Ten years ago, CISOs job was technical and limited to maintaining an updated software and hardware.

However, the role that CISOs fill today has significantly changed. CISOs should not only understand the technical side of cyber-security; in fact they must equally understand risk management and how both disciplines impact their organization’s ability to successfully conduct business.

Leading companies are now recognizing that cyber-security is a board-room priority. They have started to realize that through their CISO they can quickly respond and recover from cyber incidents. Without a CISO, companies limit themselves from being able to fully recover from a cyber-incident without great cost and potentially open themselves to legal repercussions that may have long lasting effects on their ability to operate. 

The challenges facing today’s CISO have also changed due to the emergence of new technologies and transformation in the threat landscape. As a result, CISOs are educating themselves on new, innovative security architectures, frameworks and understanding compliance regulations to reduce their organization’s exposure to risk.

As the role of today’s CISO evolves, so have the skills required for this position. The role of today’s CISO requires new skills such as risk management, innovation, human networking, and building cross-organizational relationships. He must be able to define his Cyber-security strategy to the organization, explain the business value of that strategy and secure leadership support to implement it.