In today’s rapidly evolving technology landscape, highly knowledgeable governance, risk and compliance (GRC) and cybersecurity professionals are increasingly necessary. New pressures in rapidly shifting threat landscapes are challenging organizations to swiftly protect sensitive data, mitigate risk and ensure regulatory compliance.
To meet these needs, GRC and cybersecurity professionals must demonstrate strength with regard to personal accountability to effectively manage their careers and ensure that they keep pace with technological advancements, associated risk factors, and new techniques employed by bad actors. Embracing new learning methods helps individuals and departments keep pace with emerging threats.
How Personal Accountability Impacts Career Management
When it comes to driving meaningful growth over the lifetime of a career, the most effective enabler of positive change is not a department supervisor, friend or family member, but the individual making the journey. Although this may seem self-evident to many people, a psychological concept known as locus of control (LoC) suggests that those with an external LoC are more inclined to believe and accept that external forces or actions strongly dictate whether their outcomes are successful or not.1 Individuals with an internal locus of control are far more apt to drive their career directions because they fully believe their actions produce the outcomes (good or bad) they experience throughout their lives. However, individuals are not stuck with either of these paradigms, and average people usually float between the two, depending on the reasoning they apply to certain life situations.2 Yet studies suggest that those who adopt an internal LoC mindset typically enjoy more happiness, job satisfaction and professional growth than those who have an external LoC (figure 1).
When it comes to professions such as GRC or cybersecurity, success is not solely determined by academic qualifications or professional certifications. Professionals must take direct ownership of their career paths, continuously evaluate their skills, and actively seek opportunities for growth inside and outside their organizations.
By assuming personal accountability, individuals can better shape their career trajectories, leverage their strengths, and identify areas for improvement. Personal accountability requires individuals to engage in self-assessments, set clear goals and expectations, and develop action plans to bridge skill gaps. In addition, networking with industry experts, participating in professional communities and attending professional seminars are excellent ways to achieve personal growth and expand career prospects.
Embracing New Ways of Learning
To successfully navigate the dynamic landscape of GRC and cybersecurity, professionals must embrace new ways of learning. For these professions specifically, and for many organizations generally, traditional educational models—such as brick-and-mortar universities and industry certifications—are no longer sufficient to meet rapidly changing demands.
Continual learning and upskilling are imperative for professionals who want to be relevant and competitive. Thankfully, several exciting and innovative learning approaches are empowering professionals to broaden their knowledge. Figure 2 illustrates some of the learning models GRC and cybersecurity professionals should explore as they consider how to sharpen their skillsets.
Online Learning Platforms
Course aggregator Class Central has cataloged nearly 150,000 online learning platforms as of 2023.3 Known as Massive Open Online Courses (MOOCs), these platforms offer flexible and accessible educational opportunities using innovative professional topics to cover a wide variety of course materials. Some leaders in this space include edX, Coursera and FutureLearn.4
These courses, often taught by industry experts, allow professionals to learn at their own pace and on their own schedule. MOOCs enable individuals to acquire new skills or deepen existing ones, enhancing their expertise in specialized areas. These platforms include free course content and paid learning paths, usually with accompanying certificates of completion. In some cases, this coursework may culminate in achievement of a Master’s degree from a recognized and respected public university.5
Microlearning and Bite-Sized Content
Tailored primarily for corporate environments, microlearning delivers short, focused bursts of information, making it easier for professionals to integrate learning into their daily work routines. Miniaturized forms of content—including video tutorials, podcasts and articles—enable learners to quickly acquire specific knowledge or gain insights into emerging trends and best practices applicable to them.
Favoring the mobile professional who wants to learn on the go, these convenient learning resources allow access from any type of device, no matter where the learner resides. Leaders in this space includes Surge9 and Code of Talent.6, 7
Virtual and Augmented Reality
Immersive technologies such as virtual and augmented reality (VR/AR) have transformed the learning experience. Mechanics, for example, can now perform simulated but realistic engine repairs for airplanes or large marine vessels without any potential danger to learners or onboard civilians.
