Hire or Develop a World-Class CISO

Find a strategic and security-focused champion for your business.

Unlock

This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)

Your Challenge

  • CEOs/CXOs are looking to hire or develop a senior security leader and aren't sure how to identify the best candidate.
  • Organizations are looking to optimize their security plans, and move from a tactical position to a more strategic one.

Our Advice

Critical Insight

  • The Chief Information Security Officer (CISO) you choose must be empowered to integrate with the business and become an enabler of business processes.
  • To be successful, there are three primary tasks that a world-class CISO must master:

1. Aligning security controls with business requirements

2. Fostering a risk management culture

3. Managing talent and change

Impact and Result

  • Hire the right person for the job who will also address your specific organizational needs.
  • Create a high-altitude view of your CISO’s competencies and your information security process and technology gaps, and use these to form an action plan.
  • Empower your CISO to be a strategic partner to the business and to enable new business processes.

Hire or Develop a World-Class CISO

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should hire or develop a world-class CISO, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.


1

Launch

Understand the core competencies required to be a successful world-class CISO and identify which competencies are a priority for the organization.

2

Assess

Evaluate CISO candidates to hire or develop the right CISO for organizational needs, and understand the CISO's stakeholder relationships.

4

Execute & maintain

Implement the plan and schedule time to reassess the progress of the CISO and security program.

Onsite Workshop

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Assess Core Competencies and Security Process & Technology Maturity

The Purpose

  • Understand the competencies and tasks required of a world-class Chief Information Security Officer (CISO) and which areas should be a priority for your organization.
  • Create a high-altitude view of your security process and technology maturity.

Key Benefits Achieved

  • Identify the competencies that are most important to your organizational needs.
  • Understand current maturity of security processes and technologies, and which areas need remediation.

Activities:
Outputs

1.1

CISO Core Competency Evaluation Tool

  • Key competencies for organizational needs
  • Insights for hiring guide

1.2

Security Process and Technology Maturity Assessment Tool

  • List of priorities to upgrade security processes and technologies

1.3

CISO Stakeholder Power Map Template

  • Understanding of CISO’s stakeholder relationships and collaborators

1.4

Security Governance Organizational Structure Template

  • Proposed organizational chart and map of responsibility assignment for security tasks and initiatives

Module 2: Assess CISO Candidates and Develop a Hiring and Development Strategy for Your New CISO

The Purpose

  • Create a plan to hire the new CISO.
  • Establish an action plan for this person to remediate organizational security processes and technologies, as well as personal competencies and relationships.

Key Benefits Achieved

  • Guide for the CEO/CXO to hire the new CISO and assess personal competencies.
  • Plan to remediate the CISO’s personal competency gaps.
  • Plan to cultivate CISO’s key stakeholder relationships.
  • Plan to remediate security process and technology gaps.

Activities:
Outputs

2.1

CISO Core Competency Evaluation Tool

  • Interview guide for CISO competency priorities
  • Action plan for CISO to remediate personal competency gaps

2.2

CISO Stakeholder Management Strategy Template

  • Action plan for CISO to improve key stakeholder relationships

2.3

Security Process and Technology Maturity Assessment Tool

  • Action plan for CISO to remediate security process and technology gaps

2.4

CISO Development Plan Template

  • Creation of CISO Development Plan