• About
  • Subscribe
  • Contact
Thursday, May 8, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home FutureCISO People CISO strategies

Knowing your CISO: reducing risk and bolstering trust

Jinan Budge by Jinan Budge
November 18, 2024
Photo by Andrea Piacquadio: https://www.pexels.com/photo/formal-man-with-tablet-giving-presentation-in-office-3760093/

Photo by Andrea Piacquadio: https://www.pexels.com/photo/formal-man-with-tablet-giving-presentation-in-office-3760093/

One of the three principles of high-performance IT (HPIT) is to build trust on a foundation of security, privacy, and resilience. As a CIO, executing your strategy will be much easier if you unleash the talent of the person who plays an outsized role in building a trusted business: your chief information security officer (CISO).

Understanding CISO persona

Depending on your HPIT strategy, which recognises that every organisation is unique and that a one-size-fits-all approach to IT doesn’t exist, you will need different things from your CISO. However, you don’t always have the luxury of hiring, or even managing this CISO — in fact, only 33% of security leaders report into technology. Your best bet will be using your CISO’s strengths and complementing their weaknesses. In order to do that, you will need to have a clear understanding of the CISO persona.

Your best bet will be using your CISO’s strengths and complementing their weaknesses.

Jinan Budge
Jinan Budge

What you need to know

My Forrester colleague Chiara Bragato and I dissected the representation, career paths, and tenure of CISOs across the APAC region — in companies that ranked in the top 100 of their respective countries’ stock exchange indexes — in Australia, Singapore, the Philippines, India, and Malaysia. The average APAC CISO has held the job 1.6 times and typically reaches the position over 20 years after earning their bachelor’s degree. Despite their extensive experience, these seasoned professionals still tend to focus on the technical side: Even with decades of expertise, many struggle to secure a spot in the executive suite. For APAC CISOs, we found that:

  • STEM degrees reign supreme. Sixty-nine percent of CISOs with a university bachelor’s degree were trained in science, technology, engineering, or mathematics (STEM). This is significantly higher in India, where all CISOs have STEM undergraduate degrees. It’s significantly lower for Australian CISOs, however, where 10% earned an arts degree and 34% hold a business degree. Only 35% of APAC CISO master’s degrees are MBAs, with the majority focusing on science and tech.
  • The ‘C’ in CISO is “chief” in title only. In APAC, only 16% of companies award their CISO with additional organisational titles such as vice president or director, whereas 55% of those we examined in Fortune 500 CISO career paths hold such recognition. In APAC, the CISO is often given the title without organisational seniority or a seat at the executive table. Not only do execs not always want a techie at their table, but they want a leader, not a practitioner. A deeper dive into CISOs’ certifications showed an enthusiastic acquisition of certs more suited to practitioners than senior execs.
  • APAC women CISOs face a tempered glass ceiling. A lack of gender representation in cybersecurity is not a new challenge. It’s, however, one that needs to be urgently addressed across this region, where women accounted for only 9% of CISOs. The gap widens even more in some countries. For example, only one of 30 CISOs in Malaysia and only one of 20 in India are women. Not only is it difficult for women to attain CISO roles, it’s difficult for them to stay in one. The average APAC male CISO has been in their role 34% longer than their female counterparts.

The average APAC male CISO has been in their role 34% longer than their female counterparts.

Hiring CISOs

When hiring a CISO, the skills you prioritise should align with your HPIT strategy. Each of the four styles of HPIT — enabling, cocreating, amplifying, and transforming — consists of a unique mix of technology, practices, and skills, optimally balanced to drive results for your business. In a transforming mode, you will need to find CISOs who are true business partners, experiential, and who say “yes, and … ” instead of “we can’t.” On the other hand, if you’re in enabling mode, a less senior, tech-focused CISO might already possess the necessary skills. However, in cocreating mode, you may need to enhance their expertise with additional DevSecOps capabilities.

Whatever you do, you can’t bypass the human task of adapting your hiring and leadership skills to the key guardian of trust in your organisation.

Originally posted on Forrester

Related:  AI Health Bot expanded to improve healthcare services
Tags: Artificial Intelligencecybersecuritydigital transformationForrester
Jinan Budge

Jinan Budge

Jinan Budge leads Forrester’s security and risk research in Asia Pacific. Her research focuses on enabling chief information security officers (CISOs) and technology executives to lead a high-performing security organisation and culture. Budge globally leads Forrester’s awareness, behaviour, and culture coverage, using strategic and innovating thinking to shape the market. She is also an advocate for diversity and inclusion in security. Budge focuses on ensuring that cybersecurity teams not only attract but also retain the best talent, and she brings a local and global perspective and cultural lens to her research and practice. Previous Work Experience Budge’s research remains pragmatic, as she recently returned to Forrester after several years as director of cyber strategy at Transport for NSW and a similar role with Qantas Airlines. She has built, stood up, and delivered significant Cyber Transformation strategies across the public and private sectors. She is an experienced people leader and international keynote speaker, and she's passionate around her purpose in the security field. Education Budge holds two bachelor’s degrees in science and commerce from the Australian National University.

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe