So you want
to be a CISO?
The role of the CISO is one that many aspire to and for good reason, possibly the penultimate role in the security professionals career offers the opportunity to lead on the very necessary task of keeping organizations, staff, stake holders and clients safe against the ever-increasing threats and breaches we too often hear about in the news.
Having just completed an in-depth study of the role for my book ‘CISO Defenders of The Cyber Realm’ where you will find interviews with the people doing the job day in and day out, as well as hearing from those that they seek to defend against. My own path to CISO started from a career in the military and from there over the past 30 years has included roles across industry and sectors.
As founder of the Ascot Barclay Cyber Security Group and the International Operational Technology Security Association (IOTSA) my chosen path was through a more entrepreneurial route providing a Global CISO As-a-Service offering to international companies, today my portfolio is diverse and includes smaller niche firms operating in the area of Critical Infrastructures in the Energy sector through to a household know brand with around 6 million representatives across 100 countries and generating revenues in the $billions, and a global manufacturing firm linked to the Automotive industry as well as government and financial services clients.
I also enjoy working with Academia and as one of the founders of the National MBA in Cyber Security. Today I’m working with Cranfield University on some new and exciting developments aimed at enhancing skills and competencies for engineers operating in the area of Operational Technology (OT) Security, still a much under mined and over exposed area of risk.
So in short the CISO role has been described as one that requires a lot of courage, tenacity, people and executive skills over and above good technical comprehension and an ability to really understand the business you represent, as a critical factors. Cybersecurity is not a function of IT, really it is at the heart of managing a much wider portfolio of risk across an enterprise.
From all the peers I have spoken to over the years most will tell you that being a CISO is highly rewarding but It is not a role for the faint of heart or those that are not prepared to dedicate themselves to lifelong learning as every day can be a lesson in something new. The ability to communicate with executives as well as technicians, to lead though ambiguity in order to help organisations change and transition often from a low level of maturity with high risk exposure to one where risks are identified, managed and mitigated with in defined budgets is a key to success in many CISO positions.
It is a great role but do your homework, if you can talk yourself out of it do so, if you can’t then you might just have what it takes to join the CISO ranks.
Mike Loginov C|CISO
CEO, Author and Global CISO