As the threat landscape expands and the pace of attacks gets faster , the pace of defence speeds up in tandem , which means there is always something new to learn .

Increasingly so , CISOs are falling into this second category . Against a backdrop of increasingly sophisticated cyberattacks that threaten to impact businesses both financially and reputationally , as well as dealing with a skills gap and talent shortage , this C-suite role has become highly challenging .

Recent headlines have reported on charges levied against SolarWinds and its Chief Information Security Officer , Timothy G . Brown , for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities .

The consequences of an incident could be severe for CISOs today .

Kirsty Paine , Field CTO , Splunk , told Intelligent CISO : “ There is no denying that a role in cybersecurity can be one of the most exciting and diverse out there . As the threat landscape expands and the pace of attacks gets faster , the pace of defence speeds up in tandem , which means there is always something new to learn .

“ However , as cybercriminals become more persistent and workloads increase , the rate of change can also bring challenges . Many organisations , for example , have been impacted by the wake of the Great Resignation , the pressures of increasing digitisation , and the security challenges of remote work , exacerbating the already on-going talent shortage within the industry .”

Splunk ’ s State of Security research supports this assertion . According to the research , 76 % of security leaders globally said their team members had been forced to take on responsibilities they were not ready for in the past year , and 70 % said that the resulting increase in their workload had led them to consider looking for a new role .

“ With two thirds reporting that talent shortages directly led to the failure of one or more projects / initiatives , it ’ s concerning – yet unsurprising – that 73 % say that workers have resigned due to burnout . This churn has a snowball effect , with those workers left taking on extra duties and stress , leading to more resignations ,” Paine said .

“ And at a basic level , stressed workers are unhealthier and often more prone to mistakes . Whichever way you look at it , ‘ CISO stress ’ is very real , and it ’ s bad for our industry . While CISO tenure estimates vary , they ’ re pretty short – from roughly 18 months to 4.5 years – especially when compared to the average for other execs .

“ In terms of working hours ‘ more is not always more ’. ‘ Hours worked per week ’ is not a measure of effectiveness ( and actually has a negative impact once it reaches around 65 hours per week ). And , arguably , no other C-suite exec thinks that being miserable and stressed should be a constant expectation of the job . Who would routinely have the CFO on-call at 3am , for example , and what CFO would routinely accept the call ?”

Niko Mastropaolo , CISO at CCI Global , Africa ’ s leading BPO and customer service outsourcing provider , reiterated the pressure on modern CISOs .

“ Cybersecurity specialists , practitioners and particularly the modern CISO , along with the support resources and complex systems driving InfoSec functions , are undergoing significant changes in an intensely competitive landscape , while maintaining high levels of performance

70 WWW . INTELLIGENTCISO . COM