2015 was a tumultuous year for CISOs. Breaches affecting The Home Depot, Anthem Blue Cross Blue Shield, and T-Mobile dominated the headlines worldwide and left no industry, region, or CISO unscathed. These unfortunate spotlights created a slew of negative infosec publicity along with panicked demands from business leaders and customers alike. How secure are we? Ask the CISO. How did this breach occur? Ask the CISO. Why did this breach occur? Ask the CISO. Could we have prevented it? Ask the CISO. How could we let this happen? Ask the CISO.

Yet, CISOs continue to struggle to gain clout and influence with the rest of the C-suite and sometimes it can feel like a thankless role. There is little recognition when you’re doing your job right, but you face a whirlwind of pain and blame the second something goes wrong. The world’s growing emphasis and focus on cybersecurity should be running parallel with the capabilities and reputation of the CISO. Instead, CISOs see their responsibilities increasing with only modest funding increases, recognition, or support from their fellow colleagues.

Lucky for you, S&R’s favorite British analyst, Martin Whitworth, is a CISO and infosec expert. Martin continually writes numerous reports that analyze the evolution of the CISO as well as essentials, best practices, and tricks of the trade for thriving in today’s landscape. Prior to joining Forrester, Martin served as CISO and senior security leader for a number of blue chip organizations, including Coventry Building Society, Steria Group, UK Payments Council, British Energy/EDF Nuclear Generation, and GMAC.

The majority of Martin’s research is highlighted in The S&R Practice Playbook, but we’re calling out his most recent reports below:

◾Creating, maintaining, and enforcing a world-class security strategy is the essential first step for any CISO. However, maintaining these programs so that they directly align to the business proves to be a challenge. Martin addresses these struggles and provides actionable advice in his Six Steps To A Better Security Strategy report.

◾CISOs Need To Add Customer Obsession To Their Job Description. Self explanatory. In this report, Martin articulates how putting your end customers at the forefront will both excel and differentiate your enterprise and skyrocket its success.

◾Outdated information security practices are a danger to both the enterprise and your reputation. Check out Martin’s Evolve To Become The CISO Of 2018 Or Face Extinction to see the future roadmap and necessary actions that will both protect your enterprise and your job security.

◾Escape from the CISO’s traditional low ranking and prove yourself in the boardroom with Martin’s Security Leaders, Earn Your Seat At The Table report. This report will help you achieve the good kind of publicity while creating the positive awareness that the role so desperately needs.

Be sure to stay tuned for Martin’s upcoming Forrester Wave™ on Information Security Consulting Services later this January, as well reports that discuss the fundamentals of the human firewall and dangers that the geopolitical landscape poses to your business later this spring!

(About the author: Stephanie Balaouras is a vice president at research director at Forrester Research serving security and risk professionals. This post originally appeared on her Forrester blog, which can be viewed here).

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access