks, and he’s very comfortable correcting his own words – a verbal version of typing a sentence, deleting back a few words and then retyping something better, more accurate.
What came through strongly in our conversation is how he’s watched others manage people and what he’s learned about his own experiences managing people. Things like speaking truthfully and not shying away from giving bad news while still being thoughtful, compassionate and supportive. He believes in the power of a face-to-face discussion and the eye-ball to eye-ball handshake to create credibility and trust where an email is more likely to create distance and wiggle room for excuses about why work hasn’t been delivered as agreed.
When I asked him what’s influenced his conversation style, it’s his need for honesty. He talked about how being a public speaker has taught him to be more comfortable when receiving a compliment not just because it’s validating the other person’s opinion and it’s the polite and gracious thing to do but also because he sees it as a gateway for a more useful, in-depth exchange – it invites further conversation and connection.
He believes that not only do experiences like this grow you but they also generate respect from others towards you. If you’re a new manager, you might enjoy listening to Thom’s counsel and his shared learnings as he’s risen in seniority.
When it comes to information security he points out that it’s a topic that’s not always well understood – it’s seen as a nice to have and an annoying part of the business that gets in the way of business. This view is changing, slowly. So it’s important that Thom can communicate the seriousness of security and have stakeholders view it as critical to the speed and resilience of the business. But that doesn’t mean the conversation can’t be fun.
In talking about his best conversation and his worst conversation, Thom is a great storyteller. He speaks as things really are – he’s not looking to blame, he just names things as they are and is willing to accept responsibility for his part in a disagreement. And he’s very comfortable naming the feelings, emotions and states of mind as he takes us through work situations and significant conversations.
Better Conversations with me, Sehaam Cyrene, is about capturing and exploring what regular heroes, like you, from all walks of life enjoy about conversation. We get to indulge in acknowledging what you’re good at and equally admitting what you’re rubbish at, who winds you up and who has inspired or influenced how you like to have conversations. There’s no judgement here – it’s just an interlude of reflection about the finer aspects of conversations as it stands for each of us.
If you’ve got questions or suggestions or you’d like to appear as a guest, drop me a line at firstname.lastname@example.org with a convincing, entertaining or just a down-to-earth opinion you have about the importance of conversation.