Examining the skills, traits and experiences that make for a top CISO

Register now

It’s not unlikely that future generations will have technological jobs that are inconceivable at this point in time. As society continues to innovate technology, you may be wondering what jobs and careers are available in IT fields. Not only that, but do you have the skills necessary to hold a professional position working with technology?

We know that terms like “cybersecurity” and acronyms like “AI” are intimidating. Most people can understand the gist of such concepts, but what exactly are their implications in our daily lives? Often the sheer complexity of technology deters people from pursuing technical careers, such as data analytics and software development. You’d have to be a math whiz and child protege to succeed in such a convoluted field, right?

Not necessarily. Working in IT requires more than just “being good with computers.” In fact professional roles, such as that of the chief information security officer (or simply, chief security officer), require that you possess interpersonal and leadership skills. While these may be classified as “soft skills” due to intangibility, you can’t become a CISO without them.

Businesses are increasingly dependent on technology for transmitting, recording, and storing essential data. This leads to more frequent and larger scale cyberattacks.

For example, the cyberattack on Target compromised over 41 million payment accounts. It is clear to see how the role of CISOs are becoming vital to the success and security of companies. Here at Varonis, we wanted to discover exactly what it takes to become a CISO. To do this, we analyzed common endorsements and educational backgrounds of CISOs at Fortune 100 companies.

Before we dig into the results of our research, let us explain what a CISO does.

This executive-level position is responsible for the security of the business’s online information. This means that he/she conceptualizes and implements security measures, usually in the form of software, in effort to prevent cyberattacks. Furthermore, the CISO has to work with multiple departments within the company to ensure that everyone is on the same page regarding cybersecurity.

As you might imagine, having the ability to communicate efficiently and effectively is a crucial element in a CISO’s skill set. They have to explain technological jargon to other executives and employees so that the entire business understands the importance of online security. CISOs also have to react to security breaches and maintain the company’s regulatory compliance.

So, what does it take to be a leading CISO?

We found that the most common undergraduate degree is a Bachelor of Science. The most common graduate degrees are Master of Business Administration and Master of Science. Not surprisingly, the most common field of study is Management Information Systems and the most common endorsement on LinkedIn is information security.

While these hard skills are fundamental to a CISO’s job description, there are also indispensable soft skills.

We looked at the human skills of CISOs at five top companies, including Walmart, Amazon, and Apple. Among them leadership and management stand out. CISOs have to lead teams from multiple departments, especially IT, to enforce cybersecurity measures. Not only do they have to manage these teams, but they also have to be able to manage risks. Acting proactively to prevent risks is always ideal, but managing risks retroactively is critical to solving problems.

Finally, don’t depend on one skill, whether it be technical or communicative, to take you to the chief-level of an IT career. Some people are misled in thinking that working with technology is an individual job. Others believe that their winning smile is all that’s necessary.

Excelling in an IT field requires a mix of technical prowess, interpersonal skills and effective management.

Check out our infographic for details on our findings and advice from two leading CISOs!

For reprint and licensing requests for this article, click here.