Intelligent CIO Kuwait Issue 5 | Page 11

LATEST INTELLIGENCE Then many CISOs have to interact not only with their internal teams on technical matters, but also with the board of directors, journalists, regulators, politicians, customers, vendors, and partners on a wide variety of business level issues. The role of a CISO is certainly not for the faint of heart, but the multifaceted demands of the role are also why many find it so attractive. Perhaps the best part of being a CISO job is change. Every day there is something different going on. The business is developing new products and services with new technologies, the attack techniques the bad guys are employing to hack them are advancing, and at any moment the job might kick in to a higher gear should an incident spring up expectedly. If you’re not learning and teaching every day, you and your team will quickly fall behind. That’s simply the nature of Information Security in general. The major drawback is that a CISO’s contributions are always difficult to quantify and justify in the ultimate language of business – dollars and cents. This is especially true when through skill and hard work, you have everything under control, nothing unexpected has happened, and your value is questioned. There never seems to be a ‘win’ condition; you’re only noticed when failure strikes. If things do go wrong, such as a breach, then you’re the designated “chief scapegoat officer”. And of course everyone around wants to tell you how to do your job. There will always be others trying to convince you of what’s most important and how what your doing isn’t enough.” “Just buy this point solution.” I’m not here for that. I’m here to share some thoughts about ideas for how to think about the role of a CISO, it’s place of importance in the larger world, and what personality traits make for the most successful candidates. n Download whitepapers free from INTELLIGENTCIO 11