This article can also be found in the Premium Editorial Download "Information Security magazine: Exclusive: Security salary and careers guide."

Download it now to read this article plus other related content.

Execution and leadership: When talking about vision, being able to develop an effective information security plan is only half the battle. CISOs are expected to map out their plan and then execute against it; they are required to understand how to prepare a budget, build an effective staff, make technology selections, report to executive management and solve problems.

Companies expect their leaders to lead. An effective CISO will understand how to get the most out of his dedicated and shared resources. The company will look for the CISO to forge partnerships with peers from other business units, and inspire them to accept--and hopefully embrace--information security. Ideally, the CISO conveys the sense that he is enabling business functions, not restricting them.

Passion: This is another seemingly obvious point, but it is the great differentiator. As a newer discipline, information security isn't always accepted by its peers within the corporate infrastructure. Having a passionate leader often helps alleviate this problem. It's been said many times: Information security is a profession where no one recognizes when you are doing your job well, but everyone notices when you are not.

The CISO carries the biggest bull's-eye, and failure can lead to extreme public embarrassment for both himself and the organization as a whole.

CISOs who can convey passion and conviction on a daily basis are effective in developing the long-term

    Requires Free Membership to View

respect necessary to implement their strategies throughout the company. It is this cross-functional support that will often lead to a more security-conscious organization. These organizations are traditionally the ones that stay out of the headlines.

When we ask information security professionals to list their career goals, becoming a CISO is always high on the list. With the awareness that our industry has received and with increased support from executive management, more information security leadership positions will be created.

And, the number of qualified information security professionals is growing, and competition for these highly sought-after positions will continue to increase. It's more important than ever for CISO candidates to develop the skills listed above--and others--in order to ultimately land and succeed at the job.

This was first published in July 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: