Skip to main content

The Quintessential Chief Information Security Officer

Given the strategic significance of digital transformation, IT security leadership is a really important role. And yet, only 12 percent of Chief Information Security Officers (CISOs) excel in all four categories of the 'CISO Effectiveness Index', according to the latest worldwide market study by Gartner.

Gartner analysts presented their global survey findings and discussed the key traits of top-performing CISOs during their recent 'Security & Risk Management Summit'.

"Today’s CISOs must demonstrate a higher level of effectiveness than ever before," said Sam Olyaei, research director at Gartner. "As the push to digital deepens, CISOs are responsible for supporting a rapidly evolving set of information risk decisions, while also facing greater oversight from regulators, executive teams and boards of directors."

IT Security Market Development

These significant enterprise challenges are further compounded by the pressure that the COVID-19 pandemic has put on the information technology (IT) security function to be more agile and flexible.

Gartner’s measure of CISO effectiveness is determined by a CISO’s ability to execute against a set of outcomes in four categories:
  1. Functional leadership
  2. Information security service delivery
  3. Scaled governance
  4. Enterprise responsiveness
The survey respondent’s score in each category was combined together to calculate their overall effectiveness score. Gartner defines 'effective CISOs' as those who scored in the top one-third of the CISO effectiveness measure.

Of the factors that impact CISO effectiveness, Gartner revealed five behaviors that significantly differentiate top-performing CISOs from bottom performers. On average, each of these behaviors is twice as prevalent in top performers than in bottom performers.

"A clear trend among top-performing CISOs is demonstrating a high level of proactiveness, whether that’s staying abreast of evolving threats, communicating emerging risks with stakeholders or having a formal succession plan," said Mr. Olyaei. "CISOs should prioritize these kinds of proactive activities to boost their effectiveness."

The survey also found that top-performing CISOs regularly meet with three times as many non-IT stakeholders (such as Line of Business leaders) as they do IT stakeholders.

Two-thirds of these top performers meet at least once per month with business unit leaders, while 43 percent meet with the CEO, 45 percent meet with the head of marketing and 30 percent meet with the head of sales.

According to the Gartner assessment, CISOs have historically built fruitful relationships with IT executives, but digital transformation has further democratized information security decision making.

Effective CISOs keep a close eye on how risks are evolving across the enterprise and develop strong relationships with the owners of that risk – senior business leaders outside of IT.

The survey also found that highly effective CISOs better manage workplace stressors. Just 27 percent of top-performing CISOs feel overloaded with security alerts, compared with 62 percent of bottom performers.

Furthermore, less than a third of top performers feel that they face unrealistic expectations from stakeholders, compared with half of the bottom performing CISOs.

Outlook for Enterprise CISO Leadership and Influence

"As the CISO role becomes increasingly demanding, the most effective security leaders are those who can manage the stressors that they face daily," said Mr. Olyaei.

Actions such as keeping a clear distinction between work and non-work, setting explicit expectations with stakeholders, and delegating or automating tasks are essential for enabling CISOs to function at a high level.

That said, I believe that IT security spans both the data and networking realm, due to the growing demand for hybrid IT solutions that incorporate a combination of on-premise data centers and public cloud computing infrastructure. Moreover, the inherent security benefits of SD-WAN solutions make them an essential tool for forward-thinking CISOs.

Popular posts from this blog

How Savvy Leaders Re-Imagine Work in 2023

As we look to the year ahead, there will be significant challenges and opportunities facing the Chief Human Resource Officer (CHRO) role. In order to be successful, savvy HR leaders must be prepared to take proactive steps that adapt and evolve. "HR leaders have faced an increasingly unpredictable environment amid many organizations mandating a return to office, permanently higher turnover and burnt out employees," said Emily Rose McRae, senior director at Gartner . HR Innovation Market Development One of Gartner's key predictions for 2023 is that the use of artificial intelligence (AI) and automation will continue to increase within the enlightened digital workplace. This transition will require HR leaders to develop new skills and competencies in order to effectively manage and lead teams that are increasingly relying on these enabling technologies. Additionally, HR leaders will need to ensure that their organizations are investing in the necessary infrastructure and re

Why Healthcare and Smart City Apps Drive 5G IoT

Fifth-generation (5G) wireless technology for cellular networks is a successor to fourth-generation (4G) wireless technology. By 2023, Juniper Research anticipates that there will be over 1 billion 5G connections globally. The technology will provide the data infrastructure for the advancement of wireless communications and for new developments in the Internet of Things (IoT) -- including smart cities and healthcare. 5G IoT Market Development According to the latest worldwide market study by Juniper Research, 5G IoT connections will reach 116 million globally by 2026 -- that's increasing from just 17 million connections in 2023. Juniper analysts predict that the healthcare sector applications and government or other smart city services will drive this outstanding 1,100 percent growth over the next three years. Juniper examined 5G adoption across key industry sectors -- such as the automotive, mobile broadband, and smart homes -- and forecasts healthcare and smart cities will accoun

Low-Code Software Tools Fuel Transformation

Many CEOs have shared their concern that the digital transformation apps backlog within their organization is causing delays in planned growth initiatives. Therefore, they're investing in new approaches to the challenge. The worldwide market for low-code software development technologies is forecast to total $26.9 billion in 2023 -- that's an increase of 19.6 percent from 2022, according to the latest worldwide market study by Gartner. "Business Technologist" roles and a growing number of hyper-automation initiatives will be the key drivers accelerating the adoption of low-code software technologies through 2026. Low-Code Software Market Development "Organizations are increasingly turning to low-code development technologies to fulfill growing demands for speed application delivery and highly customized automation workflows," said Varsha Mehta, senior research specialist at Gartner . Equipping both professional IT developers and non-IT practitioners -- e.g.