CISOs can learn a lot from “airline pilot voice.”

You know, the bored drawl that sounds immune to stress and can make you swoon during a crisis.

“Uh… this is your captain speaking. We’ve, uh.. just lost our starboard engine, and uh… yeah, the other engine is currently on fire… tail just fell off… yep, sit back, relax, enjoy our in-flight service, and we’ll have you on the ground momentarily. Uh… I might fall asleep right now I’m so bored. Also I’m not from the South. I just talk this way on purpose.”

As a CISO, you will, sooner or later, manage a crisis situation where executives with bloodshot eyes stare at you on a video call at three in morning, and everyone is panicking.

Cue Douglas Adams: Don’t Panic.

Instead go the other direction: Keep Calm and Carry On.

There’s a reason airline pilots fake a bored Southern drawl. While air travel has gotten dramatically safer since the 1930s, there's no escaping the fact that you're in a thin metal tube with wings at 30,000 feet, and an accident could be fatal to everyone involved.

Pilots train for this. (I’m guessing, I don’t know for a fact. But it seems a reasonable guess. Also, I hope they do?)

Is there a diction class where airline pilots learn how to talk like a good ol’ boy from Alabama? But I digress.

In moments of crisis, your personal attitude is contagious. Fear is contagious. Panic is contagious. The most important thing you can do as a CISO, leading not just your team but your company during a crisis, is to stay calm, take a deep breath, smile, and talk like an airline pilot.

You’re not going to single-handedly deal with a security incident on your own. You’re going to need collaboration from your team members to make that happen. They need to focus on that work, confident that you’ve got their back, confident that you’re confident.

When the captain panics, people start jumping overboard.

And if your crew abandons ship, you aren’t captain of anything at all.

The CISO is a business leader. While a security team is usually a small percentage of overall company head count, during an emergency your dotted line authority temporarily expands to include the whole company. So lead.

There’s no formula for leadership, and I’m the last person in the world who’s going to stand on a pedestal and lecture on what makes a good leader or a bad one. Honestly, I’m not sure.

But you gotta do what you gotta do to do your job, and do it well. Figure it out. I’m still figuring out, and I will keep on figuring it out.

But as CISO, you're not just a security geek. You’re a security geek that people need and want to follow.

So lead.