The Double Bind surfaces in tech/security hierarchies where the CTO manages the Head of Security, and is officially accountable for delivering on growth opportunities as well as managing security risks.
While there are great CTOs out there that are conscientious and thoughtful about this double-bind, most aren’t.
It’s good to have open discussions about upside opportunity versus downside risk and generally that happens best when your boss’ bonus doesn’t primarily depend on them maximising upside.
The Double Bind surfaces in tech/security hierarchies where the CTO manages the Head of Security, and is officially accountable for delivering on growth opportunities as well as managing security risks.
While there are great CTOs out there that are conscientious and thoughtful about this double-bind, most aren’t.
It’s good to have open discussions about upside opportunity versus downside risk and generally that happens best when your boss’ bonus doesn’t primarily depend on them maximising upside.
Is there any better way you could set this up? Just asking for a friend.
Get the downside risk people in tech to report to somebody who is accountable for managing downside risk at the same level of the CTO.
Typically an intelligent and tech literate CFO or Chief Risk Officer.
If the Head of Security and the CTO can’t come to a deal, it reaches the ExCo or board for a decision.
I call this “creative tension” and it works better than the alternative.
Sounds reasonable enough - thank you !