• United States




Digital security officer recruitment challenges and victories on the cyber battlefield

Jul 26, 20164 mins
Advanced Persistent ThreatsCloud SecurityCritical Infrastructure

Veteran cybersecurity recruiter Stephen A. Spagnuolo kicks off an an engaged dialogue around the human capital element and related corporate development trends/issues in the cybersecurity space

Credit: Thinkstock

“ . . . The ultimate stakes here are of highest order . . . It is essential and imperative that we as a community collectively build an in-depth cybersecurity ecosystem; one that is inter-connected and weaves US commercial and national security and infrastructure protection priorities. We’re at an inflection point where there must be a wholesale new approach to how we think about security and risk management and mitigation at the corporate leadership level, and in particular how we creatively staff those functions. I am thus committed to doing my small part . . .”

S. A. Spagnuolo I HMG Strategy CIO Summit of America I Headhunter Panel I ‘Strategic Leadership in a World of Accelerated Change’ I New York NY, Jan. 26 2016

Greetings . . .

This blog will focus on issues related to digital security officer recruitment challenges and initiatives, and more broadly the prevailing trends in and around cybersecurity from a human capital / talent management perspective. 

By way of background, I lead the CyberSecurity Recruitment & Leadership Advisory Practice for ZRG Partners, a global executive search and leadership advisory firm.

This is a cybersecurity content blog . . . There will be regularly referenced notable “people moves” and their potential impact on the broader cyber ecosystem. Moves such as Michael Fey recently being named President and COO of Symantec, via its acquisition of Blue Coat; Steve Surdu, who formerly led Mandiant’s Professional Services Group, joining Covington’s newly stood up Incident Response Team as senior cybersecurity adviser; and with great anticipation we look forward to the forthcoming announcement on the selection of our nation’s first Federal CISO (word is any day now).  

To be clear, however, this blog is not intended as an all-inclusive monthly who’s who; nor will it serve as a laundry list of latest breaking news. As blogger, I shall exercise my prerogative to discuss those topics that I find professionally meaningful and relevant. As reader, you will of course exert your right to agree, disagree or simply ignore altogether what I have to say. Hopefully, more often than not folks here will find my musings at least interesting and hopefully provocative. Importantly . . . It’s the dialogue we collectively engage in that counts. 

As a “get-to-know” primer on who I am, where I come from, and directionally where I’m heading in and around cybersecurity recruiting, I’ll refer to one of my early thought leadership pieces . . . I wrote A Call for a National Cyber Counterinsurgency two years ago. You’ll note that several of the ‘big picture’ line items I advocated for then . . . have since been addressed or are currently under review, including: CISA was signed in to law Wiki CISA; debate is currently ongoing on rolling out US Cyber Command as a stand-alone unified command USNI Senate Debate on US CyberCom; and US-Israeli cyber collaboration has recently been further strengthened and cemented DefenseNews US-Israeli Cyber Pact.

Last month, my team and I completed our months long study on the intrinsic force-multiplier qualities that top tier CISOs have in common. Herewith I present ZRG CyberSecurity’s study findings and accompanying report titled Unlocking the DNA of Successful CISOs:  What to Look For and What to Avoid. I’m pleased to note our report was published in its entirety in the June 10 edition of The Wall Street Journal – Risk & Compliance Journal How To Make A CISO.

I look forward to reporting on a range of headliner topics, including progress on The Administration’s Cybersecurity National Action Plan (CNAP), market trends around consolidation within the sector, notable M&A deals in and around cybersecurity (KKR backs Darktrace) and incremental progress addressing the stark information security threats to our National Grid.

Bottom line . . . It is essential that corporate leaders attack their information security challenges with a vigorous risk management/business unit leader mindset. This is where I operate.

I look forward to our reconnecting next time around.

Let’s keep at it . . .


The opinions expressed in this blog are those of S. A. Spagnuolo and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.


Stephen Spagnuolo leads the digital security and risk and retained search practices for Quantum Search Partners, an Arlington, VA-based recruiting firm. Stephen has earned a recognized track record of delivering leadership talent and corporate development solutions across cybersecurity, financial services and other industry sectors, ranging from early-stage/startup to emerging growth to mid and large global corporates, banks and consultancies. In so doing, he leverages his deep and extensive network, particularly across the U.S. National Security and Wall Street communities.

Prior to Quantum, Stephen was managing director/cybersecurity practice Leader for ZRG Partners, a global search firm. Previously, he was founder/managing principal of SASearch Advisors, a boutique executive recruiting and advisory firm. Earlier, he was cofounder/head of the Americas for Sheffield Haworth, a London-based global investment banking and financial services recruitment firm. His formative executive search years were with Russell Reynolds Associates in New York, as a member of the global banking and markets practice.

He currently serves as a cybersecurity expert and the on-call cybersecurity headhunter with RANE (Risk Assistance Network + Exchange), and is frequently engaged as guest panelist on cybersecurity recruitment for various executive leadership summits and forums, including HMG Strategy CIO & CISO Summits.

A graduate of the U.S. Naval Academy, Stephen served with distinction as a US Marine Corps infantry officer, having deployed to multiple overseas contingencies.

The opinions expressed in this blog are those of Stephen Spagnuolo and do not necessarily represent those of IDG Communications Inc. or its parent, subsidiary or affiliated companies.

More from this author