CISOs being asked those questions should look beyond the topic itself and face the underlying issues it might be hiding. If the reporting line of the CISO is the oldest ongoing topic of discussion...
Focusing ONLY on tactical firefighting is a major mistake, even in a global pandemic The last twelve month have changed things considerably for the CISO. Cyber security has been centre-stage, and even more now...
The situation the new CISO finds on arrival is often different to what they were expecting, but who’s to blame?
The CISO role has never been more important. The firms that fail at appointing a new CISO are those which rush and push an inexperienced techie in a poorly defined role. Positioning the role accurately in relation to the firm’s objectives around security, thinking it as a senior leadership role, and taking the time to find the right leader are the keys to long-term success.
The role of the CISO in its historical technology-driven perception is not outdated yet, but it is under threat and losing ground. The firms looking to reverse this trend need to act at three levels
Surveys suggest that the average tenure in a CISO position is around 2 years. Nothing will change until the profile of the CISO is raised and they start to see their role over the mid to long-term