Leadership and communication skills top the list of what's needed to s쳮d as a CISO, while technical skills aren’t nearly as important. Credit: Getty Images The chief information security officer (CISO) role has evolved over the past few years from tactical IT manager to strategic business executive. Given this transition, what qualities are most important for making CISOs successful?To answer this question, I went back to the data from last year’s research report from ESG and the information systems security association (ISSA). I then cut the data by respondent’s role to understand what CISOs think is most important. (Note: I am employee of ESG.)The data reveals that:54% of CISOs believe CISO success depends upon leadership skills. In this case, CISOs must lead their organization by educating them on cyber-risk, creating a tailored awareness training program, and establishing a cybersecurity culture from top to bottom.49% of CISOs believe CISO success depends upon communications skills. CISOs must be able to articulate “in the weeds” topics such as software vulnerabilities, threat intelligence, and encryption in a way that business folks can internalize, poke at, and take action upon. Furthermore, CISOs interface with a wide range of constituencies – legal, HR, law enforcement, auditors, partners, etc. The gift of gab is certainly useful here. 44% of CISOs believe CISO success depends upon a strong relationship with business executives. If the business people are active, engaged, and treat the CISO as an equal, CISOs have the right foundation for success. If this is not the case, CISOs tend to find greener pastures. 33% of CISOs believe CISO success depends upon management skills. I’m a bit surprised that this is further down the list, but my guess is that managing the security staff is often delegated to direct reports, while CISOs focus on risk management and working with business executives.21% of CISOs believe CISO success depends upon technical skills. This metric alone really demonstrates how much the CISO position has changed over the past few years. In the old days, CISOs tended to work their way up through IT and cybersecurity departments before assuming oversight of antivirus software, firewalls, and meeting regulatory compliance mandates. Now, CISOs lean much more heavily toward the business.A few closing comments: CISO success varies greatly based upon the size of an organization and the size of the security staff. The smaller the organization, the more hands-on the CISO.I’ve noticed that successful CISOs tend to have strong working relationships with CIOs. In fact, it is often difficult to know where IT ends and cybersecurity begins. Embedding security skills into IT teams seems like an especially useful model.The absolute key to CISO success rests on the executive team. Their attitude and actions tend to make or break CISOs. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe