Feature

9 Habits of Highly Successful CISOs

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Exclusive: Security salary and careers guide."

Download it now to read this article plus other related content.

Head to toe, what traits would you build into the perfect CISO? Here's our top picks.

@exb

    Requires Free Membership to View

So, who is the perfect CISO? The case could be made for Jack Jones, former CISO of Nationwide Insurance, who was awarded the Excellence in the Field of Security Practices trophy at the RSA Conference 2006 in February.

Jones led nearly 100 infosecurity professionals through various aspects of risk management while at the Fortune 100 company, and succeeded in creating a security policy modeled after ISO 17799.

Jones has been able to bring his strengths to his new role. "Actually, one of the reasons I chose to move on was so that I could apply the lessons I'd learned and the skills I developed at Nationwide to a new environment."

Jones stays humble about his excellence award and the accolades that come with it. But, who does he feel is the perfect CISO? "Not me. That person would need to be a superlative communicator--in all media, with all audiences at all levels inside and outside their organization." Wise words from a true infosecurity winner.

--Amber Plante
@exe

Use Your Head
Try to be pragmatic and a little paranoid at the same time. Think logically and you'll always be one step ahead of the attackers.

Speak Up
Articulation is an undervalued trait. In your own office, clearly enunciate your directives and your staff will follow through.

Stand Tall
Have the courage of your convictions. If you do, your staff will follow you even if your decision is not the most popular choice.

Get a Leg Up
Get your security objectives the attention they deserve. "Have the courage to take unpopular positions, but be open-minded and willing to change," says Jones.

Have Vision
As a leader you need to see the big picture and how security affects business. "See issues through the eyes of others," suggests Jones.

Stick Your Neck Out
Learn when and when not to take risks. "Be a problem solver and facilitator of solutions that meet the organization's objectives," says Jones.

Take Heart
Even when the times are rough and the threats are significant, stay the course with the appropriate amount of urgency and commitment.

Go with Your Gut
Take advice, but in the end make the decisions yours. "Be an educator--always look to advance other peoples' understanding of issues," suggests Jones.

Take a seat
Being able to sit down in the boardroom and translate technology imperatives into business sense will help outline the cost benefits of security to the higher-ups.

Compiled from interviews conducted by Anne Saita, Michael S. Mimoso, Marcia Savage and Kelley Damore, with input from Debby Fry Wilson, Adrienne L. Hall, Rebecca Norlander, Lisa "LJ" Johnson, Suzanne Hall and James Christiansen.

This was first published in July 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: