Wonder

Log in

Research Outline

Prepared for Daphna M. | Delivered January 17, 2020

Chief Information Security Officers

Goals

To understand how the role of chief information security officers (CISOs) has changed over the last few years in terms of how common the role is (e.g., number of companies), the responsibilities involved, and the experience needed.

Early Findings

  • Companies are “re-defining the roles and responsibilities of CISOs by expanding job criteria to include organizational leadership, business management, and other traditional “soft” skills.”
  • The major change is that the role of CISO is no longer designed to just focus on network security (e.g., traditional security, privacy, and compliance issues) but the soft skill of leadership is highly desired (listed more than twice as often as hard skills).
  • Five cybersecurity CISO priorities for the future include identifying management in a multi-cloud world, protecting assets with encryption and zero trust, the rise of DevSecOps, responding to “alert fatigue”, and educating employees to think like a CISO.
  • Forbes noted that some prominent CISO priorities for 2019 included gaining threat visibility across all platforms, understanding the new perimeter (the cloud and user identifies), nurturing a culture of security, aligning security operations with IT operations, and addressing the risks from inside the firewall.
  • A report that might be of interest, though it is behind a paywall is Fortinet’s “The CISO Ascends From Technologist to Strategic Business Enabler.”
  • In October 2019, it was noted that 38% of Fortune 500 companies did not have a CISO and 77% of the companies make no indication on their websites about who is responsible for their security strategy.

We found some proprietary research from one of our data partners which may be helpful:
  • 1. "Security Advisory Services Market by Service Type (Penetration Testing, Vulnerability Management, Incident Response, Security Risk, Compliance Management, and CISCO Advisory and Support), Organization Size, Vertical, and Region - Global Forecast to 2024" (MarketsandMarkets, $4,950)
  • 2. Section 6.8: Chief Information Security Officer Advisory and Support ($402.50)
If you'd like us to purchase any of these reports on your behalf, just let us know!