In the context of GRC and cybersecurity roles, these technologies help to simulate real-world scenarios—such as a cyberattack that requires execution of threat-hunting or forensics—enabling professionals to practice their skills in a safe and controlled environment.8
This hands-on training enhances problem-solving abilities, decision-making skills and critical thinking, preparing individuals for complex challenges they may face in their careers.
Employers value professionals who demonstrate both a proactive attitude toward learning and adaptability to evolving job requirements.
Gamification
In the late 2010s, audit firm Deloitte adopted a gamification strategy for its employee training program designed to boost employee engagement. It was a big winner, boasting a near 40 percent improvement over engagement prior to implementing this strategy.9
Gamification leverages gaming elements into effective learning outcomes, making the process both engaging and highly enjoyable for participants. In the realms of GRC and cybersecurity, gamified learning platforms present scenarios, challenges and puzzles that require learners to apply their knowledge to solve the presented problems—much like AR/VR—but it uses badge systems, achievements and scripted missions to drive engagement. This approach fosters active participation, drives motivation, and promotes healthy competition among professionals within or across departments.
Benefits of Personal Accountability
Fully embracing personal accountability for career management, along with adoption of new learning approaches, can provide substantial professional benefits.
Enhanced Employability
Taking ownership of one’s career development and staying abreast of industry trends and emerging technologies significantly enhance employability. Employers value professionals who demonstrate both a proactive attitude toward learning and adaptability to evolving job requirements.
Increased Professional Competence
Personal accountability and continuous learning foster the development of diverse skillsets. By embracing new ways of learning, professionals can expand their knowledge base, gain expertise in emerging areas, and enhance their problem-solving abilities. This increased competence enables them to tackle complex challenges with confidence.
Broadened Workforce Diversity
Flexible learning options that accommodate different learning styles, preferences and schedules attract a broader range of talent, leading to greater diversity in the fields of IT audit, risk, compliance and cybersecurity. This diversity results in a more inclusive work environment and enhances innovation.
Enhanced Risk Management
Personal accountability and continuous learning contribute to improved risk management practices. Well-informed professionals can better identify potential risk, implement robust controls and devise proactive strategies to safeguard organizational assets. Their ability to adapt and respond to evolving threats becomes a valuable asset in protecting sensitive data and ensuring regulatory compliance.
Achieving Sustained Personal Accountability
Questions often arise about approaches individuals can take to increase accountability and ensure that incremental progress is continuously sustained in both professional and personal situations. No one-size-fits-all system exists, and some experimentation is required to identify effective methods to stimulate positive momentum day over day and week over week.
Before considering tools and actions, it is essential to examine the mindset of a personally accountable individual. According to Mark Street, chief executive officer (CEO) of business consultancy B STATE, the necessary factors to sustain personal accountability require an individual to possess and perpetuate eight behaviors (figure 3).10
Some of these factors are relatively self-explanatory; however, some tips addressing the more ambiguous attributes include:
- Apologize quickly—Everyone makes mistakes and some of those mistakes have greater impacts than others. It is often ideal to swiftly apologize and then shift focus to making things right, if possible. This lends credibility to an individual’s character and allows impacted individuals to move forward.
- Embrace change—An important aspect of embracing change is analysis of individual interactions during a project or work assignment (i.e., choices made and actions taken) and determination of how a different approach could produce improved outcomes. Routine self-reflection and solicitation of feedback from peers, customers or supervisors helps drive positive traction.
- Understand accountability assignments—This personal accountability attribute requires individuals to fully understand not only what they are accountable for, but also to whom they are fully accountable. This often requires an in-depth understanding of the commitments being made over the course of an assignment, ensuring that timely communications occur as key project milestones are met, and that all stakeholders (e.g., the individual, the individual’s direct reports, the supervisor) are fully aware of challenges to progress and needed resources to achieve desired outcomes.
Well-informed professionals can better identify potential risk, implement robust controls and devise proactive strategies to safeguard organizational assets.
