Surveys suggest that the average tenure in a CISO position is around 2 years. Nothing will change until the profile of the CISO is raised and they start to see their role over the mid to long-term
The GDPR is not just about Security, but it has been dominating the life of many CISOs since last year. What does that mean in practice for the CISO? and why would a CISO be worried?
There is some form of management reality beyond the “100 days” journalistic cliché: How does an incoming executive make an impact in a new role? What are the real timeframes to look at, and what can be expected and over what horizon? What are the key issues that should raise a red flag during the first few months in a new senior position? and those which can be ignored?
It is strategic execution that is key to protection from cyber threats, and therefore creating the conditions for execution to take place is paramount. Those conditions revolve around trust and closing “trust gaps”.