In cybersecurity, collaboration is essential. With growing complexity in the threat landscape, leaders often find themselves working with parties they may not fully align with—whether internal teams, external stakeholders, or even rival firms.
Adam Kahane’s book Collaborating with the Enemy: How to Work with People You Don’t Agree with or Like or Trust outlines principles for collaborating effectively, especially in challenging environments where trust and agreement are minimal. Kahane’s “stretch collaboration” approach can transform the way cybersecurity leaders address conflicts and turn rivals into partners to meet critical security goals. In this blog, I’ll share my key takeaways.
1. Rethink collaboration as an imperfect necessity
Cybersecurity leaders often face the misconception that effective collaboration means achieving total alignment with all stakeholders. Kahane dispels this myth, suggesting that collaboration isn’t just for like-minded colleagues. Instead, successful collaboration can include rivals and skeptics, as long as both parties share a goal. In cybersecurity, this could mean collaborating with groups whose primary concerns may differ but whose expertise or support is crucial for robust defences.
Application: Collaborate with software engineering teams. Although engineers might prioritise functionality over security, cybersecurity leaders can focus on shared outcomes, like a seamless user experience and system resilience. This approach fosters cooperation, even with differing priorities, leading to secure systems without compromising performance.
Work closely with marketing teams when developing data privacy protocols for customer data. Marketing may prioritise data insights for personalisation, while security values data protection. By collaborating toward shared values—trust and user satisfaction—security leaders can help marketing understand the value of safe data use without positioning it as an obstacle to their objectives.
2. Adapt “stretch collaboration” to move forward amid complexity
Cybersecurity leaders often face rapidly shifting landscapes. Kahane’s concept of “stretch collaboration” encourages moving forward even without certainty or complete control. This method relies on trial and error to identify what works, emphasizing flexibility over rigid planning. For cybersecurity, where new threats arise continuously, this mindset enables leaders to pivot quickly and experiment with new solutions.
Application: In situations where an emerging technology is involved, collaborate with multiple stakeholders to develop security measures incrementally. For example, test foundational data encryption and access control methods first, then gradually expand to other services as you refine policies based on ongoing results.
3. Listen with openness, even amidst conflict
Effective cybersecurity leadership depends on communication across diverse groups. Kahane identifies four modes of listening: presencing, dialoguing, downloading, and debating. The first two modes—presencing and dialoguing—promote empathetic and open communication, crucial for bridging divides. Cybersecurity leaders should move beyond “downloading” (sticking to one’s script) and “debating” (arguing perspectives) to embrace presencing and dialoguing with others, fostering deeper understanding and stronger alliances.
Application: When working on a security project that requires input from multiple departments, prioritise listening to understand concerns across teams, particularly around data privacy, operational efficiency, and risk tolerance. This inclusive approach can lead to more comprehensive security measures that address diverse needs.
4. Embrace experimentation with “holons”
In “stretch collaboration,” participants must recognise “multiple, diverse holons”—unique, whole perspectives that contribute to a larger picture. This means embracing differing ideas that challenge assumptions.
Application: To strengthen defences, initiate pilot projects that incorporate unconventional approaches, such as social psychology. By experimenting with different “holons,” security leaders can identify solutions that may not have been considered in traditional strategies.
5. Engage in “conflict and connection”
Collaboration requires balancing two opposing forces: power (asserting your stance) and love (engaging with others). Kahane describes how Nelson Mandela’s mix of conflict and connection helped South Africa transition peacefully from apartheid. For cybersecurity leaders, understanding when to assert firm security policies and when to make connections with opposing perspectives is key.
Application: When facing resistance to new cybersecurity policies, assert the essential security requirements while engaging departments in a dialogue about implementation. This approach allows teams to see the value of security measures without feeling that they are being imposed unilaterally.
6. Change starts from within
Kahane emphasises that effective collaboration isn’t about changing others but changing oneself. Cybersecurity leaders must recognise when their approaches may be contributing to deadlocks and be willing to adjust their behaviour to foster progress. This could involve moving from a controlling stance to a more flexible, empathetic one, especially when dealing with teams skeptical about cybersecurity changes.
Application: If a project has stalled due to internal disagreements, cybersecurity leaders can model adaptability, showing a willingness to adjust strategies and engage with team concerns. This approach builds trust, which is essential in collaborative cybersecurity efforts.
Kahane’s “stretch collaboration” method provides a roadmap for handling the inevitable friction that comes with working in cybersecurity. By focusing on co-creation rather than control, cybersecurity leaders can harness collective expertise across departments and partners, transforming tensions into opportunities for stronger security postures.
Cyber Security Leadership 