Thursday, May 27, 2010

Notes: Profile for a CISO?

I was at the 4th International Forum on Cybercriminality and there was a conference about CISOs' professional profile.

I just took a few notes and, seemingly, there are three major kinds of personalities for a CISO:
  • The pilot,
  • The architect, IT urbanist,
  • The administrator.
I have no particular comment on this, except that I think I am doing my best to be all three of these :-\

I was also interested in this definition they gave: "The CISO is the one who defends the ITsec budget."

Finally, they described an evolution in the profile of CISOs:
  1. In the 1990's, people became CISO by opportunism,
  2. In the 2000's, people became CISO through competition,
  3. In the 2010's, people are becoming CISO by choice or by vocation.
I'm happy to record that I'm in the 2010's :-)