As for tools, methods and platforms to help ensure personal accountability, a plethora of solutions exist. A tool can be as simple as a piece of paper or printout covering a strategic time frame and consisting of actionable steps that help achieve a larger goal. Using personal achievements as an example, it can be useful to focus on a calendar quarter of time (three months) and strive to complete a series of cumulative actions that lead to an impactful outcome. Achieving a professional certification on personal time (figure 4) is a good example.
Simple spreadsheets or paper-and-pencil tracking methods are sufficient for personal goals and small-scale projects. For more complicated tasks requiring personal accountability, solutions such as Asana provide daily to-do lists or Post-it note-style notes as reminders to complete outstanding work.11 Enterprise productivity tools such as Microsoft Outlook have built-in functions that allow individuals to create and manage tasks as they are communicated to ensure that deliverable deadlines are met. Ultimately, individuals must decide what works for them, but many contemporary choices exist, offering solutions for a wide range of needs.
Conclusion
Personal accountability is a journey, not an easy-to-reach destination. Individuals can significantly increase their chances of success by embracing new ways of learning, which are fundamental to managing successful careers in GRC and cybersecurity professions. By assuming responsibility for their own professional growth, individuals can actively shape their career paths, maximize their potential and stay relevant in a rapidly evolving landscape. Furthermore, by embracing innovative learning approaches and adopting personal accountability mindsets, professionals can acquire new skills, adapt to emerging trends and achieve success with lower stress levels. Through personal accountability and a commitment to continual learning, individuals can excel in these critical fields and significantly contribute to the organizations they serve.
By assuming responsibility for their own professional growth, individuals can actively shape their career paths, maximize their potential and stay relevant in a rapidly evolving landscape.
Endnotes
1 Eatough, E.; “Understand Your Locus of Control and How It Shapes and Moves You,” BetterUp, 2 March 2022, http://www.betterup.com/blog/locus-of-control
2 Hamzah, M.; A. Othman; “How Do Locus of Control Influence Business and Personal Success? The Mediating Effects of Entrepreneurial Competency,” Frontiers in Psychology, vol. 13, 5 January 2023, http://doi.org/10.3389%2Ffpsyg.2022.958911
3 Shah, D.; L. Pickard; R. Ma; “Massive List of MOOC Platforms Around the World in 2023,” The Report, 20 April 2023, http://www.classcentral.com/report/mooc-platforms/
4 Coursera, “Master of Computer and Information Technology,” University of Pennsylvania, Philadelphia, Pennsylvania, USA, http://www.coursera.org/degrees/mcit-penn
5 Surge9, “Multiply Your Training ROI,” http://surge9.com/
6 G2, “Best Microlearning Platforms,” http://www.g2.com/categories/microlearning-platforms
7 Staton, S.; “VR and AR—Not Just For Games and Virtual Meetings,” NetworkDataPedia, 6 March 2023, http://www.networkdatapedia.com/post/vr-and-ar-not-just-for-games-and-virtual-meetings
8 Larsen, S.; “How to Use Gamification Principles to Boost Audit Participation,” EASE Blog, 15 August 2019, http://www.ease.io/how-to-use-gamification-principles-to-boost-audit-participation/
9 Samuel, M.; “Eight Behaviors That Help Develop Personal Accountability,” B STATE, 3 March 2021, http://bstate.com/2021/03/03/behaviors-that-help-develop-personal-accountability/
10 Forbes Coaches Council, “13 Accountability Apps to Keep Your Goals From Slipping Through the Cracks,” Forbes, 18 August 2017, http://www.forbes.com/sites/forbescoachescouncil/2017/08/18/13-accountability-apps-to-keep-your-goals-from-slipping-through-the-cracks/
11 Ibid.
ADAM KOHNKE | CISA, CISSP, GIAC, GPEN
Is the owner and chief executive officer of The XL Security Consultancy, a cybersecurity advisory practice focused on providing value-driven IT risk management services, ethical hacking assessments, unmanned aerial systems (UAS) security consulting, targeted IT audit engagements and high conversion content generation. While not architecting security solutions for his customers and the world community at large, Kohnke enjoys traveling with his family, camping, reading books and playing board games. He can be reached on LinkedIn at http://www.linkedin.com/in/adamkohnke/.