Access your Pro+ Content below.
Challenging role of CISO presents many opportunities for change
This article is part of the Information Security magazine issue of Insider Edition, October 2017
By its most recent measure, the Ponemon Institute shared research in 2014 that indicated that the average tenure of CISOs is 2.1 years. Why so short? There were two proposed rationales. The "wanderlust theory" held that qualified candidates for the role of CISO were in such high demand, according to Larry Ponemon, chairman and founder of the research group, that they were lured to another company that paid more for the position. Ponemon said some CISOs likely made two or even three jumps to higher-paying positions if they were really qualified. The other theory behind the two-year tenure: When security problems occurred, the affected companies needed someone to blame, which resulted in the CISO's departure. The research data was compiled over several years and based on numerous surveys from mainly U.S. sources. There's not always a CISO on hand to play the scapegoat, though. Ponemon found that in organizations of more than 1,000 employees, 40% had a fully dedicated CISO, 16% had a partially dedicated CISO and 44% had none. The ...
Access this PRO+ Content for Free!
Features in this issue
The CISO job has risen from the trenches of the IT department to a seat at the C-suite decision-makers' table. But time in the spotlight comes with great risk and responsibilities.
With some reports showing incredibly short tenures, new CISOs barely have time to make their mark. The salaries are good; the opportunities for the right skills, unlimited.
Information security managers and venture capitalists weigh in on which digital trends are changing security operations and how IT teams should deal with the fallout.
Columns in this issue
No longer do CISOs hunt for a seat at the decision-maker's table. But with increased recognition of their vital role comes vast responsibilities and need for a big skill set.