![]() ![]() Other reputable certifications include the EC-Council's Certified Ethical Hacker designation and ISACA's Certified Information Security Manager. This (ISC) 2 certification has broad applicability in the development of security policies and procedures. The certification that seems to enjoy the widest recognition today is the CISSP, which has optional concentrations in architecture, engineering and management. Cybersecurity certifications are most useful for establishing one's professional credibility and getting a foot in the door at a new company. CertificationsĬertifications have their place in cybersecurity career development, but they are not a fundamental requirement for being a CISO. Ideally, those technical experts work for security leaders. Remember, for a CISO, broadly understanding many technical domains and how they tie into business needs is more valuable than detailed expertise in configuring firewalls and setting up multifactor authentication. But one could get just as much, if not more, value from an MBA, which can offer a better education in the business effects of technical decisions. ![]() Graduate degreesįor graduate studies, a cybersecurity degree may be useful. A broad understanding of engineering principles and the scientific method, on the other hand, will position one to keep learning, questioning and problem-solving as technology evolves. The problem with getting an undergrad degree in cybersecurity is that much of the technology under discussion in class may no longer be relevant 10 years after graduation. Some institutions today have cybersecurity programs, but a background in engineering or science fundamentals will arguably better serve an aspiring CISO. Historically, CISOs don't necessarily have educational backgrounds in computer science or information technology, although that has proven controversial. The typical CISO career journey starts with an undergraduate education, and many security leaders also have master's degrees. The demanding CISO role requires a breadth of knowledge. The CISO must therefore be able to reach managers across all areas of the business and discuss security issues in language they understand. Security touches every cross-section of an enterprise, from application development and testing to operations and customer service. Great communication skillsĪ CISO must be an exceptional communicator. A great CISO looks forward to and embraces the opportunity to increase the company's security effectiveness in the face of these never-ending challenges. ![]() New threats emerge almost daily, and staff must constantly adapt to this changing environment. The cybersecurity environment will continue to evolve much faster than institutions can develop security policies or vendors can develop mitigating technologies. ![]() A security leader must be able to set priorities that most effectively and efficiently minimize the risk to the business in any given situation. Competing priorities in a security event might include isolating the system, segregating the network and informing diverse stakeholders - from management and employees to clients and law enforcement. Ability to prioritizeĬISOs need to be able to strategically prioritize among myriad necessary actions during a crisis. Calmness in the face of catastrophe establishes a mood in which everyone can perform better under pressure. In a security incident, this is the one person who must always be present, understand the dynamics of the situation and act calmly in the face of incomplete information - even under pressure from executive management to offer immediate answers where they may not exist. Unlike most professionals, the CISO must be prepared to handle significant business issues at the drop of a hat, in any area of the enterprise.įor this reason, the CISO, above all, cannot be a person who panics. The single most important attribute in security's top role is the ability to think clearly under pressure. Consider the following qualities that make a great chief information security officer ( CISO). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |