CISO Impact

IANS' Information Security Leadership Framework

The connected world is a dangerous place. You made a promise to safeguard the company’s critical assets across space and time. Now you must lead the company to adopt safe business practices.

To keep this promise you must assert leadership, even as you control few resources across the organization. IANS has developed a leadership framework specific to information security, based on years of research with over 1,000 information security teams. We call the framework CISO Impact, and the core finding of CISO Impact research states that effective information security leaders build two strong masteries: Technical Excellence and Organizational Engagement.

Assess your security posture in < 60 minutes

Begin a Diagnostic:

…the core finding of CISO Impact research states that effective information security leaders build two strong masteries: Technical Excellence and Organizational Engagement.

CISO Impact Pyramid

Why Technical Excellence? Because without strong technical solutions, the information security team will chronically underperform. Why Organizational Engagement? Because the key to keeping the promise is building influence and support with business leaders through proactive education, advocacy, negotiation, communication and an array of soft skills that weave information security into the fabric of the operation.

To make these masteries actionable, IANS breaks down Technical Excellence and Organizational Engagement into best practices and critical capabilities based on the research. We then thematically group those practices into The 8 Domains of Technical Excellence and The 7 Factors of Organizational Engagement, and offer online diagnostic tools and reports that allow you to baseline your current posture against the models, the dataset, and industry peers. Completing both diagnostics requires less than 60 minutes. For clients, a rich set of advisory and consulting services helps translate these findings into action plans and professional development roadmaps.

8 Domains of Technical Excellence

8 Domains of Technical Excellence

Read the Report

7 Factors of Organizational Engagement

7 Factors of Organizational Engagement

Read the Report

Lighting the Path to Leadership

CISO Impact is a data-driven leadership framework. With a large and growing dataset, IANS can now go deep to highlight specific capability differences between organizations at different levels of maturity. Our Lighting the Path to Leadership findings highlight strengths and weaknesses in the practices commonly found in organizations one step ahead on the maturity curve. This helps inform, contextualize and prioritize where to invest — skills, practices, and technologies — to progress your program.

Report Icon

CISO Impact: Lighting the Path to Leadership

By Stan Dolberg, IANS Chief Research Officer

Read the Full Report

Leveraging CISO Impact

The CISO Impact framework provides a variety of ways to accelerate and enhance your path to leadership, from orientation and interactive discussion, to taking diagnostics, to skill building, to measuring progress over time.

Diagnostic Tools

IANS’ CISO Impact diagnostic tools enable you to establish a baseline of your program’s capabilities vs. the models, the dataset, and your industry peers. Each Diagnostic measures the strengths and weaknesses of your security program against a set of practice areas and key competencies.

Begin Your Diagnositcs

CISO Impact Quotient

CISO Impact Events

CISO Impact Roundtables offer CISOs an in-depth peer-to-peer experience with other security leaders. Through discussions and exercises, attendees work on challenges and share best practices in small and large groups. This program is designed to find innovative ways of thinking about and attacking real-world challenges, and building skills to overcome those challenges.

Upcoming Roundtables

CISO Impact Symposiums gather an intimate group of peers for a half-day session around a top challenge faced by information security leaders. Topics include:

  • Building influence with the Board
  • Managing Difficult Conversations
  • Presenting to Business Leaders
  • Becoming an Information Security Leader
  • Building Strong Stakeholder Support
  • Getting Budget for Critical Projects

Upcoming Symposiums

IANS Consulting

IANS' Technical and Organizational Consulting offerings assist CISOs —
and their information security teams —
with specific individual challenges.



Learn More »

Learn More

If you have a question, comment, or would like to learn more about our services, please use this form to let us know what you’re looking for. A member of the IANS team will be in touch soon.