What can CISOs do if they’re lacking support from the CEO or others on the executive leadership team? And how do you know if it’s time for you to move on to a new role?

53 views5 Comments

Sort By:

Oldest

CISO4 months ago

CISOs need to be able to speak the language of the business. They have to translate digital technical risk into terms that the CEO, Board of Directors, and executive leadership team can understand in the context of enterprise risk management. If there is a lack of support or understanding, it may be time to consider moving on.

Board Member, Advisor, Executive Coach in Software4 months ago

Alignment with the business is key. However, even with alignment, there may be instances where there's a disconnect with the executive team. If you feel that the executives in your organization are mischaracterizing the risk, and you're a public company, you have a duty to report and inform. If you've done everything you can and there's still no change, it might be time to move on

CISO in Finance (non-banking)4 months ago

Building a bridge of communication with new members of the executive team can be helpful. However, if they still don't understand the importance of your role and see it as an expense, it might be time to move on.

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

Peer Discussions and Polls
One-Minute Insights
Connect with like-minded individuals

Global Chief Cybersecurity Strategist & CISO in Healthcare and Biotech4 months ago

Aligning yourself with strategic partners like general counsel, customer services support, and others who have a play on revenue can be beneficial. If the company doesn't seem to care or listen, don't be afraid to walk away.

CISO/CPO & Adjunct Law Professor in Finance (non-banking)4 months ago

By the time you're a CISO, you should be able to evaluate whether it's a miscommunication issue or if you're being set up as a scapegoat. If it's the latter, it's time to move on. If it's a miscommunication, it can be evaluated and possibly resolved. If you're not getting the support, funding, or training you need, it could be a sign that it's time to leave.

Content you might like

If you have had a negative experience with a vendor (without naming the vendor), what did you learn from it?

Financial Management Vendor Management

VP of Global IT and Cybersecurity in Manufacturing6 years ago

Have clear business requirements up front, make sure the proposal includes items such as scope, timeline, cost, resources.

Does your business have a measurable framework that people or departments must follow when choosing new tools or technologies for your business?

Culture & Values Vendor/Product Recommendation

Yes, and it is always followed22%

Yes, but it is rarely followed54%

Some departments do, but not across the business14%

No9%

View Results

1.8k views2 Upvotes

I am a CISO in the Boston area. If you are like me, you get numerous event invitations per week. What CISO events do you attend to gather the most insight? Which have you found to be a waste of time?

Events

1 view

What’s on your IAM roadmap for the next 18-24 months?

Identity & Access Management (IAM)Threat & Vulnerability Management Security Strategy & Roadmap

Director of IT in IT Services4 days ago

Implementation of Zero trust architecture, its modules across the organisation is a priority for us. So, we will be implementing zero trust strategies in IAM, inline with overall strategy.

1.4k views1 Comment

Are you investing security budget in protecting key employees and executives from spear-phishing and social engineering attacks through their personal social media accounts?

Yes, visibility for protecting key employees and executives on social media is part of our cybersecurity budget.56%

No, we do not have a solution or visibility to protect key employees on social media.38%

No, but we plan to budget for key employee and executive protection in the future.5%

View Results

1.5k views2 Upvotes