The typical Chief Information Security Officer has a unique set of skills and experiences that allow them to adapt to almost any corporate culture. In order to get the most out of your relationship with your CISO, it will be helpful for you to understand what makes them tick.
Mentality and skill sets
CISOs are usually good communicators with strong analytical capabilities. They can creatively think outside the box, systematically implement cyber security controls, and assess the most dangerous cyber threats. They offer organizations a big-picture perspective of the most current threats across multiple industries. As subject matter experts, experienced CISO's are driven by continuous learning and improvement. They are also team players and excel at building teams to solve problems and achieve collaborative wins.
Backgrounds and career paths
A well-rounded cybersecurity leader speaks the languages of risk, business, and technology. They have to speak in terms that resonate with, and are understood by, the C-suite and board of directors. They can generally adapt and adjust to a wide range of business environments and cultures. The typical career path of a CISO is unlike most traditional careers. CISO's come from a variety of backgrounds including: Enterprise risk, IT, Law Enforcement, Privacy, and the military.
When selecting your CISO, you should look for someone who is not only productive, but who is also flexible and able to adapt to difficult situations. Flexibility and independence are important to CISOs, and they prefer to have a variety of locations and environments to work in. Unlike your typical 9:00–5:00 employee, a CISO generally prefers the ability to work off-site and be free to choose their own working hours. Security is a business function that touches everyone and everything in the company. At the end of the day, the CISO is responsible for making things work and accountable to the organization to do what needs to be done.
If you can show your CISO that you understand their unique makeup and mentality, they will be deeply appreciative and effective in their role in your organization. If you can provide them with the right conditions to flourish, they will be a tremendous asset for you.
To learn more about building and enhancing your own leadership skills, attend the CISO Leadership Summit at InfoSec World 2018 in Orlando, Florida on March 18, 2018.