Premium Content

Access "Chief information security officer skills go beyond customary technical roles "

Matthew Todd Published: 27 Nov 2012

Recently, I was asked to consider the question, “Do CISOs need to be techies at heart?” Having become a CISO after a history of technical roles, I could see why one might think the answer was a very clear “yes,” and yet I feel very strongly that the answer is “no.” A CISO should be able to rely on a solid team to handle the “techie” stuff; if a CISO spends too much time in the weeds, he will miss the broader picture. Especially in a small- to medium-sized business, a CISO needs to be much more than just a techie—really, a good CISO should be a jack-of-all-trades, and nearly a master of most. Information is the heart of any business, so a CISO is very nearly the same as the chief risk officer, especially at a smaller firm. A good CISO needs to understand the risks to the organization beyond the traditional IT risks, and be able to articulate how the IT controls fit within the framework of the business. He needs to be a good executive, and be able to weigh the risks of business objectives vs. IT controls to help the company make the right tradeoffs. He needs ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Strategies for a successful data protection program
    data_protection_2014.png
    E-Handbook

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two
    ISM_supp_1014.png
    E-Zine

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn't
    security_auto-pilot.png
    E-Handbook

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...