The Double Bind surfaces in tech/security hierarchies where the CTO manages the Head of Security, and is officially accountable for delivering on growth opportunities as well as managing security risks.
While there are great CTOs out there that are conscientious and thoughtful about this double-bind, most aren’t.
It’s good to have open discussions about upside opportunity versus downside risk and generally that happens best when your boss’ bonus doesn’t primarily depend on them maximising upside.
BikDk•4h ago
Is there any better way you could set this up? Just asking for a friend.
com•4h ago
Get the downside risk people in tech to report to somebody who is accountable for managing downside risk at the same level of the CTO.
Typically an intelligent and tech literate CFO or Chief Risk Officer.
If the Head of Security and the CTO can’t come to a deal, it reaches the ExCo or board for a decision.
I call this “creative tension” and it works better than the alternative.
com•5h ago
While there are great CTOs out there that are conscientious and thoughtful about this double-bind, most aren’t.
It’s good to have open discussions about upside opportunity versus downside risk and generally that happens best when your boss’ bonus doesn’t primarily depend on them maximising upside.
BikDk•4h ago
com•4h ago
Typically an intelligent and tech literate CFO or Chief Risk Officer.
If the Head of Security and the CTO can’t come to a deal, it reaches the ExCo or board for a decision.
I call this “creative tension” and it works better than the alternative.
BikDk•2h ago