How great IT security leaders succeed

Forrester identifies some surprising attributes that make for the best-performing CISOs

As the threat of attack, both external and internal, continues to take root and as data-handling regulations continue to proliferate, the role of a chief information security officer appears to be growing more complex by the day. Many CISOs are doing an admirable job of stemming the tide of data loss and keeping their heads above water around compliance. But some IT security leaders are doing it better than the rest, according to a recent Forrester Research report, which has identified several characteristics that make these top CISOs more successful than their peers.

Beyond predictable recommendations such as having a close relationship with their employer's business leaders and making security a pervasive issue across their entire organizations, several unexpected practices arose during Forrester's discussions with users, vendors, and regulators.

A moral compass is the key to success

The top finding was that truly effective CISOs must have a strong moral compass that allows them to lead as much by example as they command respect via mandate. "CISOs are expected to have a certain level of technical skill, but the character of the person really drives a lot of the success that they might have in this position," said Khalid Kark, a Forrester analyst and the report's chief author.

"Having the integrity, the visibility, and letting people know that you as an individual will always do the right thing is of great importance when you are being trusted to protect a lot of sensitive information." Other C-level executives may be able to get away with taking sides in corporate standoffs or going behind people's backs to accomplish their goals, but CISOs who expect to garner the level of respect needed to carry out their jobs most effectively must emit a persona of undeniable trustworthiness.

"Before doing the research, I wouldn't have guessed how important this aspect might have been, even having managed security operations myself," said Kark. "But it became clear that this is a characteristic that many people really value in a CISO. One of the issues that these executives face is that it takes time to build trust, and if you have that [moral] compass where you instinctively know what [is right] to do, you can achieve that [trust] in a shorter timeframe."

Also important to gaining that trust and executive buy-in is an ability to work with "the corporate psyche," as well as balancing the CISO position's political and policing roles.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?