Spotlight on Demond Waters

I help protect the digital futures of over one million student and staff at New York City Public Schools by building cybersecurity strategies and programs. Beyond the technical aspects of cybersecurity, I am known from my commitment to lifelong learning and my pursuit to create pathways and opportunities for teenagers and young adults.
My goal is to bridge the gap between the complex technical security concepts and the human experience. When I am not defending one of the nation’s largest educational networks, I am spending time with my 7 year old son who is teaching me how to block code with scratch. A fun fact about me, I have an unhealthy addiction to board games and game shows.

Learn more about the New York CISO community here.
 

Give us a brief overview of the path that led to your current role.

As most CISOs, my path wasn’t traditional. I originally wanted to be an electrician, and I abandoned that dream to pursue technology, because I wanted a career where every day presented a new evolving challenge. I started in desktop support before moving to servers, networking, and eventually moving to IT management.

When the opportunity arose to join a newly formed security team at its inception, I jumped on it, drawn to the rare chance to build a cybersecurity program and the team from the ground up. It was like building an airplane while flying it. It also helps that I was the only person interested in taking on the challenge.
 

What is one of your guiding leadership principles?

My north star and my one guiding principle is cultivating a growth mindset, which I believe fosters honesty and integrity. This allows people to make mistakes and grow in the safe space. This produces a culture of honesty and integrity.

Whether it’s a technical vulnerability or a leadership challenge, it’s a critical experience for continued improvement. A growth mindset removes the fear of admitting what we don’t know and allows the team to be honest about our security gaps, because we view gaps as opportunities and integrity allows the team to do the right thing even when it’s difficult.
 

What is the greatest challenge CISOs face today, and how are you addressing it?

The greatest challenge facing CISOs today is the lack of a standardized identity. If you ask 10 CISOs what their role and responsibilities are, you will get 10 different answers. The position is constantly evolving, and I believe there is a gap between what a CISO actually does and what the rest of the organization thinks they do. 

I address this with "CISO Awareness Training." That's educating the organization on the role and responsibility of the CISO, as well as the role and responsibilities of others in the organization. 
 

What is the key to success for someone just starting out as a CISO?

There are 3 things that I think are important for new CISOs:

1. Be a student of the business. Spend time understanding the business and services your organization provides. Talk in terms the business will understand. If you talk about vulnerabilities, they will likely not understand and ignore you.
   
2. Be flexible and be prepared to pivot as threats and the business change. Sometimes you will need to compromise. Give a little to get a little. Avoid being Dr. No and be Dr. How. Flexibility allows you to find secure ways to say yes to innovation.
   
3. Commit to being a lifelong learner. Always be curious. Balance between technical growth and leadership growth.

I guess that was more than 3 things.
 

How do you measure success as a leader?

I was once told that people don’t leave their jobs, they leave their management. I measure success by the strength of my teams’ relationships and the growth of the people who work with me. When people move on to bigger roles and they still reach out for your mentorship, you have successfully become a leader. When you build a culture of openness and trust and your business partners feel comfortable consulting with you early in the planning process, when something has gone awry, or to solve problems you have become a successful leader.
 

What is the value of being a member of Gartner C-level Communities?

The true value of the NY CISO Community is the collective insights and interactions with peer CISOs across different industries. The ability to have candid conversations with fellow leaders provides congruity. The network extends beyond the conferences, dinners, and face-to-face sessions; it builds long lasting relationships. The community also provides direct and indirect mentorship and sponsorship.

Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.