Things to consider when hiring your next CISO
For many companies, finding and securing a topnotch chief information security officer may be their most important hire. With all the cybersecurity calamities making front-page news, many companies are looking for better ways to protect their organization and its data. The big question of 2017 being voiced in many boardrooms across the country is – what are the right skill sets needed when hiring the ideal information security leader?
Back in the day when the industry need was just beginning to evolve, early information security officers dealt mainly with hands-on tactical issues like securing firewalls, regulating access controls and applying AV. Today, however, the CISO role and department is now seen as more important than ever. With data breaches costing millions of dollars on average in clean-up, fines and stakeholders lost, the CISO’s role is the key component is combating these risks.
Key skills of a future successful CISO
An ideal CISO candidate should have a combination of business and technical skills that can easily adapt and work with both IT and executive management. A successful hire will have the experience and ability to effectively translate complex technical challenges and strategies into related business terms for each company department. The following is a list of must have qualifications for any CISO candidate.
One key personality trait of any successful CISO is the ability to intelligently articulate a strategy or a feeling in a clear and appropriate manner. Couple that with great listening skills and you will have yourself an excellent hire. Since many CISO candidates deal with mainly numbers, hiring one that can also effectively communicate with people is an ideal situation.
An effective CISO will use data to present a comprehensible and compelling argument to continuously prove their effectiveness to leadership. They will go the extra mile to understand what the data means so they can balance the risks and rewards. An ultimate hire will have experience using indisputable data to help their department improve and grow while also evaluating the company’s overall security program.
While technical expertise is something that a CISO candidate has always needed, the level of knowledge that will differentiate senior information security leader candidates from their counterparts is ever increasing. Companies are becoming more reliant than ever on technology to enhance their business and the CISO hire will be the required to grow their technical awareness constantly. With that in mind, the key component in establishing credibility with leadership will be maintaining up to date with the latest industry trends.
When starting the hiring process, you must remember building a partnership with the business, and determining the strategy to protect that business, is the fundamental objective of the CISO. The technical skills and expertise within the organization will then flow from there.
What is your experience in hiring a CISO? Are there other qualities to consider that we didn’t mention? Let us know your thoughts and recommendations below!
