Forrester today released research that examines the evolving role of the chief information security officer (CISO) in Fortune 500 companies.

The findings reveal a gender crisis in cybersecurity, a growing number of CISOs having an MBA, and how tenure impacts the CISO’s opportunities in Fortune 500 firms. Highlights from the research include:

  • Men hold 87% of CISO roles. The staggering contrast suggests major industry issues with welcoming, developing, and promoting female cybersecurity talent.

  • Among Fortune 500 companies, 45% have an MBA, demonstrating the growing need for CISOs to understand, speak, and think in business terms, despite technology backgrounds.

  • Only 11% of Fortune 500 CISOs list a military background, with only 4% previously employed by law enforcement.

  • Fortune 500 CISOs have longer-than-expected tenure at four years, which is plenty of time to strategize, develop plans, execute, and look ahead to the next step in their career path.


  • Securing the role of CISO proves to be difficult for long-standing employees. Some 59% of CISOs were external hires, with that number jumping to 64% in Fortune 100 companies.


  • While Fortune 100 companies are reluctant to hire rookie CISOs, Fortune 500 companies are much more interested in individuals who are new to the role, with rookies making up two-thirds of Fortune 500 CISOs.

Click here for more information, and please contact us if you’d like a copy of this report.