Who wants to be a CISO?

Jean-Christophe Gaillard Jean-Christophe Gaillard
April 23, 2019 IoT & Automation

Talent alienation is the biggest issue behind the cybersecurity management skills gap, but it shouldn’t be the case

Who wants to be a CISO these days? And at which stage in your career should you consider the move? What balance of managerial and technical experience do you need to have? And where do you go from there? (what’s the step after next? … always the most important question in terms of career development)

Those would be valid questions for many executive positions but when it comes to the role of the CISO, they seem to acquire a different meaning.

Let’s evacuate the first two aspects from the start: Cybersecurity has developed a high profile in many organisations over the past few years. Many firms are engaged in transformation programmes in that space, which will require strong leadership, transversal vision and managerial and political acumen from the CISO. The role is no longer a role for a junior technologist, an ex-auditor or life-long consultant. Of course, control-mindedness and a solid understanding of the technical aspects relevant to their industry sector are important, but they must not be seen as the only key aspects.

It’s the “step after next” question which seems to be the dominant factor preventing people from moving into CISO jobs.

Security still carries an image problem, in spite of the high-profile of some recent cyber incidents and the undeniable interest developed by top executives around the topic over the past few years (and the additional layer of emphasis brought in by the GDPR).

It is still seen by many as a highly specialised field and a dead-end, plagued by under-investment and management lip service, where you cannot really achieve anything.

This is becoming wrong on all fronts, in particular in large firms involved in fundamental transformation programmes around cyber security:

Security can no longer be seen as a specialised technical silo. It is a transversal discipline rooted in corporate culture and governance which will take the CISO in contact with IT, business, HR, legal, risk and compliance functions. The digital transformation and the “security and privacy by design” principles coming with GDPR accentuate that trend even further. Only by looking at security in that way can large scale transformation programmes be truly successful.

The under-investment and lip-service era is behind us in many firms: Cyber security is on the Board agenda and “are we spending enough on cyber?” is becoming one of the most common question at that level. And the GDPR brings business-threatening fines of unprecedented proportions which can turn cynical lip-service into an expensive habit. Priorities and resources are shifting towards cyber security, but with those come management expectations and execution responsibilities for the CISO.

As a consequence of the two points above, large scale cyber security transformation programmes can be very complex and very exposed. They are nothing but a dead-end. They are exceptional training grounds and prime areas where ambitious leaders can develop and prove themselves to the Board.

Of course, ambition is required; and realism around the timeframes involved with delivering lasting change: It could take 3 to 5 years – or longer – to turnaround a security practice and that would make it a significant career step for the individual involved, but the role of the transformational CISO has all attributes to attract the best talents, and it is now down to the Board to raise its profile so that it does.

This goes beyond compensation and reporting lines: It is time for role models to emerge to illustrate that the successful transformational CISO is not condemned to hopping from one CISO job to another but can move into CIO, CRO or CDO roles, or indeed any leadership position where strong turnaround skills are required.

  • Experfy Insights

    Top articles, research, podcasts, webinars and more delivered to you monthly.

  • Jean-Christophe Gaillard

    Tags
    Internet of Things
    Leave a Comment
    Next Post
    Building Innovation Into Project management

    Building Innovation Into Project management

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    More in IoT & Automation
    IoT & Automation
    Could the IoT Help End Hunger? Farmers Are Finding Out

    Internet of Things (IoT) gadgets are everywhere. Cars, buildings, roadways, airplanes, home appliances, and other items have tens of billions of sensors, processors, and internet-connected gadgets. IoT devices detect motion, regulate temperature, share and collect data, measure weather, and provide location information, power logistics, and medical research. They also enable self-driving vehicles, to name just

    5 MINUTES READ Continue Reading »
    IoT & Automation
    10 Biggest Opportunities for IoT Innovation in 2021

    IoT is a powerful economic driver. IoT Innovation is actively shaping businesses and consumer trends. Most of the technologies developed before and during the pandemic address the Internet of Things directly or indirectly. From healthcare and retail to automobile and manufacturing, IoT innovations are opening new avenues across industries.  It covers almost every segment of

    8 MINUTES READ Continue Reading »
    IoT & Automation
    10 Things to Consider When Starting an IoT Project

    One of the biggest issues companies face when starting an IoT project is deciding who should be responsible. Should it be the engineering team that is responsible for the core technicalities of the device, or should it be the product management team that is responsible for the end functionalities of the IoT product? Starting on

    8 MINUTES READ Continue Reading »

    About Us

    Incubated in Harvard Innovation Lab, Experfy specializes in pipelining and deploying the world's best AI and engineering talent at breakneck speed, with exceptional focus on quality and compliance. Enterprises and governments also leverage our award-winning SaaS platform to build their own customized future of work solutions such as talent clouds.

    Join Us At

    Contact Us

    1700 West Park Drive, Suite 190
    Westborough, MA 01581

    Email: support@experfy.com

    Toll Free: (844) EXPERFY or
    (844) 397-3739

    © 2022, Experfy Inc. All rights reserved.