Intelligent CISO Issue 12 | Page 65

anticipated support the CISO office is likely to receive. bad news as a stranger. Proper alignment creates familiarity and visibility, which can go a long way when the security budget wheels need greasing or fast, decisive action is required. Equally, it’s also important for senior executives to remember that the CISO is rarely the only casualty of a major security breach. Strong alignment benefits everyone. Agree on a definition of success for both the programme and the CISO. Lacklustre c-suite support and visibility when/where it counts When recruiting a new CISO, companies must be direct and open about the www.intelligentciso.com | Issue 12 They should also provide real visibility into policies and budgets, which doesn’t always happen. Potential CISOs should look at organisational reporting structure for clues as to how security is regarded internally. Often, details such as whether they are expected to report to the leadership team or IT can be strong indicators of the real attitude towards security. After all, a chain is no stronger than its weakest link and without appropriate support from the top, a new CISO will face an uphill battle from the beginning. Also remember that while budget doesn’t equal cooperation, cooperation is essential for positive results – especially from teams that control the deployment of technology and the adoption of controls. For CISOs to succeed in today’s hostile security climate, they must be able to identify and address as many of the potential pitfalls surrounding them as possible, both internally and externally. Doing so helps minimise the chance of unwelcome ‘nasty surprises’, which often only appear at the most inopportune moments. Unfortunately, many CISOs fail to do this, making what’s already a hard and stressful job almost impossible. This article looked at three of the most commonly overlooked pitfalls, all of which can be easily resolved through due diligence and effective communication but if left unchecked can quickly prove a CISO’s undoing. By addressing these challenges head on and leaving nothing to chance, a savvy CISO can quickly find themselves as an outlier in the average tenure statistics. u 65