The role of the chief information security officer (CISO) is increasingly central to many organizations; however, it has many guises. No two CISOs have exactly the same roles and responsibilities, and job titles vary widely. Yet despite these variances, each faces the same challenges as the role approaches a key point in its evolution. This report outlines the key tenets of the most senior security and risk role, the skills needed to succeed, and two significant threats to realizing the long-held ambition of the CISO to become a trusted business advisor. Ambitious CISOs need to transform themselves to remain on the road to the top roles; as Charles Darwin once said: "It is not the strongest of the species that survives, nor the most intelligent, but the one most responsive to change."