Veteran cybersecurity recruiter Stephen A. Spagnuolo kicks off an an engaged dialogue around the human capital element and related corporate development trends/issues in the cybersecurity space Credit: Thinkstock “ . . . The ultimate stakes here are of highest order . . . It is essential and imperative that we as a community collectively build an in-depth cybersecurity ecosystem; one that is inter-connected and weaves US commercial and national security and infrastructure protection priorities. We’re at an inflection point where there must be a wholesale new approach to how we think about security and risk management and mitigation at the corporate leadership level, and in particular how we creatively staff those functions. I am thus committed to doing my small part . . .”S. A. Spagnuolo I HMG Strategy CIO Summit of America I Headhunter Panel I ‘Strategic Leadership in a World of Accelerated Change’ I New York NY, Jan. 26 2016Greetings . . .This blog will focus on issues related to digital security officer recruitment challenges and initiatives, and more broadly the prevailing trends in and around cybersecurity from a human capital / talent management perspective. By way of background, I lead the CyberSecurity Recruitment & Leadership Advisory Practice for ZRG Partners, a global executive search and leadership advisory firm.This is a cybersecurity content blog . . . There will be regularly referenced notable “people moves” and their potential impact on the broader cyber ecosystem. Moves such as Michael Fey recently being named President and COO of Symantec, via its acquisition of Blue Coat; Steve Surdu, who formerly led Mandiant’s Professional Services Group, joining Covington’s newly stood up Incident Response Team as senior cybersecurity adviser; and with great anticipation we look forward to the forthcoming announcement on the selection of our nation’s first Federal CISO (word is any day now). To be clear, however, this blog is not intended as an all-inclusive monthly who’s who; nor will it serve as a laundry list of latest breaking news. As blogger, I shall exercise my prerogative to discuss those topics that I find professionally meaningful and relevant. As reader, you will of course exert your right to agree, disagree or simply ignore altogether what I have to say. Hopefully, more often than not folks here will find my musings at least interesting and hopefully provocative. Importantly . . . It’s the dialogue we collectively engage in that counts. As a “get-to-know” primer on who I am, where I come from, and directionally where I’m heading in and around cybersecurity recruiting, I’ll refer to one of my early thought leadership pieces . . . I wrote A Call for a National Cyber Counterinsurgency two years ago. You’ll note that several of the ‘big picture’ line items I advocated for then . . . have since been addressed or are currently under review, including: CISA was signed in to law Wiki CISA; debate is currently ongoing on rolling out US Cyber Command as a stand-alone unified command USNI Senate Debate on US CyberCom; and US-Israeli cyber collaboration has recently been further strengthened and cemented DefenseNews US-Israeli Cyber Pact.Last month, my team and I completed our months long study on the intrinsic force-multiplier qualities that top tier CISOs have in common. Herewith I present ZRG CyberSecurity’s study findings and accompanying report titled Unlocking the DNA of Successful CISOs: What to Look For and What to Avoid. I’m pleased to note our report was published in its entirety in the June 10 edition of The Wall Street Journal – Risk & Compliance Journal How To Make A CISO.I look forward to reporting on a range of headliner topics, including progress on The Administration’s Cybersecurity National Action Plan (CNAP), market trends around consolidation within the sector, notable M&A deals in and around cybersecurity (KKR backs Darktrace) and incremental progress addressing the stark information security threats to our National Grid.Bottom line . . . It is essential that corporate leaders attack their information security challenges with a vigorous risk management/business unit leader mindset. This is where I operate.I look forward to our reconnecting next time around. Let’s keep at it . . .SASThe opinions expressed in this blog are those of S. A. Spagnuolo and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies. Related content opinion A cyber manifesto: cut the dilly-dallying...and let’s get after it! In the wake of the Equifax mega-breach (143 million customers), it's time to shatter a lot of glass and do an immediate institutional paradigm shift. This needs to happen across public-private and private-private digital security threat informat By Stephen Spagnuolo Sep 11, 2017 6 mins Data Breach DLP Software Compliance opinion Security team leadership – the 'X' factor Assessment > advisory > development > mentoring: a practical guide to get from here to there. By Stephen Spagnuolo Jul 05, 2017 6 mins Data and Information Security IT Leadership opinion Emboldening the CISO ecosystem Creating organizational champions to secure the future enterprise By Stephen Spagnuolo Feb 21, 2017 4 mins CSO and CISO RSA Conference Technology Industry opinion A bold approach to fix the cybersecurity staffing deficit A purposely provocative proposal to turbo boost the national cyber leader bench for today . . . and years ahead By Stephen Spagnuolo Jan 24, 2017 5 mins Small and Medium Business Technology Industry Cyberattacks Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe