TMCnet News
Global CISO Report Identifies Cybersecurity Shortcomings At The Structural, Cultural LevelNEW YORK, Sept. 16, 2021 /PRNewswire/ -- Marlin Hawk—a global executive search and leadership advisory partner—today released the company's second annual Global CISO Research Report, which explores industry trends and insights of CISOs around the world, the challenges they face in a rapidly evolving cybersecurity landscape, as well as their role and place within organizations. The report also analyzes the role of the CISO regarding the short- and long-term impacts of the pandemic, perspectives on diversity, tenure, and succession, as well as the impact of cybersecurity expertise at the board level. It consists of research from CISOs at 400+ of the world's largest companies and direct feedback from Fortune 500 CISOs at organizations like Bank of America, Humana, TD Bank Group, Equifax, Credit Suisse, and BT Security. "There are so many more industries recognizing the importance of technology as a result of the pandemic, and therefore the importance of CISOs, thus creating much more demand," said Jason Mallinder, Group CISO, Credit Suisse. "As this demand continues to grow, the demands on CISOs continue to evolve, including the talent agenda becoming ever more challenging." Overall key findings from the report include:
CISOs are supporting the shift to location-agnostic working practices. "The CISO role has become an interesting mix of digital and physical security," notes Aman Raheja, CISO, Humana. "The combination created new risk for CISOs, who had to architect solutions to ensure access to critical services and ways of working." Additionally, as remote work evolves into a more permanent, hybrid model for enterprises, changes in working and purchasing habits have emerged as a key differentiator for the Board. They frequently consult the CISO on a broad range of topics, which now includesthings like investment decisions tied to real estate. CISOs deserve more influence and representation in the Boardroom. "There is a technology strategist role that is continuing to emerge," says Glenn Foster, CISO, TD Bank Group, "It goes beyond the security stack more broadly into questioning trust in our legacy technologies and where we need to make investments to mitigate against those risks. Where the CIO would traditionally be leading conversations about operational efficiency, you now see the CISO championing them, too." "The size of the boardroom table continues to grow, as governing a modern corporation continues to become more complex and less rooted in the purely financial lenses of the past," says James Larkin, Partner at Marlin Hawk. "If companies aren't ready to add another seat (for the CISO) to their Board, then councils and committees must bridge this gap until they are – be it internal or advisory adjuncts to the Board. Starting with a cyber security and customer trust committee is a good first step. Technology governance, data privacy, customer trust, and cyber risk are all starting to feel like different flavors of the same governance issue, and the issue is growing, not shrinking." CISOs are in high demand and tough to retain but planning for their successor is rare. To that end, many of the CISOs that Marlin Hawk spoke to reported a discrepancy between a slated successor and the candidate who is named to the role. This breakdown in the succession planning process is likely due, in part, to a lack of exposure by potential successors to the Board. And despite this current failure, several cybersecurity executives interviewed believe that a succession plan is vital. Soft skills have become crucial, but overall diversity and inclusion (D&I) is lacking. "The CISO's number one responsibility is providing an independent voice," notes Craig Froelich, CISO, Bank of America. "The role requires self-awareness and humility; good CISOs are willing to admit to themselves and others when they don't have the same set of fresh eyes as day one." When it comes to diversity, a number of organizations have made significant improvements. Still, several have yet to tackle the issue of how to integrate diverse talent into their structure. For instance, women account for 14% of information security leaders, and non-white candidates account for just 21% of CISOs at large global enterprises. This disparity needs to be addressed, but the issue is often compounded beyond equivalent roles across other functions in an organization. About Marlin Hawk For more on what we do visit: www.marlinhawk.com and: Media and Analyst Contact View original content:https://www.prnewswire.com/news-releases/global-ciso-report-identifies-cybersecurity-shortcomings-at-the-structural-cultural-level-301378775.html SOURCE Marlin Hawk |