There’s much more to the CISO role than technology expertise. For some CISO roles, technology expertise is just the price of admission. For others, technology expertise is viewed as a limitation and therefore relegated to direct reports. There is vast ecosystem of cybersecurity solutions and it’s possible (although not practical) to build a defense so impermeable that nothing bad gets in and nothing sensitive leaks out. While that may seem ideal, the business cannot function under these extremes. As a result, a CISO’s strongest skill is business enablement rather than technology expertise. To enable the business, CISOs must manage risk, namely find the fine line between securing the business and letting employees get their work done. CISOs demonstrate value when they strike the right balance. If CISOs can articulate their value in terms of risk mitigation and ROI, they’ll gain a seat at the table.
CISO Street recently sat down at a FutureCon conference with Bryan Kissinger, CISO for Trace3, to explore the many challenges CISOs face in protecting organizations and earning a seat at the senior management table. In this video, Bryan shares his views on the next evolution of CISOs, what he terms “the business minded CISO.”
