- Expert Insights
The New Breed of CISO – What Companies are Looking for Post COVID-19
When I founded Alta Associates nearly thirty-five years ago, cybersecurity was not as ubiquitous as it is today – it wasn’t even a stand-alone career. Alta built our first cybersecurity team in 1994, and we’ve become subject matter experts through over two decades of advising executives, placing CISOs, and building world-class teams.
Before COVID -19, we were already seeing a preponderance of our clients seeking CISOs who could help them move to the cloud. Today, all of the companies we are working with have found their pace to digital transformation accelerated, their attack surface exponentially increased, and their workforce rapidly deployed remotely. Every company is going through a digital transformation, regardless of how well it planned for it or if it was part of its prior corporate business objectives.
The demand for forward-thinking, highly skilled, and savvy CISOs remains a top priority. Hiring managers tell us that although they may be laying off employees in other areas, they are hiring cybersecurity executives because they realize that cybersecurity has never been more critical during this unprecedented reliance on digital services.
As we launch CISO searches in this pandemic that influenced the world, the conversations we have with the CIOs, CROs, and business leaders who are hiring them are shifting.
Here are 5 recurring themes we are hearing from those leaders hiring cybersecurity executives.
1. Thinking Outside the Box
Digital innovation in today’s current cybersecurity ecosystem requires security professionals to reestablish their security standards and models. Since transformation itself is inevitable, it is the CISOs job to focus on the appropriate security controls to maximize protection while ensuring its success. This requires building a team that understands that security supports the business and can collaborate with stakeholders. When done correctly, cybersecurity is an enabler and market differentiator.
2. Cloud Usage
CISOs are being called upon to provide proactive perspectives on transformational initiatives. The role requires them to identify emerging risks and offer security recommendations that match the changing risk landscape. They must also partner with the CIO, CRO, COO and other Department Heads proactively to assess and select technologies that contribute to this new vision. CISOs must be capable of engaging earlier, more frequently, and seamlessly with the digital transformation team to insert security into the process proactively.
3. Attracting and Retaining Great Talent
Surveys, such as a recent one conducted by CSO, point to a shortage of cybersecurity skills as the number one concern of over half the respondents. Organizations struggle to find and retain high-level expertise, given the high demand for a limited top talent pool. In these unprecedented times, companies need to re-evaluate their hiring practices and recruiting partners to ensure they are sourcing the best and most diverse candidates. As fewer people are willing to change jobs or relocate during the pandemic, companies must consider new ways of engaging and attracting qualified candidates. That means as much as companies like to utilize their internal recruiting department, now is the time to turn to experts to fill your high priority roles. As a leader, you are no longer judged by your capabilities, but by those on your team. Building a strong team is essential to your success, so take control of the hiring process. There’s a great advantage to partnering with a specialized search firm who can give you knowledgeable advice, reach out to industry experts, and fill your role in record time because of their trusted relationships and reputation.
4. Risk Management Balancing Act
As a security professional, it is imperative to find the right balance of security and innovation during digitalization. Understanding and articulating the upsides of digital transformation and the risks of accelerating a new technology-driven business model are crucial to maximizing success. Additionally, presenting the data and privacy concerns at the executive level allows for necessary conversations to happen before implementing certain aspects of digitalization and ensuring that the C-Suite and Board are on the same page.
5. Leadership, Leadership, Leadership
Now more than ever, companies focus on real leadership skills. The new breed of CISO they are searching for is agile and adaptable and can create consensus while simultaneously having the conviction and gravitas to hold firm on critical decisions to the corporation’s security. Most importantly, CISOs must be able to inspire their staff to build and retain a world-class organization that will help them achieve their goals.
All transformation starts with people who can lead and inspire others to be transformed. A breed of CISO capable of possessing the above traits will help drive their company’s digital transformation at today’s accelerated pace. Many companies have engaged Alta to search for a CISO that adds value to their digital transformation projects by maximizing security and mitigating risk while allowing the business to take the necessary steps to transform. I’m confident that these skills will continue to be highly sought-after. Companies will need to change their traditional recruiting processes and partners to attract the best of breed CISOs.