What’s It Take To Be Tomorrow’s CISO?

Feb 27, 2018 | by Peter Beardmore

What do the cloud, mobile apps, Twitter and chief information security officers (CISOs) have in common? None of these were around 25 years ago, but advances in technology have created capabilities and careers that were inconceivable less than a generation earlier. Today, no business is without a web site, e-commerce is a necessity and even local businesses have apps.

As integral as the internet has become to the life of individuals and businesses, its pervasiveness has also served as an invitation to the criminal element that wants everything from your money to your reputation or your personal information. The result? Impacts that range from minor inconveniences to extinction-events. The role of the cybersecurity professional arose from the need for full-time protection against full-time criminals. It may have started in technology geekdom, but it is rapidly transforming into a legitimate path to the C-Suite.

Tips for CISO Success
We spoke with members of the Security for Business Innovation Council (SBIC), a group of security leaders from global 1000 enterprises, to learn more about the top technology skills necessary to be a successful CISO. It quickly became evident that technology knowledge alone is not sufficient to prepare security professionals for the broader leadership exposure and responsibility that is now theirs for the taking.

Today’s CISOs need to be more strategically savvy and elevate their thinking to be keenly aware of not just how to protect their company, but how to enable business growth, manage risk, and display the traits of leadership that go above and beyond the security realm.

With the staggering number of positions open for anyone wanting to pursue a career in cybersecurity, the good news is that the early CISOs have forged the way for the next generation. If you aspire to a role that weaves together technology acumen, executive strategy skills and leadership opportunities, here are some tips:

Seek Out a Mentor – Companies all have a unique structure and learning environment, and to effectively navigate it, you'll need next-level relationship building skills. Find a mentor, either formally or informally, that can serve as a sounding board for insights and improvements.

Keep Learning – Keep your technology skills up to date, but don’t stop there. More universities are offering cybersecurity degrees, including some that combine classes in law and policy. Several courses and certificates are offered in risk management, a fundamental skill for the modern CISO. Take advantage of opportunities to participate in cybersecurity conferences to share and exchange experiences and best practices. Finally, don’t forget to hone your strategic skills, like effective communication and critical thinking.

Learn to Lead – Not everyone is a born leader, but leadership is a skill that can be developed. Training, practice and experience all play a part in becoming an effective and inspirational leader.

Stay Passionate – Cybersecurity professionals need an "expect the unexpected" mentality. Being passionate about the role and embracing both the thrill and challenge is what keeps SBIC members most excited about their chosen profession.

For a deeper look into the multifaceted role of today's CISO, take a look at the newest SBIC report, “The Evolution and Revolution of the CISO—Today’s skills you need to grow and tomorrow’s skills you need to get.”

Author: Peter Beardmore

Category: RSA Point of View, Blog Post

Keywords: CISO, SBIC