Chief Information Security Officer – how do we identify a CISO?

With the closing of 2021 the ISC2 London Chapter December event focused on the role of a CISO. 

It was quickly apparent that the expectations of a CISO are vast, and the role varied between organisations.  Tim Holman’s (2|Sec) presentation questioned the skills and qualifications that were truly required for a CISO role.  In conclusion the CISO role was more of an advisory role across the different business units without necessarily ownership of the business function.

Rich Williamson (Stanton House) recommended employers list their top 3 or 4 requirements when recruiting.

During the panel discussion Matt B. (Lloyd’s) highlighted mentorship and personal development- what is your five-year plan?  Jon Herd (Paddle) recommended the Institute of Directors (IoD) course NED.  The CISO role is still evolving, and Liz Banbury (Hiscox) mentioned the role had matured.

What stands out is the need to communicate with different business groups with the ability to convey ideas, focus procurement decisions and inspire a security mindset.

Finally, thank you Andy Green from Gemserv for hosting the event and the fantastic attendees . We look forward to seeing everyone in the new year.

Who is a CISO? Launch Slideshow

For everyone taking time over the festive period the InfoSecurity Professional Magazine, Nov/Dec 2021 issue, has been published. Featuring Zero Trust, Healthcare security and Grief  and Incident Response.