How to become a CISO

A CISO typically has a technical information security or IT risk background, but the path that leads to the role can vary greatly. Here’s how one CISO landed his first job in the position.

Jeff Foltz did not set out to be an information security professional. He arrived at his current role as CISO at Fidelity National Financial by making the most of a series of opportunities and constantly building his skillset. His degree in psychology and philosophy would also prove more useful in his CISO job than one might think.

After graduating from Kent State College in 1994, Foltz found himself gravitating toward technology. He began his career in the IT department of a graphic arts and supply company. There he provided technical support, wrote reports and performed systems administration for computing, networking and telecom systems.

ciso cover Thinkstock

Register to download the printable PDF version of this story

“It was a one-stop shop that forced me to multi-task and quickly learn to adapt to challenges. I also needed to be able to speak technically with peers and translate that to customer-friendly messages that could be easily understood,” Foltz says.

At that time, there was little to no “information security” as a discipline because there wasn’t much of a threat landscape. “Connectivity to the internet was just dawning with systems like CompuServ, AOL and dial-up connectivity,” Foltz says. “Viruses were limited in nature.”

In 1996 he accepted a position at a local bank, starting out as a field service LAN administrator whose main responsibility was to support the WAN and branch systems. The bank allowed him to pursue certifications in a variety of vendor platforms to stay current with the evolving technological aspects of business and commerce.

ciso chart 0406 CSO

“I enjoy learning and trying to be a little bit better each day by reaching outside my current comfort zone,” Foltz says. “I learned in college the value of thought and action, and since that time have always followed the philosophy that ‘opportunities present themselves to those who are prepared.’ And as a second-generation Eagle Scout, that motto has served me well in life and as a CISO.”

Over time, the bank purchased other banks and became FirstMerit Bank. During his tenure there, which lasted until 2013, Foltz held a number of positions and responsibilities, eventually becoming the CISO.

“I was fortunate to work for a company that allowed me to build and develop IT skills concurrently,” Foltz says. “I was the administrator for diverse systems such as firewalls, databases, web sites and development. I learned through trial and error the interworking of how each system connected and the strengths and weaknesses of each system.”

As a result, he became a sort of “Renaissance IT man” who was knowledgeable about multiple operating systems, languages, syntaxes and programs.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!