How to Find the Right CISO
Great CISOs are in short supply, so choose wisely. Here are five ways to make sure you've made the right pick.
The artificial intelligence (AI) investment cycle we are currently in will drive new levels of cybersecurity risk in pretty much every organization, making the cybersecurity chief a CEO's most important current hire. Great chief information security officers (CISOs) — who blend technical, strategic, board-level communication, and leadership skills — are in high demand and short supply, and with technology constantly changing, the cybersecurity skill set is changing, too.
Attracting the Best
How do CEOs, their executive teams, and their HR partners attract the best of the market? Here are a few ways.
1. Level and structure the role appropriately: If security — of enterprise data, customer information, or data right in the product itself — is so critical to your organization that one mishap can have a major impact on your revenues, then give the role some teeth. Don't bury it under IT operations, where you will attract a technologist, not a leader. Either have the CISO report to the chief information officer (who, in turn, should be reporting to the CEO given the critically of technology to your business) or make the CISO a CIO peer. If your security risk is less life threatening, and your CIO has depth in security, you can consider moving them down a layer. Is the CISO responsible for enterprise security or product security or both? Will the CISO have a small matrixed organization or a larger dedicated team? While the right CISO will help you answer some of the questions, the more thoughtful you’ve been about these questions ahead of time, the better.
About the Author
You May Also Like