Research shows various ways to classify CISOs based on role expectations, strengths and experience – distinctions that matter when it comes to ensuring that security leaders land in jobs where they will succeed.
When executives at a startup asked security leader George Gerchow to advise them on selecting a CISO, Gerchow recommended finding a security chief who had the skills to scale a security program, handle an incident, and engage with customers.
The company instead hired a highly technical CISO, one who worked like the hands-on architect Gerchow had been but lacked the leadership skills that were needed to calm clients when a security event eventually occurred. That skills deficit left the CEO scrambling to fill the void and customers feeling dissatisfied.
The story shows that the CISO was the wrong type for the role, says Gerchow, faculty at IANS Research and interim CISO/head of trust at MongoDB. The anecdote and Gerchow’s observations highlight the idea that leaders — including business executives broadly and CISOs in particular — can be classified into different types.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
