Talent alienation is the biggest issue behind the cybersecurity management skills gap, but it shouldn’t be the case
Way beyond the justification of ad-hoc investments and pet-projects for the CISO, metrics have to be at the heart of the sound security practice, but they must be focused on tracking progress in time in support of a long-term transformative vision.
With regards to many other C-level roles, the Chief Information Security Officer (CISO) position is a fairly recent creation for many organisations. Although it started to emerge over 15 years ago, it has been spurred further recently by growing concerns over cybersecurity and highly publicized data breaches. Figuring out its right place within organisations is still quite a hot debate between management and security experts
The role of the CISO in its historical technology-driven perception is not outdated yet, but it is under threat and losing ground. The firms looking to reverse this trend need to act at three levels