As individuals and businesses are increasingly dependent on technology for moving and storing data, the role of the CISO is becoming more vital to companies of all types on a global scale. The CISO, or Chief Information Security Officer, is tasked with developing and implementing cybersecurity. He/she works to predict, prevent, and react to cyber threats.
In order to do this, CISOs train multiple departments on digital security. This means that a CISO needs to have more than just technical knowledge. Some information technology workers can get by with minimal communicative abilities. This is not the case for the CISO.
Aside from being an executive-level role, the CISO’s position is unique in that it requires interpersonal skills in addition to technical ability. They have to be able to convey complex technological concepts and jargon in a way that employees outside of the IT department can understand. Additionally, teamwork and leadership skills are necessary as CISOs have to unite multiple aspects of the business into one secure, digital front.
If the business’s online databases are analogous to a battlefield, hackers could be considered the spies. They are usually undetectable and slip in right under your nose. Hacking through multiple layers of secure data can take time, such as going undercover to build reputation and gain intel. It is the CISO’s job to find and inhibit these spies.
Data breaches are like spies getting inside the city walls, castle, etc. Once broken in, confidential intel is readily available. The not-so-secure data can be used to hurt the business and its employees. Furthermore, the business might have to pay a settlement to remedy any customers affected by the attack.
About five years ago, Target famously suffered a cyber attack resulting in the largest settlement ever for a data breach. About 41 million customer payment card accounts were affected and over 60 million Target shoppers’ contact information was compromised. Target’s multistate settlement landed at a whopping $18.5 million. This is an unfortunate, yet pivotal event showcasing the importance of CISOs.
Because cyberattacks are augmented by technological advancement, CISOs are working harder than ever to diversify their skill sets and maintain the integrity of their company’s online data. Sophisticated technology is easily available to many people, thus leading to increases in cyber attacks. Organizations now understand the need to put cybersecurity at the forefront of their business plans, and they’re relying on CISOs to do it.
What does it take to become a leading CISO?
In order to find out, Varonis analyzed the LinkedIn profiles of CISOs at Fortune 100 companies. They found similarities between their endorsements and educational backgrounds to gauge what’s need to become a CISO. Jump to the infographic below for details.
They found that New York, Texas, and California are the three top states where Fortune 100 CISOs work. Unsurprisingly, more than half of CISO’s received a Bachelor of Science degree compared to other undergraduate degrees. Of those that received graduate degrees, Master of Business Administration and Master of Science are the most popular degrees.
The most common fields of study are management information systems (MIS), engineering, business, computer sciences, and economics. The most common endorsements were in, naturally, information security and security. Leadership and information security management are also commonly endorsed.
Looking to become the next leading CISO? Check out the infographic below featuring CISOs at top companies such as Walmart and Apple. Analyze their types of skills to see if any of them line up with your abilities or interests. Furthermore, Varonis provided useful advice from Deborah Wheeler, CISO of Delta Airlines, and Stephen Schmidt, CISO of Amazon.