How CISOs become business leaders

Security leaders need to master marketing, HR, business lingo and more to really help lead their organizations, says William Hill’s group CISO.

What’s the difference between a company that has a CISO and one where the IT security manager is the highest ranked security professional? Some might say a CISO has a broader range of responsibilities, but the real answer is leadership.

A recent ESG study found that communication and leadership skills were the two most important qualities of a successful CISO. Technical acumen was far less important in the eyes of the respondents than the ability to get the right messages across.

If the CISO being a peer of the CIO is going to ever become the norm –  just 12% of UK CIOs say that the CISO is their peer within their organization – security professionals need to learn skills beyond the security function and how to be business leaders.

CISO need to consider the goals of the business, too

While you often hear about the concept of the security function becoming an enabler instead of a cost center or barrier, Killian Faughnan, group CISO for UK betting firm William Hill, says the role of the CISO is rarely the business leader or enabler the industry wants it to be. “We spend our time talking about being business leaders. It's probably the most repeated phrase you come across: Security people need to business leaders,” he says

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!