The emerging role of the CISO

Against a background of board-level concern for cybersecurity, organizations are seeking to ensure the protection of their information assets and minimize the risk of a cybersecurity attack. These objectives place two particular demands on organizations: to appoint a suitable official to head up the...

Full description

Saved in:
Bibliographic Details
Published in:Business horizons 2016-11, Vol.59 (6), p.585-591
Main Authors: Hooper, Val, McKissack, Jeremy
Format: Article
Language:English
Subjects:
CISO
CISO attributes
CISO job/role
Cybersecurity
Executives
Organization concerns
Organizations
Studies
Citations: Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Against a background of board-level concern for cybersecurity, organizations are seeking to ensure the protection of their information assets and minimize the risk of a cybersecurity attack. These objectives place two particular demands on organizations: to appoint a suitable official to head up their information security operations, a CISO; and to ensure that the executive and board are appropriately informed of the organization's security status. In exploring the challenges that confront organizations in selecting a CISO, we drew on data from the U.S., Canada, and New Zealand. Two main issues were addressed. First, the organization has to be very clear on what it wants in terms of the job the CISO is expected to perform and the corresponding attributes that such an incumbent would need to possess. The CISO is a senior-level executive and rather than being a specialized technical expert, the CISO should be an excellent communicator. This will help address the second issue, which is how effectively the CISO can communicate with the board. Some suggestions are provided that serve to aid both effectiveness and efficiency. However, organizations need to embrace their concern about cybersecurity and build it into their selection criteria for board members.
ISSN:0007-6813
1873-6068
DOI:10.1016/j.bushor.2016.07.004