The finalists for WashingtonExec’s Pinnacle Awards were announced Oct. 13, and we’ll be highlighting some of them until the event takes place virtually Dec. 8.
Next is Cybersecurity Industry Executive of the Year (Private Company) finalist Douglas Neff, chief information officer at Cognosante. Here, he talks success in his current role, career turning points, career advice and more.
What has made you successful in your current role?
Throughout my career, I have sought to deliver solid results in my current domain while stretching myself to acquire new skills and perspectives that add value to the organizations I support. The diversity of experience and willingness to be adaptable, not just for myself but for the good of the company, has served me well as a contributor and as a leader.
I started my career as an industrial engineer. I retrained as a systems analyst when it became apparent that a more fundamental understanding of systems would be beneficial. Later, when I joined a software development group, I retrained as a project manager and software developer, which gave me the hands-on perspective that enabled a deeper understanding of how to design optimal solutions for our customers.
I eventually acquired an MBA in accounting and finance, when I determined that improving my understanding of accounting principles and financial regulations would help me be successful in that role.
Most recently, I completed a certificate program in cybersecurity management, which allowed me to play an integral role in strengthening Cognosante’s security posture. All these transitions, combined with many years of experience, have enabled me to engage across all aspects of the enterprise in my current role, where knowledge of so many domains is required.
What was a turning point or inflection point in your career?
Well into my career, I decided to pursue a certificate in cybersecurity management. I had spent several years as a CIO and leading Sarbanes-Oxley and SOC 2 compliance initiatives. I had acquired a good grasp of the controls and compliance processes and developed a deep and rich IT risk management program. At that point, I felt I could get much deeper into technical controls around IT security.
I enrolled in the cybersecurity management program at University of Virginia. In my final class, I developed a risk assessment based on the CIS Critical Controls framework. Insights from the CIS risk assessment have informed most of my IT and security leadership projects and investments.
What are you most proud of having been a part of in your current organization?
It sounds cliché, but I am most proud of my team. We have built a strong team culture rooted in Cognosante’s core values (value, innovation, performance and sharing), and thus have been able to attract and retain motivated and highly skilled people.
I place a lot of trust in my team and empower them to solve problems and make decisions. I don’t know everything — no one does — but as a team, we can collaborate, combine our expertise and motivate one another to be the best we can be.
We take pride in our can-do attitude and willingness to support our customers and employees however we are needed — something that was made exponentially more complex in the past two years, but I’m proud to say we rose to the occasion each time.
We are thoughtful about doing the right thing, not the easy thing. We diligently identify risks and operational challenges and work as a team to set them right. We reflect the Cognosante culture and I am proud of being part of a such a collaborative, highly effective team.
How do you help shape the next generation of government leaders/industry leaders?
I have reached a stage in my career where I have a broad array of experiences and accomplishments and I see it as not only my responsibility, but my pleasure to share those insights and experiences with my team. Experience is the best teacher, so it’s great to be there when the hard lessons are learned. I can help them put events in context and help them shape their response in order to achieve a positive outcome.
Additionally, I cannot say enough about the importance of building a culture of personal and professional growth. Empowering employees to make decisions and lead initiatives is one part of that. Encouraging them to acquire new skills — whether through a certification or new domain knowledge — is another. In today’s world, technologists need to build their business acumen along with their technical expertise, and I try to find ways to help them do that.
What’s your best career advice for those who want to follow in your footsteps?
I hope you can see that I believe in the power of growth, teamwork and hard work. I would encourage anyone to continue learning and challenge themselves to think critically, make recommendations and be brave. Recognize the importance of collaboration and communication. Be a responsible, thoughtful contributor to your team, build consensus and gain buy-in from your stakeholders.
Most importantly, get things done. Apply rigorous analytical skills. Don’t create half-baked solutions, but don’t try to boil the ocean either. Be sure to deploy a solution that provides value to the organization as soon as possible. Be accountable for your work. And of course, always be sure to recognize the accomplishments of your team.