What You Need For Career Progression From ‘just’​ a tech person to Technological Management (CISO, CIO, CTO etc.)

What You Need For Career Progression From 'just'​ a tech person to Technological Management (CISO, CIO, CTO etc.)

As someone who was a “techy” for many years, aka “Installed & and Managed Server 2003 with Exchange 2003 (before SP1)” in my early days as a system administrator. So, I know how tricky the transition from ‘tech’ to ‘management’ is.


In Essence, the transition is taking all of your Technical knowledge and using it to implement smarter business decisions based on technical knowledge and not technical decisions based on technical knowledge.


Installing and managing “Decisions and Methodology” rather than software and hardware.

When you initially start as a Helpdesk person, Networking Person, or System Administrator etc. your entire focus and terminology are technological. You need to think in “technological” language and provide technological solutions to technological problems.


But, when you climb up the ladder you get more opportunities and responsibilities to interact and ‘troubleshoot’ at an operational level.

This is where many professionals get stuck and struggle to progress in their careers because they don’t adapt their methodology and terminology into ‘business speak.’ They revert to “Technical Solutions for Technical problems”

But I wanted to share 3 ways you can get started transitioning from tech to management that I found useful in career progression.

#1 Research your business (and understand it)

In the same way, you would treat technical learning and research when you’re troubleshooting. Talk with your colleagues, and make sure you know the business you are working in/with:

  • What does the business do?
  • What is the vision of the business?
  • Who is the target audience?
  • What is the USP ( Unique Selling proposition) of the Business – how to do this business differentiate itself?
  • Who are the competitors?
  • What are the biggest challenges the business is facing?
  • What role does technology play in the business function?
  • What technological risks are the biggest right now?
  • How does the business get impacted by these risks?

In Boardish, for example, we also encourage you to look at how many users are impacted by technology and to what degree. We classify them in ‘high, medium, and low’ impact users. Which means the number of employees that will lose significant working capabilities when technology is unavailable ( high reliance on Technology )


boardish employees information table

Knowing all of these things is the first step to making meaningful inputs and decisions at management levels and beyond. Particularly if you’re aiming for the CISO position.

#2 – Familiarize yourself with business & risk terminology:

You need to see how technology relates to the business as a function in the macro, rather than the fixes in the ‘micro’ and this means learning and understanding many terms. Particularly if you’re interacting with other departments or decision-makers.


This means stepping outside of the technical and understanding things like:

  • Annual company turnover = The total sales made by a business in a certain period. It’s sometimes referred to as ‘gross revenue’ or ‘income’. This is different from profit, which is a measure of earnings. It’s an important measure of your business’s performance.
  • Market positioning = The competitive advantage of an organization and the ability for your business to influence its customers. Sometimes this is discussed as ‘brand positioning.’

As well as risk terminology (these are taken from our Boardish ecosystem) including:

  1. Market Loss – The number of sales lost as a result of a threat or combination of threats to the organization. 
  2. Sales Loss – The number of sales lost as a result of a threat or combination of threats to the organization. 
  3. Salary Loss – The amount of financial impact on salaries as a result of a threat or combination of threats to the organization
  4. Regulation Loss – The financial impact to the organization in the event of being hit by regulation fines as a result of a threat or combination of threats to the organization. 

#3 – Start evaluating how effective your tech solutions are against threats

You will already know technological risks and threats to the company, e.g. ransomware etc. and you already know your preferred way of protecting against them.


But now it’s time to quantify them for the business.


How effective are your solutions (or combination of solutions) at protecting against these threats? And how much money can you save the business by deploying certain solutions?


Translating tech to business is a key milestone in your career progression that is going to help you get from techy to manager and be more heavily involved at the decision-making level.


Get started by running simulations on Boardish. When you set the TPF (Threat Protection Factor) this is where you find how efficient the solutions are against the threats in financial numbers! Boardish Basic is completely free for you to test and experiment yourself as you get to grips with the new terminology and knowledge and make the steps towards speaking the language of the business.


immobility TPF

Sign up to Boardish here: https://app.boardish.io/login

Learn more about Boardish: https://www.boardish.io/

Quicker IT & CYBER Budget Approvals

When technology meets 'bottom line'. There's Boardish.

Get the pragmatic guide to cyber risk quantification