Cybersecurity guide

The three types of CISO in today’s organizations

The future of the CISO

Many companies have taken the step of having the CISO report to the board. Regardless of the reporting chain, however, the nature of the CISO’s role is something that must evolve.

The three types of CISO in today’s organizations

For a CISO, the ability to be in sync with the wider business, and to communicate effectively to it, is vital.

Broadly speaking we encounter three types of CISOs today:

the-deep-tech-CISO

The deep-tech CISO

The super specialist

Perhaps the most frequently encountered remains the cybersecurity expert that has risen through the ranks of the organization’s IT team, acquiring an increasingly specialized skillset. These people are steeped in cybersecurity tech, ans in possession of invaluable security knowledge the business definitely needs, however this specialism may also serve to have isolated them from the wider business narrative.

the-business-facing-CISO

The business-facing CISO

The super specialist

Our second CISO is one that has also come up through the IT ranks but has successfully established a deeper connection to those wider business needs and narratives. However technical this second CISO type’s background may be, they’ve added to it. Perhaps they’ve had some experience working at the business-IT interface before, or have simply grasped the changing requirements of the role. These are of course better positioned to inform the CIO or even address the board directly.

The-business-CISO

The business CISO

The future of the role

Finally, we have the type that is arguably the most indicative of the future CISO role. These frequently arrive from the business side itself (whether they’re promoted internally or brought in from elsewhere), and view security as a factor inextricably connected to the wider strategic agenda. These tend to be the best equipped to communicate at board-level. If the business has already sought out this type of CISO, it is likely already addressing cybersecurity at the board level. A CIO that seeks out a CISO with this outlook can only strengthen their hand.

ebook

Get the full insight. Read our guide for CISOs & CIOs

Whether you’re a CIO or a CISO, you would undoubtedly kike to see your organization embrace a stronger security culture. Every business today, after all, is entirely dependent on its software: a serious breach can bring your organization to a grinding halt. Read this free guide to find out five simple cultural changes that will make your company more secure.

Read More
Related Content

Case Study

Tachyon: Bridging the IT Security/Operations divide

Forward-thinking Director of End User Computing Rob Peterscheck – responsible for 126,000 end users at a major global healthcare company – discusses the security challenges that come with digital transformation.

On-demand Webinar

Improving the Incident Response Function: SANS 2018 Incident Response Survey Results Part 2

Incident responders are catching and remediating threats faster than ever, according to past SANS surveys. Much of their success can be attributed to improving technologies, such as threat intelligence--73 percent of respondents to last year's survey said they were using…

On-demand Webinar

How Are You Responding to Threats: SANS 2018 Incident Response Survey Results Part 1

What new and continuing threats are responders uncovering in investigations, and how are they dealing with those threats? This webcast will release results from the SANS 2018 Incident Response Survey, developed by Matt Bromiley, SANS Digital Forensics and Incident Response…

Share this post

Share this post on your favourite social media platform.

Find this resource useful?

If so please click here

About 1E

Cyber security is critical. One breach could destroy your organization’s reputation and cost millions of dollars. We take that threat seriously. 1E gives you unprecedented control and visibility over your entire IT estate, delivered at speed and at scale. 1 in 4 of the Top 100 companies by market capital are active 1E customers: we’re working towards a world of proactive cyber security, a world where CIOs and CISOs work together to ensure that no threat can bring down their systems.