Jeff Pollard, VP, Principal Analyst

Show Notes:

While the CISO may be a relatively new role in the C-suite, the career path for security leaders has evolved rapidly. In this episode, Vice President and Principal Analyst Jeff Pollard discusses the various types of CISOs and what the future path may be for this important executive role.

In his recent research, Pollard has identified five types of CISOs and says the transformational CISO type has risen to the forefront this year due to the amount of change taking place at most firms. “They are by far the most tolerant of change,” he says. “They’re energized by disruption to the way their firms work.”

In fact, the dramatic and abrupt shift to a remote workforce this year has forced many other CISO types to adapt and become transformational this year. And some are realizing it’s a role they may embrace in the long term.

In addition to transformational, the other types of CISOs Pollard reviews in this episode are:

  • Post-breach CISOs, who are brought in to fix things after a breach.
  • Tactical/operational CISOs, who are strong with technology.
  • Compliance and risk gurus, most commonly found in highly regulated industries.
  • Steady-state CISOs, who keep the trains moving but don’t embrace change.
  • Customer-facing evangelists, who become the face of security for their firms both externally and internally.

Pollard says the career-path options available to today’s CISO are more varied than in the past, when it was seen as a “terminal” role. For example, some CISOs start their own firms based on solutions they developed as CISOs and serve as that firm’s CEO. Some go on to write books and become public speakers and thought leaders. And more recently, some CISOs become CIOs in industries where security is particularly important.

To hear more from Jeff Pollard, be sure to check out his keynote entitled “The Future CISO” at the upcoming Security & Risk Global virtual event.