Lately I have seen a number of new CISOs let go after one year on the job. I became intrigued as to why we are seeing such a high failure rate for new CISOs.I started talking to other CISOs and recruiters that specialize with cybersecurity recruiting and we started to see a pattern. The CISOs were heavy with technology experience, did not align themselves with the business, were not prepared for the C-Suite, and were being recruited by other companies for better opportunity.To back this claim, a recent ThreatTrack survey stated that 75 percent of the executives in the C-Suite do not think the CISO should have a seat at the table. In addition, 28 percent of executives say a decision by their CISO has hurt their business\u2019 bottom line, according to the 203 C-Level executives that were surveyed.According to Al Lerberg, president of Cyber Security Recruiters,\u00a0\u201cthe CISO must be perceived as a professional who adds value and solves problems, not a\u00a0person who just says "No."\u00a0This can be a difficult transition for a security professional who doesn't have a lot of business savvy or business experience. In this role, it is critical to build relationships at all levels of the organization so they are seen as\u00a0someone who can help the organization accomplish business objectives, not stand in the way of progress or results.\u00a0This can be a difficult tight rope to walk for CISOs and those who can do it really well, will always be in high demand.\u201dLerberg makes some great points as it aligns with a new\u00a0one-day workshop that was launched by Deloitte Cyber Risk Services called the CISO Transition Lab, which was created to help CISOs become successful in their roles. As part of the program, Deloitte did an excellent job highlighting the \u201cFour faces of the Chief Information Security Officer\u201d that define the functions of a CISO:Strategist--Drive business and cyber risk strategy alignment, innovate and investigate transformational change to manage risk through valued investmentsAdviser\u2014Integrate with the business to educate, advise and influence activities with cyber risk implicationsGuardian\u2014Protect business assets by understanding the threat landscape and managing the effectiveness of the cyber risk programTechnologist\u2014Assess and implement security technologies and standards to build organizational capabilitiesDeloitte\u2019s lab findings indicated that on average, CISOs today spend 77 percent of their time as \u201cTechnologists\u201d and \u201cGuardians\u201d on technical aspects of their positions, and that they would like to reduce this time investment to 35 percent. This demonstrates a recognizable shift in Deloitte\u2019s desire to place greater emphasis on the \u201cStrategist\u201d and \u201cAdviser\u201d functions. The common denominator is the CISO needs to align with the business to have a long tenure with a company. If they don\u2019t, they will be joining the ranks of many CISOs shown the door with a one year tenure blemish on their resume. Every hiring manager and recruiter will want to know if the CISO was terminated for poor performance, did not align with the business, or didn\u2019t know how to survive the C-Suite.The aforementioned four CISO categories are well characterized to help balance out a CISO that is typically technology heavy and lacking business experience. Recently, I was speaking with a CISO for a financial services company about how they created a new consulting function within the CISO group to better support the business. The CISO created a consulting arm within their group to strategically support the company as a whole with trusted advisers and have better business partnerships. Coincidentally, this CISO has been in his role for 12 years and he is leveraging the four pillars of success below:Find a mentor\u2014don\u2019t try to figure everything out on your own. A great place to look is your LinkedIn contacts and find experienced CISOs that have been in their position for at least three years. These individuals tend to have solid executive experience and can be a great resource to help you be successful with your own career.Learn your business and how every department works. Everyone you work with will respect you for taking the time to understand their business, the challenges they are faced with and you will find opportunities to help them with common agendas that may be aligned with your agenda. It is a great opportunity to build your brand within your own company and be humble when you meet with the other functional executives. Be likeable. This will pay dividends when you need a favor to push your cybersecurity agenda.Spend more time with your CIO and \u201cwalk a mile\u201d in their shoes. You will start to see why you mostly report into the CIO function and how your decisions have a dramatic impact on the company and the CIO\u2019s agenda. Learn to be an ally with the CIO. I also recommend stop trying to report into the CEO of the company because you have an issue with the reporting structure with the current CIO reporting structure. Get over it, and work with your CIO. This is your most important relationship you will have within your company as the CIO can help your career or break your career within the company. Don\u2019t underestimate the power of the CIO, even if you do report into the CEO.Take the time to read and learn from a variety of business books. You are now swimming with sharks and you need to bring your political \u201cA\u201d game to the table if you expect to be taken seriously and want to survive.Be careful not to \u201coverplay your hand\u201d with a large cybersecurity agenda that creates \u201ccybersecurity exhaustion\u201d that makes the impression your job is to tell everybody else what they are doing wrong in their own jobs. You don\u2019t want to look like the IRS department within your company, because nobody likes working with the IRS.Be the trusted adviser within your company. Your job is to help others, not tell them what they are doing wrong or what they should be doing.Ask for help. Deloitte & Touche, LLP just developed the CISO Transition Lab to help accelerate a CISO\u2019s performance. This is a program that is designed to help you thrive within your business. Also, many universities offer short summer executive programs ranging from one week to a couple months that can expand your current business knowledge of how a business functions. You have to find a way to function within your business and not be the techno geek that wants to protect everything within the company.