Save time with unbiased, independent feedback on vendor solutions.
Watch weekly bite-sized webinars hosted by IANS Faculty.
I often hear from IANS’ CISO clients how all-encompassing and hyper-dynamic their jobs have become. CISOs stress about protecting a constantly changing business and adapting quickly enough. The CISO’s role has changed in a way that is both
extraordinary and unprecedented when compared to Sales, Legal or other corporate roles. Why?
Some of this dynamism can be attributed to pandemic disruptions. But I believe that COVID has just accelerated a larger underlying trend: the digital transformation of the economy over the last 40-plus years. Here’s some data to illustrate the point.
Back in 1975, the market capitalization of the S&P 500 basket of companies was $715 billion. Established, household names -- GM, GE, U.S. Steel, Goodyear Tire, Eastman Kodak -- made up this group.
If you segmented the market capitalization of this group by tangible vs. intangible assets, 83% of the index’s value was captured by tangible assets—stuff like factories, trucks and inventory. Only 17% was ascribed to intangible assets—stuff
like software, intellectual property and goodwill.
Fast-forwarding to 2020, the market value of S&P 500 companies has now rocketed to $31.5 trillion, and the situation has reversed. The S&P’s value is now dominated by intangibles. Why?
The answer is software and the digitalization of the economy. This figure captures the extraordinary rise of Microsoft, Oracle, Amazon, Google, Facebook and hundreds of other software-focused businesses.
But this digital transformation is not just confined to S&P 500 companies. Software is now “eating the world” and we’re seeing every aspect of businesses—marketing, sales, logistics and finance—being transformed by software
to increase agility and reduce costs.
With this shift as a backdrop, now enter the CISO—the senior-most corporate exec tasked with protecting the business’s digital assets and processes. As physical assets and processes are being replaced by their digital counterparts, the CISO
has become an increasingly strategic, and integral, corporate executive.
We’re still in the early stages of the maturation of the CISO function in most organizations, but here’s what is clear: CISOs and information security colleagues must quickly scale up to meet this challenge.
To address this, in the fall of 2020, IANS embarked on a research effort to map out the specific executive competencies in which CISOs need to excel today and going forward. We interviewed 24 infosec leaders—Roland Cloutier, Shamla Naidoo, Adam
Fletcher, Larry Trittschuh, Paul Connelly and others—around what competencies and skills allowed them to thrive in their roles and how they plan to grow. We created a competency model that is specific to infosec leaders. The result of IANS’
work is called IANS Executive Competencies.
IANS Executive Competencies found:
Here’s my suggestion. Download the report—it’s available here. If you’re interested in taking the Executive Competencies self-assessment, reach out to us at IANS@iansresearch.com. We’re committed to helping aspiring security
leaders and CISOs reach their full potential.
December 15, 2021
By Phil Gardner
Learn more about how IANS is helping aspiring security leaders and CISOs navigate the current digital transformation with our research-based Executive Competencies program.
November 13, 2019
CISOs need to observe, understand and act with regard to protecting consumer privacy and regulations associated with the downside of new technologies, including facial recognition, machine learning and AI.
April 4, 2018
Why do some CISOs consistently command the budget and resources they need while others struggle? What can budget-constrained CISOs do to garner the support they need for their programs? Find answers in our 'Battle of the InfoSec Budget' research report.